TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added libtomcrypt-0.97

Browse Source
This commit is contained in:
Tom St Denis 2004-06-20 02:41:49 +00:00 committed by Steffen Jaeckel
parent 3fe312ccef
commit 1a1141627d
89 changed files with 2028 additions and 2640 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cast5.c
View File

@ -418,7 +418,7 @@ int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_
/* extend the key as required */
zeromem(buf, sizeof(buf));
memcpy(buf, key, (size_t)keylen);
XMEMCPY(buf, key, (size_t)keylen);
/* load and start the awful looking network */
for (y = 0; y < 4; y++) {

2
cbc_getiv.c
View File

@ -21,7 +21,7 @@ int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc)
if ((unsigned long)cbc->blocklen > *len) {
return CRYPT_BUFFER_OVERFLOW;
}
memcpy(IV, cbc->IV, cbc->blocklen);
XMEMCPY(IV, cbc->IV, cbc->blocklen);
*len = cbc->blocklen;
return CRYPT_OK;

2
cbc_setiv.c
View File

@ -20,7 +20,7 @@ int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc)
if (len != (unsigned long)cbc->blocklen) {
return CRYPT_INVALID_ARG;
}
memcpy(cbc->IV, IV, len);
XMEMCPY(cbc->IV, IV, len);
return CRYPT_OK;
}

2
cfb_getiv.c
View File

@ -21,7 +21,7 @@ int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb)
if ((unsigned long)cfb->blocklen > *len) {
return CRYPT_BUFFER_OVERFLOW;
}
memcpy(IV, cfb->IV, cfb->blocklen);
XMEMCPY(IV, cfb->IV, cfb->blocklen);
*len = cfb->blocklen;
return CRYPT_OK;

20
changes
View File

@ -1,3 +1,23 @@
June 19th, 2004
v0.97 -- Removed spurious unused files [arrg!]
-- Patched buffer overflow in tim_exptmod()
-- Fixed buffer overrun bug in pkcs_1_v15_es_decode()
-- Reduced stack usage in PKCS #1 v2.0 padding functions (by several KBs)
-- Removed useless extern's that were an artifact from the project start... ;-)
-- Replaced memcpy/memset with XMEMCPY and XMEMSET for greater flexibility
-- fixed bugs in hmac_done()/hmac_init()/[various others()] where I didn't trap errors
-- Reduced stack usage in OMAC/PMAC/HMAC/EAX/OCB/PKCS#5 by mallocing any significant sized
arrays (e.g. > 100 bytes or so). Only in non-critical functions (e.g. eax_init())
-- "Zhi Chen" <zhi@massiveincorporated.com> pointed out that rsa_decrypt_key() requires
an incorrect output size (too large). Fixed.
-- Added a "pretty" target to the GCC makefile. Requires PERL. It is NEAT!
-- Minor updates to ch1 of the manual.
-- Cleaned up the indentation and added comments to rsa_make_key(), rsa_exptmod() and
rsa_verify_hash()
-- Updated makefile.icc so the "install" target would work ;-)
-- Removed demos/test.c [deprecated from demos/test/test.c]
-- Changed MAXBLOCKSIZE from 128 to 64 to reflect the true size...
May 30th, 2004
v0.96 -- Removed GF and Keyring code
-- Extended OAEP decoder to distinguish better [and use a more uniform API]

25
crypt Normal file
View File

@ -0,0 +1,25 @@
%PDF-1.3
%Çì<C387>¢
3 0 obj
<< /Type /Pages /Kids [
] /Count 0
>>
endobj
1 0 obj
<</Type /Catalog /Pages 3 0 R
>>
endobj
2 0 obj
<</Producer(ESP Ghostscript 7.07)>>endobj
xref
0 4
0000000000 65535 f
0000000068 00000 n
0000000116 00000 n
0000000015 00000 n
trailer
<< /Size 4 /Root 1 0 R /Info 2 0 R
>>
startxref
166
%%EOF

57
crypt.tex
View File

@ -1,4 +1,4 @@
\documentclass[b5paper]{book}
\documentclass[a4paper]{book}
\usepackage{hyperref}
\usepackage{makeidx}
\usepackage{amssymb}
@ -47,20 +47,15 @@
\def\gap{\vspace{0.5ex}}
\makeindex
\begin{document}
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.96}
\title{LibTomCrypt \\ Version 0.97}
\author{Tom St Denis \\
\\
tomstdenis@iahu.ca \\
http://libtomcrypt.org \\ \\
Phone: 1-613-836-3160\\
111 Banning Rd \\
Kanata, Ontario \\
K2L 1C3 \\
Canada
http://libtomcrypt.org
}
\maketitle
This text and source code library are both hereby placed in the public domain. This book has been
formatted for B5 [176x250] paper using the \LaTeX{} {\em book} macro package.
formatted for A4 paper using the \LaTeX{} {\em book} macro package.
\vspace{10cm}
@ -70,7 +65,15 @@ formatted for B5 [176x250] paper using the \LaTeX{} {\em book} macro package.
Tom St Denis,
Ontario, Canada
Phone: 1-613-836-3160
111 Banning Rd
Kanata, Ontario
K2L 1C3
Canada
\end{flushright}
\newpage
\tableofcontents
@ -182,7 +185,7 @@ under a public domain license:
library.
``rc2.c'' is based on publicly available code that is not attributed to a person from the given source. ``safer.c''
was written by Richard De Moliner (demoliner@isi.ee.ethz.ch) and is public domain.
was written by Richard De Moliner (demoliner@isi.ee.ethz.ch) and seems to be free for use.
The project is hereby released as public domain.
@ -190,7 +193,7 @@ The project is hereby released as public domain.
The author (Tom St Denis) is not a patent lawyer so this section is not to be treated as legal advice. To the best
of the authors knowledge the only patent related issues within the library are the RC5 and RC6 symmetric block ciphers.
They can be removed from a build by simply commenting out the two appropriate lines in the makefile script. The rest
They can be removed from a build by simply commenting out the two appropriate lines in ``mycrypt\_custom.h''. The rest
of the ciphers and hashes are patent free or under patents that have since expired.
The RC2 and RC4 symmetric ciphers are not under patents but are under trademark regulations. This means you can use
@ -212,11 +215,11 @@ under where VC98 is installed).
In the recent versions the build steps have changed. The build options are now stored in ``mycrypt\_custom.h'' and
no longer in the makefile. If you change a build option in that file you must re-build the library from clean to
ensure the build is intact. The perl script ``config.pl'' will help setup the custom header and a custom makefile
if you want one (the provided ``makefile'' will work with custom configs).
ensure the build is intact.
\section{Thanks}
I would like to give thanks to the following people (in no particular order) for helping me develop this project:
I would like to give thanks to the following people (in no particular order) for helping me develop this project from
early on:
\begin{enumerate}
\item Richard van de Laarschot
\item Richard Heathfield
@ -233,6 +236,10 @@ I would like to give thanks to the following people (in no particular order) for
\item Christopher Imes
\end{enumerate}
There have been quite a few other people as well. Please check the change log to see who else has contributed from
time to time.
\chapter{The Application Programming Interface (API)}
\section{Introduction}
\index{CRYPT\_ERROR} \index{CRYPT\_OK}
@ -581,9 +588,9 @@ Twofish round function.
\begin{tabular}{|l|l|l|}
\hline TWOFISH\_SMALL & TWOFISH\_TABLES & Speed and Memory (per key) \\
\hline undefined & undefined & Very fast, 4.2KB of ram. \\
\hline undefined & defined & As above, faster keysetup, larger code (1KB more). \\
\hline undefined & defined & Faster keysetup, larger code. \\
\hline defined & undefined & Very slow, 0.2KB of ram. \\
\hline defined & defined & Somewhat faster, 0.2KB of ram, larger code. \\
\hline defined & defined & Faster, 0.2KB of ram, larger code. \\
\hline
\end{tabular}
\end{center}
@ -615,7 +622,8 @@ int main(void)
}
/* generic call to function (assuming the key in key[] was already setup) */
if ((err = cipher_descriptor[find_cipher("blowfish")].setup(key, 8, 0, &skey)) != CRYPT_OK) {
if ((err = cipher_descriptor[find_cipher("blowfish")].setup(key, 8, 0, &skey)) !=
CRYPT_OK) {
printf("Error setting up Blowfish: %s\n", error_to_string(err));
return -1;
}
@ -820,12 +828,13 @@ int main(void)
/* somehow fill out key and IV */
/* start up CTR mode */
if ((err = ctr_start(find_cipher("twofish"), /* index of desired cipher */
IV, /* the initial vector */
key, /* the secret key */
16, /* length of secret key (16 bytes, 128 bits) */
0, /* 0 == default # of rounds */
&ctr) /* where to store initialized CTR state */
if ((err = ctr_start(
find_cipher("twofish"), /* index of desired cipher */
IV, /* the initial vector */
key, /* the secret key */
16, /* length of secret key (16 bytes, 128 bits) */
0, /* 0 == default # of rounds */
&ctr) /* where to store initialized CTR state */
) != CRYPT_OK) {
printf("ctr_start error: %s\n", error_to_string(err));
return -1;

2
crypt_register_cipher.c
View File

@ -26,7 +26,7 @@ int register_cipher(const struct _cipher_descriptor *cipher)
/* find a blank spot */
for (x = 0; x < TAB_SIZE; x++) {
if (cipher_descriptor[x].name == NULL) {
memcpy(&cipher_descriptor[x], cipher, sizeof(struct _cipher_descriptor));
XMEMCPY(&cipher_descriptor[x], cipher, sizeof(struct _cipher_descriptor));
return x;
}
}

2
crypt_register_hash.c
View File

@ -26,7 +26,7 @@ int register_hash(const struct _hash_descriptor *hash)
/* find a blank spot */
for (x = 0; x < TAB_SIZE; x++) {
if (hash_descriptor[x].name == NULL) {
memcpy(&hash_descriptor[x], hash, sizeof(struct _hash_descriptor));
XMEMCPY(&hash_descriptor[x], hash, sizeof(struct _hash_descriptor));
return x;
}
}

2
crypt_register_prng.c
View File

@ -26,7 +26,7 @@ int register_prng(const struct _prng_descriptor *prng)
/* find a blank spot */
for (x = 0; x < TAB_SIZE; x++) {
if (prng_descriptor[x].name == NULL) {
memcpy(&prng_descriptor[x], prng, sizeof(struct _prng_descriptor));
XMEMCPY(&prng_descriptor[x], prng, sizeof(struct _prng_descriptor));
return x;
}
}

2
ctr_getiv.c
View File

@ -21,7 +21,7 @@ int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr)
if ((unsigned long)ctr->blocklen > *len) {
return CRYPT_BUFFER_OVERFLOW;
}
memcpy(IV, ctr->ctr, ctr->blocklen);
XMEMCPY(IV, ctr->ctr, ctr->blocklen);
*len = ctr->blocklen;
return CRYPT_OK;

2
ctr_setiv.c
View File

@ -30,7 +30,7 @@ int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr)
}
/* set IV */
memcpy(ctr->ctr, IV, len);
XMEMCPY(ctr->ctr, IV, len);
/* force next block */
ctr->padlen = 0;

1622
demos/test.c
View File

File diff suppressed because it is too large Load Diff

356
demos/test/.ccmalloc Normal file
View File

@ -0,0 +1,356 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%% generic configuration file for %%%%
%%%% the ccmalloc memory profiler %%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%-----------------------------------------------------------------%
% COPY THIS FILE TO '.ccmalloc' in your project or home directory %
%-----------------------------------------------------------------%
##############################################################################
## (C) 1997-2003 Armin Biere, 1998 Johannes Keukelaar
## $Id: ccmalloc.cfg,v 1.6 2003/02/03 08:03:54 biere Exp $
##############################################################################
%%% '%' and '#' are comments !!!!!!!
% This file must be called '.ccmalloc' and is searched for in the
% current directory and in the home directory of the user. If it
% does not exist then the default values mentioned below are used.
% It is also the only available user manual yet ;-) So here is a reading
% hint. First have a look at the short one line descriptions of each option
% ...
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% with 'file' the executable is specified [a.out]
% ----------------------------------------------------------------------
% This should not be necessary for Linux and Solaris because the proc
% file system can be used to find argv[0].
%
% (the rest of this comment only applies to other OS)
%
% For other OS you should use this option unless the executable is
% in the current directory or its name is 'a.out'.
%
% If you do not specify this then ccmalloc tries to find an executable
% in the current directory that matches the running program starting
% with 'a.out'. For this process it must call 'nm' on each executable
% file in the directory which may be time consuming. With this option
% you can speed up this process.
%
% You can also specify absolute or relative path names. This is
% necessary if you do not start your program from the current directory.
% But you can also simply link or name your program to 'a.out'.
%file FILE
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'log' specify the logfile [stderr]
% ----------------------------------------------------------------------
% The default is to use stderr. The argument to 'log' is the name of
% the file you want to write to. It can also be 'stdout' or '-' which
% sets stdout as logfile. If the logfile is stdout or stderr and is
% connected to a terminal then the output is slightly different.
%
% For big programs the logfile can be really big. To reduce the size
% you can use a small chain length (see 'chain-length' below). The other
% possibility is to use compressed logfiles. This can be done by
% specifying a logfile name with a '.gz' (or a '.Z') suffix. This means
% that gnuzip (resp. compress) is used to compress the output.
%log FILE
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'logpid' specify the logfile
% ----------------------------------------------------------------------
% Can be used alternatively to the 'log' command if you want to use
% ccmalloc for debugging parallel applications where several copies of
% the program you are debugging must be run simoultaneously. In this
% case you can not use 'log' because you do not want to write to the same
% log file. Using 'logpid' uses a file name ending with the <pid> of
% the process which means the name is unique even if several copies of
% your program are run simoultaneously.
%
% If you use the compressing suffixes then the <pid> is inserted before
% the suffix (e.g. 'logpid ccmalloc.log.gz' uses 'ccmalloc.log.<pid>.gz'
% as the name for the log file).
%logpid FILE
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'dont-log-chain' skip info about certain chains []
% ----------------------------------------------------------------------
% This command may be repeated any number of times. The argument to this
% command is a comma-separated list of function-or-file-and-line
% specifications. Garbage allocated from a callchain that contains this
% subchain anywhere will _not_ be logged.
%
% The ';'-separated list should not contain any spaces. E.g. not:
%
% main ; foo ; bar
%
% but:
%
% main;foo;bar
%
% A function-or-file-and-line specification is a string followed by an
% optional colon and number, for example: main or main:14 or main.c or
% main.c:15. Note that the string is compared with both the function and the
% file name, if available. If main.c happens to be a function name, that
% will cause a match (for that string at least). Not specifying a line
% number will match any line number. If line number information is not
% available, anything will match! Not specifying a name (e.g. ;;;) will
% match an unknown function name. Not giving any parameters at all, will
% match a chain containing at least one unknown function.
%
% Note that if you say 'dont-log-chain wrapper.c' nothing will be logged.
%dont-log-chain
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'only-log-chain' skip info about other chains []
% ----------------------------------------------------------------------
% The obvious counterpart to dont-log-chain. In this case, only matching
% chains will be reported. Non-matching chains will not be reported.
% Can be repeated any number of times; if the chain matches any of the
% instances, it will be reported.
%only-log-chain
########################################################################
# #
# This is the 'flag' section #
# #
# 'set FLAG' is the same as 'set FLAG 1' #
# #
# The default values are those set below. If 'silent' is disabled #
# then you will find the banner in the log file (or it is listed on #
# stdout or stderr). The banner describes the current settings of all #
# these flags. #
# #
########################################################################
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% with 'only-count' ccmalloc only counts garbage - no call chains [0]
% ----------------------------------------------------------------------
% If only-count is set to one then only one additional pointer for
% each allocated data is used and no call chain is generated. This is
% the fasted and most space efficient mode ccmalloc can operate
% in. In this mode you get at least the size of garbage produced.
%
% Note that 'check-free-space' does not work at all with 'only-count'
% set and over writes ('check-overwrites') are only checked when
% calling free.
%set only-count 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'load-dynlibs' load dynamic linked libraries into gdb [0]
% ----------------------------------------------------------------------
% If your program is linked with dynamic libraries, function and file
% name information is not available for addresses in those libraries,
% unless you set 'load-dynlibs' to 1.
%set load-dynlibs 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'keep-deallocated-data' does not recycle deallocated data [0]
% ----------------------------------------------------------------------
% If you enable keep-deallocated-data then all data deallocated with
% 'free' (or 'delete' in C++) is not given back to the free store
% but stays associated with the call chain of its allocation. This is
% very useful if your program does multiple deallocation of the
% same data.
%set keep-deallocated-data 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'check-overwrites' detect overwrites [0]
% ----------------------------------------------------------------------
% If you want to detect 'off by n bytes' errors you should set
% 'checking-overwrites' to n/4 (on 32-Bit machines).
%
% ccmalloc inserts a boundary above allocated data. This boundary
% consists of 'check-overwrites' words. If your program writes to
% this area then ccmalloc can detect this (see also check-start
% and check-interval). 'ccmalloc' also does checking for overwrites
% at non word boundaries (e.g. strcpy(malloc(strlen("hello")),"hello");)
set check-overwrites 1
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'check-underwrites' detect underwrites [0]
% ----------------------------------------------------------------------
% same with writes below allocated data. You do not have to set this
% option if you only want detect 'off (below) by one' errors because
% ccmalloc keeps a magic value just before the user data.
set check-underwrites 1
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'check-free-space' can be used to find dangling pointers. [0]
% ----------------------------------------------------------------------
% A very serious type of bug is to write on data that has already been
% freed. If this happens the free space management of malloc is in
% trouble and you will perhaps encounter non deterministic behaviour of
% your program. To test this first enable 'keep-deallocated-data' and
% restart your program. If the problem goes away and ccmalloc does not
% report anything then you should *also* enable 'check-free-space'. Now
% ccmalloc checks already deallocated data for corruption.
%
% Note that to perform this check 'keep-deallocated-data' also must
% be enabled and 'only-count' disabled.
set check-free-space 1
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'check-interval' can be used to speed up checks [0]
% ----------------------------------------------------------------------
% If check-overwrite, check-underwrites or check-free-space is set then
% the default is to do 'write checks' when data is deallocated and
% to do 'free space checks' when reporting together with
% 'write checks' for garbage. When you want these checks to be
% performed more often then you should set 'check-interval' to a
% positive number. This number is the interval between the number of
% calls to free or malloc without performing the checks.
%set check-interval 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'check-start' can be used to speed up checks [0]
% ----------------------------------------------------------------------
% The flag 'check-start' delays the start of checks until the given
% number of calls to free and malloc have occured. Together with
% 'check-interval' you can use a binary search to find an aproximation
% when a corruption occured! If you simply set check-interval to 1 and
% check-start to 0 then this will slow done your program too much.
%set check-start 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'silent' disables banner [0]
% ----------------------------------------------------------------------
% If you don't want to see the banner of ccmalloc then set
% 'silent' to 1 (f.e. when logging to stderr)
%set silent
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'file-info' en/disables file and line number information [1]
% ----------------------------------------------------------------------
% If your program was compiled with debugging information (-g) then
% ccmalloc can generate line number and file info for call chains opening
% a pipe to gdb. For very big programs this method is slow. In this case
% you can set 'file-info' to zero and you will only get the function
% names. For SunOS 4.3.1 'nm' does not 'demangle' C++ identifiers
% very well. So gdb is called instead but only if 'file-info' is
% not set to 0.
%set file-info 1
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'continue' if ccmalloc aborts when something weired happened [0]
% ----------------------------------------------------------------------
% If the free function of ccmalloc is called with an argument that does
% not make sense to ccmalloc or that has already been freed then you
% probably want the program to stop at this point. This is also
% the default behaviour. But you can force ccmalloc also to ignore
% this if you set 'continue' to 1. This flag also controls the behaviour
% of ccmalloc when free space is found to be corrupted or a write
% boundary has been overwritten.
%set continue 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'chain-length' is the length of the maximal call chain [0 = infinite]
% ----------------------------------------------------------------------
% You can restrict the length of call chains by setting 'chain-length'
% to a number greater than zero. If 'chain-length' is zero (the default)
% then chains are as long as possible (on a non x86 system only call
% chains with a finite maximal length can be generated). For big
% programs especially if keep-deallocated-data is enabled this can
% reduce the size of the log file from over 100MB to several MB!
%set chain-length 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'print-addresses' of data [0]
% ----------------------------------------------------------------------
% If you want to see the addresses of the allocated data (and
% deallocated data if keep-deallocated-data is set to 1) set
% 'print-addresses' to 1.
%set print-addresses 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'print-on-one-line' shortens log file [0]
% ----------------------------------------------------------------------
% The default is to print function names and file/line number info
% on separate lines. With 'print-on-one-line' set 1 all are printed
% on one line.
%set print-on-one-line 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'additional-line' enlarges readability [1]
% ----------------------------------------------------------------------
% When printing call chains an empty line is printed between to
% call points. Set 'additional-line' to 0 to disable this feature.
%set additional-line 1
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% 'statistics' enables more accurate profiling [0]
% ----------------------------------------------------------------------
% Calculate number of allocations and deallocations and bytes also on
% a per call chain basis. This uses 4 additional pointers for each
% call chain.
set statistics 1
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% set order for sorting of call chains [1] [1]
% ----------------------------------------------------------------------
% When printing the report to the log file the call chains are sorted by
% default with respect to the largest accumulated garbage produced by
% that call chain. This can be changed with setting 'sort-by-wasted'
% to 0. In this case they are sorted by the number of allocated bytes.
% If you want the number of allocations (only possible if 'statistics'
% is enabled) as sorting criteria instead then set 'sort-by-size' to 0.
%set sort-by-wasted 1
%set sort-by-size 1
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% report library chains [0]
% ----------------------------------------------------------------------
% Some external libraries (like libg++) have memory leaks. On some
% systems even a call to printf produces a leak. ccmalloc tries to
% detect this (only heuristically!) and with this flag you can control
% if leaks produced by such library calls are reported.
%
% Since version 0.2.1 some similar effect can be achieved by using
% 'dont-log-chain' with no argument.
%set library-chains 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% print debugging information [X] (compile time dependend)
% ----------------------------------------------------------------------
%set debug X
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% align memory on 8 byte boundary [0] (no effect on SunOS or Solaris)
% ----------------------------------------------------------------------
%set align-8-byte 0
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% only report allocations which ended up being wasted (i.e don't report
% allocations which were completely freed properly. ) [1]
% ----------------------------------------------------------------------
%set only-wasting-alloc 1

