From b817bfc642225b8c3c0b6a7e42d1fb949b61a606 Mon Sep 17 00:00:00 2001 From: mdw Date: Thu, 8 Apr 2004 01:36:29 +0000 Subject: [PATCH] Expunge revision histories in files. --- Makefile.m4 | 270 +-------------------------- acconfig.h | 17 +- arena.c | 10 +- arena.h | 10 +- bbs-fetch.c | 13 +- bbs-gen.c | 22 +-- bbs-jump.c | 19 +- bbs-rand.c | 21 +-- bbs.h | 27 +-- bitops.h | 10 +- bittest.c | 10 +- blkc.h | 27 +-- blowfish-mktab.c | 13 +- blowfish.c | 16 +- blowfish.h | 16 +- buf.c | 33 +--- buf.h | 23 +-- calc/ec2.cal | 25 +-- calc/ecp.cal | 25 +-- calc/gfx-test.cal | 10 +- calc/gfx.cal | 16 +- cast-base.h | 13 +- cast-s.c | 13 +- cast-sk.c | 13 +- cast-tab.h | 10 +- cast128.c | 10 +- cast128.h | 10 +- cast256.c | 10 +- cast256.h | 10 +- catacomb-config.in | 9 +- cbc-def.h | 19 +- cbc.h | 16 +- cfb-def.h | 19 +- cfb.h | 19 +- configure.in | 63 +------ counter-def.h | 16 +- counter.h | 16 +- crc32.c | 13 +- crc32.h | 10 +- daftstory.h | 16 +- des-base.c | 16 +- des-base.h | 16 +- des-mktab.c | 19 +- des.c | 13 +- des.h | 16 +- des3.c | 13 +- des3.h | 16 +- desx-tab.h | 10 +- desx.c | 13 +- desx.h | 10 +- dh-check.c | 13 +- dh-fetch.c | 13 +- dh-gen.c | 13 +- dh-limlee.c | 14 +- dh-param.c | 14 +- dh.h | 30 +-- dsa-check.c | 10 +- dsa-gen.c | 36 +--- dsa-sign.c | 17 +- dsa-verify.c | 28 +-- dsa.h | 31 +--- dsarand.c | 17 +- dsarand.h | 17 +- dsig.c | 38 +--- ec-bin.c | 39 +--- ec-exp.c | 14 +- ec-exp.h | 27 +-- ec-fetch.c | 10 +- ec-info.c | 25 +-- ec-keys.h | 17 +- ec-prime.c | 52 +----- ec-raw.c | 10 +- ec-raw.h | 10 +- ec-test.c | 26 +-- ec-test.h | 10 +- ec.c | 47 +---- ec.h | 53 +----- ecb-def.h | 13 +- ecb.h | 13 +- ectab.h | 22 +-- exp.c | 11 +- exp.h | 22 +-- f-binpoly.c | 39 +--- f-niceprime.c | 30 +-- f-prime.c | 57 +----- factorial.c | 17 +- fibrand.c | 19 +- fibrand.h | 13 +- field-parse.c | 18 +- field.c | 23 +-- field.h | 49 +---- fipstest.c | 16 +- fipstest.h | 17 +- g-ec.c | 20 +- g-prime.c | 26 +-- gcipher.h | 16 +- gdsa.c | 16 +- gdsa.h | 10 +- gengctab | 5 +- genprimes.c | 29 +-- gf-arith.c | 16 +- gf-gcd.c | 41 +++-- gf.h | 31 ++-- gfn.c | 12 +- gfn.h | 12 +- gfreduce-exp.h | 13 +- gfreduce.c | 19 +- gfreduce.h | 13 +- gfshare-mktab.c | 16 +- gfshare.c | 34 +--- gfshare.h | 27 +-- gfx-kmul.c | 16 +- gfx-sqr-mktab.c | 10 +- gfx-sqr.c | 19 +- gfx.c | 10 +- gfx.h | 16 +- ghash-def.h | 29 +-- ghash.h | 30 +-- gkcdsa.c | 13 +- gkcdsa.h | 10 +- gmac.h | 16 +- grand.c | 13 +- grand.h | 26 +-- group-dstr.c | 14 +- group-exp.c | 14 +- group-exp.h | 14 +- group-file.c | 17 +- group-parse.c | 17 +- group-stdops.c | 14 +- group-string.c | 14 +- group-test.c | 17 +- group.h | 20 +- has160.c | 10 +- has160.h | 10 +- hash.h | 19 +- hashsum.c | 45 +---- hmac-def.h | 33 +--- hmac.h | 26 +-- idea.c | 20 +- idea.h | 16 +- karatsuba.h | 14 +- key-attr.c | 19 +- key-binary.c | 30 +-- key-data.c | 23 +-- key-data.h | 16 +- key-error.c | 16 +- key-fetch.c | 10 +- key-file.c | 13 +- key-flags.c | 22 +-- key-io.c | 22 +-- key-misc.c | 20 +- key-moan.c | 10 +- key-pack.c | 13 +- key-pass.c | 19 +- key-text.c | 23 +-- key.1 | 12 +- key.h | 38 +--- keycheck-mp.c | 10 +- keycheck-report.c | 10 +- keycheck.c | 13 +- keycheck.h | 10 +- keyring.5 | 20 +- keysz.c | 10 +- keyutil.c | 86 +-------- lcrand.c | 19 +- lcrand.h | 13 +- limlee.c | 36 +--- limlee.h | 21 +-- lmem.c | 22 +-- lmem.h | 20 +- manual/catacomb.tex | 12 +- mars-mktab.c | 10 +- mars.c | 10 +- mars.h | 10 +- maurer.c | 16 +- maurer.h | 13 +- md2-tab.h | 10 +- md2.c | 13 +- md2.h | 10 +- md4.c | 16 +- md4.h | 20 +- md5.c | 16 +- md5.h | 20 +- mgf-def.h | 10 +- mgf.h | 10 +- mkphrase.c | 19 +- mp-arith.c | 65 +------ mp-const.c | 15 +- mp-gcd.c | 50 +++-- mp-io.c | 27 +-- mp-jacobi.c | 19 +- mp-mem.c | 28 +-- mp-misc.c | 19 +- mp-modsqrt.c | 23 +-- mp-sqrt.c | 20 +- mp-test.c | 10 +- mp.h | 77 ++------ mparena.c | 25 +-- mparena.h | 16 +- mpbarrett-exp.c | 22 +-- mpbarrett-exp.h | 16 +- mpbarrett-mexp.c | 24 +-- mpbarrett.c | 42 +---- mpbarrett.h | 23 +-- mpcrt.c | 29 +-- mpcrt.h | 13 +- mpdump.c | 10 +- mpint.c | 16 +- mpint.h | 24 +-- mpmont-exp.c | 19 +- mpmont-exp.h | 16 +- mpmont-mexp.c | 43 +---- mpmont.c | 78 +------- mpmont.h | 35 +--- mpmul.c | 20 +- mpmul.h | 10 +- mprand.c | 23 +-- mprand.h | 13 +- mpreduce-exp.h | 16 +- mpreduce.c | 10 +- mpreduce.h | 10 +- mpscan.c | 17 +- mpscan.h | 20 +- mptext-dstr.c | 16 +- mptext-file.c | 13 +- mptext-len.c | 10 +- mptext-string.c | 23 +-- mptext.c | 62 +------ mptext.h | 26 +-- mptypes.c | 17 +- mpw.h | 16 +- mpx-kmul.c | 35 +--- mpx-ksqr.c | 30 +-- mpx.c | 70 +------ mpx.h | 58 +----- noekeon.c | 13 +- noekeon.h | 19 +- noise.c | 29 +-- noise.h | 23 +-- oaep.c | 211 ++++++--------------- oaep.h | 123 ------------- ofb-def.h | 25 +-- ofb.h | 19 +- papers/rand.tex | 15 +- paranoia.h | 13 +- passphrase.c | 24 +-- passphrase.h | 10 +- pfilt.c | 42 +---- pfilt.h | 30 +-- pgen-gcd.c | 15 +- pgen-safe.c | 20 +- pgen-stdev.c | 16 +- pgen.c | 32 +--- pgen.h | 27 +-- pixie-client.c | 14 +- pixie-common.c | 10 +- pixie.c | 70 +------ pixie.h | 14 +- pkcs1.c | 163 +++++++++-------- pkcs1.h | 138 -------------- prim.c | 18 +- prim.h | 15 +- pss.c | 268 +++++++++++---------------- pss.h | 167 ----------------- ptab.h | 14 +- qdparse.c | 10 +- qdparse.h | 10 +- rabin.c | 33 +--- rabin.h | 27 +-- rand.c | 23 +-- rand.h | 33 +--- rc2-tab.h | 10 +- rc2.c | 13 +- rc2.h | 10 +- rc4.c | 23 +-- rc4.h | 17 +- rc5.c | 13 +- rc5.h | 16 +- rho.c | 19 +- rho.h | 13 +- rijndael-base.c | 10 +- rijndael-base.h | 10 +- rijndael-mktab.c | 16 +- rijndael.c | 19 +- rijndael.h | 16 +- rijndael192.c | 10 +- rijndael192.h | 10 +- rijndael256.c | 10 +- rijndael256.h | 10 +- rmd128.c | 10 +- rmd128.h | 14 +- rmd160.c | 16 +- rmd160.h | 20 +- rmd256.c | 13 +- rmd256.h | 14 +- rmd320.c | 10 +- rmd320.h | 14 +- rsa-fetch.c | 13 +- rsa-gen.c | 36 +--- rsa-priv.c | 104 +++-------- rsa-pub.c | 123 ++++++------- rsa-recover.c | 27 +-- rsa-test.c | 514 ++++++++++++++++++++++++++++++++++++++++++++++++++++ rsa.h | 141 +++++++++----- rspit.c | 71 +------- safer-mktab.c | 10 +- safer.c | 10 +- safer.h | 13 +- seal.c | 10 +- seal.h | 10 +- serpent-check.c | 10 +- serpent-sbox.h | 10 +- serpent.c | 10 +- serpent.h | 13 +- sha.c | 16 +- sha.h | 23 +-- sha256.c | 13 +- sha256.h | 17 +- sha512.c | 10 +- sha512.h | 14 +- share.c | 31 +--- share.h | 18 +- skipjack-tab.h | 10 +- skipjack.c | 20 +- skipjack.h | 14 +- square-mktab.c | 13 +- square.c | 13 +- square.h | 13 +- sslprf.c | 34 ++-- sslprf.h | 10 +- strongprime.c | 19 +- strongprime.h | 13 +- tea.c | 14 +- tea.h | 14 +- tests/Makefile.m4 | 12 +- tests/gdsa | 32 +++- tests/oaep | 14 -- tests/rsa | 232 ++++++++++++++++++++++++ tiger-base.h | 10 +- tiger-mktab.c | 10 +- tiger.c | 10 +- tiger.h | 14 +- tlsprf.c | 54 +++--- tlsprf.h | 10 +- twofish-mktab.c | 21 +-- twofish.c | 19 +- twofish.h | 19 +- xtea.c | 14 +- xtea.h | 17 +- 349 files changed, 1729 insertions(+), 7420 deletions(-) delete mode 100644 oaep.h delete mode 100644 pkcs1.h delete mode 100644 pss.h create mode 100644 rsa-test.c delete mode 100644 tests/oaep create mode 100644 tests/rsa diff --git a/Makefile.m4 b/Makefile.m4 index 3f2672d..890dc8f 100644 --- a/Makefile.m4 +++ b/Makefile.m4 @@ -1,6 +1,6 @@ ## -*-m4-*- ## -## $Id: Makefile.m4,v 1.79 2004/04/04 19:42:59 mdw Exp $ +## $Id: Makefile.m4,v 1.80 2004/04/08 01:36:15 mdw Exp $ ## ## Makefile for Catacomb ## @@ -26,263 +26,6 @@ ## Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, ## MA 02111-1307, USA. -##----- Revision history ---------------------------------------------------- -## -## $Log: Makefile.m4,v $ -## Revision 1.79 2004/04/04 19:42:59 mdw -## Add set -e. -## -## Revision 1.78 2004/04/04 19:04:11 mdw -## Raw I/O of elliptic curve points and group elements. -## -## Revision 1.77 2004/04/01 21:28:41 mdw -## Normal basis support (translates to poly basis internally). Rewrite -## EC and prime group table generators in awk, so that they can reuse data -## for repeated constants. -## -## Revision 1.76 2004/04/01 12:59:40 mdw -## Ooops! qdparse needs mp headers. -## -## Revision 1.75 2004/04/01 12:50:09 mdw -## Add cyclic group abstraction, with test code. Separate off exponentation -## functions for better static linking. Fix a buttload of bugs on the way. -## Generally ensure that negative exponents do inversion correctly. Add -## table of standard prime-field subgroups. (Binary field subgroups are -## currently unimplemented but easy to add if anyone ever finds a good one.) -## -## Revision 1.74 2004/03/28 01:58:47 mdw -## Generate, store and retreive elliptic curve keys. -## -## Revision 1.73 2004/03/27 18:38:00 mdw -## Fix distribution. -## -## Revision 1.72 2004/03/27 17:55:11 mdw -## Run ec-info test. -## -## Revision 1.71 2004/03/27 17:54:11 mdw -## Standard curves and curve checking. -## -## Revision 1.70 2004/03/27 00:04:46 mdw -## Implement efficient reduction for pleasant-looking primes. -## -## Revision 1.69 2004/03/23 15:19:32 mdw -## Test elliptic curves more thoroughly. -## -## Revision 1.68 2004/03/21 23:03:30 mdw -## Distribute headers properly. -## -## Revision 1.67 2004/03/21 22:52:06 mdw -## Merge and close elliptic curve branch. -## -## Revision 1.60.2.2 2004/03/21 22:39:46 mdw -## Elliptic curves on binary fields work. -## -## Revision 1.60.2.1 2003/06/10 13:43:53 mdw -## Simple (non-projective) curves over prime fields now seem to work. -## -## Revision 1.66 2004/03/21 22:43:50 mdw -## New hash variant SHA224. -## -## Revision 1.65 2003/11/29 23:39:36 mdw -## Debianization. -## -## Revision 1.64 2003/11/10 22:18:30 mdw -## Build fixes. -## -## Revision 1.63 2003/10/17 16:30:46 mdw -## Report errors if key files don't exist! -## -## Revision 1.62 2003/10/12 15:02:09 mdw -## Reliability fixes. -## -## Revision 1.61 2003/10/11 21:02:33 mdw -## Import buf stuff from tripe. -## -## Revision 1.60 2003/05/16 01:12:37 mdw -## Ship `rc2-tab.h' and `skipjack-tab.h'. -## -## Revision 1.59 2003/05/16 00:54:50 mdw -## Install pixie to fake root if wanted. Ship `desx-tab.h' -## -## Revision 1.58 2002/10/19 17:56:50 mdw -## Fix bit operations. Test them (a bit) better. -## -## Revision 1.57 2002/10/15 22:58:29 mdw -## Fast estimation of number representation lengths. -## -## Revision 1.56 2001/06/16 13:01:10 mdw -## New source files and tests. -## -## Revision 1.55 2001/05/08 22:17:41 mdw -## New cipher Noekeon added. -## -## Revision 1.54 2001/05/07 17:32:52 mdw -## New Rijndael block sizes. -## -## Revision 1.53 2001/04/29 18:11:19 mdw -## New block cipher MARS. -## -## Revision 1.52 2001/04/29 17:37:35 mdw -## Added SAFER block cipher. -## -## Revision 1.51 2001/04/19 18:26:32 mdw -## Add CRC as another hash function. -## -## Revision 1.50 2001/04/06 22:05:10 mdw -## Add support for SSL pseudo-random function. -## -## Revision 1.49 2001/04/04 20:10:52 mdw -## Add support for the TLS pseudo-random function. -## -## Revision 1.48 2001/04/03 19:36:50 mdw -## New block cipher DESX added. -## -## Revision 1.47 2001/03/03 13:14:13 mdw -## Distribute md2-tab.h -## -## Revision 1.46 2001/02/21 20:03:22 mdw -## Added support for MD2 hash function. -## -## Revision 1.45 2001/02/03 16:09:41 mdw -## New files added. -## -## Revision 1.44 2000/10/15 17:49:00 mdw -## New SHA variants with longer outputs. -## -## Revision 1.43 2000/10/08 16:01:26 mdw -## Add binary poly arithmetic. Tidy table generation stuff. Distribute -## calc prototypes. -## -## Revision 1.42 2000/10/08 12:16:06 mdw -## Remove vestiges of @primorial@. -## -## Revision 1.41 2000/08/15 21:46:20 mdw -## Set up the dependencies on primetab.[ch] and mptypes.h properly. -## There's some m4 hacking, but it's worth it not to have to recompile all -## the cipher modes. -## -## Revision 1.40 2000/08/06 10:50:55 mdw -## (mkphrase): New program for generating random passphrases with measured -## strength. -## -## Revision 1.39 2000/07/29 21:55:32 mdw -## Make sure the pixie is installed setuid-root (workaround for an Automake -## bug). Install new manpages. -## -## Revision 1.38 2000/07/29 10:54:55 mdw -## Further fixing to support building using normal `make' again. ;-) I -## think we're there now. -## -## Revision 1.37 2000/07/29 10:02:36 mdw -## Lots of fixing to support `make -j' building. -## -## Revision 1.36 2000/07/20 20:13:38 mdw -## Added Bellare and Rogaway's PSS encoding for RSA signatures. -## -## Revision 1.35 2000/07/16 20:00:46 mdw -## Bug fixes to distribution. -## -## Revision 1.34 2000/07/15 20:55:32 mdw -## More hashes and ciphers. An extra tool. -## -## Revision 1.33 2000/07/09 21:34:15 mdw -## New hash functions and other stuff. -## -## Revision 1.32 2000/07/01 11:27:32 mdw -## Name changes and new files. -## -## Revision 1.31 2000/06/25 13:02:07 mdw -## Fix cleaning of generated files. -## -## Revision 1.30 2000/06/22 19:10:33 mdw -## Fix Makefile to test mp-sqrt.c. -## -## Revision 1.29 2000/06/22 19:04:19 mdw -## More new functions to be added. -## -## Revision 1.28 