mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into ti

Browse Source
This commit is contained in:
toddouska 2014-06-05 17:55:56 -07:00
commit f4c96c68c9
10 changed files with 144 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Makefile.am
View File

@ -21,6 +21,23 @@ dist_doc_DATA=
@INC_AMINCLUDE@
DISTCLEANFILES+= aminclude.am
CLEANFILES+= cert.der \
cert.pem \
certecc.der \
certecc.pem \
certreq.der \
certreq.pem \
key.der \
key.pem \
ntru-cert.der \
ntru-cert.pem \
ntru-key.raw \
othercert.der \
othercert.pem \
pkcs7cert.der \
pkcs7envelopedData.der \
pkcs7signedData.der
exampledir = $(docdir)/example
dist_example_DATA=

46
certs/ntru-cert.pem
View File

@ -1,28 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIIAfivVvmTrhEwDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNV
MIIEyzCCA7OgAwIBAgIIAXluJQUcy8wwDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYD
VQQKEwhTYXd0b290aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3
Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wIhgPMjAx
MzA2MTYyMTE1NTdaGA8yMDE0MTAzMDIxMTU1N1owgYoxCzAJBgNVBAYTAlVTMQsw
CQYDVQQIEwJPUjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRQw
EgYDVQQLEwtEZXZlbG9wbWVudDEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsG
CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggJLMBgGCisGAQQBwXABAQIGCisG
AQQBwXABAi4DggItAASCAij5Bo9I8+pNpd+UbAjYSxjlZ9p6zo855iaDFlgwp1mU
pJEDcr3RE218YmGaZL9vjqso/rNvP1MOv2GvGkcWU10gc+uD1bdvK8sBLNlm2LXI
4x7uaiPZNQSDpHM8NA4sawN7dHir/Xk199qYbG/w3xK3PBZevul1CRob1CjAa9bY
K84qC0z1BsGGodP0Lyv2vC5JHxCdh7cUvfElea8lMAbYyzFmrdjxfErj98bq7VNE
wAPjwSEzlmTaGZ2BV7R1Gs1HeM6ZV17xzWxcdSf3kPJFYw35+ouhrre7SxxTnJAX
65Y+qXj4xChKta1KI3WBrO1DDd0axxPaqw/jGZi1/X3C0sAaG3acyPEq++4GS0Zv
eveLZ3OzC5D4qtYe+V4GXtChB+341shmAG9YFo4ot/98u3TwAdO1XSgaP4UYfxMK
SNXOFdwRpy+FCjms8b9Qsk8mSj7WVv4+FVr017ce+yFyE0IHeiuRuvZ+QRraqwLI
XOfAvp2/PWmlovdk7PKADFSV+Znx+coH4PR0enLq9wkVVAFyFCmCKxpOd+15/1JD
Fqtb2+HV7W8254OB70vzzVo9eVzn9DUYA04HHYqN9mY7RB2cHZ5lJa3awKESlg7a
