mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-06-19 19:33:38 +08:00
Remove Windows warnings
This commit is contained in:
Zhi Guan
18
src/kyber.c
18
src/kyber.c
@@ -50,7 +50,6 @@ static int kyber_prf(const uint8_t seed[32], uint8_t N, size_t outlen, uint8_t *
|
|||||||
{
|
{
|
||||||
uint8_t salt[1];
|
uint8_t salt[1];
|
||||||
uint8_t key[32];
|
uint8_t key[32];
|
||||||
size_t len;
|
|
||||||
|
|
||||||
salt[0] = (uint8_t)N;
|
salt[0] = (uint8_t)N;
|
||||||
|
|
||||||
@@ -459,9 +458,9 @@ int kyber_poly_encode12(const kyber_poly_t a, uint8_t out[384])
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
for (i = 0; i < 256/2; i++) {
|
for (i = 0; i < 256/2; i++) {
|
||||||
out[0] = in[0];
|
out[0] = (uint8_t)in[0];
|
||||||
out[1] = (in[1] << 4) | (in[0] >> 8);
|
out[1] = (uint8_t)((in[1] << 4) | (in[0] >> 8));
|
||||||
out[2] = in[1] >> 4;
|
out[2] = (uint8_t)(in[1] >> 4);
|
||||||
in += 2;
|
in += 2;
|
||||||
out += 3;
|
out += 3;
|
||||||
}
|
}
|
||||||
@@ -501,11 +500,11 @@ int kyber_poly_encode10(const kyber_poly_t a, uint8_t out[320])
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
for (i = 0; i < 256/4; i++) {
|
for (i = 0; i < 256/4; i++) {
|
||||||
out[0] = in[0];
|
out[0] = (uint8_t)in[0];
|
||||||
out[1] = (in[1] << 2) | (in[0] >> 8);
|
out[1] = (uint8_t)((in[1] << 2) | (in[0] >> 8));
|
||||||
out[2] = (in[2] << 4) | (in[1] >> 6);
|
out[2] = (uint8_t)((in[2] << 4) | (in[1] >> 6));
|
||||||
out[3] = (in[3] << 6) | (in[2] >> 4);
|
out[3] = (uint8_t)((in[3] << 6) | (in[2] >> 4));
|
||||||
out[4] = in[3] >> 2;
|
out[4] = (uint8_t)(in[3] >> 2);
|
||||||
in += 4;
|
in += 4;
|
||||||
out += 5;
|
out += 5;
|
||||||
}
|
}
|
||||||
@@ -1167,7 +1166,6 @@ int kyber_decap(const KYBER_KEY *key, const KYBER_CIPHERTEXT *c, uint8_t K[32])
|
|||||||
uint8_t *K_ = K_r;
|
uint8_t *K_ = K_r;
|
||||||
uint8_t *r = K_r + 32;
|
uint8_t *r = K_r + 32;
|
||||||
KYBER_CIPHERTEXT c_;
|
KYBER_CIPHERTEXT c_;
|
||||||
uint8_t c_hash[32];
|
|
||||||
|
|
||||||
|
|
||||||
// m' = Dec(sk, c)
|
// m' = Dec(sk, c)
|
||||||
|
|||||||
31
src/lms.c
31
src/lms.c
@@ -466,13 +466,13 @@ int lms_private_key_from_bytes(LMS_KEY *key, const uint8_t **in, size_t *inlen)
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (key->q >= (1 << height)) {
|
if (key->q >= ((uint32_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cache_tree) {
|
if (cache_tree) {
|
||||||
size_t n = 1 << height;
|
size_t n = (size_t)1 << height;
|
||||||
if (!(key->tree = (lms_hash256_t *)malloc(sizeof(lms_hash256_t) * (2*n - 1)))) {
|
if (!(key->tree = (lms_hash256_t *)malloc(sizeof(lms_hash256_t) * (2*n - 1)))) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
@@ -608,11 +608,11 @@ int lms_key_update(LMS_KEY *key)
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (key->q < 0 || key->q > (1 << height)) {
|
if (key->q > ((uint32_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (key->q == (1 << height)) {
|
if (key->q == ((uint32_t)1 << height)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
key->q++;
|
key->q++;
|
||||||
@@ -857,7 +857,7 @@ int lms_signature_from_bytes(LMS_SIGNATURE *sig, const uint8_t **in, size_t *inl
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (sig->q < 0 || sig->q >= (1 << height)) {
|
if (sig->q >= ((uint32_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -884,7 +884,7 @@ int lms_signature_to_merkle_root(const uint8_t I[16], size_t h, int q,
|
|||||||
LMS_HASH256_CTX ctx;
|
LMS_HASH256_CTX ctx;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
n = 1 << h;
|
n = (size_t)1 << h;
|
||||||
if (q >= n) {
|
if (q >= n) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
@@ -947,11 +947,11 @@ int lms_sign_init(LMS_SIGN_CTX *ctx, LMS_KEY *key)
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (key->q >= (1 << height)) {
|
if (key->q >= ((uint32_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
r = (1 << height) + key->q;
|
r = ((uint32_t)1 << height) + key->q;
|
||||||
|
|
||||||
memset(ctx, 0, sizeof(*ctx));
|
memset(ctx, 0, sizeof(*ctx));
|
||||||
memcpy(ctx->lms_public_key.I, key->public_key.I, 16);
|
memcpy(ctx->lms_public_key.I, key->public_key.I, 16);
|
||||||
@@ -1359,7 +1359,7 @@ int hss_private_key_from_bytes(HSS_KEY *key, const uint8_t **in, size_t *inlen)
|
|||||||
|
|
||||||
int hss_private_key_print(FILE *fp, int fmt, int ind, const char *label, const HSS_KEY *key)
|
int hss_private_key_print(FILE *fp, int fmt, int ind, const char *label, const HSS_KEY *key)
|
||||||
{
|
{
|
||||||
int i;
|
uint32_t i;
|
||||||
|
|
||||||
format_print(fp, fmt, ind, "%s\n", label);
|
format_print(fp, fmt, ind, "%s\n", label);
|
||||||
ind += 4;
|
ind += 4;
|
||||||
@@ -1369,9 +1369,9 @@ int hss_private_key_print(FILE *fp, int fmt, int ind, const char *label, const H
|
|||||||
|
|
||||||
for (i = 1; i < key->levels; i++) {
|
for (i = 1; i < key->levels; i++) {