2000/06/18 23:31:18 mdw -## Rearrange build order to ensure that `mptypes.h' exists by the time it's -## needed. -## -## Revision 1.27 2000/06/17 13:28:50 mdw -## Minor tidying and fixing. -## -## Revision 1.26 2000/06/17 10:33:43 mdw -## Lots of new ciphers and other files. -## -## Revision 1.25 2000/02/12 18:55:40 mdw -## Make it all compile properly. -## -## Revision 1.24 2000/02/12 18:22:26 mdw -## Missed a file. Whoops. -## -## Revision 1.23 2000/02/12 18:21:01 mdw -## Overhaul of key management (again). -## -## Revision 1.22 1999/12/22 16:04:06 mdw -## Lots of new files. -## -## Revision 1.21 1999/12/13 15:47:58 mdw -## Fix a couple of minor bugs in the distribution set. -## -## Revision 1.19 1999/12/11 10:58:24 mdw -## Fix bug in test rig link flags. Add Karatsuba squaring. -## -## Revision 1.18 1999/12/10 23:30:01 mdw -## Lots of new files. -## -## Revision 1.17 1999/11/25 11:38:31 mdw -## Support for conversions between MPs and C integers. -## -## Revision 1.16 1999/11/22 20:51:33 mdw -## Add yet more source files. -## -## Revision 1.15 1999/11/22 14:08:30 mdw -## Improve dependencies for test programs. -## -## Revision 1.14 1999/11/22 00:17:09 mdw -## Create object files for test programs so that rebuilding doesn't take so -## long. -## -## Revision 1.12 1999/11/20 22:36:26 mdw -## Improve dependencies. Move mpx testing into mpx.c. -## -## Revision 1.11 1999/11/20 22:24:53 mdw -## Add Diffie-Hellman support. -## -## Revision 1.10 1999/11/19 19:28:24 mdw -## Add DSA files and tests. -## -## Revision 1.9 1999/11/17 18:05:35 mdw -## Many new files and test cases for multiprecision arithmetic. -## -## Revision 1.8 1999/11/13 01:56:07 mdw -## Include multiprecision maths stuff. -## -## Revision 1.7 1999/11/11 19:01:02 mdw -## Use `libtool' to generate a shared library. -## -## Revision 1.6 1999/11/11 17:47:34 mdw -## Updates for new configuration system, and `mptypes' generator. -## -## Revision 1.5 1999/11/11 00:59:17 mdw -## Minor reformatting. -## -## Revision 1.4 1999/10/24 10:20:36 mdw -## Modify for standalone distribution. The library's getting far too large -## to be sensibly embedded in other programs. -## -## Revision 1.3 1999/10/24 10:04:26 mdw -## Install headers in the right directory. -## -## Revision 1.2 1999/10/23 12:55:35 mdw -## The `CVS' directory can't be hardlinked. Don't worry about this -## overmuch. -## -## Revision 1.1 1999/09/03 08:41:11 mdw -## Initial import. -## - AUTOMAKE_OPTIONS = foreign SUBDIRS = tests @@ -373,6 +116,7 @@ ptab.c: ptab.in p-gentab.awk mpdump gciphertab.c: gengctab $(srcdir)/gengctab gccipher gcipher >gciphertab.c.new \ "lit(join(`ciphers', `-', `cipher_modes')) \ + lit(join(`hashes', `-', `_(mgf)')) \ rc4 seal" mv gciphertab.c.new gciphertab.c @@ -383,7 +127,8 @@ gmactab.c: gengctab ghashtab.c: gengctab $(srcdir)/gengctab gchash ghash >ghashtab.c.new \ - "lit(`hashes')" + "lit(`hashes') \ + crc32=gcrc32" mv ghashtab.c.new ghashtab.c BUILT_SOURCES = \ @@ -413,7 +158,7 @@ pkginclude_HEADERS = \ primetab.h pfilt.h rabin.h \ pgen.h prim.h strongprime.h limlee.h keycheck.h \ bbs.h rsa.h dh.h dsarand.h dsa.h gdsa.h gkcdsa.h \ - oaep.h pkcs1.h pss.h tlsprf.h sslprf.h \ + tlsprf.h sslprf.h \ gfshare.h share.h \ rho.h \ field.h ec.h ec-exp.h ec-test.h ectab.h ec-keys.h ec-raw.h \ @@ -564,7 +309,8 @@ man_MANS = key.1 hashsum.1 keyring.5 pixie.1 ## --- Other handy definitions --- EXTRA_DIST = \ - Makefile.m4 genmodes gengctab $(man_MANS) xpixie group-test.c \ + Makefile.m4 genmodes gengctab $(man_MANS) xpixie \ + group-test.c rsa-test.c \ ectab.in ec-gentab.awk ptab.in p-gentab.awk \ README.cipher README.hash README.random README.mp \ debian/rules debian/copyright debian/control debian/changelog \ @@ -606,7 +352,6 @@ adorn(`nl`'CTESTRIG(', `hashes', `)') adorn(`nl`'CTESTRIG(', join(`ciphers', `-', `cipher_modes'), `)') adorn(`nl`'CTESTRIG(', join(`hashes', `-', `hash_modes'), `)') CTESTRIG(lcrand) -CTESTRIG(oaep) CTESTRIG(tlsprf) CTESTRIG(sslprf) CTESTRIG(mpx) @@ -628,6 +373,7 @@ CTESTRIG(mpmont-mexp) CTESTRIG(mpreduce) CTESTRIG(mpcrt) CTESTRIG(mpmul) +CTESTRIG(rsa-test) CTESTRIG(gfx) CTESTRIG(gfx-sqr) CTESTRIG(gfx-kmul) diff --git a/acconfig.h b/acconfig.h index a9f3737..5ad9adc 100644 --- a/acconfig.h +++ b/acconfig.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: acconfig.h,v 1.3 2000/06/17 12:57:46 mdw Exp $ + * $Id: acconfig.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Configuration header for Catacomb * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: acconfig.h,v $ - * Revision 1.3 2000/06/17 12:57:46 mdw - * New free counter noise generator, for use if /dev/random is - * unavailable. - * - * Revision 1.2 1999/12/10 23:30:08 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - #ifndef CATACOMB_ACCONFIG_H #define CATACOMB_ACCONFIG_H diff --git a/arena.c b/arena.c index 947a8a2..f4c94d8 100644 --- a/arena.c +++ b/arena.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: arena.c,v 1.1 2000/06/17 10:40:10 mdw Exp $ + * $Id: arena.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Abstraction for memory allocation arenas * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: arena.c,v $ - * Revision 1.1 2000/06/17 10:40:10 mdw - * Support for secure memory arenas. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/arena.h b/arena.h index ae1bf2a..08d004e 100644 --- a/arena.h +++ b/arena.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: arena.h,v 1.1 2000/06/17 10:40:10 mdw Exp $ + * $Id: arena.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Abstraction for memory allocation arenas * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: arena.h,v $ - * Revision 1.1 2000/06/17 10:40:10 mdw - * Support for secure memory arenas. - * - */ - #ifndef CATACOMB_ARENA_H #define CATACOMB_ARENA_H diff --git a/bbs-fetch.c b/bbs-fetch.c index e0597a0..20eee08 100644 --- a/bbs-fetch.c +++ b/bbs-fetch.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: bbs-fetch.c,v 1.2 2000/07/01 11:19:22 mdw Exp $ + * $Id: bbs-fetch.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Key fetching for BBS public and private keys * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: bbs-fetch.c,v $ - * Revision 1.2 2000/07/01 11:19:22 mdw - * New functions for freeing public and private keys. - * - * Revision 1.1 2000/06/17 10:41:45 mdw - * Table for driving key data extraction. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "bbs.h" diff --git a/bbs-gen.c b/bbs-gen.c index c90ee40..9afa245 100644 --- a/bbs-gen.c +++ b/bbs-gen.