added libtomcrypt-0.82
This commit is contained in:
parent
0f999a4e9e
commit
7d21325daa
@ -1,4 +1,4 @@
|
||||
/* The precompute tables for AES */
|
||||
/* The precomputed tables for AES */
|
||||
|
||||
static const unsigned long ft_tab[4][256] = {
|
||||
{0xa56363c6UL, 0x847c7cf8UL, 0x997777eeUL, 0x8d7b7bf6UL, 0x0df2f2ffUL,
|
||||
|
10
bits.c
10
bits.c
@ -21,8 +21,14 @@ static unsigned long rng_nix(unsigned char *buf, unsigned long len,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* disable buffering */
|
||||
if (setvbuf(f, NULL, _IONBF, 0) != 0) {
|
||||
fclose(f);
|
||||
return 0;
|
||||
}
|
||||
|
||||
x = (unsigned long)fread(buf, 1, (size_t)len, f);
|
||||
(void)fclose(f);
|
||||
fclose(f);
|
||||
return x;
|
||||
#endif /* NO_FILE */
|
||||
}
|
||||
@ -172,7 +178,7 @@ int rng_make_prng(int bits, int wprng, prng_state *prng,
|
||||
return err;
|
||||
}
|
||||
|
||||
bits = ((bits/8)+((bits&7)==0x80?1:0)) * 2;
|
||||
bits = ((bits/8)+((bits&7)!=0?1:0)) * 2;
|
||||
if (rng_get_bytes(buf, (unsigned long)bits, callback) != (unsigned long)bits) {
|
||||
return CRYPT_ERROR_READPRNG;
|
||||
}
|
||||
|
@ -387,7 +387,7 @@ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
|
||||
void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
|
||||
{
|
||||
_blowfish_ecb_encrypt(pt, ct, key);
|
||||
burn_stack(sizeof(unsigned long) * 2);
|
||||
burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -429,7 +429,7 @@ void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
|
||||
void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
|
||||
{
|
||||
_blowfish_ecb_decrypt(ct, pt, key);
|
||||
burn_stack(sizeof(unsigned long) * 2);
|
||||
burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
|
||||
}
|
||||
#endif
|
||||
|
||||
|
10
cbc.c
10
cbc.c
@ -43,6 +43,11 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_CBC *cbc)
|
||||
return err;
|
||||
}
|
||||
|
||||
/* is blocklen valid? */
|
||||
if (cbc->blocklen < 0 || cbc->blocklen > (int)sizeof(cbc->IV)) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
/* xor IV against plaintext */
|
||||
for (x = 0; x < cbc->blocklen; x++) {
|
||||
tmp[x] = pt[x] ^ cbc->IV[x];
|
||||
@ -77,6 +82,11 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_CBC *cbc)
|
||||
}
|
||||
cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key);
|
||||
|
||||
/* is blocklen valid? */
|
||||
if (cbc->blocklen < 0 || cbc->blocklen > (int)sizeof(cbc->IV)) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
/* xor IV against the plaintext of the previous step */
|
||||
for (x = 0; x < cbc->blocklen; x++) {
|
||||
/* copy CT in case ct == pt */
|
||||
|
15
cfb.c
15
cfb.c
@ -15,6 +15,7 @@ int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key,
|
||||
return err;
|
||||
}
|
||||
|
||||
|
||||
/* copy data */
|
||||
cfb->cipher = cipher;
|
||||
cfb->blocklen = cipher_descriptor[cipher].block_length;
|
||||
@ -44,6 +45,13 @@ int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
|
||||
if ((err = cipher_is_valid(cfb->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
/* is blocklen/padlen valid? */
|
||||
if (cfb->blocklen < 0 || cfb->blocklen > (int)sizeof(cfb->IV) ||
|
||||
cfb->padlen < 0 || cfb->padlen > (int)sizeof(cfb->pad)) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
while (len-- > 0) {
|
||||
if (cfb->padlen == cfb->blocklen) {
|
||||
cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key);
|
||||
@ -68,6 +76,13 @@ int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
|
||||
if ((err = cipher_is_valid(cfb->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
/* is blocklen/padlen valid? */
|
||||
if (cfb->blocklen < 0 || cfb->blocklen > (int)sizeof(cfb->IV) ||
|
||||
cfb->padlen < 0 || cfb->padlen > (int)sizeof(cfb->pad)) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
while (len-- > 0) {
|
||||
if (cfb->padlen == cfb->blocklen) {
|
||||
cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key);
|
||||
|
11
changes
11
changes
@ -1,3 +1,14 @@
|
||||
Mar 15th, 2003
|
||||
v0.82 -- Manual updated
|
||||
-- Added MSVC makefile [back, actually its written from scratch to work with NMAKE]
|
||||
-- Change to HMAC helper functions API to avoid buffer overflow [source changes]
|
||||
-- the rsa_encrypt_key was supposed to reject key sizes out of bounds ...
|
||||
same fix to the rsa_sign_hash
|
||||
-- Added code to ensure that that chaining mode code (cfb/ofb/ctr/cbc) have valid
|
||||
structures when being called. E.g. the indexes to the pad/ivs are not out of bounds
|
||||
-- Cleaned up the DES code and simplified the core desfunc routine.
|
||||
-- Simplified one of the boolean functions in MD4
|
||||
|
||||
Jan 16th, 2003
|
||||
v0.81 -- Merged in new makefile from Clay Culver and Mike Frysinger
|
||||
-- Sped up the ECC mulmod() routine by making the word size adapt to the input. Saves a whopping 9 point
|
||||
|
@ -1,18 +0,0 @@
|
||||
How to use the config.pl script
|
||||
-------------------------------
|
||||
|
||||
The configuration script "config.pl" is very simple to use. It is designed to prompt the user for
|
||||
all the valid libtomcrypt build options then make "makefile.out" and "mycrypt_custom.h". In order to
|
||||
run the script you need Perl installed.
|
||||
|
||||
After running the script you can build the library two ways.
|
||||
|
||||
1) Use the makefile.out it generates. Simply type "make -f makefile.out" to build the library.
|
||||
|
||||
2) Add the libtomcrypt source files to your project. You have to make sure HAVE_CUSTOM is defined when you
|
||||
build the source files. You have to copy "mycrypt_custom.h" into the your projects include path.
|
||||
|
||||
You should copy the library and header files to their respective global search paths.
|
||||
|
||||
To use the library with this system you need only include "mycrypt_custom.h" in your application. It will
|
||||
include the required header files.
|
149
crypt.tex
149
crypt.tex
@ -1,6 +1,10 @@
|
||||
\documentclass{book}
|
||||
\usepackage{makeidx}
|
||||
\usepackage{amssymb}
|
||||
\usepackage{color}
|
||||
\usepackage{alltt}
|
||||
\usepackage{graphicx}
|
||||
\usepackage{layout}
|
||||
\def\union{\cup}
|
||||
\def\intersect{\cap}
|
||||
\def\getsrandom{\stackrel{\rm R}{\gets}}
|
||||
@ -44,12 +48,12 @@
|
||||
\def\gap{\vspace{0.5ex}}
|
||||
\makeindex
|
||||
\begin{document}
|
||||
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.80}
|
||||
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.82}
|
||||
\author{Tom St Denis \\
|
||||
Algonquin College \\
|
||||
\\
|
||||
tomstdenis@yahoo.com \\
|
||||
http://libtomcrypt.iahu.ca \\ \\
|
||||
tomstdenis@iahu.ca \\
|
||||
http://libtomcrypt.org \\ \\
|
||||
Phone: 1-613-836-3160\\
|
||||
111 Banning Rd \\
|
||||
Kanata, Ontario \\
|
||||
@ -66,10 +70,14 @@ pseudo-random number generators, public key cryptography (via RSA,DH or ECC/DH)
|
||||
routines. It is designed to compile out of the box with the GNU C Compiler (GCC) version 2.95.3 (and higher)
|
||||
and with MSVC version 6 in win32.
|
||||
|
||||
The library has been successfully tested on quite a few other platforms ranging from the ARM7TDMI in a
|
||||
Gameboy Advanced to various PowerPC processors and even the MIPS processor in the PlayStation 2. Suffice it
|
||||
to say the code is portable.
|
||||
|
||||
The library is designed so new ciphers/hashes/PRNGs can be added at runtime and the existing API (and helper API functions) will
|
||||
be able to use the new designs automatically. There exist self-check functions for each cipher and hash to ensure that
|
||||
they compile and execute to the published design specifications. The library also performs extensive parameter error checking
|
||||
and will give verbose error messages.
|
||||
and will give verbose error messages when possible.
|
||||
|
||||
Essentially the library saves the time of having to implement the ciphers, hashes, prngs yourself. Typically implementing
|
||||
useful cryptography is an error prone business which means anything that can save considerable time and effort is a good
|
||||
@ -89,11 +97,11 @@ number theory and cryptography.
|
||||
|
||||
\subsection{What the library IS NOT for?}
|
||||
|
||||
The library is not designed to be in anyway an implementation of the SSL, PKCS or OpenPGP standards. The library is not
|
||||
designed to be compliant with any known form of API or programming hierarchy. It is not a port of any other
|
||||
The library is not designed to be in anyway an implementation of the SSL, PKCS, P1363 or OpenPGP standards. The library
|
||||
is not designed to be compliant with any known form of API or programming hierarchy. It is not a port of any other
|
||||
library and it is not platform specific (like the MS CSP). So if you're looking to drop in some buzzword
|
||||
compliant crypto this library is not for you. The library has been written from scratch to provide basic
|
||||
functions as well as non-standard higher level functions.
|
||||
compliant crypto library this is not for you. The library has been written from scratch to provide basic functions as
|
||||
well as non-standard higher level functions.
|
||||
|
||||
This is not to say that the library is a ``homebrew'' project. All of the symmetric ciphers and one-way hash functions
|
||||
conform to published test vectors. The public key functions are derived from publicly available material and the majority
|
||||
@ -101,8 +109,11 @@ of the code has been reviewed by a growing community of developers.
|
||||
|
||||
\subsubsection{Why not?}
|
||||
You may be asking why I didn't choose to go all out and support standards like P1363, PKCS and the whole lot. The reason
|
||||
is quite simple too much money gets in the way. I just recently tried to access the P1363 draft documents and was denied (it
|
||||
requires a password). If people are supposed to support these standards they had better make them more accessible.
|
||||
is quite simple too much money gets in the way. When I tried to access the P1363 draft documents and was denied (it
|
||||
requires a password) I realized that they're just a business anyways. See what happens is a company will sit down and
|
||||
invent a ``standard''. Then they try to sell it to as many people as they can. All of a sudden this ``standard'' is
|
||||
everywhere. Then the standard is updated every so often to keep people dependent. Then you become RSA. If people are
|
||||
supposed to support these standards they had better make them more accessible.
|
||||
|
||||
\section{Why did I write it?}
|
||||
You may be wondering, ``Tom, why did you write a crypto library. I already have one.''. Well the reason falls into
|
||||
@ -122,6 +133,29 @@ know how to use Safer+ or RC6 or Serpent or ... as well. With all of the core f
|
||||
that can be used to make a program automatically pick between ciphers, hashes and PRNGs at runtime. That means your
|
||||
application can support all ciphers/hashes/prngs without changing the source code.
|
||||
|
||||
\subsection{Modular}
|
||||
The LibTomCrypt package has also been written to be very modular. The block ciphers, one-way hashes and
|
||||
pseudo-random number generators (PRNG) are all used within the API through ``descriptor'' tables which
|
||||
are essentially structures with pointers to functions. While you can still call particular functions
|
||||
directly (\textit{e.g. sha256\_process()}) this descriptor interface allows the developer to customize their
|
||||
usage of the library.
