diff --git a/aes_tab.c b/aes_tab.c index 6088576e..398bf843 100644 --- a/aes_tab.c +++ b/aes_tab.c @@ -1,4 +1,4 @@ -/* The precompute tables for AES */ +/* The precomputed tables for AES */ static const unsigned long ft_tab[4][256] = { {0xa56363c6UL, 0x847c7cf8UL, 0x997777eeUL, 0x8d7b7bf6UL, 0x0df2f2ffUL, diff --git a/bits.c b/bits.c index 1a25754b..60e3a438 100644 --- a/bits.c +++ b/bits.c @@ -20,9 +20,15 @@ static unsigned long rng_nix(unsigned char *buf, unsigned long len, if (f == NULL) { return 0; } + + /* disable buffering */ + if (setvbuf(f, NULL, _IONBF, 0) != 0) { + fclose(f); + return 0; + } x = (unsigned long)fread(buf, 1, (size_t)len, f); - (void)fclose(f); + fclose(f); return x; #endif /* NO_FILE */ } @@ -172,7 +178,7 @@ int rng_make_prng(int bits, int wprng, prng_state *prng, return err; } - bits = ((bits/8)+((bits&7)==0x80?1:0)) * 2; + bits = ((bits/8)+((bits&7)!=0?1:0)) * 2; if (rng_get_bytes(buf, (unsigned long)bits, callback) != (unsigned long)bits) { return CRYPT_ERROR_READPRNG; } diff --git a/blowfish.c b/blowfish.c index 3dbe2668..db8fc1a8 100644 --- a/blowfish.c +++ b/blowfish.c @@ -387,7 +387,7 @@ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key) { _blowfish_ecb_encrypt(pt, ct, key); - burn_stack(sizeof(unsigned long) * 2); + burn_stack(sizeof(unsigned long) * 2 + sizeof(int)); } #endif @@ -429,7 +429,7 @@ void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_ void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key) { _blowfish_ecb_decrypt(ct, pt, key); - burn_stack(sizeof(unsigned long) * 2); + burn_stack(sizeof(unsigned long) * 2 + sizeof(int)); } #endif diff --git a/cbc.c b/cbc.c index e22755cc..bd08bee7 100644 --- a/cbc.c +++ b/cbc.c @@ -42,6 +42,11 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_CBC *cbc) if ((err = cipher_is_valid(cbc->cipher)) != CRYPT_OK) { return err; } + + /* is blocklen valid? */ + if (cbc->blocklen < 0 || cbc->blocklen > (int)sizeof(cbc->IV)) { + return CRYPT_INVALID_ARG; + } /* xor IV against plaintext */ for (x = 0; x < cbc->blocklen; x++) { @@ -76,6 +81,11 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_CBC *cbc) return err; } cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key); + + /* is blocklen valid? */ + if (cbc->blocklen < 0 || cbc->blocklen > (int)sizeof(cbc->IV)) { + return CRYPT_INVALID_ARG; + } /* xor IV against the plaintext of the previous step */ for (x = 0; x < cbc->blocklen; x++) { diff --git a/cfb.c b/cfb.c index b5d3cecb..39c91051 100644 --- a/cfb.c +++ b/cfb.c @@ -14,6 +14,7 @@ int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key, if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { return err; } + /* copy data */ cfb->cipher = cipher; @@ -44,6 +45,13 @@ int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s if ((err = cipher_is_valid(cfb->cipher)) != CRYPT_OK) { return err; } + + /* is blocklen/padlen valid? */ + if (cfb->blocklen < 0 || cfb->blocklen > (int)sizeof(cfb->IV) || + cfb->padlen < 0 || cfb->padlen > (int)sizeof(cfb->pad)) { + return CRYPT_INVALID_ARG; + } + while (len-- > 0) { if (cfb->padlen == cfb->blocklen) { cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key); @@ -68,6 +76,13 @@ int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s if ((err = cipher_is_valid(cfb->cipher)) != CRYPT_OK) { return err; } + + /* is blocklen/padlen valid? */ + if (cfb->blocklen < 0 || cfb->blocklen > (int)sizeof(cfb->IV) || + cfb->padlen < 0 || cfb->padlen > (int)sizeof(cfb->pad)) { + return CRYPT_INVALID_ARG; + } + while (len-- > 0) { if (cfb->padlen == cfb->blocklen) { cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key); diff --git a/changes b/changes index d80dd95b..a000c164 100644 --- a/changes +++ b/changes @@ -1,3 +1,14 @@ +Mar 15th, 2003 +v0.82 -- Manual updated + -- Added MSVC makefile [back, actually its written from scratch to work with NMAKE] + -- Change to HMAC helper functions API to avoid buffer overflow [source changes] + -- the rsa_encrypt_key was supposed to reject key sizes out of bounds ... + same fix to the rsa_sign_hash + -- Added code to ensure that that chaining mode code (cfb/ofb/ctr/cbc) have valid + structures when being called. E.g. the indexes to the pad/ivs are not out of bounds + -- Cleaned up the DES code and simplified the core desfunc routine. + -- Simplified one of the boolean functions in MD4 + Jan 16th, 2003 v0.81 -- Merged in new makefile from Clay Culver and Mike Frysinger -- Sped up the ECC mulmod() routine by making the word size adapt to the input. Saves a whopping 9 point diff --git a/config.pl.README b/config.pl.README deleted file mode 100644 index 00b927bf..00000000 --- a/config.pl.README +++ /dev/null @@ -1,18 +0,0 @@ -How to use the config.pl script -------------------------------- - -The configuration script "config.pl" is very simple to use. It is designed to prompt the user for -all the valid libtomcrypt build options then make "makefile.out" and "mycrypt_custom.h". In order to -run the script you need Perl installed. - -After running the script you can build the library two ways. - -1) Use the makefile.out it generates. Simply type "make -f makefile.out" to build the library. - -2) Add the libtomcrypt source files to your project. You have to make sure HAVE_CUSTOM is defined when you -build the source files. You have to copy "mycrypt_custom.h" into the your projects include path. - -You should copy the library and header files to their respective global search paths. - -To use the library with this system you need only include "mycrypt_custom.h" in your application. It will -include the required header files. diff --git a/crypt.pdf b/crypt.pdf index 6cd134fb..905ba343 100644 Binary files a/crypt.pdf and b/crypt.pdf differ diff --git a/crypt.tex b/crypt.tex index 363ec7a3..e94a7c39 100644 --- a/crypt.tex +++ b/crypt.tex @@ -1,6 +1,10 @@ \documentclass{book} \usepackage{makeidx} \usepackage{amssymb} +\usepackage{color} +\usepackage{alltt} +\usepackage{graphicx} +\usepackage{layout} \def\union{\cup} \def\intersect{\cap} \def\getsrandom{\stackrel{\rm R}{\gets}} @@ -44,17 +48,17 @@ \def\gap{\vspace{0.5ex}} \makeindex \begin{document} -\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.80} +\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.82} \author{Tom St Denis \\ Algonquin College \\ \\ -tomstdenis@yahoo.com \\ -http://libtomcrypt.iahu.ca \\ \\ +tomstdenis@iahu.ca \\ +http://libtomcrypt.org \\ \\ Phone: 1-613-836-3160\\ 111 Banning Rd \\ Kanata, Ontario \\ K2L 1C3 \\ -Canada +Canada } \maketitle \newpage @@ -66,10 +70,14 @@ pseudo-random number generators, public key cryptography (via RSA,DH or ECC/DH) routines. It is designed to compile out of the box with the GNU C Compiler (GCC) version 2.95.3 (and higher) and with MSVC version 6 in win32. +The library has been successfully tested on quite a few other platforms ranging from the ARM7TDMI in a +Gameboy Advanced to various PowerPC processors and even the MIPS processor in the PlayStation 2. Suffice it +to say the code is portable. + The library is designed so new ciphers/hashes/PRNGs can be added at runtime and the existing API (and helper API functions) will be able to use the new designs automatically. There exist self-check functions for each cipher and hash to ensure that they compile and execute to the published design specifications. The library also performs extensive parameter error checking -and will give verbose error messages. +and will give verbose error messages when possible. Essentially the library saves the time of having to implement the ciphers, hashes, prngs yourself. Typically implementing useful cryptography is an error prone business which means anything that can save considerable time and effort is a good @@ -89,11 +97,11 @@ number theory and cryptography. \subsection{What the library IS NOT for?} -The library is not designed to be in anyway an implementation of the SSL, PKCS or OpenPGP standards. The library is not -designed to be compliant with any known form of API or programming hierarchy. It is not a port of any other +The library is not designed to be in anyway an implementation of the SSL, PKCS, P1363 or OpenPGP standards. The library +is not designed to be compliant with any known form of API or programming hierarchy. It is not a port of any other library and it is not platform specific (like the MS CSP). So if you're looking to drop in some buzzword -compliant crypto this library is not for you. The library has been written from scratch to provide basic -functions as well as non-standard higher level functions. +compliant crypto library this is not for you. The library has been written from scratch to provide basic functions as +well as non-standard higher level functions. This is not to say that the library is a ``homebrew'' project. All of the symmetric ciphers and one-way hash functions conform to published test vectors. The public key functions are derived from publicly available material and the majority @@ -101,8 +109,11 @@ of the code has been reviewed by a growing community of developers. \subsubsection{Why not?} You may be asking why I didn't choose to go all out and support standards like P1363, PKCS and the whole lot. The reason -is quite simple too much money gets in the way. I just recently tried to access the P1363 draft documents and was denied (it -requires a password). If people are supposed to support these standards they had better make them more accessible. +is quite simple too much money gets in the way. When I tried to access the P1363 draft documents and was denied (it +requires a password) I realized that they're just a business anyways. See what happens is a company will sit down and +invent a ``standard''. Then they try to sell it to as many people as they can. All of a sudden this ``standard'' is +everywhere. Then the standard is updated every so often to keep people dependent. Then you become RSA. If people are +supposed to support these standards they had better make them more accessible. \section{Why did I write it?} You may be wondering, ``Tom, why did you write a crypto library. I already have one.''. Well the reason falls into @@ -122,6 +133,29 @@ know how to use Safer+ or RC6 or Serpent or ... as well. With all of the core f that can be used to make a program automatically pick between ciphers, hashes and PRNGs at runtime. That means your application can support all ciphers/hashes/prngs without changing the source code. +\subsection{Modular} +The LibTomCrypt package has also been written to be very modular. The block ciphers, one-way hashes and +pseudo-random number generators (PRNG) are all used within the API through ``descriptor'' tables which +are essentially structures with pointers to functions. While you can still call particular functions +directly (\textit{e.g. sha256\_process()}) this descriptor interface allows the developer to customize their +usage of the library. + +For example, consider a hardware platform with a specialized RNG device. Obviously one would like to tap +that for the PRNG needs within the library (\textit{e.g. making a RSA key}). All the developer has todo +is write a descriptor and the few support routines required for the device. After that the rest of the +API can make use of it without change. Similiarly imagine a few years down the road when AES2 (\textit{or whatever they call it}) is +invented. It can be added to the library and used within applications with zero modifications to the +end applications provided they are written properly. + +This flexibility within the library means it can be used with any combination of primitive algorithms and +unlike libraries like OpenSSL is not tied to direct routines. For instance, in OpenSSL there are CBC block +mode routines for every single cipher. That means every time you add or remove a cipher from the library +you have to update the associated support code as well. In LibTomCrypt the associated code (\textit{chaining modes in this case}) +are not directly tied to the ciphers. That is a new cipher can be added to the library by simply providing +the key setup, ECB decrypt and encrypt and test vector routines. After that all five chaining mode routines +can make use of the cipher right away. + + \section{License} All of the source code except for the following files have been written by the author or donated to the project @@ -129,21 +163,24 @@ under the TDCAL license: \begin{enumerate} \item aes.c - \item mpi.c \item rc2.c \item serpent.c \item safer.c \end{enumerate} ``aes.c'' and ``serpent.c'' were written by Brian Gladman (gladman@seven77.demon.co.uk). They are copyrighted works -but were both granted unrestricted usage in any project (commercial or otherwise). ``mpi.c'' was written by Michael -Fromberger (sting@linguist.dartmouth.edu). Similarly it is copyrighted work but is free for all purposes. +but were both granted unrestricted usage in any project (commercial or otherwise). ``mpi.c'' was originally written +by Michael Fromberger (sting@linguist.dartmouth.edu) but has since been replaced with my LibTomMath library. ``rc2.c'' is based on publicly available code that is not attributed to a person from the given source. ``safer.c'' was written by Richard De Moliner (demoliner@isi.ee.ethz.ch) and is public domain. The rest of the code was written either by Tom St Denis or contributed to the project under the ``Tom Doesn't Care About Licenses'' (TDCAL) license. Essentially this license grants the user unlimited distribution and usage (including -commercial usage). I assume no risk from usage of the code nor do I guarantee it works as desired or stated. +commercial usage). This means that you can use the package, you can re-distribute the package and even branch it. I +still retain ownership over the name of the package. If you want to branch the project you can use the code as a base +but you must change the name. The package is also royalty free which means you can use it in commercial products +without compensation towards the author. I assume no risk from usage of the code nor do I guarantee it works as +desired or stated. \section{Patent Disclosure} @@ -163,19 +200,16 @@ file ``libtomcrypt.a''. To install the library copy all of the ``.h'' files into your ``\#include'' path and the single libtomcrypt.a file into your library path. -With MSVC you can build the library with ``make -f makefile.vc''. You must use GNU make to build it even with MSVC -due to the limitations of the MS MAKE. +With MSVC you can build the library with ``nmake -f makefile.msvc''. This will produce a ``tomcrypt.lib'' file which +is the core library. Copy the header files into your MSVC include path and the library in the lib path (typically +under where VC98 is installed). \section{Building against the library} -To build an application against the library you obviously must first compile the library. However, an important -step is that the build options you use to build the library must be present when you build your application. For -instance if ``RC5'' is defined in the makefile when you built the library then you must ensure ``RC5'' is defined when -you build your application. - -The simplest way to work with this library is to take the makefile provided and simply add on your project to it as a -target (dependent on the library). That way you can be assured that the library and your application are in sync with -the build options you provide. +In the recent versions the build steps have changed. The build options are now stored in ``mycrypt\_custom.h'' and +no longer in the makefile. If you change a build option in that file you must re-build the library from clean to +ensure the build is intact. The perl script ``config.pl'' will help setup the custom header and a custom makefile +if you want one (the provided ``makefile'' will work with custom configs). \section{Thanks} I would like to give thanks to the following people (in no particular order) for helping me develop this project: @@ -806,7 +840,7 @@ int main(void) /* add the message */ md5_process(&md, in, strlen(in)); - /* get the hash */ + /* get the hash in out[0..15] */ md5_done(&md, out); return 0; @@ -898,11 +932,12 @@ int hash_filehandle(int hash, FILE *in, unsigned char *dst, unsigned long *outlen); \end{verbatim} -Both functions return {\bf CRYPT\_OK} on success, otherwise they return an error code. The ``hash'' parameter is +All three functions return {\bf CRYPT\_OK} on success, otherwise they return an error code. The ``hash'' parameter is the location in the descriptor table of the hash. The ``*outlen'' variable is used to keep track of the output size. You must set it to the size of your output buffer before calling the functions. When they complete succesfully they store -the length of the message digest back in it. The functions are otherwise straightforward. The ``hash\_filehandle'' function -assumes that ``in'' is an file handle opened in binary mode. It will not reset the file position after hashing the content. +the length of the message digest back in it. The functions are otherwise straightforward. The ``hash\_filehandle'' +function assumes that ``in'' is an file handle opened in binary mode. It will not reset the file position after +hashing the content. To perform the above hash with md5 the following code could be used: \begin{small} @@ -992,23 +1027,29 @@ are finished with the HMAC process you must call the following function to get t