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: bbs-gen.c,v 1.5 2000/07/01 11:20:36 mdw Exp $ + * $Id: bbs-gen.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Generate Blum integers * @@ -27,26 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: bbs-gen.c,v $ - * Revision 1.5 2000/07/01 11:20:36 mdw - * Remove bad type name `bbs_param'. - * - * Revision 1.4 2000/06/17 10:43:57 mdw - * Move GCD filter to separate file. Handle failures from pgen_jump. - * - * Revision 1.3 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.2 1999/12/22 15:52:28 mdw - * Reworking for new prime-search system. - * - * Revision 1.1 1999/12/10 23:14:59 mdw - * Blum-Blum-Shub generator, and Blum-Goldwasser encryption. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/bbs-jump.c b/bbs-jump.c index 428915d..135d048 100644 --- a/bbs-jump.c +++ b/bbs-jump.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: bbs-jump.c,v 1.4 2000/07/01 11:20:36 mdw Exp $ + * $Id: bbs-jump.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Jumping around a BBS sequence * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: bbs-jump.c,v $ - * Revision 1.4 2000/07/01 11:20:36 mdw - * Remove bad type name `bbs_param'. - * - * Revision 1.3 2000/06/17 10:44:17 mdw - * Typesetting fix. - * - * Revision 1.2 1999/12/22 15:52:08 mdw - * Rename `bbs_params' to `bbs_param' for consistency. - * - * Revision 1.1 1999/12/10 23:14:59 mdw - * Blum-Blum-Shub generator, and Blum-Goldwasser encryption. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "bbs.h" diff --git a/bbs-rand.c b/bbs-rand.c index abe1e72..3d2563a 100644 --- a/bbs-rand.c +++ b/bbs-rand.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: bbs-rand.c,v 1.4 2001/02/03 12:00:29 mdw Exp $ + * $Id: bbs-rand.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Blum-Blum-Shub secure random number generator * @@ -27,25 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: bbs-rand.c,v $ - * Revision 1.4 2001/02/03 12:00:29 mdw - * Now @mp_drop@ checks its argument is non-NULL before attempting to free - * it. Note that the macro version @MP_DROP@ doesn't do this. - * - * Revision 1.3 2000/06/17 10:45:21 mdw - * Typesetting fixes. Advertise random number generator strength. Use - * secure arena for memory allocation. - * - * Revision 1.2 1999/12/13 15:34:01 mdw - * Add support for seeding from a generic pseudorandom source. - * - * Revision 1.1 1999/12/10 23:14:59 mdw - * Blum-Blum-Shub generator, and Blum-Goldwasser encryption. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/bbs.h b/bbs.h index b83b87f..7c9cbda 100644 --- a/bbs.h +++ b/bbs.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: bbs.h,v 1.6 2001/02/03 16:07:33 mdw Exp $ + * $Id: bbs.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * The Blum-Blum-Shub random bit generator * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: bbs.h,v $ - * Revision 1.6 2001/02/03 16:07:33 mdw - * Give generic random objects separate namespaces for their supported misc - * ops. - * - * Revision 1.5 2000/07/01 11:20:24 mdw - * New functions for freeing public and private keys. Remove bad type name - * `bbs_param'. - * - * Revision 1.4 2000/06/17 10:45:48 mdw - * Minor changes for key fetching. Typesetting fixes. - * - * Revision 1.3 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.2 1999/12/22 15:52:08 mdw - * Rename `bbs_params' to `bbs_param' for consistency. - * - * Revision 1.1 1999/12/10 23:14:59 mdw - * Blum-Blum-Shub generator, and Blum-Goldwasser encryption. - * - */ - /*----- Notes on the BBS generator ----------------------------------------* * * The Blum-Blum-Shub generator takes the least significant bits from the diff --git a/bitops.h b/bitops.h index 5b91ce3..f6668bc 100644 --- a/bitops.h +++ b/bitops.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: bitops.h,v 1.1 2002/10/19 17:56:50 mdw Exp $ + * $Id: bitops.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Bit operations by truth table * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: bitops.h,v $ - * Revision 1.1 2002/10/19 17:56:50 mdw - * Fix bit operations. Test them (a bit) better. - * - */ - #ifndef CATACOMB_BITOPS_H #define CATACOMB_BITOPS_H diff --git a/bittest.c b/bittest.c index 54bc6d5..b246d7a 100644 --- a/bittest.c +++ b/bittest.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: bittest.c,v 1.1 2002/10/19 17:56:50 mdw Exp $ + * $Id: bittest.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Check the bit operations work * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: bittest.c,v $ - * Revision 1.1 2002/10/19 17:56:50 mdw - * Fix bit operations. Test them (a bit) better. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/blkc.h b/blkc.h index 5a7d3ec..dfbd4f7 100644 --- a/blkc.h +++ b/blkc.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: blkc.h,v 1.6 2004/04/02 01:03:49 mdw Exp $ + * $Id: blkc.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Common definitions for block ciphers * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: blkc.h,v $ - * Revision 1.6 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.5 2001/05/07 17:28:42 mdw - * Support block ciphers with larger blocks. - * - * Revision 1.4 2001/04/29 17:39:15 mdw - * Removed `-sched' tests. Reorganized so that we can theoretically have - * multiple tests in the same file. (This isn't so useful in production, - * but it's handy when doing test builds.) - * - * Revision 1.3 2000/06/17 10:47:06 mdw - * Slight support for 96-bit ciphers. Support for counter-mode ciphers. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - #ifndef CATACOMB_BLKC_H #define CATACOMB_BLKC_H diff --git a/blowfish-mktab.c b/blowfish-mktab.c index 763703a..37a9b53 100644 --- a/blowfish-mktab.c +++ b/blowfish-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: blowfish-mktab.c,v 1.2 2000/07/16 12:33:11 mdw Exp $ + * $Id: blowfish-mktab.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Build Blowfish key table * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: blowfish-mktab.c,v $ - * Revision 1.2 2000/07/16 12:33:11 mdw - * Shut stupid compiler up. - * - * Revision 1.1 2000/06/17 10:47:28 mdw - * Emits Blowfish initial key data, derived from the digits of pi. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/blowfish.c b/blowfish.c index c57ebb2..56f25c7 100644 --- a/blowfish.c +++ b/blowfish.