6
demos/test/dh_tests.c
View File

@ -10,8 +10,8 @@ int dh_tests (void)
DO(dh_test());
/* make up two keys */
DO(dh_make_key (&test_yarrow, find_prng ("yarrow"), 96, &usera));
DO(dh_make_key (&test_yarrow, find_prng ("yarrow"), 96, &userb));
DO(dh_make_key (&test_yarrow, find_prng ("yarrow"), 512, &usera));
DO(dh_make_key (&test_yarrow, find_prng ("yarrow"), 512, &userb));
/* make the shared secret */
x = 4096;
@ -50,7 +50,7 @@ int dh_tests (void)
dh_free (&userb);
/* test encrypt_key */
dh_make_key (&test_yarrow, find_prng ("yarrow"), 128, &usera);
dh_make_key (&test_yarrow, find_prng ("yarrow"), 512, &usera);
for (x = 0; x < 16; x++) {
buf[0][x] = x;
}

6
demos/test/ecc_test.c
View File

@ -10,8 +10,8 @@ int ecc_tests (void)
DO(ecc_test ());
/* make up two keys */
DO(ecc_make_key (&test_yarrow, find_prng ("yarrow"), 24, &usera));
DO(ecc_make_key (&test_yarrow, find_prng ("yarrow"), 24, &userb));
DO(ecc_make_key (&test_yarrow, find_prng ("yarrow"), 65, &usera));
DO(ecc_make_key (&test_yarrow, find_prng ("yarrow"), 65, &userb));
/* make the shared secret */
x = 4096;
@ -53,7 +53,7 @@ int ecc_tests (void)
ecc_free (&userb);
/* test encrypt_key */
ecc_make_key (&test_yarrow, find_prng ("yarrow"), 20, &usera);
ecc_make_key (&test_yarrow, find_prng ("yarrow"), 65, &usera);
for (x = 0; x < 32; x++) {
buf[0][x] = x;
}

10
demos/test/mac_test.c
View File

@ -3,10 +3,10 @@
int mac_test(void)
{
DO(hmac_test());
DO(pmac_test());
DO(omac_test());
DO(eax_test());
DO(ocb_test());
DO(hmac_test());
DO(pmac_test());
DO(omac_test());
DO(eax_test());
DO(ocb_test());
return 0;
}

14
demos/test/makefile
View File

@ -1,13 +1,25 @@
# make test harness, it is good.
CFLAGS += -Wall -W -Os -I../../ -I./
# add -g3 for ccmalloc debugging
#CFLAGS += -g3
# if you're not debugging
CFLAGS += -fomit-frame-pointer
default: test
OBJECTS=test.o cipher_hash_test.o mac_test.o modes_test.o \
pkcs_1_test.o store_test.o rsa_test.o ecc_test.o dsa_test.c dh_tests.o
#uncomment this to get heap checking [e.g. memory leaks]. Note
#that you *MUST* build libtomcrypt.a with -g3 enabled [and make install it]
#
#
#CCMALLOC = -lccmalloc -ldl
test: $(OBJECTS)
$(CC) $(OBJECTS) -ltomcrypt -o test
$(CC) $(OBJECTS) -ltomcrypt $(CCMALLOC) -o test
clean:
rm -f test *.o *.obj *.exe *~

2
demos/test/pkcs_1_test.c
View File

@ -17,7 +17,7 @@ int pkcs_1_test(void)
}
/* do many tests */
for (x = 0; x < 10000; x++) {
for (x = 0; x < 100; x++) {
zeromem(buf, sizeof(buf));
/* make a dummy message (of random length) */

64
demos/test/test.c
View File

@ -9,8 +9,9 @@ test_entry test_list[26] = {
{"cipher_hash_test", "b", "a", cipher_hash_test },
{"modes_test", "c", "b", modes_test },
{"mac_test", "d", "c", mac_test },
{"pkcs_1_test", "e", "b", pkcs_1_test },
{"rsa_test", "f", "e", rsa_test },
{"rsa_test", "f", "", rsa_test },
{"ecc_test", "g", "a", ecc_tests },
{"dsa_test", "h", "a", dsa_test },
{"dh_test", "i", "a", dh_tests },
@ -153,12 +154,53 @@ void sort(void)
}
} while (y == 1);
}
#define STACKBLOCK 8
#define STACK_EST_USAGE 32768
unsigned char stack_mask[STACKBLOCK];
unsigned long stack_cur=0;
void stack_masker(void)
{
#ifdef STACK_TEST
volatile unsigned char M[STACK_EST_USAGE];
stack_cur = 0;
for (stack_cur = 0; stack_cur < STACK_EST_USAGE/STACKBLOCK; stack_cur++) {
memcpy(M+(stack_cur*STACKBLOCK), stack_mask, STACKBLOCK);
}
#endif
}
void stack_check(void)
{
#ifdef STACK_TEST
unsigned char M[STACK_EST_USAGE];
stack_cur = 0;
#ifdef STACK_DOWN
while (memcmp(M+(STACK_EST_USAGE-STACKBLOCK-stack_cur), stack_mask, STACKBLOCK) &&
#else
while (memcmp(M+stack_cur, stack_mask, STACKBLOCK) &&
#endif
stack_cur < (STACK_EST_USAGE - STACKBLOCK)) {
++stack_cur;
}
#endif
}
int main(void)
{
int x;
/* setup stack checker */
srand(time(NULL));
for (x = 0; x < STACKBLOCK; x++) {
stack_mask[x] = rand() & 255;
}
stack_masker();
printf("Built with\n%s\n", crypt_build_settings);
srand(time(NULL));
sort();
register_algs();
@ -167,6 +209,22 @@ int main(void)
DO(yarrow_add_entropy("test", 4, &test_yarrow));
DO(yarrow_ready(&test_yarrow));
// output sizes
printf("Sizes of objects (in bytes)\n");
printf("\tsymmetric_key\t=\t%5d\n", sizeof(symmetric_key));
printf("\thash_state\t=\t%5d\n", sizeof(hash_state));
printf("\thmac_state\t=\t%5d\n", sizeof(hmac_state));
printf("\tomac_state\t=\t%5d\n", sizeof(omac_state));
printf("\tpmac_state\t=\t%5d\n", sizeof(pmac_state));
printf("\tocb_state\t=\t%5d\n", sizeof(ocb_state));
printf("\teax_state\t=\t%5d\n", sizeof(eax_state));
printf("\tmp_int\t\t=\t%5d\n", sizeof(mp_int));
printf("\trsa_key\t\t=\t%5d\n", sizeof(rsa_key));
printf("\tdsa_key\t\t=\t%5d\n", sizeof(dsa_key));
printf("\tdh_key\t\t=\t%5d\n", sizeof(dh_key));
printf("\tecc_key\t\t=\t%5d\n", sizeof(ecc_key));
printf("\n\n");
// do tests
for (current_test = 0; tests[current_test].name != NULL; current_test++) {
printf("[%-20s]: ", tests[current_test].name); fflush(stdout);

16
demos/test/test.h
View File

@ -3,6 +3,12 @@
#include "mycrypt.h"
/* enable stack testing */
// #define STACK_TEST
/* stack testing, define this if stack usage goes downwards [e.g. x86] */
#define STACK_DOWN
typedef struct {
char *name, *prov, *req;
int (*entry)(void);
@ -10,10 +16,14 @@ typedef struct {
extern prng_state test_yarrow;
void stack_masker(void);
void stack_check(void);
extern unsigned long stack_cur;
#define stack_chk(x) { stack_check(); if (stack_cur >= 1024) { fprintf(stderr, " Warning: Stack usage of %lu in %s, %s:%d\n", stack_cur, x, __FILE__, __LINE__); } }
void run_cmd(int res, int line, char *file, char *cmd);
#define DO(x) run_cmd((x), __LINE__, __FILE__, #x)
#define DO(x) { stack_masker(); run_cmd((x), __LINE__, __FILE__, #x); stack_chk(#x); }
/* TESTS */
int cipher_hash_test(void);

2
des.c
View File

@ -1377,7 +1377,7 @@ static void cookey(const ulong32 *raw1, ulong32 *keyout)
*cook++ |= (*raw1 & 0x0000003fL);
}
memcpy(keyout, dough, sizeof dough);
XMEMCPY(keyout, dough, sizeof dough);
}
#ifdef CLEAN_STACK

22
dh.c
View File

@ -12,6 +12,9 @@
#ifdef MDH
/* max export size we'll encounter (smaller than this but lets round up a bit */
#define DH_BUF_SIZE 1200
/* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */
static const struct {
int size;
@ -226,7 +229,7 @@ int dh_get_size(dh_key *key)
int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)
{
unsigned char buf[512];
unsigned char *buf;
unsigned long x;
mp_int p, g;
int err;
@ -251,14 +254,21 @@ int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)
}
key->idx = x;
/* allocate buffer */
buf = XMALLOC(keysize);
if (buf == NULL) {
return CRYPT_MEM;
}
/* make up random string */
if (prng_descriptor[wprng].read(buf, keysize, prng) != (unsigned long)keysize) {
return CRYPT_ERROR_READPRNG;
err = CRYPT_ERROR_READPRNG;
goto error2;
}
/* init parameters */
if ((err = mp_init_multi(&g, &p, &key->x, &key->y, NULL)) != MP_OKAY) {
return mpi_to_ltc_error(err);
goto error;
}
if ((err = mp_read_radix(&g, sets[key->idx].base, 64)) != MP_OKAY) { goto error; }
if ((err = mp_read_radix(&p, sets[key->idx].prime, 64)) != MP_OKAY) { goto error; }
@ -276,10 +286,14 @@ int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)
goto done;
error:
err = mpi_to_ltc_error(err);
error2:
mp_clear_multi(&key->x, &key->y, NULL);
done:
#ifdef CLEAN_STACK
zeromem(buf, keysize);
#endif
mp_clear_multi(&p, &g, NULL);
zeromem(buf, sizeof(buf));
XFREE(buf);
return err;
}

126
dh_sys.c
View File

@ -13,7 +13,7 @@ int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen,
prng_state *prng, int wprng, int hash,
dh_key *key)
{
unsigned char pub_expt[768], dh_shared[768], skey[MAXBLOCKSIZE];
unsigned char *pub_expt, *dh_shared, *skey;
dh_key pubkey;
unsigned long x, y, z, hashsize, pubkeysize;
int err;
@ -36,36 +36,54 @@ int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen,
return CRYPT_INVALID_HASH;
}
/* make a random key and export the public copy */
if ((err = dh_make_key(prng, wprng, dh_get_size(key), &pubkey)) != CRYPT_OK) {
return err;
/* allocate memory */
pub_expt = XMALLOC(DH_BUF_SIZE);
dh_shared = XMALLOC(DH_BUF_SIZE);
skey = XMALLOC(MAXBLOCKSIZE);
if (pub_expt == NULL || dh_shared == NULL || skey == NULL) {
if (pub_expt != NULL) {
XFREE(pub_expt);
}
if (dh_shared != NULL) {
XFREE(dh_shared);
}
if (skey != NULL) {
XFREE(skey);
}
return CRYPT_MEM;
}
pubkeysize = sizeof(pub_expt);
/* make a random key and export the public copy */
if ((err = dh_make_key(prng, wprng, dh_get_size(key), &pubkey)) != CRYPT_OK) {
goto __ERR;
}
pubkeysize = DH_BUF_SIZE;
if ((err = dh_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
dh_free(&pubkey);
return err;
goto __ERR;
}
/* now check if the out buffer is big enough */
if (*len < (1 + 4 + 4 + PACKET_SIZE + pubkeysize + keylen)) {
dh_free(&pubkey);
return CRYPT_BUFFER_OVERFLOW;
err = CRYPT_BUFFER_OVERFLOW;
goto __ERR;
}
/* make random key */
hashsize = hash_descriptor[hash].hashsize;
x = (unsigned long)sizeof(dh_shared);
x = DH_BUF_SIZE;
if ((err = dh_shared_secret(&pubkey, key, dh_shared, &x)) != CRYPT_OK) {
dh_free(&pubkey);
return err;
goto __ERR;
}
dh_free(&pubkey);
z = sizeof(skey);
z = MAXBLOCKSIZE;
if ((err = hash_memory(hash, dh_shared, x, skey, &z)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* store header */
@ -93,21 +111,26 @@ int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen,
}
*len = y;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
/* clean up */
zeromem(pub_expt, sizeof(pub_expt));
zeromem(dh_shared, sizeof(dh_shared));
zeromem(skey, sizeof(skey));
zeromem(pub_expt, DH_BUF_SIZE);
zeromem(dh_shared, DH_BUF_SIZE);
zeromem(skey, MAXBLOCKSIZE);
#endif
XFREE(skey);
XFREE(dh_shared);
XFREE(pub_expt);
return CRYPT_OK;
return err;
}
int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
unsigned char *outkey, unsigned long *keylen,
dh_key *key)
{
unsigned char shared_secret[768], skey[MAXBLOCKSIZE];
unsigned char *shared_secret, *skey;
unsigned long x, y, z,hashsize, keysize;
int hash, err;
dh_key pubkey;
@ -122,23 +145,38 @@ int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
return CRYPT_PK_NOT_PRIVATE;
}
/* allocate ram */
shared_secret = XMALLOC(DH_BUF_SIZE);
skey = XMALLOC(MAXBLOCKSIZE);
if (shared_secret == NULL || skey == NULL) {
if (shared_secret != NULL) {
XFREE(shared_secret);
}
if (skey != NULL) {
XFREE(skey);
}
return CRYPT_MEM;
}
/* check if initial header should fit */
if (inlen < PACKET_SIZE+1+4+4) {
return CRYPT_INVALID_PACKET;
err = CRYPT_INVALID_PACKET;
goto __ERR;
} else {
inlen -= PACKET_SIZE+1+4+4;
}
/* is header correct? */
if ((err = packet_valid_header((unsigned char *)in, PACKET_SECT_DH, PACKET_SUB_ENC_KEY)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* now lets get the hash name */
y = PACKET_SIZE;
hash = find_hash_id(in[y++]);
if (hash == -1) {
return CRYPT_INVALID_HASH;
err = CRYPT_INVALID_HASH;
goto __ERR;
}
/* common values */
@ -149,28 +187,29 @@ int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
/* now check if the imported key will fit */
if (inlen < x) {
return CRYPT_INVALID_PACKET;
err = CRYPT_INVALID_PACKET;
goto __ERR;
} else {
inlen -= x;
}
y += 4;
if ((err = dh_import(in+y, x, &pubkey)) != CRYPT_OK) {
return err;
goto __ERR;
}
y += x;
/* make shared key */
x = (unsigned long)sizeof(shared_secret);
x = DH_BUF_SIZE;
if ((err = dh_shared_secret(key, &pubkey, shared_secret, &x)) != CRYPT_OK) {
dh_free(&pubkey);
return err;
goto __ERR;
}
dh_free(&pubkey);
z = sizeof(skey);
z = MAXBLOCKSIZE;
if ((err = hash_memory(hash, shared_secret, x, skey, &z)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* load in the encrypted key */
@ -178,14 +217,15 @@ int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
/* will the outkey fit as part of the input */
if (inlen < keysize) {
return CRYPT_INVALID_PACKET;
err = CRYPT_INVALID_PACKET;
goto __ERR;
} else {
inlen -= keysize;
}
if (keysize > *keylen) {
err = CRYPT_BUFFER_OVERFLOW;
goto done;
goto __ERR;
}
y += 4;
@ -196,11 +236,15 @@ int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
}
err = CRYPT_OK;
done:
__ERR:
#ifdef CLEAN_STACK
zeromem(shared_secret, sizeof(shared_secret));
zeromem(skey, sizeof(skey));
zeromem(shared_secret, DH_BUF_SIZE);
zeromem(skey, MAXBLOCKSIZE);
#endif
XFREE(skey);
XFREE(shared_secret);
return err;
}
@ -227,7 +271,7 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen,
prng_state *prng, int wprng, dh_key *key)
{
mp_int a, b, k, m, g, p, p1, tmp;
unsigned char buf[520];
unsigned char *buf;
unsigned long x, y;
int err;
@ -250,18 +294,23 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen,
return CRYPT_PK_INVALID_TYPE;
}
/* allocate ram for buf */
buf = XMALLOC(520);
/* make up a random value k,
* since the order of the group is prime
* we need not check if gcd(k, r) is 1
*/
if (prng_descriptor[wprng].read(buf, sets[key->idx].size, prng) !=
(unsigned long)(sets[key->idx].size)) {
return CRYPT_ERROR_READPRNG;
err = CRYPT_ERROR_READPRNG;
goto __ERR;
}
/* init bignums */
if ((err = mp_init_multi(&a, &b, &k, &m, &p, &g, &p1, &tmp, NULL)) != MP_OKAY) {
return mpi_to_ltc_error(err);
err = mpi_to_ltc_error(err);
goto __ERR;
}
/* load k and m */
@ -290,7 +339,7 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen,
/* check for overflow */
if ((unsigned long)(PACKET_SIZE + 4 + 4 + mp_unsigned_bin_size(&a) + mp_unsigned_bin_size(&b)) > *outlen) {
err = CRYPT_BUFFER_OVERFLOW;
goto done;
goto __ERR;
}
/* store header */
@ -310,7 +359,7 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen,
/* check if size too big */
if (*outlen < y) {
err = CRYPT_BUFFER_OVERFLOW;
goto done;
goto __ERR;
}
/* store header */
@ -318,11 +367,14 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen,
*outlen = y;
err = CRYPT_OK;
goto done;
goto __ERR;
error:
err = mpi_to_ltc_error(err);
done:
__ERR:
mp_clear_multi(&tmp, &p1, &g, &p, &m, &k, &b, &a, NULL);
XFREE(buf);
return err;
}

BIN
doc/crypt.pdf
View File

Binary file not shown.