|
||||
|
||||
For example, consider a hardware platform with a specialized RNG device. Obviously one would like to tap
|
||||
that for the PRNG needs within the library (\textit{e.g. making a RSA key}). All the developer has todo
|
||||
is write a descriptor and the few support routines required for the device. After that the rest of the
|
||||
API can make use of it without change. Similiarly imagine a few years down the road when AES2 (\textit{or whatever they call it}) is
|
||||
invented. It can be added to the library and used within applications with zero modifications to the
|
||||
end applications provided they are written properly.
|
||||
|
||||
This flexibility within the library means it can be used with any combination of primitive algorithms and
|
||||
unlike libraries like OpenSSL is not tied to direct routines. For instance, in OpenSSL there are CBC block
|
||||
mode routines for every single cipher. That means every time you add or remove a cipher from the library
|
||||
you have to update the associated support code as well. In LibTomCrypt the associated code (\textit{chaining modes in this case})
|
||||
are not directly tied to the ciphers. That is a new cipher can be added to the library by simply providing
|
||||
the key setup, ECB decrypt and encrypt and test vector routines. After that all five chaining mode routines
|
||||
can make use of the cipher right away.
|
||||
|
||||
|
||||
\section{License}
|
||||
|
||||
All of the source code except for the following files have been written by the author or donated to the project
|
||||
@ -129,21 +163,24 @@ under the TDCAL license:
|
||||
|
||||
\begin{enumerate}
|
||||
\item aes.c
|
||||
\item mpi.c
|
||||
\item rc2.c
|
||||
\item serpent.c
|
||||
\item safer.c
|
||||
\end{enumerate}
|
||||
|
||||
``aes.c'' and ``serpent.c'' were written by Brian Gladman (gladman@seven77.demon.co.uk). They are copyrighted works
|
||||
but were both granted unrestricted usage in any project (commercial or otherwise). ``mpi.c'' was written by Michael
|
||||
Fromberger (sting@linguist.dartmouth.edu). Similarly it is copyrighted work but is free for all purposes.
|
||||
but were both granted unrestricted usage in any project (commercial or otherwise). ``mpi.c'' was originally written
|
||||
by Michael Fromberger (sting@linguist.dartmouth.edu) but has since been replaced with my LibTomMath library.
|
||||
``rc2.c'' is based on publicly available code that is not attributed to a person from the given source. ``safer.c''
|
||||
was written by Richard De Moliner (demoliner@isi.ee.ethz.ch) and is public domain.
|
||||
|
||||
The rest of the code was written either by Tom St Denis or contributed to the project under the ``Tom Doesn't Care
|
||||
About Licenses'' (TDCAL) license. Essentially this license grants the user unlimited distribution and usage (including
|
||||
commercial usage). I assume no risk from usage of the code nor do I guarantee it works as desired or stated.
|
||||
commercial usage). This means that you can use the package, you can re-distribute the package and even branch it. I
|
||||
still retain ownership over the name of the package. If you want to branch the project you can use the code as a base
|
||||
but you must change the name. The package is also royalty free which means you can use it in commercial products
|
||||
without compensation towards the author. I assume no risk from usage of the code nor do I guarantee it works as
|
||||
desired or stated.
|
||||
|
||||
\section{Patent Disclosure}
|
||||
|
||||
@ -163,19 +200,16 @@ file ``libtomcrypt.a''.
|
||||
To install the library copy all of the ``.h'' files into your ``\#include'' path and the single libtomcrypt.a file into
|
||||
your library path.
|
||||
|
||||
With MSVC you can build the library with ``make -f makefile.vc''. You must use GNU make to build it even with MSVC
|
||||
due to the limitations of the MS MAKE.
|
||||
With MSVC you can build the library with ``nmake -f makefile.msvc''. This will produce a ``tomcrypt.lib'' file which
|
||||
is the core library. Copy the header files into your MSVC include path and the library in the lib path (typically
|
||||
under where VC98 is installed).
|
||||
|
||||
\section{Building against the library}
|
||||
|
||||
To build an application against the library you obviously must first compile the library. However, an important
|
||||
step is that the build options you use to build the library must be present when you build your application. For
|
||||
instance if ``RC5'' is defined in the makefile when you built the library then you must ensure ``RC5'' is defined when
|
||||
you build your application.
|
||||
|
||||
The simplest way to work with this library is to take the makefile provided and simply add on your project to it as a
|
||||
target (dependent on the library). That way you can be assured that the library and your application are in sync with
|
||||
the build options you provide.
|
||||
In the recent versions the build steps have changed. The build options are now stored in ``mycrypt\_custom.h'' and
|
||||
no longer in the makefile. If you change a build option in that file you must re-build the library from clean to
|
||||
ensure the build is intact. The perl script ``config.pl'' will help setup the custom header and a custom makefile
|
||||
if you want one (the provided ``makefile'' will work with custom configs).
|
||||
|
||||
\section{Thanks}
|
||||
I would like to give thanks to the following people (in no particular order) for helping me develop this project:
|
||||
@ -806,7 +840,7 @@ int main(void)
|
||||
/* add the message */
|
||||
md5_process(&md, in, strlen(in));
|
||||
|
||||
/* get the hash */
|
||||
/* get the hash in out[0..15] */
|
||||
md5_done(&md, out);
|
||||
|
||||
return 0;
|
||||
@ -898,11 +932,12 @@ int hash_filehandle(int hash, FILE *in,
|
||||
unsigned char *dst, unsigned long *outlen);
|
||||
\end{verbatim}
|
||||
|
||||
Both functions return {\bf CRYPT\_OK} on success, otherwise they return an error code. The ``hash'' parameter is
|
||||
All three functions return {\bf CRYPT\_OK} on success, otherwise they return an error code. The ``hash'' parameter is
|
||||
the location in the descriptor table of the hash. The ``*outlen'' variable is used to keep track of the output size. You
|
||||
must set it to the size of your output buffer before calling the functions. When they complete succesfully they store
|
||||
the length of the message digest back in it. The functions are otherwise straightforward. The ``hash\_filehandle'' function
|
||||
assumes that ``in'' is an file handle opened in binary mode. It will not reset the file position after hashing the content.
|
||||
the length of the message digest back in it. The functions are otherwise straightforward. The ``hash\_filehandle''
|
||||
function assumes that ``in'' is an file handle opened in binary mode. It will not reset the file position after
|
||||
hashing the content.
|
||||
|
||||
To perform the above hash with md5 the following code could be used:
|
||||
\begin{small}
|
||||
@ -992,23 +1027,29 @@ are finished with the HMAC process you must call the following function to get t
|
||||
int hmac_done(hmac_state *hmac, unsigned char *hash);
|
||||
\end{verbatim}
|
||||
``hmac'' is the HMAC state you are working with. ``hash'' is the array of octets where the HMAC code should be stored. You
|
||||
must ensure that your destination array is the right size (or just make it of size MAXBLOCKSIZE to be sure). There are
|
||||
two utility functions provided to make using HMACs easier todo.
|
||||
must ensure that your destination array is the right size (or just make it of size MAXBLOCKSIZE to be sure).
|
||||
|
||||
There are two utility functions provided to make using HMACs easier todo. They accept the key and information about the
|
||||
message (file pointer, address in memory) and produce the HMAC result in one shot. These are useful if you want to avoid
|
||||
calling the three step process yourself.
|
||||
|
||||
\begin{verbatim}
|
||||
int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
|
||||
const unsigned char *data, unsigned long len,
|
||||
unsigned char *dst);
|
||||
unsigned char *dst, unsigned long *dstlen);
|
||||
\end{verbatim}
|
||||
This will produce an HMAC code for the array of octets in ``data'' of length ``len''. The index into the hash descriptor table must be provided in ``hash''
|
||||
It uses the key from ``key'' with a key length of ``keylen''. The result is stored in the array of octets``dst''.
|
||||
Similarly for files there is the following function:
|
||||
This will produce an HMAC code for the array of octets in ``data'' of length ``len''. The index into the hash descriptor
|
||||
table must be provided in ``hash'' it uses the key from ``key'' with a key length of ``keylen''.
|
||||
The result is stored in the array of octets ``dst'' and the length in ``dstlen''. Similarly for files there is the
|
||||
following function:
|
||||
\begin{verbatim}
|
||||
int hmac_file(int hash, const char *fname, const unsigned char *key,
|
||||
unsigned long keylen, unsigned char *dst);
|
||||
unsigned long keylen,
|
||||
unsigned char *dst, unsigned long *dstlen);
|
||||
\end{verbatim}
|
||||
``hash'' is the index into the hash descriptor table of the hash you want to use. ``fname'' is the filename to process. ``key''
|
||||
is the array of octets to use as the key. ``keylen'' is the length of the key. ``dst'' is the array of octets where the result
|
||||
should be stored.
|
||||
is the array of octets to use as the key. ``keylen'' is the length of the key. ``dst'' is the array of octets where the
|
||||
result should be stored.
|
||||
|
||||
To test if the HMAC code is working there is the following function:
|
||||
\begin{verbatim}
|
||||
@ -2046,12 +2087,12 @@ int base64_decode(const unsigned char *in, unsigned long len,
|
||||
\end{verbatim}
|
||||
|
||||
\section{The Multiple Precision Integer Library (MPI)}
|
||||
The library comes with a copy of Michael Fromberger's\footnote{Michael J. Fromberger, sting@linguist.Thayer.dartmouth.edu} multiple
|
||||
precision integer library MPI. MPI is a trivial to use ANSI C compatible large integer library. It is free for all uses and
|
||||
is distributed freely.
|
||||
The library comes with a copy of LibTomMath which is a multiple precision integer library written by the
|
||||
author of LibTomCrypt. LibTomMath is a trivial to use ANSI C compatible large integer library which is free
|
||||
for all uses and is distributed freely.
|
||||
|
||||
At the heart of all MPI functions is the data type ``mp\_int'' (defined in mpi.h). This data type is what will hold all large
|
||||
integers. In order to use an mp\_int one must initialize it first, for example:
|
||||
At the heart of all the functions is the data type ``mp\_int'' (defined in tommath.h). This data type is what
|
||||
will hold all large integers. In order to use an mp\_int one must initialize it first, for example:
|
||||
\begin{verbatim}
|
||||
#include <mycrypt.h> /* mycrypt.h includes mpi.h automatically */
|
||||
int main(void)
|
||||
@ -2065,31 +2106,28 @@ int main(void)
|
||||
}
|
||||
\end{verbatim}
|
||||
If you are unfamiliar with the syntax of C the \& symbol is used to pass the address of ``bignum'' to the function. All
|
||||
MPI functions require the address of the parameters. To free the memory of a mp\_int use (for example):
|
||||
LibTomMath functions require the address of the parameters. To free the memory of a mp\_int use (for example):
|
||||
\begin{verbatim}
|
||||
mp_clear(&bignum);
|
||||
\end{verbatim}
|
||||
|
||||
All MPI functions have the basic form of one of the following:
|
||||
The functions also have the basic form of one of the following:
|
||||
\begin{verbatim}
|
||||
mp_XXX(mp_int *a);
|
||||
mp_XXX(mp_int *a, mp_int *b, mp_int *c);
|
||||
mp_XXX(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
|
||||
\end{verbatim}
|
||||
|
||||
Where they perform some operation and store the result in the mp\_int variable passed on the far right. For example, to
|
||||
compute $c = a + b \mbox{ }(\mbox{mod }m)$ you would call:
|
||||
Where they perform some operation and store the result in the mp\_int variable passed on the far right.