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: blowfish.c,v 1.3 2004/04/02 01:03:49 mdw Exp $ + * $Id: blowfish.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The Blowfish block cipher * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: blowfish.c,v $ - * Revision 1.3 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.2 2000/06/17 10:47:56 mdw - * Tidy round function a little. Support new key size interface. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/blowfish.h b/blowfish.h index c8c0444..3f44404 100644 --- a/blowfish.h +++ b/blowfish.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: blowfish.h,v 1.3 2000/06/17 10:48:13 mdw Exp $ + * $Id: blowfish.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The Blowfish block cipher * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: blowfish.h,v $ - * Revision 1.3 2000/06/17 10:48:13 mdw - * Support new key size interface. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - /*----- Notes on the Blowfish block cipher --------------------------------* * * Blowfish was invented by Bruce Schneier. The algorithm is unpatented and diff --git a/buf.c b/buf.c index b4cbb71..3a09365 100644 --- a/buf.c +++ b/buf.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: buf.c,v 1.3 2004/04/01 12:50:09 mdw Exp $ + * $Id: buf.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Buffer handling * @@ -27,37 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: buf.c,v $ - * Revision 1.3 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.2 2003/11/10 22:18:30 mdw - * Build fixes. - * - * Revision 1.1 2003/10/11 21:02:33 mdw - * Import buf stuff from tripe. - * - * Revision 1.4 2001/06/19 22:09:54 mdw - * Expose interface, for use in the proxy. - * - * Revision 1.3 2001/03/03 12:06:48 mdw - * Use 16-bit lengths on MPs, since there's a packet limit of 64K anyway. - * - * Revision 1.2 2001/02/16 21:23:20 mdw - * Various minor changes. Check that MPs are in canonical form when - * loading. - * - * Revision 1.1 2001/02/03 20:26:37 mdw - * Initial checkin. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/buf.h b/buf.h index 6307c26..a83985c 100644 --- a/buf.h +++ b/buf.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: buf.h,v 1.3 2004/04/01 12:50:09 mdw Exp $ + * $Id: buf.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Reading and writing packet buffers * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: buf.h,v $ - * Revision 1.3 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.2 2003/11/10 22:18:30 mdw - * Build fixes. - * - * Revision 1.1 2003/10/11 21:02:33 mdw - * Import buf stuff from tripe. - * - * Revision 1.1 2001/06/19 22:09:54 mdw - * Expose interface, for use in the proxy. - * - */ - #ifndef CATACOMB_BUF_H #define CATACOMB_BUF_H diff --git a/calc/ec2.cal b/calc/ec2.cal index 9159f54..325914b 100644 --- a/calc/ec2.cal +++ b/calc/ec2.cal @@ -1,6 +1,6 @@ /* -*-apcalc-*- * - * $Id: ec2.cal,v 1.3 2004/04/01 12:50:27 mdw Exp $ + * $Id: ec2.cal,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Testbed for elliptic curve arithmetic over binary fields * @@ -27,29 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec2.cal,v $ - * Revision 1.3 2004/04/01 12:50:27 mdw - * Remove debugging code. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.1.4.2 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.1.4.1 2003/06/10 13:43:53 mdw - * Simple (non-projective) curves over prime fields now seem to work. - * - * Revision 1.1 2000/10/08 16:01:37 mdw - * Prototypes of various bits of code. - * - */ - /*----- Object types ------------------------------------------------------*/ obj ec2_curve { a, b, p }; diff --git a/calc/ecp.cal b/calc/ecp.cal index 10ed9e4..0163d5e 100644 --- a/calc/ecp.cal +++ b/calc/ecp.cal @@ -1,6 +1,6 @@ /* -*-apcalc-*- * - * $Id: ecp.cal,v 1.4 2004/04/01 13:37:07 mdw Exp $ + * $Id: ecp.cal,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Testbed for elliptic curve arithmetic over prime fields * @@ -27,29 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ecp.cal,v $ - * Revision 1.4 2004/04/01 13:37:07 mdw - * Keep numbers positive. - * - * Revision 1.3 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.4.2 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.1.4.1 2003/06/10 13:43:53 mdw - * Simple (non-projective) curves over prime fields now seem to work. - * - * Revision 1.1 2000/10/08 16:01:37 mdw - * Prototypes of various bits of code. - * - */ - /*----- Object types ------------------------------------------------------*/ obj ecp_curve { a, b, p }; diff --git a/calc/gfx-test.cal b/calc/gfx-test.cal index 4bdee42..25846ef 100644 --- a/calc/gfx-test.cal +++ b/calc/gfx-test.cal @@ -1,6 +1,6 @@ /* -*-apcalc-*- * - * $Id: gfx-test.cal,v 1.1 2000/10/08 16:01:37 mdw Exp $ + * $Id: gfx-test.cal,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generate test cases for %$\gf{2}[x]$% arithmetic * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfx-test.cal,v $ - * Revision 1.1 2000/10/08 16:01:37 mdw - * Prototypes of various bits of code. - * - */ - /*----- External units ----------------------------------------------------*/ read gfx; diff --git a/calc/gfx.cal b/calc/gfx.cal index 446061e..45f534b 100644 --- a/calc/gfx.cal +++ b/calc/gfx.cal @@ -1,6 +1,6 @@ /* -*-apcalc-*- * - * $Id: gfx.cal,v 1.2 2004/03/21 22:52:06 mdw Exp $ + * $Id: gfx.cal,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Testbed for %$\gf{2}$% poltnomial arithmetic * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfx.cal,v $ - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.4.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.1 2000/10/08 16:01:37 mdw - * Prototypes of various bits of code. - * - */ - /*----- Object types ------------------------------------------------------*/ obj gf { x }; diff --git a/cast-base.h b/cast-base.h index 387b95a..02f93b6 100644 --- a/cast-base.h +++ b/cast-base.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cast-base.h,v 1.2 2004/04/02 01:03:49 mdw Exp $ + * $Id: cast-base.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Basic macros and definitions for CAST-128 and CAST-256 * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cast-base.h,v $ - * Revision 1.2 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.1 2000/06/17 10:48:29 mdw - * CAST round function macros. - * - */ - #ifndef CATACOMB_CAST_BASE_H #define CATACOMB_CAST_BASE_H diff --git a/cast-s.c b/cast-s.c index 2bd3e28..541bfeb 100644 --- a/cast-s.c +++ b/cast-s.