TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added libtomcrypt-0.97a

Browse Source
This commit is contained in:
Tom St Denis 2004-06-23 19:55:24 +00:00 committed by Steffen Jaeckel
parent 1a1141627d
commit e9c1c530b4
15 changed files with 132 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
changes
View File

@ -1,3 +1,18 @@
June 23rd, 2004
v0.97a ++ Fixed several potentially crippling bugs... [read on]
-- Fixed bug in OAEP decoder that would incorrectly report
buffer overflows. [Zhi Chen]
-- Fixed headers which had various C++ missing [extern "C"]'s
-- Added "extern" to sha384_desc descriptor which I removed by mistake
-- Fixed bugs in ENDIAN_BIG macros using the wrong byte order [Matt Johnston]
-- Updated tiger.c and des.c to not shadow "round" which is intrinsic on
some C compilers.
-- Updated demos/test/rsa_test.c to test the RSA functionality better
++ This update has been tested with GCC [v3.3.3], ICC [v8] and MSVC [v6+SP6]
all on a x86 P4 [GCC/ICC tested in Gentoo Linux, MSVC in WinXP]
++ Outcome: The bug Zhi Chen pointed out has been fixed. So have the bugs
that Matt Johnston found.
June 19th, 2004 June 19th, 2004
v0.97 -- Removed spurious unused files [arrg!] v0.97 -- Removed spurious unused files [arrg!]
-- Patched buffer overflow in tim_exptmod() -- Patched buffer overflow in tim_exptmod()

2
crypt.tex
View File

@ -47,7 +47,7 @@
\def\gap{\vspace{0.5ex}} \def\gap{\vspace{0.5ex}}
\makeindex \makeindex
\begin{document} \begin{document}
\title{LibTomCrypt \\ Version 0.97} \title{LibTomCrypt \\ Version 0.97a}
\author{Tom St Denis \\ \author{Tom St Denis \\
\\ \\
tomstdenis@iahu.ca \\ tomstdenis@iahu.ca \\