|
||||
For example, to compute $c = a + b \mbox{ }(\mbox{mod }m)$ you would call:
|
||||
\begin{verbatim}
|
||||
mp_addmod(&a, &b, &m, &c);
|
||||
\end{verbatim}
|
||||
|
||||
The simplest way to get a complete listing of all MPI functions is to open ``mpi.h'' and look. They're all fairly
|
||||
well documented.
|
||||
|
||||
\subsection{Binary Forms of ``mp\_int'' Variables}
|
||||
|
||||
Often it is required to store a ``mp\_int'' in binary form for transport (e.g. exporting a key, packet encryption, etc.).
|
||||
MPI includes two functions to help when exporting numbers:
|
||||
Often it is required to store a ``mp\_int'' in binary form for transport (e.g. exporting a key, packet
|
||||
encryption, etc.). LibTomMath includes two functions to help when exporting numbers:
|
||||
\begin{verbatim}
|
||||
int mp_raw_size(mp_int *num);
|
||||
mp_toraw(&num, buf);
|
||||
@ -2135,9 +2173,8 @@ will not be able to sign or decrypt messages at all. Suppose $p$ was prime and
|
||||
the multi-prime RSA. Suppose $q = rs$ for two primes $r$ and $s$ then $\phi(pq) = (p - 1)(r - 1)(s - 1)$ which clearly is
|
||||
not equal to $(p - 1)(rs - 1)$.
|
||||
|
||||
These are not technically part of the MPI
|
||||
library\footnote{As written by Michael Fromberger} but this is the best place to document them. To test if a ``mp\_int'' is
|
||||
prime call:
|
||||
These are not technically part of the LibTomMath library but this is the best place to document them.
|
||||
To test if a ``mp\_int'' is prime call:
|
||||
\begin{verbatim}
|
||||
int is_prime(mp_int *N, int *result);
|
||||
\end{verbatim}
|
||||
@ -2279,8 +2316,8 @@ or define ENDIAN\_64BITWORD when its 64-bits. If you do not define any of them
|
||||
which will work on all platforms. Currently the system will automatically detect GCC or MSVC on a windows platform as well
|
||||
as GCC on a PS2 platform.
|
||||
|
||||
\section{The makefile}
|
||||
There are also options you can specify from the makefiles themselves.
|
||||
\section{The Configure Script}
|
||||
There are also options you can specify from the configure script or ``mycrypt\_config.h''.
|
||||
|
||||
\subsubsection{X memory routines}
|
||||
The makefiles must define three macros denoted as XMALLOC, XCALLOC and XFREE which resolve to the name of the respective
|
||||
|
6
ctr.c
6
ctr.c
@ -44,6 +44,12 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
|
||||
return err;
|
||||
}
|
||||
|
||||
/* is blocklen/padlen valid? */
|
||||
if (ctr->blocklen < 0 || ctr->blocklen > (int)sizeof(ctr->ctr) ||
|
||||
ctr->padlen < 0 || ctr->padlen > (int)sizeof(ctr->pad)) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
while (len-- > 0) {
|
||||
/* is the pad empty? */
|
||||
if (ctr->padlen == ctr->blocklen) {
|
||||
|
@ -7,7 +7,7 @@
|
||||
* more functions ;)
|
||||
*/
|
||||
|
||||
#include <mycrypt.h>
|
||||
#include <mycrypt_custom.h>
|
||||
|
||||
int errno;
|
||||
|
||||
|
396
demos/test.c
396
demos/test.c
@ -7,9 +7,9 @@ out the functionality of the library */
|
||||
#include "timer.h"
|
||||
#endif
|
||||
|
||||
#include "../mycrypt.h"
|
||||
#include <mycrypt.h>
|
||||
|
||||
int errno;
|
||||
int errnum;
|
||||
|
||||
|
||||
int
|
||||
@ -128,8 +128,8 @@ ecb_tests (void)
|
||||
printf ("ECB tests\n");
|
||||
for (x = 0; cipher_descriptor[x].name != NULL; x++) {
|
||||
printf (" %12s: ", cipher_descriptor[x].name);
|
||||
if ((errno = cipher_descriptor[x].test ()) != CRYPT_OK) {
|
||||
printf (" **failed** Reason: %s\n", error_to_string (errno));
|
||||
if ((errnum = cipher_descriptor[x].test ()) != CRYPT_OK) {
|
||||
printf (" **failed** Reason: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
} else {
|
||||
printf ("passed\n");
|
||||
@ -154,17 +154,17 @@ cbc_tests (void)
|
||||
blk[x] = IV[x] = x;
|
||||
|
||||
/* now lets start a cbc session */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
cbc_start (find_cipher ("blowfish"), IV, key, 16, 0,
|
||||
&cbc)) != CRYPT_OK) {
|
||||
printf ("CBC Setup: %s\n", error_to_string (errno));
|
||||
printf ("CBC Setup: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* now lets encode 32 bytes */
|
||||
for (x = 0; x < 4; x++) {
|
||||
if ((errno = cbc_encrypt (blk + 8 * x, ct + 8 * x, &cbc)) != CRYPT_OK) {
|
||||
printf ("CBC encrypt: %s\n", error_to_string (errno));
|
||||
if ((errnum = cbc_encrypt (blk + 8 * x, ct + 8 * x, &cbc)) != CRYPT_OK) {
|
||||
printf ("CBC encrypt: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -177,17 +177,17 @@ cbc_tests (void)
|
||||
IV[x] = x;
|
||||
|
||||
/* now lets start a cbc session */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
cbc_start (find_cipher ("blowfish"), IV, key, 16, 0,
|
||||
&cbc)) != CRYPT_OK) {
|
||||
printf ("CBC Setup: %s\n", error_to_string (errno));
|
||||
printf ("CBC Setup: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* now lets decode 32 bytes */
|
||||
for (x = 0; x < 4; x++) {
|
||||
if ((errno = cbc_decrypt (ct + 8 * x, blk + 8 * x, &cbc)) != CRYPT_OK) {
|
||||
printf ("CBC decrypt: %s\n", error_to_string (errno));
|
||||
if ((errnum = cbc_decrypt (ct + 8 * x, blk + 8 * x, &cbc)) != CRYPT_OK) {
|
||||
printf ("CBC decrypt: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -240,16 +240,16 @@ ofb_tests (void)
|
||||
blk[x] = IV[x] = x;
|
||||
|
||||
/* now lets start a ofb session */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
ofb_start (find_cipher ("cast5"), IV, key, 16, 0, &ofb)) != CRYPT_OK) {
|
||||
printf ("OFB Setup: %s\n", error_to_string (errno));
|
||||
printf ("OFB Setup: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* now lets encode 32 bytes */
|
||||
for (x = 0; x < 4; x++) {
|
||||
if ((errno = ofb_encrypt (blk + 8 * x, ct + 8 * x, 8, &ofb)) != CRYPT_OK) {
|
||||
printf ("OFB encrypt: %s\n", error_to_string (errno));
|
||||
if ((errnum = ofb_encrypt (blk + 8 * x, ct + 8 * x, 8, &ofb)) != CRYPT_OK) {
|
||||
printf ("OFB encrypt: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -262,16 +262,16 @@ ofb_tests (void)
|
||||
IV[x] = x;
|
||||
|
||||
/* now lets start a ofb session */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
ofb_start (find_cipher ("cast5"), IV, key, 16, 0, &ofb)) != CRYPT_OK) {
|
||||
printf ("OFB setup: %s\n", error_to_string (errno));
|
||||
printf ("OFB setup: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* now lets decode 32 bytes */
|
||||
for (x = 0; x < 4; x++) {
|
||||
if ((errno = ofb_decrypt (ct + 8 * x, blk + 8 * x, 8, &ofb)) != CRYPT_OK) {
|
||||
printf ("OFB decrypt: %s\n", error_to_string (errno));
|
||||
if ((errnum = ofb_decrypt (ct + 8 * x, blk + 8 * x, 8, &ofb)) != CRYPT_OK) {
|
||||
printf ("OFB decrypt: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -307,17 +307,17 @@ cfb_tests (void)
|
||||
blk[x] = IV[x] = x;
|
||||
|
||||
/* now lets start a cfb session */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
cfb_start (find_cipher ("blowfish"), IV, key, 16, 0,
|
||||
&cfb)) != CRYPT_OK) {
|
||||
printf ("CFB setup: %s\n", error_to_string (errno));
|
||||
printf ("CFB setup: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* now lets encode 32 bytes */
|
||||
for (x = 0; x < 4; x++) {
|
||||
if ((errno = cfb_encrypt (blk + 8 * x, ct + 8 * x, 8, &cfb)) != CRYPT_OK) {
|
||||
printf ("CFB encrypt: %s\n", error_to_string (errno));
|
||||
if ((errnum = cfb_encrypt (blk + 8 * x, ct + 8 * x, 8, &cfb)) != CRYPT_OK) {
|
||||
printf ("CFB encrypt: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -330,17 +330,17 @@ cfb_tests (void)
|
||||
IV[x] = x;
|
||||
|
||||
/* now lets start a cfb session */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
cfb_start (find_cipher ("blowfish"), IV, key, 16, 0,
|
||||
&cfb)) != CRYPT_OK) {
|
||||
printf ("CFB Setup: %s\n", error_to_string (errno));
|
||||
printf ("CFB Setup: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* now lets decode 32 bytes */
|
||||
for (x = 0; x < 4; x++) {
|
||||
if ((errno = cfb_decrypt (ct + 8 * x, blk + 8 * x, 8, &cfb)) != CRYPT_OK) {
|
||||
printf ("CFB decrypt: %s\n", error_to_string (errno));
|
||||
if ((errnum = cfb_decrypt (ct + 8 * x, blk + 8 * x, 8, &cfb)) != CRYPT_OK) {
|
||||
printf ("CFB decrypt: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -378,17 +378,17 @@ ctr_tests (void)
|
||||
blk[x] = count[x] = x;
|
||||
|
||||
/* now lets start a ctr session */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
ctr_start (find_cipher ("xtea"), count, key, 16, 0,
|
||||
&ctr)) != CRYPT_OK) {
|
||||
printf ("CTR Setup: %s\n", error_to_string (errno));
|
||||
printf ("CTR Setup: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* now lets encode 32 bytes */
|
||||
for (x = 0; x < 4; x++) {
|
||||
if ((errno = ctr_encrypt (blk + 8 * x, ct + 8 * x, 8, &ctr)) != CRYPT_OK) {
|
||||
printf ("CTR encrypt: %s\n", error_to_string (errno));
|
||||
if ((errnum = ctr_encrypt (blk + 8 * x, ct + 8 * x, 8, &ctr)) != CRYPT_OK) {
|
||||
printf ("CTR encrypt: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -401,17 +401,17 @@ ctr_tests (void)
|
||||
count[x] = x;
|
||||
|
||||
/* now lets start a cbc session */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
ctr_start (find_cipher ("xtea"), count, key, 16, 0,
|
||||
&ctr)) != CRYPT_OK) {
|
||||
printf ("CTR Setup: %s\n", error_to_string (errno));
|
||||
printf ("CTR Setup: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* now lets decode 32 bytes */
|
||||
for (x = 0; x < 4; x++) {
|
||||
if ((errno = ctr_decrypt (ct + 8 * x, blk + 8 * x, 8, &ctr)) != CRYPT_OK) {
|
||||
printf ("CTR decrypt: %s\n", error_to_string (errno));
|
||||
if ((errnum = ctr_decrypt (ct + 8 * x, blk + 8 * x, 8, &ctr)) != CRYPT_OK) {
|
||||
printf ("CTR decrypt: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -457,10 +457,12 @@ hash_tests (void)
|
||||
printf ("Hash tests\n");
|
||||
for (x = 0; hash_descriptor[x].name != NULL; x++) {
|
||||
