added libtomcrypt-0.82

This commit is contained in:
Tom St Denis 2003-03-13 02:12:16 +00:00 committed by Steffen Jaeckel
parent 0f999a4e9e
commit 7d21325daa
34 changed files with 819 additions and 2159 deletions

View File

@ -1,4 +1,4 @@
/* The precompute tables for AES */
/* The precomputed tables for AES */
static const unsigned long ft_tab[4][256] = {
{0xa56363c6UL, 0x847c7cf8UL, 0x997777eeUL, 0x8d7b7bf6UL, 0x0df2f2ffUL,

10
bits.c
View File

@ -21,8 +21,14 @@ static unsigned long rng_nix(unsigned char *buf, unsigned long len,
return 0;
}
/* disable buffering */
if (setvbuf(f, NULL, _IONBF, 0) != 0) {
fclose(f);
return 0;
}
x = (unsigned long)fread(buf, 1, (size_t)len, f);
(void)fclose(f);
fclose(f);
return x;
#endif /* NO_FILE */
}
@ -172,7 +178,7 @@ int rng_make_prng(int bits, int wprng, prng_state *prng,
return err;
}
bits = ((bits/8)+((bits&7)==0x80?1:0)) * 2;
bits = ((bits/8)+((bits&7)!=0?1:0)) * 2;
if (rng_get_bytes(buf, (unsigned long)bits, callback) != (unsigned long)bits) {
return CRYPT_ERROR_READPRNG;
}

View File

@ -387,7 +387,7 @@ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
{
_blowfish_ecb_encrypt(pt, ct, key);
burn_stack(sizeof(unsigned long) * 2);
burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
}
#endif
@ -429,7 +429,7 @@ void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
{
_blowfish_ecb_decrypt(ct, pt, key);
burn_stack(sizeof(unsigned long) * 2);
burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
}
#endif

10
cbc.c
View File

@ -43,6 +43,11 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_CBC *cbc)
return err;
}
/* is blocklen valid? */
if (cbc->blocklen < 0 || cbc->blocklen > (int)sizeof(cbc->IV)) {
return CRYPT_INVALID_ARG;
}
/* xor IV against plaintext */
for (x = 0; x < cbc->blocklen; x++) {
tmp[x] = pt[x] ^ cbc->IV[x];
@ -77,6 +82,11 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_CBC *cbc)
}
cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key);
/* is blocklen valid? */
if (cbc->blocklen < 0 || cbc->blocklen > (int)sizeof(cbc->IV)) {
return CRYPT_INVALID_ARG;
}
/* xor IV against the plaintext of the previous step */
for (x = 0; x < cbc->blocklen; x++) {
/* copy CT in case ct == pt */

15
cfb.c
View File

@ -15,6 +15,7 @@ int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key,
return err;
}
/* copy data */
cfb->cipher = cipher;
cfb->blocklen = cipher_descriptor[cipher].block_length;
@ -44,6 +45,13 @@ int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
if ((err = cipher_is_valid(cfb->cipher)) != CRYPT_OK) {
return err;
}
/* is blocklen/padlen valid? */
if (cfb->blocklen < 0 || cfb->blocklen > (int)sizeof(cfb->IV) ||
cfb->padlen < 0 || cfb->padlen > (int)sizeof(cfb->pad)) {
return CRYPT_INVALID_ARG;
}
while (len-- > 0) {
if (cfb->padlen == cfb->blocklen) {
cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key);
@ -68,6 +76,13 @@ int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
if ((err = cipher_is_valid(cfb->cipher)) != CRYPT_OK) {
return err;
}
/* is blocklen/padlen valid? */
if (cfb->blocklen < 0 || cfb->blocklen > (int)sizeof(cfb->IV) ||
cfb->padlen < 0 || cfb->padlen > (int)sizeof(cfb->pad)) {
return CRYPT_INVALID_ARG;
}
while (len-- > 0) {
if (cfb->padlen == cfb->blocklen) {
cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key);

11
changes
View File

@ -1,3 +1,14 @@
Mar 15th, 2003
v0.82 -- Manual updated
-- Added MSVC makefile [back, actually its written from scratch to work with NMAKE]
-- Change to HMAC helper functions API to avoid buffer overflow [source changes]
-- the rsa_encrypt_key was supposed to reject key sizes out of bounds ...
same fix to the rsa_sign_hash
-- Added code to ensure that that chaining mode code (cfb/ofb/ctr/cbc) have valid
structures when being called. E.g. the indexes to the pad/ivs are not out of bounds
-- Cleaned up the DES code and simplified the core desfunc routine.
-- Simplified one of the boolean functions in MD4
Jan 16th, 2003
v0.81 -- Merged in new makefile from Clay Culver and Mike Frysinger
-- Sped up the ECC mulmod() routine by making the word size adapt to the input. Saves a whopping 9 point

View File

@ -1,18 +0,0 @@
How to use the config.pl script
-------------------------------
The configuration script "config.pl" is very simple to use. It is designed to prompt the user for
all the valid libtomcrypt build options then make "makefile.out" and "mycrypt_custom.h". In order to
run the script you need Perl installed.
After running the script you can build the library two ways.
1) Use the makefile.out it generates. Simply type "make -f makefile.out" to build the library.
2) Add the libtomcrypt source files to your project. You have to make sure HAVE_CUSTOM is defined when you
build the source files. You have to copy "mycrypt_custom.h" into the your projects include path.
You should copy the library and header files to their respective global search paths.
To use the library with this system you need only include "mycrypt_custom.h" in your application. It will
include the required header files.

BIN
crypt.pdf

Binary file not shown.

