122 @@ -25,6 +25,7 @@ |
122 @@ -25,6 +25,7 @@ |
123 * procedure of the certificate and anoymous authentication. |
123 * procedure of the certificate and anoymous authentication. |
124 */ |
124 */ |
125 |
125 |
126 +#if defined(ENABLE_ECDHE) |
126 +#if defined(ENABLE_ECDHE) |
127 #include <gnutls_int.h> |
127 #include "gnutls_int.h" |
128 #include "gnutls_auth.h" |
128 #include "auth.h" |
129 #include "gnutls_errors.h" |
129 #include "errors.h" |
130 @@ -50,7 +51,6 @@ |
130 @@ -50,7 +51,6 @@ |
131 proc_ecdhe_client_kx(gnutls_session_t session, |
131 proc_ecdhe_client_kx(gnutls_session_t session, |
132 uint8_t * data, size_t _data_size); |
132 uint8_t * data, size_t _data_size); |
133 |
133 |
134 -#if defined(ENABLE_ECDHE) |
134 -#if defined(ENABLE_ECDHE) |
135 const mod_auth_st ecdhe_ecdsa_auth_struct = { |
135 const mod_auth_st ecdhe_ecdsa_auth_struct = { |
136 "ECDHE_ECDSA", |
136 "ECDHE_ECDSA", |
137 _gnutls_gen_cert_server_crt, |
137 _gnutls_gen_cert_server_crt, |
138 --- ORIGINAL/./lib/nettle/pk.c 2015-07-24 15:18:27.631820369 -0700 |
138 --- gnutls-3.5.8/lib/nettle/pk.c 2016-11-09 21:41:06.000000000 -0800 |
139 +++ gnutls-3.4.1/./lib/nettle/pk.c 2015-07-24 15:19:55.737837073 -0700 |
139 +++ gnutls-3.5.8/lib/nettle/pk.c 2017-02-21 13:15:00.535390600 -0800 |
140 @@ -45,13 +45,17 @@ |
140 @@ -43,14 +43,18 @@ |
141 #include <nettle/rsa.h> |
141 #include <nettle/rsa.h> |
142 #include <gnutls/crypto.h> |
142 #include <gnutls/crypto.h> |
143 #include <nettle/bignum.h> |
143 #include <nettle/bignum.h> |
144 +#if defined(ENABLE_ECDHE) |
144 +#if defined(ENABLE_ECDHE) |
145 #include <nettle/ecc.h> |
145 #include <nettle/ecc.h> |
146 #include <nettle/ecdsa.h> |
146 #include <nettle/ecdsa.h> |
147 #include <nettle/ecc-curve.h> |
147 #include <nettle/ecc-curve.h> |
|
148 #include <nettle/curve25519.h> |
148 +#endif |
149 +#endif |
149 #include <gnettle.h> |
150 #include <gnettle.h> |
150 #include <fips.h> |
151 #include <fips.h> |
151 |
152 |
152 +#if defined(ENABLE_ECDHE) |
153 +#if defined(ENABLE_ECDHE) |
153 static inline const struct ecc_curve *get_supported_curve(int curve); |
154 static inline const struct ecc_curve *get_supported_nist_curve(int curve); |
154 +#endif |
155 +#endif |
155 |
156 |
156 static void rnd_func(void *_ctx, size_t length, uint8_t * data) |
157 static void rnd_func(void *_ctx, size_t length, uint8_t * data) |
157 { |
158 { |
158 @@ -64,6 +68,7 @@ |
159 @@ -63,6 +67,7 @@ |
159 } |
160 } |
160 } |
161 } |
161 |
162 |
162 +#if defined(ENABLE_ECDHE) |
163 +#if defined(ENABLE_ECDHE) |
163 static void |
164 static void |
164 ecc_scalar_zclear (struct ecc_scalar *s) |
165 ecc_scalar_zclear (struct ecc_scalar *s) |
165 { |
166 { |
166 @@ -77,6 +82,7 @@ |
167 @@ -76,6 +81,7 @@ |
167 zeroize_key(p->p, ecc_size_a(p->ecc)*sizeof(mp_limb_t)); |
168 zeroize_key(p->p, ecc_size_a(p->ecc)*sizeof(mp_limb_t)); |
168 ecc_point_clear(p); |
169 ecc_point_clear(p); |
169 } |
170 } |
170 +#endif |
171 +#endif |
171 |
172 |
172 static void |
173 static void |
