From: Andreas Steffen Date: Mon, 25 Jul 2016 11:49:59 +0000 (+0200) Subject: integrity-test: Added ntru_param_sets to read-only segment X-Git-Tag: 5.5.1dr1~1^2~7 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=b8070e2c85895a367ee176ae66551ae993ca68cc;p=thirdparty%2Fstrongswan.git integrity-test: Added ntru_param_sets to read-only segment --- diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c index efc660bedb..17309b149b 100644 --- a/src/libstrongswan/plugins/ntru/ntru_ke.c +++ b/src/libstrongswan/plugins/ntru/ntru_ke.c @@ -25,22 +25,22 @@ typedef struct private_ntru_ke_t private_ntru_ke_t; /* Best bandwidth and speed, no X9.98 compatibility */ -static ntru_param_set_id_t param_sets_optimum[] = { +static const ntru_param_set_id_t param_sets_optimum[] = { NTRU_EES401EP2, NTRU_EES439EP1, NTRU_EES593EP1, NTRU_EES743EP1 }; /* X9.98/IEEE 1363.1 parameter sets for best speed */ -static ntru_param_set_id_t param_sets_x9_98_speed[] = { +static const ntru_param_set_id_t param_sets_x9_98_speed[] = { NTRU_EES659EP1, NTRU_EES761EP1, NTRU_EES1087EP1, NTRU_EES1499EP1 }; /* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */ -static ntru_param_set_id_t param_sets_x9_98_bandwidth[] = { +static const ntru_param_set_id_t param_sets_x9_98_bandwidth[] = { NTRU_EES401EP1, NTRU_EES449EP1, NTRU_EES677EP1, NTRU_EES1087EP2 }; /* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */ -static ntru_param_set_id_t param_sets_x9_98_balance[] = { +static const ntru_param_set_id_t param_sets_x9_98_balance[] = { NTRU_EES541EP1, NTRU_EES613EP1, NTRU_EES887EP1, NTRU_EES1171EP1 }; @@ -61,7 +61,7 @@ struct private_ntru_ke_t { /** * NTRU Parameter Set */ - ntru_param_set_t *param_set; + const ntru_param_set_t *param_set; /** * Cryptographical strength in bits of the NTRU Parameter Set @@ -243,7 +243,8 @@ METHOD(diffie_hellman_t, destroy, void, ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p) { private_ntru_ke_t *this; - ntru_param_set_id_t *param_sets, param_set_id; + const ntru_param_set_id_t *param_sets; + ntru_param_set_id_t param_set_id; rng_t *entropy; ntru_drbg_t *drbg; char *parameter_set; diff --git a/src/libstrongswan/plugins/ntru/ntru_param_set.c b/src/libstrongswan/plugins/ntru/ntru_param_set.c index 4af1e3091e..3b2716e282 100644 --- a/src/libstrongswan/plugins/ntru/ntru_param_set.c +++ b/src/libstrongswan/plugins/ntru/ntru_param_set.c @@ -41,7 +41,7 @@ ENUM(ntru_param_set_id_names, NTRU_EES401EP1, NTRU_EES743EP1, /** * NTRU encryption parameter set definitions */ -static ntru_param_set_t ntru_param_sets[] = { +static const ntru_param_set_t ntru_param_sets[] = { /* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */ { @@ -340,7 +340,7 @@ static ntru_param_set_t ntru_param_sets[] = { /** * See header. */ -ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id) +const ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id) { int i; @@ -358,7 +358,7 @@ ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id) /** * See header. */ -ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid) +const ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid) { int i; diff --git a/src/libstrongswan/plugins/ntru/ntru_param_set.h b/src/libstrongswan/plugins/ntru/ntru_param_set.h index df4e553335..3ec0f833fb 100644 --- a/src/libstrongswan/plugins/ntru/ntru_param_set.h +++ b/src/libstrongswan/plugins/ntru/ntru_param_set.h @@ -80,23 +80,81 @@ extern enum_name_t *ntru_param_set_id_names; * NTRU encryption parameter set definitions */ struct ntru_param_set_t { - ntru_param_set_id_t id; /* NTRU parameter set ID */ - uint8_t oid[NTRU_OID_LEN]; /* pointer to OID */ - uint8_t der_id; /* parameter-set DER id */ - uint8_t N_bits; /* no. of bits in N (i.e. in an index */ - uint16_t N; /* ring dimension */ - uint16_t sec_strength_len; /* no. of octets of security strength */ - uint16_t q; /* big modulus */ - uint8_t q_bits; /* no. of bits in q (i.e. in a coefficient */ - bool is_product_form; /* if product form used */ - uint32_t dF_r; /* no. of +1 or -1 coefficients in ring elements - F, r */ - uint16_t dg; /* no. - 1 of +1 coefficients or - no. of -1 coefficients in ring element g */ - uint16_t m_len_max; /* max no. of plaintext octets */ - uint16_t min_msg_rep_wt; /* min. message representative weight */ - uint8_t c_bits; /* no. bits in candidate for deriving an index */ - uint8_t m_len_len; /* no. of octets to hold mLenOctets */ + + /** + * NTRU parameter set ID + */ + const ntru_param_set_id_t id; + + /** + * pointer to OID + */ + const uint8_t oid[NTRU_OID_LEN]; + + /** + * parameter-set DER id + */ + const uint8_t der_id; + + /** + * no. of bits in N (i.e. in an index + */ + const uint8_t N_bits; + + /** + * ring