Implemented bitspender based on the MGF1 mask generator function
This commit is contained in:
parent
c3664d8ee1
commit
988d477145
|
@ -11,7 +11,8 @@ crypto/prfs/prf.c crypto/prfs/mac_prf.c crypto/pkcs5.c \
|
|||
crypto/rngs/rng.c crypto/prf_plus.c crypto/signers/signer.c \
|
||||
crypto/signers/mac_signer.c crypto/crypto_factory.c crypto/crypto_tester.c \
|
||||
crypto/diffie_hellman.c crypto/aead.c crypto/transform.c \
|
||||
crypto/iv/iv_gen_rand.c crypto/iv/iv_gen_seq.c crypto/mgf1/mgf1.c \
|
||||
crypto/iv/iv_gen_rand.c crypto/iv/iv_gen_seq.c \
|
||||
crypto/mgf1/mgf1.c crypto/mgf1/mgf1_bitspender.c \
|
||||
credentials/credential_factory.c credentials/builder.c \
|
||||
credentials/cred_encoding.c credentials/keys/private_key.c \
|
||||
credentials/keys/public_key.c credentials/keys/shared_key.c \
|
||||
|
@ -66,7 +67,8 @@ crypto/prfs/prf.h crypto/prfs/mac_prf.h crypto/rngs/rng.h crypto/nonce_gen.h \
|
|||
crypto/prf_plus.h crypto/signers/signer.h crypto/signers/mac_signer.h \
|
||||
crypto/crypto_factory.h crypto/crypto_tester.h crypto/diffie_hellman.h \
|
||||
crypto/aead.h crypto/transform.h crypto/pkcs5.h crypto/iv/iv_gen.h \
|
||||
crypto/iv/iv_gen_rand.h crypto/iv/iv_gen_seq.h crypto/mgf1/mgf1.h \
|
||||
crypto/iv/iv_gen_rand.h crypto/iv/iv_gen_seq.h \
|
||||
crypto/mgf1/mgf1.h crypto/mgf1/mgf1_bitspender.h \
|
||||
credentials/credential_factory.h credentials/builder.h \
|
||||
credentials/cred_encoding.h credentials/keys/private_key.h \
|
||||
credentials/keys/public_key.h credentials/keys/shared_key.h \
|
||||
|
|
|
@ -68,7 +68,7 @@ struct mgf1_t {
|
|||
*
|
||||
* @param alg hash algorithm to be used by MGF1
|
||||
* @param seed seed used by MGF1 to generate mask from
|
||||
* @param hash_seed hash seed before using it as a seed from MGF1
|
||||
* @param hash_seed hash seed before using it as a seed for MGF1
|
||||
*/
|
||||
mgf1_t *mgf1_create(hash_algorithm_t alg, chunk_t seed,
|
||||
bool hash_seed);
|
||||
|
|
|
@ -0,0 +1,158 @@
|
|||
/*
|
||||
* Copyright (C) 2014 Andreas Steffen
|
||||
* HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#include "mgf1_bitspender.h"
|
||||
|
||||
#include <crypto/mgf1/mgf1.h>
|
||||
|
||||
typedef struct private_mgf1_bitspender_t private_mgf1_bitspender_t;
|
||||
|
||||
/**
|
||||
* Private data structure for mgf1_bitspender_t object
|
||||
*/
|
||||
struct private_mgf1_bitspender_t {
|
||||
/**
|
||||
* Public interface.
