Import libgcrypt 1.5.3.

This commit is contained in:
Vladimir Serbinenko 2013-11-07 06:35:50 +01:00
parent c12936c5d1
commit d1307d873a
72 changed files with 11732 additions and 2916 deletions

View file

@ -108,7 +108,7 @@ CPPFLAGS_GNULIB = -I$(top_builddir)/grub-core/gnulib -I$(top_srcdir)/grub-core/g
CFLAGS_POSIX = -fno-builtin CFLAGS_POSIX = -fno-builtin
CPPFLAGS_POSIX = -I$(top_srcdir)/grub-core/lib/posix_wrap CPPFLAGS_POSIX = -I$(top_srcdir)/grub-core/lib/posix_wrap
CFLAGS_GCRY = -Wno-error -Wno-missing-field-initializers -Wno-redundant-decls $(CFLAGS_POSIX) CFLAGS_GCRY = -Wno-error -Wno-missing-field-initializers -Wno-redundant-decls -Wno-undef $(CFLAGS_POSIX)
CPPFLAGS_GCRY = -I$(top_srcdir)/grub-core/lib/libgcrypt_wrap $(CPPFLAGS_POSIX) -D_GCRYPT_IN_LIBGCRYPT=1 -I$(top_srcdir)/include/grub/gcrypt CPPFLAGS_GCRY = -I$(top_srcdir)/grub-core/lib/libgcrypt_wrap $(CPPFLAGS_POSIX) -D_GCRYPT_IN_LIBGCRYPT=1 -I$(top_srcdir)/include/grub/gcrypt
CPPFLAGS_EFIEMU = -I$(top_srcdir)/grub-core/efiemu/runtime CPPFLAGS_EFIEMU = -I$(top_srcdir)/grub-core/efiemu/runtime

View file

@ -6,6 +6,8 @@
#define __powerpc__ 1 #define __powerpc__ 1
#endif #endif
#define GCRYPT_NO_DEPRECATED 1
/* Define to 1 to enable disk cache statistics. */ /* Define to 1 to enable disk cache statistics. */
#define DISK_CACHE_STATS @DISK_CACHE_STATS@ #define DISK_CACHE_STATS @DISK_CACHE_STATS@
#define BOOT_TIME_STATS @BOOT_TIME_STATS@ #define BOOT_TIME_STATS @BOOT_TIME_STATS@

File diff suppressed because it is too large Load diff

View file

@ -23,7 +23,7 @@ EXTRA_DIST = Manifest
# Need to include ../src in addition to top_srcdir because gcrypt.h is # Need to include ../src in addition to top_srcdir because gcrypt.h is
# a built header. # a built header.
AM_CPPFLAGS = -I../src -I$(top_srcdir)/src AM_CPPFLAGS = -I../src -I$(top_srcdir)/src
AM_CFLAGS = $(GPG_ERROR_CFLAGS) AM_CFLAGS = $(GPG_ERROR_CFLAGS)
@ -35,7 +35,7 @@ libcipher_la_DEPENDENCIES = $(GCRYPT_MODULES)
libcipher_la_LIBADD = $(GCRYPT_MODULES) libcipher_la_LIBADD = $(GCRYPT_MODULES)
libcipher_la_SOURCES = \ libcipher_la_SOURCES = \
cipher.c pubkey.c ac.c md.c \ cipher.c pubkey.c ac.c md.c kdf.c \
hmac-tests.c \ hmac-tests.c \
bithelp.h \ bithelp.h \
primegen.c \ primegen.c \
@ -51,6 +51,7 @@ des.c \
dsa.c \ dsa.c \
elgamal.c \ elgamal.c \
ecc.c \ ecc.c \
idea.c \
md4.c \ md4.c \
md5.c \ md5.c \
rijndael.c rijndael-tables.h \ rijndael.c rijndael-tables.h \
@ -68,7 +69,7 @@ rfc2268.c \
camellia.c camellia.h camellia-glue.c camellia.c camellia.h camellia-glue.c
if ENABLE_O_FLAG_MUNGING if ENABLE_O_FLAG_MUNGING
o_flag_munging = sed -e 's/-O[2-9s]*/-O1/g' o_flag_munging = sed -e 's/-O\([2-9s][2-9s]*\)/-O1/' -e 's/-Ofast/-O1/g'
else else
o_flag_munging = cat o_flag_munging = cat
endif endif

View file

@ -1,19 +1,19 @@
/* ac.c - Alternative interface for asymmetric cryptography. /* ac.c - Alternative interface for asymmetric cryptography.
Copyright (C) 2003, 2004, 2005, 2006 Copyright (C) 2003, 2004, 2005, 2006
2007, 2008 Free Software Foundation, Inc. 2007, 2008 Free Software Foundation, Inc.
This file is part of Libgcrypt. This file is part of Libgcrypt.
Libgcrypt is free software; you can redistribute it and/or modify Libgcrypt is free software; you can redistribute it and/or modify
it under the terms of the GNU Lesser general Public License as it under the terms of the GNU Lesser general Public License as
published by the Free Software Foundation; either version 2.1 of published by the Free Software Foundation; either version 2.1 of
the License, or (at your option) any later version. the License, or (at your option) any later version.
Libgcrypt is distributed in the hope that it will be useful, Libgcrypt is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details. GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public You should have received a copy of the GNU Lesser General Public
License along with this program; if not, see <http://www.gnu.org/licenses/>. License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/ */
@ -115,7 +115,7 @@ struct gcry_ac_key_pair
/* /*
* Functions for working with data sets. * Functions for working with data sets.
*/ */
@ -151,7 +151,7 @@ static void
ac_data_values_destroy (gcry_ac_data_t data) ac_data_values_destroy (gcry_ac_data_t data)
{ {
unsigned int i; unsigned int i;
for (i = 0; i < data->data_n; i++) for (i = 0; i < data->data_n; i++)
if (data->data[i].flags & GCRY_AC_FLAG_DEALLOC) if (data->data[i].flags & GCRY_AC_FLAG_DEALLOC)
{ {
@ -256,7 +256,7 @@ _gcry_ac_data_copy (gcry_ac_data_t *data_cp, gcry_ac_data_t data)
err = ac_data_mpi_copy (data->data, data->data_n, &data_mpis); err = ac_data_mpi_copy (data->data, data->data_n, &data_mpis);
if (err) if (err)
goto out; goto out;
data_new->data_n = data->data_n; data_new->data_n = data->data_n;
data_new->data = data_mpis; data_new->data = data_mpis;
*data_cp = data_new; *data_cp = data_new;
@ -524,13 +524,13 @@ _gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
i++; i++;
} }
identifiers_n = i; identifiers_n = i;
if (! identifiers_n) if (! identifiers_n)
/* If there are NO identifiers, we still add surrounding braces so /* If there are NO identifiers, we still add surrounding braces so
that we have a list of named MPI value lists. Otherwise it that we have a list of named MPI value lists. Otherwise it
wouldn't be too much fun to process these lists. */ wouldn't be too much fun to process these lists. */
sexp_buffer_n += 2; sexp_buffer_n += 2;
data_n = _gcry_ac_data_length (data); data_n = _gcry_ac_data_length (data);
for (i = 0; i < data_n; i++) for (i = 0; i < data_n; i++)
{ {
@ -666,7 +666,7 @@ _gcry_ac_data_from_sexp (gcry_ac_data_t *data_set, gcry_sexp_t sexp,
/* Identifier matches. Now we have to distinguish two /* Identifier matches. Now we have to distinguish two
cases: cases:
(i) we are at the last identifier: (i) we are at the last identifier:
leave loop leave loop
@ -725,7 +725,7 @@ _gcry_ac_data_from_sexp (gcry_ac_data_t *data_set, gcry_sexp_t sexp,
skip_name = 0; skip_name = 0;
/* Create data set from S-expression data. */ /* Create data set from S-expression data. */
err = gcry_ac_data_new (&data_set_new); err = gcry_ac_data_new (&data_set_new);
if (err) if (err)
goto out; goto out;
@ -793,7 +793,7 @@ _gcry_ac_data_from_sexp (gcry_ac_data_t *data_set, gcry_sexp_t sexp,
gcry_sexp_release (sexp_tmp); gcry_sexp_release (sexp_tmp);
gcry_mpi_release (mpi); gcry_mpi_release (mpi);
gcry_free (string); gcry_free (string);
if (err) if (err)
gcry_ac_data_destroy (data_set_new); gcry_ac_data_destroy (data_set_new);
@ -1005,7 +1005,7 @@ _gcry_ac_io_read (gcry_ac_io_t *ac_io,
unsigned int nread, unsigned char *buffer, size_t *buffer_n) unsigned int nread, unsigned char *buffer, size_t *buffer_n)
{ {
gcry_error_t err; gcry_error_t err;
gcry_assert (ac_io->mode == GCRY_AC_IO_READABLE); gcry_assert (ac_io->mode == GCRY_AC_IO_READABLE);
err = 0; err = 0;
@ -1072,7 +1072,7 @@ _gcry_ac_io_read_all (gcry_ac_io_t *ac_io, unsigned char **buffer, size_t *buffe
err = gcry_error_from_errno (errno); err = gcry_error_from_errno (errno);
break; break;
} }
if (buffer_new != p) if (buffer_new != p)
buffer_new = p; buffer_new = p;
@ -1132,7 +1132,7 @@ _gcry_ac_io_process (gcry_ac_io_t *ac_io,
/* /*
* Functions for converting data between the native ac and the * Functions for converting data between the native ac and the
* S-expression structure used by the pk interface. * S-expression structure used by the pk interface.
*/ */
@ -1403,7 +1403,7 @@ _gcry_ac_open (gcry_ac_handle_t *handle,
err = _gcry_pk_module_lookup (algorithm, &module); err = _gcry_pk_module_lookup (algorithm, &module);
if (err) if (err)
goto out; goto out;
/* Allocate. */ /* Allocate. */
handle_new = gcry_malloc (sizeof (*handle_new)); handle_new = gcry_malloc (sizeof (*handle_new));
if (! handle_new) if (! handle_new)
@ -1420,7 +1420,7 @@ _gcry_ac_open (gcry_ac_handle_t *handle,
*handle = handle_new; *handle = handle_new;
out: out:
/* Deallocate resources. */ /* Deallocate resources. */
if (err) if (err)
_gcry_pk_module_release (module); _gcry_pk_module_release (module);
@ -1443,7 +1443,7 @@ _gcry_ac_close (gcry_ac_handle_t handle)
/* /*
* Key management. * Key management.
*/ */
@ -1662,7 +1662,7 @@ _gcry_ac_key_pair_generate (gcry_ac_handle_t handle, unsigned int nbits,
out: out:
/* Deallocate resources. */ /* Deallocate resources. */
gcry_free (genkey_format); gcry_free (genkey_format);
gcry_free (arg_list); gcry_free (arg_list);
gcry_sexp_release (genkey_sexp_request); gcry_sexp_release (genkey_sexp_request);
@ -1682,7 +1682,7 @@ _gcry_ac_key_pair_generate (gcry_ac_handle_t handle, unsigned int nbits,
/* Returns the key of type WHICH out of the key pair KEY_PAIR. */ /* Returns the key of type WHICH out of the key pair KEY_PAIR. */
gcry_ac_key_t gcry_ac_key_t
_gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair, _gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
gcry_ac_key_type_t which) gcry_ac_key_type_t which)
{ {
gcry_ac_key_t key; gcry_ac_key_t key;
@ -1851,7 +1851,7 @@ _gcry_ac_key_get_grip (gcry_ac_handle_t handle,
/* /*
* Functions performing cryptographic operations. * Functions performing cryptographic operations.
*/ */
@ -2176,7 +2176,7 @@ em_randomize_nonzero (unsigned char *buffer, size_t buffer_n,
for (i = 0; i < buffer_n; i++) for (i = 0; i < buffer_n; i++)
buffer[i] = 0; buffer[i] = 0;
do do
{ {
/* Count zeros. */ /* Count zeros. */
@ -2384,7 +2384,7 @@ emsa_pkcs_v1_5_encode (unsigned int flags, void *opts,
unsigned int i; unsigned int i;
(void)flags; (void)flags;
options = opts; options = opts;
buffer = NULL; buffer = NULL;
md = NULL; md = NULL;
@ -2656,7 +2656,7 @@ _gcry_ac_mpi_to_os_alloc (gcry_mpi_t mpi, unsigned char **os, size_t *os_n)
err = gcry_error_from_errno (errno); err = gcry_error_from_errno (errno);
goto out; goto out;
} }
_gcry_ac_mpi_to_os (mpi, buffer, buffer_n); _gcry_ac_mpi_to_os (mpi, buffer, buffer_n);
*os = buffer; *os = buffer;
*os_n = buffer_n; *os_n = buffer_n;
@ -2676,7 +2676,7 @@ _gcry_ac_os_to_mpi (gcry_mpi_t mpi, unsigned char *os, size_t os_n)
gcry_mpi_t xi; gcry_mpi_t xi;
gcry_mpi_t x; gcry_mpi_t x;
gcry_mpi_t a; gcry_mpi_t a;
if (fips_mode ()) if (fips_mode ())
return; return;
@ -2692,7 +2692,7 @@ _gcry_ac_os_to_mpi (gcry_mpi_t mpi, unsigned char *os, size_t os_n)
gcry_mpi_add (x, x, xi); gcry_mpi_add (x, x, xi);
gcry_mpi_mul_ui (a, a, 256); gcry_mpi_mul_ui (a, a, 256);
} }
gcry_mpi_release (xi); gcry_mpi_release (xi);
gcry_mpi_release (a); gcry_mpi_release (a);
@ -2702,7 +2702,7 @@ _gcry_ac_os_to_mpi (gcry_mpi_t mpi, unsigned char *os, size_t os_n)
/* /*
* Implementation of Encryption Schemes (ES) and Signature Schemes * Implementation of Encryption Schemes (ES) and Signature Schemes
* with Appendix (SSA). * with Appendix (SSA).
*/ */
@ -2824,7 +2824,7 @@ ac_dencode_prepare (gcry_ac_handle_t handle, gcry_ac_key_t key, void *opts,
err = gcry_error_from_errno (errno); err = gcry_error_from_errno (errno);
goto out; goto out;
} }
err = (*scheme.dencode_prepare) (handle, key, opts, options_em); err = (*scheme.dencode_prepare) (handle, key, opts, options_em);
if (err) if (err)
goto out; goto out;
@ -3065,7 +3065,7 @@ _gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
goto out; goto out;
out: out:
_gcry_ac_data_destroy (data_encrypted); _gcry_ac_data_destroy (data_encrypted);
gcry_mpi_release (mpi_encrypted); gcry_mpi_release (mpi_encrypted);
gcry_mpi_release (mpi_decrypted); gcry_mpi_release (mpi_decrypted);
@ -3270,7 +3270,7 @@ _gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
gcry_mpi_release (mpi_signature); gcry_mpi_release (mpi_signature);
mpi_signature = NULL; mpi_signature = NULL;
err = _gcry_ac_data_verify (handle, key, mpi_data, data_signed); err = _gcry_ac_data_verify (handle, key, mpi_data, data_signed);
out: out:
@ -3287,7 +3287,7 @@ _gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
} }
/* /*
* General functions. * General functions.
*/ */

View file

@ -45,7 +45,7 @@ do_encrypt_stream( ARCFOUR_context *ctx,
register int i = ctx->idx_i; register int i = ctx->idx_i;
register int j = ctx->idx_j; register int j = ctx->idx_j;
register byte *sbox = ctx->sbox; register byte *sbox = ctx->sbox;
register int t; register int t;
while ( length-- ) while ( length-- )
{ {
@ -56,7 +56,7 @@ do_encrypt_stream( ARCFOUR_context *ctx,
t = sbox[i]; sbox[i] = sbox[j]; sbox[j] = t; t = sbox[i]; sbox[i] = sbox[j]; sbox[j] = t;
*outbuf++ = *inbuf++ ^ sbox[(sbox[i] + sbox[j]) & 255]; *outbuf++ = *inbuf++ ^ sbox[(sbox[i] + sbox[j]) & 255];
} }
ctx->idx_i = i; ctx->idx_i = i;
ctx->idx_j = j; ctx->idx_j = j;
} }
@ -80,7 +80,7 @@ do_arcfour_setkey (void *context, const byte *key, unsigned int keylen)
byte karr[256]; byte karr[256];
ARCFOUR_context *ctx = (ARCFOUR_context *) context; ARCFOUR_context *ctx = (ARCFOUR_context *) context;
if (!initialized ) if (!initialized )
{ {
initialized = 1; initialized = 1;
selftest_failed = selftest(); selftest_failed = selftest();
@ -98,14 +98,14 @@ do_arcfour_setkey (void *context, const byte *key, unsigned int keylen)
ctx->sbox[i] = i; ctx->sbox[i] = i;
for (i=0; i < 256; i++ ) for (i=0; i < 256; i++ )
karr[i] = key[i%keylen]; karr[i] = key[i%keylen];
for (i=j=0; i < 256; i++ ) for (i=j=0; i < 256; i++ )
{ {
int t; int t;
j = (j + ctx->sbox[i] + karr[i]) % 256; j = (j + ctx->sbox[i] + karr[i]) % 256;
t = ctx->sbox[i]; t = ctx->sbox[i];
ctx->sbox[i] = ctx->sbox[j]; ctx->sbox[i] = ctx->sbox[j];
ctx->sbox[j] = t; ctx->sbox[j] = t;
} }
memset( karr, 0, 256 ); memset( karr, 0, 256 );
return GPG_ERR_NO_ERROR; return GPG_ERR_NO_ERROR;
@ -125,8 +125,8 @@ static const char*
selftest(void) selftest(void)
{ {
ARCFOUR_context ctx; ARCFOUR_context ctx;
byte scratch[16]; byte scratch[16];
/* Test vector from Cryptlib labeled there: "from the /* Test vector from Cryptlib labeled there: "from the
State/Commerce Department". */ State/Commerce Department". */
static byte key_1[] = static byte key_1[] =
@ -153,4 +153,3 @@ gcry_cipher_spec_t _gcry_cipher_spec_arcfour =
"ARCFOUR", NULL, NULL, 1, 128, sizeof (ARCFOUR_context), "ARCFOUR", NULL, NULL, 1, 128, sizeof (ARCFOUR_context),
arcfour_setkey, NULL, NULL, encrypt_stream, encrypt_stream, arcfour_setkey, NULL, NULL, encrypt_stream, encrypt_stream,
}; };

View file

@ -501,7 +501,7 @@ do_bf_setkey (BLOWFISH_context *c, const byte *key, unsigned keylen)
static int initialized; static int initialized;
static const char *selftest_failed; static const char *selftest_failed;
if( !initialized ) if( !initialized )
{ {
initialized = 1; initialized = 1;
selftest_failed = selftest(); selftest_failed = selftest();
@ -513,7 +513,7 @@ do_bf_setkey (BLOWFISH_context *c, const byte *key, unsigned keylen)
for(i=0; i < BLOWFISH_ROUNDS+2; i++ ) for(i=0; i < BLOWFISH_ROUNDS+2; i++ )
c->p[i] = ps[i]; c->p[i] = ps[i];
for(i=0; i < 256; i++ ) for(i=0; i < 256; i++ )
{ {
c->s0[i] = ks0[i]; c->s0[i] = ks0[i];
c->s1[i] = ks1[i]; c->s1[i] = ks1[i];
@ -521,7 +521,7 @@ do_bf_setkey (BLOWFISH_context *c, const byte *key, unsigned keylen)
c->s3[i] = ks3[i]; c->s3[i] = ks3[i];
} }
for(i=j=0; i < BLOWFISH_ROUNDS+2; i++ ) for(i=j=0; i < BLOWFISH_ROUNDS+2; i++ )
{ {
#ifdef WORDS_BIGENDIAN #ifdef WORDS_BIGENDIAN
((byte*)&data)[0] = key[j]; ((byte*)&data)[0] = key[j];
@ -545,7 +545,7 @@ do_bf_setkey (BLOWFISH_context *c, const byte *key, unsigned keylen)
c->p[i] = datal; c->p[i] = datal;
c->p[i+1] = datar; c->p[i+1] = datar;
} }
for(i=0; i < 256; i += 2 ) for(i=0; i < 256; i += 2 )
{ {
do_encrypt( c, &datal, &datar ); do_encrypt( c, &datal, &datar );
c->s0[i] = datal; c->s0[i] = datal;

View file

@ -32,7 +32,7 @@
* space of the library clean. The following macro is thus useful: * space of the library clean. The following macro is thus useful:
* *
* #define CAMELLIA_EXT_SYM_PREFIX foo_ * #define CAMELLIA_EXT_SYM_PREFIX foo_
* *
* This prefixes all external symbols with "foo_". * This prefixes all external symbols with "foo_".
*/ */
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
@ -50,7 +50,7 @@
#define camellia_encrypt128 CAMELLIA_PREFIX(camellia_encrypt128) #define camellia_encrypt128 CAMELLIA_PREFIX(camellia_encrypt128)
#define camellia_encrypt256 CAMELLIA_PREFIX(camellia_encrypt256) #define camellia_encrypt256 CAMELLIA_PREFIX(camellia_encrypt256)
#define camellia_setup128 CAMELLIA_PREFIX(camellia_setup128) #define camellia_setup128 CAMELLIA_PREFIX(camellia_setup128)
#define camellia_setup192 CAMELLIA_PREFIX(camellia_setup192) #define camellia_setup192 CAMELLIA_PREFIX(camellia_setup192)
#define camellia_setup256 CAMELLIA_PREFIX(camellia_setup256) #define camellia_setup256 CAMELLIA_PREFIX(camellia_setup256)
#endif /*CAMELLIA_EXT_SYM_PREFIX*/ #endif /*CAMELLIA_EXT_SYM_PREFIX*/
@ -99,7 +99,7 @@ camellia_setkey(void *c, const byte *key, unsigned keylen)
+(4+32)*sizeof(u32)+2*sizeof(void*) /* camellia_setup192 */ +(4+32)*sizeof(u32)+2*sizeof(void*) /* camellia_setup192 */
+0+sizeof(int)+2*sizeof(void*) /* Camellia_Ekeygen */ +0+sizeof(int)+2*sizeof(void*) /* Camellia_Ekeygen */
+3*2*sizeof(void*) /* Function calls. */ +3*2*sizeof(void*) /* Function calls. */
); );
return 0; return 0;
} }
@ -137,7 +137,7 @@ selftest(void)
{ {
CAMELLIA_context ctx; CAMELLIA_context ctx;
byte scratch[16]; byte scratch[16];
/* These test vectors are from RFC-3713 */ /* These test vectors are from RFC-3713 */
const byte plaintext[]= const byte plaintext[]=
{ {

View file

@ -19,7 +19,7 @@
*/ */
/* /*
* Algorithm Specification * Algorithm Specification
* http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
*/ */
@ -937,7 +937,7 @@ void camellia_setup256(const unsigned char *key, u32 *subkey)
CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw; CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw;
dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw); dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw);
CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw; CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw;
return; return;
} }
@ -1049,14 +1049,14 @@ void camellia_encrypt128(const u32 *subkey, u32 *io)
io[1] = io[3]; io[1] = io[3];
io[2] = t0; io[2] = t0;
io[3] = t1; io[3] = t1;
return; return;
} }
void camellia_decrypt128(const u32 *subkey, u32 *io) void camellia_decrypt128(const u32 *subkey, u32 *io)
{ {
u32 il,ir,t0,t1; /* temporary valiables */ u32 il,ir,t0,t1; /* temporary valiables */
/* pre whitening but absorb kw2*/ /* pre whitening but absorb kw2*/
io[0] ^= CamelliaSubkeyL(24); io[0] ^= CamelliaSubkeyL(24);
io[1] ^= CamelliaSubkeyR(24); io[1] ^= CamelliaSubkeyR(24);
@ -1267,7 +1267,7 @@ void camellia_decrypt256(const u32 *subkey, u32 *io)
/* pre whitening but absorb kw2*/ /* pre whitening but absorb kw2*/
io[0] ^= CamelliaSubkeyL(32); io[0] ^= CamelliaSubkeyL(32);
io[1] ^= CamelliaSubkeyR(32); io[1] ^= CamelliaSubkeyR(32);
/* main iteration */ /* main iteration */
CAMELLIA_ROUNDSM(io[0],io[1], CAMELLIA_ROUNDSM(io[0],io[1],
CamelliaSubkeyL(31),CamelliaSubkeyR(31), CamelliaSubkeyL(31),CamelliaSubkeyR(31),
@ -1379,8 +1379,8 @@ void camellia_decrypt256(const u32 *subkey, u32 *io)
* API for compatibility * API for compatibility
*/ */
void Camellia_Ekeygen(const int keyBitLength, void Camellia_Ekeygen(const int keyBitLength,
const unsigned char *rawKey, const unsigned char *rawKey,
KEY_TABLE_TYPE keyTable) KEY_TABLE_TYPE keyTable)
{ {
switch(keyBitLength) { switch(keyBitLength) {
@ -1399,9 +1399,9 @@ void Camellia_Ekeygen(const int keyBitLength,
} }
void Camellia_EncryptBlock(const int keyBitLength, void Camellia_EncryptBlock(const int keyBitLength,
const unsigned char *plaintext, const unsigned char *plaintext,
const KEY_TABLE_TYPE keyTable, const KEY_TABLE_TYPE keyTable,
unsigned char *ciphertext) unsigned char *ciphertext)
{ {
u32 tmp[4]; u32 tmp[4];
@ -1430,9 +1430,9 @@ void Camellia_EncryptBlock(const int keyBitLength,
PUTU32(ciphertext + 12, tmp[3]); PUTU32(ciphertext + 12, tmp[3]);
} }
void Camellia_DecryptBlock(const int keyBitLength, void Camellia_DecryptBlock(const int keyBitLength,
const unsigned char *ciphertext, const unsigned char *ciphertext,
const KEY_TABLE_TYPE keyTable, const KEY_TABLE_TYPE keyTable,
unsigned char *plaintext) unsigned char *plaintext)
{ {
u32 tmp[4]; u32 tmp[4];

View file

@ -25,7 +25,7 @@
* space of the library clean. The following macro is thus useful: * space of the library clean. The following macro is thus useful:
* *
* #define CAMELLIA_EXT_SYM_PREFIX foo_ * #define CAMELLIA_EXT_SYM_PREFIX foo_
* *
* This prefixes all external symbols with "foo_". * This prefixes all external symbols with "foo_".
*/ */
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
@ -43,7 +43,7 @@
#define camellia_encrypt128 CAMELLIA_PREFIX(camellia_encrypt128) #define camellia_encrypt128 CAMELLIA_PREFIX(camellia_encrypt128)
#define camellia_encrypt256 CAMELLIA_PREFIX(camellia_encrypt256) #define camellia_encrypt256 CAMELLIA_PREFIX(camellia_encrypt256)
#define camellia_setup128 CAMELLIA_PREFIX(camellia_setup128) #define camellia_setup128 CAMELLIA_PREFIX(camellia_setup128)
#define camellia_setup192 CAMELLIA_PREFIX(camellia_setup192) #define camellia_setup192 CAMELLIA_PREFIX(camellia_setup192)
#define camellia_setup256 CAMELLIA_PREFIX(camellia_setup256) #define camellia_setup256 CAMELLIA_PREFIX(camellia_setup256)
#endif /*CAMELLIA_EXT_SYM_PREFIX*/ #endif /*CAMELLIA_EXT_SYM_PREFIX*/
@ -60,17 +60,17 @@ typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN];
void Camellia_Ekeygen(const int keyBitLength, void Camellia_Ekeygen(const int keyBitLength,
const unsigned char *rawKey, const unsigned char *rawKey,
KEY_TABLE_TYPE keyTable); KEY_TABLE_TYPE keyTable);
void Camellia_EncryptBlock(const int keyBitLength, void Camellia_EncryptBlock(const int keyBitLength,
const unsigned char *plaintext, const unsigned char *plaintext,
const KEY_TABLE_TYPE keyTable, const KEY_TABLE_TYPE keyTable,
unsigned char *cipherText); unsigned char *cipherText);
void Camellia_DecryptBlock(const int keyBitLength, void Camellia_DecryptBlock(const int keyBitLength,
const unsigned char *cipherText, const unsigned char *cipherText,
const KEY_TABLE_TYPE keyTable, const KEY_TABLE_TYPE keyTable,
unsigned char *plaintext); unsigned char *plaintext);

View file

@ -569,7 +569,7 @@ do_cast_setkey( CAST5_context *c, const byte *key, unsigned keylen )
u32 z[4]; u32 z[4];
u32 k[16]; u32 k[16];
if( !initialized ) if( !initialized )
{ {
initialized = 1; initialized = 1;
selftest_failed = selftest(); selftest_failed = selftest();

