added libtomcrypt-0.83
This commit is contained in:
parent
7d21325daa
commit
90a48a5bec
3
aes.c
3
aes.c
@ -102,8 +102,9 @@ int rijndael_setup(const unsigned char *key, int keylen, int numrounds, symmetri
|
||||
_ARGCHK(key != NULL);
|
||||
_ARGCHK(skey != NULL);
|
||||
|
||||
if (numrounds == 0)
|
||||
if (numrounds == 0) {
|
||||
numrounds = 10 + (2 * ((keylen/8)-2));
|
||||
}
|
||||
|
||||
if (keylen != 16 && keylen != 24 && keylen != 32) {
|
||||
return CRYPT_INVALID_KEYSIZE;
|
||||
|
8
changes
8
changes
@ -1,3 +1,11 @@
|
||||
Mar 29th, 2003
|
||||
v0.83 -- Optimized the ecc_mulmod, it's faster and takes less heap/stack space
|
||||
-- Fixed a free memory error in ecc_mulmod and del_point which would try to free NULL
|
||||
-- Fixed two serious bugs in rsa_decrypt_key and rsa_verify_hash that would allow a trivialy
|
||||
buffer overflow.
|
||||
-- Fixed a bug in the hmac testing code if you don't register all the hashes it won't return
|
||||
errors now.
|
||||
|
||||
Mar 15th, 2003
|
||||
v0.82 -- Manual updated
|
||||
-- Added MSVC makefile [back, actually its written from scratch to work with NMAKE]
|
||||
|
@ -48,7 +48,7 @@
|
||||
\def\gap{\vspace{0.5ex}}
|
||||
\makeindex
|
||||
\begin{document}
|
||||
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.82}
|
||||
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.83}
|
||||
\author{Tom St Denis \\
|
||||
Algonquin College \\
|
||||
\\
|
||||
|
@ -1139,7 +1139,7 @@ ecc_tests (void)
|
||||
}
|
||||
|
||||
/* test encrypt_key */
|
||||
ecc_make_key (&prng, find_prng ("yarrow"), 28, &usera);
|
||||
ecc_make_key (&prng, find_prng ("yarrow"), 20, &usera);
|
||||
for (x = 0; x < 32; x++)
|
||||
buf[0][x] = x;
|
||||
y = sizeof (buf[1]);
|
||||
@ -1176,6 +1176,7 @@ ecc_tests (void)
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
}
|
||||
printf("Signature size: %lu\n", x);
|
||||
if (ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &usera)) {
|
||||
printf ("Error: %s\n", error_to_string (errnum));
|
||||
exit (-1);
|
||||
@ -1377,12 +1378,12 @@ register_all_algs (void)
|
||||
void
|
||||
kr_display (pk_key * kr)
|
||||
{
|
||||
static const char *system[] = { "NON-KEY", "RSA", "DH", "ECC" };
|
||||
static const char *sys[] = { "NON-KEY", "RSA", "DH", "ECC" };
|
||||
static const char *type[] = { "PRIVATE", "PUBLIC", "PRIVATE_OPTIMIZED" };
|
||||
|
||||
while (kr->system != NON_KEY) {
|
||||
printf ("CRC [%08lx], System [%10s], Type [%20s], %s, %s, %s\n", kr->ID,
|
||||
system[kr->system], type[kr->key_type], kr->name, kr->email,
|
||||
sys[kr->system], type[kr->key_type], kr->name, kr->email,
|
||||
kr->description);
|
||||
kr = kr->next;
|
||||
}
|
||||
|
200
ecc.c
200
ecc.c
@ -235,8 +235,13 @@ static ecc_point *new_point(void)
|
||||
|
||||
static void del_point(ecc_point *p)
|
||||
{
|
||||
/* prevents free'ing null arguments */
|
||||
if (p == NULL) {
|
||||
return;
|
||||
} else {
|
||||
mp_clear_multi(&p->x, &p->y, NULL);
|
||||
XFREE(p);
|
||||
}
|
||||
}
|
||||
|
||||
/* double a point R = 2P, R can be P*/
|
||||
@ -344,48 +349,29 @@ done:
|
||||
return res;
|
||||
}
|
||||
|
||||
/* size of sliding window, don't change this! */
|
||||
#define WINSIZE 4
|
||||
