diff --git a/demos/timing.c b/demos/timing.c
index aa7c9a5..746055d 100644
--- a/demos/timing.c
+++ b/demos/timing.c
@@ -665,7 +665,11 @@ static const struct {
for (y = 0; y < 4; y++) {
t_start();
t1 = t_read();
- if ((err = dsa_make_key(&yarrow_prng, find_prng("yarrow"), groups[x].group, groups[x].modulus, &key)) != CRYPT_OK) {
+ if ((err = dsa_generate_pqg(&yarrow_prng, find_prng("yarrow"), groups[x].group, groups[x].modulus, &key)) != CRYPT_OK) {
+ fprintf(stderr, "\n\ndsa_generate_pqg says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
+ exit(EXIT_FAILURE);
+ }
+ if ((err = dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) {
fprintf(stderr, "\n\ndsa_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
exit(EXIT_FAILURE);
}
@@ -898,9 +902,14 @@ static void time_dh(void)
for (x = sizes[i=0]; x < 100000; x = sizes[++i]) {
t2 = 0;
for (y = 0; y < 16; y++) {
+ if((err = dh_set_pg_groupsize(x, &key)) != CRYPT_OK) {
+ fprintf(stderr, "\n\ndh_set_pg_groupsize says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
+ exit(EXIT_FAILURE);
+ }
+
t_start();
t1 = t_read();
- if ((err = dh_make_key(&yarrow_prng, find_prng("yarrow"), x, &key)) != CRYPT_OK) {
+ if ((err = dh_generate_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) {
fprintf(stderr, "\n\ndh_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
exit(EXIT_FAILURE);
}
diff --git a/libtomcrypt_VS2008.vcproj b/libtomcrypt_VS2008.vcproj
index 2516240..7cc0d3c 100644
--- a/libtomcrypt_VS2008.vcproj
+++ b/libtomcrypt_VS2008.vcproj
@@ -1311,6 +1311,10 @@
RelativePath="src\math\multi.c"
>
+
+
@@ -2058,16 +2062,28 @@
RelativePath="src\pk\dh\dh_export.c"
>
+
+
+
+
+
+
+
+
+
+
+
+
-
-
@@ -2338,6 +2362,10 @@
RelativePath="src\pk\rsa\rsa_make_key.c"
>
+
+
diff --git a/makefile.mingw b/makefile.mingw
index 04ad30b..9a42b57 100644
--- a/makefile.mingw
+++ b/makefile.mingw
@@ -90,7 +90,7 @@ src/mac/poly1305/poly1305_memory_multi.o src/mac/poly1305/poly1305_test.o src/ma
src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
-src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
+src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
@@ -160,15 +160,18 @@ src/pk/asn1/der/teletex_string/der_length_teletex_string.o \
src/pk/asn1/der/utctime/der_decode_utctime.o src/pk/asn1/der/utctime/der_encode_utctime.o \
src/pk/asn1/der/utctime/der_length_utctime.o src/pk/asn1/der/utf8/der_decode_utf8_string.o \
src/pk/asn1/der/utf8/der_encode_utf8_string.o src/pk/asn1/der/utf8/der_length_utf8_string.o \
-src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_free.o \
-src/pk/dh/dh_import.o src/pk/dh/dh_make_key.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
-src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
-src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
-src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
-src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
-src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o \
-src/pk/ecc/ecc_import.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o \
-src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_export_key.o \
+src/pk/dh/dh_free.o src/pk/dh/dh_generate_key.o src/pk/dh/dh_import.o src/pk/dh/dh_set.o \
+src/pk/dh/dh_set_pg_dhparam.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
+src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
+src/pk/dsa/dsa_generate_key.o src/pk/dsa/dsa_generate_pqg.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o \
+src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
+src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
+src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
+src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
src/pk/ecc/ltc_ecc_is_valid_idx.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
src/pk/ecc/ltc_ecc_projective_add_point.o src/pk/ecc/ltc_ecc_projective_dbl_point.o \
@@ -179,8 +182,8 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_radix.o \
-src/pk/rsa/rsa_import_x509.o src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_x509.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_set.o src/pk/rsa/rsa_sign_hash.o \
src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o src/prngs/chacha20.o src/prngs/fortuna.o \
src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
@@ -192,9 +195,9 @@ src/stream/sober128/sober128_test.o
#List of test objects to compile
TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
-tests/modes_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \
-tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \
-tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
+tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
+tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
+tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
#The following headers will be installed by "make install"
HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
diff --git a/makefile.msvc b/makefile.msvc
index 804c858..f847f7b 100644
--- a/makefile.msvc
+++ b/makefile.msvc
@@ -83,7 +83,7 @@ src/mac/poly1305/poly1305_memory_multi.obj src/mac/poly1305/poly1305_test.obj sr
src/mac/xcbc/xcbc_file.obj src/mac/xcbc/xcbc_init.obj src/mac/xcbc/xcbc_memory.obj \
src/mac/xcbc/xcbc_memory_multi.obj src/mac/xcbc/xcbc_process.obj src/mac/xcbc/xcbc_test.obj \
src/math/fp/ltc_ecc_fp_mulmod.obj src/math/gmp_desc.obj src/math/ltm_desc.obj src/math/multi.obj \
-src/math/rand_bn.obj src/math/rand_prime.obj src/math/tfm_desc.obj src/misc/adler32.obj \
+src/math/radix_to_bin.obj src/math/rand_bn.obj src/math/rand_prime.obj src/math/tfm_desc.obj src/misc/adler32.obj \
src/misc/base64/base64_decode.obj src/misc/base64/base64_encode.obj src/misc/burn_stack.obj \
src/misc/compare_testvector.obj src/misc/crc32.obj src/misc/crypt/crypt.obj src/misc/crypt/crypt_argchk.obj \
src/misc/crypt/crypt_cipher_descriptor.obj src/misc/crypt/crypt_cipher_is_valid.obj \
@@ -153,15 +153,18 @@ src/pk/asn1/der/teletex_string/der_length_teletex_string.obj \
src/pk/asn1/der/utctime/der_decode_utctime.obj src/pk/asn1/der/utctime/der_encode_utctime.obj \
src/pk/asn1/der/utctime/der_length_utctime.obj src/pk/asn1/der/utf8/der_decode_utf8_string.obj \
src/pk/asn1/der/utf8/der_encode_utf8_string.obj src/pk/asn1/der/utf8/der_length_utf8_string.obj \
-src/pk/dh/dh.obj src/pk/dh/dh_check_pubkey.obj src/pk/dh/dh_export.obj src/pk/dh/dh_free.obj \
-src/pk/dh/dh_import.obj src/pk/dh/dh_make_key.obj src/pk/dh/dh_shared_secret.obj src/pk/dsa/dsa_decrypt_key.obj \
-src/pk/dsa/dsa_encrypt_key.obj src/pk/dsa/dsa_export.obj src/pk/dsa/dsa_free.obj src/pk/dsa/dsa_import.obj \
-src/pk/dsa/dsa_import_radix.obj src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_shared_secret.obj \
-src/pk/dsa/dsa_sign_hash.obj src/pk/dsa/dsa_verify_hash.obj src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj \
-src/pk/ecc/ecc_ansi_x963_export.obj src/pk/ecc/ecc_ansi_x963_import.obj src/pk/ecc/ecc_decrypt_key.obj \
-src/pk/ecc/ecc_encrypt_key.obj src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_free.obj src/pk/ecc/ecc_get_size.obj \
-src/pk/ecc/ecc_import.obj src/pk/ecc/ecc_make_key.obj src/pk/ecc/ecc_shared_secret.obj \
-src/pk/ecc/ecc_sign_hash.obj src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj src/pk/ecc/ecc_verify_hash.obj \
+src/pk/dh/dh.obj src/pk/dh/dh_check_pubkey.obj src/pk/dh/dh_export.obj src/pk/dh/dh_export_key.obj \
+src/pk/dh/dh_free.obj src/pk/dh/dh_generate_key.obj src/pk/dh/dh_import.obj src/pk/dh/dh_set.obj \
+src/pk/dh/dh_set_pg_dhparam.obj src/pk/dh/dh_shared_secret.obj src/pk/dsa/dsa_decrypt_key.obj \
+src/pk/dsa/dsa_encrypt_key.obj src/pk/dsa/dsa_export.obj src/pk/dsa/dsa_free.obj \
+src/pk/dsa/dsa_generate_key.obj src/pk/dsa/dsa_generate_pqg.obj src/pk/dsa/dsa_import.obj \
+src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_set.obj src/pk/dsa/dsa_set_pqg_dsaparam.obj \
+src/pk/dsa/dsa_shared_secret.obj src/pk/dsa/dsa_sign_hash.obj src/pk/dsa/dsa_verify_hash.obj \
+src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj src/pk/ecc/ecc_ansi_x963_export.obj \
+src/pk/ecc/ecc_ansi_x963_import.obj src/pk/ecc/ecc_decrypt_key.obj src/pk/ecc/ecc_encrypt_key.obj \
+src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_free.obj src/pk/ecc/ecc_get_size.obj src/pk/ecc/ecc_import.obj \
+src/pk/ecc/ecc_make_key.obj src/pk/ecc/ecc_shared_secret.obj src/pk/ecc/ecc_sign_hash.obj \
+src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj src/pk/ecc/ecc_verify_hash.obj \
src/pk/ecc/ltc_ecc_is_valid_idx.obj src/pk/ecc/ltc_ecc_map.obj src/pk/ecc/ltc_ecc_mul2add.obj \
src/pk/ecc/ltc_ecc_mulmod.obj src/pk/ecc/ltc_ecc_mulmod_timing.obj src/pk/ecc/ltc_ecc_points.obj \
src/pk/ecc/ltc_ecc_projective_add_point.obj src/pk/ecc/ltc_ecc_projective_dbl_point.obj \
@@ -172,8 +175,8 @@ src/pk/pkcs1/pkcs_1_oaep_decode.obj src/pk/pkcs1/pkcs_1_oaep_encode.obj src/pk/p
src/pk/pkcs1/pkcs_1_pss_decode.obj src/pk/pkcs1/pkcs_1_pss_encode.obj src/pk/pkcs1/pkcs_1_v1_5_decode.obj \
src/pk/pkcs1/pkcs_1_v1_5_encode.obj src/pk/rsa/rsa_decrypt_key.obj src/pk/rsa/rsa_encrypt_key.obj \
src/pk/rsa/rsa_export.obj src/pk/rsa/rsa_exptmod.obj src/pk/rsa/rsa_free.obj src/pk/rsa/rsa_get_size.obj \
-src/pk/rsa/rsa_import.obj src/pk/rsa/rsa_import_pkcs8.obj src/pk/rsa/rsa_import_radix.obj \
-src/pk/rsa/rsa_import_x509.obj src/pk/rsa/rsa_make_key.obj src/pk/rsa/rsa_sign_hash.obj \
+src/pk/rsa/rsa_import.obj src/pk/rsa/rsa_import_pkcs8.obj src/pk/rsa/rsa_import_x509.obj \
+src/pk/rsa/rsa_make_key.obj src/pk/rsa/rsa_set.obj src/pk/rsa/rsa_sign_hash.obj \
src/pk/rsa/rsa_sign_saltlen_get.obj src/pk/rsa/rsa_verify_hash.obj src/prngs/chacha20.obj src/prngs/fortuna.obj \
src/prngs/rc4.obj src/prngs/rng_get_bytes.obj src/prngs/rng_make_prng.obj src/prngs/sober128.obj \
src/prngs/sprng.obj src/prngs/yarrow.obj src/stream/chacha/chacha_crypt.obj src/stream/chacha/chacha_done.obj \
@@ -185,9 +188,9 @@ src/stream/sober128/sober128_test.obj
#List of test objects to compile
TOBJECTS=tests/base64_test.obj tests/cipher_hash_test.obj tests/common.obj tests/der_test.obj tests/dh_test.obj \
tests/dsa_test.obj tests/ecc_test.obj tests/file_test.obj tests/katja_test.obj tests/mac_test.obj tests/misc_test.obj \
-tests/modes_test.obj tests/multi_test.obj tests/no_prng.obj tests/pkcs_1_eme_test.obj tests/pkcs_1_emsa_test.obj \
-tests/pkcs_1_oaep_test.obj tests/pkcs_1_pss_test.obj tests/pkcs_1_test.obj tests/prng_test.obj \
-tests/rotate_test.obj tests/rsa_test.obj tests/store_test.obj tests/test.obj
+tests/modes_test.obj tests/mpi_test.obj tests/multi_test.obj tests/no_prng.obj tests/pkcs_1_eme_test.obj \
+tests/pkcs_1_emsa_test.obj tests/pkcs_1_oaep_test.obj tests/pkcs_1_pss_test.obj tests/pkcs_1_test.obj \
+tests/prng_test.obj tests/rotate_test.obj tests/rsa_test.obj tests/store_test.obj tests/test.obj
#The following headers will be installed by "make install"
HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
diff --git a/makefile.unix b/makefile.unix
index 9aab93b..7b9b8ae 100644
--- a/makefile.unix
+++ b/makefile.unix
@@ -100,7 +100,7 @@ src/mac/poly1305/poly1305_memory_multi.o src/mac/poly1305/poly1305_test.o src/ma
src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
-src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
+src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
@@ -170,15 +170,18 @@ src/pk/asn1/der/teletex_string/der_length_teletex_string.o \
src/pk/asn1/der/utctime/der_decode_utctime.o src/pk/asn1/der/utctime/der_encode_utctime.o \
src/pk/asn1/der/utctime/der_length_utctime.o src/pk/asn1/der/utf8/der_decode_utf8_string.o \
src/pk/asn1/der/utf8/der_encode_utf8_string.o src/pk/asn1/der/utf8/der_length_utf8_string.o \
-src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_free.o \
-src/pk/dh/dh_import.o src/pk/dh/dh_make_key.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
-src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
-src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
-src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
-src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
-src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o \
-src/pk/ecc/ecc_import.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o \
-src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_export_key.o \
+src/pk/dh/dh_free.o src/pk/dh/dh_generate_key.o src/pk/dh/dh_import.o src/pk/dh/dh_set.o \
+src/pk/dh/dh_set_pg_dhparam.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
+src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
+src/pk/dsa/dsa_generate_key.o src/pk/dsa/dsa_generate_pqg.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o \
+src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
+src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
+src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
+src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
src/pk/ecc/ltc_ecc_is_valid_idx.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
src/pk/ecc/ltc_ecc_projective_add_point.o src/pk/ecc/ltc_ecc_projective_dbl_point.o \
@@ -189,8 +192,8 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_radix.o \
-src/pk/rsa/rsa_import_x509.o src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_x509.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_set.o src/pk/rsa/rsa_sign_hash.o \
src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o src/prngs/chacha20.o src/prngs/fortuna.o \
src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
@@ -202,9 +205,9 @@ src/stream/sober128/sober128_test.o
#List of test objects to compile (all goes to libtomcrypt_prof.a)
TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
-tests/modes_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \
-tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \
-tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
+tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
+tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
+tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
#The following headers will be installed by "make install"
HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
diff --git a/makefile_include.mk b/makefile_include.mk
index 4fe3fd2..78ec3c4 100644
--- a/makefile_include.mk
+++ b/makefile_include.mk
@@ -206,7 +206,7 @@ src/mac/poly1305/poly1305_memory_multi.o src/mac/poly1305/poly1305_test.o src/ma
src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
-src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
+src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
@@ -276,15 +276,18 @@ src/pk/asn1/der/teletex_string/der_length_teletex_string.o \
