- SRP is updated to conform to the newest draft.
- Added support for DNSNAME extension.
- Reentracy fixes in ASN.1 Parsing.
+- Optimizations in hash/hmac functions
Version 0.1.4 (22/06/2001)
- Corrected (srp) base64 encoding.
const uint8 *data_s;
uint8 pwd_algo;
int i;
- opaque *hd;
+ opaque hd[SRP_MAX_HASH_SIZE];
char *username;
char *password;
const SRP_CLIENT_CREDENTIALS *cred =
/* generate x = SHA(s | SHA(U | ":" | p))
* (or the equivalent using bcrypt)
*/
- hd = _gnutls_calc_srp_x( username, password, (opaque*)data_s, n_s, pwd_algo, &_n_g);
- if (hd==NULL) {
- gnutls_assert();
- return GNUTLS_E_HASH_FAILED;
- }
+ _gnutls_calc_srp_x( username, password, (opaque*)data_s, n_s, pwd_algo, &_n_g, hd);
if (gcry_mpi_scan(&key->x, GCRYMPI_FMT_USG, hd, &_n_g) != 0) {
gnutls_assert();
return GNUTLS_E_MPI_SCAN_FAILED;
}
- gnutls_free(hd);
-
return 0;
}
return e;
}
-void *_gnutls_calc_srp_bcrypt(const char* username, const char *passwd, opaque * salt, int salt_size, int* size)
+#define BCRYPT_SIZE 24
+int _gnutls_calc_srp_bcrypt(const char* username, const char *passwd, opaque * salt, int salt_size, int* size, void* digest)
{
blf_ctx *ctx;
- opaque text[24];
+ opaque text[BCRYPT_SIZE];
int passwd_len, i;
- opaque *tmp;
strncpy( text, username, sizeof(text));
if ( (sizeof(text)-strlen(username)-1) > 0)
*size = sizeof(text);
/* we need 16 + cost */
- if (salt_size < 17) return NULL;
+ if (salt_size < 17) return -1;
passwd_len = strlen(passwd) + 1; /* we want the null also */
if (passwd_len > 56)
ctx = _blf_init(&salt[1], passwd, passwd_len, (int)(salt[0]));
- tmp = malloc(sizeof(text));
- memcpy(tmp, text, sizeof(text));
-
for (i = 0; i < 64; i++) {
- _blf_encrypt(ctx, (uint8 *) tmp);
- _blf_encrypt(ctx, (uint8 *) & tmp[8]);
- _blf_encrypt(ctx, (uint8 *) & tmp[16]);
+ _blf_encrypt(ctx, (uint8 *) text);
+ _blf_encrypt(ctx, (uint8 *) & text[8]);
+ _blf_encrypt(ctx, (uint8 *) & text[16]);
}
_blf_deinit(ctx);
- return tmp;
+
+ memcpy( digest, text, BCRYPT_SIZE);
+ return 0;
}
char * crypt_bcrypt (const char* username, const char *passwd, const char *salt, MPI g, MPI n);
char *crypt_bcrypt_wrapper(const char* username, const char *pass_new, int cost, MPI g, MPI n);
-void * _gnutls_calc_srp_bcrypt( const char* username, const char *passwd, opaque *salt, int salt_size, int* size);
+int _gnutls_calc_srp_bcrypt( const char* username, const char *passwd, opaque *salt, int salt_size, int* size, void* digest);
char *crypt_srpsha1(const char *username, const char *passwd,
const char *salt, MPI g, MPI n)
{
- unsigned char *sp, *r1;
+ unsigned char *sp, r1[MAX_HASH_SIZE];
int salt_size = strlen(salt);
unsigned char *local_salt, *v;
int passwd_len;
gnutls_hash(h1, (char *) username, strlen(username));
gnutls_hash(h1, ":", 1);
gnutls_hash(h1, (char *) passwd, passwd_len);
- r1 = gnutls_hash_deinit(h1);
+ gnutls_hash_deinit(h1, r1);
local_salt = malloc(salt_size + 1);
