added libtomcrypt-1.14

2006-08-30 23:30:00 +00:00 · 2006-08-30 23:30:00 +00:00 · 479cc9c261
commit 479cc9c261
parent 1eed98f629
64 changed files with 240 additions and 124 deletions
--- a/2
+++ b/2
@ -23,7 +23,7 @@ PROJECT_NAME           = LibTomCrypt
 # This could be handy for archiving the generated documentation or 
 # if some version control system is used.
-PROJECT_NUMBER         = 1.13
+PROJECT_NUMBER         = 1.14
 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) 
 # base path where the generated documentation will be put. 
--- a/2
+++ b/2
@ -1,2 +1,4 @@
 - long term, start moving macros like CTR over to LTC_CTR to make LTC a bit more "drop-in-able".
 - F8 mode could use some LTC_FAST love
--- a/24
+++ b/24
@ -1,3 +1,23 @@
 August 0x1E, 0x07D6
 v1.14 -- Renamed the chaining mode macros from XXX to LTC_XXX_MODE.  Should help avoid polluting the macro name space.
      -- clean up of SHA-256
      -- Chris Colman pointed out that der_decode_sequence_* allows LTC_ASN1_SETOF to accept SEQUENCEs and vice versa.
         Decoder [non-flexi decoder that is] is more strict now and requires a match.
      -- Steffen Jaeckel pointed out a typo in the user manual (re: rsa_exptmod).  Fixed.  This disproves the notion that
         nobody reads it.  :-)
      -- Made GCM a bit more portable w.r.t. handling the CTR IV (e.g. & with 255)
      -- Add LTC_VERBOSE if you really want to see what test is doing :-)
      -- Added SSE2 support to GCM [use GCM_TABLES_SSE2 to enable], shaves 2 cycles per byte on Opteron processors
         Shaved 4 cycles on a Prescott (Intel P4)
         Requires you align your gcm_state on a 16 byte boundary, see gcm_memory() for more info
      -- Added missing prototype for f8_test_mode()
      -- two fixes to CCM for corner cases [L+noncelen > 15] and fixing the CTR pad to encrypt the CBC-MAC tag
      -- Franz Glasner pointed out the ARGTYPE=4 is not actually valid.  Fixed.
      -- Fixed bug in f8_start() if your key < saltkey unspecified behaviour occurs.  :-(
      -- Documented F8 mode.  Yeah, because you read the manual.  
      -- Minor updates to the technotes.
 June 17th, 2005
 v1.13 -- Fixed to fortuna_start() to clean up state if an error occurs.  Not really useful at this stage (sha256 can't fail) but useful
         if I ever make fortuna pluggable
@ -1464,6 +1484,6 @@ v0.02  -- Changed RC5 to only allow 12 to 24 rounds
 v0.01  -- We will call this the first version.
 /* $Source: /cvs/libtom/libtomcrypt/changes,v $ */
-/* $Revision: 1.213 $ */
+/* $Revision: 1.224 $ */
-/* $Date: 2006/06/18 01:42:59 $ */
+/* $Date: 2006/08/30 23:23:20 $ */
--- a/crypt.tex
+++ b/crypt.tex
@ -47,7 +47,7 @@
 \def\gap{\vspace{0.5ex}}
 \makeindex
 \begin{document}
-\title{LibTomCrypt \\ Version 1.13}
+\title{LibTomCrypt \\ Version 1.14}
 \author{Tom St Denis \\
 \\
 tomstdenis@gmail.com \\
@ -1007,6 +1007,55 @@ To terminate the LRW state use the following:
 int lrw_done(symmetric_LRW *lrw);
 \end{verbatim}
 \subsection{F8 Mode}
 \index{F8 Mode}
 The F8 Chaining mode (see RFC 3711 for instance) is yet another chaining mode for block ciphers.  It behaves much like CTR mode in that it XORs a keystream
 against the plaintext to encrypt.  F8 mode comes with the additional twist that the counter value is secret, encrypted by a \textit{salt key}.  We
 initialize F8 mode with the fuollowing function call:
 \index{f8\_start()}
 \begin{verbatim}
 int f8_start(                int  cipher, const unsigned char *IV, 
             const unsigned char *key,                    int  keylen, 
             const unsigned char *salt_key,               int  skeylen,
                             int  num_rounds,   symmetric_F8  *f8);
 \end{verbatim}
 This will start the F8 mode state using ``key'' as the secret key, ``IV'' as the counter.  It uses the ``salt\_key`` as IV encryption key (``m'' in the RFC 3711).
 The salt\_key can be shorter than the secret key but it should not be longer.  
 To encrypt or decrypt data we use the following two functions:
 \index{f8\_encrypt()} \index{f8\_decrypt()}
 \begin{verbatim}
 int f8_encrypt(const unsigned char *pt, unsigned char *ct, 
                     unsigned long  len, symmetric_F8 *f8);
 int f8_decrypt(const unsigned char *ct, unsigned char *pt, 
                     unsigned long  len, symmetric_F8 *f8);
 \end{verbatim}
 These will encrypt or decrypt a variable length array of bytes using the F8 mode state specified.  The length is specified in bytes and does not have to be a multiple 
 of the ciphers block size.
