Re: generic crypto

bug-gnulib
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: generic crypto

From:	Ralf Wildenhues
Subject:	Re: generic crypto
Date:	Thu, 6 Oct 2005 17:04:20 +0200
User-agent:	Mutt/1.5.11
* Simon Josefsson wrote on Thu, Oct 06, 2005 at 03:39:20PM CEST:
> 
> I'm sure there are plenty of other problems too, but this passes self
> tests in GNU SASL so it is fairly complete...  Once this is installed,
> I can continue to add the modules that GnuTLS needs, which include
> encryption modules such as DES and AES.

Random notes from source code reading below.

Cheers,
Ralf

> Index: lib/gc-gnulib.c
> ===================================================================
> RCS file: lib/gc-gnulib.c
> diff -N lib/gc-gnulib.c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ lib/gc-gnulib.c   5 Oct 2005 15:46:17 -0000
> @@ -0,0 +1,149 @@
> +/* gc-gl-common.c --- Common gnulib internal crypto interface functions
> + * Copyright (C) 2002, 2003, 2004, 2005  Simon Josefsson
> + *
> + * This file is part of GC.
> + *
> + * GC is free software; you can redistribute it and/or modify it under
> + * the terms of the GNU Lesser General Public License as published by
> + * the Free Software Foundation; either version 2.1 of the License, or
> + * (at your option) any later version.
> + *
> + * GC is distributed in the hope that it will be useful, but WITHOUT
> + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
> + * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General
> + * Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License License along with GC; if not, write to the Free Software
> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
> + * USA
> + *
> + */
> +
> +/* Note: This file is only built if GC uses internal functions. */
> +
> +#if HAVE_CONFIG_H

Please use ifdef.

> +# include <config.h>
> +#endif
> +
> +#include <stdlib.h>
> +
> +/* Get prototype. */
> +#include <gc.h>
> +
> +/* For randomize. */
> +#include <unistd.h>
> +#include <sys/types.h>
> +#include <sys/stat.h>
> +#include <fcntl.h>
> +
> +#include <string.h>
> +
> +int
> +gc_init (void)
> +{
> +  return 0;
> +}
> +
> +void
> +gc_done (void)
> +{
> +  return;
> +}
> +
> +/* Randomness. */
> +
> +static int
> +randomize (int level, char *data, size_t datalen)
> +{
> +  int fd;
> +  const char *device;
> +  size_t len = 0;
> +  int rc;
> +
> +  switch (level)
> +    {
> +    case 0:
> +      device = NAME_OF_NONCE_DEVICE;
> +      break;
> +
> +    case 1:
> +      device = NAME_OF_PSEUDO_RANDOM_DEVICE;
> +      break;
> +
> +    default:
> +      device = NAME_OF_RANDOM_DEVICE;
> +      break;
> +    }
> +
> +  fd = open (device, O_RDONLY);
> +  if (fd < 0)
> +    return GC_RANDOM_ERROR;
> +
> +  do
> +    {
> +      ssize_t tmp;
> +
> +      tmp = read (fd, data, datalen);
> +
> +      if (tmp < 0)
> +     return GC_RANDOM_ERROR;

return here will leak a file descriptor.

> +
> +      len += tmp;
> +    }
> +  while (len < datalen);
> +
> +  rc = close (fd);
> +  if (rc < 0)
> +    return GC_RANDOM_ERROR;
> +
> +  return GC_OK;
> +}
> +
> +int
> +gc_nonce (char *data, size_t datalen)
> +{
> +  return randomize (0, data, datalen);
> +}
> +
> +int
> +gc_pseudo_random (char *data, size_t datalen)
> +{
> +  return randomize (1, data, datalen);
> +}
> +
> +int
> +gc_random (char *data, size_t datalen)
> +{
> +  return randomize (2, data, datalen);
> +}
> +
> +/* Memory allocation. */
> +
> +void
> +gc_set_allocators (gc_malloc_t func_malloc,
> +                gc_malloc_t secure_malloc,
> +                gc_secure_check_t secure_check,
> +                gc_realloc_t func_realloc, gc_free_t func_free)
> +{
> +  return;
> +}
> +
> +#include "md5.h"
> +
> +int
> +gc_md5 (const void *in, size_t inlen, void *resbuf)
> +{
> +  md5_buffer (in, inlen, resbuf);
> +  return 0;
> +}
> +
> +#include "hmac.h"
> +
> +int
> +gc_hmac_md5 (const void *key, size_t keylen,
> +          const void *in, size_t inlen, char *resbuf)
> +{
> +  hmac_md5 (key, keylen, in, inlen, resbuf);
> +  return 0;
> +}
> Index: lib/gc-libgcrypt.c
> ===================================================================
> RCS file: lib/gc-libgcrypt.c
> diff -N lib/gc-libgcrypt.c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ lib/gc-libgcrypt.c        5 Oct 2005 15:46:17 -0000
> @@ -0,0 +1,156 @@
> +/* gc-libgcrypt.c --- Crypto wrappers around Libgcrypt for GC.
> + * Copyright (C) 2002, 2003, 2004, 2005  Simon Josefsson
> + *
> + * This file is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published
> + * by the Free Software Foundation; either version 2, or (at your
> + * option) any later version.
> + *
> + * This file is distributed in the hope that it will be useful, but
> + * WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> + * General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this file; if not, write to the Free Software
> + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> + * 02110-1301, USA.
> + *
> + */
> +
> +/* Note: This file is only built if GC uses Libgcrypt. */
> +
> +#if HAVE_CONFIG_H

See above.