src/pk/asn1/der/utctime/der_decode_utctime.o src/pk/asn1/der/utctime/der_encode_utctime.o \
src/pk/asn1/der/utctime/der_length_utctime.o src/pk/asn1/der/utf8/der_decode_utf8_string.o \
src/pk/asn1/der/utf8/der_encode_utf8_string.o src/pk/asn1/der/utf8/der_length_utf8_string.o \
-src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_free.o \
-src/pk/dh/dh_import.o src/pk/dh/dh_make_key.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
-src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
-src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
-src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
-src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
-src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o \
-src/pk/ecc/ecc_import.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o \
-src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_export_key.o \
+src/pk/dh/dh_free.o src/pk/dh/dh_generate_key.o src/pk/dh/dh_import.o src/pk/dh/dh_set.o \
+src/pk/dh/dh_set_pg_dhparam.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
+src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
+src/pk/dsa/dsa_generate_key.o src/pk/dsa/dsa_generate_pqg.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o \
+src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
+src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
+src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
+src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
src/pk/ecc/ltc_ecc_is_valid_idx.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
src/pk/ecc/ltc_ecc_projective_add_point.o src/pk/ecc/ltc_ecc_projective_dbl_point.o \
@@ -295,8 +298,8 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_radix.o \
-src/pk/rsa/rsa_import_x509.o src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_x509.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_set.o src/pk/rsa/rsa_sign_hash.o \
src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o src/prngs/chacha20.o src/prngs/fortuna.o \
src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
@@ -308,9 +311,9 @@ src/stream/sober128/sober128_test.o
# List of test objects to compile (all goes to libtomcrypt_prof.a)
TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
-tests/modes_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \
-tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \
-tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
+tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
+tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
+tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
# The following headers will be installed by "make install"
HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
diff --git a/src/headers/tomcrypt_math.h b/src/headers/tomcrypt_math.h
index 4332e5b..a52fb9d 100644
--- a/src/headers/tomcrypt_math.h
+++ b/src/headers/tomcrypt_math.h
@@ -30,6 +30,8 @@
#define LTC_MILLER_RABIN_REPS 35
#endif
+int radix_to_bin(const void *in, int radix, void *out, size_t* len);
+
/** math descriptor */
typedef struct {
/** Name of the math provider */
@@ -491,6 +493,7 @@ extern ltc_math_descriptor ltc_mp;
int ltc_init_multi(void **a, ...);
void ltc_deinit_multi(void *a, ...);
+void ltc_cleanup_multi(void **a, ...);
#ifdef LTM_DESC
extern const ltc_math_descriptor ltm_desc;
@@ -513,6 +516,7 @@ extern const ltc_math_descriptor gmp_desc;
#define mp_init_multi ltc_init_multi
#define mp_clear(a) ltc_mp.deinit(a)
#define mp_clear_multi ltc_deinit_multi
+#define mp_cleanup_multi ltc_cleanup_multi
#define mp_init_copy(a, b) ltc_mp.init_copy(a, b)
#define mp_neg(a, b) ltc_mp.neg(a, b)
diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h
index 392268b..44b8575 100644
--- a/src/headers/tomcrypt_pk.h
+++ b/src/headers/tomcrypt_pk.h
@@ -25,7 +25,7 @@ int rand_prime(void *N, long len, prng_state *prng, int wprng);
#ifdef LTC_SOURCE
/* internal helper functions */
int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng);
-int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng);
+int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng);
enum public_key_algorithms {
PKA_RSA,
@@ -126,7 +126,18 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key);
int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key);
int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen,
const void *passwd, unsigned long passwdlen, rsa_key *key);
-int rsa_import_radix(int radix, char *N, char *e, char *d, char *p, char *q, char *dP, char *dQ, char *qP, rsa_key *key);
+
+int rsa_set_key(const unsigned char *N, unsigned long Nlen,
+ const unsigned char *e, unsigned long elen,
+ const unsigned char *d, unsigned long dlen,
+ rsa_key *key);
+int rsa_set_factors(const unsigned char *p, unsigned long plen,
+ const unsigned char *q, unsigned long qlen,
+ rsa_key *key);
+int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen,
+ const unsigned char *dQ, unsigned long dQlen,
+ const unsigned char *qP, unsigned long qPlen,
+ rsa_key *key);
#endif
/* ---- Katja ---- */
@@ -204,16 +215,28 @@ typedef struct {
int dh_get_groupsize(dh_key *key);
-int dh_make_key(prng_state *prng, int wprng, int groupsize, dh_key *key);
-int dh_make_key_dhparam(prng_state *prng, int wprng, unsigned char *dhparam, unsigned long dhparamlen, dh_key *key);
-void dh_free(dh_key *key);
-
int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key);
int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key);
+int dh_set_pg(const unsigned char *p, unsigned long plen,
+ const unsigned char *g, unsigned long glen,
+ dh_key *key);
+int dh_set_pg_dhparam(const unsigned char *dhparam, unsigned long dhparamlen, dh_key *key);
+int dh_set_pg_groupsize(int groupsize, dh_key *key);
+
+int dh_set_key(const unsigned char *pub, unsigned long publen,
+ const unsigned char *priv, unsigned long privlen,
+ dh_key *key);
+int dh_generate_key(prng_state *prng, int wprng, dh_key *key);
+
int dh_shared_secret(dh_key *private_key, dh_key *public_key,
unsigned char *out, unsigned long *outlen);
+void dh_free(dh_key *key);
+
+int dh_export_key(void *out, unsigned long *outlen,
+ int type, dh_key *key);
+
#ifdef LTC_SOURCE
/* internal helper functions */
int dh_check_pubkey(dh_key *key);
@@ -419,7 +442,17 @@ typedef struct {
int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
-int dsa_make_key_ex(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key, char* p_hex, char* q_hex, char* g_hex);
+int dsa_set_pqg(const unsigned char *p, unsigned long plen,
+ const unsigned char *q, unsigned long qlen,
+ const unsigned char *g, unsigned long glen,
+ dsa_key *key);
+int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen, dsa_key *key);
+int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
+
+int dsa_set_key(const unsigned char *pub, unsigned long publen,
+ const unsigned char *priv, unsigned long privlen,
+ dsa_key *key);
+int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key);
void dsa_free(dsa_key *key);
@@ -448,7 +481,6 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
dsa_key *key);
-int dsa_import_radix(int radix, char *p, char *q, char *g, char *x, char *y, dsa_key *key);
int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key);
int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key);
int dsa_verify_key(dsa_key *key, int *stat);
diff --git a/src/math/multi.c b/src/math/multi.c
index bfed3ce..da5bb60 100644
--- a/src/math/multi.c
+++ b/src/math/multi.c
@@ -53,6 +53,23 @@ void ltc_deinit_multi(void *a, ...)
va_end(args);
}
+void ltc_cleanup_multi(void **a, ...)
+{
+ void **cur = a;
+ va_list args;
+
+ va_start(args, a);
+ while (cur != NULL) {
+ if (*cur != NULL) {
+ mp_clear(*cur);
+ *cur = NULL;
+ }
+ cur = va_arg(args, void**);
+ }
+ va_end(args);
+ return;
+}
+
#endif
/* ref: $Format:%D$ */
diff --git a/src/math/radix_to_bin.c b/src/math/radix_to_bin.c
new file mode 100644
index 0000000..fef58ae
--- /dev/null
+++ b/src/math/radix_to_bin.c
@@ -0,0 +1,62 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+/**
+ @file radix_to_bin.c
+ Convert data from a specific radix to binary.
+ Steffen Jaeckel
+*/
+
+/**
+ Convert data from a specific radix to binary
+
+ The default MPI descriptors #ltm_desc, #tfm_desc and #gmp_desc
+ have the following restrictions on parameters:
+
+ \p in - NUL-terminated char buffer
+
+ \p radix - 2..64
+
+ @param in The input
+ @param radix The radix of the input
+ @param out The output buffer
+ @param len [in/out] The length of the output buffer
+
+ @return CRYPT_OK on success.
+*/
+int radix_to_bin(const void *in, int radix, void *out, size_t* len)
+{
+ size_t l;
+ void* mpi;
+ int err;
+
+ LTC_ARGCHK(in != NULL);
+ LTC_ARGCHK(len != NULL);
+
+ if ((err = mp_init(&mpi)) != CRYPT_OK) return err;
+ if ((err = mp_read_radix(mpi, in, radix)) != CRYPT_OK) goto LBL_ERR;
+
+ if ((l = mp_unsigned_bin_size(mpi)) > *len) {
+ *len = l;
+ err = CRYPT_BUFFER_OVERFLOW;
+ goto LBL_ERR;
+ }
+ *len = l;
+
+ if ((err = mp_to_unsigned_bin(mpi, out)) != CRYPT_OK) goto LBL_ERR;
+
+LBL_ERR:
+ mp_clear(mpi);
+ return err;
+}
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/math/rand_bn.c b/src/math/rand_bn.c
index 5cdd1d9..a42ba64 100755
--- a/src/math/rand_bn.c
+++ b/src/math/rand_bn.c
@@ -51,19 +51,20 @@ cleanup:
}
/**
- Generate a random number N in a range: 0 <= N < limit
+ Generate a random number N in a range: 1 <= N < limit
*/
-int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng)
+int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng)
{
- int res;
+ int res, bits;
LTC_ARGCHK(N != NULL);
LTC_ARGCHK(limit != NULL);
+ bits = mp_count_bits(limit);
do {
- res = rand_bn_bits(N, mp_count_bits(limit), prng, wprng);
+ res = rand_bn_bits(N, bits, prng, wprng);
if (res != CRYPT_OK) return res;
- } while (mp_cmp(N, limit) != LTC_MP_LT);
+ } while (mp_cmp_d(N, 0) != LTC_MP_GT || mp_cmp(N, limit) != LTC_MP_LT);
return CRYPT_OK;
}
diff --git a/src/pk/dh/dh_check_pubkey.c b/src/pk/dh/dh_check_pubkey.c
index c77e4bd..fb4f37b 100644
--- a/src/pk/dh/dh_check_pubkey.c
+++ b/src/pk/dh/dh_check_pubkey.c
@@ -23,9 +23,6 @@ int dh_check_pubkey(dh_key *key)
int i, digit_count, bits_set = 0, err;
LTC_ARGCHK(key != NULL);
- LTC_ARGCHK(key->y != NULL);
- LTC_ARGCHK(key->base != NULL);
- LTC_ARGCHK(key->prime != NULL);
if ((err = mp_init(&p_minus1)) != CRYPT_OK) {
return err;
diff --git a/src/pk/dh/dh_export_key.c b/src/pk/dh/dh_export_key.c
new file mode 100644
index 0000000..d48c011
--- /dev/null
+++ b/src/pk/dh/dh_export_key.c
@@ -0,0 +1,47 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_MDH
+
+/**
+ Binary export a DH key to a buffer
+ @param out [out] The destination for the key
+ @param outlen [in/out] The max size and resulting size of the DH key
+ @param type Which type of key (PK_PRIVATE or PK_PUBLIC)
+ @param key The key you wish to export
+ @return CRYPT_OK if successful
+*/
+int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key)
+{
+ unsigned long len;
+ void *k;
+
+ LTC_ARGCHK(out != NULL);
+ LTC_ARGCHK(outlen != NULL);
+ LTC_ARGCHK(key != NULL);
+
+ k = (type == PK_PRIVATE) ? key->x : key->y;
+ len = mp_unsigned_bin_size(k);
+
+ if (*outlen < len) {
+ *outlen = len;
+ return CRYPT_BUFFER_OVERFLOW;
+ }
+ *outlen = len;
+
+ return mp_to_unsigned_bin(k, out);
+}
+
+#endif /* LTC_MDH */
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/dh/dh_free.c b/src/pk/dh/dh_free.c
index 8ca1f65..965ff24 100644
--- a/src/pk/dh/dh_free.c
+++ b/src/pk/dh/dh_free.c
@@ -18,22 +18,7 @@
void dh_free(dh_key *key)
{
LTC_ARGCHKVD(key != NULL);
- if ( key->base ) {
- mp_clear( key->base );
- key->base = NULL;
- }
- if ( key->prime ) {
- mp_clear( key->prime );
- key->prime = NULL;
- }
- if ( key->x ) {
- mp_clear( key->x );
- key->x = NULL;
- }
- if ( key->y ) {
- mp_clear( key->y );
- key->y = NULL;
- }
+ mp_cleanup_multi(&key->base, &key->prime, &key->x, &key->y, NULL);
}
#endif /* LTC_MDH */
diff --git a/src/pk/dh/dh_generate_key.c b/src/pk/dh/dh_generate_key.c
new file mode 100644
index 0000000..04db294
--- /dev/null
+++ b/src/pk/dh/dh_generate_key.c
@@ -0,0 +1,102 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_MDH
+
+static int _dh_groupsize_to_keysize(int groupsize)
+{
+ /* The strength estimates from https://tools.ietf.org/html/rfc3526#section-8
+ * We use "Estimate 2" to get an appropriate private key (exponent) size.
+ */
+ if (groupsize <= 0) {
+ return 0;
+ }
+ else if (groupsize <= 192) {
+ return 30; /* 1536-bit => key size 240-bit */
+ }
+ else if (groupsize <= 256) {
+ return 40; /* 2048-bit => key size 320-bit */
+ }
+ else if (groupsize <= 384) {
+ return 52; /* 3072-bit => key size 416-bit */
+ }
+ else if (groupsize <= 512) {
+ return 60; /* 4096-bit => key size 480-bit */
+ }
+ else if (groupsize <= 768) {
+ return 67; /* 6144-bit => key size 536-bit */
+ }
+ else if (groupsize <= 1024) {
+ return 77; /* 8192-bit => key size 616-bit */
+ }
+ else {
+ return 0;
+ }
+}
+
+int dh_generate_key(prng_state *prng, int wprng, dh_key *key)
+{
+ unsigned char *buf;
+ unsigned long keysize;
+ int err, max_iterations = PK_MAX_RETRIES;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ /* good prng? */
+ if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+ return err;
+ }
+
+ keysize = _dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime));
+ if (keysize == 0) {
+ err = CRYPT_INVALID_KEYSIZE;
+ goto freemp;
+ }
+
+ /* allocate buffer */
+ buf = XMALLOC(keysize);
+ if (buf == NULL) {
+ err = CRYPT_MEM;
+ goto freemp;
+ }
+
+ key->type = PK_PRIVATE;
+ do {
+ /* make up random buf */
+ if (prng_descriptor[wprng].read(buf, keysize, prng) != keysize) {
+ err = CRYPT_ERROR_READPRNG;
+ goto freebuf;
+ }
+ /* load the x value - private key */
+ if ((err = mp_read_unsigned_bin(key->x, buf, keysize)) != CRYPT_OK) {
+ goto freebuf;
+ }
+ /* compute the y value - public key */
+ if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) {
+ goto freebuf;
+ }
+ err = dh_check_pubkey(key);
+ } while (err != CRYPT_OK && max_iterations-- > 0);
+
+freebuf:
+ zeromem(buf, keysize);
+ XFREE(buf);
+freemp:
+ if (err != CRYPT_OK) mp_clear_multi(key->x, key->y, key->base, key->prime, NULL);
+ return err;
+}
+
+#endif /* LTC_MDH */
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/dh/dh_make_key.c b/src/pk/dh/dh_make_key.c
deleted file mode 100644
index cbaea88..0000000
--- a/src/pk/dh/dh_make_key.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-
-#include "tomcrypt.h"
-
-#ifdef LTC_MDH
-
-static int _dh_groupsize_to_keysize(int groupsize)
-{
- /* The strength estimates from https://tools.ietf.org/html/rfc3526#section-8
- * We use "Estimate 2" to get an appropriate private key (exponent) size.
