mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update NTRU support, with help from thesourcerer8

Browse Source
This commit is contained in:
Chris Conlon 2014-06-05 14:42:15 -06:00
parent 665bda3ce6
commit 7e5287e578
7 changed files with 92 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
certs/ntru-cert.pem
View File

@ -1,28 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIIAfivVvmTrhEwDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNV
MIIEyzCCA7OgAwIBAgIIAXluJQUcy8wwDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYD
VQQKEwhTYXd0b290aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3
Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wIhgPMjAx
MzA2MTYyMTE1NTdaGA8yMDE0MTAzMDIxMTU1N1owgYoxCzAJBgNVBAYTAlVTMQsw
CQYDVQQIEwJPUjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRQw
EgYDVQQLEwtEZXZlbG9wbWVudDEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsG
CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggJLMBgGCisGAQQBwXABAQIGCisG
AQQBwXABAi4DggItAASCAij5Bo9I8+pNpd+UbAjYSxjlZ9p6zo855iaDFlgwp1mU
pJEDcr3RE218YmGaZL9vjqso/rNvP1MOv2GvGkcWU10gc+uD1bdvK8sBLNlm2LXI
4x7uaiPZNQSDpHM8NA4sawN7dHir/Xk199qYbG/w3xK3PBZevul1CRob1CjAa9bY
K84qC0z1BsGGodP0Lyv2vC5JHxCdh7cUvfElea8lMAbYyzFmrdjxfErj98bq7VNE
wAPjwSEzlmTaGZ2BV7R1Gs1HeM6ZV17xzWxcdSf3kPJFYw35+ouhrre7SxxTnJAX
65Y+qXj4xChKta1KI3WBrO1DDd0axxPaqw/jGZi1/X3C0sAaG3acyPEq++4GS0Zv
eveLZ3OzC5D4qtYe+V4GXtChB+341shmAG9YFo4ot/98u3TwAdO1XSgaP4UYfxMK
SNXOFdwRpy+FCjms8b9Qsk8mSj7WVv4+FVr017ce+yFyE0IHeiuRuvZ+QRraqwLI
XOfAvp2/PWmlovdk7PKADFSV+Znx+coH4PR0enLq9wkVVAFyFCmCKxpOd+15/1JD
Fqtb2+HV7W8254OB70vzzVo9eVzn9DUYA04HHYqN9mY7RB2cHZ5lJa3awKESlg7a
7IUfBy3l+q+FdEnNtiz0sAXua3oJgMxagJcIb5FSVMBy8f40ertb6VhDFvlniuNL
xE2MAmriJeFaJyO2sXFJByHOwEwxj4+rteeUrmTfCamx5EDG5pN8noAwDQYJKoZI
hvcNAQEFBQADggEBAISRCm3JpSm6YoLDgrL0ytSibcAFP9Mtua0ocYy00O2SJ8yM
Me+OGE1u89Nj317gPMeDskI2Ifkl80o8l6Gik3jLDGlaRvrlH0iT3B+HFSVGwir9
T5agGjVpjcrWZi9BENRtLS8ILttjd0UvkpsR4QViIc50KAyhC4ogut8rsYLBUP87
K8iGV/MVWa1COx0WLfIMlSCiz6ryh4aLfFB55kPWfSTOHAIbUZ82mPozJ+MmC1P2
EzEhN4Usp+Q3GmikyXcefm8DSUpayN6bXlZ14ikTLFtTw0v/Upgr+MdfKH+SrK4Z
lQQlbfJKww4sWKoEfZMFhZco6qOrF7iHo/vmpOc=
NDA2MDMyMzEzMjdaGA8yMDE1MTAxNzIzMTMyN1owgYoxCzAJBgNVBAYTAlVTMQsw
CQYDVQQIDAJPUjERMA8GA1UEBwwIUG9ydGxhbmQxDjAMBgNVBAoMBXlhU1NMMRQw
EgYDVQQLDAtEZXZlbG9wbWVudDEWMBQGA1UEAwwNd3d3Lnlhc3NsLmNvbTEdMBsG
CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggJNMBoGCysGAQQBwRYBAQEBBgsr
BgEEAcEWAQECLgOCAi0ABIICKO1hBf4/bE5gMEaaWRDZuWBjrwl+j5DTlJG1mECJ
EyikaLfh26ZdmjPz3I7QI5i3YcDF4i0CTrN81S8JNBubGdGKeV32v/Vgam/NYhK7
Otzzxnk/c+6no0oBhJre5PNvvYnJDcA5IVFDXQ4cFip/xAv7plQ9eR615+t6J8am
ycS1iIE3DBkDXJreTmu0jkuC1tyRXuLmivRbphtxRjAdDV8BE0PYmHLIHuKtAbQu
uAkYLK40dnKN44HRjiROtHPaU8rZd861tF4HfkD5j/Fv+KfBhmDGL0ohYO6ibWKc
nEW57XqpKqTo9kioLJn+ap4eYFFZc4ABVC15Hr5SJYoiVORi8FTxhdSY2sddnZ/u
TMV8GKHncWc++tEnuagz+XSi9aGxeSH71RotbLFuxLPXmtEkyNiqdH/s54bgMNQU
pkuHsuWnPTPti/yLZDPm7YT4etrC2+Q7OawCzqH+FHiUep5jaejpBcyCwdcSTtB+
h+GV1qDG0/zdA/2y1sFICmmLXsrXLp17+1IMWNCzrAqJDy+zdL/cE3lF1tzFiNO+
8ZX8Q/dY0X1zZXBkj0z1LCowYKh2lI6bt1dHwXIsZvfUK9IpwNC7Wi98yVViT2LC
ukIqjBgzEqvlqOQKsIwz6ylOEqYx2t95J9P1hdmpsHGIdH5EpQyzkCDE0DG/aNfk
/dycRqTQyqVf0wHWbANj0ISJgEbnWg574g5T2Zy9eoY9oXMwiZpbt+bTIDANBgkq
hkiG9w0BAQUFAAOCAQEAfcgvvM7yAL33VGgF3RSh7DF/a66UnKVDiByVOXyERgbG
Apw3tPkZuPu78wqpUfUzSW8+mLE0oRYZYbUQnWdr56z1PvTGTDdN1xzwJo/sOWFl
BfijJ4T9mzVv2W/4IOGMCpxfEqnf7Yjrk4yBxKoIFCn14BGuQGYxCcyX3L3ZLngP
cHgj5bACMQxgWAC7rQp+svAWSATTXeIJyAZdNmg6f68CXIvKupHk87STLx6Vfrnv
7d9LflW94wftGRtl7HE54a8E6x7D+ORC1w0jmlQVwoZq6zYDKj20SO0O4JNTwP4H
uF/2wFSDfkX+Fh902Q1FebbFaXqTYwHhGc/XSs5Mwg==
-----END CERTIFICATE-----