|
||||||
char title[64];
|
char title[64];
|
||||||
snprintf(title, sizeof(title), "lms_signature[%d]", i - 1);
|
snprintf(title, sizeof(title), "lms_signature[%u]", i - 1);
|
||||||
lms_signature_print_ex(fp, fmt, ind, title, &key->lms_sig[i - 1]);
|
lms_signature_print_ex(fp, fmt, ind, title, &key->lms_sig[i - 1]);
|
||||||
snprintf(title, sizeof(title), "lms_key[%d]", i);
|
snprintf(title, sizeof(title), "lms_key[%u]", i);
|
||||||
lms_private_key_print(fp, fmt, ind, title, &key->lms_key[i]);
|
lms_private_key_print(fp, fmt, ind, title, &key->lms_key[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1381,7 +1381,7 @@ int hss_private_key_print(FILE *fp, int fmt, int ind, const char *label, const H
|
|||||||
void hss_key_cleanup(HSS_KEY *key)
|
void hss_key_cleanup(HSS_KEY *key)
|
||||||
{
|
{
|
||||||
if (key) {
|
if (key) {
|
||||||
int i;
|
uint32_t i;
|
||||||
for (i = 0; i < key->levels; i++) {
|
for (i = 0; i < key->levels; i++) {
|
||||||
lms_key_cleanup(&key->lms_key[i]);
|
lms_key_cleanup(&key->lms_key[i]);
|
||||||
}
|
}
|
||||||
@@ -1504,7 +1504,7 @@ int hss_signature_size(const int *lms_types, size_t levels, size_t *siglen)
|
|||||||
int hss_key_get_signature_size(const HSS_KEY *key, size_t *siglen)
|
int hss_key_get_signature_size(const HSS_KEY *key, size_t *siglen)
|
||||||
{
|
{
|
||||||
int lms_types[5];
|
int lms_types[5];
|
||||||
int i;
|
uint32_t i;
|
||||||
|
|
||||||
if (!key || !siglen) {
|
if (!key || !siglen) {
|
||||||
error_print();
|
error_print();
|
||||||
@@ -1633,7 +1633,7 @@ int hss_key_update(HSS_KEY *key)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
// the lowest level is not out of keys
|
// the lowest level is not out of keys
|
||||||
if (level >= key->levels) {
|
if (level >= (int)key->levels) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -1642,7 +1642,7 @@ int hss_key_update(HSS_KEY *key)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (; level < key->levels; level++) {
|
for (; level < (int)key->levels; level++) {
|
||||||
int lms_type = key->lms_key[level].public_key.lms_type;
|
int lms_type = key->lms_key[level].public_key.lms_type;
|
||||||
LMS_SIGN_CTX ctx;
|
LMS_SIGN_CTX ctx;
|
||||||
uint8_t buf[LMS_PUBLIC_KEY_SIZE];
|
uint8_t buf[LMS_PUBLIC_KEY_SIZE];
|
||||||
@@ -1954,7 +1954,6 @@ int hss_signature_print_ex(FILE *fp, int fmt, int ind, const char *label, const
|
|||||||
int hss_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen)
|
int hss_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen)
|
||||||
{
|
{
|
||||||
LMS_SIGNATURE lms_sig;
|
LMS_SIGNATURE lms_sig;
|
||||||
size_t lms_siglen;
|
|
||||||
LMS_KEY lms_key;
|
LMS_KEY lms_key;
|
||||||
|
|
||||||
int num;
|
int num;
|
||||||
|
|||||||
@@ -358,7 +358,6 @@ void sphincs_wots_sk_to_pk(const sphincs_wots_key_t sk,
|
|||||||
static void sphincs_base_w_and_checksum(const sphincs_hash128_t dgst, int steps[35])
|
static void sphincs_base_w_and_checksum(const sphincs_hash128_t dgst, int steps[35])
|
||||||
{
|
{
|
||||||
int csum = 0;
|
int csum = 0;
|
||||||
int sbits;
|
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
// seperate 128-bit dgst into 32 4-bit base_w numbers
|
// seperate 128-bit dgst into 32 4-bit base_w numbers
|
||||||
@@ -444,7 +443,6 @@ void sphincs_wots_pk_to_root(const sphincs_wots_key_t pk,
|
|||||||
sphincs_adrsc_t adrsc;
|
sphincs_adrsc_t adrsc;
|
||||||
SPHINCS_HASH256_CTX ctx;
|
SPHINCS_HASH256_CTX ctx;
|
||||||
sphincs_hash256_t dgst;
|
sphincs_hash256_t dgst;
|
||||||
int i;
|
|
||||||
|
|
||||||
memcpy(block, seed, sizeof(sphincs_hash128_t));
|
memcpy(block, seed, sizeof(sphincs_hash128_t));
|
||||||
|
|
||||||
|
|||||||
14
src/tls12.c
14
src/tls12.c
@@ -507,7 +507,6 @@ int tlcp_recv_client_hello(TLS_CONNECT *conn)
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
uint8_t *record = conn->record;
|
uint8_t *record = conn->record;
|
||||||
size_t recordlen;
|
|
||||||
|
|
||||||
int client_verify = 0;
|
int client_verify = 0;
|
||||||
|
|
||||||
@@ -621,7 +620,6 @@ int tls_recv_client_hello(TLS_CONNECT *conn)
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
uint8_t *record = conn->record;
|
uint8_t *record = conn->record;
|
||||||
size_t recordlen;
|
|
||||||
|
|
||||||
int client_verify = 0;
|
int client_verify = 0;
|
||||||
|
|
||||||
@@ -1092,7 +1090,7 @@ int tls_send_server_key_exchange(TLS_CONNECT *conn)
|
|||||||
// build server_ecdh_params
|
// build server_ecdh_params
|
||||||
server_ecdh_params[0] = TLS_curve_type_named_curve;
|
server_ecdh_params[0] = TLS_curve_type_named_curve;
|
||||||
server_ecdh_params[1] = conn->ecdh_named_curve >> 8;
|
server_ecdh_params[1] = conn->ecdh_named_curve >> 8;
|
||||||
server_ecdh_params[2] = conn->ecdh_named_curve;
|
server_ecdh_params[2] = (uint8_t)conn->ecdh_named_curve;
|
||||||
server_ecdh_params[3] = 65;
|
server_ecdh_params[3] = 65;