|
||||
/* perform R = kG where k == integer and G == ecc_point */
|
||||
static int ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus)
|
||||
{
|
||||
ecc_point *tG, *M[30];
|
||||
int i, j, z, res, Q;
|
||||
mp_digit d;
|
||||
unsigned char bits[150], m, first;
|
||||
ecc_point *tG, *M[8];
|
||||
int i, j, res;
|
||||
mp_int mu;
|
||||
mp_digit buf;
|
||||
int first, bitbuf, bitcpy, bitcnt, mode, digidx;
|
||||
|
||||
|
||||
if ((USED(k) * MP_DIGIT_BIT) > 256) {
|
||||
Q = 5;
|
||||
} else {
|
||||
Q = 4;
|
||||
}
|
||||
|
||||
/* init barrett reduction */
|
||||
if (mp_init(&mu) != MP_OKAY) {
|
||||
return CRYPT_MEM;
|
||||
}
|
||||
|
||||
/* init barrett reduction */
|
||||
mp_set(&mu, 1);
|
||||
mp_lshd(&mu, 2 * USED(modulus));
|
||||
if (mp_div(&mu, modulus, &mu, NULL) != MP_OKAY) {
|
||||
if (mp_reduce_setup(&mu, modulus) != MP_OKAY) {
|
||||
mp_clear(&mu);
|
||||
return CRYPT_MEM;
|
||||
}
|
||||
|
||||
|
||||
/* init M tab (alloc here, calculate below)
|
||||
|
||||
This table holds the first 2^Q multiples of the input base point G, that is
|
||||
|
||||
M[x] = x * G
|
||||
|
||||
Where G is the point and x is a scalar. The implementation is optimized
|
||||
since M[0] == 0 and M[1] == G so there is no need to waste space for those. In
|
||||
effect M'[x] == M[x+2] where M'[] is the table we make. If M[0] or M[1] are needed
|
||||
we handle them with if statements.
|
||||
|
||||
*/
|
||||
for (i = 0; i < ((1<<Q)-2); i++) {
|
||||
/* alloc ram for window temps */
|
||||
for (i = 0; i < 8; i++) {
|
||||
M[i] = new_point();
|
||||
if (M[i] == NULL) {
|
||||
for (j = 0; j < i; j++) {
|
||||
@ -396,104 +382,128 @@ static int ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus)
|
||||
}
|
||||
}
|
||||
|
||||
/* get bits of k in groupings of Q
|
||||
|
||||
The multiplicand is read in groupings of four bits. This is because the multiplication
|
||||
routine is a Q-ary left-to-write (see HAC chapter 14, algorithm 14.82).
|
||||
*/
|
||||
first = m = (unsigned char)0;
|
||||
for (z = i = 0; z < (int)USED(k); z++) {
|
||||
/* grab a digit from the mp_int, these have MP_DIGIT_BIT bits in them */
|
||||
d = DIGIT(k, z);
|
||||
for (j = 0; j < (int)MP_DIGIT_BIT; j++) {
|
||||
/* OR the bits against an accumulator */
|
||||
first |= (d&1)<<(unsigned)(m++);
|
||||
/* if the bit count is Q then we have a Q-bit word ready */
|
||||
if (m == (unsigned char)Q) {
|
||||
/* store the four bit word and reset counters */
|
||||
bits[i++] = first;
|
||||
first = m = (unsigned char)0;
|
||||
}
|
||||
/* shift the digit down to extract the next bit */
|
||||
d >>= 1;
|
||||
}
|
||||
}
|
||||
|
||||
/* residue of multiplicand [if any] */
|
||||
if (m) {
|
||||
bits[i++] = first;
|
||||
}
|
||||
|
||||
/* make a copy of G incase R==G */
|
||||
tG = new_point();
|
||||
if (tG == NULL) { goto error; }
|
||||
|
||||
/* skip leading digits which are zero */
|
||||
--i; while (i != 0 && bits[i] == (unsigned char)0) { --i; }
|
||||
|
||||
/* if the multiplicand has no non-zero 4-bit words its invalid. */
|
||||
if (i == 0) {
|
||||
res = CRYPT_INVALID_ARG;
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* now calc the M tab, note that there are only 2^Q - 2 spots, the normal M[0] is a no-op, and M[1] is the input