7IUfBy3l+q+FdEnNtiz0sAXua3oJgMxagJcIb5FSVMBy8f40ertb6VhDFvlniuNL
xE2MAmriJeFaJyO2sXFJByHOwEwxj4+rteeUrmTfCamx5EDG5pN8noAwDQYJKoZI
hvcNAQEFBQADggEBAISRCm3JpSm6YoLDgrL0ytSibcAFP9Mtua0ocYy00O2SJ8yM
Me+OGE1u89Nj317gPMeDskI2Ifkl80o8l6Gik3jLDGlaRvrlH0iT3B+HFSVGwir9
T5agGjVpjcrWZi9BENRtLS8ILttjd0UvkpsR4QViIc50KAyhC4ogut8rsYLBUP87
K8iGV/MVWa1COx0WLfIMlSCiz6ryh4aLfFB55kPWfSTOHAIbUZ82mPozJ+MmC1P2
EzEhN4Usp+Q3GmikyXcefm8DSUpayN6bXlZ14ikTLFtTw0v/Upgr+MdfKH+SrK4Z
lQQlbfJKww4sWKoEfZMFhZco6qOrF7iHo/vmpOc=
NDA2MDMyMzEzMjdaGA8yMDE1MTAxNzIzMTMyN1owgYoxCzAJBgNVBAYTAlVTMQsw
CQYDVQQIDAJPUjERMA8GA1UEBwwIUG9ydGxhbmQxDjAMBgNVBAoMBXlhU1NMMRQw
EgYDVQQLDAtEZXZlbG9wbWVudDEWMBQGA1UEAwwNd3d3Lnlhc3NsLmNvbTEdMBsG
CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggJNMBoGCysGAQQBwRYBAQEBBgsr
BgEEAcEWAQECLgOCAi0ABIICKO1hBf4/bE5gMEaaWRDZuWBjrwl+j5DTlJG1mECJ
EyikaLfh26ZdmjPz3I7QI5i3YcDF4i0CTrN81S8JNBubGdGKeV32v/Vgam/NYhK7
Otzzxnk/c+6no0oBhJre5PNvvYnJDcA5IVFDXQ4cFip/xAv7plQ9eR615+t6J8am
ycS1iIE3DBkDXJreTmu0jkuC1tyRXuLmivRbphtxRjAdDV8BE0PYmHLIHuKtAbQu
uAkYLK40dnKN44HRjiROtHPaU8rZd861tF4HfkD5j/Fv+KfBhmDGL0ohYO6ibWKc
nEW57XqpKqTo9kioLJn+ap4eYFFZc4ABVC15Hr5SJYoiVORi8FTxhdSY2sddnZ/u
TMV8GKHncWc++tEnuagz+XSi9aGxeSH71RotbLFuxLPXmtEkyNiqdH/s54bgMNQU
pkuHsuWnPTPti/yLZDPm7YT4etrC2+Q7OawCzqH+FHiUep5jaejpBcyCwdcSTtB+
h+GV1qDG0/zdA/2y1sFICmmLXsrXLp17+1IMWNCzrAqJDy+zdL/cE3lF1tzFiNO+
8ZX8Q/dY0X1zZXBkj0z1LCowYKh2lI6bt1dHwXIsZvfUK9IpwNC7Wi98yVViT2LC
ukIqjBgzEqvlqOQKsIwz6ylOEqYx2t95J9P1hdmpsHGIdH5EpQyzkCDE0DG/aNfk
/dycRqTQyqVf0wHWbANj0ISJgEbnWg574g5T2Zy9eoY9oXMwiZpbt+bTIDANBgkq
hkiG9w0BAQUFAAOCAQEAfcgvvM7yAL33VGgF3RSh7DF/a66UnKVDiByVOXyERgbG
Apw3tPkZuPu78wqpUfUzSW8+mLE0oRYZYbUQnWdr56z1PvTGTDdN1xzwJo/sOWFl
BfijJ4T9mzVv2W/4IOGMCpxfEqnf7Yjrk4yBxKoIFCn14BGuQGYxCcyX3L3ZLngP
cHgj5bACMQxgWAC7rQp+svAWSATTXeIJyAZdNmg6f68CXIvKupHk87STLx6Vfrnv
7d9LflW94wftGRtl7HE54a8E6x7D+ORC1w0jmlQVwoZq6zYDKj20SO0O4JNTwP4H
uF/2wFSDfkX+Fh902Q1FebbFaXqTYwHhGc/XSs5Mwg==
-----END CERTIFICATE-----

BIN
certs/ntru-key.raw
View File

Binary file not shown.