- */
- if (groupsize <= 0) {
- return 0;
- }
- else if (groupsize <= 192) {
- return 30; /* 1536-bit => key size 240-bit */
- }
- else if (groupsize <= 256) {
- return 40; /* 2048-bit => key size 320-bit */
- }
- else if (groupsize <= 384) {
- return 52; /* 3072-bit => key size 416-bit */
- }
- else if (groupsize <= 512) {
- return 60; /* 4096-bit => key size 480-bit */
- }
- else if (groupsize <= 768) {
- return 67; /* 6144-bit => key size 536-bit */
- }
- else if (groupsize <= 1024) {
- return 77; /* 8192-bit => key size 616-bit */
- }
- else {
- return 0;
- }
-}
-
-static int _dh_make_key(prng_state *prng, int wprng, void *prime, void *base, dh_key *key)
-{
- unsigned char *buf;
- unsigned long keysize;
- int err, max_iterations = PK_MAX_RETRIES;
-
- LTC_ARGCHK(key != NULL);
- LTC_ARGCHK(prng != NULL);
- LTC_ARGCHK(prime != NULL);
- LTC_ARGCHK(base != NULL);
-
- /* good prng? */
- if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
- return err;
- }
-
- /* init big numbers */
- if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) {
- return err;
- }
-
- /* load the prime and the base */
- if ((err = mp_copy(base, key->base)) != CRYPT_OK) { goto freemp; }
- if ((err = mp_copy(prime, key->prime)) != CRYPT_OK) { goto freemp; }
-
- keysize = _dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime));
- if (keysize == 0) {
- err = CRYPT_INVALID_KEYSIZE;
- goto freemp;
- }
-
- /* allocate buffer */
- buf = XMALLOC(keysize);
- if (buf == NULL) {
- err = CRYPT_MEM;
- goto freemp;
- }
-
- key->type = PK_PRIVATE;
- do {
- /* make up random buf */
- if (prng_descriptor[wprng].read(buf, keysize, prng) != keysize) {
- err = CRYPT_ERROR_READPRNG;
- goto freebuf;
- }
- /* load the x value - private key */
- if ((err = mp_read_unsigned_bin(key->x, buf, keysize)) != CRYPT_OK) {
- goto freebuf;
- }
- /* compute the y value - public key */
- if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) {
- goto freebuf;
- }
- err = dh_check_pubkey(key);
- } while (err != CRYPT_OK && max_iterations-- > 0);
-
-freebuf:
- zeromem(buf, keysize);
- XFREE(buf);
-freemp:
- if (err != CRYPT_OK) mp_clear_multi(key->x, key->y, key->base, key->prime, NULL);
- return err;
-}
-
-/**
- Make a DH key (use built-in DH groups) [private key pair]
- @param prng An active PRNG state
- @param wprng The index for the PRNG you desire to use
- @param groupsize The size (octets) of used DH group
- @param key [out] Where the newly created DH key will be stored
- @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
-*/
-int dh_make_key(prng_state *prng, int wprng, int groupsize, dh_key *key)
-{
- void *p, *b;
- int i, err;
-
- LTC_ARGCHK(groupsize > 0);
-
- for (i = 0; (groupsize > ltc_dh_sets[i].size) && (ltc_dh_sets[i].size != 0); i++);
- if (ltc_dh_sets[i].size == 0) return CRYPT_INVALID_KEYSIZE;
-
- if ((err = mp_init_multi(&p, &b, NULL)) != CRYPT_OK) { return err; }
- if ((err = mp_read_radix(b, ltc_dh_sets[i].base, 16)) != CRYPT_OK) { goto error; }
- if ((err = mp_read_radix(p, ltc_dh_sets[i].prime, 16)) != CRYPT_OK) { goto error; }
- err = _dh_make_key(prng, wprng, p, b, key);
-
-error:
- mp_clear_multi(p, b, NULL);
- return err;
-}
-
-/**
- Make a DH key (dhparam data: openssl dhparam -outform DER -out dhparam.der 2048)
- @param prng An active PRNG state
- @param wprng The index for the PRNG you desire to use
- @param dhparam The DH param DER encoded data
- @param dhparamlen The length of dhparam data
- @param key [out] Where the newly created DH key will be stored
- @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
-*/
-int dh_make_key_dhparam(prng_state *prng, int wprng, unsigned char *dhparam, unsigned long dhparamlen, dh_key *key)
-{
- void *prime, *base;
- int err;
-
- LTC_ARGCHK(dhparam != NULL);
- LTC_ARGCHK(dhparamlen > 0);
-
- if ((err = mp_init_multi(&prime, &base, NULL)) != CRYPT_OK) {
- return err;
- }
- if ((err = der_decode_sequence_multi(dhparam, dhparamlen,
- LTC_ASN1_INTEGER, 1UL, prime,
- LTC_ASN1_INTEGER, 1UL, base,
- LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
- goto error;
- }
- err = _dh_make_key(prng, wprng, prime, base, key);
-
-error:
- mp_clear_multi(prime, base, NULL);
- return err;
-}
-
-
-#endif /* LTC_MDH */
-
-/* ref: $Format:%D$ */
-/* git commit: $Format:%H$ */
-/* commit time: $Format:%ai$ */
diff --git a/src/pk/dh/dh_set.c b/src/pk/dh/dh_set.c
new file mode 100644
index 0000000..edd28bb
--- /dev/null
+++ b/src/pk/dh/dh_set.c
@@ -0,0 +1,133 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_MDH
+
+/**
+ Import DH key parts p and g from raw numbers
+
+ @param p DH's p (prime)
+ @param plen DH's p's length
+ @param g DH's g (group)
+ @param glen DH's g's length
+ @param key [out] the destination for the imported key
+ @return CRYPT_OK if successful
+*/
+int dh_set_pg(const unsigned char *p, unsigned long plen,
+ const unsigned char *g, unsigned long glen,
+ dh_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(p != NULL);
+ LTC_ARGCHK(g != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) {
+ return err;
+ }
+
+ if ((err = mp_read_unsigned_bin(key->base, (unsigned char*)g, glen)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = mp_read_unsigned_bin(key->prime, (unsigned char*)p, plen)) != CRYPT_OK) { goto LBL_ERR; }
+
+ return CRYPT_OK;
+
+LBL_ERR:
+ dh_free(key);
+ return err;
+}
+
+/**
+ Import DH key parts p and g from built-in DH groups
+
+ @param groupsize The size of the DH group to use
+ @param key [out] Where the newly created DH key will be stored
+ @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
+*/
+int dh_set_pg_groupsize(int groupsize, dh_key *key)
+{
+ int err, i;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+ LTC_ARGCHK(groupsize > 0);
+
+ for (i = 0; (groupsize > ltc_dh_sets[i].size) && (ltc_dh_sets[i].size != 0); i++);
+ if (ltc_dh_sets[i].size == 0) return CRYPT_INVALID_KEYSIZE;
+
+ if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) {
+ return err;
+ }
+ if ((err = mp_read_radix(key->base, ltc_dh_sets[i].base, 16)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = mp_read_radix(key->prime, ltc_dh_sets[i].prime, 16)) != CRYPT_OK) { goto LBL_ERR; }
+
+ return CRYPT_OK;
+
+LBL_ERR:
+ dh_free(key);
+ return err;
+}
+
+/**
+ Import DH key parts pub and priv from raw numbers
+
+ @param pub DH's pub (public key) (can be NULL if priv is valid)
+ @param publen DH's pub's length
+ @param priv DH's priv (private key) (can be NULL if pub is valid)
+ @param privlen DH's priv's length
+ @param key [out] the destination for the imported key
+ @return CRYPT_OK if successful
+*/
+int dh_set_key(const unsigned char *pub, unsigned long publen,
+ const unsigned char *priv, unsigned long privlen,
+ dh_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ if(priv == NULL) {
+ if ((err = mp_read_unsigned_bin(key->y, (unsigned char*)pub, publen)) != CRYPT_OK) { goto LBL_ERR; }
+ key->type = PK_PUBLIC;
+ mp_clear(key->x);
+ key->x = NULL;
+ }
+ else {
+ if ((err = mp_read_unsigned_bin(key->x, (unsigned char*)priv, privlen)) != CRYPT_OK) { goto LBL_ERR; }
+ if (pub != NULL) {
+ if ((err = mp_read_unsigned_bin(key->y, (unsigned char*)pub, publen)) != CRYPT_OK) { goto LBL_ERR; }
+ }
+ else {
+ /* compute y value */
+ if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) { goto LBL_ERR; }
+ }
+ key->type = PK_PRIVATE;
+ }
+
+ /* check public key */
+ if ((err = dh_check_pubkey(key)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ return CRYPT_OK;
+
+LBL_ERR:
+ dh_free(key);
+ return err;
+}
+
+#endif /* LTC_MDH */
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/dh/dh_set_pg_dhparam.c b/src/pk/dh/dh_set_pg_dhparam.c
new file mode 100644
index 0000000..7003011
--- /dev/null
+++ b/src/pk/dh/dh_set_pg_dhparam.c
@@ -0,0 +1,54 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_MDH
+
+/**
+ Import DH key parts p and g from dhparam
+
+ dhparam data: openssl dhparam -outform DER -out dhparam.der 2048
+
+ @param dhparam The DH param DER encoded data
+ @param dhparamlen The length of dhparam data
+ @param key [out] Where the newly created DH key will be stored
+ @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
+*/
+int dh_set_pg_dhparam(const unsigned char *dhparam, unsigned long dhparamlen, dh_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+ LTC_ARGCHK(dhparam != NULL);
+ LTC_ARGCHK(dhparamlen > 0);
+
+ if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) {
+ return err;
+ }
+ if ((err = der_decode_sequence_multi(dhparam, dhparamlen,
+ LTC_ASN1_INTEGER, 1UL, key->prime,
+ LTC_ASN1_INTEGER, 1UL, key->base,
+ LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ return CRYPT_OK;
+
+LBL_ERR:
+ dh_free(key);
+ return err;
+}
+
+#endif /* LTC_MDH */
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/dsa/dsa_encrypt_key.c b/src/pk/dsa/dsa_encrypt_key.c
index 896baa3..c854367 100644
--- a/src/pk/dsa/dsa_encrypt_key.c
+++ b/src/pk/dsa/dsa_encrypt_key.c
@@ -35,7 +35,7 @@ int dsa_encrypt_key(const unsigned char *in, unsigned long inlen,
unsigned char *expt, *skey;
void *g_pub, *g_priv;
unsigned long x, y;
- int err, qbits;
+ int err;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
@@ -73,14 +73,12 @@ int dsa_encrypt_key(const unsigned char *in, unsigned long inlen,
return CRYPT_MEM;
}
- /* make a random g_priv, g_pub = g^x pair */
- qbits = mp_count_bits(key->q);
- do {
- if ((err = rand_bn_bits(g_priv, qbits, prng, wprng)) != CRYPT_OK) {
- goto LBL_ERR;
- }
- /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */
- } while (mp_cmp_d(g_priv, 0) != LTC_MP_GT || mp_cmp(g_priv, key->q) != LTC_MP_LT);
+ /* make a random g_priv, g_pub = g^x pair
+ private key x should be in range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2)
+ */
+ if ((err = rand_bn_upto(g_priv, key->q, prng, wprng)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
/* compute y */
if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) {
diff --git a/src/pk/dsa/dsa_free.c b/src/pk/dsa/dsa_free.c
index 89b5c66..5cac656 100644
--- a/src/pk/dsa/dsa_free.c
+++ b/src/pk/dsa/dsa_free.c
@@ -22,7 +22,8 @@
void dsa_free(dsa_key *key)
{
LTC_ARGCHKVD(key != NULL);
- mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL);
+ mp_cleanup_multi(&key->y, &key->x, &key->q, &key->g, &key->p, NULL);
+ key->type = key->qord = 0;
}
#endif
diff --git a/src/pk/dsa/dsa_generate_key.c b/src/pk/dsa/dsa_generate_key.c
new file mode 100644
index 0000000..18b2df6
--- /dev/null
+++ b/src/pk/dsa/dsa_generate_key.c
@@ -0,0 +1,47 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+/**
+ @file dsa_make_key.c
+ DSA implementation, generate a DSA key
+*/
+
+#ifdef LTC_MDSA
+
+/**
+ Create a DSA key
+ @param prng An active PRNG state
+ @param wprng The index of the PRNG desired
+ @param key [in/out] Where to store the created key
+ @return CRYPT_OK if successful.
+*/
+int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ /* so now we have our DH structure, generator g, order q, modulus p
+ Now we need a random exponent [mod q] and it's power g^x mod p
+ */
+ /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */
+ if ((err = rand_bn_upto(key->x, key->q, prng, wprng)) != CRYPT_OK) { return err; }
+ if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { return err; }
+ key->type = PK_PRIVATE;
+
+ return CRYPT_OK;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/dsa/dsa_generate_pqg.c b/src/pk/dsa/dsa_generate_pqg.c
new file mode 100644
index 0000000..91c7ef7
--- /dev/null
+++ b/src/pk/dsa/dsa_generate_pqg.c
@@ -0,0 +1,244 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+/**
+ @file dsa_generate_pqg.c
+ DSA implementation - generate DSA parameters p, q & g
+*/
+
+#ifdef LTC_MDSA
+
+/**
+ Create DSA parameters (INTERNAL ONLY, not part of public API)
+ @param prng An active PRNG state
+ @param wprng The index of the PRNG desired
+ @param group_size Size of the multiplicative group (octets)
+ @param modulus_size Size of the modulus (octets)
+ @param p [out] bignum where generated 'p' is stored (must be initialized by caller)
+ @param q [out] bignum where generated 'q' is stored (must be initialized by caller)
+ @param g [out] bignum where generated 'g' is stored (must be initialized by caller)
+ @return CRYPT_OK if successful, upon error this function will free all allocated memory
+*/
+static int _dsa_make_params(prng_state *prng, int wprng, int group_size, int modulus_size, void *p, void *q, void *g)
+{
+ unsigned long L, N, n, outbytes, seedbytes, counter, j, i;
+ int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash;
+ unsigned char *wbuf, *sbuf, digest[MAXBLOCKSIZE];
+ void *t2L1, *t2N1, *t2q, *t2seedlen, *U, *W, *X, *c, *h, *e, *seedinc;
+
+ /* check size */
+ if (group_size >= LTC_MDSA_MAX_GROUP || group_size < 1 || group_size >= modulus_size) {
+ return CRYPT_INVALID_ARG;
+ }
+
+ /* FIPS-186-4 A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function
+ *
+ * L = The desired length of the prime p (in bits e.g. L = 1024)
+ * N = The desired length of the prime q (in bits e.g. N = 160)
+ * seedlen = The desired bit length of the domain parameter seed; seedlen shallbe equal to or greater than N
+ * outlen = The bit length of Hash function
+ *
+ * 1. Check that the (L, N)
+ * 2. If (seedlen = 2^(L-1)) {
+ * Test whether or not p is prime as specified in Appendix C.3.
+ * If p is determined to be prime, then return VALID and the values of p, qand (optionally) the values of domain_parameter_seed and counter
+ * }
+ * offset = offset + n + 1 Comment: Increment offset
+ * }
+ */
+
+ seedbytes = group_size;
+ L = modulus_size * 8;
+ N = group_size * 8;
+
+ /* XXX-TODO no Lucas test */
+#ifdef LTC_MPI_HAS_LUCAS_TEST
+ /* M-R tests (when followed by one Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */
+ mr_tests_p = (L <= 2048) ? 3 : 2;
+ if (N <= 160) { mr_tests_q = 19; }
+ else if (N <= 224) { mr_tests_q = 24; }
+ else { mr_tests_q = 27; }
+#else
+ /* M-R tests (without Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */
+ if (L <= 1024) { mr_tests_p = 40; }
+ else if (L <= 2048) { mr_tests_p = 56; }
+ else { mr_tests_p = 64; }
+
+ if (N <= 160) { mr_tests_q = 40; }
+ else if (N <= 224) { mr_tests_q = 56; }
+ else { mr_tests_q = 64; }
+#endif
+
+ if (N <= 256) {
+ hash = register_hash(&sha256_desc);
+ }
+ else if (N <= 384) {
+ hash = register_hash(&sha384_desc);
+ }
+ else if (N <= 512) {
+ hash = register_hash(&sha512_desc);
+ }
+ else {
+ return CRYPT_INVALID_ARG; /* group_size too big */
+ }
+
+ if ((err = hash_is_valid(hash)) != CRYPT_OK) { return err; }
+ outbytes = hash_descriptor[hash].hashsize;
+
+ n = ((L + outbytes*8 - 1) / (outbytes*8)) - 1;
+
+ if ((wbuf = XMALLOC((n+1)*outbytes)) == NULL) { err = CRYPT_MEM; goto cleanup3; }
+ if ((sbuf = XMALLOC(seedbytes)) == NULL) { err = CRYPT_MEM; goto cleanup2; }
+
+ err = mp_init_multi(&t2L1, &t2N1, &t2q, &t2seedlen, &U, &W, &X, &c, &h, &e, &seedinc, NULL);
+ if (err != CRYPT_OK) { goto cleanup1; }
+
+ if ((err = mp_2expt(t2L1, L-1)) != CRYPT_OK) { goto cleanup; }
+ /* t2L1 = 2^(L-1) */
+ if ((err = mp_2expt(t2N1, N-1)) != CRYPT_OK) { goto cleanup; }
+ /* t2N1 = 2^(N-1) */
+ if ((err = mp_2expt(t2seedlen, seedbytes*8)) != CRYPT_OK) { goto cleanup; }
+ /* t2seedlen = 2^seedlen */
+
+ for(found_p=0; !found_p;) {
+ /* q */
+ for(found_q=0; !found_q;) {
+ if (prng_descriptor[wprng].read(sbuf, seedbytes, prng) != seedbytes) { err = CRYPT_ERROR_READPRNG; goto cleanup; }
+ i = outbytes;
+ if ((err = hash_memory(hash, sbuf, seedbytes, digest, &i)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_read_unsigned_bin(U, digest, outbytes)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_mod(U, t2N1, U)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_add(t2N1, U, q)) != CRYPT_OK) { goto cleanup; }
+ if (!mp_isodd(q)) mp_add_d(q, 1, q);
+ if ((err = mp_prime_is_prime(q, mr_tests_q, &res)) != CRYPT_OK) { goto cleanup; }
+ if (res == LTC_MP_YES) found_q = 1;
+ }
+
+ /* p */
+ if ((err = mp_read_unsigned_bin(seedinc, sbuf, seedbytes)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_add(q, q, t2q)) != CRYPT_OK) { goto cleanup; }
+ for(counter=0; counter < 4*L && !found_p; counter++) {
+ for(j=0; j<=n; j++) {
+ if ((err = mp_add_d(seedinc, 1, seedinc)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_mod(seedinc, t2seedlen, seedinc)) != CRYPT_OK) { goto cleanup; }
+ /* seedinc = (seedinc+1) % 2^seed_bitlen */
+ if ((i = mp_unsigned_bin_size(seedinc)) > seedbytes) { err = CRYPT_INVALID_ARG; goto cleanup; }
+ zeromem(sbuf, seedbytes);
+ if ((err = mp_to_unsigned_bin(seedinc, sbuf + seedbytes-i)) != CRYPT_OK) { goto cleanup; }
+ i = outbytes;
+ err = hash_memory(hash, sbuf, seedbytes, wbuf+(n-j)*outbytes, &i);
+ if (err != CRYPT_OK) { goto cleanup; }
+ }
+ if ((err = mp_read_unsigned_bin(W, wbuf, (n+1)*outbytes)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_mod(W, t2L1, W)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_add(W, t2L1, X)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_mod(X, t2q, c)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_sub_d(c, 1, p)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_sub(X, p, p)) != CRYPT_OK) { goto cleanup; }
+ if (mp_cmp(p, t2L1) != LTC_MP_LT) {
+ /* p >= 2^(L-1) */
+ if ((err = mp_prime_is_prime(p, mr_tests_p, &res)) != CRYPT_OK) { goto cleanup; }
+ if (res == LTC_MP_YES) {
+ found_p = 1;
+ }
+ }
+ }
+ }
+
+ /* FIPS-186-4 A.2.1 Unverifiable Generation of the Generator g
+ * 1. e = (p - 1)/q
+ * 2. h = any integer satisfying: 1 < h < (p - 1)
+ * h could be obtained from a random number generator or from a counter that changes after each use
+ * 3. g = h^e mod p
+ * 4. if (g == 1), then go to step 2.