 To change or retrieve the current counter IV value use the following functions:
 \index{f8\_getiv()}
 \index{f8\_setiv()}
 \begin{verbatim}
 int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8);
 int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8);
 \end{verbatim}
 These work with the current IV value only and not the encrypted IV value specifed during the call to f8\_start().  The purpose of these two functions is to be
 able to seek within a current session only.  If you want to change the session IV you will have to call f8\_done() and then start a new state with
 f8\_start().
 To terminate an F8 state call the following function:
 \index{f8\_done()}
 \begin{verbatim}
 int f8_done(symmetric_F8 *f8);
 \end{verbatim}
 \vbox{}
 \section{Encrypt and Authenticate Modes}
 \subsection{EAX Mode}
@ -2719,8 +2768,7 @@ To do raw work with the RSA function call:
 \begin{verbatim}
 int rsa_exptmod(const unsigned char *in,   unsigned long inlen,
                      unsigned char *out,  unsigned long *outlen, 
-                      int which, prng_state *prng, int prng_idx,
+                      int which, rsa_key *key);
                      rsa_key *key);
 \end{verbatim}
 This loads the bignum from ``in'' as a big endian word in the format PKCS specifies, raises it to either ``e'' or ``d'' and stores the result
 in ``out'' and the size of the result in ``outlen''. ``which'' is set to {\bf PK\_PUBLIC} to use ``e'' 
@ -5241,5 +5289,5 @@ Since the function is given the entire RSA key (for private keys only) CRT is po
 \end{document}
 % $Source: /cvs/libtom/libtomcrypt/crypt.tex,v $   
-% $Revision: 1.74 $   
+% $Revision: 1.77 $   
-% $Date: 2006/06/18 01:35:41 $ 
+% $Date: 2006/08/30 23:23:20 $ 
--- a/demos/timing.c
+++ b/demos/timing.c
@ -16,13 +16,6 @@ reg_algs();
   extern ltc_math_descriptor EXT_MATH_LIB;
   ltc_mp = EXT_MATH_LIB;
 #endif
 time_cipher();
 time_hash();
 time_encmacs();
 time_rsa();
 time_ecc();
 time_ecc();
 return 0;
 time_keysched();
 time_cipher();
 time_cipher2();
--- a/doc/crypt.pdf
+++ b/doc/crypt.pdf
--- a/6
+++ b/6
@ -4,7 +4,7 @@
 # Modified by Clay Culver
 # The version
-VERSION=1.13
+VERSION=1.14
 # Compiler and Linker Names
 #CC=gcc
@ -367,5 +367,5 @@ zipup: no_oops docs
 # $Source: /cvs/libtom/libtomcrypt/makefile,v $ 
-# $Revision: 1.126 $ 
+# $Revision: 1.127 $ 
-# $Date: 2006/06/16 23:52:08 $ 
+# $Date: 2006/06/29 01:59:34 $ 
--- a/makefile.shared
+++ b/makefile.shared
@ -6,7 +6,7 @@
 # Tom St Denis
 # The version
-VERSION=0:113
+VERSION=0:114
 # Compiler and Linker Names
 CC=libtool --mode=compile --tag=CC gcc 
@ -265,5 +265,5 @@ timing: library testprof/$(LIBTEST) $(TIMINGS)
 	gcc -o $(TIMING) $(TIMINGS) -ltomcrypt_prof -ltomcrypt $(EXTRALIBS)
 # $Source: /cvs/libtom/libtomcrypt/makefile.shared,v $   
-# $Revision: 1.58 $   
+# $Revision: 1.59 $   
-# $Date: 2006/06/16 23:52:08 $ 
+# $Date: 2006/06/29 01:59:34 $ 
--- a/notes/tech0005.txt
+++ b/notes/tech0005.txt
@ -12,7 +12,7 @@ You can disable whole classes of algorithms on the command line with the LTC_NO_
 The following build with GCC 3.4.4 on an AMD64 box gets you AES, CTR mode, SHA-256, HMAC, Yarrow, full RSA PKCS #1, PKCS #5 and ASN.1 DER in 
 roughly 40KB of code (49KB on the ARMv4) (both excluding the math library).
-CFLAGS="-DLTC_NO_CIPHERS -DLTC_NO_HASHES -DLTC_NO_PRNGS -DLTC_NO_MACS -DLTC_NO_MODES -DLTC_NO_PK -DRIJNDAEL -DCTR -DSHA256 \
+CFLAGS="-DLTC_NO_CIPHERS -DLTC_NO_HASHES -DLTC_NO_PRNGS -DLTC_NO_MACS -DLTC_NO_MODES -DLTC_NO_PK -DRIJNDAEL -DLTC_CTR_MODE -DSHA256 \
 -DHMAC -DYARROW -DMRSA -DMPI -DTFM_DESC -DARGTYPE=3 -Os -DLTC_SMALL_CODE -fomit-frame-pointer" make IGNORE_SPEED=1
 Obviously this won't get you performance but if you need to pack a crypto lib in a device with limited means it's more than enough...