View file

@ -1,6 +1,6 @@
/* cipher.c - cipher dispatcher /* cipher.c - cipher dispatcher
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
* 2005, 2007, 2008, 2009 Free Software Foundation, Inc. * 2005, 2007, 2008, 2009, 2011 Free Software Foundation, Inc.
* *
* This file is part of Libgcrypt. * This file is part of Libgcrypt.
* *
@ -33,9 +33,12 @@
#define CTX_MAGIC_NORMAL 0x24091964 #define CTX_MAGIC_NORMAL 0x24091964
#define CTX_MAGIC_SECURE 0x46919042 #define CTX_MAGIC_SECURE 0x46919042
/* Try to use 16 byte aligned cipher context for better performance.
We use the aligned attribute, thus it is only possible to implement
this with gcc. */
#undef NEED_16BYTE_ALIGNED_CONTEXT #undef NEED_16BYTE_ALIGNED_CONTEXT
#if defined (__i386__) && SIZEOF_UNSIGNED_LONG == 4 && defined (__GNUC__) #if defined (__GNUC__)
#define NEED_16BYTE_ALIGNED_CONTEXT 1 # define NEED_16BYTE_ALIGNED_CONTEXT 1
#endif #endif
/* A dummy extraspec so that we do not need to tests the extraspec /* A dummy extraspec so that we do not need to tests the extraspec
@ -58,39 +61,39 @@ static struct cipher_table_entry
&dummy_extra_spec, GCRY_CIPHER_BLOWFISH }, &dummy_extra_spec, GCRY_CIPHER_BLOWFISH },
#endif #endif
#if USE_DES #if USE_DES
{ &_gcry_cipher_spec_des, { &_gcry_cipher_spec_des,
&dummy_extra_spec, GCRY_CIPHER_DES }, &dummy_extra_spec, GCRY_CIPHER_DES },
{ &_gcry_cipher_spec_tripledes, { &_gcry_cipher_spec_tripledes,
&_gcry_cipher_extraspec_tripledes, GCRY_CIPHER_3DES, 1 }, &_gcry_cipher_extraspec_tripledes, GCRY_CIPHER_3DES, 1 },
#endif #endif
#if USE_ARCFOUR #if USE_ARCFOUR
{ &_gcry_cipher_spec_arcfour, { &_gcry_cipher_spec_arcfour,
&dummy_extra_spec, GCRY_CIPHER_ARCFOUR }, &dummy_extra_spec, GCRY_CIPHER_ARCFOUR },
#endif #endif
#if USE_CAST5 #if USE_CAST5
{ &_gcry_cipher_spec_cast5, { &_gcry_cipher_spec_cast5,
&dummy_extra_spec, GCRY_CIPHER_CAST5 }, &dummy_extra_spec, GCRY_CIPHER_CAST5 },
#endif #endif
#if USE_AES #if USE_AES
{ &_gcry_cipher_spec_aes, { &_gcry_cipher_spec_aes,
&_gcry_cipher_extraspec_aes, GCRY_CIPHER_AES, 1 }, &_gcry_cipher_extraspec_aes, GCRY_CIPHER_AES, 1 },
{ &_gcry_cipher_spec_aes192, { &_gcry_cipher_spec_aes192,
&_gcry_cipher_extraspec_aes192, GCRY_CIPHER_AES192, 1 }, &_gcry_cipher_extraspec_aes192, GCRY_CIPHER_AES192, 1 },
{ &_gcry_cipher_spec_aes256, { &_gcry_cipher_spec_aes256,
&_gcry_cipher_extraspec_aes256, GCRY_CIPHER_AES256, 1 }, &_gcry_cipher_extraspec_aes256, GCRY_CIPHER_AES256, 1 },
#endif #endif
#if USE_TWOFISH #if USE_TWOFISH
{ &_gcry_cipher_spec_twofish, { &_gcry_cipher_spec_twofish,
&dummy_extra_spec, GCRY_CIPHER_TWOFISH }, &dummy_extra_spec, GCRY_CIPHER_TWOFISH },
{ &_gcry_cipher_spec_twofish128, { &_gcry_cipher_spec_twofish128,
&dummy_extra_spec, GCRY_CIPHER_TWOFISH128 }, &dummy_extra_spec, GCRY_CIPHER_TWOFISH128 },
#endif #endif
#if USE_SERPENT #if USE_SERPENT
{ &_gcry_cipher_spec_serpent128, { &_gcry_cipher_spec_serpent128,
&dummy_extra_spec, GCRY_CIPHER_SERPENT128 }, &dummy_extra_spec, GCRY_CIPHER_SERPENT128 },
{ &_gcry_cipher_spec_serpent192, { &_gcry_cipher_spec_serpent192,
&dummy_extra_spec, GCRY_CIPHER_SERPENT192 }, &dummy_extra_spec, GCRY_CIPHER_SERPENT192 },
{ &_gcry_cipher_spec_serpent256, { &_gcry_cipher_spec_serpent256,
&dummy_extra_spec, GCRY_CIPHER_SERPENT256 }, &dummy_extra_spec, GCRY_CIPHER_SERPENT256 },
#endif #endif
#if USE_RFC2268 #if USE_RFC2268
@ -98,16 +101,20 @@ static struct cipher_table_entry
&dummy_extra_spec, GCRY_CIPHER_RFC2268_40 }, &dummy_extra_spec, GCRY_CIPHER_RFC2268_40 },
#endif #endif
#if USE_SEED #if USE_SEED
{ &_gcry_cipher_spec_seed, { &_gcry_cipher_spec_seed,
&dummy_extra_spec, GCRY_CIPHER_SEED }, &dummy_extra_spec, GCRY_CIPHER_SEED },
#endif #endif
#if USE_CAMELLIA #if USE_CAMELLIA
{ &_gcry_cipher_spec_camellia128, { &_gcry_cipher_spec_camellia128,
&dummy_extra_spec, GCRY_CIPHER_CAMELLIA128 }, &dummy_extra_spec, GCRY_CIPHER_CAMELLIA128 },
{ &_gcry_cipher_spec_camellia192, { &_gcry_cipher_spec_camellia192,
&dummy_extra_spec, GCRY_CIPHER_CAMELLIA192 }, &dummy_extra_spec, GCRY_CIPHER_CAMELLIA192 },
{ &_gcry_cipher_spec_camellia256, { &_gcry_cipher_spec_camellia256,
&dummy_extra_spec, GCRY_CIPHER_CAMELLIA256 }, &dummy_extra_spec, GCRY_CIPHER_CAMELLIA256 },
#endif
#ifdef USE_IDEA
{ &_gcry_cipher_spec_idea,
&dummy_extra_spec, GCRY_CIPHER_IDEA },
#endif #endif
{ NULL } { NULL }
}; };
@ -137,19 +144,20 @@ static int default_ciphers_registered;
while (0) while (0)
/* A VIA processor with the Padlock engine requires an alignment of /* A VIA processor with the Padlock engine as well as the Intel AES_NI
most data on a 16 byte boundary. Because we trick out the compiler instructions require an alignment of most data on a 16 byte
while allocating the context, the align attribute as used in boundary. Because we trick out the compiler while allocating the
rijndael.c does not work on its own. Thus we need to make sure context, the align attribute as used in rijndael.c does not work on
that the entire context structure is a aligned on that boundary. its own. Thus we need to make sure that the entire context
We achieve this by defining a new type and use that instead of our structure is a aligned on that boundary. We achieve this by
usual alignment type. */ defining a new type and use that instead of our usual alignment
typedef union type. */
typedef union
{ {
PROPERLY_ALIGNED_TYPE foo; PROPERLY_ALIGNED_TYPE foo;
#ifdef NEED_16BYTE_ALIGNED_CONTEXT #ifdef NEED_16BYTE_ALIGNED_CONTEXT
char bar[16] __attribute__ ((aligned (16))); char bar[16] __attribute__ ((aligned (16)));
#endif #endif
char c[1]; char c[1];
} cipher_context_alignment_t; } cipher_context_alignment_t;
@ -166,7 +174,7 @@ struct gcry_cipher_handle
/* The algorithm id. This is a hack required because the module /* The algorithm id. This is a hack required because the module
interface does not easily allow to retrieve this value. */ interface does not easily allow to retrieve this value. */
int algo; int algo;
/* A structure with function pointers for bulk operations. Due to /* A structure with function pointers for bulk operations. Due to
limitations of the module system (we don't want to change the limitations of the module system (we don't want to change the
@ -174,16 +182,19 @@ struct gcry_cipher_handle
open function intializes them and the actual encryption routines open function intializes them and the actual encryption routines
use them if they are not NULL. */ use them if they are not NULL. */
struct { struct {
void (*cfb_enc)(void *context, unsigned char *iv, void (*cfb_enc)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg, void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks); unsigned int nblocks);
void (*cfb_dec)(void *context, unsigned char *iv, void (*cfb_dec)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg, void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks); unsigned int nblocks);
void (*cbc_enc)(void *context, unsigned char *iv, void (*cbc_enc)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg, void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks, int cbc_mac); unsigned int nblocks, int cbc_mac);
void (*cbc_dec)(void *context, unsigned char *iv, void (*cbc_dec)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks);
void (*ctr_enc)(void *context, unsigned char *iv,
void *outbuf_arg, const void *inbuf_arg, void *outbuf_arg, const void *inbuf_arg,
unsigned int nblocks); unsigned int nblocks);
} bulk; } bulk;
@ -197,19 +208,24 @@ struct gcry_cipher_handle
unsigned int iv:1; /* Set to 1 if a IV has been set. */ unsigned int iv:1; /* Set to 1 if a IV has been set. */
} marks; } marks;
/* The initialization vector. To help code optimization we make /* The initialization vector. For best performance we make sure
sure that it is aligned on an unsigned long and u32 boundary. */ that it is properly aligned. In particular some implementations
of bulk operations expect an 16 byte aligned IV. */
union { union {
unsigned long dummy_iv; cipher_context_alignment_t iv_align;
u32 dummy_u32_iv; unsigned char iv[MAX_BLOCKSIZE];
unsigned char iv[MAX_BLOCKSIZE];
} u_iv; } u_iv;
/* The counter for CTR mode. This field is also used by AESWRAP and
thus we can't use the U_IV union. */
union {
cipher_context_alignment_t iv_align;
unsigned char ctr[MAX_BLOCKSIZE];
} u_ctr;
/* Space to save an IV or CTR for chaining operations. */
unsigned char lastiv[MAX_BLOCKSIZE]; unsigned char lastiv[MAX_BLOCKSIZE];
int unused; /* Number of unused bytes in the IV. */ int unused; /* Number of unused bytes in LASTIV. */
unsigned char ctr[MAX_BLOCKSIZE]; /* For Counter (CTR) mode. */
/* What follows are two contexts of the cipher in use. The first /* What follows are two contexts of the cipher in use. The first
one needs to be aligned well enough for the cipher operation one needs to be aligned well enough for the cipher operation
@ -227,7 +243,7 @@ struct gcry_cipher_handle
static gcry_err_code_t static gcry_err_code_t
dummy_setkey (void *c, const unsigned char *key, unsigned int keylen) dummy_setkey (void *c, const unsigned char *key, unsigned int keylen)
{ {
(void)c; (void)c;
(void)key; (void)key;
(void)keylen; (void)keylen;
return GPG_ERR_NO_ERROR; return GPG_ERR_NO_ERROR;
@ -286,7 +302,7 @@ cipher_register_default (void)
{ {
gcry_err_code_t err = GPG_ERR_NO_ERROR; gcry_err_code_t err = GPG_ERR_NO_ERROR;
int i; int i;
for (i = 0; !err && cipher_table[i].cipher; i++) for (i = 0; !err && cipher_table[i].cipher; i++)
{ {
if (! cipher_table[i].cipher->setkey) if (! cipher_table[i].cipher->setkey)
@ -389,8 +405,8 @@ _gcry_cipher_register (gcry_cipher_spec_t *cipher,
ath_mutex_lock (&ciphers_registered_lock); ath_mutex_lock (&ciphers_registered_lock);
err = _gcry_module_add (&ciphers_registered, 0, err = _gcry_module_add (&ciphers_registered, 0,
(void *)cipher, (void *)cipher,
(void *)(extraspec? extraspec : &dummy_extra_spec), (void *)(extraspec? extraspec : &dummy_extra_spec),
&mod); &mod);
ath_mutex_unlock (&ciphers_registered_lock); ath_mutex_unlock (&ciphers_registered_lock);
@ -420,7 +436,7 @@ gcry_cipher_unregister (gcry_module_t module)
ispassed as NULL. A pointer to the specification of the module ispassed as NULL. A pointer to the specification of the module
implementing this algorithm is return in OID_SPEC unless passed as implementing this algorithm is return in OID_SPEC unless passed as
NULL.*/ NULL.*/
static int static int
search_oid (const char *oid, int *algorithm, gcry_cipher_oid_spec_t *oid_spec) search_oid (const char *oid, int *algorithm, gcry_cipher_oid_spec_t *oid_spec)
{ {
gcry_module_t module; gcry_module_t module;
@ -484,7 +500,7 @@ gcry_cipher_map_name (const char *string)
} }
ath_mutex_unlock (&ciphers_registered_lock); ath_mutex_unlock (&ciphers_registered_lock);
return algorithm; return algorithm;
} }
@ -593,15 +609,13 @@ check_cipher_algo (int algorithm)
else else
err = GPG_ERR_CIPHER_ALGO; err = GPG_ERR_CIPHER_ALGO;
ath_mutex_unlock (&ciphers_registered_lock); ath_mutex_unlock (&ciphers_registered_lock);
return err; return err;
} }
/* Return the standard length of the key for the cipher algorithm with /* Return the standard length in bits of the key for the cipher
the identifier ALGORITHM. This function expects a valid algorithm algorithm with the identifier ALGORITHM. */
and will abort if the algorithm is not available or the length of
the key is not known. */
static unsigned int static unsigned int
cipher_get_keylen (int algorithm) cipher_get_keylen (int algorithm)
{ {
@ -619,17 +633,13 @@ cipher_get_keylen (int algorithm)
log_bug ("cipher %d w/o key length\n", algorithm); log_bug ("cipher %d w/o key length\n", algorithm);
_gcry_module_release (cipher); _gcry_module_release (cipher);
} }
else
log_bug ("cipher %d not found\n", algorithm);
ath_mutex_unlock (&ciphers_registered_lock); ath_mutex_unlock (&ciphers_registered_lock);
return len; return len;
} }
/* Return the block length of the cipher algorithm with the identifier /* Return the block length of the cipher algorithm with the identifier
ALGORITHM. This function expects a valid algorithm and will abort ALGORITHM. This function return 0 for an invalid algorithm. */
if the algorithm is not available or the length of the key is not
known. */
static unsigned int static unsigned int
cipher_get_blocksize (int algorithm) cipher_get_blocksize (int algorithm)
{ {
@ -647,8 +657,6 @@ cipher_get_blocksize (int algorithm)
log_bug ("cipher %d w/o blocksize\n", algorithm); log_bug ("cipher %d w/o blocksize\n", algorithm);
_gcry_module_release (cipher); _gcry_module_release (cipher);
} }
else
log_bug ("cipher %d not found\n", algorithm);
ath_mutex_unlock (&ciphers_registered_lock); ath_mutex_unlock (&ciphers_registered_lock);
return len; return len;
@ -683,7 +691,7 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
/* If the application missed to call the random poll function, we do /* If the application missed to call the random poll function, we do
it here to ensure that it is used once in a while. */ it here to ensure that it is used once in a while. */
_gcry_fast_random_poll (); _gcry_fast_random_poll ();
REGISTER_DEFAULT_CIPHERS; REGISTER_DEFAULT_CIPHERS;
/* Fetch the according module and check whether the cipher is marked /* Fetch the according module and check whether the cipher is marked
@ -711,7 +719,7 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
/* check flags */ /* check flags */
if ((! err) if ((! err)
&& ((flags & ~(0 && ((flags & ~(0
| GCRY_CIPHER_SECURE | GCRY_CIPHER_SECURE
| GCRY_CIPHER_ENABLE_SYNC | GCRY_CIPHER_ENABLE_SYNC
| GCRY_CIPHER_CBC_CTS | GCRY_CIPHER_CBC_CTS
@ -774,7 +782,7 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
h = gcry_calloc (1, size); h = gcry_calloc (1, size);
if (! h) if (! h)
err = gpg_err_code_from_errno (errno); err = gpg_err_code_from_syserror ();
else else
{ {
size_t off = 0; size_t off = 0;
@ -810,9 +818,10 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
h->bulk.cfb_dec = _gcry_aes_cfb_dec; h->bulk.cfb_dec = _gcry_aes_cfb_dec;
h->bulk.cbc_enc = _gcry_aes_cbc_enc; h->bulk.cbc_enc = _gcry_aes_cbc_enc;
h->bulk.cbc_dec = _gcry_aes_cbc_dec; h->bulk.cbc_dec = _gcry_aes_cbc_dec;
h->bulk.ctr_enc = _gcry_aes_ctr_enc;
break; break;
#endif /*USE_AES*/ #endif /*USE_AES*/
default: default:
break; break;
} }
@ -902,7 +911,7 @@ static void
cipher_setiv( gcry_cipher_hd_t c, const byte *iv, unsigned ivlen ) cipher_setiv( gcry_cipher_hd_t c, const byte *iv, unsigned ivlen )
{ {
memset (c->u_iv.iv, 0, c->cipher->blocksize); memset (c->u_iv.iv, 0, c->cipher->blocksize);
if (iv) if (iv)
{ {
if (ivlen != c->cipher->blocksize) if (ivlen != c->cipher->blocksize)
{ {
@ -932,7 +941,7 @@ cipher_reset (gcry_cipher_hd_t c)
memset (&c->marks, 0, sizeof c->marks); memset (&c->marks, 0, sizeof c->marks);
memset (c->u_iv.iv, 0, c->cipher->blocksize); memset (c->u_iv.iv, 0, c->cipher->blocksize);
memset (c->lastiv, 0, c->cipher->blocksize); memset (c->lastiv, 0, c->cipher->blocksize);
memset (c->ctr, 0, c->cipher->blocksize); memset (c->u_ctr.ctr, 0, c->cipher->blocksize);
} }
@ -944,7 +953,7 @@ do_ecb_encrypt (gcry_cipher_hd_t c,
{ {
unsigned int blocksize = c->cipher->blocksize; unsigned int blocksize = c->cipher->blocksize;
unsigned int n, nblocks; unsigned int n, nblocks;
if (outbuflen < inbuflen) if (outbuflen < inbuflen)
return GPG_ERR_BUFFER_TOO_SHORT; return GPG_ERR_BUFFER_TOO_SHORT;
if ((inbuflen % blocksize)) if ((inbuflen % blocksize))
@ -975,7 +984,7 @@ do_ecb_decrypt (gcry_cipher_hd_t c,
return GPG_ERR_INV_LENGTH; return GPG_ERR_INV_LENGTH;
nblocks = inbuflen / c->cipher->blocksize; nblocks = inbuflen / c->cipher->blocksize;
for (n=0; n < nblocks; n++ ) for (n=0; n < nblocks; n++ )
{ {
c->cipher->decrypt (&c->context.c, outbuf, (byte*)/*arggg*/inbuf ); c->cipher->decrypt (&c->context.c, outbuf, (byte*)/*arggg*/inbuf );
inbuf += blocksize; inbuf += blocksize;
@ -1005,7 +1014,7 @@ do_cbc_encrypt (gcry_cipher_hd_t c,
&& (c->flags & GCRY_CIPHER_CBC_CTS))) && (c->flags & GCRY_CIPHER_CBC_CTS)))
return GPG_ERR_INV_LENGTH; return GPG_ERR_INV_LENGTH;
if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize)
{ {
if ((inbuflen % blocksize) == 0) if ((inbuflen % blocksize) == 0)
nblocks--; nblocks--;
@ -1014,7 +1023,7 @@ do_cbc_encrypt (gcry_cipher_hd_t c,
if (c->bulk.cbc_enc) if (c->bulk.cbc_enc)
{ {
c->bulk.cbc_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks, c->bulk.cbc_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks,
(c->flags & GCRY_CIPHER_CBC_MAC)); (c->flags & GCRY_CIPHER_CBC_MAC));
inbuf += nblocks * blocksize; inbuf += nblocks * blocksize;
if (!(c->flags & GCRY_CIPHER_CBC_MAC)) if (!(c->flags & GCRY_CIPHER_CBC_MAC))
outbuf += nblocks * blocksize; outbuf += nblocks * blocksize;
@ -1054,7 +1063,7 @@ do_cbc_encrypt (gcry_cipher_hd_t c,
} }
for (; i < blocksize; i++) for (; i < blocksize; i++)
outbuf[i] = 0 ^ *ivp++; outbuf[i] = 0 ^ *ivp++;
c->cipher->encrypt (&c->context.c, outbuf, outbuf); c->cipher->encrypt (&c->context.c, outbuf, outbuf);
memcpy (c->u_iv.iv, outbuf, blocksize); memcpy (c->u_iv.iv, outbuf, blocksize);
} }
@ -1092,13 +1101,13 @@ do_cbc_decrypt (gcry_cipher_hd_t c,
if (c->bulk.cbc_dec) if (c->bulk.cbc_dec)
{ {
c->bulk.cbc_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); c->bulk.cbc_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks);
inbuf += nblocks * blocksize; inbuf += nblocks * blocksize;
outbuf += nblocks * blocksize; outbuf += nblocks * blocksize;
} }
else else
{ {
for (n=0; n < nblocks; n++ ) for (n=0; n < nblocks; n++ )
{ {
/* Because outbuf and inbuf might be the same, we have to /* Because outbuf and inbuf might be the same, we have to
* save the original ciphertext block. We use LASTIV for * save the original ciphertext block. We use LASTIV for
@ -1113,22 +1122,22 @@ do_cbc_decrypt (gcry_cipher_hd_t c,
} }
} }
if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize)
{ {
int restbytes; int restbytes;
if ((inbuflen % blocksize) == 0) if ((inbuflen % blocksize) == 0)
restbytes = blocksize; restbytes = blocksize;
else else
restbytes = inbuflen % blocksize; restbytes = inbuflen % blocksize;
memcpy (c->lastiv, c->u_iv.iv, blocksize ); /* Save Cn-2. */ memcpy (c->lastiv, c->u_iv.iv, blocksize ); /* Save Cn-2. */
memcpy (c->u_iv.iv, inbuf + blocksize, restbytes ); /* Save Cn. */ memcpy (c->u_iv.iv, inbuf + blocksize, restbytes ); /* Save Cn. */
c->cipher->decrypt ( &c->context.c, outbuf, inbuf ); c->cipher->decrypt ( &c->context.c, outbuf, inbuf );
for (ivp=c->u_iv.iv,i=0; i < restbytes; i++ ) for (ivp=c->u_iv.iv,i=0; i < restbytes; i++ )
outbuf[i] ^= *ivp++; outbuf[i] ^= *ivp++;
memcpy(outbuf + blocksize, outbuf, restbytes); memcpy(outbuf + blocksize, outbuf, restbytes);
for(i=restbytes; i < blocksize; i++) for(i=restbytes; i < blocksize; i++)
c->u_iv.iv[i] = outbuf[i]; c->u_iv.iv[i] = outbuf[i];
@ -1150,7 +1159,7 @@ do_cfb_encrypt (gcry_cipher_hd_t c,
unsigned char *ivp; unsigned char *ivp;
size_t blocksize = c->cipher->blocksize; size_t blocksize = c->cipher->blocksize;
size_t blocksize_x_2 = blocksize + blocksize; size_t blocksize_x_2 = blocksize + blocksize;
if (outbuflen < inbuflen) if (outbuflen < inbuflen)
return GPG_ERR_BUFFER_TOO_SHORT; return GPG_ERR_BUFFER_TOO_SHORT;
@ -1179,7 +1188,7 @@ do_cfb_encrypt (gcry_cipher_hd_t c,
if (inbuflen >= blocksize_x_2 && c->bulk.cfb_enc) if (inbuflen >= blocksize_x_2 && c->bulk.cfb_enc)
{ {
unsigned int nblocks = inbuflen / blocksize; unsigned int nblocks = inbuflen / blocksize;
c->bulk.cfb_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); c->bulk.cfb_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks);
outbuf += nblocks * blocksize; outbuf += nblocks * blocksize;
inbuf += nblocks * blocksize; inbuf += nblocks * blocksize;
inbuflen -= nblocks * blocksize; inbuflen -= nblocks * blocksize;
@ -1209,7 +1218,7 @@ do_cfb_encrypt (gcry_cipher_hd_t c,
*outbuf++ = (*ivp++ ^= *inbuf++); *outbuf++ = (*ivp++ ^= *inbuf++);
inbuflen -= blocksize; inbuflen -= blocksize;
} }
if ( inbuflen ) if ( inbuflen )
{ {
/* Save the current IV and then encrypt the IV. */ /* Save the current IV and then encrypt the IV. */
memcpy( c->lastiv, c->u_iv.iv, blocksize ); memcpy( c->lastiv, c->u_iv.iv, blocksize );
@ -1234,7 +1243,7 @@ do_cfb_decrypt (gcry_cipher_hd_t c,
int i; int i;
size_t blocksize = c->cipher->blocksize; size_t blocksize = c->cipher->blocksize;
size_t blocksize_x_2 = blocksize + blocksize; size_t blocksize_x_2 = blocksize + blocksize;
if (outbuflen < inbuflen) if (outbuflen < inbuflen)
return GPG_ERR_BUFFER_TOO_SHORT; return GPG_ERR_BUFFER_TOO_SHORT;
@ -1243,7 +1252,7 @@ do_cfb_decrypt (gcry_cipher_hd_t c,
/* Short enough to be encoded by the remaining XOR mask. */ /* Short enough to be encoded by the remaining XOR mask. */
/* XOR the input with the IV and store input into IV. */ /* XOR the input with the IV and store input into IV. */
for (ivp=c->u_iv.iv+blocksize - c->unused; for (ivp=c->u_iv.iv+blocksize - c->unused;
inbuflen; inbuflen;
inbuflen--, c->unused--) inbuflen--, c->unused--)
{ {
temp = *inbuf++; temp = *inbuf++;
@ -1252,7 +1261,7 @@ do_cfb_decrypt (gcry_cipher_hd_t c,
} }
return 0; return 0;
} }
if (c->unused) if (c->unused)
{ {
/* XOR the input with the IV and store input into IV. */ /* XOR the input with the IV and store input into IV. */
@ -1264,14 +1273,14 @@ do_cfb_decrypt (gcry_cipher_hd_t c,
*ivp++ = temp; *ivp++ = temp;
} }
} }
/* Now we can process complete blocks. We use a loop as long as we /* Now we can process complete blocks. We use a loop as long as we
have at least 2 blocks and use conditions for the rest. This have at least 2 blocks and use conditions for the rest. This
also allows to use a bulk encryption function if available. */ also allows to use a bulk encryption function if available. */
if (inbuflen >= blocksize_x_2 && c->bulk.cfb_dec) if (inbuflen >= blocksize_x_2 && c->bulk.cfb_dec)
{ {
unsigned int nblocks = inbuflen / blocksize; unsigned int nblocks = inbuflen / blocksize;
c->bulk.cfb_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); c->bulk.cfb_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks);
outbuf += nblocks * blocksize; outbuf += nblocks * blocksize;
inbuf += nblocks * blocksize; inbuf += nblocks * blocksize;
inbuflen -= nblocks * blocksize; inbuflen -= nblocks * blocksize;
@ -1309,7 +1318,7 @@ do_cfb_decrypt (gcry_cipher_hd_t c,
} }
if (inbuflen) if (inbuflen)
{ {
/* Save the current IV and then encrypt the IV. */ /* Save the current IV and then encrypt the IV. */
memcpy ( c->lastiv, c->u_iv.iv, blocksize ); memcpy ( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
@ -1363,7 +1372,7 @@ do_ofb_encrypt (gcry_cipher_hd_t c,
/* Encrypt the IV (and save the current one). */ /* Encrypt the IV (and save the current one). */
memcpy( c->lastiv, c->u_iv.iv, blocksize ); memcpy( c->lastiv, c->u_iv.iv, blocksize );
c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ )
*outbuf++ = (*ivp++ ^ *inbuf++); *outbuf++ = (*ivp++ ^ *inbuf++);
inbuflen -= blocksize; inbuflen -= blocksize;
@ -1387,7 +1396,7 @@ do_ofb_decrypt (gcry_cipher_hd_t c,
{ {
unsigned char *ivp; unsigned char *ivp;
size_t blocksize = c->cipher->blocksize; size_t blocksize = c->cipher->blocksize;
if (outbuflen < inbuflen) if (outbuflen < inbuflen)
return GPG_ERR_BUFFER_TOO_SHORT; return GPG_ERR_BUFFER_TOO_SHORT;
@ -1417,7 +1426,7 @@ do_ofb_decrypt (gcry_cipher_hd_t c,
*outbuf++ = *ivp++ ^ *inbuf++; *outbuf++ = *ivp++ ^ *inbuf++;
inbuflen -= blocksize; inbuflen -= blocksize;
} }
if ( inbuflen ) if ( inbuflen )
{ /* Process the remaining bytes. */ { /* Process the remaining bytes. */
/* Encrypt the IV (and save the current one). */ /* Encrypt the IV (and save the current one). */
memcpy( c->lastiv, c->u_iv.iv, blocksize ); memcpy( c->lastiv, c->u_iv.iv, blocksize );
@ -1437,35 +1446,72 @@ do_ctr_encrypt (gcry_cipher_hd_t c,
const unsigned char *inbuf, unsigned int inbuflen) const unsigned char *inbuf, unsigned int inbuflen)
{ {
unsigned int n; unsigned int n;
unsigned char tmp[MAX_BLOCKSIZE];
int i; int i;
unsigned int blocksize = c->cipher->blocksize; unsigned int blocksize = c->cipher->blocksize;
unsigned int nblocks;
if (outbuflen < inbuflen) if (outbuflen < inbuflen)
return GPG_ERR_BUFFER_TOO_SHORT; return GPG_ERR_BUFFER_TOO_SHORT;
if ((inbuflen % blocksize)) /* First process a left over encrypted counter. */
return GPG_ERR_INV_LENGTH; if (c->unused)
for (n=0; n < inbuflen; n++)
{ {
if ((n % blocksize) == 0) gcry_assert (c->unused < blocksize);
{ i = blocksize - c->unused;
c->cipher->encrypt (&c->context.c, tmp, c->ctr); for (n=0; c->unused && n < inbuflen; c->unused--, n++, i++)
{
for (i = blocksize; i > 0; i--) /* XOR input with encrypted counter and store in output. */
{ outbuf[n] = inbuf[n] ^ c->lastiv[i];
c->ctr[i-1]++; }
if (c->ctr[i-1] != 0) inbuf += n;
break; outbuf += n;
} inbuflen -= n;
} }
/* XOR input with encrypted counter and store in output. */
outbuf[n] = inbuf[n] ^ tmp[n % blocksize]; /* Use a bulk method if available. */
nblocks = inbuflen / blocksize;
if (nblocks && c->bulk.ctr_enc)
{
c->bulk.ctr_enc (&c->context.c, c->u_ctr.ctr, outbuf, inbuf, nblocks);
inbuf += nblocks * blocksize;
outbuf += nblocks * blocksize;
inbuflen -= nblocks * blocksize;
}
/* If we don't have a bulk method use the standard method. We also
use this method for the a remaining partial block. */
if (inbuflen)
{
unsigned char tmp[MAX_BLOCKSIZE];
for (n=0; n < inbuflen; n++)
{
if ((n % blocksize) == 0)
{
c->cipher->encrypt (&c->context.c, tmp, c->u_ctr.ctr);
for (i = blocksize; i > 0; i--)
{
c->u_ctr.ctr[i-1]++;
if (c->u_ctr.ctr[i-1] != 0)
break;
}
}
/* XOR input with encrypted counter and store in output. */
outbuf[n] = inbuf[n] ^ tmp[n % blocksize];
}
/* Save the unused bytes of the counter. */
n %= blocksize;
c->unused = (blocksize - n) % blocksize;
if (c->unused)
memcpy (c->lastiv+n, tmp+n, c->unused);
wipememory (tmp, sizeof tmp);
} }
wipememory (tmp, sizeof tmp);
return 0; return 0;
} }
@ -1495,15 +1541,15 @@ do_aeswrap_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
#endif #endif
/* We require a cipher with a 128 bit block length. */ /* We require a cipher with a 128 bit block length. */
if (c->cipher->blocksize != 16) if (c->cipher->blocksize != 16)
return GPG_ERR_INV_LENGTH; return GPG_ERR_INV_LENGTH;
/* The output buffer must be able to hold the input data plus one /* The output buffer must be able to hold the input data plus one
additional block. */ additional block. */
if (outbuflen < inbuflen + 8) if (outbuflen < inbuflen + 8)
return GPG_ERR_BUFFER_TOO_SHORT; return GPG_ERR_BUFFER_TOO_SHORT;
/* Input data must be multiple of 64 bits. */ /* Input data must be multiple of 64 bits. */
if (inbuflen % 8) if (inbuflen % 8)
return GPG_ERR_INV_ARG; return GPG_ERR_INV_ARG;
n = inbuflen / 8; n = inbuflen / 8;
@ -1511,9 +1557,9 @@ do_aeswrap_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
if (n < 2) if (n < 2)
return GPG_ERR_INV_ARG; return GPG_ERR_INV_ARG;
r = outbuf; r = outbuf;
a = outbuf; /* We store A directly in OUTBUF. */ a = outbuf; /* We store A directly in OUTBUF. */
b = c->ctr; /* B is also used to concatenate stuff. */ b = c->u_ctr.ctr; /* B is also used to concatenate stuff. */
/* If an IV has been set we use that IV as the Alternative Initial /* If an IV has been set we use that IV as the Alternative Initial
Value; if it has not been set we use the standard value. */ Value; if it has not been set we use the standard value. */
@ -1549,7 +1595,7 @@ do_aeswrap_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
memcpy (r+i*8, b+8, 8); memcpy (r+i*8, b+8, 8);
} }
} }
return 0; return 0;
} }
@ -1570,8 +1616,8 @@ do_aeswrap_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
#endif #endif
/* We require a cipher with a 128 bit block length. */ /* We require a cipher with a 128 bit block length. */
if (c->cipher->blocksize != 16) if (c->cipher->blocksize != 16)
return GPG_ERR_INV_LENGTH; return GPG_ERR_INV_LENGTH;
/* The output buffer must be able to hold the input data minus one /* The output buffer must be able to hold the input data minus one
additional block. Fixme: The caller has more restrictive checks additional block. Fixme: The caller has more restrictive checks
- we may want to fix them for this mode. */ - we may want to fix them for this mode. */
@ -1579,7 +1625,7 @@ do_aeswrap_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
return GPG_ERR_BUFFER_TOO_SHORT; return GPG_ERR_BUFFER_TOO_SHORT;
/* Input data must be multiple of 64 bits. */ /* Input data must be multiple of 64 bits. */
if (inbuflen % 8) if (inbuflen % 8)
return GPG_ERR_INV_ARG; return GPG_ERR_INV_ARG;
n = inbuflen / 8; n = inbuflen / 8;
@ -1587,9 +1633,9 @@ do_aeswrap_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
if (n < 3) if (n < 3)
return GPG_ERR_INV_ARG; return GPG_ERR_INV_ARG;
r = outbuf; r = outbuf;
a = c->lastiv; /* We use c->LASTIV as buffer for A. */ a = c->lastiv; /* We use c->LASTIV as buffer for A. */
b = c->ctr; /* B is also used to concatenate stuff. */ b = c->u_ctr.ctr; /* B is also used to concatenate stuff. */
/* Copy the inbuf to the outbuf and save A. */ /* Copy the inbuf to the outbuf and save A. */
memcpy (a, inbuf, 8); memcpy (a, inbuf, 8);
@ -1663,7 +1709,7 @@ cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
case GCRY_CIPHER_MODE_CBC: case GCRY_CIPHER_MODE_CBC:
rc = do_cbc_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); rc = do_cbc_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
break; break;
case GCRY_CIPHER_MODE_CFB: case GCRY_CIPHER_MODE_CFB:
rc = do_cfb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); rc = do_cfb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen);
break; break;
@ -1699,7 +1745,7 @@ cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
rc = 0; rc = 0;
} }
break; break;
default: default:
log_fatal ("cipher_encrypt: invalid mode %d\n", c->mode ); log_fatal ("cipher_encrypt: invalid mode %d\n", c->mode );
rc = GPG_ERR_INV_CIPHER_MODE; rc = GPG_ERR_INV_CIPHER_MODE;
@ -1728,7 +1774,7 @@ gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize,
/* Failsafe: Make sure that the plaintext will never make it into /* Failsafe: Make sure that the plaintext will never make it into
OUT if the encryption returned an error. */ OUT if the encryption returned an error. */
if (err && out) if (err && out)
memset (out, 0x42, outsize); memset (out, 0x42, outsize);
return gcry_error (err); return gcry_error (err);
} }
@ -1791,7 +1837,7 @@ cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
rc = 0; rc = 0;
} }
break; break;
default: default:
log_fatal ("cipher_decrypt: invalid mode %d\n", c->mode ); log_fatal ("cipher_decrypt: invalid mode %d\n", c->mode );
rc = GPG_ERR_INV_CIPHER_MODE; rc = GPG_ERR_INV_CIPHER_MODE;
@ -1857,9 +1903,15 @@ gpg_error_t
_gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen) _gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen)
{ {
if (ctr && ctrlen == hd->cipher->blocksize) if (ctr && ctrlen == hd->cipher->blocksize)
memcpy (hd->ctr, ctr, hd->cipher->blocksize); {
memcpy (hd->u_ctr.ctr, ctr, hd->cipher->blocksize);
hd->unused = 0;
}
else if (!ctr || !ctrlen) else if (!ctr || !ctrlen)
memset (hd->ctr, 0, hd->cipher->blocksize); {
memset (hd->u_ctr.ctr, 0, hd->cipher->blocksize);
hd->unused = 0;
}
else else
return gpg_error (GPG_ERR_INV_ARG); return gpg_error (GPG_ERR_INV_ARG);
return 0; return 0;
@ -1918,17 +1970,12 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
break; break;
case GCRYCTL_SET_CTR: /* Deprecated; use gcry_cipher_setctr. */ case GCRYCTL_SET_CTR: /* Deprecated; use gcry_cipher_setctr. */
if (buffer && buflen == h->cipher->blocksize) rc = gpg_err_code (_gcry_cipher_setctr (h, buffer, buflen));
memcpy (h->ctr, buffer, h->cipher->blocksize);
else if (buffer == NULL || buflen == 0)
memset (h->ctr, 0, h->cipher->blocksize);
else
rc = GPG_ERR_INV_ARG;
break; break;
case 61: /* Disable weak key detection (private). */ case 61: /* Disable weak key detection (private). */
if (h->extraspec->set_extra_info) if (h->extraspec->set_extra_info)
rc = h->extraspec->set_extra_info rc = h->extraspec->set_extra_info
(&h->context.c, CIPHER_INFO_NO_WEAK_KEY, NULL, 0); (&h->context.c, CIPHER_INFO_NO_WEAK_KEY, NULL, 0);
else else
rc = GPG_ERR_NOT_SUPPORTED; rc = GPG_ERR_NOT_SUPPORTED;
@ -1936,7 +1983,7 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
case 62: /* Return current input vector (private). */ case 62: /* Return current input vector (private). */
/* This is the input block as used in CFB and OFB mode which has /* This is the input block as used in CFB and OFB mode which has
initially been set as IV. The returned format is: initially been set as IV. The returned format is:
1 byte Actual length of the block in bytes. 1 byte Actual length of the block in bytes.
n byte The block. n byte The block.
If the provided buffer is too short, an error is returned. */ If the provided buffer is too short, an error is returned. */
@ -1947,7 +1994,7 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
unsigned char *ivp; unsigned char *ivp;
unsigned char *dst = buffer; unsigned char *dst = buffer;
int n = h->unused; int n = h->unused;
if (!n) if (!n)
n = h->cipher->blocksize; n = h->cipher->blocksize;
gcry_assert (n <= h->cipher->blocksize); gcry_assert (n <= h->cipher->blocksize);
@ -1969,10 +2016,10 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
/* Return information about the cipher handle H. CMD is the kind of /* Return information about the cipher handle H. CMD is the kind of
information requested. BUFFER and NBYTES are reserved for now. information requested. BUFFER and NBYTES are reserved for now.
There are no values for CMD yet defined. There are no values for CMD yet defined.
The function always returns GPG_ERR_INV_OP. The function always returns GPG_ERR_INV_OP.
*/ */
gcry_error_t gcry_error_t
gcry_cipher_info (gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes) gcry_cipher_info (gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes)
@ -2009,7 +2056,7 @@ gcry_cipher_info (gcry_cipher_hd_t h, int cmd, void *buffer, size_t *nbytes)
GCRYCTL_TEST_ALGO: GCRYCTL_TEST_ALGO:
Returns 0 if the specified algorithm ALGO is available for use. Returns 0 if the specified algorithm ALGO is available for use.
BUFFER and NBYTES must be zero. BUFFER and NBYTES must be zero.
Note: Because this function is in most cases used to return an Note: Because this function is in most cases used to return an
integer value, we can make it easier for the caller to just look at integer value, we can make it easier for the caller to just look at
the return value. The caller will in all cases consult the value the return value. The caller will in all cases consult the value
@ -2033,8 +2080,7 @@ gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes)
if ((ui > 0) && (ui <= 512)) if ((ui > 0) && (ui <= 512))
*nbytes = (size_t) ui / 8; *nbytes = (size_t) ui / 8;
else else
/* The only reason is an invalid algo or a strange /* The only reason for an error is an invalid algo. */
blocksize. */
err = GPG_ERR_CIPHER_ALGO; err = GPG_ERR_CIPHER_ALGO;
} }
break; break;
@ -2078,7 +2124,7 @@ gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes)
gcry_cipher_algo_info because it allows for proper type gcry_cipher_algo_info because it allows for proper type
checking. */ checking. */
size_t size_t
gcry_cipher_get_algo_keylen (int algo) gcry_cipher_get_algo_keylen (int algo)
{ {
size_t n; size_t n;
@ -2094,7 +2140,7 @@ gcry_cipher_get_algo_keylen (int algo)
gcry_cipher_algo_info because it allows for proper type gcry_cipher_algo_info because it allows for proper type
checking. */ checking. */
size_t size_t
gcry_cipher_get_algo_blklen (int algo) gcry_cipher_get_algo_blklen (int algo)
{ {
size_t n; size_t n;
@ -2155,7 +2201,7 @@ _gcry_cipher_selftest (int algo, int extended, selftest_report_func_t report)
{ {
ec = GPG_ERR_CIPHER_ALGO; ec = GPG_ERR_CIPHER_ALGO;
if (report) if (report)
report ("cipher", algo, "module", report ("cipher", algo, "module",
module && !(module->flags & FLAG_MODULE_DISABLED)? module && !(module->flags & FLAG_MODULE_DISABLED)?
"no selftest available" : "no selftest available" :
module? "algorithm disabled" : "algorithm not found"); module? "algorithm disabled" : "algorithm not found");

View file

@ -22,7 +22,7 @@
* Bruce Schneier: Applied Cryptography. Second Edition. * Bruce Schneier: Applied Cryptography. Second Edition.
* John Wiley & Sons, 1996. ISBN 0-471-12845-7. Pages 358 ff. * John Wiley & Sons, 1996. ISBN 0-471-12845-7. Pages 358 ff.
* This implementation is according to the definition of DES in FIPS * This implementation is according to the definition of DES in FIPS
* PUB 46-2 from December 1993. * PUB 46-2 from December 1993.
*/ */
@ -388,7 +388,7 @@ static byte weak_keys[64][8] =
}; };
static unsigned char weak_keys_chksum[20] = { static unsigned char weak_keys_chksum[20] = {
0xD0, 0xCF, 0x07, 0x38, 0x93, 0x70, 0x8A, 0x83, 0x7D, 0xD7, 0xD0, 0xCF, 0x07, 0x38, 0x93, 0x70, 0x8A, 0x83, 0x7D, 0xD7,
0x8A, 0x36, 0x65, 0x29, 0x6C, 0x1F, 0x7C, 0x3F, 0xD3, 0x41 0x8A, 0x36, 0x65, 0x29, 0x6C, 0x1F, 0x7C, 0x3F, 0xD3, 0x41
}; };
@ -888,12 +888,12 @@ selftest (void)
if (memcmp (input, result, 8)) if (memcmp (input, result, 8))
return "Triple-DES test failed."; return "Triple-DES test failed.";
} }
/* /*
* More Triple-DES test. These are testvectors as used by SSLeay, * More Triple-DES test. These are testvectors as used by SSLeay,
* thanks to Jeroen C. van Gelderen. * thanks to Jeroen C. van Gelderen.
*/ */
{ {
struct { byte key[24]; byte plain[8]; byte cipher[8]; } testdata[] = { struct { byte key[24]; byte plain[8]; byte cipher[8]; } testdata[] = {
{ { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, { { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
@ -901,7 +901,7 @@ selftest (void)
{ 0x95,0xF8,0xA5,0xE5,0xDD,0x31,0xD9,0x00 }, { 0x95,0xF8,0xA5,0xE5,0xDD,0x31,0xD9,0x00 },
{ 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00 } { 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }
}, },
{ { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, { { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 }, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 },
@ -966,7 +966,7 @@ selftest (void)
{ {
tripledes_set3keys (des3, testdata[i].key, tripledes_set3keys (des3, testdata[i].key,
testdata[i].key + 8, testdata[i].key + 16); testdata[i].key + 8, testdata[i].key + 16);
tripledes_ecb_encrypt (des3, testdata[i].plain, result); tripledes_ecb_encrypt (des3, testdata[i].plain, result);
if (memcmp (testdata[i].cipher, result, 8)) if (memcmp (testdata[i].cipher, result, 8))
return "Triple-DES SSLeay test failed on encryption."; return "Triple-DES SSLeay test failed on encryption.";
@ -1047,7 +1047,7 @@ do_tripledes_set_extra_info (void *context, int what,
break; break;
default: default:
ec = GPG_ERR_INV_OP; ec = GPG_ERR_INV_OP;
break; break;
} }
return ec; return ec;
@ -1112,7 +1112,7 @@ do_des_decrypt( void *context, byte *outbuf, const byte *inbuf )
/* /*
Self-test section. Self-test section.
*/ */
@ -1123,7 +1123,7 @@ selftest_fips (int extended, selftest_report_func_t report)
{ {
const char *what; const char *what;
const char *errtxt; const char *errtxt;
(void)extended; /* No extended tests available. */ (void)extended; /* No extended tests available. */
what = "low-level"; what = "low-level";
@ -1160,7 +1160,7 @@ run_selftests (int algo, int extended, selftest_report_func_t report)
default: default:
ec = GPG_ERR_CIPHER_ALGO; ec = GPG_ERR_CIPHER_ALGO;
break; break;
} }
return ec; return ec;
} }
@ -1189,7 +1189,7 @@ gcry_cipher_spec_t _gcry_cipher_spec_tripledes =
do_tripledes_setkey, do_tripledes_encrypt, do_tripledes_decrypt do_tripledes_setkey, do_tripledes_encrypt, do_tripledes_decrypt
}; };
cipher_extra_spec_t _gcry_cipher_extraspec_tripledes = cipher_extra_spec_t _gcry_cipher_extraspec_tripledes =
{ {
run_selftests, run_selftests,
do_tripledes_set_extra_info do_tripledes_set_extra_info

View file

@ -74,7 +74,7 @@ static const char sample_secret_key[] =
" 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)" " 42CAA7DC289F0C5A9D155F02D3D551DB741A81695B74D4C8F477F9C7838EB0FB#)"
" (x #11D54E4ADBD3034160F2CED4B7CD292A4EBF3EC0#)))"; " (x #11D54E4ADBD3034160F2CED4B7CD292A4EBF3EC0#)))";
/* A sample 1024 bit DSA key used for the selftests (public only). */ /* A sample 1024 bit DSA key used for the selftests (public only). */
static const char sample_public_key[] = static const char sample_public_key[] =
"(public-key" "(public-key"
" (dsa" " (dsa"
" (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB" " (p #00AD7C0025BA1A15F775F3F2D673718391D00456978D347B33D7B49E7F32EDAB"
@ -141,14 +141,19 @@ gen_k( gcry_mpi_t q )
unsigned int nbytes = (nbits+7)/8; unsigned int nbytes = (nbits+7)/8;
char *rndbuf = NULL; char *rndbuf = NULL;
/* To learn why we don't use mpi_mod to get the requested bit size,
read the paper: "The Insecurity of the Digital Signature
Algorithm with Partially Known Nonces" by Nguyen and Shparlinski.
Journal of Cryptology, New York. Vol 15, nr 3 (2003) */
if ( DBG_CIPHER ) if ( DBG_CIPHER )
log_debug("choosing a random k "); log_debug("choosing a random k ");
for (;;) for (;;)
{ {
if( DBG_CIPHER ) if( DBG_CIPHER )
progress('.'); progress('.');
if ( !rndbuf || nbits < 32 ) if ( !rndbuf || nbits < 32 )
{ {
gcry_free(rndbuf); gcry_free(rndbuf);
rndbuf = gcry_random_bytes_secure( (nbits+7)/8, GCRY_STRONG_RANDOM ); rndbuf = gcry_random_bytes_secure( (nbits+7)/8, GCRY_STRONG_RANDOM );
@ -156,13 +161,20 @@ gen_k( gcry_mpi_t q )
else else
{ /* Change only some of the higher bits. We could improve { /* Change only some of the higher bits. We could improve
this by directly requesting more memory at the first call this by directly requesting more memory at the first call
to get_random_bytes() and use this the here maybe it is to get_random_bytes() and use these extra bytes here.
easier to do this directly in random.c. */ However the required management code is more complex and
thus we better use this simple method. */
char *pp = gcry_random_bytes_secure( 4, GCRY_STRONG_RANDOM ); char *pp = gcry_random_bytes_secure( 4, GCRY_STRONG_RANDOM );
memcpy( rndbuf,pp, 4 ); memcpy( rndbuf,pp, 4 );
gcry_free(pp); gcry_free(pp);
} }
_gcry_mpi_set_buffer( k, rndbuf, nbytes, 0 ); _gcry_mpi_set_buffer( k, rndbuf, nbytes, 0 );
/* Make sure we have the requested number of bits. This code
looks a bit funny but it is easy to understand if you
consider that mpi_set_highbit clears all higher bits. We
don't have a clear_highbit, thus we first set the high bit
and then clear it again. */
if ( mpi_test_bit( k, nbits-1 ) ) if ( mpi_test_bit( k, nbits-1 ) )
mpi_set_highbit( k, nbits-1 ); mpi_set_highbit( k, nbits-1 );
else else
@ -172,7 +184,7 @@ gen_k( gcry_mpi_t q )
} }
if( !(mpi_cmp( k, q ) < 0) ) /* check: k < q */ if( !(mpi_cmp( k, q ) < 0) ) /* check: k < q */
{ {
if( DBG_CIPHER ) if( DBG_CIPHER )
progress('+'); progress('+');
continue; /* no */ continue; /* no */
@ -188,7 +200,7 @@ gen_k( gcry_mpi_t q )
gcry_free(rndbuf); gcry_free(rndbuf);
if( DBG_CIPHER ) if( DBG_CIPHER )
progress('\n'); progress('\n');
return k; return k;
} }
@ -315,7 +327,7 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
mpi_add_ui (h, h, 1); mpi_add_ui (h, h, 1);
/* g = h^e mod p */ /* g = h^e mod p */
gcry_mpi_powm (g, h, e, p); gcry_mpi_powm (g, h, e, p);
} }
while (!mpi_cmp_ui (g, 1)); /* Continue until g != 1. */ while (!mpi_cmp_ui (g, 1)); /* Continue until g != 1. */
} }
@ -330,13 +342,13 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
x = mpi_alloc_secure( mpi_get_nlimbs(q) ); x = mpi_alloc_secure( mpi_get_nlimbs(q) );
mpi_sub_ui( h, q, 1 ); /* put q-1 into h */ mpi_sub_ui( h, q, 1 ); /* put q-1 into h */
rndbuf = NULL; rndbuf = NULL;
do do
{ {
if( DBG_CIPHER ) if( DBG_CIPHER )
progress('.'); progress('.');
if( !rndbuf ) if( !rndbuf )
rndbuf = gcry_random_bytes_secure ((qbits+7)/8, random_level); rndbuf = gcry_random_bytes_secure ((qbits+7)/8, random_level);
else else
{ /* Change only some of the higher bits (= 2 bytes)*/ { /* Change only some of the higher bits (= 2 bytes)*/
char *r = gcry_random_bytes_secure (2, random_level); char *r = gcry_random_bytes_secure (2, random_level);
memcpy(rndbuf, r, 2 ); memcpy(rndbuf, r, 2 );
@ -345,7 +357,7 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
_gcry_mpi_set_buffer( x, rndbuf, (qbits+7)/8, 0 ); _gcry_mpi_set_buffer( x, rndbuf, (qbits+7)/8, 0 );
mpi_clear_highbit( x, qbits+1 ); mpi_clear_highbit( x, qbits+1 );
} }
while ( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, h )<0 ) ); while ( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, h )<0 ) );
gcry_free(rndbuf); gcry_free(rndbuf);
mpi_free( e ); mpi_free( e );
@ -355,7 +367,7 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
y = mpi_alloc( mpi_get_nlimbs(p) ); y = mpi_alloc( mpi_get_nlimbs(p) );
gcry_mpi_powm( y, g, x, p ); gcry_mpi_powm( y, g, x, p );
if( DBG_CIPHER ) if( DBG_CIPHER )
{ {
progress('\n'); progress('\n');
log_mpidump("dsa p", p ); log_mpidump("dsa p", p );
@ -406,8 +418,8 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
const void *seed; const void *seed;
size_t seedlen; size_t seedlen;
} initial_seed = { NULL, NULL, 0 }; } initial_seed = { NULL, NULL, 0 };
gcry_mpi_t prime_q = NULL; gcry_mpi_t prime_q = NULL;
gcry_mpi_t prime_p = NULL; gcry_mpi_t prime_p = NULL;
gcry_mpi_t value_g = NULL; /* The generator. */ gcry_mpi_t value_g = NULL; /* The generator. */
gcry_mpi_t value_y = NULL; /* g^x mod p */ gcry_mpi_t value_y = NULL; /* g^x mod p */
gcry_mpi_t value_x = NULL; /* The secret exponent. */ gcry_mpi_t value_x = NULL; /* The secret exponent. */
@ -467,15 +479,15 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
initial_seed.seed = gcry_sexp_nth_data (initial_seed.sexp, 1, initial_seed.seed = gcry_sexp_nth_data (initial_seed.sexp, 1,
&initial_seed.seedlen); &initial_seed.seedlen);
} }
/* Fixme: Enable 186-3 after it has been approved and after fixing /* Fixme: Enable 186-3 after it has been approved and after fixing
the generation function. */ the generation function. */
/* if (use_fips186_2) */ /* if (use_fips186_2) */
(void)use_fips186_2; (void)use_fips186_2;
ec = _gcry_generate_fips186_2_prime (nbits, qbits, ec = _gcry_generate_fips186_2_prime (nbits, qbits,
initial_seed.seed, initial_seed.seed,
initial_seed.seedlen, initial_seed.seedlen,
&prime_q, &prime_p, &prime_q, &prime_p,
r_counter, r_counter,
r_seed, r_seedlen); r_seed, r_seedlen);
/* else */ /* else */
@ -493,33 +505,33 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
mpi_sub_ui (value_e, prime_p, 1); mpi_sub_ui (value_e, prime_p, 1);
mpi_fdiv_q (value_e, value_e, prime_q ); mpi_fdiv_q (value_e, value_e, prime_q );
value_g = mpi_alloc_like (prime_p); value_g = mpi_alloc_like (prime_p);
value_h = mpi_alloc_set_ui (1); value_h = mpi_alloc_set_ui (1);
do do
{ {
mpi_add_ui (value_h, value_h, 1); mpi_add_ui (value_h, value_h, 1);
/* g = h^e mod p */ /* g = h^e mod p */
mpi_powm (value_g, value_h, value_e, prime_p); mpi_powm (value_g, value_h, value_e, prime_p);
} }
while (!mpi_cmp_ui (value_g, 1)); /* Continue until g != 1. */ while (!mpi_cmp_ui (value_g, 1)); /* Continue until g != 1. */
} }
/* Select a random number x with: 0 < x < q */ /* Select a random number x with: 0 < x < q */
value_x = gcry_mpi_snew (qbits); value_x = gcry_mpi_snew (qbits);
do do
{ {
if( DBG_CIPHER ) if( DBG_CIPHER )
progress('.'); progress('.');
gcry_mpi_randomize (value_x, qbits, GCRY_VERY_STRONG_RANDOM); gcry_mpi_randomize (value_x, qbits, GCRY_VERY_STRONG_RANDOM);
mpi_clear_highbit (value_x, qbits+1); mpi_clear_highbit (value_x, qbits+1);
} }
while (!(mpi_cmp_ui (value_x, 0) > 0 && mpi_cmp (value_x, prime_q) < 0)); while (!(mpi_cmp_ui (value_x, 0) > 0 && mpi_cmp (value_x, prime_q) < 0));
/* y = g^x mod p */ /* y = g^x mod p */
value_y = mpi_alloc_like (prime_p); value_y = mpi_alloc_like (prime_p);
gcry_mpi_powm (value_y, value_g, value_x, prime_p); gcry_mpi_powm (value_y, value_g, value_x, prime_p);
if (DBG_CIPHER) if (DBG_CIPHER)
{ {
progress('\n'); progress('\n');
log_mpidump("dsa p", prime_p ); log_mpidump("dsa p", prime_p );
@ -691,7 +703,7 @@ dsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
int use_fips186_2 = 0; int use_fips186_2 = 0;
int use_fips186 = 0; int use_fips186 = 0;
dsa_domain_t domain; dsa_domain_t domain;
(void)algo; /* No need to check it. */ (void)algo; /* No need to check it. */
(void)evalue; /* Not required for DSA. */ (void)evalue; /* Not required for DSA. */
@ -700,7 +712,7 @@ dsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
if (genparms) if (genparms)
{ {
gcry_sexp_t domainsexp; gcry_sexp_t domainsexp;
/* Parse the optional qbits element. */ /* Parse the optional qbits element. */
l1 = gcry_sexp_find_token (genparms, "qbits", 0); l1 = gcry_sexp_find_token (genparms, "qbits", 0);
if (l1) if (l1)
@ -708,7 +720,7 @@ dsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
char buf[50]; char buf[50];
const char *s; const char *s;
size_t n; size_t n;
s = gcry_sexp_nth_data (l1, 1, &n); s = gcry_sexp_nth_data (l1, 1, &n);
if (!s || n >= DIM (buf) - 1 ) if (!s || n >= DIM (buf) - 1 )
{ {
@ -760,7 +772,7 @@ dsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
gcry_sexp_release (deriveparms); gcry_sexp_release (deriveparms);
return GPG_ERR_INV_VALUE; return GPG_ERR_INV_VALUE;
} }
/* Put all domain parameters into the domain object. */ /* Put all domain parameters into the domain object. */
l1 = gcry_sexp_find_token (domainsexp, "p", 0); l1 = gcry_sexp_find_token (domainsexp, "p", 0);
domain.p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); domain.p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
@ -804,7 +816,7 @@ dsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
{ {
/* Format the seed-values unless domain parameters are used /* Format the seed-values unless domain parameters are used
for which a H_VALUE of NULL is an indication. */ for which a H_VALUE of NULL is an indication. */
ec = gpg_err_code (gcry_sexp_build ec = gpg_err_code (gcry_sexp_build
(&seedinfo, NULL, (&seedinfo, NULL,
"(seed-values(counter %d)(seed %b)(h %m))", "(seed-values(counter %d)(seed %b)(h %m))",
counter, (int)seedlen, seed, h_value)); counter, (int)seedlen, seed, h_value));
@ -879,7 +891,7 @@ dsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
p = stpcpy (p, ")"); p = stpcpy (p, ")");
} }
p = stpcpy (p, ")"); p = stpcpy (p, ")");
/* Allocate space for the list of factors plus one for /* Allocate space for the list of factors plus one for
an S-expression plus an extra NULL entry for safety an S-expression plus an extra NULL entry for safety
and fill it with the factors. */ and fill it with the factors. */
@ -894,8 +906,8 @@ dsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
for (j=0; j < nfactors; j++) for (j=0; j < nfactors; j++)
arg_list[i++] = (*retfactors) + j; arg_list[i++] = (*retfactors) + j;
arg_list[i] = NULL; arg_list[i] = NULL;
ec = gpg_err_code (gcry_sexp_build_array ec = gpg_err_code (gcry_sexp_build_array
(r_extrainfo, NULL, format, arg_list)); (r_extrainfo, NULL, format, arg_list));
} }
} }
@ -1023,19 +1035,19 @@ dsa_get_nbits (int algo, gcry_mpi_t *pkey)
/* /*
Self-test section. Self-test section.
*/ */
static const char * static const char *
selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey) selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
{ {
static const char sample_data[] = static const char sample_data[] =
"(data (flags pkcs1)" "(data (flags raw)"
" (hash sha1 #a0b1c2d3e4f500102030405060708090a1b2c3d4#))"; " (value #a0b1c2d3e4f500102030405060708090a1b2c3d4#))";
static const char sample_data_bad[] = static const char sample_data_bad[] =
"(data (flags pkcs1)" "(data (flags raw)"
" (hash sha1 #a0b1c2d3e4f510102030405060708090a1b2c3d4#))"; " (value #a0b1c2d3e4f510102030405060708090a1b2c3d4#))";
const char *errtxt = NULL; const char *errtxt = NULL;
gcry_error_t err; gcry_error_t err;
@ -1046,7 +1058,7 @@ selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
err = gcry_sexp_sscan (&data, NULL, err = gcry_sexp_sscan (&data, NULL,
sample_data, strlen (sample_data)); sample_data, strlen (sample_data));
if (!err) if (!err)
err = gcry_sexp_sscan (&data_bad, NULL, err = gcry_sexp_sscan (&data_bad, NULL,
sample_data_bad, strlen (sample_data_bad)); sample_data_bad, strlen (sample_data_bad));
if (err) if (err)
{ {
@ -1093,10 +1105,10 @@ selftests_dsa (selftest_report_func_t report)
/* Convert the S-expressions into the internal representation. */ /* Convert the S-expressions into the internal representation. */
what = "convert"; what = "convert";
err = gcry_sexp_sscan (&skey, NULL, err = gcry_sexp_sscan (&skey, NULL,
sample_secret_key, strlen (sample_secret_key)); sample_secret_key, strlen (sample_secret_key));
if (!err) if (!err)
err = gcry_sexp_sscan (&pkey, NULL, err = gcry_sexp_sscan (&pkey, NULL,
sample_public_key, strlen (sample_public_key)); sample_public_key, strlen (sample_public_key));
if (err) if (err)
{ {
@ -1146,7 +1158,7 @@ run_selftests (int algo, int extended, selftest_report_func_t report)
default: default:
ec = GPG_ERR_PUBKEY_ALGO; ec = GPG_ERR_PUBKEY_ALGO;
break; break;
} }
return ec; return ec;
} }
@ -1163,7 +1175,7 @@ static const char *dsa_names[] =
gcry_pk_spec_t _gcry_pubkey_spec_dsa = gcry_pk_spec_t _gcry_pubkey_spec_dsa =
{ {
"DSA", dsa_names, "DSA", dsa_names,
"pqgy", "pqgyx", "", "rs", "pqgy", "pqgy", "pqgyx", "", "rs", "pqgy",
GCRY_PK_USAGE_SIGN, GCRY_PK_USAGE_SIGN,
dsa_generate, dsa_generate,
@ -1174,9 +1186,8 @@ gcry_pk_spec_t _gcry_pubkey_spec_dsa =
dsa_verify, dsa_verify,
dsa_get_nbits dsa_get_nbits
}; };
pk_extra_spec_t _gcry_pubkey_extraspec_dsa = pk_extra_spec_t _gcry_pubkey_extraspec_dsa =
{ {
run_selftests, run_selftests,
dsa_generate_ext dsa_generate_ext
}; };