int hmac_done(hmac_state *hmac, unsigned char *hash); \end{verbatim} ``hmac'' is the HMAC state you are working with. ``hash'' is the array of octets where the HMAC code should be stored. You -must ensure that your destination array is the right size (or just make it of size MAXBLOCKSIZE to be sure). There are -two utility functions provided to make using HMACs easier todo. +must ensure that your destination array is the right size (or just make it of size MAXBLOCKSIZE to be sure). + +There are two utility functions provided to make using HMACs easier todo. They accept the key and information about the +message (file pointer, address in memory) and produce the HMAC result in one shot. These are useful if you want to avoid +calling the three step process yourself. + \begin{verbatim} int hmac_memory(int hash, const unsigned char *key, unsigned long keylen, const unsigned char *data, unsigned long len, - unsigned char *dst); + unsigned char *dst, unsigned long *dstlen); \end{verbatim} -This will produce an HMAC code for the array of octets in ``data'' of length ``len''. The index into the hash descriptor table must be provided in ``hash'' -It uses the key from ``key'' with a key length of ``keylen''. The result is stored in the array of octets``dst''. -Similarly for files there is the following function: +This will produce an HMAC code for the array of octets in ``data'' of length ``len''. The index into the hash descriptor +table must be provided in ``hash'' it uses the key from ``key'' with a key length of ``keylen''. +The result is stored in the array of octets ``dst'' and the length in ``dstlen''. Similarly for files there is the +following function: \begin{verbatim} int hmac_file(int hash, const char *fname, const unsigned char *key, - unsigned long keylen, unsigned char *dst); + unsigned long keylen, + unsigned char *dst, unsigned long *dstlen); \end{verbatim} ``hash'' is the index into the hash descriptor table of the hash you want to use. ``fname'' is the filename to process. ``key'' -is the array of octets to use as the key. ``keylen'' is the length of the key. ``dst'' is the array of octets where the result -should be stored. +is the array of octets to use as the key. ``keylen'' is the length of the key. ``dst'' is the array of octets where the +result should be stored. To test if the HMAC code is working there is the following function: \begin{verbatim} @@ -2046,12 +2087,12 @@ int base64_decode(const unsigned char *in, unsigned long len, \end{verbatim} \section{The Multiple Precision Integer Library (MPI)} -The library comes with a copy of Michael Fromberger's\footnote{Michael J. Fromberger, sting@linguist.Thayer.dartmouth.edu} multiple -precision integer library MPI. MPI is a trivial to use ANSI C compatible large integer library. It is free for all uses and -is distributed freely. +The library comes with a copy of LibTomMath which is a multiple precision integer library written by the +author of LibTomCrypt. LibTomMath is a trivial to use ANSI C compatible large integer library which is free +for all uses and is distributed freely. -At the heart of all MPI functions is the data type ``mp\_int'' (defined in mpi.h). This data type is what will hold all large -integers. In order to use an mp\_int one must initialize it first, for example: +At the heart of all the functions is the data type ``mp\_int'' (defined in tommath.h). This data type is what +will hold all large integers. In order to use an mp\_int one must initialize it first, for example: \begin{verbatim} #include /* mycrypt.h includes mpi.h automatically */ int main(void) @@ -2065,31 +2106,28 @@ int main(void) } \end{verbatim} If you are unfamiliar with the syntax of C the \& symbol is used to pass the address of ``bignum'' to the function. All -MPI functions require the address of the parameters. To free the memory of a mp\_int use (for example): +LibTomMath functions require the address of the parameters. To free the memory of a mp\_int use (for example): \begin{verbatim} mp_clear(&bignum); \end{verbatim} -All MPI functions have the basic form of one of the following: +The functions also have the basic form of one of the following: \begin{verbatim} mp_XXX(mp_int *a); mp_XXX(mp_int *a, mp_int *b, mp_int *c); mp_XXX(mp_int *a, mp_int *b, mp_int *c, mp_int *d); \end{verbatim} -Where they perform some operation and store the result in the mp\_int variable passed on the far right. For example, to -compute $c = a + b \mbox{ }(\mbox{mod }m)$ you would call: +Where they perform some operation and store the result in the mp\_int variable passed on the far right. +For example, to compute $c = a + b \mbox{ }(\mbox{mod }m)$ you would call: \begin{verbatim} mp_addmod(&a, &b, &m, &c); \end{verbatim} -The simplest way to get a complete listing of all MPI functions is to open ``mpi.h'' and look. They're all fairly -well documented. - \subsection{Binary Forms of ``mp\_int'' Variables} -Often it is required to store a ``mp\_int'' in binary form for transport (e.g. exporting a key, packet encryption, etc.). -MPI includes two functions to help when exporting numbers: +Often it is required to store a ``mp\_int'' in binary form for transport (e.g. exporting a key, packet +encryption, etc.). LibTomMath includes two functions to help when exporting numbers: \begin{verbatim} int mp_raw_size(mp_int *num); mp_toraw(&num, buf); @@ -2135,9 +2173,8 @@ will not be able to sign or decrypt messages at all. Suppose $p$ was prime and the multi-prime RSA. Suppose $q = rs$ for two primes $r$ and $s$ then $\phi(pq) = (p - 1)(r - 1)(s - 1)$ which clearly is not equal to $(p - 1)(rs - 1)$. -These are not technically part of the MPI -library\footnote{As written by Michael Fromberger} but this is the best place to document them. To test if a ``mp\_int'' is -prime call: +These are not technically part of the LibTomMath library but this is the best place to document them. +To test if a ``mp\_int'' is prime call: \begin{verbatim} int is_prime(mp_int *N, int *result); \end{verbatim} @@ -2279,8 +2316,8 @@ or define ENDIAN\_64BITWORD when its 64-bits. If you do not define any of them which will work on all platforms. Currently the system will automatically detect GCC or MSVC on a windows platform as well as GCC on a PS2 platform. -\section{The makefile} -There are also options you can specify from the makefiles themselves. +\section{The Configure Script} +There are also options you can specify from the configure script or ``mycrypt\_config.h''. \subsubsection{X memory routines} The makefiles must define three macros denoted as XMALLOC, XCALLOC and XFREE which resolve to the name of the respective diff --git a/ctr.c b/ctr.c index 08abe1c6..c633a132 100644 --- a/ctr.c +++ b/ctr.c @@ -43,6 +43,12 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) { return err; } + + /* is blocklen/padlen valid? */ + if (ctr->blocklen < 0 || ctr->blocklen > (int)sizeof(ctr->ctr) || + ctr->padlen < 0 || ctr->padlen > (int)sizeof(ctr->pad)) { + return CRYPT_INVALID_ARG; + } while (len-- > 0) { /* is the pad empty? */ diff --git a/demos/hashsum.c b/demos/hashsum.c index 237467f5..b0606bde 100644 --- a/demos/hashsum.c +++ b/demos/hashsum.c @@ -7,7 +7,7 @@ * more functions ;) */ -#include +#include int errno; diff --git a/demos/test.c b/demos/test.c index c94a8b30..33c143d7 100644 --- a/demos/test.c +++ b/demos/test.c @@ -7,9 +7,9 @@ out the functionality of the library */ #include "timer.h" #endif -#include "../mycrypt.h" +#include -int errno; +int errnum; int @@ -128,8 +128,8 @@ ecb_tests (void) printf ("ECB tests\n"); for (x = 0; cipher_descriptor[x].name != NULL; x++) { printf (" %12s: ", cipher_descriptor[x].name); - if ((errno = cipher_descriptor[x].test ()) != CRYPT_OK) { - printf (" **failed** Reason: %s\n", error_to_string (errno)); + if ((errnum = cipher_descriptor[x].test ()) != CRYPT_OK) { + printf (" **failed** Reason: %s\n", error_to_string (errnum)); exit (-1); } else { printf ("passed\n"); @@ -154,17 +154,17 @@ cbc_tests (void) blk[x] = IV[x] = x; /* now lets start a cbc session */ - if ((errno = + if ((errnum = cbc_start (find_cipher ("blowfish"), IV, key, 16, 0, &cbc)) != CRYPT_OK) { - printf ("CBC Setup: %s\n", error_to_string (errno)); + printf ("CBC Setup: %s\n", error_to_string (errnum)); exit (-1); } /* now lets encode 32 bytes */ for (x = 0; x < 4; x++) { - if ((errno = cbc_encrypt (blk + 8 * x, ct + 8 * x, &cbc)) != CRYPT_OK) { - printf ("CBC encrypt: %s\n", error_to_string (errno)); + if ((errnum = cbc_encrypt (blk + 8 * x, ct + 8 * x, &cbc)) != CRYPT_OK) { + printf ("CBC encrypt: %s\n", error_to_string (errnum)); exit (-1); } } @@ -177,17 +177,17 @@ cbc_tests (void) IV[x] = x; /* now lets start a cbc session */ - if ((errno = + if ((errnum = cbc_start (find_cipher ("blowfish"), IV, key, 16, 0, &cbc)) != CRYPT_OK) { - printf ("CBC Setup: %s\n", error_to_string (errno)); + printf ("CBC Setup: %s\n", error_to_string (errnum)); exit (-1); } /* now lets decode 32 bytes */ for (x = 0; x < 4; x++) { - if ((errno = cbc_decrypt (ct + 8 * x, blk + 8 * x, &cbc)) != CRYPT_OK) { - printf ("CBC decrypt: %s\n", error_to_string (errno)); + if ((errnum = cbc_decrypt (ct + 8 * x, blk + 8 * x, &cbc)) != CRYPT_OK) { + printf ("CBC decrypt: %s\n", error_to_string (errnum)); exit (-1); } } @@ -240,16 +240,16 @@ ofb_tests (void) blk[x] = IV[x] = x; /* now lets start a ofb session */ - if ((errno = + if ((errnum = ofb_start (find_cipher ("cast5"), IV, key, 16, 0, &ofb)) != CRYPT_OK) { - printf ("OFB Setup: %s\n", error_to_string (errno)); + printf ("OFB Setup: %s\n", error_to_string (errnum)); exit (-1); } /* now lets encode 32 bytes */ for (x = 0; x < 4; x++) { - if ((errno = ofb_encrypt (blk + 8 * x, ct + 8 * x, 8, &ofb)) != CRYPT_OK) { - printf ("OFB encrypt: %s\n", error_to_string (errno)); + if ((errnum = ofb_encrypt (blk + 8 * x, ct + 8 * x, 8, &ofb)) != CRYPT_OK) { + printf ("OFB encrypt: %s\n", error_to_string (errnum)); exit (-1); } } @@ -262,16 +262,16 @@ ofb_tests (void) IV[x] = x; /* now lets start a ofb session */ - if ((errno = + if ((errnum = ofb_start (find_cipher ("cast5"), IV, key, 16, 0, &ofb)) != CRYPT_OK) { - printf ("OFB setup: %s\n", error_to_string (errno)); + printf ("OFB setup: %s\n", error_to_string (errnum)); exit (-1); } /* now lets decode 32 bytes */ for (x = 0; x < 4; x++) { - if ((errno = ofb_decrypt (ct + 8 * x, blk + 8 * x, 8, &ofb)) != CRYPT_OK) { - printf ("OFB decrypt: %s\n", error_to_string (errno)); + if ((errnum = ofb_decrypt (ct + 8 * x, blk + 8 * x, 8, &ofb)) != CRYPT_OK) { + printf ("OFB decrypt: %s\n", error_to_string (errnum)); exit (-1); } } @@ -307,17 +307,17 @@ cfb_tests (void) blk[x] = IV[x] = x; /* now lets start a cfb session */ - if ((errno = + if ((errnum = cfb_start (find_cipher ("blowfish"), IV, key, 16, 0, &cfb)) != CRYPT_OK) { - printf ("CFB setup: %s\n", error_to_string (errno)); + printf ("CFB setup: %s\n", error_to_string (errnum)); exit (-1); } /* now lets encode 32 bytes */ for (x = 0; x < 4; x++) { - if ((errno = cfb_encrypt (blk + 8 * x, ct + 8 * x, 8, &cfb)) != CRYPT_OK) { - printf ("CFB encrypt: %s\n", error_to_string (errno)); + if ((errnum = cfb_encrypt (blk + 8 * x, ct + 8 * x, 8, &cfb)) != CRYPT_OK) { + printf ("CFB encrypt: %s\n", error_to_string (errnum)); exit (-1); } } @@ -330,17 +330,17 @@ cfb_tests (void) IV[x] = x; /* now lets start a cfb session */ - if ((errno = + if ((errnum = cfb_start (find_cipher ("blowfish"), IV, key, 16, 0, &cfb)) != CRYPT_OK) { - printf ("CFB Setup: %s\n", error_to_string (errno)); + printf ("CFB Setup: %s\n", error_to_string (errnum)); exit (-1); } /* now lets decode 32 bytes */ for (x = 0; x < 4; x++) { - if ((errno = cfb_decrypt (ct + 8 * x, blk + 8 * x, 8, &cfb)) != CRYPT_OK) { - printf ("CFB decrypt: %s\n", error_to_string (errno)); + if ((errnum = cfb_decrypt (ct + 8 * x, blk + 8 * x, 8, &cfb)) != CRYPT_OK) { + printf ("CFB decrypt: %s\n", error_to_string (errnum)); exit (-1); } } @@ -378,17 +378,17 @@ ctr_tests (void) blk[x] = count[x] = x; /* now lets start a ctr session */ - if ((errno = + if ((errnum = ctr_start (find_cipher ("xtea"), count, key, 16, 0, &ctr)) != CRYPT_OK) { - printf ("CTR Setup: %s\n", error_to_string (errno)); + printf ("CTR Setup: %s\n", error_to_string (errnum)); exit (-1); } /* now lets encode 32 bytes */ for (x = 0; x < 4; x++) { - if ((errno = ctr_encrypt (blk + 8 * x, ct + 8 * x, 8, &ctr)) != CRYPT_OK) { - printf ("CTR encrypt: %s\n", error_to_string (errno)); + if ((errnum = ctr_encrypt (blk + 8 * x, ct + 8 * x, 8, &ctr)) != CRYPT_OK) { + printf ("CTR encrypt: %s\n", error_to_string (errnum)); exit (-1); } } @@ -401,17 +401,17 @@ ctr_tests (void) count[x] = x; /* now lets start a cbc session */ - if ((errno = + if ((errnum = ctr_start (find_cipher ("xtea"), count, key, 16, 0, &ctr)) != CRYPT_OK) { - printf ("CTR Setup: %s\n", error_to_string (errno)); + printf ("CTR Setup: %s\n", error_to_string (errnum)); exit (-1); } /* now lets decode 32 bytes */ for (x = 0; x < 4; x++) { - if ((errno = ctr_decrypt (ct + 8 * x, blk + 8 * x, 8, &ctr)) != CRYPT_OK) { - printf ("CTR decrypt: %s\n", error_to_string (errno)); + if ((errnum = ctr_decrypt (ct + 8 * x, blk + 8 * x, 8, &ctr)) != CRYPT_OK) { + printf ("CTR decrypt: %s\n", error_to_string (errnum)); exit (-1); } } @@ -457,10 +457,12 @@ hash_tests (void) printf ("Hash tests\n"); for (x = 0; hash_descriptor[x].name != NULL; x++) { printf (" %10s (%2d) ", hash_descriptor[x].name, hash_descriptor[x].ID); - if ((errno = hash_descriptor[x].test ()) != CRYPT_OK) - printf ("**failed** Reason: %s\n", error_to_string (errno)); - else + if ((errnum = hash_descriptor[x].test ()) != CRYPT_OK) { + printf ("**failed** Reason: %s\n", error_to_string (errnum)); + exit(-1); + } else { printf ("passed\n"); + } } } @@ -477,17 +479,17 @@ pad_test (void) /* pad the message so that random filler is placed before and after it */ y = 100; - if ((errno = + if ((errnum = rsa_pad (in, 16, out, &y, find_prng ("yarrow"), &prng)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } /* depad the message to get the original content */ memset (in, 0, sizeof (in)); x = 100; - if ((errno = rsa_depad (out, y, in, &x)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = rsa_depad (out, y, in, &x)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } @@ -516,25 +518,25 @@ rsa_test (void) /* ---- SINGLE ENCRYPT ---- */ /* encrypt a short 8 byte string */ - if ((errno = + if ((errnum = rsa_make_key (&prng, find_prng ("yarrow"), 1024 / 8, 65537, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } for (x = 0; x < 8; x++) in[x] = (unsigned char) (x + 1); y = sizeof (in); - if ((errno = rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } /* decrypt it */ zeromem (in, sizeof (in)); x = sizeof (out); - if ((errno = rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } @@ -551,16 +553,16 @@ rsa_test (void) for (x = 0; x < 16; x++) in[x] = x; y = sizeof (out); - if ((errno = + if ((errnum = rsa_encrypt_key (in, 16, out, &y, &prng, find_prng ("yarrow"), &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } zeromem (in, sizeof (in)); x = sizeof (in); - if ((errno = rsa_decrypt_key (out, y, in, &x, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = rsa_decrypt_key (out, y, in, &x, &key)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } printf ("RSA en/de crypt key routines: "); @@ -579,19 +581,19 @@ rsa_test (void) for (x = 0; x < 16; x++) in[x] = x; x = sizeof (in); - if ((errno = rsa_sign_hash (in, 16, out, &x, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = rsa_sign_hash (in, 16, out, &x, &key)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } printf ("RSA signed hash: %lu bytes\n", x); - if ((errno = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } printf ("Verify hash: %s, ", stat ? "passed" : "failed"); in[0] ^= 1; - if ((errno = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } printf ("%s\n", (!stat) ? "passed" : "failed"); @@ -612,10 +614,10 @@ rsa_test (void) for (z = 1024; z <= limit; z += 512) { t = XCLOCK (); for (tt = 0; tt < 3; tt++) { - if ((errno = + if ((errnum = rsa_make_key (&prng, find_prng ("yarrow"), z / 8, 65537, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } if (tt < 2) @@ -630,9 +632,9 @@ rsa_test (void) for (tt = 0; tt < 100; tt++) { y = sizeof (in); - if ((errno = + if ((errnum = rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } } @@ -644,9 +646,9 @@ rsa_test (void) t = XCLOCK (); for (tt = 0; tt < 100; tt++) { x = sizeof (out); - if ((errno = + if ((errnum = rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } } @@ -688,14 +690,14 @@ base64_test (void) x = 100; if (base64_encode (buf[0], 16, buf[1], &x) != CRYPT_OK) { - printf (" error: %s\n", error_to_string (errno)); + printf (" error: %s\n", error_to_string (errnum)); exit (-1); } printf (" encoded 16 bytes to %ld bytes...