173 _dsa_params_get(const gnutls_pk_params_st * pk_params, |
174 _dsa_params_get(const gnutls_pk_params_st * pk_params, |
174 @@ -113,6 +119,7 @@ |
175 @@ -118,6 +124,7 @@ |
175 pub->size = nettle_mpz_sizeinbase_256_u(pub->n); |
176 return 0; |
176 } |
177 } |
177 |
178 |
178 +#if defined(ENABLE_ECDHE) |
179 +#if defined(ENABLE_ECDHE) |
179 static int |
180 static int |
180 _ecc_params_to_privkey(const gnutls_pk_params_st * pk_params, |
181 _ecc_params_to_privkey(const gnutls_pk_params_st * pk_params, |
181 struct ecc_scalar *priv, |
182 struct ecc_scalar *priv, |
182 @@ -161,6 +168,7 @@ |
183 @@ -166,6 +173,7 @@ |
183 |
184 |
184 return; |
185 return; |
185 } |
186 } |
186 +#endif |
187 +#endif |
187 |
188 |
188 #define MAX_DH_BITS DEFAULT_MAX_VERIFY_BITS |
189 #define MAX_DH_BITS DEFAULT_MAX_VERIFY_BITS |
189 /* This is used when we have no idea on the structure |
190 /* This is used when we have no idea on the structure |
190 @@ -245,6 +253,7 @@ |
191 @@ -244,6 +252,7 @@ |
191 |
192 |
192 break; |
193 break; |
193 } |
194 } |
194 +#if defined(ENABLE_ECDHE) |
195 +#if defined(ENABLE_ECDHE) |
195 case GNUTLS_PK_EC: |
196 case GNUTLS_PK_EC: |
196 { |
197 { |
197 struct ecc_scalar ecc_priv; |
198 struct ecc_scalar ecc_priv; |
198 @@ -290,6 +299,7 @@ |
199 @@ -317,6 +326,7 @@ |
199 goto cleanup; |
200 } |
200 break; |
201 break; |
201 } |
202 } |
202 +#endif |
203 +#endif |
203 default: |
204 default: |
204 gnutls_assert(); |
205 gnutls_assert(); |
205 ret = GNUTLS_E_INTERNAL_ERROR; |
206 ret = GNUTLS_E_INTERNAL_ERROR; |
206 @@ -447,6 +457,7 @@ |
207 @@ -481,6 +491,7 @@ |
207 const mac_entry_st *me; |
208 const mac_entry_st *me; |
208 |
209 |
209 switch (algo) { |
210 switch (algo) { |
210 +#if defined(ENABLE_ECDHE) |
211 +#if defined(ENABLE_ECDHE) |
211 case GNUTLS_PK_EC: /* we do ECDSA */ |
212 case GNUTLS_PK_EC: /* we do ECDSA */ |
212 { |
213 { |
213 struct ecc_scalar priv; |
214 struct ecc_scalar priv; |
214 @@ -495,6 +506,7 @@ |
215 @@ -529,6 +540,7 @@ |
215 } |
216 } |
216 break; |
217 break; |
217 } |
218 } |
218 +#endif |
219 +#endif |
219 case GNUTLS_PK_DSA: |
220 case GNUTLS_PK_DSA: |
220 { |
221 { |
221 struct dsa_params pub; |
222 struct dsa_params pub; |
222 @@ -601,6 +613,7 @@ |
223 @@ -638,6 +650,7 @@ |
223 bigint_t tmp[2] = { NULL, NULL }; |
224 bigint_t tmp[2] = { NULL, NULL }; |
224 |
225 |
225 switch (algo) { |
226 switch (algo) { |
226 +#if defined(ENABLE_ECDHE) |
227 +#if defined(ENABLE_ECDHE) |
227 case GNUTLS_PK_EC: /* ECDSA */ |
228 case GNUTLS_PK_EC: /* ECDSA */ |
228 { |
229 { |
229 struct ecc_point pub; |
230 struct ecc_point pub; |
230 @@ -647,6 +660,7 @@ |
231 @@ -684,6 +697,7 @@ |
231 ecc_point_clear(&pub); |
232 ecc_point_clear(&pub); |
232 break; |
233 break; |
233 } |
234 } |
234 +#endif |
235 +#endif |
235 case GNUTLS_PK_DSA: |
236 case GNUTLS_PK_DSA: |
236 { |
237 { |
237 struct dsa_params pub; |
238 struct dsa_params pub; |
238 @@ -726,6 +740,7 @@ |
239 @@ -767,6 +781,7 @@ |
239 return ret; |
240 return ret; |
240 } |
241 } |
241 |
242 |
242 +#if defined(ENABLE_ECDHE) |