File diff suppressed because it is too large Load diff

View file

@ -115,7 +115,7 @@ wiener_map( unsigned int n )
}; };
int i; int i;
for(i=0; t[i].p_n; i++ ) for(i=0; t[i].p_n; i++ )
{ {
if( n <= t[i].p_n ) if( n <= t[i].p_n )
return t[i].q_n; return t[i].q_n;
@ -158,7 +158,7 @@ test_keys ( ELG_secret_key *sk, unsigned int nbits, int nodie )
log_fatal ("Elgamal test key for %s %s failed\n", log_fatal ("Elgamal test key for %s %s failed\n",
(failed & 1)? "encrypt+decrypt":"", (failed & 1)? "encrypt+decrypt":"",
(failed & 2)? "sign+verify":""); (failed & 2)? "sign+verify":"");
if (failed && DBG_CIPHER) if (failed && DBG_CIPHER)
log_debug ("Elgamal test key for %s %s failed\n", log_debug ("Elgamal test key for %s %s failed\n",
(failed & 1)? "encrypt+decrypt":"", (failed & 1)? "encrypt+decrypt":"",
(failed & 2)? "sign+verify":""); (failed & 2)? "sign+verify":"");
@ -199,15 +199,15 @@ gen_k( gcry_mpi_t p, int small_k )
if( DBG_CIPHER ) if( DBG_CIPHER )
log_debug("choosing a random k "); log_debug("choosing a random k ");
mpi_sub_ui( p_1, p, 1); mpi_sub_ui( p_1, p, 1);
for(;;) for(;;)
{ {
if( !rndbuf || nbits < 32 ) if( !rndbuf || nbits < 32 )
{ {
gcry_free(rndbuf); gcry_free(rndbuf);
rndbuf = gcry_random_bytes_secure( nbytes, GCRY_STRONG_RANDOM ); rndbuf = gcry_random_bytes_secure( nbytes, GCRY_STRONG_RANDOM );
} }
else else
{ {
/* Change only some of the higher bits. We could improve /* Change only some of the higher bits. We could improve
this by directly requesting more memory at the first call this by directly requesting more memory at the first call
to get_random_bytes() and use this the here maybe it is to get_random_bytes() and use this the here maybe it is
@ -218,7 +218,7 @@ gen_k( gcry_mpi_t p, int small_k )
gcry_free(pp); gcry_free(pp);
} }
_gcry_mpi_set_buffer( k, rndbuf, nbytes, 0 ); _gcry_mpi_set_buffer( k, rndbuf, nbytes, 0 );
for(;;) for(;;)
{ {
if( !(mpi_cmp( k, p_1 ) < 0) ) /* check: k < (p-1) */ if( !(mpi_cmp( k, p_1 ) < 0) ) /* check: k < (p-1) */
@ -294,7 +294,7 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors )
if( DBG_CIPHER ) if( DBG_CIPHER )
log_debug("choosing a random x of size %u", xbits ); log_debug("choosing a random x of size %u", xbits );
rndbuf = NULL; rndbuf = NULL;
do do
{ {
if( DBG_CIPHER ) if( DBG_CIPHER )
progress('.'); progress('.');
@ -314,21 +314,21 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors )
gcry_free(r); gcry_free(r);
} }
} }
else else
{ {
rndbuf = gcry_random_bytes_secure( (xbits+7)/8, rndbuf = gcry_random_bytes_secure( (xbits+7)/8,
GCRY_VERY_STRONG_RANDOM ); GCRY_VERY_STRONG_RANDOM );
} }
_gcry_mpi_set_buffer( x, rndbuf, (xbits+7)/8, 0 ); _gcry_mpi_set_buffer( x, rndbuf, (xbits+7)/8, 0 );
mpi_clear_highbit( x, xbits+1 ); mpi_clear_highbit( x, xbits+1 );
} }
while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) ); while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) );
gcry_free(rndbuf); gcry_free(rndbuf);
y = gcry_mpi_new (nbits); y = gcry_mpi_new (nbits);
gcry_mpi_powm( y, g, x, p ); gcry_mpi_powm( y, g, x, p );
if( DBG_CIPHER ) if( DBG_CIPHER )
{ {
progress('\n'); progress('\n');
log_mpidump("elg p= ", p ); log_mpidump("elg p= ", p );
@ -354,7 +354,7 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors )
value for the secret key but the one given as X. This is useful to value for the secret key but the one given as X. This is useful to
implement a passphrase based decryption for a public key based implement a passphrase based decryption for a public key based
encryption. It has appliactions in backup systems. encryption. It has appliactions in backup systems.
Returns: A structure filled with all needed values and an array Returns: A structure filled with all needed values and an array
with n-1 factors of (p-1). */ with n-1 factors of (p-1). */
static gcry_err_code_t static gcry_err_code_t
@ -399,7 +399,7 @@ generate_using_x (ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t x,
y = gcry_mpi_new (nbits); y = gcry_mpi_new (nbits);
gcry_mpi_powm ( y, g, x, p ); gcry_mpi_powm ( y, g, x, p );
if ( DBG_CIPHER ) if ( DBG_CIPHER )
{ {
progress ('\n'); progress ('\n');
log_mpidump ("elg p= ", p ); log_mpidump ("elg p= ", p );
@ -493,7 +493,7 @@ decrypt(gcry_mpi_t output, gcry_mpi_t a, gcry_mpi_t b, ELG_secret_key *skey )
mpi_invm( t1, t1, skey->p ); mpi_invm( t1, t1, skey->p );
mpi_mulm( output, b, t1, skey->p ); mpi_mulm( output, b, t1, skey->p );
#if 0 #if 0
if( DBG_CIPHER ) if( DBG_CIPHER )
{ {
log_mpidump("elg decrypted x= ", skey->x); log_mpidump("elg decrypted x= ", skey->x);
log_mpidump("elg decrypted p= ", skey->p); log_mpidump("elg decrypted p= ", skey->p);
@ -533,7 +533,7 @@ sign(gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_secret_key *skey )
mpi_mulm(b, t, inv, p_1 ); mpi_mulm(b, t, inv, p_1 );
#if 0 #if 0
if( DBG_CIPHER ) if( DBG_CIPHER )
{ {
log_mpidump("elg sign p= ", skey->p); log_mpidump("elg sign p= ", skey->p);
log_mpidump("elg sign g= ", skey->g); log_mpidump("elg sign g= ", skey->g);
@ -652,7 +652,7 @@ elg_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
skey[1] = sk.g; skey[1] = sk.g;
skey[2] = sk.y; skey[2] = sk.y;
skey[3] = sk.x; skey[3] = sk.x;
return ec; return ec;
} }
@ -671,7 +671,7 @@ elg_generate (int algo, unsigned int nbits, unsigned long evalue,
skey[1] = sk.g; skey[1] = sk.g;
skey[2] = sk.y; skey[2] = sk.y;
skey[3] = sk.x; skey[3] = sk.x;
return GPG_ERR_NO_ERROR; return GPG_ERR_NO_ERROR;
} }
@ -692,7 +692,7 @@ elg_check_secret_key (int algo, gcry_mpi_t *skey)
sk.g = skey[1]; sk.g = skey[1];
sk.y = skey[2]; sk.y = skey[2];
sk.x = skey[3]; sk.x = skey[3];
if (! check_secret_key (&sk)) if (! check_secret_key (&sk))
err = GPG_ERR_BAD_SECKEY; err = GPG_ERR_BAD_SECKEY;
} }
@ -773,7 +773,7 @@ elg_sign (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *skey)
resarr[1] = mpi_alloc (mpi_get_nlimbs (sk.p)); resarr[1] = mpi_alloc (mpi_get_nlimbs (sk.p));
sign (resarr[0], resarr[1], data, &sk); sign (resarr[0], resarr[1], data, &sk);
} }
return err; return err;
} }
@ -837,10 +837,9 @@ gcry_pk_spec_t _gcry_pubkey_spec_elg =
elg_get_nbits elg_get_nbits
}; };
pk_extra_spec_t _gcry_pubkey_extraspec_elg = pk_extra_spec_t _gcry_pubkey_extraspec_elg =
{ {
NULL, NULL,
elg_generate_ext, elg_generate_ext,
NULL NULL
}; };

View file

@ -21,7 +21,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#ifdef HAVE_STDINT_H #ifdef HAVE_STDINT_H
# include <stdint.h> # include <stdint.h>
#endif #endif
@ -35,10 +35,10 @@
describing the error. describing the error.
DATAMODE controls what will be hashed according to this table: DATAMODE controls what will be hashed according to this table:
0 - Hash the supplied DATA of DATALEN. 0 - Hash the supplied DATA of DATALEN.
1 - Hash one million times a 'a'. DATA and DATALEN are ignored. 1 - Hash one million times a 'a'. DATA and DATALEN are ignored.
*/ */
const char * const char *
_gcry_hash_selftest_check_one (int algo, _gcry_hash_selftest_check_one (int algo,
@ -49,14 +49,14 @@ _gcry_hash_selftest_check_one (int algo,
gcry_error_t err = 0; gcry_error_t err = 0;
gcry_md_hd_t hd; gcry_md_hd_t hd;
unsigned char *digest; unsigned char *digest;
if (_gcry_md_get_algo_dlen (algo) != expectlen) if (_gcry_md_get_algo_dlen (algo) != expectlen)
return "digest size does not match expected size"; return "digest size does not match expected size";
err = _gcry_md_open (&hd, algo, 0); err = _gcry_md_open (&hd, algo, 0);
if (err) if (err)
return "gcry_md_open failed"; return "gcry_md_open failed";
switch (datamode) switch (datamode)
{ {
case 0: case 0:
@ -64,7 +64,7 @@ _gcry_hash_selftest_check_one (int algo,
break; break;
case 1: /* Hash one million times an "a". */ case 1: /* Hash one million times an "a". */
{ {
char aaa[1000]; char aaa[1000];
int i; int i;
@ -82,7 +82,7 @@ _gcry_hash_selftest_check_one (int algo,
if (!result) if (!result)
{ {
digest = _gcry_md_read (hd, algo); digest = _gcry_md_read (hd, algo);
if ( memcmp (digest, expect, expectlen) ) if ( memcmp (digest, expect, expectlen) )
result = "digest mismatch"; result = "digest mismatch";
} }
@ -91,4 +91,3 @@ _gcry_hash_selftest_check_one (int algo,
return result; return result;
} }

View file

@ -21,11 +21,11 @@
#define GCRY_HASH_COMMON_H #define GCRY_HASH_COMMON_H
const char * _gcry_hash_selftest_check_one const char * _gcry_hash_selftest_check_one
/**/ (int algo, /**/ (int algo,
int datamode, const void *data, size_t datalen, int datamode, const void *data, size_t datalen,
const void *expect, size_t expectlen); const void *expect, size_t expectlen);

View file

@ -17,7 +17,7 @@
* License along with this program; if not, see <http://www.gnu.org/licenses/>. * License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/ */
/* /*
Although algorithm self-tests are usually implemented in the module Although algorithm self-tests are usually implemented in the module
implementing the algorithm, the case for HMAC is different because implementing the algorithm, the case for HMAC is different because
HMAC is implemnetd on a higher level using a special feature of the HMAC is implemnetd on a higher level using a special feature of the
@ -33,7 +33,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#ifdef HAVE_STDINT_H #ifdef HAVE_STDINT_H
# include <stdint.h> # include <stdint.h>
#endif #endif
@ -47,7 +47,7 @@
succdess or a string describing the failure. */ succdess or a string describing the failure. */
static const char * static const char *
check_one (int algo, check_one (int algo,
const void *data, size_t datalen, const void *data, size_t datalen,
const void *key, size_t keylen, const void *key, size_t keylen,
const void *expect, size_t expectlen) const void *expect, size_t expectlen)
{ {
@ -88,7 +88,7 @@ check_one (int algo,
return "does not match"; return "does not match";
} }
_gcry_md_close (hd); _gcry_md_close (hd);
return NULL; return NULL;
} }
@ -123,7 +123,7 @@ selftests_sha1 (int extended, selftest_report_func_t report)
"\xa4\x58\x30\x73\x7d\x5c\xc6\xc7\x5d\x24", 20); "\xa4\x58\x30\x73\x7d\x5c\xc6\xc7\x5d\x24", 20);
if (errtxt) if (errtxt)
goto failed; goto failed;
what = "FIPS-198a, A.3"; what = "FIPS-198a, A.3";
for (i=0, j=0x50; i < 100; i++) for (i=0, j=0x50; i < 100; i++)
key[i] = j++; key[i] = j++;
@ -134,7 +134,7 @@ selftests_sha1 (int extended, selftest_report_func_t report)
"\x5c\xaf\x7c\xb0\x92\xec\xf8\xd1\xa3\xaa", 20 ); "\x5c\xaf\x7c\xb0\x92\xec\xf8\xd1\xa3\xaa", 20 );
if (errtxt) if (errtxt)
goto failed; goto failed;
what = "FIPS-198a, A.4"; what = "FIPS-198a, A.4";
for (i=0, j=0x70; i < 49; i++) for (i=0, j=0x70; i < 49; i++)
key[i] = j++; key[i] = j++;
@ -160,7 +160,7 @@ selftests_sha1 (int extended, selftest_report_func_t report)
static gpg_err_code_t static gpg_err_code_t
selftests_sha224 (int extended, selftest_report_func_t report) selftests_sha224 (int extended, selftest_report_func_t report)
{ {
static struct static struct
{ {
const char * const desc; const char * const desc;
const char * const data; const char * const data;
@ -169,7 +169,7 @@ selftests_sha224 (int extended, selftest_report_func_t report)
} tv[] = } tv[] =
{ {
{ "data-28 key-4", { "data-28 key-4",
"what do ya want for nothing?", "what do ya want for nothing?",
"Jefe", "Jefe",
{ 0xa3, 0x0e, 0x01, 0x09, 0x8b, 0xc6, 0xdb, 0xbf, { 0xa3, 0x0e, 0x01, 0x09, 0x8b, 0xc6, 0xdb, 0xbf,
0x45, 0x69, 0x0f, 0x3a, 0x7e, 0x9e, 0x6d, 0x0f, 0x45, 0x69, 0x0f, 0x3a, 0x7e, 0x9e, 0x6d, 0x0f,
@ -248,7 +248,7 @@ selftests_sha224 (int extended, selftest_report_func_t report)
const char *what; const char *what;
const char *errtxt; const char *errtxt;
int tvidx; int tvidx;
for (tvidx=0; tv[tvidx].desc; tvidx++) for (tvidx=0; tv[tvidx].desc; tvidx++)
{ {
what = tv[tvidx].desc; what = tv[tvidx].desc;
@ -274,7 +274,7 @@ selftests_sha224 (int extended, selftest_report_func_t report)
static gpg_err_code_t static gpg_err_code_t
selftests_sha256 (int extended, selftest_report_func_t report) selftests_sha256 (int extended, selftest_report_func_t report)
{ {
static struct static struct
{ {
const char * const desc; const char * const desc;
const char * const data; const char * const data;
@ -283,7 +283,7 @@ selftests_sha256 (int extended, selftest_report_func_t report)
} tv[] = } tv[] =
{ {
{ "data-28 key-4", { "data-28 key-4",
"what do ya want for nothing?", "what do ya want for nothing?",
"Jefe", "Jefe",
{ 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, { 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e,
0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7,
@ -362,7 +362,7 @@ selftests_sha256 (int extended, selftest_report_func_t report)
const char *what; const char *what;
const char *errtxt; const char *errtxt;
int tvidx; int tvidx;
for (tvidx=0; tv[tvidx].desc; tvidx++) for (tvidx=0; tv[tvidx].desc; tvidx++)
{ {
hmac256_context_t hmachd; hmac256_context_t hmachd;
@ -416,7 +416,7 @@ selftests_sha256 (int extended, selftest_report_func_t report)
static gpg_err_code_t static gpg_err_code_t
selftests_sha384 (int extended, selftest_report_func_t report) selftests_sha384 (int extended, selftest_report_func_t report)
{ {
static struct static struct
{ {
const char * const desc; const char * const desc;
const char * const data; const char * const data;
@ -425,7 +425,7 @@ selftests_sha384 (int extended, selftest_report_func_t report)
} tv[] = } tv[] =
{ {
{ "data-28 key-4", { "data-28 key-4",
"what do ya want for nothing?", "what do ya want for nothing?",
"Jefe", "Jefe",
{ 0xaf, 0x45, 0xd2, 0xe3, 0x76, 0x48, 0x40, 0x31, { 0xaf, 0x45, 0xd2, 0xe3, 0x76, 0x48, 0x40, 0x31,
0x61, 0x7f, 0x78, 0xd2, 0xb5, 0x8a, 0x6b, 0x1b, 0x61, 0x7f, 0x78, 0xd2, 0xb5, 0x8a, 0x6b, 0x1b,
@ -516,7 +516,7 @@ selftests_sha384 (int extended, selftest_report_func_t report)
const char *what; const char *what;
const char *errtxt; const char *errtxt;
int tvidx; int tvidx;
for (tvidx=0; tv[tvidx].desc; tvidx++) for (tvidx=0; tv[tvidx].desc; tvidx++)
{ {
what = tv[tvidx].desc; what = tv[tvidx].desc;
@ -542,7 +542,7 @@ selftests_sha384 (int extended, selftest_report_func_t report)
static gpg_err_code_t static gpg_err_code_t
selftests_sha512 (int extended, selftest_report_func_t report) selftests_sha512 (int extended, selftest_report_func_t report)
{ {
static struct static struct
{ {
const char * const desc; const char * const desc;
const char * const data; const char * const data;
@ -551,7 +551,7 @@ selftests_sha512 (int extended, selftest_report_func_t report)
} tv[] = } tv[] =
{ {
{ "data-28 key-4", { "data-28 key-4",
"what do ya want for nothing?", "what do ya want for nothing?",
"Jefe", "Jefe",
{ 0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2, { 0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2,
0xe3, 0x95, 0xfb, 0xe7, 0x3b, 0x56, 0xe0, 0xa3, 0xe3, 0x95, 0xfb, 0xe7, 0x3b, 0x56, 0xe0, 0xa3,
@ -654,7 +654,7 @@ selftests_sha512 (int extended, selftest_report_func_t report)
const char *what; const char *what;
const char *errtxt; const char *errtxt;
int tvidx; int tvidx;
for (tvidx=0; tv[tvidx].desc; tvidx++) for (tvidx=0; tv[tvidx].desc; tvidx++)
{ {
what = tv[tvidx].desc; what = tv[tvidx].desc;

View file

@ -0,0 +1,378 @@
/* idea.c - IDEA function
* Copyright 1997, 1998, 1999, 2001 Werner Koch (dd9jn)
* Copyright 2013 g10 Code GmbH
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
* WERNER KOCH BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* Except as contained in this notice, the name of Werner Koch shall not be
* used in advertising or otherwise to promote the sale, use or other dealings
* in this Software without prior written authorization from Werner Koch.
*
* Patents on IDEA have expired:
* Europe: EP0482154 on 2011-05-16,
* Japan: JP3225440 on 2011-05-16,
* U.S.: 5,214,703 on 2012-01-07.
*/
/*
* Please see http://www.noepatents.org/ to learn why software patents
* are bad for society and what you can do to fight them.
*
* The code herein is based on the one from:
* Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1996.
* ISBN 0-471-11709-9.
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "types.h" /* for byte and u32 typedefs */
#include "g10lib.h"
#include "cipher.h"
#define IDEA_KEYSIZE 16
#define IDEA_BLOCKSIZE 8
#define IDEA_ROUNDS 8
#define IDEA_KEYLEN (6*IDEA_ROUNDS+4)
typedef struct {
u16 ek[IDEA_KEYLEN];
u16 dk[IDEA_KEYLEN];
int have_dk;
} IDEA_context;
static const char *selftest(void);
static u16
mul_inv( u16 x )
{
u16 t0, t1;
u16 q, y;
if( x < 2 )
return x;
t1 = 0x10001L / x;
y = 0x10001L % x;
if( y == 1 )
return (1-t1) & 0xffff;
t0 = 1;
do {
q = x / y;
x = x % y;
t0 += q * t1;
if( x == 1 )
return t0;
q = y / x;
y = y % x;
t1 += q * t0;
} while( y != 1 );
return (1-t1) & 0xffff;
}
static void
expand_key( const byte *userkey, u16 *ek )
{
int i,j;
for(j=0; j < 8; j++ ) {
ek[j] = (*userkey << 8) + userkey[1];
userkey += 2;
}
for(i=0; j < IDEA_KEYLEN; j++ ) {
i++;
ek[i+7] = ek[i&7] << 9 | ek[(i+1)&7] >> 7;
ek += i & 8;
i &= 7;
}
}
static void
invert_key( u16 *ek, u16 dk[IDEA_KEYLEN] )
{
int i;
u16 t1, t2, t3;
u16 temp[IDEA_KEYLEN];
u16 *p = temp + IDEA_KEYLEN;
t1 = mul_inv( *ek++ );
t2 = -*ek++;
t3 = -*ek++;
*--p = mul_inv( *ek++ );
*--p = t3;
*--p = t2;
*--p = t1;
for(i=0; i < IDEA_ROUNDS-1; i++ ) {
t1 = *ek++;
*--p = *ek++;
*--p = t1;
t1 = mul_inv( *ek++ );
t2 = -*ek++;
t3 = -*ek++;
*--p = mul_inv( *ek++ );
*--p = t2;
*--p = t3;
*--p = t1;
}
t1 = *ek++;
*--p = *ek++;
*--p = t1;
t1 = mul_inv( *ek++ );
t2 = -*ek++;
t3 = -*ek++;
*--p = mul_inv( *ek++ );
*--p = t3;
*--p = t2;
*--p = t1;
memcpy(dk, temp, sizeof(temp) );
memset(temp, 0, sizeof(temp) ); /* burn temp */
}
static void
cipher( byte *outbuf, const byte *inbuf, u16 *key )
{
u16 s2, s3;
u16 in[4];
int r = IDEA_ROUNDS;
#define x1 (in[0])
#define x2 (in[1])
#define x3 (in[2])
#define x4 (in[3])
#define MUL(x,y) \
do {u16 _t16; u32 _t32; \
if( (_t16 = (y)) ) { \
if( (x = (x)&0xffff) ) { \
_t32 = (u32)x * _t16; \
x = _t32 & 0xffff; \
_t16 = _t32 >> 16; \
x = ((x)-_t16) + (x<_t16?1:0); \
} \
else { \
x = 1 - _t16; \
} \
} \
else { \
x = 1 - x; \
} \
} while(0)
memcpy (in, inbuf, sizeof in);
#ifndef WORDS_BIGENDIAN
x1 = (x1>>8) | (x1<<8);
x2 = (x2>>8) | (x2<<8);
x3 = (x3>>8) | (x3<<8);
x4 = (x4>>8) | (x4<<8);
#endif
do {
MUL(x1, *key++);
x2 += *key++;
x3 += *key++;
MUL(x4, *key++ );
s3 = x3;
x3 ^= x1;
MUL(x3, *key++);
s2 = x2;
x2 ^=x4;
x2 += x3;
MUL(x2, *key++);
x3 += x2;
x1 ^= x2;
x4 ^= x3;
x2 ^= s3;
x3 ^= s2;
} while( --r );
MUL(x1, *key++);
x3 += *key++;
x2 += *key++;
MUL(x4, *key);
#ifndef WORDS_BIGENDIAN
x1 = (x1>>8) | (x1<<8);
x2 = (x2>>8) | (x2<<8);
x3 = (x3>>8) | (x3<<8);
x4 = (x4>>8) | (x4<<8);
#endif
memcpy (outbuf+0, &x1, 2);
memcpy (outbuf+2, &x3, 2);
memcpy (outbuf+4, &x2, 2);
memcpy (outbuf+6, &x4, 2);
#undef MUL
#undef x1
#undef x2
#undef x3
#undef x4
}
static int
do_setkey( IDEA_context *c, const byte *key, unsigned int keylen )
{
static int initialized = 0;
static const char *selftest_failed = 0;
if( !initialized ) {
initialized = 1;
selftest_failed = selftest();
if( selftest_failed )
log_error( "%s\n", selftest_failed );
}
if( selftest_failed )
return GPG_ERR_SELFTEST_FAILED;
assert(keylen == 16);
c->have_dk = 0;
expand_key( key, c->ek );
invert_key( c->ek, c->dk );
return 0;
}
static gcry_err_code_t
idea_setkey (void *context, const byte *key, unsigned int keylen)
{
IDEA_context *ctx = context;
int rc = do_setkey (ctx, key, keylen);
_gcry_burn_stack (23+6*sizeof(void*));
return rc;
}
static void
encrypt_block( IDEA_context *c, byte *outbuf, const byte *inbuf )
{
cipher( outbuf, inbuf, c->ek );
}
static void
idea_encrypt (void *context, byte *out, const byte *in)
{
IDEA_context *ctx = context;
encrypt_block (ctx, out, in);
_gcry_burn_stack (24+3*sizeof (void*));
}
static void
decrypt_block( IDEA_context *c, byte *outbuf, const byte *inbuf )
{
if( !c->have_dk ) {
c->have_dk = 1;
invert_key( c->ek, c->dk );
}
cipher( outbuf, inbuf, c->dk );
}
static void
idea_decrypt (void *context, byte *out, const byte *in)
{
IDEA_context *ctx = context;
decrypt_block (ctx, out, in);
_gcry_burn_stack (24+3*sizeof (void*));
}
static const char *
selftest( void )
{
static struct {
byte key[16];
byte plain[8];
byte cipher[8];
} test_vectors[] = {
{ { 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08 },
{ 0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x00, 0x03 },
{ 0x11, 0xFB, 0xED, 0x2B, 0x01, 0x98, 0x6D, 0xE5 } },
{ { 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08 },
{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 },
{ 0x54, 0x0E, 0x5F, 0xEA, 0x18, 0xC2, 0xF8, 0xB1 } },
{ { 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08 },
{ 0x00, 0x19, 0x32, 0x4B, 0x64, 0x7D, 0x96, 0xAF },
{ 0x9F, 0x0A, 0x0A, 0xB6, 0xE1, 0x0C, 0xED, 0x78 } },
{ { 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08 },
{ 0xF5, 0x20, 0x2D, 0x5B, 0x9C, 0x67, 0x1B, 0x08 },
{ 0xCF, 0x18, 0xFD, 0x73, 0x55, 0xE2, 0xC5, 0xC5 } },
{ { 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08 },
{ 0xFA, 0xE6, 0xD2, 0xBE, 0xAA, 0x96, 0x82, 0x6E },
{ 0x85, 0xDF, 0x52, 0x00, 0x56, 0x08, 0x19, 0x3D } },
{ { 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08 },
{ 0x0A, 0x14, 0x1E, 0x28, 0x32, 0x3C, 0x46, 0x50 },
{ 0x2F, 0x7D, 0xE7, 0x50, 0x21, 0x2F, 0xB7, 0x34 } },
{ { 0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08 },
{ 0x05, 0x0A, 0x0F, 0x14, 0x19, 0x1E, 0x23, 0x28 },
{ 0x7B, 0x73, 0x14, 0x92, 0x5D, 0xE5, 0x9C, 0x09 } },
{ { 0x00, 0x05, 0x00, 0x0A, 0x00, 0x0F, 0x00, 0x14,
0x00, 0x19, 0x00, 0x1E, 0x00, 0x23, 0x00, 0x28 },
{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 },
{ 0x3E, 0xC0, 0x47, 0x80, 0xBE, 0xFF, 0x6E, 0x20 } },
{ { 0x3A, 0x98, 0x4E, 0x20, 0x00, 0x19, 0x5D, 0xB3,
0x2E, 0xE5, 0x01, 0xC8, 0xC4, 0x7C, 0xEA, 0x60 },
{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 },
{ 0x97, 0xBC, 0xD8, 0x20, 0x07, 0x80, 0xDA, 0x86 } },
{ { 0x00, 0x64, 0x00, 0xC8, 0x01, 0x2C, 0x01, 0x90,
0x01, 0xF4, 0x02, 0x58, 0x02, 0xBC, 0x03, 0x20 },
{ 0x05, 0x32, 0x0A, 0x64, 0x14, 0xC8, 0x19, 0xFA },
{ 0x65, 0xBE, 0x87, 0xE7, 0xA2, 0x53, 0x8A, 0xED } },
{ { 0x9D, 0x40, 0x75, 0xC1, 0x03, 0xBC, 0x32, 0x2A,
0xFB, 0x03, 0xE7, 0xBE, 0x6A, 0xB3, 0x00, 0x06 },
{ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08 },
{ 0xF5, 0xDB, 0x1A, 0xC4, 0x5E, 0x5E, 0xF9, 0xF9 } }
};
IDEA_context c;
byte buffer[8];
int i;
for(i=0; i < DIM(test_vectors); i++ ) {
do_setkey( &c, test_vectors[i].key, 16 );
encrypt_block( &c, buffer, test_vectors[i].plain );
if( memcmp( buffer, test_vectors[i].cipher, 8 ) )
return "IDEA test encryption failed.";
decrypt_block( &c, buffer, test_vectors[i].cipher );
if( memcmp( buffer, test_vectors[i].plain, 8 ) )
return "IDEA test decryption failed.";
}
return NULL;
}
gcry_cipher_spec_t _gcry_cipher_spec_idea =
{
"IDEA", NULL, NULL, IDEA_BLOCKSIZE, 128,
sizeof (IDEA_context),
idea_setkey, idea_encrypt, idea_decrypt
};

View file

@ -0,0 +1,278 @@
/* kdf.c - Key Derivation Functions
* Copyright (C) 1998, 2011 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser general Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include "g10lib.h"
#include "cipher.h"
#include "ath.h"
/* Transform a passphrase into a suitable key of length KEYSIZE and
store this key in the caller provided buffer KEYBUFFER. The caller
must provide an HASHALGO, a valid ALGO and depending on that algo a
SALT of 8 bytes and the number of ITERATIONS. Code taken from
gnupg/agent/protect.c:hash_passphrase. */
gpg_err_code_t
openpgp_s2k (const void *passphrase, size_t passphraselen,
int algo, int hashalgo,
const void *salt, size_t saltlen,
unsigned long iterations,
size_t keysize, void *keybuffer)
{
gpg_err_code_t ec;
gcry_md_hd_t md;
char *key = keybuffer;
int pass, i;
int used = 0;
int secmode;
if ((algo == GCRY_KDF_SALTED_S2K || algo == GCRY_KDF_ITERSALTED_S2K)
&& (!salt || saltlen != 8))
return GPG_ERR_INV_VALUE;
secmode = gcry_is_secure (passphrase) || gcry_is_secure (keybuffer);
ec = gpg_err_code (gcry_md_open (&md, hashalgo,
secmode? GCRY_MD_FLAG_SECURE : 0));
if (ec)
return ec;
for (pass=0; used < keysize; pass++)
{
if (pass)
{
gcry_md_reset (md);
for (i=0; i < pass; i++) /* Preset the hash context. */
gcry_md_putc (md, 0);
}
if (algo == GCRY_KDF_SALTED_S2K || algo == GCRY_KDF_ITERSALTED_S2K)
{
int len2 = passphraselen + 8;
unsigned long count = len2;
if (algo == GCRY_KDF_ITERSALTED_S2K)
{
count = iterations;
if (count < len2)
count = len2;
}
while (count > len2)
{
gcry_md_write (md, salt, saltlen);
gcry_md_write (md, passphrase, passphraselen);
count -= len2;
}
if (count < saltlen)
gcry_md_write (md, salt, count);
else
{
gcry_md_write (md, salt, saltlen);
count -= saltlen;
gcry_md_write (md, passphrase, count);
}
}
else
gcry_md_write (md, passphrase, passphraselen);
gcry_md_final (md);
i = gcry_md_get_algo_dlen (hashalgo);
if (i > keysize - used)
i = keysize - used;
memcpy (key+used, gcry_md_read (md, hashalgo), i);
used += i;
}
gcry_md_close (md);
return 0;
}
/* Transform a passphrase into a suitable key of length KEYSIZE and
store this key in the caller provided buffer KEYBUFFER. The caller
must provide PRFALGO which indicates the pseudorandom function to
use: This shall be the algorithms id of a hash algorithm; it is
used in HMAC mode. SALT is a salt of length SALTLEN and ITERATIONS
gives the number of iterations. */
gpg_err_code_t
pkdf2 (const void *passphrase, size_t passphraselen,
int hashalgo,
const void *salt, size_t saltlen,
unsigned long iterations,
size_t keysize, void *keybuffer)
{
gpg_err_code_t ec;
gcry_md_hd_t md;
int secmode;
unsigned int dklen = keysize;
char *dk = keybuffer;
unsigned int hlen; /* Output length of the digest function. */
unsigned int l; /* Rounded up number of blocks. */
unsigned int r; /* Number of octets in the last block. */
char *sbuf; /* Malloced buffer to concatenate salt and iter
as well as space to hold TBUF and UBUF. */
char *tbuf; /* Buffer for T; ptr into SBUF, size is HLEN. */
char *ubuf; /* Buffer for U; ptr into SBUF, size is HLEN. */
unsigned int lidx; /* Current block number. */
unsigned long iter; /* Current iteration number. */
unsigned int i;
if (!salt || !saltlen || !iterations || !dklen)
return GPG_ERR_INV_VALUE;
hlen = gcry_md_get_algo_dlen (hashalgo);
if (!hlen)
return GPG_ERR_DIGEST_ALGO;
secmode = gcry_is_secure (passphrase) || gcry_is_secure (keybuffer);
/* We ignore step 1 from pksc5v2.1 which demands a check that dklen
is not larger that 0xffffffff * hlen. */
/* Step 2 */
l = ((dklen - 1)/ hlen) + 1;
r = dklen - (l - 1) * hlen;
/* Setup buffers and prepare a hash context. */
sbuf = (secmode
? gcry_malloc_secure (saltlen + 4 + hlen + hlen)
: gcry_malloc (saltlen + 4 + hlen + hlen));
if (!sbuf)
return gpg_err_code_from_syserror ();
tbuf = sbuf + saltlen + 4;
ubuf = tbuf + hlen;
ec = gpg_err_code (gcry_md_open (&md, hashalgo,
(GCRY_MD_FLAG_HMAC
| (secmode?GCRY_MD_FLAG_SECURE:0))));
if (ec)
{
gcry_free (sbuf);
return ec;
}
/* Step 3 and 4. */
memcpy (sbuf, salt, saltlen);
for (lidx = 1; lidx <= l; lidx++)
{
for (iter = 0; iter < iterations; iter++)
{
ec = gpg_err_code (gcry_md_setkey (md, passphrase, passphraselen));
if (ec)
{
gcry_md_close (md);
gcry_free (sbuf);
return ec;
}
if (!iter) /* Compute U_1: */
{
sbuf[saltlen] = (lidx >> 24);
sbuf[saltlen + 1] = (lidx >> 16);
sbuf[saltlen + 2] = (lidx >> 8);
sbuf[saltlen + 3] = lidx;
gcry_md_write (md, sbuf, saltlen + 4);
memcpy (ubuf, gcry_md_read (md, 0), hlen);
memcpy (tbuf, ubuf, hlen);
}
else /* Compute U_(2..c): */
{
gcry_md_write (md, ubuf, hlen);
memcpy (ubuf, gcry_md_read (md, 0), hlen);
for (i=0; i < hlen; i++)
tbuf[i] ^= ubuf[i];
}
}
if (lidx == l) /* Last block. */
memcpy (dk, tbuf, r);
else
{
memcpy (dk, tbuf, hlen);
dk += hlen;
}
}
gcry_md_close (md);
gcry_free (sbuf);
return 0;
}
/* Derive a key from a passphrase. KEYSIZE gives the requested size
of the keys in octets. KEYBUFFER is a caller provided buffer
filled on success with the derived key. The input passphrase is
taken from (PASSPHRASE,PASSPHRASELEN) which is an arbitrary memory
buffer. ALGO specifies the KDF algorithm to use; these are the
constants GCRY_KDF_*. SUBALGO specifies an algorithm used
internally by the KDF algorithms; this is usually a hash algorithm
but certain KDF algorithm may use it differently. {SALT,SALTLEN}
is a salt as needed by most KDF algorithms. ITERATIONS is a
positive integer parameter to most KDFs. 0 is returned on success,
or an error code on failure. */
gpg_error_t
gcry_kdf_derive (const void *passphrase, size_t passphraselen,
int algo, int subalgo,
const void *salt, size_t saltlen,
unsigned long iterations,
size_t keysize, void *keybuffer)
{
gpg_err_code_t ec;
if (!passphrase || (!passphraselen && algo != GCRY_KDF_PBKDF2))
{
ec = GPG_ERR_INV_DATA;
goto leave;
}
if (!keybuffer || !keysize)
{
ec = GPG_ERR_INV_VALUE;
goto leave;
}
switch (algo)
{
case GCRY_KDF_SIMPLE_S2K:
case GCRY_KDF_SALTED_S2K:
case GCRY_KDF_ITERSALTED_S2K:
ec = openpgp_s2k (passphrase, passphraselen, algo, subalgo,
salt, saltlen, iterations, keysize, keybuffer);
break;
case GCRY_KDF_PBKDF1:
ec = GPG_ERR_UNSUPPORTED_ALGORITHM;
break;
case GCRY_KDF_PBKDF2:
ec = pkdf2 (passphrase, passphraselen, subalgo,
salt, saltlen, iterations, keysize, keybuffer);
break;
default:
ec = GPG_ERR_UNKNOWN_ALGORITHM;
break;
}
leave:
return gpg_error (ec);
}

View file

@ -43,15 +43,15 @@ static struct digest_table_entry
gcry_md_spec_t *digest; gcry_md_spec_t *digest;
md_extra_spec_t *extraspec; md_extra_spec_t *extraspec;
unsigned int algorithm; unsigned int algorithm;
int fips_allowed; int fips_allowed;
} digest_table[] = } digest_table[] =
{ {
#if USE_CRC #if USE_CRC
/* We allow the CRC algorithms even in FIPS mode because they are /* We allow the CRC algorithms even in FIPS mode because they are
actually no cryptographic primitives. */ actually no cryptographic primitives. */
{ &_gcry_digest_spec_crc32, { &_gcry_digest_spec_crc32,
&dummy_extra_spec, GCRY_MD_CRC32, 1 }, &dummy_extra_spec, GCRY_MD_CRC32, 1 },
{ &_gcry_digest_spec_crc32_rfc1510, { &_gcry_digest_spec_crc32_rfc1510,
&dummy_extra_spec, GCRY_MD_CRC32_RFC1510, 1 }, &dummy_extra_spec, GCRY_MD_CRC32_RFC1510, 1 },
{ &_gcry_digest_spec_crc24_rfc2440, { &_gcry_digest_spec_crc24_rfc2440,
&dummy_extra_spec, GCRY_MD_CRC24_RFC2440, 1 }, &dummy_extra_spec, GCRY_MD_CRC24_RFC2440, 1 },
@ -69,7 +69,7 @@ static struct digest_table_entry
&dummy_extra_spec, GCRY_MD_RMD160 }, &dummy_extra_spec, GCRY_MD_RMD160 },
#endif #endif
#if USE_SHA1 #if USE_SHA1
{ &_gcry_digest_spec_sha1, { &_gcry_digest_spec_sha1,
&_gcry_digest_extraspec_sha1, GCRY_MD_SHA1, 1 }, &_gcry_digest_extraspec_sha1, GCRY_MD_SHA1, 1 },
#endif #endif
#if USE_SHA256 #if USE_SHA256
@ -177,7 +177,7 @@ md_register_default (void)
{ {
gcry_err_code_t err = 0; gcry_err_code_t err = 0;
int i; int i;
for (i = 0; !err && digest_table[i].digest; i++) for (i = 0; !err && digest_table[i].digest; i++)
{ {
if ( fips_mode ()) if ( fips_mode ())
@ -230,7 +230,7 @@ gcry_md_lookup_func_oid (void *spec, void *data)
} }
/* Internal function. Lookup a digest entry by it's name. */ /* Internal function. Lookup a digest entry by it's name. */
static gcry_module_t static gcry_module_t
gcry_md_lookup_name (const char *name) gcry_md_lookup_name (const char *name)
{ {
gcry_module_t digest; gcry_module_t digest;
@ -271,11 +271,11 @@ _gcry_md_register (gcry_md_spec_t *digest,
ath_mutex_lock (&digests_registered_lock); ath_mutex_lock (&digests_registered_lock);
err = _gcry_module_add (&digests_registered, 0, err = _gcry_module_add (&digests_registered, 0,
(void *) digest, (void *) digest,
(void *)(extraspec? extraspec : &dummy_extra_spec), (void *)(extraspec? extraspec : &dummy_extra_spec),
&mod); &mod);
ath_mutex_unlock (&digests_registered_lock); ath_mutex_unlock (&digests_registered_lock);
if (! err) if (! err)
{ {
*module = mod; *module = mod;
@ -296,7 +296,7 @@ gcry_md_unregister (gcry_module_t module)
} }
static int static int
search_oid (const char *oid, int *algorithm, gcry_md_oid_spec_t *oid_spec) search_oid (const char *oid, int *algorithm, gcry_md_oid_spec_t *oid_spec)
{ {
gcry_module_t module; gcry_module_t module;
@ -567,7 +567,7 @@ md_enable (gcry_md_hd_t hd, int algorithm)
else else
digest = (gcry_md_spec_t *) module->spec; digest = (gcry_md_spec_t *) module->spec;
if (!err && algorithm == GCRY_MD_MD5 && fips_mode ()) if (!err && algorithm == GCRY_MD_MD5 && fips_mode ())
{ {
_gcry_inactivate_fips_mode ("MD5 used"); _gcry_inactivate_fips_mode ("MD5 used");
@ -578,7 +578,7 @@ md_enable (gcry_md_hd_t hd, int algorithm)
err = GPG_ERR_DIGEST_ALGO; err = GPG_ERR_DIGEST_ALGO;
} }
} }
if (!err) if (!err)
{ {
size_t size = (sizeof (*entry) size_t size = (sizeof (*entry)
@ -635,7 +635,7 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
GcryDigestEntry *ar, *br; GcryDigestEntry *ar, *br;
gcry_md_hd_t bhd; gcry_md_hd_t bhd;
size_t n; size_t n;
if (ahd->bufpos) if (ahd->bufpos)
md_write (ahd, NULL, 0); md_write (ahd, NULL, 0);
@ -697,7 +697,7 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
- sizeof (ar->context))); - sizeof (ar->context)));
br->next = b->list; br->next = b->list;
b->list = br; b->list = br;
/* Add a reference to the module. */ /* Add a reference to the module. */
ath_mutex_lock (&digests_registered_lock); ath_mutex_lock (&digests_registered_lock);
_gcry_module_use (br->module); _gcry_module_use (br->module);
@ -787,7 +787,7 @@ static void
md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen) md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen)
{ {
GcryDigestEntry *r; GcryDigestEntry *r;
if (a->ctx->debug) if (a->ctx->debug)
{ {
if (a->bufpos && fwrite (a->buf, a->bufpos, 1, a->ctx->debug) != 1) if (a->bufpos && fwrite (a->buf, a->bufpos, 1, a->ctx->debug) != 1)
@ -838,8 +838,8 @@ md_final (gcry_md_hd_t a)
if (err) if (err)
_gcry_fatal_error (err, NULL); _gcry_fatal_error (err, NULL);
md_write (om, md_write (om,
(a->ctx->macpads)+(a->ctx->macpads_Bsize), (a->ctx->macpads)+(a->ctx->macpads_Bsize),
a->ctx->macpads_Bsize); a->ctx->macpads_Bsize);
md_write (om, p, dlen); md_write (om, p, dlen);
md_final (om); md_final (om);
@ -860,7 +860,7 @@ prepare_macpads (gcry_md_hd_t hd, const unsigned char *key, size_t keylen)
if (!algo) if (!algo)
return GPG_ERR_DIGEST_ALGO; /* Might happen if no algo is enabled. */ return GPG_ERR_DIGEST_ALGO; /* Might happen if no algo is enabled. */
if ( keylen > hd->ctx->macpads_Bsize ) if ( keylen > hd->ctx->macpads_Bsize )
{ {
helpkey = gcry_malloc_secure (md_digest_length (algo)); helpkey = gcry_malloc_secure (md_digest_length (algo));
if (!helpkey) if (!helpkey)
@ -876,7 +876,7 @@ prepare_macpads (gcry_md_hd_t hd, const unsigned char *key, size_t keylen)
opad = (hd->ctx->macpads)+(hd->ctx->macpads_Bsize); opad = (hd->ctx->macpads)+(hd->ctx->macpads_Bsize);
memcpy ( ipad, key, keylen ); memcpy ( ipad, key, keylen );
memcpy ( opad, key, keylen ); memcpy ( opad, key, keylen );
for (i=0; i < hd->ctx->macpads_Bsize; i++ ) for (i=0; i < hd->ctx->macpads_Bsize; i++ )
{ {
ipad[i] ^= 0x36; ipad[i] ^= 0x36;
opad[i] ^= 0x5c; opad[i] ^= 0x5c;
@ -890,7 +890,7 @@ gcry_error_t
gcry_md_ctl (gcry_md_hd_t hd, int cmd, void *buffer, size_t buflen) gcry_md_ctl (gcry_md_hd_t hd, int cmd, void *buffer, size_t buflen)
{ {
gcry_err_code_t rc = 0; gcry_err_code_t rc = 0;
switch (cmd) switch (cmd)
{ {
case GCRYCTL_FINALIZE: case GCRYCTL_FINALIZE:
@ -1167,7 +1167,7 @@ gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes)
{ {
const char unsigned *asn; const char unsigned *asn;
size_t asnlen; size_t asnlen;
asn = md_asn_oid (algo, &asnlen, NULL); asn = md_asn_oid (algo, &asnlen, NULL);
if (buffer && (*nbytes >= asnlen)) if (buffer && (*nbytes >= asnlen))
{ {
@ -1202,7 +1202,7 @@ md_start_debug ( gcry_md_hd_t md, const char *suffix )
if (fips_mode ()) if (fips_mode ())
return; return;
if ( md->ctx->debug ) if ( md->ctx->debug )
{ {
log_debug("Oops: md debug already started\n"); log_debug("Oops: md debug already started\n");
@ -1232,6 +1232,7 @@ md_stop_debug( gcry_md_hd_t md )
volatile u64 b = 42; volatile u64 b = 42;
volatile u64 c; volatile u64 c;
c = a * b; c = a * b;
(void)c;
} }
#endif #endif
} }
@ -1268,7 +1269,7 @@ gcry_md_info (gcry_md_hd_t h, int cmd, void *buffer, size_t *nbytes)
else else
{ {
algo = *(int*)buffer; algo = *(int*)buffer;
*nbytes = 0; *nbytes = 0;
for(r=h->ctx->list; r; r = r->next ) { for(r=h->ctx->list; r; r = r->next ) {
if (r->module->mod_id == algo) if (r->module->mod_id == algo)
@ -1302,7 +1303,7 @@ _gcry_md_init (void)
int int
gcry_md_is_secure (gcry_md_hd_t a) gcry_md_is_secure (gcry_md_hd_t a)
{ {
size_t value; size_t value;
@ -1314,7 +1315,7 @@ gcry_md_is_secure (gcry_md_hd_t a)
int int
gcry_md_is_enabled (gcry_md_hd_t a, int algo) gcry_md_is_enabled (gcry_md_hd_t a, int algo)
{ {
size_t value; size_t value;
@ -1366,7 +1367,7 @@ _gcry_md_selftest (int algo, int extended, selftest_report_func_t report)
{ {
ec = GPG_ERR_DIGEST_ALGO; ec = GPG_ERR_DIGEST_ALGO;
if (report) if (report)
report ("digest", algo, "module", report ("digest", algo, "module",
module && !(module->flags & FLAG_MODULE_DISABLED)? module && !(module->flags & FLAG_MODULE_DISABLED)?
"no selftest available" : "no selftest available" :
module? "algorithm disabled" : "algorithm not found"); module? "algorithm disabled" : "algorithm not found");

View file

@ -198,7 +198,7 @@ md4_write ( void *context, const void *inbuf_arg, size_t inlen)
MD4_CONTEXT *hd = context; MD4_CONTEXT *hd = context;
if( hd->count == 64 ) /* flush the buffer */ if( hd->count == 64 ) /* flush the buffer */
{ {
transform( hd, hd->buf ); transform( hd, hd->buf );
_gcry_burn_stack (80+6*sizeof(void*)); _gcry_burn_stack (80+6*sizeof(void*));
hd->count = 0; hd->count = 0;
@ -259,15 +259,15 @@ md4_final( void *context )
lsb <<= 3; lsb <<= 3;
msb <<= 3; msb <<= 3;
msb |= t >> 29; msb |= t >> 29;
if( hd->count < 56 ) /* enough room */ if( hd->count < 56 ) /* enough room */
{ {
hd->buf[hd->count++] = 0x80; /* pad */ hd->buf[hd->count++] = 0x80; /* pad */
while( hd->count < 56 ) while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */ hd->buf[hd->count++] = 0; /* pad */
} }
else /* need one extra block */ else /* need one extra block */
{ {
hd->buf[hd->count++] = 0x80; /* pad character */ hd->buf[hd->count++] = 0x80; /* pad character */
while( hd->count < 64 ) while( hd->count < 64 )
hd->buf[hd->count++] = 0; hd->buf[hd->count++] = 0;
@ -325,4 +325,3 @@ gcry_md_spec_t _gcry_digest_spec_md4 =
md4_init, md4_write, md4_final, md4_read, md4_init, md4_write, md4_final, md4_read,
sizeof (MD4_CONTEXT) sizeof (MD4_CONTEXT)
}; };