+ *
+ */
+
+ if ((err = mp_sub_d(p, 1, e)) != CRYPT_OK) { goto cleanup; }
+ if ((err = mp_div(e, q, e, c)) != CRYPT_OK) { goto cleanup; }
+ /* e = (p - 1)/q */
+ i = mp_count_bits(p);
+ do {
+ do {
+ if ((err = rand_bn_bits(h, i, prng, wprng)) != CRYPT_OK) { goto cleanup; }
+ } while (mp_cmp(h, p) != LTC_MP_LT || mp_cmp_d(h, 2) != LTC_MP_GT);
+ if ((err = mp_sub_d(h, 1, h)) != CRYPT_OK) { goto cleanup; }
+ /* h is randon and 1 < h < (p-1) */
+ if ((err = mp_exptmod(h, e, p, g)) != CRYPT_OK) { goto cleanup; }
+ } while (mp_cmp_d(g, 1) == LTC_MP_EQ);
+
+ err = CRYPT_OK;
+cleanup:
+ mp_clear_multi(t2L1, t2N1, t2q, t2seedlen, U, W, X, c, h, e, seedinc, NULL);
+cleanup1:
+ XFREE(sbuf);
+cleanup2:
+ XFREE(wbuf);
+cleanup3:
+ return err;
+}
+
+/**
+ Generate DSA parameters p, q & g
+ @param prng An active PRNG state
+ @param wprng The index of the PRNG desired
+ @param group_size Size of the multiplicative group (octets)
+ @param modulus_size Size of the modulus (octets)
+ @param key [out] Where to store the created key
+ @return CRYPT_OK if successful.
+*/
+int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ /* init mp_ints */
+ if ((err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL)) != CRYPT_OK) {
+ return err;
+ }
+ /* generate params */
+ err = _dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g);
+ if (err != CRYPT_OK) {
+ goto cleanup;
+ }
+
+ key->qord = group_size;
+
+ return CRYPT_OK;
+
+cleanup:
+ dsa_free(key);
+ return err;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/dsa/dsa_import.c b/src/pk/dsa/dsa_import.c
index e1edaab..d71cdd5 100644
--- a/src/pk/dsa/dsa_import.c
+++ b/src/pk/dsa/dsa_import.c
@@ -125,7 +125,7 @@ LBL_OK:
return CRYPT_OK;
LBL_ERR:
- mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL);
+ dsa_free(key);
return err;
}
diff --git a/src/pk/dsa/dsa_import_radix.c b/src/pk/dsa/dsa_import_radix.c
deleted file mode 100755
index 141030d..0000000
--- a/src/pk/dsa/dsa_import_radix.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt.h"
-
-/**
- Import DSA public or private key from raw numbers
- @param radix the radix the numbers are represented in (2-64, 16 = hexadecimal)
- @param p DSA's p in radix representation
- @param q DSA's q in radix representation
- @param g DSA's g in radix representation
- @param x DSA's x in radix representation (only private key, NULL for public key)
- @param y DSA's y in radix representation
- @param key [out] the destination for the imported key
- @return CRYPT_OK if successful, upon error allocated memory is freed
-*/
-
-#ifdef LTC_MDSA
-
-int dsa_import_radix(int radix, char *p, char *q, char *g, char *x, char *y, dsa_key *key)
-{
- int err;
-
- LTC_ARGCHK(p != NULL);
- LTC_ARGCHK(q != NULL);
- LTC_ARGCHK(g != NULL);
- LTC_ARGCHK(y != NULL);
- LTC_ARGCHK(ltc_mp.name != NULL);
-
- /* init key */
- err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
- if (err != CRYPT_OK) return err;
-
- if ((err = mp_read_radix(key->p , p , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->q , q , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->g , g , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->y , y , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if (x && strlen(x) > 0) {
- key->type = PK_PRIVATE;
- if ((err = mp_read_radix(key->x , x , radix)) != CRYPT_OK) { goto LBL_ERR; }
- }
- else {
- key->type = PK_PUBLIC;
- }
-
- key->qord = mp_unsigned_bin_size(key->q);
-
- if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
- (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
- err = CRYPT_INVALID_PACKET;
- goto LBL_ERR;
- }
- return CRYPT_OK;
-
-LBL_ERR:
- mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL);
- return err;
-}
-
-#endif
-
-/* ref: $Format:%D$ */
-/* git commit: $Format:%H$ */
-/* commit time: $Format:%ai$ */
diff --git a/src/pk/dsa/dsa_make_key.c b/src/pk/dsa/dsa_make_key.c
index bec09c9..8ac08f8 100644
--- a/src/pk/dsa/dsa_make_key.c
+++ b/src/pk/dsa/dsa_make_key.c
@@ -10,265 +10,28 @@
/**
@file dsa_make_key.c
- DSA implementation, generate a DSA key, Tom St Denis
+ DSA implementation, generate a DSA key
*/
#ifdef LTC_MDSA
/**
- Create DSA parameters (INTERNAL ONLY, not part of public API)
- @param prng An active PRNG state
- @param wprng The index of the PRNG desired
- @param group_size Size of the multiplicative group (octets)
- @param modulus_size Size of the modulus (octets)
- @param p [out] bignum where generated 'p' is stored (must be initialized by caller)
- @param q [out] bignum where generated 'q' is stored (must be initialized by caller)
- @param g [out] bignum where generated 'g' is stored (must be initialized by caller)
- @return CRYPT_OK if successful, upon error this function will free all allocated memory
-*/
-static int _dsa_make_params(prng_state *prng, int wprng, int group_size, int modulus_size, void *p, void *q, void *g)
-{
- unsigned long L, N, n, outbytes, seedbytes, counter, j, i;
- int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash;
- unsigned char *wbuf, *sbuf, digest[MAXBLOCKSIZE];
- void *t2L1, *t2N1, *t2q, *t2seedlen, *U, *W, *X, *c, *h, *e, *seedinc;
-
- /* check size */
- if (group_size >= LTC_MDSA_MAX_GROUP || group_size < 1 || group_size >= modulus_size) {
- return CRYPT_INVALID_ARG;
- }
-
- /* FIPS-186-4 A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function
- *
- * L = The desired length of the prime p (in bits e.g. L = 1024)
- * N = The desired length of the prime q (in bits e.g. N = 160)
- * seedlen = The desired bit length of the domain parameter seed; seedlen shallbe equal to or greater than N
- * outlen = The bit length of Hash function
- *
- * 1. Check that the (L, N)
- * 2. If (seedlen = 2^(L-1)) {
- * Test whether or not p is prime as specified in Appendix C.3.
- * If p is determined to be prime, then return VALID and the values of p, qand (optionally) the values of domain_parameter_seed and counter
- * }
- * offset = offset + n + 1 Comment: Increment offset
- * }
- */
-
- seedbytes = group_size;
- L = modulus_size * 8;
- N = group_size * 8;
-
- /* XXX-TODO no Lucas test */
-#ifdef LTC_MPI_HAS_LUCAS_TEST
- /* M-R tests (when followed by one Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */
- mr_tests_p = (L <= 2048) ? 3 : 2;
- if (N <= 160) { mr_tests_q = 19; }
- else if (N <= 224) { mr_tests_q = 24; }
- else { mr_tests_q = 27; }
-#else
- /* M-R tests (without Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */
- if (L <= 1024) { mr_tests_p = 40; }
- else if (L <= 2048) { mr_tests_p = 56; }
- else { mr_tests_p = 64; }
-
- if (N <= 160) { mr_tests_q = 40; }
- else if (N <= 224) { mr_tests_q = 56; }
- else { mr_tests_q = 64; }
-#endif
-
- if (N <= 256) {
- hash = register_hash(&sha256_desc);
- }
- else if (N <= 384) {
- hash = register_hash(&sha384_desc);
- }
- else if (N <= 512) {
- hash = register_hash(&sha512_desc);
- }
- else {
- return CRYPT_INVALID_ARG; /* group_size too big */
- }
-
- if ((err = hash_is_valid(hash)) != CRYPT_OK) { return err; }
- outbytes = hash_descriptor[hash].hashsize;
-
- n = ((L + outbytes*8 - 1) / (outbytes*8)) - 1;
-
- if ((wbuf = XMALLOC((n+1)*outbytes)) == NULL) { err = CRYPT_MEM; goto cleanup3; }
- if ((sbuf = XMALLOC(seedbytes)) == NULL) { err = CRYPT_MEM; goto cleanup2; }
-
- err = mp_init_multi(&t2L1, &t2N1, &t2q, &t2seedlen, &U, &W, &X, &c, &h, &e, &seedinc, NULL);
- if (err != CRYPT_OK) { goto cleanup1; }
-
- if ((err = mp_2expt(t2L1, L-1)) != CRYPT_OK) { goto cleanup; }
- /* t2L1 = 2^(L-1) */
- if ((err = mp_2expt(t2N1, N-1)) != CRYPT_OK) { goto cleanup; }
- /* t2N1 = 2^(N-1) */
- if ((err = mp_2expt(t2seedlen, seedbytes*8)) != CRYPT_OK) { goto cleanup; }
- /* t2seedlen = 2^seedlen */
-
- for(found_p=0; !found_p;) {
- /* q */
- for(found_q=0; !found_q;) {
- if (prng_descriptor[wprng].read(sbuf, seedbytes, prng) != seedbytes) { err = CRYPT_ERROR_READPRNG; goto cleanup; }
- i = outbytes;
- if ((err = hash_memory(hash, sbuf, seedbytes, digest, &i)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_read_unsigned_bin(U, digest, outbytes)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_mod(U, t2N1, U)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_add(t2N1, U, q)) != CRYPT_OK) { goto cleanup; }
- if (!mp_isodd(q)) mp_add_d(q, 1, q);
- if ((err = mp_prime_is_prime(q, mr_tests_q, &res)) != CRYPT_OK) { goto cleanup; }
- if (res == LTC_MP_YES) found_q = 1;
- }
-
- /* p */
- if ((err = mp_read_unsigned_bin(seedinc, sbuf, seedbytes)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_add(q, q, t2q)) != CRYPT_OK) { goto cleanup; }
- for(counter=0; counter < 4*L && !found_p; counter++) {
- for(j=0; j<=n; j++) {
- if ((err = mp_add_d(seedinc, 1, seedinc)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_mod(seedinc, t2seedlen, seedinc)) != CRYPT_OK) { goto cleanup; }
- /* seedinc = (seedinc+1) % 2^seed_bitlen */
- if ((i = mp_unsigned_bin_size(seedinc)) > seedbytes) { err = CRYPT_INVALID_ARG; goto cleanup; }
- zeromem(sbuf, seedbytes);
- if ((err = mp_to_unsigned_bin(seedinc, sbuf + seedbytes-i)) != CRYPT_OK) { goto cleanup; }
- i = outbytes;
- err = hash_memory(hash, sbuf, seedbytes, wbuf+(n-j)*outbytes, &i);
- if (err != CRYPT_OK) { goto cleanup; }
- }
- if ((err = mp_read_unsigned_bin(W, wbuf, (n+1)*outbytes)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_mod(W, t2L1, W)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_add(W, t2L1, X)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_mod(X, t2q, c)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_sub_d(c, 1, p)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_sub(X, p, p)) != CRYPT_OK) { goto cleanup; }
- if (mp_cmp(p, t2L1) != LTC_MP_LT) {
- /* p >= 2^(L-1) */
- if ((err = mp_prime_is_prime(p, mr_tests_p, &res)) != CRYPT_OK) { goto cleanup; }
- if (res == LTC_MP_YES) {
- found_p = 1;
- }
- }
- }
- }
-
- /* FIPS-186-4 A.2.1 Unverifiable Generation of the Generator g
- * 1. e = (p - 1)/q
- * 2. h = any integer satisfying: 1 < h < (p - 1)
- * h could be obtained from a random number generator or from a counter that changes after each use
- * 3. g = h^e mod p
- * 4. if (g == 1), then go to step 2.
- *
- */
-
- if ((err = mp_sub_d(p, 1, e)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_div(e, q, e, c)) != CRYPT_OK) { goto cleanup; }
- /* e = (p - 1)/q */
- i = mp_count_bits(p);
- do {
- do {
- if ((err = rand_bn_bits(h, i, prng, wprng)) != CRYPT_OK) { goto cleanup; }
- } while (mp_cmp(h, p) != LTC_MP_LT || mp_cmp_d(h, 2) != LTC_MP_GT);
- if ((err = mp_sub_d(h, 1, h)) != CRYPT_OK) { goto cleanup; }
- /* h is randon and 1 < h < (p-1) */
- if ((err = mp_exptmod(h, e, p, g)) != CRYPT_OK) { goto cleanup; }
- } while (mp_cmp_d(g, 1) == LTC_MP_EQ);
-
- err = CRYPT_OK;
-cleanup:
- mp_clear_multi(t2L1, t2N1, t2q, t2seedlen, U, W, X, c, h, e, seedinc, NULL);
-cleanup1:
- XFREE(sbuf);
-cleanup2:
- XFREE(wbuf);
-cleanup3:
- return err;
-}
-
-/**
- Create a DSA key (with given params)
+ Old-style creation of a DSA key
@param prng An active PRNG state
@param wprng The index of the PRNG desired
@param group_size Size of the multiplicative group (octets)
@param modulus_size Size of the modulus (octets)
@param key [out] Where to store the created key
- @param p_hex Hexadecimal string 'p'
- @param q_hex Hexadecimal string 'q'
- @param g_hex Hexadecimal string 'g'
- @return CRYPT_OK if successful, upon error this function will free all allocated memory
-*/
-int dsa_make_key_ex(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key, char* p_hex, char* q_hex, char* g_hex)
-{
- int err, qbits;
-
- LTC_ARGCHK(key != NULL);
-
- /* init mp_ints */
- if ((err = mp_init_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != CRYPT_OK) {
- return err;
- }
-
- if (p_hex == NULL || q_hex == NULL || g_hex == NULL) {
- /* generate params */
- err = _dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g);
- if (err != CRYPT_OK) { goto cleanup; }
- }
- else {
- /* read params */
- if ((err = mp_read_radix(key->p, p_hex, 16)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_read_radix(key->q, q_hex, 16)) != CRYPT_OK) { goto cleanup; }
- if ((err = mp_read_radix(key->g, g_hex, 16)) != CRYPT_OK) { goto cleanup; }
- /* XXX-TODO maybe do some validity check for p, q, g */
- }
-
- /* so now we have our DH structure, generator g, order q, modulus p
- Now we need a random exponent [mod q] and it's power g^x mod p
- */
- qbits = mp_count_bits(key->q);
- do {
- if ((err = rand_bn_bits(key->x, qbits, prng, wprng)) != CRYPT_OK) { goto cleanup; }
- /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */
- } while (mp_cmp_d(key->x, 0) != LTC_MP_GT || mp_cmp(key->x, key->q) != LTC_MP_LT);
- if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto cleanup; }
- key->type = PK_PRIVATE;
- key->qord = group_size;
-
- return CRYPT_OK;
-
-cleanup:
- mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL);
- return err;
-}
-
-/**
- Create a DSA key
- @param prng An active PRNG state
- @param wprng The index of the PRNG desired
- @param group_size Size of the multiplicative group (octets)
- @param modulus_size Size of the modulus (octets)
- @param key [out] Where to store the created key
- @return CRYPT_OK if successful, upon error this function will free all allocated memory
+ @return CRYPT_OK if successful.
