Menu
▾
▴
[Dcplusplus-commit] SF.net SVN: dcplusplus: [600] dcplusplus/trunk
|
From: <arn...@us...> - 2006-04-30 12:14:25
|
Revision: 600 Author: arnetheduck Date: 2006-04-30 05:13:44 -0700 (Sun, 30 Apr 2006) ViewCVS: http://svn.sourceforge.net/dcplusplus/?rev=600&view=rev Log Message: ----------- Updated yaSSL Modified Paths: -------------- dcplusplus/trunk/changelog.txt dcplusplus/trunk/yassl/README dcplusplus/trunk/yassl/include/crypto_wrapper.hpp dcplusplus/trunk/yassl/include/openssl/ssl.h dcplusplus/trunk/yassl/include/yassl_imp.hpp dcplusplus/trunk/yassl/include/yassl_types.hpp dcplusplus/trunk/yassl/src/crypto_wrapper.cpp dcplusplus/trunk/yassl/src/handshake.cpp dcplusplus/trunk/yassl/src/ssl.cpp dcplusplus/trunk/yassl/src/yassl_imp.cpp dcplusplus/trunk/yassl/src/yassl_int.cpp dcplusplus/trunk/yassl/taocrypt/include/asn.hpp dcplusplus/trunk/yassl/taocrypt/include/dh.hpp dcplusplus/trunk/yassl/taocrypt/src/aes.cpp dcplusplus/trunk/yassl/taocrypt/src/arc4.cpp dcplusplus/trunk/yassl/taocrypt/src/coding.cpp dcplusplus/trunk/yassl/taocrypt/src/dh.cpp dcplusplus/trunk/yassl/taocrypt/src/random.cpp dcplusplus/trunk/yassl/yassl.vcproj Added Paths: ----------- dcplusplus/trunk/yassl/src/yassl.cpp Modified: dcplusplus/trunk/changelog.txt =================================================================== --- dcplusplus/trunk/changelog.txt 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/changelog.txt 2006-04-30 12:13:44 UTC (rev 600) @@ -6,6 +6,7 @@ * Saved users file more often to have fewer missing nicks around * CID of user shown if nick is missing (in queue for example) * Added display of CID in a few places +* Updated yaSSL to 1.2.2 -- 0.689 2006-04-01 -- * Fixed displaying of available bytes when user list is off Modified: dcplusplus/trunk/yassl/README =================================================================== --- dcplusplus/trunk/yassl/README 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/README 2006-04-30 12:13:44 UTC (rev 600) @@ -1,6 +1,26 @@ -yaSSL Release notes, version 1.1.5 +yaSSL Release notes, version 1.2.2 (03/27/06) + + This release of yaSSL contains minor bug fixes and portability enhancements. + +See build instructions below under 1.0.6: + + + +*****************yaSSL Release notes, version 1.2.0 + + This release of yaSSL contains minor bug fixes, portability enhancements, + Diffie-Hellman compatibility fixes for other servers and client, + optimization improvements, and x86 ASM changes. + +See build instructions below under 1.0.6: + + + +*****************yaSSL Release notes, version 1.1.5 + + This release of yaSSL contains minor bug fixes, portability enhancements, and user requested changes including the ability to add all certificates in a directory, more robust socket handling, no new overloading unless requested, and an SSL_VERIFY_NONE option. Modified: dcplusplus/trunk/yassl/include/crypto_wrapper.hpp =================================================================== --- dcplusplus/trunk/yassl/include/crypto_wrapper.hpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/include/crypto_wrapper.hpp 2006-04-30 12:13:44 UTC (rev 600) @@ -41,8 +41,8 @@ namespace yaSSL { -// Digest policy should implement a get_digest, update, and get sizes for pad and -// digest +// Digest policy should implement a get_digest, update, and get sizes for pad +// and digest struct Digest : public virtual_base { virtual void get_digest(byte*) = 0; virtual void get_digest(byte*, const byte*, unsigned int) = 0; @@ -380,7 +380,7 @@ uint