|
||||||
if (x509_public_key_to_bytes(&conn->ecdh_key, &p, &len) != 1) {
|
if (x509_public_key_to_bytes(&conn->ecdh_key, &p, &len) != 1) {
|
||||||
error_print();
|
error_print();
|
||||||
@@ -1207,7 +1205,6 @@ int tls_signature_scheme_match_cipher_suite(int sig_alg, int cipher_suite)
|
|||||||
|
|
||||||
int tls_recv_server_key_exchange(TLS_CONNECT *conn)
|
int tls_recv_server_key_exchange(TLS_CONNECT *conn)
|
||||||
{
|
{
|
||||||
int ret;
|
|
||||||
uint8_t curve_type;
|
uint8_t curve_type;
|
||||||
uint16_t named_curve;
|
uint16_t named_curve;
|
||||||
const uint8_t *point_octets;
|
const uint8_t *point_octets;
|
||||||
@@ -1225,10 +1222,6 @@ int tls_recv_server_key_exchange(TLS_CONNECT *conn)
|
|||||||
const uint8_t *server_cert;
|
const uint8_t *server_cert;
|
||||||
size_t server_cert_len;
|
size_t server_cert_len;
|
||||||
|
|
||||||
uint16_t tls_sig_alg; // 这个值没有初始化
|
|
||||||
// 这属于握手过程中决定的具体算法,因此握手完成之后就应该确定下来了
|
|
||||||
// 这应该是由cipher_suite和服务器证书中公钥(named_curve)共同决定的
|
|
||||||
|
|
||||||
X509_SIGN_CTX sign_ctx;
|
X509_SIGN_CTX sign_ctx;
|
||||||
const void *sign_args = NULL;
|
const void *sign_args = NULL;
|
||||||
size_t sign_argslen = 0;
|
size_t sign_argslen = 0;
|
||||||
@@ -1479,7 +1472,6 @@ int tls_recv_certificate_request(TLS_CONNECT *conn)
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
uint8_t *record = conn->record;
|
uint8_t *record = conn->record;
|
||||||
size_t recordlen;
|
|
||||||
const uint8_t *cp;
|
const uint8_t *cp;
|
||||||
size_t len;
|
size_t len;
|
||||||
int handshake_type;
|
int handshake_type;
|
||||||
@@ -1703,7 +1695,6 @@ int tls_generate_keys(TLS_CONNECT *conn)
|
|||||||
{
|
{
|
||||||
uint8_t pre_master_secret[32];
|
uint8_t pre_master_secret[32];
|
||||||
size_t pre_master_secret_len;
|
size_t pre_master_secret_len;
|
||||||
uint8_t key_block[96];
|
|
||||||
|
|
||||||
// 此时已经获得了ServerKeyExchange和ClientKeyExchange
|
// 此时已经获得了ServerKeyExchange和ClientKeyExchange
|
||||||
// 但是不同密码套件中,这些KeyExchange的数据其实是不一样的
|
// 但是不同密码套件中,这些KeyExchange的数据其实是不一样的
|
||||||
@@ -1762,9 +1753,6 @@ int tls_generate_keys(TLS_CONNECT *conn)
|
|||||||
// 对于客户端,是先发送client_key_exchange在generate_keys
|
// 对于客户端,是先发送client_key_exchange在generate_keys
|
||||||
int tlcp_generate_keys(TLS_CONNECT *conn)
|
int tlcp_generate_keys(TLS_CONNECT *conn)
|
||||||
{
|
{
|
||||||
uint8_t enced_pre_master_secret[SM2_MAX_CIPHERTEXT_SIZE];
|
|
||||||
size_t enced_pre_master_secret_len;
|
|
||||||
|
|
||||||
tls_trace("generate secrets\n");
|
tls_trace("generate secrets\n");
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
43
src/tls13.c
43
src/tls13.c
@@ -375,8 +375,6 @@ int tls13_derive_secret(const uint8_t secret[32], const char *label, const DIGES
|
|||||||
int tls_handshake_digest_print(FILE *fp, int fmt, int ind, const char *label, const DIGEST_CTX *dgst_ctx)
|
int tls_handshake_digest_print(FILE *fp, int fmt, int ind, const char *label, const DIGEST_CTX *dgst_ctx)
|
||||||
{
|
{
|
||||||
DIGEST_CTX tmp_ctx;
|
DIGEST_CTX tmp_ctx;
|
||||||
uint8_t dgst[64];
|
|
||||||
size_t dgstlen;
|
|
||||||
|
|
||||||
tmp_ctx = *dgst_ctx;
|
tmp_ctx = *dgst_ctx;
|
||||||
|
|
||||||
@@ -1282,7 +1280,6 @@ int tls13_do_recv(TLS_CONNECT *conn)
|
|||||||
|
|
||||||
if (conn->is_client) {
|
if (conn->is_client) {
|
||||||
uint64_t seq_num;
|
uint64_t seq_num;
|
||||||
int ret;
|
|
||||||
|
|
||||||
tls13_update_server_application_secret(conn);
|
tls13_update_server_application_secret(conn);
|
||||||
tls13_generate_server_application_keys(conn);
|
tls13_generate_server_application_keys(conn);
|
||||||
@@ -1297,7 +1294,6 @@ int tls13_do_recv(TLS_CONNECT *conn)
|
|||||||
|
|
||||||
} else {
|
} else {
|
||||||
uint64_t seq_num;
|
uint64_t seq_num;
|
||||||
int ret;
|
|
||||||
|
|
||||||
tls13_update_client_application_secret(conn);
|
tls13_update_client_application_secret(conn);
|
||||||
tls13_generate_client_application_keys(conn);
|
tls13_generate_client_application_keys(conn);
|
||||||
@@ -1571,7 +1567,6 @@ int tls13_server_supported_versions_ext_to_bytes(int selected_version, uint8_t *
|
|||||||
{
|
{
|
||||||
uint16_t ext_type = TLS_extension_supported_versions;
|
uint16_t ext_type = TLS_extension_supported_versions;
|
||||||
size_t ext_datalen;
|
size_t ext_datalen;
|
||||||
size_t i;
|
|
||||||
|
|
||||||
if (!outlen) {
|
if (!outlen) {
|
||||||
error_print();
|
error_print();
|
||||||
@@ -1657,12 +1652,6 @@ int tls13_certificate_authorities_ext_to_bytes(const uint8_t *ca_names, size_t c
|
|||||||
uint8_t **out, size_t *outlen)
|
uint8_t **out, size_t *outlen)
|
||||||
{
|
{
|
||||||
int ext_type = TLS_extension_certificate_authorities;
|
int ext_type = TLS_extension_certificate_authorities;
|
||||||
size_t ext_datalen;
|
|
||||||
size_t authorities_len;
|
|
||||||
const uint8_t *name;
|
|
||||||
size_t namelen;
|
|
||||||
const uint8_t *p;
|