47
dsa_make_key.c
View File

@ -14,9 +14,9 @@
int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key)
{
mp_int tmp, tmp2;
int err, res;
unsigned char buf[512];
mp_int tmp, tmp2;
int err, res;
unsigned char *buf;
_ARGCHK(key != NULL);
@ -26,26 +26,33 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
}
/* check size */
if (group_size >= 1024 || group_size <= 15 ||
group_size >= modulus_size || (modulus_size - group_size) >= (int)sizeof(buf)) {
if (group_size >= MDSA_MAX_GROUP || group_size <= 15 ||
group_size >= modulus_size || (modulus_size - group_size) >= MDSA_DELTA) {
return CRYPT_INVALID_ARG;
}
/* allocate ram */
buf = XMALLOC(MDSA_DELTA);
if (buf == NULL) {
return CRYPT_MEM;
}
/* init mp_ints */
if ((err = mp_init_multi(&tmp, &tmp2, &key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != MP_OKAY) {
return mpi_to_ltc_error(err);
err = mpi_to_ltc_error(err);
goto __ERR;
}
/* make our prime q */
if ((err = rand_prime(&key->q, group_size*8, prng, wprng)) != CRYPT_OK) { goto error2; }
if ((err = rand_prime(&key->q, group_size*8, prng, wprng)) != CRYPT_OK) { goto __ERR; }
/* double q */
if ((err = mp_mul_2(&key->q, &tmp)) != MP_OKAY) { goto error; }
if ((err = mp_mul_2(&key->q, &tmp)) != MP_OKAY) { goto error; }
/* now make a random string and multply it against q */
if (prng_descriptor[wprng].read(buf+1, modulus_size - group_size, prng) != (unsigned long)(modulus_size - group_size)) {
err = CRYPT_ERROR_READPRNG;
goto error2;
goto __ERR;
}
/* force magnitude */
@ -60,7 +67,7 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
/* now loop until p is prime */
for (;;) {
if ((err = is_prime(&key->p, &res)) != CRYPT_OK) { goto error2; }
if ((err = is_prime(&key->p, &res)) != CRYPT_OK) { goto __ERR; }
if (res == MP_YES) break;
/* add 2q to p and 2 to tmp2 */
@ -85,7 +92,7 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
do {
if (prng_descriptor[wprng].read(buf, group_size, prng) != (unsigned long)group_size) {
err = CRYPT_ERROR_READPRNG;
goto error2;
goto __ERR;
}
if ((err = mp_read_unsigned_bin(&key->x, buf, group_size)) != MP_OKAY) { goto error; }
} while (mp_cmp_d(&key->x, 1) != MP_GT);
@ -101,17 +108,21 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
if ((err = mp_shrink(&key->x)) != MP_OKAY) { goto error; }
if ((err = mp_shrink(&key->y)) != MP_OKAY) { goto error; }
err = CRYPT_OK;
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
zeromem(buf, MDSA_DELTA);
#endif
err = CRYPT_OK;
goto done;
error : err = mpi_to_ltc_error(err);
error2: mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL);
done : mp_clear_multi(&tmp, &tmp2, NULL);
return err;
error:
err = mpi_to_ltc_error(err);
__ERR:
mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL);
done:
mp_clear_multi(&tmp, &tmp2, NULL);
XFREE(buf);
return err;
}
#endif

31
dsa_sign_hash.c
View File

@ -16,11 +16,10 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, dsa_key *key)
{
mp_int k, kinv, tmp, r, s;
unsigned char buf[512];
int err, y;
unsigned long len;
mp_int k, kinv, tmp, r, s;
unsigned char *buf;
int err, y;
unsigned long len;
_ARGCHK(in != NULL);
_ARGCHK(out != NULL);
@ -35,10 +34,15 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen,
}
/* check group order size */
if (key->qord >= (int)sizeof(buf)) {
if (key->qord >= MDSA_MAX_GROUP) {
return CRYPT_INVALID_ARG;
}
buf = XMALLOC(MDSA_MAX_GROUP);
if (buf == NULL) {
return CRYPT_MEM;
}
/* Init our temps */
if ((err = mp_init_multi(&k, &kinv, &r, &s, &tmp, NULL)) != MP_OKAY) { goto error; }
@ -48,7 +52,7 @@ retry:
/* gen random k */
if (prng_descriptor[wprng].read(buf, key->qord, prng) != (unsigned long)key->qord) {
err = CRYPT_ERROR_READPRNG;
goto done;
goto __ERR;
}
/* read k */
@ -83,7 +87,7 @@ retry:
/* first check that we have enough room */
if (*outlen < (unsigned long)(PACKET_SIZE + 4 + mp_unsigned_bin_size(&s) + mp_unsigned_bin_size(&r))) {
err = CRYPT_BUFFER_OVERFLOW;
goto done;
goto __ERR;
}
/* packet header */
@ -112,13 +116,16 @@ retry:
*outlen = y;
err = CRYPT_OK;
goto done;
goto __ERR;
error : err = mpi_to_ltc_error(err);
done : mp_clear_multi(&k, &kinv, &r, &s, &tmp, NULL);
error:
err = mpi_to_ltc_error(err);
__ERR:
mp_clear_multi(&k, &kinv, &r, &s, &tmp, NULL);
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
zeromem(buf, MDSA_MAX_GROUP);
#endif
XFREE(buf);
return err;
}

48
eax_decrypt_verify_memory.c
View File

@ -23,38 +23,58 @@ int eax_decrypt_verify_memory(int cipher,
unsigned char *tag, unsigned long taglen,
int *res)
{
int err;
eax_state eax;
unsigned char buf[MAXBLOCKSIZE];
unsigned long buflen;
int err;
eax_state *eax;
unsigned char *buf;
unsigned long buflen;
_ARGCHK(res != NULL);
/* default to zero */
*res = 0;
if ((err = eax_init(&eax, cipher, key, keylen, nonce, noncelen, header, headerlen)) != CRYPT_OK) {
return err;
/* allocate ram */
buf = XMALLOC(taglen);
eax = XMALLOC(sizeof(eax_state));
if (eax == NULL || buf == NULL) {
if (eax != NULL) {
XFREE(eax);
}
if (buf != NULL) {
XFREE(buf);
}
return CRYPT_MEM;
}
if ((err = eax_decrypt(&eax, ct, pt, ctlen)) != CRYPT_OK) {
return err;
if ((err = eax_init(eax, cipher, key, keylen, nonce, noncelen, header, headerlen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = eax_decrypt(eax, ct, pt, ctlen)) != CRYPT_OK) {
goto __ERR;
}
buflen = MIN(sizeof(buf), taglen);
if ((err = eax_done(&eax, buf, &buflen)) != CRYPT_OK) {
return err;
buflen = taglen;
if ((err = eax_done(eax, buf, &buflen)) != CRYPT_OK) {
goto __ERR;
}
/* compare tags */
if (buflen >= taglen && memcmp(buf, tag, taglen) == 0) {
*res = 1;
}
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
zeromem(buf, taglen);
zeromem(eax, sizeof(eax_state));
#endif
return CRYPT_OK;
XFREE(eax);
XFREE(buf);
return err;
}
#endif

35
eax_done.c
View File

@ -17,17 +17,31 @@
int eax_done(eax_state *eax, unsigned char *tag, unsigned long *taglen)
{
int err;
unsigned char headermac[MAXBLOCKSIZE], ctmac[MAXBLOCKSIZE];
unsigned char *headermac, *ctmac;
unsigned long x, len;
_ARGCHK(eax != NULL);
_ARGCHK(tag != NULL);
_ARGCHK(taglen != NULL);
/* allocate ram */
headermac = XMALLOC(MAXBLOCKSIZE);
ctmac = XMALLOC(MAXBLOCKSIZE);
if (headermac == NULL || ctmac == NULL) {
if (headermac != NULL) {
XFREE(headermac);
}
if (ctmac != NULL) {
XFREE(ctmac);
}
return CRYPT_MEM;
}
/* finish ctomac */
len = sizeof(ctmac);
len = MAXBLOCKSIZE;
if ((err = omac_done(&eax->ctomac, ctmac, &len)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* finish headeromac */
@ -35,7 +49,7 @@ int eax_done(eax_state *eax, unsigned char *tag, unsigned long *taglen)
/* note we specifically don't reset len so the two lens are minimal */
if ((err = omac_done(&eax->headeromac, headermac, &len)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* compute N xor H xor C */
@ -44,13 +58,18 @@ int eax_done(eax_state *eax, unsigned char *tag, unsigned long *taglen)
}
*taglen = x;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(ctmac, sizeof(ctmac));
zeromem(headermac, sizeof(headermac));
zeromem(eax, sizeof(*eax));
zeromem(ctmac, MAXBLOCKSIZE);
zeromem(headermac, MAXBLOCKSIZE);
zeromem(eax, sizeof(*eax));
#endif
return CRYPT_OK;
XFREE(ctmac);
XFREE(headermac);
return err;
}
#endif

26
eax_encrypt_authenticate_memory.c
View File

@ -23,21 +23,31 @@ int eax_encrypt_authenticate_memory(int cipher,
unsigned char *tag, unsigned long *taglen)
{
int err;
eax_state eax;
eax_state *eax;
if ((err = eax_init(&eax, cipher, key, keylen, nonce, noncelen, header, headerlen)) != CRYPT_OK) {
return err;
eax = XMALLOC(sizeof(eax_state));
if ((err = eax_init(eax, cipher, key, keylen, nonce, noncelen, header, headerlen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = eax_encrypt(&eax, pt, ct, ptlen)) != CRYPT_OK) {
return err;
if ((err = eax_encrypt(eax, pt, ct, ptlen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = eax_done(&eax, tag, taglen)) != CRYPT_OK) {
return err;
if ((err = eax_done(eax, tag, taglen)) != CRYPT_OK) {
goto __ERR;
}
return CRYPT_OK;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(eax, sizeof(eax_state));
#endif
XFREE(eax);
return err;
}
#endif

64
eax_init.c
View File

@ -18,9 +18,9 @@ int eax_init(eax_state *eax, int cipher, const unsigned char *key, unsigned long
const unsigned char *nonce, unsigned long noncelen,
const unsigned char *header, unsigned long headerlen)
{
unsigned char buf[MAXBLOCKSIZE];
unsigned char *buf;
int err, blklen;
omac_state omac;
omac_state *omac;
unsigned long len;
@ -36,42 +36,56 @@ int eax_init(eax_state *eax, int cipher, const unsigned char *key, unsigned long
}
blklen = cipher_descriptor[cipher].block_length;
/* allocate ram */
buf = XMALLOC(MAXBLOCKSIZE);
omac = XMALLOC(sizeof(omac_state));
if (buf == NULL || omac == NULL) {
if (buf != NULL) {
XFREE(buf);
}
if (omac != NULL) {
XFREE(omac);
}
return CRYPT_MEM;
}
/* N = OMAC_0K(nonce) */
zeromem(buf, sizeof(buf));
if ((err = omac_init(&omac, cipher, key, keylen)) != CRYPT_OK) {
return err;
zeromem(buf, MAXBLOCKSIZE);
if ((err = omac_init(omac, cipher, key, keylen)) != CRYPT_OK) {
goto __ERR;
}
/* omac the [0]_n */
if ((err = omac_process(&omac, buf, blklen)) != CRYPT_OK) {
return err;
if ((err = omac_process(omac, buf, blklen)) != CRYPT_OK) {
goto __ERR;
}
/* omac the nonce */
if ((err = omac_process(&omac, nonce, noncelen)) != CRYPT_OK) {
return err;
if ((err = omac_process(omac, nonce, noncelen)) != CRYPT_OK) {
goto __ERR;
}
/* store result */
len = sizeof(eax->N);
if ((err = omac_done(&omac, eax->N, &len)) != CRYPT_OK) {
return err;
if ((err = omac_done(omac, eax->N, &len)) != CRYPT_OK) {
goto __ERR;
}
/* H = OMAC_1K(header) */
zeromem(buf, sizeof(buf));
zeromem(buf, MAXBLOCKSIZE);
buf[blklen - 1] = 1;
if ((err = omac_init(&eax->headeromac, cipher, key, keylen)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* omac the [1]_n */
if ((err = omac_process(&eax->headeromac, buf, blklen)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* omac the header */
if (headerlen != 0) {
if ((err = omac_process(&eax->headeromac, header, headerlen)) != CRYPT_OK) {
return err;
goto __ERR;
}
}
@ -79,28 +93,34 @@ int eax_init(eax_state *eax, int cipher, const unsigned char *key, unsigned long
/* setup the CTR mode */
if ((err = ctr_start(cipher, eax->N, key, keylen, 0, &eax->ctr)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* use big-endian counter */
eax->ctr.mode = 1;
/* setup the OMAC for the ciphertext */
if ((err = omac_init(&eax->ctomac, cipher, key, keylen)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* omac [2]_n */
zeromem(buf, sizeof(buf));
zeromem(buf, MAXBLOCKSIZE);
buf[blklen-1] = 2;
if ((err = omac_process(&eax->ctomac, buf, blklen)) != CRYPT_OK) {
return err;
goto __ERR;
}
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
zeromem(&omac, sizeof(omac));
zeromem(buf, MAXBLOCKSIZE);
zeromem(omac, sizeof(omac_state));
#endif
return CRYPT_OK;
XFREE(omac);
XFREE(buf);
return err;
}
#endif

47
ecc.c
View File

@ -19,6 +19,9 @@
#ifdef MECC
/* size of our temp buffers for exported keys */
#define ECC_BUF_SIZE 160
/* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */
static const struct {
int size;
@ -368,10 +371,10 @@ done:
static int ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus)
{
ecc_point *tG, *M[8];
int i, j, err;
mp_int mu;
mp_digit buf;
int first, bitbuf, bitcpy, bitcnt, mode, digidx;
int i, j, err;
mp_int mu;
mp_digit buf;
int first, bitbuf, bitcpy, bitcnt, mode, digidx;
/* init barrett reduction */
if ((err = mp_init(&mu)) != MP_OKAY) {
@ -595,10 +598,10 @@ void ecc_sizes(int *low, int *high)
int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key)
{
int x, err;
ecc_point *base;
mp_int prime;
unsigned char buf[128];
int x, err;
ecc_point *base;
mp_int prime;
unsigned char *buf;
_ARGCHK(key != NULL);
@ -616,19 +619,29 @@ int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key)
}
key->idx = x;
/* allocate ram */
base = NULL;
buf = XMALLOC(128);
if (buf == NULL) {
return CRYPT_MEM;
}
/* make up random string */
if (prng_descriptor[wprng].read(buf, (unsigned long)keysize, prng) != (unsigned long)keysize) {
return CRYPT_ERROR_READPRNG;
err = CRYPT_ERROR_READPRNG;
goto __ERR2;
}
/* setup the key variables */
if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->k, &prime, NULL)) != MP_OKAY) {
return mpi_to_ltc_error(err);
err = mpi_to_ltc_error(err);
goto __ERR;
}
base = new_point();
if (base == NULL) {
mp_clear_multi(&key->pubkey.x, &key->pubkey.y, &key->k, &prime, NULL);
return CRYPT_MEM;
err = CRYPT_MEM;
goto __ERR;
}
/* read in the specs for this key */
@ -638,7 +651,7 @@ int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key)
if ((err = mp_read_unsigned_bin(&key->k, (unsigned char *)buf, keysize)) != MP_OKAY) { goto error; }
/* make the public key */
if ((err = ecc_mulmod(&key->k, base, &key->pubkey, &prime)) != CRYPT_OK) { goto done; }
if ((err = ecc_mulmod(&key->k, base, &key->pubkey, &prime)) != CRYPT_OK) { goto __ERR; }
key->type = PK_PRIVATE;
/* shrink key */
@ -648,15 +661,19 @@ int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key)
/* free up ram */
err = CRYPT_OK;
goto done;
goto __ERR;
error:
err = mpi_to_ltc_error(err);
done:
__ERR:
del_point(base);
mp_clear(&prime);
__ERR2:
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
zeromem(buf, 128);
#endif
XFREE(buf);
return err;
}

157
ecc_sys.c
View File

@ -13,10 +13,10 @@ int ecc_encrypt_key(const unsigned char *inkey, unsigned long keylen,
prng_state *prng, int wprng, int hash,
ecc_key *key)
{
unsigned char pub_expt[256], ecc_shared[256], skey[MAXBLOCKSIZE];
ecc_key pubkey;
unsigned long x, y, z, hashsize, pubkeysize;
int err;
unsigned char *pub_expt, *ecc_shared, *skey;
ecc_key pubkey;
unsigned long x, y, z, hashsize, pubkeysize;
int err;
_ARGCHK(inkey != NULL);
_ARGCHK(out != NULL);
@ -41,29 +41,47 @@ int ecc_encrypt_key(const unsigned char *inkey, unsigned long keylen,
return err;
}
pubkeysize = (unsigned long)sizeof(pub_expt);
pub_expt = XMALLOC(ECC_BUF_SIZE);
ecc_shared = XMALLOC(ECC_BUF_SIZE);
skey = XMALLOC(MAXBLOCKSIZE);
if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) {
if (pub_expt != NULL) {
XFREE(pub_expt);
}
if (ecc_shared != NULL) {
XFREE(ecc_shared);
}
if (skey != NULL) {
XFREE(skey);
}
ecc_free(&pubkey);
return CRYPT_MEM;
}
pubkeysize = ECC_BUF_SIZE;
if ((err = ecc_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
ecc_free(&pubkey);
return err;
goto __ERR;
}
/* now check if the out buffer is big enough */
if (*len < (9 + PACKET_SIZE + pubkeysize + hash_descriptor[hash].hashsize)) {
ecc_free(&pubkey);
return CRYPT_BUFFER_OVERFLOW;
err = CRYPT_BUFFER_OVERFLOW;
goto __ERR;
}
/* make random key */
hashsize = hash_descriptor[hash].hashsize;
x = (unsigned long)sizeof(ecc_shared);
x = ECC_BUF_SIZE;
if ((err = ecc_shared_secret(&pubkey, key, ecc_shared, &x)) != CRYPT_OK) {
ecc_free(&pubkey);
return err;
goto __ERR;
}
ecc_free(&pubkey);
z = (unsigned long)sizeof(skey);
z = MAXBLOCKSIZE;
if ((err = hash_memory(hash, ecc_shared, x, skey, &z)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* store header */
@ -92,23 +110,30 @@ int ecc_encrypt_key(const unsigned char *inkey, unsigned long keylen,
}
*len = y;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
/* clean up */
zeromem(pub_expt, sizeof(pub_expt));
zeromem(ecc_shared, sizeof(ecc_shared));
zeromem(skey, sizeof(skey));
zeromem(pub_expt, ECC_BUF_SIZE);
zeromem(ecc_shared, ECC_BUF_SIZE);
zeromem(skey, MAXBLOCKSIZE);
#endif
return CRYPT_OK;
XFREE(skey);
XFREE(ecc_shared);
XFREE(pub_expt);
return err;
}
int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
unsigned char *outkey, unsigned long *keylen,
ecc_key *key)
{
unsigned char shared_secret[256], skey[MAXBLOCKSIZE];
unsigned long x, y, z, hashsize, keysize;
int hash, err;
ecc_key pubkey;
unsigned char *shared_secret, *skey;
unsigned long x, y, z, hashsize, keysize;
int hash, err;
ecc_key pubkey;
_ARGCHK(in != NULL);
_ARGCHK(outkey != NULL);
@ -155,22 +180,37 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
}
y += x;
/* allocate memory */
shared_secret = XMALLOC(ECC_BUF_SIZE);
skey = XMALLOC(MAXBLOCKSIZE);
if (shared_secret == NULL || skey == NULL) {
if (shared_secret != NULL) {
XFREE(shared_secret);
}
if (skey != NULL) {
XFREE(skey);
}
ecc_free(&pubkey);
return CRYPT_MEM;
}
/* make shared key */
x = (unsigned long)sizeof(shared_secret);
x = ECC_BUF_SIZE;
if ((err = ecc_shared_secret(key, &pubkey, shared_secret, &x)) != CRYPT_OK) {
ecc_free(&pubkey);
return err;
goto __ERR;
}
ecc_free(&pubkey);
z = (unsigned long)sizeof(skey);
z = MAXBLOCKSIZE;
if ((err = hash_memory(hash, shared_secret, x, skey, &z)) != CRYPT_OK) {
return err;
goto __ERR;
}
LOAD32L(keysize, in+y);
if (inlen < keysize) {
return CRYPT_INVALID_PACKET;
err = CRYPT_INVALID_PACKET;
goto __ERR;
} else {
inlen -= keysize;
}
@ -178,7 +218,7 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
if (*keylen < keysize) {
err = CRYPT_BUFFER_OVERFLOW;
goto done;
goto __ERR;
}
/* Decrypt the key */
@ -189,11 +229,15 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
*keylen = keysize;
err = CRYPT_OK;
done:
__ERR:
#ifdef CLEAN_STACK
zeromem(shared_secret, sizeof(shared_secret));
zeromem(skey, sizeof(skey));
zeromem(shared_secret, ECC_BUF_SIZE);
zeromem(skey, MAXBLOCKSIZE);
#endif
XFREE(skey);
XFREE(shared_secret);
return err;
}
@ -201,11 +245,11 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, ecc_key *key)
{
ecc_key pubkey;
mp_int b, p;
unsigned char epubkey[256], er[256];
ecc_key pubkey;
mp_int b, p;
unsigned char *epubkey, *er;
unsigned long x, y, pubkeysize, rsize;
int err;
int err;
_ARGCHK(in != NULL);
_ARGCHK(out != NULL);
@ -231,17 +275,32 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
return err;
}
pubkeysize = (unsigned long)sizeof(epubkey);
/* allocate ram */
epubkey = XMALLOC(ECC_BUF_SIZE);
er = XMALLOC(ECC_BUF_SIZE);
if (epubkey == NULL || er == NULL) {
if (epubkey != NULL) {
XFREE(epubkey);
}
if (er != NULL) {
XFREE(er);
}
ecc_free(&pubkey);
return CRYPT_MEM;
}
pubkeysize = ECC_BUF_SIZE;
if ((err = ecc_export(epubkey, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
ecc_free(&pubkey);
return err;
goto __ERR;
}
/* get the hash and load it as a bignum into 'b' */
/* init the bignums */
if ((err = mp_init_multi(&b, &p, NULL)) != MP_OKAY) {
ecc_free(&pubkey);
return mpi_to_ltc_error(err);
err = mpi_to_ltc_error(err);
goto __ERR;
}
if ((err = mp_read_radix(&p, (char *)sets[key->idx].order, 64)) != MP_OKAY) { goto error; }
if ((err = mp_read_unsigned_bin(&b, (unsigned char *)in, (int)inlen)) != MP_OKAY) { goto error; }
@ -253,7 +312,7 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
/* export it */
rsize = (unsigned long)mp_unsigned_bin_size(&b);
if (rsize > (unsigned long)sizeof(er)) {
if (rsize > ECC_BUF_SIZE) {
err = CRYPT_BUFFER_OVERFLOW;
goto error;
}
@ -262,7 +321,7 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
/* now lets check the outlen before we write */
if (*outlen < (12 + rsize + pubkeysize)) {
err = CRYPT_BUFFER_OVERFLOW;
goto done;
goto __ERR;
}
/* lets output */
@ -288,20 +347,24 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
/* store header */
packet_store_header(out, PACKET_SECT_ECC, PACKET_SUB_SIGNED);
/* clear memory */
*outlen = y;
/* all ok */
err = CRYPT_OK;
goto done;
goto __ERR;
error:
err = mpi_to_ltc_error(err);
done:
__ERR:
mp_clear_multi(&b, &p, NULL);
ecc_free(&pubkey);
#ifdef CLEAN_STACK
zeromem(er, sizeof(er));
zeromem(epubkey, sizeof(epubkey));
zeromem(er, ECC_BUF_SIZE);
zeromem(epubkey, ECC_BUF_SIZE);
#endif
XFREE(epubkey);
XFREE(er);
return err;
}
@ -322,11 +385,11 @@ int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
const unsigned char *hash, unsigned long inlen,
int *stat, ecc_key *key)
{
ecc_point *mG;
ecc_key pubkey;
mp_int b, p, m, mu;
ecc_point *mG;
ecc_key pubkey;
mp_int b, p, m, mu;
unsigned long x, y;
int err;
int err;
_ARGCHK(sig != NULL);
_ARGCHK(hash != NULL);