View file

@ -20,8 +20,8 @@
* *
* According to the definition of MD5 in RFC 1321 from April 1992. * According to the definition of MD5 in RFC 1321 from April 1992.
* NOTE: This is *not* the same file as the one from glibc. * NOTE: This is *not* the same file as the one from glibc.
* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. * Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995.
* heavily modified for GnuPG by Werner Koch <wk@gnupg.org> * heavily modified for GnuPG by Werner Koch <wk@gnupg.org>
*/ */
/* Test values: /* Test values:
@ -87,9 +87,9 @@ transform ( MD5_CONTEXT *ctx, const unsigned char *data )
register u32 C = ctx->C; register u32 C = ctx->C;
register u32 D = ctx->D; register u32 D = ctx->D;
u32 *cwp = correct_words; u32 *cwp = correct_words;
#ifdef WORDS_BIGENDIAN #ifdef WORDS_BIGENDIAN
{ {
int i; int i;
byte *p2; byte *p2;
const byte *p1; const byte *p1;
@ -221,7 +221,7 @@ md5_write( void *context, const void *inbuf_arg , size_t inlen)
{ {
const unsigned char *inbuf = inbuf_arg; const unsigned char *inbuf = inbuf_arg;
MD5_CONTEXT *hd = context; MD5_CONTEXT *hd = context;
if( hd->count == 64 ) /* flush the buffer */ if( hd->count == 64 ) /* flush the buffer */
{ {
transform( hd, hd->buf ); transform( hd, hd->buf );
@ -242,7 +242,7 @@ md5_write( void *context, const void *inbuf_arg , size_t inlen)
} }
_gcry_burn_stack (80+6*sizeof(void*)); _gcry_burn_stack (80+6*sizeof(void*));
while( inlen >= 64 ) while( inlen >= 64 )
{ {
transform( hd, inbuf ); transform( hd, inbuf );
hd->count = 0; hd->count = 0;
@ -269,7 +269,7 @@ md5_final( void *context)
MD5_CONTEXT *hd = context; MD5_CONTEXT *hd = context;
u32 t, msb, lsb; u32 t, msb, lsb;
byte *p; byte *p;
md5_write(hd, NULL, 0); /* flush */; md5_write(hd, NULL, 0); /* flush */;
t = hd->nblocks; t = hd->nblocks;

View file

@ -31,7 +31,7 @@
#include "cipher.h" #include "cipher.h"
#include "ath.h" #include "ath.h"
static gcry_mpi_t gen_prime (unsigned int nbits, int secret, int randomlevel, static gcry_mpi_t gen_prime (unsigned int nbits, int secret, int randomlevel,
int (*extra_check)(void *, gcry_mpi_t), int (*extra_check)(void *, gcry_mpi_t),
void *extra_check_arg); void *extra_check_arg);
static int check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds, static int check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds,
@ -132,7 +132,7 @@ static int no_of_small_prime_numbers = DIM (small_prime_numbers) - 1;
/* An object and a list to build up a global pool of primes. See /* An object and a list to build up a global pool of primes. See
save_pool_prime and get_pool_prime. */ save_pool_prime and get_pool_prime. */
struct primepool_s struct primepool_s
{ {
struct primepool_s *next; struct primepool_s *next;
gcry_mpi_t prime; /* If this is NULL the entry is not used. */ gcry_mpi_t prime; /* If this is NULL the entry is not used. */
@ -163,7 +163,7 @@ save_pool_prime (gcry_mpi_t prime, gcry_random_level_t randomlevel)
/* Remove some of the entries. Our strategy is removing /* Remove some of the entries. Our strategy is removing
the last third from the list. */ the last third from the list. */
int i; int i;
for (i=0, item2 = primepool; item2; item2 = item2->next) for (i=0, item2 = primepool; item2; item2 = item2->next)
{ {
if (i >= n/3*2) if (i >= n/3*2)
@ -182,7 +182,7 @@ save_pool_prime (gcry_mpi_t prime, gcry_random_level_t randomlevel)
{ {
/* Out of memory. Silently giving up. */ /* Out of memory. Silently giving up. */
gcry_mpi_release (prime); gcry_mpi_release (prime);
return; return;
} }
item->next = primepool; item->next = primepool;
primepool = item; primepool = item;
@ -359,7 +359,7 @@ prime_generate_internal (int need_q_factor,
fbits = (pbits - req_qbits -1) / n; fbits = (pbits - req_qbits -1) / n;
qbits = pbits - n * fbits; qbits = pbits - n * fbits;
} }
if (DBG_CIPHER) if (DBG_CIPHER)
log_debug ("gen prime: pbits=%u qbits=%u fbits=%u/%u n=%d\n", log_debug ("gen prime: pbits=%u qbits=%u fbits=%u/%u n=%d\n",
pbits, req_qbits, qbits, fbits, n); pbits, req_qbits, qbits, fbits, n);
@ -373,7 +373,7 @@ prime_generate_internal (int need_q_factor,
/* Generate a specific Q-Factor if requested. */ /* Generate a specific Q-Factor if requested. */
if (need_q_factor) if (need_q_factor)
q_factor = gen_prime (req_qbits, is_secret, randomlevel, NULL, NULL); q_factor = gen_prime (req_qbits, is_secret, randomlevel, NULL, NULL);
/* Allocate an array to hold all factors + 2 for later usage. */ /* Allocate an array to hold all factors + 2 for later usage. */
factors = gcry_calloc (n + 2, sizeof (*factors)); factors = gcry_calloc (n + 2, sizeof (*factors));
if (!factors) if (!factors)
@ -391,10 +391,10 @@ prime_generate_internal (int need_q_factor,
} }
for (i=0; i < n; i++) for (i=0; i < n; i++)
pool_in_use[i] = -1; pool_in_use[i] = -1;
/* Make a pool of 3n+5 primes (this is an arbitrary value). We /* Make a pool of 3n+5 primes (this is an arbitrary value). We
require at least 30 primes for are useful selection process. require at least 30 primes for are useful selection process.
Fixme: We need to research the best formula for sizing the pool. Fixme: We need to research the best formula for sizing the pool.
*/ */
m = n * 3 + 5; m = n * 3 + 5;
@ -443,7 +443,7 @@ prime_generate_internal (int need_q_factor,
is_locked = 1; is_locked = 1;
for (i = 0; i < n; i++) for (i = 0; i < n; i++)
{ {
perms[i] = 1; perms[i] = 1;
/* At a maximum we use strong random for the factors. /* At a maximum we use strong random for the factors.
This saves us a lot of entropy. Given that Q and This saves us a lot of entropy. Given that Q and
possible Q-factor are also used in the final prime possible Q-factor are also used in the final prime
@ -523,12 +523,12 @@ prime_generate_internal (int need_q_factor,
gcry_free (perms); gcry_free (perms);
perms = NULL; perms = NULL;
progress ('!'); progress ('!');
goto next_try; goto next_try;
} }
} }
/* Generate next prime candidate: /* Generate next prime candidate:
p = 2 * q [ * q_factor] * factor_0 * factor_1 * ... * factor_n + 1. p = 2 * q [ * q_factor] * factor_0 * factor_1 * ... * factor_n + 1.
*/ */
mpi_set (prime, q); mpi_set (prime, q);
mpi_mul_ui (prime, prime, 2); mpi_mul_ui (prime, prime, 2);
@ -553,7 +553,7 @@ prime_generate_internal (int need_q_factor,
} }
else else
count1 = 0; count1 = 0;
if (nprime > pbits) if (nprime > pbits)
{ {
if (++count2 > 20) if (++count2 > 20)
@ -624,14 +624,14 @@ prime_generate_internal (int need_q_factor,
factors_new[i] = mpi_copy (factors[i]); factors_new[i] = mpi_copy (factors[i]);
} }
} }
if (g) if (g)
{ {
/* Create a generator (start with 3). */ /* Create a generator (start with 3). */
gcry_mpi_t tmp = mpi_alloc (mpi_get_nlimbs (prime)); gcry_mpi_t tmp = mpi_alloc (mpi_get_nlimbs (prime));
gcry_mpi_t b = mpi_alloc (mpi_get_nlimbs (prime)); gcry_mpi_t b = mpi_alloc (mpi_get_nlimbs (prime));
gcry_mpi_t pmin1 = mpi_alloc (mpi_get_nlimbs (prime)); gcry_mpi_t pmin1 = mpi_alloc (mpi_get_nlimbs (prime));
if (need_q_factor) if (need_q_factor)
err = GPG_ERR_NOT_IMPLEMENTED; err = GPG_ERR_NOT_IMPLEMENTED;
else else
@ -662,7 +662,7 @@ prime_generate_internal (int need_q_factor,
} }
if (DBG_CIPHER) if (DBG_CIPHER)
progress('\n'); progress('\n');
} }
while (i < n + 2); while (i < n + 2);
mpi_free (factors[n+1]); mpi_free (factors[n+1]);
@ -671,7 +671,7 @@ prime_generate_internal (int need_q_factor,
mpi_free (pmin1); mpi_free (pmin1);
} }
} }
if (! DBG_CIPHER) if (! DBG_CIPHER)
progress ('\n'); progress ('\n');
@ -738,19 +738,19 @@ gcry_mpi_t
_gcry_generate_elg_prime (int mode, unsigned pbits, unsigned qbits, _gcry_generate_elg_prime (int mode, unsigned pbits, unsigned qbits,
gcry_mpi_t g, gcry_mpi_t **ret_factors) gcry_mpi_t g, gcry_mpi_t **ret_factors)
{ {
gcry_err_code_t err = GPG_ERR_NO_ERROR;
gcry_mpi_t prime = NULL; gcry_mpi_t prime = NULL;
err = prime_generate_internal ((mode == 1), &prime, pbits, qbits, g, if (prime_generate_internal ((mode == 1), &prime, pbits, qbits, g,
ret_factors, GCRY_WEAK_RANDOM, 0, 0, ret_factors, GCRY_WEAK_RANDOM, 0, 0,
NULL, NULL); NULL, NULL))
prime = NULL; /* (Should be NULL in the error case anyway.) */
return prime; return prime;
} }
static gcry_mpi_t static gcry_mpi_t
gen_prime (unsigned int nbits, int secret, int randomlevel, gen_prime (unsigned int nbits, int secret, int randomlevel,
int (*extra_check)(void *, gcry_mpi_t), void *extra_check_arg) int (*extra_check)(void *, gcry_mpi_t), void *extra_check_arg)
{ {
gcry_mpi_t prime, ptest, pminus1, val_2, val_3, result; gcry_mpi_t prime, ptest, pminus1, val_2, val_3, result;
@ -758,7 +758,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
unsigned int x, step; unsigned int x, step;
unsigned int count1, count2; unsigned int count1, count2;
int *mods; int *mods;
/* if ( DBG_CIPHER ) */ /* if ( DBG_CIPHER ) */
/* log_debug ("generate a prime of %u bits ", nbits ); */ /* log_debug ("generate a prime of %u bits ", nbits ); */
@ -777,10 +777,10 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
for (;;) for (;;)
{ /* try forvever */ { /* try forvever */
int dotcount=0; int dotcount=0;
/* generate a random number */ /* generate a random number */
gcry_mpi_randomize( prime, nbits, randomlevel ); gcry_mpi_randomize( prime, nbits, randomlevel );
/* Set high order bit to 1, set low order bit to 1. If we are /* Set high order bit to 1, set low order bit to 1. If we are
generating a secret prime we are most probably doing that generating a secret prime we are most probably doing that
for RSA, to make sure that the modulus does have the for RSA, to make sure that the modulus does have the
@ -789,17 +789,17 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
if (secret) if (secret)
mpi_set_bit (prime, nbits-2); mpi_set_bit (prime, nbits-2);
mpi_set_bit(prime, 0); mpi_set_bit(prime, 0);
/* Calculate all remainders. */ /* Calculate all remainders. */
for (i=0; (x = small_prime_numbers[i]); i++ ) for (i=0; (x = small_prime_numbers[i]); i++ )
mods[i] = mpi_fdiv_r_ui(NULL, prime, x); mods[i] = mpi_fdiv_r_ui(NULL, prime, x);
/* Now try some primes starting with prime. */ /* Now try some primes starting with prime. */
for(step=0; step < 20000; step += 2 ) for(step=0; step < 20000; step += 2 )
{ {
/* Check against all the small primes we have in mods. */ /* Check against all the small primes we have in mods. */
count1++; count1++;
for (i=0; (x = small_prime_numbers[i]); i++ ) for (i=0; (x = small_prime_numbers[i]); i++ )
{ {
while ( mods[i] + step >= x ) while ( mods[i] + step >= x )
mods[i] -= x; mods[i] -= x;
@ -808,7 +808,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
} }
if ( x ) if ( x )
continue; /* Found a multiple of an already known prime. */ continue; /* Found a multiple of an already known prime. */
mpi_add_ui( ptest, prime, step ); mpi_add_ui( ptest, prime, step );
/* Do a fast Fermat test now. */ /* Do a fast Fermat test now. */
@ -816,7 +816,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
mpi_sub_ui( pminus1, ptest, 1); mpi_sub_ui( pminus1, ptest, 1);
gcry_mpi_powm( result, val_2, pminus1, ptest ); gcry_mpi_powm( result, val_2, pminus1, ptest );
if ( !mpi_cmp_ui( result, 1 ) ) if ( !mpi_cmp_ui( result, 1 ) )
{ {
/* Not composite, perform stronger tests */ /* Not composite, perform stronger tests */
if (is_prime(ptest, 5, &count2 )) if (is_prime(ptest, 5, &count2 ))
{ {
@ -828,13 +828,13 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
} }
if (extra_check && extra_check (extra_check_arg, ptest)) if (extra_check && extra_check (extra_check_arg, ptest))
{ {
/* The extra check told us that this prime is /* The extra check told us that this prime is
not of the caller's taste. */ not of the caller's taste. */
progress ('/'); progress ('/');
} }
else else
{ {
/* Got it. */ /* Got it. */
mpi_free(val_2); mpi_free(val_2);
mpi_free(val_3); mpi_free(val_3);
@ -842,7 +842,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
mpi_free(pminus1); mpi_free(pminus1);
mpi_free(prime); mpi_free(prime);
gcry_free(mods); gcry_free(mods);
return ptest; return ptest;
} }
} }
} }
@ -883,7 +883,7 @@ check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds,
gcry_mpi_powm( result, val_2, pminus1, prime ); gcry_mpi_powm( result, val_2, pminus1, prime );
mpi_free( pminus1 ); mpi_free( pminus1 );
if ( mpi_cmp_ui( result, 1 ) ) if ( mpi_cmp_ui( result, 1 ) )
{ {
/* Is composite. */ /* Is composite. */
mpi_free( result ); mpi_free( result );
progress('.'); progress('.');
@ -924,7 +924,7 @@ is_prime (gcry_mpi_t n, int steps, unsigned int *count)
unsigned nbits = mpi_get_nbits( n ); unsigned nbits = mpi_get_nbits( n );
if (steps < 5) /* Make sure that we do at least 5 rounds. */ if (steps < 5) /* Make sure that we do at least 5 rounds. */
steps = 5; steps = 5;
mpi_sub_ui( nminus1, n, 1 ); mpi_sub_ui( nminus1, n, 1 );
@ -996,7 +996,7 @@ is_prime (gcry_mpi_t n, int steps, unsigned int *count)
j++; j++;
if (j == m) if (j == m)
goto ready; goto ready;
This code is based on the algorithm 452 from the "Collected This code is based on the algorithm 452 from the "Collected
Algorithms From ACM, Volume II" by C. N. Liu and D. T. Tang. Algorithms From ACM, Volume II" by C. N. Liu and D. T. Tang.
*/ */
@ -1010,7 +1010,7 @@ m_out_of_n ( char *array, int m, int n )
/* Need to handle this simple case separately. */ /* Need to handle this simple case separately. */
if( m == 1 ) if( m == 1 )
{ {
for (i=0; i < n; i++ ) for (i=0; i < n; i++ )
{ {
if ( array[i] ) if ( array[i] )
@ -1060,7 +1060,7 @@ m_out_of_n ( char *array, int m, int n )
else else
k1 = k2 + 1; k1 = k2 + 1;
} }
else else
{ {
/* M is even. */ /* M is even. */
if( !array[n-1] ) if( !array[n-1] )
@ -1069,7 +1069,7 @@ m_out_of_n ( char *array, int m, int n )
k2 = k1 + 1; k2 = k1 + 1;
goto leave; goto leave;
} }
if( !(j1 & 1) ) if( !(j1 & 1) )
{ {
k1 = n - j1; k1 = n - j1;
@ -1080,7 +1080,7 @@ m_out_of_n ( char *array, int m, int n )
} }
scan: scan:
jp = n - j1 - 1; jp = n - j1 - 1;
for (i=1; i <= jp; i++ ) for (i=1; i <= jp; i++ )
{ {
i1 = jp + 2 - i; i1 = jp + 2 - i;
if( array[i1-1] ) if( array[i1-1] )
@ -1128,7 +1128,7 @@ gcry_prime_generate (gcry_mpi_t *prime, unsigned int prime_bits,
if (!prime) if (!prime)
return gpg_error (GPG_ERR_INV_ARG); return gpg_error (GPG_ERR_INV_ARG);
*prime = NULL; *prime = NULL;
if (flags & GCRY_PRIME_FLAG_SPECIAL_FACTOR) if (flags & GCRY_PRIME_FLAG_SPECIAL_FACTOR)
mode = 1; mode = 1;
@ -1156,7 +1156,7 @@ gcry_prime_generate (gcry_mpi_t *prime, unsigned int prime_bits,
mpi_free (factors_generated[i]); mpi_free (factors_generated[i]);
gcry_free (factors_generated); gcry_free (factors_generated);
} }
err = GPG_ERR_GENERAL; err = GPG_ERR_GENERAL;
} }
} }
@ -1207,29 +1207,29 @@ gcry_prime_group_generator (gcry_mpi_t *r_g,
if (!factors || !r_g || !prime) if (!factors || !r_g || !prime)
return gpg_error (GPG_ERR_INV_ARG); return gpg_error (GPG_ERR_INV_ARG);
*r_g = NULL; *r_g = NULL;
for (n=0; factors[n]; n++) for (n=0; factors[n]; n++)
; ;
if (n < 2) if (n < 2)
return gpg_error (GPG_ERR_INV_ARG); return gpg_error (GPG_ERR_INV_ARG);
/* Extra sanity check - usually disabled. */ /* Extra sanity check - usually disabled. */
/* mpi_set (tmp, factors[0]); */ /* mpi_set (tmp, factors[0]); */
/* for(i = 1; i < n; i++) */ /* for(i = 1; i < n; i++) */
/* mpi_mul (tmp, tmp, factors[i]); */ /* mpi_mul (tmp, tmp, factors[i]); */
/* mpi_add_ui (tmp, tmp, 1); */ /* mpi_add_ui (tmp, tmp, 1); */
/* if (mpi_cmp (prime, tmp)) */ /* if (mpi_cmp (prime, tmp)) */
/* return gpg_error (GPG_ERR_INV_ARG); */ /* return gpg_error (GPG_ERR_INV_ARG); */
gcry_mpi_sub_ui (pmin1, prime, 1); gcry_mpi_sub_ui (pmin1, prime, 1);
do do
{ {
if (first) if (first)
first = 0; first = 0;
else else
gcry_mpi_add_ui (g, g, 1); gcry_mpi_add_ui (g, g, 1);
if (DBG_CIPHER) if (DBG_CIPHER)
{ {
log_debug ("checking g:"); log_debug ("checking g:");
@ -1238,7 +1238,7 @@ gcry_prime_group_generator (gcry_mpi_t *r_g,
} }
else else
progress('^'); progress('^');
for (i = 0; i < n; i++) for (i = 0; i < n; i++)
{ {
mpi_fdiv_q (tmp, pmin1, factors[i]); mpi_fdiv_q (tmp, pmin1, factors[i]);
@ -1250,13 +1250,13 @@ gcry_prime_group_generator (gcry_mpi_t *r_g,
progress('\n'); progress('\n');
} }
while (i < n); while (i < n);
gcry_mpi_release (tmp);
gcry_mpi_release (b);
gcry_mpi_release (pmin1);
*r_g = g;
return 0; gcry_mpi_release (tmp);
gcry_mpi_release (b);
gcry_mpi_release (pmin1);
*r_g = g;
return 0;
} }
/* Convenience function to release the factors array. */ /* Convenience function to release the factors array. */
@ -1266,7 +1266,7 @@ gcry_prime_release_factors (gcry_mpi_t *factors)
if (factors) if (factors)
{ {
int i; int i;
for (i=0; factors[i]; i++) for (i=0; factors[i]; i++)
mpi_free (factors[i]); mpi_free (factors[i]);
gcry_free (factors); gcry_free (factors);
@ -1279,11 +1279,11 @@ gcry_prime_release_factors (gcry_mpi_t *factors)
static gcry_mpi_t static gcry_mpi_t
find_x931_prime (const gcry_mpi_t pfirst) find_x931_prime (const gcry_mpi_t pfirst)
{ {
gcry_mpi_t val_2 = mpi_alloc_set_ui (2); gcry_mpi_t val_2 = mpi_alloc_set_ui (2);
gcry_mpi_t prime; gcry_mpi_t prime;
prime = gcry_mpi_copy (pfirst); prime = gcry_mpi_copy (pfirst);
/* If P is even add 1. */ /* If P is even add 1. */
mpi_set_bit (prime, 0); mpi_set_bit (prime, 0);
/* We use 64 Rabin-Miller rounds which is better and thus /* We use 64 Rabin-Miller rounds which is better and thus
@ -1299,7 +1299,7 @@ find_x931_prime (const gcry_mpi_t pfirst)
} }
/* Generate a prime using the algorithm from X9.31 appendix B.4. /* Generate a prime using the algorithm from X9.31 appendix B.4.
This function requires that the provided public exponent E is odd. This function requires that the provided public exponent E is odd.
XP, XP1 and XP2 are the seed values. All values are mandatory. XP, XP1 and XP2 are the seed values. All values are mandatory.
@ -1308,7 +1308,7 @@ find_x931_prime (const gcry_mpi_t pfirst)
internal values P1 and P2 are saved at these addresses. On error internal values P1 and P2 are saved at these addresses. On error
NULL is returned. */ NULL is returned. */
gcry_mpi_t gcry_mpi_t
_gcry_derive_x931_prime (const gcry_mpi_t xp, _gcry_derive_x931_prime (const gcry_mpi_t xp,
const gcry_mpi_t xp1, const gcry_mpi_t xp2, const gcry_mpi_t xp1, const gcry_mpi_t xp2,
const gcry_mpi_t e, const gcry_mpi_t e,
gcry_mpi_t *r_p1, gcry_mpi_t *r_p2) gcry_mpi_t *r_p1, gcry_mpi_t *r_p2)
@ -1327,20 +1327,20 @@ _gcry_derive_x931_prime (const gcry_mpi_t xp,
{ {
gcry_mpi_t r1, tmp; gcry_mpi_t r1, tmp;
/* r1 = (p2^{-1} mod p1)p2 - (p1^{-1} mod p2) */ /* r1 = (p2^{-1} mod p1)p2 - (p1^{-1} mod p2) */
tmp = mpi_alloc_like (p1); tmp = mpi_alloc_like (p1);
mpi_invm (tmp, p2, p1); mpi_invm (tmp, p2, p1);
mpi_mul (tmp, tmp, p2); mpi_mul (tmp, tmp, p2);
r1 = tmp; r1 = tmp;
tmp = mpi_alloc_like (p2); tmp = mpi_alloc_like (p2);
mpi_invm (tmp, p1, p2); mpi_invm (tmp, p1, p2);
mpi_mul (tmp, tmp, p1); mpi_mul (tmp, tmp, p1);
mpi_sub (r1, r1, tmp); mpi_sub (r1, r1, tmp);
/* Fixup a negative value. */ /* Fixup a negative value. */
if (mpi_is_neg (r1)) if (mpi_is_neg (r1))
mpi_add (r1, r1, p1p2); mpi_add (r1, r1, p1p2);
/* yp0 = xp + (r1 - xp mod p1*p2) */ /* yp0 = xp + (r1 - xp mod p1*p2) */
@ -1350,7 +1350,7 @@ _gcry_derive_x931_prime (const gcry_mpi_t xp,
mpi_free (r1); mpi_free (r1);
/* Fixup a negative value. */ /* Fixup a negative value. */
if (mpi_cmp (yp0, xp) < 0 ) if (mpi_cmp (yp0, xp) < 0 )
mpi_add (yp0, yp0, p1p2); mpi_add (yp0, yp0, p1p2);
} }
@ -1378,10 +1378,10 @@ _gcry_derive_x931_prime (const gcry_mpi_t xp,
*/ */
{ {
gcry_mpi_t val_2 = mpi_alloc_set_ui (2); gcry_mpi_t val_2 = mpi_alloc_set_ui (2);
gcry_mpi_t gcdtmp = mpi_alloc_like (yp0); gcry_mpi_t gcdtmp = mpi_alloc_like (yp0);
int gcdres; int gcdres;
mpi_sub_ui (p1p2, p1p2, 1); /* Adjust for loop body. */ mpi_sub_ui (p1p2, p1p2, 1); /* Adjust for loop body. */
mpi_sub_ui (yp0, yp0, 1); /* Ditto. */ mpi_sub_ui (yp0, yp0, 1); /* Ditto. */
for (;;) for (;;)
@ -1453,7 +1453,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
; /* No seed value given: We are asked to generate it. */ ; /* No seed value given: We are asked to generate it. */
else if (!seed || seedlen < qbits/8) else if (!seed || seedlen < qbits/8)
return GPG_ERR_INV_ARG; return GPG_ERR_INV_ARG;
/* Allocate a buffer to later compute SEED+some_increment. */ /* Allocate a buffer to later compute SEED+some_increment. */
seed_plus = gcry_malloc (seedlen < 20? 20:seedlen); seed_plus = gcry_malloc (seedlen < 20? 20:seedlen);
if (!seed_plus) if (!seed_plus)
@ -1468,7 +1468,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
value_w = gcry_mpi_new (pbits); value_w = gcry_mpi_new (pbits);
value_x = gcry_mpi_new (pbits); value_x = gcry_mpi_new (pbits);
restart: restart:
/* Generate Q. */ /* Generate Q. */
for (;;) for (;;)
{ {
@ -1479,7 +1479,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
gcry_create_nonce (seed_help_buffer, seedlen); gcry_create_nonce (seed_help_buffer, seedlen);
seed = seed_help_buffer; seed = seed_help_buffer;
} }
/* Step 2: U = sha1(seed) ^ sha1((seed+1) mod 2^{qbits}) */ /* Step 2: U = sha1(seed) ^ sha1((seed+1) mod 2^{qbits}) */
memcpy (seed_plus, seed, seedlen); memcpy (seed_plus, seed, seedlen);
for (i=seedlen-1; i >= 0; i--) for (i=seedlen-1; i >= 0; i--)
@ -1492,16 +1492,16 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen); gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
for (i=0; i < sizeof value_u; i++) for (i=0; i < sizeof value_u; i++)
value_u[i] ^= digest[i]; value_u[i] ^= digest[i];
/* Step 3: Form q from U */ /* Step 3: Form q from U */
gcry_mpi_release (prime_q); prime_q = NULL; gcry_mpi_release (prime_q); prime_q = NULL;
ec = gpg_err_code (gcry_mpi_scan (&prime_q, GCRYMPI_FMT_USG, ec = gpg_err_code (gcry_mpi_scan (&prime_q, GCRYMPI_FMT_USG,
value_u, sizeof value_u, NULL)); value_u, sizeof value_u, NULL));
if (ec) if (ec)
goto leave; goto leave;
mpi_set_highbit (prime_q, qbits-1 ); mpi_set_highbit (prime_q, qbits-1 );
mpi_set_bit (prime_q, 0); mpi_set_bit (prime_q, 0);
/* Step 4: Test whether Q is prime using 64 round of Rabin-Miller. */ /* Step 4: Test whether Q is prime using 64 round of Rabin-Miller. */
if (check_prime (prime_q, val_2, 64, NULL, NULL)) if (check_prime (prime_q, val_2, 64, NULL, NULL))
break; /* Yes, Q is prime. */ break; /* Yes, Q is prime. */
@ -1509,7 +1509,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
/* Step 5. */ /* Step 5. */
seed = NULL; /* Force a new seed at Step 1. */ seed = NULL; /* Force a new seed at Step 1. */
} }
/* Step 6. Note that we do no use an explicit offset but increment /* Step 6. Note that we do no use an explicit offset but increment
SEED_PLUS accordingly. SEED_PLUS is currently SEED+1. */ SEED_PLUS accordingly. SEED_PLUS is currently SEED+1. */
counter = 0; counter = 0;
@ -1518,12 +1518,12 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
prime_p = gcry_mpi_new (pbits); prime_p = gcry_mpi_new (pbits);
for (;;) for (;;)
{ {
/* Step 7: For k = 0,...n let /* Step 7: For k = 0,...n let
V_k = sha1(seed+offset+k) mod 2^{qbits} V_k = sha1(seed+offset+k) mod 2^{qbits}
Step 8: W = V_0 + V_1*2^160 + Step 8: W = V_0 + V_1*2^160 +
... ...
+ V_{n-1}*2^{(n-1)*160} + V_{n-1}*2^{(n-1)*160}
+ (V_{n} mod 2^b)*2^{n*160} + (V_{n} mod 2^b)*2^{n*160}
*/ */
mpi_set_ui (value_w, 0); mpi_set_ui (value_w, 0);
for (value_k=0; value_k <= value_n; value_k++) for (value_k=0; value_k <= value_n; value_k++)
@ -1542,7 +1542,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
break; break;
} }
gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen); gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
gcry_mpi_release (tmpval); tmpval = NULL; gcry_mpi_release (tmpval); tmpval = NULL;
ec = gpg_err_code (gcry_mpi_scan (&tmpval, GCRYMPI_FMT_USG, ec = gpg_err_code (gcry_mpi_scan (&tmpval, GCRYMPI_FMT_USG,
digest, sizeof digest, NULL)); digest, sizeof digest, NULL));
@ -1631,7 +1631,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits,
value is stored at R_COUNTER and the seed actually used for value is stored at R_COUNTER and the seed actually used for
generation is stored at R_SEED and R_SEEDVALUE. The hash algorithm generation is stored at R_SEED and R_SEEDVALUE. The hash algorithm
used is stored at R_HASHALGO. used is stored at R_HASHALGO.
Note that this function is very similar to the fips186_2 code. Due Note that this function is very similar to the fips186_2 code. Due
to the minor differences, other buffer sizes and for documentarion, to the minor differences, other buffer sizes and for documentarion,
we use a separate function. we use a separate function.
@ -1652,7 +1652,7 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
gcry_mpi_t tmpval = NULL; /* Helper variable. */ gcry_mpi_t tmpval = NULL; /* Helper variable. */
int hashalgo; /* The id of the Approved Hash Function. */ int hashalgo; /* The id of the Approved Hash Function. */
int i; int i;
unsigned char value_u[256/8]; unsigned char value_u[256/8];
int value_n, value_b, value_j; int value_n, value_b, value_j;
int counter; int counter;
@ -1690,10 +1690,10 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
; /* No seed value given: We are asked to generate it. */ ; /* No seed value given: We are asked to generate it. */
else if (!seed || seedlen < qbits/8) else if (!seed || seedlen < qbits/8)
return GPG_ERR_INV_ARG; return GPG_ERR_INV_ARG;
/* Allocate a buffer to later compute SEED+some_increment and a few /* Allocate a buffer to later compute SEED+some_increment and a few
helper variables. */ helper variables. */
seed_plus = gcry_malloc (seedlen < sizeof seed_help_buffer? seed_plus = gcry_malloc (seedlen < sizeof seed_help_buffer?
sizeof seed_help_buffer : seedlen); sizeof seed_help_buffer : seedlen);
if (!seed_plus) if (!seed_plus)
{ {
@ -1709,7 +1709,7 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
/* Step 4: b = L - 1 - (n * outlen) */ /* Step 4: b = L - 1 - (n * outlen) */
value_b = pbits - 1 - (value_n * qbits); value_b = pbits - 1 - (value_n * qbits);
restart: restart:
/* Generate Q. */ /* Generate Q. */
for (;;) for (;;)
{ {
@ -1721,7 +1721,7 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
gcry_create_nonce (seed_help_buffer, seedlen); gcry_create_nonce (seed_help_buffer, seedlen);
seed = seed_help_buffer; seed = seed_help_buffer;
} }
/* Step 6: U = hash(seed) */ /* Step 6: U = hash(seed) */
gcry_md_hash_buffer (hashalgo, value_u, seed, seedlen); gcry_md_hash_buffer (hashalgo, value_u, seed, seedlen);
@ -1736,12 +1736,12 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
} }
} }
gcry_mpi_release (prime_q); prime_q = NULL; gcry_mpi_release (prime_q); prime_q = NULL;
ec = gpg_err_code (gcry_mpi_scan (&prime_q, GCRYMPI_FMT_USG, ec = gpg_err_code (gcry_mpi_scan (&prime_q, GCRYMPI_FMT_USG,
value_u, sizeof value_u, NULL)); value_u, sizeof value_u, NULL));
if (ec) if (ec)
goto leave; goto leave;
mpi_set_highbit (prime_q, qbits-1 ); mpi_set_highbit (prime_q, qbits-1 );
/* Step 8: Test whether Q is prime using 64 round of Rabin-Miller. /* Step 8: Test whether Q is prime using 64 round of Rabin-Miller.
According to table C.1 this is sufficient for all According to table C.1 this is sufficient for all
supported prime sizes (i.e. up 3072/256). */ supported prime sizes (i.e. up 3072/256). */
@ -1751,7 +1751,7 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
/* Step 8. */ /* Step 8. */
seed = NULL; /* Force a new seed at Step 5. */ seed = NULL; /* Force a new seed at Step 5. */
} }
/* Step 11. Note that we do no use an explicit offset but increment /* Step 11. Note that we do no use an explicit offset but increment
SEED_PLUS accordingly. */ SEED_PLUS accordingly. */
memcpy (seed_plus, seed, seedlen); memcpy (seed_plus, seed, seedlen);
@ -1761,12 +1761,12 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
prime_p = gcry_mpi_new (pbits); prime_p = gcry_mpi_new (pbits);
for (;;) for (;;)
{ {
/* Step 11.1: For j = 0,...n let /* Step 11.1: For j = 0,...n let
V_j = hash(seed+offset+j) V_j = hash(seed+offset+j)
Step 11.2: W = V_0 + V_1*2^outlen + Step 11.2: W = V_0 + V_1*2^outlen +
... ...
+ V_{n-1}*2^{(n-1)*outlen} + V_{n-1}*2^{(n-1)*outlen}
+ (V_{n} mod 2^b)*2^{n*outlen} + (V_{n} mod 2^b)*2^{n*outlen}
*/ */
mpi_set_ui (value_w, 0); mpi_set_ui (value_w, 0);
for (value_j=0; value_j <= value_n; value_j++) for (value_j=0; value_j <= value_n; value_j++)
@ -1783,7 +1783,7 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
break; break;
} }
gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen); gcry_md_hash_buffer (GCRY_MD_SHA1, digest, seed_plus, seedlen);
gcry_mpi_release (tmpval); tmpval = NULL; gcry_mpi_release (tmpval); tmpval = NULL;
ec = gpg_err_code (gcry_mpi_scan (&tmpval, GCRYMPI_FMT_USG, ec = gpg_err_code (gcry_mpi_scan (&tmpval, GCRYMPI_FMT_USG,
digest, sizeof digest, NULL)); digest, sizeof digest, NULL));
@ -1813,7 +1813,7 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
if (mpi_get_nbits (prime_p) >= pbits-1 if (mpi_get_nbits (prime_p) >= pbits-1
&& check_prime (prime_p, val_2, 64, NULL, NULL) ) && check_prime (prime_p, val_2, 64, NULL, NULL) )
break; /* Yes, P is prime, continue with Step 15. */ break; /* Yes, P is prime, continue with Step 15. */
/* Step 11.9: counter = counter + 1, offset = offset + n + 1. /* Step 11.9: counter = counter + 1, offset = offset + n + 1.
If counter >= 4L goto Step 5. */ If counter >= 4L goto Step 5. */
counter++; counter++;
@ -1859,4 +1859,3 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits,
gcry_mpi_release (val_2); gcry_mpi_release (val_2);
return ec; return ec;
} }

File diff suppressed because it is too large Load diff

View file

@ -38,15 +38,15 @@
#define RFC2268_BLOCKSIZE 8 #define RFC2268_BLOCKSIZE 8
typedef struct typedef struct
{ {
u16 S[64]; u16 S[64];
} RFC2268_context; } RFC2268_context;
static const unsigned char rfc2268_sbox[] = { static const unsigned char rfc2268_sbox[] = {
217, 120, 249, 196, 25, 221, 181, 237, 217, 120, 249, 196, 25, 221, 181, 237,
40, 233, 253, 121, 74, 160, 216, 157, 40, 233, 253, 121, 74, 160, 216, 157,
198, 126, 55, 131, 43, 118, 83, 142, 198, 126, 55, 131, 43, 118, 83, 142,
98, 76, 100, 136, 68, 139, 251, 162, 98, 76, 100, 136, 68, 139, 251, 162,
23, 154, 89, 245, 135, 179, 79, 19, 23, 154, 89, 245, 135, 179, 79, 19,
97, 69, 109, 141, 9, 129, 125, 50, 97, 69, 109, 141, 9, 129, 125, 50,
@ -106,10 +106,10 @@ do_encrypt (void *context, unsigned char *outbuf, const unsigned char *inbuf)
/* For some reason I cannot combine those steps. */ /* For some reason I cannot combine those steps. */
word0 += (word1 & ~word3) + (word2 & word3) + ctx->S[j]; word0 += (word1 & ~word3) + (word2 & word3) + ctx->S[j];
word0 = rotl16(word0, 1); word0 = rotl16(word0, 1);
word1 += (word2 & ~word0) + (word3 & word0) + ctx->S[j + 1]; word1 += (word2 & ~word0) + (word3 & word0) + ctx->S[j + 1];
word1 = rotl16(word1, 2); word1 = rotl16(word1, 2);
word2 += (word3 & ~word1) + (word0 & word1) + ctx->S[j + 2]; word2 += (word3 & ~word1) + (word0 & word1) + ctx->S[j + 2];
word2 = rotl16(word2, 3); word2 = rotl16(word2, 3);
@ -152,7 +152,7 @@ do_decrypt (void *context, unsigned char *outbuf, const unsigned char *inbuf)
word3 = (word3 << 8) | inbuf[7]; word3 = (word3 << 8) | inbuf[7];
word3 = (word3 << 8) | inbuf[6]; word3 = (word3 << 8) | inbuf[6];
for (i = 15; i >= 0; i--) for (i = 15; i >= 0; i--)
{ {
j = i * 4; j = i * 4;
@ -168,7 +168,7 @@ do_decrypt (void *context, unsigned char *outbuf, const unsigned char *inbuf)
word0 = rotr16(word0, 1); word0 = rotr16(word0, 1);
word0 -= (word1 & ~word3) + (word2 & word3) + ctx->S[j]; word0 -= (word1 & ~word3) + (word2 & word3) + ctx->S[j];
if (i == 5 || i == 11) if (i == 5 || i == 11)
{ {
word3 = word3 - ctx->S[word2 & 63]; word3 = word3 - ctx->S[word2 & 63];
word2 = word2 - ctx->S[word1 & 63]; word2 = word2 - ctx->S[word1 & 63];
@ -214,7 +214,7 @@ setkey_core (void *context, const unsigned char *key, unsigned int keylen, int w
return GPG_ERR_INV_KEYLEN; return GPG_ERR_INV_KEYLEN;
S = (unsigned char *) ctx->S; S = (unsigned char *) ctx->S;
for (i = 0; i < keylen; i++) for (i = 0; i < keylen; i++)
S[i] = key[i]; S[i] = key[i];
@ -232,8 +232,8 @@ setkey_core (void *context, const unsigned char *key, unsigned int keylen, int w
i = 128 - len; i = 128 - len;
x = rfc2268_sbox[S[i] & (255 >> (7 & -bits))]; x = rfc2268_sbox[S[i] & (255 >> (7 & -bits))];
S[i] = x; S[i] = x;
while (i--) while (i--)
{ {
x = rfc2268_sbox[x ^ S[i + len]]; x = rfc2268_sbox[x ^ S[i + len]];
S[i] = x; S[i] = x;
@ -241,7 +241,7 @@ setkey_core (void *context, const unsigned char *key, unsigned int keylen, int w
} }
/* Make the expanded key, endian independent. */ /* Make the expanded key, endian independent. */
for (i = 0; i < 64; i++) for (i = 0; i < 64; i++)
ctx->S[i] = ( (u16) S[i * 2] | (((u16) S[i * 2 + 1]) << 8)); ctx->S[i] = ( (u16) S[i * 2] | (((u16) S[i * 2 + 1]) << 8));
return 0; return 0;
@ -297,7 +297,7 @@ selftest (void)
return "RFC2268 encryption test 1 failed."; return "RFC2268 encryption test 1 failed.";
setkey_core (&ctx, key_1, sizeof(key_1), 0); setkey_core (&ctx, key_1, sizeof(key_1), 0);
do_decrypt (&ctx, scratch, scratch); do_decrypt (&ctx, scratch, scratch);
if (memcmp (scratch, plaintext_1, sizeof(plaintext_1))) if (memcmp (scratch, plaintext_1, sizeof(plaintext_1)))
return "RFC2268 decryption test 1 failed."; return "RFC2268 decryption test 1 failed.";
@ -308,7 +308,7 @@ selftest (void)
return "RFC2268 encryption test 2 failed."; return "RFC2268 encryption test 2 failed.";
setkey_core (&ctx, key_2, sizeof(key_2), 0); setkey_core (&ctx, key_2, sizeof(key_2), 0);
do_decrypt (&ctx, scratch, scratch); do_decrypt (&ctx, scratch, scratch);
if (memcmp (scratch, plaintext_2, sizeof(plaintext_2))) if (memcmp (scratch, plaintext_2, sizeof(plaintext_2)))
return "RFC2268 decryption test 2 failed."; return "RFC2268 decryption test 2 failed.";
@ -320,7 +320,7 @@ selftest (void)
return "RFC2268 encryption test 3 failed."; return "RFC2268 encryption test 3 failed.";
setkey_core (&ctx, key_3, sizeof(key_3), 0); setkey_core (&ctx, key_3, sizeof(key_3), 0);
do_decrypt (&ctx, scratch, scratch); do_decrypt (&ctx, scratch, scratch);
if (memcmp(scratch, plaintext_3, sizeof(plaintext_3))) if (memcmp(scratch, plaintext_3, sizeof(plaintext_3)))
return "RFC2268 decryption test 3 failed."; return "RFC2268 decryption test 3 failed.";
@ -342,4 +342,3 @@ gcry_cipher_spec_t _gcry_cipher_spec_rfc2268_40 = {
RFC2268_BLOCKSIZE, 40, sizeof(RFC2268_context), RFC2268_BLOCKSIZE, 40, sizeof(RFC2268_context),
do_setkey, do_encrypt, do_decrypt do_setkey, do_encrypt, do_decrypt
}; };

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -22,7 +22,7 @@
/* We need this here because random.c must have direct access. */ /* We need this here because random.c must have direct access. */
typedef struct typedef struct
{ {
u32 h0,h1,h2,h3,h4; u32 h0,h1,h2,h3,h4;
u32 nblocks; u32 nblocks;
@ -34,4 +34,3 @@ void _gcry_rmd160_init ( void *context );
void _gcry_rmd160_mixblock ( RMD160_CONTEXT *hd, void *blockof64byte ); void _gcry_rmd160_mixblock ( RMD160_CONTEXT *hd, void *blockof64byte );
#endif /*G10_RMD_H*/ #endif /*G10_RMD_H*/

View file

@ -415,7 +415,7 @@ rmd160_write ( void *context, const void *inbuf_arg, size_t inlen)
} }
if( !inbuf ) if( !inbuf )
return; return;
if( hd->count ) if( hd->count )
{ {
for( ; inlen && hd->count < 64; inlen-- ) for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++; hd->buf[hd->count++] = *inbuf++;
@ -468,7 +468,7 @@ rmd160_final( void *context )
RMD160_CONTEXT *hd = context; RMD160_CONTEXT *hd = context;
u32 t, msb, lsb; u32 t, msb, lsb;
byte *p; byte *p;
rmd160_write(hd, NULL, 0); /* flush */; rmd160_write(hd, NULL, 0); /* flush */;
t = hd->nblocks; t = hd->nblocks;