149
crypt.tex
View File

@ -1,6 +1,10 @@
\documentclass{book}
\usepackage{makeidx}
\usepackage{amssymb}
\usepackage{color}
\usepackage{alltt}
\usepackage{graphicx}
\usepackage{layout}
\def\union{\cup}
\def\intersect{\cap}
\def\getsrandom{\stackrel{\rm R}{\gets}}
@ -44,12 +48,12 @@
\def\gap{\vspace{0.5ex}}
\makeindex
\begin{document}
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.80}
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.82}
\author{Tom St Denis \\
Algonquin College \\
\\
tomstdenis@yahoo.com \\
http://libtomcrypt.iahu.ca \\ \\
tomstdenis@iahu.ca \\
http://libtomcrypt.org \\ \\
Phone: 1-613-836-3160\\
111 Banning Rd \\
Kanata, Ontario \\
@ -66,10 +70,14 @@ pseudo-random number generators, public key cryptography (via RSA,DH or ECC/DH)
routines. It is designed to compile out of the box with the GNU C Compiler (GCC) version 2.95.3 (and higher)
and with MSVC version 6 in win32.
The library has been successfully tested on quite a few other platforms ranging from the ARM7TDMI in a
Gameboy Advanced to various PowerPC processors and even the MIPS processor in the PlayStation 2. Suffice it
to say the code is portable.
The library is designed so new ciphers/hashes/PRNGs can be added at runtime and the existing API (and helper API functions) will
be able to use the new designs automatically. There exist self-check functions for each cipher and hash to ensure that
they compile and execute to the published design specifications. The library also performs extensive parameter error checking
and will give verbose error messages.
and will give verbose error messages when possible.
Essentially the library saves the time of having to implement the ciphers, hashes, prngs yourself. Typically implementing
useful cryptography is an error prone business which means anything that can save considerable time and effort is a good
@ -89,11 +97,11 @@ number theory and cryptography.
\subsection{What the library IS NOT for?}
The library is not designed to be in anyway an implementation of the SSL, PKCS or OpenPGP standards. The library is not
designed to be compliant with any known form of API or programming hierarchy. It is not a port of any other
The library is not designed to be in anyway an implementation of the SSL, PKCS, P1363 or OpenPGP standards. The library
is not designed to be compliant with any known form of API or programming hierarchy. It is not a port of any other
library and it is not platform specific (like the MS CSP). So if you're looking to drop in some buzzword
compliant crypto this library is not for you. The library has been written from scratch to provide basic
functions as well as non-standard higher level functions.
compliant crypto library this is not for you. The library has been written from scratch to provide basic functions as
well as non-standard higher level functions.
This is not to say that the library is a ``homebrew'' project. All of the symmetric ciphers and one-way hash functions
conform to published test vectors. The public key functions are derived from publicly available material and the majority
@ -101,8 +109,11 @@ of the code has been reviewed by a growing community of developers.
\subsubsection{Why not?}
You may be asking why I didn't choose to go all out and support standards like P1363, PKCS and the whole lot. The reason
is quite simple too much money gets in the way. I just recently tried to access the P1363 draft documents and was denied (it
requires a password). If people are supposed to support these standards they had better make them more accessible.
is quite simple too much money gets in the way. When I tried to access the P1363 draft documents and was denied (it
requires a password) I realized that they're just a business anyways. See what happens is a company will sit down and
invent a ``standard''. Then they try to sell it to as many people as they can. All of a sudden this ``standard'' is
everywhere. Then the standard is updated every so often to keep people dependent. Then you become RSA. If people are
supposed to support these standards they had better make them more accessible.
\section{Why did I write it?}
You may be wondering, ``Tom, why did you write a crypto library. I already have one.''. Well the reason falls into
@ -122,6 +133,29 @@ know how to use Safer+ or RC6 or Serpent or ... as well. With all of the core f
that can be used to make a program automatically pick between ciphers, hashes and PRNGs at runtime. That means your
application can support all ciphers/hashes/prngs without changing the source code.
\subsection{Modular}
The LibTomCrypt package has also been written to be very modular. The block ciphers, one-way hashes and
pseudo-random number generators (PRNG) are all used within the API through ``descriptor'' tables which
are essentially structures with pointers to functions. While you can still call particular functions
directly (\textit{e.g. sha256\_process()}) this descriptor interface allows the developer to customize their
usage of the library.
For example, consider a hardware platform with a specialized RNG device. Obviously one would like to tap
that for the PRNG needs within the library (\textit{e.g. making a RSA key}). All the developer has todo
is write a descriptor and the few support routines required for the device. After that the rest of the
API can make use of it without change. Similiarly imagine a few years down the road when AES2 (\textit{or whatever they call it}) is
invented. It can be added to the library and used within applications with zero modifications to the
end applications provided they are written properly.
This flexibility within the library means it can be used with any combination of primitive algorithms and
unlike libraries like OpenSSL is not tied to direct routines. For instance, in OpenSSL there are CBC block
mode routines for every single cipher. That means every time you add or remove a cipher from the library
you have to update the associated support code as well. In LibTomCrypt the associated code (\textit{chaining modes in this case})
are not directly tied to the ciphers. That is a new cipher can be added to the library by simply providing
the key setup, ECB decrypt and encrypt and test vector routines. After that all five chaining mode routines
can make use of the cipher right away.
\section{License}
All of the source code except for the following files have been written by the author or donated to the project
@ -129,21 +163,24 @@ under the TDCAL license:
\begin{enumerate}
\item aes.c
\item mpi.c
\item rc2.c
\item serpent.c
\item safer.c
\end{enumerate}
``aes.c'' and ``serpent.c'' were written by Brian Gladman (gladman@seven77.demon.co.uk). They are copyrighted works
but were both granted unrestricted usage in any project (commercial or otherwise). ``mpi.c'' was written by Michael
Fromberger (sting@linguist.dartmouth.edu). Similarly it is copyrighted work but is free for all purposes.
but were both granted unrestricted usage in any project (commercial or otherwise). ``mpi.c'' was originally written
by Michael Fromberger (sting@linguist.dartmouth.edu) but has since been replaced with my LibTomMath library.
``rc2.c'' is based on publicly available code that is not attributed to a person from the given source. ``safer.c''
was written by Richard De Moliner (demoliner@isi.ee.ethz.ch) and is public domain.
The rest of the code was written either by Tom St Denis or contributed to the project under the ``Tom Doesn't Care
About Licenses'' (TDCAL) license. Essentially this license grants the user unlimited distribution and usage (including
commercial usage). I assume no risk from usage of the code nor do I guarantee it works as desired or stated.
commercial usage). This means that you can use the package, you can re-distribute the package and even branch it. I
still retain ownership over the name of the package. If you want to branch the project you can use the code as a base
but you must change the name. The package is also royalty free which means you can use it in commercial products
without compensation towards the author. I assume no risk from usage of the code nor do I guarantee it works as
desired or stated.
\section{Patent Disclosure}
@ -163,19 +200,16 @@ file ``libtomcrypt.a''.
To install the library copy all of the ``.h'' files into your ``\#include'' path and the single libtomcrypt.a file into
your library path.
With MSVC you can build the library with ``make -f makefile.vc''. You must use GNU make to build it even with MSVC
due to the limitations of the MS MAKE.
With MSVC you can build the library with ``nmake -f makefile.msvc''. This will produce a ``tomcrypt.lib'' file which
is the core library. Copy the header files into your MSVC include path and the library in the lib path (typically
under where VC98 is installed).
\section{Building against the library}
To build an application against the library you obviously must first compile the library. However, an important
step is that the build options you use to build the library must be present when you build your application. For
instance if ``RC5'' is defined in the makefile when you built the library then you must ensure ``RC5'' is defined when
you build your application.
The simplest way to work with this library is to take the makefile provided and simply add on your project to it as a
target (dependent on the library). That way you can be assured that the library and your application are in sync with
the build options you provide.
In the recent versions the build steps have changed. The build options are now stored in ``mycrypt\_custom.h'' and
no longer in the makefile. If you change a build option in that file you must re-build the library from clean to
ensure the build is intact. The perl script ``config.pl'' will help setup the custom header and a custom makefile
if you want one (the provided ``makefile'' will work with custom configs).
\section{Thanks}
I would like to give thanks to the following people (in no particular order) for helping me develop this project:
@ -806,7 +840,7 @@ int main(void)
/* add the message */
md5_process(&md, in, strlen(in));
/* get the hash */
/* get the hash in out[0..15] */
md5_done(&md, out);
return 0;
@ -898,11 +932,12 @@ int hash_filehandle(int hash, FILE *in,
unsigned char *dst, unsigned long *outlen);
\end{verbatim}
Both functions return {\bf CRYPT\_OK} on success, otherwise they return an error code. The ``hash'' parameter is
All three functions return {\bf CRYPT\_OK} on success, otherwise they return an error code. The ``hash'' parameter is
the location in the descriptor table of the hash. The ``*outlen'' variable is used to keep track of the output size. You
must set it to the size of your output buffer before calling the functions. When they complete succesfully they store
the length of the message digest back in it. The functions are otherwise straightforward. The ``hash\_filehandle'' function
assumes that ``in'' is an file handle opened in binary mode. It will not reset the file position after hashing the content.
the length of the message digest back in it. The functions are otherwise straightforward. The ``hash\_filehandle''
function assumes that ``in'' is an file handle opened in binary mode. It will not reset the file position after
hashing the content.
To perform the above hash with md5 the following code could be used:
\begin{small}
@ -992,23 +1027,29 @@ are finished with the HMAC process you must call the following function to get t
int hmac_done(hmac_state *hmac, unsigned char *hash);
\end{verbatim}
``hmac'' is the HMAC state you are working with. ``hash'' is the array of octets where the HMAC code should be stored. You
must ensure that your destination array is the right size (or just make it of size MAXBLOCKSIZE to be sure). There are
two utility functions provided to make using HMACs easier todo.
must ensure that your destination array is the right size (or just make it of size MAXBLOCKSIZE to be sure).
There are two utility functions provided to make using HMACs easier todo. They accept the key and information about the
message (file pointer, address in memory) and produce the HMAC result in one shot. These are useful if you want to avoid
calling the three step process yourself.
\begin{verbatim}
int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
const unsigned char *data, unsigned long len,
unsigned char *dst);
unsigned char *dst, unsigned long *dstlen);
\end{verbatim}
This will produce an HMAC code for the array of octets in ``data'' of length ``len''. The index into the hash descriptor table must be provided in ``hash''
It uses the key from ``key'' with a key length of ``keylen''. The result is stored in the array of octets``dst''.
Similarly for files there is the following function:
This will produce an HMAC code for the array of octets in ``data'' of length ``len''. The index into the hash descriptor
table must be provided in ``hash'' it uses the key from ``key'' with a key length of ``keylen''.
The result is stored in the array of octets ``dst'' and the length in ``dstlen''. Similarly for files there is the
following function:
\begin{verbatim}
int hmac_file(int hash, const char *fname, const unsigned char *key,
unsigned long keylen, unsigned char *dst);
unsigned long keylen,
unsigned char *dst, unsigned long *dstlen);
\end{verbatim}
``hash'' is the index into the hash descriptor table of the hash you want to use. ``fname'' is the filename to process. ``key''
is the array of octets to use as the key. ``keylen'' is the length of the key. ``dst'' is the array of octets where the result
should be stored.
is the array of octets to use as the key. ``keylen'' is the length of the key. ``dst'' is the array of octets where the
result should be stored.
To test if the HMAC code is working there is the following function:
\begin{verbatim}
@ -2046,12 +2087,12 @@ int base64_decode(const unsigned char *in, unsigned long len,
\end{verbatim}
\section{The Multiple Precision Integer Library (MPI)}
The library comes with a copy of Michael Fromberger's\footnote{Michael J. Fromberger, sting@linguist.Thayer.dartmouth.edu} multiple
precision integer library MPI. MPI is a trivial to use ANSI C compatible large integer library. It is free for all uses and
is distributed freely.
The library comes with a copy of LibTomMath which is a multiple precision integer library written by the
author of LibTomCrypt. LibTomMath is a trivial to use ANSI C compatible large integer library which is free
for all uses and is distributed freely.
At the heart of all MPI functions is the data type ``mp\_int'' (defined in mpi.h). This data type is what will hold all large
integers. In order to use an mp\_int one must initialize it first, for example:
At the heart of all the functions is the data type ``mp\_int'' (defined in tommath.h). This data type is what
will hold all large integers. In order to use an mp\_int one must initialize it first, for example:
\begin{verbatim}
#include <mycrypt.h> /* mycrypt.h includes mpi.h automatically */
int main(void)
@ -2065,31 +2106,28 @@ int main(void)
}
\end{verbatim}
If you are unfamiliar with the syntax of C the \& symbol is used to pass the address of ``bignum'' to the function. All
MPI functions require the address of the parameters. To free the memory of a mp\_int use (for example):
LibTomMath functions require the address of the parameters. To free the memory of a mp\_int use (for example):
\begin{verbatim}
mp_clear(&bignum);
\end{verbatim}
All MPI functions have the basic form of one of the following:
The functions also have the basic form of one of the following:
\begin{verbatim}
mp_XXX(mp_int *a);
mp_XXX(mp_int *a, mp_int *b, mp_int *c);
mp_XXX(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
\end{verbatim}
Where they perform some operation and store the result in the mp\_int variable passed on the far right. For example, to
compute $c = a + b \mbox{ }(\mbox{mod }m)$ you would call:
Where they perform some operation and store the result in the mp\_int variable passed on the far right.
For example, to compute $c = a + b \mbox{ }(\mbox{mod }m)$ you would call:
\begin{verbatim}
mp_addmod(&a, &b, &m, &c);
\end{verbatim}
The simplest way to get a complete listing of all MPI functions is to open ``mpi.h'' and look. They're all fairly
well documented.
\subsection{Binary Forms of ``mp\_int'' Variables}
Often it is required to store a ``mp\_int'' in binary form for transport (e.g. exporting a key, packet encryption, etc.).
MPI includes two functions to help when exporting numbers:
Often it is required to store a ``mp\_int'' in binary form for transport (e.g. exporting a key, packet
encryption, etc.). LibTomMath includes two functions to help when exporting numbers:
\begin{verbatim}
int mp_raw_size(mp_int *num);
mp_toraw(&num, buf);
@ -2135,9 +2173,8 @@ will not be able to sign or decrypt messages at all. Suppose $p$ was prime and
the multi-prime RSA. Suppose $q = rs$ for two primes $r$ and $s$ then $\phi(pq) = (p - 1)(r - 1)(s - 1)$ which clearly is
not equal to $(p - 1)(rs - 1)$.
These are not technically part of the MPI
library\footnote{As written by Michael Fromberger} but this is the best place to document them. To test if a ``mp\_int'' is
prime call:
These are not technically part of the LibTomMath library but this is the best place to document them.
To test if a ``mp\_int'' is prime call:
\begin{verbatim}
int is_prime(mp_int *N, int *result);
\end{verbatim}
@ -2279,8 +2316,8 @@ or define ENDIAN\_64BITWORD when its 64-bits. If you do not define any of them
which will work on all platforms. Currently the system will automatically detect GCC or MSVC on a windows platform as well
as GCC on a PS2 platform.
\section{The makefile}
There are also options you can specify from the makefiles themselves.
\section{The Configure Script}
There are also options you can specify from the configure script or ``mycrypt\_config.h''.
\subsubsection{X memory routines}
The makefiles must define three macros denoted as XMALLOC, XCALLOC and XFREE which resolve to the name of the respective