printf (" %10s (%2d) ", hash_descriptor[x].name, hash_descriptor[x].ID);
|
||||
if ((errno = hash_descriptor[x].test ()) != CRYPT_OK)
|
||||
printf ("**failed** Reason: %s\n", error_to_string (errno));
|
||||
else
|
||||
if ((errnum = hash_descriptor[x].test ()) != CRYPT_OK) {
|
||||
printf ("**failed** Reason: %s\n", error_to_string (errnum));
|
||||
exit(-1);
|
||||
} else {
|
||||
printf ("passed\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -477,17 +479,17 @@ pad_test (void)
|
||||
|
||||
/* pad the message so that random filler is placed before and after it */
|
||||
y = 100;
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
rsa_pad (in, 16, out, &y, find_prng ("yarrow"), &prng)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* depad the message to get the original content */
|
||||
memset (in, 0, sizeof (in));
|
||||
x = 100;
|
||||
if ((errno = rsa_depad (out, y, in, &x)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = rsa_depad (out, y, in, &x)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -516,25 +518,25 @@ rsa_test (void)
|
||||
|
||||
/* ---- SINGLE ENCRYPT ---- */
|
||||
/* encrypt a short 8 byte string */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
rsa_make_key (&prng, find_prng ("yarrow"), 1024 / 8, 65537,
|
||||
&key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
for (x = 0; x < 8; x++)
|
||||
in[x] = (unsigned char) (x + 1);
|
||||
y = sizeof (in);
|
||||
if ((errno = rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* decrypt it */
|
||||
zeromem (in, sizeof (in));
|
||||
x = sizeof (out);
|
||||
if ((errno = rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -551,16 +553,16 @@ rsa_test (void)
|
||||
for (x = 0; x < 16; x++)
|
||||
in[x] = x;
|
||||
y = sizeof (out);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
rsa_encrypt_key (in, 16, out, &y, &prng, find_prng ("yarrow"),
|
||||
&key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
zeromem (in, sizeof (in));
|
||||
x = sizeof (in);
|
||||
if ((errno = rsa_decrypt_key (out, y, in, &x, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = rsa_decrypt_key (out, y, in, &x, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("RSA en/de crypt key routines: ");
|
||||
@ -579,19 +581,19 @@ rsa_test (void)
|
||||
for (x = 0; x < 16; x++)
|
||||
in[x] = x;
|
||||
x = sizeof (in);
|
||||
if ((errno = rsa_sign_hash (in, 16, out, &x, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = rsa_sign_hash (in, 16, out, &x, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("RSA signed hash: %lu bytes\n", x);
|
||||
if ((errno = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("Verify hash: %s, ", stat ? "passed" : "failed");
|
||||
in[0] ^= 1;
|
||||
if ((errno = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = rsa_verify_hash (out, x, in, &stat, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("%s\n", (!stat) ? "passed" : "failed");
|
||||
@ -612,10 +614,10 @@ rsa_test (void)
|
||||
for (z = 1024; z <= limit; z += 512) {
|
||||
t = XCLOCK ();
|
||||
for (tt = 0; tt < 3; tt++) {
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
rsa_make_key (&prng, find_prng ("yarrow"), z / 8, 65537,
|
||||
&key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
if (tt < 2)
|
||||
@ -630,9 +632,9 @@ rsa_test (void)
|
||||
|
||||
for (tt = 0; tt < 100; tt++) {
|
||||
y = sizeof (in);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
rsa_exptmod (in, 8, out, &y, PK_PUBLIC, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -644,9 +646,9 @@ rsa_test (void)
|
||||
t = XCLOCK ();
|
||||
for (tt = 0; tt < 100; tt++) {
|
||||
x = sizeof (out);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
rsa_exptmod (out, y, in, &x, PK_PRIVATE, &key)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
}
|
||||
@ -688,14 +690,14 @@ base64_test (void)
|
||||
|
||||
x = 100;
|
||||
if (base64_encode (buf[0], 16, buf[1], &x) != CRYPT_OK) {
|
||||
printf (" error: %s\n", error_to_string (errno));
|
||||
printf (" error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf (" encoded 16 bytes to %ld bytes...[%s]\n", x, buf[1]);
|
||||
memset (buf[0], 0, 100);
|
||||
y = 100;
|
||||
if (base64_decode (buf[1], x, buf[0], &y) != CRYPT_OK) {
|
||||
printf (" error: %s\n", error_to_string (errno));
|
||||
printf (" error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf (" decoded %ld bytes to %ld bytes\n", x, y);
|
||||
@ -726,7 +728,7 @@ time_hash (void)
|
||||
t1 = XCLOCK ();
|
||||
z = sizeof (out);
|
||||
y = 0;
|
||||
while (XCLOCK () - t1 < (3 * XCLOCKS_PER_SEC)) {
|
||||
while (XCLOCK () - t1 < (5 * XCLOCKS_PER_SEC)) {
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
@ -743,7 +745,23 @@ time_hash (void)
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
y += 16;
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
hash_memory (x, input, 4096, out, &z);
|
||||
y += 32;
|
||||
}
|
||||
t1 = XCLOCK () - t1;
|
||||
printf ("%-20s: Hash at %5.2f Mbit/sec\n", hash_descriptor[x].name,
|
||||
@ -825,33 +843,33 @@ dh_tests (void)
|
||||
dh_key usera, userb;
|
||||
clock_t t1;
|
||||
|
||||
/* if ((errno = dh_test()) != CRYPT_OK) printf("DH Error: %s\n", error_to_string(errno)); */
|
||||
/* if ((errnum = dh_test()) != CRYPT_OK) printf("DH Error: %s\n", error_to_string(errnum)); */
|
||||
|
||||
dh_sizes (&low, &high);
|
||||
printf ("DH Keys from %d to %d supported.\n", low * 8, high * 8);
|
||||
|
||||
/* make up two keys */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
dh_make_key (&prng, find_prng ("yarrow"), 96, &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
dh_make_key (&prng, find_prng ("yarrow"), 96, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* make the shared secret */
|
||||
x = 4096;
|
||||
if ((errno = dh_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = dh_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
y = 4096;
|
||||
if ((errno = dh_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = dh_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
if (y != x) {
|
||||
@ -865,20 +883,20 @@ dh_tests (void)
|
||||
|
||||
/* now export userb */
|
||||
y = 4096;
|
||||
if ((errno = dh_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = dh_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
dh_free (&userb);
|
||||
|
||||
/* import and make the shared secret again */
|
||||
if ((errno = dh_import (buf[1], y, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = dh_import (buf[1], y, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
z = 4096;
|
||||
if ((errno = dh_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = dh_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -902,13 +920,13 @@ dh_tests (void)
|
||||
|
||||
for (ii = 0; ii < (int) (sizeof (sizes) / sizeof (sizes[0])); ii++) {
|
||||
t1 = XCLOCK ();
|
||||
for (tt = 0; tt < 50; tt++) {
|
||||
for (tt = 0; tt < 5; tt++) {
|
||||
dh_make_key (&prng, find_prng ("yarrow"), sizes[ii], &usera);
|
||||
dh_free (&usera);
|
||||
}
|
||||
t1 = XCLOCK () - t1;
|
||||
printf ("Make dh-%d key took %f msec\n", sizes[ii] * 8,
|
||||
1000.0 * (((double) t1 / 50.0) / (double) XCLOCKS_PER_SEC));
|
||||
1000.0 * (((double) t1 / 5.0) / (double) XCLOCKS_PER_SEC));
|
||||
}
|
||||
}
|
||||
|
||||
@ -917,16 +935,16 @@ dh_tests (void)
|
||||
for (x = 0; x < 16; x++)
|
||||
buf[0][x] = x;
|
||||
y = sizeof (buf[1]);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
dh_encrypt_key (buf[0], 16, buf[1], &y, &prng, find_prng ("yarrow"),
|
||||
find_hash ("md5"), &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
zeromem (buf[0], sizeof (buf[0]));
|
||||
x = sizeof (buf[0]);
|
||||
if ((errno = dh_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = dh_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("DH en/de crypt key routines: ");
|
||||
@ -945,19 +963,19 @@ dh_tests (void)
|
||||
for (x = 0; x < 16; x++)
|
||||
buf[0][x] = x;
|
||||
x = sizeof (buf[1]);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
dh_sign_hash (buf[0], 16, buf[1], &x, &prng, find_prng ("yarrow"),
|
||||
&usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
if (dh_verify_hash (buf[1], x, buf[0], 16, &stat, &usera)) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
buf[0][0] ^= 1;
|
||||
if (dh_verify_hash (buf[1], x, buf[0], 16, &stat2, &usera)) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("dh_sign/verify_hash: %s (%d,%d), %lu\n",
|
||||
@ -1002,10 +1020,10 @@ rng_tests (void)
|
||||
printf ("\n");
|
||||
|
||||
#ifdef YARROW
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
rng_make_prng (128, find_prng ("yarrow"), &prng,
|
||||
&callback)) != CRYPT_OK) {
|
||||
printf (" starting yarrow error: %s\n", error_to_string (errno));
|
||||
printf (" starting yarrow error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
#endif
|
||||
@ -1021,8 +1039,8 @@ ecc_tests (void)
|
||||
ecc_key usera, userb;
|
||||
clock_t t1;
|
||||
|
||||
if ((errno = ecc_test ()) != CRYPT_OK) {
|
||||
printf ("ecc Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = ecc_test ()) != CRYPT_OK) {
|
||||
printf ("ecc Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1030,27 +1048,27 @@ ecc_tests (void)
|
||||
printf ("ecc Keys from %d to %d supported.\n", low * 8, high * 8);
|
||||
|
||||
/* make up two keys */
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
ecc_make_key (&prng, find_prng ("yarrow"), 24, &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
ecc_make_key (&prng, find_prng ("yarrow"), 24, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* make the shared secret */
|
||||
x = 4096;
|
||||
if ((errno = ecc_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = ecc_shared_secret (&usera, &userb, buf[0], &x)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
y = 4096;
|
||||
if ((errno = ecc_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = ecc_shared_secret (&userb, &usera, buf[1], &y)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1066,22 +1084,22 @@ ecc_tests (void)