8
hash_filehandle.c
View File

@ -36,14 +36,16 @@ int hash_filehandle(int hash, FILE *in, unsigned char *dst, unsigned long *outle
hash_descriptor[hash].init(&md);
do {
x = fread(buf, 1, sizeof(buf), in);
hash_descriptor[hash].process(&md, buf, x);
if ((err = hash_descriptor[hash].process(&md, buf, x)) != CRYPT_OK) {
return err;
}
} while (x == sizeof(buf));
hash_descriptor[hash].done(&md, dst);
err = hash_descriptor[hash].done(&md, dst);
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
#endif
return CRYPT_OK;
return err;
#endif
}

25
hash_memory.c
View File

@ -12,7 +12,7 @@
int hash_memory(int hash, const unsigned char *data, unsigned long len, unsigned char *dst, unsigned long *outlen)
{
hash_state md;
hash_state *md;
int err;
_ARGCHK(data != NULL);
@ -26,10 +26,23 @@ int hash_memory(int hash, const unsigned char *data, unsigned long len, unsigned
if (*outlen < hash_descriptor[hash].hashsize) {
return CRYPT_BUFFER_OVERFLOW;
}
*outlen = hash_descriptor[hash].hashsize;
hash_descriptor[hash].init(&md);
hash_descriptor[hash].process(&md, data, len);
hash_descriptor[hash].done(&md, dst);
return CRYPT_OK;
md = XMALLOC(sizeof(hash_state));
if (md == NULL) {
return CRYPT_MEM;
}
hash_descriptor[hash].init(md);
if ((err = hash_descriptor[hash].process(md, data, len)) != CRYPT_OK) {
goto __ERR;
}
err = hash_descriptor[hash].done(md, dst);
*outlen = hash_descriptor[hash].hashsize;
__ERR:
#ifdef CLEAN_STACK
zeromem(md, sizeof(hash_state));
#endif
XFREE(md);
return err;
}

45
hmac_done.c
View File

@ -35,14 +35,14 @@
int hmac_done(hmac_state *hmac, unsigned char *hashOut, unsigned long *outlen)
{
unsigned char buf[MAXBLOCKSIZE];
unsigned char isha[MAXBLOCKSIZE];
unsigned char *buf, *isha;
unsigned long hashsize, i;
int hash, err;
_ARGCHK(hmac != NULL);
_ARGCHK(hmac != NULL);
_ARGCHK(hashOut != NULL);
/* test hash */
hash = hmac->hash;
if((err = hash_is_valid(hash)) != CRYPT_OK) {
return err;
@ -51,9 +51,22 @@ int hmac_done(hmac_state *hmac, unsigned char *hashOut, unsigned long *outlen)
/* get the hash message digest size */
hashsize = hash_descriptor[hash].hashsize;
/* allocate buffers */
buf = XMALLOC(HMAC_BLOCKSIZE);
isha = XMALLOC(hashsize);
if (buf == NULL || isha == NULL) {
if (buf != NULL) {
XFREE(buf);
}
if (isha != NULL) {
XFREE(isha);
}
return CRYPT_MEM;
}
// Get the hash of the first HMAC vector plus the data
if ((err = hash_descriptor[hash].done(&hmac->md, isha)) != CRYPT_OK) {
return err;
goto __ERR;
}
// Create the second HMAC vector vector for step (3)
@ -63,9 +76,15 @@ int hmac_done(hmac_state *hmac, unsigned char *hashOut, unsigned long *outlen)
// Now calculate the "outer" hash for step (5), (6), and (7)
hash_descriptor[hash].init(&hmac->md);
hash_descriptor[hash].process(&hmac->md, buf, HMAC_BLOCKSIZE);
hash_descriptor[hash].process(&hmac->md, isha, hashsize);
hash_descriptor[hash].done(&hmac->md, buf);
if ((err = hash_descriptor[hash].process(&hmac->md, buf, HMAC_BLOCKSIZE)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hash_descriptor[hash].process(&hmac->md, isha, hashsize)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hash_descriptor[hash].done(&hmac->md, buf)) != CRYPT_OK) {
goto __ERR;
}
// copy to output
for (i = 0; i < hashsize && i < *outlen; i++) {
@ -73,12 +92,18 @@ int hmac_done(hmac_state *hmac, unsigned char *hashOut, unsigned long *outlen)
}
*outlen = i;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(isha, sizeof(buf));
zeromem(buf, sizeof(isha));
zeromem(isha, hashsize);
zeromem(buf, hashsize);
zeromem(hmac, sizeof(*hmac));
#endif
return CRYPT_OK;
XFREE(isha);
XFREE(buf);
return err;
}
#endif

19
hmac_file.c
View File

@ -12,27 +12,8 @@
#include "mycrypt.h"
/*
(1) append zeros to the end of K to create a B byte string
(e.g., if K is of length 20 bytes and B=64, then K will be
appended with 44 zero bytes 0x00)
(2) XOR (bitwise exclusive-OR) the B byte string computed in step
(1) with ipad (ipad = the byte 0x36 repeated B times)
(3) append the stream of data 'text' to the B byte string resulting
from step (2)
(4) apply H to the stream generated in step (3)
(5) XOR (bitwise exclusive-OR) the B byte string computed in
step (1) with opad (opad = the byte 0x5C repeated B times.)
(6) append the H result from step (4) to the B byte string
resulting from step (5)
(7) apply H to the stream generated in step (6) and output
the result
*/
#ifdef HMAC
#define HMAC_BLOCKSIZE hash_descriptor[hash].blocksize
/* hmac_file added by Tom St Denis */
int hmac_file(int hash, const char *fname,
const unsigned char *key, unsigned long keylen,

29
hmac_init.c
View File

@ -35,38 +35,44 @@
int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned long keylen)
{
unsigned char buf[MAXBLOCKSIZE];
unsigned char *buf;
unsigned long hashsize;
unsigned long i, z;
int err;
_ARGCHK(hmac != NULL);
_ARGCHK(key != NULL);
_ARGCHK(key != NULL);
/* valid hash? */
if ((err = hash_is_valid(hash)) != CRYPT_OK) {
return err;
}
hmac->hash = hash;
hashsize = hash_descriptor[hash].hashsize;
/* valid key length? */
if (keylen == 0) {
return CRYPT_INVALID_KEYSIZE;
}
hmac->hash = hash;
/* allocate ram for buf */
buf = XMALLOC(HMAC_BLOCKSIZE);
if (buf == NULL) {
return CRYPT_MEM;
}
// (1) make sure we have a large enough key
hashsize = hash_descriptor[hash].hashsize;
if(keylen > HMAC_BLOCKSIZE) {
z = (unsigned long)sizeof(hmac->key);
if ((err = hash_memory(hash, key, keylen, hmac->key, &z)) != CRYPT_OK) {
return err;
goto __ERR;
}
if(hashsize < HMAC_BLOCKSIZE) {
zeromem((hmac->key) + hashsize, (size_t)(HMAC_BLOCKSIZE - hashsize));
}
keylen = hashsize;
} else {
memcpy(hmac->key, key, (size_t)keylen);
XMEMCPY(hmac->key, key, (size_t)keylen);
if(keylen < HMAC_BLOCKSIZE) {
zeromem((hmac->key) + keylen, (size_t)(HMAC_BLOCKSIZE - keylen));
}
@ -79,9 +85,14 @@ int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned lon
// Pre-pend that to the hash data
hash_descriptor[hash].init(&hmac->md);
hash_descriptor[hash].process(&hmac->md, buf, HMAC_BLOCKSIZE);
return CRYPT_OK;
err = hash_descriptor[hash].process(&hmac->md, buf, HMAC_BLOCKSIZE);
__ERR:
#ifdef CLEAN_STACK
zeromem(buf, HMAC_BLOCKSIZE);
#endif
XFREE(buf);
return err;
}
#endif

51
hmac_memory.c
View File

@ -12,55 +12,46 @@
#include "mycrypt.h"
/*
(1) append zeros to the end of K to create a B byte string
(e.g., if K is of length 20 bytes and B=64, then K will be
appended with 44 zero bytes 0x00)
(2) XOR (bitwise exclusive-OR) the B byte string computed in step
(1) with ipad (ipad = the byte 0x36 repeated B times)
(3) append the stream of data 'text' to the B byte string resulting
from step (2)
(4) apply H to the stream generated in step (3)
(5) XOR (bitwise exclusive-OR) the B byte string computed in
step (1) with opad (opad = the byte 0x5C repeated B times.)
(6) append the H result from step (4) to the B byte string
resulting from step (5)
(7) apply H to the stream generated in step (6) and output
the result
*/
#ifdef HMAC
#define HMAC_BLOCKSIZE hash_descriptor[hash].blocksize
int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
const unsigned char *data, unsigned long len,
unsigned char *dst, unsigned long *dstlen)
{
hmac_state hmac;
hmac_state *hmac;
int err;
_ARGCHK(key != NULL);
_ARGCHK(data != NULL);
_ARGCHK(dst != NULL);
_ARGCHK(dstlen != NULL);
if((err = hash_is_valid(hash)) != CRYPT_OK) {
return err;
/* allocate ram for hmac state */
hmac = XMALLOC(sizeof(hmac_state));
if (hmac == NULL) {
return CRYPT_MEM;
}
if ((err = hmac_init(&hmac, hash, key, keylen)) != CRYPT_OK) {
return err;
if ((err = hmac_init(hmac, hash, key, keylen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hmac_process(&hmac, data, len)) != CRYPT_OK) {
return err;
if ((err = hmac_process(hmac, data, len)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hmac_done(&hmac, dst, dstlen)) != CRYPT_OK) {
return err;
if ((err = hmac_done(hmac, dst, dstlen)) != CRYPT_OK) {
goto __ERR;
}
return CRYPT_OK;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(hmac, sizeof(hmac_state));
#endif
XFREE(hmac);
return err;
}
#endif

19
hmac_process.c
View File

@ -12,27 +12,8 @@
#include "mycrypt.h"
/*
(1) append zeros to the end of K to create a B byte string
(e.g., if K is of length 20 bytes and B=64, then K will be
appended with 44 zero bytes 0x00)
(2) XOR (bitwise exclusive-OR) the B byte string computed in step
(1) with ipad (ipad = the byte 0x36 repeated B times)
(3) append the stream of data 'text' to the B byte string resulting
from step (2)
(4) apply H to the stream generated in step (3)
(5) XOR (bitwise exclusive-OR) the B byte string computed in
step (1) with opad (opad = the byte 0x5C repeated B times.)
(6) append the H result from step (4) to the B byte string
resulting from step (5)
(7) apply H to the stream generated in step (6) and output
the result
*/
#ifdef HMAC
#define HMAC_BLOCKSIZE hash_descriptor[hash].blocksize
int hmac_process(hmac_state *hmac, const unsigned char *buf, unsigned long len)
{
int err;

18
ltc_tommath.h
View File

@ -27,7 +27,7 @@
#define MAX(x,y) ((x)>(y)?(x):(y))
#ifdef __cplusplus
extern "C" {
"C" {
/* C++ compilers don't like assigning void * to mp_digit * */
#define OPT_CAST(x) (x *)
@ -99,12 +99,16 @@ extern "C" {
#define XFREE free
#define XREALLOC realloc
#define XCALLOC calloc
#define XMEMSET memset
#define XMEMCPY memcpy
#else
/* prototypes for our heap functions */
extern void *XMALLOC(size_t n);
extern void *REALLOC(void *p, size_t n);
extern void *XCALLOC(size_t n, size_t s);
extern void XFREE(void *p);
void *XMALLOC(size_t n);
void *REALLOC(void *p, size_t n);
void *XCALLOC(size_t n, size_t s);
void XFREE(void *p);
void *XMEMCPY(void *dest, const void *src, size_t n);
int XMEMCMP(const void *s1, const void *s2, size_t n);
#endif
#endif
@ -143,7 +147,7 @@ extern "C" {
typedef int mp_err;
/* you'll have to tune these... */
extern int KARATSUBA_MUL_CUTOFF,
int KARATSUBA_MUL_CUTOFF,
KARATSUBA_SQR_CUTOFF,
TOOM_MUL_CUTOFF,
TOOM_SQR_CUTOFF;
@ -546,7 +550,7 @@ int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int mode);
int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
void bn_reverse(unsigned char *s, int len);
extern const char *mp_s_rmap;
const char *mp_s_rmap;
#ifdef __cplusplus
}

30
makefile
View File

@ -2,14 +2,9 @@
#
# Tom St Denis
# Modified by Clay Culver
#
# NOTE: This should later be replaced by autoconf/automake scripts, but for
# the time being this is actually pretty clean. The only ugly part is
# handling CFLAGS so that the x86 specific optimizations don't break
# a build. This is easy to remedy though, for those that have problems.
# The version
VERSION=0.96
VERSION=0.97
# Compiler and Linker Names
#CC=gcc
@ -26,15 +21,14 @@ CFLAGS += -c -I./ -Wall -Wsign-compare -W -Wshadow
# optimize for SPEED
#CFLAGS += -O3 -funroll-loops
#add -fomit-frame-pointer. GCC v3.2 is buggy for certain platforms!
#add -fomit-frame-pointer. hinders debugging!
CFLAGS += -fomit-frame-pointer
# optimize for SIZE
CFLAGS += -Os
# compile for DEBUGING
# compile for DEBUGING (required for ccmalloc checking!!!)
#CFLAGS += -g3
#ch1-01-3
#These flags control how the library gets built.
@ -147,8 +141,11 @@ default:library
#ciphers come in two flavours... enc+dec and enc
aes_enc.o: aes.c aes_tab.c
$(CC) $(CFLAGS) -DENCRYPT_ONLY -c aes.c -o aes_enc.o
#These are the rules to make certain object files.
aes.o: aes.c aes_tab.c
twofish.o: twofish.c twofish_tab.c
whirl.o: whirl.c whirltab.c
ecc.o: ecc.c ecc_sys.c
dh.o: dh.c dh_sys.c
sha512.o: sha512.c sha384.c
@ -195,7 +192,7 @@ clean:
rm -f $(OBJECTS) $(TESTOBJECTS) $(HASHOBJECTS) $(CRYPTOBJECTS) $(SMALLOBJECTS) $(LEFTOVERS) $(LIBNAME)
rm -f $(TEST) $(HASH) $(COMPRESSED) $(PROFS) $(PROF) $(TVS) $(TV)
rm -f *.a *.dll *stackdump *.lib *.exe *.obj demos/*.obj demos/*.o *.bat *.txt *.il *.da demos/*.il demos/*.da *.dyn *.dpi \
*.gcda *.gcno demos/*.gcno demos/*.gcda *~ doc/*
*.gcda *.gcno demos/*.gcno demos/*.gcda *~ doc/*
cd demos/test ; make clean
#This builds the crypt.pdf file. Note that the rm -f *.pdf has been removed
@ -206,8 +203,8 @@ docs: crypt.tex
rm -f doc/crypt.pdf $(LEFTOVERS)
echo "hello" > crypt.ind
latex crypt > /dev/null
makeindex crypt > /dev/null
latex crypt > /dev/null
makeindex crypt.idx > /dev/null
latex crypt > /dev/null
dvipdf crypt
mv -ivf crypt.pdf doc/crypt.pdf
@ -217,9 +214,13 @@ docdvi: crypt.tex
echo hello > crypt.ind
latex crypt > /dev/null
latex crypt > /dev/null
makeindex crypt
makeindex.idx crypt
latex crypt > /dev/null
#pretty build
pretty:
perl pretty.build
#beta
beta: clean
cd .. ; rm -rf crypt* libtomcrypt-$(VERSION)-beta ; mkdir libtomcrypt-$(VERSION)-beta ; \
@ -231,5 +232,4 @@ zipup: clean docs
cd .. ; rm -rf crypt* libtomcrypt-$(VERSION) ; mkdir libtomcrypt-$(VERSION) ; \
cp -R ./libtomcrypt/* ./libtomcrypt-$(VERSION)/ ; tar -c libtomcrypt-$(VERSION)/* > crypt-$(VERSION).tar ; \
bzip2 -9vv crypt-$(VERSION).tar ; zip -9 -r crypt-$(VERSION).zip libtomcrypt-$(VERSION)/* ; \
gpg -b -a crypt-$(VERSION).tar.bz2 ; \
gpg -b -a crypt-$(VERSION).zip
gpg -b -a crypt-$(VERSION).tar.bz2 ; gpg -b -a crypt-$(VERSION).zip

2
makefile.icc
View File

@ -150,7 +150,7 @@ LEFTOVERS=*.dvi *.log *.aux *.toc *.idx *.ilg *.ind
COMPRESSED=crypt.tar.bz2 crypt.zip crypt.tar.gz
#Header files used by libtomcrypt.
HEADERS=tommath.h mycrypt_cfg.h mycrypt_gf.h mycrypt_kr.h \
HEADERS=ltc_tommath.h mycrypt_cfg.h \
mycrypt_misc.h mycrypt_prng.h mycrypt_cipher.h mycrypt_hash.h \
mycrypt_macros.h mycrypt_pk.h mycrypt.h mycrypt_argchk.h mycrypt_custom.h

6
md2.c
View File

@ -111,7 +111,7 @@ int md2_process(hash_state *md, const unsigned char *buf, unsigned long len)
}
while (len > 0) {
n = MIN(len, (16 - md->md2.curlen));
memcpy(md->md2.buf + md->md2.curlen, buf, (size_t)n);
XMEMCPY(md->md2.buf + md->md2.curlen, buf, (size_t)n);
md->md2.curlen += n;
buf += n;
len -= n;
@ -149,11 +149,11 @@ int md2_done(hash_state * md, unsigned char *hash)
md2_update_chksum(md);
/* hash checksum */
memcpy(md->md2.buf, md->md2.chksum, 16);
XMEMCPY(md->md2.buf, md->md2.chksum, 16);
md2_compress(md);
/* output is lower 16 bytes of X */
memcpy(hash, md->md2.X, 16);
XMEMCPY(hash, md->md2.X, 16);
#ifdef CLEAN_STACK
zeromem(md, sizeof(hash_state));

46
modes_test.c
View File

@ -1,46 +0,0 @@
/* test CFB/OFB/CBC modes */
#include "test.h"
int modes_test(void)
{
unsigned char pt[64], ct[64], tmp[64], key[16], iv[16];
int x, cipher_idx;
symmetric_CBC cbc;
/* make a random pt, key and iv */
yarrow_read(pt, 64, &test_yarrow);
yarrow_read(key, 16, &test_yarrow);
yarrow_read(iv, 16, &test_yarrow);
/* test CBC mode */
cipher_idx = find_cipher("aes");
if (cipher_idx == -1) {
printf("test requires AES");
return 1;
}
/* encode the block */
DO(cbc_start(cipher_idx, iv, key, 16, 0, &cbc));
for (x = 0; x < 4; x++) {
DO(cbc_encrypt(pt+x*16, ct+x*16, &cbc));
}
/* decode the block */
DO(cbc_start(cipher_idx, iv, key, 16, 0, &cbc));
for (x = 0; x < 4; x++) {
DO(cbc_decrypt(ct+x*16, tmp+x*16, &cbc));
}
if (memcmp(tmp, pt, 64) != 0) {
printf("CBC failed");
return 1;
}
/*
extern int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key,
int keylen, int num_rounds, symmetric_CBC *cbc);
extern int cbc_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_CBC *cbc);
extern int cbc_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_CBC *cbc);
*/
}

12
mpi.c
View File

@ -408,7 +408,7 @@ fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
}
/* clear temp buf (the columns) */
memset (W, 0, sizeof (mp_word) * digs);
XMEMSET (W, 0, sizeof (mp_word) * digs);
/* calculate the columns */
pa = a->used;
@ -538,7 +538,7 @@ fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
/* like the other comba method we compute the columns first */
pa = a->used;
pb = b->used;
memset (W + digs, 0, (pa + pb + 1 - digs) * sizeof (mp_word));
XMEMSET (W + digs, 0, (pa + pb + 1 - digs) * sizeof (mp_word));
for (ix = 0; ix < pa; ix++) {
{
register mp_digit tmpx, *tmpy;
@ -654,8 +654,8 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b)
* the inner product can be doubled using n doublings instead of
* n**2
*/
memset (W, 0, newused * sizeof (mp_word));
memset (W2, 0, newused * sizeof (mp_word));
XMEMSET (W, 0, newused * sizeof (mp_word));
XMEMSET (W2, 0, newused * sizeof (mp_word));
/* This computes the inner product. To simplify the inner N**2 loop
* the multiplication by two is done afterwards in the N loop.
@ -1145,7 +1145,7 @@ mp_clear (mp_int * a)
/* only do anything if a hasn't been freed previously */
if (a->dp != NULL) {
/* first zero the digits */
memset (a->dp, 0, sizeof (mp_digit) * a->used);
XMEMSET (a->dp, 0, sizeof (mp_digit) * a->used);
/* free ram */
XFREE(a->dp);
@ -7538,7 +7538,7 @@ mp_zero (mp_int * a)
{
a->sign = MP_ZPOS;
a->used = 0;
memset (a->dp, 0, sizeof (mp_digit) * a->alloc);
XMEMSET (a->dp, 0, sizeof (mp_digit) * a->alloc);
}
/* End: bn_mp_zero.c */