6
ctr.c
View File

@ -44,6 +44,12 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
return err;
}
/* is blocklen/padlen valid? */
if (ctr->blocklen < 0 || ctr->blocklen > (int)sizeof(ctr->ctr) ||
ctr->padlen < 0 || ctr->padlen > (int)sizeof(ctr->pad)) {
return CRYPT_INVALID_ARG;
}
while (len-- > 0) {
/* is the pad empty? */
if (ctr->padlen == ctr->blocklen) {

View File

@ -7,7 +7,7 @@
* more functions ;)
*/
#include <mycrypt.h>
#include <mycrypt_custom.h>
int errno;

View File

@ -7,9 +7,9 @@ out the functionality of the library */
#include "timer.h"
#endif
#include "../mycrypt.h"
#include <mycrypt.h>
int errno;
int errnum;
int
@ -128,8 +128,8 @@ ecb_tests (void)
printf ("ECB tests\n");
for (x = 0; cipher_descriptor[x].name != NULL; x++) {
printf (" %12s: ", cipher_descriptor[x].name);
if ((errno = cipher_descriptor[x].test ()) != CRYPT_OK) {
printf (" **failed** Reason: %s\n", error_to_string (errno));
if ((errnum = cipher_descriptor[x].test ()) != CRYPT_OK) {
printf (" **failed** Reason: %s\n", error_to_string (errnum));
exit (-1);
} else {
printf ("passed\n");
@ -154,17 +154,17 @@ cbc_tests (void)
blk[x] = IV[x] = x;
/* now lets start a cbc session */
if ((errno =
if ((errnum =
cbc_start (find_cipher ("blowfish"), IV, key, 16, 0,
&cbc)) != CRYPT_OK) {
printf ("CBC Setup: %s\n", error_to_string (errno));
printf ("CBC Setup: %s\n", error_to_string (errnum));
exit (-1);
}
/* now lets encode 32 bytes */
for (x = 0; x < 4; x++) {
if ((errno = cbc_encrypt (blk + 8 * x, ct + 8 * x, &cbc)) != CRYPT_OK) {
printf ("CBC encrypt: %s\n", error_to_string (errno));
if ((errnum = cbc_encrypt (blk + 8 * x, ct + 8 * x, &cbc)) != CRYPT_OK) {
printf ("CBC encrypt: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -177,17 +177,17 @@ cbc_tests (void)
IV[x] = x;
/* now lets start a cbc session */
if ((errno =
if ((errnum =
cbc_start (find_cipher ("blowfish"), IV, key, 16, 0,
&cbc)) != CRYPT_OK) {
printf ("CBC Setup: %s\n", error_to_string (errno));
printf ("CBC Setup: %s\n", error_to_string (errnum));
exit (-1);
}
/* now lets decode 32 bytes */
for (x = 0; x < 4; x++) {
if ((errno = cbc_decrypt (ct + 8 * x, blk + 8 * x, &cbc)) != CRYPT_OK) {
printf ("CBC decrypt: %s\n", error_to_string (errno));
if ((errnum = cbc_decrypt (ct + 8 * x, blk + 8 * x, &cbc)) != CRYPT_OK) {
printf ("CBC decrypt: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -240,16 +240,16 @@ ofb_tests (void)
blk[x] = IV[x] = x;
/* now lets start a ofb session */
if ((errno =
if ((errnum =
ofb_start (find_cipher ("cast5"), IV, key, 16, 0, &ofb)) != CRYPT_OK) {
printf ("OFB Setup: %s\n", error_to_string (errno));
printf ("OFB Setup: %s\n", error_to_string (errnum));
exit (-1);
}
/* now lets encode 32 bytes */
for (x = 0; x < 4; x++) {
if ((errno = ofb_encrypt (blk + 8 * x, ct + 8 * x, 8, &ofb)) != CRYPT_OK) {
printf ("OFB encrypt: %s\n", error_to_string (errno));
if ((errnum = ofb_encrypt (blk + 8 * x, ct + 8 * x, 8, &ofb)) != CRYPT_OK) {
printf ("OFB encrypt: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -262,16 +262,16 @@ ofb_tests (void)
IV[x] = x;
/* now lets start a ofb session */
if ((errno =
if ((errnum =
ofb_start (find_cipher ("cast5"), IV, key, 16, 0, &ofb)) != CRYPT_OK) {
printf ("OFB setup: %s\n", error_to_string (errno));
printf ("OFB setup: %s\n", error_to_string (errnum));
exit (-1);
}
/* now lets decode 32 bytes */
for (x = 0; x < 4; x++) {
if ((errno = ofb_decrypt (ct + 8 * x, blk + 8 * x, 8, &ofb)) != CRYPT_OK) {
printf ("OFB decrypt: %s\n", error_to_string (errno));
if ((errnum = ofb_decrypt (ct + 8 * x, blk + 8 * x, 8, &ofb)) != CRYPT_OK) {
printf ("OFB decrypt: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -307,17 +307,17 @@ cfb_tests (void)
blk[x] = IV[x] = x;
/* now lets start a cfb session */
if ((errno =
if ((errnum =
cfb_start (find_cipher ("blowfish"), IV, key, 16, 0,
&cfb)) != CRYPT_OK) {
printf ("CFB setup: %s\n", error_to_string (errno));
printf ("CFB setup: %s\n", error_to_string (errnum));
exit (-1);
}
/* now lets encode 32 bytes */
for (x = 0; x < 4; x++) {
if ((errno = cfb_encrypt (blk + 8 * x, ct + 8 * x, 8, &cfb)) != CRYPT_OK) {
printf ("CFB encrypt: %s\n", error_to_string (errno));
if ((errnum = cfb_encrypt (blk + 8 * x, ct + 8 * x, 8, &cfb)) != CRYPT_OK) {
printf ("CFB encrypt: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -330,17 +330,17 @@ cfb_tests (void)
IV[x] = x;
/* now lets start a cfb session */
if ((errno =
if ((errnum =
cfb_start (find_cipher ("blowfish"), IV, key, 16, 0,
&cfb)) != CRYPT_OK) {
printf ("CFB Setup: %s\n", error_to_string (errno));
printf ("CFB Setup: %s\n", error_to_string (errnum));
exit (-1);
}
/* now lets decode 32 bytes */
for (x = 0; x < 4; x++) {
if ((errno = cfb_decrypt (ct + 8 * x, blk + 8 * x, 8, &cfb)) != CRYPT_OK) {
printf ("CFB decrypt: %s\n", error_to_string (errno));
if ((errnum = cfb_decrypt (ct + 8 * x, blk + 8 * x, 8, &cfb)) != CRYPT_OK) {
printf ("CFB decrypt: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -378,17 +378,17 @@ ctr_tests (void)
blk[x] = count[x] = x;
/* now lets start a ctr session */
if ((errno =
if ((errnum =
ctr_start (find_cipher ("xtea"), count, key, 16, 0,
&ctr)) != CRYPT_OK) {
printf ("CTR Setup: %s\n", error_to_string (errno));
printf ("CTR Setup: %s\n", error_to_string (errnum));
exit (-1);
}
/* now lets encode 32 bytes */
for (x = 0; x < 4; x++) {
if ((errno = ctr_encrypt (blk + 8 * x, ct + 8 * x, 8, &ctr)) != CRYPT_OK) {
printf ("CTR encrypt: %s\n", error_to_string (errno));
if ((errnum = ctr_encrypt (blk + 8 * x, ct + 8 * x, 8, &ctr)) != CRYPT_OK) {
printf ("CTR encrypt: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -401,17 +401,17 @@ ctr_tests (void)
count[x] = x;
/* now lets start a cbc session */
if ((errno =
if ((errnum =
ctr_start (find_cipher ("xtea"), count, key, 16, 0,
&ctr)) != CRYPT_OK) {
printf ("CTR Setup: %s\n", error_to_string (errno));
printf ("CTR Setup: %s\n", error_to_string (errnum));
exit (-1);
}
/* now lets decode 32 bytes */
for (x = 0; x < 4; x++) {
if ((errno = ctr_decrypt (ct + 8 * x, blk + 8 * x, 8, &ctr)) != CRYPT_OK) {
printf ("CTR decrypt: %s\n", error_to_string (errno));
if ((errnum = ctr_decrypt (ct + 8 * x, blk + 8 * x, 8, &ctr)) != CRYPT_OK) {
printf ("CTR decrypt: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -457,10 +457,12 @@ hash_tests (void)
printf ("Hash tests\n");
for (x = 0; hash_descriptor[x].name != NULL; x++) {
printf (" %10s (%2d) ", hash_descriptor[x].name, hash_descriptor[x].ID);
if ((errno = hash_descriptor[x].test ()) != CRYPT_OK)
printf ("**failed** Reason: %s\n", error_to_string (errno));
else
if ((errnum = hash_descriptor[x].test ()) != CRYPT_OK) {
printf ("**failed** Reason: %s\n", error_to_string (errnum));
exit(-1);
} else {
printf ("passed\n");
}
}
}
@ -477,17 +479,17 @@ pad_test (void)
/* pad the message so that random filler is placed before and after it */
y = 100;
if ((errno =
if ((errnum =
rsa_pad (in, 16, out, &y, find_prng ("yarrow"), &prng)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
/* depad the message to get the original content */
memset (in, 0, sizeof (in));
x = 100;
if ((errno = rsa_depad (out, y, in, &x)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = rsa_depad (out, y, in, &x)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
@ -516,25 +518,25 @@ rsa_test (void)
/* ---- SINGLE ENCRYPT ---- */
/* encrypt a short 8 byte string */
if ((errno =
if ((errnum =
rsa_make_key (&prng, find_prng ("yarrow"), 1024 / 8, 65537,
&key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
for (x = 0; x < 8; x++)
in[x] = (unsigned char) (x + 1);
y = sizeof (in);
if ((errno = rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
/* decrypt it */
zeromem (in, sizeof (in));
x = sizeof (out);
if ((errno = rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
@ -551,16 +553,16 @@ rsa_test (void)
for (x = 0; x < 16; x++)
in[x] = x;
y = sizeof (out);
if ((errno =
if ((errnum =
rsa_encrypt_key (in, 16, out, &y, &prng, find_prng ("yarrow"),
&key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
zeromem (in, sizeof (in));
x = sizeof (in);
if ((errno = rsa_decrypt_key (out, y, in, &x, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = rsa_decrypt_key (out, y, in, &x, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
printf ("RSA en/de crypt key routines: ");
@ -579,19 +581,19 @@ rsa_test (void)
for (x = 0; x < 16; x++)
in[x] = x;
x = sizeof (in);
if ((errno = rsa_sign_hash (in, 16, out, &x, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = rsa_sign_hash (in, 16, out, &x, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
printf ("RSA signed hash: %lu bytes\n", x);
if ((errno = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
printf ("Verify hash: %s, ", stat ? "passed" : "failed");
in[0] ^= 1;
if ((errno = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
printf ("%s\n", (!stat) ? "passed" : "failed");
@ -612,10 +614,10 @@ rsa_test (void)
for (z = 1024; z <= limit; z += 512) {
t = XCLOCK ();
for (tt = 0; tt < 3; tt++) {
if ((errno =
if ((errnum =
rsa_make_key (&prng, find_prng ("yarrow"), z / 8, 65537,
&key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