243 +#if defined(ENABLE_ECDHE) |
243 static inline const struct ecc_curve *get_supported_curve(int curve) |
244 static inline const struct ecc_curve *get_supported_nist_curve(int curve) |
244 { |
245 { |
245 switch (curve) { |
246 switch (curve) { |
246 @@ -745,10 +760,15 @@ |
247 @@ -786,9 +801,11 @@ |
247 return NULL; |
248 return NULL; |
248 } |
249 } |
249 } |
250 } |
250 +#endif |
251 +#endif |
251 |
252 |
252 static int _wrap_nettle_pk_curve_exists(gnutls_ecc_curve_t curve) |
253 static int _wrap_nettle_pk_curve_exists(gnutls_ecc_curve_t curve) |
253 { |
254 { |
254 +#if defined(ENABLE_ECDHE) |
255 +#if defined(ENABLE_ECDHE) |
255 return ((get_supported_curve(curve)!=NULL)?1:0); |
256 switch (curve) { |
|
257 case GNUTLS_ECC_CURVE_X25519: |
|
258 return 1; |
|
259 @@ -795,6 +812,9 @@ |
|
260 default: |
|
261 return ((get_supported_nist_curve(curve)!=NULL)?1:0); |
|
262 } |
256 +#else |
263 +#else |
257 + return 0; |
264 + return 0; |
258 +#endif |
265 +#endif |
259 } |
266 } |
260 |
267 |
261 /* Generates algorithm's parameters. That is: |
268 /* Generates algorithm's parameters. That is: |
262 @@ -854,9 +874,11 @@ |
269 @@ -942,6 +962,7 @@ |
263 break; |
|
264 } |
|
265 case GNUTLS_PK_RSA: |
|
266 +#if defined(ENABLE_ECDHE) |
|
267 case GNUTLS_PK_EC: |
|
268 +#endif |
|
269 ret = 0; |
|
270 break; |
|
271 default: |
|
272 gnutls_assert(); |
|
273 return GNUTLS_E_INVALID_REQUEST; |
|
274 @@ -884,6 +906,7 @@ |
|
275 const gnutls_datum_t *priv_key, const gnutls_datum_t *pub_key, |
270 const gnutls_datum_t *priv_key, const gnutls_datum_t *pub_key, |
276 const gnutls_datum_t *peer_key, gnutls_datum_t *Z); |
271 const gnutls_datum_t *peer_key, gnutls_datum_t *Z); |
277 |
272 |
278 +#if defined(ENABLE_ECDHE) |
273 +#if defined(ENABLE_ECDHE) |
279 int _gnutls_ecdh_compute_key(gnutls_ecc_curve_t curve, |
274 int _gnutls_ecdh_compute_key(gnutls_ecc_curve_t curve, |
280 const gnutls_datum_t *x, const gnutls_datum_t *y, |
275 const gnutls_datum_t *x, const gnutls_datum_t *y, |
281 const gnutls_datum_t *k, |
276 const gnutls_datum_t *k, |
282 @@ -893,6 +916,7 @@ |
277 @@ -951,8 +972,8 @@ |
283 int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve, |
278 int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve, |
284 gnutls_datum_t *x, gnutls_datum_t *y, |
279 gnutls_datum_t *x, gnutls_datum_t *y, |
285 gnutls_datum_t *k); |
280 gnutls_datum_t *k); |
286 +#endif |
281 +#endif |
287 |
282 |
288 |
283 - |
289 int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params, |
284 int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params, |
290 @@ -988,6 +1012,7 @@ |
285 gnutls_datum_t *priv_key, gnutls_datum_t *pub_key) |
291 return ret; |
286 { |
|
287 @@ -1048,6 +1069,7 @@ |
|
288 return ret; |
292 } |
289 } |
293 |
290 |
294 +#if defined(ENABLE_ECDHE) |
291 +#if defined(ENABLE_ECDHE) |
295 int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve, |
292 int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve, |
296 gnutls_datum_t *x, gnutls_datum_t *y, |