--- a/notes/tech0007.txt
+++ b/notes/tech0007.txt
@ -1,5 +1,5 @@
 Tech Note #7
 Quick building for testing with LTM
-EXTRALIBS=-ltommath CFLAGS="-g3 -DLTC_NO_ASM" make -j3 IGNORE_SPEED=1 test
+EXTRALIBS=-ltommath CFLAGS="-g3 -DLTC_NO_ASM -DUSE_LTM -DLTM_DESC" make -j3 IGNORE_SPEED=1 test
--- a/src/ciphers/aes/aes.c
+++ b/src/ciphers/aes/aes.c
@ -308,7 +308,6 @@ int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
    LOAD32H(s2, pt  +  8); s2 ^= rk[2];
    LOAD32H(s3, pt  + 12); s3 ^= rk[3];
 #ifdef LTC_SMALL_CODE
    for (r = 0; ; r++) {
--- a/src/encauth/ccm/ccm_memory.c
+++ b/src/encauth/ccm/ccm_memory.c
@ -117,6 +117,11 @@ int ccm_memory(int cipher,
      L = 15 - noncelen;
   }
   /* decrease noncelen to match L */
   if ((noncelen + L) > 15) {
      noncelen = 15 - L;
   }
   /* allocate mem for the symmetric key */
   if (uskey == NULL) {
      skey = XMALLOC(sizeof(*skey));
@ -308,8 +313,10 @@ int ccm_memory(int cipher,
      }
   }
-   /* setup CTR for the TAG */
+   /* setup CTR for the TAG (zero the count) */
-   ctr[14] = ctr[15] = 0x00;
+   for (y = 15; y > 15 - L; y--) {
      ctr[y] = 0x00;
   }
   if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) {
      goto error;
   }
--- a/src/encauth/gcm/gcm_memory.c
+++ b/src/encauth/gcm/gcm_memory.c
@ -43,6 +43,7 @@ int gcm_memory(      int           cipher,
                     unsigned char *tag,    unsigned long *taglen,
                               int direction)
 {
    void      *orig;
    gcm_state *gcm;
    int        err;
@ -63,11 +64,26 @@ int gcm_memory(      int           cipher,
    }
-    gcm = XMALLOC(sizeof(*gcm));
+
 #ifndef GCM_TABLES_SSE2
    orig = gcm = XMALLOC(sizeof(*gcm));
 #else
    orig = gcm = XMALLOC(sizeof(*gcm) + 16);
 #endif
    if (gcm == NULL) {
        return CRYPT_MEM;
    }
   /* Force GCM to be on a multiple of 16 so we can use 128-bit aligned operations
    * note that we only modify gcm and keep orig intact.  This code is not portable
    * but again it's only for SSE2 anyways, so who cares?
    */
 #ifdef GCM_TABLES_SSE2
   if ((unsigned long)gcm & 15) {
      gcm = (gcm_state *)((unsigned long)gcm + (16 - ((unsigned long)gcm & 15)));
   }
 #endif
    if ((err = gcm_init(gcm, cipher, key, keylen)) != CRYPT_OK) {
       goto LTC_ERR;
    }
@ -82,7 +98,7 @@ int gcm_memory(      int           cipher,
    }
    err = gcm_done(gcm, tag, taglen);
 LTC_ERR:
-    XFREE(gcm);
+    XFREE(orig);
    return err;
 }
 #endif
--- a/src/encauth/gcm/gcm_mult_h.c
+++ b/src/encauth/gcm/gcm_mult_h.c
@ -26,6 +26,13 @@ void gcm_mult_h(gcm_state *gcm, unsigned char *I)
   unsigned char T[16];
 #ifdef GCM_TABLES
   int x, y;
 #ifdef GCM_TABLES_SSE2
   asm("movdqa (%0),%%xmm0"::"r"(&gcm->PC[0][I[0]][0]));
   for (x = 1; x < 16; x++) {
      asm("pxor (%0),%%xmm0"::"r"(&gcm->PC[x][I[x]][0]));
   }
   asm("movdqa %%xmm0,(%0)"::"r"(&T));
 #else
   XMEMCPY(T, &gcm->PC[0][I[0]][0], 16);
   for (x = 1; x < 16; x++) {
 #ifdef LTC_FAST
@ -36,8 +43,9 @@ void gcm_mult_h(gcm_state *gcm, unsigned char *I)
       for (y = 0; y < 16; y++) {
           T[y] ^= gcm->PC[x][I[x]][y];
       }
-#endif
+#endif /* LTC_FAST */
   }
 #endif /* GCM_TABLES_SSE2 */
 #else     
   gcm_gf_mult(gcm->H, I, T); 
 #endif
--- a/src/encauth/gcm/gcm_process.c
+++ b/src/encauth/gcm/gcm_process.c
@ -59,7 +59,7 @@ int gcm_process(gcm_state *gcm,
      /* increment counter */
      for (y = 15; y >= 12; y--) {
-          if (++gcm->Y[y]) { break; }
+          if (++gcm->Y[y] & 255) { break; }
      }
      /* encrypt the counter */
      if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) {
@ -89,7 +89,7 @@ int gcm_process(gcm_state *gcm,
             gcm_mult_h(gcm, gcm->X);
             /* increment counter */
             for (y = 15; y >= 12; y--) {
-                 if (++gcm->Y[y]) { break; }
+                 if (++gcm->Y[y] & 255) { break; }
             }
             if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) {
                return err;
@ -107,7 +107,7 @@ int gcm_process(gcm_state *gcm,
             gcm_mult_h(gcm, gcm->X);
             /* increment counter */