|
||||||
size_t len;
|
|
||||||
|
|
||||||
if (!ca_names || !ca_names_len || !outlen) {
|
if (!ca_names || !ca_names_len || !outlen) {
|
||||||
error_print();
|
error_print();
|
||||||
@@ -1670,7 +1659,7 @@ int tls13_certificate_authorities_ext_to_bytes(const uint8_t *ca_names, size_t c
|
|||||||
}
|
}
|
||||||
|
|
||||||
tls_uint16_to_bytes(ext_type, out, outlen);
|
tls_uint16_to_bytes(ext_type, out, outlen);
|
||||||
tls_uint16_to_bytes(tls_uint16_size() + ca_names_len, out, outlen);
|
tls_uint16_to_bytes((uint16_t)(tls_uint16_size() + ca_names_len), out, outlen);
|
||||||
tls_uint16array_to_bytes(ca_names, ca_names_len, out, outlen);
|
tls_uint16array_to_bytes(ca_names, ca_names_len, out, outlen);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
@@ -1764,7 +1753,7 @@ int tls13_oid_filters_ext_to_bytes(const uint8_t *filters, size_t filters_len, u
|
|||||||
|
|
||||||
ext_datalen = tls_uint16_size() + filters_len;
|
ext_datalen = tls_uint16_size() + filters_len;
|
||||||
tls_uint16_to_bytes(ext_type, out, outlen);
|
tls_uint16_to_bytes(ext_type, out, outlen);
|
||||||
tls_uint16_to_bytes(ext_datalen, out, outlen);
|
tls_uint16_to_bytes((uint16_t)ext_datalen, out, outlen);
|
||||||
tls_uint16array_to_bytes(filters, filters_len, out, outlen);
|
tls_uint16array_to_bytes(filters, filters_len, out, outlen);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
@@ -2759,7 +2748,7 @@ int tls13_certificate_entry_to_bytes(const uint8_t *cert, size_t certlen,
|
|||||||
}
|
}
|
||||||
|
|
||||||
tls_uint24array_to_bytes(cert, certlen, out, outlen);
|
tls_uint24array_to_bytes(cert, certlen, out, outlen);
|
||||||
tls_uint16_to_bytes(extslen, out, outlen);
|
tls_uint16_to_bytes((uint16_t)extslen, out, outlen);
|
||||||
if (status_request_ocsp_response && status_request_ocsp_response_len) {
|
if (status_request_ocsp_response && status_request_ocsp_response_len) {
|
||||||
tls_server_status_request_ext_to_bytes(status_request_ocsp_response, status_request_ocsp_response_len, out, outlen);
|
tls_server_status_request_ext_to_bytes(status_request_ocsp_response, status_request_ocsp_response_len, out, outlen);
|
||||||
}
|
}
|
||||||
@@ -3683,8 +3672,6 @@ Auth | {CertificateVerify*}
|
|||||||
|
|
||||||
int tls13_init(TLS_CONNECT *conn, TLS_CTX *ctx)
|
int tls13_init(TLS_CONNECT *conn, TLS_CTX *ctx)
|
||||||
{
|
{
|
||||||
size_t i;
|
|
||||||
|
|
||||||
if (!ctx->supported_versions_cnt) {
|
if (!ctx->supported_versions_cnt) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
@@ -4992,7 +4979,7 @@ int tls13_recv_server_hello(TLS_CONNECT *conn)
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
for (i = 0; i <= selected_identity; i++) {
|
for (i = 0; i <= (size_t)selected_identity; i++) {
|
||||||
if (tls_uint8array_from_bytes(&key, &keylen, &psk_keys, &psk_keys_len) != 1) {
|
if (tls_uint8array_from_bytes(&key, &keylen, &psk_keys, &psk_keys_len) != 1) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
@@ -5122,7 +5109,6 @@ int tls13_recv_encrypted_extensions(TLS_CONNECT *conn)
|
|||||||
size_t extslen;
|
size_t extslen;
|
||||||
|
|
||||||
const uint8_t *supported_groups = NULL;
|
const uint8_t *supported_groups = NULL;
|
||||||
size_t supported_groups_len;
|
|
||||||
|
|
||||||
int server_name = 0;
|
int server_name = 0;
|
||||||
int early_data = 0;
|
int early_data = 0;
|
||||||
@@ -6146,8 +6132,6 @@ int tls13_recv_server_finished(TLS_CONNECT *conn)
|
|||||||
uint8_t verify_data[64];
|
uint8_t verify_data[64];
|
||||||
size_t verify_data_len;
|
size_t verify_data_len;
|
||||||
|
|
||||||
uint8_t server_write_key[16];
|
|
||||||
|
|
||||||
// compute verify_data before digest_update
|
// compute verify_data before digest_update
|
||||||
if (tls13_compute_verify_data(conn->server_handshake_traffic_secret,
|
if (tls13_compute_verify_data(conn->server_handshake_traffic_secret,
|
||||||
&conn->dgst_ctx, verify_data, &verify_data_len) != 1) {
|
&conn->dgst_ctx, verify_data, &verify_data_len) != 1) {
|
||||||
@@ -6332,7 +6316,6 @@ int tls13_send_client_certificate_verify(TLS_CONNECT *conn)
|
|||||||
int tls13_send_client_finished(TLS_CONNECT *conn)
|
int tls13_send_client_finished(TLS_CONNECT *conn)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
uint8_t client_write_key[16];
|
|
||||||
|
|
||||||
tls_trace("send client {Finished}\n");
|
tls_trace("send client {Finished}\n");
|
||||||
|
|
||||||
@@ -6428,12 +6411,9 @@ int tls13_recv_client_hello(TLS_CONNECT *conn)
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
uint8_t *record = conn->record;
|
uint8_t *record = conn->record;
|
||||||
size_t recordlen;
|
|
||||||
|
|
||||||
int client_verify = 0;
|
int client_verify = 0;
|
||||||
|
|
||||||
int protocol;
|
|
||||||
|
|
||||||
// client_hello
|
// client_hello
|
||||||
int legacy_version;
|
int legacy_version;
|
||||||
const uint8_t *random;
|
const uint8_t *random;
