Details | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 81 | magnus | 1 | Author: Magnus Holmgren <holmgren@debian.org> |
| 2 | Description: Adapt to Nettle 2.1 |
||
| 3 | |||
| 4 | --- a/src/spki/verify.c |
||
| 5 | +++ b/src/spki/verify.c |
||
| 6 | @@ -75,11 +75,11 @@ spki_verify_dsa(const uint8_t *digest, |
||
| 7 | dsa_signature_init(&rs); |
||
| 8 | |||
| 9 | res = (dsa_keypair_from_sexp_alist(&dsa, NULL, |
||
| 10 | - RSA_KEYSIZE_LIMIT, &key->sexp) |
||
| 11 | + RSA_KEYSIZE_LIMIT, DSA_SHA1_Q_BITS, &key->sexp) |
||
| 12 | && spki_parse_type(key) |
||
| 13 | - && dsa_signature_from_sexp(&rs, &signature->sexp) |
||
| 14 | + && dsa_signature_from_sexp(&rs, &signature->sexp, DSA_SHA1_Q_BITS) |
||
| 15 | && spki_parse_type(signature) |
||
| 16 | - && dsa_verify_digest(&dsa, digest, &rs)); |
||
| 17 | + && dsa_sha1_verify_digest(&dsa, digest, &rs)); |
||
| 18 | |||
| 19 | dsa_signature_clear(&rs); |
||
| 20 | dsa_public_key_clear(&dsa); |
||
| 21 | --- a/src/dsa.c |
||
| 22 | +++ b/src/dsa.c |
||
| 23 | @@ -118,7 +118,7 @@ do_dsa_verify(struct verifier *c, int al |
||
| 24 | && (atom == ATOM_SSH_DSS) |
||
| 25 | && parse_string(&buffer, &buf_length, &buf) |
||
| 26 | && !(buf_length % 2) |
||
| 27 | - && (buf_length <= (2 * DSA_Q_OCTETS)) |
||
| 28 | + && (buf_length <= (2 * DSA_SHA1_Q_OCTETS)) |
||
| 29 | && parse_eod(&buffer))) |
||
| 30 | goto fail; |
||
| 31 | |||
| 32 | @@ -143,8 +143,8 @@ do_dsa_verify(struct verifier *c, int al |
||
| 33 | if (! (sexp_iterator_first(&i, signature_length, signature_data) |
||
| 34 | && sexp_iterator_enter_list(&i) |
||
| 35 | && sexp_iterator_assoc(&i, 2, names, values) |
||
| 36 | - && nettle_mpz_set_sexp(sv.r, DSA_Q_BITS, &values[0]) |
||
| 37 | - && nettle_mpz_set_sexp(sv.s, DSA_Q_BITS, &values[1])) ) |
||
| 38 | + && nettle_mpz_set_sexp(sv.r, DSA_SHA1_Q_BITS, &values[0]) |
||
| 39 | + && nettle_mpz_set_sexp(sv.s, DSA_SHA1_Q_BITS, &values[1])) ) |
||
| 40 | goto fail; |
||
| 41 | |||
| 42 | break; |
||
| 43 | @@ -156,7 +156,7 @@ do_dsa_verify(struct verifier *c, int al |
||
| 44 | sha1_init(&hash); |
||
| 45 | sha1_update(&hash, length, msg); |
||
| 46 | |||
| 47 | - res = dsa_verify(&self->key, &hash, &sv); |
||
| 48 | + res = dsa_sha1_verify(&self->key, &hash, &sv); |
||
| 49 | fail: |
||
| 50 | |||
| 51 | dsa_signature_clear(&sv); |
||
| 52 | @@ -212,7 +212,7 @@ parse_ssh_dss_public(struct simple_buffe |
||
| 53 | |||
| 54 | if (parse_bignum(buffer, res->key.p, DSA_MAX_OCTETS) |
||
| 55 | && (mpz_sgn(res->key.p) == 1) |
||
| 56 | - && parse_bignum(buffer, res->key.q, DSA_Q_OCTETS) |
||
| 57 | + && parse_bignum(buffer, res->key.q, DSA_SHA1_Q_OCTETS) |
||
| 58 | && (mpz_sgn(res->key.q) == 1) |
||
| 59 | && (mpz_cmp(res->key.q, res->key.p) < 0) /* q < p */ |
||
| 60 | && parse_bignum(buffer, res->key.g, DSA_MAX_OCTETS) |
||
| 61 | @@ -269,7 +269,7 @@ do_dsa_sign(struct signer *c, |