*/
int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key)
{
- return dsa_make_key_ex(prng, wprng, group_size, modulus_size, key, NULL, NULL, NULL);
+ int err;
+
+ if ((err = dsa_generate_pqg(prng, wprng, group_size, modulus_size, key)) != CRYPT_OK) { return err; }
+ if ((err = dsa_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; }
+
+ return CRYPT_OK;
}
#endif
diff --git a/src/pk/dsa/dsa_set.c b/src/pk/dsa/dsa_set.c
new file mode 100755
index 0000000..d25de01
--- /dev/null
+++ b/src/pk/dsa/dsa_set.c
@@ -0,0 +1,103 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+
+#ifdef LTC_MDSA
+
+/**
+ Import DSA's p, q & g from raw numbers
+ @param p DSA's p in binary representation
+ @param plen The length of p
+ @param q DSA's q in binary representation
+ @param qlen The length of q
+ @param g DSA's g in binary representation
+ @param glen The length of g
+ @param key [out] the destination for the imported key
+ @return CRYPT_OK if successful.
+*/
+int dsa_set_pqg(const unsigned char *p, unsigned long plen,
+ const unsigned char *q, unsigned long qlen,
+ const unsigned char *g, unsigned long glen,
+ dsa_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(p != NULL);
+ LTC_ARGCHK(q != NULL);
+ LTC_ARGCHK(g != NULL);
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ /* init key */
+ err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
+ if (err != CRYPT_OK) return err;
+
+ if ((err = mp_read_unsigned_bin(key->p, (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = mp_read_unsigned_bin(key->g, (unsigned char *)g , glen)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = mp_read_unsigned_bin(key->q, (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; }
+
+ key->qord = mp_unsigned_bin_size(key->q);
+
+ if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
+ (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
+ err = CRYPT_INVALID_PACKET;
+ goto LBL_ERR;
+ }
+ return CRYPT_OK;
+
+LBL_ERR:
+ dsa_free(key);
+ return err;
+}
+
+/**
+ Import DSA public or private key from raw numbers
+ @param pub DSA's y (public key) in binary representation
+ @param publen The length of pub
+ @param priv DSA's x (private key) in binary representation (can be NULL when importing public key)
+ @param privlen The length of priv
+ @param key [out] the destination for the imported key
+ @return CRYPT_OK if successful.
+*/
+int dsa_set_key(const unsigned char *pub, unsigned long publen,
+ const unsigned char *priv, unsigned long privlen,
+ dsa_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(key->x != NULL);
+ LTC_ARGCHK(key->y != NULL);
+ LTC_ARGCHK(key->p != NULL);
+ LTC_ARGCHK(key->g != NULL);
+ LTC_ARGCHK(key->q != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ if ((err = mp_read_unsigned_bin(key->y, (unsigned char *)pub , publen)) != CRYPT_OK) { goto LBL_ERR; }
+ if (priv != NULL) {
+ key->type = PK_PRIVATE;
+ if ((err = mp_read_unsigned_bin(key->x, (unsigned char *)priv , privlen)) != CRYPT_OK) { goto LBL_ERR; }
+ }
+ else {
+ key->type = PK_PUBLIC;
+ }
+
+ return CRYPT_OK;
+
+LBL_ERR:
+ dsa_free(key);
+ return err;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/dsa/dsa_set_pqg_dsaparam.c b/src/pk/dsa/dsa_set_pqg_dsaparam.c
new file mode 100755
index 0000000..454a941
--- /dev/null
+++ b/src/pk/dsa/dsa_set_pqg_dsaparam.c
@@ -0,0 +1,63 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+
+#ifdef LTC_MDSA
+
+/**
+ Import DSA's p, q & g from dsaparam
+
+ dsaparam data: openssl dsaparam -outform DER -out dsaparam.der 2048
+
+ @param dsaparam The DSA param DER encoded data
+ @param dsaparamlen The length of dhparam data
+ @param key [out] the destination for the imported key
+ @return CRYPT_OK if successful.
+*/
+int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen,
+ dsa_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(dsaparam != NULL);
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ /* init key */
+ err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
+ if (err != CRYPT_OK) return err;
+
+ if ((err = der_decode_sequence_multi(dsaparam, dsaparamlen,
+ LTC_ASN1_INTEGER, 1UL, key->p,
+ LTC_ASN1_INTEGER, 1UL, key->q,
+ LTC_ASN1_INTEGER, 1UL, key->g,
+ LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ key->qord = mp_unsigned_bin_size(key->q);
+
+ if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
+ (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
+ err = CRYPT_INVALID_PACKET;
+ goto LBL_ERR;
+ }
+ return CRYPT_OK;
+
+LBL_ERR:
+ dsa_free(key);
+ return err;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/rsa/rsa_free.c b/src/pk/rsa/rsa_free.c
index 48039e4..1e62f09 100644
--- a/src/pk/rsa/rsa_free.c
+++ b/src/pk/rsa/rsa_free.c
@@ -22,7 +22,7 @@
void rsa_free(rsa_key *key)
{
LTC_ARGCHKVD(key != NULL);
- mp_clear_multi(key->q, key->p, key->qP, key->dP, key->dQ, key->N, key->d, key->e, NULL);
+ mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL);
}
#endif
diff --git a/src/pk/rsa/rsa_import_radix.c b/src/pk/rsa/rsa_import_radix.c
deleted file mode 100755
index 71ab3ea..0000000
--- a/src/pk/rsa/rsa_import_radix.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt.h"
-
-/**
- Import RSA public or private key from raw numbers
- @param radix the radix the numbers are represented in (2-64, 16 = hexadecimal)
- @param N RSA's N in radix representation
- @param e RSA's e in radix representation
- @param d RSA's d in radix representation (only private key, NULL for public key)
- @param p RSA's p in radix representation (only private key, NULL for public key)
- @param q RSA's q in radix representation (only private key, NULL for public key)
- @param dP RSA's dP in radix representation (only private key, NULL for public key)
- @param dQ RSA's dQ in radix representation (only private key, NULL for public key)
- @param qP RSA's qP in radix representation (only private key, NULL for public key)
- @param key [out] the destination for the imported key
- @return CRYPT_OK if successful, upon error allocated memory is freed
-*/
-
-#ifdef LTC_MRSA
-
-int rsa_import_radix(int radix, char *N, char *e, char *d, char *p, char *q, char *dP, char *dQ, char *qP, rsa_key *key)
-{
- int err;
-
- LTC_ARGCHK(key != NULL);
- LTC_ARGCHK(N != NULL);
- LTC_ARGCHK(e != NULL);
- LTC_ARGCHK(ltc_mp.name != NULL);
-
- err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
- if (err != CRYPT_OK) return err;
-
- if ((err = mp_read_radix(key->N , N , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->e , e , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if (d && p && q && dP && dQ && qP && strlen(d)>0 && strlen(p)>0 &&
- strlen(q)>0 && strlen(dP)>0 && strlen(dQ)>0 && strlen(qP)>0) {
- if ((err = mp_read_radix(key->d , d , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->p , p , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->q , q , radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->dP, dP, radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->dQ, dQ, radix)) != CRYPT_OK) { goto LBL_ERR; }
- if ((err = mp_read_radix(key->qP, qP, radix)) != CRYPT_OK) { goto LBL_ERR; }
- key->type = PK_PRIVATE;
- }
- else {
- key->type = PK_PUBLIC;
- }
- return CRYPT_OK;
-
-LBL_ERR:
- mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
- return err;
-}
-
-#endif /* LTC_MRSA */
-
-/* ref: $Format:%D$ */
-/* git commit: $Format:%H$ */
-/* commit time: $Format:%ai$ */
diff --git a/src/pk/rsa/rsa_set.c b/src/pk/rsa/rsa_set.c
new file mode 100755
index 0000000..0d540c4
--- /dev/null
+++ b/src/pk/rsa/rsa_set.c
@@ -0,0 +1,134 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+
+#ifdef LTC_MRSA
+
+/**
+ Import RSA key from raw numbers
+
+ @param N RSA's N
+ @param Nlen RSA's N's length
+ @param e RSA's e
+ @param elen RSA's e's length
+ @param d RSA's d (only private key, NULL for public key)
+ @param dlen RSA's d's length
+ @param key [out] the destination for the imported key
+ @return CRYPT_OK if successful
+*/
+int rsa_set_key(const unsigned char *N, unsigned long Nlen,
+ const unsigned char *e, unsigned long elen,
+ const unsigned char *d, unsigned long dlen,
+ rsa_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(N != NULL);
+ LTC_ARGCHK(e != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
+ if (err != CRYPT_OK) return err;
+
+ if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK) { goto LBL_ERR; }
+ if (d && dlen) {
+ if ((err = mp_read_unsigned_bin(key->d , (unsigned char *)d , dlen)) != CRYPT_OK) { goto LBL_ERR; }
+ key->type = PK_PRIVATE;
+ }
+ else {
+ key->type = PK_PUBLIC;
+ }
+ return CRYPT_OK;
+
+LBL_ERR:
+ rsa_free(key);
+ return err;
+}
+
+/**
+ Import factors of an RSA key from raw numbers
+
+ Only for private keys.
+
+ @param p RSA's p
+ @param plen RSA's p's length
+ @param q RSA's q
+ @param qlen RSA's q's length
+ @param key [out] the destination for the imported key
+ @return CRYPT_OK if successful
+*/
+int rsa_set_factors(const unsigned char *p, unsigned long plen,
+ const unsigned char *q, unsigned long qlen,
+ rsa_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(p != NULL);
+ LTC_ARGCHK(q != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH;
+
+ if ((err = mp_read_unsigned_bin(key->p , (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = mp_read_unsigned_bin(key->q , (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; }
+ return CRYPT_OK;
+
+LBL_ERR:
+ rsa_free(key);
+ return err;
+}
+
+/**
+ Import CRT parameters of an RSA key from raw numbers
+
+ Only for private keys.
+
+ @param dP RSA's dP
+ @param dPlen RSA's dP's length
+ @param dQ RSA's dQ
+ @param dQlen RSA's dQ's length
+ @param qP RSA's qP
+ @param qPlen RSA's qP's length
+ @param key [out] the destination for the imported key
+ @return CRYPT_OK if successful
+*/
+int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen,
+ const unsigned char *dQ, unsigned long dQlen,
+ const unsigned char *qP, unsigned long qPlen,
+ rsa_key *key)
+{
+ int err;
+
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(dP != NULL);
+ LTC_ARGCHK(dQ != NULL);
+ LTC_ARGCHK(qP != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
+
+ if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH;
+
+ if ((err = mp_read_unsigned_bin(key->dP, (unsigned char *)dP, dPlen)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = mp_read_unsigned_bin(key->dQ, (unsigned char *)dQ, dQlen)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = mp_read_unsigned_bin(key->qP, (unsigned char *)qP, qPlen)) != CRYPT_OK) { goto LBL_ERR; }
+ return CRYPT_OK;
+
+LBL_ERR:
+ rsa_free(key);
+ return err;
+}
+
+#endif /* LTC_MRSA */
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/tests/dh_test.c b/tests/dh_test.c
index 3374c80..e3111c6 100644
--- a/tests/dh_test.c
+++ b/tests/dh_test.c
@@ -10,7 +10,7 @@
#ifdef LTC_MDH
-#ifdef DH4096
+#ifdef LTC_DH4096
#define KEYSIZE 4096
#else
#define KEYSIZE 2048
@@ -126,7 +126,8 @@ static int _dhparam_test(void)
0x98, 0xcb
};
- DO(dh_make_key_dhparam(&yarrow_prng, find_prng ("yarrow"), dhparam_der, sizeof(dhparam_der), &k));
+ DO(dh_set_pg_dhparam(dhparam_der, sizeof(dhparam_der), &k));
+ DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &k));
if (mp_unsigned_bin_size(k.prime) > sizeof(buf)) {
printf("dhparam_test: short buf\n");
dh_free(&k);
@@ -147,6 +148,219 @@ static int _dhparam_test(void)
return CRYPT_OK;
}
+static int _set_test(void)
+{
+ dh_key k1, k2, k3;
+ unsigned char buf[4096];
+ unsigned long len;
+ int i;
+ unsigned char gbin[] = { 0x02 };
+ unsigned char pbin[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+ unsigned char xbin[] = {
+ 0xA6, 0x68, 0x1A, 0xDC, 0x38, 0x6C, 0xE9, 0x44, 0xC3, 0xDE, 0xD9, 0xA7, 0x30, 0x1D, 0xCC, 0x9C,
+ 0x51, 0x82, 0x50, 0xE3, 0xED, 0xB6, 0x2F, 0x95, 0x91, 0x98, 0xF8, 0xDC, 0x00, 0x57, 0xDD, 0x6F,
+ 0xB5, 0x7A, 0xBA, 0xFD, 0x78, 0x81, 0x98, 0xB1
+ };
+ unsigned char ybin[] = {
+ 0x39, 0x04, 0x66, 0x32, 0xC8, 0x34, 0x41, 0x8D, 0xFA, 0x07, 0xB3, 0x09, 0x15, 0x38, 0xB6, 0x14,
+ 0xD1, 0xFB, 0x5D, 0xBB, 0x78, 0x5C, 0x0F, 0xBE, 0xA3, 0xB9, 0x8B, 0x29, 0x5B, 0xC0, 0xCD, 0x07,
+ 0x6A, 0x88, 0xD9, 0x45, 0x21, 0x41, 0xA2, 0x69, 0xE8, 0xBA, 0xEB, 0x1D, 0xD6, 0x54, 0xEB, 0xA0,