|
||||||
@@ -6441,8 +6421,6 @@ int tls13_recv_client_hello(TLS_CONNECT *conn)
|
|||||||
size_t legacy_session_id_len;
|
size_t legacy_session_id_len;
|
||||||
const uint8_t *cipher_suites;
|
const uint8_t *cipher_suites;
|
||||||
size_t cipher_suites_len;
|
size_t cipher_suites_len;
|
||||||
const uint8_t *legacy_comp_methods;
|
|
||||||
size_t legacy_comp_methods_len;
|
|
||||||
const uint8_t *exts;
|
const uint8_t *exts;
|
||||||
size_t extslen;
|
size_t extslen;
|
||||||
|
|
||||||
@@ -7197,7 +7175,6 @@ int tls13_send_hello_retry_request(TLS_CONNECT *conn)
|
|||||||
uint8_t exts[256];
|
uint8_t exts[256];
|
||||||
uint8_t *pexts = exts;
|
uint8_t *pexts = exts;
|
||||||
size_t extslen = 0;
|
size_t extslen = 0;
|
||||||
int curve_oid;
|
|
||||||
uint8_t cookie[256];
|
uint8_t cookie[256];
|
||||||
size_t cookie_len;
|
size_t cookie_len;
|
||||||
|
|
||||||
@@ -7280,12 +7257,9 @@ int tls13_recv_client_hello_again(TLS_CONNECT *conn)
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
uint8_t *record = conn->record;
|
uint8_t *record = conn->record;
|
||||||
size_t recordlen;
|
|
||||||
|
|
||||||
int client_verify = 0;
|
int client_verify = 0;
|
||||||
|
|
||||||
int protocol;
|
|
||||||
|
|
||||||
// ClientHello1
|
// ClientHello1
|
||||||
int _legacy_version;
|
int _legacy_version;
|
||||||
const uint8_t *_random;
|
const uint8_t *_random;
|
||||||
@@ -7293,8 +7267,6 @@ int tls13_recv_client_hello_again(TLS_CONNECT *conn)
|
|||||||
size_t _legacy_session_id_len;
|
size_t _legacy_session_id_len;
|
||||||
const uint8_t *_cipher_suites;
|
const uint8_t *_cipher_suites;
|
||||||
size_t _cipher_suites_len;
|
size_t _cipher_suites_len;
|
||||||
const uint8_t *_legacy_comp_methods;
|
|
||||||
size_t _legacy_comp_methods_len;
|
|
||||||
const uint8_t *_exts;
|
const uint8_t *_exts;
|
||||||
size_t _extslen;
|
size_t _extslen;
|
||||||
|
|
||||||
@@ -7305,8 +7277,6 @@ int tls13_recv_client_hello_again(TLS_CONNECT *conn)
|
|||||||
size_t legacy_session_id_len;
|
size_t legacy_session_id_len;
|
||||||
const uint8_t *cipher_suites;
|
const uint8_t *cipher_suites;
|
||||||
size_t cipher_suites_len;
|
size_t cipher_suites_len;
|
||||||
const uint8_t *legacy_comp_methods;
|
|
||||||
size_t legacy_comp_methods_len;
|
|
||||||
const uint8_t *exts;
|
const uint8_t *exts;
|
||||||
size_t extslen;
|
size_t extslen;
|
||||||
|
|
||||||
@@ -8107,7 +8077,6 @@ int tls13_send_server_finished(TLS_CONNECT *conn)
|
|||||||
if (conn->recordlen == 0) {
|
if (conn->recordlen == 0) {
|
||||||
uint8_t verify_data[64];
|
uint8_t verify_data[64];
|
||||||
size_t verify_data_len;
|
size_t verify_data_len;
|
||||||
uint8_t server_write_key[16];
|
|
||||||
|
|
||||||
// compute server verify_data before digest_update()
|
// compute server verify_data before digest_update()
|
||||||
tls13_compute_verify_data(conn->server_handshake_traffic_secret,
|
tls13_compute_verify_data(conn->server_handshake_traffic_secret,
|
||||||
@@ -8158,7 +8127,6 @@ int tls13_send_server_finished(TLS_CONNECT *conn)
|
|||||||
int tls13_recv_client_certificate(TLS_CONNECT *conn)
|
int tls13_recv_client_certificate(TLS_CONNECT *conn)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t padding_len;
|
|
||||||
const uint8_t *request_context;
|
const uint8_t *request_context;
|
||||||
size_t request_context_len;
|
size_t request_context_len;
|
||||||
const uint8_t *status_request_ocsp_response = NULL;
|
const uint8_t *status_request_ocsp_response = NULL;
|
||||||
@@ -8304,8 +8272,6 @@ int tls13_recv_client_finished(TLS_CONNECT *conn)
|
|||||||
const uint8_t *verify_data;
|
const uint8_t *verify_data;
|
||||||
size_t verify_data_len;
|
size_t verify_data_len;
|
||||||
|
|
||||||
uint8_t client_write_key[16];
|
|
||||||
|
|
||||||
tls_trace("recv client {Finished}\n");
|
tls_trace("recv client {Finished}\n");
|
||||||
if ((ret = tls_recv_record(conn)) != 1) {
|
if ((ret = tls_recv_record(conn)) != 1) {
|
||||||
if (ret != TLS_ERROR_RECV_AGAIN) {
|
if (ret != TLS_ERROR_RECV_AGAIN) {
|
||||||
@@ -8921,4 +8887,3 @@ int tls13_do_accept(TLS_CONNECT *conn)
|
|||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
46
src/xmss.c
46
src/xmss.c
@@ -478,7 +478,7 @@ void xmss_wots_pk_to_root(const xmss_wots_key_t in_pk,
|
|||||||
xmss_wots_key_t pk;
|
xmss_wots_key_t pk;
|
||||||
xmss_adrs_t adrs;
|
xmss_adrs_t adrs;
|
||||||
uint32_t tree_height = 0;
|
uint32_t tree_height = 0;
|
||||||
int len = XMSS_WOTS_NUM_CHAINS;
|
uint32_t len = XMSS_WOTS_NUM_CHAINS;
|
||||||
|
|
||||||
uint32_t i;
|
uint32_t i;
|
||||||
|
|
||||||
@@ -777,11 +777,11 @@ int xmss_key_update(XMSS_KEY *key)
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (key->index > (1 << height)) {
|
if (key->index > ((uint32_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (key->index == (1 << height)) {
|