10
mycrypt.h
View File

@ -12,18 +12,18 @@
#include <mycrypt_custom.h>
#ifdef __cplusplus
extern "C" {
"C" {
#endif
/* version */
#define CRYPT 0x0096
#define SCRYPT "0.96"
#define CRYPT 0x0097
#define SCRYPT "0.97"
/* max size of either a cipher/hash block or symmetric key [largest of the two] */
#define MAXBLOCKSIZE 128
#define MAXBLOCKSIZE 64
/* descriptor table size */
#define TAB_SIZE 32
#define TAB_SIZE 32
/* error codes [will be expanded in future releases] */
enum {

2
mycrypt_argchk.h
View File

@ -7,7 +7,7 @@
#include <signal.h>
/* this is the default LibTomCrypt macro */
extern void crypt_argchk(char *v, char *s, int d);
void crypt_argchk(char *v, char *s, int d);
#define _ARGCHK(x) if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); }
#elif ARGTYPE == 1

14
mycrypt_cfg.h
View File

@ -8,13 +8,17 @@
#define MYCRYPT_CFG_H
/* you can change how memory allocation works ... */
extern void *XMALLOC(size_t n);
extern void *REALLOC(void *p, size_t n);
extern void *XCALLOC(size_t n, size_t s);
extern void XFREE(void *p);
void *XMALLOC(size_t n);
void *REALLOC(void *p, size_t n);
void *XCALLOC(size_t n, size_t s);
void XFREE(void *p);
/* change the clock function too */
extern clock_t XCLOCK(void);
clock_t XCLOCK(void);
/* various other functions */
void *XMEMCPY(void *dest, const void *src, size_t n);
int XMEMCMP(const void *s1, const void *s2, size_t n);
/* ch1-01-1 */
/* type of argument checking, 0=default, 1=fatal and 2=none */

246
mycrypt_cipher.h
View File

@ -179,7 +179,7 @@ typedef struct Symmetric_CTR {
} symmetric_CTR;
/* cipher descriptor table, last entry has "name == NULL" to mark the end of table */
extern struct _cipher_descriptor {
extern struct _cipher_descriptor {
char *name;
unsigned char ID;
int min_key_length, max_key_length, block_length, default_rounds;
@ -191,65 +191,65 @@ extern struct _cipher_descriptor {
} cipher_descriptor[];
#ifdef BLOWFISH
extern int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int blowfish_test(void);
extern int blowfish_keysize(int *desired_keysize);
extern const struct _cipher_descriptor blowfish_desc;
int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int blowfish_test(void);
int blowfish_keysize(int *desired_keysize);
extern const struct _cipher_descriptor blowfish_desc;
#endif
#ifdef RC5
extern int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int rc5_test(void);
extern int rc5_keysize(int *desired_keysize);
extern const struct _cipher_descriptor rc5_desc;
int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int rc5_test(void);
int rc5_keysize(int *desired_keysize);
extern const struct _cipher_descriptor rc5_desc;
#endif
#ifdef RC6
extern int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int rc6_test(void);
extern int rc6_keysize(int *desired_keysize);
extern const struct _cipher_descriptor rc6_desc;
int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int rc6_test(void);
int rc6_keysize(int *desired_keysize);
extern const struct _cipher_descriptor rc6_desc;
#endif
#ifdef RC2
extern int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int rc2_test(void);
extern int rc2_keysize(int *desired_keysize);
extern const struct _cipher_descriptor rc2_desc;
int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int rc2_test(void);
int rc2_keysize(int *desired_keysize);
extern const struct _cipher_descriptor rc2_desc;
#endif
#ifdef SAFERP
extern int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int saferp_test(void);
extern int saferp_keysize(int *desired_keysize);
extern const struct _cipher_descriptor saferp_desc;
int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int saferp_test(void);
int saferp_keysize(int *desired_keysize);
extern const struct _cipher_descriptor saferp_desc;
#endif
#ifdef SAFER
extern int safer_k64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int safer_k64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int safer_k64_test(void);
extern int safer_sk64_test(void);
extern int safer_sk128_test(void);
int safer_k64_test(void);
int safer_sk64_test(void);
int safer_sk128_test(void);
extern int safer_64_keysize(int *desired_keysize);
extern int safer_128_keysize(int *desired_keysize);
extern const struct _cipher_descriptor safer_k64_desc, safer_k128_desc, safer_sk64_desc, safer_sk128_desc;
int safer_64_keysize(int *desired_keysize);
int safer_128_keysize(int *desired_keysize);
extern const struct _cipher_descriptor safer_k64_desc, safer_k128_desc, safer_sk64_desc, safer_sk128_desc;
#endif
#ifdef RIJNDAEL
@ -265,132 +265,132 @@ extern const struct _cipher_descriptor safer_k64_desc, safer_k128_desc, safer_sk
#define aes_enc_ecb_encrypt rijndael_enc_ecb_encrypt
#define aes_enc_keysize rijndael_enc_keysize
extern int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int rijndael_test(void);
extern int rijndael_keysize(int *desired_keysize);
int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int rijndael_test(void);
int rijndael_keysize(int *desired_keysize);
extern int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern int rijndael_enc_keysize(int *desired_keysize);
int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
int rijndael_enc_keysize(int *desired_keysize);
extern const struct _cipher_descriptor rijndael_desc, aes_desc;
extern const struct _cipher_descriptor rijndael_enc_desc, aes_enc_desc;
extern const struct _cipher_descriptor rijndael_desc, aes_desc;
extern const struct _cipher_descriptor rijndael_enc_desc, aes_enc_desc;
#endif
#ifdef XTEA
extern int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int xtea_test(void);
extern int xtea_keysize(int *desired_keysize);
extern const struct _cipher_descriptor xtea_desc;
int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int xtea_test(void);
int xtea_keysize(int *desired_keysize);
extern const struct _cipher_descriptor xtea_desc;
#endif
#ifdef TWOFISH
extern int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int twofish_test(void);
extern int twofish_keysize(int *desired_keysize);
extern const struct _cipher_descriptor twofish_desc;
int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int twofish_test(void);
int twofish_keysize(int *desired_keysize);
extern const struct _cipher_descriptor twofish_desc;
#endif
#ifdef DES
extern int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int des_test(void);
extern int des_keysize(int *desired_keysize);
int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int des_test(void);
int des_keysize(int *desired_keysize);
extern int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int des3_test(void);
extern int des3_keysize(int *desired_keysize);
int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int des3_test(void);
int des3_keysize(int *desired_keysize);
extern const struct _cipher_descriptor des_desc, des3_desc;
extern const struct _cipher_descriptor des_desc, des3_desc;
#endif
#ifdef CAST5
extern int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int cast5_test(void);
extern int cast5_keysize(int *desired_keysize);
extern const struct _cipher_descriptor cast5_desc;
int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int cast5_test(void);
int cast5_keysize(int *desired_keysize);
extern const struct _cipher_descriptor cast5_desc;
#endif
#ifdef NOEKEON
extern int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int noekeon_test(void);
extern int noekeon_keysize(int *desired_keysize);
extern const struct _cipher_descriptor noekeon_desc;
int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int noekeon_test(void);
int noekeon_keysize(int *desired_keysize);
extern const struct _cipher_descriptor noekeon_desc;
#endif
#ifdef SKIPJACK
extern int skipjack_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
extern void skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
extern void skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
extern int skipjack_test(void);
extern int skipjack_keysize(int *desired_keysize);
extern const struct _cipher_descriptor skipjack_desc;
int skipjack_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
void skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
void skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
int skipjack_test(void);
int skipjack_keysize(int *desired_keysize);
extern const struct _cipher_descriptor skipjack_desc;
#endif
#ifdef ECB
extern int ecb_start(int cipher, const unsigned char *key,
int ecb_start(int cipher, const unsigned char *key,
int keylen, int num_rounds, symmetric_ECB *ecb);
extern int ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_ECB *ecb);
extern int ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_ECB *ecb);
int ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_ECB *ecb);
int ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_ECB *ecb);
#endif
#ifdef CFB
extern int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key,
int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key,
int keylen, int num_rounds, symmetric_CFB *cfb);
extern int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb);
extern int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CFB *cfb);
extern int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb);
extern int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb);
int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb);
int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CFB *cfb);
int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb);
int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb);
#endif
#ifdef OFB
extern int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key,
int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key,
int keylen, int num_rounds, symmetric_OFB *ofb);
extern int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb);
extern int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_OFB *ofb);
extern int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb);
extern int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb);
int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb);
int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_OFB *ofb);
int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb);
int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb);
#endif
#ifdef CBC
extern int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key,
int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key,
int keylen, int num_rounds, symmetric_CBC *cbc);
extern int cbc_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_CBC *cbc);
extern int cbc_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_CBC *cbc);
extern int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc);
extern int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc);
int cbc_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_CBC *cbc);
int cbc_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_CBC *cbc);
int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc);
int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc);
#endif
#ifdef CTR
extern int ctr_start(int cipher, const unsigned char *IV, const unsigned char *key,
int ctr_start(int cipher, const unsigned char *IV, const unsigned char *key,
int keylen, int num_rounds, symmetric_CTR *ctr);
extern int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr);
extern int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CTR *ctr);
extern int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr);
extern int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr);
int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr);
int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CTR *ctr);
int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr);
int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr);
#endif
extern int find_cipher(const char *name);
extern int find_cipher_any(const char *name, int blocklen, int keylen);
extern int find_cipher_id(unsigned char ID);
int find_cipher(const char *name);
int find_cipher_any(const char *name, int blocklen, int keylen);
int find_cipher_id(unsigned char ID);
extern int register_cipher(const struct _cipher_descriptor *cipher);
extern int unregister_cipher(const struct _cipher_descriptor *cipher);
int register_cipher(const struct _cipher_descriptor *cipher);
int unregister_cipher(const struct _cipher_descriptor *cipher);
extern int cipher_is_valid(int idx);
int cipher_is_valid(int idx);

39
mycrypt_custom.h
View File

@ -9,12 +9,16 @@
#error mycrypt_custom.h should be included before mycrypt.h
#endif
/* macros for various libc functions */
#define XMALLOC malloc
/* macros for various libc functions you can change for embedded targets */
#define XMALLOC malloc
#define XREALLOC realloc
#define XCALLOC calloc
#define XFREE free
#define XCLOCK clock
#define XCALLOC calloc
#define XFREE free
#define XMEMSET memset
#define XMEMCPY memcpy
#define XCLOCK clock
#define XCLOCKS_PER_SEC CLOCKS_PER_SEC
/* Use small code where possible */
@ -45,6 +49,10 @@
#define CAST5
#define NOEKEON
#define SKIPJACK
/* SAFER code isn't public domain. It appears to be free to use
* but has been disabled by default to avoid any such problems
*/
//#define SAFER
/* modes of operation */
#define CFB
@ -89,10 +97,19 @@
/* Public Key Neatoness */
#define MRSA
#define RSA_TIMING // enable RSA side channel timing prevention
/* enable RSA side channel timing prevention */
#define RSA_TIMING
/* Digital Signature Algorithm */
#define MDSA
/* Max diff between group and modulus size in bytes */
#define MDSA_DELTA 512
/* Max DSA group size in bytes (default allows 4k-bit groups) */
#define MDSA_MAX_GROUP 512
/* Diffie-Hellman */
#define MDH
#define MECC
/* Supported Key Sizes */
#define DH768
#define DH1024
#define DH1280
@ -102,15 +119,21 @@
#define DH2560
#define DH3072
#define DH4096
/* ECC */
#define MECC
/* Supported Key Sizes */
#define ECC160
#define ECC192
#define ECC224
#define ECC256
#define ECC384
#define ECC521
/* Include the MPI functionality? (required by the PK algorithms) */
#define MPI
/* PKCS #1 and 5 stuff */
/* PKCS #1 and #5 stuff */
#define PKCS_1
#define PKCS_5

214
mycrypt_hash.h
View File

@ -111,7 +111,7 @@ typedef union Hash_state {
#endif
} hash_state;
extern struct _hash_descriptor {
extern struct _hash_descriptor {
char *name;
unsigned char ID;
unsigned long hashsize; /* digest output size in bytes */
@ -126,118 +126,118 @@ extern struct _hash_descriptor {
#ifdef WHIRLPOOL
extern void whirlpool_init(hash_state * md);
extern int whirlpool_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int whirlpool_done(hash_state * md, unsigned char *hash);
extern int whirlpool_test(void);
extern const struct _hash_descriptor whirlpool_desc;
void whirlpool_init(hash_state * md);
int whirlpool_process(hash_state * md, const unsigned char *buf, unsigned long len);
int whirlpool_done(hash_state * md, unsigned char *hash);
int whirlpool_test(void);
extern const struct _hash_descriptor whirlpool_desc;
#endif
#ifdef SHA512
extern void sha512_init(hash_state * md);
extern int sha512_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int sha512_done(hash_state * md, unsigned char *hash);
extern int sha512_test(void);
extern const struct _hash_descriptor sha512_desc;
void sha512_init(hash_state * md);
int sha512_process(hash_state * md, const unsigned char *buf, unsigned long len);
int sha512_done(hash_state * md, unsigned char *hash);
int sha512_test(void);
extern const struct _hash_descriptor sha512_desc;
#endif
#ifdef SHA384
#ifndef SHA512
#error SHA512 is required for SHA384
#endif
extern void sha384_init(hash_state * md);
void sha384_init(hash_state * md);
#define sha384_process sha512_process
extern int sha384_done(hash_state * md, unsigned char *hash);
extern int sha384_test(void);
extern const struct _hash_descriptor sha384_desc;
int sha384_done(hash_state * md, unsigned char *hash);
int sha384_test(void);
const struct _hash_descriptor sha384_desc;
#endif
#ifdef SHA256
extern void sha256_init(hash_state * md);
extern int sha256_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int sha256_done(hash_state * md, unsigned char *hash);
extern int sha256_test(void);
extern const struct _hash_descriptor sha256_desc;
void sha256_init(hash_state * md);
int sha256_process(hash_state * md, const unsigned char *buf, unsigned long len);
int sha256_done(hash_state * md, unsigned char *hash);
int sha256_test(void);
extern const struct _hash_descriptor sha256_desc;
#ifdef SHA224
#ifndef SHA256
#error SHA256 is required for SHA224
#endif
extern void sha224_init(hash_state * md);
void sha224_init(hash_state * md);
#define sha224_process sha256_process
extern int sha224_done(hash_state * md, unsigned char *hash);
extern int sha224_test(void);
extern const struct _hash_descriptor sha224_desc;
int sha224_done(hash_state * md, unsigned char *hash);
int sha224_test(void);
extern const struct _hash_descriptor sha224_desc;
#endif
#endif
#ifdef SHA1
extern void sha1_init(hash_state * md);
extern int sha1_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int sha1_done(hash_state * md, unsigned char *hash);
extern int sha1_test(void);
extern const struct _hash_descriptor sha1_desc;
void sha1_init(hash_state * md);
int sha1_process(hash_state * md, const unsigned char *buf, unsigned long len);
int sha1_done(hash_state * md, unsigned char *hash);
int sha1_test(void);
extern const struct _hash_descriptor sha1_desc;
#endif
#ifdef MD5
extern void md5_init(hash_state * md);
extern int md5_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int md5_done(hash_state * md, unsigned char *hash);
extern int md5_test(void);
extern const struct _hash_descriptor md5_desc;
void md5_init(hash_state * md);
int md5_process(hash_state * md, const unsigned char *buf, unsigned long len);
int md5_done(hash_state * md, unsigned char *hash);
int md5_test(void);
extern const struct _hash_descriptor md5_desc;
#endif
#ifdef MD4
extern void md4_init(hash_state * md);
extern int md4_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int md4_done(hash_state * md, unsigned char *hash);
extern int md4_test(void);
extern const struct _hash_descriptor md4_desc;
void md4_init(hash_state * md);
int md4_process(hash_state * md, const unsigned char *buf, unsigned long len);
int md4_done(hash_state * md, unsigned char *hash);
int md4_test(void);
extern const struct _hash_descriptor md4_desc;
#endif
#ifdef MD2
extern void md2_init(hash_state * md);
extern int md2_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int md2_done(hash_state * md, unsigned char *hash);
extern int md2_test(void);
extern const struct _hash_descriptor md2_desc;
void md2_init(hash_state * md);
int md2_process(hash_state * md, const unsigned char *buf, unsigned long len);
int md2_done(hash_state * md, unsigned char *hash);
int md2_test(void);
extern const struct _hash_descriptor md2_desc;
#endif
#ifdef TIGER
extern void tiger_init(hash_state * md);
extern int tiger_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int tiger_done(hash_state * md, unsigned char *hash);
extern int tiger_test(void);
extern const struct _hash_descriptor tiger_desc;
void tiger_init(hash_state * md);
int tiger_process(hash_state * md, const unsigned char *buf, unsigned long len);
int tiger_done(hash_state * md, unsigned char *hash);
int tiger_test(void);
extern const struct _hash_descriptor tiger_desc;
#endif
#ifdef RIPEMD128
extern void rmd128_init(hash_state * md);
extern int rmd128_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int rmd128_done(hash_state * md, unsigned char *hash);
extern int rmd128_test(void);
extern const struct _hash_descriptor rmd128_desc;
void rmd128_init(hash_state * md);
int rmd128_process(hash_state * md, const unsigned char *buf, unsigned long len);
int rmd128_done(hash_state * md, unsigned char *hash);
int rmd128_test(void);
extern const struct _hash_descriptor rmd128_desc;
#endif
#ifdef RIPEMD160
extern void rmd160_init(hash_state * md);
extern int rmd160_process(hash_state * md, const unsigned char *buf, unsigned long len);
extern int rmd160_done(hash_state * md, unsigned char *hash);
extern int rmd160_test(void);
extern const struct _hash_descriptor rmd160_desc;
void rmd160_init(hash_state * md);
int rmd160_process(hash_state * md, const unsigned char *buf, unsigned long len);
int rmd160_done(hash_state * md, unsigned char *hash);
int rmd160_test(void);
extern const struct _hash_descriptor rmd160_desc;
#endif
extern int find_hash(const char *name);
extern int find_hash_id(unsigned char ID);
extern int find_hash_any(const char *name, int digestlen);
extern int register_hash(const struct _hash_descriptor *hash);
extern int unregister_hash(const struct _hash_descriptor *hash);
extern int hash_is_valid(int idx);
int find_hash(const char *name);
int find_hash_id(unsigned char ID);
int find_hash_any(const char *name, int digestlen);
int register_hash(const struct _hash_descriptor *hash);
int unregister_hash(const struct _hash_descriptor *hash);
int hash_is_valid(int idx);
extern int hash_memory(int hash, const unsigned char *data, unsigned long len, unsigned char *dst, unsigned long *outlen);
extern int hash_filehandle(int hash, FILE *in, unsigned char *dst, unsigned long *outlen);
extern int hash_file(int hash, const char *fname, unsigned char *dst, unsigned long *outlen);
int hash_memory(int hash, const unsigned char *data, unsigned long len, unsigned char *dst, unsigned long *outlen);
int hash_filehandle(int hash, FILE *in, unsigned char *dst, unsigned long *outlen);
int hash_file(int hash, const char *fname, unsigned char *dst, unsigned long *outlen);
/* a simple macro for making hash "process" functions */
#define HASH_PROCESS(func_name, compress_name, state_var, block_size) \
@ -279,14 +279,14 @@ typedef struct Hmac_state {
unsigned char key[MAXBLOCKSIZE];
} hmac_state;
extern int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned long keylen);
extern int hmac_process(hmac_state *hmac, const unsigned char *buf, unsigned long len);
extern int hmac_done(hmac_state *hmac, unsigned char *hashOut, unsigned long *outlen);
extern int hmac_test(void);
extern int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned long keylen);
int hmac_process(hmac_state *hmac, const unsigned char *buf, unsigned long len);
int hmac_done(hmac_state *hmac, unsigned char *hashOut, unsigned long *outlen);
int hmac_test(void);
int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
const unsigned char *data, unsigned long len,
unsigned char *dst, unsigned long *dstlen);
extern int hmac_file(int hash, const char *fname, const unsigned char *key,
int hmac_file(int hash, const char *fname, const unsigned char *key,
unsigned long keylen,
unsigned char *dst, unsigned long *dstlen);
#endif
@ -303,15 +303,15 @@ typedef struct {
symmetric_key key;
} omac_state;
extern int omac_init(omac_state *omac, int cipher, const unsigned char *key, unsigned long keylen);
extern int omac_process(omac_state *state, const unsigned char *buf, unsigned long len);
extern int omac_done(omac_state *state, unsigned char *out, unsigned long *outlen);
extern int omac_memory(int cipher, const unsigned char *key, unsigned long keylen,
int omac_init(omac_state *omac, int cipher, const unsigned char *key, unsigned long keylen);
int omac_process(omac_state *state, const unsigned char *buf, unsigned long len);
int omac_done(omac_state *state, unsigned char *out, unsigned long *outlen);
int omac_memory(int cipher, const unsigned char *key, unsigned long keylen,
const unsigned char *msg, unsigned long msglen,
unsigned char *out, unsigned long *outlen);
extern int omac_file(int cipher, const unsigned char *key, unsigned long keylen,
int omac_file(int cipher, const unsigned char *key, unsigned long keylen,
const char *filename, unsigned char *out, unsigned long *outlen);
extern int omac_test(void);
int omac_test(void);
#endif /* OMAC */
#ifdef PMAC
@ -330,22 +330,22 @@ typedef struct {
buflen; /* number of bytes in the buffer */
} pmac_state;
extern int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned long keylen);
extern int pmac_process(pmac_state *state, const unsigned char *buf, unsigned long len);
extern int pmac_done(pmac_state *state, unsigned char *out, unsigned long *outlen);
int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned long keylen);
int pmac_process(pmac_state *state, const unsigned char *buf, unsigned long len);
int pmac_done(pmac_state *state, unsigned char *out, unsigned long *outlen);
extern int pmac_memory(int cipher, const unsigned char *key, unsigned long keylen,
int pmac_memory(int cipher, const unsigned char *key, unsigned long keylen,
const unsigned char *msg, unsigned long msglen,
unsigned char *out, unsigned long *outlen);
extern int pmac_file(int cipher, const unsigned char *key, unsigned long keylen,
int pmac_file(int cipher, const unsigned char *key, unsigned long keylen,
const char *filename, unsigned char *out, unsigned long *outlen);
extern int pmac_test(void);
int pmac_test(void);
/* internal functions */
extern int pmac_ntz(unsigned long x);
extern void pmac_shift_xor(pmac_state *pmac);
int pmac_ntz(unsigned long x);
void pmac_shift_xor(pmac_state *pmac);
#endif /* PMAC */
@ -361,16 +361,16 @@ typedef struct {
omac_state headeromac, ctomac;
} eax_state;
extern int eax_init(eax_state *eax, int cipher, const unsigned char *key, unsigned long keylen,
int eax_init(eax_state *eax, int cipher, const unsigned char *key, unsigned long keylen,
const unsigned char *nonce, unsigned long noncelen,
const unsigned char *header, unsigned long headerlen);
extern int eax_encrypt(eax_state *eax, const unsigned char *pt, unsigned char *ct, unsigned long length);
extern int eax_decrypt(eax_state *eax, const unsigned char *ct, unsigned char *pt, unsigned long length);
extern int eax_addheader(eax_state *eax, const unsigned char *header, unsigned long length);
extern int eax_done(eax_state *eax, unsigned char *tag, unsigned long *taglen);
int eax_encrypt(eax_state *eax, const unsigned char *pt, unsigned char *ct, unsigned long length);
int eax_decrypt(eax_state *eax, const unsigned char *ct, unsigned char *pt, unsigned long length);
int eax_addheader(eax_state *eax, const unsigned char *header, unsigned long length);
int eax_done(eax_state *eax, unsigned char *tag, unsigned long *taglen);
extern int eax_encrypt_authenticate_memory(int cipher,
int eax_encrypt_authenticate_memory(int cipher,
const unsigned char *key, unsigned long keylen,
const unsigned char *nonce, unsigned long noncelen,
const unsigned char *header, unsigned long headerlen,
@ -378,7 +378,7 @@ extern int eax_encrypt_authenticate_memory(int cipher,
unsigned char *ct,
unsigned char *tag, unsigned long *taglen);
extern int eax_decrypt_verify_memory(int cipher,
int eax_decrypt_verify_memory(int cipher,
const unsigned char *key, unsigned long keylen,
const unsigned char *nonce, unsigned long noncelen,
const unsigned char *header, unsigned long headerlen,
@ -387,7 +387,7 @@ extern int eax_decrypt_verify_memory(int cipher,
unsigned char *tag, unsigned long taglen,
int *res);
extern int eax_test(void);
int eax_test(void);
#endif /* EAX MODE */
#ifdef OCB_MODE
@ -405,30 +405,30 @@ typedef struct {
block_len; /* length of block */
} ocb_state;
extern int ocb_init(ocb_state *ocb, int cipher,
int ocb_init(ocb_state *ocb, int cipher,
const unsigned char *key, unsigned long keylen, const unsigned char *nonce);
extern int ocb_encrypt(ocb_state *ocb, const unsigned char *pt, unsigned char *ct);
extern int ocb_decrypt(ocb_state *ocb, const unsigned char *ct, unsigned char *pt);
int ocb_encrypt(ocb_state *ocb, const unsigned char *pt, unsigned char *ct);
int ocb_decrypt(ocb_state *ocb, const unsigned char *ct, unsigned char *pt);
extern int ocb_done_encrypt(ocb_state *ocb,
int ocb_done_encrypt(ocb_state *ocb,
const unsigned char *pt, unsigned long ptlen,
unsigned char *ct,
unsigned char *tag, unsigned long *taglen);
extern int ocb_done_decrypt(ocb_state *ocb,
int ocb_done_decrypt(ocb_state *ocb,
const unsigned char *ct, unsigned long ctlen,
unsigned char *pt,
const unsigned char *tag, unsigned long taglen, int *res);
extern int ocb_encrypt_authenticate_memory(int cipher,
int ocb_encrypt_authenticate_memory(int cipher,
const unsigned char *key, unsigned long keylen,
const unsigned char *nonce,
const unsigned char *pt, unsigned long ptlen,
unsigned char *ct,
unsigned char *tag, unsigned long *taglen);
extern int ocb_decrypt_verify_memory(int cipher,
int ocb_decrypt_verify_memory(int cipher,
const unsigned char *key, unsigned long keylen,
const unsigned char *nonce,
const unsigned char *ct, unsigned long ctlen,
@ -436,12 +436,12 @@ extern int ocb_decrypt_verify_memory(int cipher,
const unsigned char *tag, unsigned long taglen,
int *res);
extern int ocb_test(void);
int ocb_test(void);
/* internal functions */
extern void ocb_shift_xor(ocb_state *ocb, unsigned char *Z);
extern int ocb_ntz(unsigned long x);
extern int __ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
void ocb_shift_xor(ocb_state *ocb, unsigned char *Z);
int ocb_ntz(unsigned long x);
int __ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
unsigned char *ct, unsigned char *tag, unsigned long *taglen, int mode);
#endif /* OCB_MODE */