gnutls_hash(h1, r1, hash_len);
- gnutls_free(r1);
- r1 = gnutls_hash_deinit(h1);
+ gnutls_hash_deinit(h1, r1);
/* v = g^x mod n */
vsize = _gnutls_srp_gx(r1, hash_len, &v, g, n);
- gnutls_free(r1);
+
if (vsize == -1 || v == NULL) {
gnutls_assert();
return NULL;
cipher,
gnutls_datum compressed, ContentType _type)
{
- uint8 *MAC = NULL;
+ uint8 MAC[MAX_HASH_SIZE];
uint16 c_length;
uint8 *data;
uint8 pad;
gnutls_hmac(td, &c_length, 2);
gnutls_hmac(td, compressed.data, compressed.size);
if (_gnutls_version_ssl3(state->connection_state.version) == 0) { /* SSL 3.0 */
- MAC = gnutls_mac_deinit_ssl3(td);
+ gnutls_mac_deinit_ssl3(td, MAC);
} else {
- MAC = gnutls_hmac_deinit(td);
+ gnutls_hmac_deinit(td, MAC);
}
}
switch (_gnutls_cipher_is_block(state->security_parameters.write_bulk_cipher_algorithm)) {
return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
}
- if (td != GNUTLS_MAC_FAILED)
- gnutls_free(MAC);
-
return 0;
}
compress,
gnutls_datum ciphertext, uint8 type)
{
- uint8 *MAC = NULL;
+ uint8 MAC[MAX_HASH_SIZE];
uint16 c_length;
uint8 *data;
uint8 pad;
gnutls_hmac(td, &c_length, 2);
gnutls_hmac(td, data, compress->size);
if (_gnutls_version_ssl3(state->connection_state.version) == 0) { /* SSL 3.0 */
- MAC = gnutls_mac_deinit_ssl3(td);
+ gnutls_mac_deinit_ssl3(td, MAC);
} else {
- MAC = gnutls_hmac_deinit(td);
+ gnutls_hmac_deinit(td, MAC);
}
}
/* HMAC was not the same. */
return GNUTLS_E_MAC_FAILED;
}
-
- if (td != GNUTLS_MAC_FAILED)
- gnutls_free(MAC);
-
return 0;
}
int siz;
GNUTLS_MAC_HANDLE td;
GNUTLS_MAC_HANDLE td2;
- char *data;
+ char tmp[MAX_HASH_SIZE];
char *concat = gnutls_malloc(36);
- char *mesg;
+ char *mesg, *data;
td = gnutls_mac_init_ssl3_handshake(GNUTLS_MAC_MD5,
state->security_parameters.
gnutls_mac_ssl3(td, mesg, siz);
gnutls_mac_ssl3(td2, mesg, siz);
- data = gnutls_mac_deinit_ssl3_handshake(td);
- memcpy(concat, data, 16);
- gnutls_free(data);
+ gnutls_mac_deinit_ssl3_handshake(td, tmp);
+ memcpy(concat, tmp, 16);
- data = gnutls_mac_deinit_ssl3_handshake(td2);
+ gnutls_mac_deinit_ssl3_handshake(td2, tmp);
- memcpy(&concat[16], data, 20);
- gnutls_free(data);
+ memcpy(&concat[16], tmp, 20);
return concat;
}
int siz;
GNUTLS_MAC_HANDLE td;
GNUTLS_MAC_HANDLE td2;
- char *data;
+ char tmp[MAX_HASH_SIZE];
char concat[36];
char *mesg;
+ char *data;
td = gnutls_hash_init(GNUTLS_MAC_MD5);
td2 = gnutls_hash_init(GNUTLS_MAC_SHA);
gnutls_free(data);
- data = gnutls_hash_deinit(td);
- memcpy(concat, data, 16);
- gnutls_free(data);
+ gnutls_hash_deinit(td, tmp);
+ memcpy(concat, tmp, 16);
- data = gnutls_hash_deinit(td2);
+ gnutls_hash_deinit(td2, tmp);
- memcpy(&concat[16], data, 20);
- gnutls_free(data);
+ memcpy(&concat[16], tmp, 20);
if (type == GNUTLS_SERVER) {
mesg = SERVER_MSG;
/*
- * Copyright (C) 2000 Nikos Mavroyanopoulos
+ * Copyright (C) 2000,2001 Nikos Mavroyanopoulos
*
* This file is part of GNUTLS.