if (tt < 2)
@ -630,9 +632,9 @@ rsa_test (void)
for (tt = 0; tt < 100; tt++) {
y = sizeof (in);
if ((errno =
if ((errnum =
rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -644,9 +646,9 @@ rsa_test (void)
t = XCLOCK ();
for (tt = 0; tt < 100; tt++) {
x = sizeof (out);
if ((errno =
if ((errnum =
rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
}
@ -688,14 +690,14 @@ base64_test (void)
x = 100;
if (base64_encode (buf[0], 16, buf[1], &x) != CRYPT_OK) {
printf (" error: %s\n", error_to_string (errno));
printf (" error: %s\n", error_to_string (errnum));
exit (-1);
}
printf (" encoded 16 bytes to %ld bytes...[%s]\n", x, buf[1]);
memset (buf[0], 0, 100);
y = 100;
if (base64_decode (buf[1], x, buf[0], &y) != CRYPT_OK) {
printf (" error: %s\n", error_to_string (errno));
printf (" error: %s\n", error_to_string (errnum));
exit (-1);
}
printf (" decoded %ld bytes to %ld bytes\n", x, y);
@ -726,7 +728,7 @@ time_hash (void)
t1 = XCLOCK ();
z = sizeof (out);
y = 0;
while (XCLOCK () - t1 < (3 * XCLOCKS_PER_SEC)) {
while (XCLOCK () - t1 < (5 * XCLOCKS_PER_SEC)) {
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
@ -743,7 +745,23 @@ time_hash (void)
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
y += 16;
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
hash_memory (x, input, 4096, out, &z);
y += 32;
}
t1 = XCLOCK () - t1;
printf ("%-20s: Hash at %5.2f Mbit/sec\n", hash_descriptor[x].name,
@ -825,33 +843,33 @@ dh_tests (void)
dh_key usera, userb;
clock_t t1;
/* if ((errno = dh_test()) != CRYPT_OK) printf("DH Error: %s\n", error_to_string(errno)); */
/* if ((errnum = dh_test()) != CRYPT_OK) printf("DH Error: %s\n", error_to_string(errnum)); */
dh_sizes (&low, &high);
printf ("DH Keys from %d to %d supported.\n", low * 8, high * 8);
/* make up two keys */
if ((errno =
if ((errnum =
dh_make_key (&prng, find_prng ("yarrow"), 96, &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
if ((errno =
if ((errnum =
dh_make_key (&prng, find_prng ("yarrow"), 96, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
/* make the shared secret */
x = 4096;
if ((errno = dh_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = dh_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
y = 4096;
if ((errno = dh_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = dh_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
if (y != x) {
@ -865,20 +883,20 @@ dh_tests (void)
/* now export userb */
y = 4096;
if ((errno = dh_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = dh_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
dh_free (&userb);
/* import and make the shared secret again */
if ((errno = dh_import (buf[1], y, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = dh_import (buf[1], y, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
z = 4096;
if ((errno = dh_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = dh_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
@ -902,13 +920,13 @@ dh_tests (void)
for (ii = 0; ii < (int) (sizeof (sizes) / sizeof (sizes[0])); ii++) {
t1 = XCLOCK ();
for (tt = 0; tt < 50; tt++) {
for (tt = 0; tt < 5; tt++) {
dh_make_key (&prng, find_prng ("yarrow"), sizes[ii], &usera);
dh_free (&usera);
}
t1 = XCLOCK () - t1;
printf ("Make dh-%d key took %f msec\n", sizes[ii] * 8,
1000.0 * (((double) t1 / 50.0) / (double) XCLOCKS_PER_SEC));
1000.0 * (((double) t1 / 5.0) / (double) XCLOCKS_PER_SEC));
}
}
@ -917,16 +935,16 @@ dh_tests (void)
for (x = 0; x < 16; x++)
buf[0][x] = x;
y = sizeof (buf[1]);
if ((errno =
if ((errnum =
dh_encrypt_key (buf[0], 16, buf[1], &y, &prng, find_prng ("yarrow"),
find_hash ("md5"), &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
zeromem (buf[0], sizeof (buf[0]));
x = sizeof (buf[0]);
if ((errno = dh_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = dh_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
printf ("DH en/de crypt key routines: ");
@ -945,19 +963,19 @@ dh_tests (void)
for (x = 0; x < 16; x++)
buf[0][x] = x;
x = sizeof (buf[1]);
if ((errno =
if ((errnum =
dh_sign_hash (buf[0], 16, buf[1], &x, &prng, find_prng ("yarrow"),
&usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
if (dh_verify_hash (buf[1], x, buf[0], 16, &stat, &usera)) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
buf[0][0] ^= 1;
if (dh_verify_hash (buf[1], x, buf[0], 16, &stat2, &usera)) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
printf ("dh_sign/verify_hash: %s (%d,%d), %lu\n",
@ -1002,10 +1020,10 @@ rng_tests (void)
printf ("\n");
#ifdef YARROW
if ((errno =
if ((errnum =
rng_make_prng (128, find_prng ("yarrow"), &prng,
&callback)) != CRYPT_OK) {
printf (" starting yarrow error: %s\n", error_to_string (errno));
printf (" starting yarrow error: %s\n", error_to_string (errnum));
exit (-1);
}
#endif
@ -1021,8 +1039,8 @@ ecc_tests (void)
ecc_key usera, userb;
clock_t t1;
if ((errno = ecc_test ()) != CRYPT_OK) {
printf ("ecc Error: %s\n", error_to_string (errno));
if ((errnum = ecc_test ()) != CRYPT_OK) {
printf ("ecc Error: %s\n", error_to_string (errnum));
exit (-1);
}
@ -1030,27 +1048,27 @@ ecc_tests (void)
printf ("ecc Keys from %d to %d supported.\n", low * 8, high * 8);
/* make up two keys */
if ((errno =
if ((errnum =
ecc_make_key (&prng, find_prng ("yarrow"), 24, &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
if ((errno =
if ((errnum =
ecc_make_key (&prng, find_prng ("yarrow"), 24, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
/* make the shared secret */
x = 4096;
if ((errno = ecc_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = ecc_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
y = 4096;
if ((errno = ecc_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = ecc_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
@ -1066,22 +1084,22 @@ ecc_tests (void)
/* now export userb */
y = 4096;
if ((errno = ecc_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = ecc_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
ecc_free (&userb);
printf ("ECC-192 export took %ld bytes\n", y);
/* import and make the shared secret again */
if ((errno = ecc_import (buf[1], y, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = ecc_import (buf[1], y, &userb)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
z = 4096;
if ((errno = ecc_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = ecc_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
@ -1106,10 +1124,10 @@ ecc_tests (void)
for (ii = 0; ii < (int) (sizeof (sizes) / sizeof (sizes[0])); ii++) {
t1 = XCLOCK ();
for (tt = 0; tt < 25; tt++) {
if ((errno =
if ((errnum =
ecc_make_key (&prng, find_prng ("yarrow"), sizes[ii],
&usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
ecc_free (&usera);
@ -1121,28 +1139,28 @@ ecc_tests (void)
}
/* test encrypt_key */
ecc_make_key (&prng, find_prng ("yarrow"), 65, &usera);
for (x = 0; x < 16; x++)
ecc_make_key (&prng, find_prng ("yarrow"), 28, &usera);
for (x = 0; x < 32; x++)
buf[0][x] = x;
y = sizeof (buf[1]);
if ((errno =
ecc_encrypt_key (buf[0], 16, buf[1], &y, &prng, find_prng ("yarrow"),
find_hash ("md5"), &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum =
ecc_encrypt_key (buf[0], 32, buf[1], &y, &prng, find_prng ("yarrow"),
find_hash ("sha256"), &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
zeromem (buf[0], sizeof (buf[0]));
x = sizeof (buf[0]);
if ((errno = ecc_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
if ((errnum = ecc_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
printf ("ECC en/de crypt key routines: ");
if (x != 16) {
if (x != 32) {
printf ("Failed (length)\n");
exit (-1);
}
for (x = 0; x < 16; x++)
for (x = 0; x < 32; x++)
if (buf[0][x] != x) {
printf ("Failed (contents)\n");
exit (-1);
@ -1152,19 +1170,19 @@ ecc_tests (void)
for (x = 0; x < 16; x++)
buf[0][x] = x;
x = sizeof (buf[1]);
if ((errno =
if ((errnum =
ecc_sign_hash (buf[0], 16, buf[1], &x, &prng, find_prng ("yarrow"),
&usera)) != CRYPT_OK) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
if (ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &usera)) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
buf[0][0] ^= 1;
if (ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &usera)) {
printf ("Error: %s\n", error_to_string (errno));
printf ("Error: %s\n", error_to_string (errnum));
exit (-1);
}
printf ("ecc_sign/verify_hash: %s (%d,%d)\n",
@ -1374,35 +1392,35 @@ kr_display (pk_key * kr)
void
kr_test_makekeys (pk_key ** kr)
{
if ((errno = kr_init (kr)) != CRYPT_OK) {
printf ("KR init error %s\n", error_to_string (errno));
if ((errnum = kr_init (kr)) != CRYPT_OK) {
printf ("KR init error %s\n", error_to_string (errnum));
exit (-1);
}
/* make a DH key */
printf ("KR: Making DH key...\n");
if ((errno =
if ((errnum =
kr_make_key (*kr, &prng, find_prng ("yarrow"), DH_KEY, 128, "dhkey",
"dh@dh.dh", "dhkey one")) != CRYPT_OK) {
printf ("Make key error: %s\n", error_to_string (errno));
printf ("Make key error: %s\n", error_to_string (errnum));
exit (-1);
}
/* make a ECC key */
printf ("KR: Making ECC key...\n");
if ((errno =
if ((errnum =
kr_make_key (*kr, &prng, find_prng ("yarrow"), ECC_KEY, 20, "ecckey",
