diff options
-rw-r--r-- | configure.ac | 6 | ||||
-rwxr-xr-x | devel/import-ecc-from-nettle.sh | 1 | ||||
-rw-r--r-- | lib/nettle/Makefile.am | 7 | ||||
-rw-r--r-- | lib/nettle/gost/gostdsa-vko.c | 97 | ||||
-rw-r--r-- | lib/nettle/gost/gostdsa2.h | 10 |
5 files changed, 3 insertions, 118 deletions
diff --git a/configure.ac b/configure.ac index 2d0a42665e..fb24986bb6 100644 --- a/configure.ac +++ b/configure.ac @@ -663,12 +663,6 @@ AC_CHECK_FUNCS([nettle_chacha_set_counter], LIBS=$save_LIBS AM_CONDITIONAL(NEED_CHACHA, [test "$have_chacha_set_counter" != "yes"]) -# Check for VKO -save_LIBS=$LIBS -LIBS="$LIBS $NETTLE_LIBS $HOGWEED_LIBS" -AC_CHECK_FUNCS(nettle_gostdsa_vko) -LIBS=$save_LIBS - # Check sonames of the linked libraries needed for FIPS selftests. save_LIBS=$LIBS LIBS="$LIBS $GMP_LIBS" diff --git a/devel/import-ecc-from-nettle.sh b/devel/import-ecc-from-nettle.sh index 6bfb9d30d8..da121786dd 100755 --- a/devel/import-ecc-from-nettle.sh +++ b/devel/import-ecc-from-nettle.sh @@ -56,6 +56,7 @@ eddsa-verify.c gostdsa.h gostdsa-sign.c gostdsa-verify.c +gostdsa-vko.c gmp-glue.h gmp-glue.c nettle-write.h diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am index 94aab0262e..9595aef532 100644 --- a/lib/nettle/Makefile.am +++ b/lib/nettle/Makefile.am @@ -83,7 +83,7 @@ libcrypto_la_SOURCES += \ gost/bignum-le.c gost/bignum-le.h libcrypto_la_SOURCES += \ - gost/gostdsa-mask.c gost/gostdsa-vko.c gost/gostdsa2.h + gost/gostdsa-mask.c gost/gostdsa2.h libcrypto_la_SOURCES += gost_keywrap.c endif @@ -156,7 +156,7 @@ libcrypto_la_SOURCES += \ ecc/ecc-j-to-a.c \ ecc/ecc-gost-gc256b.c ecc/ecc-gost-gc512a.c \ ecc/ecc-gostdsa-sign.c ecc/ecc-gostdsa-verify.c \ - ecc/gostdsa.h ecc/gostdsa-sign.c ecc/gostdsa-verify.c + ecc/gostdsa.h ecc/gostdsa-sign.c ecc/gostdsa-verify.c ecc/gostdsa-vko.c libcrypto_la_SOURCES += \ ecc/eddsa.h ecc/eddsa-compress.c ecc/eddsa-decompress.c \ @@ -164,9 +164,6 @@ libcrypto_la_SOURCES += \ ecc/eddsa-pubkey.c ecc/eddsa-sign.c ecc/eddsa-verify.c \ ecc/ed448-shake256.c ecc/ed448-shake256-pubkey.c \ ecc/ed448-shake256-sign.c ecc/ed448-shake256-verify.c -else -libcrypto_la_SOURCES += \ - ecc/gmp-glue.h ecc/gmp-glue.c ecc/ecc-mod-arith.c endif if NEED_CHACHA diff --git a/lib/nettle/gost/gostdsa-vko.c b/lib/nettle/gost/gostdsa-vko.c deleted file mode 100644 index ec6fba5831..0000000000 --- a/lib/nettle/gost/gostdsa-vko.c +++ /dev/null @@ -1,97 +0,0 @@ -/* gostdsa-vko.c - - Copyright (C) 2016 Dmitry Eremin-Solenikov - - This file is part of GNU Nettle. - - GNU Nettle is free software: you can redistribute it and/or - modify it under the terms of either: - - * the GNU Lesser General Public License as published by the Free - Software Foundation; either version 3 of the License, or (at your - option) any later version. - - or - - * the GNU General Public License as published