diff --git a/coverage_more.sh b/coverage_more.sh index fe79ebb..562afcf 100755 --- a/coverage_more.sh +++ b/coverage_more.sh @@ -5,7 +5,7 @@ set -e ./sizes ./constants -for i in $(for j in $(echo $(./hashsum -h | tail -n +3)); do echo $j; done | sort); do echo -n "$i: " && ./hashsum -a $i tests/test.key ; done > hashsum_tv.txt +for i in $(for j in $(echo $(./hashsum -h | awk '/Algorithms/,EOF' | tail -n +2)); do echo $j; done | sort); do echo -n "$i: " && ./hashsum -a $i tests/test.key ; done > hashsum_tv.txt difftroubles=$(diff -i -w -B hashsum_tv.txt notes/hashsum_tv.txt | grep '^<') || true if [ -n "$difftroubles" ]; then echo "FAILURE: hashsum_tv.tx" diff --git a/demos/hashsum.c b/demos/hashsum.c index 83ab8c6..164bd68 100644 --- a/demos/hashsum.c +++ b/demos/hashsum.c @@ -38,22 +38,28 @@ static char* hashsum; +static void cleanup(void) +{ + free(hashsum); +} + static void die(int status) { unsigned long w, x; FILE* o = status == EXIT_SUCCESS ? stdout : stderr; - fprintf(o, "usage: %s -a algorithm [-c] [file...]\n", hashsum); - fprintf(o, "Algorithms:\n"); + fprintf(o, "usage: %s -a algorithm [-c] [file...]\n\n", hashsum); + fprintf(o, "\t-c\tCheck the hash(es) of the file(s) written in [file].\n"); + fprintf(o, "\t\t(-a not required)\n"); + fprintf(o, "\nAlgorithms:\n\t"); w = 0; for (x = 0; hash_descriptor[x].name != NULL; x++) { w += fprintf(o, "%-14s", hash_descriptor[x].name); if (w >= 70) { - fprintf(o, "\n"); + fprintf(o, "\n\t"); w = 0; } } if (w != 0) fprintf(o, "\n"); - free(hashsum); exit(status); } @@ -173,6 +179,7 @@ int main(int argc, char **argv) unsigned char hash_buffer[MAXBLOCKSIZE]; hashsum = strdup(basename(argv[0])); + atexit(cleanup); /* You need to register algorithms before using them */ register_all_ciphers(); diff --git a/demos/openssl-enc.c b/demos/openssl-enc.c index 2112101..3aca04f 100644 --- a/demos/openssl-enc.c +++ b/demos/openssl-enc.c @@ -89,7 +89,7 @@ union paddable { * Output: * Side Effects: print messages and barf (does exit(3)) */ -void barf(char *pname, char *err) +void barf(const char *pname, const char *err) { printf("Usage: %s infile outfile passphrase [salt]\n", pname); printf("\n"); diff --git a/src/headers/tomcrypt_custom.h b/src/headers/tomcrypt_custom.h index c657553..e1de248 100644 --- a/src/headers/tomcrypt_custom.h +++ b/src/headers/tomcrypt_custom.h @@ -500,6 +500,11 @@ #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) /* Include the MPI functionality? (required by the PK algorithms) */ #define LTC_MPI + + #ifndef LTC_PK_MAX_RETRIES + /* iterations limit for retry-loops */ + #define LTC_PK_MAX_RETRIES 20 + #endif #endif #ifdef LTC_MRSA diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h index 802c244..9f04f38 100644 --- a/src/headers/tomcrypt_pk.h +++ b/src/headers/tomcrypt_pk.h @@ -17,9 +17,6 @@ enum { /* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */ #define PK_STD 0x1000 -/* iterations limit for retry-loops */ -#define PK_MAX_RETRIES 20 - int rand_prime(void *N, long len, prng_state *prng, int wprng); #ifdef LTC_SOURCE diff --git a/src/headers/tomcrypt_pkcs.h b/src/headers/tomcrypt_pkcs.h index 