"ecc@ecc.ecc", "ecckey one")) != CRYPT_OK) {
printf ("Make key error: %s\n", error_to_string (errno));
printf ("Make key error: %s\n", error_to_string (errnum));
exit (-1);
}
/* make a RSA key */
printf ("KR: Making RSA key...\n");
if ((errno =
if ((errnum =
kr_make_key (*kr, &prng, find_prng ("yarrow"), RSA_KEY, 128, "rsakey",
"rsa@rsa.rsa", "rsakey one")) != CRYPT_OK) {
printf ("Make key error: %s\n", error_to_string (errno));
printf ("Make key error: %s\n", error_to_string (errnum));
exit (-1);
}
@ -1426,18 +1444,18 @@ kr_test (void)
for (i = 0; i < 3; i++) {
len = sizeof (buf);
if ((errno = kr_export (kr, kr->ID, kr->key_type, buf, &len)) != CRYPT_OK) {
printf ("Error exporting key %d, %s\n", i, error_to_string (errno));
if ((errnum = kr_export (kr, kr->ID, kr->key_type, buf, &len)) != CRYPT_OK) {
printf ("Error exporting key %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
printf ("Exported key was: %lu bytes\n", len);
if ((errno = kr_del (&kr, kr->ID)) != CRYPT_OK) {
printf ("Error deleting key %d, %s\n", i, error_to_string (errno));
if ((errnum = kr_del (&kr, kr->ID)) != CRYPT_OK) {
printf ("Error deleting key %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
kr_display (kr);
if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) {
printf ("Error importing key %d, %s\n", i, error_to_string (errno));
if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) {
printf ("Error importing key %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
kr_display (kr);
@ -1445,25 +1463,25 @@ kr_test (void)
for (i = 0; i < 3; i++) {
len = sizeof (buf);
if ((errno = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) {
printf ("Error exporting key %d, %s\n", i, error_to_string (errno));
if ((errnum = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) {
printf ("Error exporting key %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
printf ("Exported key was: %lu bytes\n", len);
if ((errno = kr_del (&kr, kr->ID)) != CRYPT_OK) {
printf ("Error deleting key %d, %s\n", i, error_to_string (errno));
if ((errnum = kr_del (&kr, kr->ID)) != CRYPT_OK) {
printf ("Error deleting key %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
kr_display (kr);
if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) {
printf ("Error importing key %d, %s\n", i, error_to_string (errno));
if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) {
printf ("Error importing key %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
kr_display (kr);
}
if ((errno = kr_clear (&kr)) != CRYPT_OK) {
printf ("Error clearing ring: %s\n", error_to_string (errno));
if ((errnum = kr_clear (&kr)) != CRYPT_OK) {
printf ("Error clearing ring: %s\n", error_to_string (errnum));
exit (-1);
}
@ -1471,29 +1489,29 @@ kr_test (void)
/* TEST output to file */
#ifndef NO_FILE
if ((errno = kr_init (&kr)) != CRYPT_OK) {
printf ("KR init error %s\n", error_to_string (errno));
if ((errnum = kr_init (&kr)) != CRYPT_OK) {
printf ("KR init error %s\n", error_to_string (errnum));
exit (-1);
}
kr_test_makekeys (&kr);
/* save to file */
f = fopen ("ring.dat", "wb");
if ((errno = kr_save (kr, f, NULL)) != CRYPT_OK) {
printf ("kr_save error %s\n", error_to_string (errno));
if ((errnum = kr_save (kr, f, NULL)) != CRYPT_OK) {
printf ("kr_save error %s\n", error_to_string (errnum));
exit (-1);
}
fclose (f);
/* delete and load */
if ((errno = kr_clear (&kr)) != CRYPT_OK) {
printf ("clear error: %s\n", error_to_string (errno));
if ((errnum = kr_clear (&kr)) != CRYPT_OK) {
printf ("clear error: %s\n", error_to_string (errnum));
exit (-1);
}
f = fopen ("ring.dat", "rb");
if ((errno = kr_load (&kr, f, NULL)) != CRYPT_OK) {
printf ("kr_load error %s\n", error_to_string (errno));
if ((errnum = kr_load (&kr, f, NULL)) != CRYPT_OK) {
printf ("kr_load error %s\n", error_to_string (errnum));
exit (-1);
}
fclose (f);
@ -1501,8 +1519,8 @@ kr_test (void)
printf ("After load and save...\n");
kr_display (kr);
if ((errno = kr_clear (&kr)) != CRYPT_OK) {
printf ("clear error: %s\n", error_to_string (errno));
if ((errnum = kr_clear (&kr)) != CRYPT_OK) {
printf ("clear error: %s\n", error_to_string (errnum));
exit (-1);
}
#endif
@ -1516,16 +1534,16 @@ kr_test (void)
printf ("Testing a key with system %d, type %d:\t", _kr->system,
_kr->key_type);
len = sizeof (buf2);
if ((errno =
if ((errnum =
kr_encrypt_key (kr, _kr->ID, buf, 16, buf2, &len, &prng,
find_prng ("yarrow"),
find_hash ("md5"))) != CRYPT_OK) {
printf ("Encrypt error, %d, %s\n", i, error_to_string (errno));
printf ("Encrypt error, %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
len = sizeof (buf3);
if ((errno = kr_decrypt_key (kr, buf2, buf3, &len)) != CRYPT_OK) {
printf ("decrypt error, %d, %s\n", i, error_to_string (errno));
if ((errnum = kr_decrypt_key (kr, buf2, buf3, &len)) != CRYPT_OK) {
printf ("decrypt error, %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
if (len != 16 || memcmp (buf3, buf, 16)) {
@ -1535,28 +1553,28 @@ kr_test (void)
printf ("kr_encrypt_key passed, ");
len = sizeof (buf2);
if ((errno =
if ((errnum =
kr_sign_hash (kr, _kr->ID, buf, 32, buf2, &len, &prng,
find_prng ("yarrow"))) != CRYPT_OK) {
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno));
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum));
exit (-1);
}
printf ("kr_sign_hash: ");
if ((errno = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) {
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno));
if ((errnum = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) {
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum));
exit (-1);
}
printf ("%s, ", stat ? "passed" : "failed");
buf[15] ^= 1;
if ((errno = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) {
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno));
if ((errnum = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) {
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum));
exit (-1);
}
printf ("%s\n", (!stat) ? "passed" : "failed");
buf[15] ^= 1;
len = sizeof (buf);
if ((errno =
if ((errnum =
kr_fingerprint (kr, _kr->ID, find_hash ("sha1"), buf,
&len)) != CRYPT_OK) {
printf ("kr_fingerprint failed, %i, %lu\n", i, len);
@ -1581,8 +1599,8 @@ kr_test (void)
/* now export it as public and private */
len = sizeof (buf);
if ((errno = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) {
printf ("Error exporting key %d, %s\n", i, error_to_string (errno));
if ((errnum = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) {
printf ("Error exporting key %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
@ -1590,8 +1608,8 @@ kr_test (void)
memset (buf + len, 0, sizeof (buf) - len);
len = sizeof (buf2);
if ((errno = kr_export (kr, kr->ID, PK_PRIVATE, buf2, &len)) != CRYPT_OK) {
printf ("Error exporting key %s\n", error_to_string (errno));
if ((errnum = kr_export (kr, kr->ID, PK_PRIVATE, buf2, &len)) != CRYPT_OK) {
printf ("Error exporting key %s\n", error_to_string (errnum));
exit (-1);
}
@ -1602,8 +1620,8 @@ kr_test (void)
kr_clear (&kr);
kr_init (&kr);
kr_display (kr);
if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) {
printf ("Error importing key %s\n", error_to_string (errno));
if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) {
printf ("Error importing key %s\n", error_to_string (errnum));
exit (-1);
}
kr_display (kr);
@ -1612,11 +1630,11 @@ kr_test (void)
for (i = 0; i < 16; i++)
buf[i] = i;
len = sizeof (buf3);
if ((errno =
if ((errnum =
kr_encrypt_key (kr, kr->ID, buf, 16, buf3, &len, &prng,
find_prng ("yarrow"),
find_hash ("md5"))) != CRYPT_OK) {
printf ("Encrypt error, %d, %s\n", i, error_to_string (errno));
printf ("Encrypt error, %d, %s\n", i, error_to_string (errnum));
exit (-1);
}
@ -1624,16 +1642,16 @@ kr_test (void)
kr_clear (&kr);
kr_init (&kr);
kr_display (kr);
if ((errno = kr_import (kr, buf2, len)) != CRYPT_OK) {
printf ("Error importing key %s\n", error_to_string (errno));
if ((errnum = kr_import (kr, buf2, len)) != CRYPT_OK) {
printf ("Error importing key %s\n", error_to_string (errnum));
exit (-1);
}
kr_display (kr);
/* now decrypt */
len = sizeof (buf2);
if ((errno = kr_decrypt_key (kr, buf3, buf2, &len)) != CRYPT_OK) {
printf ("decrypt error, %s\n", error_to_string (errno));
if ((errnum = kr_decrypt_key (kr, buf3, buf2, &len)) != CRYPT_OK) {
printf ("decrypt error, %s\n", error_to_string (errnum));
exit (-1);
}
@ -1697,14 +1715,14 @@ main (void)
register_all_algs ();
if ((errno = yarrow_start (&prng)) != CRYPT_OK) {
printf ("yarrow_start: %s\n", error_to_string (errno));
if ((errnum = yarrow_start (&prng)) != CRYPT_OK) {
printf ("yarrow_start: %s\n", error_to_string (errnum));
}
if ((errno = yarrow_add_entropy ("hello", 5, &prng)) != CRYPT_OK) {
printf ("yarrow_add_entropy: %s\n", error_to_string (errno));
if ((errnum = yarrow_add_entropy ("hello", 5, &prng)) != CRYPT_OK) {
printf ("yarrow_add_entropy: %s\n", error_to_string (errnum));
}
if ((errno = yarrow_ready (&prng)) != CRYPT_OK) {
printf ("yarrow_ready: %s\n", error_to_string (errno));
if ((errnum = yarrow_ready (&prng)) != CRYPT_OK) {
printf ("yarrow_ready: %s\n", error_to_string (errnum));
}
printf (crypt_build_settings);

