From 83b8aebb19fe6e49e13a05d4e8f5ab9a06177642 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Sat, 11 Apr 2015 22:03:59 +0200 Subject: Imported Upstream version 5.3.0 --- src/libstrongswan/plugins/ntru/Makefile.am | 1 - src/libstrongswan/plugins/ntru/Makefile.in | 12 +- src/libstrongswan/plugins/ntru/ntru_ke.c | 38 +++--- src/libstrongswan/plugins/ntru/ntru_mgf1.c | 182 ---------------------------- src/libstrongswan/plugins/ntru/ntru_mgf1.h | 77 ------------ src/libstrongswan/plugins/ntru/ntru_poly.c | 62 ++-------- src/libstrongswan/plugins/ntru/ntru_trits.c | 39 +++--- 7 files changed, 52 insertions(+), 359 deletions(-) delete mode 100644 src/libstrongswan/plugins/ntru/ntru_mgf1.c delete mode 100644 src/libstrongswan/plugins/ntru/ntru_mgf1.h (limited to 'src/libstrongswan/plugins/ntru') diff --git a/src/libstrongswan/plugins/ntru/Makefile.am b/src/libstrongswan/plugins/ntru/Makefile.am index b959afa8e..c9fcee982 100644 --- a/src/libstrongswan/plugins/ntru/Makefile.am +++ b/src/libstrongswan/plugins/ntru/Makefile.am @@ -16,7 +16,6 @@ libstrongswan_ntru_la_SOURCES = \ ntru_convert.h ntru_convert.c \ ntru_drbg.h ntru_drbg.c \ ntru_ke.h ntru_ke.c \ - ntru_mgf1.h ntru_mgf1.c \ ntru_param_set.h ntru_param_set.c \ ntru_poly.h ntru_poly.c \ ntru_public_key.h ntru_public_key.c \ diff --git a/src/libstrongswan/plugins/ntru/Makefile.in b/src/libstrongswan/plugins/ntru/Makefile.in index e57a3673e..5636692ab 100644 --- a/src/libstrongswan/plugins/ntru/Makefile.in +++ b/src/libstrongswan/plugins/ntru/Makefile.in @@ -129,9 +129,8 @@ am__installdirs = "$(DESTDIR)$(plugindir)" LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_ntru_la_LIBADD = am_libstrongswan_ntru_la_OBJECTS = ntru_plugin.lo ntru_convert.lo \ - ntru_drbg.lo ntru_ke.lo ntru_mgf1.lo ntru_param_set.lo \ - ntru_poly.lo ntru_public_key.lo ntru_private_key.lo \ - ntru_trits.lo + ntru_drbg.lo ntru_ke.lo ntru_param_set.lo ntru_poly.lo \ + ntru_public_key.lo ntru_private_key.lo ntru_trits.lo libstrongswan_ntru_la_OBJECTS = $(am_libstrongswan_ntru_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) @@ -229,6 +228,7 @@ DLLIB = @DLLIB@ DLLTOOL = @DLLTOOL@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ +EASY_INSTALL = @EASY_INSTALL@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ @@ -289,10 +289,12 @@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ PTHREADLIB = @PTHREADLIB@ PYTHON = @PYTHON@ +PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ PYTHON_PLATFORM = @PYTHON_PLATFORM@ PYTHON_PREFIX = @PYTHON_PREFIX@ PYTHON_VERSION = @PYTHON_VERSION@ +PY_TEST = @PY_TEST@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ RUBY = @RUBY@ @@ -366,6 +368,8 @@ json_CFLAGS = @json_CFLAGS@ json_LIBS = @json_LIBS@ libdir = @libdir@ libexecdir = @libexecdir@ +libiptc_CFLAGS = @libiptc_CFLAGS@ +libiptc_LIBS = @libiptc_LIBS@ linux_headers = @linux_headers@ localedir = @localedir@ localstatedir = @localstatedir@ @@ -438,7 +442,6 @@ libstrongswan_ntru_la_SOURCES = \ ntru_convert.h ntru_convert.c \ ntru_drbg.h ntru_drbg.c \ ntru_ke.h ntru_ke.c \ - ntru_mgf1.h ntru_mgf1.c \ ntru_param_set.h ntru_param_set.c \ ntru_poly.h ntru_poly.c \ ntru_public_key.h ntru_public_key.c \ @@ -539,7 +542,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_convert.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_drbg.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_ke.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_mgf1.