|
||||
|
||||
/* now export userb */
|
||||
y = 4096;
|
||||
if ((errno = ecc_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = ecc_export (buf[1], &y, PK_PUBLIC, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
ecc_free (&userb);
|
||||
printf ("ECC-192 export took %ld bytes\n", y);
|
||||
|
||||
/* import and make the shared secret again */
|
||||
if ((errno = ecc_import (buf[1], y, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = ecc_import (buf[1], y, &userb)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
z = 4096;
|
||||
if ((errno = ecc_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = ecc_shared_secret (&usera, &userb, buf[2], &z)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1106,10 +1124,10 @@ ecc_tests (void)
|
||||
for (ii = 0; ii < (int) (sizeof (sizes) / sizeof (sizes[0])); ii++) {
|
||||
t1 = XCLOCK ();
|
||||
for (tt = 0; tt < 25; tt++) {
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
ecc_make_key (&prng, find_prng ("yarrow"), sizes[ii],
|
||||
&usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
ecc_free (&usera);
|
||||
@ -1121,28 +1139,28 @@ ecc_tests (void)
|
||||
}
|
||||
|
||||
/* test encrypt_key */
|
||||
ecc_make_key (&prng, find_prng ("yarrow"), 65, &usera);
|
||||
for (x = 0; x < 16; x++)
|
||||
ecc_make_key (&prng, find_prng ("yarrow"), 28, &usera);
|
||||
for (x = 0; x < 32; x++)
|
||||
buf[0][x] = x;
|
||||
y = sizeof (buf[1]);
|
||||
if ((errno =
|
||||
ecc_encrypt_key (buf[0], 16, buf[1], &y, &prng, find_prng ("yarrow"),
|
||||
find_hash ("md5"), &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum =
|
||||
ecc_encrypt_key (buf[0], 32, buf[1], &y, &prng, find_prng ("yarrow"),
|
||||
find_hash ("sha256"), &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
zeromem (buf[0], sizeof (buf[0]));
|
||||
x = sizeof (buf[0]);
|
||||
if ((errno = ecc_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
if ((errnum = ecc_decrypt_key (buf[1], y, buf[0], &x, &usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("ECC en/de crypt key routines: ");
|
||||
if (x != 16) {
|
||||
if (x != 32) {
|
||||
printf ("Failed (length)\n");
|
||||
exit (-1);
|
||||
}
|
||||
for (x = 0; x < 16; x++)
|
||||
for (x = 0; x < 32; x++)
|
||||
if (buf[0][x] != x) {
|
||||
printf ("Failed (contents)\n");
|
||||
exit (-1);
|
||||
@ -1152,19 +1170,19 @@ ecc_tests (void)
|
||||
for (x = 0; x < 16; x++)
|
||||
buf[0][x] = x;
|
||||
x = sizeof (buf[1]);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
ecc_sign_hash (buf[0], 16, buf[1], &x, &prng, find_prng ("yarrow"),
|
||||
&usera)) != CRYPT_OK) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
if (ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &usera)) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
buf[0][0] ^= 1;
|
||||
if (ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &usera)) {
|
||||
printf ("Error: %s\n", error_to_string (errno));
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("ecc_sign/verify_hash: %s (%d,%d)\n",
|
||||
@ -1374,35 +1392,35 @@ kr_display (pk_key * kr)
|
||||
void
|
||||
kr_test_makekeys (pk_key ** kr)
|
||||
{
|
||||
if ((errno = kr_init (kr)) != CRYPT_OK) {
|
||||
printf ("KR init error %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_init (kr)) != CRYPT_OK) {
|
||||
printf ("KR init error %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* make a DH key */
|
||||
printf ("KR: Making DH key...\n");
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
kr_make_key (*kr, &prng, find_prng ("yarrow"), DH_KEY, 128, "dhkey",
|
||||
"dh@dh.dh", "dhkey one")) != CRYPT_OK) {
|
||||
printf ("Make key error: %s\n", error_to_string (errno));
|
||||
printf ("Make key error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* make a ECC key */
|
||||
printf ("KR: Making ECC key...\n");
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
kr_make_key (*kr, &prng, find_prng ("yarrow"), ECC_KEY, 20, "ecckey",
|
||||
"ecc@ecc.ecc", "ecckey one")) != CRYPT_OK) {
|
||||
printf ("Make key error: %s\n", error_to_string (errno));
|
||||
printf ("Make key error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
/* make a RSA key */
|
||||
printf ("KR: Making RSA key...\n");
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
kr_make_key (*kr, &prng, find_prng ("yarrow"), RSA_KEY, 128, "rsakey",
|
||||
"rsa@rsa.rsa", "rsakey one")) != CRYPT_OK) {
|
||||
printf ("Make key error: %s\n", error_to_string (errno));
|
||||
printf ("Make key error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1426,18 +1444,18 @@ kr_test (void)
|
||||
|
||||
for (i = 0; i < 3; i++) {
|
||||
len = sizeof (buf);
|
||||
if ((errno = kr_export (kr, kr->ID, kr->key_type, buf, &len)) != CRYPT_OK) {
|
||||
printf ("Error exporting key %d, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_export (kr, kr->ID, kr->key_type, buf, &len)) != CRYPT_OK) {
|
||||
printf ("Error exporting key %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("Exported key was: %lu bytes\n", len);
|
||||
if ((errno = kr_del (&kr, kr->ID)) != CRYPT_OK) {
|
||||
printf ("Error deleting key %d, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_del (&kr, kr->ID)) != CRYPT_OK) {
|
||||
printf ("Error deleting key %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
kr_display (kr);
|
||||
if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) {
|
||||
printf ("Error importing key %d, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) {
|
||||
printf ("Error importing key %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
kr_display (kr);
|
||||
@ -1445,25 +1463,25 @@ kr_test (void)
|
||||
|
||||
for (i = 0; i < 3; i++) {
|
||||
len = sizeof (buf);
|
||||
if ((errno = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) {
|
||||
printf ("Error exporting key %d, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) {
|
||||
printf ("Error exporting key %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("Exported key was: %lu bytes\n", len);
|
||||
if ((errno = kr_del (&kr, kr->ID)) != CRYPT_OK) {
|
||||
printf ("Error deleting key %d, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_del (&kr, kr->ID)) != CRYPT_OK) {
|
||||
printf ("Error deleting key %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
kr_display (kr);
|
||||
if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) {
|
||||
printf ("Error importing key %d, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) {
|
||||
printf ("Error importing key %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
kr_display (kr);
|
||||
}
|
||||
|
||||
if ((errno = kr_clear (&kr)) != CRYPT_OK) {
|
||||
printf ("Error clearing ring: %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_clear (&kr)) != CRYPT_OK) {
|
||||
printf ("Error clearing ring: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1471,29 +1489,29 @@ kr_test (void)
|
||||
/* TEST output to file */
|
||||
#ifndef NO_FILE
|
||||
|
||||
if ((errno = kr_init (&kr)) != CRYPT_OK) {
|
||||
printf ("KR init error %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_init (&kr)) != CRYPT_OK) {
|
||||
printf ("KR init error %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
kr_test_makekeys (&kr);
|
||||
|
||||
/* save to file */
|
||||
f = fopen ("ring.dat", "wb");
|
||||
if ((errno = kr_save (kr, f, NULL)) != CRYPT_OK) {
|
||||
printf ("kr_save error %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_save (kr, f, NULL)) != CRYPT_OK) {
|
||||
printf ("kr_save error %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
fclose (f);
|
||||
|
||||
/* delete and load */
|
||||
if ((errno = kr_clear (&kr)) != CRYPT_OK) {
|
||||
printf ("clear error: %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_clear (&kr)) != CRYPT_OK) {
|
||||
printf ("clear error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
f = fopen ("ring.dat", "rb");
|
||||
if ((errno = kr_load (&kr, f, NULL)) != CRYPT_OK) {
|
||||
printf ("kr_load error %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_load (&kr, f, NULL)) != CRYPT_OK) {
|
||||
printf ("kr_load error %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
fclose (f);
|
||||
@ -1501,8 +1519,8 @@ kr_test (void)
|
||||
printf ("After load and save...\n");
|
||||
kr_display (kr);
|
||||
|
||||
if ((errno = kr_clear (&kr)) != CRYPT_OK) {
|
||||
printf ("clear error: %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_clear (&kr)) != CRYPT_OK) {
|
||||
printf ("clear error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
#endif
|
||||
@ -1516,16 +1534,16 @@ kr_test (void)
|
||||
printf ("Testing a key with system %d, type %d:\t", _kr->system,
|
||||
_kr->key_type);
|
||||
len = sizeof (buf2);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
kr_encrypt_key (kr, _kr->ID, buf, 16, buf2, &len, &prng,
|
||||
find_prng ("yarrow"),
|
||||
find_hash ("md5"))) != CRYPT_OK) {
|
||||
printf ("Encrypt error, %d, %s\n", i, error_to_string (errno));
|
||||
printf ("Encrypt error, %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
len = sizeof (buf3);
|
||||
if ((errno = kr_decrypt_key (kr, buf2, buf3, &len)) != CRYPT_OK) {
|
||||
printf ("decrypt error, %d, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_decrypt_key (kr, buf2, buf3, &len)) != CRYPT_OK) {
|
||||
printf ("decrypt error, %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
if (len != 16 || memcmp (buf3, buf, 16)) {
|
||||
@ -1535,28 +1553,28 @@ kr_test (void)
|
||||
printf ("kr_encrypt_key passed, ");
|
||||
|
||||
len = sizeof (buf2);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
kr_sign_hash (kr, _kr->ID, buf, 32, buf2, &len, &prng,
|
||||
find_prng ("yarrow"))) != CRYPT_OK) {
|
||||
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno));
|
||||
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("kr_sign_hash: ");
|
||||