get_agreedKeyLength() const; const byte* get_agreedKey() const; const byte* get_publicKey() const; - void makeAgreement(const byte*); + void makeAgreement(const byte*, unsigned int); void set_sizes(int&, int&, int&) const; void get_parms(byte*, byte*, byte*) const; Modified: dcplusplus/trunk/yassl/include/openssl/ssl.h =================================================================== --- dcplusplus/trunk/yassl/include/openssl/ssl.h 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/include/openssl/ssl.h 2006-04-30 12:13:44 UTC (rev 600) @@ -50,11 +50,11 @@ class X509; class X509_NAME; #else - typedef struct SSL SSL; - typedef struct SSL_SESION SSL_SESSION; - typedef struct SSL_METHOD SSL_METHOD; - typedef struct SSL_CTX SSL_CTX; - typedef struct SSL_CIPHER SSL_CIPHER; + typedef struct SSL SSL; + typedef struct SSL_SESSION SSL_SESSION; + typedef struct SSL_METHOD SSL_METHOD; + typedef struct SSL_CTX SSL_CTX; + typedef struct SSL_CIPHER SSL_CIPHER; typedef struct RSA RSA; Modified: dcplusplus/trunk/yassl/include/yassl_imp.hpp =================================================================== --- dcplusplus/trunk/yassl/include/yassl_imp.hpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/include/yassl_imp.hpp 2006-04-30 12:13:44 UTC (rev 600) @@ -662,7 +662,7 @@ uint8 suites_size_; Cipher suites_[MAX_SUITE_SZ]; char cipher_name_[MAX_SUITE_NAME]; - char cipher_list_[MAX_CIPHER_LIST]; + char cipher_list_[MAX_CIPHERS][MAX_SUITE_NAME]; Parameters(ConnectionEnd, const Ciphers&, ProtocolVersion); Modified: dcplusplus/trunk/yassl/include/yassl_types.hpp =================================================================== --- dcplusplus/trunk/yassl/include/yassl_types.hpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/include/yassl_types.hpp 2006-04-30 12:13:44 UTC (rev 600) @@ -132,7 +132,7 @@ const int FORTEZZA_MAX = 128; // Maximum Fortezza Key length const int MAX_SUITE_SZ = 64; // 32 max suites * sizeof(suite) const int MAX_SUITE_NAME = 48; // max length of suite name -const int MAX_CIPHER_LIST = 512; // max length of cipher list names +const int MAX_CIPHERS = 32; // max supported ciphers for cipher list const int SIZEOF_ENUM = 1; // SSL considers an enum 1 byte, not 4 const int SIZEOF_SENDER = 4; // Sender constant, for finished generation const int PAD_MD5 = 48; // pad length 1 and 2 for md5 finished Modified: dcplusplus/trunk/yassl/src/crypto_wrapper.cpp =================================================================== --- dcplusplus/trunk/yassl/src/crypto_wrapper.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/src/crypto_wrapper.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -855,9 +855,9 @@ } -void DiffieHellman::makeAgreement(const byte* other) +void DiffieHellman::makeAgreement(const byte* other, unsigned int otherSz) { - pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other); + pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other, otherSz); } Modified: dcplusplus/trunk/yassl/src/handshake.cpp =================================================================== --- dcplusplus/trunk/yassl/src/handshake.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/src/handshake.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -605,7 +605,7 @@ void PRF(byte* digest, uint digLen, const byte* secret, uint secLen, const byte* label, uint labLen, const byte* seed, uint seedLen) { - uint half = secLen / 2 + secLen % 2; + uint half = (secLen + 1) / 2; output_buffer md5_half(half); output_buffer sha_half(half); Modified: dcplusplus/trunk/yassl/src/ssl.cpp =================================================================== --- dcplusplus/trunk/yassl/src/ssl.