summaryrefslogtreecommitdiff
path: root/src/libstrongswan/plugins/bliss/bliss_private_key.c
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2015-10-22 11:43:58 +0200
committerYves-Alexis Perez <corsac@debian.org>2015-10-22 11:43:58 +0200
commit5dca9ea0e2931f0e2a056c7964d311bcc30a01b8 (patch)
tree037f1ec5bb860846938ddcf29771c24e9c529be0 /src/libstrongswan/plugins/bliss/bliss_private_key.c
parentb238cf34df3fe4476ae6b7012e7cb3e9769d4d51 (diff)
downloadvyos-strongswan-5dca9ea0e2931f0e2a056c7964d311bcc30a01b8.tar.gz
vyos-strongswan-5dca9ea0e2931f0e2a056c7964d311bcc30a01b8.zip
Imported Upstream version 5.3.3
Diffstat (limited to 'src/libstrongswan/plugins/bliss/bliss_private_key.c')
-rw-r--r--src/libstrongswan/plugins/bliss/bliss_private_key.c18
1 files changed, 6 insertions, 12 deletions
diff --git a/src/libstrongswan/plugins/bliss/bliss_private_key.c b/src/libstrongswan/plugins/bliss/bliss_private_key.c
index e1064d2f2..1386eeb2d 100644
--- a/src/libstrongswan/plugins/bliss/bliss_private_key.c
+++ b/src/libstrongswan/plugins/bliss/bliss_private_key.c
@@ -168,7 +168,7 @@ static bool sign_bliss(private_bliss_private_key_t *this, hash_algorithm_t alg,
bliss_sampler_t *sampler = NULL;
rng_t *rng;
hasher_t *hasher;
- hash_algorithm_t mgf1_alg;
+ hash_algorithm_t mgf1_alg, oracle_alg;
size_t mgf1_seed_len;
uint8_t mgf1_seed_buf[HASH_SIZE_SHA512], data_hash_buf[HASH_SIZE_SHA512];
chunk_t mgf1_seed, data_hash;
@@ -185,7 +185,7 @@ static bool sign_bliss(private_bliss_private_key_t *this, hash_algorithm_t alg,
/* Initialize signature */
*signature = chunk_empty;
- /* Create data hash */
+ /* Create data hash using configurable hash algorithm */
hasher = lib->crypto->create_hasher(lib->crypto, alg);
if (!hasher)
{
@@ -200,13 +200,6 @@ static bool sign_bliss(private_bliss_private_key_t *this, hash_algorithm_t alg,
}
hasher->destroy(hasher);
- /* Create SHA512 hasher for c_indices oracle */
- hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA512);
- if (!hasher)
- {
- return FALSE;
- }
-
/* Set MGF1 hash algorithm and seed length based on security strength */
if (this->set->strength > 160)
{
@@ -223,10 +216,12 @@ static bool sign_bliss(private_bliss_private_key_t *this, hash_algorithm_t alg,
rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
if (!rng)
{
- hasher->destroy(hasher);
return FALSE;
}
+ /* MGF1 hash algorithm to be used for random oracle */
+ oracle_alg = HASH_SHA512;
+
/* Initialize a couple of needed variables */
n = this->set->n;
q = this->set->q;
@@ -360,7 +355,7 @@ static bool sign_bliss(private_bliss_private_key_t *this, hash_algorithm_t alg,
DBG3(DBG_LIB, "%3d %6d %4d", i, u[i], ud[i]);
}
- if (!bliss_utils_generate_c(hasher, data_hash, ud, n, this->set->kappa,
+ if (!bliss_utils_generate_c(oracle_alg, data_hash, ud, this->set,
c_indices))
{
goto end;
@@ -495,7 +490,6 @@ static bool sign_bliss(private_bliss_private_key_t *this, hash_algorithm_t alg,
end:
/* cleanup */
DESTROY_IF(sampler);
- hasher->destroy(hasher);
sig->destroy(sig);
fft->destroy(fft);
rng->destroy(rng);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-05 03:33:27 +0000