if ((errno = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) {
|
||||
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) {
|
||||
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("%s, ", stat ? "passed" : "failed");
|
||||
buf[15] ^= 1;
|
||||
if ((errno = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) {
|
||||
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_verify_hash (kr, buf2, buf, 32, &stat)) != CRYPT_OK) {
|
||||
printf ("kr_sign_hash failed, %i, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf ("%s\n", (!stat) ? "passed" : "failed");
|
||||
buf[15] ^= 1;
|
||||
|
||||
len = sizeof (buf);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
kr_fingerprint (kr, _kr->ID, find_hash ("sha1"), buf,
|
||||
&len)) != CRYPT_OK) {
|
||||
printf ("kr_fingerprint failed, %i, %lu\n", i, len);
|
||||
@ -1581,8 +1599,8 @@ kr_test (void)
|
||||
|
||||
/* now export it as public and private */
|
||||
len = sizeof (buf);
|
||||
if ((errno = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) {
|
||||
printf ("Error exporting key %d, %s\n", i, error_to_string (errno));
|
||||
if ((errnum = kr_export (kr, kr->ID, PK_PUBLIC, buf, &len)) != CRYPT_OK) {
|
||||
printf ("Error exporting key %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1590,8 +1608,8 @@ kr_test (void)
|
||||
memset (buf + len, 0, sizeof (buf) - len);
|
||||
|
||||
len = sizeof (buf2);
|
||||
if ((errno = kr_export (kr, kr->ID, PK_PRIVATE, buf2, &len)) != CRYPT_OK) {
|
||||
printf ("Error exporting key %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_export (kr, kr->ID, PK_PRIVATE, buf2, &len)) != CRYPT_OK) {
|
||||
printf ("Error exporting key %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1602,8 +1620,8 @@ kr_test (void)
|
||||
kr_clear (&kr);
|
||||
kr_init (&kr);
|
||||
kr_display (kr);
|
||||
if ((errno = kr_import (kr, buf, len)) != CRYPT_OK) {
|
||||
printf ("Error importing key %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_import (kr, buf, len)) != CRYPT_OK) {
|
||||
printf ("Error importing key %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
kr_display (kr);
|
||||
@ -1612,11 +1630,11 @@ kr_test (void)
|
||||
for (i = 0; i < 16; i++)
|
||||
buf[i] = i;
|
||||
len = sizeof (buf3);
|
||||
if ((errno =
|
||||
if ((errnum =
|
||||
kr_encrypt_key (kr, kr->ID, buf, 16, buf3, &len, &prng,
|
||||
find_prng ("yarrow"),
|
||||
find_hash ("md5"))) != CRYPT_OK) {
|
||||
printf ("Encrypt error, %d, %s\n", i, error_to_string (errno));
|
||||
printf ("Encrypt error, %d, %s\n", i, error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1624,16 +1642,16 @@ kr_test (void)
|
||||
kr_clear (&kr);
|
||||
kr_init (&kr);
|
||||
kr_display (kr);
|
||||
if ((errno = kr_import (kr, buf2, len)) != CRYPT_OK) {
|
||||
printf ("Error importing key %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_import (kr, buf2, len)) != CRYPT_OK) {
|
||||
printf ("Error importing key %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
kr_display (kr);
|
||||
|
||||
/* now decrypt */
|
||||
len = sizeof (buf2);
|
||||
if ((errno = kr_decrypt_key (kr, buf3, buf2, &len)) != CRYPT_OK) {
|
||||
printf ("decrypt error, %s\n", error_to_string (errno));
|
||||
if ((errnum = kr_decrypt_key (kr, buf3, buf2, &len)) != CRYPT_OK) {
|
||||
printf ("decrypt error, %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
|
||||
@ -1697,14 +1715,14 @@ main (void)
|
||||
|
||||
register_all_algs ();
|
||||
|
||||
if ((errno = yarrow_start (&prng)) != CRYPT_OK) {
|
||||
printf ("yarrow_start: %s\n", error_to_string (errno));
|
||||
if ((errnum = yarrow_start (&prng)) != CRYPT_OK) {
|
||||
printf ("yarrow_start: %s\n", error_to_string (errnum));
|
||||
}
|
||||
if ((errno = yarrow_add_entropy ("hello", 5, &prng)) != CRYPT_OK) {
|
||||
printf ("yarrow_add_entropy: %s\n", error_to_string (errno));
|
||||
if ((errnum = yarrow_add_entropy ("hello", 5, &prng)) != CRYPT_OK) {
|
||||
printf ("yarrow_add_entropy: %s\n", error_to_string (errnum));
|
||||
}
|
||||
if ((errno = yarrow_ready (&prng)) != CRYPT_OK) {
|
||||
printf ("yarrow_ready: %s\n", error_to_string (errno));
|
||||
if ((errnum = yarrow_ready (&prng)) != CRYPT_OK) {
|
||||
printf ("yarrow_ready: %s\n", error_to_string (errnum));
|
||||
}
|
||||
|
||||
printf (crypt_build_settings);
|
||||
|
1427
demos/test.c~
1427
demos/test.c~
File diff suppressed because it is too large
Load Diff
97
des.c
97
des.c
@ -241,35 +241,43 @@ void deskey(const unsigned char *key, short edf, unsigned long *keyout)
|
||||
unsigned long i, j, l, m, n, kn[32];
|
||||
unsigned char pc1m[56], pcr[56];
|
||||
|
||||
for(j=0; j < 56; j++)
|
||||
{
|
||||
for (j=0; j < 56; j++) {
|
||||
l = (unsigned long)pc1[j];
|
||||
m = l & 07;
|
||||
m = l & 7;
|
||||
pc1m[j] = (unsigned char)((key[l >> 3U] & bytebit[m]) == bytebit[m] ? 1 : 0);
|
||||
}
|
||||
|
||||
for(i=0; i < 16; i++)
|
||||
{
|
||||
if(edf == DE1) m = (15 - i) << 1;
|
||||
else m = i << 1;
|
||||
for (i=0; i < 16; i++) {
|
||||
if (edf == DE1) {
|
||||
m = (15 - i) << 1;
|
||||
} else {
|
||||
m = i << 1;
|
||||
}
|
||||
n = m + 1;
|
||||
kn[m] = kn[n] = 0L;
|
||||
for(j=0; j < 28; j++)
|
||||
{
|
||||
for (j=0; j < 28; j++) {
|
||||
l = j + (unsigned long)totrot[i];
|
||||
if(l < 28) pcr[j] = pc1m[l];
|
||||
else pcr[j] = pc1m[l - 28];
|
||||
if (l < 28) {
|
||||
pcr[j] = pc1m[l];
|
||||
} else {
|
||||
pcr[j] = pc1m[l - 28];
|
||||
}
|
||||
}
|
||||
for(/*j = 28*/; j < 56; j++)
|
||||
{
|
||||
for (/*j = 28*/; j < 56; j++) {
|
||||
l = j + (unsigned long)totrot[i];
|
||||
if(l < 56) pcr[j] = pc1m[l];
|
||||
else pcr[j] = pc1m[l - 28];
|
||||
if (l < 56) {
|
||||
pcr[j] = pc1m[l];
|
||||
} else {
|
||||
pcr[j] = pc1m[l - 28];
|
||||
}
|
||||
}
|
||||
for(j=0; j < 24; j++)
|
||||
{
|
||||
if((int)pcr[(int)pc2[j]] != 0) kn[m] |= bigbyte[j];
|
||||
if((int)pcr[(int)pc2[j+24]] != 0) kn[n] |= bigbyte[j];
|
||||
for (j=0; j < 24; j++) {
|
||||
if ((int)pcr[(int)pc2[j]] != 0) {
|
||||
kn[m] |= bigbyte[j];
|
||||
}
|
||||
if ((int)pcr[(int)pc2[j+24]] != 0) {
|
||||
kn[n] |= bigbyte[j];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -326,7 +334,7 @@ static void desfunc(unsigned long *block, const unsigned long *keys)
|
||||
static void _desfunc(unsigned long *block, const unsigned long *keys)
|
||||
#endif
|
||||
{
|
||||
unsigned long fval, work, right, leftt;
|
||||
unsigned long work, right, leftt;
|
||||
int round;
|
||||
|
||||
leftt = block[0];
|
||||
@ -348,38 +356,35 @@ static void _desfunc(unsigned long *block, const unsigned long *keys)
|
||||
leftt ^= work;
|
||||
right ^= (work << 8);
|
||||
|
||||
right = ((right << 1) | ((right >> 31) & 1L)) & 0xFFFFFFFFL;
|
||||
right = ROL(right, 1);
|
||||
work = (leftt ^ right) & 0xaaaaaaaaL;
|
||||
|
||||
leftt ^= work;
|
||||
right ^= work;
|
||||
leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;
|
||||
leftt = ROL(leftt, 1);
|
||||
|
||||
for( round = 0; round < 8; round++)
|
||||
{
|
||||
work = ((right << 28) | (right >> 4)) ^ *keys++;
|
||||
fval = SP7[ work & 0x3fL]
|
||||
| SP5[(work >> 8) & 0x3fL]
|
||||
| SP3[(work >> 16) & 0x3fL]
|
||||
| SP1[(work >> 24) & 0x3fL];
|
||||
for (round = 0; round < 8; round++) {
|
||||
work = ROR(right, 4) ^ *keys++;
|
||||
leftt ^= SP7[work & 0x3fL]
|
||||
^ SP5[(work >> 8) & 0x3fL]
|
||||
^ SP3[(work >> 16) & 0x3fL]
|
||||
^ SP1[(work >> 24) & 0x3fL];
|
||||
work = right ^ *keys++;
|
||||
fval |= SP8[ work & 0x3fL]
|
||||
| SP6[(work >> 8) & 0x3fL]
|
||||
| SP4[(work >> 16) & 0x3fL]
|
||||
| SP2[(work >> 24) & 0x3fL];
|
||||
leftt ^= fval;
|
||||
leftt ^= SP8[ work & 0x3fL]
|
||||
^ SP6[(work >> 8) & 0x3fL]
|
||||
^ SP4[(work >> 16) & 0x3fL]
|
||||
^ SP2[(work >> 24) & 0x3fL];
|
||||
|
||||
work = ((leftt << 28) | (leftt >> 4)) ^ *keys++;
|
||||
fval = SP7[ work & 0x3fL]
|
||||
| SP5[(work >> 8) & 0x3fL]
|
||||
| SP3[(work >> 16) & 0x3fL]
|
||||
| SP1[(work >> 24) & 0x3fL];
|
||||
work = ROR(leftt, 4) ^ *keys++;
|
||||
right ^= SP7[ work & 0x3fL]
|
||||
^ SP5[(work >> 8) & 0x3fL]
|
||||
^ SP3[(work >> 16) & 0x3fL]
|
||||
^ SP1[(work >> 24) & 0x3fL];
|
||||
work = leftt ^ *keys++;
|
||||
fval |= SP8[ work & 0x3fL]
|
||||
| SP6[(work >> 8) & 0x3fL]
|
||||
| SP4[(work >> 16) & 0x3fL]
|
||||
| SP2[(work >> 24) & 0x3fL];
|
||||
right ^= fval;
|
||||
right ^= SP8[ work & 0x3fL]
|
||||
^ SP6[(work >> 8) & 0x3fL]
|
||||
^ SP4[(work >> 16) & 0x3fL]
|
||||
^ SP2[(work >> 24) & 0x3fL];
|
||||
}
|
||||
right = (right << 31) | (right >> 1);
|
||||
work = (leftt ^ right) & 0xaaaaaaaaL;
|
||||
@ -412,7 +417,6 @@ static void desfunc(unsigned long *block, const unsigned long *keys)
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
|
||||
{
|
||||
_ARGCHK(key != NULL);
|
||||
@ -484,7 +488,8 @@ void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
|
||||
|
||||
void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
|
||||
{
|
||||
unsigned long work[2];
|
||||
unsigned long work[2], *k[3];
|
||||
|
||||
_ARGCHK(pt != NULL);
|
||||
_ARGCHK(ct != NULL);
|
||||
_ARGCHK(key != NULL);
|
||||
|
5
dh.c
5
dh.c
@ -207,10 +207,11 @@ void dh_sizes(int *low, int *high)
|
||||
int dh_get_size(dh_key *key)
|
||||
{
|
||||
_ARGCHK(key != NULL);
|
||||
if (is_valid_idx(key->idx) == 1)
|
||||
if (is_valid_idx(key->idx) == 1) {
|
||||
return sets[key->idx].size;
|
||||
else
|
||||
} else {
|
||||
return INT_MAX; /* large value that would cause dh_make_key() to fail */
|
||||
}
|
||||
}
|
||||
|
||||
int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)
|
||||
|
12
ecc.c
12
ecc.c
@ -253,18 +253,18 @@ static int dbl_point(ecc_point *P, ecc_point *R, mp_int *modulus, mp_int *mu)
|
||||
if (mp_mul_2(&P->y, &tmp) != MP_OKAY) { goto error; } /* tmp = 2*y */
|
||||
if (mp_invmod(&tmp, modulus, &tmp) != MP_OKAY) { goto error; } /* tmp = 1/tmp mod modulus */
|
||||
if (mp_sqr(&P->x, &s) != MP_OKAY) { goto error; } /* s = x^2 */
|
||||
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