View file

@ -72,7 +72,7 @@ static const char sample_secret_key[] =
" (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e" " (u #304559a9ead56d2309d203811a641bb1a09626bc8eb36fffa23c968ec5bd891e"
" ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))"; " ebbafc73ae666e01ba7c8990bae06cc2bbe10b75e69fcacb353a6473079d8e9b#)))";
/* A sample 1024 bit RSA key used for the selftests (public only). */ /* A sample 1024 bit RSA key used for the selftests (public only). */
static const char sample_public_key[] = static const char sample_public_key[] =
"(public-key" "(public-key"
" (rsa" " (rsa"
" (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa" " (n #00e0ce96f90b6c9e02f3922beada93fe50a875eac6bcc18bb9a9cf2e84965caa"
@ -127,7 +127,7 @@ test_keys (RSA_secret_key *sk, unsigned int nbits)
/* Use the RSA secret function to create a signature of the plaintext. */ /* Use the RSA secret function to create a signature of the plaintext. */
secret (signature, plaintext, sk); secret (signature, plaintext, sk);
/* Use the RSA public function to verify this signature. */ /* Use the RSA public function to verify this signature. */
public (decr_plaintext, signature, &pk); public (decr_plaintext, signature, &pk);
if (gcry_mpi_cmp (decr_plaintext, plaintext)) if (gcry_mpi_cmp (decr_plaintext, plaintext))
@ -158,7 +158,7 @@ check_exponent (void *arg, gcry_mpi_t a)
gcry_mpi_t e = arg; gcry_mpi_t e = arg;
gcry_mpi_t tmp; gcry_mpi_t tmp;
int result; int result;
mpi_sub_ui (a, a, 1); mpi_sub_ui (a, a, 1);
tmp = _gcry_mpi_alloc_like (a); tmp = _gcry_mpi_alloc_like (a);
result = !gcry_mpi_gcd(tmp, e, a); /* GCD is not 1. */ result = !gcry_mpi_gcd(tmp, e, a); /* GCD is not 1. */
@ -168,12 +168,12 @@ check_exponent (void *arg, gcry_mpi_t a)
} }
/**************** /****************
* Generate a key pair with a key of size NBITS. * Generate a key pair with a key of size NBITS.
* USE_E = 0 let Libcgrypt decide what exponent to use. * USE_E = 0 let Libcgrypt decide what exponent to use.
* = 1 request the use of a "secure" exponent; this is required by some * = 1 request the use of a "secure" exponent; this is required by some
* specification to be 65537. * specification to be 65537.
* > 2 Use this public exponent. If the given exponent * > 2 Use this public exponent. If the given exponent
* is not odd one is internally added to it. * is not odd one is internally added to it.
* TRANSIENT_KEY: If true, generate the primes using the standard RNG. * TRANSIENT_KEY: If true, generate the primes using the standard RNG.
* Returns: 2 structures filled with all needed values * Returns: 2 structures filled with all needed values
*/ */
@ -205,7 +205,7 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
/* Make sure that nbits is even so that we generate p, q of equal size. */ /* Make sure that nbits is even so that we generate p, q of equal size. */
if ( (nbits&1) ) if ( (nbits&1) )
nbits++; nbits++;
if (use_e == 1) /* Alias for a secure value */ if (use_e == 1) /* Alias for a secure value */
use_e = 65537; /* as demanded by Sphinx. */ use_e = 65537; /* as demanded by Sphinx. */
@ -213,7 +213,7 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
/* Public exponent: /* Public exponent:
In general we use 41 as this is quite fast and more secure than the In general we use 41 as this is quite fast and more secure than the
commonly used 17. Benchmarking the RSA verify function commonly used 17. Benchmarking the RSA verify function
with a 1024 bit key yields (2001-11-08): with a 1024 bit key yields (2001-11-08):
e=17 0.54 ms e=17 0.54 ms
e=41 0.75 ms e=41 0.75 ms
e=257 0.95 ms e=257 0.95 ms
@ -222,12 +222,12 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
e = mpi_alloc( (32+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); e = mpi_alloc( (32+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
if (!use_e) if (!use_e)
mpi_set_ui (e, 41); /* This is a reasonable secure and fast value */ mpi_set_ui (e, 41); /* This is a reasonable secure and fast value */
else else
{ {
use_e |= 1; /* make sure this is odd */ use_e |= 1; /* make sure this is odd */
mpi_set_ui (e, use_e); mpi_set_ui (e, use_e);
} }
n = gcry_mpi_new (nbits); n = gcry_mpi_new (nbits);
p = q = NULL; p = q = NULL;
@ -329,14 +329,14 @@ generate_std (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
/* Helper for generate_x931. */ /* Helper for generate_x931. */
static gcry_mpi_t static gcry_mpi_t
gen_x931_parm_xp (unsigned int nbits) gen_x931_parm_xp (unsigned int nbits)
{ {
gcry_mpi_t xp; gcry_mpi_t xp;
xp = gcry_mpi_snew (nbits); xp = gcry_mpi_snew (nbits);
gcry_mpi_randomize (xp, nbits, GCRY_VERY_STRONG_RANDOM); gcry_mpi_randomize (xp, nbits, GCRY_VERY_STRONG_RANDOM);
/* The requirement for Xp is: /* The requirement for Xp is:
sqrt{2}*2^{nbits-1} <= xp <= 2^{nbits} - 1 sqrt{2}*2^{nbits-1} <= xp <= 2^{nbits} - 1
@ -347,13 +347,13 @@ gen_x931_parm_xp (unsigned int nbits)
mpi_set_highbit (xp, nbits-1); mpi_set_highbit (xp, nbits-1);
mpi_set_bit (xp, nbits-2); mpi_set_bit (xp, nbits-2);
gcry_assert ( mpi_get_nbits (xp) == nbits ); gcry_assert ( mpi_get_nbits (xp) == nbits );
return xp; return xp;
} }
/* Helper for generate_x931. */ /* Helper for generate_x931. */
static gcry_mpi_t static gcry_mpi_t
gen_x931_parm_xi (void) gen_x931_parm_xi (void)
{ {
gcry_mpi_t xi; gcry_mpi_t xi;
@ -362,9 +362,9 @@ gen_x931_parm_xi (void)
gcry_mpi_randomize (xi, 101, GCRY_VERY_STRONG_RANDOM); gcry_mpi_randomize (xi, 101, GCRY_VERY_STRONG_RANDOM);
mpi_set_highbit (xi, 100); mpi_set_highbit (xi, 100);
gcry_assert ( mpi_get_nbits (xi) == 101 ); gcry_assert ( mpi_get_nbits (xi) == 101 );
return xi; return xi;
} }
@ -389,19 +389,19 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
*swapped = 0; *swapped = 0;
if (e_value == 1) /* Alias for a secure value. */ if (e_value == 1) /* Alias for a secure value. */
e_value = 65537; e_value = 65537;
/* Point 1 of section 4.1: k = 1024 + 256s with S >= 0 */ /* Point 1 of section 4.1: k = 1024 + 256s with S >= 0 */
if (nbits < 1024 || (nbits % 256)) if (nbits < 1024 || (nbits % 256))
return GPG_ERR_INV_VALUE; return GPG_ERR_INV_VALUE;
/* Point 2: 2 <= bitlength(e) < 2^{k-2} /* Point 2: 2 <= bitlength(e) < 2^{k-2}
Note that we do not need to check the upper bound because we use Note that we do not need to check the upper bound because we use
an unsigned long for E and thus there is no way for E to reach an unsigned long for E and thus there is no way for E to reach
that limit. */ that limit. */
if (e_value < 3) if (e_value < 3)
return GPG_ERR_INV_VALUE; return GPG_ERR_INV_VALUE;
/* Our implementaion requires E to be odd. */ /* Our implementaion requires E to be odd. */
if (!(e_value & 1)) if (!(e_value & 1))
return GPG_ERR_INV_VALUE; return GPG_ERR_INV_VALUE;
@ -458,7 +458,7 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
}; };
int idx; int idx;
gcry_sexp_t oneparm; gcry_sexp_t oneparm;
tbl[0].value = &xp1; tbl[0].value = &xp1;
tbl[1].value = &xp2; tbl[1].value = &xp2;
tbl[2].value = &xp; tbl[2].value = &xp;
@ -487,8 +487,8 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
return GPG_ERR_MISSING_VALUE; return GPG_ERR_MISSING_VALUE;
} }
} }
e = mpi_alloc_set_ui (e_value); e = mpi_alloc_set_ui (e_value);
/* Find two prime numbers. */ /* Find two prime numbers. */
p = _gcry_derive_x931_prime (xp, xp1, xp2, e, NULL, NULL); p = _gcry_derive_x931_prime (xp, xp1, xp2, e, NULL, NULL);
@ -496,7 +496,7 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value,
gcry_mpi_release (xp); xp = NULL; gcry_mpi_release (xp); xp = NULL;
gcry_mpi_release (xp1); xp1 = NULL; gcry_mpi_release (xp1); xp1 = NULL;
gcry_mpi_release (xp2); xp2 = NULL; gcry_mpi_release (xp2); xp2 = NULL;
gcry_mpi_release (xq); xq = NULL; gcry_mpi_release (xq); xq = NULL;
gcry_mpi_release (xq1); xq1 = NULL; gcry_mpi_release (xq1); xq1 = NULL;
gcry_mpi_release (xq2); xq2 = NULL; gcry_mpi_release (xq2); xq2 = NULL;
if (!p || !q) if (!p || !q)
@ -590,7 +590,7 @@ check_secret_key( RSA_secret_key *sk )
{ {
int rc; int rc;
gcry_mpi_t temp = mpi_alloc( mpi_get_nlimbs(sk->p)*2 ); gcry_mpi_t temp = mpi_alloc( mpi_get_nlimbs(sk->p)*2 );
mpi_mul(temp, sk->p, sk->q ); mpi_mul(temp, sk->p, sk->q );
rc = mpi_cmp( temp, sk->n ); rc = mpi_cmp( temp, sk->n );
mpi_free(temp); mpi_free(temp);
@ -692,9 +692,9 @@ stronger_key_check ( RSA_secret_key *skey )
* *
* Or faster: * Or faster:
* *
* m1 = c ^ (d mod (p-1)) mod p * m1 = c ^ (d mod (p-1)) mod p
* m2 = c ^ (d mod (q-1)) mod q * m2 = c ^ (d mod (q-1)) mod q
* h = u * (m2 - m1) mod q * h = u * (m2 - m1) mod q
* m = m1 + h * p * m = m1 + h * p
* *
* Where m is OUTPUT, c is INPUT and d,n,p,q,u are elements of SKEY. * Where m is OUTPUT, c is INPUT and d,n,p,q,u are elements of SKEY.
@ -711,10 +711,10 @@ secret(gcry_mpi_t output, gcry_mpi_t input, RSA_secret_key *skey )
gcry_mpi_t m1 = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 ); gcry_mpi_t m1 = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
gcry_mpi_t m2 = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 ); gcry_mpi_t m2 = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
gcry_mpi_t h = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 ); gcry_mpi_t h = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
/* m1 = c ^ (d mod (p-1)) mod p */ /* m1 = c ^ (d mod (p-1)) mod p */
mpi_sub_ui( h, skey->p, 1 ); mpi_sub_ui( h, skey->p, 1 );
mpi_fdiv_r( h, skey->d, h ); mpi_fdiv_r( h, skey->d, h );
mpi_powm( m1, input, h, skey->p ); mpi_powm( m1, input, h, skey->p );
/* m2 = c ^ (d mod (q-1)) mod q */ /* m2 = c ^ (d mod (q-1)) mod q */
mpi_sub_ui( h, skey->q, 1 ); mpi_sub_ui( h, skey->q, 1 );
@ -722,13 +722,13 @@ secret(gcry_mpi_t output, gcry_mpi_t input, RSA_secret_key *skey )
mpi_powm( m2, input, h, skey->q ); mpi_powm( m2, input, h, skey->q );
/* h = u * ( m2 - m1 ) mod q */ /* h = u * ( m2 - m1 ) mod q */
mpi_sub( h, m2, m1 ); mpi_sub( h, m2, m1 );
if ( mpi_is_neg( h ) ) if ( mpi_is_neg( h ) )
mpi_add ( h, h, skey->q ); mpi_add ( h, h, skey->q );
mpi_mulm( h, skey->u, h, skey->q ); mpi_mulm( h, skey->u, h, skey->q );
/* m = m2 + h * p */ /* m = m2 + h * p */
mpi_mul ( h, h, skey->p ); mpi_mul ( h, h, skey->p );
mpi_add ( output, m1, h ); mpi_add ( output, m1, h );
mpi_free ( h ); mpi_free ( h );
mpi_free ( m1 ); mpi_free ( m1 );
mpi_free ( m2 ); mpi_free ( m2 );
@ -749,7 +749,7 @@ rsa_blind (gcry_mpi_t x, gcry_mpi_t r, gcry_mpi_t e, gcry_mpi_t n)
a = gcry_mpi_snew (gcry_mpi_get_nbits (n)); a = gcry_mpi_snew (gcry_mpi_get_nbits (n));
y = gcry_mpi_snew (gcry_mpi_get_nbits (n)); y = gcry_mpi_snew (gcry_mpi_get_nbits (n));
/* Now we calculate: y = (x * r^e) mod n, where r is the random /* Now we calculate: y = (x * r^e) mod n, where r is the random
number, e is the public exponent, x is the non-blinded data and n number, e is the public exponent, x is the non-blinded data and n
is the RSA modulus. */ is the RSA modulus. */
@ -796,7 +796,7 @@ rsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
gcry_sexp_t l1; gcry_sexp_t l1;
(void)algo; (void)algo;
*retfactors = NULL; /* We don't return them. */ *retfactors = NULL; /* We don't return them. */
deriveparms = (genparms? deriveparms = (genparms?
@ -819,7 +819,7 @@ rsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
gcry_sexp_release (deriveparms); gcry_sexp_release (deriveparms);
if (!ec && r_extrainfo && swapped) if (!ec && r_extrainfo && swapped)
{ {
ec = gcry_sexp_new (r_extrainfo, ec = gcry_sexp_new (r_extrainfo,
"(misc-key-info(p-q-swapped))", 0, 1); "(misc-key-info(p-q-swapped))", 0, 1);
if (ec) if (ec)
{ {
@ -854,7 +854,7 @@ rsa_generate_ext (int algo, unsigned int nbits, unsigned long evalue,
skey[4] = sk.q; skey[4] = sk.q;
skey[5] = sk.u; skey[5] = sk.u;
} }
return ec; return ec;
} }
@ -900,12 +900,12 @@ rsa_encrypt (int algo, gcry_mpi_t *resarr, gcry_mpi_t data,
(void)algo; (void)algo;
(void)flags; (void)flags;
pk.n = pkey[0]; pk.n = pkey[0];
pk.e = pkey[1]; pk.e = pkey[1];
resarr[0] = mpi_alloc (mpi_get_nlimbs (pk.n)); resarr[0] = mpi_alloc (mpi_get_nlimbs (pk.n));
public (resarr[0], data, &pk); public (resarr[0], data, &pk);
return GPG_ERR_NO_ERROR; return GPG_ERR_NO_ERROR;
} }
@ -935,11 +935,11 @@ rsa_decrypt (int algo, gcry_mpi_t *result, gcry_mpi_t *data,
/* We use blinding by default to mitigate timing attacks which can /* We use blinding by default to mitigate timing attacks which can
be practically mounted over the network as shown by Brumley and be practically mounted over the network as shown by Brumley and
Boney in 2003. */ Boney in 2003. */
if (! (flags & PUBKEY_FLAG_NO_BLINDING)) if (! (flags & PUBKEY_FLAG_NO_BLINDING))
{ {
/* Initialize blinding. */ /* Initialize blinding. */
/* First, we need a random number r between 0 and n - 1, which /* First, we need a random number r between 0 and n - 1, which
is relatively prime to n (i.e. it is neither p nor q). The is relatively prime to n (i.e. it is neither p nor q). The
random number needs to be only unpredictable, thus we employ random number needs to be only unpredictable, thus we employ
@ -947,7 +947,7 @@ rsa_decrypt (int algo, gcry_mpi_t *result, gcry_mpi_t *data,
gcry_mpi_randomize. */ gcry_mpi_randomize. */
r = gcry_mpi_snew (gcry_mpi_get_nbits (sk.n)); r = gcry_mpi_snew (gcry_mpi_get_nbits (sk.n));
ri = gcry_mpi_snew (gcry_mpi_get_nbits (sk.n)); ri = gcry_mpi_snew (gcry_mpi_get_nbits (sk.n));
gcry_mpi_randomize (r, gcry_mpi_get_nbits (sk.n), GCRY_WEAK_RANDOM); gcry_mpi_randomize (r, gcry_mpi_get_nbits (sk.n), GCRY_WEAK_RANDOM);
gcry_mpi_mod (r, r, sk.n); gcry_mpi_mod (r, r, sk.n);
@ -970,7 +970,7 @@ rsa_decrypt (int algo, gcry_mpi_t *result, gcry_mpi_t *data,
{ {
/* Undo blinding. */ /* Undo blinding. */
gcry_mpi_t a = gcry_mpi_copy (y); gcry_mpi_t a = gcry_mpi_copy (y);
gcry_mpi_release (y); gcry_mpi_release (y);
y = rsa_unblind (a, ri, sk.n); y = rsa_unblind (a, ri, sk.n);
@ -987,7 +987,7 @@ rsa_decrypt (int algo, gcry_mpi_t *result, gcry_mpi_t *data,
/* Copy out result. */ /* Copy out result. */
*result = y; *result = y;
return GPG_ERR_NO_ERROR; return GPG_ERR_NO_ERROR;
} }
@ -998,7 +998,7 @@ rsa_sign (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *skey)
RSA_secret_key sk; RSA_secret_key sk;
(void)algo; (void)algo;
sk.n = skey[0]; sk.n = skey[0];
sk.e = skey[1]; sk.e = skey[1];
sk.d = skey[2]; sk.d = skey[2];
@ -1036,10 +1036,12 @@ rsa_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey,
log_mpidump (" hash:", hash ); log_mpidump (" hash:", hash );
} }
#endif /*IS_DEVELOPMENT_VERSION*/ #endif /*IS_DEVELOPMENT_VERSION*/
/*rc = (*cmp)( opaquev, result );*/ if (cmp)
rc = mpi_cmp (result, hash) ? GPG_ERR_BAD_SIGNATURE : GPG_ERR_NO_ERROR; rc = (*cmp) (opaquev, result);
else
rc = mpi_cmp (result, hash) ? GPG_ERR_BAD_SIGNATURE : GPG_ERR_NO_ERROR;
gcry_mpi_release (result); gcry_mpi_release (result);
return rc; return rc;
} }
@ -1061,7 +1063,7 @@ rsa_get_nbits (int algo, gcry_mpi_t *pkey)
(rsa (rsa
(n #00B...#) (n #00B...#)
(e #010001#)) (e #010001#))
PKCS-15 says that for RSA only the modulus should be hashed - PKCS-15 says that for RSA only the modulus should be hashed -
however, it is not clear whether this is meant to use the raw bytes however, it is not clear whether this is meant to use the raw bytes
(assuming this is an unsigned integer) or whether the DER required (assuming this is an unsigned integer) or whether the DER required
@ -1093,17 +1095,17 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparam)
/* /*
Self-test section. Self-test section.
*/ */
static const char * static const char *
selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey) selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
{ {
static const char sample_data[] = static const char sample_data[] =
"(data (flags pkcs1)" "(data (flags pkcs1)"
" (hash sha1 #11223344556677889900aabbccddeeff10203040#))"; " (hash sha1 #11223344556677889900aabbccddeeff10203040#))";
static const char sample_data_bad[] = static const char sample_data_bad[] =
"(data (flags pkcs1)" "(data (flags pkcs1)"
" (hash sha1 #11223344556677889900aabbccddeeff80203040#))"; " (hash sha1 #11223344556677889900aabbccddeeff80203040#))";
@ -1116,7 +1118,7 @@ selftest_sign_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
err = gcry_sexp_sscan (&data, NULL, err = gcry_sexp_sscan (&data, NULL,
sample_data, strlen (sample_data)); sample_data, strlen (sample_data));
if (!err) if (!err)
err = gcry_sexp_sscan (&data_bad, NULL, err = gcry_sexp_sscan (&data_bad, NULL,
sample_data_bad, strlen (sample_data_bad)); sample_data_bad, strlen (sample_data_bad));
if (err) if (err)
{ {
@ -1202,7 +1204,7 @@ selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
/* Create plaintext. The plaintext is actually a big integer number. */ /* Create plaintext. The plaintext is actually a big integer number. */
plaintext = gcry_mpi_new (nbits); plaintext = gcry_mpi_new (nbits);
gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM); gcry_mpi_randomize (plaintext, nbits, GCRY_WEAK_RANDOM);
/* Put the plaintext into an S-expression. */ /* Put the plaintext into an S-expression. */
err = gcry_sexp_build (&plain, NULL, err = gcry_sexp_build (&plain, NULL,
"(data (flags raw) (value %m))", plaintext); "(data (flags raw) (value %m))", plaintext);
@ -1262,7 +1264,7 @@ selftest_encr_1024 (gcry_sexp_t pkey, gcry_sexp_t skey)
errtxt = "decrypt returned no plaintext"; errtxt = "decrypt returned no plaintext";
goto leave; goto leave;
} }
/* Check that the decrypted plaintext matches the original plaintext. */ /* Check that the decrypted plaintext matches the original plaintext. */
if (gcry_mpi_cmp (plaintext, decr_plaintext)) if (gcry_mpi_cmp (plaintext, decr_plaintext))
{ {
@ -1290,13 +1292,13 @@ selftests_rsa (selftest_report_func_t report)
gcry_error_t err; gcry_error_t err;
gcry_sexp_t skey = NULL; gcry_sexp_t skey = NULL;
gcry_sexp_t pkey = NULL; gcry_sexp_t pkey = NULL;
/* Convert the S-expressions into the internal representation. */ /* Convert the S-expressions into the internal representation. */
what = "convert"; what = "convert";
err = gcry_sexp_sscan (&skey, NULL, err = gcry_sexp_sscan (&skey, NULL,
sample_secret_key, strlen (sample_secret_key)); sample_secret_key, strlen (sample_secret_key));
if (!err) if (!err)
err = gcry_sexp_sscan (&pkey, NULL, err = gcry_sexp_sscan (&pkey, NULL,
sample_public_key, strlen (sample_public_key)); sample_public_key, strlen (sample_public_key));
if (err) if (err)
{ {
@ -1351,7 +1353,7 @@ run_selftests (int algo, int extended, selftest_report_func_t report)
default: default:
ec = GPG_ERR_PUBKEY_ALGO; ec = GPG_ERR_PUBKEY_ALGO;
break; break;
} }
return ec; return ec;
} }
@ -1380,10 +1382,9 @@ gcry_pk_spec_t _gcry_pubkey_spec_rsa =
rsa_verify, rsa_verify,
rsa_get_nbits, rsa_get_nbits,
}; };
pk_extra_spec_t _gcry_pubkey_extraspec_rsa = pk_extra_spec_t _gcry_pubkey_extraspec_rsa =
{ {
run_selftests, run_selftests,
rsa_generate_ext, rsa_generate_ext,
compute_keygrip compute_keygrip
}; };

View file

@ -59,7 +59,7 @@ union wordbuf
static const char *selftest(void); static const char *selftest(void);
typedef struct typedef struct
{ {
u32 keyschedule[32]; u32 keyschedule[32];
} SEED_context; } SEED_context;
@ -258,7 +258,7 @@ static const u32 KC[NUMKC] = {
/* Perform the key setup. /* Perform the key setup.
*/ */
static gcry_err_code_t static gcry_err_code_t
do_setkey (SEED_context *ctx, const byte *key, const unsigned keylen) do_setkey (SEED_context *ctx, const byte *key, const unsigned keylen)
{ {
@ -432,7 +432,7 @@ static const char*
selftest (void) selftest (void)
{ {
SEED_context ctx; SEED_context ctx;
byte scratch[16]; byte scratch[16];
/* The test vector is taken from the appendix section B.3 of RFC4269. /* The test vector is taken from the appendix section B.3 of RFC4269.
*/ */

View file

@ -54,7 +54,7 @@ typedef struct serpent_context
/* A prototype. */ /* A prototype. */
static const char *serpent_test (void); static const char *serpent_test (void);
#define byte_swap_32(x) \ #define byte_swap_32(x) \
(0 \ (0 \
@ -586,18 +586,20 @@ serpent_key_prepare (const byte *key, unsigned int key_length,
/* Copy key. */ /* Copy key. */
memcpy (key_prepared, key, key_length); memcpy (key_prepared, key, key_length);
key_length /= 4;
#ifdef WORDS_BIGENDIAN #ifdef WORDS_BIGENDIAN
for (i = 0; i < key_length / 4; i++) for (i = 0; i < key_length; i++)
key_prepared[i] = byte_swap_32 (key_prepared[i]); key_prepared[i] = byte_swap_32 (key_prepared[i]);
#else
i = key_length;
#endif #endif
if (i < 8)
if (key_length < 32)
{ {
/* Key must be padded according to the Serpent /* Key must be padded according to the Serpent
specification. */ specification. */
key_prepared[key_length / 4] = 0x00000001; key_prepared[i] = 0x00000001;
for (i = key_length / 4 + 1; i < 8; i++) for (i++; i < 8; i++)
key_prepared[i] = 0; key_prepared[i] = 0;
} }
} }
@ -681,7 +683,7 @@ serpent_setkey (void *ctx,
static const char *serpent_test_ret; static const char *serpent_test_ret;
static int serpent_init_done; static int serpent_init_done;
gcry_err_code_t ret = GPG_ERR_NO_ERROR; gcry_err_code_t ret = GPG_ERR_NO_ERROR;
if (! serpent_init_done) if (! serpent_init_done)
{ {
/* Execute a self-test the first time, Serpent is used. */ /* Execute a self-test the first time, Serpent is used. */
@ -767,12 +769,12 @@ serpent_decrypt_internal (serpent_context_t *context,
serpent_block_t b, b_next; serpent_block_t b, b_next;
int round = ROUNDS; int round = ROUNDS;
memcpy (b, input, sizeof (b)); memcpy (b_next, input, sizeof (b));
#ifdef WORDS_BIGENDIAN #ifdef WORDS_BIGENDIAN
b[0] = byte_swap_32 (b[0]); b_next[0] = byte_swap_32 (b_next[0]);
b[1] = byte_swap_32 (b[1]); b_next[1] = byte_swap_32 (b_next[1]);
b[2] = byte_swap_32 (b[2]); b_next[2] = byte_swap_32 (b_next[2]);
b[3] = byte_swap_32 (b[3]); b_next[3] = byte_swap_32 (b_next[3]);
#endif #endif
ROUND_FIRST_INVERSE (7, context->keys, b_next, b); ROUND_FIRST_INVERSE (7, context->keys, b_next, b);
@ -891,9 +893,7 @@ serpent_test (void)
{ {
serpent_setkey_internal (&context, test_data[i].key, serpent_setkey_internal (&context, test_data[i].key,
test_data[i].key_length); test_data[i].key_length);
serpent_encrypt_internal (&context, serpent_encrypt_internal (&context, test_data[i].text_plain, scratch);
test_data[i].text_plain,
scratch);
if (memcmp (scratch, test_data[i].text_cipher, sizeof (serpent_block_t))) if (memcmp (scratch, test_data[i].text_cipher, sizeof (serpent_block_t)))
switch (test_data[i].key_length) switch (test_data[i].key_length)
@ -906,9 +906,7 @@ serpent_test (void)
return "Serpent-256 test encryption failed."; return "Serpent-256 test encryption failed.";
} }
serpent_decrypt_internal (&context, serpent_decrypt_internal (&context, test_data[i].text_cipher, scratch);
test_data[i].text_cipher,
scratch);
if (memcmp (scratch, test_data[i].text_plain, sizeof (serpent_block_t))) if (memcmp (scratch, test_data[i].text_plain, sizeof (serpent_block_t)))
switch (test_data[i].key_length) switch (test_data[i].key_length)
{ {

View file

@ -32,7 +32,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#ifdef HAVE_STDINT_H #ifdef HAVE_STDINT_H
# include <stdint.h> # include <stdint.h>
#endif #endif
@ -54,7 +54,7 @@
#define TRANSFORM(x,d,n) transform ((x), (d), (n)) #define TRANSFORM(x,d,n) transform ((x), (d), (n))
typedef struct typedef struct
{ {
u32 h0,h1,h2,h3,h4; u32 h0,h1,h2,h3,h4;
u32 nblocks; u32 nblocks;
@ -110,7 +110,7 @@ transform (SHA1_CONTEXT *hd, const unsigned char *data, size_t nblocks)
register u32 a, b, c, d, e; /* Local copies of the chaining variables. */ register u32 a, b, c, d, e; /* Local copies of the chaining variables. */
register u32 tm; /* Helper. */ register u32 tm; /* Helper. */
u32 x[16]; /* The array we work on. */ u32 x[16]; /* The array we work on. */
/* Loop over all blocks. */ /* Loop over all blocks. */
for ( ;nblocks; nblocks--) for ( ;nblocks; nblocks--)
{ {
@ -287,7 +287,7 @@ static void
sha1_final(void *context) sha1_final(void *context)
{ {
SHA1_CONTEXT *hd = context; SHA1_CONTEXT *hd = context;
u32 t, msb, lsb; u32 t, msb, lsb;
unsigned char *p; unsigned char *p;
@ -374,7 +374,7 @@ _gcry_sha1_hash_buffer (void *outbuf, const void *buffer, size_t length)
/* /*
Self-test section. Self-test section.
*/ */
@ -384,10 +384,10 @@ selftests_sha1 (int extended, selftest_report_func_t report)
{ {
const char *what; const char *what;
const char *errtxt; const char *errtxt;
what = "short string"; what = "short string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA1, 0, (GCRY_MD_SHA1, 0,
"abc", 3, "abc", 3,
"\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E" "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
"\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D", 20); "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D", 20);
@ -398,13 +398,13 @@ selftests_sha1 (int extended, selftest_report_func_t report)
{ {
what = "long string"; what = "long string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA1, 0, (GCRY_MD_SHA1, 0,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56,
"\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE" "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE"
"\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1", 20); "\x4A\xA1\xF9\x51\x29\xE5\xE5\x46\x70\xF1", 20);
if (errtxt) if (errtxt)
goto failed; goto failed;
what = "one million \"a\""; what = "one million \"a\"";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA1, 1, (GCRY_MD_SHA1, 1,
@ -438,7 +438,7 @@ run_selftests (int algo, int extended, selftest_report_func_t report)
default: default:
ec = GPG_ERR_DIGEST_ALGO; ec = GPG_ERR_DIGEST_ALGO;
break; break;
} }
return ec; return ec;
} }
@ -471,8 +471,7 @@ gcry_md_spec_t _gcry_digest_spec_sha1 =
sha1_init, sha1_write, sha1_final, sha1_read, sha1_init, sha1_write, sha1_final, sha1_read,
sizeof (SHA1_CONTEXT) sizeof (SHA1_CONTEXT)
}; };
md_extra_spec_t _gcry_digest_extraspec_sha1 = md_extra_spec_t _gcry_digest_extraspec_sha1 =
{ {
run_selftests run_selftests
}; };

View file

@ -19,7 +19,7 @@
/* Test vectors: /* Test vectors:
"abc" "abc"
SHA224: 23097d22 3405d822 8642a477 bda255b3 2aadbce4 bda0b3f7 e36c9da7 SHA224: 23097d22 3405d822 8642a477 bda255b3 2aadbce4 bda0b3f7 e36c9da7
SHA256: ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad SHA256: ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad
@ -27,7 +27,7 @@
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
SHA224: 75388b16 512776cc 5dba5da1 fd890150 b0c6455c b4f58b19 52522525 SHA224: 75388b16 512776cc 5dba5da1 fd890150 b0c6455c b4f58b19 52522525
SHA256: 248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1 SHA256: 248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1
"a" one million times "a" one million times
SHA224: 20794655 980c91d8 bbb4c1ea 97618a4b f03f4258 1948b2ee 4ee7ad67 SHA224: 20794655 980c91d8 bbb4c1ea 97618a4b f03f4258 1948b2ee 4ee7ad67
SHA256: cdc76e5c 9914fb92 81a1c7e2 84d73e67 f1809a48 a497200e 046d39cc c7112cd0 SHA256: cdc76e5c 9914fb92 81a1c7e2 84d73e67 f1809a48 a497200e 046d39cc c7112cd0
@ -123,7 +123,7 @@ Maj (u32 x, u32 y, u32 z)
{ {
return ((x & y) | (z & (x|y))); return ((x & y) | (z & (x|y)));
} }
/* (4.4) */ /* (4.4) */
static inline u32 static inline u32
Sum0 (u32 x) Sum0 (u32 x)
@ -138,7 +138,7 @@ Sum1 (u32 x)
return (ror (x, 6) ^ ror (x, 11) ^ ror (x, 25)); return (ror (x, 6) ^ ror (x, 11) ^ ror (x, 25));
} }
static void static void
transform (SHA256_CONTEXT *hd, const unsigned char *data) transform (SHA256_CONTEXT *hd, const unsigned char *data)
{ {
@ -146,7 +146,7 @@ transform (SHA256_CONTEXT *hd, const unsigned char *data)
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
@ -165,7 +165,7 @@ transform (SHA256_CONTEXT *hd, const unsigned char *data)
u32 x[16]; u32 x[16];
u32 w[64]; u32 w[64];
int i; int i;
a = hd->h0; a = hd->h0;
b = hd->h1; b = hd->h1;
c = hd->h2; c = hd->h2;
@ -174,14 +174,14 @@ transform (SHA256_CONTEXT *hd, const unsigned char *data)
f = hd->h5; f = hd->h5;
g = hd->h6; g = hd->h6;
h = hd->h7; h = hd->h7;
#ifdef WORDS_BIGENDIAN #ifdef WORDS_BIGENDIAN
memcpy (x, data, 64); memcpy (x, data, 64);
#else #else
{ {
byte *p2; byte *p2;
for (i=0, p2=(byte*)x; i < 16; i++, p2 += 4 ) for (i=0, p2=(byte*)x; i < 16; i++, p2 += 4 )
{ {
p2[3] = *data++; p2[3] = *data++;
p2[2] = *data++; p2[2] = *data++;
@ -202,7 +202,7 @@ transform (SHA256_CONTEXT *hd, const unsigned char *data)
R(a,b,c,d,e,f,g,h,K[i],w[i]); R(a,b,c,d,e,f,g,h,K[i],w[i]);
i++; i++;
#else #else
t1 = h + Sum1 (e) + Cho (e, f, g) + K[i] + w[i]; t1 = h + Sum1 (e) + Cho (e, f, g) + K[i] + w[i];
t2 = Sum0 (a) + Maj (a, b, c); t2 = Sum0 (a) + Maj (a, b, c);
d += t1; d += t1;
h = t1 + t2; h = t1 + t2;
@ -311,7 +311,7 @@ sha256_final(void *context)
SHA256_CONTEXT *hd = context; SHA256_CONTEXT *hd = context;
u32 t, msb, lsb; u32 t, msb, lsb;
byte *p; byte *p;
sha256_write (hd, NULL, 0); /* flush */; sha256_write (hd, NULL, 0); /* flush */;
t = hd->nblocks; t = hd->nblocks;
@ -382,7 +382,7 @@ sha256_read (void *context)
/* /*
Self-test section. Self-test section.
*/ */
@ -392,10 +392,10 @@ selftests_sha224 (int extended, selftest_report_func_t report)
{ {
const char *what; const char *what;
const char *errtxt; const char *errtxt;
what = "short string"; what = "short string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA224, 0, (GCRY_MD_SHA224, 0,
"abc", 3, "abc", 3,
"\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2\x55\xb3" "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2\x55\xb3"
"\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7", 28); "\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7", 28);
@ -406,13 +406,13 @@ selftests_sha224 (int extended, selftest_report_func_t report)
{ {
what = "long string"; what = "long string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA224, 0, (GCRY_MD_SHA224, 0,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56,
"\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01\x50" "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01\x50"
"\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25", 28); "\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25", 28);
if (errtxt) if (errtxt)
goto failed; goto failed;
what = "one million \"a\""; what = "one million \"a\"";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA224, 1, (GCRY_MD_SHA224, 1,
@ -436,10 +436,10 @@ selftests_sha256 (int extended, selftest_report_func_t report)
{ {
const char *what; const char *what;
const char *errtxt; const char *errtxt;
what = "short string"; what = "short string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA256, 0, (GCRY_MD_SHA256, 0,
"abc", 3, "abc", 3,
"\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23" "\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
"\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad", 32); "\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad", 32);
@ -450,14 +450,14 @@ selftests_sha256 (int extended, selftest_report_func_t report)
{ {
what = "long string"; what = "long string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA256, 0, (GCRY_MD_SHA256, 0,
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56,
"\x24\x8d\x6a\x61\xd2\x06\x38\xb8\xe5\xc0\x26\x93\x0c\x3e\x60\x39" "\x24\x8d\x6a\x61\xd2\x06\x38\xb8\xe5\xc0\x26\x93\x0c\x3e\x60\x39"
"\xa3\x3c\xe4\x59\x64\xff\x21\x67\xf6\xec\xed\xd4\x19\xdb\x06\xc1", "\xa3\x3c\xe4\x59\x64\xff\x21\x67\xf6\xec\xed\xd4\x19\xdb\x06\xc1",
32); 32);
if (errtxt) if (errtxt)
goto failed; goto failed;
what = "one million \"a\""; what = "one million \"a\"";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA256, 1, (GCRY_MD_SHA256, 1,
@ -495,7 +495,7 @@ run_selftests (int algo, int extended, selftest_report_func_t report)
default: default:
ec = GPG_ERR_DIGEST_ALGO; ec = GPG_ERR_DIGEST_ALGO;
break; break;
} }
return ec; return ec;
} }
@ -512,7 +512,7 @@ static byte asn224[19] = /* Object ID is 2.16.840.1.101.3.4.2.4 */
static gcry_md_oid_spec_t oid_spec_sha224[] = static gcry_md_oid_spec_t oid_spec_sha224[] =
{ {
/* From RFC3874, Section 4 */ /* From RFC3874, Section 4 */
{ "2.16.840.1.101.3.4.2.4" }, { "2.16.840.1.101.3.4.2.4" },
{ NULL }, { NULL },
}; };
@ -524,7 +524,7 @@ static byte asn256[19] = /* Object ID is 2.16.840.1.101.3.4.2.1 */
static gcry_md_oid_spec_t oid_spec_sha256[] = static gcry_md_oid_spec_t oid_spec_sha256[] =
{ {
/* According to the OpenPGP draft rfc2440-bis06 */ /* According to the OpenPGP draft rfc2440-bis06 */
{ "2.16.840.1.101.3.4.2.1" }, { "2.16.840.1.101.3.4.2.1" },
/* PKCS#1 sha256WithRSAEncryption */ /* PKCS#1 sha256WithRSAEncryption */
{ "1.2.840.113549.1.1.11" }, { "1.2.840.113549.1.1.11" },
@ -537,7 +537,7 @@ gcry_md_spec_t _gcry_digest_spec_sha224 =
sha224_init, sha256_write, sha256_final, sha256_read, sha224_init, sha256_write, sha256_final, sha256_read,
sizeof (SHA256_CONTEXT) sizeof (SHA256_CONTEXT)
}; };
md_extra_spec_t _gcry_digest_extraspec_sha224 = md_extra_spec_t _gcry_digest_extraspec_sha224 =
{ {
run_selftests run_selftests
}; };
@ -548,7 +548,7 @@ gcry_md_spec_t _gcry_digest_spec_sha256 =
sha256_init, sha256_write, sha256_final, sha256_read, sha256_init, sha256_write, sha256_final, sha256_read,
sizeof (SHA256_CONTEXT) sizeof (SHA256_CONTEXT)
}; };
md_extra_spec_t _gcry_digest_extraspec_sha256 = md_extra_spec_t _gcry_digest_extraspec_sha256 =
{ {
run_selftests run_selftests
}; };

View file

@ -283,7 +283,7 @@ transform (SHA512_CONTEXT *hd, const unsigned char *data)
t2 = Sum0 (b) + Maj (b, c, d); t2 = Sum0 (b) + Maj (b, c, d);
e += t1; e += t1;
a = t1 + t2; a = t1 + t2;
t += 8; t += 8;
#endif #endif
} }
@ -438,7 +438,7 @@ sha512_read (void *context)
/* /*
Self-test section. Self-test section.
*/ */
@ -448,10 +448,10 @@ selftests_sha384 (int extended, selftest_report_func_t report)
{ {
const char *what; const char *what;
const char *errtxt; const char *errtxt;
what = "short string"; what = "short string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA384, 0, (GCRY_MD_SHA384, 0,
"abc", 3, "abc", 3,
"\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50\x07" "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50\x07"
"\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff\x5b\xed" "\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff\x5b\xed"
@ -463,9 +463,9 @@ selftests_sha384 (int extended, selftest_report_func_t report)
{ {
what = "long string"; what = "long string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA384, 0, (GCRY_MD_SHA384, 0,
"abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 112, "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 112,
"\x09\x33\x0C\x33\xF7\x11\x47\xE8\x3D\x19\x2F\xC7\x82\xCD\x1B\x47" "\x09\x33\x0C\x33\xF7\x11\x47\xE8\x3D\x19\x2F\xC7\x82\xCD\x1B\x47"
"\x53\x11\x1B\x17\x3B\x3B\x05\xD2\x2F\xA0\x80\x86\xE3\xB0\xF7\x12" "\x53\x11\x1B\x17\x3B\x3B\x05\xD2\x2F\xA0\x80\x86\xE3\xB0\xF7\x12"
"\xFC\xC7\xC7\x1A\x55\x7E\x2D\xB9\x66\xC3\xE9\xFA\x91\x74\x60\x39", "\xFC\xC7\xC7\x1A\x55\x7E\x2D\xB9\x66\xC3\xE9\xFA\x91\x74\x60\x39",
@ -498,10 +498,10 @@ selftests_sha512 (int extended, selftest_report_func_t report)
{ {
const char *what; const char *what;
const char *errtxt; const char *errtxt;
what = "short string"; what = "short string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA512, 0, (GCRY_MD_SHA512, 0,
"abc", 3, "abc", 3,
"\xDD\xAF\x35\xA1\x93\x61\x7A\xBA\xCC\x41\x73\x49\xAE\x20\x41\x31" "\xDD\xAF\x35\xA1\x93\x61\x7A\xBA\xCC\x41\x73\x49\xAE\x20\x41\x31"
"\x12\xE6\xFA\x4E\x89\xA9\x7E\xA2\x0A\x9E\xEE\xE6\x4B\x55\xD3\x9A" "\x12\xE6\xFA\x4E\x89\xA9\x7E\xA2\x0A\x9E\xEE\xE6\x4B\x55\xD3\x9A"
@ -514,9 +514,9 @@ selftests_sha512 (int extended, selftest_report_func_t report)
{ {
what = "long string"; what = "long string";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA512, 0, (GCRY_MD_SHA512, 0,
"abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 112, "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 112,
"\x8E\x95\x9B\x75\xDA\xE3\x13\xDA\x8C\xF4\xF7\x28\x14\xFC\x14\x3F" "\x8E\x95\x9B\x75\xDA\xE3\x13\xDA\x8C\xF4\xF7\x28\x14\xFC\x14\x3F"
"\x8F\x77\x79\xC6\xEB\x9F\x7F\xA1\x72\x99\xAE\xAD\xB6\x88\x90\x18" "\x8F\x77\x79\xC6\xEB\x9F\x7F\xA1\x72\x99\xAE\xAD\xB6\x88\x90\x18"
"\x50\x1D\x28\x9E\x49\x00\xF7\xE4\x33\x1B\x99\xDE\xC4\xB5\x43\x3A" "\x50\x1D\x28\x9E\x49\x00\xF7\xE4\x33\x1B\x99\xDE\xC4\xB5\x43\x3A"
@ -524,7 +524,7 @@ selftests_sha512 (int extended, selftest_report_func_t report)
64); 64);
if (errtxt) if (errtxt)
goto failed; goto failed;
what = "one million \"a\""; what = "one million \"a\"";
errtxt = _gcry_hash_selftest_check_one errtxt = _gcry_hash_selftest_check_one
(GCRY_MD_SHA512, 1, (GCRY_MD_SHA512, 1,
@ -564,7 +564,7 @@ run_selftests (int algo, int extended, selftest_report_func_t report)
default: default:
ec = GPG_ERR_DIGEST_ALGO; ec = GPG_ERR_DIGEST_ALGO;
break; break;
} }
return ec; return ec;
} }
@ -589,13 +589,13 @@ static gcry_md_oid_spec_t oid_spec_sha512[] =
{ NULL } { NULL }
}; };
gcry_md_spec_t _gcry_digest_spec_sha512 = gcry_md_spec_t _gcry_digest_spec_sha512 =
{ {
"SHA512", sha512_asn, DIM (sha512_asn), oid_spec_sha512, 64, "SHA512", sha512_asn, DIM (sha512_asn), oid_spec_sha512, 64,
sha512_init, sha512_write, sha512_final, sha512_read, sha512_init, sha512_write, sha512_final, sha512_read,
sizeof (SHA512_CONTEXT), sizeof (SHA512_CONTEXT),
}; };
md_extra_spec_t _gcry_digest_extraspec_sha512 = md_extra_spec_t _gcry_digest_extraspec_sha512 =
{ {
run_selftests run_selftests
}; };
@ -609,7 +609,7 @@ static byte sha384_asn[] = /* Object ID is 2.16.840.1.101.3.4.2.2 */
static gcry_md_oid_spec_t oid_spec_sha384[] = static gcry_md_oid_spec_t oid_spec_sha384[] =
{ {
{ "2.16.840.1.101.3.4.2.2" }, { "2.16.840.1.101.3.4.2.2" },
/* PKCS#1 sha384WithRSAEncryption */ /* PKCS#1 sha384WithRSAEncryption */
{ "1.2.840.113549.1.1.12" }, { "1.2.840.113549.1.1.12" },
@ -617,13 +617,13 @@ static gcry_md_oid_spec_t oid_spec_sha384[] =
{ NULL }, { NULL },
}; };
gcry_md_spec_t _gcry_digest_spec_sha384 = gcry_md_spec_t _gcry_digest_spec_sha384 =
{ {
"SHA384", sha384_asn, DIM (sha384_asn), oid_spec_sha384, 48, "SHA384", sha384_asn, DIM (sha384_asn), oid_spec_sha384, 48,
sha384_init, sha512_write, sha512_final, sha512_read, sha384_init, sha512_write, sha512_final, sha512_read,
sizeof (SHA512_CONTEXT), sizeof (SHA512_CONTEXT),
}; };
md_extra_spec_t _gcry_digest_extraspec_sha384 = md_extra_spec_t _gcry_digest_extraspec_sha384 =
{ {
run_selftests run_selftests
}; };

View file

@ -625,14 +625,14 @@ tiger_round( u64 *ra, u64 *rb, u64 *rc, u64 x, int mul )
u64 a = *ra; u64 a = *ra;
u64 b = *rb; u64 b = *rb;
u64 c = *rc; u64 c = *rc;
c ^= x; c ^= x;
a -= ( sbox1[ c & 0xff ] ^ sbox2[ (c >> 16) & 0xff ] a -= ( sbox1[ c & 0xff ] ^ sbox2[ (c >> 16) & 0xff ]
^ sbox3[ (c >> 32) & 0xff ] ^ sbox4[ (c >> 48) & 0xff ]); ^ sbox3[ (c >> 32) & 0xff ] ^ sbox4[ (c >> 48) & 0xff ]);
b += ( sbox4[ (c >> 8) & 0xff ] ^ sbox3[ (c >> 24) & 0xff ] b += ( sbox4[ (c >> 8) & 0xff ] ^ sbox3[ (c >> 24) & 0xff ]
^ sbox2[ (c >> 40) & 0xff ] ^ sbox1[ (c >> 56) & 0xff ]); ^ sbox2[ (c >> 40) & 0xff ] ^ sbox1[ (c >> 56) & 0xff ]);
b *= mul; b *= mul;
*ra = a; *ra = a;
*rb = b; *rb = b;
*rc = c; *rc = c;
@ -751,7 +751,7 @@ tiger_write ( void *context, const void *inbuf_arg, size_t inlen)
} }
if( !inbuf ) if( !inbuf )
return; return;
if( hd->count ) if( hd->count )
{ {
for( ; inlen && hd->count < 64; inlen-- ) for( ; inlen && hd->count < 64; inlen-- )
hd->buf[hd->count++] = *inbuf++; hd->buf[hd->count++] = *inbuf++;