+ 0x3A, 0x57, 0x05, 0x31, 0x8D, 0x12, 0x97, 0x54, 0xCD, 0xF4, 0x00, 0x3A, 0x8C, 0x39, 0x92, 0x40,
+ 0xFB, 0xB8, 0xF1, 0x62, 0x49, 0x0F, 0x6F, 0x0D, 0xC7, 0x0E, 0x41, 0x4B, 0x6F, 0xEE, 0x88, 0x08,
+ 0x6A, 0xFA, 0xA4, 0x8E, 0x9F, 0x3A, 0x24, 0x8E, 0xDC, 0x09, 0x34, 0x52, 0x66, 0x3D, 0x34, 0xE0,
+ 0xE8, 0x09, 0xD4, 0xF6, 0xBA, 0xDB, 0xB3, 0x6F, 0x80, 0xB6, 0x81, 0x3E, 0xBF, 0x7C, 0x32, 0x81,
+ 0xB8, 0x62, 0x20, 0x9E, 0x56, 0x04, 0xBD, 0xEA, 0x8B, 0x8F, 0x5F, 0x7B, 0xFD, 0xC3, 0xEE, 0xB7,
+ 0xAD, 0xB7, 0x30, 0x48, 0x28, 0x9B, 0xCE, 0xA0, 0xF5, 0xA5, 0xCD, 0xEE, 0x7D, 0xF9, 0x1C, 0xD1,
+ 0xF0, 0xBA, 0x63, 0x2F, 0x06, 0xDB, 0xE9, 0xBA, 0x7E, 0xF0, 0x14, 0xB8, 0x4B, 0x02, 0xD4, 0x97,
+ 0xCA, 0x7D, 0x0C, 0x60, 0xF7, 0x34, 0x75, 0x2A, 0x64, 0x9D, 0xA4, 0x96, 0x94, 0x6B, 0x4E, 0x53,
+ 0x1B, 0x30, 0xD9, 0xF8, 0x2E, 0xDD, 0x85, 0x56, 0x36, 0xC0, 0xB0, 0xF2, 0xAE, 0x23, 0x2E, 0x41,
+ 0x86, 0x45, 0x4E, 0x88, 0x87, 0xBB, 0x42, 0x3E, 0x32, 0xA5, 0xA2, 0x49, 0x5E, 0xAC, 0xBA, 0x99,
+ 0x62, 0x0A, 0xCD, 0x03, 0xA3, 0x83, 0x45, 0xEB, 0xB6, 0x73, 0x5E, 0x62, 0x33, 0x0A, 0x8E, 0xE9,
+ 0xAA, 0x6C, 0x83, 0x70, 0x41, 0x0F, 0x5C, 0xD4, 0x5A, 0xF3, 0x7E, 0xE9, 0x0A, 0x0D, 0xA9, 0x5B,
+ 0xE9, 0x6F, 0xC9, 0x39, 0xE8, 0x8F, 0xE0, 0xBD, 0x2C, 0xD0, 0x9F, 0xC8, 0xF5, 0x24, 0x20, 0x8C
+ };
+
+ struct {
+ int radix;
+ void* g; int glen;
+ void* p; int plen;
+ void* x; int xlen;
+ void* y; int ylen;
+ } test[1] = {
+ { 256, gbin, sizeof(gbin), pbin, sizeof(pbin), xbin, sizeof(xbin), ybin, sizeof(ybin) }
+ };
+
+ unsigned char export_private[] = {
+ 0x30, 0x82, 0x01, 0x3A, 0x02, 0x01, 0x00, 0x03, 0x02, 0x07, 0x80, 0x02, 0x82, 0x01, 0x01, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x02, 0x01, 0x02, 0x02, 0x29, 0x00, 0xA6, 0x68, 0x1A, 0xDC, 0x38, 0x6C, 0xE9, 0x44, 0xC3, 0xDE,
+ 0xD9, 0xA7, 0x30, 0x1D, 0xCC, 0x9C, 0x51, 0x82, 0x50, 0xE3, 0xED, 0xB6, 0x2F, 0x95, 0x91, 0x98,
+ 0xF8, 0xDC, 0x00, 0x57, 0xDD, 0x6F, 0xB5, 0x7A, 0xBA, 0xFD, 0x78, 0x81, 0x98, 0xB1
+ };
+ unsigned char export_public[] = {
+ 0x30, 0x82, 0x02, 0x13, 0x02, 0x01, 0x00, 0x03, 0x02, 0x07, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0x02, 0x01, 0x02, 0x02, 0x82, 0x01, 0x00, 0x39, 0x04, 0x66, 0x32, 0xC8, 0x34, 0x41, 0x8D, 0xFA,
+ 0x07, 0xB3, 0x09, 0x15, 0x38, 0xB6, 0x14, 0xD1, 0xFB, 0x5D, 0xBB, 0x78, 0x5C, 0x0F, 0xBE, 0xA3,
+ 0xB9, 0x8B, 0x29, 0x5B, 0xC0, 0xCD, 0x07, 0x6A, 0x88, 0xD9, 0x45, 0x21, 0x41, 0xA2, 0x69, 0xE8,
+ 0xBA, 0xEB, 0x1D, 0xD6, 0x54, 0xEB, 0xA0, 0x3A, 0x57, 0x05, 0x31, 0x8D, 0x12, 0x97, 0x54, 0xCD,
+ 0xF4, 0x00, 0x3A, 0x8C, 0x39, 0x92, 0x40, 0xFB, 0xB8, 0xF1, 0x62, 0x49, 0x0F, 0x6F, 0x0D, 0xC7,
+ 0x0E, 0x41, 0x4B, 0x6F, 0xEE, 0x88, 0x08, 0x6A, 0xFA, 0xA4, 0x8E, 0x9F, 0x3A, 0x24, 0x8E, 0xDC,
+ 0x09, 0x34, 0x52, 0x66, 0x3D, 0x34, 0xE0, 0xE8, 0x09, 0xD4, 0xF6, 0xBA, 0xDB, 0xB3, 0x6F, 0x80,
+ 0xB6, 0x81, 0x3E, 0xBF, 0x7C, 0x32, 0x81, 0xB8, 0x62, 0x20, 0x9E, 0x56, 0x04, 0xBD, 0xEA, 0x8B,
+ 0x8F, 0x5F, 0x7B, 0xFD, 0xC3, 0xEE, 0xB7, 0xAD, 0xB7, 0x30, 0x48, 0x28, 0x9B, 0xCE, 0xA0, 0xF5,
+ 0xA5, 0xCD, 0xEE, 0x7D, 0xF9, 0x1C, 0xD1, 0xF0, 0xBA, 0x63, 0x2F, 0x06, 0xDB, 0xE9, 0xBA, 0x7E,
+ 0xF0, 0x14, 0xB8, 0x4B, 0x02, 0xD4, 0x97, 0xCA, 0x7D, 0x0C, 0x60, 0xF7, 0x34, 0x75, 0x2A, 0x64,
+ 0x9D, 0xA4, 0x96, 0x94, 0x6B, 0x4E, 0x53, 0x1B, 0x30, 0xD9, 0xF8, 0x2E, 0xDD, 0x85, 0x56, 0x36,
+ 0xC0, 0xB0, 0xF2, 0xAE, 0x23, 0x2E, 0x41, 0x86, 0x45, 0x4E, 0x88, 0x87, 0xBB, 0x42, 0x3E, 0x32,
+ 0xA5, 0xA2, 0x49, 0x5E, 0xAC, 0xBA, 0x99, 0x62, 0x0A, 0xCD, 0x03, 0xA3, 0x83, 0x45, 0xEB, 0xB6,
+ 0x73, 0x5E, 0x62, 0x33, 0x0A, 0x8E, 0xE9, 0xAA, 0x6C, 0x83, 0x70, 0x41, 0x0F, 0x5C, 0xD4, 0x5A,
+ 0xF3, 0x7E, 0xE9, 0x0A, 0x0D, 0xA9, 0x5B, 0xE9, 0x6F, 0xC9, 0x39, 0xE8, 0x8F, 0xE0, 0xBD, 0x2C,
+ 0xD0, 0x9F, 0xC8, 0xF5, 0x24, 0x20, 0x8C
+ };
+
+ for (i = 0; i < 1; i++) {
+ DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k1));
+ DO(dh_set_key(NULL, 0, test[i].x, test[i].xlen, &k1));
+
+ len = sizeof(buf);
+ DO(dh_export(buf, &len, PK_PRIVATE, &k1));
+ if (compare_testvector(buf, len, export_private, sizeof(export_private), "radix_test", i*10 + 0)) {
+ printf("radix_test: dh_export+PK_PRIVATE mismatch\n");
+ dh_free(&k1);
+ return CRYPT_ERROR;
+ }
+ len = sizeof(buf);
+ DO(dh_export(buf, &len, PK_PUBLIC, &k1));
+ if (compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test", i*10 + 1)) {
+ printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+ dh_free(&k1);
+ return CRYPT_ERROR;
+ }
+ len = sizeof(buf);
+ DO(dh_export_key(buf, &len, PK_PRIVATE, &k1));
+ if (compare_testvector(buf, len, xbin, sizeof(xbin), "radix_test", i*10 + 2)) {
+ printf("radix_test: dh_export+PK_PRIVATE mismatch\n");
+ dh_free(&k1);
+ return CRYPT_ERROR;
+ }
+ len = sizeof(buf);
+ DO(dh_export_key(buf, &len, PK_PUBLIC, &k1));
+ if (compare_testvector(buf, len, ybin, sizeof(ybin), "radix_test", i*10 + 3)) {
+ printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+ dh_free(&k1);
+ return CRYPT_ERROR;
+ }
+ dh_free(&k1);
+
+ DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k1));
+ DO(dh_set_key(test[i].y, test[i].ylen, test[i].x, test[i].xlen, &k1));
+
+ len = sizeof(buf);
+ DO(dh_export(buf, &len, PK_PRIVATE, &k1));
+ if (compare_testvector(buf, len, export_private, sizeof(export_private), "radix_test", i*10 + 4)) {
+ printf("radix_test: dh_export+PK_PRIVATE mismatch\n");
+ dh_free(&k1);
+ return CRYPT_ERROR;
+ }
+ len = sizeof(buf);
+ DO(dh_export(buf, &len, PK_PUBLIC, &k1));
+ if (compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test", i*10 + 5)) {
+ printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+ dh_free(&k1);
+ return CRYPT_ERROR;
+ }
+ dh_free(&k1);
+
+ DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k2));
+ DO(dh_set_key(test[i].y, test[i].ylen, NULL, 0, &k2));
+
+ len = sizeof(buf);
+ DO(dh_export(buf, &len, PK_PUBLIC, &k2));
+ if (compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test", i*10 + 6)) {
+ printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+ dh_free(&k2);
+ return CRYPT_ERROR;
+ }
+ len = sizeof(buf);
+ DO(dh_export_key(buf, &len, PK_PUBLIC, &k2));
+ if (compare_testvector(buf, len, ybin, sizeof(ybin), "radix_test", i*10 + 7)) {
+ printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+ dh_free(&k2);
+ return CRYPT_ERROR;
+ }
+ dh_free(&k2);
+
+ DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k3));
+ DO(dh_generate_key(&yarrow_prng, find_prng("yarrow"), &k3));
+
+ len = mp_unsigned_bin_size(k3.prime);
+ DO(mp_to_unsigned_bin(k3.prime, buf));
+ if (compare_testvector(buf, len, pbin, sizeof(pbin), "radix_test", i*10 + 8)) {
+ printf("radix_test: dh_make_key_ex prime mismatch\n");
+ dh_free(&k3);
+ return CRYPT_ERROR;
+ }
+ len = mp_unsigned_bin_size(k3.base);
+ DO(mp_to_unsigned_bin(k3.base, buf));
+ if (compare_testvector(buf, len, gbin, sizeof(gbin), "radix_test", i*10 + 9)) {
+ printf("radix_test: dh_make_key_ex base mismatch\n");
+ dh_free(&k3);
+ return CRYPT_ERROR;
+ }
+ dh_free(&k3);
+ }
+
+ return CRYPT_OK;
+}
+
static int _basic_test(void)
{
unsigned char buf[3][4096];
@@ -154,18 +368,11 @@ static int _basic_test(void)
int size;
dh_key usera, userb;
- if (register_prng(&yarrow_desc) == -1) {
- printf("Error registering yarrow PRNG\n");
- return CRYPT_ERROR;
- }
- if (register_hash(&md5_desc) == -1) {
- printf("Error registering md5 hash\n");
- return CRYPT_ERROR;
- }
-
/* make up two keys */
- DO(dh_make_key (&yarrow_prng, find_prng ("yarrow"), KEYSIZE/8, &usera));
- DO(dh_make_key (&yarrow_prng, find_prng ("yarrow"), KEYSIZE/8, &userb));
+ DO(dh_set_pg_groupsize(KEYSIZE/8, &usera));
+ DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &usera));
+ DO(dh_set_pg_groupsize(KEYSIZE/8, &userb));
+ DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &userb));
/* make the shared secret */
x = KEYSIZE;
@@ -209,13 +416,15 @@ static int _basic_test(void)
}
for (x = 0; ltc_dh_sets[x].size != 0; x++) {
- DO(dh_make_key(&yarrow_prng, find_prng ("yarrow"), ltc_dh_sets[x].size, &usera));
+ DO(dh_set_pg_groupsize(ltc_dh_sets[x].size, &usera));
+ DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &usera));
size = dh_get_groupsize(&usera);
dh_free(&usera);
if (size != ltc_dh_sets[x].size) {
fprintf(stderr, "dh_groupsize mismatch %d %d\n", size, ltc_dh_sets[x].size);
return CRYPT_ERROR;
}
+ dh_free(&usera);
}
return CRYPT_OK;
@@ -227,6 +436,7 @@ int dh_test(void)
if (_prime_test() != CRYPT_OK) fails++;
if (_basic_test() != CRYPT_OK) fails++;
if (_dhparam_test() != CRYPT_OK) fails++;
+ if (_set_test() != CRYPT_OK) fails++;
return fails > 0 ? CRYPT_FAIL_TESTVECTOR : CRYPT_OK;
}
diff --git a/tests/dsa_test.c b/tests/dsa_test.c
index c62c380..d871a29 100644
--- a/tests/dsa_test.c
+++ b/tests/dsa_test.c
@@ -59,13 +59,6 @@ static char *hex_q = "AA5BD7F4E5062413E58835CA00C7A635716194C5";
static char *hex_x = "9936E5E4E9FB28BE91F5065FE8C935B3F5D81FC5";
static char *hex_y = "5316B0FBBF598A5E5595C14FAC43B80853E6CF0D9223FAB184595239BFCBF22D383ADD935205497E2B12C46173E36F54BD96E5A7AAA95A58A4B767D2C0BDC81EB13A124F98C005EF395D6ABAB70B3BD8B795DD796EA2D28473470388B464D9B9B84FF1C934BBF97366F57C2E11FEC331E60838596781EB6D4127D70D74AFA035";
-/* private key - raw decimal numbers */
-static char *dec_g = "41834149751984197912953436480983170533071735026506895442815002322147255782590882063707309354781506433716654796985480894012184326029507913813728323760888731712844346877576824916725534905000120412305763983626878322597033839508975868744887842375259196379140567488975525420966465471602331600963525846901216912348";
-static char *dec_p = "138366127874251453574215823372867983172559870428080754538874699342292548213873551009389476481395012375639515165022292709776266658812209612126692196557051247870332681145778007636026326219557730049370214260237710845864302921876857532769906463917243319959886290876544710558897185626634470575981605420411381006287";
-static char *dec_q = "972576611327916959546542817054443329226761409733";
-static char *dec_x = "874699854785640347852049895863914110365034094533";
-static char *dec_y = "58346825863862115220306694056113472976936045407556113559931032566376300411053620606958863235131122432665794570437845128216268156672161823000705623178942581094085367656740608001229642983928728905397237964247962716781137229394844332774819193277135681825866994604976120931444766148118918668354923664000689348661";
-
/* The public part of test_dsa.key in SubjectPublicKeyInfo format */
static const unsigned char openssl_pub_dsa[] = {
0x30, 0x82, 0x01, 0xb6, 0x30, 0x82, 0x01, 0x2b, 0x06, 0x07, 0x2a, 0x86,
@@ -107,74 +100,150 @@ static const unsigned char openssl_pub_dsa[] = {
0xeb, 0x6d, 0x41, 0x27, 0xd7, 0x0d, 0x74, 0xaf, 0xa0, 0x35
};
-static int dsa_compat_test(void)
+static unsigned char dsaparam_der[] = {
+ 0x30, 0x82, 0x01, 0x1e, 0x02, 0x81, 0x81, 0x00, 0xc5, 0x0a, 0x37, 0x51,
+ 0x5c, 0xab, 0xd6, 0x18, 0xd5, 0xa2, 0x70, 0xbd, 0x4a, 0x6f, 0x6b, 0x4a,
+ 0xf9, 0xe1, 0x39, 0x95, 0x0f, 0x2b, 0x99, 0x38, 0x7d, 0x9a, 0x64, 0xd6,
+ 0x4c, 0xb5, 0x96, 0x7a, 0xdc, 0xed, 0xac, 0xa8, 0xac, 0xc6, 0x1b, 0x65,
+ 0x5a, 0xde, 0xdb, 0x00, 0x61, 0x25, 0x1a, 0x18, 0x2c, 0xee, 0xa1, 0x07,
+ 0x90, 0x62, 0x5e, 0x4d, 0x12, 0x31, 0x90, 0xc7, 0x03, 0x21, 0xfa, 0x09,
+ 0xe7, 0xb1, 0x73, 0xd7, 0x8e, 0xaf, 0xdb, 0xfd, 0xbf, 0xb3, 0xef, 0xad,
+ 0xd1, 0xa1, 0x2a, 0x03, 0x6d, 0xe7, 0x06, 0x92, 0x4a, 0x85, 0x2a, 0xff,
+ 0x7a, 0x01, 0x66, 0x53, 0x1f, 0xea, 0xc6, 0x67, 0x41, 0x84, 0x5a, 0xc0,
+ 0x6c, 0xed, 0x62, 0xf9, 0xc2, 0x62, 0x62, 0x05, 0xa4, 0xfa, 0x48, 0xa0,
+ 0x66, 0xec, 0x35, 0xc9, 0xa8, 0x11, 0xfe, 0xb9, 0x81, 0xab, 0xee, 0xbe,
+ 0x31, 0xb6, 0xbf, 0xcf, 0x02, 0x15, 0x00, 0xaa, 0x5b, 0xd7, 0xf4, 0xe5,
+ 0x06, 0x24, 0x13, 0xe5, 0x88, 0x35, 0xca, 0x00, 0xc7, 0xa6, 0x35, 0x71,
+ 0x61, 0x94, 0xc5, 0x02, 0x81, 0x80, 0x3b, 0x92, 0xe4, 0xff, 0x59, 0x29,
+ 0x15, 0x0b, 0x08, 0x99, 0x5a, 0x7b, 0xf2, 0xad, 0x14, 0x40, 0x55, 0x6f,
+ 0xa0, 0x47, 0xff, 0x90, 0x99, 0xb3, 0x44, 0xb3, 0xd4, 0xfc, 0x45, 0x15,
+ 0x05, 0xae, 0x67, 0x22, 0x43, 0x9c, 0xba, 0x37, 0x10, 0xa5, 0x89, 0x47,
+ 0x37, 0xec, 0xcc, 0xf5, 0xae, 0xad, 0xa8, 0xb4, 0x7a, 0x35, 0xcb, 0x9d,