81
mycrypt_kr.h
View File

@ -1,81 +0,0 @@
#ifdef KR
#if !defined(MRSA) || !defined(MDH) || !defined(MECC)
#error "Keyring code requires all three public key algorithms."
#endif
#define MAXLEN 256
enum {
NON_KEY=0,
RSA_KEY,
DH_KEY,
ECC_KEY
};
typedef union {
rsa_key rsa;
dh_key dh;
ecc_key ecc;
} _pk_key;
typedef struct Pk_key {
int key_type, /* PUBLIC, PRIVATE, PRIVATE_OPTIMIZED */
system; /* RSA, ECC or DH ? */
unsigned char
name[MAXLEN], /* various info's about this key */
email[MAXLEN],
description[MAXLEN];
unsigned long ID; /* CRC32 of the name/email/description together */
_pk_key key;
struct Pk_key *next; /* linked list chain */
} pk_key;
extern int kr_init(pk_key **pk);
extern unsigned long kr_crc(const unsigned char *name, const unsigned char *email, const unsigned char *description);
extern pk_key *kr_find(pk_key *pk, unsigned long ID);
extern pk_key *kr_find_name(pk_key *pk, const char *name);
extern int kr_add(pk_key *pk, int key_type, int sys, const unsigned char *name,
const unsigned char *email, const unsigned char *description, const _pk_key *key);
extern int kr_del(pk_key **_pk, unsigned long ID);
extern int kr_clear(pk_key **pk);
extern int kr_make_key(pk_key *pk, prng_state *prng, int wprng,
int sys, int keysize, const unsigned char *name,
const unsigned char *email, const unsigned char *description);
extern int kr_export(pk_key *pk, unsigned long ID, int key_type, unsigned char *out, unsigned long *outlen);
extern int kr_import(pk_key *pk, const unsigned char *in, unsigned long inlen);
extern int kr_load(pk_key **pk, FILE *in, symmetric_CTR *ctr);
extern int kr_save(pk_key *pk, FILE *out, symmetric_CTR *ctr);
extern int kr_encrypt_key(pk_key *pk, unsigned long ID,
const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, int hash);
extern int kr_decrypt_key(pk_key *pk, const unsigned char *in,
unsigned char *out, unsigned long *outlen);
extern int kr_sign_hash(pk_key *pk, unsigned long ID,
const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng);
extern int kr_verify_hash(pk_key *pk, const unsigned char *in,
const unsigned char *hash, unsigned long hashlen,
int *stat);
extern int kr_fingerprint(pk_key *pk, unsigned long ID, int hash,
unsigned char *out, unsigned long *outlen);
#endif

14
mycrypt_misc.h
View File

@ -1,17 +1,17 @@
/* ---- BASE64 Routines ---- */
#ifdef BASE64
extern int base64_encode(const unsigned char *in, unsigned long len,
int base64_encode(const unsigned char *in, unsigned long len,
unsigned char *out, unsigned long *outlen);
extern int base64_decode(const unsigned char *in, unsigned long len,
int base64_decode(const unsigned char *in, unsigned long len,
unsigned char *out, unsigned long *outlen);
#endif
/* ---- MEM routines ---- */
extern void zeromem(void *dst, size_t len);
extern void burn_stack(unsigned long len);
void zeromem(void *dst, size_t len);
void burn_stack(unsigned long len);
extern const char *error_to_string(int err);
extern int mpi_to_ltc_error(int err);
const char *error_to_string(int err);
int mpi_to_ltc_error(int err);
extern const char *crypt_build_settings;
extern const char *crypt_build_settings;

78
mycrypt_pk.h
View File

@ -44,8 +44,8 @@
} \
}
extern int is_prime(mp_int *, int *);
extern int rand_prime(mp_int *N, long len, prng_state *prng, int wprng);
int is_prime(mp_int *, int *);
int rand_prime(mp_int *N, long len, prng_state *prng, int wprng);
#else
#ifdef MRSA
@ -72,8 +72,8 @@ extern int rand_prime(mp_int *N, long len, prng_state *prng, int wprng);
/* ---- PACKET ---- */
#ifdef PACKET
extern void packet_store_header(unsigned char *dst, int section, int subsection);
extern int packet_valid_header(unsigned char *src, int section, int subsection);
void packet_store_header(unsigned char *dst, int section, int subsection);
int packet_valid_header(unsigned char *src, int section, int subsection);
#endif
@ -93,16 +93,16 @@ typedef struct Rsa_key {
mp_int e, d, N, qP, pQ, dP, dQ, p, q;
} rsa_key;
extern int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key);
int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key);
extern int rsa_exptmod(const unsigned char *in, unsigned long inlen,
int rsa_exptmod(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen, int which,
prng_state *prng, int prng_idx,
rsa_key *key);
#ifdef RSA_TIMING
extern int tim_exptmod(prng_state *prng, int prng_idx,
int tim_exptmod(prng_state *prng, int prng_idx,
mp_int *c, mp_int *e, mp_int *d, mp_int *n, mp_int *m);
#else
@ -111,7 +111,7 @@ extern int tim_exptmod(prng_state *prng, int prng_idx,
#endif
extern void rsa_free(rsa_key *key);
void rsa_free(rsa_key *key);
int rsa_encrypt_key(const unsigned char *inkey, unsigned long inlen,
unsigned char *outkey, unsigned long *outlen,
@ -150,33 +150,33 @@ typedef struct Dh_key {
mp_int x, y;
} dh_key;
extern int dh_test(void);
extern void dh_sizes(int *low, int *high);
extern int dh_get_size(dh_key *key);
int dh_test(void);
void dh_sizes(int *low, int *high);
int dh_get_size(dh_key *key);
extern int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key);
extern void dh_free(dh_key *key);
int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key);
void dh_free(dh_key *key);
extern int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key);
extern int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key);
int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key);
int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key);
extern int dh_shared_secret(dh_key *private_key, dh_key *public_key,
int dh_shared_secret(dh_key *private_key, dh_key *public_key,
unsigned char *out, unsigned long *outlen);
extern int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen,
int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen,
unsigned char *out, unsigned long *len,
prng_state *prng, int wprng, int hash,
dh_key *key);
extern int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
unsigned char *outkey, unsigned long *keylen,
dh_key *key);
extern int dh_sign_hash(const unsigned char *in, unsigned long inlen,
int dh_sign_hash(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, dh_key *key);
extern int dh_verify_hash(const unsigned char *sig, unsigned long siglen,
int dh_verify_hash(const unsigned char *sig, unsigned long siglen,
const unsigned char *hash, unsigned long hashlen,
int *stat, dh_key *key);
@ -195,33 +195,33 @@ typedef struct {
mp_int k;
} ecc_key;
extern int ecc_test(void);
extern void ecc_sizes(int *low, int *high);
extern int ecc_get_size(ecc_key *key);
int ecc_test(void);
void ecc_sizes(int *low, int *high);
int ecc_get_size(ecc_key *key);
extern int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key);
extern void ecc_free(ecc_key *key);
int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key);
void ecc_free(ecc_key *key);
extern int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
extern int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
extern int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
unsigned char *out, unsigned long *outlen);
extern int ecc_encrypt_key(const unsigned char *inkey, unsigned long keylen,
int ecc_encrypt_key(const unsigned char *inkey, unsigned long keylen,
unsigned char *out, unsigned long *len,
prng_state *prng, int wprng, int hash,
ecc_key *key);
extern int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
unsigned char *outkey, unsigned long *keylen,
ecc_key *key);
extern int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, ecc_key *key);
extern int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
const unsigned char *hash, unsigned long hashlen,
int *stat, ecc_key *key);
#endif
@ -233,21 +233,21 @@ typedef struct {
mp_int g, q, p, x, y;
} dsa_key;
extern int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
extern void dsa_free(dsa_key *key);
int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
void dsa_free(dsa_key *key);
extern int dsa_sign_hash(const unsigned char *in, unsigned long inlen,
int dsa_sign_hash(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, dsa_key *key);
extern int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
const unsigned char *hash, unsigned long inlen,
int *stat, dsa_key *key);
extern int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key);
int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key);
extern int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key);
int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key);
extern int dsa_verify_key(dsa_key *key, int *stat);
int dsa_verify_key(dsa_key *key, int *stat);
#endif

42
mycrypt_prng.h
View File

@ -24,43 +24,43 @@ extern struct _prng_descriptor {
} prng_descriptor[];
#ifdef YARROW
extern int yarrow_start(prng_state *prng);
extern int yarrow_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng);
extern int yarrow_ready(prng_state *prng);
extern unsigned long yarrow_read(unsigned char *buf, unsigned long len, prng_state *prng);
extern const struct _prng_descriptor yarrow_desc;
int yarrow_start(prng_state *prng);
int yarrow_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng);
int yarrow_ready(prng_state *prng);
unsigned long yarrow_read(unsigned char *buf, unsigned long len, prng_state *prng);
extern const struct _prng_descriptor yarrow_desc;
#endif
#ifdef RC4
extern int rc4_start(prng_state *prng);
extern int rc4_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng);
extern int rc4_ready(prng_state *prng);
extern unsigned long rc4_read(unsigned char *buf, unsigned long len, prng_state *prng);
extern const struct _prng_descriptor rc4_desc;
int rc4_start(prng_state *prng);
int rc4_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng);
int rc4_ready(prng_state *prng);
unsigned long rc4_read(unsigned char *buf, unsigned long len, prng_state *prng);
extern const struct _prng_descriptor rc4_desc;
#endif
#ifdef SPRNG
extern int sprng_start(prng_state *prng);
extern int sprng_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng);
extern int sprng_ready(prng_state *prng);
extern unsigned long sprng_read(unsigned char *buf, unsigned long len, prng_state *prng);
extern const struct _prng_descriptor sprng_desc;
int sprng_start(prng_state *prng);
int sprng_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng);
int sprng_ready(prng_state *prng);
unsigned long sprng_read(unsigned char *buf, unsigned long len, prng_state *prng);
extern const struct _prng_descriptor sprng_desc;
#endif
extern int find_prng(const char *name);
extern int register_prng(const struct _prng_descriptor *prng);
extern int unregister_prng(const struct _prng_descriptor *prng);
extern int prng_is_valid(int idx);
int find_prng(const char *name);
int register_prng(const struct _prng_descriptor *prng);
int unregister_prng(const struct _prng_descriptor *prng);
int prng_is_valid(int idx);
/* Slow RNG you **might** be able to use to seed a PRNG with. Be careful as this
* might not work on all platforms as planned
*/
/* ch2-02-1 */
extern unsigned long rng_get_bytes(unsigned char *buf,
unsigned long rng_get_bytes(unsigned char *buf,
unsigned long len,
void (*callback)(void));
/* ch2-02-1 */
extern int rng_make_prng(int bits, int wprng, prng_state *prng, void (*callback)(void));
int rng_make_prng(int bits, int wprng, prng_state *prng, void (*callback)(void));

35
ocb_decrypt_verify_memory.c
View File

@ -23,8 +23,7 @@ int ocb_decrypt_verify_memory(int cipher,
int *res)
{
int err;
ocb_state ocb;
ocb_state *ocb;
_ARGCHK(key != NULL);
_ARGCHK(nonce != NULL);
@ -33,20 +32,34 @@ int ocb_decrypt_verify_memory(int cipher,
_ARGCHK(tag != NULL);
_ARGCHK(res != NULL);
if ((err = ocb_init(&ocb, cipher, key, keylen, nonce)) != CRYPT_OK) {
return err;
/* allocate memory */
ocb = XMALLOC(sizeof(ocb_state));
if (ocb == NULL) {
return CRYPT_MEM;
}
while (ctlen > (unsigned long)ocb.block_len) {
if ((err = ocb_decrypt(&ocb, ct, pt)) != CRYPT_OK) {
return err;
if ((err = ocb_init(ocb, cipher, key, keylen, nonce)) != CRYPT_OK) {
goto __ERR;
}
while (ctlen > (unsigned long)ocb->block_len) {
if ((err = ocb_decrypt(ocb, ct, pt)) != CRYPT_OK) {
goto __ERR;
}
ctlen -= ocb.block_len;
pt += ocb.block_len;
ct += ocb.block_len;
ctlen -= ocb->block_len;
pt += ocb->block_len;
ct += ocb->block_len;
}
return ocb_done_decrypt(&ocb, ct, ctlen, pt, tag, taglen, res);
err = ocb_done_decrypt(ocb, ct, ctlen, pt, tag, taglen, res);
__ERR:
#ifdef CLEAN_STACK
zeromem(ocb, sizeof(ocb_state));
#endif
XFREE(ocb);
return err;
}
#endif

21
ocb_done_decrypt.c
View File

@ -20,7 +20,7 @@ int ocb_done_decrypt(ocb_state *ocb,
const unsigned char *tag, unsigned long taglen, int *res)
{
int err;
unsigned char tagbuf[MAXBLOCKSIZE];
unsigned char *tagbuf;
unsigned long tagbuflen;
_ARGCHK(ocb != NULL);
@ -29,22 +29,33 @@ int ocb_done_decrypt(ocb_state *ocb,
_ARGCHK(tag != NULL);
_ARGCHK(res != NULL);
/* default to failed */
*res = 0;
tagbuflen = sizeof(tagbuf);
/* allocate memory */
tagbuf = XMALLOC(MAXBLOCKSIZE);
if (tagbuf == NULL) {
return CRYPT_MEM;
}
tagbuflen = MAXBLOCKSIZE;
if ((err = __ocb_done(ocb, ct, ctlen, pt, tagbuf, &tagbuflen, 1)) != CRYPT_OK) {
return err;
goto __ERR;
}
if (taglen <= tagbuflen && memcmp(tagbuf, tag, taglen) == 0) {
*res = 1;
}
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(tagbuf, sizeof(tagbuf));
zeromem(tagbuf, MAXBLOCKSIZE);
#endif
return CRYPT_OK;
XFREE(tagbuf);
return err;
}
#endif

34
ocb_encrypt_authenticate_memory.c
View File

@ -22,7 +22,7 @@ int ocb_encrypt_authenticate_memory(int cipher,
unsigned char *tag, unsigned long *taglen)
{
int err;
ocb_state ocb;
ocb_state *ocb;
_ARGCHK(key != NULL);
_ARGCHK(nonce != NULL);
@ -31,20 +31,34 @@ int ocb_encrypt_authenticate_memory(int cipher,
_ARGCHK(tag != NULL);
_ARGCHK(taglen != NULL);
if ((err = ocb_init(&ocb, cipher, key, keylen, nonce)) != CRYPT_OK) {
return err;
/* allocate ram */
ocb = XMALLOC(sizeof(ocb_state));
if (ocb == NULL) {
return CRYPT_MEM;
}
while (ptlen > (unsigned long)ocb.block_len) {
if ((err = ocb_encrypt(&ocb, pt, ct)) != CRYPT_OK) {
return err;
if ((err = ocb_init(ocb, cipher, key, keylen, nonce)) != CRYPT_OK) {
goto __ERR;
}
while (ptlen > (unsigned long)ocb->block_len) {
if ((err = ocb_encrypt(ocb, pt, ct)) != CRYPT_OK) {
goto __ERR;
}
ptlen -= ocb.block_len;
pt += ocb.block_len;
ct += ocb.block_len;
ptlen -= ocb->block_len;
pt += ocb->block_len;
ct += ocb->block_len;
}
return ocb_done_encrypt(&ocb, pt, ptlen, ct, tag, taglen);
err = ocb_done_encrypt(ocb, pt, ptlen, ct, tag, taglen);
__ERR:
#ifdef CLEAN_STACK
zeromem(ocb, sizeof(ocb_state));
#endif
XFREE(ocb);
return err;
}
#endif