dimension + */ + const uint16_t N; + + /** + * no. of octets of security strength + */ + const uint16_t sec_strength_len; + + /** + * big modulus + */ + const uint16_t q; + + /** + * no. of bits in q (i.e. in a coefficient) + */ + const uint8_t q_bits; + + /** + * if product form used + */ + const bool is_product_form; + + /** + * no. of +1 or -1 coefficients in ring elements F, r + */ + const uint32_t dF_r; + + /** + * no. - 1 of +1 coefficients or no. of -1 coefficients in ring element g + */ + const uint16_t dg; + + /** + * max no. of plaintext octets + */ + const uint16_t m_len_max; + + /** + * min. message representative weight + */ + const uint16_t min_msg_rep_wt; + + /** + * no. bits in candidate for deriving an index + */ + const uint8_t c_bits; + + /** + * no. of octets to hold mLenOctets + */ + const uint8_t m_len_len; }; /** @@ -105,7 +163,7 @@ struct ntru_param_set_t { * @param id NTRU parameter set ID * @return NTRU parameter set */ -ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id); +const ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id); /** * Get NTRU encryption parameter set by NTRU parameter set OID @@ -113,6 +171,6 @@ ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id); * @param oid NTRU parameter set OID * @return NTRU parameter set */ -ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid); +const ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid); #endif /** NTRU_PARAM_SET_H_ @}*/ diff --git a/src/libstrongswan/plugins/ntru/ntru_private_key.c b/src/libstrongswan/plugins/ntru/ntru_private_key.c index fa87fe9c31..c795c9d2ba 100644 --- a/src/libstrongswan/plugins/ntru/ntru_private_key.c +++ b/src/libstrongswan/plugins/ntru/ntru_private_key.c @@ -38,7 +38,7 @@ struct private_ntru_private_key_t { /** * NTRU Parameter Set */ - ntru_param_set_t *params; + const ntru_param_set_t *params; /** * Polynomial F which is the private key @@ -642,7 +642,7 @@ static bool ring_inv(uint16_t *a, uint16_t N, uint16_t q, uint16_t *t, * Described in header. */ ntru_private_key_t *ntru_private_key_create(ntru_drbg_t *drbg, - ntru_param_set_t *params) + const ntru_param_set_t *params) { private_ntru_private_key_t *this; size_t t_len; @@ -775,7 +775,7 @@ ntru_private_key_t *ntru_private_key_create_from_data(ntru_drbg_t *drbg, size_t privkey_packed_trits_len, privkey_packed_indices_len; uint8_t *privkey_packed, tag; uint16_t *indices, dF; - ntru_param_set_t *params; + const ntru_param_set_t *params; header_len = 2 + NTRU_OID_LEN; diff --git a/src/libstrongswan/plugins/ntru/ntru_private_key.h b/src/libstrongswan/plugins/ntru/ntru_private_key.h index c6f08440f1..ced806d7a8 100644 --- a/src/libstrongswan/plugins/ntru/ntru_private_key.h +++ b/src/libstrongswan/plugins/ntru/ntru_private_key.h @@ -77,7 +77,8 @@ struct ntru_private_key_t { * @param drbg Digital Random Bit Generator used for key generation * @param params NTRU encryption parameter set to be used */ -ntru_private_key_t *ntru_private_key_create(ntru_drbg_t *drbg, ntru_param_set_t *params); +ntru_private_key_t *ntru_private_key_create(ntru_drbg_t *drbg, + const ntru_param_set_t *params); /** * Creates an NTRU encryption private key from encoding diff --git a/src/libstrongswan/plugins/ntru/ntru_public_key.c b/src/libstrongswan/plugins/ntru/ntru_public_key.c index a2ff1b2b04..2b72d9057b 100644 --- a/src/libstrongswan/plugins/ntru/ntru_public_key.c +++ b/src/libstrongswan/plugins/ntru/ntru_public_key.c @@ -37,7 +37,7 @@ struct private_ntru_public_key_t { /** * NTRU Parameter Set */ - ntru_param_set_t *params; + const ntru_param_set_t *params; /** * Polynomial h which is the public key @@ -320,7 +320,7 @@ METHOD(ntru_public_key_t, destroy, void, * Described in header. */ ntru_public_key_t *ntru_public_key_create(ntru_drbg_t *drbg, - ntru_param_set_t *params, + const ntru_param_set_t *params, uint16_t *pubkey) { private_ntru_public_key_t *this; @@ -357,7 +357,7 @@ ntru_public_key_t *ntru_public_key_create_from_data(ntru_drbg_t *drbg, { private_ntru_public_key_t *this; size_t header_len, pubkey_packed_len; - ntru_param_set_t *params; + const ntru_param_set_t *params; header_len = 2 + NTRU_OID_LEN; diff --git a/src/libstrongswan/plugins/ntru/ntru_public_key.h b/src/libstrongswan/plugins/ntru/ntru_public_key.h index baa8eabcd0..4f098f28cf 100644 --- a/src/libstrongswan/plugins/ntru/ntru_public_key.h +++ b/src/libstrongswan/plugins/ntru/ntru_public_key.h @@ -71,7 +71,7 @@ struct ntru_public_key_t { * @param pubkey Coefficients of public key polynomial h */ ntru_public_key_t *ntru_public_key_create(ntru_drbg_t *drbg, - ntru_param_set_t *params, + const ntru_param_set_t *params, uint16_t *pubkey); /**