[%s]\n", x, buf[1]); memset (buf[0], 0, 100); y = 100; if (base64_decode (buf[1], x, buf[0], &y) != CRYPT_OK) { - printf (" error: %s\n", error_to_string (errno)); + printf (" error: %s\n", error_to_string (errnum)); exit (-1); } printf (" decoded %ld bytes to %ld bytes\n", x, y); @@ -726,7 +728,7 @@ time_hash (void) t1 = XCLOCK (); z = sizeof (out); y = 0; - while (XCLOCK () - t1 < (3 * XCLOCKS_PER_SEC)) { + while (XCLOCK () - t1 < (5 * XCLOCKS_PER_SEC)) { hash_memory (x, input, 4096, out, &z); hash_memory (x, input, 4096, out, &z); hash_memory (x, input, 4096, out, &z); @@ -743,7 +745,23 @@ time_hash (void) hash_memory (x, input, 4096, out, &z); hash_memory (x, input, 4096, out, &z); hash_memory (x, input, 4096, out, &z); - y += 16; + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + hash_memory (x, input, 4096, out, &z); + y += 32; } t1 = XCLOCK () - t1; printf ("%-20s: Hash at %5.2f Mbit/sec\n", hash_descriptor[x].name, @@ -825,33 +843,33 @@ dh_tests (void) dh_key usera, userb; clock_t t1; -/* if ((errno = dh_test()) != CRYPT_OK) printf("DH Error: %s\n", error_to_string(errno)); */ +/* if ((errnum = dh_test()) != CRYPT_OK) printf("DH Error: %s\n", error_to_string(errnum)); */ dh_sizes (&low, &high); printf ("DH Keys from %d to %d supported.\n", low * 8, high * 8); /* make up two keys */ - if ((errno = + if ((errnum = dh_make_key (&prng, find_prng ("yarrow"), 96, &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } - if ((errno = + if ((errnum = dh_make_key (&prng, find_prng ("yarrow"), 96, &userb)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } /* make the shared secret */ x = 4096; - if ((errno = dh_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = dh_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } y = 4096; - if ((errno = dh_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = dh_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } if (y != x) { @@ -865,20 +883,20 @@ dh_tests (void) /* now export userb */ y = 4096; - if ((errno = dh_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = dh_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } dh_free (&userb); /* import and make the shared secret again */ - if ((errno = dh_import (buf[1], y, &userb)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = dh_import (buf[1], y, &userb)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } z = 4096; - if ((errno = dh_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = dh_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } @@ -902,13 +920,13 @@ dh_tests (void) for (ii = 0; ii < (int) (sizeof (sizes) / sizeof (sizes[0])); ii++) { t1 = XCLOCK (); - for (tt = 0; tt < 50; tt++) { + for (tt = 0; tt < 5; tt++) { dh_make_key (&prng, find_prng ("yarrow"), sizes[ii], &usera); dh_free (&usera); } t1 = XCLOCK () - t1; printf ("Make dh-%d key took %f msec\n", sizes[ii] * 8, - 1000.0 * (((double) t1 / 50.0) / (double) XCLOCKS_PER_SEC)); + 1000.0 * (((double) t1 / 5.0) / (double) XCLOCKS_PER_SEC)); } } @@ -917,16 +935,16 @@ dh_tests (void) for (x = 0; x < 16; x++) buf[0][x] = x; y = sizeof (buf[1]); - if ((errno = + if ((errnum = dh_encrypt_key (buf[0], 16, buf[1], &y, &prng, find_prng ("yarrow"), find_hash ("md5"), &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } zeromem (buf[0], sizeof (buf[0])); x = sizeof (buf[0]); - if ((errno = dh_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = dh_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } printf ("DH en/de crypt key routines: "); @@ -945,19 +963,19 @@ dh_tests (void) for (x = 0; x < 16; x++) buf[0][x] = x; x = sizeof (buf[1]); - if ((errno = + if ((errnum = dh_sign_hash (buf[0], 16, buf[1], &x, &prng, find_prng ("yarrow"), &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } if (dh_verify_hash (buf[1], x, buf[0], 16, &stat, &usera)) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } buf[0][0] ^= 1; if (dh_verify_hash (buf[1], x, buf[0], 16, &stat2, &usera)) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } printf ("dh_sign/verify_hash: %s (%d,%d), %lu\n", @@ -1002,10 +1020,10 @@ rng_tests (void) printf ("\n"); #ifdef YARROW - if ((errno = + if ((errnum = rng_make_prng (128, find_prng ("yarrow"), &prng, &callback)) != CRYPT_OK) { - printf (" starting yarrow error: %s\n", error_to_string (errno)); + printf (" starting yarrow error: %s\n", error_to_string (errnum)); exit (-1); } #endif @@ -1021,8 +1039,8 @@ ecc_tests (void) ecc_key usera, userb; clock_t t1; - if ((errno = ecc_test ()) != CRYPT_OK) { - printf ("ecc Error: %s\n", error_to_string (errno)); + if ((errnum = ecc_test ()) != CRYPT_OK) { + printf ("ecc Error: %s\n", error_to_string (errnum)); exit (-1); } @@ -1030,27 +1048,27 @@ ecc_tests (void) printf ("ecc Keys from %d to %d supported.\n", low * 8, high * 8); /* make up two keys */ - if ((errno = + if ((errnum = ecc_make_key (&prng, find_prng ("yarrow"), 24, &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } - if ((errno = + if ((errnum = ecc_make_key (&prng, find_prng ("yarrow"), 24, &userb)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } /* make the shared secret */ x = 4096; - if ((errno = ecc_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = ecc_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } y = 4096; - if ((errno = ecc_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = ecc_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } @@ -1066,22 +1084,22 @@ ecc_tests (void) /* now export userb */ y = 4096; - if ((errno = ecc_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = ecc_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } ecc_free (&userb); printf ("ECC-192 export took %ld bytes\n", y); /* import and make the shared secret again */ - if ((errno = ecc_import (buf[1], y, &userb)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = ecc_import (buf[1], y, &userb)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } z = 4096; - if ((errno = ecc_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = ecc_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } @@ -1106,10 +1124,10 @@ ecc_tests (void) for (ii = 0; ii < (int) (sizeof (sizes) / sizeof (sizes[0])); ii++) { t1 = XCLOCK (); for (tt = 0; tt < 25; tt++) { - if ((errno = + if ((errnum = ecc_make_key (&prng, find_prng ("yarrow"), sizes[ii], &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } ecc_free (&usera); @@ -1121,28 +1139,28 @@ ecc_tests (void) } /* test encrypt_key */ - ecc_make_key (&prng, find_prng ("yarrow"), 65, &usera); - for (x = 0; x < 16; x++) + ecc_make_key (&prng, find_prng ("yarrow"), 28, &usera); + for (x = 0; x < 32; x++) buf[0][x] = x; y = sizeof (buf[1]); - if ((errno = - ecc_encrypt_key (buf[0], 16, buf[1], &y, &prng, find_prng ("yarrow"), - find_hash ("md5"), &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = + ecc_encrypt_key (buf[0], 32, buf[1], &y, &prng, find_prng ("yarrow"), + find_hash ("sha256"), &usera)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } zeromem (buf[0], sizeof (buf[0])); x = sizeof (buf[0]); - if ((errno = ecc_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + if ((errnum = ecc_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) { + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } printf ("ECC en/de crypt key routines: "); - if (x != 16) { + if (x != 32) { printf ("Failed (length)\n"); exit (-1); } - for (x = 0; x < 16; x++) + for (x = 0; x < 32; x++) if (buf[0][x] != x) { printf ("Failed (contents)\n"); exit (-1); @@ -1152,19 +1170,19 @@ ecc_tests (void) for (x = 0; x < 16; x++) buf[0][x] = x; x = sizeof (buf[1]); - if ((errno = + if ((errnum = ecc_sign_hash (buf[0], 16, buf[1], &x, &prng, find_prng ("yarrow"), &usera)) != CRYPT_OK) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } if (ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &usera)) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } buf[0][0] ^= 1; if (ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &usera)) { - printf ("Error: %s\n", error_to_string (errno)); + printf ("Error: %s\n", error_to_string (errnum)); exit (-1); } printf ("ecc_sign/verify_hash: %s (%d,%d)\n", @@ -1374,35 +1392,35 @@ kr_display (pk_key * kr) void kr_test_makekeys (pk_key ** kr) { - if ((errno = kr_init (kr)) != CRYPT_OK) { - printf ("KR init error %s\n", error_to_string (errno)); + if ((errnum = kr_init (kr)) != CRYPT_OK) { + printf ("KR init error %s\n", error_to_string (errnum)); exit (-1); } /* make a DH key */ printf ("KR: Making DH key...\n"); - if ((errno = + if ((errnum = kr_make_key (*kr, &prng, find_prng ("yarrow"), DH_KEY, 128, "dhkey", "dh@dh.dh", "dhkey one")) != CRYPT_OK) { - printf ("Make key error: %s\n", error_to_string (errno)); + printf ("Make key error: %s\n", error_to_string (errnum)); exit (-1); } /* make a ECC key */ printf ("KR: Making ECC key...\n"); - if ((errno = + if ((errnum = kr_make_key (*kr, &prng, find_prng ("yarrow"), ECC_KEY, 20, "ecckey", "ecc@ecc.ecc", "ecckey one")) != CRYPT_OK) { - printf ("Make key error: %s\n", error_to_string (errno)); + printf ("Make key error: %s\n", error_to_string (errnum)); exit (-1); } /* make a RSA key */ printf ("KR: Making RSA key...\n"); - if ((errno = + if ((errnum = kr_make_key (*kr, &prng, find_prng ("yarrow"), RSA_KEY, 128, "rsakey", "rsa@rsa.rsa", "rsakey one")) != CRYPT_OK) { - printf ("Make key error: %s\n", error_to_string (errno)); + printf ("Make key error: %s\n", error_to_string (errnum)); exit (-1); } @@ -1426,18 +1444,18 @@ kr_test (void) for (i = 0; i < 3; i++) { len = sizeof (buf); - if ((errno = kr_export (kr, kr->ID, kr->key_type, buf, &len)) != CRYPT_OK) { - printf ("Error exporting key %d, %s\n", i, error_to_string (errno)); + if ((errnum = kr_export (kr, kr->ID, kr->key_type, buf, &len)) != CRYPT_OK) { + printf ("Error exporting key %d, %s\n", i, error_to_string (errnum)); exit (-1); } printf ("Exported key was: %lu bytes\n", len); - if ((errno = kr_del (&kr, kr->ID)) != CRYPT_OK) { - printf ("Error deleting key %d, %s\n", i, error_to_string (errno)); + if ((errnum = kr_del (&kr, kr->ID)) != CRYPT_OK) { + printf ("Error deleting key %d, %s\n", i, error_to_string (errnum)); exit (-1); } kr_display (kr); - if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) { - printf ("Error importing key %d, %s\n", i, error_to_string (errno)); + if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) { + printf ("Error importing key %d, %s\n", i, error_to_string (errnum)); exit (-1); } kr_display (kr); @@ -1445,25 +1463,25 @@ kr_test (void) for (i = 0; i < 3; i++) { len = sizeof (buf); - if ((errno = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) { - printf ("Error exporting key %d, %s\n", i, error_to_string (errno)); + if ((errnum = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) { + printf ("Error exporting key %d, %s\n", i, error_to_string (errnum)); exit (-1); } printf ("Exported key was: %lu bytes\n", len); - if ((errno = kr_del (&kr, kr->ID)) != CRYPT_OK) { - printf ("Error deleting key %d, %s\n", i, error_to_string (errno)); + if ((errnum = kr_del (&kr, kr->ID)) != CRYPT_OK) { + printf ("Error deleting key %d, %s\n", i, error_to_string (errnum)); exit (-1); } kr_display (kr); - if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) { - printf ("Error importing key %d, %s\n", i, error_to_string (errno)); + if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) { + printf ("Error importing key %d, %s\n", i, error_to_string (errnum)); exit (-1); } kr_display (kr); } - if ((errno = kr_clear (&kr)) != CRYPT_OK) { - printf ("Error clearing ring: %s\n", error_to_string (errno)); + if ((errnum = kr_clear (&kr)) != CRYPT_OK) { + printf ("Error clearing ring: %s\n", error_to_string (errnum)); exit (-1); } @@ -1471,29 +1489,29 @@ kr_test (void) /* TEST output to file */ #ifndef NO_FILE - if ((errno = kr_init (&kr)) != CRYPT_OK) { - printf ("KR init error %s\n", error_to_string (errno)); + if ((errnum = kr_init (&kr)) != CRYPT_OK) { + printf ("KR init error %s\n", error_to_string (errnum)); exit (-1); } kr_test_makekeys (&kr); /* save to file */ f = fopen ("ring.dat", "wb"); - if ((errno = kr_save (kr, f, NULL)) != CRYPT_OK) { - printf ("kr_save error %s\n", error_to_string (errno)); + if ((errnum = kr_save (kr, f, NULL)) != CRYPT_OK) { + printf ("kr_save error %s\n", error_to_string (errnum)); exit (-1); } fclose (f); /* delete and load */ - if ((errno = kr_clear (&kr)) != CRYPT_OK) { - printf ("clear error: %s\n", error_to_string (errno)); + if ((errnum = kr_clear (&kr)) != CRYPT_OK) { + printf ("clear error: %s\n", error_to_string (errnum)); exit (-1); } f = fopen ("ring.dat", "rb"); - if ((errno = kr_load (&kr, f, NULL)) != CRYPT_OK) { - printf ("kr_load error %s\n", error_to_string (errno)); + if ((errnum = kr_load (&kr, f, NULL)) != CRYPT_OK) { + printf ("kr_load error %s\n", error_to_string (errnum)); exit (-1); } fclose (f); @@ -1501,8 +1519,8 @@ kr_test (void) printf ("After load and save...\n"); kr_display (kr); - if ((errno = kr_clear (&kr)) != CRYPT_OK) { - printf ("clear error: %s\n", error_to_string (errno)); + if ((errnum = kr_clear (&kr)) != CRYPT_OK) { + printf ("clear error: %s\n", error_to_string (errnum)); exit (-1); } #endif @@ -1516,16 +1534,16 @@ kr_test (void) printf ("Testing a key with system %d, type %d:\t", _kr->system, _kr->key_type); len = sizeof (buf2); - if ((errno = + if ((errnum = kr_encrypt_key (kr, _kr->ID, buf, 16, buf2, &len, &prng, find_prng ("yarrow"), find_hash ("md5"))) != CRYPT_OK) { - printf ("Encrypt error, %d, %s\n", i, error_to_string (errno)); + printf ("Encrypt error, %d, %s\n", i, error_to_string (errnum)); exit (-1); } len = sizeof (buf3); - if ((errno = kr_decrypt_key (kr, buf2, buf3, &len)) != CRYPT_OK) { - printf ("decrypt error, %d, %s\n", i, error_to_string (errno)); + if ((errnum = kr_decrypt_key (kr, buf2, buf3, &len)) != CRYPT_OK) { + printf ("decrypt error, %d, %s\n", i, error_to_string (errnum)); exit (-1); } if (len != 16 || memcmp (buf3, buf, 16)) { @@ -1535,28 +1553,28 @@ kr_test (void) printf ("kr_encrypt_key passed, "); len = sizeof (buf2); - if ((errno = + if ((errnum = kr_sign_hash (kr, _kr->ID, buf, 32, buf2, &len, &prng, find_prng ("yarrow"))) != CRYPT_OK) { - printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno)); + printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum)); exit (-1); } printf ("kr_sign_hash: "); - if ((errno = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) { - printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno)); + if ((errnum = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) { + printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum)); exit (-1); } printf ("%s, ", stat ? "passed" : "failed"); buf[15] ^= 1; - if ((errno = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) { - printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno)); + if ((errnum = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) { + printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum)); exit (-1); } printf ("%s\n", (!stat) ? "passed" : "failed"); buf[15] ^= 1; len = sizeof (buf); - if ((errno = + if ((errnum = kr_fingerprint (kr, _kr->ID, find_hash ("sha1"), buf, &len)) != CRYPT_OK) { printf ("kr_fingerprint failed, %i, %lu\n", i, len); @@ -1581,8 +1599,8 @@ kr_test (void) /* now export it as public and private */ len = sizeof (buf); - if ((errno = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) { - printf ("Error exporting key %d, %s\n", i, error_to_string (errno)); + if ((errnum = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) { + printf ("Error exporting key %d, %s\n", i, error_to_string (errnum)); exit (-1); } @@ -1590,8 +1608,8 @@ kr_test (void) memset (buf + len, 0, sizeof (buf) - len); len = sizeof (buf2); - if ((errno = kr_export (kr, kr->ID, PK_PRIVATE, buf2, &len)) != CRYPT_OK) { - printf ("Error exporting key %s\n", error_to_string (errno)); + if ((errnum = kr_export (kr, kr->ID, PK_PRIVATE, buf2, &len)) != CRYPT_OK) { + printf ("Error exporting key %s\n", error_to_string (errnum)); exit (-1); } @@ -1602,8 +1620,8 @@ kr_test (void) kr_clear (&kr); kr_init (&kr); kr_display (kr); - if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) { - printf ("Error importing key %s\n", error_to_string (errno)); + if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) { + printf ("Error importing key %s\n", error_to_string (errnum)); exit (-1); } kr_display (kr); @@ -1612,11 +1630,11 @@ kr_test (void) for (i = 0; i < 16; i++) buf[i] = i; len = sizeof (buf3); - if ((errno = + if ((errnum = kr_encrypt_key (kr, kr->ID, buf, 16, buf3, &len, &prng, find_prng ("yarrow"), find_hash ("md5"))) != CRYPT_OK) { - printf ("Encrypt error, %d, %s\n", i, error_to_string (errno)); + printf ("Encrypt error, %d, %s\n", i, error_to_string (errnum)); exit (-1); } @@ -1624,16 +1642,16 @@ kr_test (void) kr_clear (&kr); kr_init (&kr); kr_display (kr); - if ((errno = kr_import (kr, buf2, len)) != CRYPT_OK) { - printf ("Error importing key %s\n", error_to_string (errno)); + if ((errnum = kr_import (kr, buf2, len)) != CRYPT_OK) { + printf ("Error importing key %s\n", error_to_string (errnum)); exit (-1); } kr_display (kr); /* now decrypt */ len = sizeof (buf2); - if ((errno = kr_decrypt_key (kr, buf3, buf2, &len)) != CRYPT_OK) { - printf ("decrypt error, %s\n", error_to_string (errno)); + if ((errnum = kr_decrypt_key (kr, buf3, buf2, &len)) != CRYPT_OK) { + printf ("decrypt error, %s\n", error_to_string (errnum)); exit (-1); } @@ -1697,14 +1715,14 @@ main (void) register_all_algs (); - if ((errno = yarrow_start (&prng)) != CRYPT_OK) { - printf ("yarrow_start: %s\n", error_to_string (errno)); + if ((errnum = yarrow_start (&prng)) != CRYPT_OK) { + printf ("yarrow_start: %s\n", error_to_string (errnum)); } - if ((errno = yarrow_add_entropy ("hello", 5, &prng)) != CRYPT_OK) { - printf ("yarrow_add_entropy: %s\n", error_to_string (errno)); + if ((errnum = yarrow_add_entropy ("hello", 5, &prng)) != CRYPT_OK) { + printf ("yarrow_add_entropy: %s\n", error_to_string (errnum)); } - if ((errno = yarrow_ready (&prng)) != CRYPT_OK) { - printf ("yarrow_ready: %s\n", error_to_string (errno)); + if ((errnum = yarrow_ready (&prng)) != CRYPT_OK) { + printf ("yarrow_ready: %s\n", error_to_string (errnum)); } printf (crypt_build_settings); diff --git a/demos/test.c~ b/demos/test.c~ deleted file mode 100644 index 2426dc24..00000000 --- a/demos/test.c~ +++ /dev/null @@ -1,1427 +0,0 @@ -/* This is the worst code you have ever seen written on purpose.... this code is just a big hack to test -out the functionality of the library */ - -#ifdef SONY_PS2 -#include -#include -#include "timer.h" -#endif - -#include "../mycrypt.h" - -int errno; - - -int null_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) -{ - return CRYPT_OK; -} - -void null_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key) -{ - memcpy(ct, pt, 8); -} - -void null_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key) -{ - memcpy(pt, ct, 8); -} - -int null_test(void) -{ - return CRYPT_OK; -} - -int null_keysize(int *desired_keysize) -{ - return CRYPT_OK; -} - -const struct _cipher_descriptor null_desc = -{ - "memcpy()", - 255, - 8, 8, 8, 1, - &null_setup, - &null_ecb_encrypt, - &null_ecb_decrypt, - &null_test, - &null_keysize -}; - - -prng_state prng; - -void store_tests(void) -{ - unsigned char buf[8]; - unsigned long L; - ulong64 LL; - - printf("LOAD32/STORE32 tests\n"); - L = 0x12345678UL; - STORE32L(L, &buf[0]); - L = 0; - LOAD32L(L, &buf[0]); - if (L != 0x12345678UL) { printf("LOAD/STORE32 Little don't work\n"); exit(-1); } - LL = CONST64(0x01020304050607); - STORE64L(LL, &buf[0]); - LL = 0; - LOAD64L(LL, &buf[0]) - if (LL != CONST64(0x01020304050607)) { printf("LOAD/STORE64 Little don't work\n"); exit(-1); } - - L = 0x12345678UL; - STORE32H(L, &buf[0]); - L = 0; - LOAD32H(L, &buf[0]); - if (L != 0x12345678UL) { printf("LOAD/STORE32 High don't work\n"); exit(-1); } - LL = CONST64(0x01020304050607); - STORE64H(LL, &buf[0]); - LL = 0; - LOAD64H(LL, &buf[0]) - if (LL != CONST64(0x01020304050607)) { printf("LOAD/STORE64 High don't work\n"); exit(-1); } -} - -void cipher_tests(void) { - int x; - - printf("Ciphers compiled in\n"); - for (x = 0; cipher_descriptor[x].name != NULL; x++) { - printf(" %12s (%2d) Key Size: %4d to %4d, Block Size: %3d, Default # of rounds: %2d\n", cipher_descriptor[x].name, - cipher_descriptor[x].ID, - cipher_descriptor[x].min_key_length*8,cipher_descriptor[x].max_key_length*8, - cipher_descriptor[x].block_length*8, cipher_descriptor[x].default_rounds); - } - -} - -void ecb_tests(void) -{ - int x; - - printf("ECB tests\n"); - for (x = 0; cipher_descriptor[x].name != NULL; x++) { - printf(" %12s: ", - cipher_descriptor[x].name); - if ((errno = cipher_descriptor[x].test()) != CRYPT_OK) { - printf(" **failed** Reason: %s\n", error_to_string(errno)); - exit(-1); - } else { - printf("passed\n"); - } - } -} - -#ifdef CBC -void cbc_tests(void) -{ - symmetric_CBC cbc; - int x, y; - unsigned char blk[32], ct[32], key[32], IV[32]; - const unsigned char test[] = { 0XFF, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; - - printf("CBC tests\n"); - /* ---- CBC ENCODING ---- */ - /* make up a block and IV */ - for (x = 0; x < 32; x++) blk[x] = IV[x] = x; - - /* now lets start a cbc session */ - if ((errno = cbc_start(find_cipher("blowfish"), IV, key, 16, 0, &cbc)) != CRYPT_OK) { - printf("CBC Setup: %s\n", error_to_string(errno)); exit(-1); } - - /* now lets encode 32 bytes */ - for (x = 0; x < 4; x++) { - if ((errno = cbc_encrypt(blk+8*x, ct+8*x, &cbc)) != CRYPT_OK) { - printf("CBC encrypt: %s\n", error_to_string(errno)); exit(-1); - } - } - - zeromem(blk, sizeof(blk)); - - /* ---- CBC DECODING ---- */ - /* make up a IV */ - for (x = 0; x < 32; x++) IV[x] = x; - - /* now lets start a cbc session */ - if ((errno = cbc_start(find_cipher("blowfish"), IV, key, 16, 0, &cbc)) != CRYPT_OK) { - printf("CBC Setup: %s\n", error_to_string(errno)); exit(-1); } - - /* now lets decode 32 bytes */ - for (x = 0; x < 4; x++) { - if ((errno = cbc_decrypt(ct+8*x, blk+8*x, &cbc)) != CRYPT_OK) { - printf("CBC decrypt: %s\n", error_to_string(errno)); exit(-1); - } - } - - - /* print output */ - for (x = y = 0; x < 32; x++) if (blk[x] != x) y = 1; - printf(" %s\n", y?"failed":"passed"); - - /* lets actually check the bytes */ - memset(IV, 0, 8); IV[0] = 0xFF; /* IV = FF 00 00 00 00 00 00 00 */ - memset(blk, 0, 32); blk[8] = 0xFF; /* BLK = 00 00 00 00 00 00 00 00 FF 00 00 00 00 00 00 00 */ - cbc_start(find_cipher("memcpy()"), IV, key, 8, 0, &cbc); - cbc_encrypt(blk, ct, &cbc); /* expect: FF 00 00 00 00 00 00 00 */ - cbc_encrypt(blk+8, ct+8, &cbc); /* expect: 00 00 00 00 00 00 00 00 */ - if (memcmp(ct, test, 16)) { - printf("CBC failed logical testing.\n"); - for (x = 0; x < 16; x++) printf("%02x ", ct[x]); - printf("\n"); - exit(-1); - } else { - printf("CBC passed logical testing.\n"); - } -} -#else -void cbc_tests(void) { printf("CBC not compiled in\n"); } -#endif - -#ifdef OFB -void ofb_tests(void) -{ - symmetric_OFB ofb; - int x, y; - unsigned char blk[32], ct[32], key[32], IV[32]; - - printf("OFB tests\n"); - /* ---- ofb ENCODING ---- */ - /* make up a block and IV */ - for (x = 0; x < 32; x++) blk[x] = IV[x] = x; - - /* now lets start a ofb session */ - if ((errno = ofb_start(find_cipher("cast5"), IV, key, 16, 0, &ofb)) != CRYPT_OK) { - printf("OFB Setup: %s\n", error_to_string(errno)); exit(-1); } - - /* now lets encode 32 bytes */ - for (x = 0; x < 4; x++) { - if ((errno = ofb_encrypt(blk+8*x, ct+8*x, 8, &ofb)) != CRYPT_OK) { - printf("OFB encrypt: %s\n", error_to_string(errno)); exit(-1); - } - } - - zeromem(blk, sizeof(blk)); - - /* ---- ofb DECODING ---- */ - /* make up a IV */ - for (x = 0; x < 32; x++) IV[x] = x; - - /* now lets start a ofb session */ - if ((errno = ofb_start(find_cipher("cast5"), IV, key, 16, 0, &ofb)) != CRYPT_OK) { - printf("OFB setup: %s\n", error_to_string(errno)); exit(-1); } - - /* now lets decode 32 bytes */ - for (x = 0; x < 4; x++) { - if ((errno = ofb_decrypt(ct+8*x, blk+8*x, 8, &ofb)) != CRYPT_OK) { - printf("OFB decrypt: %s\n", error_to_string(errno)); exit(-1); - } - } - - /* print output */ - for (x = y = 0; x < 32; x++) if (blk[x] != x) y = 1; - printf(" %s\n", y?"failed":"passed"); - if (y) exit(-1); -} -#else -void ofb_tests(void) { printf("OFB not compiled in\n"); } -#endif - -#ifdef CFB -void cfb_tests(void) -{ - symmetric_CFB cfb; - int x, y; - unsigned char blk[32], ct[32], key[32], IV[32]; - - printf("CFB tests\n"); - /* ---- cfb ENCODING ---- */ - /* make up a block and IV */ - for (x = 0; x < 32; x++) blk[x] = IV[x] = x; - - /* now lets start a cfb session */ - if ((errno = cfb_start(find_cipher("blowfish"), IV, key, 16, 0, &cfb)) != CRYPT_OK) { - printf("CFB setup: %s\n", error_to_string(errno)); exit(-1); } - - /* now lets encode 32 bytes */ - for (x = 0; x < 4; x++) { - if ((errno = cfb_encrypt(blk+8*x, ct+8*x, 8, &cfb)) != CRYPT_OK) { - printf("CFB encrypt: %s\n", error_to_string(errno)); exit(-1); - } - } - - zeromem(blk, sizeof(blk)); - - /* ---- cfb DECODING ---- */ - /* make up ahash_descriptor[prng->yarrow.hash].hashsize IV */ - for (x = 0; x < 32; x++) IV[x] = x; - - /* now lets start a cfb session */ - if ((errno = cfb_start(find_cipher("blowfish"), IV, key, 16, 0, &cfb)) != CRYPT_OK) { - printf("CFB Setup: %s\n", error_to_string(errno)); exit(-1); } - - /* now lets decode 32 bytes */ - for (x = 0; x < 4; x++) { - if ((errno = cfb_decrypt(ct+8*x, blk+8*x, 8, &cfb)) != CRYPT_OK) { - printf("CFB decrypt: %s\n", error_to_string(errno)); exit(-1); - } - } - - /* print output */ - for (x = y = 0; x < 32; x++) if (blk[x] != x) y = 1; - printf(" %s\n", y?"failed":"passed"); - if (y) exit(-1); -} -#else -void cfb_tests(void) { printf("CFB not compiled in\n"); } -#endif - -#ifdef CTR -void ctr_tests(void) -{ - symmetric_CTR ctr; - int x, y; - unsigned char blk[32], ct[32], key[32], count[32]; - const unsigned char test[] = { 0xFF, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0 }; - - printf("CTR tests\n"); - /* ---- CTR ENCODING ---- */ - /* make up a block and IV */ - for (x = 0; x < 32; x++) blk[x] = count[x] = x; - - /* now lets start a ctr session */ - if ((errno = ctr_start(find_cipher("xtea"), count, key, 16, 0, &ctr)) != CRYPT_OK) { - printf("CTR Setup: %s\n", error_to_string(errno)); exit(-1); } - - /* now lets encode 32 bytes */ - for (x = 0; x < 4; x++) { - if ((errno = ctr_encrypt(blk+8*x, ct+8*x, 8, &ctr)) != CRYPT_OK) { - printf("CTR encrypt: %s\n", error_to_string(errno)); exit(-1); - } - } - - zeromem(blk, sizeof(blk)); - - /* ---- CTR DECODING ---- */ - /* make up a IV */ - for (x = 0; x < 32; x++) count[x] = x; - - /* now lets start a cbc session */ - if ((errno = ctr_start(find_cipher("xtea"), count, key, 16, 0, &ctr)) != CRYPT_OK) { - printf("CTR Setup: %s\n", error_to_string(errno)); exit(-1); } - - /* now lets decode 32 bytes */ - for (x = 0; x < 4; x++) { - if ((errno = ctr_decrypt(ct+8*x, blk+8*x, 8, &ctr)) != CRYPT_OK) { - printf("CTR decrypt: %s\n", error_to_string(errno)); exit(-1); - } - } - - /* print output */ - for (x = y = 0; x < 32; x++) if (blk[x] != x) y = 1; - printf(" %s\n", y?"failed":"passed"); - if (y) exit(-1); - - /* lets actually check the bytes */ - memset(count, 0, 8); count[0] = 0xFF; /* IV = FF 00 00 00 00 00 00 00 */ - memset(blk, 0, 32); blk[9] = 2; /* BLK = 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 */ - ctr_start(find_cipher("memcpy()"), count, key, 8, 0, &ctr); - ctr_encrypt(blk, ct, 8, &ctr); /* expect: FF 00 00 00 00 00 00 00 */ - ctr_encrypt(blk+8, ct+8, 8, &ctr); /* expect: 00 03 00 00 00 00 00 00 */ - if (memcmp(ct, test, 16)) { - printf("CTR failed logical testing.\n"); - for (x = 0; x < 16; x++) printf("%02x ", ct[x]); - printf("\n"); - } else { - printf("CTR passed logical testing.\n"); - } - -} -#else -void ctr_tests(void) { printf("CTR not compiled in\n"); } -#endif - -void hash_tests(void) -{ - int x; - printf("Hash tests\n"); - for (x = 0; hash_descriptor[x].name != NULL; x++) { - printf(" %10s (%2d) ", hash_descriptor[x].name, hash_descriptor[x].ID); - if ((errno = hash_descriptor[x].test()) != CRYPT_OK) - printf("**failed** Reason: %s\n", error_to_string(errno)); - else - printf("passed\n"); - } -} - -#ifdef MRSA -void pad_test(void) -{ - unsigned char in[100], out[100]; - unsigned long x, y; - - /* make a dummy message */ - for (x = 0; x < 16; x++) in[x] = (unsigned char)x; - - /* pad the message so that random filler is placed before and after it */ - y = 100; - if ((errno = rsa_pad(in, 16, out, &y, find_prng("yarrow"), &prng)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); exit(-1); } - - /* depad the message to get the original content */ - memset(in, 0, sizeof(in)); - x = 100; - if ((errno = rsa_depad(out, y, in, &x)) != CRYPT_OK) { printf("Error: %s\n", error_to_string(errno)); exit(-1); } - - /* check outcome */ - printf("rsa_pad: "); - if (x != 16) { printf("Failed. Wrong size.\n"); exit(-1); } - for (x = 0; x < 16; x++) if (in[x] != x) { printf("Failed. Expected %02lx and got %02x.\n", x, in[x]); exit(-1); } - printf("passed.\n"); -} - -void rsa_test(void) -{ - unsigned char in[4096], out[4096]; - unsigned long x, y, z, limit; - int stat; - rsa_key key; - clock_t t; - - /* ---- SINGLE ENCRYPT ---- */ - /* encrypt a short 8 byte string */ - if ((errno = rsa_make_key(&prng, find_prng("yarrow"), 1024/8, 65537, &key)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); exit(-1); } - for (x = 0; x < 8; x++) in[x] = (unsigned char)(x+1); - y = sizeof(in); - if ((errno = rsa_exptmod(in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); exit(-1); } - - /* decrypt it */ - zeromem(in, sizeof(in)); - x = sizeof(out); - if ((errno = rsa_exptmod(out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); exit(-1); } - - /* compare */ - printf("RSA : "); - for (x = 0; x < 8; x++) if (in[x] != (x+1)) { printf("Failed. x==%02lx, in[%ld]==%02x\n", x, x, in[x]); exit(-1); } - printf("passed.\n"); - - /* test the rsa_encrypt_key functions */ - for (x = 0; x < 16; x++) in[x] = x; - y = sizeof(out); - if ((errno = rsa_encrypt_key(in, 16, out, &y, &prng, find_prng("yarrow"), &key)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - zeromem(in, sizeof(in)); - x = sizeof(in); - if ((errno = rsa_decrypt_key(out, y, in, &x, &key)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - printf("RSA en/de crypt key routines: "); - if (x != 16) { printf("Failed (length)\n"); exit(-1); } - for (x = 0; x < 16; x++) if (in[x] != x) { printf("Failed (contents)\n"); exit(-1); } - printf("Passed\n"); - - /* test sign_hash functions */ - for (x = 0; x < 16; x++) in[x] = x; - x = sizeof(in); - if ((errno = rsa_sign_hash(in, 16, out, &x, &key)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - printf("RSA signed hash: %lu bytes\n", x); - if ((errno = rsa_verify_hash(out, x, in, &stat, &key)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - printf("Verify hash: %s, ", stat?"passed":"failed"); - in[0] ^= 1; - if ((errno = rsa_verify_hash(out, x, in, &stat, &key)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - printf("%s\n", (!stat)?"passed":"failed"); - if (stat) exit(-1); - rsa_free(&key); - - /* make a RSA key */ -#ifdef SONY_PS2_NOPE - limit = 1024; -#else - limit = 2048; -#endif - - { int tt; - - for (z = 1024; z <= limit; z += 512) { - t = XCLOCK(); - for (tt = 0; tt < 3; tt++) { - if ((errno = rsa_make_key(&prng, find_prng("yarrow"), z/8, 65537, &key)) != CRYPT_OK) { printf("Error: %s\n", error_to_string(errno)); exit(-1); } - if (tt < 2) rsa_free(&key); - } - t = XCLOCK() - t; - printf("Took %.0f ms to make a %ld-bit RSA key.\n", 1000.0 * (((double)t / 3.0) / (double)XCLOCKS_PER_SEC), z); - - /* time encryption */ - t = XCLOCK(); - - for (tt = 0; tt < 100; tt++) { - y = sizeof(in); - if ((errno = rsa_exptmod(in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) { printf("Error: %s\n", error_to_string(errno)); exit(-1); } - } - t = XCLOCK() - t; - printf("Took %.0f ms to encrypt with a %ld-bit RSA key.\n", 1000.0 * (((double)t / 100.0)/ (double)XCLOCKS_PER_SEC), z); - - /* time decryption */ - t = XCLOCK(); - for (tt = 0; tt < 100; tt++) { - x = sizeof(out); - if ((errno = rsa_exptmod(out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) { printf("Error: %s\n", error_to_string(errno)); exit(-1); } - } - t = XCLOCK() - t; - printf("Took %.0f ms to decrypt with a %ld-bit RSA key.\n", 1000.0 * (((double)t / 100.0) / (double)XCLOCKS_PER_SEC), z); - rsa_free(&key); - } - } - - - -} -#else -void pad_test(void) { printf("MRSA not compiled in\n"); } -void rsa_test(void) { printf("MRSA not compiled in\n"); } -#endif - -#ifdef BASE64 -void base64_test(void) -{ - unsigned char buf[2][100]; - unsigned long x, y; - - printf("Base64 tests\n"); - zeromem(buf, sizeof(buf)); - for (x = 0; x < 16; x++) buf[0][x] = (unsigned char)x; - - x = 100; - if (base64_encode(buf[0], 16, buf[1], &x) != CRYPT_OK) { - printf(" error: %s\n", error_to_string(errno)); - exit(-1); - } - printf(" encoded 16 bytes to %ld bytes...[%s]\n", x, buf[1]); - memset(buf[0], 0, 100); - y = 100; - if (base64_decode(buf[1], x, buf[0], &y) != CRYPT_OK) { - printf(" error: %s\n", error_to_string(errno)); - exit(-1); - } - printf(" decoded %ld bytes to %ld bytes\n", x, y); - for (x = 0; x < 16; x++) if (buf[0][x] != x) { - printf(" **failed**\n"); - exit(-1); - } - printf(" passed\n"); -} -#else -void base64_test(void) { printf("Base64 not compiled in\n"); } -#endif - -void time_hash(void) -{ - clock_t t1; - int x, y; - unsigned long z; - unsigned char input[4096], out[MAXBLOCKSIZE]; - printf("Hash Time Trials (4KB blocks):\n"); - for (x = 0; hash_descriptor[x].name != NULL; x++) { - t1 = XCLOCK(); - z = sizeof(out); - y = 0; - while (XCLOCK() - t1 < (3 * XCLOCKS_PER_SEC)) { - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); - hash_memory(x, input, 4096, out, &z); y += 16; - } - t1 = XCLOCK() - t1; - printf("%-20s: Hash at %5.2f Mbit/sec\n", hash_descriptor[x].name, - ((8.0 * 4096.0) * ((double)y / ((double)t1 / (double)XCLOCKS_PER_SEC))) / 1000000.0); - } -} - -void time_ecb(void) -{ - clock_t t1, t2; - long x, y1, y2; - unsigned char pt[32], key[32]; - symmetric_key skey; - void (*func)(const unsigned char *, unsigned char *, symmetric_key *); - - printf("ECB Time Trials for the Symmetric Ciphers:\n"); - for (x = 0; cipher_descriptor[x].name != NULL; x++) { - cipher_descriptor[x].setup(key, cipher_descriptor[x].min_key_length, 0, &skey); - -#define DO1 func(pt,pt,&skey); -#define DO2 DO1 DO1 -#define DO4 DO2 DO2 -#define DO8 DO4 DO4 -#define DO16 DO8 DO8 -#define DO32 DO16 DO16 -#define DO64 DO32 DO32 -#define DO128 DO64 DO64 -#define DO256 DO128 DO128 - - func = cipher_descriptor[x].ecb_encrypt; - y1 = 0; - t1 = XCLOCK(); - while (XCLOCK() - t1 < 3*XCLOCKS_PER_SEC) { - DO256; y1 += 256; - } - t1 = XCLOCK() - t1; - - func = cipher_descriptor[x].ecb_decrypt; - y2 = 0; - t2 = XCLOCK(); - while (XCLOCK() - t2 < 3*XCLOCKS_PER_SEC) { - DO256; y2 += 256; - } - t2 = XCLOCK() - t2; - printf("%-20s: Encrypt at %5.2f Mbit/sec and Decrypt at %5.2f Mbit/sec\n", - cipher_descriptor[x].name, - ((8.0 * (double)cipher_descriptor[x].block_length) * ((double)y1 / ((double)t1 / (double)XCLOCKS_PER_SEC))) / 1000000.0, - ((8.0 * (double)cipher_descriptor[x].block_length) * ((double)y2 / ((double)t2 / (double)XCLOCKS_PER_SEC))) / 1000000.0); - -#undef DO256 -#undef DO128 -#undef DO64 -#undef DO32 -#undef DO16 -#undef DO8 -#undef DO4 -#undef DO2 -#undef DO1 - } -} - -#ifdef MDH -void dh_tests(void) -{ - unsigned char buf[3][4096]; - unsigned long x, y, z; - int low, high, stat, stat2; - dh_key usera, userb; - clock_t t1; - -/* if ((errno = dh_test()) != CRYPT_OK) printf("DH Error: %s\n", error_to_string(errno)); */ - - dh_sizes(&low, &high); - printf("DH Keys from %d to %d supported.