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_param_set.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_plugin.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_poly.Plo@am__quote@ diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c index abaa22336..3b5df81d9 100644 --- a/src/libstrongswan/plugins/ntru/ntru_ke.c +++ b/src/libstrongswan/plugins/ntru/ntru_ke.c @@ -56,7 +56,7 @@ struct private_ntru_ke_t { /** * Diffie Hellman group number. */ - u_int16_t group; + diffie_hellman_group_t group; /** * NTRU Parameter Set @@ -106,10 +106,10 @@ struct private_ntru_ke_t { /** * Deterministic Random Bit Generator */ - ntru_drbg_t *drbg; + ntru_drbg_t *drbg; }; -METHOD(diffie_hellman_t, get_my_public_value, void, +METHOD(diffie_hellman_t, get_my_public_value, bool, private_ntru_ke_t *this, chunk_t *value) { *value = chunk_empty; @@ -130,30 +130,30 @@ METHOD(diffie_hellman_t, get_my_public_value, void, if (!this->privkey) { DBG1(DBG_LIB, "NTRU keypair generation failed"); - return; + return FALSE; } this->pubkey = this->privkey->get_public_key(this->privkey); } *value = chunk_clone(this->pubkey->get_encoding(this->pubkey)); DBG3(DBG_LIB, "NTRU public key: %B", value); } + return TRUE; } -METHOD(diffie_hellman_t, get_shared_secret, status_t, +METHOD(diffie_hellman_t, get_shared_secret, bool, private_ntru_ke_t *this, chunk_t *secret) { if (!this->computed || !this->shared_secret.len) { *secret = chunk_empty; - return FAILED; + return FALSE; } *secret = chunk_clone(this->shared_secret); - return SUCCESS; + return TRUE; } - -METHOD(diffie_hellman_t, set_other_public_value, void, +METHOD(diffie_hellman_t, set_other_public_value, bool, private_ntru_ke_t *this, chunk_t value) { if (this->privkey) @@ -162,15 +162,15 @@ METHOD(diffie_hellman_t, set_other_public_value, void, if (value.len == 0) { DBG1(DBG_LIB, "empty NTRU ciphertext"); - return; + return FALSE; } DBG3(DBG_LIB, "NTRU ciphertext: %B", &value); /* decrypt the shared secret */ - if (!this->privkey->decrypt(this->privkey, value, &this->shared_secret)) + if (!this->privkey->decrypt(this->privkey, value, &this->shared_secret)) { DBG1(DBG_LIB, "NTRU decryption of shared secret failed"); - return; + return FALSE; } this->computed = TRUE; } @@ -185,13 +185,13 @@ METHOD(diffie_hellman_t, set_other_public_value, void, pubkey = ntru_public_key_create_from_data(this->drbg, value); if (!pubkey) { - return; + return FALSE; } if (pubkey->get_id(pubkey) != this->param_set->id) { DBG1(DBG_LIB, "received NTRU public key with wrong OUI"); pubkey->destroy(pubkey); - return; + return FALSE; } this->pubkey = pubkey; @@ -204,7 +204,7 @@ METHOD(diffie_hellman_t, set_other_public_value, void, { DBG1(DBG_LIB, "generation of shared secret failed"); chunk_free(&this->shared_secret); - return; + return FALSE; } this->computed = TRUE; @@ -212,10 +212,11 @@ METHOD(diffie_hellman_t, set_other_public_value, void, if (!pubkey->encrypt(pubkey, this->shared_secret, &this->ciphertext)) { DBG1(DBG_LIB, "NTRU encryption of shared secret failed"); - return; + return FALSE; } DBG3(DBG_LIB, "NTRU ciphertext: %B", &this->ciphertext); } + return this->computed; } METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t, @@ -301,10 +302,10 @@ ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p) drbg = ntru_drbg_create(strength, chunk_from_str("IKE NTRU-KE"), entropy); if (!drbg) - { + { DBG1(DBG_LIB, "could not instantiate DRBG at %u bit security", strength); entropy->destroy(entropy); - return NULL; + return NULL; } INIT(this, @@ -326,4 +327,3 @@ ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p) return &this->public; } - diff --git a/src/libstrongswan/plugins/ntru/ntru_mgf1.c b/src/libstrongswan/plugins/ntru/ntru_mgf1.c deleted file mode 100644 index 2338db208..