View file

@ -575,10 +575,10 @@ do_twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen)
* 128-bit keys use only sa through sh; 256-bit use all of them. */ * 128-bit keys use only sa through sh; 256-bit use all of them. */
byte sa = 0, sb = 0, sc = 0, sd = 0, se = 0, sf = 0, sg = 0, sh = 0; byte sa = 0, sb = 0, sc = 0, sd = 0, se = 0, sf = 0, sg = 0, sh = 0;
byte si = 0, sj = 0, sk = 0, sl = 0, sm = 0, sn = 0, so = 0, sp = 0; byte si = 0, sj = 0, sk = 0, sl = 0, sm = 0, sn = 0, so = 0, sp = 0;
/* Temporary for CALC_S. */ /* Temporary for CALC_S. */
byte tmp; byte tmp;
/* Flags for self-test. */ /* Flags for self-test. */
static int initialized = 0; static int initialized = 0;
static const char *selftest_failed=0; static const char *selftest_failed=0;
@ -668,7 +668,7 @@ do_twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen)
CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00); CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00);
CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D);
} }
else else
{ {
/* Compute the S-boxes. */ /* Compute the S-boxes. */
for(i=j=0,k=1; i < 256; i++, j += 2, k += 2 ) for(i=j=0,k=1; i < 256; i++, j += 2, k += 2 )
@ -980,7 +980,7 @@ main()
timer = clock (); timer = clock ();
/* Encryption test. */ /* Encryption test. */
for (i = 0; i < 125; i++) for (i = 0; i < 125; i++)
{ {
twofish_setkey (&ctx, buffer[0], sizeof (buffer[0])); twofish_setkey (&ctx, buffer[0], sizeof (buffer[0]));
for (j = 0; j < 1000; j++) for (j = 0; j < 1000; j++)
@ -998,7 +998,7 @@ main()
"encryption failure!\n" : "encryption OK!\n"; "encryption failure!\n" : "encryption OK!\n";
/* Decryption test. */ /* Decryption test. */
for (i = 0; i < 125; i++) for (i = 0; i < 125; i++)
{ {
twofish_setkey (&ctx, buffer[2], sizeof (buffer[2])*2); twofish_setkey (&ctx, buffer[2], sizeof (buffer[2])*2);
for (j = 0; j < 1000; j++) { for (j = 0; j < 1000; j++) {

View file

@ -117,7 +117,7 @@ static const u64 rc[R] =
U64_C (0xfbee7c66dd17479e), U64_C (0xfbee7c66dd17479e),
U64_C (0xca2dbf07ad5a8333), U64_C (0xca2dbf07ad5a8333),
}; };
/* Main lookup boxes. */ /* Main lookup boxes. */
@ -1322,7 +1322,7 @@ whirlpool_add (whirlpool_context_t *context,
} }
/*_gcry_burn_stack (80+6*sizeof(void*));*/ /* FIXME */ /*_gcry_burn_stack (80+6*sizeof(void*));*/ /* FIXME */
while (buffer_n >= BLOCK_SIZE) while (buffer_n >= BLOCK_SIZE)
{ {
whirlpool_transform (context, buffer); whirlpool_transform (context, buffer);
context->count = 0; context->count = 0;

View file

@ -1,14 +1,9 @@
2011-12-01 Werner Koch <wk@g10code.com> 2011-12-01 Werner Koch <wk@g10code.com>
NB: ChangeLog files are no longer manually maintained. Starting NB: ChangeLog files are no longer manually maintained. Starting
on December 1st, 2011 we put change information only in the GIT on December 1st, 2011 we put change information only in the GIT
commit log, and generate a top-level ChangeLog file from logs at commit log, and generate a top-level ChangeLog file from logs at
"make dist". See doc/HACKING for details. "make dist". See doc/HACKING for details.
2011-07-04 Werner Koch <wk@g10code.com>
* longlong.h (add_ssaaaa) [__arm__]: Do no use asm if thumb code
generation is enabled. This is bug#1202. Reported for gpg 1.4.
2011-03-28 Werner Koch <wk@g10code.com> 2011-03-28 Werner Koch <wk@g10code.com>
@ -825,7 +820,3 @@ Mon Feb 16 13:00:27 1998 Werner Koch (wk@isil.d.shuttle.de)
This file is distributed in the hope that it will be useful, but This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Local Variables:
buffer-read-only: t
End:

View file

@ -5,3 +5,4 @@ mpih-mul2.S
mpih-mul3.S mpih-mul3.S
mpih-rshift.S mpih-rshift.S
mpih-sub1.S mpih-sub1.S
mpi-asm-defs.h

View file

@ -0,0 +1,4 @@
/* This file defines some basic constants for the MPI machinery. We
* need to define the types on a per-CPU basis, so it is done with
* this file here. */
#define BYTES_PER_MPI_LIMB 8

View file

@ -522,7 +522,7 @@ _gcry_mpi_ec_add_points (mpi_point_t *result,
ec_mulm (l1, l1, x1, ctx); ec_mulm (l1, l1, x1, ctx);
} }
if (z1_is_one) if (z1_is_one)
mpi_set (l2, x1); mpi_set (l2, x2);
else else
{ {
ec_powm (l2, z1, ctx->two, ctx); ec_powm (l2, z1, ctx->two, ctx);
@ -670,10 +670,23 @@ _gcry_mpi_ec_mul_point (mpi_point_t *result,
mpi_mul (h, k, ctx->three); /* h = 3k */ mpi_mul (h, k, ctx->three); /* h = 3k */
loops = mpi_get_nbits (h); loops = mpi_get_nbits (h);
if (loops < 2)
mpi_set (result->x, point->x); {
mpi_set (result->y, yy); mpi_free (yy); yy = NULL; /* If SCALAR is zero, the above mpi_mul sets H to zero and thus
mpi_set (result->z, point->z); LOOPs will be zero. To avoid an underflow of I in the main
loop we set LOOP to 2 and the result to (0,0,0). */
loops = 2;
mpi_clear (result->x);
mpi_clear (result->y);
mpi_clear (result->z);
}
else
{
mpi_set (result->x, point->x);
mpi_set (result->y, yy);
mpi_set (result->z, point->z);
}
mpi_free (yy); yy = NULL;
p1.x = x1; x1 = NULL; p1.x = x1; x1 = NULL;
p1.y = y1; y1 = NULL; p1.y = y1; y1 = NULL;

View file

@ -184,28 +184,53 @@ extern UDItype __udiv_qrnnd ();
/*************************************** /***************************************
************** ARM ****************** ************** ARM ******************
***************************************/ ***************************************/
#if defined (__arm__) && W_TYPE_SIZE == 32 && !defined (__thumb__) #if defined (__arm__) && W_TYPE_SIZE == 32 && \
(!defined (__thumb__) || defined (__thumb2__))
/* The __ARM_ARCH define is provided by gcc 4.8. Construct it otherwise. */
#ifndef __ARM_ARCH
# ifdef __ARM_ARCH_2__
# define __ARM_ARCH 2
# elif defined (__ARM_ARCH_3__) || defined (__ARM_ARCH_3M__)
# define __ARM_ARCH 3
# elif defined (__ARM_ARCH_4__) || defined (__ARM_ARCH_4T__)
# define __ARM_ARCH 4
# elif defined (__ARM_ARCH_5__) || defined (__ARM_ARCH_5E__) \
|| defined(__ARM_ARCH_5T__) || defined(__ARM_ARCH_5TE__) \
|| defined(__ARM_ARCH_5TEJ__)
# define __ARM_ARCH 5
# elif defined (__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) \
|| defined (__ARM_ARCH_6Z__) || defined(__ARM_ARCH_6ZK__) \
|| defined (__ARM_ARCH_6K__) || defined(__ARM_ARCH_6T2__)
# define __ARM_ARCH 6
# elif defined (__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) \
|| defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__) \
|| defined(__ARM_ARCH_7EM__)
# define __ARM_ARCH 7
# else
/* could not detect? */
# endif
#endif
#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ #define add_ssaaaa(sh, sl, ah, al, bh, bl) \
__asm__ ("adds %1, %4, %5\n" \ __asm__ ("adds %1, %4, %5\n" \
"adc %0, %2, %3" \ "adc %0, %2, %3" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "%r" ((USItype)(ah)), \ : "%r" ((USItype)(ah)), \
"rI" ((USItype)(bh)), \ "rI" ((USItype)(bh)), \
"%r" ((USItype)(al)), \ "%r" ((USItype)(al)), \
"rI" ((USItype)(bl))) "rI" ((USItype)(bl)) __CLOBBER_CC)
#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ #define sub_ddmmss(sh, sl, ah, al, bh, bl) \
__asm__ ("subs %1, %4, %5\n" \ __asm__ ("subs %1, %4, %5\n" \
"sbc %0, %2, %3" \ "sbc %0, %2, %3" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "r" ((USItype)(ah)), \ : "r" ((USItype)(ah)), \
"rI" ((USItype)(bh)), \ "rI" ((USItype)(bh)), \
"r" ((USItype)(al)), \ "r" ((USItype)(al)), \
"rI" ((USItype)(bl))) "rI" ((USItype)(bl)) __CLOBBER_CC)
#if defined __ARM_ARCH_2__ || defined __ARM_ARCH_3__ #if (defined __ARM_ARCH && __ARM_ARCH <= 3)
#define umul_ppmm(xh, xl, a, b) \ #define umul_ppmm(xh, xl, a, b) \
__asm__ ("%@ Inlined umul_ppmm\n" \ __asm__ ("@ Inlined umul_ppmm\n" \
"mov %|r0, %2, lsr #16 @ AAAA\n" \ "mov %|r0, %2, lsr #16 @ AAAA\n" \
"mov %|r2, %3, lsr #16 @ BBBB\n" \ "mov %|r2, %3, lsr #16 @ BBBB\n" \
"bic %|r1, %2, %|r0, lsl #16 @ aaaa\n" \ "bic %|r1, %2, %|r0, lsl #16 @ aaaa\n" \
@ -218,23 +243,28 @@ extern UDItype __udiv_qrnnd ();
"addcs %|r2, %|r2, #65536\n" \ "addcs %|r2, %|r2, #65536\n" \
"adds %1, %|r1, %|r0, lsl #16\n" \ "adds %1, %|r1, %|r0, lsl #16\n" \
"adc %0, %|r2, %|r0, lsr #16" \ "adc %0, %|r2, %|r0, lsr #16" \
: "=&r" ((USItype)(xh)), \ : "=&r" ((xh)), \
"=r" ((USItype)(xl)) \ "=r" ((xl)) \
: "r" ((USItype)(a)), \ : "r" ((USItype)(a)), \
"r" ((USItype)(b)) \ "r" ((USItype)(b)) \
: "r0", "r1", "r2") : "r0", "r1", "r2" __CLOBBER_CC)
#else #else /* __ARM_ARCH >= 4 */
#define umul_ppmm(xh, xl, a, b) \ #define umul_ppmm(xh, xl, a, b) \
__asm__ ("%@ Inlined umul_ppmm\n" \ __asm__ ("@ Inlined umul_ppmm\n" \
"umull %r1, %r0, %r2, %r3" \ "umull %1, %0, %2, %3" \
: "=&r" ((USItype)(xh)), \ : "=&r" ((xh)), \
"=r" ((USItype)(xl)) \ "=r" ((xl)) \
: "r" ((USItype)(a)), \ : "r" ((USItype)(a)), \
"r" ((USItype)(b)) \ "r" ((USItype)(b)))
: "r0", "r1") #endif /* __ARM_ARCH >= 4 */
#endif
#define UMUL_TIME 20 #define UMUL_TIME 20
#define UDIV_TIME 100 #define UDIV_TIME 100
#if (defined __ARM_ARCH && __ARM_ARCH >= 5)
#define count_leading_zeros(count, x) \
__asm__ ("clz %0, %1" \
: "=r" ((count)) \
: "r" ((USItype)(x)))
#endif /* __ARM_ARCH >= 5 */
#endif /* __arm__ */ #endif /* __arm__ */
/*************************************** /***************************************
@ -437,43 +467,48 @@ extern USItype __udiv_qrnnd ();
#define add_ssaaaa(sh, sl, ah, al, bh, bl) \ #define add_ssaaaa(sh, sl, ah, al, bh, bl) \
__asm__ ("addl %5,%1\n" \ __asm__ ("addl %5,%1\n" \
"adcl %3,%0" \ "adcl %3,%0" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "%0" ((USItype)(ah)), \ : "%0" ((USItype)(ah)), \
"g" ((USItype)(bh)), \ "g" ((USItype)(bh)), \
"%1" ((USItype)(al)), \ "%1" ((USItype)(al)), \
"g" ((USItype)(bl))) "g" ((USItype)(bl)) \
__CLOBBER_CC)
#define sub_ddmmss(sh, sl, ah, al, bh, bl) \ #define sub_ddmmss(sh, sl, ah, al, bh, bl) \
__asm__ ("subl %5,%1\n" \ __asm__ ("subl %5,%1\n" \
"sbbl %3,%0" \ "sbbl %3,%0" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "0" ((USItype)(ah)), \ : "0" ((USItype)(ah)), \
"g" ((USItype)(bh)), \ "g" ((USItype)(bh)), \
"1" ((USItype)(al)), \ "1" ((USItype)(al)), \
"g" ((USItype)(bl))) "g" ((USItype)(bl)) \
__CLOBBER_CC)
#define umul_ppmm(w1, w0, u, v) \ #define umul_ppmm(w1, w0, u, v) \
__asm__ ("mull %3" \ __asm__ ("mull %3" \
: "=a" ((USItype)(w0)), \ : "=a" ((w0)), \
"=d" ((USItype)(w1)) \ "=d" ((w1)) \
: "%0" ((USItype)(u)), \ : "%0" ((USItype)(u)), \
"rm" ((USItype)(v))) "rm" ((USItype)(v)) \
__CLOBBER_CC)
#define udiv_qrnnd(q, r, n1, n0, d) \ #define udiv_qrnnd(q, r, n1, n0, d) \
__asm__ ("divl %4" \ __asm__ ("divl %4" \
: "=a" ((USItype)(q)), \ : "=a" ((q)), \
"=d" ((USItype)(r)) \ "=d" ((r)) \
: "0" ((USItype)(n0)), \ : "0" ((USItype)(n0)), \
"1" ((USItype)(n1)), \ "1" ((USItype)(n1)), \
"rm" ((USItype)(d))) "rm" ((USItype)(d)) \
__CLOBBER_CC)
#define count_leading_zeros(count, x) \ #define count_leading_zeros(count, x) \
do { \ do { \
USItype __cbtmp; \ USItype __cbtmp; \
__asm__ ("bsrl %1,%0" \ __asm__ ("bsrl %1,%0" \
: "=r" (__cbtmp) : "rm" ((USItype)(x))); \ : "=r" (__cbtmp) : "rm" ((USItype)(x)) \
__CLOBBER_CC); \
(count) = __cbtmp ^ 31; \ (count) = __cbtmp ^ 31; \
} while (0) } while (0)
#define count_trailing_zeros(count, x) \ #define count_trailing_zeros(count, x) \
__asm__ ("bsfl %1,%0" : "=r" (count) : "rm" ((USItype)(x))) __asm__ ("bsfl %1,%0" : "=r" (count) : "rm" ((USItype)(x)) __CLOBBER_CC)
#ifndef UMUL_TIME #ifndef UMUL_TIME
#define UMUL_TIME 40 #define UMUL_TIME 40
#endif #endif
@ -826,22 +861,22 @@ typedef unsigned int UTItype __attribute__ ((mode (TI)));
do { \ do { \
if (__builtin_constant_p (bh) && (bh) == 0) \ if (__builtin_constant_p (bh) && (bh) == 0) \
__asm__ ("{a%I4|add%I4c} %1,%3,%4\n\t{aze|addze} %0,%2" \ __asm__ ("{a%I4|add%I4c} %1,%3,%4\n\t{aze|addze} %0,%2" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "%r" ((USItype)(ah)), \ : "%r" ((USItype)(ah)), \
"%r" ((USItype)(al)), \ "%r" ((USItype)(al)), \
"rI" ((USItype)(bl))); \ "rI" ((USItype)(bl))); \
else if (__builtin_constant_p (bh) && (bh) ==~(USItype) 0) \ else if (__builtin_constant_p (bh) && (bh) ==~(USItype) 0) \
__asm__ ("{a%I4|add%I4c} %1,%3,%4\n\t{ame|addme} %0,%2" \ __asm__ ("{a%I4|add%I4c} %1,%3,%4\n\t{ame|addme} %0,%2" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "%r" ((USItype)(ah)), \ : "%r" ((USItype)(ah)), \
"%r" ((USItype)(al)), \ "%r" ((USItype)(al)), \
"rI" ((USItype)(bl))); \ "rI" ((USItype)(bl))); \
else \ else \
__asm__ ("{a%I5|add%I5c} %1,%4,%5\n\t{ae|adde} %0,%2,%3" \ __asm__ ("{a%I5|add%I5c} %1,%4,%5\n\t{ae|adde} %0,%2,%3" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "%r" ((USItype)(ah)), \ : "%r" ((USItype)(ah)), \
"r" ((USItype)(bh)), \ "r" ((USItype)(bh)), \
"%r" ((USItype)(al)), \ "%r" ((USItype)(al)), \
@ -851,36 +886,36 @@ typedef unsigned int UTItype __attribute__ ((mode (TI)));
do { \ do { \
if (__builtin_constant_p (ah) && (ah) == 0) \ if (__builtin_constant_p (ah) && (ah) == 0) \
__asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{sfze|subfze} %0,%2" \ __asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{sfze|subfze} %0,%2" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "r" ((USItype)(bh)), \ : "r" ((USItype)(bh)), \
"rI" ((USItype)(al)), \ "rI" ((USItype)(al)), \
"r" ((USItype)(bl))); \ "r" ((USItype)(bl))); \
else if (__builtin_constant_p (ah) && (ah) ==~(USItype) 0) \ else if (__builtin_constant_p (ah) && (ah) ==~(USItype) 0) \
__asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{sfme|subfme} %0,%2" \ __asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{sfme|subfme} %0,%2" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "r" ((USItype)(bh)), \ : "r" ((USItype)(bh)), \
"rI" ((USItype)(al)), \ "rI" ((USItype)(al)), \
"r" ((USItype)(bl))); \ "r" ((USItype)(bl))); \
else if (__builtin_constant_p (bh) && (bh) == 0) \ else if (__builtin_constant_p (bh) && (bh) == 0) \
__asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{ame|addme} %0,%2" \ __asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{ame|addme} %0,%2" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "r" ((USItype)(ah)), \ : "r" ((USItype)(ah)), \
"rI" ((USItype)(al)), \ "rI" ((USItype)(al)), \
"r" ((USItype)(bl))); \ "r" ((USItype)(bl))); \
else if (__builtin_constant_p (bh) && (bh) ==~(USItype) 0) \ else if (__builtin_constant_p (bh) && (bh) ==~(USItype) 0) \
__asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{aze|addze} %0,%2" \ __asm__ ("{sf%I3|subf%I3c} %1,%4,%3\n\t{aze|addze} %0,%2" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "r" ((USItype)(ah)), \ : "r" ((USItype)(ah)), \
"rI" ((USItype)(al)), \ "rI" ((USItype)(al)), \
"r" ((USItype)(bl))); \ "r" ((USItype)(bl))); \
else \ else \
__asm__ ("{sf%I4|subf%I4c} %1,%5,%4\n\t{sfe|subfe} %0,%3,%2" \ __asm__ ("{sf%I4|subf%I4c} %1,%5,%4\n\t{sfe|subfe} %0,%3,%2" \
: "=r" ((USItype)(sh)), \ : "=r" ((sh)), \
"=&r" ((USItype)(sl)) \ "=&r" ((sl)) \
: "r" ((USItype)(ah)), \ : "r" ((USItype)(ah)), \
"r" ((USItype)(bh)), \ "r" ((USItype)(bh)), \
"rI" ((USItype)(al)), \ "rI" ((USItype)(al)), \
@ -888,7 +923,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI)));
} while (0) } while (0)
#define count_leading_zeros(count, x) \ #define count_leading_zeros(count, x) \
__asm__ ("{cntlz|cntlzw} %0,%1" \ __asm__ ("{cntlz|cntlzw} %0,%1" \
: "=r" ((USItype)(count)) \ : "=r" ((count)) \
: "r" ((USItype)(x))) : "r" ((USItype)(x)))
#define COUNT_LEADING_ZEROS_0 32 #define COUNT_LEADING_ZEROS_0 32
#if defined (_ARCH_PPC) #if defined (_ARCH_PPC)
@ -896,7 +931,7 @@ typedef unsigned int UTItype __attribute__ ((mode (TI)));
do { \ do { \
USItype __m0 = (m0), __m1 = (m1); \ USItype __m0 = (m0), __m1 = (m1); \
__asm__ ("mulhwu %0,%1,%2" \ __asm__ ("mulhwu %0,%1,%2" \
: "=r" ((USItype) ph) \ : "=r" (ph) \
: "%r" (__m0), \ : "%r" (__m0), \
"r" (__m1)); \ "r" (__m1)); \
(pl) = __m0 * __m1; \ (pl) = __m0 * __m1; \
@ -918,8 +953,8 @@ typedef unsigned int UTItype __attribute__ ((mode (TI)));
do { \ do { \
USItype __m0 = (m0), __m1 = (m1); \ USItype __m0 = (m0), __m1 = (m1); \
__asm__ ("mul %0,%2,%3" \ __asm__ ("mul %0,%2,%3" \
: "=r" ((USItype)(xh)), \ : "=r" ((xh)), \
"=q" ((USItype)(xl)) \ "=q" ((xl)) \
: "r" (__m0), \ : "r" (__m0), \
"r" (__m1)); \ "r" (__m1)); \
(xh) += ((((SItype) __m0 >> 31) & __m1) \ (xh) += ((((SItype) __m0 >> 31) & __m1) \

View file

@ -28,8 +28,15 @@
#ifndef G10_MPI_INLINE_H #ifndef G10_MPI_INLINE_H
#define G10_MPI_INLINE_H #define G10_MPI_INLINE_H
/* Starting with gcc 4.3 "extern inline" conforms in c99 mode to the
c99 semantics. To keep the useful old semantics we use an
attribute. */
#ifndef G10_MPI_INLINE_DECL #ifndef G10_MPI_INLINE_DECL
#define G10_MPI_INLINE_DECL extern __inline__ # ifdef __GNUC_STDC_INLINE__
# define G10_MPI_INLINE_DECL extern inline __attribute__ ((__gnu_inline__))
# else
# define G10_MPI_INLINE_DECL extern __inline__
# endif
#endif #endif
G10_MPI_INLINE_DECL mpi_limb_t G10_MPI_INLINE_DECL mpi_limb_t

View file

@ -1,6 +1,7 @@
/* mpi-pow.c - MPI functions for exponentiation /* mpi-pow.c - MPI functions for exponentiation
* Copyright (C) 1994, 1996, 1998, 2000, 2002 * Copyright (C) 1994, 1996, 1998, 2000, 2002
* 2003 Free Software Foundation, Inc. * 2003 Free Software Foundation, Inc.
* 2013 g10 Code GmbH
* *
* This file is part of Libgcrypt. * This file is part of Libgcrypt.
* *
@ -81,9 +82,14 @@ gcry_mpi_powm (gcry_mpi_t res,
if (!esize) if (!esize)
{ {
/* Exponent is zero, result is 1 mod MOD, i.e., 1 or 0 depending /* Exponent is zero, result is 1 mod MOD, i.e., 1 or 0 depending
on if MOD equals 1. */ on if MOD equals 1. */
rp[0] = 1;
res->nlimbs = (msize == 1 && mod->d[0] == 1) ? 0 : 1; res->nlimbs = (msize == 1 && mod->d[0] == 1) ? 0 : 1;
if (res->nlimbs)
{
RESIZE_IF_NEEDED (res, 1);
rp = res->d;
rp[0] = 1;
}
res->sign = 0; res->sign = 0;
goto leave; goto leave;
} }
@ -230,7 +236,13 @@ gcry_mpi_powm (gcry_mpi_t res,
tp = rp; rp = xp; xp = tp; tp = rp; rp = xp; xp = tp;
rsize = xsize; rsize = xsize;
if ( (mpi_limb_signed_t)e < 0 ) /* To mitigate the Yarom/Falkner flush+reload cache
* side-channel attack on the RSA secret exponent, we do
* the multiplication regardless of the value of the
* high-bit of E. But to avoid this performance penalty
* we do it only if the exponent has been stored in secure
* memory and we can thus assume it is a secret exponent. */
if (esec || (mpi_limb_signed_t)e < 0)
{ {
/*mpih_mul( xp, rp, rsize, bp, bsize );*/ /*mpih_mul( xp, rp, rsize, bp, bsize );*/
if( bsize < KARATSUBA_THRESHOLD ) if( bsize < KARATSUBA_THRESHOLD )
@ -245,7 +257,9 @@ gcry_mpi_powm (gcry_mpi_t res,
_gcry_mpih_divrem(xp + msize, 0, xp, xsize, mp, msize); _gcry_mpih_divrem(xp + msize, 0, xp, xsize, mp, msize);
xsize = msize; xsize = msize;
} }
}
if ( (mpi_limb_signed_t)e < 0 )
{
tp = rp; rp = xp; xp = tp; tp = rp; rp = xp; xp = tp;
rsize = xsize; rsize = xsize;
} }

View file

@ -270,7 +270,7 @@ do_get_buffer (gcry_mpi_t a, unsigned int *nbytes, int *sign, int force_secure)
/* This is sub-optimal but we need to do the shift operation because /* This is sub-optimal but we need to do the shift operation because
the caller has to free the returned buffer. */ the caller has to free the returned buffer. */
for (p=buffer; !*p && *nbytes; p++, --*nbytes) for (p=buffer; *nbytes && !*p; p++, --*nbytes)
; ;
if (p != buffer) if (p != buffer)
memmove (buffer,p, *nbytes); memmove (buffer,p, *nbytes);

View file

@ -1,72 +1,13 @@
2011-12-01 Werner Koch <wk@g10code.com> 2011-12-01 Werner Koch <wk@g10code.com>
NB: ChangeLog files are no longer manually maintained. Starting NB: ChangeLog files are no longer manually maintained. Starting
on December 1st, 2011 we put change information only in the GIT on December 1st, 2011 we put change information only in the GIT
commit log, and generate a top-level ChangeLog file from logs at commit log, and generate a top-level ChangeLog file from logs at
"make dist". See doc/HACKING for details. "make dist". See doc/HACKING for details.
2011-09-16 Werner Koch <wk@g10code.com> 2011-09-08 Werner Koch <wk@g10code.com>
Change ATH code and turn the thread initialization callbacks in * gcrypt.h.in [GCRYPT_NO_DEPRECATED]: Exclude gcry_ac structures.
the API into dummy functions.
* global.c (global_init): Call _gcry_pimegen_init.
* gcrypt.h.in (GCRY_THREAD_OPTI ON_VERSION): Bump to 1.
(GCRY_THREAD_OPTION_PTH_IMPL): Simplify.
(GCRY_THREAD_OPTION_PTHREAD_IMPL): Simplify.
* ath.c (ath_read, ath_write): Remove. They are only used in the
optional random-daemon.
(ath_select, ath_waitpid, ath_accept, ath_connect, ath_sendmsg)
(ath_recvmsg): Remove. They are not used.
* ath.h: Remove prototypes and corresponding structure fields.
2011-03-11 Werner Koch <wk@g10code.com>
* ath.c (mutex_init): Rename second arg to FORCE and invert
logic. Change all callers.
2011-09-15 Werner Koch <wk@g10code.com>
* gcrypt.h.in (enum gcry_thread_option): Remove deprecated enum.
(gcry_md_start_debug, gcry_md_stop_debug): Remove deprecated these
macros.
2011-09-15 Werner Koch <wk@g10code.com>
Removal of the gcry_ac and the module register interfaces.
* Makefile.am (include_HEADERS): Remove gcrypt-module.h.
(libgcrypt_la_SOURCES): Add gcrypt-module.h which is now internal
header.
* gcrypt-module.h (gcry_md_register, gcry_md_unregister): Remove.
(gcry_pk_register, gcry_pk_unregister): Remove.
(gcry_cipher_register, gcry_cipher_unregister): Remove.
* visibility.h: Include gcrypt-module.h.
* gcrypt.h.in: Do not include gcrypt-module.h.
* gcrypt.h.in: Remove all gcry_ac symbols.
(gcry_pk_list, gcry_md_list, gcry_cipher_list): Remove.
* visibility.h: Remove all gcry_ac symbols.
(gcry_pk_list, gcry_md_list, gcry_cipher_list): Remove.
(gcry_cipher_register, gcry_cipher_unregister, gcry_pk_register)
(gcry_pk_unregister, gcry_md_register, gcry_md_unregister): Remove.
* visibility.c: Remove all gcry_ac wrappers.
(gcry_pk_list, gcry_cipher_list, gcry_md_list): Remove.
(gcry_cipher_register, gcry_cipher_unregister, gcry_pk_register)
(gcry_pk_unregister, gcry_md_register, gcry_md_unregister): Remove.
* libgcrypt.vers: Remove all gcry_ac symbols.
(GCRYPT_1.2): Rename to GCRYPT_1.6.
(gcry_pk_list, gcry_md_list, gcry_cipher_list): Remove.
* libgcrypt.def: Remove all gcry_ac symbols.
(gcry_pk_list, gcry_md_list, gcry_cipher_list): Remove.
* global.c (global_init): Remove comment code with a call to
_gcry_ac_init.
2011-09-15 Werner Koch <wk@g10code.com>
* hmac256.c (main): Fix endless loop when using pipe input and
option --binary.
2011-06-10 Werner Koch <wk@g10code.com> 2011-06-10 Werner Koch <wk@g10code.com>
@ -2392,7 +2333,3 @@ Tue Dec 8 13:15:16 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
This file is distributed in the hope that it will be useful, but This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Local Variables:
buffer-read-only: t
End:

View file

@ -26,7 +26,7 @@ EXTRA_DIST = Manifest libgcrypt-config.in libgcrypt.m4 libgcrypt.vers \
bin_SCRIPTS = libgcrypt-config bin_SCRIPTS = libgcrypt-config
m4datadir = $(datadir)/aclocal m4datadir = $(datadir)/aclocal
m4data_DATA = libgcrypt.m4 m4data_DATA = libgcrypt.m4
include_HEADERS = gcrypt.h include_HEADERS = gcrypt.h gcrypt-module.h
lib_LTLIBRARIES = libgcrypt.la lib_LTLIBRARIES = libgcrypt.la
bin_PROGRAMS = dumpsexp hmac256 bin_PROGRAMS = dumpsexp hmac256
@ -53,7 +53,7 @@ endif
libgcrypt_la_CFLAGS = $(GPG_ERROR_CFLAGS) libgcrypt_la_CFLAGS = $(GPG_ERROR_CFLAGS)
libgcrypt_la_SOURCES = g10lib.h visibility.c visibility.h types.h \ libgcrypt_la_SOURCES = g10lib.h visibility.c visibility.h types.h \
cipher.h cipher-proto.h gcrypt-module.h \ cipher.h cipher-proto.h \
misc.c global.c sexp.c hwfeatures.c \ misc.c global.c sexp.c hwfeatures.c \
stdmem.c stdmem.h secmem.c secmem.h \ stdmem.c stdmem.h secmem.c secmem.h \
mpi.h missing-string.c module.c fips.c \ mpi.h missing-string.c module.c fips.c \

View file

@ -1,323 +1,344 @@
/* ath.c - A Thread-safeness library. /* ath.c - Thread-safeness library.
* Copyright (C) 2002, 2003, 2004, 2011 Free Software Foundation, Inc. Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt. This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser general Public License as it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version. the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful, Libgcrypt is distributed in the hope that it will be useful, but
* but WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* GNU Lesser General Public License for more details. General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, see <http://www.gnu.org/licenses/>. License along with Libgcrypt; if not, write to the Free Software
*/ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
02111-1307, USA. */
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
#include <config.h> #include <config.h>
#endif #endif
#include <stdlib.h> #include <assert.h> /* Right: We need to use assert and not gcry_assert. */
#include <unistd.h> #include <unistd.h>
#include <errno.h> #ifdef HAVE_SYS_SELECT_H
#if USE_POSIX_THREADS_WEAK # include <sys/select.h>
# include <pthread.h> #else
# include <sys/time.h>
#endif #endif
#include <sys/types.h>
#ifndef _WIN32
#include <sys/wait.h>
#endif
#include <errno.h>
#include "ath.h" #include "ath.h"
/* On an ELF system it is easy to use pthreads using weak references. /* The interface table. */
Take care not to test the address of a weak referenced function we static struct ath_ops ops;
actually use; some GCC versions have a bug were &foo != NULL is
always evaluated to true in PIC mode. USING_PTHREAD_AS_DEFAULT is
used by ath_install to detect the default usage of pthread. */
#if USE_POSIX_THREADS_WEAK
# pragma weak pthread_cancel
# pragma weak pthread_mutex_init
# pragma weak pthread_mutex_lock
# pragma weak pthread_mutex_unlock
# pragma weak pthread_mutex_destroy
#endif
/* For the dummy interface. The MUTEX_NOTINIT value is used to check /* True if we should use the external callbacks. */
that a mutex has been initialized. Because its value is there is static int ops_set;
no need to explicit initialized a mutex variable because it is
anyway static and we store a pointer to allocated memory there
after initialization. The same thing works with other thread /* For the dummy interface. */
models. */ #define MUTEX_UNLOCKED ((ath_mutex_t) 0)
#define MUTEX_NOTINIT ((ath_mutex_t) 0) #define MUTEX_LOCKED ((ath_mutex_t) 1)
#define MUTEX_UNLOCKED ((ath_mutex_t) 1) #define MUTEX_DESTROYED ((ath_mutex_t) 2)
#define MUTEX_LOCKED ((ath_mutex_t) 2)
#define MUTEX_DESTROYED ((ath_mutex_t) 3)
/* Return the thread type from the option field. */ /* Return the thread type from the option field. */
#define GET_OPTION(a) ((a) & 0xff) #define GET_OPTION(a) ((a) & 0xff)
/* Return the version number from the option field. */
#define GET_VERSION(a) (((a) >> 8)& 0xff)
enum ath_thread_model { /* The lock we take while checking for lazy lock initialization. */
ath_model_undefined = 0, static ath_mutex_t check_init_lock = ATH_MUTEX_INITIALIZER;
ath_model_none, /* No thread support. */
ath_model_pthreads_weak, /* POSIX threads using weak symbols. */
ath_model_pthreads, /* POSIX threads directly linked. */
ath_model_w32 /* Microsoft Windows threads. */
};
/* The thread model in use. */
static enum ath_thread_model thread_model;
/* Initialize the ath subsystem. This is called as part of the
Libgcrypt initialization. It's purpose is to initialize the
locking system. It returns 0 on sucess or an ERRNO value on error.
In the latter case it is not defined whether ERRNO was changed.
Note: This should be called as early as possible because it is not
always possible to detect the thread model to use while already
running multi threaded. */
int int
ath_init (void) ath_init (void)
{ {
int err = 0; int err = 0;
if (thread_model) if (ops_set)
return 0; /* Already initialized - no error. */
if (0)
;
#if USE_POSIX_THREADS_WEAK
else if (pthread_cancel)
{ {
thread_model = ath_model_pthreads_weak; if (ops.init)
err = (*ops.init) ();
if (err)
return err;
err = (*ops.mutex_init) (&check_init_lock);
} }
#endif
else
{
/* Assume a single threaded application. */
thread_model = ath_model_none;
}
return err; return err;
} }
/* Return the used thread model as string for display purposes an if /* Initialize the locking library. Returns 0 if the operation was
R_MODEL is not null store its internal number at R_MODEL. */ successful, EINVAL if the operation table was invalid and EBUSY if
const char * we already were initialized. */
ath_get_model (int *r_model)
{
if (r_model)
*r_model = thread_model;
switch (thread_model)
{
case ath_model_undefined: return "undefined";
case ath_model_none: return "none";
case ath_model_pthreads_weak: return "pthread(weak)";
case ath_model_pthreads: return "pthread";
case ath_model_w32: return "w32";
default: return "?";
}
}
/* This function was used in old Libgcrypt versions (via
GCRYCTL_SET_THREAD_CBS) to register the thread callback functions.
It is not anymore required. However to allow existing code to
continue to work, we keep this function and check that no user
defined callbacks are used and that the requested thread system
matches the one Libgcrypt is using. */
gpg_err_code_t gpg_err_code_t
ath_install (struct ath_ops *ath_ops) ath_install (struct ath_ops *ath_ops, int check_only)
{ {
unsigned int thread_option; if (check_only)
/* Check if the requested thread option is compatible to the
thread option we are already committed to. */
thread_option = ath_ops? GET_OPTION (ath_ops->option) : 0;
/* Return an error if the requested thread model does not match the
configured one. */
if (0)
;
#if USE_POSIX_THREADS_WEAK
else if (thread_model == ath_model_pthreads_weak)
{ {
if (thread_option == ATH_THREAD_OPTION_PTHREAD) unsigned int option = 0;
return 0; /* Okay - compatible. */
}
#endif /*USE_POSIX_THREADS_WEAK*/
else if (thread_option == ATH_THREAD_OPTION_DEFAULT)
return 0; /* No thread support requested. */
return GPG_ERR_NOT_SUPPORTED; /* Check if the requested thread option is compatible to the
thread option we are already committed to. */
if (ath_ops)
option = ath_ops->option;
if (!ops_set && GET_OPTION (option))
return GPG_ERR_NOT_SUPPORTED;
if (GET_OPTION (ops.option) == ATH_THREAD_OPTION_USER
|| GET_OPTION (option) == ATH_THREAD_OPTION_USER
|| GET_OPTION (ops.option) != GET_OPTION (option)
|| GET_VERSION (ops.option) != GET_VERSION (option))
return GPG_ERR_NOT_SUPPORTED;
return 0;
}
if (ath_ops)
{
/* It is convenient to not require DESTROY. */
if (!ath_ops->mutex_init || !ath_ops->mutex_lock
|| !ath_ops->mutex_unlock)
return GPG_ERR_INV_ARG;
ops = *ath_ops;
ops_set = 1;
}
else
ops_set = 0;
return 0;
}
static int
mutex_init (ath_mutex_t *lock, int just_check)
{
int err = 0;
if (just_check)
(*ops.mutex_lock) (&check_init_lock);
if (*lock == ATH_MUTEX_INITIALIZER || !just_check)
err = (*ops.mutex_init) (lock);
if (just_check)
(*ops.mutex_unlock) (&check_init_lock);
return err;
} }
/* Initialize a new mutex. This function returns 0 on success or an
system error code (i.e. an ERRNO value). ERRNO may or may not be
changed on error. */
int int
ath_mutex_init (ath_mutex_t *lock) ath_mutex_init (ath_mutex_t *lock)
{ {
int err; if (ops_set)
return mutex_init (lock, 0);
switch (thread_model) #ifndef NDEBUG
{ *lock = MUTEX_UNLOCKED;
case ath_model_none: #endif
*lock = MUTEX_UNLOCKED; return 0;
err = 0;
break;
#if USE_POSIX_THREADS_WEAK
case ath_model_pthreads_weak:
{
pthread_mutex_t *plck;
plck = malloc (sizeof *plck);
if (!plck)
err = errno? errno : ENOMEM;
else
{
err = pthread_mutex_init (plck, NULL);
if (err)
free (plck);
else
*lock = (void*)plck;
}
}
break;
#endif /*USE_POSIX_THREADS_WEAK*/
default:
err = EINVAL;
break;
}
return err;
} }
/* Destroy a mutex. This function is a NOP if LOCK is NULL. If the
mutex is still locked it can't be destroyed and the function
returns EBUSY. ERRNO may or may not be changed on error. */
int int
ath_mutex_destroy (ath_mutex_t *lock) ath_mutex_destroy (ath_mutex_t *lock)
{ {
int err; if (ops_set)
if (!*lock)
return 0;
switch (thread_model)
{ {
case ath_model_none: if (!ops.mutex_destroy)
if (*lock != MUTEX_UNLOCKED) return 0;
err = EBUSY;
else
{
*lock = MUTEX_DESTROYED;
err = 0;
}
break;
#if USE_POSIX_THREADS_WEAK (*ops.mutex_lock) (&check_init_lock);
case ath_model_pthreads_weak: if (*lock == ATH_MUTEX_INITIALIZER)
{ {
pthread_mutex_t *plck = (pthread_mutex_t*)lock; (*ops.mutex_unlock) (&check_init_lock);
return 0;
err = pthread_mutex_destroy (plck); }
if (!err) (*ops.mutex_unlock) (&check_init_lock);
{ return (*ops.mutex_destroy) (lock);
free (plck);
lock = NULL;
}
}
break;
#endif /*USE_POSIX_THREADS_WEAK*/
default:
err = EINVAL;
break;
} }
return err; #ifndef NDEBUG
assert (*lock == MUTEX_UNLOCKED);
*lock = MUTEX_DESTROYED;
#endif
return 0;
} }
/* Lock the mutex LOCK. On success the function returns 0; on error
an error code. ERRNO may or may not be changed on error. */
int int
ath_mutex_lock (ath_mutex_t *lock) ath_mutex_lock (ath_mutex_t *lock)
{ {
int err; if (ops_set)
switch (thread_model)
{ {
case ath_model_none: int ret = mutex_init (lock, 1);
if (*lock == MUTEX_NOTINIT) if (ret)
err = EINVAL; return ret;
else if (*lock == MUTEX_UNLOCKED) return (*ops.mutex_lock) (lock);
{
*lock = MUTEX_LOCKED;
err = 0;
}
else
err = EDEADLK;
break;
#if USE_POSIX_THREADS_WEAK
case ath_model_pthreads_weak:
err = pthread_mutex_lock ((pthread_mutex_t*)lock);
break;
#endif /*USE_POSIX_THREADS_WEAK*/
default:
err = EINVAL;
break;
} }
return err; #ifndef NDEBUG
assert (*lock == MUTEX_UNLOCKED);
*lock = MUTEX_LOCKED;
#endif
return 0;
} }
/* Unlock the mutex LOCK. On success the function returns 0; on error
an error code. ERRNO may or may not be changed on error. */
int int
ath_mutex_unlock (ath_mutex_t *lock) ath_mutex_unlock (ath_mutex_t *lock)
{ {
int err; if (ops_set)
switch (thread_model)
{ {
case ath_model_none: int ret = mutex_init (lock, 1);
if (*lock == MUTEX_NOTINIT) if (ret)
err = EINVAL; return ret;
else if (*lock == MUTEX_LOCKED) return (*ops.mutex_unlock) (lock);
{
*lock = MUTEX_UNLOCKED;
err = 0;
}
else
err = EPERM;
break;
#if USE_POSIX_THREADS_WEAK
case ath_model_pthreads_weak:
err = pthread_mutex_unlock ((pthread_mutex_t*)lock);
break;
#endif /*USE_POSIX_THREADS_WEAK*/
default:
err = EINVAL;
break;
} }
return err; #ifndef NDEBUG
assert (*lock == MUTEX_LOCKED);
*lock = MUTEX_UNLOCKED;
#endif
return 0;
}
ssize_t
ath_read (int fd, void *buf, size_t nbytes)
{
if (ops_set && ops.read)
return (*ops.read) (fd, buf, nbytes);
else
return read (fd, buf, nbytes);
}
ssize_t
ath_write (int fd, const void *buf, size_t nbytes)
{
if (ops_set && ops.write)
return (*ops.write) (fd, buf, nbytes);
else
return write (fd, buf, nbytes);
}
ssize_t
#ifdef _WIN32
ath_select (int nfd, void *rset, void *wset, void *eset,
struct timeval *timeout)
#else
ath_select (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
struct timeval *timeout)
#endif
{
if (ops_set && ops.select)
return (*ops.select) (nfd, rset, wset, eset, timeout);
else
#ifdef _WIN32
return -1;
#else
return select (nfd, rset, wset, eset, timeout);
#endif
}
ssize_t
ath_waitpid (pid_t pid, int *status, int options)
{
if (ops_set && ops.waitpid)
return (*ops.waitpid) (pid, status, options);
else
#ifdef _WIN32
return -1;
#else
return waitpid (pid, status, options);
#endif
}
int
#ifdef _WIN32
ath_accept (int s, void *addr, int *length_ptr)
#else
ath_accept (int s, struct sockaddr *addr, socklen_t *length_ptr)
#endif
{
if (ops_set && ops.accept)
return (*ops.accept) (s, addr, length_ptr);
else
#ifdef _WIN32
return -1;
#else
return accept (s, addr, length_ptr);
#endif
}
int
#ifdef _WIN32
ath_connect (int s, void *addr, int length)
#else
ath_connect (int s, struct sockaddr *addr, socklen_t length)
#endif
{
if (ops_set && ops.connect)
return (*ops.connect) (s, addr, length);
else
#ifdef _WIN32
return -1;
#else
return connect (s, addr, length);
#endif
}
int
#ifdef _WIN32
ath_sendmsg (int s, const void *msg, int flags)
#else
ath_sendmsg (int s, const struct msghdr *msg, int flags)
#endif
{
if (ops_set && ops.sendmsg)
return (*ops.sendmsg) (s, msg, flags);
else
#ifdef _WIN32
return -1;
#else
return sendmsg (s, msg, flags);
#endif
}
int
#ifdef _WIN32
ath_recvmsg (int s, void *msg, int flags)
#else
ath_recvmsg (int s, struct msghdr *msg, int flags)
#endif
{
if (ops_set && ops.recvmsg)
return (*ops.recvmsg) (s, msg, flags);
else
#ifdef _WIN32
return -1;
#else
return recvmsg (s, msg, flags);
#endif
} }

View file

@ -1,21 +1,22 @@
/* ath.h - Thread-safeness library. /* ath.h - Thread-safeness library.
* Copyright (C) 2002, 2003, 2004, 2011 Free Software Foundation, Inc. Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt. This file is part of Libgcrypt.
*
* Libgcrypt is free software; you can redistribute it and/or modify Libgcrypt is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser general Public License as it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version. the License, or (at your option) any later version.
*
* Libgcrypt is distributed in the hope that it will be useful, Libgcrypt is distributed in the hope that it will be useful, but
* but WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* GNU Lesser General Public License for more details. General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, see <http://www.gnu.org/licenses/>. License along with Libgcrypt; if not, write to the Free Software
*/ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
02111-1307, USA. */
#ifndef ATH_H #ifndef ATH_H
#define ATH_H #define ATH_H
@ -50,11 +51,18 @@
#define _ATH_PREFIX(x) _ATH_PREFIX2(_ATH_EXT_SYM_PREFIX,x) #define _ATH_PREFIX(x) _ATH_PREFIX2(_ATH_EXT_SYM_PREFIX,x)
#define ath_install _ATH_PREFIX(ath_install) #define ath_install _ATH_PREFIX(ath_install)
#define ath_init _ATH_PREFIX(ath_init) #define ath_init _ATH_PREFIX(ath_init)
#define ath_get_model _ATH_PREFIX(ath_get_model)
#define ath_mutex_init _ATH_PREFIX(ath_mutex_init) #define ath_mutex_init _ATH_PREFIX(ath_mutex_init)
#define ath_mutex_destroy _ATH_PREFIX(ath_mutex_destroy) #define ath_mutex_destroy _ATH_PREFIX(ath_mutex_destroy)
#define ath_mutex_lock _ATH_PREFIX(ath_mutex_lock) #define ath_mutex_lock _ATH_PREFIX(ath_mutex_lock)
#define ath_mutex_unlock _ATH_PREFIX(ath_mutex_unlock) #define ath_mutex_unlock _ATH_PREFIX(ath_mutex_unlock)
#define ath_read _ATH_PREFIX(ath_read)
#define ath_write _ATH_PREFIX(ath_write)
#define ath_select _ATH_PREFIX(ath_select)
#define ath_waitpid _ATH_PREFIX(ath_waitpid)
#define ath_connect _ATH_PREFIX(ath_connect)
#define ath_accept _ATH_PREFIX(ath_accept)
#define ath_sendmsg _ATH_PREFIX(ath_sendmsg)
#define ath_recvmsg _ATH_PREFIX(ath_recvmsg)
#endif #endif
@ -75,18 +83,65 @@ struct ath_ops
*/ */
unsigned int option; unsigned int option;
int (*init) (void);
int (*mutex_init) (void **priv);
int (*mutex_destroy) (void *priv);
int (*mutex_lock) (void *priv);
int (*mutex_unlock) (void *priv);
ssize_t (*read) (int fd, void *buf, size_t nbytes);
ssize_t (*write) (int fd, const void *buf, size_t nbytes);
#ifdef _WIN32
ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
struct timeval *timeout);
ssize_t (*waitpid) (pid_t pid, int *status, int options);
int (*accept) (int s, void *addr, int *length_ptr);
int (*connect) (int s, void *addr, int length);
int (*sendmsg) (int s, const void *msg, int flags);
int (*recvmsg) (int s, void *msg, int flags);
#else
ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
struct timeval *timeout);
ssize_t (*waitpid) (pid_t pid, int *status, int options);
int (*accept) (int s, struct sockaddr *addr, socklen_t *length_ptr);
int (*connect) (int s, struct sockaddr *addr, socklen_t length);
int (*sendmsg) (int s, const struct msghdr *msg, int flags);
int (*recvmsg) (int s, struct msghdr *msg, int flags);
#endif
}; };
gpg_err_code_t ath_install (struct ath_ops *ath_ops); gpg_err_code_t ath_install (struct ath_ops *ath_ops, int check_only);
int ath_init (void); int ath_init (void);
const char *ath_get_model (int *r_model);
/* Functions for mutual exclusion. */ /* Functions for mutual exclusion. */
typedef void *ath_mutex_t; typedef void *ath_mutex_t;
#define ATH_MUTEX_INITIALIZER 0
int ath_mutex_init (ath_mutex_t *mutex); int ath_mutex_init (ath_mutex_t *mutex);
int ath_mutex_destroy (ath_mutex_t *mutex); int ath_mutex_destroy (ath_mutex_t *mutex);
int ath_mutex_lock (ath_mutex_t *mutex); int ath_mutex_lock (ath_mutex_t *mutex);
int ath_mutex_unlock (ath_mutex_t *mutex); int ath_mutex_unlock (ath_mutex_t *mutex);
/* Replacement for the POSIX functions, which can be used to allow
other (user-level) threads to run. */
ssize_t ath_read (int fd, void *buf, size_t nbytes);
ssize_t ath_write (int fd, const void *buf, size_t nbytes);
#ifdef _WIN32
ssize_t ath_select (int nfd, void *rset, void *wset, void *eset,
struct timeval *timeout);
ssize_t ath_waitpid (pid_t pid, int *status, int options);
int ath_accept (int s, void *addr, int *length_ptr);
int ath_connect (int s, void *addr, int length);
int ath_sendmsg (int s, const void *msg, int flags);
int ath_recvmsg (int s, void *msg, int flags);
#else
ssize_t ath_select (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
struct timeval *timeout);
ssize_t ath_waitpid (pid_t pid, int *status, int options);
int ath_accept (int s, struct sockaddr *addr, socklen_t *length_ptr);
int ath_connect (int s, struct sockaddr *addr, socklen_t length);
int ath_sendmsg (int s, const struct msghdr *msg, int flags);
int ath_recvmsg (int s, struct msghdr *msg, int flags);
#endif
#endif /* ATH_H */ #endif /* ATH_H */

View file

@ -135,6 +135,7 @@ extern gcry_cipher_spec_t _gcry_cipher_spec_seed;
extern gcry_cipher_spec_t _gcry_cipher_spec_camellia128; extern gcry_cipher_spec_t _gcry_cipher_spec_camellia128;
extern gcry_cipher_spec_t _gcry_cipher_spec_camellia192; extern gcry_cipher_spec_t _gcry_cipher_spec_camellia192;
extern gcry_cipher_spec_t _gcry_cipher_spec_camellia256; extern gcry_cipher_spec_t _gcry_cipher_spec_camellia256;
extern gcry_cipher_spec_t _gcry_cipher_spec_idea;
extern cipher_extra_spec_t _gcry_cipher_extraspec_tripledes; extern cipher_extra_spec_t _gcry_cipher_extraspec_tripledes;
extern cipher_extra_spec_t _gcry_cipher_extraspec_aes; extern cipher_extra_spec_t _gcry_cipher_extraspec_aes;

View file

@ -69,7 +69,7 @@ static int enforced_fips_mode;
static int inactive_fips_mode; static int inactive_fips_mode;
/* This is the lock we use to protect the FSM. */ /* This is the lock we use to protect the FSM. */
static ath_mutex_t fsm_lock; static ath_mutex_t fsm_lock = ATH_MUTEX_INITIALIZER;
/* The current state of the FSM. The whole state machinery is only /* The current state of the FSM. The whole state machinery is only
used while in fips mode. Change this only while holding fsm_lock. */ used while in fips mode. Change this only while holding fsm_lock. */
@ -274,9 +274,17 @@ _gcry_fips_mode (void)
int int
_gcry_enforced_fips_mode (void) _gcry_enforced_fips_mode (void)
{ {
if (!_gcry_fips_mode ())
return 0;
return enforced_fips_mode; return enforced_fips_mode;
} }
/* Set a flag telling whether we are in the enforced fips mode. */
void
_gcry_set_enforced_fips_mode (void)
{
enforced_fips_mode = 1;
}
/* If we do not want to enforce the fips mode, we can set a flag so /* If we do not want to enforce the fips mode, we can set a flag so
that the application may check whether it is still in fips mode. that the application may check whether it is still in fips mode.