109
demos/test/rsa_test.c
View File

@ -1,11 +1,14 @@
#include "test.h" #include "test.h"
#define RSA_MSGSIZE 78
int rsa_test(void) int rsa_test(void)
{ {
unsigned char in[1024], out[1024], tmp[1024]; unsigned char in[1024], out[1024], tmp[1024];
rsa_key key; rsa_key key;
int hash_idx, prng_idx, stat, stat2; int hash_idx, prng_idx, stat, stat2;
unsigned long len, len2; unsigned long rsa_msgsize, len, len2;
static unsigned char lparam[] = { 0x01, 0x02, 0x03, 0x04 }; static unsigned char lparam[] = { 0x01, 0x02, 0x03, 0x04 };
hash_idx = find_hash("sha1"); hash_idx = find_hash("sha1");
@ -15,48 +18,82 @@ int rsa_test(void)
return 1; return 1;
} }
/* make a random key/msg */
yarrow_read(in, 20, &test_yarrow);
/* make a random key */ /* make a random key */
DO(rsa_make_key(&test_yarrow, prng_idx, 1024/8, 65537, &key)); DO(rsa_make_key(&test_yarrow, prng_idx, 1024/8, 65537, &key));
/* encrypt the key (without lparam) */ /* encrypt the key (without lparam) */
len = sizeof(out); for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) {
len2 = sizeof(tmp); /* make a random key/msg */
DO(rsa_encrypt_key(in, 20, out, &len, NULL, 0, &test_yarrow, prng_idx, hash_idx, &key)); yarrow_read(in, rsa_msgsize, &test_yarrow);
/* change a byte */
out[0] ^= 1; len = sizeof(out);
DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, &test_yarrow, prng_idx, hash_idx, &stat2, &key)); len2 = rsa_msgsize;
/* change a byte back */
out[0] ^= 1; DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, NULL, 0, &test_yarrow, prng_idx, hash_idx, &key));
DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, &test_yarrow, prng_idx, hash_idx, &stat, &key)); /* change a byte */
if (!(stat == 1 && stat2 == 0)) { out[8] ^= 1;
printf("rsa_decrypt_key failed"); DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, &test_yarrow, prng_idx, hash_idx, &stat2, &key));
return 1; /* change a byte back */
} out[8] ^= 1;
if (len2 != 20 || memcmp(tmp, in, 20)) { if (len2 != rsa_msgsize) {
printf("rsa_decrypt_key mismatch len %lu", len2); printf("\nrsa_decrypt_key mismatch len %lu (first decrypt)", len2);
return 1; return 1;
}
len2 = rsa_msgsize;
DO(rsa_decrypt_key(out, len, tmp, &len2, NULL, 0, &test_yarrow, prng_idx, hash_idx, &stat, &key));
if (!(stat == 1 && stat2 == 0)) {
printf("rsa_decrypt_key failed");
return 1;
}
if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
int x;
printf("\nrsa_decrypt_key mismatch, len %lu (second decrypt)\n", len2);
printf("Original contents: \n");
for (x = 0; x < rsa_msgsize; ) {
printf("%02x ", in[x]);
if (!(++x % 16)) {
printf("\n");
}
}
printf("\n");
printf("Output contents: \n");
for (x = 0; x < rsa_msgsize; ) {
printf("%02x ", out[x]);
if (!(++x % 16)) {
printf("\n");
}
}
printf("\n");
return 1;
}
} }
/* encrypt the key (with lparam) */ /* encrypt the key (with lparam) */
len = sizeof(out); for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) {
len2 = sizeof(tmp); len = sizeof(out);
DO(rsa_encrypt_key(in, 20, out, &len, lparam, sizeof(lparam), &test_yarrow, prng_idx, hash_idx, &key)); len2 = rsa_msgsize;
/* change a byte */ DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, lparam, sizeof(lparam), &test_yarrow, prng_idx, hash_idx, &key));
out[0] ^= 1; /* change a byte */
DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), &test_yarrow, prng_idx, hash_idx, &stat2, &key)); out[8] ^= 1;
/* change a byte back */ DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), &test_yarrow, prng_idx, hash_idx, &stat2, &key));
out[0] ^= 1; if (len2 != rsa_msgsize) {
DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), &test_yarrow, prng_idx, hash_idx, &stat, &key)); printf("\nrsa_decrypt_key mismatch len %lu (first decrypt)", len2);
if (!(stat == 1 && stat2 == 0)) { return 1;
printf("rsa_decrypt_key failed"); }
return 1; /* change a byte back */
} out[8] ^= 1;
if (len2 != 20 || memcmp(tmp, in, 20)) {
printf("rsa_decrypt_key mismatch len %lu", len2); len2 = rsa_msgsize;
return 1; DO(rsa_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), &test_yarrow, prng_idx, hash_idx, &stat, &key));
if (!(stat == 1 && stat2 == 0)) {
printf("rsa_decrypt_key failed");
return 1;
}
if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) {
printf("rsa_decrypt_key mismatch len %lu", len2);
return 1;
}
} }
/* sign a message (unsalted, lower cholestorol and Atkins approved) now */ /* sign a message (unsalted, lower cholestorol and Atkins approved) now */

6
des.c
View File

@ -1395,7 +1395,7 @@ static void _desfunc(ulong32 *block, const ulong32 *keys)
#endif #endif
{ {
ulong32 work, right, leftt; ulong32 work, right, leftt;
int round; int cur_round;
leftt = block[0]; leftt = block[0];
right = block[1]; right = block[1];
@ -1439,7 +1439,7 @@ static void _desfunc(ulong32 *block, const ulong32 *keys)
} }
#endif #endif
for (round = 0; round < 8; round++) { for (cur_round = 0; cur_round < 8; cur_round++) {
work = ROR(right, 4) ^ *keys++; work = ROR(right, 4) ^ *keys++;
leftt ^= SP7[work & 0x3fL] leftt ^= SP7[work & 0x3fL]
^ SP5[(work >> 8) & 0x3fL] ^ SP5[(work >> 8) & 0x3fL]
@ -1534,7 +1534,7 @@ int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_k
_ARGCHK(key != NULL); _ARGCHK(key != NULL);
_ARGCHK(skey != NULL); _ARGCHK(skey != NULL);
if( num_rounds != 0 && num_rounds != 16) { if(num_rounds != 0 && num_rounds != 16) {
return CRYPT_INVALID_ROUNDS; return CRYPT_INVALID_ROUNDS;
} }

BIN
doc/crypt.pdf
View File

Binary file not shown.

