[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] branch master updated (4e5747f9a -> 1e48c81e8)
|
From: |
gnunet |
|
Subject: |
[gnunet] branch master updated (4e5747f9a -> 1e48c81e8) |
|
Date: |
Wed, 30 Mar 2022 10:29:23 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a change to branch master
in repository gnunet.
from 4e5747f9a -changelog housekeeping
new edf6f59fa -logging, minor memory leak fix
new 789a13e1d -style fixes, no semantic changes
new 1e48c81e8 -fix bogus free bugs
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
contrib/gana | 2 +-
src/pq/pq_result_helper.c | 6 +++
src/util/crypto_edx25519.c | 7 ---
src/util/crypto_hkdf.c | 118 ++++++++++++++++++++++++---------------------
src/util/crypto_kdf.c | 61 ++++++-----------------
src/util/crypto_rsa.c | 28 ++++++-----
6 files changed, 102 insertions(+), 120 deletions(-)
diff --git a/contrib/gana b/contrib/gana
index e12bcee06..0958add54 160000
--- a/contrib/gana
+++ b/contrib/gana
@@ -1 +1 @@
-Subproject commit e12bcee063df61ed4b9acbe819443672364eb4d8
+Subproject commit 0958add542378a6ca9c411e2dc19527834e9f645
diff --git a/src/pq/pq_result_helper.c b/src/pq/pq_result_helper.c
index 2c11f5202..f3d246c36 100644
--- a/src/pq/pq_result_helper.c
+++ b/src/pq/pq_result_helper.c
@@ -1086,6 +1086,12 @@ extract_uint64 (void *cls,
fnum))
{
GNUNET_break (0);
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Got length %u for field `%s'\n",
+ PQgetlength (result,
+ row,
+ fnum),
+ fname);
return GNUNET_SYSERR;
}
res = (uint64_t *) PQgetvalue (result,
diff --git a/src/util/crypto_edx25519.c b/src/util/crypto_edx25519.c
index 49360eeab..26b45407e 100644
--- a/src/util/crypto_edx25519.c
+++ b/src/util/crypto_edx25519.c
@@ -270,9 +270,7 @@ GNUNET_CRYPTO_edx25519_private_key_derive (
struct GNUNET_CRYPTO_Edx25519PublicKey pub;
struct GNUNET_HashCode hc;
uint8_t a[32];
- unsigned char sk[64];
gcry_ctx_t ctx;
- gcry_mpi_t h;
gcry_mpi_t h_mod_n;
gcry_mpi_t x;
gcry_mpi_t n;
@@ -332,7 +330,6 @@ GNUNET_CRYPTO_edx25519_private_key_derive (
gcry_mpi_release (h_mod_n);
gcry_mpi_release (eight);
- gcry_mpi_release (h);
gcry_mpi_release (x);
gcry_mpi_release (n);
gcry_mpi_release (a1);
@@ -370,10 +367,8 @@ GNUNET_CRYPTO_edx25519_public_key_derive (
size_t seedsize,
struct GNUNET_CRYPTO_Edx25519PublicKey *result)
{
- struct GNUNET_HashCode hc;
gcry_ctx_t ctx;
gcry_mpi_t q_y;
- gcry_mpi_t h;
gcry_mpi_t n;
gcry_mpi_t h_mod_n;
gcry_mpi_point_t q;
@@ -409,7 +404,6 @@ GNUNET_CRYPTO_edx25519_public_key_derive (
v = gcry_mpi_point_new (0);
gcry_mpi_ec_mul (v, h_mod_n, q, ctx);
gcry_mpi_release (h_mod_n);
- gcry_mpi_release (h);
gcry_mpi_release (n);
gcry_mpi_point_release (q);
@@ -421,5 +415,4 @@ GNUNET_CRYPTO_edx25519_public_key_derive (
GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof(result->q_y), q_y);
gcry_mpi_release (q_y);
gcry_ctx_release (ctx);
-
}
diff --git a/src/util/crypto_hkdf.c b/src/util/crypto_hkdf.c
index 4e4496819..838e37d8d 100644
--- a/src/util/crypto_hkdf.c
+++ b/src/util/crypto_hkdf.c
@@ -74,16 +74,21 @@
* @return HMAC, freed by caller via gcry_md_close/_reset
*/
static const void *
-doHMAC (gcry_md_hd_t mac, const void *key, size_t key_len, const void *buf,
+doHMAC (gcry_md_hd_t mac,
+ const void *key,
+ size_t key_len,
+ const void *buf,
size_t buf_len)
{
- if (GPG_ERR_NO_ERROR != gcry_md_setkey (mac, key, key_len))
+ if (GPG_ERR_NO_ERROR !=
+ gcry_md_setkey (mac, key, key_len))
{
GNUNET_break (0);
return NULL;
}
- gcry_md_write (mac, buf, buf_len);
-
+ gcry_md_write (mac,
+ buf,
+ buf_len);
return (const void *) gcry_md_read (mac, 0);
}
@@ -98,9 +103,13 @@ doHMAC (gcry_md_hd_t mac, const void *key, size_t key_len,
const void *buf,