\n", low*8, high*8); - - /* make up two keys */ - if ((errno = dh_make_key(&prng, find_prng("yarrow"), 96, &usera)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - if ((errno = dh_make_key(&prng, find_prng("yarrow"), 96, &userb)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - - /* make the shared secret */ - x = 4096; - if ((errno = dh_shared_secret(&usera, &userb, buf[0], &x)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - - y = 4096; - if ((errno = dh_shared_secret(&userb, &usera, buf[1], &y)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - if (y != x) { printf("DH Shared keys are not same size.\n"); exit(-1); } - if (memcmp(buf[0], buf[1], x)) { printf("DH Shared keys not same contents.\n"); exit(-1); } - - /* now export userb */ - y = 4096; - if ((errno = dh_export(buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - dh_free(&userb); - - /* import and make the shared secret again */ - if ((errno = dh_import(buf[1], y, &userb)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - z = 4096; - if ((errno = dh_shared_secret(&usera, &userb, buf[2], &z)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - - printf("DH routines: "); - if (z != x) { printf("failed. Size don't match?\n"); exit(-1); } - if (memcmp(buf[0], buf[2], x)) { printf("Failed. Content didn't match.\n"); exit(-1); } - printf("Passed\n"); - dh_free(&usera); - dh_free(&userb); - -/* time stuff */ - { - static int sizes[] = { 96, 128, 160, 192, 224, 256, 320, 384, 512 }; - int ii, tt; - - for (ii = 0; ii < (int)(sizeof(sizes)/sizeof(sizes[0])); ii++) { - t1 = XCLOCK(); - for (tt = 0; tt < 50; tt++) { - dh_make_key(&prng, find_prng("yarrow"), sizes[ii], &usera); - dh_free(&usera); - } - t1 = XCLOCK() - t1; - printf("Make dh-%d key took %f msec\n", sizes[ii] * 8, 1000.0 * (((double)t1 / 50.0) / (double)XCLOCKS_PER_SEC)); - } - } - -/* test encrypt_key */ - dh_make_key(&prng, find_prng("yarrow"), 96, &usera); - for (x = 0; x < 16; x++) buf[0][x] = x; - y = sizeof(buf[1]); - if ((errno = dh_encrypt_key(buf[0], 16, buf[1], &y, &prng, find_prng("yarrow"), find_hash("md5"), &usera)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - zeromem(buf[0], sizeof(buf[0])); - x = sizeof(buf[0]); - if ((errno = dh_decrypt_key(buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - printf("DH en/de crypt key routines: "); - if (x != 16) { printf("Failed (length)\n"); exit(-1); } - for (x = 0; x < 16; x++) if (buf[0][x] != x) { printf("Failed (contents)\n"); exit(-1); } - printf("Passed (size %lu)\n", y); - -/* test sign_hash */ - for (x = 0; x < 16; x++) buf[0][x] = x; - x = sizeof(buf[1]); - if ((errno = dh_sign_hash(buf[0], 16, buf[1], &x, &prng, find_prng("yarrow"), &usera)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - if (dh_verify_hash(buf[1], x, buf[0], 16, &stat, &usera)) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - buf[0][0] ^= 1; - if (dh_verify_hash(buf[1], x, buf[0], 16, &stat2, &usera)) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - printf("dh_sign/verify_hash: %s (%d,%d), %lu\n", ((stat==1)&&(stat2==0))?"passed":"failed", stat,stat2, x); - dh_free(&usera); -} -#else -void dh_tests(void) { printf("MDH not compiled in\n"); } -#endif - -int callback_x = 0; -void callback(void) -{ - printf("%c\x08", "-\\|/"[++callback_x & 3]); -#ifndef SONY_PS2 - fflush(stdout); -#endif -} - -void rng_tests(void) -{ - unsigned char buf[16]; - clock_t t1; - int x, y; - - printf("RNG tests\n"); - t1 = XCLOCK(); - x = rng_get_bytes(buf, sizeof(buf), &callback); - t1 = XCLOCK() - t1; - printf(" %f bytes per second...", - (double)x / ((double)t1 / (double)XCLOCKS_PER_SEC)); - printf("read %d bytes.\n ", x); - for (y = 0; y < x; y++) - printf("%02x ", buf[y]); - printf("\n"); - -#ifdef YARROW - if ((errno = rng_make_prng(128, find_prng("yarrow"), &prng, &callback)) != CRYPT_OK) { - printf(" starting yarrow error: %s\n", error_to_string(errno)); - exit(-1); - } -#endif -} - -#ifdef MECC -void ecc_tests(void) -{ - unsigned char buf[4][4096]; - unsigned long x, y, z; - int stat, stat2, low, high; - ecc_key usera, userb; - clock_t t1; - - if ((errno = ecc_test()) != CRYPT_OK) { printf("ecc Error: %s\n", error_to_string(errno)); exit(-1); } - - ecc_sizes(&low, &high); - printf("ecc Keys from %d to %d supported.\n", low*8, high*8); - - /* make up two keys */ - if ((errno = ecc_make_key(&prng, find_prng("yarrow"), 24, &usera)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - if ((errno = ecc_make_key(&prng, find_prng("yarrow"), 24, &userb)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - - /* make the shared secret */ - x = 4096; - if ((errno = ecc_shared_secret(&usera, &userb, buf[0], &x)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - - y = 4096; - if ((errno = ecc_shared_secret(&userb, &usera, buf[1], &y)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - - if (y != x) { printf("ecc Shared keys are not same size.\n"); exit(-1); } - - if (memcmp(buf[0], buf[1], x)) { printf("ecc Shared keys not same contents.\n"); exit(-1); } - - /* now export userb */ - y = 4096; - if ((errno = ecc_export(buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - ecc_free(&userb); - printf("ECC-192 export took %ld bytes\n", y); - - /* import and make the shared secret again */ - if ((errno = ecc_import(buf[1], y, &userb)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - - z = 4096; - if ((errno = ecc_shared_secret(&usera, &userb, buf[2], &z)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - - printf("ecc routines: "); - if (z != x) { printf("failed. Size don't match?\n"); exit(-1); } - if (memcmp(buf[0], buf[2], x)) { printf("Failed. Content didn't match.\n"); exit(-1); } - printf("Passed\n"); - ecc_free(&usera); - ecc_free(&userb); - -/* time stuff */ - { - static int sizes[] = { 20, 24, 28, 32, 48, 65 }; - int ii, tt; - - for (ii = 0; ii < (int)(sizeof(sizes)/sizeof(sizes[0])); ii++) { - t1 = XCLOCK(); - for (tt = 0; tt < 25; tt++) { - if ((errno = ecc_make_key(&prng, find_prng("yarrow"), sizes[ii], &usera)) != CRYPT_OK) { printf("Error: %s\n", error_to_string(errno)); exit(-1); } - ecc_free(&usera); - } - t1 = XCLOCK() - t1; - printf("Make ECC-%d key took %f msec\n", sizes[ii]*8, 1000.0 * (((double)t1/25.0) / (double)XCLOCKS_PER_SEC)); - } - } - -/* test encrypt_key */ - ecc_make_key(&prng, find_prng("yarrow"), 65, &usera); - for (x = 0; x < 16; x++) buf[0][x] = x; - y = sizeof(buf[1]); - if ((errno = ecc_encrypt_key(buf[0], 16, buf[1], &y, &prng, find_prng("yarrow"), find_hash("md5"), &usera)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - zeromem(buf[0], sizeof(buf[0])); - x = sizeof(buf[0]); - if ((errno = ecc_decrypt_key(buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - printf("ECC en/de crypt key routines: "); - if (x != 16) { printf("Failed (length)\n"); exit(-1); } - for (x = 0; x < 16; x++) if (buf[0][x] != x) { printf("Failed (contents)\n"); exit(-1); } - printf("Passed (size: %lu)\n", y); -/* test sign_hash */ - for (x = 0; x < 16; x++) buf[0][x] = x; - x = sizeof(buf[1]); - if ((errno = ecc_sign_hash(buf[0], 16, buf[1], &x, &prng, find_prng("yarrow"), &usera)) != CRYPT_OK) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - if (ecc_verify_hash(buf[1], x, buf[0], 16, &stat, &usera)) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - buf[0][0] ^= 1; - if (ecc_verify_hash(buf[1], x, buf[0], 16, &stat2, &usera)) { - printf("Error: %s\n", error_to_string(errno)); - exit(-1); - } - printf("ecc_sign/verify_hash: %s (%d,%d)\n", ((stat==1)&&(stat2==0))?"passed":"failed", stat,stat2); - ecc_free(&usera); -} -#else -void ecc_tests(void) { printf("MECC not compiled in\n"); } -#endif - -#ifdef GF -void gf_tests(void) -{ - gf_int a, b, c, d; - int n; - unsigned char buf[1024]; - - printf("GF tests\n"); - gf_zero(a);gf_zero(b);gf_zero(c);gf_zero(d); - - /* a == 0x18000000b */ - a[1] = 1; - a[0] = 0x8000000bUL; - - /* b == 0x012345678 */ - b[0] = 0x012345678UL; - - /* find 1/b mod a */ - gf_invmod(b,a,c); - - /* find 1/1/b mod a */ - gf_invmod(c,a,d); - - /* display them */ - printf(" %08lx %08lx\n", c[0], d[0]); - - /* store as binary string */ - n = gf_size(a); - printf(" a takes %d bytes\n", n); - gf_toraw(a, buf); - gf_readraw(a, buf, n); - printf(" a == %08lx%08lx\n", a[1], a[0]); - - /* primality testing */ - gf_zero(a); - a[0] = 0x169; - printf(" GF prime: %s, ", gf_is_prime(a)?"passed":"failed"); - a[0] = 0x168; - printf(" %s\n", gf_is_prime(a)?"failed":"passed"); - - /* test sqrt code */ - gf_zero(a); - a[1] = 0x00000001; - a[0] = 0x8000000bUL; - gf_zero(b); - b[0] = 0x12345678UL; - - gf_sqrt(b, a, c); - gf_mulmod(c, c, a, b); - printf(" (%08lx)^2 = %08lx (mod %08lx%08lx) \n", c[0], b[0], a[1], a[0]); -} -#else -void gf_tests(void) { printf("GF not compiled in\n"); } -#endif - -#ifdef MPI -void test_prime(void) -{ - unsigned char buf[1024]; - mp_int a; - int x; - - /* make a 1024 bit prime */ - mp_init(&a); - rand_prime(&a, 128, &prng, find_prng("yarrow")); - - /* dump it */ - mp_todecimal(&a, buf); - printf("1024-bit prime:\n"); - for (x = 0; x < (int)strlen(buf); ) { - printf("%c", buf[x]); - if (!(++x % 60)) printf("\\ \n"); - } - printf("\n\n"); - - mp_clear(&a); -} -#else -void test_prime(void) { printf("MPI not compiled in\n"); } -#endif - -void register_all_algs(void) -{ -#ifdef BLOWFISH - register_cipher(&blowfish_desc); -#endif -#ifdef XTEA - register_cipher(&xtea_desc); -#endif -#ifdef RC5 - register_cipher(&rc5_desc); -#endif -#ifdef RC6 - register_cipher(&rc6_desc); -#endif -#ifdef SAFERP - register_cipher(&saferp_desc); -#endif -#ifdef SERPENT - register_cipher(&serpent_desc); -#endif -#ifdef RIJNDAEL - register_cipher(&aes_desc); -#endif -#ifdef TWOFISH - register_cipher(&twofish_desc); -#endif -#ifdef SAFER - register_cipher(&safer_k64_desc); - register_cipher(&safer_sk64_desc); - register_cipher(&safer_k128_desc); - register_cipher(&safer_sk128_desc); -#endif -#ifdef RC2 - register_cipher(&rc2_desc); -#endif -#ifdef DES - register_cipher(&des_desc); - register_cipher(&des3_desc); -#endif -#ifdef CAST5 - register_cipher(&cast5_desc); -#endif -#ifdef NOEKEON - register_cipher(&noekeon_desc); -#endif - - register_cipher(&null_desc); - -#ifdef SHA256 - register_hash(&sha256_desc); -#endif -#ifdef TIGER - register_hash(&tiger_desc); -#endif -#ifdef SHA1 - register_hash(&sha1_desc); -#endif -#ifdef MD5 - register_hash(&md5_desc); -#endif -#ifdef SHA384 - register_hash(&sha384_desc); -#endif -#ifdef SHA512 - register_hash(&sha512_desc); -#endif -#ifdef MD4 - register_hash(&md4_desc); -#endif -#ifdef MD2 - register_hash(&md2_desc); -#endif - -#ifdef YARROW - register_prng(&yarrow_desc); -#endif -#ifdef SPRNG - register_prng(&sprng_desc); -#endif -} - -void kr_display(pk_key *kr) -{ - static const char *system[] = { "NON-KEY", "RSA", "DH", "ECC" }; - static const char *type[] = { "PRIVATE", "PUBLIC", "PRIVATE_OPTIMIZED" }; - - while (kr->system != NON_KEY) { - printf("CRC [%08lx], System [%10s], Type [%20s], %s, %s, %s\n", kr->ID, system[kr->system], type[kr->key_type], kr->name, kr->email, kr->description); - kr = kr->next; - } - printf("\n"); -} - -void kr_test_makekeys(pk_key **kr) -{ - if ((errno = kr_init(kr)) != CRYPT_OK) { - printf("KR init error %s\n", error_to_string(errno)); - exit(-1); - } - - /* make a DH key */ - printf("KR: Making DH key...\n"); - if ((errno = kr_make_key(*kr, &prng, find_prng("yarrow"), DH_KEY, 128, "dhkey", "dh@dh.dh", "dhkey one")) != CRYPT_OK) { - printf("Make key error: %s\n", error_to_string(errno)); - exit(-1); - } - - /* make a ECC key */ - printf("KR: Making ECC key...\n"); - if ((errno = kr_make_key(*kr, &prng, find_prng("yarrow"), ECC_KEY, 20, "ecckey", "ecc@ecc.ecc", "ecckey one")) != CRYPT_OK) { - printf("Make key error: %s\n", error_to_string(errno)); - exit(-1); - } - - /* make a RSA key */ - printf("KR: Making RSA key...\n"); - if ((errno = kr_make_key(*kr, &prng, find_prng("yarrow"), RSA_KEY, 128, "rsakey", "rsa@rsa.rsa", "rsakey one")) != CRYPT_OK) { - printf("Make key error: %s\n", error_to_string(errno)); - exit(-1); - } - -} - -void kr_test(void) -{ - pk_key *kr, *_kr; - unsigned char buf[8192], buf2[8192], buf3[8192]; - unsigned long len; - int i, j, stat; -#ifndef NO_FILE - FILE *f; -#endif - - kr_test_makekeys(&kr); - - printf("The original list:\n"); - kr_display(kr); - - for (i = 0; i < 3; i++) { - len = sizeof(buf); - if ((errno = kr_export(kr, kr->ID, kr->key_type, buf, &len)) != CRYPT_OK) { - printf("Error exporting key %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - printf("Exported key was: %lu bytes\n", len); - if ((errno = kr_del(&kr, kr->ID)) != CRYPT_OK) { - printf("Error deleting key %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - kr_display(kr); - if ((errno = kr_import(kr, buf, len)) != CRYPT_OK) { - printf("Error importing key %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - kr_display(kr); - } - - for (i = 0; i < 3; i++) { - len = sizeof(buf); - if ((errno = kr_export(kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) { - printf("Error exporting key %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - printf("Exported key was: %lu bytes\n", len); - if ((errno = kr_del(&kr, kr->ID)) != CRYPT_OK) { - printf("Error deleting key %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - kr_display(kr); - if ((errno = kr_import(kr, buf, len)) != CRYPT_OK) { - printf("Error importing key %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - kr_display(kr); - } - - if ((errno = kr_clear(&kr)) != CRYPT_OK) { - printf("Error clearing ring: %s\n", error_to_string(errno)); - exit(-1); - } - - -/* TEST output to file */ -#ifndef NO_FILE - - if ((errno = kr_init(&kr)) != CRYPT_OK) { - printf("KR init error %s\n", error_to_string(errno)); - exit(-1); - } - kr_test_makekeys(&kr); - - /* save to file */ - f = fopen("ring.dat", "wb"); - if ((errno = kr_save(kr, f, NULL)) != CRYPT_OK) { - printf("kr_save error %s\n", error_to_string(errno)); - exit(-1); - } - fclose(f); - - /* delete and load */ - if ((errno = kr_clear(&kr)) != CRYPT_OK) { - printf("clear error: %s\n", error_to_string(errno)); - exit(-1); - } - - f = fopen("ring.dat", "rb"); - if ((errno = kr_load(&kr, f, NULL)) != CRYPT_OK) { - printf("kr_load error %s\n", error_to_string(errno)); - exit(-1); - } - fclose(f); - remove("ring.dat"); - printf("After load and save...\n"); - kr_display(kr); - - if ((errno = kr_clear(&kr)) != CRYPT_OK) { - printf("clear error: %s\n", error_to_string(errno)); - exit(-1); - } - -#endif - -/* test the packet encryption/sign stuff */ - for (i = 0; i < 32; i++) buf[i] = i; - kr_test_makekeys(&kr); - _kr = kr; - for (i = 0; i < 3; i++) { - printf("Testing a key with system %d, type %d:\t", _kr->system, _kr->key_type); - len = sizeof(buf2); - if ((errno = kr_encrypt_key(kr, _kr->ID, buf, 16, buf2, &len, &prng, find_prng("yarrow"), find_hash("md5"))) != CRYPT_OK) { - printf("Encrypt error, %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - len = sizeof(buf3); - if ((errno = kr_decrypt_key(kr, buf2, buf3, &len)) != CRYPT_OK) { - printf("decrypt error, %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - if (len != 16 || memcmp(buf3, buf, 16)) { - printf("kr_decrypt_key failed, %i, %lu\n", i, len); - exit(-1); - } - printf("kr_encrypt_key passed, "); - - len = sizeof(buf2); - if ((errno = kr_sign_hash(kr, _kr->ID, buf, 32, buf2, &len, &prng, find_prng("yarrow"))) != CRYPT_OK) { - printf("kr_sign_hash failed, %i, %s\n", i, error_to_string(errno)); - exit(-1); - } - printf("kr_sign_hash: "); - if ((errno = kr_verify_hash(kr, buf2, buf, 32, &stat)) != CRYPT_OK) { - printf("kr_sign_hash failed, %i, %s\n", i, error_to_string(errno)); - exit(-1); - } - printf("%s, ", stat?"passed":"failed"); - buf[15] ^= 1; - if ((errno = kr_verify_hash(kr, buf2, buf, 32, &stat)) != CRYPT_OK) { - printf("kr_sign_hash failed, %i, %s\n", i, error_to_string(errno)); - exit(-1); - } - printf("%s\n", (!stat)?"passed":"failed"); - buf[15] ^= 1; - - len = sizeof(buf); - if ((errno = kr_fingerprint(kr, _kr->ID, find_hash("sha1"), buf, &len)) != CRYPT_OK) { - printf("kr_fingerprint failed, %i, %lu\n", i, len); - exit(-1); - } - printf("Fingerprint: "); - for (j = 0; j < 20; j++) { - printf("%02x", buf[j]); - if (j < 19) printf(":"); - } - printf("\n\n"); - - _kr = _kr->next; - } - -/* Test encrypting/decrypting to a public key */ -/* first dump the other two keys */ - kr_del(&kr, kr->ID); - kr_del(&kr, kr->ID); - kr_display(kr); - - /* now export it as public and private */ - len = sizeof(buf); - if ((errno = kr_export(kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) { - printf("Error exporting key %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - - /* check boundaries */ - memset(buf+len, 0, sizeof(buf)-len); - - len = sizeof(buf2); - if ((errno = kr_export(kr, kr->ID, PK_PRIVATE, buf2, &len)) != CRYPT_OK) { - printf("Error exporting key %s\n", error_to_string(errno)); - exit(-1); - } - - /* check boundaries */ - memset(buf2+len, 0, sizeof(buf2)-len); - - /* delete the key and import the public */ - kr_clear(&kr); - kr_init(&kr); - kr_display(kr); - if ((errno = kr_import(kr, buf, len)) != CRYPT_OK) { - printf("Error importing