File diff suppressed because it is too large Load Diff

97
des.c
View File

@ -241,35 +241,43 @@ void deskey(const unsigned char *key, short edf, unsigned long *keyout)
unsigned long i, j, l, m, n, kn[32];
unsigned char pc1m[56], pcr[56];
for(j=0; j < 56; j++)
{
for (j=0; j < 56; j++) {
l = (unsigned long)pc1[j];
m = l & 07;
m = l & 7;
pc1m[j] = (unsigned char)((key[l >> 3U] & bytebit[m]) == bytebit[m] ? 1 : 0);
}
for(i=0; i < 16; i++)
{
if(edf == DE1) m = (15 - i) << 1;
else m = i << 1;
for (i=0; i < 16; i++) {
if (edf == DE1) {
m = (15 - i) << 1;
} else {
m = i << 1;
}
n = m + 1;
kn[m] = kn[n] = 0L;
for(j=0; j < 28; j++)
{
for (j=0; j < 28; j++) {
l = j + (unsigned long)totrot[i];
if(l < 28) pcr[j] = pc1m[l];
else pcr[j] = pc1m[l - 28];
if (l < 28) {
pcr[j] = pc1m[l];
} else {
pcr[j] = pc1m[l - 28];
}
}
for(/*j = 28*/; j < 56; j++)
{
for (/*j = 28*/; j < 56; j++) {
l = j + (unsigned long)totrot[i];
if(l < 56) pcr[j] = pc1m[l];
else pcr[j] = pc1m[l - 28];
if (l < 56) {
pcr[j] = pc1m[l];
} else {
pcr[j] = pc1m[l - 28];
}
}
for(j=0; j < 24; j++)
{
if((int)pcr[(int)pc2[j]] != 0) kn[m] |= bigbyte[j];
if((int)pcr[(int)pc2[j+24]] != 0) kn[n] |= bigbyte[j];
for (j=0; j < 24; j++) {
if ((int)pcr[(int)pc2[j]] != 0) {
kn[m] |= bigbyte[j];
}
if ((int)pcr[(int)pc2[j+24]] != 0) {
kn[n] |= bigbyte[j];
}
}
}
@ -326,7 +334,7 @@ static void desfunc(unsigned long *block, const unsigned long *keys)
static void _desfunc(unsigned long *block, const unsigned long *keys)
#endif
{
unsigned long fval, work, right, leftt;
unsigned long work, right, leftt;
int round;
leftt = block[0];
@ -348,38 +356,35 @@ static void _desfunc(unsigned long *block, const unsigned long *keys)
leftt ^= work;
right ^= (work << 8);
right = ((right << 1) | ((right >> 31) & 1L)) & 0xFFFFFFFFL;
right = ROL(right, 1);
work = (leftt ^ right) & 0xaaaaaaaaL;
leftt ^= work;
right ^= work;
leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;
leftt = ROL(leftt, 1);
for( round = 0; round < 8; round++)
{
work = ((right << 28) | (right >> 4)) ^ *keys++;
fval = SP7[ work & 0x3fL]
| SP5[(work >> 8) & 0x3fL]
| SP3[(work >> 16) & 0x3fL]
| SP1[(work >> 24) & 0x3fL];
for (round = 0; round < 8; round++) {
work = ROR(right, 4) ^ *keys++;
leftt ^= SP7[work & 0x3fL]
^ SP5[(work >> 8) & 0x3fL]
^ SP3[(work >> 16) & 0x3fL]
^ SP1[(work >> 24) & 0x3fL];
work = right ^ *keys++;
fval |= SP8[ work & 0x3fL]
| SP6[(work >> 8) & 0x3fL]
| SP4[(work >> 16) & 0x3fL]
| SP2[(work >> 24) & 0x3fL];
leftt ^= fval;
leftt ^= SP8[ work & 0x3fL]
^ SP6[(work >> 8) & 0x3fL]
^ SP4[(work >> 16) & 0x3fL]
^ SP2[(work >> 24) & 0x3fL];
work = ((leftt << 28) | (leftt >> 4)) ^ *keys++;
fval = SP7[ work & 0x3fL]
| SP5[(work >> 8) & 0x3fL]
| SP3[(work >> 16) & 0x3fL]
| SP1[(work >> 24) & 0x3fL];
work = ROR(leftt, 4) ^ *keys++;
right ^= SP7[ work & 0x3fL]
^ SP5[(work >> 8) & 0x3fL]
^ SP3[(work >> 16) & 0x3fL]
^ SP1[(work >> 24) & 0x3fL];
work = leftt ^ *keys++;
fval |= SP8[ work & 0x3fL]
| SP6[(work >> 8) & 0x3fL]
| SP4[(work >> 16) & 0x3fL]
| SP2[(work >> 24) & 0x3fL];
right ^= fval;
right ^= SP8[ work & 0x3fL]
^ SP6[(work >> 8) & 0x3fL]
^ SP4[(work >> 16) & 0x3fL]
^ SP2[(work >> 24) & 0x3fL];
}
right = (right << 31) | (right >> 1);
work = (leftt ^ right) & 0xaaaaaaaaL;
@ -412,7 +417,6 @@ static void desfunc(unsigned long *block, const unsigned long *keys)
}
#endif
int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
{
_ARGCHK(key != NULL);
@ -484,7 +488,8 @@ void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
{
unsigned long work[2];
unsigned long work[2], *k[3];
_ARGCHK(pt != NULL);
_ARGCHK(ct != NULL);
_ARGCHK(key != NULL);

5
dh.c
View File

@ -207,10 +207,11 @@ void dh_sizes(int *low, int *high)
int dh_get_size(dh_key *key)
{
_ARGCHK(key != NULL);
if (is_valid_idx(key->idx) == 1)
if (is_valid_idx(key->idx) == 1) {
return sets[key->idx].size;
else
} else {
return INT_MAX; /* large value that would cause dh_make_key() to fail */
}
}
int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)