* @param prk result buffer (allocated by caller; at least gcry_md_dlen()
bytes)
* @return #GNUNET_YES on success
*/
-static int
-getPRK (gcry_md_hd_t mac, const void *xts, size_t xts_len, const void *skm,
- size_t skm_len, void *prk)
+static enum GNUNET_GenericReturnValue
+getPRK (gcry_md_hd_t mac,
+ const void *xts,
+ size_t xts_len,
+ const void *skm,
+ size_t skm_len,
+ void *prk)
{
const void *ret;
size_t dlen;
@@ -114,9 +123,10 @@ getPRK (gcry_md_hd_t mac, const void *xts, size_t xts_len,
const void *skm,
* salt - optional salt value (a non-secret random value);
* if not provided, it is set to a string of HashLen zeros. */
- if (xts_len == 0)
+ if (0 == xts_len)
{
char zero_salt[dlen];
+
memset (zero_salt, 0, dlen);
ret = doHMAC (mac, zero_salt, dlen, skm, skm_len);
}
@@ -124,22 +134,23 @@ getPRK (gcry_md_hd_t mac, const void *xts, size_t
xts_len, const void *skm,
{
ret = doHMAC (mac, xts, xts_len, skm, skm_len);
}
- if (ret == NULL)
+ if (NULL == ret)
return GNUNET_SYSERR;
- GNUNET_memcpy (prk, ret, dlen);
-
+ GNUNET_memcpy (prk,
+ ret,
+ dlen);
return GNUNET_YES;
}
#if DEBUG_HKDF
static void
-dump (const char *src, const void *p, unsigned int l)
+dump (const char *src,
+ const void *p,
+ unsigned int l)
{
- unsigned int i;
-
printf ("\n%s: ", src);
- for (i = 0; i < l; i++)
+ for (unsigned int i = 0; i < l; i++)
{
printf ("%2x", (int) ((const unsigned char *) p)[i]);
}
@@ -150,23 +161,16 @@ dump (const char *src, const void *p, unsigned int l)
#endif
-/**
- * @brief Derive key
- * @param result buffer for the derived key, allocated by caller
- * @param out_len desired length of the derived key
- * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_...
- * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_...
- * @param xts salt
- * @param xts_len length of @a xts
- * @param skm source key material
- * @param skm_len length of @a skm
- * @param argp va_list of void * & size_t pairs for context chunks
- * @return #GNUNET_YES on success
- */
-int
-GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo,
- const void *xts, size_t xts_len, const void *skm,
- size_t skm_len, va_list argp)
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_hkdf_v (void *result,
+ size_t out_len,
+ int xtr_algo,
+ int prf_algo,
+ const void *xts,
+ size_t xts_len,
+ const void *skm,
+ size_t skm_len,
+ va_list argp)
{
gcry_md_hd_t xtr;
gcry_md_hd_t prf;
@@ -186,10 +190,14 @@ GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int
xtr_algo, int prf_algo,
if (0 == k)
return GNUNET_SYSERR;
if (GPG_ERR_NO_ERROR !=
- gcry_md_open (&xtr, xtr_algo, GCRY_MD_FLAG_HMAC))
+ gcry_md_open (&xtr,
+ xtr_algo,
+ GCRY_MD_FLAG_HMAC))
return GNUNET_SYSERR;
if (GPG_ERR_NO_ERROR !=
- gcry_md_open (&prf, prf_algo, GCRY_MD_FLAG_HMAC))
+ gcry_md_open (&prf,
+ prf_algo,
+ GCRY_MD_FLAG_HMAC))
{
gcry_md_close (xtr);
return GNUNET_SYSERR;
@@ -221,7 +229,8 @@ GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int
xtr_algo, int prf_algo,
}
memset (result, 0, out_len);
- if (getPRK (xtr, xts, xts_len, skm, skm_len, prk) != GNUNET_YES)
+ if (GNUNET_YES !=
+ getPRK (xtr, xts, xts_len, skm, skm_len, prk))
goto hkdf_error;
#if DEBUG_HKDF
dump ("PRK", prk, xtr_len);
@@ -276,7 +285,7 @@ GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int
xtr_algo, int prf_algo,
dump ("K(i+1)", plain, plain_len);
#endif
hc = doHMAC (prf, prk, xtr_len, plain, plain_len);
- if (hc == NULL)
+ if (NULL == hc)
{
GNUNET_free (plain);
goto hkdf_error;
@@ -327,32 +336,31 @@ hkdf_ok:
}
-/**
- * @brief Derive key
- * @param result buffer for the derived key, allocated by caller
- * @param out_len desired length of the derived key
- * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_...
- * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_...
- * @param xts salt
- * @param xts_len length of @a xts
- * @param skm source key material
- * @param skm_len length of @a skm
- * @return #GNUNET_YES on success
- */
-int
-GNUNET_CRYPTO_hkdf (void *result, size_t out_len, int xtr_algo, int prf_algo,
- const void *xts, size_t xts_len, const void *skm,
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_hkdf (void *result,
+ size_t out_len,
+ int xtr_algo,
+ int prf_algo,
+ const void *xts,
+ size_t xts_len,
+ const void *skm,
size_t skm_len, ...)
{
va_list argp;
- int ret;
+ enum GNUNET_GenericReturnValue ret;
va_start (argp, skm_len);
ret =
- GNUNET_CRYPTO_hkdf_v (result, out_len, xtr_algo, prf_algo, xts, xts_len,
- skm, skm_len, argp);
+ GNUNET_CRYPTO_hkdf_v (result,
+ out_len,
+ xtr_algo,
+ prf_algo,
+ xts,
+ xts_len,
+ skm,
+ skm_len,
+ argp);
va_end (argp);
-
return ret;
}
diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c
index 0dc734549..f577e0f7a 100644
--- a/src/util/crypto_kdf.c
+++ b/src/util/crypto_kdf.c
@@ -32,18 +32,8 @@
#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-kdf", __VA_ARGS__)
-/**
- * @brief Derive key
- * @param result buffer for the derived key, allocated by caller
- * @param out_len desired length of the derived key
- * @param xts salt
- * @param xts_len length of @a xts
- * @param skm source key material
- * @param skm_len length of @a skm
- * @param argp va_list of void * & size_t pairs for context chunks
- * @return #GNUNET_YES on success
- */
-int
+
+enum GNUNET_GenericReturnValue
GNUNET_CRYPTO_kdf_v (void *result,
size_t out_len,
const void *xts,
@@ -62,7 +52,7 @@ GNUNET_CRYPTO_kdf_v (void *result,
* hash function."
*
* http://eprint.iacr.org/2010/264
- *///
+ */
return GNUNET_CRYPTO_hkdf_v (result,
out_len,
GCRY_MD_SHA512,
@@ -75,18 +65,7 @@ GNUNET_CRYPTO_kdf_v (void *result,
}
-/**
- * @brief Derive key
- * @param result buffer for the derived key, allocated by caller
- * @param out_len desired length of the derived key
- * @param xts salt
- * @param xts_len length of @a xts
- * @param skm source key material
- * @param skm_len length of @a skm
- * @param ... void * & size_t pairs for context chunks
- * @return #GNUNET_YES on success
- */
-int
+enum GNUNET_GenericReturnValue
GNUNET_CRYPTO_kdf (void *result,
size_t out_len,
const void *xts,
@@ -111,18 +90,6 @@ GNUNET_CRYPTO_kdf (void *result,
}
-/**
- * Deterministically generate a pseudo-random number uniformly from the
- * integers modulo a libgcrypt mpi.