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_mgf1.c +++ /dev/null @@ -1,182 +0,0 @@ -/* - * Copyright (C) 2013 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "ntru_mgf1.h" - -#include -#include -#include - -typedef struct private_ntru_mgf1_t private_ntru_mgf1_t; - -/** - * Private data of an ntru_mgf1_t object. - */ -struct private_ntru_mgf1_t { - - /** - * Public ntru_mgf1_t interface. - */ - ntru_mgf1_t public; - - /** - * Hasher the MGF1 Mask Generation Function is based on - */ - hasher_t *hasher; - - /** - * Counter - */ - u_int32_t counter; - - /** - * Set if counter has reached 2^32 - */ - bool overflow; - - /** - * Current state to be hashed - */ - chunk_t state; - - /** - * Position of the 4 octet counter string - */ - u_char *ctr_str; - -}; - -METHOD(ntru_mgf1_t, get_hash_size, size_t, - private_ntru_mgf1_t *this) -{ - return this->hasher->get_hash_size(this->hasher); -} - -METHOD(ntru_mgf1_t, get_mask, bool, - private_ntru_mgf1_t *this, size_t mask_len, u_char *mask) -{ - u_char buf[HASH_SIZE_SHA512]; - size_t hash_len; - - hash_len = this->hasher->get_hash_size(this->hasher); - - while (mask_len > 0) - { - /* detect overflow, set counter string and increment counter */ - if (this->overflow) - { - return FALSE; - } - htoun32(this->ctr_str, this->counter++); - if (this->counter == 0) - { - this->overflow = TRUE; - } - - /* get the next or final mask block from the hash function */ - if (!this->hasher->get_hash(this->hasher, this->state, - (mask_len < hash_len) ? buf : mask)) - { - return FALSE; - } - if (mask_len < hash_len) - { - memcpy(mask, buf, mask_len); - return TRUE; - } - mask_len -= hash_len; - mask += hash_len; - } - return TRUE; -} - -METHOD(ntru_mgf1_t, allocate_mask, bool, - private_ntru_mgf1_t *this, size_t mask_len, chunk_t *mask) -{ - if (mask_len == 0) - { - *mask = chunk_empty; - return TRUE; - } - *mask = chunk_alloc(mask_len); - - return get_mask(this, mask_len, mask->ptr); -} - -METHOD(ntru_mgf1_t, destroy, void, - private_ntru_mgf1_t *this) -{ - this->hasher->destroy(this->hasher); - chunk_clear(&this->state); - free(this); -} - -/* - * Described in header. - */ -ntru_mgf1_t *ntru_mgf1_create(hash_algorithm_t alg, chunk_t seed, - bool hash_seed) -{ - private_ntru_mgf1_t *this; - hasher_t *hasher; - size_t state_len; - - if (seed.len == 0) - { - DBG1(DBG_LIB, "empty seed for MGF1"); - return NULL; - } - - hasher = lib->crypto->create_hasher(lib->crypto, alg); - if (!hasher) - { - DBG1(DBG_LIB, "failed to create %N hasher for MGF1", - hash_algorithm_names, alg); - return NULL; - } - state_len = (hash_seed ? hasher->get_hash_size(hasher) : seed.len) + 4; - - INIT(this, - .public = { - .get_hash_size = _get_hash_size, - .allocate_mask = _allocate_mask, - .get_mask = _get_mask, - .destroy = _destroy, - }, - .hasher = hasher, - .state = chunk_alloc(state_len), - ); - - /* determine position of the 4 octet counter string */ - this->ctr_str = this->state.ptr + state_len - 4; - - if (hash_seed) - { - if (!hasher->get_hash(hasher, seed, this->state.ptr)) - { - DBG1(DBG_LIB, "failed to hash seed for MGF1"); - destroy(this); - return NULL; - } - } - else - { - memcpy(this->state.ptr, seed.ptr, seed.len); - } - - return &this->public; -} - -EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_mgf1_create); diff --git a/src/libstrongswan/plugins/ntru/ntru_mgf1.h b/src/libstrongswan/plugins/ntru/ntru_mgf1.h deleted file mode 100644 index 53e90412a..