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/src/ssl.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -291,9 +291,15 @@ } -const char* SSL_get_cipher_list(SSL* ssl, int /*priority */) +const char* SSL_get_cipher_list(SSL* ssl, int priority) { - return ssl->getSecurity().get_parms().cipher_list_; + if (priority < 0 || priority >= MAX_CIPHERS) + return 0; + + if (ssl->getSecurity().get_parms().cipher_list_[priority][0]) + return ssl->getSecurity().get_parms().cipher_list_[priority]; + + return 0; } Added: dcplusplus/trunk/yassl/src/yassl.cpp =================================================================== --- dcplusplus/trunk/yassl/src/yassl.cpp (rev 0) +++ dcplusplus/trunk/yassl/src/yassl.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -0,0 +1,244 @@ +/* yassl.cpp + * + * Copyright (C) 2003 Sawtooth Consulting Ltd. + * + * This file is part of yaSSL. + * + * yaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * yaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/* yaSSL implements external API + */ + +#include "runtime.hpp" +#include "yassl.hpp" +#include "yassl_int.hpp" +#include "handshake.hpp" +#include <stdio.h> + +#include "openssl/ssl.h" // get rid of this + + +// yaSSL overloads hide these +void* operator new[](size_t sz) +{ + return ::operator new(sz); +} + +void operator delete[](void* ptr) +{ + ::operator delete(ptr); +} + + +namespace yaSSL { + +using mySTL::min; + + +struct Base { + SSL_METHOD* method_; + SSL_CTX* ctx_; + SSL* ssl_; + + char* ca_; + char* cert_; + char* key_; + + DH* dh_; + + Base() : method_(0), ctx_(0), ssl_(0), ca_(0), cert_(0), key_(0), dh_(0) + {} + + ~Base() + { + if (dh_) DH_free(dh_); + delete[] key_; + delete[] cert_; + delete[] ca_; + SSL_CTX_free(ctx_); // frees method_ too + SSL_free(ssl_); + } +}; + + +void SetDH(Base&); + +void SetUpBase(Base& base, ConnectionEnd end, SOCKET_T s) +{ + base.method_ = new SSL_METHOD(end, ProtocolVersion(3,1)); + base.ctx_ = new SSL_CTX(base.method_); + + if (base.ca_) + if (SSL_CTX_load_verify_locations(base.ctx_, + base.ca_, 0) != SSL_SUCCESS) assert(0); + if (base.cert_) + if (SSL_CTX_use_certificate_file(base.ctx_, + base.cert_, SSL_FILETYPE_PEM) != SSL_SUCCESS) assert(0); + if (base.key_) + if (SSL_CTX_use_PrivateKey_file(base.ctx_, base.key_, + SSL_FILETYPE_PEM) != SSL_SUCCESS) assert(0); + + if (end == server_end) SetDH(base); + + base.ssl_ = new SSL(base.ctx_); + base.ssl_->useSocket().set_fd(s); +} + + +void SetDH(Base& base) +{ + static unsigned char dh512_p[] = + { + 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, + 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, + 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, + 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, + 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, + 0x47,0x74,0xE8,0x33, + }; + + static unsigned char dh512_g[] = + { + 0x02, + }; + + if ( (base.dh_ = DH_new()) ) { + base.dh_->p = BN_bin2bn(dh512_p, sizeof(dh512_p), 0); + base.dh_->g = BN_bin2bn(dh512_g, sizeof(dh512_g), 0); + } + if (!base.dh_->p || !base.dh_->g) { + DH_free(base.dh_); + base.dh_ = 0; + } + SSL_CTX_set_tmp_dh(base.ctx_, base.dh_); +} + + +void NewCopy(char*& dst, const char* src) +{ + size_t len = strlen(src) + 1; + dst = new char[len]; + + strncpy(dst, src, len); +} + + +// Client Implementation +struct Client::ClientImpl { + Base base_; +}; + + +Client::Client() : pimpl_(new