by the Free - Software Foundation; either version 2 of the License, or (at your - option) any later version. - - or both in parallel, as here. - - GNU Nettle is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received copies of the GNU General Public License and - the GNU Lesser General Public License along with this program. If - not, see http://www.gnu.org/licenses/. -*/ - -#if HAVE_CONFIG_H -# include "config.h" -#endif - -#ifndef HAVE_NETTLE_GOSTDSA_VKO - -#include <gnutls_int.h> - -#include <stdlib.h> - -#include "ecc/ecc-internal.h" -#include "gostdsa2.h" - -/* - * Shared key derivation/key agreement for GOST DSA algorithm. - * It is defined in RFC 4357 Section 5.2 and RFC 7836 Section 4.3.1 - * - * Basically shared key is equal to hash(cofactor * ukm * priv * pub). This - * function does multiplication. Caller should do hashing on his own. - * - * UKM is not a secret value (consider it as a nonce). - * - * For supported GOST curves cofactor is equal to 1. - */ -void -gostdsa_vko(const struct ecc_scalar *priv, - const struct ecc_point *pub, - size_t ukm_length, const uint8_t *ukm, - uint8_t *out) -{ - const struct ecc_curve *ecc = priv->ecc; - unsigned bsize = (ecc_bit_size(ecc) + 7) / 8; - mp_size_t size = ecc->p.size; - mp_size_t itch = 4*size + ecc->mul_itch; - mp_limb_t *scratch; - - if (itch < 5*size + ecc->h_to_a_itch) - itch = 5*size + ecc->h_to_a_itch; - - assert (pub->ecc == ecc); - assert (priv->ecc == ecc); - assert (ukm_length <= bsize); - - scratch = gmp_alloc_limbs (itch); - -#define UKM scratch -#define TEMP (scratch + 3*size) -#define XYZ scratch -#define TEMP_Y (scratch + 4*size) - - mpn_set_base256_le (UKM, size, ukm, ukm_length); - - /* If ukm is 0, set it to 1, otherwise the result will be allways equal to 0, - * no matter what private and public keys are. See RFC 4357 referencing GOST - * R 34.10-2001 (RFC 5832) Section 6.1 step 2. */ - if (mpn_zero_p (UKM, size)) - UKM[0] = 1; - - ecc_mod_mul (&ecc->q, TEMP, priv->p, UKM); /* TEMP = UKM * priv */ - ecc->mul (ecc, XYZ, TEMP, pub->p, scratch + 4*size); /* XYZ = UKM * priv * pub */ - ecc->h_to_a (ecc, 0, TEMP, XYZ, scratch + 5*size); /* TEMP = XYZ */ - mpn_get_base256_le (out, bsize, TEMP, size); - mpn_get_base256_le (out+bsize, bsize, TEMP_Y, size); - gmp_free_limbs (scratch, itch); -} -#endif diff --git a/lib/nettle/gost/gostdsa2.h b/lib/nettle/gost/gostdsa2.h index a9767556b9..9328a8af73 100644 --- a/lib/nettle/gost/gostdsa2.h +++ b/lib/nettle/gost/gostdsa2.h @@ -52,16 +52,6 @@ int gostdsa_unmask_key (const struct ecc_curve *ecc, mpz_t key); -#ifndef HAVE_NETTLE_GOSTDSA_VKO - -#define gostdsa_vko _gnutls_gostdsa_vko -void -gostdsa_vko(const struct ecc_scalar *priv, - const struct ecc_point *pub, - size_t ukm_length, const uint8_t *ukm, - uint8_t *out); -#endif - #ifdef __cplusplus } #endif |