Пример #1
0
static void wrap_nettle_cipher_close(void *_ctx)
{
	struct nettle_cipher_ctx *ctx = _ctx;

	zeroize_temp_key(ctx, sizeof(*ctx));
	gnutls_free(ctx);
}
Пример #2
0
static void aes_ccm_deinit(void *_ctx)
{
	struct ccm_x86_aes_ctx *ctx = _ctx;

	zeroize_temp_key(ctx, sizeof(*ctx));
	gnutls_free(ctx);
}
Пример #3
0
static void aes_deinit(void *_ctx)
{
	struct padlock_ctx *ctx = _ctx;
	
	zeroize_temp_key(ctx, sizeof(*ctx));
	gnutls_free(ctx);
}
Пример #4
0
static int wrap_x86_hmac_fast(gnutls_mac_algorithm_t algo,
				const void *nonce, size_t nonce_size,
				const void *key, size_t key_size,
				const void *text, size_t text_size,
				void *digest)
{
	struct x86_hmac_ctx ctx;
	int ret;

	ret = _hmac_ctx_init(algo, &ctx);
	if (ret < 0)
		return gnutls_assert_val(ret);

	ctx.setkey(&ctx, key_size, key);
	ctx.update(&ctx, text_size, text);
	ctx.digest(&ctx, ctx.length, digest);
	
	zeroize_temp_key(&ctx, sizeof(ctx));

	return 0;
}
Пример #5
0
static int
wrap_padlock_hmac_fast(gnutls_mac_algorithm_t algo,
		       const void *nonce, size_t nonce_size,
		       const void *key, size_t key_size, const void *text,
		       size_t text_size, void *digest)
{
	if (algo == GNUTLS_MAC_SHA1 || algo == GNUTLS_MAC_SHA256) {
		unsigned char *pad;
		unsigned char pad2[SHA1_DATA_SIZE + MAX_SHA_DIGEST_SIZE];
		unsigned char hkey[MAX_SHA_DIGEST_SIZE];
		unsigned int digest_size =
		    _gnutls_mac_get_algo_len(mac_to_entry(algo));

		if (key_size > SHA1_DATA_SIZE) {
			wrap_padlock_hash_fast((gnutls_digest_algorithm_t)
					       algo, key, key_size, hkey);
			key = hkey;
			key_size = digest_size;
		}

		pad = gnutls_malloc(text_size + SHA1_DATA_SIZE);
		if (pad == NULL)
			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

		memset(pad, IPAD, SHA1_DATA_SIZE);
		memxor(pad, key, key_size);

		memcpy(&pad[SHA1_DATA_SIZE], text, text_size);

		wrap_padlock_hash_fast((gnutls_digest_algorithm_t) algo,
				       pad, text_size + SHA1_DATA_SIZE,
				       &pad2[SHA1_DATA_SIZE]);

		gnutls_free(pad);

		memset(pad2, OPAD, SHA1_DATA_SIZE);
		memxor(pad2, key, key_size);

		wrap_padlock_hash_fast((gnutls_digest_algorithm_t) algo,
				       pad2, digest_size + SHA1_DATA_SIZE,
				       digest);

	} else {
		struct padlock_hmac_ctx ctx;
		int ret;

		ret = _hmac_ctx_init(algo, &ctx);
		if (ret < 0)
			return gnutls_assert_val(ret);
		ctx.algo = algo;

		wrap_padlock_hmac_setkey(&ctx, key, key_size);

		wrap_padlock_hmac_update(&ctx, text, text_size);

		wrap_padlock_hmac_output(&ctx, digest, ctx.length);
		wrap_padlock_hmac_deinit(&ctx);

		zeroize_temp_key(&ctx, sizeof(ctx));
	}

	return 0;
}
Пример #6
0
static int
wrap_nettle_cipher_setkey(void *_ctx, const void *key, size_t keysize)
{
	struct nettle_cipher_ctx *ctx = _ctx;
	uint8_t des_key[DES3_KEY_SIZE];

	switch (ctx->algo) {
	case GNUTLS_CIPHER_AES_128_GCM:
	case GNUTLS_CIPHER_AES_256_GCM:
		gcm_aes_set_key(&ctx->ctx.aes_gcm, keysize, key);
		break;
	case GNUTLS_CIPHER_AES_128_CBC:
	case GNUTLS_CIPHER_AES_192_CBC:
	case GNUTLS_CIPHER_AES_256_CBC:
		if (ctx->enc)
			aes_set_encrypt_key(ctx->ctx_ptr, keysize, key);
		else
			aes_set_decrypt_key(ctx->ctx_ptr, keysize, key);
		break;
	case GNUTLS_CIPHER_CAMELLIA_128_CBC:
	case GNUTLS_CIPHER_CAMELLIA_192_CBC:
	case GNUTLS_CIPHER_CAMELLIA_256_CBC:
		if (ctx->enc)
			camellia_set_encrypt_key(ctx->ctx_ptr, keysize,
						 key);
		else
			camellia_set_decrypt_key(ctx->ctx_ptr, keysize,
						 key);
		break;
	case GNUTLS_CIPHER_3DES_CBC:
		if (keysize != DES3_KEY_SIZE) {
			gnutls_assert();
			return GNUTLS_E_INTERNAL_ERROR;
		}

		des_fix_parity(keysize, des_key, key);

		if (des3_set_key(ctx->ctx_ptr, des_key) != 1) {
			gnutls_assert();
		}
		zeroize_temp_key(des_key, sizeof(des_key));

		break;
	case GNUTLS_CIPHER_CAMELLIA_128_GCM:
	case GNUTLS_CIPHER_CAMELLIA_256_GCM:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		_gcm_camellia_set_key(&ctx->ctx.camellia_gcm, keysize,
				      key);
		break;
	case GNUTLS_CIPHER_DES_CBC:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		if (keysize != DES_KEY_SIZE) {
			gnutls_assert();
			return GNUTLS_E_INTERNAL_ERROR;
		}

		des_fix_parity(keysize, des_key, key);

		if (des_set_key(ctx->ctx_ptr, des_key) != 1) {
			gnutls_assert();
			return GNUTLS_E_INTERNAL_ERROR;
		}
		zeroize_temp_key(des_key, sizeof(des_key));
		break;
	case GNUTLS_CIPHER_ARCFOUR_128:
	case GNUTLS_CIPHER_ARCFOUR_40:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		arcfour_set_key(ctx->ctx_ptr, keysize, key);
		break;
	case GNUTLS_CIPHER_SALSA20_256:
	case GNUTLS_CIPHER_ESTREAM_SALSA20_256:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		salsa20_set_key(ctx->ctx_ptr, keysize, key);
		break;
	case GNUTLS_CIPHER_RC2_40_CBC:
		if (_gnutls_fips_mode_enabled() != 0)
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

		arctwo_set_key(ctx->ctx_ptr, keysize, key);
		break;
	default:
		gnutls_assert();
		return GNUTLS_E_INVALID_REQUEST;
	}

	return 0;
}