5c4bda7..247e538 100644 --- a/src/headers/tomcrypt_pkcs.h +++ b/src/headers/tomcrypt_pkcs.h @@ -80,13 +80,13 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, /* ===> PKCS #5 -- Password Based Cryptography <=== */ #ifdef LTC_PKCS_5 -/* Algorithm #1 (old) */ +/* Algorithm #1 (PBKDF1) */ int pkcs_5_alg1(const unsigned char *password, unsigned long password_len, const unsigned char *salt, int iteration_count, int hash_idx, unsigned char *out, unsigned long *outlen); -/* Algorithm #1 - OpenSSL-compatible variant for arbitrarily-long keys. +/* Algorithm #1 (PBKDF1) - OpenSSL-compatible variant for arbitrarily-long keys. Compatible with EVP_BytesToKey() */ int pkcs_5_alg1_openssl(const unsigned char *password, unsigned long password_len, @@ -94,7 +94,7 @@ int pkcs_5_alg1_openssl(const unsigned char *password, int iteration_count, int hash_idx, unsigned char *out, unsigned long *outlen); -/* Algorithm #2 (new) */ +/* Algorithm #2 (PBKDF2) */ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len, const unsigned char *salt, unsigned long salt_len, int iteration_count, int hash_idx, diff --git a/src/misc/crypt/crypt.c b/src/misc/crypt/crypt.c index dd41df8..4ab6275 100644 --- a/src/misc/crypt/crypt.c +++ b/src/misc/crypt/crypt.c @@ -301,7 +301,7 @@ const char *crypt_build_settings = " SOBER128\n" #endif - "\nPK Algs:\n" + "\nPK Crypto:\n" #if defined(LTC_MRSA) " RSA" #if defined(LTC_RSA_BLINDING) && defined(LTC_RSA_CRT_HARDENING) @@ -329,6 +329,9 @@ const char *crypt_build_settings = #if defined(LTC_MKAT) " Katja\n" #endif +#if defined(LTC_PK_MAX_RETRIES) + " "NAME_VALUE(LTC_PK_MAX_RETRIES)"\n" +#endif "\nMPI (Math):\n" #if defined(LTC_MPI) diff --git a/src/pk/dh/dh_generate_key.c b/src/pk/dh/dh_generate_key.c index f128fd8..69fb6f9 100644 --- a/src/pk/dh/dh_generate_key.c +++ b/src/pk/dh/dh_generate_key.c @@ -46,7 +46,7 @@ int dh_generate_key(prng_state *prng, int wprng, dh_key *key) { unsigned char *buf; unsigned long keysize; - int err, max_iterations = PK_MAX_RETRIES; + int err, max_iterations = LTC_PK_MAX_RETRIES; LTC_ARGCHK(key != NULL); LTC_ARGCHK(ltc_mp.name != NULL); diff --git a/src/pk/ecc/ecc_sign_hash.c b/src/pk/ecc/ecc_sign_hash.c index e97dcf4..46cdfa3 100644 --- a/src/pk/ecc/ecc_sign_hash.c +++ b/src/pk/ecc/ecc_sign_hash.c @@ -22,7 +22,7 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen, { ecc_key pubkey; void *r, *s, *e, *p; - int err, max_iterations = PK_MAX_RETRIES; + int err, max_iterations = LTC_PK_MAX_RETRIES; unsigned long pbits, pbytes, i, shift_right; unsigned char ch, buf[MAXBLOCKSIZE]; diff --git a/src/stream/chacha/chacha_crypt.c b/src/stream/chacha/chacha_crypt.c index 66081ce..6814058 100644 --- a/src/stream/chacha/chacha_crypt.c +++ b/src/stream/chacha/chacha_crypt.c @@ -57,9 +57,11 @@ int chacha_crypt(chacha_state *st, const unsigned char *in, unsigned long inlen, unsigned long i, j; if (inlen == 0) return CRYPT_OK; /* nothing to do */ - LTC_ARGCHK(st != NULL); - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); + + LTC_ARGCHK(st != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(st->ivlen != 0); if (st->ksleft > 0) { j = MIN(st->ksleft, inlen);