View file

@ -69,8 +69,6 @@
/* Gettext macros. */ /* Gettext macros. */
#define _(a) _gcry_gettext(a)
/* Some handy macros */ /* Some handy macros */
#ifndef STR #ifndef STR
#define STR(v) #v #define STR(v) #v
@ -116,9 +114,20 @@ void _gcry_log_printhex (const char *text, const void *buffer, size_t length);
void _gcry_set_log_verbosity( int level ); void _gcry_set_log_verbosity( int level );
int _gcry_log_verbosity( int level ); int _gcry_log_verbosity( int level );
#ifdef JNLIB_GCC_M_FUNCTION
#define BUG() _gcry_bug( __FILE__ , __LINE__, __FUNCTION__ )
#define gcry_assert(expr) ((expr)? (void)0 \
: _gcry_assert_failed (STR(expr), __FILE__, __LINE__, __FUNCTION__))
#elif __STDC_VERSION__ >= 199901L
#define BUG() _gcry_bug( __FILE__ , __LINE__, __func__ ) #define BUG() _gcry_bug( __FILE__ , __LINE__, __func__ )
#define gcry_assert(expr) ((expr)? (void)0 \ #define gcry_assert(expr) ((expr)? (void)0 \
: _gcry_assert_failed (STR(expr), __FILE__, __LINE__, __func__)) : _gcry_assert_failed (STR(expr), __FILE__, __LINE__, __func__))
#else
#define BUG() _gcry_bug( __FILE__ , __LINE__ )
#define gcry_assert(expr) ((expr)? (void)0 \
: _gcry_assert_failed (STR(expr), __FILE__, __LINE__))
#endif
#define log_bug _gcry_log_bug #define log_bug _gcry_log_bug
#define log_fatal _gcry_log_fatal #define log_fatal _gcry_log_fatal
@ -155,7 +164,6 @@ const char *_gcry_mpi_get_hw_config (void);
#endif #endif
/*-- primegen.c --*/ /*-- primegen.c --*/
gcry_err_code_t _gcry_primegen_init (void);
gcry_mpi_t _gcry_generate_secret_prime (unsigned int nbits, gcry_mpi_t _gcry_generate_secret_prime (unsigned int nbits,
gcry_random_level_t random_level, gcry_random_level_t random_level,
int (*extra_check)(void*, gcry_mpi_t), int (*extra_check)(void*, gcry_mpi_t),
@ -238,66 +246,6 @@ void _gcry_burn_stack (int bytes);
|| (*(a) >= 'A' && *(a) <= 'F') \ || (*(a) >= 'A' && *(a) <= 'F') \
|| (*(a) >= 'a' && *(a) <= 'f')) || (*(a) >= 'a' && *(a) <= 'f'))
/* Management for ciphers/digests/pubkey-ciphers. */
/* Structure for each registered `module'. */
struct gcry_module
{
struct gcry_module *next; /* List pointers. */
struct gcry_module **prevp;
void *spec; /* Pointer to the subsystem-specific
specification structure. */
void *extraspec; /* Pointer to the subsystem-specific
extra specification structure. */
int flags; /* Associated flags. */
int counter; /* Use counter. */
unsigned int mod_id; /* ID of this module. */
};
typedef struct gcry_module gcry_module_t;
/* Flags for the `flags' member of gcry_module_t. */
#define FLAG_MODULE_DISABLED (1 << 0)
gcry_err_code_t _gcry_module_add (gcry_module_t *entries,
unsigned int id,
void *spec,
void *extraspec,
gcry_module_t *module);
typedef int (*gcry_module_lookup_t) (void *spec, void *data);
/* Lookup a module specification by it's ID. After a successful
lookup, the module has it's resource counter incremented. */
gcry_module_t _gcry_module_lookup_id (gcry_module_t entries,
unsigned int id);
/* Internal function. Lookup a module specification. */
gcry_module_t _gcry_module_lookup (gcry_module_t entries, void *data,
gcry_module_lookup_t func);
/* Release a module. In case the use-counter reaches zero, destroy
the module. */
void _gcry_module_release (gcry_module_t entry);
/* Add a reference to a module. */
void _gcry_module_use (gcry_module_t module);
/* Return a list of module IDs. */
gcry_err_code_t _gcry_module_list (gcry_module_t modules,
int *list, int *list_length);
gcry_err_code_t _gcry_cipher_init (void);
gcry_err_code_t _gcry_md_init (void);
gcry_err_code_t _gcry_pk_init (void);
gcry_err_code_t _gcry_pk_module_lookup (int id, gcry_module_t *module);
void _gcry_pk_module_release (gcry_module_t module);
gcry_err_code_t _gcry_pk_get_elements (int algo, char **enc, char **sig);
/* Memory management. */
#define GCRY_ALLOC_FLAG_SECURE (1 << 0)
/*-- sexp.c --*/ /*-- sexp.c --*/
gcry_error_t _gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff, gcry_error_t _gcry_sexp_vbuild (gcry_sexp_t *retsexp, size_t *erroff,
@ -309,8 +257,13 @@ char *_gcry_sexp_nth_string (const gcry_sexp_t list, int number);
void _gcry_initialize_fips_mode (int force); void _gcry_initialize_fips_mode (int force);
int _gcry_fips_mode (void);
#define fips_mode() _gcry_fips_mode ()
int _gcry_enforced_fips_mode (void); int _gcry_enforced_fips_mode (void);
void _gcry_set_enforced_fips_mode (void);
void _gcry_inactivate_fips_mode (const char *text); void _gcry_inactivate_fips_mode (const char *text);
int _gcry_is_fips_mode_inactive (void); int _gcry_is_fips_mode_inactive (void);

View file

@ -19,13 +19,11 @@
/* /*
This file contains the necessary declarations/definitions for This file contains the necessary declarations/definitions for
working with Libgcrypt modules. Since 1.6 this is an internal working with Libgcrypt modules.
interface and will eventually be merged into another header or
entirely removed.
*/ */
#ifndef GCRYPT_MODULE_H #ifndef _GCRYPT_MODULE_H
#define GCRYPT_MODULE_H #define _GCRYPT_MODULE_H
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -95,6 +93,19 @@ typedef struct gcry_cipher_spec
gcry_cipher_stdecrypt_t stdecrypt; gcry_cipher_stdecrypt_t stdecrypt;
} gcry_cipher_spec_t; } gcry_cipher_spec_t;
/* Register a new cipher module whose specification can be found in
CIPHER. On success, a new algorithm ID is stored in ALGORITHM_ID
and a pointer representing this module is stored in MODULE. */
gcry_error_t gcry_cipher_register (gcry_cipher_spec_t *cipher,
int *algorithm_id,
gcry_module_t *module)
/* */ _GCRY_ATTR_INTERNAL;
/* Unregister the cipher identified by MODULE, which must have been
registered with gcry_cipher_register. */
void gcry_cipher_unregister (gcry_module_t module)
/* */ _GCRY_ATTR_INTERNAL;
/* ********************** */ /* ********************** */
@ -160,6 +171,18 @@ typedef struct gcry_pk_spec
gcry_pk_get_nbits_t get_nbits; gcry_pk_get_nbits_t get_nbits;
} gcry_pk_spec_t; } gcry_pk_spec_t;
/* Register a new pubkey module whose specification can be found in
PUBKEY. On success, a new algorithm ID is stored in ALGORITHM_ID
and a pointer representhing this module is stored in MODULE. */
gcry_error_t gcry_pk_register (gcry_pk_spec_t *pubkey,
unsigned int *algorithm_id,
gcry_module_t *module)
/* */ _GCRY_ATTR_INTERNAL;
/* Unregister the pubkey identified by ID, which must have been
registered with gcry_pk_register. */
void gcry_pk_unregister (gcry_module_t module)
/* */ _GCRY_ATTR_INTERNAL;
/* ********************** */ /* ********************** */
@ -195,10 +218,23 @@ typedef struct gcry_md_spec
size_t contextsize; /* allocate this amount of context */ size_t contextsize; /* allocate this amount of context */
} gcry_md_spec_t; } gcry_md_spec_t;
/* Register a new digest module whose specification can be found in
DIGEST. On success, a new algorithm ID is stored in ALGORITHM_ID
and a pointer representhing this module is stored in MODULE. */
gcry_error_t gcry_md_register (gcry_md_spec_t *digest,
unsigned int *algorithm_id,
gcry_module_t *module)
/* */ _GCRY_ATTR_INTERNAL;
/* Unregister the digest identified by ID, which must have been
registered with gcry_digest_register. */
void gcry_md_unregister (gcry_module_t module)
/* */ _GCRY_ATTR_INTERNAL;
#if 0 /* keep Emacsens's auto-indent happy */ #if 0 /* keep Emacsens's auto-indent happy */
{ {
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /*GCRYPT_MODULE_H*/ #endif

View file

@ -1,6 +1,8 @@
/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*- /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006 Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. 2007, 2008, 2009, 2010, 2011,
2012 Free Software Foundation, Inc.
Copyright (C) 2012, 2013 g10 Code GmbH
This file is part of Libgcrypt. This file is part of Libgcrypt.
@ -63,6 +65,11 @@ extern "C" {
matches the installed library. */ matches the installed library. */
#define GCRYPT_VERSION "@VERSION@" #define GCRYPT_VERSION "@VERSION@"
/* The version number of this header. It may be used to handle minor
API incompatibilities. */
#define GCRYPT_VERSION_NUMBER @VERSION_NUMBER@
/* Internal: We can't use the convenience macros for the multi /* Internal: We can't use the convenience macros for the multi
precision integer functions when building this library. */ precision integer functions when building this library. */
#ifdef _GCRYPT_IN_LIBGCRYPT #ifdef _GCRYPT_IN_LIBGCRYPT
@ -173,41 +180,6 @@ gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
/* Return an error value with the system error ERR. */ /* Return an error value with the system error ERR. */
gcry_err_code_t gcry_error_from_errno (int err); gcry_err_code_t gcry_error_from_errno (int err);
/* NOTE: Since Libgcrypt 1.6 the thread callbacks are not anymore
used. However we keep it to allow for some source code
compatibility if used in the standard way. */
/* Constants defining the thread model to use. Used with the OPTION
field of the struct gcry_thread_cbs. */
#define GCRY_THREAD_OPTION_DEFAULT 0
#define GCRY_THREAD_OPTION_USER 1
#define GCRY_THREAD_OPTION_PTH 2
#define GCRY_THREAD_OPTION_PTHREAD 3
/* The version number encoded in the OPTION field of the struct
gcry_thread_cbs. */
#define GCRY_THREAD_OPTION_VERSION 1
/* Wrapper for struct ath_ops. */
struct gcry_thread_cbs
{
/* The OPTION field encodes the thread model and the version number
of this structure.
Bits 7 - 0 are used for the thread model
Bits 15 - 8 are used for the version number. */
unsigned int option;
} _GCRY_ATTR_INTERNAL;
#define GCRY_THREAD_OPTION_PTH_IMPL \
static struct gcry_thread_cbs gcry_threads_pth = { \
(GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8))}
#define GCRY_THREAD_OPTION_PTHREAD_IMPL \
static struct gcry_thread_cbs gcry_threads_pthread = { \
(GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8))}
/* The data object used to hold a multi precision integer. */ /* The data object used to hold a multi precision integer. */
struct gcry_mpi; struct gcry_mpi;
@ -285,7 +257,8 @@ enum gcry_ctl_cmds
GCRYCTL_FORCE_FIPS_MODE = 56, GCRYCTL_FORCE_FIPS_MODE = 56,
GCRYCTL_SELFTEST = 57, GCRYCTL_SELFTEST = 57,
/* Note: 58 .. 62 are used internally. */ /* Note: 58 .. 62 are used internally. */
GCRYCTL_DISABLE_HWF = 63 GCRYCTL_DISABLE_HWF = 63,
GCRYCTL_SET_ENFORCED_FIPS_FLAG = 64
}; };
/* Perform various operations defined by CMD. */ /* Perform various operations defined by CMD. */
@ -821,6 +794,14 @@ size_t gcry_cipher_get_algo_blklen (int algo);
#define gcry_cipher_test_algo(a) \ #define gcry_cipher_test_algo(a) \
gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
/* Get a list consisting of the IDs of the loaded cipher modules. If
LIST is zero, write the number of loaded cipher modules to
LIST_LENGTH and return. If LIST is non-zero, the first
*LIST_LENGTH algorithm IDs are stored in LIST, which must be of
according size. In case there are less cipher modules than
*LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
gcry_error_t gcry_cipher_list (int *list, int *list_length);
/************************************ /************************************
* * * *
@ -911,6 +892,13 @@ gcry_sexp_t gcry_pk_get_param (int algo, const char *name);
#define gcry_pk_test_algo(a) \ #define gcry_pk_test_algo(a) \
gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
/* Get a list consisting of the IDs of the loaded pubkey modules. If
LIST is zero, write the number of loaded pubkey modules to
LIST_LENGTH and return. If LIST is non-zero, the first
*LIST_LENGTH algorithm IDs are stored in LIST, which must be of
according size. In case there are less pubkey modules than
*LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
gcry_error_t gcry_pk_list (int *list, int *list_length);
@ -1081,6 +1069,438 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
#define gcry_md_get_asnoid(a,b,n) \ #define gcry_md_get_asnoid(a,b,n) \
gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n)) gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
/* Enable debugging for digest object A; i.e. create files named
dbgmd-<n>.<string> while hashing. B is a string used as the suffix
for the filename. This macro is deprecated, use gcry_md_debug. */
#ifndef GCRYPT_NO_DEPRECATED
#define gcry_md_start_debug(a,b) \
gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
/* Disable the debugging of A. This macro is deprecated, use
gcry_md_debug. */
#define gcry_md_stop_debug(a,b) \
gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
#endif
/* Get a list consisting of the IDs of the loaded message digest
modules. If LIST is zero, write the number of loaded message
digest modules to LIST_LENGTH and return. If LIST is non-zero, the
first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
of according size. In case there are less message digest modules
than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
number. */
gcry_error_t gcry_md_list (int *list, int *list_length);
#if !defined(GCRYPT_NO_DEPRECATED) || defined(_GCRYPT_IN_LIBGCRYPT)
/* Alternative interface for asymmetric cryptography. This interface
is deprecated. */
/* The algorithm IDs. */
typedef enum gcry_ac_id
{
GCRY_AC_RSA = 1,
GCRY_AC_DSA = 17,
GCRY_AC_ELG = 20,
GCRY_AC_ELG_E = 16
}
gcry_ac_id_t _GCRY_ATTR_INTERNAL;
/* Key types. */
typedef enum gcry_ac_key_type
{
GCRY_AC_KEY_SECRET,
GCRY_AC_KEY_PUBLIC
}
gcry_ac_key_type_t _GCRY_ATTR_INTERNAL;
/* Encoding methods. */
typedef enum gcry_ac_em
{
GCRY_AC_EME_PKCS_V1_5,
GCRY_AC_EMSA_PKCS_V1_5
}
gcry_ac_em_t _GCRY_ATTR_INTERNAL;
/* Encryption and Signature schemes. */
typedef enum gcry_ac_scheme
{
GCRY_AC_ES_PKCS_V1_5,
GCRY_AC_SSA_PKCS_V1_5
}
gcry_ac_scheme_t _GCRY_ATTR_INTERNAL;
/* AC data. */
#define GCRY_AC_FLAG_DEALLOC (1 << 0)
#define GCRY_AC_FLAG_COPY (1 << 1)
#define GCRY_AC_FLAG_NO_BLINDING (1 << 2)
/* This type represents a `data set'. */
typedef struct gcry_ac_data *gcry_ac_data_t _GCRY_ATTR_INTERNAL;
/* This type represents a single `key', either a secret one or a
public one. */
typedef struct gcry_ac_key *gcry_ac_key_t _GCRY_ATTR_INTERNAL;
/* This type represents a `key pair' containing a secret and a public
key. */
typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t _GCRY_ATTR_INTERNAL;
/* This type represents a `handle' that is needed by functions
performing cryptographic operations. */
typedef struct gcry_ac_handle *gcry_ac_handle_t _GCRY_ATTR_INTERNAL;
typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque,
unsigned char *buffer,
size_t *buffer_n)
/* */ _GCRY_ATTR_INTERNAL;
typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
unsigned char *buffer,
size_t buffer_n)
/* */ _GCRY_ATTR_INTERNAL;
typedef enum
{
GCRY_AC_IO_READABLE,
GCRY_AC_IO_WRITABLE
}
gcry_ac_io_mode_t _GCRY_ATTR_INTERNAL;
typedef enum
{
GCRY_AC_IO_STRING,
GCRY_AC_IO_CALLBACK
}
gcry_ac_io_type_t _GCRY_ATTR_INTERNAL;
typedef struct gcry_ac_io
{
/* This is an INTERNAL structure, do NOT use manually. */
gcry_ac_io_mode_t mode _GCRY_ATTR_INTERNAL;
gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL;
union
{
union
{
struct
{
gcry_ac_data_read_cb_t cb;
void *opaque;
} callback;
struct
{
unsigned char *data;
size_t data_n;
} string;
void *opaque;
} readable;
union
{
struct
{
gcry_ac_data_write_cb_t cb;
void *opaque;
} callback;
struct
{
unsigned char **data;
size_t *data_n;
} string;
void *opaque;
} writable;
} io _GCRY_ATTR_INTERNAL;
}
gcry_ac_io_t _GCRY_ATTR_INTERNAL;
/* The caller of gcry_ac_key_pair_generate can provide one of these
structures in order to influence the key generation process in an
algorithm-specific way. */
typedef struct gcry_ac_key_spec_rsa
{
gcry_mpi_t e; /* E to use. */
} gcry_ac_key_spec_rsa_t _GCRY_ATTR_INTERNAL;
/* Structure used for passing data to the implementation of the
`EME-PKCS-V1_5' encoding method. */
typedef struct gcry_ac_eme_pkcs_v1_5
{
size_t key_size;
} gcry_ac_eme_pkcs_v1_5_t _GCRY_ATTR_INTERNAL;
typedef enum gcry_md_algos gcry_md_algo_t _GCRY_ATTR_INTERNAL;
/* Structure used for passing data to the implementation of the
`EMSA-PKCS-V1_5' encoding method. */
typedef struct gcry_ac_emsa_pkcs_v1_5
{
gcry_md_algo_t md;
size_t em_n;
} gcry_ac_emsa_pkcs_v1_5_t _GCRY_ATTR_INTERNAL;
/* Structure used for passing data to the implementation of the
`SSA-PKCS-V1_5' signature scheme. */
typedef struct gcry_ac_ssa_pkcs_v1_5
{
gcry_md_algo_t md;
} gcry_ac_ssa_pkcs_v1_5_t _GCRY_ATTR_INTERNAL;
#endif /* !GCRYPT_NO_DEPRECATED || !_GCRYPT_IN_LIBGCRYPT */
#ifndef GCRYPT_NO_DEPRECATED
/* Returns a new, empty data set in DATA. */
gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data)
/* */ _GCRY_ATTR_INTERNAL;
/* Destroy the data set DATA. */
void gcry_ac_data_destroy (gcry_ac_data_t data)
/* */ _GCRY_ATTR_INTERNAL;
/* Create a copy of the data set DATA and store it in DATA_CP. */
gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
gcry_ac_data_t data)
/* */ _GCRY_ATTR_INTERNAL;
/* Return the number of named MPI values inside of the data set
DATA. */
unsigned int gcry_ac_data_length (gcry_ac_data_t data)
/* */ _GCRY_ATTR_INTERNAL;
/* Destroy any values contained in the data set DATA. */
void gcry_ac_data_clear (gcry_ac_data_t data)
/* */ _GCRY_ATTR_INTERNAL;
/* Add the value MPI to DATA with the label NAME. If FLAGS contains
GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME
and MPI. If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or
GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will
be deallocated when they are to be removed from the data set. */
gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
const char *name, gcry_mpi_t mpi)
/* */ _GCRY_ATTR_INTERNAL;
/* Store the value labelled with NAME found in DATA in MPI. If FLAGS
contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained
in the data set. MPI may be NULL. */
gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
const char *name, gcry_mpi_t *mpi)
/* */ _GCRY_ATTR_INTERNAL;
/* Stores in NAME and MPI the named MPI value contained in the data
set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY,
store copies of the values contained in the data set. NAME or MPI
may be NULL. */
gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
unsigned int idx,
const char **name, gcry_mpi_t *mpi)
/* */ _GCRY_ATTR_INTERNAL;
/* Convert the data set DATA into a new S-Expression, which is to be
stored in SEXP, according to the identifiers contained in
IDENTIFIERS. */
gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
const char **identifiers)
/* */ _GCRY_ATTR_INTERNAL;
/* Create a new data set, which is to be stored in DATA_SET, from the
S-Expression SEXP, according to the identifiers contained in
IDENTIFIERS. */
gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
const char **identifiers)
/* */ _GCRY_ATTR_INTERNAL;
/* Initialize AC_IO according to MODE, TYPE and the variable list of
arguments. The list of variable arguments to specify depends on
the given TYPE. */
void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
gcry_ac_io_type_t type, ...)
/* */ _GCRY_ATTR_INTERNAL;
/* Initialize AC_IO according to MODE, TYPE and the variable list of
arguments AP. The list of variable arguments to specify depends on
the given TYPE. */
void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
gcry_ac_io_type_t type, va_list ap)
/* */ _GCRY_ATTR_INTERNAL;
/* Create a new ac handle. */
gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
gcry_ac_id_t algorithm, unsigned int flags)
/* */ _GCRY_ATTR_INTERNAL;
/* Destroy an ac handle. */
void gcry_ac_close (gcry_ac_handle_t handle)
/* */ _GCRY_ATTR_INTERNAL;
/* Initialize a key from a given data set. */
gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
gcry_ac_key_type_t type, gcry_ac_data_t data)
/* */ _GCRY_ATTR_INTERNAL;
/* Generates a new key pair via the handle HANDLE of NBITS bits and
stores it in KEY_PAIR. In case non-standard settings are wanted, a
pointer to a structure of type gcry_ac_key_spec_<algorithm>_t,
matching the selected algorithm, can be given as KEY_SPEC.
MISC_DATA is not used yet. */
gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
unsigned int nbits, void *spec,
gcry_ac_key_pair_t *key_pair,
gcry_mpi_t **misc_data)
/* */ _GCRY_ATTR_INTERNAL;
/* Returns the key of type WHICH out of the key pair KEY_PAIR. */
gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
gcry_ac_key_type_t which)
/* */ _GCRY_ATTR_INTERNAL;
/* Returns the data set contained in the key KEY. */
gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key)
/* */ _GCRY_ATTR_INTERNAL;
/* Verifies that the key KEY is sane via HANDLE. */
gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key)
/* */ _GCRY_ATTR_INTERNAL;
/* Stores the number of bits of the key KEY in NBITS via HANDLE. */
gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
gcry_ac_key_t key, unsigned int *nbits)
/* */ _GCRY_ATTR_INTERNAL;
/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
HANDLE. */
gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
unsigned char *key_grip)
/* */ _GCRY_ATTR_INTERNAL;
/* Destroy a key. */
void gcry_ac_key_destroy (gcry_ac_key_t key)
/* */ _GCRY_ATTR_INTERNAL;
/* Destroy a key pair. */
void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair)
/* */ _GCRY_ATTR_INTERNAL;
/* Encodes a message according to the encoding method METHOD. OPTIONS
must be a pointer to a method-specific structure
(gcry_ac_em*_t). */
gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method,
unsigned int flags, void *options,
gcry_ac_io_t *io_read,
gcry_ac_io_t *io_write)
/* */ _GCRY_ATTR_INTERNAL;
/* Decodes a message according to the encoding method METHOD. OPTIONS
must be a pointer to a method-specific structure
(gcry_ac_em*_t). */
gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
unsigned int flags, void *options,
gcry_ac_io_t *io_read,
gcry_ac_io_t *io_write)
/* */ _GCRY_ATTR_INTERNAL;
/* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under
the control of the flags FLAGS and store the resulting data set
into DATA_ENCRYPTED. */
gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
unsigned int flags,
gcry_ac_key_t key,
gcry_mpi_t data_plain,
gcry_ac_data_t *data_encrypted)
/* */ _GCRY_ATTR_INTERNAL;
/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
with the key KEY under the control of the flags FLAGS and store the
resulting plain text MPI value in DATA_PLAIN. */
gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
unsigned int flags,
gcry_ac_key_t key,
gcry_mpi_t *data_plain,
gcry_ac_data_t data_encrypted)
/* */ _GCRY_ATTR_INTERNAL;
/* Sign the data contained in DATA with the key KEY and store the
resulting signature in the data set DATA_SIGNATURE. */
gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
gcry_ac_key_t key,
gcry_mpi_t data,
gcry_ac_data_t *data_signature)
/* */ _GCRY_ATTR_INTERNAL;
/* Verify that the signature contained in the data set DATA_SIGNATURE
is indeed the result of signing the data contained in DATA with the
secret key belonging to the public key KEY. */
gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
gcry_ac_key_t key,
gcry_mpi_t data,
gcry_ac_data_t data_signature)
/* */ _GCRY_ATTR_INTERNAL;
/* Encrypts the plain text readable from IO_MESSAGE through HANDLE
with the public key KEY according to SCHEME, FLAGS and OPTS. If
OPTS is not NULL, it has to be a pointer to a structure specific to
the chosen scheme (gcry_ac_es_*_t). The encrypted message is
written to IO_CIPHER. */
gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_cipher)
/* */ _GCRY_ATTR_INTERNAL;
/* Decrypts the cipher text readable from IO_CIPHER through HANDLE
with the secret key KEY according to SCHEME, @var{flags} and OPTS.
If OPTS is not NULL, it has to be a pointer to a structure specific
to the chosen scheme (gcry_ac_es_*_t). The decrypted message is
written to IO_MESSAGE. */
gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_cipher,
gcry_ac_io_t *io_message)
/* */ _GCRY_ATTR_INTERNAL;
/* Signs the message readable from IO_MESSAGE through HANDLE with the
secret key KEY according to SCHEME, FLAGS and OPTS. If OPTS is not
NULL, it has to be a pointer to a structure specific to the chosen
scheme (gcry_ac_ssa_*_t). The signature is written to
IO_SIGNATURE. */
gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_signature)
/* */ _GCRY_ATTR_INTERNAL;
/* Verifies through HANDLE that the signature readable from
IO_SIGNATURE is indeed the result of signing the message readable
from IO_MESSAGE with the secret key belonging to the public key KEY
according to SCHEME and OPTS. If OPTS is not NULL, it has to be an
anonymous structure (gcry_ac_ssa_*_t) specific to the chosen
scheme. */
gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_signature)
/* */ _GCRY_ATTR_INTERNAL;
/* Store the textual representation of the algorithm whose id is given
in ALGORITHM in NAME. This function is deprecated; use
gcry_pk_algo_name. */
gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
const char **name)
/* */ _GCRY_GCC_ATTR_DEPRECATED;
/* Store the numeric ID of the algorithm whose textual representation
is contained in NAME in ALGORITHM. This function is deprecated;
use gcry_pk_map_name. */
gcry_error_t gcry_ac_name_to_id (const char *name,
gcry_ac_id_t *algorithm)
/* */ _GCRY_GCC_ATTR_DEPRECATED;
#endif /*GCRYPT_NO_DEPRECATED*/
/****************************** /******************************
@ -1323,6 +1743,9 @@ int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
#define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0) #define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0)
/* Include support for Libgcrypt modules. */
#include <gcrypt-module.h>
#if 0 /* (Keep Emacsens' auto-indent happy.) */ #if 0 /* (Keep Emacsens' auto-indent happy.) */
{ {
#endif #endif

View file

@ -104,21 +104,16 @@ global_init (void)
/* Initialize our portable thread/mutex wrapper. */ /* Initialize our portable thread/mutex wrapper. */
err = ath_init (); err = ath_init ();
if (err) if (err)
{ goto fail;
err = gpg_error_from_errno (err);
goto fail;
}
/* See whether the system is in FIPS mode. This needs to come as /* See whether the system is in FIPS mode. This needs to come as
early as possible but after ATH has been initialized. */ early as possible put after the ATH has been initialized. */
_gcry_initialize_fips_mode (force_fips_mode); _gcry_initialize_fips_mode (force_fips_mode);
/* Before we do any other initialization we need to test available /* Before we do any other initialization we need to test available
hardware features. */ hardware features. */
_gcry_detect_hw_features (disabled_hw_features); _gcry_detect_hw_features (disabled_hw_features);
/* Initialize the modules - this is mainly allocating some memory and
creating mutexes. */
err = _gcry_cipher_init (); err = _gcry_cipher_init ();
if (err) if (err)
goto fail; goto fail;
@ -128,9 +123,15 @@ global_init (void)
err = _gcry_pk_init (); err = _gcry_pk_init ();
if (err) if (err)
goto fail; goto fail;
err = _gcry_primegen_init (); #if 0
if (err) /* Hmmm, as of now ac_init does nothing. */
goto fail; if ( !fips_mode () )
{
err = _gcry_ac_init ();
if (err)
goto fail;
}
#endif
return; return;
@ -235,6 +236,9 @@ gcry_check_version( const char *req_version )
int rq_major, rq_minor, rq_micro; int rq_major, rq_minor, rq_micro;
const char *my_plvl; const char *my_plvl;
if (req_version && req_version[0] == 1 && req_version[1] == 1)
return _gcry_compat_identification ();
/* Initialize library. */ /* Initialize library. */
global_init (); global_init ();
@ -292,7 +296,6 @@ print_config ( int (*fnc)(FILE *fp, const char *format, ...), FILE *fp)
#endif #endif
"\n"); "\n");
fnc (fp, "mpi-asm:%s:\n", _gcry_mpi_get_hw_config ()); fnc (fp, "mpi-asm:%s:\n", _gcry_mpi_get_hw_config ());
fnc (fp, "threads:%s:\n", ath_get_model (NULL));
hwf = _gcry_get_hw_features (); hwf = _gcry_get_hw_features ();
fnc (fp, "hwflist:"); fnc (fp, "hwflist:");
for (i=0; hwflist[i].desc; i++) for (i=0; hwflist[i].desc; i++)
@ -444,8 +447,8 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr)
break; break;
case GCRYCTL_SET_THREAD_CBS: case GCRYCTL_SET_THREAD_CBS:
err = ath_install (va_arg (arg_ptr, void *)); err = ath_install (va_arg (arg_ptr, void *), any_init_done);
if (!err) if (! err)
global_init (); global_init ();
break; break;
@ -596,9 +599,17 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr)
} }
break; break;
case GCRYCTL_SET_ENFORCED_FIPS_FLAG:
if (!any_init_done)
{
/* Not yet intialized at all. Set the enforced fips mode flag */
_gcry_set_enforced_fips_mode ();
}
else
err = GPG_ERR_GENERAL;
break;
default: default:
/* A call to make sure that the dummy code is linked in. */
_gcry_compat_identification ();
err = GPG_ERR_INV_OP; err = GPG_ERR_INV_OP;
} }

View file

@ -766,8 +766,6 @@ main (int argc, char **argv)
pgm, strerror (errno)); pgm, strerror (errno));
exit (1); exit (1);
} }
if (use_stdin)
break;
} }
else else
{ {

View file

@ -132,8 +132,7 @@ EXPORTS
gcry_cipher_decrypt @101 gcry_cipher_decrypt @101
gcry_cipher_get_algo_keylen @102 gcry_cipher_get_algo_keylen @102
gcry_cipher_get_algo_blklen @103 gcry_cipher_get_algo_blklen @103
gcry_cipher_list @104
;; @104 used to be part of the module register interface
gcry_pk_encrypt @105 gcry_pk_encrypt @105
gcry_pk_decrypt @106 gcry_pk_decrypt @106
@ -147,13 +146,33 @@ EXPORTS
gcry_pk_map_name @114 gcry_pk_map_name @114
gcry_pk_get_nbits @115 gcry_pk_get_nbits @115
gcry_pk_get_keygrip @116 gcry_pk_get_keygrip @116
gcry_pk_list @117
;; @117 used to be part of the module register interface gcry_ac_data_new @118
gcry_ac_data_destroy @119
;; gcry_ac_data_set @120
;; 118 to 142 were used in previous Libgcrypt versions for the gcry_ac gcry_ac_data_copy @121
;; interface gcry_ac_data_length @122
;; gcry_ac_data_get_name @123
gcry_ac_data_get_index @124
gcry_ac_data_clear @125
gcry_ac_open @126
gcry_ac_close @127
gcry_ac_key_init @128
gcry_ac_key_pair_generate @129
gcry_ac_key_pair_extract @130
gcry_ac_key_data_get @131
gcry_ac_key_test @132
gcry_ac_key_get_nbits @133
gcry_ac_key_get_grip @134
gcry_ac_key_destroy @135
gcry_ac_key_pair_destroy @136
gcry_ac_data_encrypt @137
gcry_ac_data_decrypt @138
gcry_ac_data_sign @139
gcry_ac_data_verify @140
gcry_ac_id_to_name @141
gcry_ac_name_to_id @142
gcry_md_open @143 gcry_md_open @143
gcry_md_close @144 gcry_md_close @144
@ -173,7 +192,8 @@ EXPORTS
gcry_md_algo_name @158 gcry_md_algo_name @158
gcry_md_map_name @159 gcry_md_map_name @159
gcry_md_setkey @160 gcry_md_setkey @160
;; @161 used to be part of the module register interface gcry_md_list @161
gcry_randomize @162 gcry_randomize @162
gcry_random_add_bytes @163 gcry_random_add_bytes @163
gcry_random_bytes @164 gcry_random_bytes @164
@ -189,15 +209,21 @@ EXPORTS
gcry_md_debug @172 gcry_md_debug @172
;; @173 used to be part of the module register interface gcry_cipher_register @173
;; @174 used to be part of the module register interface gcry_cipher_unregister @174
;; @175 used to be part of the module register interface gcry_md_register @175
;; @176 used to be part of the module register interface gcry_md_unregister @176
;; @177 used to be part of the module register interface gcry_pk_register @177
;; @178 used to be part of the module register interface gcry_pk_unregister @178
;;
;; @179 to @186 used to be part of the removed gcry_ac interface gcry_ac_data_from_sexp @179
;; gcry_ac_data_to_sexp @180
gcry_ac_io_init @181
gcry_ac_io_init_va @182
gcry_ac_data_encrypt_scheme @183
gcry_ac_data_decrypt_scheme @184
gcry_ac_data_sign_scheme @185
gcry_ac_data_verify_scheme @186
gcry_sexp_nth_string @187 gcry_sexp_nth_string @187

View file

@ -1,5 +1,5 @@
dnl Autoconf macros for libgcrypt dnl Autoconf macros for libgcrypt
dnl Copyright (C) 2002, 2004, 2011 Free Software Foundation, Inc. dnl Copyright (C) 2002, 2004 Free Software Foundation, Inc.
dnl dnl
dnl This file is free software; as a special exception the author gives dnl This file is free software; as a special exception the author gives
dnl unlimited permission to copy and/or distribute it, with or without dnl unlimited permission to copy and/or distribute it, with or without
@ -21,8 +21,7 @@ dnl this features allows to prevent build against newer versions of libgcrypt
dnl with a changed API. dnl with a changed API.
dnl dnl
AC_DEFUN([AM_PATH_LIBGCRYPT], AC_DEFUN([AM_PATH_LIBGCRYPT],
[ AC_REQUIRE([AC_CANONICAL_HOST]) [ AC_ARG_WITH(libgcrypt-prefix,
AC_ARG_WITH(libgcrypt-prefix,
AC_HELP_STRING([--with-libgcrypt-prefix=PFX], AC_HELP_STRING([--with-libgcrypt-prefix=PFX],
[prefix where LIBGCRYPT is installed (optional)]), [prefix where LIBGCRYPT is installed (optional)]),
libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="") libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="")
@ -99,9 +98,10 @@ AC_DEFUN([AM_PATH_LIBGCRYPT],
LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags` LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags`
LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs` LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs`
ifelse([$2], , :, [$2]) ifelse([$2], , :, [$2])
libgcrypt_config_host=`$LIBGCRYPT_CONFIG --host 2>/dev/null || echo none` if test x"$host" != x ; then
if test x"$libgcrypt_config_host" != xnone ; then libgcrypt_config_host=`$LIBGCRYPT_CONFIG --host 2>/dev/null || echo none`
if test x"$libgcrypt_config_host" != x"$host" ; then if test x"$libgcrypt_config_host" != xnone ; then
if test x"$libgcrypt_config_host" != x"$host" ; then
AC_MSG_WARN([[ AC_MSG_WARN([[
*** ***
*** The config script $LIBGCRYPT_CONFIG was *** The config script $LIBGCRYPT_CONFIG was
@ -110,6 +110,7 @@ AC_DEFUN([AM_PATH_LIBGCRYPT],
*** You may want to use the configure option --with-libgcrypt-prefix *** You may want to use the configure option --with-libgcrypt-prefix
*** to specify a matching config script. *** to specify a matching config script.
***]]) ***]])
fi
fi fi
fi fi
else else

View file

@ -1,5 +1,5 @@
# libgcrypt.vers - What symbols to export -*- std -*- # libgcrypt.vers - What symbols to export -*- std -*-
# Copyright (C) 2002, 2004, 2008, 2011 Free Software Foundation, Inc. # Copyright (C) 2002, 2004, 2008 Free Software Foundation, Inc.
# #
# This file is part of Libgcrypt. # This file is part of Libgcrypt.
# #
@ -20,7 +20,7 @@
# NOTE: When adding new functions, please make sure to add them to # NOTE: When adding new functions, please make sure to add them to
# visibility.h and libgcrypt.def as well. # visibility.h and libgcrypt.def as well.
GCRYPT_1.6 { GCRYPT_1.2 {
global: global:
gcry_check_version; gcry_control; gcry_check_version; gcry_control;
gcry_set_allocation_handler; gcry_set_fatalerror_handler; gcry_set_allocation_handler; gcry_set_fatalerror_handler;
@ -40,24 +40,41 @@ GCRYPT_1.6 {
gcry_md_copy; gcry_md_ctl; gcry_md_enable; gcry_md_get; gcry_md_copy; gcry_md_ctl; gcry_md_enable; gcry_md_get;
gcry_md_get_algo; gcry_md_get_algo_dlen; gcry_md_hash_buffer; gcry_md_get_algo; gcry_md_get_algo_dlen; gcry_md_hash_buffer;
gcry_md_info; gcry_md_is_enabled; gcry_md_is_secure; gcry_md_info; gcry_md_is_enabled; gcry_md_is_secure;
gcry_md_map_name; gcry_md_open; gcry_md_read; gcry_md_list; gcry_md_map_name; gcry_md_open; gcry_md_read;
gcry_md_reset; gcry_md_setkey; gcry_md_register; gcry_md_reset; gcry_md_setkey;
gcry_md_write; gcry_md_debug; gcry_md_unregister; gcry_md_write; gcry_md_debug;
gcry_cipher_algo_info; gcry_cipher_algo_name; gcry_cipher_close; gcry_cipher_algo_info; gcry_cipher_algo_name; gcry_cipher_close;
gcry_cipher_ctl; gcry_cipher_decrypt; gcry_cipher_encrypt; gcry_cipher_ctl; gcry_cipher_decrypt; gcry_cipher_encrypt;
gcry_cipher_get_algo_blklen; gcry_cipher_get_algo_keylen; gcry_cipher_get_algo_blklen; gcry_cipher_get_algo_keylen;
gcry_cipher_info; gcry_cipher_map_name; gcry_cipher_info; gcry_cipher_list; gcry_cipher_map_name;
gcry_cipher_mode_from_oid; gcry_cipher_open; gcry_cipher_mode_from_oid; gcry_cipher_open;
gcry_cipher_register; gcry_cipher_unregister;
gcry_cipher_setkey; gcry_cipher_setiv; gcry_cipher_setctr; gcry_cipher_setkey; gcry_cipher_setiv; gcry_cipher_setctr;
gcry_pk_algo_info; gcry_pk_algo_name; gcry_pk_ctl; gcry_pk_algo_info; gcry_pk_algo_name; gcry_pk_ctl;
gcry_pk_decrypt; gcry_pk_encrypt; gcry_pk_genkey; gcry_pk_decrypt; gcry_pk_encrypt; gcry_pk_genkey;
gcry_pk_get_keygrip; gcry_pk_get_nbits; gcry_pk_get_keygrip; gcry_pk_get_nbits; gcry_pk_list;
gcry_pk_map_name; gcry_pk_register; gcry_pk_sign; gcry_pk_map_name; gcry_pk_register; gcry_pk_sign;
gcry_pk_testkey; gcry_pk_verify; gcry_pk_testkey; gcry_pk_unregister; gcry_pk_verify;
gcry_pk_get_curve; gcry_pk_get_param; gcry_pk_get_curve; gcry_pk_get_param;
gcry_ac_data_new; gcry_ac_data_destroy; gcry_ac_data_copy;
gcry_ac_data_length; gcry_ac_data_clear; gcry_ac_data_set;
gcry_ac_data_get_name; gcry_ac_data_get_index; gcry_ac_open;
gcry_ac_close; gcry_ac_key_init; gcry_ac_key_pair_generate;
gcry_ac_key_pair_extract; gcry_ac_key_data_get; gcry_ac_key_test;
gcry_ac_key_get_nbits; gcry_ac_key_get_grip; gcry_ac_key_destroy;
gcry_ac_key_pair_destroy; gcry_ac_data_encrypt; gcry_ac_data_decrypt;
gcry_ac_data_sign; gcry_ac_data_verify; gcry_ac_id_to_name;
gcry_ac_name_to_id; gcry_ac_list; gcry_ac_data_encode;
gcry_ac_data_decode; gcry_ac_mpi_to_os; gcry_ac_mpi_to_os_alloc;
gcry_ac_os_to_mpi; gcry_ac_data_encrypt_scheme;
gcry_ac_data_decrypt_scheme;
gcry_ac_data_sign_scheme; gcry_ac_data_verify_scheme;
gcry_ac_data_to_sexp; gcry_ac_data_from_sexp;
gcry_ac_io_init; gcry_ac_io_init_va;
gcry_kdf_derive; gcry_kdf_derive;
gcry_prime_check; gcry_prime_generate; gcry_prime_check; gcry_prime_generate;