293 gnutls_datum_t *x, gnutls_datum_t *y, |
297 gnutls_datum_t *k) |
294 gnutls_datum_t *k) |
298 @@ -1116,6 +1141,7 @@ |
295 @@ -1176,6 +1198,7 @@ |
299 gnutls_pk_params_clear(&priv); |
296 gnutls_pk_params_clear(&priv); |
300 return ret; |
297 return ret; |
301 } |
298 } |
302 +#endif /*ENABLE_ECDHE*/ |
299 +#endif |
303 #endif |
300 |
304 |
301 static int pct_test(gnutls_pk_algorithm_t algo, const gnutls_pk_params_st* params) |
305 |
302 { |
306 @@ -1308,6 +1334,7 @@ |
303 @@ -1232,7 +1255,9 @@ |
|
304 /* Here we don't know the purpose of the key. Check both |
|
305 * signing and encryption. |
|
306 */ |
|
307 +#if defined(ENABLE_ECDHE) |
|
308 case GNUTLS_PK_EC: /* we only do keys for ECDSA */ |
|
309 +#endif |
|
310 case GNUTLS_PK_DSA: |
|
311 ret = _gnutls_pk_sign(algo, &sig, &ddata, params); |
|
312 if (ret < 0) { |
|
313 @@ -1248,7 +1273,9 @@ |
|
314 } |
|
315 break; |
|
316 case GNUTLS_PK_DH: |
|
317 +#if defined(ENABLE_ECDHE) |
|
318 case GNUTLS_PK_ECDHX: |
|
319 +#endif |
|
320 ret = 0; |
|
321 goto cleanup; |
|
322 default: |
|
323 @@ -1470,6 +1497,7 @@ |
307 |
324 |
308 break; |
325 break; |
309 } |
326 } |
310 +#if defined(ENABLE_ECDHE) |
327 +#if defined(ENABLE_ECDHE) |
311 case GNUTLS_PK_EC: |
328 case GNUTLS_PK_EC: |
312 { |
329 if (params->flags & GNUTLS_PK_FLAG_PROVABLE) |
313 struct ecc_scalar key; |
330 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); |
314 @@ -1350,6 +1377,7 @@ |
331 @@ -1545,6 +1573,7 @@ |
315 |
332 curve25519_mul_g(params->raw_pub.data, params->raw_priv.data); |
316 break; |
333 break; |
317 } |
334 } |
318 +#endif |
335 +#endif |
319 default: |
336 default: |
320 gnutls_assert(); |
337 gnutls_assert(); |
321 return GNUTLS_E_INVALID_REQUEST; |
338 return GNUTLS_E_INVALID_REQUEST; |
322 @@ -1494,6 +1522,7 @@ |
339 @@ -1702,6 +1731,7 @@ |
323 } |
340 } |
324 |
341 |
325 break; |
342 break; |
326 +#if defined(ENABLE_ECDHE) |
343 +#if defined(ENABLE_ECDHE) |
327 case GNUTLS_PK_EC: |
344 case GNUTLS_PK_EC: |
328 { |
345 { |
329 struct ecc_point r, pub; |
346 struct ecc_point r, pub; |
330 @@ -1567,6 +1596,7 @@ |
347 @@ -1775,6 +1805,7 @@ |
331 mpz_clear(y2); |
348 mpz_clear(y2); |
332 } |
349 } |
333 break; |
350 break; |
334 +#endif |
351 +#endif |
335 default: |
352 default: |
336 ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); |
353 ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); |
337 } |
354 } |
338 @@ -1584,6 +1614,7 @@ |
355 @@ -1792,6 +1823,7 @@ |
339 case GNUTLS_PK_RSA: |
356 case GNUTLS_PK_RSA: |
340 case GNUTLS_PK_DSA: |
357 case GNUTLS_PK_DSA: |
341 return 0; |
358 return 0; |
342 +#if defined(ENABLE_ECDHE) |
359 +#if defined(ENABLE_ECDHE) |
343 case GNUTLS_PK_EC: |
360 case GNUTLS_PK_EC: |
344 { |
361 { |
345 /* just verify that x and y lie on the curve */ |
362 /* just verify that x and y lie on the curve */ |
346 @@ -1624,6 +1655,7 @@ |
363 @@ -1832,6 +1864,7 @@ |
347 ecc_point_clear(&pub); |
364 ecc_point_clear(&pub); |
348 } |
365 } |
349 break; |
366 break; |
350 +#endif |
367 +#endif |
351 default: |
368 default: |