10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
...
132
133
134
135
136
137
138
139
140
|
end;
toobig = -lib.pk.MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
}
const.maxpemsz = math.floor((const.keybits / 8)*6.4) + 128 -- idk why this formula works but it basically seems to
local ctx = lib.pk.mbedtls_pk_context
local m = {
pemfile = uint8[const.maxpemsz];
}
local callbacks = {}
if config.feat.randomizer == 'kern' then
local rnd = terralib.externfunction('getrandom', {&opaque, intptr, uint} -> ptrdiff);
terra callbacks.randomize(ctx: &opaque, dest: &uint8, sz: intptr): int
return rnd(dest, sz, 0)
end
................................................................................
if lib.pk.mbedtls_pk_verify(pk, hk, hash, 0, [&uint8](sig), siglen) == 0 then
return true, secl
end
end
lib.dbg('all hash algorithms failed')
return false, 0
end
return m
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
...
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
end;
toobig = -lib.pk.MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
}
const.maxpemsz = math.floor((const.keybits / 8)*6.4) + 128 -- idk why this formula works but it basically seems to
local ctx = lib.pk.mbedtls_pk_context
local struct hashalg { id: uint8 bytes: intptr }
local m = {
pemfile = uint8[const.maxpemsz];
alg = {
sha1 = `hashalg {id = lib.md.MBEDTLS_MD_SHA1; bytes = 160/8};
sha256 = `hashalg {id = lib.md.MBEDTLS_MD_SHA256; bytes = 256/8};
sha512 = `hashalg {id = lib.md.MBEDTLS_MD_SHA512; bytes = 512/8};
sha384 = `hashalg {id = lib.md.MBEDTLS_MD_SHA384; bytes = 384/8};
sha224 = `hashalg {id = lib.md.MBEDTLS_MD_SHA224; bytes = 224/8};
-- md5 = {id = lib.md.MBEDTLS_MD_MD5};-- !!!
};
}
local callbacks = {}
if config.feat.randomizer == 'kern' then
local rnd = terralib.externfunction('getrandom', {&opaque, intptr, uint} -> ptrdiff);
terra callbacks.randomize(ctx: &opaque, dest: &uint8, sz: intptr): int
return rnd(dest, sz, 0)
end
................................................................................
if lib.pk.mbedtls_pk_verify(pk, hk, hash, 0, [&uint8](sig), siglen) == 0 then
return true, secl
end
end
lib.dbg('all hash algorithms failed')
return false, 0
end
terra m.hmac(alg: hashalg, key: lib.mem.ptr(uint8), txt: lib.mem.ptr(int8), buf: &uint8)
lib.md.mbedtls_md_hmac(
lib.md.mbedtls_md_info_from_type(alg.id),
key.ptr, key.ct,
[&uint8](txt.ptr), txt.ct,
buf) -- sz(buf) >= hash output size
end
terra m.hmaca(alg: hashalg, key: lib.mem.ptr(uint8), txt: lib.mem.ptr(int8))
var buf = lib.mem.heapa(uint8, alg.bytes)
m.hmac(alg, key, txt, buf.ptr)
return buf
end
terra m.hotp(key: &(uint8[10]), counter: uint64)
var hmac: uint8[20]
var ctr = [lib.mem.ptr(int8)]{ptr = [&int8](&counter), ct = 8}
m.hmac(m.alg.sha1,
[lib.mem.ptr(uint8)]{ptr = [&uint8](key), ct = 10},
ctr, hmac)
var ofs = hmac[19] and 0x0F
var p: uint8[4]
for i=0,4 do p[i] = hmac[ofs + i] end
return (@[&uint32](&p)) and 0x7FFFFFFF -- one hopes it's that easy
end
return m
|