             for (y = 15; y >= 12; y--) {
-                 if (++gcm->Y[y]) { break; }
+                 if (++gcm->Y[y] & 255) { break; }
             }
             if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) {
                return err;
@ -125,7 +125,7 @@ int gcm_process(gcm_state *gcm,
          /* increment counter */
          for (y = 15; y >= 12; y--) {
-              if (++gcm->Y[y]) { break; }
+              if (++gcm->Y[y] & 255) { break; }
          }
          if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) {
             return err;
--- a/src/hashes/sha2/sha256.c
+++ b/src/hashes/sha2/sha256.c
@ -37,7 +37,7 @@ const struct ltc_hash_descriptor sha256_desc =
 #ifdef LTC_SMALL_CODE
 /* the K array */
-static const unsigned long K[64] = {
+static const ulong32 K[64] = {
    0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
    0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
    0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
--- a/src/headers/tomcrypt.h
+++ b/src/headers/tomcrypt.h
@ -16,8 +16,8 @@ extern "C" {
 #endif
 /* version */
-#define CRYPT   0x0113
+#define CRYPT   0x0114
-#define SCRYPT  "1.13"
+#define SCRYPT  "1.14"
 /* max size of either a cipher/hash block or symmetric key [largest of the two] */
 #define MAXBLOCKSIZE  128
--- a/src/headers/tomcrypt_argchk.h
+++ b/src/headers/tomcrypt_argchk.h
@ -27,8 +27,8 @@ void crypt_argchk(char *v, char *s, int d);
 #elif ARGTYPE == 4
-#define LTC_ARGCHK(x)   return CRYPT_INVALID_ARG;
+#define LTC_ARGCHK(x)   if (!(x)) return CRYPT_INVALID_ARG;
-#define LTC_ARGCHKVD(x) return;
+#define LTC_ARGCHKVD(x) if (!(x)) return;
 #endif
--- a/src/headers/tomcrypt_cipher.h
+++ b/src/headers/tomcrypt_cipher.h
@ -167,7 +167,7 @@ typedef union Symmetric_key {
   void   *data;
 } symmetric_key;
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 /** A block cipher ECB structure */
 typedef struct {
   /** The index of the cipher chosen */
@ -179,7 +179,7 @@ typedef struct {
 } symmetric_ECB;
 #endif
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 /** A block cipher CFB structure */
 typedef struct {
   /** The index of the cipher chosen */
@ -197,7 +197,7 @@ typedef struct {
 } symmetric_CFB;
 #endif
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 /** A block cipher OFB structure */
 typedef struct {
   /** The index of the cipher chosen */
@ -213,7 +213,7 @@ typedef struct {
 } symmetric_OFB;
 #endif
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 /** A block cipher CBC structure */
 typedef struct {
   /** The index of the cipher chosen */
@ -228,7 +228,7 @@ typedef struct {
 #endif
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 /** A block cipher CTR structure */
 typedef struct {
   /** The index of the cipher chosen */
@ -249,7 +249,7 @@ typedef struct {
 #endif
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /** A LRW structure */
 typedef struct {
    /** The index of the cipher chosen (must be a 128-bit block cipher) */
@ -649,7 +649,7 @@ int anubis_keysize(int *keysize);
 extern const struct ltc_cipher_descriptor anubis_desc;
 #endif
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 int ecb_start(int cipher, const unsigned char *key, 
              int keylen, int num_rounds, symmetric_ECB *ecb);
 int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_ECB *ecb);
@ -657,7 +657,7 @@ int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 int ecb_done(symmetric_ECB *ecb);
 #endif
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key, 
              int keylen, int num_rounds, symmetric_CFB *cfb);
 int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb);
@ -667,7 +667,7 @@ int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb);
 int cfb_done(symmetric_CFB *cfb);
 #endif
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key, 
              int keylen, int num_rounds, symmetric_OFB *ofb);
 int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb);
@ -677,7 +677,7 @@ int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb);
 int ofb_done(symmetric_OFB *ofb);
 #endif