key %s\n", error_to_string(errno)); - exit(-1); - } - kr_display(kr); - - /* now encrypt a buffer */ - for (i = 0; i < 16; i++) buf[i] = i; - len = sizeof(buf3); - if ((errno = kr_encrypt_key(kr, kr->ID, buf, 16, buf3, &len, &prng, find_prng("yarrow"), find_hash("md5"))) != CRYPT_OK) { - printf("Encrypt error, %d, %s\n", i, error_to_string(errno)); - exit(-1); - } - - /* now delete the key and import the private one */ - kr_clear(&kr); - kr_init(&kr); - kr_display(kr); - if ((errno = kr_import(kr, buf2, len)) != CRYPT_OK) { - printf("Error importing key %s\n", error_to_string(errno)); - exit(-1); - } - kr_display(kr); - - /* now decrypt */ - len = sizeof(buf2); - if ((errno = kr_decrypt_key(kr, buf3, buf2, &len)) != CRYPT_OK) { - printf("decrypt error, %s\n", error_to_string(errno)); - exit(-1); - } - - printf("KR encrypt to public, decrypt with private: "); - if (len == 16 && !memcmp(buf2, buf, 16)) { - printf("passed\n"); - } else { - printf("failed\n"); - } - - kr_clear(&kr); - -} - -void test_errs(void) -{ - #define ERR(x) printf("%25s => %s\n", #x, error_to_string(x)); - - ERR(CRYPT_OK); - ERR(CRYPT_ERROR); - - ERR(CRYPT_INVALID_KEYSIZE); - ERR(CRYPT_INVALID_ROUNDS); - ERR(CRYPT_FAIL_TESTVECTOR); - - ERR(CRYPT_BUFFER_OVERFLOW); - ERR(CRYPT_INVALID_PACKET); - - ERR(CRYPT_INVALID_PRNGSIZE); - ERR(CRYPT_ERROR_READPRNG); - - ERR(CRYPT_INVALID_CIPHER); - ERR(CRYPT_INVALID_HASH); - ERR(CRYPT_INVALID_PRNG); - - ERR(CRYPT_MEM); - - ERR(CRYPT_PK_TYPE_MISMATCH); - ERR(CRYPT_PK_NOT_PRIVATE); - - ERR(CRYPT_INVALID_ARG); - - ERR(CRYPT_PK_INVALID_TYPE); - ERR(CRYPT_PK_INVALID_SYSTEM); - ERR(CRYPT_PK_DUP); - ERR(CRYPT_PK_NOT_FOUND); - ERR(CRYPT_PK_INVALID_SIZE); - - ERR(CRYPT_INVALID_PRIME_SIZE); -} - - - -int main(void) -{ -#ifdef SONY_PS2 - TIMER_Init(); -#endif - - register_all_algs(); - - if ((errno = yarrow_start(&prng)) != CRYPT_OK) { - printf("yarrow_start: %s\n", error_to_string(errno)); - } - if ((errno = yarrow_add_entropy("hello", 5, &prng)) != CRYPT_OK) { - printf("yarrow_add_entropy: %s\n", error_to_string(errno)); - } - if ((errno = yarrow_ready(&prng)) != CRYPT_OK) { - printf("yarrow_ready: %s\n", error_to_string(errno)); - } - - printf(crypt_build_settings); - test_errs(); - -#ifdef HMAC - printf("HMAC: %s\n", hmac_test() == CRYPT_OK ? "passed" : "failed"); -#endif - - store_tests(); - cipher_tests(); - hash_tests(); - - ecb_tests(); - cbc_tests(); - ctr_tests(); - ofb_tests(); - cfb_tests(); - - rng_tests(); - //test_prime(); - - kr_test(); - rsa_test(); - pad_test(); - ecc_tests(); - dh_tests(); - - gf_tests(); - base64_test(); - - time_ecb(); - time_hash(); - -#ifdef SONY_PS2 - TIMER_Shutdown(); -#endif - - return 0; -} diff --git a/des.c b/des.c index 81a7bd65..42b11d9b 100644 --- a/des.c +++ b/des.c @@ -241,35 +241,43 @@ void deskey(const unsigned char *key, short edf, unsigned long *keyout) unsigned long i, j, l, m, n, kn[32]; unsigned char pc1m[56], pcr[56]; - for(j=0; j < 56; j++) - { + for (j=0; j < 56; j++) { l = (unsigned long)pc1[j]; - m = l & 07; + m = l & 7; pc1m[j] = (unsigned char)((key[l >> 3U] & bytebit[m]) == bytebit[m] ? 1 : 0); } - for(i=0; i < 16; i++) - { - if(edf == DE1) m = (15 - i) << 1; - else m = i << 1; + for (i=0; i < 16; i++) { + if (edf == DE1) { + m = (15 - i) << 1; + } else { + m = i << 1; + } n = m + 1; kn[m] = kn[n] = 0L; - for(j=0; j < 28; j++) - { + for (j=0; j < 28; j++) { l = j + (unsigned long)totrot[i]; - if(l < 28) pcr[j] = pc1m[l]; - else pcr[j] = pc1m[l - 28]; + if (l < 28) { + pcr[j] = pc1m[l]; + } else { + pcr[j] = pc1m[l - 28]; + } } - for(/*j = 28*/; j < 56; j++) - { + for (/*j = 28*/; j < 56; j++) { l = j + (unsigned long)totrot[i]; - if(l < 56) pcr[j] = pc1m[l]; - else pcr[j] = pc1m[l - 28]; + if (l < 56) { + pcr[j] = pc1m[l]; + } else { + pcr[j] = pc1m[l - 28]; + } } - for(j=0; j < 24; j++) - { - if((int)pcr[(int)pc2[j]] != 0) kn[m] |= bigbyte[j]; - if((int)pcr[(int)pc2[j+24]] != 0) kn[n] |= bigbyte[j]; + for (j=0; j < 24; j++) { + if ((int)pcr[(int)pc2[j]] != 0) { + kn[m] |= bigbyte[j]; + } + if ((int)pcr[(int)pc2[j+24]] != 0) { + kn[n] |= bigbyte[j]; + } } } @@ -326,7 +334,7 @@ static void desfunc(unsigned long *block, const unsigned long *keys) static void _desfunc(unsigned long *block, const unsigned long *keys) #endif { - unsigned long fval, work, right, leftt; + unsigned long work, right, leftt; int round; leftt = block[0]; @@ -348,38 +356,35 @@ static void _desfunc(unsigned long *block, const unsigned long *keys) leftt ^= work; right ^= (work << 8); - right = ((right << 1) | ((right >> 31) & 1L)) & 0xFFFFFFFFL; + right = ROL(right, 1); work = (leftt ^ right) & 0xaaaaaaaaL; leftt ^= work; right ^= work; - leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL; + leftt = ROL(leftt, 1); - for( round = 0; round < 8; round++) - { - work = ((right << 28) | (right >> 4)) ^ *keys++; - fval = SP7[ work & 0x3fL] - | SP5[(work >> 8) & 0x3fL] - | SP3[(work >> 16) & 0x3fL] - | SP1[(work >> 24) & 0x3fL]; + for (round = 0; round < 8; round++) { + work = ROR(right, 4) ^ *keys++; + leftt ^= SP7[work & 0x3fL] + ^ SP5[(work >> 8) & 0x3fL] + ^ SP3[(work >> 16) & 0x3fL] + ^ SP1[(work >> 24) & 0x3fL]; work = right ^ *keys++; - fval |= SP8[ work & 0x3fL] - | SP6[(work >> 8) & 0x3fL] - | SP4[(work >> 16) & 0x3fL] - | SP2[(work >> 24) & 0x3fL]; - leftt ^= fval; + leftt ^= SP8[ work & 0x3fL] + ^ SP6[(work >> 8) & 0x3fL] + ^ SP4[(work >> 16) & 0x3fL] + ^ SP2[(work >> 24) & 0x3fL]; - work = ((leftt << 28) | (leftt >> 4)) ^ *keys++; - fval = SP7[ work & 0x3fL] - | SP5[(work >> 8) & 0x3fL] - | SP3[(work >> 16) & 0x3fL] - | SP1[(work >> 24) & 0x3fL]; + work = ROR(leftt, 4) ^ *keys++; + right ^= SP7[ work & 0x3fL] + ^ SP5[(work >> 8) & 0x3fL] + ^ SP3[(work >> 16) & 0x3fL] + ^ SP1[(work >> 24) & 0x3fL]; work = leftt ^ *keys++; - fval |= SP8[ work & 0x3fL] - | SP6[(work >> 8) & 0x3fL] - | SP4[(work >> 16) & 0x3fL] - | SP2[(work >> 24) & 0x3fL]; - right ^= fval; + right ^= SP8[ work & 0x3fL] + ^ SP6[(work >> 8) & 0x3fL] + ^ SP4[(work >> 16) & 0x3fL] + ^ SP2[(work >> 24) & 0x3fL]; } right = (right << 31) | (right >> 1); work = (leftt ^ right) & 0xaaaaaaaaL; @@ -412,7 +417,6 @@ static void desfunc(unsigned long *block, const unsigned long *keys) } #endif - int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) { _ARGCHK(key != NULL); @@ -484,7 +488,8 @@ void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key * void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key) { - unsigned long work[2]; + unsigned long work[2], *k[3]; + _ARGCHK(pt != NULL); _ARGCHK(ct != NULL); _ARGCHK(key != NULL); diff --git a/dh.c b/dh.c index 03914abc..0e4ac438 100644 --- a/dh.c +++ b/dh.c @@ -207,10 +207,11 @@ void dh_sizes(int *low, int *high) int dh_get_size(dh_key *key) { _ARGCHK(key != NULL); - if (is_valid_idx(key->idx) == 1) + if (is_valid_idx(key->idx) == 1) { return sets[key->idx].size; - else + } else { return INT_MAX; /* large value that would cause dh_make_key() to fail */ + } } int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key) diff --git a/ecc.c b/ecc.c index aad03440..dfb127e3 100644 --- a/ecc.c +++ b/ecc.c @@ -253,18 +253,18 @@ static int dbl_point(ecc_point *P, ecc_point *R, mp_int *modulus, mp_int *mu) if (mp_mul_2(&P->y, &tmp) != MP_OKAY) { goto error; } /* tmp = 2*y */ if (mp_invmod(&tmp, modulus, &tmp) != MP_OKAY) { goto error; } /* tmp = 1/tmp mod modulus */ if (mp_sqr(&P->x, &s) != MP_OKAY) { goto error; } /* s = x^2 */ - if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; } + if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; } if (mp_mul_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) */ if (mp_sub_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) - 3 */ - if (mp_cmp_d(&s, 0) == MP_LT) { /* if s < 0 add modulus */ + if (mp_cmp_d(&s, 0) == MP_LT) { /* if s < 0 add modulus */ if (mp_add(&s, modulus, &s) != MP_OKAY) { goto error; } } if (mp_mul(&s, &tmp, &s) != MP_OKAY) { goto error; } /* s = tmp * s mod modulus */ - if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; } + if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; } /* Xr = s^2 - 2Xp */ if (mp_sqr(&s, &tmpx) != MP_OKAY) { goto error; } /* tmpx = s^2 */ - if (mp_reduce(&tmpx, modulus, mu) != MP_OKAY) { goto error; } /* tmpx = tmpx mod modulus */ + if (mp_reduce(&tmpx, modulus, mu) != MP_OKAY) { goto error; } /* tmpx = tmpx mod modulus */ if (mp_sub(&tmpx, &P->x, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmpx - x */ if (mp_submod(&tmpx, &P->x, modulus, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmpx - x mod modulus */ @@ -321,11 +321,11 @@ static int add_point(ecc_point *P, ecc_point *Q, ecc_point *R, mp_int *modulus, if (mp_add(&s, modulus, &s) != MP_OKAY) { goto error; } } if (mp_mul(&s, &tmp, &s) != MP_OKAY) { goto error; } /* s = s * tmp mod modulus */ - if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; } + if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; } /* Xr = s^2 - Xp - Xq */ if (mp_sqr(&s, &tmp) != MP_OKAY) { goto error; } /* tmp = s^2 mod modulus */ - if (mp_reduce(&tmp, modulus, mu) != MP_OKAY) { goto error; } + if (mp_reduce(&tmp, modulus, mu) != MP_OKAY) { goto error; } if (mp_sub(&tmp, &P->x, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp - Px */ if (mp_sub(&tmp, &Q->x, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmp - Qx */ diff --git a/hash.c b/hash.c index 90a7c592..1d3eb57e 100644 --- a/hash.c +++ b/hash.c @@ -61,7 +61,6 @@ int hash_filehandle(int hash, FILE *in, unsigned char *dst, unsigned long *outle #endif } - int hash_file(int hash, const char *fname, unsigned char *dst, unsigned long *outlen) { #ifdef NO_FILE diff --git a/hmac.c b/hmac.c index d4d78dd6..b3fcfc7e 100644 --- a/hmac.c +++ b/hmac.c @@ -125,7 +125,8 @@ int hmac_done(hmac_state *hmac, unsigned char *hashOut) } int hmac_memory(int hash, const unsigned char *key, unsigned long keylen, - const unsigned char *data, unsigned long len, unsigned char *dst) + const unsigned char *data, unsigned long len, + unsigned char *dst, unsigned long *dstlen) { hmac_state hmac; int err; @@ -133,6 +134,14 @@ int hmac_memory(int hash, const unsigned char *key, unsigned long keylen, _ARGCHK(key != NULL); _ARGCHK(data != NULL); _ARGCHK(dst != NULL); + + if((err = hash_is_valid(hash)) != CRYPT_OK) { + return err; + } + if (hash_descriptor[hash].hashsize > *dstlen) { + return CRYPT_BUFFER_OVERFLOW; + } + *dstlen = hash_descriptor[hash].hashsize; if ((err = hmac_init(&hmac, hash, key, keylen)) != CRYPT_OK) { return err; @@ -150,7 +159,8 @@ int hmac_memory(int hash, const unsigned char *key, unsigned long keylen, /* hmac_file added by Tom St Denis */ int hmac_file(int hash, const char *fname, const unsigned char *key, - unsigned long keylen, unsigned char *dst) + unsigned long keylen, + unsigned char *dst, unsigned long *dstlen) { #ifdef NO_FILE return CRYPT_ERROR; @@ -164,6 +174,14 @@ int hmac_file(int hash, const char *fname, const unsigned char *key, _ARGCHK(fname != NULL); _ARGCHK(key != NULL); _ARGCHK(dst != NULL); + + if((err = hash_is_valid(hash)) != CRYPT_OK) { + return err; + } + if (hash_descriptor[hash].hashsize > *dstlen) { + return CRYPT_BUFFER_OVERFLOW; + } + *dstlen = hash_descriptor[hash].hashsize; if ((err = hmac_init(&hmac, hash, key, keylen)) != CRYPT_OK) { return err; @@ -436,11 +454,13 @@ Key First" 0x1f, 0xb1, 0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e} } }; + unsigned long outlen; int err; int failed=0; for(i=0; i < (int)(sizeof(cases) / sizeof(cases[0])); i++) { int hash = find_hash(cases[i].algo); - if((err = hmac_memory(hash, cases[i].key, cases[i].keylen, cases[i].data, cases[i].datalen, digest)) != CRYPT_OK) { + outlen = sizeof(digest); + if((err = hmac_memory(hash, cases[i].key, cases[i].keylen, cases[i].data, cases[i].datalen, digest, &outlen)) != CRYPT_OK) { #if 0 printf("HMAC-%s test #%d\n", cases[i].algo, cases[i].num); #endif diff --git a/makefile b/makefile index 7daa8f77..6b8ad8af 100644 --- a/makefile +++ b/makefile @@ -9,7 +9,7 @@ # a build. This is easy to remedy though, for those that have problems. # The version -VERSION=0.81 +VERSION=0.82 #ch1-01-1 # Compiler and Linker Names diff --git a/makefile.msvc b/makefile.msvc new file mode 100644 index 00000000..f476a318 --- /dev/null +++ b/makefile.msvc @@ -0,0 +1,23 @@ +#MSVC Makefile [tested with MSVC 6.00 with SP5] +# +#Tom St Denis + +CFLAGS = /I. /Ogityb2 /Gs /DWIN32 /W3 + +default: library + +#List of objects to compile. +OBJECTS=keyring.obj gf.obj mem.obj sprng.obj ecc.obj base64.obj dh.obj rsa.obj \ +bits.obj yarrow.obj cfb.obj ofb.obj ecb.obj ctr.obj cbc.obj hash.obj tiger.obj sha1.obj \ +md5.obj md4.obj md2.obj sha256.obj sha512.obj xtea.obj aes.obj serpent.obj des.obj \ +safer_tab.obj safer.obj safer+.obj rc4.obj rc2.obj rc6.obj rc5.obj cast5.obj noekeon.obj \ +blowfish.obj crypt.obj ampi.obj mpi.obj prime.obj twofish.obj packet.obj hmac.obj strings.obj + +library: $(OBJECTS) + lib /out:tomcrypt.lib $(OBJECTS) + +test.obj: demos/test.c + cl $(CFLAGS) /c demos/test.c + +test: library test.obj + cl test.obj tomcrypt.lib advapi32.lib \ No newline at end of file diff --git a/makefile.out b/makefile.out index e0309fbb..bb217efa 100644 --- a/makefile.out +++ b/makefile.out @@ -5,7 +5,7 @@ CC = gcc AR = ar LD = ld -CFLAGS += -Os -Wall -Wsign-compare -W -Wno-unused -Werror -I./ +CFLAGS += -O3 -Wall -Wsign-compare -W -Wno-unused -Werror -I./ default: library diff --git a/md4.c b/md4.c index 767e789f..cff14420 100644 --- a/md4.c +++ b/md4.c @@ -30,7 +30,7 @@ const struct _hash_descriptor md4_desc = /* F, G and H are basic MD4 functions. */ #define F(x, y, z) (((x) & (y)) | ((~x) & (z))) -#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) +#define G(x, y, z) ((x & y) | (z & (x | y))) #define H(x, y, z) ((x) ^ (y) ^ (z)) /* ROTATE_LEFT rotates x left n bits. */ diff --git a/md5.c b/md5.c index a55d15e6..ae9a1dd6 100644 --- a/md5.c +++ b/md5.c @@ -14,10 +14,10 @@ const struct _hash_descriptor md5_desc = &md5_test }; -#define F(x,y,z) ( (x&y)|((~x)&z) ) -#define G(x,y,z) ( (x&z)|(y&(~z)) ) +#define F(x,y,z) ((x&y)|((~x)&z)) +#define G(x,y,z) ((x&z)|(y&(~z))) #define H(x,y,z) (x^y^z) -#define I(x,y,z) (y ^ (x | (~z))) +#define I(x,y,z) (y^(x|(~z))) #define FF(a,b,c,d,M,s,t) \ a = (a + F(b,c,d) + M + t); a = ROL(a, s); a = (b + a); diff --git a/mpi.c b/mpi.c index 4d6738b8..ca2b6336 100644 --- a/mpi.c +++ b/mpi.c @@ -13,13 +13,16 @@ * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include -int KARATSUBA_MUL_CUTOFF = 80, /* Min. number of digits before Karatsuba multiplication is used. */ - KARATSUBA_SQR_CUTOFF = 80, /* Min. number of digits before Karatsuba squaring is used. */ - MONTGOMERY_EXPT_CUTOFF = 74; /* max. number of digits that montgomery reductions will help for */ +/* configured for a Duron Morgan core with etc/tune.c */ +int KARATSUBA_MUL_CUTOFF = 73, /* Min. number of digits before Karatsuba multiplication is used. */ + KARATSUBA_SQR_CUTOFF = 121, /* Min. number of digits before Karatsuba squaring is used. */ + MONTGOMERY_EXPT_CUTOFF = 128; /* max. number of digits that montgomery reductions will help for */ + +/* note the MONT cuttoff should be tuned better. Seems it slowed down a 1024-bit exptmod when set to 74 */ /* End: bncore.c */ @@ -36,7 +39,7 @@ int KARATSUBA_MUL_CUTOFF = 80, /* Min. number of digits before Karatsuba mul * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -216,7 +219,7 @@ __ERR: * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -306,14 +309,18 @@ fast_mp_montgomery_reduce (mp_int * a, mp_int * m, mp_digit mp) W[ix + 1] += W[ix] >> ((mp_word) DIGIT_BIT); } - /* nox fix rest of carries */ - for (++ix; ix <= m->used * 2 + 1; ix++) { - W[ix] += (W[ix - 1] >> ((mp_word) DIGIT_BIT)); - } { register mp_digit *tmpa; - register mp_word *_W; + register mp_word *_W, *_W1; + + /* nox fix rest of carries */ + _W1 = W + ix; + _W = W + ++ix; + + for (; ix <= m->used * 2 + 1; ix++) { + *_W++ += *_W1++ >> ((mp_word) DIGIT_BIT); + } /* copy out, A = A/b^n * @@ -361,7 +368,7 @@ fast_mp_montgomery_reduce (mp_int * a, mp_int * m, mp_digit mp) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -486,7 +493,7 @@ fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -553,8 +560,7 @@ fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) W[ix] += (W[ix - 1] >> ((mp_word) DIGIT_BIT)); c->dp[ix - 1] = (mp_digit) (W[ix - 1] & ((mp_word) MP_MASK)); } - c->dp[(pa + pb + 1) - 1] = - (mp_digit) (W[(pa + pb + 1) - 1] & ((mp_word) MP_MASK)); + c->dp[(pa + pb + 1) - 1] = (mp_digit) (W[(pa + pb + 1) - 1] & ((mp_word) MP_MASK)); for (; ix < oldused; ix++) { c->dp[ix] = 0; @@ -578,7 +584,7 @@ fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -694,12 +700,8 @@ fast_s_mp_sqr (mp_int * a, mp_int * b) for (; ix < olduse; ix++) { *tmpb++ = 0; } - } - /* fix the sign (since we no longer make a fresh temp) */ - b->sign = MP_ZPOS; - mp_clamp (b); return MP_OKAY; } @@ -719,7 +721,7 @@ fast_s_mp_sqr (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -758,7 +760,7 @@ mp_2expt (mp_int * a, int b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -792,7 +794,7 @@ mp_abs (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -852,7 +854,7 @@ mp_add (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -891,7 +893,7 @@ mp_addmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -927,7 +929,7 @@ mp_add_d (mp_int * a, mp_digit b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -982,7 +984,7 @@ mp_and (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1018,7 +1020,7 @@ mp_clamp (mp_int * a) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1032,7 +1034,7 @@ mp_clear (mp_int * a) memset (a->dp, 0, sizeof (mp_digit) * a->used); /* free ram */ - free (a->dp); + XFREE(a->dp); /* reset members to make debugging easier */ a->dp = NULL; @@ -1055,7 +1057,7 @@ mp_clear (mp_int * a) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1087,7 +1089,7 @@ mp_cmp (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1128,7 +1130,7 @@ mp_cmp_d (mp_int * a, mp_digit b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1171,7 +1173,7 @@ mp_cmp_mag (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1229,7 +1231,7 @@ mp_copy (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1268,7 +1270,7 @@ mp_count_bits (mp_int * a) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1333,8 +1335,7 @@ mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d) /* normalize both x and y, ensure that y >= b/2, [b == 2^DIGIT_BIT] */ norm = 0; - while ((y.dp[y.used - 1] & (((mp_digit) 1) << (DIGIT_BIT - 1))) == - ((mp_digit) 0)) { + while ((y.dp[y.used - 1] & (((mp_digit) 1) << (DIGIT_BIT - 1))) == ((mp_digit) 0)) { ++norm; if ((res = mp_mul_2 (&x, &x)) != MP_OKAY) { goto __Y; @@ -1471,7 +1472,7 @@ __Q:mp_clear (&q); * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1507,6 +1508,7 @@ mp_div_2 (mp_int * a, mp_int * b) *tmpb++ = 0; } } + b->sign = a->sign; mp_clamp (b); return MP_OKAY; } @@ -1526,7 +1528,7 @@ mp_div_2 (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1567,7 +1569,9 @@ mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d) } /* shift by as many digits in the bit count */ - mp_rshd (c, b / DIGIT_BIT); + if (b >= DIGIT_BIT) { + mp_rshd (c, b / DIGIT_BIT); + } /* shift any bit count < DIGIT_BIT */ D = (mp_digit) (b % DIGIT_BIT); @@ -1608,7 +1612,7 @@ mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1656,7 +1660,7 @@ mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1685,24 +1689,35 @@ mp_exch (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include +static int f_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y); + +/* this is a shell function that calls either the normal or Montgomery + * exptmod functions. Originally the call to the montgomery code was + * embedded in the normal function but that wasted alot of stack space + * for nothing (since 99% of the time the Montgomery code would be called) + */ int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) +{ + /* if the modulus is odd use the fast method */ + if (mp_isodd (P) == 1 && P->used > 4 && P->used < MONTGOMERY_EXPT_CUTOFF) { + return mp_exptmod_fast (G, X, P, Y); + } else { + return f_mp_exptmod (G, X, P, Y); + } +} + +static int +f_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) { mp_int M[256], res, mu; mp_digit buf; int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize; - - /* if the modulus is odd use the fast method */ - if (mp_isodd (P) == 1 && P->used > 4 && P->used < MONTGOMERY_EXPT_CUTOFF) { - err = mp_exptmod_fast (G, X, P, Y); - return err; - } - /* find window size */ x = mp_count_bits (X); if (x <= 7) { @@ -1755,9 +1770,7 @@ mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) } for (x = 0; x < (winsize - 1); x++) { - if ((err = - mp_sqr (&M[1 << (winsize - 1)], - &M[1 << (winsize - 1)])) != MP_OKAY) { + if ((err = mp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) { goto __MU; } if ((err = mp_reduce (&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) { @@ -1902,7 +1915,7 @@ __M: * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -1958,39 +1971,32 @@ mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) goto __RES; } - /* now we need R mod m */ - if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) { - goto __RES; - } - /* create M table * * The M table contains powers of the input base, e.g. M[x] = G^x mod P * * The first half of the table is not computed though accept for M[0] and M[1] */ - if ((err = mp_mod (G, P, &M[1])) != MP_OKAY) { + + /* now we need R mod m */ + if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) { goto __RES; } /* now set M[1] to G * R mod m */ - if ((err = mp_mulmod (&M[1], &res, P, &M[1])) != MP_OKAY) { + if ((err = mp_mulmod (G, &res, P, &M[1])) != MP_OKAY) { goto __RES; } - /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times */ if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { goto __RES; } for (x = 0; x < (winsize - 1); x++) { - if ((err = - mp_sqr (&M[1 << (winsize - 1)], - &M[1 << (winsize - 1)])) != MP_OKAY) { + if ((err = mp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) { goto __RES; } - if ((err = - mp_montgomery_reduce (&M[1 << (winsize - 1)], P, mp)) != MP_OKAY) { + if ((err = mp_montgomery_reduce (&M[1 << (winsize - 1)], P, mp)) != MP_OKAY) { goto __RES; } } @@ -2130,7 +2136,7 @@ __M: * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2183,7 +2189,7 @@ mp_expt_d (mp_int * a, mp_digit b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2230,10 +2236,10 @@ mp_gcd (mp_int * a, mp_int * b, mp_int * c) k = 0; while ((u.dp[0] & 1) == 0 && (v.dp[0] & 1) == 0) { ++k; - if ((res = mp_div_2d (&u, 1, &u, NULL)) != MP_OKAY) { + if ((res = mp_div_2 (&u, &u)) != MP_OKAY) { goto __T; } - if ((res = mp_div_2d (&v, 1, &v, NULL)) != MP_OKAY) { + if ((res = mp_div_2 (&v, &v)) != MP_OKAY) { goto __T; } } @@ -2253,7 +2259,7 @@ mp_gcd (mp_int * a, mp_int * b, mp_int * c) do { /* B3 (and B4). Halve t, if even */ while (t.used != 0 && (t.dp[0] & 1) == 0) { - if ((res = mp_div_2d (&t, 1, &t, NULL)) != MP_OKAY) { + if ((res = mp_div_2 (&t, &t)) != MP_OKAY) { goto __T; } } @@ -2305,7 +2311,7 @@ __U:mp_clear (&v); * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2319,7 +2325,7 @@ mp_grow (mp_int * a, int size) if (a->alloc < size) { size += (MP_PREC * 2) - (size & (MP_PREC - 1)); /* ensure there are always at least MP_PREC digits extra on top */ - a->dp = realloc (a->dp, sizeof (mp_digit) * size); + a->dp = XREALLOC (a->dp, sizeof (mp_digit) * size); if (a->dp == NULL) { return MP_MEM; } @@ -2348,7 +2354,7 @@ mp_grow (mp_int * a, int size) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2358,7 +2364,7 @@ mp_init (mp_int * a) { /* allocate ram required and clear it */ - a->dp = calloc (sizeof (mp_digit), MP_PREC); + a->dp = XCALLOC (sizeof (mp_digit), MP_PREC); if (a->dp == NULL) { return MP_MEM; } @@ -2387,7 +2393,7 @@ mp_init (mp_int * a) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2400,8 +2406,7 @@ mp_init_copy (mp_int * a, mp_int * b) if ((res = mp_init (a)) != MP_OKAY) { return res; } - res = mp_copy (b, a); - return res; + return mp_copy (b, a); } /* End: bn_mp_init_copy.c */ @@ -2419,7 +2424,7 @@ mp_init_copy (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2430,7 +2435,7 @@ mp_init_size (mp_int * a, int size) /* pad up so there are at least 16 zero digits */ size += (MP_PREC * 2) - (size & (MP_PREC - 1)); /* ensure there are always at least 16 digits extra on top */ - a->dp = calloc (sizeof (mp_digit), size); + a->dp = XCALLOC (sizeof (mp_digit), size); if (a->dp == NULL) { return MP_MEM; } @@ -2456,7 +2461,7 @@ mp_init_size (mp_int * a, int size) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2661,7 +2666,7 @@ __ERR: * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2779,7 +2784,7 @@ __A1:mp_clear (&a1); * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2806,8 +2811,7 @@ int mp_karatsuba_mul (mp_int * a, mp_int * b, mp_int * c) { mp_int x0, x1, y0, y1, t1, t2, x0y0, x1y1; - int B, err, x; - + int B, err; err = MP_MEM; @@ -2828,13 +2832,13 @@ mp_karatsuba_mul (mp_int * a, mp_int * b, mp_int * c) goto Y0; /* init temps */ - if (mp_init (&t1) != MP_OKAY) + if (mp_init_size (&t1, B * 2) != MP_OKAY) goto Y1; - if (mp_init (&t2) != MP_OKAY) + if (mp_init_size (&t2, B * 2) != MP_OKAY) goto T1; - if (mp_init (&x0y0) != MP_OKAY) + if (mp_init_size (&x0y0, B * 2) != MP_OKAY) goto T2; - if (mp_init (&x1y1) != MP_OKAY) + if (mp_init_size (&x1y1, B * 2) != MP_OKAY) goto X0Y0; /* now shift the digits */ @@ -2845,18 +2849,32 @@ mp_karatsuba_mul (mp_int * a, mp_int * b, mp_int * c) x1.used = a->used - B; y1.used = b->used - B; - /* we copy the digits directly instead of using higher level functions - * since we also need to shift the digits - */ - for (x = 0; x < B; x++) { - x0.dp[x] = a->dp[x]; - y0.dp[x] = b->dp[x]; - } - for (x = B; x < a->used; x++) { - x1.dp[x - B] = a->dp[x]; - } - for (x = B; x < b->used; x++) { - y1.dp[x - B] = b->dp[x]; + { + register int x; + register mp_digit *tmpa, *tmpb, *tmpx, *tmpy; + + /* we copy the digits directly instead of using higher level functions + * since we also need to shift the digits + */ + tmpa = a->dp; + tmpb = b->dp; + + tmpx = x0.dp; + tmpy = y0.dp; + for (x = 0; x < B; x++) { + *tmpx++ = *tmpa++; + *tmpy++ = *tmpb++; + } + + tmpx = x1.dp; + for (x = B; x < a->used; x++) { + *tmpx++ = *tmpa++; + } + + tmpy = y1.dp; + for (x = B; x < b->used; x++) { + *tmpy++ = *tmpb++; + } } /* only need to clamp the lower words since by definition the upper words x1/y1 must @@ -2925,7 +2943,7 @@ ERR: * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -2938,8 +2956,7 @@ int mp_karatsuba_sqr (mp_int * a, mp_int * b) { mp_int x0, x1, t1, t2, x0x0, x1x1; - int B, err, x; - + int B, err; err = MP_MEM; @@ -2956,22 +2973,31 @@ mp_karatsuba_sqr (mp_int * a, mp_int * b) goto X0; /* init temps */ - if (mp_init (&t1) != MP_OKAY) + if (mp_init_size (&t1, a->used * 2) != MP_OKAY) goto X1; - if (mp_init (&t2) != MP_OKAY) + if (mp_init_size (&t2, a->used * 2) != MP_OKAY) goto T1; - if (mp_init (&x0x0) != MP_OKAY) + if (mp_init_size (&x0x0, B * 2) != MP_OKAY) goto T2; - if (mp_init (&x1x1) != MP_OKAY) + if (mp_init_size (&x1x1, (a->used - B) * 2) != MP_OKAY) goto X0X0; - /* now shift the digits */ - for (x = 0; x < B; x++) { - x0.dp[x] = a->dp[x]; - } + { + register int x; + register mp_digit *dst, *src; - for (x = B; x < a->used; x++) { - x1.dp[x - B] = a->dp[x]; + src = a->dp; + + /* now shift the digits */ + dst = x0.dp; + for (x = 0; x < B; x++) { + *dst++ = *src++; + } + + dst = x1.dp; + for (x = B; x < a->used; x++) { + *dst++ = *src++; + } } x0.used = B; @@ -2992,7 +3018,7 @@ mp_karatsuba_sqr (mp_int * a, mp_int * b) goto X1X1; /* t1 = (x1 - x0) * (y1 - y0) */ /* add x0y0 */ - if (mp_add (&x0x0, &x1x1, &t2) != MP_OKAY) + if (s_mp_add (&x0x0, &x1x1, &t2) != MP_OKAY) goto X1X1; /* t2 = x0y0 + x1y1 */ if (mp_sub (&t2, &t1, &t1) != MP_OKAY) goto X1X1; /* t1 = x0y0 + x1y1 - (x1-x0)*(y1-y0) */ @@ -3035,7 +3061,7 @@ ERR: * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3081,7 +3107,7 @@ mp_lcm (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3102,17 +3128,32 @@ mp_lshd (mp_int * a, int b) return res; } - /* increment the used by the shift amount than copy upwards */ - a->used += b; - for (x = a->used - 1; x >= b; x--) { - a->dp[x] = a->dp[x - b]; - } + { + register mp_digit *tmpa, *tmpaa; - /* zero the lower digits */ - for (x = 0; x < b; x++) { - a->dp[x] = 0; + /* increment the used by the shift amount than copy upwards */ + a->used += b; + + /* top */ + tmpa = a->dp + a->used - 1; + + /* base */ + tmpaa = a->dp + a->used - 1 - b; + + /* much like mp_rshd this is implemented using a sliding window + * except the window goes the otherway around. Copying from + * the bottom to the top. see bn_mp_rshd.c for more info. + */ + for (x = a->used - 1; x >= b; x--) { + *tmpa-- = *tmpaa--; + } + + /* zero the lower digits */ + tmpa = a->dp; + for (x = 0; x < b; x++) { + *tmpa++ = 0; + } } - mp_clamp (a); return MP_OKAY; } @@ -3131,7 +3172,7 @@ mp_lshd (mp_int * a, int b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3178,7 +3219,7 @@ mp_mod (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3212,8 +3253,7 @@ mp_mod_2d (mp_int * a, int b, mp_int * c) } /* clear the digit that is not completely outside/inside the modulus */ c->dp[b / DIGIT_BIT] &= - (mp_digit) ((((mp_digit) 1) << (((mp_digit) b) % DIGIT_BIT)) - - ((mp_digit) 1)); + (mp_digit) ((((mp_digit) 1) << (((mp_digit) b) % DIGIT_BIT)) - ((mp_digit) 1)); mp_clamp (c); return MP_OKAY; } @@ -3233,7 +3273,7 @@ mp_mod_2d (mp_int * a, int b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3284,7 +3324,7 @@ mp_mod_d (mp_int * a, mp_digit b, mp_digit * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3341,7 +3381,7 @@ mp_montgomery_calc_normalization (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3381,9 +3421,7 @@ mp_montgomery_reduce (mp_int * a, mp_int * m, mp_digit mp) mu = 0; for (iy = 0; iy < m->used; iy++) { - r = - ((mp_word) ui) * ((mp_word) * tmpx++) + ((mp_word) mu) + - ((mp_word) * tmpy); + r = ((mp_word) ui) * ((mp_word) * tmpx++) + ((mp_word) mu) + ((mp_word) * tmpy); mu = (r >> ((mp_word) DIGIT_BIT)); *tmpy++ = (r & ((mp_word) MP_MASK)); } @@ -3422,7 +3460,7 @@ mp_montgomery_reduce (mp_int * a, mp_int * m, mp_digit mp) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3430,38 +3468,31 @@ mp_montgomery_reduce (mp_int * a, mp_int * m, mp_digit mp) int mp_montgomery_setup (mp_int * a, mp_digit * mp) { - mp_int t, tt; - int res; + unsigned long x, b; - if ((res = mp_init (&t)) != MP_OKAY) { - return res; +/* fast inversion mod 2^32 + * + * Based on the fact that + * + * XA = 1 (mod 2^n) => (X(2-XA)) A = 1 (mod 2^2n) + * => 2*X*A - X*X*A*A = 1 + * => 2*(1) - (1) = 1 + */ + b = a->dp[0]; + + if ((b & 1) == 0) { + return MP_VAL; } - if ((res = mp_init (&tt)) != MP_OKAY) { - goto __T; - } - - /* tt = b */ - tt.dp[0] = 0; - tt.dp[1] = 1; - tt.used = 2; - - /* t = m mod b */ - t.dp[0] = a->dp[0]; - t.used = 1; - - /* t = 1/m mod b */ - if ((res = mp_invmod (&t, &tt, &t)) != MP_OKAY) { - goto __TT; - } + x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2^4 */ + x *= 2 - b * x; /* here x*a==1 mod 2^8 */ + x *= 2 - b * x; /* here x*a==1 mod 2^16; each step doubles the nb of bits */ + x *= 2 - b * x; /* here x*a==1 mod 2^32 */ /* t = -1/m mod b */ - *mp = ((mp_digit) 1 << ((mp_digit) DIGIT_BIT)) - t.dp[0]; + *mp = ((mp_digit) 1 << ((mp_digit) DIGIT_BIT)) - (x & MP_MASK); - res = MP_OKAY; -__TT:mp_clear (&tt); -__T:mp_clear (&t); - return res; + return MP_OKAY; } /* End: bn_mp_montgomery_setup.c */ @@ -3479,7 +3510,7 @@ __T:mp_clear (&t); * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3492,7 +3523,21 @@ mp_mul (mp_int * a, mp_int * b, mp_int * c) if (MIN (a->used, b->used) > KARATSUBA_MUL_CUTOFF) { res = mp_karatsuba_mul (a, b, c); } else { - res = s_mp_mul (a, b, c); + + /* can we use the fast multiplier? + * + * The fast multiplier can be used if the output will have less than + * 512 digits and the number of digits won't affect carry propagation + */ + int digs = a->used + b->used + 1; + + if ((digs < 512) + && digs < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + res = fast_s_mp_mul_digs (a, b, c, digs); + } else { + res = s_mp_mul (a, b, c); + } + } c->sign = neg; return res; @@ -3513,7 +3558,7 @@ mp_mul (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3553,7 +3598,7 @@ mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3593,6 +3638,11 @@ mp_mul_2 (mp_int * a, mp_int * b) if ((res = mp_grow (b, b->used + 1)) != MP_OKAY) { return res; } + + /* after the grow *tmpb is no longer valid so we have to reset it! + * (this bug took me about 17 minutes to find...!) + */ + tmpb = b->dp + b->used; } /* add a MSB of 1 */ *tmpb = 1; @@ -3604,6 +3654,7 @@ mp_mul_2 (mp_int * a, mp_int * b) *tmpb++ = 0; } } + b->sign = a->sign; return MP_OKAY; } @@ -3622,7 +3673,7 @@ mp_mul_2 (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3644,9 +3695,11 @@ mp_mul_2d (mp_int * a, int b, mp_int * c) } /* shift by as many digits in the bit count */ - if ((res = mp_lshd (c, b / DIGIT_BIT)) != MP_OKAY) { - return res; - } + if (b >= DIGIT_BIT) { + if ((res = mp_lshd (c, b / DIGIT_BIT)) != MP_OKAY) { + return res; + } + } c->used = c->alloc; /* shift any bit count < DIGIT_BIT */ @@ -3683,7 +3736,7 @@ mp_mul_2d (mp_int * a, int b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3744,7 +3797,7 @@ mp_mul_d (mp_int * a, mp_digit b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3775,7 +3828,7 @@ mp_neg (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3898,7 +3951,7 @@ __T1:mp_clear (&t1); * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -3947,7 +4000,7 @@ mp_or (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4000,7 +4053,7 @@ mp_rand (mp_int * a, int digits) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4032,7 +4085,7 @@ mp_read_signed_bin (mp_int * a, unsigned char *b, int c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4075,7 +4128,7 @@ mp_read_unsigned_bin (mp_int * a, unsigned char *b, int c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4174,7 +4227,7 @@ CLEANUP: * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4184,7 +4237,6 @@ mp_rshd (mp_int * a, int b) { int x; - /* if b <= 0 then ignore it */ if (b <= 0) { return; @@ -4196,14 +4248,34 @@ mp_rshd (mp_int * a, int b) return; } - /* shift the digits down */ - for (x = 0; x < (a->used - b); x++) { - a->dp[x] = a->dp[x + b]; - } + { + register mp_digit *tmpa, *tmpaa; - /* zero the top digits */ - for (; x < a->used; x++) { - a->dp[x] = 0; + /* shift the digits down */ + + /* base */ + tmpa = a->dp; + + /* offset into digits */ + tmpaa = a->dp + b; + + /* this is implemented as a sliding window where the window is b-digits long + * and digits from the top of the window are copied to the bottom + * + * e.g. + + b-2 | b-1 | b0 | b1 | b2 | ... | bb | ----> + /\ | ----> + \-------------------/ ----> + */ + for (x = 0; x < (a->used - b); x++) { + *tmpa++ = *tmpaa++; + } + + /* zero the top digits */ + for (; x < a->used; x++) { + *tmpa++ = 0; + } } mp_clamp (a); } @@ -4223,7 +4295,7 @@ mp_rshd (mp_int * a, int b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4251,7 +4323,7 @@ mp_set (mp_int * a, mp_digit b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4300,7 +4372,7 @@ mp_set_int (mp_int * a, unsigned long b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4309,7 +4381,7 @@ int mp_shrink (mp_int * a) { if (a->alloc != a->used) { - if ((a->dp = realloc (a->dp, sizeof (mp_digit) * a->used)) == NULL) { + if ((a->dp = XREALLOC (a->dp, sizeof (mp_digit) * a->used)) == NULL) { return MP_MEM; } a->alloc = a->used; @@ -4332,7 +4404,7 @@ mp_shrink (mp_int * a) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4358,7 +4430,7 @@ mp_signed_bin_size (mp_int * a) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4370,7 +4442,14 @@ mp_sqr (mp_int * a, mp_int * b) if (a->used > KARATSUBA_SQR_CUTOFF) { res = mp_karatsuba_sqr (a, b); } else { - res = s_mp_sqr (a, b); + + /* can we use the fast multiplier? */ + if (((a->used * 2 + 1) < 512) + && a->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT) - 1))) { + res = fast_s_mp_sqr (a, b); + } else { + res = s_mp_sqr (a, b); + } } b->sign = MP_ZPOS; return res; @@ -4391,7 +4470,7 @@ mp_sqr (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4431,7 +4510,7 @@ mp_sqrmod (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4493,7 +4572,7 @@ mp_sub (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4533,7 +4612,7 @@ mp_submod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4570,7 +4649,7 @@ mp_sub_d (mp_int * a, mp_digit b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4602,7 +4681,7 @@ mp_to_signed_bin (mp_int * a, unsigned char *b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4649,7 +4728,7 @@ mp_to_unsigned_bin (mp_int * a, unsigned char *b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4676,7 +4755,7 @@ mp_unsigned_bin_size (mp_int * a) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4725,7 +4804,7 @@ mp_xor (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4753,13 +4832,12 @@ mp_zero (mp_int * a) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include /* chars used in radix conversions */ -static const char *s_rmap = - "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/"; +static const char *s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/"; /* read a string [ASCII] in a given radix */ @@ -4896,7 +4974,7 @@ mp_radix_size (mp_int * a, int radix) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4933,7 +5011,7 @@ bn_reverse (unsigned char *s, int len) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -4978,8 +5056,14 @@ s_mp_add (mp_int * a, mp_int * b, mp_int * c) register int i; /* alias for digit pointers */ + + /* first input */ tmpa = a->dp; + + /* second input */ tmpb = b->dp; + + /* destination */ tmpc = c->dp; u = 0; @@ -5036,7 +5120,7 @@ s_mp_add (mp_int * a, mp_int * b, mp_int * c) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -5053,17 +5137,6 @@ s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) mp_word r; mp_digit tmpx, *tmpt, *tmpy; - - /* can we use the fast multiplier? - * - * The fast multiplier can be used if the output will have less than - * 512 digits and the number of digits won't affect carry propagation - */ - if ((digs < 512) - && digs < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { - return fast_s_mp_mul_digs (a, b, c, digs); - } - if ((res = mp_init_size (&t, digs)) != MP_OKAY) { return res; } @@ -5086,9 +5159,7 @@ s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) /* compute the columns of the output and propagate the carry */ for (iy = 0; iy < pb; iy++) { /* compute the column as a mp_word */ - r = - ((mp_word) * tmpt) + ((mp_word) tmpx) * ((mp_word) * tmpy++) + - ((mp_word) u); + r = ((mp_word) * tmpt) + ((mp_word) tmpx) * ((mp_word) * tmpy++) + ((mp_word) u); /* the new column is the lower part of the result */ *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); @@ -5122,7 +5193,7 @@ s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -5141,9 +5212,7 @@ s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) /* can we use the fast multiplier? */ if (((a->used + b->used + 1) < 512) - && MAX (a->used, - b->used) < - (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + && MAX (a->used, b->used) < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { return fast_s_mp_mul_high_digs (a, b, c, digs); } @@ -5169,9 +5238,7 @@ s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) for (iy = digs - ix; iy < pb; iy++) { /* calculate the double precision result */ - r = - ((mp_word) * tmpt) + ((mp_word) tmpx) * ((mp_word) * tmpy++) + - ((mp_word) u); + r = ((mp_word) * tmpt) + ((mp_word) tmpx) * ((mp_word) * tmpy++) + ((mp_word) u); /* get the lower part */ *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); @@ -5202,7 +5269,7 @@ s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include @@ -5215,13 +5282,6 @@ s_mp_sqr (mp_int * a, mp_int * b) mp_word r, u; mp_digit tmpx, *tmpt; - /* can we use the fast multiplier? */ - if (((a->used * 2 + 1) < 512) - && a->used < - (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT) - 1))) { - return fast_s_mp_sqr (a, b); - } - pa = a->used; if ((res = mp_init_size (&t, pa + pa + 1)) != MP_OKAY) { return res; @@ -5231,9 +5291,7 @@ s_mp_sqr (mp_int * a, mp_int * b) for (ix = 0; ix < pa; ix++) { /* first calculate the digit at 2*ix */ /* calculate double precision result */ - r = - ((mp_word) t.dp[ix + ix]) + - ((mp_word) a->dp[ix]) * ((mp_word) a->dp[ix]); + r = ((mp_word) t.dp[ix + ix]) + ((mp_word) a->dp[ix]) * ((mp_word) a->dp[ix]); /* store lower part in result */ t.dp[ix + ix] = (mp_digit) (r & ((mp_word) MP_MASK)); @@ -5294,7 +5352,7 @@ s_mp_sqr (mp_int * a, mp_int * b) * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca + * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org */ #include diff --git a/mycrypt.h b/mycrypt.h index a695c18a..aef74769 100644 --- a/mycrypt.h +++ b/mycrypt.h @@ -16,8 +16,8 @@ extern "C" { #endif /* version */ -#define CRYPT 0x0081 -#define SCRYPT "0.81" +#define CRYPT 0x0082 +#define SCRYPT "0.82" /* max size of either a cipher/hash block or symmetric key [largest of the two] */ #define MAXBLOCKSIZE 128 diff --git a/mycrypt_hash.h b/mycrypt_hash.h index c6d9771d..2b277a7e 100644 --- a/mycrypt_hash.h +++ b/mycrypt_hash.h @@ -177,8 +177,10 @@ extern int hmac_process(hmac_state *hmac, const unsigned char *buf, unsigned lon extern int hmac_done(hmac_state *hmac, unsigned char *hash); extern int hmac_test(void); extern int hmac_memory(int hash, const unsigned char *key, unsigned long keylen, - const unsigned char *data, unsigned long len, unsigned char *dst); + const unsigned char *data, unsigned long len, + unsigned char *dst, unsigned long *dstlen); extern int hmac_file(int hash, const char *fname, const unsigned char *key, - unsigned long keylen, unsigned char *dst); + unsigned long keylen, + unsigned char *dst, unsigned long *dstlen); #endif diff --git a/ofb.c b/ofb.c index 38609d04..808e32cd 100644 --- a/ofb.c +++ b/ofb.c @@ -36,6 +36,13 @@ int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s if ((err = cipher_is_valid(ofb->cipher)) != CRYPT_OK) { return err; } + + /* is blocklen/padlen valid? */ + if (ofb->blocklen < 0 || ofb->blocklen > (int)sizeof(ofb->IV) || + ofb->padlen < 0 || ofb->padlen > (int)sizeof(ofb->IV)) { + return CRYPT_INVALID_ARG; + } + while (len-- > 0) { if (ofb->padlen == ofb->blocklen) { cipher_descriptor[ofb->cipher].ecb_encrypt(ofb->IV, ofb->IV, &ofb->key); diff --git a/rsa_sys.c b/rsa_sys.c index 9a12db9d..4caef8d0 100644 --- a/rsa_sys.c +++ b/rsa_sys.c @@ -13,6 +13,11 @@ int rsa_encrypt_key(const unsigned char *inkey, unsigned long inlen, _ARGCHK(outkey != NULL); _ARGCHK(outlen != NULL); _ARGCHK(key != NULL); + + /* only allow keys from 64 to 256 bits */ + if (inlen < 8 || inlen > 32) { + return CRYPT_INVALID_ARG; + } /* are the parameters valid? */ if ((err = prng_is_valid(wprng)) != CRYPT_OK) { @@ -147,6 +152,11 @@ int rsa_sign_hash(const unsigned char *in, unsigned long inlen, _ARGCHK(out != NULL); _ARGCHK(outlen != NULL); _ARGCHK(key != NULL); + + /* reject nonsense sizes */ + if (inlen < 16) { + return CRYPT_INVALID_ARG; + } /* type of key? */ if (key->type != PK_PRIVATE && key->type != PK_PRIVATE_OPTIMIZED) { diff --git a/safer+.c b/safer+.c index f2846a5b..b3bed1f4 100644 --- a/safer+.c +++ b/safer+.c @@ -154,7 +154,7 @@ static void _ilt(unsigned char *b, unsigned char *b2) #endif /* These are the 33, 128-bit bias words for the key schedule */ -const unsigned char safer_bias[33][16] = { +static const unsigned char safer_bias[33][16] = { { 70, 151, 177, 186, 163, 183, 16, 10, 197, 55, 179, 201, 90, 40, 172, 100}, { 236, 171, 170, 198, 103, 149, 88, 13, 248, 154, 246, 110, 102, 220, 5, 61}, { 138, 195, 216, 137, 106, 233, 54, 73, 67, 191, 235, 212, 150, 155, 104, 160}, @@ -469,14 +469,12 @@ int saferp_keysize(int *desired_keysize) return CRYPT_INVALID_KEYSIZE; if (*desired_keysize < 24) { *desired_keysize = 16; - return CRYPT_OK; } else if (*desired_keysize < 32) { *desired_keysize = 24; - return CRYPT_OK; } else { *desired_keysize = 32; - return CRYPT_OK; } + return CRYPT_OK; } #endif diff --git a/sha256.c b/sha256.c index 1b702e4d..20f161a0 100644 --- a/sha256.c +++ b/sha256.c @@ -33,7 +33,7 @@ static const unsigned long K[64] = { /* Various logical functions */ #define Ch(x,y,z) ((x & y) | (~x & z)) -#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z)) +#define Maj(x,y,z) (((x | y) & z) | (x & y)) #define S(x, n) ROR((x),(n)) #define R(x, n) (((x)&0xFFFFFFFFUL)>>(n)) #define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22)) @@ -85,6 +85,7 @@ static void sha256_compress(hash_state * md) for (i = 0; i < 8; i++) { md->sha256.state[i] = md->sha256.state[i] + S[i]; } + } #ifdef CLEAN_STACK diff --git a/sha512.c b/sha512.c index 732b7992..282733f0 100644 --- a/sha512.c +++ b/sha512.c @@ -60,7 +60,7 @@ CONST64(0x5fcb6fab3ad6faec), CONST64(0x6c44198c4a475817) /* Various logical functions */ #define Ch(x,y,z) ((x & y) | (~x & z)) -#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z)) +#define Maj(x,y,z) (((x | y) & z) | (x & y)) #define S(x, n) ROR64((x),(n)) #define R(x, n) (((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)n)) #define Sigma0(x) (S(x, 28) ^ S(x, 34) ^ S(x, 39)) diff --git a/tommath.h b/tommath.h index 9db1781d..ff4f1be2 100644 --- a/tommath.h +++ b/tommath.h @@ -12,6 +12,8 @@ * * Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca */ +#include "mycrypt.h" + #ifndef BN_H_ #define BN_H_ diff --git a/twofish.c b/twofish.c index 35e76d07..cfaa0d1d 100644 --- a/twofish.c +++ b/twofish.c @@ -518,7 +518,7 @@ static void _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sym void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key) #endif { - unsigned long a,b,c,d,ta,tb,tc,td,t1,t2; + unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k; int r; _ARGCHK(pt != NULL); @@ -531,16 +531,24 @@ void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k b ^= key->twofish.K[1]; c ^= key->twofish.K[2]; d ^= key->twofish.K[3]; - - for (r = 0; r < 16; ++r) { + + k = key->twofish.K + 8; + for (r = 0; r < 16; r += 2) { t1 = g_func(a, key); t2 = g_func(ROL(b, 8), key); t2 += (t1 += t2); - t1 += key->twofish.K[r+r+8]; - t2 += key->twofish.K[r+r+9]; + t1 += *k++; + t2 += *k++; c ^= t1; c = ROR(c, 1); d = ROL(d, 1) ^ t2; - ta = a; a = c; c = ta; tb = b; b = d; d = tb; + + t1 = g_func(c, key); + t2 = g_func(ROL(d, 8), key); + t2 += (t1 += t2); + t1 += *k++; + t2 += *k++; + a ^= t1; a = ROR(a, 1); + b = ROL(b, 1) ^ t2; } /* output with "undo last swap" */ @@ -568,7 +576,7 @@ static void _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sym void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key) #endif { - unsigned long a,b,c,d,ta,tb,tc,td,t1,t2; + unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k; int r; _ARGCHK(pt != NULL); @@ -585,22 +593,21 @@ void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k c = ta ^ key->twofish.K[4]; d = tb ^ key->twofish.K[5]; - /* loop is kept partially unrolled because it is slower [at least on an Athlon] - * then the tight version. */ + k = key->twofish.K + 39; for (r = 14; r >= 0; r -= 2) { t1 = g_func(c, key); t2 = g_func(ROL(d, 8), key); t2 += (t1 += t2); - t1 += key->twofish.K[r+r+10]; - t2 += key->twofish.K[r+r+11]; + t2 += *k--; + t1 += *k--; a = ROL(a, 1) ^ t1; b = b ^ t2; b = ROR(b, 1); t1 = g_func(a, key); t2 = g_func(ROL(b, 8), key); t2 += (t1 += t2); - t1 += key->twofish.K[r+r+8]; - t2 += key->twofish.K[r+r+9]; + t2 += *k--; + t1 += *k--; c = ROL(c, 1) ^ t1; d = d ^ t2; d = ROR(d, 1); } diff --git a/update_libtomcrypt.sh b/update_libtomcrypt.sh deleted file mode 100644 index 99408276..00000000 --- a/update_libtomcrypt.sh +++ /dev/null @@ -1,131 +0,0 @@ -#!/bin/tcsh -# Get latest copy of libtomcrypt and install it using "tcsh" -# -# Tom St Denis -echo libtomcrypt update script, Tom St Denis -echo "http://libtomcrypt.iahu.ca\n" - -if ($1 == "--help") then - echo "update_libtomcrypt.sh [makefile] [sig]-- Download and optionally build the libtomcrypt project.\n" - echo "\t[makefile] --\tYou can optionally specify which makefile you want to build with. If you specify " - echo "\t\t\t'nobuild' then the library is not built, just downloaded and unzipped. If you " - echo "\t\t\tleave it empty the default 'makefile' is used to build the library.\n" - echo "\t[sig] -- \tOptionally verify [via GPG] the signature of the package." - exit -endif - -if ($1 == "" || $1 == "sig") then - set make = "makefile" -else - set make = $1; -endif - -if ($1 == "sig" || $2 == "sig") then - set sig = "sig" -else - set sig = "" -endif - -rm -f latest -echo Getting latest version number from website. -wget -q http://iahu.ca:8080/download/latest -if (-r latest) then - set a = `cat latest` - echo "Latest release is v$a.\n" - if (-d "libtomcrypt-$a" && (-r "libtomcrypt-$a/libtomcrypt.a" || $make == "nobuild")) then - echo Libtomcrypt v$a is already installed on your system. - else - echo "Downloading libtomcrypt v$a ..." - if (-r "crypt-$a.tar.bz2") then - rm -f crypt-$a.tar.bz2 - endif - wget http://iahu.ca:8080/download/crypt-$a.tar.bz2 - if (-r "crypt-$a.tar.bz2") then - if (-d "libtomcrypt-$a") then - echo "WARNING! Directory libtomcrypt-$a already exists. Cannot continue.\n" - exit - endif - if ($sig == "sig") then - if (!(-r public.asc)) then - echo "Downloading and installing code signing key...\n" - wget -q http://iahu.ca:8080/download/public.asc - if (-r public.asc) then - gpg --import public.asc - if ($? != 0) then - echo Could not import signing key required to verify the package. - exit - else - echo "\n********************************************************************************" - echo "A new key has been imported to your keyring. You should check that it is valid." - echo "********************************************************************************" - endif - else - echo "Could not download the key to import." - exit - endif - endif - echo Verifying signature... - wget -q http://iahu.ca:8080/download/crypt-$a.tar.bz2.asc - if (!(-r "crypt-$a.tar.bz2.asc")) then - echo Could not download signature to test. - exit - endif - gpg -q --verify crypt-$a.tar.bz2.asc - if ($? != 0) then - echo "\n\nSignature for crypt-$a.tar.bz2 is ****not**** valid.\n\n" - exit - else - echo "\n\nSignature for crypt-$a.tar.bz2 is valid.\n\n" - endif - endif - bzip2 -d -c crypt-$a.tar.bz2 | tar -x - if (-d "libtomcrypt-$a") then - if (-r "libtomcrypt-$a/$make") then - cd libtomcrypt-$a - make -f $make - if (-r "libtomcrypt.a") then - echo "\n\n*****************************************************************" - echo The library has been built and you can now install it either with - echo - echo "cd libtomcrypt-$a ; make install" - echo - echo Or by editing the makefile and changing the user you wish to install - echo it with, or simply copy "libtomcrypt.a" to your library directory and - echo copy "*.h" to your include directory - echo "*****************************************************************" - else - echo "\n\n*****************************************************************" - echo The library failed to build. Please note the errors and send them to tomstdenis@yahoo.com - echo "*****************************************************************" - endif - else if ($make == "nobuild") then - echo "\n\n*****************************************************************" - echo "The library was downloaded and unzipped into libtomcrypt-$a/" - echo "*****************************************************************" - else - echo "The makefile '$make' was not found in the archive.\n"; - endif - else - echo "Could not unpack the libtomcrypt archive (corrupt?)." - endif - cd .. - else - echo "Could not download the libtomcrypt archive from server." - endif - endif - if (-r "libtomcrypt-$a/changes") then - perl <; print \$a; \$a = ; - while () { - if (\$_ =~ m/^(v\d\.\d\d)/) { close(IN); exit(0); } - print "\$a"; \$a = \$_; - } -! - else - echo "Change log not found. Is the package really installed?" - endif -else - echo "Could not download latest file from server to check version." -endif