if (key->index == ((uint32_t)1 << height)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
key->index++;
|
key->index++;
|
||||||
@@ -942,7 +942,7 @@ int xmss_private_key_from_bytes(XMSS_KEY *key, const uint8_t **in, size_t *inlen
|
|||||||
|
|
||||||
// index, allow index == 2^h, which means out-of-keys
|
// index, allow index == 2^h, which means out-of-keys
|
||||||
uint32_from_bytes(&key->index, in, inlen);
|
uint32_from_bytes(&key->index, in, inlen);
|
||||||
if (key->index > (1 << height)) {
|
if (key->index > ((uint32_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -1176,7 +1176,7 @@ int xmss_sign_init(XMSS_SIGN_CTX *ctx, XMSS_KEY *key)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
// check if out of keys
|
// check if out of keys
|
||||||
if (key->index >= (1 << height)) {
|
if (key->index >= ((uint32_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -1355,7 +1355,7 @@ int xmss_verify_update(XMSS_SIGN_CTX *ctx, const uint8_t *data, size_t datalen)
|
|||||||
|
|
||||||
int xmss_verify_finish(XMSS_SIGN_CTX *ctx)
|
int xmss_verify_finish(XMSS_SIGN_CTX *ctx)
|
||||||
{
|
{
|
||||||
size_t height, h;
|
size_t height;
|
||||||
uint32_t index;
|
uint32_t index;
|
||||||
xmss_hash256_t dgst;
|
xmss_hash256_t dgst;
|
||||||
xmss_adrs_t adrs;
|
xmss_adrs_t adrs;
|
||||||
@@ -1369,7 +1369,7 @@ int xmss_verify_finish(XMSS_SIGN_CTX *ctx)
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (ctx->xmss_sig.index >= (1 << height)) {
|
if (ctx->xmss_sig.index >= ((uint32_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -1478,7 +1478,7 @@ static uint64_t xmssmt_tree_address(uint64_t index, size_t height, size_t layers
|
|||||||
}
|
}
|
||||||
|
|
||||||
static uint64_t xmssmt_tree_index(uint64_t index, size_t height, size_t layers, size_t layer) {
|
static uint64_t xmssmt_tree_index(uint64_t index, size_t height, size_t layers, size_t layer) {
|
||||||
return (index >> (height/layers) * layer) % (1 << (height/layers));
|
return (index >> (height/layers) * layer) % ((uint64_t)1 << (height/layers));
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t xmssmt_num_trees_nodes(size_t height, size_t layers)
|
size_t xmssmt_num_trees_nodes(size_t height, size_t layers)
|
||||||
@@ -1655,8 +1655,8 @@ int xmssmt_key_update(XMSSMT_KEY *key)
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (key->index >= (1 << height)) {
|
if (key->index >= ((uint64_t)1 << height)) {
|
||||||
if (key->index == (1 << height)) {
|
if (key->index == ((uint64_t)1 << height)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
error_print();
|
error_print();
|
||||||
@@ -1681,7 +1681,7 @@ int xmssmt_key_update(XMSSMT_KEY *key)
|
|||||||
xmss_adrs_set_layer_address(adrs, layer + 1);
|
xmss_adrs_set_layer_address(adrs, layer + 1);
|
||||||
xmss_adrs_set_tree_address(adrs, xmssmt_tree_address(next_index, height, layers, layer + 1));
|
xmss_adrs_set_tree_address(adrs, xmssmt_tree_address(next_index, height, layers, layer + 1));
|
||||||
xmss_adrs_set_type(adrs, XMSS_ADRS_TYPE_OTS);
|
xmss_adrs_set_type(adrs, XMSS_ADRS_TYPE_OTS);
|
||||||
xmss_adrs_set_ots_address(adrs, xmssmt_tree_index(next_index, height, layers, layer + 1));
|
xmss_adrs_set_ots_address(adrs, (uint32_t)xmssmt_tree_index(next_index, height, layers, layer + 1));
|
||||||
xmss_wots_derive_sk(key->secret, key->public_key.seed, adrs, key->wots_sigs[layer]);
|
xmss_wots_derive_sk(key->secret, key->public_key.seed, adrs, key->wots_sigs[layer]);
|
||||||
xmss_root = tree[xmss_tree_root_offset(height/layers)];
|
xmss_root = tree[xmss_tree_root_offset(height/layers)];
|
||||||
xmss_wots_sign(key->wots_sigs[layer], key->public_key.seed, adrs, xmss_root, key->wots_sigs[layer]);
|
xmss_wots_sign(key->wots_sigs[layer], key->public_key.seed, adrs, xmss_root, key->wots_sigs[layer]);
|
||||||
@@ -1777,7 +1777,7 @@ int xmssmt_key_generate_ex(XMSSMT_KEY *key, uint32_t xmssmt_type,
|
|||||||
xmss_adrs_set_layer_address(adrs, layer + 1);
|
xmss_adrs_set_layer_address(adrs, layer + 1);
|
||||||
xmss_adrs_set_tree_address(adrs, xmssmt_tree_address(index, height, layers, layer + 1));
|
xmss_adrs_set_tree_address(adrs, xmssmt_tree_address(index, height, layers, layer + 1));
|
||||||
xmss_adrs_set_type(adrs, XMSS_ADRS_TYPE_OTS);
|
xmss_adrs_set_type(adrs, XMSS_ADRS_TYPE_OTS);
|
||||||
xmss_adrs_set_ots_address(adrs, xmssmt_tree_index(index, height, layers, layer + 1));
|
xmss_adrs_set_ots_address(adrs, (uint32_t)xmssmt_tree_index(index, height, layers, layer + 1));
|
||||||
xmss_wots_derive_sk(key->secret, key->public_key.seed, adrs, key->wots_sigs[layer]);
|
xmss_wots_derive_sk(key->secret, key->public_key.seed, adrs, key->wots_sigs[layer]);
|
||||||
|
|
||||||
|
|
||||||
@@ -1811,7 +1811,7 @@ int xmssmt_key_generate_ex(XMSSMT_KEY *key, uint32_t xmssmt_type,
|
|||||||
uint8_t *dgst = tree[xmss_tree_root_offset(height/layers)];
|
uint8_t *dgst = tree[xmss_tree_root_offset(height/layers)];