||
| 62 | dsa_signature_init(&sv); |
||
| 63 | sha1_init(&hash); |
||
| 64 | sha1_update(&hash, msg_length, msg); |
||
| 65 | - dsa_sign(&self->verifier->key, &self->key, |
||
| 66 | + dsa_sha1_sign(&self->verifier->key, &self->key, |
||
| 67 | self->random, lsh_random, &hash, &sv); |
||
| 68 | |||
| 69 | debug("do_dsa_sign: r = %xn, s = %xn\n", sv.r, sv.s); |
||
| 70 | @@ -323,7 +323,7 @@ make_dsa_verifier(struct signature_algor |
||
| 71 | NEW(dsa_verifier, res); |
||
| 72 | init_dsa_verifier(res); |
||
| 73 | |||
| 74 | - if (dsa_keypair_from_sexp_alist(&res->key, NULL, DSA_MAX_BITS, i)) |
||
| 75 | + if (dsa_keypair_from_sexp_alist(&res->key, NULL, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i)) |
||
| 76 | return &res->super; |
||
| 77 | |||
| 78 | KILL(res); |
||
| 79 | @@ -342,7 +342,7 @@ make_dsa_signer(struct signature_algorit |
||
| 80 | |||
| 81 | dsa_private_key_init(&res->key); |
||
| 82 | |||
| 83 | - if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key, DSA_MAX_BITS, i)) |
||
| 84 | + if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i)) |
||
| 85 | { |
||
| 86 | res->random = self->random; |
||
| 87 | res->verifier = verifier; |
||
| 88 | --- a/src/crypto.c |
||
| 89 | +++ b/src/crypto.c |
||
| 90 | @@ -251,10 +251,6 @@ make_des3_cbc_instance(struct crypto_alg |
||
| 91 | const uint8_t *key, const uint8_t *iv) |
||
| 92 | { |
||
| 93 | NEW(des3_instance, self); |
||
| 94 | - uint8_t pkey[DES3_KEY_SIZE]; |
||
| 95 | - |
||
| 96 | - /* Fix odd parity */ |
||
| 97 | - des_fix_parity(DES3_KEY_SIZE, pkey, key); |
||
| 98 | |||
| 99 | self->super.block_size = DES3_BLOCK_SIZE; |
||
| 100 | self->super.crypt = ( (mode == CRYPTO_ENCRYPT) |
||
| 101 | @@ -263,19 +259,13 @@ make_des3_cbc_instance(struct crypto_alg |
||
| 102 | |||
| 103 | CBC_SET_IV(&self->ctx, iv); |
||
| 104 | |||
| 105 | - if (des3_set_key(&self->ctx.ctx, pkey)) |
||
| 106 | + if (des3_set_key(&self->ctx.ctx, key)) |
||
| 107 | return(&self->super); |
||
| 108 | - |
||
| 109 | - switch(self->ctx.ctx.status) |
||
| 110 | + else |
||
| 111 | { |
||
| 112 | - case DES_BAD_PARITY: |
||
| 113 | - fatal("Internal error! Bad parity in make_des3_instance.\n"); |
||
| 114 | - case DES_WEAK_KEY: |
||
| 115 | werror("Detected weak DES key.\n"); |
||
| 116 | KILL(self); |
||
| 117 | return NULL; |
||
| 118 | - default: |
||
| 119 | - fatal("Internal error!\n"); |
||
| 120 | } |
||
| 121 | } |
||
| 122 | |||
| 123 | --- a/src/lsh-keygen.c |
||
| 124 | +++ b/src/lsh-keygen.c |
||
| 125 | @@ -217,7 +217,7 @@ dsa_generate_key(struct randomness *r, u |
||
| 126 | if (dsa_generate_keypair(&public, &private, |
||
| 127 | r, lsh_random, |
||
| 128 | NULL, progress, |
||
| 129 | - 512 + 64 * level)) |
||
| 130 | + 512 + 64 * level, DSA_SHA1_Q_BITS)) |
||
| 131 | { |
||
| 132 | key = |
||
| 133 | lsh_string_format_sexp(0, |