51
configure.ac
View File

@ -1209,21 +1209,44 @@ AM_CONDITIONAL([BUILD_CRL_MONITOR], [test "x$ENABLED_CRL_MONITOR" = "xyes"])
# NTRU
ntruHome=`pwd`/NTRU_algorithm
ntruInclude=$ntruHome/cryptolib
ntruLib=$ntruHome
AC_ARG_ENABLE([ntru],
[ --enable-ntru Enable NTRU (default: disabled)],
[ ENABLED_NTRU=$enableval ],
[ ENABLED_NTRU=no ]
)
ENABLED_NTRU="no"
tryntrudir=""
AC_ARG_WITH([ntru],
[ --with-ntru=PATH Path to NTRU install (default /usr/) ],
[
AC_MSG_CHECKING([for NTRU])
CPPFLAGS="$CPPFLAGS -DHAVE_NTRU"
LIBS="$LIBS -lNTRUEncrypt"
if test "$ENABLED_NTRU" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -I$ntruInclude"
AM_LDFLAGS="$AM_LDFLAGS -L$ntruLib"
LIBS="$LIBS -lntru_encrypt"
fi
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
if test "x$ntru_linked" == "xno" ; then
if test "x$withval" != "xno" ; then
tryntrudir=$withval
fi
if test "x$withval" == "xyes" ; then
tryntrudir="/usr"
fi
LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
CPPFLAGS="$CPPFLAGS -I$tryntrudir/include"
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
if test "x$ntru_linked" == "xno" ; then
AC_MSG_ERROR([NTRU isn't found.
If it's already installed, specify its path using --with-ntru=/dir/])
fi
AC_MSG_RESULT([yes])
AM_LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
else
AC_MSG_RESULT([yes])
fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU"
ENABLED_NTRU="yes"
]
)
AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])

16
ctaocrypt/src/aes_asm.asm
View File

@ -132,7 +132,7 @@ AES_CBC_decrypt PROC
mov r9d,[rsp+48]
; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
sub rsp,8+8*64 ; 8 = align stack , 8 xmm6-12,15 8 bytes each
sub rsp,8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each
movdqa [rsp+0], xmm6
movdqa [rsp+16], xmm7
movdqa [rsp+32], xmm8
@ -312,7 +312,7 @@ DEND_4:
movdqa xmm11, [rsp+80]
movdqa xmm12, [rsp+96]
movdqa xmm15, [rsp+112]
add rsp,8+8*64 ; 8 = align stack , 8 xmm6-12,15 8 bytes each
add rsp,8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each
ret
AES_CBC_decrypt ENDP
@ -343,7 +343,7 @@ AES_ECB_encrypt PROC
mov r8d,[rsp+40]
; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
sub rsp,8+4*64 ; 8 = align stack , 4 xmm9-12, 8 bytes each
sub rsp,8+4*16 ; 8 = align stack , 4 xmm9-12, 16 bytes each
movdqa [rsp+0], xmm9
movdqa [rsp+16], xmm10
movdqa [rsp+32], xmm11
@ -500,7 +500,7 @@ EECB_END_4:
movdqa xmm10, [rsp+16]
movdqa xmm11, [rsp+32]
movdqa xmm12, [rsp+48]
add rsp,8+4*64 ; 8 = align stack , 4 xmm9-12 8 bytes each
add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
ret
AES_ECB_encrypt ENDP
@ -531,7 +531,7 @@ AES_ECB_decrypt PROC
mov r8d,[rsp+40]
; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
sub rsp,8+4*64 ; 8 = align stack , 4 xmm9-12, 8 bytes each
sub rsp,8+4*16 ; 8 = align stack , 4 xmm9-12, 16 bytes each
movdqa [rsp+0], xmm9
movdqa [rsp+16], xmm10
movdqa [rsp+32], xmm11
@ -687,7 +687,7 @@ DECB_END_4:
movdqa xmm10, [rsp+16]
movdqa xmm11, [rsp+32]
movdqa xmm12, [rsp+48]
add rsp,8+4*64 ; 8 = align stack , 4 xmm9-12 8 bytes each
add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
ret
AES_ECB_decrypt ENDP
@ -790,7 +790,7 @@ AES_192_Key_Expansion PROC
mov rsi,rdx
; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
sub rsp,8+1*64 ; 8 = align stack , 1 xmm6, 8 bytes each
sub rsp,8+1*16 ; 8 = align stack , 1 xmm6, 16 bytes each
movdqa [rsp+0], xmm6
movdqu xmm1,[rdi]
@ -854,7 +854,7 @@ AES_192_Key_Expansion PROC
mov rsi,r11
; restore non volatile xmms from stack
movdqa xmm6, [rsp+0]
add rsp,8+1*64 ; 8 = align stack , 1 xmm6 8 bytes each
add rsp,8+1*16 ; 8 = align stack , 1 xmm6 16 bytes each
ret
PREPARE_ROUNDKEY_192:

19
ctaocrypt/src/asn.c
View File

@ -53,7 +53,7 @@
#endif
#ifdef HAVE_NTRU
#include "crypto_ntru.h"
#include "ntru_crypto.h"
#endif
#ifdef HAVE_ECC
@ -641,7 +641,7 @@ CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
if (b == ASN_TAG_NULL) {
b = input[i++];
if (b != 0)
if (b != 0)
return ASN_EXPECT_0_E;
}
else
@ -1559,8 +1559,9 @@ static int GetKey(DecodedCert* cert)
byte* next = (byte*)key;
word16 keyLen;
byte keyBlob[MAX_NTRU_KEY_SZ];
word32 rc;
word32 rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
&keyLen, NULL, &next);
if (rc != NTRU_OK)
@ -1568,8 +1569,8 @@ static int GetKey(DecodedCert* cert)
if (keyLen > sizeof(keyBlob))
return ASN_NTRU_KEY_E;
rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,&keyLen,
keyBlob, &next);
rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
&keyLen, keyBlob, &next);
if (rc != NTRU_OK)
return ASN_NTRU_KEY_E;
@ -5130,15 +5131,15 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
word32 rc;
word16 encodedSz;
rc = crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ntruKey, &encodedSz, NULL);
rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ntruKey, &encodedSz, NULL);
if (rc != NTRU_OK)
return PUBLIC_KEY_E;
if (encodedSz > MAX_PUBLIC_KEY_SZ)
return PUBLIC_KEY_E;
rc = crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ntruKey, &encodedSz, der->publicKey);
rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ntruKey, &encodedSz, der->publicKey);
if (rc != NTRU_OK)
return PUBLIC_KEY_E;

48
ctaocrypt/test/test.c
View File

@ -101,7 +101,7 @@
#endif
#ifdef HAVE_NTRU
#include "crypto_ntru.h"
#include "ntru_crypto.h"
#endif
#ifdef HAVE_CAVIUM
#include "cavium_sysdep.h"
@ -2858,8 +2858,8 @@ int rsa_test(void)
int pemSz = 0;
RsaKey derIn;
RsaKey genKey;
FILE* keyFile;
FILE* pemFile;
FILE* keyFile;
FILE* pemFile;
ret = InitRsaKey(&genKey, 0);
if (ret != 0)
@ -3053,7 +3053,7 @@ int rsa_test(void)
int pemSz;
size_t bytes3;
word32 idx3 = 0;
FILE* file3 ;
FILE* file3 ;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
@ -3354,38 +3354,46 @@ int rsa_test(void)
static uint8_t const pers_str[] = {
'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
};
word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
GetEntropy, &drbg);
word32 rc = ntru_crypto_drbg_instantiate(112, pers_str,
sizeof(pers_str), GetEntropy, &drbg);
if (rc != DRBG_OK) {
free(derCert);
free(pem);
return -448;
}
rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2,
&public_key_len, NULL,
&private_key_len, NULL);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -449;
}
rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2,
&public_key_len, public_key,
&private_key_len, private_key);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -450;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
NULL, &private_key_len, NULL);
rc = ntru_crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -451;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
public_key, &private_key_len, private_key);
crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -452;
}
caFile = fopen(caKeyFile, "rb");
if (!caFile) {
free(derCert);
free(pem);
return -453;
return -452;
}
bytes = fread(tmp, 1, FOURK_BUF, caFile);
@ -3395,7 +3403,7 @@ int rsa_test(void)
if (ret != 0) {
free(derCert);
free(pem);
return -459;
return -453;
}
ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
if (ret != 0) {