BIN
certs/ntru-key.raw
View File

Binary file not shown.

51
configure.ac
View File

@ -1209,21 +1209,44 @@ AM_CONDITIONAL([BUILD_CRL_MONITOR], [test "x$ENABLED_CRL_MONITOR" = "xyes"])
# NTRU
ntruHome=`pwd`/NTRU_algorithm
ntruInclude=$ntruHome/cryptolib
ntruLib=$ntruHome
AC_ARG_ENABLE([ntru],
[ --enable-ntru Enable NTRU (default: disabled)],
[ ENABLED_NTRU=$enableval ],
[ ENABLED_NTRU=no ]
)
ENABLED_NTRU="no"
tryntrudir=""
AC_ARG_WITH([ntru],
[ --with-ntru=PATH Path to NTRU install (default /usr/) ],
[
AC_MSG_CHECKING([for NTRU])
CPPFLAGS="$CPPFLAGS -DHAVE_NTRU"
LIBS="$LIBS -lNTRUEncrypt"
if test "$ENABLED_NTRU" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -I$ntruInclude"
AM_LDFLAGS="$AM_LDFLAGS -L$ntruLib"
LIBS="$LIBS -lntru_encrypt"
fi
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
if test "x$ntru_linked" == "xno" ; then
if test "x$withval" != "xno" ; then
tryntrudir=$withval
fi
if test "x$withval" == "xyes" ; then
tryntrudir="/usr"
fi
LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
CPPFLAGS="$CPPFLAGS -I$tryntrudir/include"
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
if test "x$ntru_linked" == "xno" ; then
AC_MSG_ERROR([NTRU isn't found.
If it's already installed, specify its path using --with-ntru=/dir/])
fi
AC_MSG_RESULT([yes])
AM_LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
else
AC_MSG_RESULT([yes])
fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU"
ENABLED_NTRU="yes"
]
)
AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])