ClientImpl) +{} + + +Client::~Client() { delete pimpl_; } + + +int Client::Connect(SOCKET_T s) +{ + SetUpBase(pimpl_->base_, client_end, s); + return SSL_connect(pimpl_->base_.ssl_); +} + + +int Client::Write(const void* buffer, int sz) +{ + return sendData(*pimpl_->base_.ssl_, buffer, sz); +} + + +int Client::Read(void* buffer, int sz) +{ + Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer)); + return receiveData(*pimpl_->base_.ssl_, data); +} + + +void Client::SetCA(const char* name) +{ + NewCopy(pimpl_->base_.ca_, name); +} + + +void Client::SetCert(const char* name) +{ + NewCopy(pimpl_->base_.cert_, name); +} + + +void Client::SetKey(const char* name) +{ + NewCopy(pimpl_->base_.key_, name); +} + + + +// Server Implementation +struct Server::ServerImpl { + Base base_; +}; + + +Server::Server() : pimpl_(new ServerImpl) +{} + + +Server::~Server() { delete pimpl_; } + + +int Server::Accept(SOCKET_T s) +{ + SetUpBase(pimpl_->base_, server_end, s); + return SSL_accept(pimpl_->base_.ssl_); +} + + +int Server::Write(const void* buffer, int sz) +{ + return sendData(*pimpl_->base_.ssl_, buffer, sz); +} + + +int Server::Read(void* buffer, int sz) +{ + Data data(min(sz, MAX_RECORD_SIZE), static_cast<opaque*>(buffer)); + return receiveData(*pimpl_->base_.ssl_, data); +} + + +void Server::SetCA(const char* name) +{ + NewCopy(pimpl_->base_.ca_, name); +} + + +void Server::SetCert(const char* name) +{ + NewCopy(pimpl_->base_.cert_, name); +} + + +void Server::SetKey(const char* name) +{ + NewCopy(pimpl_->base_.key_, name); +} + + + +} // namespace yaSSL Modified: dcplusplus/trunk/yassl/src/yassl_imp.cpp =================================================================== --- dcplusplus/trunk/yassl/src/yassl_imp.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/src/yassl_imp.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -29,6 +29,7 @@ #include "asn.hpp" // provide crypto wrapper?? + namespace yaSSL { @@ -111,11 +112,15 @@ uint keyLength = dhClient.get_agreedKeyLength(); // pub and agree same alloc(keyLength, true); - dhClient.makeAgreement(dhServer.get_publicKey()); + dhClient.makeAgreement(dhServer.get_publicKey(), keyLength); c16toa(keyLength, Yc_); memcpy(Yc_ + KEY_OFFSET, dhClient.get_publicKey(), keyLength); - ssl.set_preMaster(dhClient.get_agreedKey(), keyLength); + // because of encoding first byte might be zero, don't use it for preMaster + if (*dhClient.get_agreedKey() == 0) + ssl.set_preMaster(dhClient.get_agreedKey() + 1, keyLength - 1); + else + ssl.set_preMaster(dhClient.get_agreedKey(), keyLength); } @@ -269,10 +274,14 @@ ato16(tmp, keyLength); alloc(keyLength); - input.read(Yc_, length_); - dh.makeAgreement(Yc_); + input.read(Yc_, keyLength); + dh.makeAgreement(Yc_, keyLength); - ssl.set_preMaster(dh.get_agreedKey(), keyLength); + // because of encoding, first byte might be 0, don't use for preMaster + if (*dh.get_agreedKey() == 0) + ssl.set_preMaster(dh.get_agreedKey() + 1, dh.get_agreedKeyLength() - 1); + else + ssl.set_preMaster(dh.get_agreedKey(), dh.get_agreedKeyLength()); ssl.makeMasterSecret(); } @@ -438,7 +447,7 @@ int i = 0; // available suites, best first // when adding more, make sure cipher_names is updated and - // MAX_CIPHER_LIST is big enough + // MAX_CIPHERS is big enough if (isTLS(pv)) { suites_[i++] = 0x00; @@ -510,13 +519,10 @@ for (int j = 0; j < suites; j++) { int index = suites_[j*2 + 1]; // every other suite is suite id - int len = strlen(cipher_names[index]); - memcpy(&cipher_list_[pos], cipher_names[index], len); - pos += len; - cipher_list_[pos++] = ':'; + int len = strlen(cipher_names[index]) + 1; + strncpy(cipher_list_[pos++], cipher_names[index], len); } - if (suites) - cipher_list_[--pos] = 0; + cipher_list_[pos][0] = 0; } @@ -1630,8 +1636,11 @@ // CertificateRequest processing handler void CertificateRequest::Process(input_buffer&, SSL& ssl) { - if (ssl.useCrypto().use_certManager().get_cert()) - ssl.useCrypto().use_certManager().setSendVerify(); + CertManager& cm = ssl.useCrypto().use_certManager(); + + // make sure user provided cert and key before sending and using + if (cm.get_cert() && cm.get_privateKey()) + cm.setSendVerify(); } Modified: dcplusplus/trunk/yassl/src/yassl_int.cpp =================================================================== --- dcplusplus/trunk/yassl/src/yassl_int.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/src/yassl_int.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -832,7 +832,7 @@ int length = 2 * secure_.get_parms().hash_size_ + 2 * secure_.get_parms().key_size_ + 2 * secure_.get_parms().iv_size_; - int rounds = length / MD5_LEN + ((length % MD5_LEN) ? 1 : 0); + int rounds = (length + MD5_LEN - 1 ) / MD5_LEN; input_buffer key_data(rounds * MD5_LEN); opaque sha_output[SHA_LEN]; Modified: dcplusplus/trunk/yassl/taocrypt/include/asn.hpp =================================================================== --- dcplusplus/trunk/yassl/taocrypt/include/asn.hpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/taocrypt/include/asn.hpp 2006-04-30 12:13:44 UTC (rev 600) @@ -184,7 +184,7 @@ word32 sz_; public: explicit PublicKey(const byte* k = 0, word32 s = 0); - ~PublicKey() { tcDelete(key_); } + ~PublicKey() { tcArrayDelete(key_); } const byte* GetKey() const { return key_; } word32 size() const { return sz_; } Modified: dcplusplus/trunk/yassl/taocrypt/include/dh.hpp =================================================================== --- dcplusplus/trunk/yassl/taocrypt/include/dh.hpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/taocrypt/include/dh.hpp 2006-04-30 12:13:44 UTC (rev 600) @@ -64,7 +64,7 @@ } void GenerateKeyPair(RandomNumberGenerator&, byte*, byte*); - void Agree(byte*, const byte*, const byte*); + void Agree(byte*, const byte*, const byte*, word32 otherSz = 0); void SetP(const Integer& p) { p_ = p; } void SetG(const Integer& g) { g_ = g; } Modified: dcplusplus/trunk/yassl/taocrypt/src/aes.cpp =================================================================== --- dcplusplus/trunk/yassl/taocrypt/src/aes.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/taocrypt/src/aes.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -478,9 +478,9 @@ AS2( mov ebp, DWORD PTR [ebp + 20] ) #define EPILOG() \ + AS2( mov esi, [ebp - 4] ) \ AS2( mov esp, ebp ) \ AS2( movd ebx, mm4 ) \ - AS2( mov esi, [ebp - 4] ) \ AS2( movd edi, mm3 ) \ AS1( emms ) \ asm(".att_syntax"); Modified: dcplusplus/trunk/yassl/taocrypt/src/arc4.cpp =================================================================== --- dcplusplus/trunk/yassl/taocrypt/src/arc4.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/taocrypt/src/arc4.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -80,7 +80,6 @@ void ARC4::Process(byte* out, const byte* in, word32 length) { - //AsmProcess(out, in, length); if (length == 0) return; byte *const s = state_; @@ -202,7 +201,7 @@ AS2( movzx eax, BYTE PTR [ebp + ecx] ) // xOr w/ inByte - AS2( xor ebx, [esi] ) + AS2( xor bl, BYTE PTR [esi] ) AS1( inc esi ) // write to outByte Modified: dcplusplus/trunk/yassl/taocrypt/src/coding.cpp =================================================================== --- dcplusplus/trunk/yassl/taocrypt/src/coding.