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key,
               int keylen, int num_rounds, symmetric_CBC *cbc);
 int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CBC *cbc);
@ -687,7 +687,7 @@ int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc);
 int cbc_done(symmetric_CBC *cbc);
 #endif
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 #define CTR_COUNTER_LITTLE_ENDIAN    0
 #define CTR_COUNTER_BIG_ENDIAN       1
@ -704,7 +704,7 @@ int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr);
 int ctr_done(symmetric_CTR *ctr);
 #endif
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 #define LRW_ENCRYPT 0
 #define LRW_DECRYPT 1
@ -736,6 +736,7 @@ int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, sy
 int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8);
 int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8);
 int f8_done(symmetric_F8 *f8);
 int f8_test_mode(void);
 #endif
--- a/src/headers/tomcrypt_custom.h
+++ b/src/headers/tomcrypt_custom.h
@ -45,9 +45,9 @@
   #define CAST5
   #define LTC_NO_MODES
-   #define ECB
+   #define LTC_ECB_MODE
-   #define CBC
+   #define LTC_CBC_MODE
-   #define CTR
+   #define LTC_CTR_MODE
   #define LTC_NO_HASHES
   #define SHA1
@ -55,7 +55,6 @@
   #define SHA384
   #define SHA256
   #define SHA224
   #define WHIRLPOOL
   #define LTC_NO_MACS
   #define HMAC
@ -73,8 +72,6 @@
   #define MECC
 #endif   
 /* Use small code where possible */
 /* #define LTC_SMALL_CODE */
@ -134,17 +131,17 @@
 /* ---> Block Cipher Modes of Operation <--- */
 #ifndef LTC_NO_MODES
-#define CFB
+#define LTC_CFB_MODE
-#define OFB
+#define LTC_OFB_MODE
-#define ECB
+#define LTC_ECB_MODE
-#define CBC
+#define LTC_CBC_MODE
-#define CTR
+#define LTC_CTR_MODE
 /* F8 chaining mode */
 #define LTC_F8_MODE
 /* LRW mode */
-#define LRW_MODE
+#define LTC_LRW_MODE
 #ifndef LTC_NO_TABLES
   /* like GCM mode this will enable 16 8x128 tables [64KB] that make
    * seeking very fast.  
@ -188,7 +185,7 @@
 /* ---> Encrypt + Authenticate Modes <--- */
 #define EAX_MODE
-#if defined(EAX_MODE) && !(defined(CTR) && defined(OMAC))
+#if defined(EAX_MODE) && !(defined(LTC_CTR_MODE) && defined(OMAC))
   #error EAX_MODE requires CTR and OMAC mode
 #endif
@ -201,6 +198,11 @@
   #define GCM_TABLES 
 #endif
 /* USE SSE2? requires GCC works on x86_32 and x86_64*/
 #ifdef GCM_TABLES
 /* #define GCM_TABLES_SSE2 */
 #endif
 #endif /* LTC_NO_MACS */
 /* Various tidbits of modern neatoness */
@ -215,8 +217,8 @@
 /* 0 = rijndael_enc 1 = aes_enc, 2 = rijndael [full], 3 = aes [full] */
 #define YARROW_AES 0
-#if defined(YARROW) && !defined(CTR)
+#if defined(YARROW) && !defined(LTC_CTR_MODE)
-   #error YARROW requires CTR chaining mode to be defined!
+   #error YARROW requires LTC_CTR_MODE chaining mode to be defined!
 #endif
 /* a PRNG that simply reads from an available system source */
--- a/src/headers/tomcrypt_mac.h
+++ b/src/headers/tomcrypt_mac.h
@ -98,7 +98,7 @@ void pmac_shift_xor(pmac_state *pmac);
 #ifdef EAX_MODE
-#if !(defined(OMAC) && defined(CTR))
+#if !(defined(OMAC) && defined(LTC_CTR_MODE))
   #error EAX_MODE requires OMAC and CTR
 #endif
@ -248,9 +248,12 @@ typedef struct {
                       pttotlen;     /* 64-bit counter for the PT */
 #ifdef GCM_TABLES
-   unsigned char       PC[16][256][16];  /* 16 tables of 8x128 */
+   unsigned char       PC[16][256][16]  /* 16 tables of 8x128 */
 #ifdef GCM_TABLES_SSE2
 __attribute__ ((aligned (16)))
 #endif
 ;
 #endif  
 } gcm_state;
 void gcm_mult_h(gcm_state *gcm, unsigned char *I);
--- a/src/mac/hmac/hmac_test.c
+++ b/src/mac/hmac/hmac_test.c
@ -55,7 +55,7 @@ int hmac_test(void)
        3. Test Cases for HMAC-SHA-1
        test_case =     1
-        key =           0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+        key =           0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
        key_len =       20
        data =          "Hi Ther     20
        digest =        0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04
--- a/src/misc/crypt/crypt.c
+++ b/src/misc/crypt/crypt.c
@ -153,19 +153,19 @@ const char *crypt_build_settings =
