Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							01f1845402 
							
						 
					 
					
						
						
							
							harden RSA CRT by implementing the proposed countermeasure  
						
						... 
						
						
						
						... from ch. 1.3 of [1]
[1] https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf  
						
						
					 
					
						2015-09-08 02:44:17 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							19e2526b82 
							
						 
					 
					
						
						
							
							add some make targets regarding code coverage  
						
						
						
						
					 
					
						2015-09-08 02:35:35 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							7db5760c91 
							
						 
					 
					
						
						
							
							add possibility to create combined coverage  
						
						... 
						
						
						
						Define the environment variable LTC_COVERAGE to something, run testme.sh
with all the coverage compile time options enabled and then 'make lcov'
creates the combined coverage for all combinations of compile-time
options handled in testme.sh.
e.g. LTC_COVERAGE=1 ./testme.sh "makefile -j3" "-DUSE_LTM -DLTM_DESC -I../libtommath -fprofile-arcs -ftest-coverage" "../libtommath/libtommath.a -lgcov" 
						
						
					 
					
						2015-09-08 01:36:13 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							21ed315527 
							
						 
					 
					
						
						
							
							ignore output of 'make doxy'  
						
						
						
						
					 
					
						2015-09-08 01:14:57 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							fd94034ba7 
							
						 
					 
					
						
						
							
							sort HEADERS in makefiles, so it doesn't change spontaneously  
						
						
						
						
					 
					
						2015-09-01 17:36:43 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							6ec93afa3c 
							
						 
					 
					
						
						
							
							clean-up test-build and extend tomcrypt_custom.h  
						
						... 
						
						
						
						added LTC_MINIMAL to be able do a build without nearly any
functionality :)
make sure timing resistant RSA & ECC are enabled if not said otherwise 
						
						
					 
					
						2015-09-01 17:36:43 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							8cb20e6059 
							
						 
					 
					
						
						
							
							add more DES test vectors  
						
						
						
						
					 
					
						2015-08-31 15:09:36 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							eb26b7efd4 
							
						 
					 
					
						
						
							
							Merge branch 'fix/ccm_constant_time' into develop  
						
						... 
						
						
						
						This closes  #73  and closes  #76  
						
						
					 
					
						2015-08-26 00:16:09 +02:00 
						 
				 
			
				
					
						
							
							
								Sebastian Verschoor 
							
						 
					 
					
						
						
						
						
							
						
						
							75b114517a 
							
						 
					 
					
						
						
							
							make sure no cache-based timing attack is possible  
						
						... 
						
						
						
						instead of two different buffers, there is just one buffer. Based upon the verification result, a mask is applied to the buffer before it is written to the output buffer. 
						
						
					 
					
						2015-08-26 00:08:38 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							09e4b0ec9b 
							
						 
					 
					
						
						
							
							don't reveal plaintext if authentication failed  
						
						... 
						
						
						
						Create two buffers of the same size as the input data.
Copy the input data to the first one and work with that version to hold the
decrypted data, zeroize the second one.
Copy depending on the verification result, either the zero-buffer or the
real plaintext to the output buffer. 
						
						
					 
					
						2015-08-26 00:08:38 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							6c11ca771b 
							
						 
					 
					
						
						
							
							fix compile error of tests  
						
						
						
						
					 
					
						2015-08-26 00:08:38 +02:00 
						 
				 
			
				
					
						
							
							
								Sebastian Verschoor 
							
						 
					 
					
						
						
						
						
							
						
						
							25af184cd5 
							
						 
					 
					
						
						
							
							Quickfix for issue  #73  
						
						... 
						
						
						
						The API of the function is changed (for decryption, tag is now an input
parameter). With the old API it is impossible to confirm to the NIST
specification and a timing sidechannel leak is inevitable. 
						
						
					 
					
						2015-08-26 00:08:38 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							38bfef2996 
							
						 
					 
					
						
						
							
							Merge branch 'aes-xts-accel' into develop  
						
						... 
						
						
						
						This fixes  #70  
						
						
					 
					
						2015-08-26 00:05:31 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							f9c8c9c229 
							
						 
					 
					
						
						
							
							also test XTS accelerators  
						
						
						
						
					 
					
						2015-08-26 00:05:07 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							181d2f2df7 
							
						 
					 
					
						
						
							
							auto-format xts code  
						
						
						
						
					 
					
						2015-08-26 00:02:50 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							b25d04ed94 
							
						 
					 
					
						
						
							
							fix pointer check  
						
						
						
						
					 
					
						2015-08-25 23:58:22 +02:00 
						 
				 
			
				
					
						
							
							
								Jerome Forissier 
							
						 
					 
					
						
						
						
						
							
						
						
							5c3f177b34 
							
						 
					 
					
						
						
							
							Add function pointers for accelerated XTS to ltc_cipher_descriptor  
						
						... 
						