|
||||
point (saves ram)
|
||||
*/
|
||||
|
||||
/* M[0] now is 2*G */
|
||||
/* calc the M tab, which holds kG for k==8..15 */
|
||||
/* M[0] == 8G */
|
||||
if (dbl_point(G, M[0], modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
for (j = 1; j < ((1<<Q)-2); j++) {
|
||||
if (add_point(M[j-1], G, M[j], modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
if (dbl_point(M[0], M[0], modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
if (dbl_point(M[0], M[0], modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
|
||||
/* now find (8+k)G for k=1..7 */
|
||||
for (j = 9; j < 16; j++) {
|
||||
if (add_point(M[j-9], G, M[j-8], modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
}
|
||||
|
||||
/* tG = G */
|
||||
if (mp_copy(&G->x, &tG->x) != MP_OKAY) { goto error; }
|
||||
if (mp_copy(&G->y, &tG->y) != MP_OKAY) { goto error; }
|
||||
|
||||
/* set result M[bits[i]] */
|
||||
if (bits[i] == (unsigned char)1) {
|
||||
if (mp_copy(&G->x, &R->x) != MP_OKAY) { goto error; }
|
||||
if (mp_copy(&G->y, &R->y) != MP_OKAY) { goto error; }
|
||||
} else if (bits[i] >= (unsigned char)2) {
|
||||
if (mp_copy(&M[(int)bits[i]-2]->x, &R->x) != MP_OKAY) { goto error; }
|
||||
if (mp_copy(&M[(int)bits[i]-2]->y, &R->y) != MP_OKAY) { goto error; }
|
||||
/* setup sliding window */
|
||||
mode = 0;
|
||||
bitcnt = 1;
|
||||
buf = 0;
|
||||
digidx = k->used - 1;
|
||||
bitcpy = bitbuf = 0;
|
||||
first = 1;
|
||||
|
||||
/* perform ops */
|
||||
for (;;) {
|
||||
/* grab next digit as required */
|
||||
if (--bitcnt == 0) {
|
||||
if (digidx == -1) {
|
||||
break;
|
||||
}
|
||||
buf = k->dp[digidx--];
|
||||
bitcnt = (int) DIGIT_BIT;
|
||||
}
|
||||
|
||||
while (--i >= 0) {
|
||||
/* double */
|
||||
for (j = 0; j < Q; j++) {
|
||||
/* grab the next msb from the multiplicand */
|
||||
i = (buf >> (DIGIT_BIT - 1)) & 1;
|
||||
buf <<= 1;
|
||||
|
||||
/* skip leading zero bits */
|
||||
if (mode == 0 && i == 0)
|
||||
continue;
|
||||
|
||||
/* if the bit is zero and mode == 1 then we double */
|
||||
if (mode == 1 && i == 0) {
|
||||
if (dbl_point(R, R, modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
continue;
|
||||
}
|
||||
|
||||
/* else we add it to the window */
|
||||
bitbuf |= (i << (WINSIZE - ++bitcpy));
|
||||
mode = 2;
|
||||
|
||||
if (bitcpy == WINSIZE) {
|
||||
/* if this is the first window we do a simple copy */
|
||||
if (first == 1) {
|
||||
/* R = kG [k = first window] */
|
||||
if (mp_copy(&M[bitbuf-8]->x, &R->x) != MP_OKAY) { goto error; }
|
||||
if (mp_copy(&M[bitbuf-8]->y, &R->y) != MP_OKAY) { goto error; }
|
||||
first = 0;
|
||||
} else {
|
||||
/* normal window */
|
||||
/* ok window is filled so double as required and add */
|
||||
/* double first */
|
||||
for (j = 0; j < WINSIZE; j++) {
|
||||
if (dbl_point(R, R, modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
}
|
||||
|
||||
/* now based on the value of bits[i] we do ops */
|
||||
if (bits[i] == (unsigned char)0) {
|
||||
/* nop */
|
||||
} else if (bits[i] == (unsigned char)1) {
|
||||
/* add base point */
|
||||
/* then add, bitbuf will be 1..15 [1..2^WINSIZE] guaranteed */