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cast-s.c,v 1.2 2004/04/02 01:03:49 mdw Exp $ + * $Id: cast-s.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Basic S-boxes for CAST-128 and CAST-256 * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cast-s.c,v $ - * Revision 1.2 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.1 2000/06/17 10:48:52 mdw - * CAST S-boxes. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/cast-sk.c b/cast-sk.c index 98174a3..bdc74fe 100644 --- a/cast-sk.c +++ b/cast-sk.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cast-sk.c,v 1.2 2004/04/02 01:03:49 mdw Exp $ + * $Id: cast-sk.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Key-schedule S-boxes for CAST-128 * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cast-sk.c,v $ - * Revision 1.2 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.1 2000/06/17 10:48:52 mdw - * CAST S-boxes. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/cast-tab.h b/cast-tab.h index e9f721b..b6797bf 100644 --- a/cast-tab.h +++ b/cast-tab.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cast-tab.h,v 1.1 2000/06/17 10:49:05 mdw Exp $ + * $Id: cast-tab.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * S-boxes for CAST-128 and CAST-256 * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cast-tab.h,v $ - * Revision 1.1 2000/06/17 10:49:05 mdw - * CAST S-box contents. - * - */ - #ifndef CATACOMB_CAST_TAB_H #define CATACOMB_CAST_TAB_H diff --git a/cast128.c b/cast128.c index b985da2..1032b27 100644 --- a/cast128.c +++ b/cast128.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cast128.c,v 1.1 2000/06/17 10:49:14 mdw Exp $ + * $Id: cast128.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The CAST-128 block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cast128.c,v $ - * Revision 1.1 2000/06/17 10:49:14 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/cast128.h b/cast128.h index 8d8aa33..cf027b2 100644 --- a/cast128.h +++ b/cast128.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cast128.h,v 1.1 2000/06/17 10:49:14 mdw Exp $ + * $Id: cast128.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The CAST-128 block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cast128.h,v $ - * Revision 1.1 2000/06/17 10:49:14 mdw - * New cipher. - * - */ - /*----- Notes on the CAST-128 block cipher --------------------------------* * * CAST, designed by Carlisle Adams and Stafford Tavares, is a method for diff --git a/cast256.c b/cast256.c index df8ac38..be06c9e 100644 --- a/cast256.c +++ b/cast256.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cast256.c,v 1.1 2000/06/17 10:49:14 mdw Exp $ + * $Id: cast256.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The CAST-256 block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cast256.c,v $ - * Revision 1.1 2000/06/17 10:49:14 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/cast256.h b/cast256.h index d22e1ea..018550c 100644 --- a/cast256.h +++ b/cast256.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cast256.h,v 1.1 2000/06/17 10:49:14 mdw Exp $ + * $Id: cast256.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The CAST-128 block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cast256.h,v $ - * Revision 1.1 2000/06/17 10:49:14 mdw - * New cipher. - * - */ - /*----- Notes on the CAST-256 block cipher --------------------------------* * * CAST, designed by Carlisle Adams and Stafford Tavares, is a method for diff --git a/catacomb-config.in b/catacomb-config.in index dbcd691..8b460e0 100755 --- a/catacomb-config.in +++ b/catacomb-config.in @@ -1,6 +1,6 @@ #! /bin/sh # -# $Id: catacomb-config.in,v 1.1 1999/11/11 17:38:31 mdw Exp $ +# $Id: catacomb-config.in,v 1.2 2004/04/08 01:36:15 mdw Exp $ # # Provide configuration information for Catacomb clients # @@ -26,13 +26,6 @@ # Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, # MA 02111-1307, USA. -#----- Revision history ----------------------------------------------------- -# -# $Log: catacomb-config.in,v $ -# Revision 1.1 1999/11/11 17:38:31 mdw -# New library configuration system. -# - #----- Configuration -------------------------------------------------------- prefix=@prefix@ diff --git a/cbc-def.h b/cbc-def.h index 5b89ab1..c0fc600 100644 --- a/cbc-def.h +++ b/cbc-def.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cbc-def.h,v 1.4 2004/04/02 01:03:49 mdw Exp $ + * $Id: cbc-def.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Definitions for cipher block chaining mode * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cbc-def.h,v $ - * Revision 1.4 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.3 2001/06/17 00:10:51 mdw - * Typesetting fixes - * - * Revision 1.2 2000/06/17 10:49:52 mdw - * Use secure arena for memory allocation. - * - * Revision 1.1 1999/12/10 23:16:39 mdw - * Split mode macros into interface and implementation. - * - */ - #ifndef CATACOMB_CBC_DEF_H #define CATACOMB_CBC_DEF_H diff --git a/cbc.h b/cbc.h index 2f0e923..1b51009 100644 --- a/cbc.h +++ b/cbc.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cbc.h,v 1.3 2001/06/17 00:10:51 mdw Exp $ + * $Id: cbc.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Ciphertext block chaining for block ciphers * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cbc.h,v $ - * Revision 1.3 2001/06/17 00:10:51 mdw - * Typesetting fixes - * - * Revision 1.2 1999/12/10 23:16:39 mdw - * Split mode macros into interface and implementation. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - #ifndef CATACOMB_CBC_H #define CATACOMB_CBC_H diff --git a/cfb-def.h b/cfb-def.h index 1d983f3..647aa26 100644 --- a/cfb-def.h +++ b/cfb-def.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cfb-def.h,v 1.4 2004/04/02 01:03:49 mdw Exp $ + * $Id: cfb-def.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Definitions for ciphertext feedback mode * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cfb-def.h,v $ - * Revision 1.4 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.3 2001/06/17 00:10:51 mdw - * Typesetting fixes - * - * Revision 1.2 2000/06/17 10:50:39 mdw - * Use secure arena for memory allocation. Rearrange setiv slightly. - * - * Revision 1.1 1999/12/10 23:16:39 mdw - * Split mode macros into interface and implementation. - * - */ - #ifndef CATACOMB_CFB_DEF_H #define CATACOMB_CFB_DEF_H diff --git a/cfb.h b/cfb.h index d6ce6a8..16885b7 100644 --- a/cfb.h +++ b/cfb.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: cfb.h,v 1.4 2001/06/17 00:10:51 mdw Exp $ + * $Id: cfb.