|
||||
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
|
||||
if (mp_mul_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) */
|
||||
if (mp_sub_d(&s,(mp_digit)3, &s) != MP_OKAY) { goto error; } /* s = 3*(x^2) - 3 */
|
||||
if (mp_cmp_d(&s, 0) == MP_LT) { /* if s < 0 add modulus */
|
||||
if (mp_cmp_d(&s, 0) == MP_LT) { /* if s < 0 add modulus */
|
||||
if (mp_add(&s, modulus, &s) != MP_OKAY) { goto error; }
|
||||
}
|
||||
if (mp_mul(&s, &tmp, &s) != MP_OKAY) { goto error; } /* s = tmp * s mod modulus */
|
||||
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
|
||||
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
|
||||
|
||||
/* Xr = s^2 - 2Xp */
|
||||
if (mp_sqr(&s, &tmpx) != MP_OKAY) { goto error; } /* tmpx = s^2 */
|
||||
if (mp_reduce(&tmpx, modulus, mu) != MP_OKAY) { goto error; } /* tmpx = tmpx mod modulus */
|
||||
if (mp_reduce(&tmpx, modulus, mu) != MP_OKAY) { goto error; } /* tmpx = tmpx mod modulus */
|
||||
if (mp_sub(&tmpx, &P->x, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmpx - x */
|
||||
if (mp_submod(&tmpx, &P->x, modulus, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmpx - x mod modulus */
|
||||
|
||||
@ -321,11 +321,11 @@ static int add_point(ecc_point *P, ecc_point *Q, ecc_point *R, mp_int *modulus,
|
||||
if (mp_add(&s, modulus, &s) != MP_OKAY) { goto error; }
|
||||
}
|
||||
if (mp_mul(&s, &tmp, &s) != MP_OKAY) { goto error; } /* s = s * tmp mod modulus */
|
||||
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
|
||||
if (mp_reduce(&s, modulus, mu) != MP_OKAY) { goto error; }
|
||||
|
||||
/* Xr = s^2 - Xp - Xq */
|
||||
if (mp_sqr(&s, &tmp) != MP_OKAY) { goto error; } /* tmp = s^2 mod modulus */
|
||||
if (mp_reduce(&tmp, modulus, mu) != MP_OKAY) { goto error; }
|
||||
if (mp_reduce(&tmp, modulus, mu) != MP_OKAY) { goto error; }
|
||||
if (mp_sub(&tmp, &P->x, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp - Px */
|
||||
if (mp_sub(&tmp, &Q->x, &tmpx) != MP_OKAY) { goto error; } /* tmpx = tmp - Qx */
|
||||
|
||||
|
1
hash.c
1
hash.c
@ -61,7 +61,6 @@ int hash_filehandle(int hash, FILE *in, unsigned char *dst, unsigned long *outle
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
int hash_file(int hash, const char *fname, unsigned char *dst, unsigned long *outlen)
|
||||
{
|
||||
#ifdef NO_FILE
|
||||
|
26
hmac.c
26
hmac.c
@ -125,7 +125,8 @@ int hmac_done(hmac_state *hmac, unsigned char *hashOut)
|
||||
}
|
||||
|
||||
int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
|
||||
const unsigned char *data, unsigned long len, unsigned char *dst)
|
||||
const unsigned char *data, unsigned long len,
|
||||
unsigned char *dst, unsigned long *dstlen)
|
||||
{
|
||||
hmac_state hmac;
|
||||
int err;
|
||||
@ -134,6 +135,14 @@ int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
|
||||
_ARGCHK(data != NULL);
|
||||
_ARGCHK(dst != NULL);
|
||||
|
||||
if((err = hash_is_valid(hash)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
if (hash_descriptor[hash].hashsize > *dstlen) {
|
||||
return CRYPT_BUFFER_OVERFLOW;
|
||||
}
|
||||
*dstlen = hash_descriptor[hash].hashsize;
|
||||
|
||||
if ((err = hmac_init(&hmac, hash, key, keylen)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
@ -150,7 +159,8 @@ int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
|
||||
|
||||
/* hmac_file added by Tom St Denis */
|
||||
int hmac_file(int hash, const char *fname, const unsigned char *key,
|
||||
unsigned long keylen, unsigned char *dst)
|
||||
unsigned long keylen,
|
||||
unsigned char *dst, unsigned long *dstlen)
|
||||
{
|
||||
#ifdef NO_FILE
|
||||
return CRYPT_ERROR;
|
||||
@ -165,6 +175,14 @@ int hmac_file(int hash, const char *fname, const unsigned char *key,
|
||||
_ARGCHK(key != NULL);
|
||||
_ARGCHK(dst != NULL);
|
||||
|
||||
if((err = hash_is_valid(hash)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
if (hash_descriptor[hash].hashsize > *dstlen) {
|
||||
return CRYPT_BUFFER_OVERFLOW;
|
||||
}
|
||||
*dstlen = hash_descriptor[hash].hashsize;
|
||||
|
||||
if ((err = hmac_init(&hmac, hash, key, keylen)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
@ -436,11 +454,13 @@ Key First"
|
||||
0x1f, 0xb1, 0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e} }
|
||||
};
|
||||
|
||||
unsigned long outlen;
|
||||
int err;
|
||||
int failed=0;
|
||||
for(i=0; i < (int)(sizeof(cases) / sizeof(cases[0])); i++) {
|
||||
int hash = find_hash(cases[i].algo);
|
||||
if((err = hmac_memory(hash, cases[i].key, cases[i].keylen, cases[i].data, cases[i].datalen, digest)) != CRYPT_OK) {
|
||||
outlen = sizeof(digest);
|
||||
if((err = hmac_memory(hash, cases[i].key, cases[i].keylen, cases[i].data, cases[i].datalen, digest, &outlen)) != CRYPT_OK) {
|
||||
#if 0
|
||||
printf("HMAC-%s test #%d\n", cases[i].algo, cases[i].num);
|
||||
#endif
|
||||
|
2
makefile
2
makefile
@ -9,7 +9,7 @@
|
||||
# a build. This is easy to remedy though, for those that have problems.
|
||||
|
||||
# The version
|
||||
VERSION=0.81
|
||||
VERSION=0.82
|
||||
|
||||
#ch1-01-1
|
||||
# Compiler and Linker Names
|
||||
|
23
makefile.msvc
Normal file
23
makefile.msvc
Normal file
@ -0,0 +1,23 @@
|
||||
#MSVC Makefile [tested with MSVC 6.00 with SP5]
|
||||
#
|
||||
#Tom St Denis
|
||||
|
||||
CFLAGS = /I. /Ogityb2 /Gs /DWIN32 /W3
|
||||
|
||||
default: library
|
||||
|
||||
#List of objects to compile.
|
||||
OBJECTS=keyring.obj gf.obj mem.obj sprng.obj ecc.obj base64.obj dh.obj rsa.obj \
|
||||
bits.obj yarrow.obj cfb.obj ofb.obj ecb.obj ctr.obj cbc.obj hash.obj tiger.obj sha1.obj \
|
||||
md5.obj md4.obj md2.obj sha256.obj sha512.obj xtea.obj aes.obj serpent.obj des.obj \
|
||||
safer_tab.obj safer.obj safer+.obj rc4.obj rc2.obj rc6.obj rc5.obj cast5.obj noekeon.obj \
|
||||
blowfish.obj crypt.obj ampi.obj mpi.obj prime.obj twofish.obj packet.obj hmac.obj strings.obj
|
||||
|
||||
library: $(OBJECTS)
|
||||
lib /out:tomcrypt.lib $(OBJECTS)
|
||||
|
||||
test.obj: demos/test.c
|
||||
cl $(CFLAGS) /c demos/test.c
|
||||
|
||||
test: library test.obj
|
||||
cl test.obj tomcrypt.lib advapi32.lib
|
@ -5,7 +5,7 @@
|
||||
CC = gcc
|
||||
AR = ar
|
||||
LD = ld
|
||||
CFLAGS += -Os -Wall -Wsign-compare -W -Wno-unused -Werror -I./
|
||||
CFLAGS += -O3 -Wall -Wsign-compare -W -Wno-unused -Werror -I./
|
||||
|
||||
default: library
|
||||
|
||||
|
2
md4.c
2
md4.c
@ -30,7 +30,7 @@ const struct _hash_descriptor md4_desc =
|
||||
|
||||
/* F, G and H are basic MD4 functions. */
|
||||
#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
|
||||
#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
|
||||
#define G(x, y, z) ((x & y) | (z & (x | y)))
|
||||
#define H(x, y, z) ((x) ^ (y) ^ (z))
|
||||
|
||||
/* ROTATE_LEFT rotates x left n bits. */
|
||||
|
6
md5.c
6
md5.c
@ -14,10 +14,10 @@ const struct _hash_descriptor md5_desc =
|
||||
&md5_test
|
||||
};
|
||||
|
||||
#define F(x,y,z) ( (x&y)|((~x)&z) )
|
||||
#define G(x,y,z) ( (x&z)|(y&(~z)) )
|
||||
#define F(x,y,z) ((x&y)|((~x)&z))
|
||||
#define G(x,y,z) ((x&z)|(y&(~z)))
|
||||
#define H(x,y,z) (x^y^z)
|
||||
#define I(x,y,z) (y ^ (x | (~z)))
|
||||
#define I(x,y,z) (y^(x|(~z)))
|
||||
|
||||
#define FF(a,b,c,d,M,s,t) \
|
||||
a = (a + F(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
|
||||
|
@ -16,8 +16,8 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
/* version */
|
||||
#define CRYPT 0x0081
|
||||
#define SCRYPT "0.81"
|
||||
#define CRYPT 0x0082
|
||||
#define SCRYPT "0.82"
|
||||
|
||||
/* max size of either a cipher/hash block or symmetric key [largest of the two] */
|
||||
#define MAXBLOCKSIZE 128
|
||||
|
@ -177,8 +177,10 @@ extern int hmac_process(hmac_state *hmac, const unsigned char *buf, unsigned lon
|
||||
extern int hmac_done(hmac_state *hmac, unsigned char *hash);
|
||||
extern int hmac_test(void);
|
||||
extern int hmac_memory(int hash, const unsigned char *key, unsigned long keylen,
|
||||
const unsigned char *data, unsigned long len, unsigned char *dst);
|
||||
const unsigned char *data, unsigned long len,
|
||||
unsigned char *dst, unsigned long *dstlen);
|
||||
extern int hmac_file(int hash, const char *fname, const unsigned char *key,
|
||||
unsigned long keylen, unsigned char *dst);
|
||||
unsigned long keylen,
|
||||
unsigned char *dst, unsigned long *dstlen);
|
||||
#endif
|
||||
|
||||
|
7
ofb.c
7
ofb.c
@ -36,6 +36,13 @@ int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
|
||||
if ((err = cipher_is_valid(ofb->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
/* is blocklen/padlen valid? */
|
||||
if (ofb->blocklen < 0 || ofb->blocklen > (int)sizeof(ofb->IV) ||
|
||||
ofb->padlen < 0 || ofb->padlen > (int)sizeof(ofb->IV)) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
while (len-- > 0) {
|
||||
if (ofb->padlen == ofb->blocklen) {
|
||||
cipher_descriptor[ofb->cipher].ecb_encrypt(ofb->IV, ofb->IV, &ofb->key);
|
||||
|
10
rsa_sys.c
10
rsa_sys.c
@ -14,6 +14,11 @@ int rsa_encrypt_key(const unsigned char *inkey, unsigned long inlen,
|
||||
_ARGCHK(outlen != NULL);
|
||||
_ARGCHK(key != NULL);
|
||||
|
||||
/* only allow keys from 64 to 256 bits */
|
||||
if (inlen < 8 || inlen > 32) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
/* are the parameters valid? */
|
||||
if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
|
||||
return err;
|
||||
@ -148,6 +153,11 @@ int rsa_sign_hash(const unsigned char *in, unsigned long inlen,
|
||||
_ARGCHK(outlen != NULL);
|
||||
_ARGCHK(key != NULL);
|
||||
|
||||
/* reject nonsense sizes */
|
||||
if (inlen < 16) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
/* type of key? */
|
||||
if (key->type != PK_PRIVATE && key->type != PK_PRIVATE_OPTIMIZED) {
|
||||
return CRYPT_PK_NOT_PRIVATE;
|
||||
|
6
safer+.c
6
safer+.c
@ -154,7 +154,7 @@ static void _ilt(unsigned char *b, unsigned char *b2)
|
||||
#endif
|
||||
|
||||
/* These are the 33, 128-bit bias words for the key schedule */