|
||||
if (bitbuf == 1) {
|
||||
if (add_point(R, tG, R, modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
} else {
|
||||
/* other case */
|
||||
if (add_point(R, M[(int)bits[i] - 2], R, modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
if (add_point(R, M[bitbuf-8], R, modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
}
|
||||
}
|
||||
/* empty window and reset */
|
||||
bitcpy = bitbuf = 0;
|
||||
mode = 1;
|
||||
}
|
||||
}
|
||||
|
||||
/* if bits remain then double/add */
|
||||
if (mode == 2 && bitcpy > 0) {
|
||||
/* double then add */
|
||||
for (j = 0; j < bitcpy; j++) {
|
||||
/* only double if we have had at least one add first */
|
||||
if (first == 0) {
|
||||
if (dbl_point(R, R, modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
}
|
||||
|
||||
bitbuf <<= 1;
|
||||
if ((bitbuf & (1 << WINSIZE)) != 0) {
|
||||
if (first == 1){
|
||||
/* first add, so copy */
|
||||
if (mp_copy(&tG->x, &R->x) != MP_OKAY) { goto error; }
|
||||
if (mp_copy(&tG->y, &R->y) != MP_OKAY) { goto error; }
|
||||
first = 0;
|
||||
} else {
|
||||
/* then add */
|
||||
if (add_point(R, tG, R, modulus, &mu) != CRYPT_OK) { goto error; }
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
res = CRYPT_OK;
|
||||
goto done;
|
||||
error:
|
||||
res = CRYPT_MEM;
|
||||
done:
|
||||
del_point(tG);
|
||||
for (i = 0; i < ((1<<Q)-2); i++) {
|
||||
for (i = 0; i < 8; i++) {
|
||||
del_point(M[i]);
|
||||
}
|
||||
mp_clear(&mu);
|
||||
#ifdef CLEAN_STACK
|
||||
zeromem(bits, sizeof(bits));
|
||||
#endif
|
||||
return res;
|
||||
}
|
||||
|
||||
#undef WINSIZE
|
||||
|
||||
int ecc_test(void)
|
||||
{
|
||||
mp_int modulus, order;
|
||||
|
10
hmac.c
10
hmac.c
@ -456,9 +456,11 @@ Key First"
|
||||
|
||||
unsigned long outlen;
|
||||
int err;
|
||||
int failed=0;
|
||||
int tested=0,failed=0;
|
||||
for(i=0; i < (int)(sizeof(cases) / sizeof(cases[0])); i++) {
|
||||
int hash = find_hash(cases[i].algo);
|
||||
if (hash == -1) continue;
|
||||
++tested;
|
||||
outlen = sizeof(digest);
|
||||
if((err = hmac_memory(hash, cases[i].key, cases[i].keylen, cases[i].data, cases[i].datalen, digest, &outlen)) != CRYPT_OK) {
|
||||
#if 0
|
||||
@ -490,9 +492,11 @@ Key First"
|
||||
|
||||
if (failed != 0) {
|
||||
return CRYPT_FAIL_TESTVECTOR;
|
||||
}
|
||||
|
||||
} else if (tested == 0) {
|
||||
return CRYPT_NOP;
|
||||
} else {
|
||||
return CRYPT_OK;
|
||||
}
|
||||
}
|
||||
|
||||
#endif
|
||||
|
22
keyring.c
22
keyring.c
@ -137,7 +137,7 @@ pk_key *kr_find_name(pk_key *pk, const char *name)
|
||||
}
|
||||
|
||||
|
||||
int kr_add(pk_key *pk, int key_type, int system, const unsigned char *name,
|
||||
int kr_add(pk_key *pk, int key_type, int sys, const unsigned char *name,
|
||||
const unsigned char *email, const unsigned char *description, const _pk_key *key)
|
||||
{
|
||||
_ARGCHK(pk != NULL);
|
||||
@ -151,7 +151,7 @@ int kr_add(pk_key *pk, int key_type, int system, const unsigned char *name,
|
||||
return CRYPT_PK_INVALID_TYPE;
|
||||
}
|
||||
|
||||
if (system != RSA_KEY && system != DH_KEY && system != ECC_KEY) {
|
||||
if (sys != RSA_KEY && sys != DH_KEY && sys != ECC_KEY) {
|
||||
return CRYPT_PK_INVALID_SYSTEM;
|
||||
}
|
||||