19
ctaocrypt/src/asn.c
View File

@ -53,7 +53,7 @@
#endif
#ifdef HAVE_NTRU
#include "crypto_ntru.h"
#include "ntru_crypto.h"
#endif
#ifdef HAVE_ECC
@ -626,7 +626,7 @@ CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
if (b == ASN_TAG_NULL) {
b = input[i++];
if (b != 0)
if (b != 0)
return ASN_EXPECT_0_E;
}
else
@ -1544,8 +1544,9 @@ static int GetKey(DecodedCert* cert)
byte* next = (byte*)key;
word16 keyLen;
byte keyBlob[MAX_NTRU_KEY_SZ];
word32 rc;
word32 rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
&keyLen, NULL, &next);
if (rc != NTRU_OK)
@ -1553,8 +1554,8 @@ static int GetKey(DecodedCert* cert)
if (keyLen > sizeof(keyBlob))
return ASN_NTRU_KEY_E;
rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,&keyLen,
keyBlob, &next);
rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
&keyLen, keyBlob, &next);
if (rc != NTRU_OK)
return ASN_NTRU_KEY_E;
@ -5115,15 +5116,15 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
word32 rc;
word16 encodedSz;
rc = crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ntruKey, &encodedSz, NULL);
rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ntruKey, &encodedSz, NULL);
if (rc != NTRU_OK)
return PUBLIC_KEY_E;
if (encodedSz > MAX_PUBLIC_KEY_SZ)
return PUBLIC_KEY_E;
rc = crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ntruKey, &encodedSz, der->publicKey);
rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ntruKey, &encodedSz, der->publicKey);
if (rc != NTRU_OK)
return PUBLIC_KEY_E;

18
ctaocrypt/test/test.c
View File

@ -101,7 +101,7 @@
#endif
#ifdef HAVE_NTRU
#include "crypto_ntru.h"
#include "ntru_crypto.h"
#endif
#ifdef HAVE_CAVIUM
#include "cavium_sysdep.h"
@ -3354,25 +3354,27 @@ int rsa_test(void)
static uint8_t const pers_str[] = {
'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
};
word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
GetEntropy, &drbg);
word32 rc = ntru_crypto_drbg_instantiate(112, pers_str,
sizeof(pers_str), GetEntropy, &drbg);
if (rc != DRBG_OK) {
free(derCert);
free(pem);
return -450;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
NULL, &private_key_len, NULL);
rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2,
&public_key_len, NULL,
&private_key_len, NULL);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -451;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
public_key, &private_key_len, private_key);
crypto_drbg_uninstantiate(drbg);
rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2,
&public_key_len, public_key,
&private_key_len, private_key);
ntru_crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK) {
free(derCert);

2
cyassl/ctaocrypt/asn.h
View File

@ -189,7 +189,7 @@ enum Block_Sum {
enum Key_Sum {
DSAk = 515,
RSAk = 645,
NTRUk = 364,
NTRUk = 274,
ECDSAk = 518
};

22
src/internal.c
View File

@ -35,7 +35,7 @@
#endif
#ifdef HAVE_NTRU
#include "crypto_ntru.h"
#include "ntru_crypto.h"
#endif
#if defined(DEBUG_CYASSL) || defined(SHOW_SECRETS)
@ -8754,18 +8754,18 @@ static void PickHashSigAlgo(CYASSL* ssl,
if (ssl->peerNtruKeyPresent == 0)
return NO_PEER_KEY;
rc = crypto_drbg_instantiate(MAX_NTRU_BITS, cyasslStr,
sizeof(cyasslStr), GetEntropy,
&drbg);
rc = ntru_crypto_drbg_instantiate(MAX_NTRU_BITS, cyasslStr,
sizeof(cyasslStr), GetEntropy,
&drbg);
if (rc != DRBG_OK)
return NTRU_DRBG_ERROR;
rc = crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,
ssl->peerNtruKey,
ssl->arrays->preMasterSz,
ssl->arrays->preMasterSecret,
&cipherLen, encSecret);
crypto_drbg_uninstantiate(drbg);
rc = ntru_crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,
ssl->peerNtruKey,
ssl->arrays->preMasterSz,
ssl->arrays->preMasterSecret,
&cipherLen, encSecret);
ntru_crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK)
return NTRU_ENCRYPT_ERROR;
@ -11623,7 +11623,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
if ((*inOutIdx - begin) + cipherLen > size)
return BUFFER_ERROR;
if (NTRU_OK != crypto_ntru_decrypt(
if (NTRU_OK != ntru_crypto_ntru_decrypt(
(word16) ssl->buffers.key.length,
ssl->buffers.key.buffer, cipherLen,
input + *inOutIdx, &plainLen,