						
						
						Similar to what already exists for other modes.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> 
						
						
					 
					
						2015-08-25 23:58:22 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							99214b53f6 
							
						 
					 
					
						
						
							
							add .clang-format  
						
						
						
						
					 
					
						2015-08-25 23:58:08 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							a13257094e 
							
						 
					 
					
						
						
							
							handle LTC_NO_FAST before handling LTC_FAST  
						
						
						
						
					 
					
						2015-08-23 22:59:15 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							61efc10852 
							
						 
					 
					
						
						
							
							update makefiles  
						
						
						
						
					 
					
						2015-08-23 22:59:14 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							ee03c97cde 
							
						 
					 
					
						
						
							
							add crc32  
						
						
						
						
					 
					
						2015-08-23 22:59:14 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							9585faca2b 
							
						 
					 
					
						
						
							
							re-work debug output of some tests  
						
						
						
						
					 
					
						2015-08-23 22:59:14 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							1987a2f975 
							
						 
					 
					
						
						
							
							add adler32 checksum algorithm  
						
						
						
						
					 
					
						2015-08-23 22:59:14 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							d6cea55b13 
							
						 
					 
					
						
						
							
							Merge branch 'pascal-brand-st-dev/ecc_raw' into develop  
						
						... 
						
						
						
						This fixes  #69  
						
						
					 
					
						2015-08-21 22:18:42 +02:00 
						 
				 
			
				
					
						
							
							
								Pascal Brand 
							
						 
					 
					
						
						
						
						
							
						
						
							3605983f09 
							
						 
					 
					
						
						
							
							Introduce ECC raw algorithms for sign and verify  
						
						... 
						
						
						
						As it is performed on dsa, raw sign and verify on ECC
are introduced.
Signed-off-by: Pascal Brand <pascal.brand@st.com> 
						
						
					 
					
						2015-08-21 22:14:03 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							0e8d8f8d81 
							
						 
					 
					
						
						
							
							Merge branch 'pascal-brand-st-dev/ecctest' into develop  
						
						... 
						
						
						
						This fixes  #68  
						
						
					 
					
						2015-08-21 22:12:02 +02:00 
						 
				 
			
				
					
						
							
							
								Pascal Brand 
							
						 
					 
					
						
						
						
						
							
						
						
							7313d1e6b0 
							
						 
					 
					
						
						
							
							Update ECC timing tests  
						
						... 
						
						
						
						Signed-off-by: Pascal Brand <pascal.brand@st.com> 
						
						
					 
					
						2015-08-21 22:09:25 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							08629ed2b0 
							
						 
					 
					
						
						
							
							Merge branch 'fix/issue74' into develop  
						
						... 
						
						
						
						This closes  #74  
						
						
					 
					
						2015-08-21 21:30:38 +02:00 
						 
				 
			
				
					
						
							
							
								Sebastian Verschoor 
							
						 
					 
					
						
						
						
						
							
						
						
							67973b04ae 
							
						 
					 
					
						
						
							
							fix   #74  
						
						
						
						
					 
					
						2015-08-21 21:29:56 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							c28cc9e3e9 
							
						 
					 
					
						
						
							
							crypt_build_settings: remove build date and time  
						
						
						
						
					 
					
						2015-05-07 10:32:12 +02:00 
						 
				 
			
				
					
						
							
							
								Karel Miko 
							
						 
					 
					
						
						
						
						
							
						
						
							aeaa6d4a51 
							
						 
					 
					
						
						
							
							cygwin related fix - variable name B0 changed to B_0 (part 2)  
						
						
						
						
					 
					
						2015-04-17 08:59:35 +02:00 
						 
				 
			
				
					
						
							
							
								Karel Miko 
							
						 
					 
					
						
						
						
						
							
						
						
							6a257e15cd 
							
						 
					 
					
						
						
							
							cygwin related fix - variable name B0 changed to B_0 as it caused collision when compiling libtomcrypt as a perl module (for some reason only on cygwin)  
						
						
						
						
					 
					
						2015-04-17 08:56:42 +02:00 
						 
				 
			
				
					
						
							
							
								Karel Miko 
							
						 
					 
					
						
						
						
						
							
						
						
							a8e91afb16 
							
						 
					 
					
						
						
							
							cygwin/64bit related fix - added !defined(__x86_64__)  
						
						
						
						
					 
					
						2015-04-17 08:50:38 +02:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							4981e2ab3f 
							
						 
					 
					
						
						
							
							Merge pull request  #61  from ulikoehler/reffix  
						
						... 
						