|
||||
@ -177,7 +177,7 @@ int kr_add(pk_key *pk, int key_type, int system, const unsigned char *name,
|
||||
|
||||
/* now add this new data to this ring spot */
|
||||
pk->key_type = key_type;
|
||||
pk->system = system;
|
||||
pk->system = sys;
|
||||
strncpy((char *)pk->name, (char *)name, sizeof(pk->name)-1);
|
||||
strncpy((char *)pk->email, (char *)email, sizeof(pk->email)-1);
|
||||
strncpy((char *)pk->description, (char *)description, sizeof(pk->description)-1);
|
||||
@ -187,7 +187,7 @@ int kr_add(pk_key *pk, int key_type, int system, const unsigned char *name,
|
||||
zeromem(&(pk->key), sizeof(pk->key));
|
||||
|
||||
/* copy the key */
|
||||
switch (system) {
|
||||
switch (sys) {
|
||||
case RSA_KEY:
|
||||
memcpy(&(pk->key.rsa), &(key->rsa), sizeof(key->rsa));
|
||||
break;
|
||||
@ -366,7 +366,7 @@ int kr_export(pk_key *pk, unsigned long ID, int key_type, unsigned char *out, un
|
||||
int kr_import(pk_key *pk, const unsigned char *in, unsigned long inlen)
|
||||
{
|
||||
_pk_key key;
|
||||
int system, key_type, err;
|
||||
int sys, key_type, err;
|
||||
unsigned long ID;
|
||||
|
||||
_ARGCHK(pk != NULL);
|
||||
@ -380,7 +380,7 @@ int kr_import(pk_key *pk, const unsigned char *in, unsigned long inlen)
|
||||
return CRYPT_INVALID_PACKET;
|
||||
}
|
||||
key_type = in[4]; /* get type */
|
||||
system = in[5]; /* get system */
|
||||
sys = in[5]; /* get system */
|
||||
LOAD32L(ID,in+6); /* the ID */
|
||||
|
||||
if (ID != kr_crc(in+10, in+10+MAXLEN, in+10+MAXLEN+MAXLEN)) {
|
||||
@ -392,7 +392,7 @@ int kr_import(pk_key *pk, const unsigned char *in, unsigned long inlen)
|
||||
/* size of remaining packet */
|
||||
inlen -= 10 + 3*MAXLEN;
|
||||
|
||||
switch (system) {
|
||||
switch (sys) {
|
||||
case RSA_KEY:
|
||||
if ((err = rsa_import(in+10+3*MAXLEN, inlen, &(key.rsa))) != CRYPT_OK) {
|
||||
return err;
|
||||
@ -409,7 +409,7 @@ int kr_import(pk_key *pk, const unsigned char *in, unsigned long inlen)
|
||||
}
|
||||
break;
|
||||
}
|
||||
return kr_add(pk, key_type, system,
|
||||
return kr_add(pk, key_type, sys,
|
||||
in+10, /* the name */
|
||||
in+10+MAXLEN, /* email address */
|
||||
in+10+MAXLEN+MAXLEN, /* description */
|
||||
@ -509,7 +509,7 @@ done:
|
||||
}
|
||||
|
||||
int kr_make_key(pk_key *pk, prng_state *prng, int wprng,
|
||||
int system, int keysize, const unsigned char *name,
|
||||
int sys, int keysize, const unsigned char *name,
|
||||
const unsigned char *email, const unsigned char *description)
|
||||
{
|
||||
_pk_key key;
|
||||
@ -527,7 +527,7 @@ int kr_make_key(pk_key *pk, prng_state *prng, int wprng,
|
||||
|
||||
/* make the key first */
|
||||
zeromem(&key, sizeof(key));
|
||||
switch (system) {
|
||||
switch (sys) {
|
||||
case RSA_KEY:
|
||||
if ((err = rsa_make_key(prng, wprng, keysize, 65537, &(key.rsa))) != CRYPT_OK) {
|
||||
return err;
|
||||
@ -551,7 +551,7 @@ int kr_make_key(pk_key *pk, prng_state *prng, int wprng,
|
||||
}
|
||||
|
||||
/* now add the key */
|
||||
if ((err = kr_add(pk, key_type, system, name, email, description, &key)) != CRYPT_OK) {
|
||||
if ((err = kr_add(pk, key_type, sys, name, email, description, &key)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