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Ciphertext feedback for block ciphers * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: cfb.h,v $ - * Revision 1.4 2001/06/17 00:10:51 mdw - * Typesetting fixes - * - * Revision 1.3 2000/06/17 10:50:55 mdw - * Change buffer offset to be unsigned. - * - * Revision 1.2 1999/12/10 23:16:39 mdw - * Split mode macros into interface and implementation. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - #ifndef CATACOMB_CFB_H #define CATACOMB_CFB_H diff --git a/configure.in b/configure.in index 7e2245d..f7761b7 100644 --- a/configure.in +++ b/configure.in @@ -1,6 +1,6 @@ dnl -*-m4-*- dnl -dnl $Id: configure.in,v 1.27 2004/03/21 22:52:06 mdw Exp $ +dnl $Id: configure.in,v 1.28 2004/04/08 01:36:15 mdw Exp $ dnl dnl Autoconfiguration for Catacomb dnl @@ -26,67 +26,6 @@ dnl License along with Catacomb; if not, write to the Free dnl Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, dnl MA 02111-1307, USA. -dnl ----- Revision history -------------------------------------------------- -dnl -dnl $Log: configure.in,v $ -dnl Revision 1.27 2004/03/21 22:52:06 mdw -dnl Merge and close elliptic curve branch. -dnl -dnl Revision 1.24.2.1 2003/06/10 13:43:53 mdw -dnl Simple (non-projective) curves over prime fields now seem to work. -dnl -dnl Revision 1.26 2003/11/29 23:39:36 mdw -dnl Debianization. -dnl -dnl Revision 1.25 2003/10/11 21:02:33 mdw -dnl Import buf stuff from tripe. -dnl -dnl Revision 1.24 2003/05/16 00:30:28 mdw -dnl Version bump. -dnl -dnl Revision 1.23 2001/03/04 13:09:40 mdw -dnl Mark dependency on mLib 2.0.0pre4 now. -dnl -dnl Revision 1.21 2000/10/08 12:01:28 mdw -dnl Reinstate the `-pedantic' option. -dnl -dnl Revision 1.20 2000/08/15 21:45:25 mdw -dnl New library configuration stuff from `common'. -dnl -dnl Revision 1.13 2000/06/17 13:51:03 mdw -dnl Whoops. Too eager with the mLib version. -dnl -dnl Revision 1.12 2000/06/17 12:57:47 mdw -dnl New free counter noise generator, for use if /dev/random is -dnl unavailable. -dnl -dnl Revision 1.11 2000/06/17 10:51:23 mdw -dnl Version number changes. Find maths library for Maurer's test. -dnl -dnl Revision 1.10 1999/12/22 16:03:31 mdw -dnl New mLib version. Find socket functions for pixie. -dnl -dnl Revision 1.7 1999/11/13 01:55:48 mdw -dnl Don't be pedantic, because using `long long' as a multiprecision type -dnl gets complained about. -dnl -dnl Revision 1.6 1999/11/11 18:56:14 mdw -dnl Use `libtool' to generate a shared library. -dnl -dnl Revision 1.5 1999/11/11 17:47:34 mdw -dnl Updates for new configuration system, and `mptypes' generator. -dnl -dnl Revision 1.4 1999/11/11 00:58:19 mdw -dnl Use canned check for `ssize_t'. -dnl -dnl Revision 1.3 1999/10/24 10:20:36 mdw -dnl Modify for standalone distribution. The library's getting far too large -dnl to be sensibly embedded in other programs. -dnl -dnl Revision 1.1 1999/09/03 08:41:11 mdw -dnl Initial import. -dnl - dnl --- Boring boilerplate --- AC_INIT(blkc.h) diff --git a/counter-def.h b/counter-def.h index e9ee952..315e1c1 100644 --- a/counter-def.h +++ b/counter-def.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: counter-def.h,v 1.3 2004/04/02 01:03:49 mdw Exp $ + * $Id: counter-def.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Block cipher counter mode (or long cycle mode) * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: counter-def.h,v $ - * Revision 1.3 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.2 2001/06/17 00:10:51 mdw - * Typesetting fixes - * - * Revision 1.1 2000/06/17 10:51:42 mdw - * Counter mode ciphers and pseudo-random generator. - * - */ - #ifndef CATACOMB_COUNTER_DEF_H #define CATACOMB_COUNTER_DEF_H diff --git a/counter.h b/counter.h index d720c99..ac49796 100644 --- a/counter.h +++ b/counter.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: counter.h,v 1.3 2002/01/13 13:43:35 mdw Exp $ + * $Id: counter.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Block cipher counter mode (or long cycle mode) * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: counter.h,v $ - * Revision 1.3 2002/01/13 13:43:35 mdw - * Indentation fix. - * - * Revision 1.2 2001/06/17 00:10:51 mdw - * Typesetting fixes - * - * Revision 1.1 2000/06/17 10:51:42 mdw - * Counter mode ciphers and pseudo-random generator. - * - */ - #ifndef CATACOMB_COUNTER_H #define CATACOMB_COUNTER_H diff --git a/crc32.c b/crc32.c index 7077fa6..f6590aa 100644 --- a/crc32.c +++ b/crc32.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: crc32.c,v 1.2 2004/03/21 23:52:58 mdw Exp $ + * $Id: crc32.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Generic hash wrapper for CRC32 * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: crc32.c,v $ - * Revision 1.2 2004/03/21 23:52:58 mdw - * Ooops, how did that slip by? Fix return type of @ghcopy@. - * - * Revision 1.1 2001/04/19 18:26:32 mdw - * Add CRC as another hash function. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/crc32.h b/crc32.h index cb07943..86eef42 100644 --- a/crc32.h +++ b/crc32.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: crc32.h,v 1.1 2001/04/19 18:26:32 mdw Exp $ + * $Id: crc32.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generic hash wrapper for CRC32 * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: crc32.h,v $ - * Revision 1.1 2001/04/19 18:26:32 mdw - * Add CRC as another hash function. - * - */ - #ifndef CATACOMB_CRC32_H #define CATACOMB_CRC32_H diff --git a/daftstory.h b/daftstory.h index c4b1bad..055eba2 100644 --- a/daftstory.h +++ b/daftstory.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: daftstory.h,v 1.3 1999/12/10 23:29:48 mdw Exp $ + * $Id: daftstory.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Daft story for use in test encryptions * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: daftstory.h,v $ - * Revision 1.3 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.2 1999/11/11 00:58:38 mdw - * Use fewer copies of the silly story to improve performance. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - #ifndef CATACOMB_DAFTSTORY_H #define CATACOMB_DAFTSTORY_H diff --git a/des-base.c b/des-base.c index c42d03c..7619a34 100644 --- a/des-base.c +++ b/des-base.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: des-base.c,v 1.3 2004/04/02 01:03:49 mdw Exp $ + * $Id: des-base.