|
||||||
|
|
||||||
tree_address = xmssmt_tree_address(index, height, layers, layer + 1);
|
tree_address = xmssmt_tree_address(index, height, layers, layer + 1);
|
||||||
tree_index = xmssmt_tree_index(index, height, layers, layer + 1);
|
tree_index = (uint32_t)xmssmt_tree_index(index, height, layers, layer + 1);
|
||||||
|
|
||||||
xmss_adrs_set_layer_address(adrs, layer + 1);
|
xmss_adrs_set_layer_address(adrs, layer + 1);
|
||||||
xmss_adrs_set_tree_address(adrs, tree_address);
|
xmss_adrs_set_tree_address(adrs, tree_address);
|
||||||
@@ -1877,7 +1877,7 @@ int xmssmt_build_auth_path(const xmss_hash256_t *tree, size_t height, size_t lay
|
|||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < layers; i++) {
|
for (i = 0; i < layers; i++) {
|
||||||
uint64_t local_index = index & ((1 << (height/layers)) - 1);
|
uint64_t local_index = index & (((uint64_t)1 << (height/layers)) - 1);
|
||||||
xmss_build_auth_path(tree, height/layers, local_index, auth_path);
|
xmss_build_auth_path(tree, height/layers, local_index, auth_path);
|
||||||
auth_path += height/layers;
|
auth_path += height/layers;
|
||||||
index >>= height/layers;
|
index >>= height/layers;
|
||||||
@@ -1994,7 +1994,7 @@ int xmssmt_index_from_bytes(uint64_t *index, uint32_t xmssmt_type, const uint8_t
|
|||||||
*index = GETU64(bytes);
|
*index = GETU64(bytes);
|
||||||
|
|
||||||
// check value in [0, 2^height], 2^height means out of keys
|
// check value in [0, 2^height], 2^height means out of keys
|
||||||
if (*index > (1 << height)) {
|
if (*index > ((uint64_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -2081,7 +2081,6 @@ int xmssmt_signature_from_bytes(XMSSMT_SIGNATURE *sig, uint32_t xmssmt_type, con
|
|||||||
size_t layers;
|
size_t layers;
|
||||||
size_t siglen;
|
size_t siglen;
|
||||||
size_t layer;
|
size_t layer;
|
||||||
size_t i;
|
|
||||||
|
|
||||||
if (!sig || !in || !(*in) || !inlen) {
|
if (!sig || !in || !(*in) || !inlen) {
|
||||||
error_print();
|
error_print();
|
||||||
@@ -2111,7 +2110,7 @@ int xmssmt_signature_from_bytes(XMSSMT_SIGNATURE *sig, uint32_t xmssmt_type, con
|
|||||||
hash256_from_bytes(sig->random, in, inlen);
|
hash256_from_bytes(sig->random, in, inlen);
|
||||||
|
|
||||||
for (layer = 0; layer < layers; layer++) {
|
for (layer = 0; layer < layers; layer++) {
|
||||||
int i;
|
size_t i;
|
||||||
// wots_sig
|
// wots_sig
|
||||||
for (i = 0; i < 67; i++) {
|
for (i = 0; i < 67; i++) {
|
||||||
hash256_from_bytes(sig->wots_sigs[layer][i], in, inlen);
|
hash256_from_bytes(sig->wots_sigs[layer][i], in, inlen);
|
||||||
@@ -2250,7 +2249,7 @@ int xmssmt_sign_init(XMSSMT_SIGN_CTX *ctx, XMSSMT_KEY *key)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (key->index >= (1 << height)) {
|
if (key->index >= ((uint64_t)1 << height)) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -2274,7 +2273,7 @@ int xmssmt_sign_init(XMSSMT_SIGN_CTX *ctx, XMSSMT_KEY *key)
|
|||||||
xmss_hash256_t *tree;
|
xmss_hash256_t *tree;
|
||||||
xmss_hash256_t *auth_path;
|
xmss_hash256_t *auth_path;
|
||||||
tree = key->trees + xmss_num_tree_nodes(height/layers) * layer;
|
tree = key->trees + xmss_num_tree_nodes(height/layers) * layer;
|
||||||
tree_index = xmssmt_tree_index(ctx->xmssmt_sig.index, height, layers, layer);
|
tree_index = (uint32_t)xmssmt_tree_index(ctx->xmssmt_sig.index, height, layers, layer);
|
||||||
auth_path = ctx->xmssmt_sig.auth_path + (height/layers) * layer;
|
auth_path = ctx->xmssmt_sig.auth_path + (height/layers) * layer;
|
||||||
xmss_build_auth_path(tree, height/layers, tree_index, auth_path);
|
xmss_build_auth_path(tree, height/layers, tree_index, auth_path);
|
||||||
}
|
}
|
||||||
@@ -2291,7 +2290,7 @@ int xmssmt_sign_init(XMSSMT_SIGN_CTX *ctx, XMSSMT_KEY *key)
|
|||||||
// derive wots_sk and save to wots_sigs[0]
|
// derive wots_sk and save to wots_sigs[0]
|
||||||
layer = 0;
|
layer = 0;
|
||||||
tree_address = xmssmt_tree_address(ctx->xmssmt_sig.index, height, layers, layer);
|
tree_address = xmssmt_tree_address(ctx->xmssmt_sig.index, height, layers, layer);
|
||||||
tree_index = xmssmt_tree_index(ctx->xmssmt_sig.index, height, layers, layer);
|
tree_index = (uint32_t)xmssmt_tree_index(ctx->xmssmt_sig.index, height, layers, layer);
|
||||||
xmss_adrs_set_layer_address(adrs, layer);
|
xmss_adrs_set_layer_address(adrs, layer);
|
||||||
xmss_adrs_set_tree_address(adrs, tree_address);
|
xmss_adrs_set_tree_address(adrs, tree_address);
|
||||||
xmss_adrs_set_type(adrs, XMSS_ADRS_TYPE_OTS);
|
xmss_adrs_set_type(adrs, XMSS_ADRS_TYPE_OTS);
|
||||||
@@ -2346,7 +2345,7 @@ int xmssmt_sign_finish_ex(XMSSMT_SIGN_CTX *ctx, XMSSMT_SIGNATURE *sig)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
tree_address = xmssmt_tree_address(ctx->xmssmt_sig.index, height, layers, layer);
|
tree_address = xmssmt_tree_address(ctx->xmssmt_sig.index, height, layers, layer);