|
||||
const unsigned char safer_bias[33][16] = {
|
||||
static const unsigned char safer_bias[33][16] = {
|
||||
{ 70, 151, 177, 186, 163, 183, 16, 10, 197, 55, 179, 201, 90, 40, 172, 100},
|
||||
{ 236, 171, 170, 198, 103, 149, 88, 13, 248, 154, 246, 110, 102, 220, 5, 61},
|
||||
{ 138, 195, 216, 137, 106, 233, 54, 73, 67, 191, 235, 212, 150, 155, 104, 160},
|
||||
@ -469,14 +469,12 @@ int saferp_keysize(int *desired_keysize)
|
||||
return CRYPT_INVALID_KEYSIZE;
|
||||
if (*desired_keysize < 24) {
|
||||
*desired_keysize = 16;
|
||||
return CRYPT_OK;
|
||||
} else if (*desired_keysize < 32) {
|
||||
*desired_keysize = 24;
|
||||
return CRYPT_OK;
|
||||
} else {
|
||||
*desired_keysize = 32;
|
||||
return CRYPT_OK;
|
||||
}
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
3
sha256.c
3
sha256.c
@ -33,7 +33,7 @@ static const unsigned long K[64] = {
|
||||
|
||||
/* Various logical functions */
|
||||
#define Ch(x,y,z) ((x & y) | (~x & z))
|
||||
#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
|
||||
#define Maj(x,y,z) (((x | y) & z) | (x & y))
|
||||
#define S(x, n) ROR((x),(n))
|
||||
#define R(x, n) (((x)&0xFFFFFFFFUL)>>(n))
|
||||
#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22))
|
||||
@ -85,6 +85,7 @@ static void sha256_compress(hash_state * md)
|
||||
for (i = 0; i < 8; i++) {
|
||||
md->sha256.state[i] = md->sha256.state[i] + S[i];
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
#ifdef CLEAN_STACK
|
||||
|
2
sha512.c
2
sha512.c
@ -60,7 +60,7 @@ CONST64(0x5fcb6fab3ad6faec), CONST64(0x6c44198c4a475817)
|
||||
|
||||
/* Various logical functions */
|
||||
#define Ch(x,y,z) ((x & y) | (~x & z))
|
||||
#define Maj(x,y,z) ((x & y) ^ (x & z) ^ (y & z))
|
||||
#define Maj(x,y,z) (((x | y) & z) | (x & y))
|
||||
#define S(x, n) ROR64((x),(n))
|
||||
#define R(x, n) (((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)n))
|
||||
#define Sigma0(x) (S(x, 28) ^ S(x, 34) ^ S(x, 39))
|
||||
|
@ -12,6 +12,8 @@
|
||||
*
|
||||
* Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca
|
||||
*/
|
||||
#include "mycrypt.h"
|
||||
|
||||
#ifndef BN_H_
|
||||
#define BN_H_
|
||||
|
||||
|
31
twofish.c
31
twofish.c
@ -518,7 +518,7 @@ static void _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sym
|
||||
void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
|
||||
#endif
|
||||
{
|
||||
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2;
|
||||
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k;
|
||||
int r;
|
||||
|
||||
_ARGCHK(pt != NULL);
|
||||
@ -532,15 +532,23 @@ void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
|
||||
c ^= key->twofish.K[2];
|
||||
d ^= key->twofish.K[3];
|
||||
|
||||
for (r = 0; r < 16; ++r) {
|
||||
k = key->twofish.K + 8;
|
||||
for (r = 0; r < 16; r += 2) {
|
||||
t1 = g_func(a, key);
|
||||
t2 = g_func(ROL(b, 8), key);
|
||||
t2 += (t1 += t2);
|
||||
t1 += key->twofish.K[r+r+8];
|
||||
t2 += key->twofish.K[r+r+9];
|
||||
t1 += *k++;
|
||||
t2 += *k++;
|
||||
c ^= t1; c = ROR(c, 1);
|
||||
d = ROL(d, 1) ^ t2;
|
||||
ta = a; a = c; c = ta; tb = b; b = d; d = tb;
|
||||
|
||||
t1 = g_func(c, key);
|
||||
t2 = g_func(ROL(d, 8), key);
|
||||
t2 += (t1 += t2);
|
||||
t1 += *k++;
|
||||
t2 += *k++;
|
||||
a ^= t1; a = ROR(a, 1);
|
||||
b = ROL(b, 1) ^ t2;
|
||||
}
|
||||
|
||||
/* output with "undo last swap" */
|
||||
@ -568,7 +576,7 @@ static void _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sym
|
||||
void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
|
||||
#endif
|
||||
{
|
||||
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2;
|
||||
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k;
|
||||
int r;
|
||||
|
||||
_ARGCHK(pt != NULL);
|
||||
@ -585,22 +593,21 @@ void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
|
||||
c = ta ^ key->twofish.K[4];
|
||||
d = tb ^ key->twofish.K[5];
|
||||
|
||||
/* loop is kept partially unrolled because it is slower [at least on an Athlon]
|
||||
* then the tight version. */
|
||||
k = key->twofish.K + 39;
|
||||
for (r = 14; r >= 0; r -= 2) {
|
||||
t1 = g_func(c, key);
|
||||
t2 = g_func(ROL(d, 8), key);
|
||||
t2 += (t1 += t2);
|
||||
t1 += key->twofish.K[r+r+10];
|
||||
t2 += key->twofish.K[r+r+11];
|
||||
t2 += *k--;
|
||||
t1 += *k--;
|
||||
a = ROL(a, 1) ^ t1;
|
||||
b = b ^ t2; b = ROR(b, 1);
|
||||
|
||||
t1 = g_func(a, key);
|
||||
t2 = g_func(ROL(b, 8), key);
|
||||
t2 += (t1 += t2);
|
||||
t1 += key->twofish.K[r+r+8];
|
||||
t2 += key->twofish.K[r+r+9];
|
||||
t2 += *k--;
|
||||
t1 += *k--;
|
||||
c = ROL(c, 1) ^ t1;
|
||||
d = d ^ t2; d = ROR(d, 1);
|
||||
}
|
||||
|
@ -1,131 +0,0 @@
|
||||
#!/bin/tcsh
|
||||
# Get latest copy of libtomcrypt and install it using "tcsh"
|
||||
#
|
||||
# Tom St Denis
|
||||
echo libtomcrypt update script, Tom St Denis
|
||||
echo "http://libtomcrypt.iahu.ca\n"
|
||||
|
||||
if ($1 == "--help") then
|
||||
echo "update_libtomcrypt.sh [makefile] [sig]-- Download and optionally build the libtomcrypt project.\n"
|
||||
echo "\t[makefile] --\tYou can optionally specify which makefile you want to build with. If you specify "
|
||||
echo "\t\t\t'nobuild' then the library is not built, just downloaded and unzipped. If you "
|
||||
echo "\t\t\tleave it empty the default 'makefile' is used to build the library.\n"
|
||||
echo "\t[sig] -- \tOptionally verify [via GPG] the signature of the package."
|
||||
exit
|
||||
endif
|
||||
|
||||
if ($1 == "" || $1 == "sig") then
|
||||
set make = "makefile"
|
||||
else
|
||||
set make = $1;
|
||||
endif
|
||||
|
||||
if ($1 == "sig" || $2 == "sig") then
|
||||
set sig = "sig"
|
||||
else
|
||||
set sig = ""
|
||||
endif
|
||||
|
||||
rm -f latest
|
||||
echo Getting latest version number from website.
|
||||
wget -q http://iahu.ca:8080/download/latest
|
||||
if (-r latest) then
|
||||
set a = `cat latest`
|
||||
echo "Latest release is v$a.\n"
|
||||
if (-d "libtomcrypt-$a" && (-r "libtomcrypt-$a/libtomcrypt.a" || $make == "nobuild")) then
|
||||
echo Libtomcrypt v$a is already installed on your system.
|
||||
else
|
||||
echo "Downloading libtomcrypt v$a ..."
|
||||
if (-r "crypt-$a.tar.bz2") then
|
||||
rm -f crypt-$a.tar.bz2
|
||||
endif
|
||||
wget http://iahu.ca:8080/download/crypt-$a.tar.bz2
|
||||
if (-r "crypt-$a.tar.bz2") then
|
||||
if (-d "libtomcrypt-$a") then
|
||||
echo "WARNING! Directory libtomcrypt-$a already exists. Cannot continue.\n"
|
||||
exit
|
||||
endif
|
||||
if ($sig == "sig") then
|
||||
if (!(-r public.asc)) then
|
||||
echo "Downloading and installing code signing key...\n"
|
||||
wget -q http://iahu.ca:8080/download/public.asc
|
||||
if (-r public.asc) then
|
||||
gpg --import public.asc
|
||||
if ($? != 0) then
|
||||
echo Could not import signing key required to verify the package.
|
||||
exit
|
||||
else
|
||||
echo "\n********************************************************************************"
|
||||
echo "A new key has been imported to your keyring. You should check that it is valid."
|
||||
echo "********************************************************************************"
|
||||
endif
|
||||
else
|
||||
echo "Could not download the key to import."
|
||||
exit
|
||||
endif
|
||||
endif
|
||||
echo Verifying signature...
|
||||
wget -q http://iahu.ca:8080/download/crypt-$a.tar.bz2.asc
|
||||
if (!(-r "crypt-$a.tar.bz2.asc")) then
|
||||
echo Could not download signature to test.
|
||||
exit
|
||||
endif
|
||||
gpg -q --verify crypt-$a.tar.bz2.asc
|
||||
if ($? != 0) then
|
||||
echo "\n\nSignature for crypt-$a.tar.bz2 is ****not**** valid.\n\n"
|
||||
exit
|
||||
else
|
||||
echo "\n\nSignature for crypt-$a.tar.bz2 is valid.\n\n"
|
||||
endif
|
||||
endif
|
||||
bzip2 -d -c crypt-$a.tar.bz2 | tar -x
|
||||
if (-d "libtomcrypt-$a") then
|
||||
if (-r "libtomcrypt-$a/$make") then
|
||||
cd libtomcrypt-$a
|
||||
make -f $make
|
||||
if (-r "libtomcrypt.a") then
|
||||
echo "\n\n*****************************************************************"
|
||||
echo The library has been built and you can now install it either with
|
||||
echo
|
||||
echo "cd libtomcrypt-$a ; make install"
|
||||
echo
|
||||
echo Or by editing the makefile and changing the user you wish to install
|
||||
echo it with, or simply copy "libtomcrypt.a" to your library directory and
|
||||
echo copy "*.h" to your include directory
|
||||
echo "*****************************************************************"
|
||||
else
|
||||
echo "\n\n*****************************************************************"
|
||||
echo The library failed to build. Please note the errors and send them to tomstdenis@yahoo.com
|
||||
echo "*****************************************************************"
|
||||
endif
|
||||
else if ($make == "nobuild") then
|
||||
echo "\n\n*****************************************************************"
|
||||
echo "The library was downloaded and unzipped into libtomcrypt-$a/"
|
||||
echo "*****************************************************************"
|
||||
else
|
||||
echo "The makefile '$make' was not found in the archive.\n";
|
||||
endif
|
||||
else
|
||||
echo "Could not unpack the libtomcrypt archive (corrupt?)."
|
||||
endif
|
||||
cd ..
|
||||
else
|
||||
echo "Could not download the libtomcrypt archive from server."
|
||||
endif
|
||||
endif
|
||||
if (-r "libtomcrypt-$a/changes") then
|
||||
perl <<!
|
||||
open(IN,"<libtomcrypt-$a/changes") or die "Can't open libtomcrypt change log.";
|
||||
print "\nChange log for v$a :\n";
|
||||
\$a = <IN>; print \$a; \$a = <IN>;
|
||||
while (<IN>) {
|
||||
if (\$_ =~ m/^(v\d\.\d\d)/) { close(IN); exit(0); }
|
||||
print "\$a"; \$a = \$_;
|
||||
}
|
||||
!
|
||||
else
|
||||
echo "Change log not found. Is the package really installed?"
|
||||
endif
|
||||
else
|
||||
echo "Could not download latest file from server to check version."
|
||||
endif
|
Loading…
Reference in New Issue
Block a user