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_mgf1.h +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (C) 2013 Andreas Steffen - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup ntru_mgf1 ntru_mgf1 - * @{ @ingroup ntru_p - */ - -#ifndef NTRU_MGF1_H_ -#define NTRU_MGF1_H_ - -typedef struct ntru_mgf1_t ntru_mgf1_t; - -#include - -/** - * Implements the PKCS#1 MGF1 Mask Generation Function based on a hash function - * defined in section 10.2.1 of RFC 2437 - */ -struct ntru_mgf1_t { - - /** - * Get the hash size of the underlying hash function - * - * @return hash size in bytes - */ - size_t (*get_hash_size)(ntru_mgf1_t *this); - - /** - * Generate a mask pattern and copy it to an output buffer - * If the maximum number of requests has been reached, reseeding occurs - * - * @param mask_len number of mask bytes to generate - * @param mask output buffer of minimum size mask_len - * @return TRUE if successful - */ - bool (*get_mask)(ntru_mgf1_t *this, size_t mask_len, u_char *mask); - - /** - * Generate a mask pattern and return it in an allocated chunk - * - * @param mask_len number of mask bytes to generate - * @param mask chunk containing generated mask - * @return TRUE if successful - */ - bool (*allocate_mask)(ntru_mgf1_t *this, size_t mask_len, chunk_t *mask); - - /** - * Destroy the MGF1 object - */ - void (*destroy)(ntru_mgf1_t *this); -}; - -/** - * Create an MGF1 object - * - * @param alg hash algorithm to be used by MGF1 - * @param seed seed used by MGF1 to generate mask from - * @param hash_seed hash seed before using it as a seed from MGF1 - */ -ntru_mgf1_t *ntru_mgf1_create(hash_algorithm_t alg, chunk_t seed, - bool hash_seed); - -#endif /** NTRU_MGF1_H_ @}*/ - diff --git a/src/libstrongswan/plugins/ntru/ntru_poly.c b/src/libstrongswan/plugins/ntru/ntru_poly.c index 77ab54a5c..cb11601cd 100644 --- a/src/libstrongswan/plugins/ntru/ntru_poly.c +++ b/src/libstrongswan/plugins/ntru/ntru_poly.c @@ -16,8 +16,8 @@ */ #include "ntru_poly.h" -#include "ntru_mgf1.h" +#include #include #include @@ -297,22 +297,17 @@ ntru_poly_t *ntru_poly_create_from_seed(hash_algorithm_t alg, chunk_t seed, bool is_product_form) { private_ntru_poly_t *this; - size_t hash_len, octet_count = 0, i; - uint8_t octets[HASH_SIZE_SHA512], *used, num_left = 0, num_needed; - uint16_t index, limit, left = 0; int n, num_indices, index_i = 0; - ntru_mgf1_t *mgf1; + uint32_t index, limit; + uint8_t *used; + mgf1_bitspender_t *bitspender; - DBG2(DBG_LIB, "MGF1 is seeded with %u bytes", seed.len); - mgf1 = ntru_mgf1_create(alg, seed, TRUE); - if (!mgf1) + bitspender = mgf1_bitspender_create(alg, seed, TRUE); + if (!bitspender) { return NULL; } - i = hash_len = mgf1->get_hash_size(mgf1); - this = ntru_poly_create(N, q, indices_len_p, indices_len_m, is_product_form); - used = malloc(N); limit = N * ((1 << c_bits) / N); @@ -328,43 +323,12 @@ ntru_poly_t *ntru_poly_create_from_seed(hash_algorithm_t alg, chunk_t seed, /* generate a random candidate index with a size of c_bits */ do { - /* use any