|
||||||
tree_index = xmssmt_tree_index(ctx->xmssmt_sig.index, height, layers, layer);
|
tree_index = (uint32_t)xmssmt_tree_index(ctx->xmssmt_sig.index, height, layers, layer);
|
||||||
|
|
||||||
xmss_adrs_set_layer_address(adrs, layer);
|
xmss_adrs_set_layer_address(adrs, layer);
|
||||||
xmss_adrs_set_tree_address(adrs, tree_address);
|
xmss_adrs_set_tree_address(adrs, tree_address);
|
||||||
@@ -2386,7 +2385,6 @@ int xmssmt_sign_finish(XMSSMT_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen)
|
|||||||
int xmssmt_verify_init_ex(XMSSMT_SIGN_CTX *ctx, const XMSSMT_KEY *key, const XMSSMT_SIGNATURE *sig)
|
int xmssmt_verify_init_ex(XMSSMT_SIGN_CTX *ctx, const XMSSMT_KEY *key, const XMSSMT_SIGNATURE *sig)
|
||||||
{
|
{
|
||||||
xmss_hash256_t hash256_index;
|
xmss_hash256_t hash256_index;
|
||||||
xmss_adrs_t adrs;
|
|
||||||
|
|
||||||
if (!ctx || !key || !sig) {
|
if (!ctx || !key || !sig) {
|
||||||
error_print();
|
error_print();
|
||||||
@@ -2419,7 +2417,6 @@ int xmssmt_verify_init_ex(XMSSMT_SIGN_CTX *ctx, const XMSSMT_KEY *key, const XMS
|
|||||||
int xmssmt_verify_init(XMSSMT_SIGN_CTX *ctx, const XMSSMT_KEY *key, const uint8_t *sig, size_t siglen)
|
int xmssmt_verify_init(XMSSMT_SIGN_CTX *ctx, const XMSSMT_KEY *key, const uint8_t *sig, size_t siglen)
|
||||||
{
|
{
|
||||||
xmss_hash256_t hash256_index;
|
xmss_hash256_t hash256_index;
|
||||||
xmss_adrs_t adrs;
|
|
||||||
if (!ctx || !key || !sig) {
|
if (!ctx || !key || !sig) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
@@ -2484,7 +2481,7 @@ int xmssmt_verify_finish(XMSSMT_SIGN_CTX *ctx)
|
|||||||
|
|
||||||
for (layer = 0; layer < layers; layer++) {
|
for (layer = 0; layer < layers; layer++) {
|
||||||
uint64_t tree_address = xmssmt_tree_address(ctx->xmssmt_sig.index, height, layers, layer);
|
uint64_t tree_address = xmssmt_tree_address(ctx->xmssmt_sig.index, height, layers, layer);
|
||||||
uint32_t tree_index = xmssmt_tree_index(ctx->xmssmt_sig.index, height, layers, layer);
|
uint32_t tree_index = (uint32_t)xmssmt_tree_index(ctx->xmssmt_sig.index, height, layers, layer);
|
||||||
xmss_wots_key_t wots_pk;
|
xmss_wots_key_t wots_pk;
|
||||||
|
|
||||||
// wots_sig, dgst => wots_pk
|
// wots_sig, dgst => wots_pk
|
||||||
@@ -2650,4 +2647,3 @@ int xmssmt_private_key_from_file(XMSSMT_KEY *key, FILE *fp)
|
|||||||
free(keybuf);
|
free(keybuf);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -28,7 +28,6 @@ static int test_secp256r1(void)
|
|||||||
{
|
{
|
||||||
secp256r1_t a;
|
secp256r1_t a;
|
||||||
secp256r1_t b;
|
secp256r1_t b;
|
||||||
secp256r1_t r;
|
|
||||||
uint8_t buf[32];
|
uint8_t buf[32];
|
||||||
|
|
||||||
secp256r1_set_zero(a);
|
secp256r1_set_zero(a);
|
||||||
|
|||||||
@@ -386,7 +386,6 @@ static int test_tls_signature_algorithms_ext(void)
|
|||||||
int ext_type;
|
int ext_type;
|
||||||
const uint8_t *ext_data;
|
const uint8_t *ext_data;
|
||||||
size_t ext_datalen;
|
size_t ext_datalen;
|
||||||
size_t i;
|
|
||||||
|
|
||||||
if (tls_signature_algorithms_ext_to_bytes(client_sig_algs, client_sig_algs_cnt, &p, &len) != 1) {
|
if (tls_signature_algorithms_ext_to_bytes(client_sig_algs, client_sig_algs_cnt, &p, &len) != 1) {
|
||||||
error_print();
|
error_print();
|
||||||
@@ -435,7 +434,6 @@ static int test_tls13_signature_algorithms_cert_ext(void)
|
|||||||
int ext_type;
|
int ext_type;
|
||||||
const uint8_t *ext_data;
|
const uint8_t *ext_data;
|
||||||
size_t ext_datalen;
|
size_t ext_datalen;
|
||||||
size_t i;
|
|
||||||
|
|
||||||
if (tls13_signature_algorithms_cert_ext_to_bytes(
|
if (tls13_signature_algorithms_cert_ext_to_bytes(
|
||||||
client_sig_algs, client_sig_algs_cnt, &p, &len) != 1) {
|
client_sig_algs, client_sig_algs_cnt, &p, &len) != 1) {
|
||||||
@@ -481,7 +479,7 @@ static int test_tls13_ticket(void)
|
|||||||
uint8_t resumption_master_secret[48] = { 1, 2, 3, };
|
uint8_t resumption_master_secret[48] = { 1, 2, 3, };
|
||||||
int protocol_version = TLS_protocol_tls13;
|
int protocol_version = TLS_protocol_tls13;
|
||||||
int cipher_suite = TLS_cipher_sm4_gcm_sm3;
|
int cipher_suite = TLS_cipher_sm4_gcm_sm3;
|
||||||
uint32_t ticket_issue_time = time(NULL);
|
uint32_t ticket_issue_time = (uint32_t)time(NULL);
|
||||||
uint32_t ticket_lifetime = 60 * 60 * 24;
|
uint32_t ticket_lifetime = 60 * 60 * 24;
|
||||||
|
|
||||||
uint8_t ticket[12 + 60 + 16];
|
uint8_t ticket[12 + 60 + 16];
|
||||||
|
|||||||
@@ -78,7 +78,6 @@ static int test_x509_key_generate(void)
|
|||||||
|
|
||||||
static int test_x509_public_key_to_bytes(void)
|
static int test_x509_public_key_to_bytes(void)
|
||||||
{
|
{
|
||||||
X509_KEY key;
|
|
||||||
uint8_t buf[1568]; // kyber-1024
|
uint8_t buf[1568]; // kyber-1024
|
||||||
uint8_t *p;
|
uint8_t *p;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
|||||||
Reference in New Issue
Block a user