pike.git / src / post_modules / Nettle / nettle.cmod

version» Context lines:

pike.git/src/post_modules/Nettle/nettle.cmod:275:    *!    *! This implementation uses AES256 to generate output and SHA256 to    *! generate keys.    *!    *! To use this class an entropy accumulator needs to be implemented    *! and supply the @[reseed()] method with new entopy.    */   PIKECLASS Fortuna   program_flags PROGRAM_CLEAR_STORAGE;   { + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  CVAR struct aes256_ctx aes256_ctx; + #else    CVAR struct aes_ctx aes_ctx; -  + #endif    CVAR struct sha256_ctx sha_ctx;    CVAR uint8_t *key;    CVAR uint8_t *ctr;       DECLARE_STORAGE;      #ifndef AES256_KEY_SIZE   #define AES256_KEY_SIZE (256>>3)   #endif       static void fortuna_generate(uint8_t *data)    { -  + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes256_encrypt(&THIS->aes256_ctx, 16, data, THIS->ctr); + #else    aes_encrypt(&THIS->aes_ctx, 16, data, THIS->ctr); -  + #endif    INCREMENT(16, THIS->ctr);    }       static void fortuna_rekey(void)    {    fortuna_generate(THIS->key);    fortuna_generate(THIS->key+16); -  + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes256_set_encrypt_key(&THIS->aes256_ctx, THIS->key); + #else    aes_set_encrypt_key(&THIS->aes_ctx, AES256_KEY_SIZE, THIS->key); -  + #endif    }       /*! @decl void reseed(string(8bit) data)    *! Updated the internal key with the provided additional entropy.    */    PIKEFUN void reseed(string(8bit) data)    {    sha256_update(&THIS->sha_ctx, 32, THIS->key);    sha256_update(&THIS->sha_ctx, data->len, (const uint8_t *)data->str);    sha256_digest(&THIS->sha_ctx, 32, THIS->key); -  + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes256_set_encrypt_key(&THIS->aes256_ctx, THIS->key); + #else    aes_set_encrypt_key(&THIS->aes_ctx, AES256_KEY_SIZE, THIS->key); -  + #endif    INCREMENT(16, THIS->ctr);    }       /*! @decl string(8bit) random_string(int(0..) len)    *!    *! Generates @[len] amount of pseudo random data. In contrast with    *! the Fortuna PseudoRandomData function, which only allows 2^20    *! bytes of random data per call, the necessary rekey operations    *! are here performed internally, so no such restrictions apply.    */
pike.git/src/post_modules/Nettle/nettle.cmod:355:       fortuna_rekey();       RETURN end_shared_string(s);    }       INIT    {    THIS->ctr = xcalloc(1,16);    THIS->key = xcalloc(1,32); + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes256_set_encrypt_key(&THIS->aes256_ctx, THIS->key); + #else    aes_set_encrypt_key(&THIS->aes_ctx, AES256_KEY_SIZE, THIS->key); -  + #endif    sha256_init(&THIS->sha_ctx);    }       EXIT    gc_trivial;    {    free(THIS->ctr);    free(THIS->key);    }   }
pike.git/src/post_modules/Nettle/nettle.cmod:381:    *! Minimal implementation of NIST SP800-90Ar1 pseudo random number    *! generator CTR_DRBG using AES-128. No personalization, nounces or    *! additional data are supported.    *!    *! @seealso    *! @[Random.AES128_CTR_DRBG]    */   PIKECLASS AES128_CTR_DRBG   program_flags PROGRAM_CLEAR_STORAGE;   { + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  CVAR struct aes128_ctx aes128_ctx; + #else    CVAR struct aes_ctx aes_ctx; -  + #endif    CVAR uint8_t *key;    CVAR uint8_t *ctr;    CVAR INT64 reseed_counter;    CVAR INT64 reseed_interval;       DECLARE_STORAGE;       /*    * blocklen = 128    * ctr_len = 128
pike.git/src/post_modules/Nettle/nettle.cmod:405:    */      #ifndef AES128_KEY_SIZE   #define AES128_KEY_SIZE (128>>3)   #endif       static void ctr_debug_update(char *data)    {    uint8_t tmp_key[16];    INCREMENT(16, THIS->ctr); + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes128_encrypt(&THIS->aes128_ctx, 16, tmp_key, THIS->ctr); + #else    aes_encrypt(&THIS->aes_ctx, 16, tmp_key, THIS->ctr); -  + #endif    INCREMENT(16, THIS->ctr); -  + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes128_encrypt(&THIS->aes128_ctx, 16, THIS->ctr, THIS->ctr); + #else    aes_encrypt(&THIS->aes_ctx, 16, THIS->ctr, THIS->ctr); -  + #endif    memcpy(THIS->key, tmp_key, 16);    if( data )    {    memxor(THIS->key, (uint8_t*)data, 16);    memxor(THIS->ctr, (uint8_t*)data+16, 16);    } -  + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes128_set_encrypt_key(&THIS->aes128_ctx, THIS->key); + #else    aes_set_encrypt_key(&THIS->aes_ctx, AES128_KEY_SIZE, THIS->key); -  + #endif    }       /*! @decl void reseed(string(8bit) data)    *! Updated the internal key with the provided additional entropy.    */    PIKEFUN void reseed(string(8bit) data)    {    if( data->len!=32 )    Pike_error("Illegal entropy size.\n");    NO_WIDE_STRING(data);
pike.git/src/post_modules/Nettle/nettle.cmod:499:    if(len<0) Pike_error("Length has to be positive.\n");    if(THIS->reseed_counter>THIS->reseed_interval)    apply_current(f_Nettle_AES128_CTR_DRBG_entropy_underflow_fun_num, 0);       s = begin_shared_string(len);    str = (uint8_t *)s->str;       while( (len-stored) >= 16 )    {    INCREMENT(16, THIS->ctr); + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes128_encrypt(&THIS->aes128_ctx, 16, str, THIS->ctr); + #else    aes_encrypt(&THIS->aes_ctx, 16, str, THIS->ctr); -  + #endif    stored += 16;    str += 16;       if( !(stored % (1<<19)) )    {    ctr_debug_update(NULL);    THIS->reseed_counter++;    if(THIS->reseed_counter>THIS->reseed_interval)    apply_current(f_Nettle_AES128_CTR_DRBG_entropy_underflow_fun_num, 0);    }    }       if( len>stored )    {    uint8_t buf[16];    INCREMENT(16, THIS->ctr); -  + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes128_encrypt(&THIS->aes128_ctx, 16, buf, THIS->ctr); + #else    aes_encrypt(&THIS->aes_ctx, 16, buf, THIS->ctr); -  + #endif    memcpy(str, buf, len-stored);    }       ctr_debug_update(NULL);    THIS->reseed_counter++;       RETURN end_shared_string(s);    }       INIT    {    THIS->ctr = xcalloc(1,16);    THIS->key = xcalloc(1,16);    THIS->reseed_counter = 1;    THIS->reseed_interval = ((INT64)1)<<48; -  + #ifdef HAVE_NETTLE_AES128_ENCRYPT +  aes128_set_encrypt_key(&THIS->aes128_ctx, THIS->key); + #else    aes_set_encrypt_key(&THIS->aes_ctx, AES128_KEY_SIZE, THIS->key); -  + #endif    }       EXIT    gc_trivial;    {    free(THIS->ctr);    free(THIS->key);    }   }