|
4
makefile
4
makefile
@ -9,7 +9,7 @@
|
||||
# a build. This is easy to remedy though, for those that have problems.
|
||||
|
||||
# The version
|
||||
VERSION=0.82
|
||||
VERSION=0.83
|
||||
|
||||
#ch1-01-1
|
||||
# Compiler and Linker Names
|
||||
@ -23,7 +23,7 @@ ARFLAGS=r
|
||||
|
||||
#ch1-01-3
|
||||
# Compilation flags. Note the += does not write over the user's CFLAGS!
|
||||
CFLAGS += -c -I./ -Wall -Wsign-compare -W -Wno-unused -Werror
|
||||
CFLAGS += -c -I./ -Wall -Wsign-compare -W -Wno-unused -Wshadow -Werror
|
||||
|
||||
# optimize for SPEED
|
||||
#CFLAGS += -O3 -funroll-loops
|
||||
|
@ -2,7 +2,7 @@
|
||||
#
|
||||
#Tom St Denis
|
||||
|
||||
CFLAGS = /I. /Ogityb2 /Gs /DWIN32 /W3
|
||||
CFLAGS = /I. /Ogiyb2t /Gs /DWIN32 /W3
|
||||
|
||||
default: library
|
||||
|
||||
|
@ -16,8 +16,8 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
/* version */
|
||||
#define CRYPT 0x0082
|
||||
#define SCRYPT "0.82"
|
||||
#define CRYPT 0x0083
|
||||
#define SCRYPT "0.83"
|
||||
|
||||
/* max size of either a cipher/hash block or symmetric key [largest of the two] */
|
||||
#define MAXBLOCKSIZE 128
|
||||
@ -27,6 +27,7 @@ extern "C" {
|
||||
enum {
|
||||
CRYPT_OK=0, /* Result OK */
|
||||
CRYPT_ERROR, /* Generic Error */
|
||||
CRYPT_NOP, /* Not a failure but no operation was performed */
|
||||
|
||||
CRYPT_INVALID_KEYSIZE, /* Invalid key size given */
|
||||
CRYPT_INVALID_ROUNDS, /* Invalid number of rounds */
|
||||
|
@ -42,13 +42,13 @@ extern unsigned long kr_crc(const unsigned char *name, const unsigned char *emai
|
||||
extern pk_key *kr_find(pk_key *pk, unsigned long ID);
|
||||
extern pk_key *kr_find_name(pk_key *pk, const char *name);
|
||||
|
||||
extern int kr_add(pk_key *pk, int key_type, int system, const unsigned char *name,
|
||||
extern int kr_add(pk_key *pk, int key_type, int sys, const unsigned char *name,
|
||||
const unsigned char *email, const unsigned char *description, const _pk_key *key);
|
||||
|
||||
extern int kr_del(pk_key **_pk, unsigned long ID);
|
||||
extern int kr_clear(pk_key **pk);
|
||||
extern int kr_make_key(pk_key *pk, prng_state *prng, int wprng,
|
||||
int system, int keysize, const unsigned char *name,
|
||||
int sys, int keysize, const unsigned char *name,
|
||||
const unsigned char *email, const unsigned char *description);
|
||||
|
||||
extern int kr_export(pk_key *pk, unsigned long ID, int key_type, unsigned char *out, unsigned long *outlen);
|
||||
|
@ -85,7 +85,7 @@ extern char *crypt_error;
|
||||
#ifdef ENDIAN_32BITWORD
|
||||
|
||||
#define STORE32L(x, y) \
|
||||
{ unsigned long t = (x); memcpy(y, &t, 4); }
|
||||
{ unsigned long __t = (x); memcpy(y, &__t, 4); }
|
||||
|
||||
#define LOAD32L(x, y) \
|
||||
memcpy(&(x), y, 4);
|
||||
@ -105,13 +105,13 @@ extern char *crypt_error;
|
||||
#else /* 64-bit words then */
|
||||
|
||||
#define STORE32L(x, y) \
|
||||
{ unsigned long t = (x); memcpy(y, &t, 4); }
|
||||
{ unsigned long __t = (x); memcpy(y, &__t, 4); }
|
||||
|
||||
#define LOAD32L(x, y) \
|
||||
{ memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
|
||||
|
||||
#define STORE64L(x, y) \
|
||||
{ ulong64 t = (x); memcpy(y, &t, 8); }
|
||||