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/taocrypt/src/coding.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -130,7 +130,7 @@ word32 outSz = bytes * 4 / 3; outSz += (outSz % 4); // 4 byte integrals - outSz += outSz / pemLineSz + ( (outSz % pemLineSz) ? 1 : 0); // new lines + outSz += (outSz + pemLineSz - 1) / pemLineSz; // new lines encoded_.New(outSz); word32 i = 0; @@ -187,9 +187,8 @@ void Base64Decoder::Decode() { word32 bytes = coded_.size(); - word32 plainSz = bytes - (bytes / pemLineSz + ( (bytes % pemLineSz) ? - 1 : 0)); - plainSz = plainSz * 3 / 4 + (( (plainSz * 3) % 4) ? 1 : 0); + word32 plainSz = bytes - ((bytes + (pemLineSz - 1)) / pemLineSz); + plainSz = (plainSz * 3 + 3) / 4; decoded_.New(plainSz); word32 i = 0; Modified: dcplusplus/trunk/yassl/taocrypt/src/dh.cpp =================================================================== --- dcplusplus/trunk/yassl/taocrypt/src/dh.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/taocrypt/src/dh.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -26,10 +26,26 @@ #include "runtime.hpp" #include "dh.hpp" #include "asn.hpp" +#include <math.h> namespace TaoCrypt { +namespace { // locals + +unsigned int DiscreteLogWorkFactor(unsigned int n) +{ + // assuming discrete log takes about the same time as factoring + if (n<5) + return 0; + else + return (unsigned int)(2.4 * pow((double)n, 1.0/3.0) * + pow(log(double(n)), 2.0/3.0) - 5); +} + +} // namespace locals + + // Generate a DH Key Pair void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub) { @@ -41,7 +57,8 @@ // Generate private value void DH::GeneratePrivate(RandomNumberGenerator& rng, byte* priv) { - Integer x(rng, Integer::One(), p_ - 1); + Integer x(rng, Integer::One(), mySTL::min(p_ - 1, + Integer::Power2(2*DiscreteLogWorkFactor(p_.BitCount())) ) ); x.Encode(priv, p_.ByteCount()); } @@ -57,11 +74,16 @@ // Generate Agreement -void DH::Agree(byte* agree, const byte* priv, const byte* otherPub) +void DH::Agree(byte* agree, const byte* priv, const byte* otherPub, word32 + otherSz) { const word32 bc(p_.ByteCount()); Integer x(priv, bc); - Integer y(otherPub, bc); + Integer y; + if (otherSz) + y.Decode(otherPub, otherSz); + else + y.Decode(otherPub, bc); Integer z(a_exp_b_mod_c(y, x, p_)); z.Encode(agree, bc); Modified: dcplusplus/trunk/yassl/taocrypt/src/random.cpp =================================================================== --- dcplusplus/trunk/yassl/taocrypt/src/random.cpp 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/taocrypt/src/random.cpp 2006-04-30 12:13:44 UTC (rev 600) @@ -26,7 +26,9 @@ #include "runtime.hpp" #include "random.hpp" +#include <string.h> + #if defined(_WIN32) #define _WIN32_WINNT 0x0400 #include <windows.h> @@ -52,6 +54,7 @@ // place a generated block in output void RandomNumberGenerator::GenerateBlock(byte* output, word32 sz) { + memset(output, 0, sz); cipher_.Process(output, output, sz); } Modified: dcplusplus/trunk/yassl/yassl.vcproj =================================================================== --- dcplusplus/trunk/yassl/yassl.vcproj 2006-04-30 11:09:50 UTC (rev 599) +++ dcplusplus/trunk/yassl/yassl.vcproj 2006-04-30 12:13:44 UTC (rev 600) @@ -312,6 +312,9 @@ </FileConfiguration> </File> <File + RelativePath=".\src\yassl.cpp"> + </File> + <File RelativePath="src\yassl_error.cpp"> <FileConfiguration Name="Debug|Win32"> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