 #endif
    "\nBlock Chaining Modes:\n"
-#if defined(CFB)
+#if defined(LTC_CFB_MODE)
    "   CFB\n"
 #endif
-#if defined(OFB)
+#if defined(LTC_OFB_MODE)
    "   OFB\n"
 #endif
-#if defined(ECB)
+#if defined(LTC_ECB_MODE)
    "   ECB\n"
 #endif
-#if defined(CBC)
+#if defined(LTC_CBC_MODE)
    "   CBC\n"
 #endif
-#if defined(CTR)
+#if defined(LTC_CTR_MODE)
    "   CTR\n"
 #endif
 #if defined(LRW_MODE)
--- a/src/modes/cbc/cbc_decrypt.c
+++ b/src/modes/cbc/cbc_decrypt.c
@ -16,7 +16,7 @@
 */
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 /**
  CBC decrypt
--- a/src/modes/cbc/cbc_done.c
+++ b/src/modes/cbc/cbc_done.c
@ -15,7 +15,7 @@
   CBC implementation, finish chain, Tom St Denis
 */
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 /** Terminate the chain
  @param cbc    The CBC chain to terminate
--- a/src/modes/cbc/cbc_encrypt.c
+++ b/src/modes/cbc/cbc_encrypt.c
@ -16,7 +16,7 @@
 */
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 /**
  CBC encrypt
--- a/src/modes/cbc/cbc_getiv.c
+++ b/src/modes/cbc/cbc_getiv.c
@ -15,7 +15,7 @@
   CBC implementation, get IV, Tom St Denis
 */
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 /**
   Get the current initial vector
--- a/src/modes/cbc/cbc_setiv.c
+++ b/src/modes/cbc/cbc_setiv.c
@ -16,7 +16,7 @@
 */
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 /**
   Set an initial vector
--- a/src/modes/cbc/cbc_start.c
+++ b/src/modes/cbc/cbc_start.c
@ -15,7 +15,7 @@
   CBC implementation, start chain, Tom St Denis
 */
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 /**
   Initialize a CBC context
--- a/src/modes/cfb/cfb_decrypt.c
+++ b/src/modes/cfb/cfb_decrypt.c
@ -15,7 +15,7 @@
  CFB implementation, decrypt data, Tom St Denis
 */
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 /**
   CFB decrypt
--- a/src/modes/cfb/cfb_done.c
+++ b/src/modes/cfb/cfb_done.c
@ -15,7 +15,7 @@
   CFB implementation, finish chain, Tom St Denis
 */
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 /** Terminate the chain
  @param cfb    The CFB chain to terminate
--- a/src/modes/cfb/cfb_encrypt.c
+++ b/src/modes/cfb/cfb_encrypt.c
@ -15,7 +15,7 @@
  CFB implementation, encrypt data, Tom St Denis
 */
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 /**
  CFB encrypt
--- a/src/modes/cfb/cfb_getiv.c
+++ b/src/modes/cfb/cfb_getiv.c
@ -15,7 +15,7 @@
   CFB implementation, get IV, Tom St Denis
 */
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 /**
   Get the current initial vector
--- a/src/modes/cfb/cfb_setiv.c
+++ b/src/modes/cfb/cfb_setiv.c
@ -14,7 +14,8 @@
  @file cfb_setiv.c
  CFB implementation, set IV, Tom St Denis
 */  
-#ifdef CFB
+
 #ifdef LTC_CFB_MODE
 /**
   Set an initial vector
--- a/src/modes/cfb/cfb_start.c
+++ b/src/modes/cfb/cfb_start.c
@ -16,7 +16,7 @@
 */
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 /**
   Initialize a CFB context
--- a/src/modes/ctr/ctr_decrypt.c
+++ b/src/modes/ctr/ctr_decrypt.c
@ -15,7 +15,7 @@
  CTR implementation, decrypt data, Tom St Denis
 */
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 /**
   CTR decrypt
--- a/src/modes/ctr/ctr_done.c
+++ b/src/modes/ctr/ctr_done.c
@ -15,7 +15,7 @@
   CTR implementation, finish chain, Tom St Denis
 */
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 /** Terminate the chain
  @param ctr    The CTR chain to terminate
--- a/src/modes/ctr/ctr_encrypt.c
+++ b/src/modes/ctr/ctr_encrypt.c
@ -16,7 +16,7 @@
 */
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 /**
  CTR encrypt
--- a/src/modes/ctr/ctr_getiv.c
+++ b/src/modes/ctr/ctr_getiv.c
@ -15,7 +15,7 @@
   CTR implementation, get IV, Tom St Denis
 */
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 /**
   Get the current initial vector
--- a/src/modes/ctr/ctr_setiv.c
+++ b/src/modes/ctr/ctr_setiv.c
@ -15,7 +15,7 @@
  CTR implementation, set IV, Tom St Denis
 */
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 /**
   Set an initial vector
--- a/src/modes/ctr/ctr_start.c
+++ b/src/modes/ctr/ctr_start.c
@ -16,7 +16,7 @@
 */
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 /**
   Initialize a CTR context