{ ulong64 __t = (x); memcpy(y, &__t, 8); }
|
||||
|
||||
#define LOAD64L(x, y) \
|
||||
{ memcpy(&(x), y, 8); }
|
||||
@ -146,7 +146,7 @@ extern char *crypt_error;
|
||||
#ifdef ENDIAN_32BITWORD
|
||||
|
||||
#define STORE32H(x, y) \
|
||||
{ unsigned long t = (x); memcpy(y, &t, 4); }
|
||||
{ unsigned long __t = (x); memcpy(y, &__t, 4); }
|
||||
|
||||
#define LOAD32H(x, y) \
|
||||
memcpy(&(x), y, 4);
|
||||
@ -166,13 +166,13 @@ extern char *crypt_error;
|
||||
#else /* 64-bit words then */
|
||||
|
||||
#define STORE32H(x, y) \
|
||||
{ unsigned long t = (x); memcpy(y, &t, 4); }
|
||||
{ unsigned long __t = (x); memcpy(y, &__t, 4); }
|
||||
|
||||
#define LOAD32H(x, y) \
|
||||
{ memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
|
||||
|
||||
#define STORE64H(x, y) \
|
||||
{ ulong64 t = (x); memcpy(y, &t, 8); }
|
||||
{ ulong64 __t = (x); memcpy(y, &__t, 8); }
|
||||
|
||||
#define LOAD64H(x, y) \
|
||||
{ memcpy(&(x), y, 8); }
|
||||
|
18
rsa_sys.c
18
rsa_sys.c
@ -104,16 +104,12 @@ int rsa_decrypt_key(const unsigned char *in, unsigned long inlen,
|
||||
}
|
||||
y += 4;
|
||||
|
||||
/* read it in */
|
||||
for (x = 0; x < rsa_size; x++, y++) {
|
||||
rsa_in[x] = in[y];
|
||||
}
|
||||
|
||||
/* decrypt it */
|
||||
x = (unsigned long)sizeof(rsa_out);
|
||||
if ((err = rsa_exptmod(rsa_in, rsa_size, rsa_out, &x, PK_PRIVATE, key)) != CRYPT_OK) {
|
||||
if ((err = rsa_exptmod(in+y, rsa_size, rsa_out, &x, PK_PRIVATE, key)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
y += rsa_size;
|
||||
|
||||
/* depad it */
|
||||
z = (unsigned long)sizeof(sym_key);
|
||||
@ -240,16 +236,12 @@ int rsa_verify_hash(const unsigned char *sig, unsigned long siglen,
|
||||
}
|
||||
y += 4;
|
||||
|
||||
/* load the signature */
|
||||
for (x = 0; x < rsa_size; x++, y++) {
|
||||
rsa_in[x] = sig[y];
|
||||
}
|
||||
|
||||
/* exptmod it */
|
||||
x = (unsigned long)sizeof(rsa_in);
|
||||
if ((err = rsa_exptmod(rsa_in, rsa_size, rsa_out, &x, PK_PUBLIC, key)) != CRYPT_OK) {
|
||||
x = (unsigned long)sizeof(rsa_out);
|
||||
if ((err = rsa_exptmod(sig+y, rsa_size, rsa_out, &x, PK_PUBLIC, key)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
y += rsa_size;
|
||||
|
||||
/* depad it */
|
||||
z = (unsigned long)sizeof(rsa_in);
|
||||
|
@ -5,6 +5,7 @@ static const char *err_2_str[] =
|
||||
{
|
||||
"CRYPT_OK",
|
||||
"CRYPT_ERROR",
|
||||
"Non-fatal 'no-operation' requested.",
|
||||
|
||||
"Invalid keysize for block cipher.",
|
||||
"Invalid number of rounds for block cipher.",
|
||||
|
72
tommath.h
72
tommath.h
@ -10,9 +10,9 @@
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@iahu.ca, http://libtommath.iahu.ca
|
||||
* Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
|
||||
*/
|
||||
#include "mycrypt.h"
|
||||
#include <mycrypt.h>
|
||||
|
||||
#ifndef BN_H_
|
||||
#define BN_H_
|
||||
@ -30,8 +30,16 @@
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* C++ compilers don't like assigning void * to mp_digit * */
|
||||
#define OPT_CAST (mp_digit *)
|
||||
|
||||
#else
|
||||
|
||||
/* C on the other hand dosen't care */
|
||||
#define OPT_CAST
|
||||
|
||||
#endif
|
||||
|
||||
/* some default configurations.
