From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 15 Mar 2017 14:11:14 +0000 (+0100)
Subject: _gnutls_pk_generate_keys: separate between ephemeral and long-term keys
X-Git-Tag: gnutls_3_6_0~794
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=591a082c6deaa469bb192eaaf83b632046cf46e1;p=thirdparty%2Fgnutls.git

_gnutls_pk_generate_keys: separate between ephemeral and long-term keys

That allows using the faster generator for ephemeral keys.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c
index 9b6731ac5f..b80b329862 100644
--- a/lib/auth/dh_common.c
+++ b/lib/auth/dh_common.c
@@ -133,7 +133,7 @@ _gnutls_gen_dh_common_client_kx_int(gnutls_session_t session,
 
 	ret =
 	    _gnutls_pk_generate_keys(GNUTLS_PK_DH, 0,
-				     &session->key.dh_params);
+				     &session->key.dh_params, 1);
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
@@ -322,7 +322,7 @@ _gnutls_dh_common_print_server_kx(gnutls_session_t session,
 	/* Y=g^x mod p */
 	ret =
 	    _gnutls_pk_generate_keys(GNUTLS_PK_DH, q_bits,
-				     &session->key.dh_params);
+				     &session->key.dh_params, 1);
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
diff --git a/lib/auth/ecdhe.c b/lib/auth/ecdhe.c
index f35c7e32dc..24cdf11430 100644
--- a/lib/auth/ecdhe.c
+++ b/lib/auth/ecdhe.c
@@ -241,7 +241,7 @@ _gnutls_gen_ecdh_common_client_kx_int(gnutls_session_t session,
 	/* generate temporal key */
 	ret =
 	    _gnutls_pk_generate_keys(pk, curve,
-				     &session->key.ecdh_params);
+				     &session->key.ecdh_params, 1);
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
@@ -425,7 +425,7 @@ int _gnutls_ecdh_common_print_server_kx(gnutls_session_t session,
 	/* generate temporal key */
 	ret =
 	    _gnutls_pk_generate_keys(pk, curve,
-				     &session->key.ecdh_params);
+				     &session->key.ecdh_params, 1);
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h
index 1619bf0fa5..1f0b85fb11 100644
--- a/lib/crypto-backend.h
+++ b/lib/crypto-backend.h
@@ -324,7 +324,7 @@ typedef struct gnutls_crypto_pk {
 	int (*verify_pub_params) (gnutls_pk_algorithm_t,
 			      const gnutls_pk_params_st * pub);
 	int (*generate_keys) (gnutls_pk_algorithm_t, unsigned int nbits,
-			 gnutls_pk_params_st *);
+			 gnutls_pk_params_st *, unsigned ephemeral);
 	int (*generate_params) (gnutls_pk_algorithm_t, unsigned int nbits,
 			 gnutls_pk_params_st *);
 	/* this function should convert params to ones suitable
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index f07f97940e..b8a2f42eaf 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -990,7 +990,7 @@ int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params,
 	priv_key->data = NULL;
 	pub_key->data = NULL;
 
-	ret = _gnutls_pk_generate_keys(GNUTLS_PK_DH, dh_params->q_bits, &params);
+	ret = _gnutls_pk_generate_keys(GNUTLS_PK_DH, dh_params->q_bits, &params, 0);
 	if (ret < 0) {
 		return gnutls_assert_val(ret);
 	}
@@ -1084,7 +1084,7 @@ int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve,
 	y->data = NULL;
 	k->data = NULL;
 
-	ret = _gnutls_pk_generate_keys(GNUTLS_PK_EC, curve, &params);
+	ret = _gnutls_pk_generate_keys(GNUTLS_PK_EC, curve, &params, 0);
 	if (ret < 0) {
 		return gnutls_assert_val(ret);
 	}
@@ -1295,10 +1295,21 @@ cleanup:
 static int
 wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
 			       unsigned int level /*bits or curve */ ,
-			       gnutls_pk_params_st * params)
+			       gnutls_pk_params_st * params,
+			       unsigned ephemeral /*non-zero if they are ephemeral keys */)
 {
 	int ret;
 	unsigned int i;
+	unsigned rnd_level;
+	nettle_random_func *rnd_func;
+
+	if (ephemeral) {
+		rnd_level = GNUTLS_RND_RANDOM;
+		rnd_func = rnd_tmpkey_func;
+	} else {
+		rnd_func = rnd_key_func;
+		rnd_level = GNUTLS_RND_KEY;
+	}
 