|
||||
*/
|
||||
mgf1_bitspender_t public;
|
||||
|
||||
/**
|
||||
* MGF1 bit mask generator
|
||||
*/
|
||||
mgf1_t *mgf1;
|
||||
|
||||
/**
|
||||
* Octet storage (accommodates up to 64 octets)
|
||||
*/
|
||||
uint8_t octets[HASH_SIZE_SHA512];
|
||||
|
||||
/**
|
||||
* Length of the returned hash value in octets
|
||||
*/
|
||||
int hash_len;
|
||||
|
||||
/**
|
||||
* Number of generated octets
|
||||
*/
|
||||
int octets_count;
|
||||
|
||||
/**
|
||||
* Number of available octets
|
||||
*/
|
||||
int octets_left;
|
||||
|
||||
/**
|
||||
* Bit storage (accomodates up to 32 bits)
|
||||
*/
|
||||
uint32_t bits;
|
||||
|
||||
/**
|
||||
* Number of available bits
|
||||
*/
|
||||
int bits_left;
|
||||
};
|
||||
|
||||
METHOD(mgf1_bitspender_t, get_bits, uint32_t,
|
||||
private_mgf1_bitspender_t *this, int bits_needed)
|
||||
{
|
||||
uint32_t bits = 0x00000000;
|
||||
int bits_now;
|
||||
|
||||
if (bits_needed > 31)
|
||||
{
|
||||
/* too many bits requested */
|
||||
return MGF1_BITSPENDER_ERROR;
|
||||
}
|
||||
|
||||
while (bits_needed)
|
||||
{
|
||||
if (this->bits_left == 0)
|
||||
{
|
||||
if (this->octets_left == 0)
|
||||
{
|
||||
/* get another block from MGF1 */
|
||||
if (!this->mgf1->get_mask(this->mgf1, this->hash_len,
|
||||
this->octets))
|
||||
{
|
||||
/* no block available */
|
||||
return MGF1_BITSPENDER_ERROR;
|
||||
}
|
||||
this->octets_left = this->hash_len;
|
||||
this->octets_count += this->hash_len;
|
||||
}
|
||||
this->bits = untoh32(this->octets + this->hash_len -
|
||||
this->octets_left);
|
||||
this->bits_left = 32;
|
||||
this->octets_left -= 4;
|
||||
}
|
||||
if (bits_needed > this->bits_left)
|
||||
{
|
||||
bits_now = this->bits_left;
|
||||
this->bits_left = 0;
|
||||
bits_needed -= bits_now;
|
||||
bits <<= bits_now;
|
||||
bits |= this->bits;
|
||||
}
|
||||
else
|
||||
{
|
||||
bits_now = bits_needed;
|
||||
this->bits_left -= bits_needed;
|
||||
bits_needed = 0;
|
||||
bits <<= bits_now;
|
||||
bits |= this->bits >> this->bits_left;
|
||||
this->bits &= 0xffffffff >> (32 - this->bits_left);
|
||||
}
|
||||
}
|
||||
return bits;
|
||||
}
|
||||
|
||||
|
||||
METHOD(mgf1_bitspender_t, destroy, void,
|
||||
private_mgf1_bitspender_t *this)
|
||||
{
|
||||
DBG2(DBG_LIB, "mgf1 generated %u octets", this->octets_count);
|
||||
memwipe(this->octets, sizeof(this->octets));
|
||||
this->mgf1->destroy(this->mgf1);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* See header.
|
||||
*/
|
||||
mgf1_bitspender_t *mgf1_bitspender_create(hash_algorithm_t alg, chunk_t seed,
|
||||
bool hash_seed)
|
||||
{
|
||||
private_mgf1_bitspender_t *this;
|
||||
mgf1_t *mgf1;
|
||||
|
||||
mgf1 = mgf1_create(alg, seed, hash_seed);
|
||||
if (!mgf1)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
DBG2(DBG_LIB, "mgf1 based on %N is seeded with %u octets",
|
||||
hash_algorithm_short_names, alg, seed.len);
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.get_bits = _get_bits,
|
||||
.destroy = _destroy,
|
||||
},
|
||||
.mgf1 = mgf1,
|
||||
.hash_len = mgf1->get_hash_size(mgf1),
|
||||
);
|
||||
|
||||
return &this->public;
|
||||
}
|
|
@ -0,0 +1,60 @@
|
|||
/*
|
||||
* Copyright (C) 2014 Andreas Steffen
|
||||
* HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup mgf1_bitspender mgf1_bitspender
|
||||
* @{ @ingroup bliss_p
|
||||
*/
|
||||
|
||||
#ifndef MGF1_BITSPENDER_H_
|
||||
#define MGF1_BITSPENDER_H_
|
||||
|
||||
#include <library.h>
|
||||
#include <crypto/hashers/hasher.h>
|
||||
|
||||
typedef struct mgf1_bitspender_t mgf1_bitspender_t;
|
||||
|
||||
#define MGF1_BITSPENDER_ERROR 0xffffffff
|
||||
|
||||
/**
|
||||
* Generates a given number of pseudo-random bits at a time using MFG1
|
||||
*/
|
||||
struct mgf1_bitspender_t {
|
||||
|
||||
/**
|
||||
* Get pseudo-random bits
|
||||
*
|
||||
* @param bits_needed Number of needed bits (1..31)
|
||||
* @result Return between 1 and 31 pseudo-random bits
|
||||
*/
|
||||
uint32_t (*get_bits)(mgf1_bitspender_t *this, int bits_needed);
|
||||
|
||||
/**
|
||||
* Destroy mgf1_bitspender_t object
|
||||
*/
|
||||
void (*destroy)(mgf1_bitspender_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Create a mgf1_bitspender_t object
|
||||
*
|
||||
* @param alg Hash algorithm to be used with MGF1
|
||||
* @param seed Seed used to initialize MGF1
|
||||
* @param hash_seed Hash seed before using it as a seed for MFG1
|
||||
*/
|
||||
mgf1_bitspender_t *mgf1_bitspender_create(hash_algorithm_t alg, chunk_t seed,
|
||||
bool hash_seed);
|
||||
|
||||
#endif /** MGF1_BITSPENDER_H_ @}*/
|
Loading…
Reference in New Issue