12
ecc.c
View File

@ -253,18 +253,18 @@ static int dbl_point(ecc_point *P, ecc_point *R, mp_int *modulus, mp_int *mu)
if (mp_mul_2(&P->y, &tmp) != MP_OKAY) { goto error; } /* tmp = 2*y */
if (mp_invmod(&tmp, modulus, &tmp) != MP_OKAY) { goto error; } /* tmp = 1/tmp mod modulus */
if (mp_sqr(&P->x, &s) != MP_OKAY) { goto error; } /* s = x^2 */
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
if (mp_mul_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) */
if (mp_sub_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) - 3 */
if (mp_cmp_d(&s, 0) == MP_LT) { /* if s < 0 add modulus */
if (mp_cmp_d(&s, 0) == MP_LT) { /* if s < 0 add modulus */
if (mp_add(&s, modulus, &s) != MP_OKAY) { goto error; }
}
if (mp_mul(&s, &tmp, &s) != MP_OKAY) { goto error; } /* s = tmp * s mod modulus */
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
/* Xr = s^2 - 2Xp */
if (mp_sqr(&s, &tmpx) != MP_OKAY) { goto error; } /* tmpx = s^2 */
if (mp_reduce(&tmpx, modulus, mu) != MP_OKAY) { goto error; } /* tmpx = tmpx mod modulus */
if (mp_reduce(&tmpx, modulus, mu) != MP_OKAY) { goto error; } /* tmpx = tmpx mod modulus */
if (mp_sub(&tmpx, &P->x, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmpx - x */
if (mp_submod(&tmpx, &P->x, modulus, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmpx - x mod modulus */
@ -321,11 +321,11 @@ static int add_point(ecc_point *P, ecc_point *Q, ecc_point *R, mp_int *modulus,
if (mp_add(&s, modulus, &s) != MP_OKAY) { goto error; }
}
if (mp_mul(&s, &tmp, &s) != MP_OKAY) { goto error; } /* s = s * tmp mod modulus */
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
/* Xr = s^2 - Xp - Xq */
if (mp_sqr(&s, &tmp) != MP_OKAY) { goto error; } /* tmp = s^2 mod modulus */
if (mp_reduce(&tmp, modulus, mu) != MP_OKAY) { goto error; }
if (mp_reduce(&tmp, modulus, mu) != MP_OKAY) { goto error; }
if (mp_sub(&tmp, &P->x, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp - Px */
if (mp_sub(&tmp, &Q->x, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmp - Qx */

1
hash.c
View File

@ -61,7 +61,6 @@ int hash_filehandle(int hash, FILE *in, unsigned char *dst, unsigned long *outle
#endif
}
int hash_file(int hash, const char *fname, unsigned char *dst, unsigned long *outlen)
{
#ifdef NO_FILE

26
hmac.c
View File

@ -125,7 +125,8 @@ int hmac_done(hmac_state *hmac, unsigned char *hashOut)
}
int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
const unsigned char *data, unsigned long len, unsigned char *dst)
const unsigned char *data, unsigned long len,
unsigned char *dst, unsigned long *dstlen)
{
hmac_state hmac;
int err;
@ -134,6 +135,14 @@ int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
_ARGCHK(data != NULL);
_ARGCHK(dst != NULL);
if((err = hash_is_valid(hash)) != CRYPT_OK) {
return err;
}
if (hash_descriptor[hash].hashsize > *dstlen) {
return CRYPT_BUFFER_OVERFLOW;
}
*dstlen = hash_descriptor[hash].hashsize;
if ((err = hmac_init(&hmac, hash, key, keylen)) != CRYPT_OK) {
return err;
}
@ -150,7 +159,8 @@ int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
/* hmac_file added by Tom St Denis */
int hmac_file(int hash, const char *fname, const unsigned char *key,
unsigned long keylen, unsigned char *dst)
unsigned long keylen,
unsigned char *dst, unsigned long *dstlen)
{
#ifdef NO_FILE
return CRYPT_ERROR;
@ -165,6 +175,14 @@ int hmac_file(int hash, const char *fname, const unsigned char *key,
_ARGCHK(key != NULL);
_ARGCHK(dst != NULL);
if((err = hash_is_valid(hash)) != CRYPT_OK) {
return err;
}
if (hash_descriptor[hash].hashsize > *dstlen) {
return CRYPT_BUFFER_OVERFLOW;
}
*dstlen = hash_descriptor[hash].hashsize;
if ((err = hmac_init(&hmac, hash, key, keylen)) != CRYPT_OK) {
return err;
}
@ -436,11 +454,13 @@ Key First"
0x1f, 0xb1, 0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e} }
};
unsigned long outlen;
int err;
int failed=0;
for(i=0; i < (int)(sizeof(cases) / sizeof(cases[0])); i++) {
int hash = find_hash(cases[i].algo);
if((err = hmac_memory(hash, cases[i].key, cases[i].keylen, cases[i].data, cases[i].datalen, digest)) != CRYPT_OK) {
outlen = sizeof(digest);
if((err = hmac_memory(hash, cases[i].key, cases[i].keylen, cases[i].data, cases[i].datalen, digest, &outlen)) != CRYPT_OK) {
#if 0
printf("HMAC-%s test #%d\n", cases[i].algo, cases[i].num);
#endif

View File

@ -9,7 +9,7 @@
# a build. This is easy to remedy though, for those that have problems.
# The version
VERSION=0.81
VERSION=0.82
#ch1-01-1
# Compiler and Linker Names

23
makefile.msvc Normal file
View File

@ -0,0 +1,23 @@
#MSVC Makefile [tested with MSVC 6.00 with SP5]
#
#Tom St Denis
CFLAGS = /I. /Ogityb2 /Gs /DWIN32 /W3
default: library
#List of objects to compile.
OBJECTS=keyring.obj gf.obj mem.obj sprng.obj ecc.obj base64.obj dh.obj rsa.obj \
bits.obj yarrow.obj cfb.obj ofb.obj ecb.obj ctr.obj cbc.obj hash.obj tiger.obj sha1.obj \
md5.obj md4.obj md2.obj sha256.obj sha512.obj xtea.obj aes.obj serpent.obj des.obj \
safer_tab.obj safer.obj safer+.obj rc4.obj rc2.obj rc6.obj rc5.obj cast5.obj noekeon.obj \
blowfish.obj crypt.obj ampi.obj mpi.obj prime.obj twofish.obj packet.obj hmac.obj strings.obj
library: $(OBJECTS)
lib /out:tomcrypt.lib $(OBJECTS)
test.obj: demos/test.c
cl $(CFLAGS) /c demos/test.c
test: library test.obj
cl test.obj tomcrypt.lib advapi32.lib

View File

@ -5,7 +5,7 @@
CC = gcc
AR = ar
LD = ld
CFLAGS += -Os -Wall -Wsign-compare -W -Wno-unused -Werror -I./
CFLAGS += -O3 -Wall -Wsign-compare -W -Wno-unused -Werror -I./
default: library

2
md4.c
View File

@ -30,7 +30,7 @@ const struct _hash_descriptor md4_desc =
/* F, G and H are basic MD4 functions. */
#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
#define G(x, y, z) ((x & y) | (z & (x | y)))
#define H(x, y, z) ((x) ^ (y) ^ (z))
/* ROTATE_LEFT rotates x left n bits. */

6
md5.c
View File

@ -14,10 +14,10 @@ const struct _hash_descriptor md5_desc =
&md5_test
};
#define F(x,y,z) ( (x&y)|((~x)&z) )
#define G(x,y,z) ( (x&z)|(y&(~z)) )
#define F(x,y,z) ((x&y)|((~x)&z))
#define G(x,y,z) ((x&z)|(y&(~z)))
#define H(x,y,z) (x^y^z)
#define I(x,y,z) (y ^ (x | (~z)))
#define I(x,y,z) (y^(x|(~z)))
#define FF(a,b,c,d,M,s,t) \
a = (a + F(b,c,d) + M + t); a = ROL(a, s); a = (b + a);

544
mpi.c

File diff suppressed because it is too large Load Diff

View File

@ -16,8 +16,8 @@ extern "C" {
#endif
/* version */
#define CRYPT 0x0081
#define SCRYPT "0.81"
#define CRYPT 0x0082
#define SCRYPT "0.82"
/* max size of either a cipher/hash block or symmetric key [largest of the two] */
#define MAXBLOCKSIZE 128

View File

@ -177,8 +177,10 @@ extern int hmac_process(hmac_state *hmac, const unsigned char *buf, unsigned lon
extern int hmac_done(hmac_state *hmac, unsigned char *hash);
extern int hmac_test(void);
extern int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
const unsigned char *data, unsigned long len, unsigned char *dst);
const unsigned char *data, unsigned long len,
unsigned char *dst, unsigned long *dstlen);
extern int hmac_file(int hash, const char *fname, const unsigned char *key,
unsigned long keylen, unsigned char *dst);
unsigned long keylen,
unsigned char *dst, unsigned long *dstlen);
#endif

7
ofb.c
View File

@ -36,6 +36,13 @@ int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
if ((err = cipher_is_valid(ofb->cipher)) != CRYPT_OK) {
return err;
}
/* is blocklen/padlen valid? */
if (ofb->blocklen < 0 || ofb->blocklen > (int)sizeof(ofb->IV) ||
ofb->padlen < 0 || ofb->padlen > (int)sizeof(ofb->IV)) {
return CRYPT_INVALID_ARG;
}
while (len-- > 0) {
if (ofb->padlen == ofb->blocklen) {
cipher_descriptor[ofb->cipher].ecb_encrypt(ofb->IV, ofb->IV, &ofb->key);