2
ltc_tommath.h
View File

@ -27,7 +27,7 @@
#define MAX(x,y) ((x)>(y)?(x):(y)) #define MAX(x,y) ((x)>(y)?(x):(y))
#ifdef __cplusplus #ifdef __cplusplus
"C" { extern "C" {
/* C++ compilers don't like assigning void * to mp_digit * */ /* C++ compilers don't like assigning void * to mp_digit * */
#define OPT_CAST(x) (x *) #define OPT_CAST(x) (x *)

2
makefile
View File

@ -4,7 +4,7 @@
# Modified by Clay Culver # Modified by Clay Culver
# The version # The version
VERSION=0.97 VERSION=0.97a
# Compiler and Linker Names # Compiler and Linker Names
#CC=gcc #CC=gcc

4
mycrypt.h
View File

@ -12,12 +12,12 @@
#include <mycrypt_custom.h> #include <mycrypt_custom.h>
#ifdef __cplusplus #ifdef __cplusplus
"C" { extern "C" {
#endif #endif
/* version */ /* version */
#define CRYPT 0x0097 #define CRYPT 0x0097
#define SCRYPT "0.97" #define SCRYPT "0.97a"
/* max size of either a cipher/hash block or symmetric key [largest of the two] */ /* max size of either a cipher/hash block or symmetric key [largest of the two] */
#define MAXBLOCKSIZE 64 #define MAXBLOCKSIZE 64

2
mycrypt_hash.h
View File

@ -149,7 +149,7 @@ extern struct _hash_descriptor {
#define sha384_process sha512_process #define sha384_process sha512_process
int sha384_done(hash_state * md, unsigned char *hash); int sha384_done(hash_state * md, unsigned char *hash);
int sha384_test(void); int sha384_test(void);
const struct _hash_descriptor sha384_desc; extern const struct _hash_descriptor sha384_desc;
#endif #endif
#ifdef SHA256 #ifdef SHA256

44
mycrypt_macros.h
View File

@ -125,26 +125,26 @@ typedef unsigned long ulong32;
#ifdef ENDIAN_BIG #ifdef ENDIAN_BIG
#define STORE32L(x, y) \ #define STORE32L(x, y) \
{ (y)[z0] = (unsigned char)(((x)>>24)&255); (y)[1] = (unsigned char)(((x)>>16)&255); \ { (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \
(y)[2] = (unsigned char)(((x)>>8)&255); (y)[3] = (unsigned char)((x)&255); } (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); }
#define LOAD32L(x, y) \ #define LOAD32L(x, y) \
{ x = ((unsigned long)((y)[0] & 255)<<24) | \ { x = ((unsigned long)((y)[3] & 255)<<24) | \
((unsigned long)((y)[1] & 255)<<16) | \ ((unsigned long)((y)[2] & 255)<<16) | \
((unsigned long)((y)[2] & 255)<<8) | \ ((unsigned long)((y)[1] & 255)<<8) | \
((unsigned long)((y)[3] & 255)); } ((unsigned long)((y)[0] & 255)); }
#define STORE64L(x, y) \ #define STORE64L(x, y) \
{ (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \ { (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255); \
(y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \ (y)[5] = (unsigned char)(((x)>>40)&255); (y)[4] = (unsigned char)(((x)>>32)&255); \
(y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \ (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \
(y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); } (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); }
#define LOAD64L(x, y) \ #define LOAD64L(x, y) \
{ x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \ { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48) | \
(((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32) | \ (((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32) | \
(((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16) | \ (((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16) | \
(((ulong64)((y)[6] & 255))<<8)|(((ulong64)((y)[7] & 255))); } (((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); }
#ifdef ENDIAN_32BITWORD #ifdef ENDIAN_32BITWORD
@ -155,16 +155,16 @@ typedef unsigned long ulong32;
memcpy(&(x), y, 4); memcpy(&(x), y, 4);
#define STORE64H(x, y) \ #define STORE64H(x, y) \
{ (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255); \ { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \
(y)[5] = (unsigned char)(((x)>>40)&255); (y)[4] = (unsigned char)(((x)>>32)&255); \ (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \
(y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \ (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \
(y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); } (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); }
#define LOAD64H(x, y) \ #define LOAD64H(x, y) \
{ x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48)| \ { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48)| \
(((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32)| \ (((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32)| \
(((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16)| \ (((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16)| \
(((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); } (((ulong64)((y)[6] & 255))<<8)| (((ulong64)((y)[7] & 255))); }
#else /* 64-bit words then */ #else /* 64-bit words then */