|
||||
*
|
||||
@ -118,6 +126,12 @@ void mp_exch(mp_int *a, mp_int *b);
|
||||
/* shrink ram required for a bignum */
|
||||
int mp_shrink(mp_int *a);
|
||||
|
||||
/* grow an int to a given size */
|
||||
int mp_grow(mp_int *a, int size);
|
||||
|
||||
/* init to a given number of digits */
|
||||
int mp_init_size(mp_int *a, int size);
|
||||
|
||||
/* ---> Basic Manipulations <--- */
|
||||
|
||||
#define mp_iszero(a) (((a)->used == 0) ? 1 : 0)
|
||||
@ -133,12 +147,6 @@ void mp_set(mp_int *a, mp_digit b);
|
||||
/* set a 32-bit const */
|
||||
int mp_set_int(mp_int *a, unsigned long b);
|
||||
|
||||
/* grow an int to a given size */
|
||||
int mp_grow(mp_int *a, int size);
|
||||
|
||||
/* init to a given number of digits */
|
||||
int mp_init_size(mp_int *a, int size);
|
||||
|
||||
/* copy, b = a */
|
||||
int mp_copy(mp_int *a, mp_int *b);
|
||||
|
||||
@ -204,7 +212,6 @@ int mp_cmp_mag(mp_int *a, mp_int *b);
|
||||
/* c = a + b */
|
||||
int mp_add(mp_int *a, mp_int *b, mp_int *c);
|
||||
|
||||
|
||||
/* c = a - b */
|
||||
int mp_sub(mp_int *a, mp_int *b, mp_int *c);
|
||||
|
||||
@ -299,9 +306,52 @@ int mp_montgomery_calc_normalization(mp_int *a, mp_int *b);
|
||||
/* computes xR^-1 == x (mod N) via Montgomery Reduction */
|
||||
int mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp);
|
||||
|
||||
/* returns 1 if a is a valid DR modulus */
|
||||
int mp_dr_is_modulus(mp_int *a);
|
||||
|
||||
/* sets the value of "d" required for mp_dr_reduce */
|
||||
void mp_dr_setup(mp_int *a, mp_digit *d);
|
||||
|
||||
/* reduces a modulo b using the Diminished Radix method */
|
||||
int mp_dr_reduce(mp_int *a, mp_int *b, mp_digit mp);
|
||||
|
||||
/* d = a^b (mod c) */
|
||||
int mp_exptmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
|
||||
|
||||
/* ---> Primes <--- */
|
||||
#define PRIME_SIZE 256 /* number of primes */
|
||||
|
||||
/* table of first 256 primes */
|
||||
extern const mp_digit __prime_tab[];
|
||||
|
||||
/* result=1 if a is divisible by one of the first 256 primes */
|
||||
int mp_prime_is_divisible(mp_int *a, int *result);
|
||||
|
||||
/* performs one Fermat test of "a" using base "b".
|
||||
* Sets result to 0 if composite or 1 if probable prime
|
||||
*/
|
||||
int mp_prime_fermat(mp_int *a, mp_int *b, int *result);
|
||||
|
||||
/* performs one Miller-Rabin test of "a" using base "b".
|
||||
* Sets result to 0 if composite or 1 if probable prime
|
||||
*/
|
||||
int mp_prime_miller_rabin(mp_int *a, mp_int *b, int *result);
|
||||
|
||||
/* performs t rounds of Miller-Rabin on "a" using the first
|
||||
* t prime bases. Also performs an initial sieve of trial
|
||||
* division. Determines if "a" is prime with probability
|
||||
* of error no more than (1/4)^t.
|
||||
*
|
||||
* Sets result to 1 if probably prime, 0 otherwise
|
||||
*/
|
||||
int mp_prime_is_prime(mp_int *a, int t, int *result);
|
||||
|
||||
/* finds the next prime after the number "a" using "t" trials
|
||||
* of Miller-Rabin.
|
||||
*/
|
||||
int mp_prime_next_prime(mp_int *a, int t);
|
||||
|
||||
|
||||
/* ---> radix conversion <--- */
|
||||
int mp_count_bits(mp_int *a);
|
||||
|
||||
@ -343,7 +393,7 @@ int mp_karatsuba_mul(mp_int *a, mp_int *b, mp_int *c);
|
||||
int mp_karatsuba_sqr(mp_int *a, mp_int *b);
|
||||
int fast_mp_invmod(mp_int *a, mp_int *b, mp_int *c);
|
||||
int fast_mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp);
|
||||
int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y);
|
||||
int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int mode);
|
||||
void bn_reverse(unsigned char *s, int len);
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
4
yarrow.c
4
yarrow.c
@ -136,6 +136,10 @@ unsigned long yarrow_read(unsigned char *buf, unsigned long len, prng_state *prn
|
||||
_ARGCHK(buf != NULL);
|
||||
_ARGCHK(prng != NULL);
|
||||
|
||||
/* put buf in predictable state first */
|
||||
zeromem(buf, len);
|
||||
|
||||
/* now randomize it */
|
||||
if (ctr_encrypt(buf, buf, len, &prng->yarrow.ctr) != CRYPT_OK) {
|
||||
return 0;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user