- *
- * @param[out] r MPI value set to the FDH
- * @param n MPI to work modulo
- * @param xts salt
- * @param xts_len length of @a xts
- * @param skm source key material
- * @param skm_len length of @a skm
- * @param ctx context string
- */
void
GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
gcry_mpi_t n,
@@ -137,32 +104,34 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
nbits = gcry_mpi_get_nbits (n);
/* GNUNET_assert (nbits > 512); */
-
ctr = 0;
while (1)
{
/* Ain't clear if n is always divisible by 8 */
- uint8_t buf[ (nbits - 1) / 8 + 1 ];
+ size_t bsize = (nbits - 1) / 8 + 1;
+ uint8_t buf[bsize];
uint16_t ctr_nbo = htons (ctr);
rc = GNUNET_CRYPTO_kdf (buf,
- sizeof(buf),
+ bsize,
xts, xts_len,
skm, skm_len,
ctx, strlen (ctx),
&ctr_nbo, sizeof(ctr_nbo),
NULL, 0);
GNUNET_assert (GNUNET_YES == rc);
-
rc = gcry_mpi_scan (r,
GCRYMPI_FMT_USG,
(const unsigned char *) buf,
- sizeof(buf),
+ bsize,
&rsize);
- GNUNET_assert (0 == rc); /* Allocation error? */
-
- gcry_mpi_clear_highbit (*r, nbits);
- GNUNET_assert (0 == gcry_mpi_test_bit (*r, nbits));
+ GNUNET_assert (GPG_ERR_NO_ERROR == rc); /* Allocation error? */
+ GNUNET_assert (rsize == bsize);
+ gcry_mpi_clear_highbit (*r,
+ nbits);
+ GNUNET_assert (0 ==
+ gcry_mpi_test_bit (*r,
+ nbits));
++ctr;
/* We reject this FDH if either *r > n and retry with another ctr */
if (0 > gcry_mpi_cmp (*r, n))
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c
index 43e6eedac..4b8e5a5ce 100644
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -497,7 +497,8 @@ GNUNET_CRYPTO_rsa_public_key_decode (const char *buf,
* @return True if gcd(r,n) = 1, False means RSA key is malicious
*/
static int
-rsa_gcd_validate (gcry_mpi_t r, gcry_mpi_t n)
+rsa_gcd_validate (gcry_mpi_t r,
+ gcry_mpi_t n)
{
gcry_mpi_t g;
int t;
@@ -520,29 +521,34 @@ static struct RsaBlindingKey *
rsa_blinding_key_derive (const struct GNUNET_CRYPTO_RsaPublicKey *pkey,
const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks)
{
- char *xts = "Blinding KDF extractor HMAC key"; /* Trusts bks' randomness
more */
+ const char *xts = "Blinding KDF extractor HMAC key"; /* Trusts bks'
randomness more */
struct RsaBlindingKey *blind;
gcry_mpi_t n;
blind = GNUNET_new (struct RsaBlindingKey);
- GNUNET_assert (NULL != blind);
/* Extract the composite n from the RSA public key */
- GNUNET_assert (0 == key_from_sexp (&n, pkey->sexp, "rsa", "n"));
+ GNUNET_assert (0 ==
+ key_from_sexp (&n,
+ pkey->sexp,
+ "rsa",
+ "n"));
/* Assert that it at least looks like an RSA key */
- GNUNET_assert (0 == gcry_mpi_get_flag (n, GCRYMPI_FLAG_OPAQUE));
-
+ GNUNET_assert (0 ==
+ gcry_mpi_get_flag (n,
+ GCRYMPI_FLAG_OPAQUE));
GNUNET_CRYPTO_kdf_mod_mpi (&blind->r,
n,
xts, strlen (xts),
bks, sizeof(*bks),
"Blinding KDF");
- if (0 == rsa_gcd_validate (blind->r, n))
+ if (0 == rsa_gcd_validate (blind->r,
+ n))
{
+ gcry_mpi_release (blind->r);
GNUNET_free (blind);
blind = NULL;
}
-
gcry_mpi_release (n);
return blind;
}
@@ -760,8 +766,9 @@ rsa_full_domain_hash (const struct
GNUNET_CRYPTO_RsaPublicKey *pkey,
/* We key with the public denomination key as a homage to RSA-PSS by *
* Mihir Bellare and Phillip Rogaway. Doing this lowers the degree *
* of the hypothetical polyomial-time attack on RSA-KTI created by a *
- * polynomial-time one-more forgary attack. Yey seeding! */
- xts_len = GNUNET_CRYPTO_rsa_public_key_encode (pkey, &xts);
+ * polynomial-time one-more forgary attack. Yey seeding! */
+ xts_len = GNUNET_CRYPTO_rsa_public_key_encode (pkey,
+ &xts);
GNUNET_CRYPTO_kdf_mod_mpi (&r,
n,
@@ -769,7 +776,6 @@ rsa_full_domain_hash (const struct
GNUNET_CRYPTO_RsaPublicKey *pkey,
hash, sizeof(*hash),
"RSA-FDA FTpsW!");
GNUNET_free (xts);
-
ok = rsa_gcd_validate (r, n);
gcry_mpi_release (n);
if (ok)
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [gnunet] branch master updated (4e5747f9a -> 1e48c81e8),
gnunet <=