+ 0x93, 0x5c, 0xed, 0xe6, 0xb0, 0x7e, 0x96, 0x94, 0xc4, 0xa6, 0x0c, 0x7d,
+ 0xd6, 0x70, 0x8a, 0x09, 0x4f, 0x81, 0x4a, 0x0e, 0xc2, 0x13, 0xfb, 0xeb,
+ 0x16, 0xbf, 0xea, 0xa4, 0xf4, 0x56, 0xff, 0x72, 0x30, 0x05, 0xde, 0x8a,
+ 0x44, 0x3f, 0xbe, 0xc6, 0x85, 0x26, 0x55, 0xd6, 0x2d, 0x1d, 0x1e, 0xdb,
+ 0x15, 0xda, 0xa4, 0x45, 0x83, 0x3c, 0x17, 0x97, 0x98, 0x0b, 0x8d, 0x87,
+ 0xf3, 0x49, 0x0d, 0x90, 0xbd, 0xa9, 0xab, 0x67, 0x6e, 0x87, 0x68, 0x72,
+ 0x23, 0xdc
+ };
+
+
+static int _dsa_compat_test(void)
{
dsa_key key;
unsigned char tmp[1024], buf[1024];
unsigned long x, len;
+ unsigned char key_parts[5][256];
+ unsigned long key_lens[5];
+ int stat;
DO(dsa_import(openssl_priv_dsa, sizeof(openssl_priv_dsa), &key));
x = sizeof(tmp);
DO(dsa_export(tmp, &x, PK_PRIVATE | PK_STD, &key));
- DO((x == sizeof(openssl_priv_dsa))?CRYPT_OK:CRYPT_ERROR);
- DO((memcmp(tmp, openssl_priv_dsa, sizeof(openssl_priv_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
+ if (compare_testvector(tmp, x, openssl_priv_dsa, sizeof(openssl_priv_dsa),
+ "DSA private export failed from dsa_import(priv_key)\n", 0)) {
+ return CRYPT_FAIL_TESTVECTOR;
+ }
x = sizeof(tmp);
DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key));
- DO((x == sizeof(openssl_pub_dsa))?CRYPT_OK:CRYPT_ERROR);
- DO((memcmp(tmp, openssl_pub_dsa, sizeof(openssl_pub_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
+ if (compare_testvector(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa),
+ "DSA public export failed from dsa_import(priv_key)\n", 0)) {
+ return CRYPT_FAIL_TESTVECTOR;
+ }
dsa_free(&key);
DO(dsa_import(openssl_pub_dsa, sizeof(openssl_pub_dsa), &key));
x = sizeof(tmp);
DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key));
- DO((x == sizeof(openssl_pub_dsa))?CRYPT_OK:CRYPT_ERROR);
- DO((memcmp(tmp, openssl_pub_dsa, sizeof(openssl_pub_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
- dsa_free(&key);
-
- /* try import private key from raw hexadecimal numbers */
- DO(dsa_import_radix(16, hex_p, hex_q, hex_g, hex_x, hex_y, &key));
- len = sizeof(buf);
- DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key));
- if (len != sizeof(openssl_priv_dsa) || memcmp(buf, openssl_priv_dsa, len)) {
- fprintf(stderr, "DSA private export failed to match dsa_import_radix(16, ..)\n");
- return 1;
+ if (compare_testvector(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa),
+ "DSA public export failed from dsa_import(pub_key)\n", 0)) {
+ return CRYPT_FAIL_TESTVECTOR;
}
dsa_free(&key);
- /* try import private key from raw decimal numbers */
- DO(dsa_import_radix(10, dec_p, dec_q, dec_g, dec_x, dec_y, &key));
+ /* try import private key from raw hexadecimal numbers */
+ for (x = 0; x < 5; ++x) {
+ key_lens[x] = sizeof(key_parts[x]);
+ }
+ DO(radix_to_bin(hex_p, 16, key_parts[0], &key_lens[0]));
+ DO(radix_to_bin(hex_q, 16, key_parts[1], &key_lens[1]));
+ DO(radix_to_bin(hex_g, 16, key_parts[2], &key_lens[2]));
+ DO(radix_to_bin(hex_y, 16, key_parts[3], &key_lens[3]));
+ DO(radix_to_bin(hex_x, 16, key_parts[4], &key_lens[4]));
+
+ DO(dsa_set_pqg(key_parts[0], key_lens[0],
+ key_parts[1], key_lens[1],
+ key_parts[2], key_lens[2],
+ &key));
+ DO(dsa_set_key(key_parts[3], key_lens[3],
+ key_parts[4], key_lens[4],
+ &key));
len = sizeof(buf);
DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key));
- if (len != sizeof(openssl_priv_dsa) || memcmp(buf, openssl_priv_dsa, len)) {
- fprintf(stderr, "DSA private export failed to match dsa_import_radix(10, ..)\n");
- return 1;
+ if (compare_testvector(buf, len, openssl_priv_dsa, sizeof(openssl_priv_dsa),
+ "DSA private export failed from dsa_set_pqg() & dsa_set_key()\n", 0)) {
+ return CRYPT_FAIL_TESTVECTOR;
}
dsa_free(&key);
/* try import public key from raw hexadecimal numbers */
- DO(dsa_import_radix(16, hex_p, hex_q, hex_g, NULL, hex_y, &key));
+ DO(dsa_set_pqg(key_parts[0], key_lens[0],
+ key_parts[1], key_lens[1],
+ key_parts[2], key_lens[2],
+ &key));
+ DO(dsa_set_key(key_parts[3], key_lens[3],
+ NULL, 0,
+ &key));
len = sizeof(buf);
DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
- if (len != sizeof(openssl_pub_dsa) || memcmp(buf, openssl_pub_dsa, len)) {
- fprintf(stderr, "DSA public export failed to match dsa_import_radix(16, ..)\n");
- return 1;
+ if (compare_testvector(buf, len, openssl_pub_dsa, sizeof(openssl_pub_dsa),
+ "DSA public export failed from dsa_set_pqg() & dsa_set_key()\n", 0)) {
+ return CRYPT_FAIL_TESTVECTOR;
}
dsa_free(&key);
- /* try import public key from raw decimal numbers */
- DO(dsa_import_radix(10, dec_p, dec_q, dec_g, NULL, dec_y, &key));
- len = sizeof(buf);
- DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
- if (len != sizeof(openssl_pub_dsa) || memcmp(buf, openssl_pub_dsa, len)) {
- fprintf(stderr, "DSA public export failed to match dsa_import_radix(10, ..)\n");
- return 1;
+ /* try import dsaparam */
+ DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
+ DO(dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key));
+ /* verify it */
+ DO(dsa_verify_key(&key, &stat));
+ if (stat == 0) {
+ fprintf(stderr, "dsa_verify_key after dsa_set_pqg_dsaparam()");
+ return CRYPT_FAIL_TESTVECTOR;
}
dsa_free(&key);
- return 0;
+ /* try import dsaparam - our public key */
+ DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
+ DO(dsa_set_key(key_parts[3], key_lens[3],
+ NULL, 0,
+ &key));
+ len = sizeof(buf);
+ DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
+ if (compare_testvector(buf, len, openssl_pub_dsa, sizeof(openssl_pub_dsa),
+ "DSA public export failed from dsa_set_pqg_dsaparam()\n", 0)) {
+ return CRYPT_FAIL_TESTVECTOR;
+ }
+ dsa_free(&key);
+
+ /* try import dsaparam - our private key */
+ DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
+ DO(dsa_set_key(key_parts[3], key_lens[3],
+ key_parts[4], key_lens[4],
+ &key));
+ len = sizeof(buf);
+ DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key));
+ if (compare_testvector(buf, len, openssl_priv_dsa, sizeof(openssl_priv_dsa),
+ "DSA private export failed from dsa_set_pqg_dsaparam()\n", 0)) {
+ return CRYPT_FAIL_TESTVECTOR;
+ }
+ dsa_free(&key);
+
+ return CRYPT_OK;
}
int dsa_test(void)
@@ -184,10 +253,11 @@ int dsa_test(void)
int stat1, stat2;
dsa_key key, key2;
- dsa_compat_test();
+ DO(_dsa_compat_test());
/* make a random key */
- DO(dsa_make_key(&yarrow_prng, find_prng("yarrow"), 20, 128, &key));
+ DO(dsa_generate_pqg(&yarrow_prng, find_prng("yarrow"), 20, 128, &key));
+ DO(dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key));
/* verify it */
DO(dsa_verify_key(&key, &stat1));
diff --git a/tests/mpi_test.c b/tests/mpi_test.c
new file mode 100644
index 0000000..a5e2161
--- /dev/null
+++ b/tests/mpi_test.c
@@ -0,0 +1,147 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include
+
+#ifdef LTC_MPI
+static int _radix_to_bin_test(void)
+{
+ /* RADIX 16 */
+ char *ghex = "2";
+ char *phex = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22"
+ "514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6"
+ "F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
+ "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB"
+ "9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E8603"
+ "9B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
+ "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
+ char *xhex = "A6681ADC386CE944C3DED9A7301DCC9C518250E3EDB62F959198F8DC0057DD6FB57ABAFD788198B1";
+ char *yhex = "39046632C834418DFA07B3091538B614D1FB5DBB785C0FBEA3B98B295BC0CD076A88D9452141A269"
+ "E8BAEB1DD654EBA03A5705318D129754CDF4003A8C399240FBB8F162490F6F0DC70E414B6FEE8808"
+ "6AFAA48E9F3A248EDC093452663D34E0E809D4F6BADBB36F80B6813EBF7C3281B862209E5604BDEA"
+ "8B8F5F7BFDC3EEB7ADB73048289BCEA0F5A5CDEE7DF91CD1F0BA632F06DBE9BA7EF014B84B02D497"
+ "CA7D0C60F734752A649DA496946B4E531B30D9F82EDD855636C0B0F2AE232E4186454E8887BB423E"
+ "32A5A2495EACBA99620ACD03A38345EBB6735E62330A8EE9AA6C8370410F5CD45AF37EE90A0DA95B"
+ "E96FC939E88FE0BD2CD09FC8F524208C";
+ /* RADIX 47 */
+ char *gr47 = "2";
+ char *pr47 = "F27Mg1SadOFIRbDOJ5dHgHiVF02Z1LHHQ6G5SLG2U8aTdfH1ETk4GARRE7WW99dBUBLb9e2OHFIaSM1A"
+ "ag2LNNjgYa9I9CjQGJihL3J7A2SGQe8j5Ch8EHMj5jVbAYDiQKhhPhM6Hc56fKS40GUfJkGO7KJ6EXZQ"
+ "VgbSa2AkPC65F91g0PaYie8AGNVaFKaV9HOQf3ia1iW4i6eCOB9CcBbH7TbQij8AEgjZ0VRBcLKc6UYO"
+ "1Zc3I2Jc0h1H2HBEH8ONI3OYBbaPV6XhAd8WCc60D0RDBU3H9U7cWL28a0c90XNO0dh5RXEFBbUCE2ZG"
+ "gh9XQSVIHkVbFIS5F5IGVOkiWAVc9i8BHB2V0UbGW6UdRTZVV";
+ char *xr47 = "6bhO7O9NWFRgEMjdU0Y5POj3c1JP15MYEdIg3FO1PEjUY2aGYNSXcaF01R";
+ char *yr47 = "3GNPNWEYfKML1cIbI7Cc1Z0O7aQLJgB734dO2i56LLYDdI4gHYk2GAbQH2WI97hNeC7dj3fPEH8I9gV9"
+ "U323AXj1AJXbFPFIHGOTdC29QUUeH2SSc6NWhfQDDXd5Q5iXCKEAUGX3SKcNFIfVOYJgZCLjfHYQdgOQ"
+ "GCjKNgbEV7Hj34MU3b79iANX2DbMYfb9iGi78BWH2HYAd7IAhk7U0OYGHKJX1bIUUj1KBLhAUg46GaER"
+ "G9W3ARMfBCj6kSdDF9TdkWAjWTDj722IeVJERC4bKU2VDFG20kDhCMF985efD1SS8DfXcdCHF1kDUkSA"
+ "884FHYiFEPkaagQOBQaN9BNaEHNbbd002DCIIX5eMP4HgPJPF";
+ /* RADIX 64 */
+ char *gr64 = "2";
+ char *pr64 = "3//////////yaFsg8XQC8qnCPYYu3S7D4f0au8YcVCT08BlgOx4viYKKe8UOuq1DtlbHcppJf36p0h2c"
+ "toNnGtJ+4rRMrHmaNaXRLsObv+nlHCGkccD+rh2/zSjlG6j+tkE6lxMecVfQwV915yIn/cIIXcKUpaMp"
+ "t207oueME/1PZQI3OSLTEQQHO/gFqapr+3PLqZtAEjbXnYyrOWXLAxdjKf1t2Mbcrd33LEIhoO1F5qR0"
+ "ZA625yCf1UHYuspZlZddSi60w60vidWwBi1wAFjSLTy6zCKidUAylsbLWN63cLINpgbMhb5T8c69Zw1H"
+ "0LSevQYgogQF//////////";
+ char *xr64 = "2cQ1hSE6pfHCFUsQSm7SoSKO9Gu+ssBvMHcFZS05VTRxLwklruWPYn";
+ char *yr64 = "v16Ooo3H1ZVe7imaLEBOKqVjTktXS3xwZkOifMy3D1sg8sKKXGQ9fwBhh7TPKww0wLmKnZHANLCtq03g"
+ "CEP90+xZnOaaFRmt73a5BR+w826hwf8wVEYIEt0aqKcOzDE3e2TJskjkpRu2sWJw/V3A1k68WdbO4lUg"
+ "BZrzx/SFkjwstC4WecywWzQNDxdtv7D7mkcCl1jlfkdxm5BXB0jINodqCOFSqTIfadQIMb6jEKnimsVW"
+ "ktOLMDi2myguZBa66HKw8Xxj2FZAbeabUhBgPOWhD0wE3HUksSrvYCmgEwQfiWt113rpKMlD+wGeDgLl"
+ "fRyavw8/WlIpGdyZr922C";
+ /* RADIX 256 */
+ unsigned char gbin[] = { 0x02 };
+ unsigned char pbin[] = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+ unsigned char xbin[] = {
+ 0xA6, 0x68, 0x1A, 0xDC, 0x38, 0x6C, 0xE9, 0x44, 0xC3, 0xDE, 0xD9, 0xA7, 0x30, 0x1D, 0xCC, 0x9C,
+ 0x51, 0x82, 0x50, 0xE3, 0xED, 0xB6, 0x2F, 0x95, 0x91, 0x98, 0xF8, 0xDC, 0x00, 0x57, 0xDD, 0x6F,
+ 0xB5, 0x7A, 0xBA, 0xFD, 0x78, 0x81, 0x98, 0xB1
+ };
+ unsigned char ybin[] = {
+ 0x39, 0x04, 0x66, 0x32, 0xC8, 0x34, 0x41, 0x8D, 0xFA, 0x07, 0xB3, 0x09, 0x15, 0x38, 0xB6, 0x14,
+ 0xD1, 0xFB, 0x5D, 0xBB, 0x78, 0x5C, 0x0F, 0xBE, 0xA3, 0xB9, 0x8B, 0x29, 0x5B, 0xC0, 0xCD, 0x07,
+ 0x6A, 0x88, 0xD9, 0x45, 0x21, 0x41, 0xA2, 0x69, 0xE8, 0xBA, 0xEB, 0x1D, 0xD6, 0x54, 0xEB, 0xA0,
+ 0x3A, 0x57, 0x05, 0x31, 0x8D, 0x12, 0x97, 0x54, 0xCD, 0xF4, 0x00, 0x3A, 0x8C, 0x39, 0x92, 0x40,
+ 0xFB, 0xB8, 0xF1, 0x62, 0x49, 0x0F, 0x6F, 0x0D, 0xC7, 0x0E, 0x41, 0x4B, 0x6F, 0xEE, 0x88, 0x08,
+ 0x6A, 0xFA, 0xA4, 0x8E, 0x9F, 0x3A, 0x24, 0x8E, 0xDC, 0x09, 0x34, 0x52, 0x66, 0x3D, 0x34, 0xE0,
+ 0xE8, 0x09, 0xD4, 0xF6, 0xBA, 0xDB, 0xB3, 0x6F, 0x80, 0xB6, 0x81, 0x3E, 0xBF, 0x7C, 0x32, 0x81,
+ 0xB8, 0x62, 0x20, 0x9E, 0x56, 0x04, 0xBD, 0xEA, 0x8B, 0x8F, 0x5F, 0x7B, 0xFD, 0xC3, 0xEE, 0xB7,
+ 0xAD, 0xB7, 0x30, 0x48, 0x28, 0x9B, 0xCE, 0xA0, 0xF5, 0xA5, 0xCD, 0xEE, 0x7D, 0xF9, 0x1C, 0xD1,
+ 0xF0, 0xBA, 0x63, 0x2F, 0x06, 0xDB, 0xE9, 0xBA, 0x7E, 0xF0, 0x14, 0xB8, 0x4B, 0x02, 0xD4, 0x97,
+ 0xCA, 0x7D, 0x0C, 0x60, 0xF7, 0x34, 0x75, 0x2A, 0x64, 0x9D, 0xA4, 0x96, 0x94, 0x6B, 0x4E, 0x53,
+ 0x1B, 0x30, 0xD9, 0xF8, 0x2E, 0xDD, 0x85, 0x56, 0x36, 0xC0, 0xB0, 0xF2, 0xAE, 0x23, 0x2E, 0x41,
+ 0x86, 0x45, 0x4E, 0x88, 0x87, 0xBB, 0x42, 0x3E, 0x32, 0xA5, 0xA2, 0x49, 0x5E, 0xAC, 0xBA, 0x99,
+ 0x62, 0x0A, 0xCD, 0x03, 0xA3, 0x83, 0x45, 0xEB, 0xB6, 0x73, 0x5E, 0x62, 0x33, 0x0A, 0x8E, 0xE9,
+ 0xAA, 0x6C, 0x83, 0x70, 0x41, 0x0F, 0x5C, 0xD4, 0x5A, 0xF3, 0x7E, 0xE9, 0x0A, 0x0D, 0xA9, 0x5B,
+ 0xE9, 0x6F, 0xC9, 0x39, 0xE8, 0x8F, 0xE0, 0xBD, 0x2C, 0xD0, 0x9F, 0xC8, 0xF5, 0x24, 0x20, 0x8C
+ };
+
+ struct {
+ int radix;
+ void* g; int glen;
+ void* p; int plen;
+ void* x; int xlen;
+ void* y; int ylen;
+ } test[4] = {
+ { 256, gbin, sizeof(gbin), pbin, sizeof(pbin), xbin, sizeof(xbin), ybin, sizeof(ybin) },
+ { 16, ghex, strlen(ghex)+1, phex, strlen(phex)+1, xhex, strlen(xhex)+1, yhex, strlen(yhex)+1 },