View file

@ -96,7 +96,7 @@ struct gcry_mpi
# define mpi_alloc_secure(n) _gcry_mpi_alloc_secure((n) ) # define mpi_alloc_secure(n) _gcry_mpi_alloc_secure((n) )
# define mpi_free(a) _gcry_mpi_free((a) ) # define mpi_free(a) _gcry_mpi_free((a) )
# define mpi_resize(a,b) _gcry_mpi_resize((a),(b)) # define mpi_resize(a,b) _gcry_mpi_resize((a),(b))
# define mpi_copy(a) gcry_mpi_copy((a)) # define mpi_copy(a) _gcry_mpi_copy((a))
gcry_mpi_t _gcry_mpi_alloc( unsigned nlimbs ); gcry_mpi_t _gcry_mpi_alloc( unsigned nlimbs );
gcry_mpi_t _gcry_mpi_alloc_secure( unsigned nlimbs ); gcry_mpi_t _gcry_mpi_alloc_secure( unsigned nlimbs );
void _gcry_mpi_free( gcry_mpi_t a ); void _gcry_mpi_free( gcry_mpi_t a );
@ -104,6 +104,8 @@ struct gcry_mpi
gcry_mpi_t _gcry_mpi_copy( gcry_mpi_t a ); gcry_mpi_t _gcry_mpi_copy( gcry_mpi_t a );
#endif #endif
#define gcry_mpi_copy _gcry_mpi_copy
#define mpi_is_opaque(a) ((a) && ((a)->flags&4)) #define mpi_is_opaque(a) ((a) && ((a)->flags&4))
#define mpi_is_secure(a) ((a) && ((a)->flags&1)) #define mpi_is_secure(a) ((a) && ((a)->flags&1))
#define mpi_clear(a) _gcry_mpi_clear ((a)) #define mpi_clear(a) _gcry_mpi_clear ((a))
@ -114,13 +116,14 @@ struct gcry_mpi
#define mpi_alloc_set_ui(a) _gcry_mpi_alloc_set_ui ((a)) #define mpi_alloc_set_ui(a) _gcry_mpi_alloc_set_ui ((a))
#define mpi_m_check(a) _gcry_mpi_m_check ((a)) #define mpi_m_check(a) _gcry_mpi_m_check ((a))
#define mpi_swap(a,b) _gcry_mpi_swap ((a),(b)) #define mpi_swap(a,b) _gcry_mpi_swap ((a),(b))
#define mpi_new(n) gcry_mpi_new ((n)) #define mpi_new(n) _gcry_mpi_new ((n))
#define mpi_snew(n) _gcry_mpi_snew ((n)) #define mpi_snew(n) _gcry_mpi_snew ((n))
void _gcry_mpi_clear( gcry_mpi_t a ); void _gcry_mpi_clear( gcry_mpi_t a );
gcry_mpi_t _gcry_mpi_alloc_like( gcry_mpi_t a ); gcry_mpi_t _gcry_mpi_alloc_like( gcry_mpi_t a );
gcry_mpi_t _gcry_mpi_alloc_set_ui( unsigned long u); gcry_mpi_t _gcry_mpi_alloc_set_ui( unsigned long u);
gcry_err_code_t _gcry_mpi_get_ui (gcry_mpi_t w, ulong *u); gcry_err_code_t _gcry_mpi_get_ui (gcry_mpi_t w, ulong *u);
gcry_err_code_t gcry_mpi_get_ui (gcry_mpi_t w, ulong *u);
void _gcry_mpi_m_check( gcry_mpi_t a ); void _gcry_mpi_m_check( gcry_mpi_t a );
void _gcry_mpi_swap( gcry_mpi_t a, gcry_mpi_t b); void _gcry_mpi_swap( gcry_mpi_t a, gcry_mpi_t b);
gcry_mpi_t _gcry_mpi_new (unsigned int nbits); gcry_mpi_t _gcry_mpi_new (unsigned int nbits);

View file

@ -576,13 +576,25 @@ gcry_sexp_nth( const gcry_sexp_t list, int number )
p++; p++;
if ( *p == ST_DATA ) { if ( *p == ST_DATA ) {
memcpy ( &n, p, sizeof n ); p += sizeof n; memcpy ( &n, p, sizeof n );
newlist = gcry_malloc ( sizeof *newlist + n + 1 ); /* Allocate 1 (=sizeof *newlist) byte for ST_OPEN
1 byte for ST_DATA
sizeof n byte for n
n byte for the data
1 byte for ST_CLOSE
1 byte for ST_STOP */
newlist = gcry_malloc ( sizeof *newlist + 1 + sizeof n + n + 2 );
if (!newlist) if (!newlist)
return NULL; return NULL;
d = newlist->d; d = newlist->d;
memcpy ( d, p, n ); d += n; *d = ST_OPEN; /* Put the ST_OPEN flag */
*d++ = ST_STOP; d++; /* Move forward */
/* Copy ST_DATA, n and the data from p to d */
memcpy ( d, p, 1 + sizeof n + n );
d += 1 + sizeof n + n; /* Move after the data copied */
*d = ST_CLOSE; /* Put the ST_CLOSE flag */
d++; /* Move forward */
*d = ST_STOP; /* Put the ST_STOP flag */
} }
else if ( *p == ST_OPEN ) { else if ( *p == ST_OPEN ) {
const byte *head = p; const byte *head = p;

View file

@ -18,7 +18,7 @@
VS_VERSION_INFO VERSIONINFO VS_VERSION_INFO VERSIONINFO
FILEVERSION @LIBGCRYPT_LT_CURRENT@,@LIBGCRYPT_LT_AGE@,@LIBGCRYPT_LT_REVISION@,@BUILD_REVISION@ FILEVERSION @BUILD_FILEVERSION@
PRODUCTVERSION @BUILD_FILEVERSION@ PRODUCTVERSION @BUILD_FILEVERSION@
FILEFLAGSMASK 0x3fL FILEFLAGSMASK 0x3fL
#ifdef _DEBUG #ifdef _DEBUG
@ -39,7 +39,7 @@ BEGIN
VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0" VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0"
VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT@.@LIBGCRYPT_LT_AGE@.@LIBGCRYPT_LT_REVISION@.@BUILD_REVISION@\0" VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT@.@LIBGCRYPT_LT_AGE@.@LIBGCRYPT_LT_REVISION@.@BUILD_REVISION@\0"
VALUE "InternalName", "libgcrypt\0" VALUE "InternalName", "libgcrypt\0"
VALUE "LegalCopyright", "Copyright © 2011 Free Software Foundation, Inc.\0" VALUE "LegalCopyright", "Copyright © 2012 Free Software Foundation, Inc.\0"
VALUE "LegalTrademarks", "\0" VALUE "LegalTrademarks", "\0"
VALUE "OriginalFilename", "libgcrypt.dll\0" VALUE "OriginalFilename", "libgcrypt.dll\0"
VALUE "PrivateBuild", "\0" VALUE "PrivateBuild", "\0"

View file

@ -621,6 +621,12 @@ gcry_cipher_get_algo_blklen (int algo)
return _gcry_cipher_get_algo_blklen (algo); return _gcry_cipher_get_algo_blklen (algo);
} }
gcry_error_t
gcry_cipher_list (int *list, int *list_length)
{
return _gcry_cipher_list (list, list_length);
}
gcry_error_t gcry_error_t
gcry_pk_encrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t pkey) gcry_pk_encrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t pkey)
{ {
@ -753,6 +759,12 @@ gcry_pk_get_param (int algo, const char *name)
return _gcry_pk_get_param (algo, name); return _gcry_pk_get_param (algo, name);
} }
gcry_error_t
gcry_pk_list (int *list, int *list_length)
{
return _gcry_pk_list (list, list_length);
}
gcry_error_t gcry_error_t
gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags) gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags)
{ {
@ -910,6 +922,294 @@ gcry_md_debug (gcry_md_hd_t hd, const char *suffix)
_gcry_md_debug (hd, suffix); _gcry_md_debug (hd, suffix);
} }
gcry_error_t
gcry_md_list (int *list, int *list_length)
{
return _gcry_md_list (list, list_length);
}
gcry_error_t
gcry_ac_data_new (gcry_ac_data_t *data)
{
return _gcry_ac_data_new (data);
}
void
gcry_ac_data_destroy (gcry_ac_data_t data)
{
_gcry_ac_data_destroy (data);
}
gcry_error_t
gcry_ac_data_copy (gcry_ac_data_t *data_cp, gcry_ac_data_t data)
{
return _gcry_ac_data_copy (data_cp, data);
}
unsigned int
gcry_ac_data_length (gcry_ac_data_t data)
{
return _gcry_ac_data_length (data);
}
void
gcry_ac_data_clear (gcry_ac_data_t data)
{
_gcry_ac_data_clear (data);
}
gcry_error_t
gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
const char *name, gcry_mpi_t mpi)
{
return _gcry_ac_data_set (data, flags, name, mpi);
}
gcry_error_t
gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
const char *name, gcry_mpi_t *mpi)
{
return _gcry_ac_data_get_name (data, flags, name, mpi);
}
gcry_error_t
gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
unsigned int idx, const char **name, gcry_mpi_t *mpi)
{
return _gcry_ac_data_get_index (data, flags, idx, name, mpi);
}
gcry_error_t
gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
const char **identifiers)
{
return _gcry_ac_data_to_sexp (data, sexp, identifiers);
}
gcry_error_t
gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
const char **identifiers)
{
return _gcry_ac_data_from_sexp (data, sexp, identifiers);
}
void
gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
gcry_ac_io_type_t type, ...)
{
va_list arg_ptr;
va_start (arg_ptr, type);
_gcry_ac_io_init_va (ac_io, mode, type, arg_ptr);
va_end (arg_ptr);
}
void
gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
gcry_ac_io_type_t type, va_list ap)
{
_gcry_ac_io_init_va (ac_io, mode, type, ap);
}
gcry_error_t
gcry_ac_open (gcry_ac_handle_t *handle,
gcry_ac_id_t algorithm, unsigned int flags)
{
return _gcry_ac_open (handle, algorithm, flags);
}
void
gcry_ac_close (gcry_ac_handle_t handle)
{
_gcry_ac_close (handle);
}
gcry_error_t
gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
gcry_ac_key_type_t type, gcry_ac_data_t data)
{
return _gcry_ac_key_init (key, handle, type, data);
}
gcry_error_t
gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
unsigned int nbits, void *spec,
gcry_ac_key_pair_t *key_pair,
gcry_mpi_t **miscdata)
{
return _gcry_ac_key_pair_generate ( handle, nbits, spec, key_pair, miscdata);
}
gcry_ac_key_t
gcry_ac_key_pair_extract (gcry_ac_key_pair_t keypair, gcry_ac_key_type_t which)
{
return _gcry_ac_key_pair_extract (keypair, which);
}
gcry_ac_data_t
gcry_ac_key_data_get (gcry_ac_key_t key)
{
return _gcry_ac_key_data_get (key);
}
gcry_error_t
gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key)
{
return _gcry_ac_key_test (handle, key);
}
gcry_error_t
gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
gcry_ac_key_t key, unsigned int *nbits)
{
return _gcry_ac_key_get_nbits (handle, key, nbits);
}
gcry_error_t
gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
unsigned char *key_grip)
{
return _gcry_ac_key_get_grip (handle, key, key_grip);
}
void
gcry_ac_key_destroy (gcry_ac_key_t key)
{
_gcry_ac_key_destroy (key);
}
void
gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair)
{
_gcry_ac_key_pair_destroy (key_pair);
}
gcry_error_t
gcry_ac_data_encode (gcry_ac_em_t method, unsigned int flags, void *options,
gcry_ac_io_t *io_read, gcry_ac_io_t *io_write)
{
return _gcry_ac_data_encode (method, flags, options, io_read, io_write);
}
gcry_error_t
gcry_ac_data_decode (gcry_ac_em_t method, unsigned int flags, void *options,
gcry_ac_io_t *io_read, gcry_ac_io_t *io_write)
{
return _gcry_ac_data_decode (method, flags, options, io_read, io_write);
}
gcry_error_t
gcry_ac_data_encrypt (gcry_ac_handle_t handle,
unsigned int flags,
gcry_ac_key_t key,
gcry_mpi_t data_plain,
gcry_ac_data_t *data_encrypted)
{
return _gcry_ac_data_encrypt (handle, flags, key,
data_plain, data_encrypted);
}
gcry_error_t
gcry_ac_data_decrypt (gcry_ac_handle_t handle,
unsigned int flags,
gcry_ac_key_t key,
gcry_mpi_t *data_plain,
gcry_ac_data_t data_encrypted)
{
return _gcry_ac_data_decrypt (handle, flags, key,
data_plain, data_encrypted);
}
gcry_error_t
gcry_ac_data_sign (gcry_ac_handle_t handle,
gcry_ac_key_t key,
gcry_mpi_t data,
gcry_ac_data_t *data_signature)
{
return _gcry_ac_data_sign (handle, key, data, data_signature);
}
gcry_error_t
gcry_ac_data_verify (gcry_ac_handle_t handle,
gcry_ac_key_t key,
gcry_mpi_t data,
gcry_ac_data_t data_signature)
{
return _gcry_ac_data_verify (handle, key, data, data_signature);
}
gcry_error_t
gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_cipher)
{
return _gcry_ac_data_encrypt_scheme (handle, scheme, flags, opts, key,
io_message, io_cipher);
}
gcry_error_t
gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_cipher,
gcry_ac_io_t *io_message)
{
return _gcry_ac_data_decrypt_scheme (handle, scheme, flags, opts, key,
io_cipher, io_message);
}
gcry_error_t
gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_signature)
{
return _gcry_ac_data_sign_scheme (handle, scheme, flags, opts, key,
io_message, io_signature);
}
gcry_error_t
gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_signature)
{
return _gcry_ac_data_verify_scheme (handle, scheme, flags, opts, key,
io_message, io_signature);
}
gcry_error_t
gcry_ac_id_to_name (gcry_ac_id_t algorithm, const char **name)
{
/* This function is deprecated. We implement it in terms of the
suggested replacement. */
const char *tmp = _gcry_pk_algo_name (algorithm);
if (!*tmp)
return gcry_error (GPG_ERR_PUBKEY_ALGO);
*name = tmp;
return 0;
}
gcry_error_t
gcry_ac_name_to_id (const char *name, gcry_ac_id_t *algorithm)
{
/* This function is deprecated. We implement it in terms of the
suggested replacement. */
int algo = _gcry_pk_map_name (name);
if (!algo)
return gcry_error (GPG_ERR_PUBKEY_ALGO);
*algorithm = algo;
return 0;
}
gpg_error_t gpg_error_t
gcry_kdf_derive (const void *passphrase, size_t passphraselen, gcry_kdf_derive (const void *passphrase, size_t passphraselen,
int algo, int hashalgo, int algo, int hashalgo,
@ -1144,3 +1444,43 @@ gcry_is_secure (const void *a)
{ {
return _gcry_is_secure (a); return _gcry_is_secure (a);
} }
gcry_error_t
gcry_cipher_register (gcry_cipher_spec_t *cipher, int *algorithm_id,
gcry_module_t *module)
{
return _gcry_cipher_register (cipher, NULL, algorithm_id, module);
}
void
gcry_cipher_unregister (gcry_module_t module)
{
_gcry_cipher_unregister (module);
}
gcry_error_t
gcry_pk_register (gcry_pk_spec_t *pubkey, unsigned int *algorithm_id,
gcry_module_t *module)
{
return _gcry_pk_register (pubkey, NULL, algorithm_id, module);
}
void
gcry_pk_unregister (gcry_module_t module)
{
_gcry_pk_unregister (module);
}
gcry_error_t
gcry_md_register (gcry_md_spec_t *digest, unsigned int *algorithm_id,
gcry_module_t *module)
{
return _gcry_md_register (digest, NULL, algorithm_id, module);
}
void
gcry_md_unregister (gcry_module_t module)
{
_gcry_md_unregister (module);
}

View file

@ -66,9 +66,12 @@
#define gcry_md_info _gcry_md_info #define gcry_md_info _gcry_md_info
#define gcry_md_is_enabled _gcry_md_is_enabled #define gcry_md_is_enabled _gcry_md_is_enabled
#define gcry_md_is_secure _gcry_md_is_secure #define gcry_md_is_secure _gcry_md_is_secure
#define gcry_md_list _gcry_md_list
#define gcry_md_map_name _gcry_md_map_name #define gcry_md_map_name _gcry_md_map_name
#define gcry_md_open _gcry_md_open #define gcry_md_open _gcry_md_open
#define gcry_md_read _gcry_md_read #define gcry_md_read _gcry_md_read
/* gcry_md_register and _gcry_md_register differ. */
#define gcry_md_unregister _gcry_md_unregister
#define gcry_md_reset _gcry_md_reset #define gcry_md_reset _gcry_md_reset
#define gcry_md_setkey _gcry_md_setkey #define gcry_md_setkey _gcry_md_setkey
#define gcry_md_write _gcry_md_write #define gcry_md_write _gcry_md_write
@ -86,9 +89,12 @@
#define gcry_cipher_get_algo_blklen _gcry_cipher_get_algo_blklen #define gcry_cipher_get_algo_blklen _gcry_cipher_get_algo_blklen
#define gcry_cipher_get_algo_keylen _gcry_cipher_get_algo_keylen #define gcry_cipher_get_algo_keylen _gcry_cipher_get_algo_keylen
#define gcry_cipher_info _gcry_cipher_info #define gcry_cipher_info _gcry_cipher_info
#define gcry_cipher_list _gcry_cipher_list
#define gcry_cipher_map_name _gcry_cipher_map_name #define gcry_cipher_map_name _gcry_cipher_map_name
#define gcry_cipher_mode_from_oid _gcry_cipher_mode_from_oid #define gcry_cipher_mode_from_oid _gcry_cipher_mode_from_oid
#define gcry_cipher_open _gcry_cipher_open #define gcry_cipher_open _gcry_cipher_open
/* gcry_cipher_register and _gcry_cipher_register differ. */
#define gcry_cipher_unregister _gcry_cipher_unregister
#define gcry_pk_algo_info _gcry_pk_algo_info #define gcry_pk_algo_info _gcry_pk_algo_info
#define gcry_pk_algo_name _gcry_pk_algo_name #define gcry_pk_algo_name _gcry_pk_algo_name
@ -100,11 +106,53 @@
#define gcry_pk_get_curve _gcry_pk_get_curve #define gcry_pk_get_curve _gcry_pk_get_curve
#define gcry_pk_get_param _gcry_pk_get_param #define gcry_pk_get_param _gcry_pk_get_param
#define gcry_pk_get_nbits _gcry_pk_get_nbits #define gcry_pk_get_nbits _gcry_pk_get_nbits
#define gcry_pk_list _gcry_pk_list
#define gcry_pk_map_name _gcry_pk_map_name #define gcry_pk_map_name _gcry_pk_map_name
/* gcry_pk_register and _gcry_pk_register differ. */
#define gcry_pk_unregister _gcry_pk_unregister
#define gcry_pk_sign _gcry_pk_sign #define gcry_pk_sign _gcry_pk_sign
#define gcry_pk_testkey _gcry_pk_testkey #define gcry_pk_testkey _gcry_pk_testkey
#define gcry_pk_verify _gcry_pk_verify #define gcry_pk_verify _gcry_pk_verify
#define gcry_ac_data_new _gcry_ac_data_new
#define gcry_ac_data_destroy _gcry_ac_data_destroy
#define gcry_ac_data_copy _gcry_ac_data_copy
#define gcry_ac_data_length _gcry_ac_data_length
#define gcry_ac_data_clear _gcry_ac_data_clear
#define gcry_ac_data_set _gcry_ac_data_set
#define gcry_ac_data_get_name _gcry_ac_data_get_name
#define gcry_ac_data_get_index _gcry_ac_data_get_index
#define gcry_ac_open _gcry_ac_open
#define gcry_ac_close _gcry_ac_close
#define gcry_ac_key_init _gcry_ac_key_init
#define gcry_ac_key_pair_generate _gcry_ac_key_pair_generate
#define gcry_ac_key_pair_extract _gcry_ac_key_pair_extract
#define gcry_ac_key_data_get _gcry_ac_key_data_get
#define gcry_ac_key_test _gcry_ac_key_test
#define gcry_ac_key_get_nbits _gcry_ac_key_get_nbits
#define gcry_ac_key_get_grip _gcry_ac_key_get_grip
#define gcry_ac_key_destroy _gcry_ac_key_destroy
#define gcry_ac_key_pair_destroy _gcry_ac_key_pair_destroy
#define gcry_ac_data_encrypt _gcry_ac_data_encrypt
#define gcry_ac_data_decrypt _gcry_ac_data_decrypt
#define gcry_ac_data_sign _gcry_ac_data_sign
#define gcry_ac_data_verify _gcry_ac_data_verify
#define gcry_ac_id_to_name _gcry_ac_id_to_name
#define gcry_ac_name_to_id _gcry_ac_name_to_id
#define gcry_ac_data_encode _gcry_ac_data_encode
#define gcry_ac_data_decode _gcry_ac_data_decode
#define gcry_ac_mpi_to_os _gcry_ac_mpi_to_os
#define gcry_ac_mpi_to_os_alloc _gcry_ac_mpi_to_os_alloc
#define gcry_ac_os_to_mpi _gcry_ac_os_to_mpi
#define gcry_ac_data_encrypt_scheme _gcry_ac_data_encrypt_scheme
#define gcry_ac_data_decrypt_scheme _gcry_ac_data_decrypt_scheme
#define gcry_ac_data_sign_scheme _gcry_ac_data_sign_scheme
#define gcry_ac_data_verify_scheme _gcry_ac_data_verify_scheme
#define gcry_ac_data_to_sexp _gcry_ac_data_to_sexp
#define gcry_ac_data_from_sexp _gcry_ac_data_from_sexp
#define gcry_ac_io_init _gcry_ac_io_init
#define gcry_ac_io_init_va _gcry_ac_io_init_va
#define gcry_kdf_derive _gcry_kdf_derive #define gcry_kdf_derive _gcry_kdf_derive
#define gcry_prime_check _gcry_prime_check #define gcry_prime_check _gcry_prime_check
@ -193,15 +241,111 @@
deprecated attribute. */ deprecated attribute. */
# define GCRYPT_NO_DEPRECATED # define GCRYPT_NO_DEPRECATED
# include "gcrypt.h" # include "gcrypt.h"
/* None in this version. */ /* The algorithm IDs. */
gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data);
void gcry_ac_data_destroy (gcry_ac_data_t data);
gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
gcry_ac_data_t data);
unsigned int gcry_ac_data_length (gcry_ac_data_t data);
void gcry_ac_data_clear (gcry_ac_data_t data);
gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
const char *name, gcry_mpi_t mpi);
gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
const char *name, gcry_mpi_t *mpi);
gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
unsigned int idx,
const char **name, gcry_mpi_t *mpi);
gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
const char **identifiers);
gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
const char **identifiers);
void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
gcry_ac_io_type_t type, ...);
void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
gcry_ac_io_type_t type, va_list ap);
gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
gcry_ac_id_t algorithm, unsigned int flags);
void gcry_ac_close (gcry_ac_handle_t handle);
gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
gcry_ac_key_type_t type, gcry_ac_data_t data);
gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
unsigned int nbits, void *spec,
gcry_ac_key_pair_t *key_pair,
gcry_mpi_t **misc_data);
gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
gcry_ac_key_type_t which);
gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key);
gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
gcry_ac_key_t key, unsigned int *nbits);
gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
unsigned char *key_grip);
void gcry_ac_key_destroy (gcry_ac_key_t key);
void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair);
gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method,
unsigned int flags, void *options,
gcry_ac_io_t *io_read,
gcry_ac_io_t *io_write);
gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
unsigned int flags, void *options,
gcry_ac_io_t *io_read,
gcry_ac_io_t *io_write);
gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
unsigned int flags,
gcry_ac_key_t key,
gcry_mpi_t data_plain,
gcry_ac_data_t *data_encrypted);
gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
unsigned int flags,
gcry_ac_key_t key,
gcry_mpi_t *data_plain,
gcry_ac_data_t data_encrypted);
gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
gcry_ac_key_t key,
gcry_mpi_t data,
gcry_ac_data_t *data_signature);
gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
gcry_ac_key_t key,
gcry_mpi_t data,
gcry_ac_data_t data_signature);
gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_cipher);
gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_cipher,
gcry_ac_io_t *io_message);
gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_signature);
gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
gcry_ac_scheme_t scheme,
unsigned int flags, void *opts,
gcry_ac_key_t key,
gcry_ac_io_t *io_message,
gcry_ac_io_t *io_signature);
gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm, const char **name);
gcry_error_t gcry_ac_name_to_id (const char *name, gcry_ac_id_t *algorithm);
#else #else
# include "gcrypt.h" # include "gcrypt.h"
#endif #endif
#include "gcrypt-module.h"
/* Prototypes of functions exported but not ready for use. */ /* Prototypes of functions exported but not ready for use. */
gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo,
unsigned char *buffer, int buflen); unsigned char *buffer, int buflen);
void gcry_ac_mpi_to_os (gcry_mpi_t mpi, unsigned char *os, size_t os_n);
gcry_error_t gcry_ac_mpi_to_os_alloc (gcry_mpi_t mpi, unsigned char **os,
size_t *os_n);
void gcry_ac_os_to_mpi (gcry_mpi_t mpi, unsigned char *os, size_t os_n);
/* Our use of the ELF visibility feature works by passing /* Our use of the ELF visibility feature works by passing
@ -272,9 +416,12 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo,
#undef gcry_md_info #undef gcry_md_info
#undef gcry_md_is_enabled #undef gcry_md_is_enabled
#undef gcry_md_is_secure #undef gcry_md_is_secure
#undef gcry_md_list
#undef gcry_md_map_name #undef gcry_md_map_name
#undef gcry_md_open #undef gcry_md_open
#undef gcry_md_read #undef gcry_md_read
/* gcry_md_register is not anymore a macro. */
#undef gcry_md_unregister
#undef gcry_md_reset #undef gcry_md_reset
#undef gcry_md_setkey #undef gcry_md_setkey
#undef gcry_md_write #undef gcry_md_write
@ -292,9 +439,12 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo,
#undef gcry_cipher_get_algo_blklen #undef gcry_cipher_get_algo_blklen
#undef gcry_cipher_get_algo_keylen #undef gcry_cipher_get_algo_keylen
#undef gcry_cipher_info #undef gcry_cipher_info
#undef gcry_cipher_list
#undef gcry_cipher_map_name #undef gcry_cipher_map_name
#undef gcry_cipher_mode_from_oid #undef gcry_cipher_mode_from_oid
#undef gcry_cipher_open #undef gcry_cipher_open
/* gcry_cipher_register is not anymore a macro. */
#undef gcry_cipher_unregister
#undef gcry_pk_algo_info #undef gcry_pk_algo_info
#undef gcry_pk_algo_name #undef gcry_pk_algo_name
@ -306,11 +456,53 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo,
#undef gcry_pk_get_curve #undef gcry_pk_get_curve
#undef gcry_pk_get_param #undef gcry_pk_get_param
#undef gcry_pk_get_nbits #undef gcry_pk_get_nbits
#undef gcry_pk_list
#undef gcry_pk_map_name #undef gcry_pk_map_name
/* gcry_pk_register is not anymore a macro. */
#undef gcry_pk_unregister
#undef gcry_pk_sign #undef gcry_pk_sign
#undef gcry_pk_testkey #undef gcry_pk_testkey
#undef gcry_pk_verify #undef gcry_pk_verify
#undef gcry_ac_data_new
#undef gcry_ac_data_destroy
#undef gcry_ac_data_copy
#undef gcry_ac_data_length
#undef gcry_ac_data_clear
#undef gcry_ac_data_set
#undef gcry_ac_data_get_name
#undef gcry_ac_data_get_index
#undef gcry_ac_open
#undef gcry_ac_close
#undef gcry_ac_key_init
#undef gcry_ac_key_pair_generate
#undef gcry_ac_key_pair_extract
#undef gcry_ac_key_data_get
#undef gcry_ac_key_test
#undef gcry_ac_key_get_nbits
#undef gcry_ac_key_get_grip
#undef gcry_ac_key_destroy
#undef gcry_ac_key_pair_destroy
#undef gcry_ac_data_encrypt
#undef gcry_ac_data_decrypt
#undef gcry_ac_data_sign
#undef gcry_ac_data_verify
#undef gcry_ac_id_to_name
#undef gcry_ac_name_to_id
#undef gcry_ac_data_encode
#undef gcry_ac_data_decode
#undef gcry_ac_mpi_to_os
#undef gcry_ac_mpi_to_os_alloc
#undef gcry_ac_os_to_mpi
#undef gcry_ac_data_encrypt_scheme
#undef gcry_ac_data_decrypt_scheme
#undef gcry_ac_data_sign_scheme
#undef gcry_ac_data_verify_scheme
#undef gcry_ac_data_to_sexp
#undef gcry_ac_data_from_sexp
#undef gcry_ac_io_init
#undef gcry_ac_io_init_va
#undef gcry_kdf_derive #undef gcry_kdf_derive
#undef gcry_prime_check #undef gcry_prime_check
@ -438,11 +630,14 @@ MARK_VISIBLE (gcry_md_hash_buffer)
MARK_VISIBLE (gcry_md_info) MARK_VISIBLE (gcry_md_info)
MARK_VISIBLE (gcry_md_is_enabled) MARK_VISIBLE (gcry_md_is_enabled)
MARK_VISIBLE (gcry_md_is_secure) MARK_VISIBLE (gcry_md_is_secure)
MARK_VISIBLE (gcry_md_list)
MARK_VISIBLE (gcry_md_map_name) MARK_VISIBLE (gcry_md_map_name)
MARK_VISIBLE (gcry_md_open) MARK_VISIBLE (gcry_md_open)
MARK_VISIBLE (gcry_md_read) MARK_VISIBLE (gcry_md_read)
MARK_VISIBLEX(gcry_md_register)
MARK_VISIBLE (gcry_md_reset) MARK_VISIBLE (gcry_md_reset)
MARK_VISIBLE (gcry_md_setkey) MARK_VISIBLE (gcry_md_setkey)
MARK_VISIBLE (gcry_md_unregister)
MARK_VISIBLE (gcry_md_write) MARK_VISIBLE (gcry_md_write)
MARK_VISIBLE (gcry_md_debug) MARK_VISIBLE (gcry_md_debug)
@ -458,9 +653,12 @@ MARK_VISIBLE (gcry_cipher_encrypt)
MARK_VISIBLE (gcry_cipher_get_algo_blklen) MARK_VISIBLE (gcry_cipher_get_algo_blklen)
MARK_VISIBLE (gcry_cipher_get_algo_keylen) MARK_VISIBLE (gcry_cipher_get_algo_keylen)
MARK_VISIBLE (gcry_cipher_info) MARK_VISIBLE (gcry_cipher_info)
MARK_VISIBLE (gcry_cipher_list)
MARK_VISIBLE (gcry_cipher_map_name) MARK_VISIBLE (gcry_cipher_map_name)
MARK_VISIBLE (gcry_cipher_mode_from_oid) MARK_VISIBLE (gcry_cipher_mode_from_oid)
MARK_VISIBLE (gcry_cipher_open) MARK_VISIBLE (gcry_cipher_open)
MARK_VISIBLEX(gcry_cipher_register)
MARK_VISIBLE (gcry_cipher_unregister)
MARK_VISIBLE (gcry_pk_algo_info) MARK_VISIBLE (gcry_pk_algo_info)
MARK_VISIBLE (gcry_pk_algo_name) MARK_VISIBLE (gcry_pk_algo_name)
@ -472,11 +670,55 @@ MARK_VISIBLE (gcry_pk_get_keygrip)
MARK_VISIBLE (gcry_pk_get_curve) MARK_VISIBLE (gcry_pk_get_curve)
MARK_VISIBLE (gcry_pk_get_param) MARK_VISIBLE (gcry_pk_get_param)
MARK_VISIBLE (gcry_pk_get_nbits) MARK_VISIBLE (gcry_pk_get_nbits)
MARK_VISIBLE (gcry_pk_list)
MARK_VISIBLE (gcry_pk_map_name) MARK_VISIBLE (gcry_pk_map_name)
MARK_VISIBLEX(gcry_pk_register)
MARK_VISIBLE (gcry_pk_sign) MARK_VISIBLE (gcry_pk_sign)
MARK_VISIBLE (gcry_pk_testkey) MARK_VISIBLE (gcry_pk_testkey)
MARK_VISIBLE (gcry_pk_unregister)
MARK_VISIBLE (gcry_pk_verify) MARK_VISIBLE (gcry_pk_verify)
MARK_VISIBLE (gcry_ac_data_new)
MARK_VISIBLE (gcry_ac_data_destroy)
MARK_VISIBLE (gcry_ac_data_copy)
MARK_VISIBLE (gcry_ac_data_length)
MARK_VISIBLE (gcry_ac_data_clear)
MARK_VISIBLE (gcry_ac_data_set)
MARK_VISIBLE (gcry_ac_data_get_name)
MARK_VISIBLE (gcry_ac_data_get_index)
MARK_VISIBLE (gcry_ac_open)
MARK_VISIBLE (gcry_ac_close)
MARK_VISIBLE (gcry_ac_key_init)
MARK_VISIBLE (gcry_ac_key_pair_generate)
MARK_VISIBLE (gcry_ac_key_pair_extract)
MARK_VISIBLE (gcry_ac_key_data_get)
MARK_VISIBLE (gcry_ac_key_test)
MARK_VISIBLE (gcry_ac_key_get_nbits)
MARK_VISIBLE (gcry_ac_key_get_grip)
MARK_VISIBLE (gcry_ac_key_destroy)
MARK_VISIBLE (gcry_ac_key_pair_destroy)
MARK_VISIBLE (gcry_ac_data_encrypt)
MARK_VISIBLE (gcry_ac_data_decrypt)
MARK_VISIBLE (gcry_ac_data_sign)
MARK_VISIBLE (gcry_ac_data_verify)
MARK_VISIBLE (gcry_ac_id_to_name)
MARK_VISIBLE (gcry_ac_name_to_id)
/* MARK_VISIBLE (gcry_ac_list) Not defined although it is in
libgcrypt.vers. */
MARK_VISIBLE (gcry_ac_data_encode)
MARK_VISIBLE (gcry_ac_data_decode)
MARK_VISIBLE (gcry_ac_mpi_to_os)
MARK_VISIBLE (gcry_ac_mpi_to_os_alloc)
MARK_VISIBLE (gcry_ac_os_to_mpi)
MARK_VISIBLE (gcry_ac_data_encrypt_scheme)
MARK_VISIBLE (gcry_ac_data_decrypt_scheme)
MARK_VISIBLE (gcry_ac_data_sign_scheme)
MARK_VISIBLE (gcry_ac_data_verify_scheme)
MARK_VISIBLE (gcry_ac_data_to_sexp)
MARK_VISIBLE (gcry_ac_data_from_sexp)
MARK_VISIBLE (gcry_ac_io_init)
MARK_VISIBLE (gcry_ac_io_init_va)
MARK_VISIBLE (gcry_kdf_derive) MARK_VISIBLE (gcry_kdf_derive)
MARK_VISIBLE (gcry_prime_check) MARK_VISIBLE (gcry_prime_check)

View file

@ -27,6 +27,9 @@
#include <sys/types.h> #include <sys/types.h>
#define _gcry_mpi_invm gcry_mpi_invm
#define _gcry_mpi_set gcry_mpi_set
#define _gcry_mpi_set_ui gcry_mpi_set_ui
#define size_t grub_size_t #define size_t grub_size_t
#undef __GNU_LIBRARY__ #undef __GNU_LIBRARY__
@ -48,11 +51,13 @@ selftest (void)
} }
static inline int static inline int
fips_mode (void) _gcry_fips_mode (void)
{ {
return 0; return 0;
} }
#define assert gcry_assert
#ifdef GRUB_UTIL #ifdef GRUB_UTIL
#define memset grub_memset #define memset grub_memset

View file

@ -65,7 +65,8 @@ typedef enum
GPG_ERR_WRONG_KEY_USAGE, GPG_ERR_WRONG_KEY_USAGE,
GPG_ERR_WRONG_PUBKEY_ALGO, GPG_ERR_WRONG_PUBKEY_ALGO,
GPG_ERR_OUT_OF_MEMORY, GPG_ERR_OUT_OF_MEMORY,
GPG_ERR_TOO_LARGE GPG_ERR_TOO_LARGE,
GPG_ERR_ENOMEM
} gpg_err_code_t; } gpg_err_code_t;
typedef gpg_err_code_t gpg_error_t; typedef gpg_err_code_t gpg_error_t;
typedef gpg_error_t gcry_error_t; typedef gpg_error_t gcry_error_t;
@ -331,6 +332,7 @@ grub_md_unregister (gcry_md_spec_t *cipher);
extern struct gcry_pk_spec *grub_crypto_pk_dsa; extern struct gcry_pk_spec *grub_crypto_pk_dsa;
extern struct gcry_pk_spec *grub_crypto_pk_ecdsa; extern struct gcry_pk_spec *grub_crypto_pk_ecdsa;
extern struct gcry_pk_spec *grub_crypto_pk_ecdh;
extern struct gcry_pk_spec *grub_crypto_pk_rsa; extern struct gcry_pk_spec *grub_crypto_pk_rsa;
void void

View file

@ -102,10 +102,10 @@ cryptolist.write ("CRC64: crc64\n");
for cipher_file in cipher_files: for cipher_file in cipher_files:
infile = os.path.join (cipher_dir_in, cipher_file) infile = os.path.join (cipher_dir_in, cipher_file)
outfile = os.path.join (cipher_dir_out, cipher_file) outfile = os.path.join (cipher_dir_out, cipher_file)
if cipher_file == "ChangeLog": if cipher_file == "ChangeLog" or cipher_file == "ChangeLog-2011":
continue continue
chlognew = " * %s" % cipher_file chlognew = " * %s" % cipher_file
if re.match ("(Manifest|Makefile\.am|ac\.c|cipher\.c|hash-common\.c|hmac-tests\.c|md\.c|pubkey\.c)$", cipher_file) or cipher_file == "elgamal.c" or cipher_file == "primegen.c" or cipher_file == "test-getrusage.c": if re.match ("(Manifest|Makefile\.am|ac\.c|cipher\.c|hash-common\.c|hmac-tests\.c|md\.c|pubkey\.c)$", cipher_file) or cipher_file == "kdf.c" or cipher_file == "elgamal.c" or cipher_file == "primegen.c" or cipher_file == "ecc.c" or cipher_file == "test-getrusage.c":
chlog = "%s%s: Removed\n" % (chlog, chlognew) chlog = "%s%s: Removed\n" % (chlog, chlognew)
continue continue
# Autogenerated files. Not even worth mentionning in ChangeLog # Autogenerated files. Not even worth mentionning in ChangeLog
@ -139,7 +139,7 @@ for cipher_file in cipher_files:
mdnames = [] mdnames = []
pknames = [] pknames = []
hold = False hold = False
skip = False skip = 0
skip2 = False skip2 = False
ismd = False ismd = False
ispk = False ispk = False
@ -160,9 +160,9 @@ for cipher_file in cipher_files:
if not re.search (";", line) is None: if not re.search (";", line) is None:
skip_statement = False skip_statement = False
continue continue
if skip: if skip > 0:
if line[0] == "}": if line[0] == "}":
skip = False skip = skip - 1
continue continue
if skip2: if skip2:
if not re.search (" *};", line) is None: if not re.search (" *};", line) is None:
@ -195,7 +195,7 @@ for cipher_file in cipher_files:
# Used only for selftests. # Used only for selftests.
m = re.match ("(static byte|static unsigned char) (weak_keys_chksum)\[[0-9]*\] =", line) m = re.match ("(static byte|static unsigned char) (weak_keys_chksum)\[[0-9]*\] =", line)
if not m is None: if not m is None:
skip = True skip = 1
fname = m.groups ()[1] fname = m.groups ()[1]
chmsg = "(%s): Removed." % fname chmsg = "(%s): Removed." % fname
if nch: if nch:
@ -209,7 +209,11 @@ for cipher_file in cipher_files:
# We're optimising for size and exclude anything needing good # We're optimising for size and exclude anything needing good
# randomness. # randomness.
if not re.match ("(run_selftests|selftest|_gcry_aes_c.._..c|_gcry_[a-z0-9]*_hash_buffer|tripledes_set2keys|do_tripledes_set_extra_info|_gcry_rmd160_mixblock|serpent_test|dsa_generate_ext|test_keys|gen_k|sign|gen_x931_parm_xp|generate_x931|generate_key|dsa_generate|dsa_sign|ecc_sign|generate|generate_fips186|_gcry_register_pk_dsa_progress|_gcry_register_pk_ecc_progress|progress|scanval|ec2os|ecc_generate_ext|ecc_generate|compute_keygrip|ecc_get_param|_gcry_register_pk_dsa_progress|gen_x931_parm_xp|gen_x931_parm_xi|rsa_decrypt|rsa_sign|rsa_generate_ext|rsa_generate|secret|check_exponent|rsa_blind|rsa_unblind|extract_a_from_sexp|curve_free|curve_copy|point_set)", line) is None: if not re.match ("(run_selftests|selftest|_gcry_aes_c.._..c|_gcry_[a-z0-9]*_hash_buffer|tripledes_set2keys|do_tripledes_set_extra_info|_gcry_rmd160_mixblock|serpent_test|dsa_generate_ext|test_keys|gen_k|sign|gen_x931_parm_xp|generate_x931|generate_key|dsa_generate|dsa_sign|ecc_sign|generate|generate_fips186|_gcry_register_pk_dsa_progress|_gcry_register_pk_ecc_progress|progress|scanval|ec2os|ecc_generate_ext|ecc_generate|compute_keygrip|ecc_get_param|_gcry_register_pk_dsa_progress|gen_x931_parm_xp|gen_x931_parm_xi|rsa_decrypt|rsa_sign|rsa_generate_ext|rsa_generate|secret|check_exponent|rsa_blind|rsa_unblind|extract_a_from_sexp|curve_free|curve_copy|point_set)", line) is None:
skip = True
skip = 1
if not re.match ("selftest", line) is None and cipher_file == "idea.c":
skip = 3
if not re.match ("serpent_test", line) is None: if not re.match ("serpent_test", line) is None:
fw.write ("static const char *serpent_test (void) { return 0; }\n"); fw.write ("static const char *serpent_test (void) { return 0; }\n");
if not re.match ("dsa_generate", line) is None: if not re.match ("dsa_generate", line) is None:
@ -343,9 +347,16 @@ for cipher_file in cipher_files:
holdline = line holdline = line
continue continue
m = re.match ("static int tripledes_set2keys \(.*\);", line) m = re.match ("static int tripledes_set2keys \(.*\);", line)
if not m is None:
continue
m = re.match ("static int tripledes_set3keys \(.*\);", line)
if not m is None: if not m is None:
continue continue
m = re.match ("static int tripledes_set2keys \(", line) m = re.match ("static int tripledes_set2keys \(", line)
if not m is None:
skip_statement = True
continue
m = re.match ("static int tripledes_set3keys \(", line)
if not m is None: if not m is None:
skip_statement = True skip_statement = True
continue continue
@ -451,7 +462,7 @@ for cipher_file in cipher_files:
conf.write (" cflags = '$(CFLAGS_GCRY) -Wno-redundant-decls -Wno-sign-compare';\n") conf.write (" cflags = '$(CFLAGS_GCRY) -Wno-redundant-decls -Wno-sign-compare';\n")
elif modname == "gcry_rijndael" or modname == "gcry_md4" or modname == "gcry_md5" or modname == "gcry_rmd160" or modname == "gcry_sha1" or modname == "gcry_sha256" or modname == "gcry_sha512" or modname == "gcry_tiger": elif modname == "gcry_rijndael" or modname == "gcry_md4" or modname == "gcry_md5" or modname == "gcry_rmd160" or modname == "gcry_sha1" or modname == "gcry_sha256" or modname == "gcry_sha512" or modname == "gcry_tiger":
# Alignment checked by hand # Alignment checked by hand
conf.write (" cflags = '$(CFLAGS_GCRY) -Wno-cast-align -Wno-strict-aliasing';\n"); conf.write (" cflags = '$(CFLAGS_GCRY) -Wno-cast-align';\n");
else: else:
conf.write (" cflags = '$(CFLAGS_GCRY)';\n"); conf.write (" cflags = '$(CFLAGS_GCRY)';\n");
conf.write (" cppflags = '$(CPPFLAGS_GCRY)';\n"); conf.write (" cppflags = '$(CPPFLAGS_GCRY)';\n");
@ -522,18 +533,18 @@ for src in sorted (os.listdir (os.path.join (indir, "mpi"))):
fw.write ("/* This file was automatically imported with \n") fw.write ("/* This file was automatically imported with \n")
fw.write (" import_gcry.py. Please don't modify it */\n") fw.write (" import_gcry.py. Please don't modify it */\n")
hold = False hold = False
skip = False skip = 0
for line in f: for line in f:
if skip: if skip > 0:
if line[0] == "}": if line[0] == "}":
skip = False skip = skip - 1
continue continue
if hold: if hold:
hold = False hold = False
# We're optimising for size and exclude anything needing good # We're optimising for size and exclude anything needing good
# randomness. # randomness.
if not re.match ("(_gcry_mpi_get_hw_config|gcry_mpi_randomize)", line) is None: if not re.match ("(_gcry_mpi_get_hw_config|gcry_mpi_randomize)", line) is None:
skip = True skip = 1
continue continue
else: else:
fw.write (holdline) fw.write (holdline)

View file

@ -7,9 +7,12 @@
/^# *include <time\.h>/ d /^# *include <time\.h>/ d
/^# *include <sys\/socket\.h>/ d /^# *include <sys\/socket\.h>/ d
/^# *include <sys\/time\.h>/ d /^# *include <sys\/time\.h>/ d
/^ typedef long ssize_t;/ d
/^ typedef int pid_t;/ d
/^# *include <gpg-error\.h>/ s,#include <gpg-error.h>,#include <grub/gcrypt/gpg-error.h>, /^# *include <gpg-error\.h>/ s,#include <gpg-error.h>,#include <grub/gcrypt/gpg-error.h>,
/^typedef gpg_error_t gcry_error_t;/ d /^typedef gpg_error_t gcry_error_t;/ d
/^typedef gpg_err_code_t gcry_err_code_t;/ d /^typedef gpg_err_code_t gcry_err_code_t;/ d
/^typedef struct gcry_mpi \*gcry_mpi_t;/ d /^typedef struct gcry_mpi \*gcry_mpi_t;/ d
/^struct gcry_thread_cbs/ d
s,_gcry_mpi_invm,gcry_mpi_invm,g s,_gcry_mpi_invm,gcry_mpi_invm,g
p p