						
						
						Fix config file reference 
						
						
					 
					
						2015-03-28 08:31:21 -04:00 
						 
				 
			
				
					
						
							
							
								Uli Köhler 
							
						 
					 
					
						
						
						
						
							
						
						
							d24e9cd32d 
							
						 
					 
					
						
						
							
							Fix config file reference  
						
						
						
						
					 
					
						2015-03-27 21:41:51 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							925f1ec0e6 
							
						 
					 
					
						
						
							
							Merge pull request  #60  from pascal-brand-st-dev/memneq  
						
						... 
						
						
						
						Use XMEM_NEQ instead of mem_neq 
						
						
					 
					
						2015-02-27 10:11:14 +01:00 
						 
				 
			
				
					
						
							
							
								Pascal Brand 
							
						 
					 
					
						
						
						
						
							
						
						
							f20b5daf39 
							
						 
					 
					
						
						
							
							Use XMEM_NEQ instead of mem_neq  
						
						... 
						
						
						
						mem_neq is no more used directly. XMEM_NEQ is used instead,
in the same way XMEMCMP, XMEMCPY,... are.
Signed-off-by: Pascal Brand <pascal.brand@st.com> 
						
						
					 
					
						2015-02-27 08:54:30 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							dfa938a4f6 
							
						 
					 
					
						
						
							
							verify outcome when defining LTC_NOTHING  
						
						... 
						
						
						
						check that LTC_NOTHING really creates nothing but the libraries' basic
API functions 
						
						
					 
					
						2015-02-15 17:25:45 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							90e968a202 
							
						 
					 
					
						
						
							
							der_decode_subject_public_key_info: fix compile error  
						
						... 
						
						
						
						also make it possible to define min/max RSA key sizes externally
This closes  #59  
						
						
					 
					
						2015-02-15 16:32:12 +01:00 
						 
				 
			
				
					
						
							
							
								Saleem Abdulrasool 
							
						 
					 
					
						
						
						
						
							
						
						
							62878de0c5 
							
						 
					 
					
						
						
							
							adjust inline asm requiring constants  
						
						... 
						
						
						
						In order to ensure that the shift is within range, convert the inline assembly
routines into macros with compound statements. 
						
						
					 
					
						2015-01-20 22:36:07 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							e9f9c6fa55 
							
						 
					 
					
						
						
							
							create a makefile.include  
						
						... 
						
						
						
						it contains all the preparation and targets for the static and shared lib 
						
						
					 
					
						2015-01-20 22:36:07 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							0b6915740c 
							
						 
					 
					
						
						
							
							saferp: enclose macros in do{}while(0) loop  
						
						
						
						
					 
					
						2015-01-20 22:36:07 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							9782c09a3a 
							
						 
					 
					
						
						
							
							use XMEM{CMP, CPY, SET} macros instead of standard versions  
						
						
						
						
					 
					
						2015-01-20 22:36:06 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							b8bf2f13b8 
							
						 
					 
					
						
						
							
							Merge branch 'feature/const_memcmp' into develop  
						
						... 
						
						
						
						This closes  #57  
						
						
					 
					
						2015-01-20 22:35:44 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							46c038f7d4 
							
						 
					 
					
						
						
							
							adapt rsa_test() to modified pkcs#1 decoding routines  
						
						
						
						
					 
					
						2014-11-13 22:30:07 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							1e9e98aa0d 
							
						 
					 
					
						
						
							
							make pkcs#1 decode functions constant-time  
						
						... 
						
						
						
						as proposed in RFC 3447 only one error return code is used when there are
errors while decoding the pkcs#1 format.
also, all steps are executed and only the "output" is skipped if something
went wrong.
Sorry this could break backwards compatibility, since there's no more
BUFFER_OVERFLOW messaging.
Former error-handling code could also be affected because now there's only
OK as return code in cases where "res" is also set to '1'. 
						
						
					 
					
						2014-11-13 22:26:59 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							e57c92fd23 
							
						 
					 
					
						
						
							
							replace calls to standard memcmp with constant memcmp where necessary  
						
						
						
						
					 
					
						2014-11-13 22:09:45 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							d54425adb4 
							
						 
					 
					
						
						
							
							update makefiles  
						
						
						
						
					 
					
						2014-11-13 22:09:20 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							26c5d54e5c 
							
						 
					 
					
						
						
							
							add constant-time memcmp()  
						
						... 
						
						
						
						[skip ci] 
						
						
					 
					
						2014-11-12 23:59:27 +01:00 
						 
				 
			
				
					
						
							
							
								Steffen Jaeckel 
							
						 
					 
					
						
						
						
						
							
						
						
							ddca3d6422 
							
						 
					 
					
						
						
							
							Merge branch 'pascal-brand-st-dev/ccm' into develop  
						
						... 
						
						
						
						This closes  #55  
						
						
					 
					
						2014-11-02 17:02:21 +01:00