*
return 0;
}
-void *gnutls_hash_deinit(GNUTLS_MAC_HANDLE handle)
+void gnutls_hash_deinit(GNUTLS_MAC_HANDLE handle, void* digest)
{
char *mac;
int maclen;
- char *ret;
#ifdef USE_MHASH
+ opaque* ret;
+
ret = mhash_end(handle->handle);
+ memcpy( digest, ret, gnutls_hash_get_algo_len(handle->algorithm));
+ free( ret);
#else
maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle));
- ret = gnutls_malloc(maclen);
-
gcry_md_final(handle->handle);
mac = gcry_md_read(handle->handle, 0);
- memcpy(ret, mac, maclen);
+ memcpy( digest, mac, gnutls_hash_get_algo_len(handle->algorithm));
+
gcry_md_close(handle->handle);
#endif
gnutls_free(handle);
- return ret;
+ return;
}
}
-void *gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle)
+void gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void* digest)
{
char *mac;
int maclen;
- char *ret;
#ifdef USE_MHASH
+ char *ret;
+
ret = mhash_hmac_end(handle->handle);
+ memcpy( digest, ret, gnutls_hash_get_algo_len(handle->algorithm));
+ free(ret);
#else
maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle));
- ret = gnutls_malloc(maclen);
gcry_md_final(handle->handle);
mac = gcry_md_read(handle->handle, 0);
- memcpy(ret, mac, maclen);
+ memcpy( digest, mac, maclen);
+
gcry_md_close(handle->handle);
#endif
gnutls_free(handle);
- return ret;
+ return;
}
GNUTLS_MAC_HANDLE gnutls_mac_init_ssl3(MACAlgorithm algorithm, void *key,
return ret;
}
-void *gnutls_mac_deinit_ssl3(GNUTLS_MAC_HANDLE handle)
+void gnutls_mac_deinit_ssl3(GNUTLS_MAC_HANDLE handle, void* digest)
{
- void *ret=NULL;
+ opaque ret[MAX_HASH_SIZE];
GNUTLS_MAC_HANDLE td;
char opad[48];
int padsize;
gnutls_hash(td, opad, padsize);
block = gnutls_hmac_get_algo_len(handle->algorithm);
- ret = gnutls_hash_deinit(handle); /* get the previous hash */
+ gnutls_hash_deinit(handle, ret); /* get the previous hash */
gnutls_hash(td, ret, block);
- gnutls_free(ret);
- ret = gnutls_hash_deinit(td);
+ gnutls_hash_deinit(td, digest);
}
- return ret;
+ return;
}
-void *gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle)
+void gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle, void* digest)
{
- void *ret=NULL;
+ opaque ret[MAX_HASH_SIZE];
GNUTLS_MAC_HANDLE td;
char opad[48];
char ipad[48];
if (handle->keysize > 0) gnutls_hash( handle, handle->key, handle->keysize);
gnutls_hash(handle, ipad, padsize);
- ret = gnutls_hash_deinit(handle); /* get the previous hash */
+ gnutls_hash_deinit(handle, ret); /* get the previous hash */
gnutls_hash(td, ret, block);
- gnutls_free(ret);
- ret = gnutls_hash_deinit(td);
+ gnutls_hash_deinit(td, digest);
}
- return ret;
+ return;
}
-static void *ssl3_sha(int i, char *secret, int secret_len, char *random,
- int random_len)
+static void ssl3_sha(int i, char *secret, int secret_len, char *random,
+ int random_len, void* digest)
{
int j;
char text1[26];
gnutls_hash(td, text1, i + 1);
gnutls_hash(td, secret, secret_len);
gnutls_hash(td, random, random_len);
- return gnutls_hash_deinit(td);
+
+ gnutls_hash_deinit(td, digest);
}
-static void *ssl3_md5(int i, char *secret, int secret_len, char *random,
- int random_len)
+