leftover bits first */ - index = num_left ? left << (c_bits - num_left) : 0; - - /* get the rest of the bits needed from new octets */ - num_needed = c_bits - num_left; - - while (num_needed) + if (!bitspender->get_bits(bitspender, c_bits, &index)) { - if (i == hash_len) - { - /* get another block from MGF1 */ - if (!mgf1->get_mask(mgf1, hash_len, octets)) - { - mgf1->destroy(mgf1); - destroy(this); - free(used); - return NULL; - } - octet_count += hash_len; - i = 0; - } - left = octets[i++]; - - if (num_needed <= 8) - { - /* all bits needed to fill the index are in this octet */ - index |= left >> (8 - num_needed); - num_left = 8 - num_needed; - num_needed = 0; - left &= 0xff >> (8 - num_left); - } - else - { - /* more than one octet will be needed */ - index |= left << (num_needed - 8); - num_needed -= 8; - } + bitspender->destroy(bitspender); + destroy(this); + free(used); + return NULL; } } while (index >= limit); @@ -380,9 +344,7 @@ ntru_poly_t *ntru_poly_create_from_seed(hash_algorithm_t alg, chunk_t seed, } } - DBG2(DBG_LIB, "MGF1 generates %u octets to derive %u indices", - octet_count, this->num_indices); - mgf1->destroy(mgf1); + bitspender->destroy(bitspender); free(used); return &this->public; diff --git a/src/libstrongswan/plugins/ntru/ntru_trits.c b/src/libstrongswan/plugins/ntru/ntru_trits.c index 1abb7671c..57b3532ef 100644 --- a/src/libstrongswan/plugins/ntru/ntru_trits.c +++ b/src/libstrongswan/plugins/ntru/ntru_trits.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Andreas Steffen + * Copyright (C) 2013-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -14,9 +14,9 @@ */ #include "ntru_trits.h" -#include "ntru_mgf1.h" #include "ntru_convert.h" +#include #include #include @@ -70,17 +70,15 @@ METHOD(ntru_trits_t, destroy, void, ntru_trits_t *ntru_trits_create(size_t len, hash_algorithm_t alg, chunk_t seed) { private_ntru_trits_t *this; - uint8_t octets[HASH_SIZE_SHA512], buf[5], *trits; - size_t hash_len, octet_count = 0, trits_needed, i; - ntru_mgf1_t *mgf1; + uint8_t octet, buf[5], *trits; + size_t trits_needed; + mgf1_bitspender_t *bitspender; - DBG2(DBG_LIB, "MGF1 is seeded with %u bytes", seed.len); - mgf1 = ntru_mgf1_create(alg, seed, TRUE); - if (!mgf1) + bitspender = mgf1_bitspender_create(alg, seed, TRUE); + if (!bitspender) { return NULL; } - i = hash_len = mgf1->get_hash_size(mgf1); INIT(this, .public = { @@ -97,21 +95,15 @@ ntru_trits_t *ntru_trits_create(size_t len, hash_algorithm_t alg, chunk_t seed) while (trits_needed > 0) { - if (i == hash_len) + if (!bitspender->get_byte(bitspender, &octet)) { - /* get another block from MGF1 */ - if (!mgf1->get_mask(mgf1, hash_len, octets)) - { - mgf1->destroy(mgf1); - destroy(this); - return NULL; - } - octet_count += hash_len; - i = 0; + bitspender->destroy(bitspender); + destroy(this); + return NULL; } - if (octets[i] < 243) /* 243 = 3^5 */ + if (octet < 243) /* 243 = 3^5 */ { - ntru_octet_2_trits(octets[i], (trits_needed < 5) ? buf : trits); + ntru_octet_2_trits(octet, (trits_needed < 5) ? buf : trits); if (trits_needed < 5) { memcpy(trits, buf, trits_needed); @@ -120,11 +112,8 @@ ntru_trits_t *ntru_trits_create(size_t len, hash_algorithm_t alg, chunk_t seed) trits += 5; trits_needed -= 5; } - i++; } - DBG2(DBG_LIB, "MGF1 generates %u octets to extract %u trits", - octet_count, len); - mgf1->destroy(mgf1); + bitspender->destroy(bitspender); return &this->public; } -- cgit v1.2.3