2
pkcs_1_oaep_decode.c
View File

@ -140,7 +140,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen,
} }
/* rest is the message (and skip 0x01) */ /* rest is the message (and skip 0x01) */
if (msglen - ++x > *outlen) { if ((modulus_len - hLen - 1) - ++x > *outlen) {
err = CRYPT_BUFFER_OVERFLOW; err = CRYPT_BUFFER_OVERFLOW;
goto __ERR; goto __ERR;
} }

3
pkcs_1_oaep_encode.c
View File

@ -58,7 +58,6 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen,
return CRYPT_MEM; return CRYPT_MEM;
} }
/* test message size */ /* test message size */
if (msglen > (modulus_len - 2*hLen - 2)) { if (msglen > (modulus_len - 2*hLen - 2)) {
err = CRYPT_PK_INVALID_SIZE; err = CRYPT_PK_INVALID_SIZE;
@ -66,7 +65,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen,
} }
/* get lhash */ /* get lhash */
// DB == lhash || PS || 0x01 || M, PS == k - mlen - 2hlen - 2 zeroes /* DB == lhash || PS || 0x01 || M, PS == k - mlen - 2hlen - 2 zeroes */
x = modulus_len; x = modulus_len;
if (lparam != NULL) { if (lparam != NULL) {
if ((err = hash_memory(hash_idx, lparam, lparamlen, DB, &x)) != CRYPT_OK) { if ((err = hash_memory(hash_idx, lparam, lparamlen, DB, &x)) != CRYPT_OK) {

1
pkcs_1_pss_decode.c
View File

@ -111,6 +111,7 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
} }
} }
/* check for the 0x01 */
if (DB[x++] != 0x01) { if (DB[x++] != 0x01) {
err = CRYPT_OK; err = CRYPT_OK;
goto __ERR; goto __ERR;

18
tiger.c
View File

@ -558,7 +558,7 @@ static const ulong64 table[4*256] = {
#endif #endif
/* one round of the hash function */ /* one round of the hash function */
INLINE static void round(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 x, int mul) INLINE static void tiger_round(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 x, int mul)
{ {
ulong64 tmp; ulong64 tmp;
tmp = (*c ^= x); tmp = (*c ^= x);
@ -574,14 +574,14 @@ INLINE static void round(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 x, int mul)
/* one complete pass */ /* one complete pass */
static void pass(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 *x, int mul) static void pass(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 *x, int mul)
{ {
round(a,b,c,x[0],mul); tiger_round(a,b,c,x[0],mul);
round(b,c,a,x[1],mul); tiger_round(b,c,a,x[1],mul);
round(c,a,b,x[2],mul); tiger_round(c,a,b,x[2],mul);
round(a,b,c,x[3],mul); tiger_round(a,b,c,x[3],mul);
round(b,c,a,x[4],mul); tiger_round(b,c,a,x[4],mul);
round(c,a,b,x[5],mul); tiger_round(c,a,b,x[5],mul);
round(a,b,c,x[6],mul); tiger_round(a,b,c,x[6],mul);
round(b,c,a,x[7],mul); tiger_round(b,c,a,x[7],mul);
} }
/* The key mixing schedule */ /* The key mixing schedule */