> +# include <config.h>
> +#endif
> +
> +/* Get prototype. */
> +#include "gc.h"
> +
> +/* Get libgcrypt API. */
> +#include <gcrypt.h>
> +
> +#include <assert.h>
> +
> +/* Initialization. */
> +
> +int
> +gc_init (void)
> +{
> +  gcry_error_t err;
> +
> +  err = gcry_control (GCRYCTL_ANY_INITIALIZATION_P);
> +  if (err == GPG_ERR_NO_ERROR)
> +    {
> +      if (gcry_check_version (GCRYPT_VERSION) == NULL)
> +     return GC_INIT_ERROR;
> +
> +      err = gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
> +      if (err != GPG_ERR_NO_ERROR)
> +     return GC_INIT_ERROR;
> +    }
> +
> +  return GC_OK;
> +}
> +
> +void
> +gc_done (void)
> +{
> +  return;
> +}
> +
> +/* Randomness. */
> +
> +int
> +gc_nonce (char *data, size_t datalen)
> +{
> +  gcry_create_nonce ((unsigned char *) data, datalen);
> +  return GC_OK;
> +}
> +
> +int
> +gc_pseudo_random (char *data, size_t datalen)
> +{
> +  gcry_randomize ((unsigned char *) data, datalen, GCRY_STRONG_RANDOM);
> +  return GC_OK;
> +}
> +
> +int
> +gc_random (char *data, size_t datalen)
> +{
> +  gcry_randomize ((unsigned char *) data, datalen, GCRY_VERY_STRONG_RANDOM);
> +  return GC_OK;
> +}
> +
> +/* Memory allocation. */
> +
> +void
> +gc_set_allocators (gc_malloc_t func_malloc,
> +                gc_malloc_t secure_malloc,
> +                gc_secure_check_t secure_check,
> +                gc_realloc_t func_realloc, gc_free_t func_free)
> +{
> +  gcry_set_allocation_handler (func_malloc, secure_malloc, secure_check,
> +                            func_realloc, func_free);
> +}
> +
> +/* One-call interface. */
> +
> +int
> +gc_md5 (const void *in, size_t inlen, void *resbuf)
> +{
> +  size_t outlen = gcry_md_get_algo_dlen (GCRY_MD_MD5);
> +  gcry_md_hd_t hd;
> +  gpg_error_t err;
> +  unsigned char *p;
> +
> +  assert (outlen == 16);
> +
> +  err = gcry_md_open (&hd, GCRY_MD_MD5, 0);
> +  if (err != GPG_ERR_NO_ERROR)
> +    return GC_INVALID_HASH;
> +
> +  gcry_md_write (hd, in, inlen);
> +
> +  p = gcry_md_read (hd, GCRY_MD_MD5);
> +  if (p == NULL)
> +    return GC_INVALID_HASH;

return will leak whatever gcry_md_close cleans up.

> +
> +  memcpy (resbuf, p, outlen);
> +
> +  gcry_md_close (hd);
> +
> +  return GC_OK;
> +}
> +
> +int
> +gc_hmac_md5 (const void *key, size_t keylen,
> +          const void *in, size_t inlen, char *resbuf)
> +{
> +  size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_MD5);
> +  gcry_md_hd_t mdh;
> +  unsigned char *hash;
> +  gpg_error_t err;
> +
> +  assert (hlen == 16);
> +
> +  err = gcry_md_open (&mdh, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC);
> +  if (err != GPG_ERR_NO_ERROR)
> +    return GC_INVALID_HASH;
> +
> +  err = gcry_md_setkey (mdh, key, keylen);
> +  if (err != GPG_ERR_NO_ERROR)
> +    return GC_INVALID_HASH;
> +
> +  gcry_md_write (mdh, in, inlen);
> +
> +  hash = gcry_md_read (mdh, GCRY_MD_MD5);
> +  if (hash == NULL)
> +    return GC_INVALID_HASH;

See above.

> +
> +  memcpy (resbuf, hash, hlen);
> +
> +  gcry_md_close (mdh);
> +
> +  return GC_OK;
> +}
> Index: tests/test-gc.c
> ===================================================================
> RCS file: tests/test-gc.c
> diff -N tests/test-gc.c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ tests/test-gc.c   5 Oct 2005 15:46:17 -0000
> @@ -0,0 +1,104 @@
> +/*
> + * Copyright (C) 2005 Free Software Foundation
> + * Written by Simon Josefsson
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2, or (at your option)
> + * any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> + * 02110-1301, USA.  */
> +
> +#if HAVE_CONFIG_H

See above.

> +# include <config.h>
> +#endif
*snip*
[Prev in Thread]
Current Thread
[Next in Thread]
generic crypto, Simon Josefsson, 2005/10/06
- Re: generic crypto, Ralf Wildenhues <=
  - Re: generic crypto, Simon Josefsson, 2005/10/06
- Re: generic crypto, Paul Eggert, 2005/10/06
  - Re: generic crypto, Simon Josefsson, 2005/10/07
    - Re: generic crypto, Paul Eggert, 2005/10/07
    - Re: generic crypto, Simon Josefsson, 2005/10/08
Prev by Date: generic crypto
Next by Date: Re: generic crypto
Previous by thread: generic crypto
Next by thread: Re: generic crypto
Index(es):
- Date
- Thread