--- a/src/modes/ecb/ecb_decrypt.c
+++ b/src/modes/ecb/ecb_decrypt.c
@ -15,7 +15,7 @@
  ECB implementation, decrypt a block, Tom St Denis
 */
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 /**
  ECB decrypt
--- a/src/modes/ecb/ecb_done.c
+++ b/src/modes/ecb/ecb_done.c
@ -15,7 +15,7 @@
   ECB implementation, finish chain, Tom St Denis
 */
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 /** Terminate the chain
  @param ecb    The ECB chain to terminate
--- a/src/modes/ecb/ecb_encrypt.c
+++ b/src/modes/ecb/ecb_encrypt.c
@ -15,7 +15,7 @@
  ECB implementation, encrypt a block, Tom St Denis
 */
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 /**
  ECB encrypt
--- a/src/modes/ecb/ecb_start.c
+++ b/src/modes/ecb/ecb_start.c
@ -16,7 +16,7 @@
 */
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 /**
   Initialize a ECB context
--- a/src/modes/f8/f8_start.c
+++ b/src/modes/f8/f8_start.c
@ -54,6 +54,7 @@ int f8_start(                int  cipher, const unsigned char *IV,
   f8->padlen   = f8->blocklen;
   /* now get key ^ salt_key [extend salt_ket with 0x55 as required to match length] */
   zeromem(tkey, sizeof(tkey));
   for (x = 0; x < keylen && x < (int)sizeof(tkey); x++) {
       tkey[x] = key[x];
   }
--- a/src/modes/lrw/lrw_decrypt.c
+++ b/src/modes/lrw/lrw_decrypt.c
@ -15,7 +15,7 @@
   LRW_MODE implementation, Decrypt blocks, Tom St Denis
 */
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /**
  LRW decrypt blocks
--- a/src/modes/lrw/lrw_done.c
+++ b/src/modes/lrw/lrw_done.c
@ -15,7 +15,7 @@
   LRW_MODE implementation, Free resources, Tom St Denis
 */
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /**
  Terminate a LRW state
--- a/src/modes/lrw/lrw_encrypt.c
+++ b/src/modes/lrw/lrw_encrypt.c
@ -15,7 +15,7 @@
   LRW_MODE implementation, Encrypt blocks, Tom St Denis
 */
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /**
  LRW encrypt blocks
--- a/src/modes/lrw/lrw_getiv.c
+++ b/src/modes/lrw/lrw_getiv.c
@ -15,7 +15,7 @@
   LRW_MODE implementation, Retrieve the current IV, Tom St Denis
 */
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /**
  Get the IV for LRW
--- a/src/modes/lrw/lrw_process.c
+++ b/src/modes/lrw/lrw_process.c
@ -15,7 +15,7 @@
   LRW_MODE implementation, Encrypt/decrypt blocks, Tom St Denis
 */
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /**
  Process blocks with LRW, since decrypt/encrypt are largely the same they share this code.
--- a/src/modes/lrw/lrw_setiv.c
+++ b/src/modes/lrw/lrw_setiv.c
@ -15,7 +15,7 @@
   LRW_MODE implementation, Set the current IV, Tom St Denis
 */
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /**
  Set the IV for LRW
--- a/src/modes/lrw/lrw_start.c
+++ b/src/modes/lrw/lrw_start.c
@ -15,7 +15,7 @@
   LRW_MODE implementation, start mode, Tom St Denis
 */
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /**
  Initialize the LRW context
--- a/src/modes/lrw/lrw_test.c
+++ b/src/modes/lrw/lrw_test.c
@ -15,7 +15,7 @@
   LRW_MODE implementation, test LRW, Tom St Denis
 */
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 /**
  Test LRW against specs
--- a/src/modes/ofb/ofb_decrypt.c
+++ b/src/modes/ofb/ofb_decrypt.c
@ -15,7 +15,7 @@
  OFB implementation, decrypt data, Tom St Denis
 */
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 /**
   OFB decrypt
--- a/src/modes/ofb/ofb_done.c
+++ b/src/modes/ofb/ofb_done.c
@ -15,7 +15,7 @@
   OFB implementation, finish chain, Tom St Denis
 */
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 /** Terminate the chain
  @param ofb    The OFB chain to terminate
--- a/src/modes/ofb/ofb_encrypt.c
+++ b/src/modes/ofb/ofb_encrypt.c
@ -15,7 +15,7 @@
  OFB implementation, encrypt data, Tom St Denis
 */
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 /**
  OFB encrypt
--- a/src/modes/ofb/ofb_getiv.c
+++ b/src/modes/ofb/ofb_getiv.c
@ -15,7 +15,7 @@
   OFB implementation, get IV, Tom St Denis
 */
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 /**
   Get the current initial vector
--- a/src/modes/ofb/ofb_setiv.c
+++ b/src/modes/ofb/ofb_setiv.c
@ -15,7 +15,7 @@