+static void ssl3_md5(int i, char *secret, int secret_len, char *random,
+ int random_len, void* digest)
{
- void *digest;
+ opaque tmp[MAX_HASH_SIZE];
GNUTLS_MAC_HANDLE td;
td = gnutls_hash_init(GNUTLS_MAC_MD5);
gnutls_hash(td, secret, secret_len);
- digest = ssl3_sha(i, secret, secret_len, random, random_len);
+ ssl3_sha(i, secret, secret_len, random, random_len, tmp);
- gnutls_hash(td, digest, gnutls_hash_get_algo_len(GNUTLS_MAC_SHA));
- gnutls_free(digest);
+ gnutls_hash(td, tmp, gnutls_hash_get_algo_len(GNUTLS_MAC_SHA));
- return gnutls_hash_deinit(td);
+ gnutls_hash_deinit(td, digest);
}
int random_len, int bytes)
{
int size = 0, i = 0;
- char *digest;
+ char digest[MAX_HASH_SIZE];
char *ret = secure_malloc(bytes);
int block = gnutls_hash_get_algo_len(GNUTLS_MAC_MD5);
while (size < bytes) {
- digest =
- ssl3_md5(i, secret, secret_len, random, random_len);
+ ssl3_md5(i, secret, secret_len, random, random_len, digest);
size += block;
memcpy(&ret[size - block], digest,
size > bytes ? (block - (bytes % block)) : block);
- gnutls_free(digest);
i++;
}
GNUTLS_MAC_HANDLE gnutls_hmac_init( MACAlgorithm algorithm, void* key, int keylen);
int gnutls_hmac_get_algo_len(MACAlgorithm algorithm);
int gnutls_hmac(GNUTLS_MAC_HANDLE handle, const void* text, int textlen);
-void* gnutls_hmac_deinit( GNUTLS_MAC_HANDLE handle);
+void gnutls_hmac_deinit( GNUTLS_MAC_HANDLE handle, void* digest);
GNUTLS_MAC_HANDLE gnutls_mac_init_ssl3( MACAlgorithm algorithm, void* key, int keylen);
-void* gnutls_mac_deinit_ssl3( GNUTLS_MAC_HANDLE handle);
+void gnutls_mac_deinit_ssl3( GNUTLS_MAC_HANDLE handle, void* digest);
GNUTLS_MAC_HANDLE gnutls_hash_init(MACAlgorithm algorithm);
int gnutls_hash_get_algo_len(MACAlgorithm algorithm);
int gnutls_hash(GNUTLS_MAC_HANDLE handle, const void* text, int textlen);
-void* gnutls_hash_deinit(GNUTLS_MAC_HANDLE handle);
+void gnutls_hash_deinit(GNUTLS_MAC_HANDLE handle, void* digest);
void *gnutls_ssl3_generate_random(void *secret, int secret_len, void *random, int random_len, int bytes);
GNUTLS_MAC_HANDLE gnutls_mac_init_ssl3_handshake(MACAlgorithm algorithm, void *key, int keylen);
-void *gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle);
+void gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle, void* digest);
#endif /* GNUTLS_HASH_INT_H */
#define HARD_DEBUG
#define BUFFERS_DEBUG
#define RECORD_DEBUG
-#define HANDSHAKE_DEBUG*/
+#define HANDSHAKE_DEBUG
#define DEBUG
-
+*/
#define SOCKET int
#define LIST ...
#define TLS_RANDOM_SIZE 32
#define TLS_MAX_SESSION_ID_SIZE 32
#define TLS_MASTER_SIZE 48
+#define MAX_HASH_SIZE 20
#define MAX_DNSNAME_SIZE 256
}
inline
-static void *_gnutls_cal_PRF_A( MACAlgorithm algorithm, void *secret, int secret_size, void *seed, int seed_size)
+static void _gnutls_cal_PRF_A( MACAlgorithm algorithm, void *secret, int secret_size, void *seed, int seed_size, void* result)
{
GNUTLS_MAC_HANDLE td1;
td1 = gnutls_hmac_init(algorithm, secret, secret_size);
gnutls_hmac(td1, seed, seed_size);
- return gnutls_hmac_deinit(td1);
+ gnutls_hmac_deinit(td1, result);
+
+ return;
}
+#define MAX_SEED_SIZE 40
/* Produces "total_bytes" bytes using the hash algorithm specified.