4
ocb_init.c
View File

@ -73,7 +73,7 @@ int ocb_init(ocb_state *ocb, int cipher,
cipher_descriptor[cipher].ecb_encrypt(ocb->R, ocb->R, &ocb->key);
/* find Ls[i] = L << i for i == 0..31 */
memcpy(ocb->Ls[0], ocb->L, ocb->block_len);
XMEMCPY(ocb->Ls[0], ocb->L, ocb->block_len);
for (x = 1; x < 32; x++) {
m = ocb->Ls[x-1][0] >> 7;
for (y = 0; y < ocb->block_len-1; y++) {
@ -104,7 +104,7 @@ int ocb_init(ocb_state *ocb, int cipher,
}
/* set Li, checksum */
zeromem(ocb->Li, ocb->block_len);
zeromem(ocb->Li, ocb->block_len);
zeromem(ocb->checksum, ocb->block_len);
/* set other params */

2
ofb_getiv.c
View File

@ -21,7 +21,7 @@ int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb)
if ((unsigned long)ofb->blocklen > *len) {
return CRYPT_BUFFER_OVERFLOW;
}
memcpy(IV, ofb->IV, ofb->blocklen);
XMEMCPY(IV, ofb->IV, ofb->blocklen);
*len = ofb->blocklen;
return CRYPT_OK;

2
omac_init.c
View File

@ -59,7 +59,7 @@ int omac_init(omac_state *omac, int cipher, const unsigned char *key, unsigned l
/* copy up as require */
if (x == 0) {
memcpy(omac->Lu[1], omac->Lu[0], sizeof(omac->Lu[0]));
XMEMCPY(omac->Lu[1], omac->Lu[0], sizeof(omac->Lu[0]));
}
}

40
omac_memory.c
View File

@ -19,24 +19,38 @@ int omac_memory(int cipher,
unsigned char *out, unsigned long *outlen)
{
int err;
omac_state omac;
omac_state *omac;
_ARGCHK(key != NULL);
_ARGCHK(msg != NULL);
_ARGCHK(out != NULL);
_ARGCHK(key != NULL);
_ARGCHK(msg != NULL);
_ARGCHK(out != NULL);
_ARGCHK(outlen != NULL);
if ((err = omac_init(&omac, cipher, key, keylen)) != CRYPT_OK) {
return err;
}
if ((err = omac_process(&omac, msg, msglen)) != CRYPT_OK) {
return err;
}
if ((err = omac_done(&omac, out, outlen)) != CRYPT_OK) {
return err;
/* allocate ram for omac state */
omac = XMALLOC(sizeof(omac_state));
if (omac == NULL) {
return CRYPT_MEM;
}
return CRYPT_OK;
/* omac process the message */
if ((err = omac_init(omac, cipher, key, keylen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = omac_process(omac, msg, msglen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = omac_done(omac, out, outlen)) != CRYPT_OK) {
goto __ERR;
}
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(omac, sizeof(omac_state));
#endif
XFREE(omac);
return err;
}
#endif

2
omac_process.c
View File

@ -40,7 +40,7 @@ int omac_process(omac_state *state, const unsigned char *buf, unsigned long len)
/* add bytes */
n = MIN(len, (unsigned long)(state->blklen - state->buflen));
memcpy(state->block + state->buflen, buf, n);
XMEMCPY(state->block + state->buflen, buf, n);
state->buflen += n;
len -= n;
buf += n;

43
pkcs_1_mgf1.c
View File

@ -20,8 +20,8 @@ int pkcs_1_mgf1(const unsigned char *seed, unsigned long seedlen,
{
unsigned long hLen, counter, x;
int err;
hash_state md;
unsigned char buf[MAXBLOCKSIZE];
hash_state *md;
unsigned char *buf;
_ARGCHK(seed != NULL);
_ARGCHK(mask != NULL);
@ -34,6 +34,19 @@ int pkcs_1_mgf1(const unsigned char *seed, unsigned long seedlen,
/* get hash output size */
hLen = hash_descriptor[hash_idx].hashsize;
/* allocate memory */
md = XMALLOC(sizeof(hash_state));
buf = XMALLOC(hLen);
if (md == NULL || buf == NULL) {
if (md != NULL) {
XFREE(md);
}
if (buf != NULL) {
XFREE(buf);
}
return CRYPT_MEM;
}
/* start counter */
counter = 0;
@ -43,15 +56,15 @@ int pkcs_1_mgf1(const unsigned char *seed, unsigned long seedlen,
++counter;
/* get hash of seed || counter */
hash_descriptor[hash_idx].init(&md);
if ((err = hash_descriptor[hash_idx].process(&md, seed, seedlen)) != CRYPT_OK) {
return err;
hash_descriptor[hash_idx].init(md);
if ((err = hash_descriptor[hash_idx].process(md, seed, seedlen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].process(&md, buf, 4)) != CRYPT_OK) {
return err;
if ((err = hash_descriptor[hash_idx].process(md, buf, 4)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].done(&md, buf)) != CRYPT_OK) {
return err;
if ((err = hash_descriptor[hash_idx].done(md, buf)) != CRYPT_OK) {
goto __ERR;
}
/* store it */
@ -60,7 +73,17 @@ int pkcs_1_mgf1(const unsigned char *seed, unsigned long seedlen,
}
}
return CRYPT_OK;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(buf, hLen);
zeromem(md, sizeof(hash_state));
#endif
XFREE(buf);
XFREE(md);
return err;
}
#endif /* PKCS_1 */

67
pkcs_1_oaep_decode.c
View File

@ -20,7 +20,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
unsigned char *out, unsigned long *outlen,
int *res)
{
unsigned char DB[1024], seed[MAXBLOCKSIZE], mask[sizeof(DB)];
unsigned char *DB, *seed, *mask;
unsigned long hLen, x, y, modulus_len;
int err;
@ -39,9 +39,28 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
hLen = hash_descriptor[hash_idx].hashsize;
modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0);
/* allocate ram for DB/mask/salt of size modulus_len */
DB = XMALLOC(modulus_len);
mask = XMALLOC(modulus_len);
seed = XMALLOC(modulus_len);
if (DB == NULL || mask == NULL || seed == NULL) {
if (DB != NULL) {
XFREE(DB);
}
if (mask != NULL) {
XFREE(mask);
}
if (seed != NULL) {
XFREE(seed);
}
return CRYPT_MEM;
}
/* test message size */
if (modulus_len >= sizeof(DB) || msglen != modulus_len) {
return CRYPT_PK_INVALID_SIZE;
if (msglen != modulus_len) {
err = CRYPT_PK_INVALID_SIZE;
goto __ERR;
}
/* ok so it's now in the form
@ -54,7 +73,8 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
/* must have leading 0x00 byte */
if (msg[0] != 0x00) {
return CRYPT_OK;
err = CRYPT_OK;
goto __ERR;
}
/* now read the masked seed */
@ -69,7 +89,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
/* compute MGF1 of maskedDB (hLen) */
if ((err = pkcs_1_mgf1(DB, modulus_len - hLen - 1, hash_idx, mask, hLen)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* XOR against seed */
@ -79,7 +99,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
/* compute MGF1 of seed (k - hlen - 1) */
if ((err = pkcs_1_mgf1(seed, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* xor against DB */
@ -90,21 +110,22 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
/* now DB == lhash || PS || 0x01 || M, PS == k - mlen - 2hlen - 2 zeroes */
/* compute lhash and store it in seed [reuse temps!] */
x = sizeof(seed);
x = modulus_len;
if (lparam != NULL) {
if ((err = hash_memory(hash_idx, lparam, lparamlen, seed, &x)) != CRYPT_OK) {
return err;
goto __ERR;
}
} else {
/* can't pass hash_memory a NULL so use DB with zero length */
if ((err = hash_memory(hash_idx, DB, 0, seed, &x)) != CRYPT_OK) {
return err;
goto __ERR;
}
}
/* compare the lhash'es */
if (memcmp(seed, DB, hLen) != 0) {
return CRYPT_OK;
err = CRYPT_OK;
goto __ERR;
}
/* now zeroes before a 0x01 */
@ -114,12 +135,14 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
/* error out if wasn't 0x01 */
if (x == (modulus_len - hLen - 1) || DB[x] != 0x01) {
return CRYPT_OK;
err = CRYPT_OK;
goto __ERR;
}
/* rest is the message (and skip 0x01) */
if (msglen - ++x > *outlen) {
return CRYPT_BUFFER_OVERFLOW;
err = CRYPT_BUFFER_OVERFLOW;
goto __ERR;
}
/* copy message */
@ -128,16 +151,22 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
out[y++] = DB[x++];
}
#ifdef CLEAN_STACK
zeromem(DB, sizeof(DB));
zeromem(seed, sizeof(seed));
zeromem(mask, sizeof(mask));
#endif
/* valid packet */
*res = 1;
return CRYPT_OK;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(DB, modulus_len);
zeromem(seed, modulus_len);
zeromem(mask, modulus_len);
#endif
XFREE(seed);
XFREE(mask);
XFREE(DB);
return err;
}
#endif /* PKCS_1 */

57
pkcs_1_oaep_encode.c
View File

@ -20,7 +20,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen,
int prng_idx, int hash_idx,
unsigned char *out, unsigned long *outlen)
{
unsigned char DB[1024], seed[MAXBLOCKSIZE], mask[sizeof(DB)];
unsigned char *DB, *seed, *mask;
unsigned long hLen, x, y, modulus_len;
int err;
@ -41,22 +41,41 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen,
hLen = hash_descriptor[hash_idx].hashsize;
modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0);
/* allocate ram for DB/mask/salt of size modulus_len */
DB = XMALLOC(modulus_len);
mask = XMALLOC(modulus_len);
seed = XMALLOC(modulus_len);
if (DB == NULL || mask == NULL || seed == NULL) {
if (DB != NULL) {
XFREE(DB);
}
if (mask != NULL) {
XFREE(mask);
}
if (seed != NULL) {
XFREE(seed);
}
return CRYPT_MEM;
}
/* test message size */
if (modulus_len >= sizeof(DB) || msglen > (modulus_len - 2*hLen - 2)) {
return CRYPT_PK_INVALID_SIZE;
if (msglen > (modulus_len - 2*hLen - 2)) {
err = CRYPT_PK_INVALID_SIZE;
goto __ERR;
}
/* get lhash */
// DB == lhash || PS || 0x01 || M, PS == k - mlen - 2hlen - 2 zeroes
x = sizeof(DB);
x = modulus_len;
if (lparam != NULL) {
if ((err = hash_memory(hash_idx, lparam, lparamlen, DB, &x)) != CRYPT_OK) {
return err;
goto __ERR;
}
} else {
/* can't pass hash_memory a NULL so use DB with zero length */
if ((err = hash_memory(hash_idx, DB, 0, DB, &x)) != CRYPT_OK) {
return err;
goto __ERR;
}
}
@ -76,12 +95,13 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen,
/* now choose a random seed */
if (prng_descriptor[prng_idx].read(seed, hLen, prng) != hLen) {
return CRYPT_ERROR_READPRNG;
err = CRYPT_ERROR_READPRNG;
goto __ERR;
}
/* compute MGF1 of seed (k - hlen - 1) */
if ((err = pkcs_1_mgf1(seed, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* xor against DB */
@ -91,7 +111,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen,
/* compute MGF1 of maskedDB (hLen) */
if ((err = pkcs_1_mgf1(DB, modulus_len - hLen - 1, hash_idx, mask, hLen)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* XOR against seed */
@ -101,7 +121,8 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen,
/* create string of length modulus_len */
if (*outlen < modulus_len) {
return CRYPT_BUFFER_OVERFLOW;
err = CRYPT_BUFFER_OVERFLOW;
goto __ERR;
}
/* start output which is 0x00 || maskedSeed || maskedDB */
@ -114,14 +135,20 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen,
out[x++] = DB[y];
}
*outlen = x;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(DB, sizeof(DB));
zeromem(seed, sizeof(seed));
zeromem(mask, sizeof(mask));
zeromem(DB, modulus_len);
zeromem(seed, modulus_len);
zeromem(mask, modulus_len);
#endif
return CRYPT_OK;
XFREE(seed);
XFREE(mask);
XFREE(DB);
return err;
}
#endif /* PKCS_1 */

67
pkcs_1_pss_decode.c
View File

@ -19,7 +19,7 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
unsigned long saltlen, int hash_idx,
unsigned long modulus_bitlen, int *res)
{
unsigned char DB[1024], mask[sizeof(DB)], salt[sizeof(DB)], hash[sizeof(DB)];
unsigned char *DB, *mask, *salt, *hash;
unsigned long x, y, hLen, modulus_len;
int err;
hash_state md;
@ -38,15 +38,38 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
hLen = hash_descriptor[hash_idx].hashsize;
modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0);
/* allocate ram for DB/mask/salt/hash of size modulus_len */
DB = XMALLOC(modulus_len);
mask = XMALLOC(modulus_len);
salt = XMALLOC(modulus_len);
hash = XMALLOC(modulus_len);
if (DB == NULL || mask == NULL || salt == NULL || hash == NULL) {
if (DB != NULL) {
XFREE(DB);
}
if (mask != NULL) {
XFREE(mask);
}
if (salt != NULL) {
XFREE(salt);
}
if (hash != NULL) {
XFREE(hash);
}
return CRYPT_MEM;
}
/* check sizes */
if ((saltlen > sizeof(salt)) || (modulus_len > sizeof(DB)) ||
if ((saltlen > modulus_len) ||
(modulus_len < hLen + saltlen + 2) || (siglen != modulus_len)) {
return CRYPT_INVALID_ARG;
err = CRYPT_INVALID_ARG;
goto __ERR;
}
/* ensure the 0xBC byte */
if (sig[siglen-1] != 0xBC) {
return CRYPT_OK;
err = CRYPT_OK;
goto __ERR;
}
/* copy out the DB */
@ -61,12 +84,13 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
/* check the MSB */
if ((sig[0] & ~(0xFF >> ((modulus_len<<3) - (modulus_bitlen-1)))) != 0) {
return CRYPT_OK;
err = CRYPT_OK;
goto __ERR;
}
/* generate mask of length modulus_len - hLen - 1 from hash */
if ((err = pkcs_1_mgf1(hash, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* xor against DB */
@ -82,28 +106,30 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
/* check for zeroes and 0x01 */
for (x = 0; x < modulus_len - saltlen - hLen - 2; x++) {
if (DB[x] != 0x00) {
return CRYPT_OK;
err = CRYPT_OK;
goto __ERR;
}
}
if (DB[x++] != 0x01) {
return CRYPT_OK;
err = CRYPT_OK;
goto __ERR;
}
/* M = (eight) 0x00 || msghash || salt, mask = H(M) */
hash_descriptor[hash_idx].init(&md);
zeromem(mask, 8);
if ((err = hash_descriptor[hash_idx].process(&md, mask, 8)) != CRYPT_OK) {
return err;
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].process(&md, msghash, msghashlen)) != CRYPT_OK) {
return err;
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].process(&md, DB+x, saltlen)) != CRYPT_OK) {
return err;
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].done(&md, mask)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* mask == hash means valid signature */
@ -111,14 +137,21 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
*res = 1;
}
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(DB, sizeof(DB));
zeromem(mask, sizeof(mask));
zeromem(salt, sizeof(salt));
zeromem(hash, sizeof(hash));
zeromem(DB, modulus_len);
zeromem(mask, modulus_len);
zeromem(salt, modulus_len);
zeromem(hash, modulus_len);
#endif
return CRYPT_OK;
XFREE(hash);
XFREE(salt);
XFREE(mask);
XFREE(DB);
return err;
}
#endif /* PKCS_1 */

63
pkcs_1_pss_encode.c
View File

@ -20,7 +20,7 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen,
unsigned long modulus_bitlen,
unsigned char *out, unsigned long *outlen)
{
unsigned char DB[1024], mask[sizeof(DB)], salt[sizeof(DB)], hash[sizeof(DB)];
unsigned char *DB, *mask, *salt, *hash;
unsigned long x, y, hLen, modulus_len;
int err;
hash_state md;
@ -40,15 +40,39 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen,
hLen = hash_descriptor[hash_idx].hashsize;
modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0);
/* allocate ram for DB/mask/salt/hash of size modulus_len */
DB = XMALLOC(modulus_len);
mask = XMALLOC(modulus_len);
salt = XMALLOC(modulus_len);
hash = XMALLOC(modulus_len);
if (DB == NULL || mask == NULL || salt == NULL || hash == NULL) {
if (DB != NULL) {
XFREE(DB);
}
if (mask != NULL) {
XFREE(mask);
}
if (salt != NULL) {
XFREE(salt);
}
if (hash != NULL) {
XFREE(hash);
}
return CRYPT_MEM;
}
/* check sizes */
if ((saltlen > sizeof(salt)) || (modulus_len > sizeof(DB)) || (modulus_len < hLen + saltlen + 2)) {
return CRYPT_INVALID_ARG;
if ((saltlen > modulus_len) || (modulus_len < hLen + saltlen + 2)) {
err = CRYPT_INVALID_ARG;
goto __ERR;
}
/* generate random salt */
if (saltlen > 0) {
if (prng_descriptor[prng_idx].read(salt, saltlen, prng) != saltlen) {
return CRYPT_ERROR_READPRNG;
err = CRYPT_ERROR_READPRNG;
goto __ERR;
}
}
@ -56,16 +80,16 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen,
hash_descriptor[hash_idx].init(&md);
zeromem(DB, 8);
if ((err = hash_descriptor[hash_idx].process(&md, DB, 8)) != CRYPT_OK) {
return err;
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].process(&md, msghash, msghashlen)) != CRYPT_OK) {
return err;
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].process(&md, salt, saltlen)) != CRYPT_OK) {
return err;
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].done(&md, hash)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* generate DB = PS || 0x01 || salt, PS == modulus_len - saltlen - hLen - 2 zero bytes */
@ -79,7 +103,7 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen,
/* generate mask of length modulus_len - hLen - 1 from hash */
if ((err = pkcs_1_mgf1(hash, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
return err;
goto __ERR;
}
/* xor against DB */
@ -89,7 +113,8 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen,
/* output is DB || hash || 0xBC */
if (*outlen < modulus_len) {
return CRYPT_BUFFER_OVERFLOW;
err = CRYPT_BUFFER_OVERFLOW;
goto __ERR;
}
/* DB */
@ -108,15 +133,21 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen,
/* store output size */
*outlen = modulus_len;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(DB, sizeof(DB));
zeromem(mask, sizeof(mask));
zeromem(salt, sizeof(salt));
zeromem(hash, sizeof(hash));
zeromem(DB, modulus_len);
zeromem(mask, modulus_len);
zeromem(salt, modulus_len);
zeromem(hash, modulus_len);
#endif
return CRYPT_OK;
XFREE(hash);
XFREE(salt);
XFREE(mask);
XFREE(DB);
return err;
}
#endif /* PKCS_1 */

10
pkcs_1_v15_es_decode.c
View File

@ -28,13 +28,13 @@ int pkcs_1_v15_es_decode(const unsigned char *msg, unsigned long msglen,
/* default to failed */
*res = 0;
/* must be at least 12 bytes long */
if (msglen < 12) {
modulus_bytelen = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0);
/* must be at least modulus_bytelen bytes long */
if (msglen != modulus_bytelen) {
return CRYPT_INVALID_ARG;
}
modulus_bytelen = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0);
/* should start with 0x00 0x02 */
if (msg[0] != 0x00 || msg[1] != 0x02) {
return CRYPT_OK;
@ -52,7 +52,7 @@ int pkcs_1_v15_es_decode(const unsigned char *msg, unsigned long msglen,
if (x + outlen > modulus_bytelen) {
return CRYPT_PK_INVALID_SIZE;
}
memcpy(out, msg + x, outlen);
XMEMCPY(out, msg + x, outlen);
*res = 1;
return CRYPT_OK;
}

2
pkcs_1_v15_es_encode.c
View File

@ -46,7 +46,7 @@ int pkcs_1_v15_es_encode(const unsigned char *msg, unsigned long msglen,
}
x += y;
out[x++] = 0x00;
memcpy(out+x, msg, msglen);
XMEMCPY(out+x, msg, msglen);
*outlen = modulus_bytelen;
return CRYPT_OK;