 	switch (algo) {
 	case GNUTLS_PK_DSA:
@@ -1317,7 +1328,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
 
 			ret =
 			    dsa_generate_dss_keypair(&pub, y, x,
-						 NULL, rnd_key_func,
+						 NULL, rnd_func,
 						 NULL, NULL);
 			if (ret != 1 || HAVE_LIB_ERROR()) {
 				gnutls_assert();
@@ -1374,13 +1385,13 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
 				if (have_q) {
 					mpz_set(r, pub.q);
 					mpz_sub_ui(r, r, 2);
-					nettle_mpz_random(x, NULL, rnd_tmpkey_func, r);
+					nettle_mpz_random(x, NULL, rnd_func, r);
 					mpz_add_ui(x, x, 1);
 				} else {
 					unsigned size = mpz_sizeinbase(pub.p, 2);
 					if (level == 0)
 						level = MIN(size, DH_EXPONENT_SIZE(size));
-					nettle_mpz_random_size(x, NULL, rnd_tmpkey_func, level);
+					nettle_mpz_random_size(x, NULL, rnd_func, level);
 
 					if (level >= size)
 						mpz_mod(x, x, pub.p);
@@ -1451,14 +1462,14 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
 					params->seed_size = sizeof(params->seed);
 					ret =
 					    rsa_generate_fips186_4_keypair(&pub, &priv, NULL,
-							 rnd_key_func, NULL, NULL,
+							 rnd_func, NULL, NULL,
 							 &params->seed_size, params->seed,
 							 level);
 				}
 			} else {
 				ret =
 				    rsa_generate_keypair(&pub, &priv, NULL,
-						 rnd_key_func, NULL, NULL,
+						 rnd_func, NULL, NULL,
 						 level, 0);
 			}
 			if (ret != 1 || HAVE_LIB_ERROR()) {
@@ -1515,7 +1526,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
 			ecc_scalar_init(&key, curve);
 			ecc_point_init(&pub, curve);
 
-			ecdsa_generate_keypair(&pub, &key, NULL, rnd_key_func);
+			ecdsa_generate_keypair(&pub, &key, NULL, rnd_func);
 			if (HAVE_LIB_ERROR()) {
 				ret = gnutls_assert_val(GNUTLS_E_LIB_IN_ERROR_STATE);
 				goto ecc_fail;
@@ -1565,7 +1576,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
 				goto fail;
 			}
 
-			ret = gnutls_rnd(GNUTLS_RND_RANDOM, params->raw_priv.data, size);
+			ret = gnutls_rnd(rnd_level, params->raw_priv.data, size);
 			if (ret < 0) {
 				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
 				goto fail;
diff --git a/lib/pk.h b/lib/pk.h
index 9c075e4054..c4a25bcd7c 100644
--- a/lib/pk.h
+++ b/lib/pk.h
@@ -33,7 +33,7 @@ extern gnutls_crypto_pk_st _gnutls_pk_ops;
 #define _gnutls_pk_verify_priv_params( algo, params) _gnutls_pk_ops.verify_priv_params( algo, params)
 #define _gnutls_pk_verify_pub_params( algo, params) _gnutls_pk_ops.verify_pub_params( algo, params)
 #define _gnutls_pk_derive( algo, out, pub, priv) _gnutls_pk_ops.derive( algo, out, pub, priv)
-#define _gnutls_pk_generate_keys( algo, bits, priv) _gnutls_pk_ops.generate_keys( algo, bits, priv)
+#define _gnutls_pk_generate_keys( algo, bits, params, temporal) _gnutls_pk_ops.generate_keys( algo, bits, params, temporal)
 #define _gnutls_pk_generate_params( algo, bits, priv) _gnutls_pk_ops.generate_params( algo, bits, priv)
 #define _gnutls_pk_hash_algorithm( pk, sig, params, hash) _gnutls_pk_ops.hash_algorithm(pk, sig, params, hash)
 #define _gnutls_pk_curve_exists( curve) _gnutls_pk_ops.curve_exists(curve)
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index a2744ff155..1c40615a5a 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -1565,7 +1565,7 @@ gnutls_x509_privkey_generate2(gnutls_x509_privkey_t key,
 		return ret;
 	}
 
-	ret = _gnutls_pk_generate_keys(algo, bits, &key->params);
+	ret = _gnutls_pk_generate_keys(algo, bits, &key->params, 0);
 	if (ret < 0) {
 		gnutls_assert();
 		goto cleanup;