* (used in the PRF function)
GNUTLS_MAC_HANDLE td2;
opaque *ret;
- void *A, *Atmp;
+ void *A;
int i = 0, times, how, blocksize, A_size;
- void *final;
+ opaque final[20], Atmp[MAX_SEED_SIZE];
+ if (seed_size > MAX_SEED_SIZE) {
+ gnutls_assert();
+ return NULL;
+ }
+
ret = secure_calloc(1, total_bytes);
blocksize = gnutls_hmac_get_algo_len(algorithm);
} while (i < total_bytes);
/* calculate A(0) */
- A = gnutls_malloc(seed_size);
- if (A==NULL) {
- gnutls_assert();
- return NULL;
- }
-
-
+ A = Atmp;
+
memcpy( A, seed, seed_size);
A_size = seed_size;
td2 = gnutls_hmac_init(algorithm, secret, secret_size);
/* here we calculate A(i+1) */
- Atmp = _gnutls_cal_PRF_A( algorithm, secret, secret_size, A, A_size);
- if (Atmp==NULL) {
- gnutls_assert();
- return NULL;
- }
+ _gnutls_cal_PRF_A( algorithm, secret, secret_size, A, A_size, Atmp);
+
A_size = blocksize;
gnutls_free(A);
A = Atmp;
gnutls_hmac(td2, A, A_size);
gnutls_hmac(td2, seed, seed_size);
- final = gnutls_hmac_deinit(td2);
- if (final==NULL) {
- gnutls_assert();
- return NULL;
- }
+ gnutls_hmac_deinit(td2, final);
if ( (1+i) * blocksize < total_bytes) {
how = blocksize;
if (how > 0) {
memcpy(&ret[i * blocksize], final, how);
}
- gnutls_free(final);
}
- gnutls_free(A);
return ret;
}
MPI _gnutls_calc_srp_u(MPI B)
{
int b_size;
- opaque *b_holder, *hd;
+ opaque *b_holder, hd[MAX_HASH_SIZE];
GNUTLS_MAC_HANDLE td;
uint32 u;
MPI ret;
return NULL;
}
gnutls_hash(td, b_holder, b_size);
- hd = gnutls_hash_deinit(td);
+ gnutls_hash_deinit(td, hd);
+
memcpy(&u, hd, sizeof(u));
- gnutls_free(hd);
+
gnutls_free(b_holder);
ret = gcry_mpi_set_ui(NULL, u);
/* generate x = SHA(s | SHA(U | ":" | p))
* The output is exactly 20 bytes
*/
-void *_gnutls_calc_srp_sha(char *username, char *password, opaque * salt,
- int salt_size, int *size)
+int _gnutls_calc_srp_sha(char *username, char *password, opaque * salt,
+ int salt_size, int *size, void* digest)
{
GNUTLS_MAC_HANDLE td;
- opaque *res;
+ opaque res[MAX_HASH_SIZE];
*size = 20;
gnutls_hash(td, username, strlen(username));
gnutls_hash(td, ":", 1);
gnutls_hash(td, password, strlen(password));
- res = gnutls_hash_deinit(td);
+
+ gnutls_hash_deinit(td, res);
td = gnutls_hash_init(GNUTLS_MAC_SHA);
gnutls_hash(td, salt, salt_size);
gnutls_hash(td, res, 20); /* 20 bytes is the output of sha1 */
gnutls_free(res);
- return gnutls_hash_deinit(td);
+ gnutls_hash_deinit(td, digest);
+
+ return 0;
}
-void *_gnutls_calc_srp_x(char *username, char *password, opaque * salt,
- int salt_size, uint8 crypt_algo, int *size)
+int _gnutls_calc_srp_x(char *username, char *password, opaque * salt,
+ int salt_size, uint8 crypt_algo, int *size, void* digest)
{
switch (crypt_algo) {
case SRPSHA1_CRYPT:
return _gnutls_calc_srp_sha(username, password, salt,
- salt_size, size);
+ salt_size, size, digest);
case BLOWFISH_CRYPT:
return _gnutls_calc_srp_bcrypt(username, password, salt, salt_size,
- size);
+ size, digest);
}
- return NULL;
+ return -1;
}
MPI _gnutls_calc_srp_S1(MPI A, MPI b, MPI u, MPI v, MPI n);
MPI _gnutls_calc_srp_A(MPI *a, MPI g, MPI n);
MPI _gnutls_calc_srp_S2(MPI B, MPI g, MPI x, MPI a, MPI u, MPI n);
-void* _gnutls_calc_srp_x( char* username, char* password, opaque* salt, int salt_size, uint8 crypt_algo, int* size);
+int _gnutls_calc_srp_x( char* username, char* password, opaque* salt, int salt_size, uint8 crypt_algo, int* size, void* digest);
int _gnutls_srp_gn( opaque** ret_g, opaque** ret_n, int bits);
/* our prime */
/* g is defined to be 2 */
#define SRP_G 2
+#define SRP_MAX_HASH_SIZE 24
projects / thirdparty / gnutls.git / commitdiff