46
pkcs_5_1.c
View File

@ -20,8 +20,8 @@ int pkcs_5_alg1(const unsigned char *password, unsigned long password_len,
{
int err;
unsigned long x;
hash_state md;
unsigned char buf[MAXBLOCKSIZE];
hash_state *md;
unsigned char *buf;
_ARGCHK(password != NULL);
_ARGCHK(salt != NULL);
@ -33,17 +33,36 @@ int pkcs_5_alg1(const unsigned char *password, unsigned long password_len,
return err;
}
/* allocate memory */
md = XMALLOC(sizeof(hash_state));
buf = XMALLOC(MAXBLOCKSIZE);
if (md == NULL || buf == NULL) {
if (md != NULL) {
XFREE(md);
}
if (buf != NULL) {
XFREE(buf);
}
return CRYPT_MEM;
}
/* hash initial password + salt */
hash_descriptor[hash_idx].init(&md);
hash_descriptor[hash_idx].process(&md, password, password_len);
hash_descriptor[hash_idx].process(&md, salt, 8);
hash_descriptor[hash_idx].done(&md, buf);
hash_descriptor[hash_idx].init(md);
if ((err = hash_descriptor[hash_idx].process(md, password, password_len)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].process(md, salt, 8)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hash_descriptor[hash_idx].done(md, buf)) != CRYPT_OK) {
goto __ERR;
}
while (--iteration_count) {
// code goes here.
x = sizeof(buf);
x = MAXBLOCKSIZE;
if ((err = hash_memory(hash_idx, buf, hash_descriptor[hash_idx].hashsize, buf, &x)) != CRYPT_OK) {
return err;
goto __ERR;
}
}
@ -52,12 +71,17 @@ int pkcs_5_alg1(const unsigned char *password, unsigned long password_len,
out[x] = buf[x];
}
*outlen = x;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
zeromem(buf, MAXBLOCKSIZE);
zeromem(md, sizeof(hash_state));
#endif
return CRYPT_OK;
XFREE(buf);
XFREE(md);
return err;
}
#endif

53
pkcs_5_2.c
View File

@ -20,8 +20,8 @@ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len,
{
int err, itts;
unsigned long stored, left, x, y, blkno;
unsigned char buf[2][MAXBLOCKSIZE];
hmac_state hmac;
unsigned char *buf[2];
hmac_state *hmac;
_ARGCHK(password != NULL);
_ARGCHK(salt != NULL);
@ -33,37 +33,51 @@ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len,
return err;
}
buf[0] = XMALLOC(MAXBLOCKSIZE * 2);
hmac = XMALLOC(sizeof(hmac_state));
if (hmac == NULL || buf[0] == NULL) {
if (hmac != NULL) {
XFREE(hmac);
}
if (buf[0] != NULL) {
XFREE(buf[0]);
}
return CRYPT_MEM;
}
/* buf[1] points to the second block of MAXBLOCKSIZE bytes */
buf[1] = buf[0] + MAXBLOCKSIZE;
left = *outlen;
blkno = 1;
stored = 0;
while (left != 0) {
/* process block number blkno */
zeromem(buf, sizeof(buf));
zeromem(buf, MAXBLOCKSIZE*2);
/* store current block number and increment for next pass */
STORE32H(blkno, buf[1]);
++blkno;
/* get PRF(P, S||int(blkno)) */
if ((err = hmac_init(&hmac, hash_idx, password, password_len)) != CRYPT_OK) {
return err;
if ((err = hmac_init(hmac, hash_idx, password, password_len)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hmac_process(&hmac, salt, salt_len)) != CRYPT_OK) {
return err;
if ((err = hmac_process(hmac, salt, salt_len)) != CRYPT_OK) {
goto __ERR;
}
if ((err = hmac_process(&hmac, buf[1], 4)) != CRYPT_OK) {
return err;
if ((err = hmac_process(hmac, buf[1], 4)) != CRYPT_OK) {
goto __ERR;
}
x = sizeof(buf[0]);
if ((err = hmac_done(&hmac, buf[0], &x)) != CRYPT_OK) {
return err;
x = MAXBLOCKSIZE;
if ((err = hmac_done(hmac, buf[0], &x)) != CRYPT_OK) {
goto __ERR;
}
/* now compute repeated and XOR it in buf[1] */
memcpy(buf[1], buf[0], x);
XMEMCPY(buf[1], buf[0], x);
for (itts = 2; itts < iteration_count; ++itts) {
if ((err = hmac_memory(hash_idx, password, password_len, buf[0], x, buf[0], &x)) != CRYPT_OK) {
return err;
goto __ERR;
}
for (y = 0; y < x; y++) {
buf[1][y] ^= buf[0][y];
@ -78,10 +92,17 @@ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len,
}
*outlen = stored;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
zeromem(buf[0], MAXBLOCKSIZE*2);
zeromem(hmac, sizeof(hmac_state));
#endif
return CRYPT_OK;
XFREE(hmac);
XFREE(buf[0]);
return err;
}
#endif

14
pmac_init.c
View File

@ -35,7 +35,7 @@ static const struct {
int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned long keylen)
{
int poly, x, y, m, err;
unsigned char L[MAXBLOCKSIZE];
unsigned char *L;
_ARGCHK(pmac != NULL);
_ARGCHK(key != NULL);
@ -61,12 +61,18 @@ int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned l
return err;
}
/* allocate L */
L = XMALLOC(pmac->block_len);
if (L == NULL) {
return CRYPT_MEM;
}
/* find L = E[0] */
zeromem(L, pmac->block_len);
cipher_descriptor[cipher].ecb_encrypt(L, L, &pmac->key);
/* find Ls[i] = L << i for i == 0..31 */
memcpy(pmac->Ls[0], L, pmac->block_len);
XMEMCPY(pmac->Ls[0], L, pmac->block_len);
for (x = 1; x < 32; x++) {
m = pmac->Ls[x-1][0] >> 7;
for (y = 0; y < pmac->block_len-1; y++) {
@ -105,9 +111,11 @@ int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned l
zeromem(pmac->checksum, sizeof(pmac->checksum));
#ifdef CLEAN_STACK
zeromem(L, sizeof(L));
zeromem(L, pmac->block_len);
#endif
XFREE(L);
return CRYPT_OK;
}

30
pmac_memory.c
View File

@ -20,25 +20,37 @@ int pmac_memory(int cipher,
unsigned char *out, unsigned long *outlen)
{
int err;
pmac_state pmac;
pmac_state *pmac;
_ARGCHK(key != NULL);
_ARGCHK(msg != NULL);
_ARGCHK(out != NULL);
_ARGCHK(outlen != NULL);
if ((err = pmac_init(&pmac, cipher, key, keylen)) != CRYPT_OK) {
return err;
/* allocate ram for pmac state */
pmac = XMALLOC(sizeof(pmac_state));
if (pmac == NULL) {
return CRYPT_MEM;
}
if ((err = pmac_process(&pmac, msg, msglen)) != CRYPT_OK) {
return err;
if ((err = pmac_init(pmac, cipher, key, keylen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = pmac_done(&pmac, out, outlen)) != CRYPT_OK) {
return err;
if ((err = pmac_process(pmac, msg, msglen)) != CRYPT_OK) {
goto __ERR;
}
if ((err = pmac_done(pmac, out, outlen)) != CRYPT_OK) {
goto __ERR;
}
return CRYPT_OK;
err = CRYPT_OK;
__ERR:
#ifdef CLEAN_STACK
zeromem(pmac, sizeof(pmac_state));
#endif
XFREE(pmac);
return err;
}
#endif

2
pmac_process.c
View File

@ -46,7 +46,7 @@ int pmac_process(pmac_state *state, const unsigned char *buf, unsigned long len)
/* add bytes */
n = MIN(len, (unsigned long)(state->block_len - state->buflen));
memcpy(state->block + state->buflen, buf, n);
XMEMCPY(state->block + state->buflen, buf, n);
state->buflen += n;
len -= n;
buf += n;

82
pretty.build Normal file
View File

@ -0,0 +1,82 @@
#!/bin/perl -w
#
# Cute little builder for perl
# Total waste of development time...
#
# This will build all the object files and then the archive .a file
# requires GCC, GNU make and a sense of humour.
#
# Tom St Denis
use strict;
my $count = 0;
my $starttime = time;
my $rate = 0;
print "Scanning for source files...\n";
foreach my $filename (glob "*.c") {
if (!($filename =~ "aes_tab.c")) {
if (!($filename =~ "twofish_tab.c")) {
if (!($filename =~ "whirltab.c")) {
if (!($filename =~ "sha224.c")) {
if (!($filename =~ "sha384.c")) {
if (!($filename =~ "dh_sys.c")) {
if (!($filename =~ "ecc_sys.c")) {
++$count;
}}}}}}}
}
print "Source files to build: $count\nBuilding...\n";
my $i = 0;
my $lines = 0;
my $filesbuilt = 0;
foreach my $filename (glob "*.c") {
if (!($filename =~ "aes_tab.c")) {
if (!($filename =~ "twofish_tab.c")) {
if (!($filename =~ "whirltab.c")) {
if (!($filename =~ "sha224.c")) {
if (!($filename =~ "sha384.c")) {
if (!($filename =~ "dh_sys.c")) {
if (!($filename =~ "ecc_sys.c")) {
printf("Building %3.2f%%, ", (++$i/$count)*100.0);
if ($i % 4 == 0) { print "/, "; }
if ($i % 4 == 1) { print "-, "; }
if ($i % 4 == 2) { print "\\, "; }
if ($i % 4 == 3) { print "|, "; }
if ($rate > 0) {
my $tleft = ($count - $i) / $rate;
my $tsec = $tleft%60;
my $tmin = ($tleft/60)%60;
my $thour = ($tleft/3600)%60;
printf("%2d:%02d:%02d left, ", $thour, $tmin, $tsec);
}
my $cnt = ($i/$count)*30.0;
my $x = 0;
print "[";
for (; $x < $cnt; $x++) { print "#"; }
for (; $x < 30; $x++) { print " "; }
print "]\r";
my $tmp = $filename;
$tmp =~ s/\.c/".o"/ge;
if (open(SRC, "<$tmp")) {
close SRC;
} else {
!system("make $tmp > /dev/null 2>/dev/null") or die "\nERROR: Failed to make $tmp!!!\n";
open( SRC, "<$filename" ) or die "Couldn't open $filename for reading: $!";
++$lines while (<SRC>);
close SRC or die "Error closing $filename after reading: $!";
++$filesbuilt;
}
# update timer
if (time != $starttime) {
my $delay = time - $starttime;
$rate = $i/$delay;
}
}}}}}}}
}
# finish building the library
printf("\nFinished building source (%d seconds, %3.2f files per second).\n", time - $starttime, $rate);
print "Compiled approximately $filesbuilt files and $lines lines of code.\n";
print "Doing final make (building archive...)\n";
!system("make > /dev/null 2>/dev/null") or die "\nERROR: Failed to perform last make command!!!\n";
print "done.\n";

2
rc4.c
View File

@ -56,7 +56,7 @@ int rc4_ready(prng_state *prng)
_ARGCHK(prng != NULL);
/* extract the key */
memcpy(key, prng->rc4.buf, 256);
XMEMCPY(key, prng->rc4.buf, 256);
keylen = prng->rc4.x;
/* make RC4 perm and shuffle */

2
rc5.c
View File

@ -81,7 +81,7 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
/* setup the S array */
t = (ulong32)(2 * (num_rounds + 1));
memcpy(S, stab, t * sizeof(*S));
XMEMCPY(S, stab, t * sizeof(*S));
/* mix buffer */
s = 3 * MAX(t, j);

2
rc6.c
View File

@ -71,7 +71,7 @@ int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
}
/* setup the S array */
memcpy(S, stab, 44 * sizeof(stab[0]));
XMEMCPY(S, stab, 44 * sizeof(stab[0]));
/* mix buffer */
s = 3 * MAX(44, j);

18
rsa_decrypt_key.c
View File

@ -23,6 +23,7 @@ int rsa_decrypt_key(const unsigned char *in, unsigned long inlen,
{
unsigned long modulus_bitlen, modulus_bytelen, x;
int err;
unsigned char *tmp;
_ARGCHK(outkey != NULL);
_ARGCHK(keylen != NULL);
@ -43,15 +44,24 @@ int rsa_decrypt_key(const unsigned char *in, unsigned long inlen,
return CRYPT_INVALID_PACKET;
}
/* allocate ram */
tmp = XMALLOC(inlen);
if (tmp == NULL) {
return CRYPT_MEM;
}
/* rsa decode the packet */
x = *keylen;
if ((err = rsa_exptmod(in, inlen, outkey, &x, PK_PRIVATE, prng, prng_idx, key)) != CRYPT_OK) {
x = inlen;
if ((err = rsa_exptmod(in, inlen, tmp, &x, PK_PRIVATE, prng, prng_idx, key)) != CRYPT_OK) {
XFREE(tmp);
return err;
}
/* now OAEP decode the packet */
return pkcs_1_oaep_decode(outkey, x, lparam, lparamlen, modulus_bitlen, hash_idx,
outkey, keylen, res);
err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
outkey, keylen, res);
XFREE(tmp);
return err;
}
#endif /* MRSA */

2
rsa_exptmod.c
View File

@ -28,10 +28,12 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen,
_ARGCHK(outlen != NULL);
_ARGCHK(key != NULL);
/* valid prng? */
if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
return err;
}
/* is the key of the right type for the operation? */
if (which == PK_PRIVATE && (key->type != PK_PRIVATE && key->type != PK_PRIVATE_OPTIMIZED)) {
return CRYPT_PK_NOT_PRIVATE;
}

49
rsa_make_key.c
View File

@ -65,40 +65,43 @@ int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key)
goto error;
}
if ((err = mp_set_int(&key->e, e)) != MP_OKAY) { goto error2; } /* key->e = e */
if ((err = mp_invmod(&key->e, &tmp1, &key->d)) != MP_OKAY) { goto error2; } /* key->d = 1/e mod lcm(p-1,q-1) */
if ((err = mp_mul(&p, &q, &key->N)) != MP_OKAY) { goto error2; } /* key->N = pq */
if ((err = mp_set_int(&key->e, e)) != MP_OKAY) { goto error2; } /* key->e = e */
if ((err = mp_invmod(&key->e, &tmp1, &key->d)) != MP_OKAY) { goto error2; } /* key->d = 1/e mod lcm(p-1,q-1) */
if ((err = mp_mul(&p, &q, &key->N)) != MP_OKAY) { goto error2; } /* key->N = pq */
/* optimize for CRT now */
/* find d mod q-1 and d mod p-1 */
if ((err = mp_sub_d(&p, 1, &tmp1)) != MP_OKAY) { goto error2; } /* tmp1 = q-1 */
if ((err = mp_sub_d(&q, 1, &tmp2)) != MP_OKAY) { goto error2; } /* tmp2 = p-1 */
if ((err = mp_sub_d(&p, 1, &tmp1)) != MP_OKAY) { goto error2; } /* tmp1 = q-1 */
if ((err = mp_sub_d(&q, 1, &tmp2)) != MP_OKAY) { goto error2; } /* tmp2 = p-1 */
if ((err = mp_mod(&key->d, &tmp1, &key->dP)) != MP_OKAY) { goto error2; } /* dP = d mod p-1 */
if ((err = mp_mod(&key->d, &tmp2, &key->dQ)) != MP_OKAY) { goto error2; } /* dQ = d mod q-1 */
if ((err = mp_mod(&key->d, &tmp1, &key->dP)) != MP_OKAY) { goto error2; } /* dP = d mod p-1 */
if ((err = mp_mod(&key->d, &tmp2, &key->dQ)) != MP_OKAY) { goto error2; } /* dQ = d mod q-1 */
if ((err = mp_invmod(&q, &p, &key->qP)) != MP_OKAY) { goto error2; } /* qP = 1/q mod p */
if ((err = mp_mulmod(&key->qP, &q, &key->N, &key->qP)) != MP_OKAY) { goto error2; } /* qP = q * (1/q mod p) mod N */
if ((err = mp_invmod(&q, &p, &key->qP)) != MP_OKAY) { goto error2; } /* qP = 1/q mod p */
if ((err = mp_mulmod(&key->qP, &q, &key->N, &key->qP)) != MP_OKAY) { goto error2; } /* qP = q * (1/q mod p) mod N */
if ((err = mp_invmod(&p, &q, &key->pQ)) != MP_OKAY) { goto error2; } /* pQ = 1/p mod q */
if ((err = mp_mulmod(&key->pQ, &p, &key->N, &key->pQ)) != MP_OKAY) { goto error2; } /* pQ = p * (1/p mod q) mod N */
if ((err = mp_invmod(&p, &q, &key->pQ)) != MP_OKAY) { goto error2; } /* pQ = 1/p mod q */
if ((err = mp_mulmod(&key->pQ, &p, &key->N, &key->pQ)) != MP_OKAY) { goto error2; } /* pQ = p * (1/p mod q) mod N */
if ((err = mp_copy(&p, &key->p)) != MP_OKAY) { goto error2; }
if ((err = mp_copy(&q, &key->q)) != MP_OKAY) { goto error2; }
if ((err = mp_copy(&p, &key->p)) != MP_OKAY) { goto error2; }
if ((err = mp_copy(&q, &key->q)) != MP_OKAY) { goto error2; }
/* shrink ram required */
if ((err = mp_shrink(&key->e)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->d)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->N)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->dQ)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->dP)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->qP)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->pQ)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->p)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->q)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->e)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->d)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->N)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->dQ)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->dP)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->qP)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->pQ)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->p)) != MP_OKAY) { goto error2; }
if ((err = mp_shrink(&key->q)) != MP_OKAY) { goto error2; }
err = CRYPT_OK;
/* set key type (in this case it's CRT optimized) */
key->type = PK_PRIVATE_OPTIMIZED;
/* return ok and free temps */
err = CRYPT_OK;
goto done;
error2:
mp_clear_multi(&key->d, &key->e, &key->N, &key->dQ, &key->dP,

2
rsa_verify_hash.c
View File

@ -48,7 +48,7 @@ int rsa_verify_hash(const unsigned char *sig, unsigned long siglen,
}
/* allocate temp buffer for decoded sig */
tmpbuf = XCALLOC(1, modulus_bytelen + 1);
tmpbuf = XMALLOC(siglen);
if (tmpbuf == NULL) {
return CRYPT_MEM;
}

32
s_ocb_done.c
View File

@ -25,7 +25,7 @@ int __ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
unsigned char *ct, unsigned char *tag, unsigned long *taglen, int mode)
{
unsigned char Z[MAXBLOCKSIZE], Y[MAXBLOCKSIZE], X[MAXBLOCKSIZE];
unsigned char *Z, *Y, *X;
int err, x;
_ARGCHK(ocb != NULL);
@ -41,9 +41,26 @@ int __ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
return CRYPT_INVALID_ARG;
}
/* allocate ram */
Z = XMALLOC(MAXBLOCKSIZE);
Y = XMALLOC(MAXBLOCKSIZE);
X = XMALLOC(MAXBLOCKSIZE);
if (X == NULL || Y == NULL || Z == NULL) {
if (X != NULL) {
XFREE(X);
}
if (Y != NULL) {
XFREE(Y);
}
if (Z != NULL) {
XFREE(Z);
}
return CRYPT_MEM;
}
/* compute X[m] = len(pt[m]) XOR Lr XOR Z[m] */
ocb_shift_xor(ocb, X);
memcpy(Z, X, ocb->block_len);
XMEMCPY(Z, X, ocb->block_len);
X[ocb->block_len-1] ^= (ptlen*8)&255;
X[ocb->block_len-2] ^= ((ptlen*8)>>8)&255;
@ -90,11 +107,16 @@ int __ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
*taglen = x;
#ifdef CLEAN_STACK
zeromem(X, sizeof(X));
zeromem(Y, sizeof(Y));
zeromem(Z, sizeof(Z));
zeromem(X, MAXBLOCKSIZE);
zeromem(Y, MAXBLOCKSIZE);
zeromem(Z, MAXBLOCKSIZE);
zeromem(ocb, sizeof(*ocb));
#endif
XFREE(X);
XFREE(Y);
XFREE(Z);
return CRYPT_OK;
}

2
sha224.c
View File

@ -50,7 +50,7 @@ int sha224_done(hash_state * md, unsigned char *hash)
int err;
err = sha256_done(md, buf);
memcpy(hash, buf, 28);
XMEMCPY(hash, buf, 28);
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
#endif

2
sha256.c
View File

@ -104,7 +104,7 @@ static void sha256_compress(hash_state * md, unsigned char *buf)
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],i);
t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4];
S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t;
}
}
#else
#define RND(a,b,c,d,e,f,g,h,i,ki) \
t0 = h + Sigma1(e) + Ch(e, f, g) + ki + W[i]; \

2
sha384.c
View File

@ -58,7 +58,7 @@ int sha384_done(hash_state * md, unsigned char *hash)
}
sha512_done(md, buf);
memcpy(hash, buf, 48);
XMEMCPY(hash, buf, 48);
#ifdef CLEAN_STACK
zeromem(buf, sizeof(buf));
#endif

6
tim_exptmod.c
View File

@ -34,13 +34,13 @@ int tim_exptmod(prng_state *prng, int prng_idx,
}
/* pick random r */
rtmp = XMALLOC(MAX_RSA_SIZE/8);
rlen = mp_unsigned_bin_size(n);
rtmp = XMALLOC(rlen);
if (rtmp == NULL) {
return CRYPT_MEM;
}
rlen = mp_unsigned_bin_size(n);
/* read in random value "r" */
if (prng_descriptor[prng_idx].read(rtmp, rlen, prng) != rlen) {
XFREE(rtmp);
return CRYPT_ERROR_READPRNG;