View File

@ -14,6 +14,11 @@ int rsa_encrypt_key(const unsigned char *inkey, unsigned long inlen,
_ARGCHK(outlen != NULL);
_ARGCHK(key != NULL);
/* only allow keys from 64 to 256 bits */
if (inlen < 8 || inlen > 32) {
return CRYPT_INVALID_ARG;
}
/* are the parameters valid? */
if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
return err;
@ -148,6 +153,11 @@ int rsa_sign_hash(const unsigned char *in, unsigned long inlen,
_ARGCHK(outlen != NULL);
_ARGCHK(key != NULL);
/* reject nonsense sizes */
if (inlen < 16) {
return CRYPT_INVALID_ARG;
}
/* type of key? */
if (key->type != PK_PRIVATE && key->type != PK_PRIVATE_OPTIMIZED) {
return CRYPT_PK_NOT_PRIVATE;

View File

@ -154,7 +154,7 @@ static void _ilt(unsigned char *b, unsigned char *b2)
#endif
/* These are the 33, 128-bit bias words for the key schedule */
const unsigned char safer_bias[33][16] = {
static const unsigned char safer_bias[33][16] = {
{ 70, 151, 177, 186, 163, 183, 16, 10, 197, 55, 179, 201, 90, 40, 172, 100},
{ 236, 171, 170, 198, 103, 149, 88, 13, 248, 154, 246, 110, 102, 220, 5, 61},
{ 138, 195, 216, 137, 106, 233, 54, 73, 67, 191, 235, 212, 150, 155, 104, 160},
@ -469,14 +469,12 @@ int saferp_keysize(int *desired_keysize)
return CRYPT_INVALID_KEYSIZE;
if (*desired_keysize < 24) {
*desired_keysize = 16;
return CRYPT_OK;
} else if (*desired_keysize < 32) {
*desired_keysize = 24;
return CRYPT_OK;
} else {
*desired_keysize = 32;
return CRYPT_OK;
}
return CRYPT_OK;
}
#endif

View File

@ -33,7 +33,7 @@ static const unsigned long K[64] = {
/* Various logical functions */
#define Ch(x,y,z) ((x & y) | (~x & z))
#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
#define Maj(x,y,z) (((x | y) & z) | (x & y))
#define S(x, n) ROR((x),(n))
#define R(x, n) (((x)&0xFFFFFFFFUL)>>(n))
#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22))
@ -85,6 +85,7 @@ static void sha256_compress(hash_state * md)
for (i = 0; i < 8; i++) {
md->sha256.state[i] = md->sha256.state[i] + S[i];
}
}
#ifdef CLEAN_STACK

View File

@ -60,7 +60,7 @@ CONST64(0x5fcb6fab3ad6faec), CONST64(0x6c44198c4a475817)
/* Various logical functions */
#define Ch(x,y,z) ((x & y) | (~x & z))
#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
#define Maj(x,y,z) (((x | y) & z) | (x & y))
#define S(x, n) ROR64((x),(n))
#define R(x, n) (((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)n))
#define Sigma0(x) (S(x, 28) ^ S(x, 34) ^ S(x, 39))

View File

@ -12,6 +12,8 @@
*
* Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca
*/
#include "mycrypt.h"
#ifndef BN_H_
#define BN_H_

View File

@ -518,7 +518,7 @@ static void _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sym
void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
#endif
{
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2;
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k;
int r;
_ARGCHK(pt != NULL);
@ -532,15 +532,23 @@ void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
c ^= key->twofish.K[2];
d ^= key->twofish.K[3];
for (r = 0; r < 16; ++r) {
k = key->twofish.K + 8;
for (r = 0; r < 16; r += 2) {
t1 = g_func(a, key);
t2 = g_func(ROL(b, 8), key);
t2 += (t1 += t2);
t1 += key->twofish.K[r+r+8];
t2 += key->twofish.K[r+r+9];
t1 += *k++;
t2 += *k++;
c ^= t1; c = ROR(c, 1);
d = ROL(d, 1) ^ t2;
ta = a; a = c; c = ta; tb = b; b = d; d = tb;
t1 = g_func(c, key);
t2 = g_func(ROL(d, 8), key);
t2 += (t1 += t2);
t1 += *k++;
t2 += *k++;
a ^= t1; a = ROR(a, 1);
b = ROL(b, 1) ^ t2;
}
/* output with "undo last swap" */
@ -568,7 +576,7 @@ static void _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sym
void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
#endif
{
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2;
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k;
int r;
_ARGCHK(pt != NULL);
@ -585,22 +593,21 @@ void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
c = ta ^ key->twofish.K[4];
d = tb ^ key->twofish.K[5];
/* loop is kept partially unrolled because it is slower [at least on an Athlon]
* then the tight version. */
k = key->twofish.K + 39;
for (r = 14; r >= 0; r -= 2) {
t1 = g_func(c, key);
t2 = g_func(ROL(d, 8), key);
t2 += (t1 += t2);
t1 += key->twofish.K[r+r+10];
t2 += key->twofish.K[r+r+11];
t2 += *k--;
t1 += *k--;
a = ROL(a, 1) ^ t1;
b = b ^ t2; b = ROR(b, 1);
t1 = g_func(a, key);
t2 = g_func(ROL(b, 8), key);
t2 += (t1 += t2);
t1 += key->twofish.K[r+r+8];
t2 += key->twofish.K[r+r+9];
t2 += *k--;
t1 += *k--;
c = ROL(c, 1) ^ t1;
d = d ^ t2; d = ROR(d, 1);
}

View File

@ -1,131 +0,0 @@
#!/bin/tcsh
# Get latest copy of libtomcrypt and install it using "tcsh"
#
# Tom St Denis
echo libtomcrypt update script, Tom St Denis
echo "http://libtomcrypt.iahu.ca\n"
if ($1 == "--help") then
echo "update_libtomcrypt.sh [makefile] [sig]-- Download and optionally build the libtomcrypt project.\n"
echo "\t[makefile] --\tYou can optionally specify which makefile you want to build with. If you specify "
echo "\t\t\t'nobuild' then the library is not built, just downloaded and unzipped. If you "
echo "\t\t\tleave it empty the default 'makefile' is used to build the library.\n"
echo "\t[sig] -- \tOptionally verify [via GPG] the signature of the package."
exit
endif
if ($1 == "" || $1 == "sig") then
set make = "makefile"
else
set make = $1;
endif
if ($1 == "sig" || $2 == "sig") then
set sig = "sig"
else
set sig = ""
endif
rm -f latest
echo Getting latest version number from website.
wget -q http://iahu.ca:8080/download/latest
if (-r latest) then
set a = `cat latest`
echo "Latest release is v$a.\n"
if (-d "libtomcrypt-$a" && (-r "libtomcrypt-$a/libtomcrypt.a" || $make == "nobuild")) then
echo Libtomcrypt v$a is already installed on your system.
else
echo "Downloading libtomcrypt v$a ..."
if (-r "crypt-$a.tar.bz2") then
rm -f crypt-$a.tar.bz2
endif
wget http://iahu.ca:8080/download/crypt-$a.tar.bz2
if (-r "crypt-$a.tar.bz2") then
if (-d "libtomcrypt-$a") then
echo "WARNING! Directory libtomcrypt-$a already exists. Cannot continue.\n"
exit
endif
if ($sig == "sig") then
if (!(-r public.asc)) then
echo "Downloading and installing code signing key...\n"
wget -q http://iahu.ca:8080/download/public.asc
if (-r public.asc) then
gpg --import public.asc
if ($? != 0) then
echo Could not import signing key required to verify the package.
exit
else
echo "\n********************************************************************************"
echo "A new key has been imported to your keyring. You should check that it is valid."
echo "********************************************************************************"
endif
else
echo "Could not download the key to import."
exit
endif
endif
echo Verifying signature...
wget -q http://iahu.ca:8080/download/crypt-$a.tar.bz2.asc
if (!(-r "crypt-$a.tar.bz2.asc")) then
echo Could not download signature to test.
exit
endif
gpg -q --verify crypt-$a.tar.bz2.asc
if ($? != 0) then
echo "\n\nSignature for crypt-$a.tar.bz2 is ****not**** valid.\n\n"
exit
else
echo "\n\nSignature for crypt-$a.tar.bz2 is valid.\n\n"
endif
endif
bzip2 -d -c crypt-$a.tar.bz2 | tar -x
if (-d "libtomcrypt-$a") then
if (-r "libtomcrypt-$a/$make") then
cd libtomcrypt-$a
make -f $make
if (-r "libtomcrypt.a") then
echo "\n\n*****************************************************************"
echo The library has been built and you can now install it either with
echo
echo "cd libtomcrypt-$a ; make install"
echo
echo Or by editing the makefile and changing the user you wish to install
echo it with, or simply copy "libtomcrypt.a" to your library directory and
echo copy "*.h" to your include directory
echo "*****************************************************************"
else
echo "\n\n*****************************************************************"
echo The library failed to build. Please note the errors and send them to tomstdenis@yahoo.com
echo "*****************************************************************"
endif
else if ($make == "nobuild") then
echo "\n\n*****************************************************************"
echo "The library was downloaded and unzipped into libtomcrypt-$a/"
echo "*****************************************************************"
else
echo "The makefile '$make' was not found in the archive.\n";
endif
else
echo "Could not unpack the libtomcrypt archive (corrupt?)."
endif
cd ..
else
echo "Could not download the libtomcrypt archive from server."
endif
endif
if (-r "libtomcrypt-$a/changes") then
perl <<!
open(IN,"<libtomcrypt-$a/changes") or die "Can't open libtomcrypt change log.";
print "\nChange log for v$a :\n";
\$a = <IN>; print \$a; \$a = <IN>;
while (<IN>) {
if (\$_ =~ m/^(v\d\.\d\d)/) { close(IN); exit(0); }
print "\$a"; \$a = \$_;
}
!
else
echo "Change log not found. Is the package really installed?"
endif
else
echo "Could not download latest file from server to check version."
endif