+ { 47, gr47, strlen(gr47)+1, pr47, strlen(pr47)+1, xr47, strlen(xr47)+1, yr47, strlen(yr47)+1 },
+ { 64, gr64, strlen(gr64)+1, pr64, strlen(pr64)+1, xr64, strlen(xr64)+1, yr64, strlen(yr64)+1 },
+ };
+ int i, j;
+ unsigned char key_parts[4][256];
+ unsigned long key_lens[4];
+
+ for (i = 1; i < 4; i++) {
+ for (j = 0; j < 4; ++j) {
+ key_lens[j] = sizeof(key_parts[j]);
+ }
+ DO(radix_to_bin(test[i].x, test[i].radix, key_parts[0], &key_lens[0]));
+ DO(radix_to_bin(test[i].y, test[i].radix, key_parts[1], &key_lens[1]));
+ DO(radix_to_bin(test[i].p, test[i].radix, key_parts[2], &key_lens[2]));
+ DO(radix_to_bin(test[i].g, test[i].radix, key_parts[3], &key_lens[3]));
+
+ if (compare_testvector(key_parts[0], key_lens[0], test[0].x, test[0].xlen, "radix_to_bin(x)", i)) return CRYPT_FAIL_TESTVECTOR;
+ if (compare_testvector(key_parts[1], key_lens[1], test[0].y, test[0].ylen, "radix_to_bin(y)", i)) return CRYPT_FAIL_TESTVECTOR;
+ if (compare_testvector(key_parts[2], key_lens[2], test[0].p, test[0].plen, "radix_to_bin(p)", i)) return CRYPT_FAIL_TESTVECTOR;
+ if (compare_testvector(key_parts[3], key_lens[3], test[0].g, test[0].glen, "radix_to_bin(g)", i)) return CRYPT_FAIL_TESTVECTOR;
+ }
+ return CRYPT_OK;
+}
+
+int mpi_test(void)
+{
+ return _radix_to_bin_test();
+}
+#else
+int mpi_test(void)
+{
+ return CRYPT_NOP;
+}
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/tests/rsa_test.c b/tests/rsa_test.c
index c2081f4..998ec84 100644
--- a/tests/rsa_test.c
+++ b/tests/rsa_test.c
@@ -112,25 +112,26 @@ static const unsigned char pkcs8_private_rsa[] = {
0xf1, 0x4a, 0x21, 0x56, 0x67, 0xfd, 0xcc, 0x20, 0xa3, 0x8f, 0x78, 0x18, 0x5a, 0x79, 0x3d, 0x2e,
0x8e, 0x7e, 0x86, 0x0a, 0xe6, 0xa8, 0x33, 0xc1, 0x04, 0x17, 0x4a, 0x9f };
-/* private keay - hexadecimal */
-static char *hex_d = "C862B9EADE44531D5697D9979E1ACF301E0A8845862930A34D9F616573E0D6878FB6F306A382DC7CACFE9B289AAEFDFBFE2F0ED89704E3BB1FD1EC0DBAA3497F47AC8A44047E86B739423FAD1EB70EA551F440631EFDBDEA9F419FA8901D6F0A5A9513110D80AF5F64988A2C786865B02B8BA25387CAF16404ABF27BDB83C881";
-static char *hex_dP = "6DEBC32D2EF05EA488310529008AD195299B83CF75DB31E37A27DE3A74300C764CD4502A402D39D99963A95D80AE53CA943F05231EF80504E1B835F217B3A089";
-static char *hex_dQ = "AB9088FA600829509A438BA050CCD85AFE976463717422A320025ACFEBC6169554D1CBAB8D1AC600FA08929C71D552523596714B8B920CD0E9BFAD630BA5E9B1";
-static char *hex_e = "010001";
-static char *hex_N = "CF9ADE648ADAC83320A9D783311954B29A85A7A1B77533B6A9AC8424B3DEDB7D852D9665E53F7295249F2868CA4FDB441C3E60128ADD26A5EBFF0B5ED48838492A6E5BBF123747BD056BBCDBF3EEE4118E41687C6113D742C880BE368FDC088B4FACA4E2760CC9636C495893EDCCAADC253B0A603F8B543AC34D31E794A444FD";
-static char *hex_p = "F7BE5E23C3323FBF8B8E3AEEFCFCCBE5F7F10BBC4282AED57A3ECAF7D5693F6425A21FB77575059242EBB8F1F30A05E394D1557835A036A09B7C92846CDDDC4D";
-static char *hex_q = "D6860E85420B0408842160F00E0D88FD1E3610654F1E53B40872805C3F596617E698F2E96C7A064CAC763DED8CA1CEAD1BBDB47D28BCE30E388D99D805B5A371";
-static char *hex_qP = "DCCC27C8E4DC6248D59BAFF5AB60F621FD53E2B75D09C91AA104A9FC612C5D04583A5A39F14A215667FDCC20A38F78185A793D2E8E7E860AE6A833C104174A9F";
-
-/* private keay - decimal */
-static char *dec_d = "140715588362011445903700789698620706303856890313846506579552319155852306603445626455616876267358538338151320072087950597426668358843246116141391746806252390039505422193715556188330352166601762210959618868365359433828069868584168017348772565936127608284367789455480066115411950431014508224203325089671253575809";
-static char *dec_dP = "5757027123463051531073361217943880203685183318942602176865989327630429772398553254013771630974725523559703665512845231173916766336576994271809362147385481";
-static char *dec_dQ = "8985566687080619280443708121716583572314829758991088624433980393739288226842152842353421251125477168722728289150354056572727675764519591179919295246625201";
-static char *dec_e = "65537";
-static char *dec_N = "145785157837445763858971808379627955816432214431353481009581718367907499729204464589803079767521523397316119124291441688063985017444589154155338311524887989148444674974298105211582428885045820631376256167593861203305479546421254276833052913791538765775697977909548553897629170045372476652935456198173974086909";
-static char *dec_p = "12975386429272921390465467849934248466500992474501042673679976015025637113752114471707151502138750486193421113099777767227628554763059580218432153760685133";
-static char *dec_q = "11235515692122231999359687466333538198133993435121038200055897831921312127192760781281669977582095991578071163376390471936482431583372835883432943212143473";
-static char *dec_qP = "11564102464723136702427739477324729528451027211272900753079601723449664482225846595388433622640284454614991112736446376964904474099700895632145077333609119";
+/* private key - hexadecimal */
+enum {
+ pk_d ,
+ pk_dP,
+ pk_dQ,
+ pk_e ,
+ pk_N ,
+ pk_p ,
+ pk_q ,
+ pk_qP,
+};
+static const char *hex_key[] = {
+ "C862B9EADE44531D5697D9979E1ACF301E0A8845862930A34D9F616573E0D6878FB6F306A382DC7CACFE9B289AAEFDFBFE2F0ED89704E3BB1FD1EC0DBAA3497F47AC8A44047E86B739423FAD1EB70EA551F440631EFDBDEA9F419FA8901D6F0A5A9513110D80AF5F64988A2C786865B02B8BA25387CAF16404ABF27BDB83C881",
+ "6DEBC32D2EF05EA488310529008AD195299B83CF75DB31E37A27DE3A74300C764CD4502A402D39D99963A95D80AE53CA943F05231EF80504E1B835F217B3A089",
+ "AB9088FA600829509A438BA050CCD85AFE976463717422A320025ACFEBC6169554D1CBAB8D1AC600FA08929C71D552523596714B8B920CD0E9BFAD630BA5E9B1",
+ "010001",
+ "CF9ADE648ADAC83320A9D783311954B29A85A7A1B77533B6A9AC8424B3DEDB7D852D9665E53F7295249F2868CA4FDB441C3E60128ADD26A5EBFF0B5ED48838492A6E5BBF123747BD056BBCDBF3EEE4118E41687C6113D742C880BE368FDC088B4FACA4E2760CC9636C495893EDCCAADC253B0A603F8B543AC34D31E794A444FD",
+ "F7BE5E23C3323FBF8B8E3AEEFCFCCBE5F7F10BBC4282AED57A3ECAF7D5693F6425A21FB77575059242EBB8F1F30A05E394D1557835A036A09B7C92846CDDDC4D",
+ "D6860E85420B0408842160F00E0D88FD1E3610654F1E53B40872805C3F596617E698F2E96C7A064CAC763DED8CA1CEAD1BBDB47D28BCE30E388D99D805B5A371",
+ "DCCC27C8E4DC6248D59BAFF5AB60F621FD53E2B75D09C91AA104A9FC612C5D04583A5A39F14A215667FDCC20A38F78185A793D2E8E7E860AE6A833C104174A9F" };
/*** openssl public RSA key in DER format */
static const unsigned char openssl_public_rsa[] = {
@@ -180,9 +181,9 @@ extern const unsigned long _der_tests_cacert_root_cert_size;
static int rsa_compat_test(void)
{
rsa_key key, pubkey;
- int stat;
- unsigned char buf[1024];
- unsigned long len;
+ int stat, i;
+ unsigned char buf[1024], key_parts[8][128];
+ unsigned long len, key_lens[8];
/* try reading the key */
DO(rsa_import(openssl_private_rsa, sizeof(openssl_private_rsa), &key));
@@ -206,15 +207,13 @@ static int rsa_compat_test(void)
/* now try to export private/public and compare */
len = sizeof(buf);
DO(rsa_export(buf, &len, PK_PRIVATE, &key));
- if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
- fprintf(stderr, "RSA private export failed to match OpenSSL output, %lu, %lu\n", len, (unsigned long)sizeof(openssl_private_rsa));
+ if (compare_testvector(buf, len, openssl_private_rsa, sizeof(openssl_private_rsa), "RSA private export (from OpenSSL)", 0)) {
return 1;
}
len = sizeof(buf);
DO(rsa_export(buf, &len, PK_PUBLIC, &key));
- if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
- fprintf(stderr, "RSA(private) public export failed to match OpenSSL output\n");
+ if (compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from OpenSSL private key)", 0)) {
return 1;
}
rsa_free(&key);
@@ -223,8 +222,7 @@ static int rsa_compat_test(void)
DO(rsa_import(openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), &key));
len = sizeof(buf);
DO(rsa_export(buf, &len, PK_PUBLIC, &key));
- if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
- fprintf(stderr, "RSA(public) stripped public import failed to match OpenSSL output\n");
+ if (compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from stripped OpenSSL)", 0)) {
return 1;
}
rsa_free(&key);
@@ -233,8 +231,7 @@ static int rsa_compat_test(void)
DO(rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &key));
len = sizeof(buf);
DO(rsa_export(buf, &len, PK_PUBLIC, &key));
- if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
- fprintf(stderr, "RSA(public) SSL public import failed to match OpenSSL output\n");
+ if (compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from OpenSSL)", 0)) {
return 1;
}
rsa_free(&key);
@@ -243,48 +240,32 @@ static int rsa_compat_test(void)
DO(rsa_import_pkcs8(pkcs8_private_rsa, sizeof(pkcs8_private_rsa), NULL, 0, &key));
len = sizeof(buf);
DO(rsa_export(buf, &len, PK_PRIVATE, &key));
- if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
- fprintf(stderr, "RSA private export failed to match rsa_import_pkcs8\n");
+ if (compare_testvector(buf, len, openssl_private_rsa, sizeof(openssl_private_rsa), "RSA private export (from PKCS#8)", 0)) {
return 1;
}
rsa_free(&key);
- /* try import private key from raw hexadecimal numbers */
- DO(rsa_import_radix(16, hex_N, hex_e, hex_d, hex_p, hex_q, hex_dP, hex_dQ, hex_qP, &key));
+ /* convert raw hexadecimal numbers to binary */
+ for (i = 0; i < 8; ++i) {
+ key_lens[i] = sizeof(key_parts[i]);
+ DO(radix_to_bin(hex_key[i], 16, key_parts[i], &key_lens[i]));
+ }
+ /* try import private key from converted raw hexadecimal numbers */
+ DO(rsa_set_key(key_parts[pk_N], key_lens[pk_N], key_parts[pk_e], key_lens[pk_e], key_parts[pk_d], key_lens[pk_d], &key));
+ DO(rsa_set_factors(key_parts[pk_p], key_lens[pk_p], key_parts[pk_q], key_lens[pk_q], &key));
+ DO(rsa_set_crt_params(key_parts[pk_dP], key_lens[pk_dP], key_parts[pk_dQ], key_lens[pk_dQ], key_parts[pk_qP], key_lens[pk_qP], &key));
len = sizeof(buf);
DO(rsa_export(buf, &len, PK_PRIVATE, &key));
- if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
- fprintf(stderr, "RSA private export failed to match rsa_import_radix(16, ..)\n");
+ if (compare_testvector(buf, len, openssl_private_rsa, sizeof(openssl_private_rsa), "RSA private export (from hex)", 0)) {
return 1;
}
rsa_free(&key);
- /* try import private key from raw decimal numbers */
- DO(rsa_import_radix(10, dec_N, dec_e, dec_d, dec_p, dec_q, dec_dP, dec_dQ, dec_qP, &key));
- len = sizeof(buf);
- DO(rsa_export(buf, &len, PK_PRIVATE, &key));
- if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
- fprintf(stderr, "RSA private export failed to match rsa_import_radix(10, ..)\n");
- return 1;
- }
- rsa_free(&key);
-
- /* try import public key from raw hexadecimal numbers */
- DO(rsa_import_radix(16, hex_N, hex_e, NULL, NULL, NULL, NULL, NULL, NULL, &key));
+ /* try import public key from converted raw hexadecimal numbers */
+ DO(rsa_set_key(key_parts[pk_N], key_lens[pk_N], key_parts[pk_e], key_lens[pk_e], NULL, 0, &key));
len = sizeof(buf);
DO(rsa_export(buf, &len, PK_PUBLIC, &key));
- if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
- fprintf(stderr, "RSA public export failed to match rsa_import_radix(16, ..)\n");
- return 1;
- }
- rsa_free(&key);
-
- /* try import public key from raw decimal numbers */
- DO(rsa_import_radix(10, dec_N, dec_e, NULL, NULL, NULL, NULL, NULL, NULL, &key));
- len = sizeof(buf);
- DO(rsa_export(buf, &len, PK_PUBLIC, &key));
- if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
- fprintf(stderr, "RSA public export failed to match rsa_import_radix(10, ..)\n");
+ if (compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from hex)", 0)) {
return 1;
}
rsa_free(&key);
diff --git a/tests/test.c b/tests/test.c
index 785617b..990404c 100644
--- a/tests/test.c
+++ b/tests/test.c
@@ -24,6 +24,7 @@ static const test_function test_functions[] =
LTC_TEST_FN(store_test),
LTC_TEST_FN(rotate_test),
LTC_TEST_FN(misc_test),
+ LTC_TEST_FN(mpi_test),
LTC_TEST_FN(cipher_hash_test),
LTC_TEST_FN(mac_test),
LTC_TEST_FN(modes_test),
diff --git a/tests/tomcrypt_test.h b/tests/tomcrypt_test.h
index 440180c..c2e4646 100644
--- a/tests/tomcrypt_test.h
+++ b/tests/tomcrypt_test.h
@@ -60,6 +60,7 @@ int base64_test(void);
int file_test(void);
int multi_test(void);
int prng_test(void);
+int mpi_test(void);
#ifdef LTC_PKCS_1
struct ltc_prng_descriptor* no_prng_desc_get(void);