2
cyassl/ctaocrypt/asn.h
View File

@ -189,7 +189,7 @@ enum Block_Sum {
enum Key_Sum {
DSAk = 515,
RSAk = 645,
NTRUk = 364,
NTRUk = 274,
ECDSAk = 518
};

16
m4/ax_debug.m4
View File

@ -43,19 +43,21 @@
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#serial 6
#serial 6.1
AC_DEFUN([AX_DEBUG],
[AC_PREREQ([2.63])dnl
AC_ARG_ENABLE([debug],
[AS_HELP_STRING([--enable-debug],
[Add debug code/turns off optimizations (yes|no) @<:@default=no@:>@])],
[ax_enable_debug=yes
AC_DEFINE([DEBUG],[1],[Define to 1 to enable debugging code.])],
[ax_enable_debug=no
AC_SUBST([MCHECK])
AC_DEFINE([DEBUG],[0],[Define to 1 to enable debugging code.])])
[ax_enable_debug=$enableval],
[ax_enable_debug=no])
AS_IF([test "x$ax_enable_debug" = xyes],
[AC_DEFINE([DEBUG],[1],[Define to 1 to enable debugging code.])],
[AC_SUBST([MCHECK])
AC_DEFINE([DEBUG],[0],[Define to 1 to enable debugging code.])])
AC_MSG_CHECKING([for debug])
AC_MSG_RESULT([$ax_enable_debug])
AM_CONDITIONAL([DEBUG],[test "x${ax_enable_debug}" = "xyes"])])
AM_CONDITIONAL([DEBUG],[test "x${ax_enable_debug}" = xyes])])

22
src/internal.c
View File

@ -35,7 +35,7 @@
#endif
#ifdef HAVE_NTRU
#include "crypto_ntru.h"
#include "ntru_crypto.h"
#endif
#if defined(DEBUG_CYASSL) || defined(SHOW_SECRETS)
@ -8760,18 +8760,18 @@ static void PickHashSigAlgo(CYASSL* ssl,
if (ssl->peerNtruKeyPresent == 0)
return NO_PEER_KEY;
rc = crypto_drbg_instantiate(MAX_NTRU_BITS, cyasslStr,
sizeof(cyasslStr), GetEntropy,
&drbg);
rc = ntru_crypto_drbg_instantiate(MAX_NTRU_BITS, cyasslStr,
sizeof(cyasslStr), GetEntropy,
&drbg);
if (rc != DRBG_OK)
return NTRU_DRBG_ERROR;
rc = crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,
ssl->peerNtruKey,
ssl->arrays->preMasterSz,
ssl->arrays->preMasterSecret,
&cipherLen, encSecret);
crypto_drbg_uninstantiate(drbg);
rc = ntru_crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,
ssl->peerNtruKey,
ssl->arrays->preMasterSz,
ssl->arrays->preMasterSecret,
&cipherLen, encSecret);
ntru_crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK)
return NTRU_ENCRYPT_ERROR;
@ -11629,7 +11629,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
if ((*inOutIdx - begin) + cipherLen > size)
return BUFFER_ERROR;
if (NTRU_OK != crypto_ntru_decrypt(
if (NTRU_OK != ntru_crypto_ntru_decrypt(
(word16) ssl->buffers.key.length,
ssl->buffers.key.buffer, cipherLen,
input + *inOutIdx, &plainLen,