   OFB implementation, set IV, Tom St Denis
 */
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 /**
   Set an initial vector
--- a/src/modes/ofb/ofb_start.c
+++ b/src/modes/ofb/ofb_start.c
@ -16,7 +16,7 @@
 */
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 /**
   Initialize a OFB context
--- a/src/pk/asn1/der/sequence/der_decode_sequence_ex.c
+++ b/src/pk/asn1/der/sequence/der_decode_sequence_ex.c
@ -218,6 +218,12 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long  inlen,
           case LTC_ASN1_SETOF:
           case LTC_ASN1_SEQUENCE:
               /* detect if we have the right type */
               if ((type == LTC_ASN1_SETOF && (in[x] & 0x3F) != 0x31) || (type == LTC_ASN1_SEQUENCE && (in[x] & 0x3F) != 0x30)) {
                  err = CRYPT_INVALID_PACKET;
                  goto LBL_ERR;
               }
               z = inlen;
               if ((err = der_decode_sequence(in + x, z, data, size)) != CRYPT_OK) {
                  if (!ordered) { continue; }
--- a/testprof/modes_test.c
+++ b/testprof/modes_test.c
@ -5,16 +5,16 @@ int modes_test(void)
 {
   unsigned char pt[64], ct[64], tmp[64], key[16], iv[16], iv2[16];
   int cipher_idx;
-#ifdef CBC
+#ifdef LTC_CBC_MODE
   symmetric_CBC cbc;
 #endif
-#ifdef CFB
+#ifdef LTC_CFB_MODE
   symmetric_CFB cfb;
 #endif
-#ifdef OFB
+#ifdef LTC_OFB_MODE
   symmetric_OFB ofb;
 #endif
-#ifdef CTR
+#ifdef LTC_CTR_MODE
   symmetric_CTR ctr;
 #endif
   unsigned long l;
@ -35,11 +35,11 @@ int modes_test(void)
   DO(f8_test_mode());
 #endif   
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
   DO(lrw_test());
 #endif
-#ifdef CBC
+#ifdef LTC_CBC_MODE
   /* test CBC mode */
   /* encode the block */
   DO(cbc_start(cipher_idx, iv, key, 16, 0, &cbc));
@ -61,7 +61,7 @@ int modes_test(void)
   }
 #endif
-#ifdef CFB   
+#ifdef LTC_CFB_MODE
   /* test CFB mode */
   /* encode the block */
   DO(cfb_start(cipher_idx, iv, key, 16, 0, &cfb));
@ -84,7 +84,7 @@ int modes_test(void)
   }
 #endif
-#ifdef OFB
+#ifdef LTC_OFB_MODE
   /* test OFB mode */
   /* encode the block */
   DO(ofb_start(cipher_idx, iv, key, 16, 0, &ofb));
@ -106,7 +106,7 @@ int modes_test(void)
   }
 #endif
-#ifdef CTR   
+#ifdef LTC_CTR_MODE   
   /* test CTR mode */
   /* encode the block */
   DO(ctr_start(cipher_idx, iv, key, 16, 0, CTR_COUNTER_LITTLE_ENDIAN, &ctr));
--- a/testprof/tomcrypt_test.h
+++ b/testprof/tomcrypt_test.h
@ -18,7 +18,12 @@ typedef struct {
 extern prng_state yarrow_prng;
 void run_cmd(int res, int line, char *file, char *cmd);
-#define DO(x) { run_cmd((x), __LINE__, __FILE__, #x); }
+
 #ifdef LTC_VERBOSE
 #define DO(x) do { fprintf(stderr, "%s:\n", #x); run_cmd((x), __LINE__, __FILE__, #x); } while (0);
 #else
 #define DO(x) do { run_cmd((x), __LINE__, __FILE__, #x); } while (0);
 #endif
 /* TESTS */
 int cipher_hash_test(void);
--- a/testprof/x86_prof.c
+++ b/testprof/x86_prof.c
@ -347,7 +347,7 @@ int time_cipher(void)
   return 0;
 }
-#ifdef CBC 
+#ifdef LTC_CBC_MODE 
 int time_cipher2(void)
 {
  unsigned long x, y1;
@ -422,7 +422,7 @@ int time_cipher2(void)
 int time_cipher2(void) { fprintf(stderr, "NO CBC\n"); return 0; }
 #endif
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 int time_cipher3(void)
 {
  unsigned long x, y1;
@ -497,7 +497,7 @@ int time_cipher3(void)
 int time_cipher3(void) { fprintf(stderr, "NO CTR\n"); return 0; }
 #endif
-#ifdef LRW_MODE
+#ifdef LTC_LRW_MODE
 int time_cipher4(void)
 {
  unsigned long x, y1;
@ -1157,7 +1157,11 @@ void time_encmacs_(unsigned long MAC_SIZE)
   fprintf(stderr, "GCM (no-precomp)\t%9llu\n", t2/(ulong64)(MAC_SIZE*1024));
   {
-   gcm_state gcm;
+   gcm_state gcm
 #ifdef GCM_TABLES_SSE2
 __attribute__ ((aligned (16)))
 #endif
 ;
   if ((err = gcm_init(&gcm, cipher_idx, key, 16)) != CRYPT_OK) { fprintf(stderr, "gcm_init: %s\n", error_to_string(err)); exit(EXIT_FAILURE); }
   t2 = -1;
`@ -1,2 +1,4 @@`
	`- long term, start moving macros like CTR over to LTC_CTR to make LTC a bit more "drop-in-able".`	`- long term, start moving macros like CTR over to LTC_CTR to make LTC a bit more "drop-in-able".`
		`- F8 mode could use some LTC_FAST love`