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Common features for DES implementation * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: des-base.c,v $ - * Revision 1.3 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.2 2000/06/17 10:52:01 mdw - * Change name for S-box header file. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/des-base.h b/des-base.h index 2f06754..086c68e 100644 --- a/des-base.h +++ b/des-base.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: des-base.h,v 1.3 2004/04/02 01:03:49 mdw Exp $ + * $Id: des-base.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Common features for DES implementation * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: des-base.h,v $ - * Revision 1.3 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - #ifndef CATACOMB_DES_BASE_H #define CATACOMB_DES_BASE_H diff --git a/des-mktab.c b/des-mktab.c index a4914b2..e41e372 100644 --- a/des-mktab.c +++ b/des-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: des-mktab.c,v 1.4 2000/10/08 12:12:23 mdw Exp $ + * $Id: des-mktab.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Build combined S-P tables for DES * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: des-mktab.c,v $ - * Revision 1.4 2000/10/08 12:12:23 mdw - * Improve @const@-correctness. - * - * Revision 1.3 2000/06/17 10:52:14 mdw - * Change name for S-box header file. - * - * Revision 1.2 1999/12/22 16:02:30 mdw - * Output the table with the correct new header guard names. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/des.c b/des.c index d48637b..822a12f 100644 --- a/des.c +++ b/des.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: des.c,v 1.2 2000/06/17 10:52:32 mdw Exp $ + * $Id: des.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Data Encryption Standard * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: des.c,v $ - * Revision 1.2 2000/06/17 10:52:32 mdw - * Support new key size interface. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/des.h b/des.h index d62d72c..b24037b 100644 --- a/des.h +++ b/des.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: des.h,v 1.3 2000/06/17 10:52:32 mdw Exp $ + * $Id: des.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The Data Encryption Standard * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: des.h,v $ - * Revision 1.3 2000/06/17 10:52:32 mdw - * Support new key size interface. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - /*----- Notes on the Data Encryption Standard -----------------------------* * * Almost twenty years after it was first accepted, DES is still the standard diff --git a/des3.c b/des3.c index 61d96c3..1b08d2e 100644 --- a/des3.c +++ b/des3.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: des3.c,v 1.2 2000/06/17 10:52:32 mdw Exp $ + * $Id: des3.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Implementation of double- and triple-DES * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: des3.c,v $ - * Revision 1.2 2000/06/17 10:52:32 mdw - * Support new key size interface. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/des3.h b/des3.h index 0a276f3..0e08f26 100644 --- a/des3.h +++ b/des3.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: des3.h,v 1.3 2000/06/17 10:52:32 mdw Exp $ + * $Id: des3.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Implementation of double- and triple-DES * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: des3.h,v $ - * Revision 1.3 2000/06/17 10:52:32 mdw - * Support new key size interface. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:11 mdw - * Initial import. - * - */ - #ifndef CATACOMB_DES3_H #define CATACOMB_DES3_H diff --git a/desx-tab.h b/desx-tab.h index 119928d..2050443 100644 --- a/desx-tab.h +++ b/desx-tab.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: desx-tab.h,v 1.1 2001/04/03 19:36:50 mdw Exp $ + * $Id: desx-tab.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Tables for DESX * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: desx-tab.h,v $ - * Revision 1.1 2001/04/03 19:36:50 mdw - * New block cipher DESX added. - * - */ - #ifndef CATACOMB_DESX_TAB_H #define CATACOMB_DESX_TAB_H diff --git a/desx.c b/desx.c index 060815d..6c513f3 100644 --- a/desx.c +++ b/desx.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: desx.c,v 1.2 2004/04/02 01:03:49 mdw Exp $ + * $Id: desx.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Implementation of DESX * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: desx.c,v $ - * Revision 1.2 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.1 2001/04/03 19:36:50 mdw - * New block cipher DESX added. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/desx.h b/desx.h index f6129d8..5b9ab96 100644 --- a/desx.h +++ b/desx.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: desx.h,v 1.1 2001/04/03 19:36:50 mdw Exp $ + * $Id: desx.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The DESX algorithm * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: desx.h,v $ - * Revision 1.1 2001/04/03 19:36:50 mdw - * New block cipher DESX added. - * - */ - /*----- Notes on DESX -----------------------------------------------------* * * DESX was designed by Ron Rivest in 1986 as a simple and cheap way to diff --git a/dh-check.c b/dh-check.c index f9317f5..13320a6 100644 --- a/dh-check.c +++ b/dh-check.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dh-check.c,v 1.2 2001/06/16 12:56:38 mdw Exp $ + * $Id: dh-check.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Checks Diffie-Hellman group parameters * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dh-check.c,v $ - * Revision 1.2 2001/06/16 12:56:38 mdw - * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@. - * - * Revision 1.1 2001/02/03 16:08:24 mdw - * Add consistency checking for public keys. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/dh-fetch.c b/dh-fetch.c index 2f25122..5f5c74d 100644 --- a/dh-fetch.c +++ b/dh-fetch.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dh-fetch.c,v 1.2 2000/07/01 11:19:22 mdw Exp $ + * $Id: dh-fetch.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Key fetching for Diffie-Hellman public and private keys * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dh-fetch.c,v $ - * Revision 1.2 2000/07/01 11:19:22 mdw - * New functions for freeing public and private keys. - * - * Revision 1.1 2000/06/17 10:41:45 mdw - * Table for driving key data extraction. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dh.h" diff --git a/dh-gen.c b/dh-gen.c index 1a7ebc6..6e77ea7 100644 --- a/dh-gen.c +++ b/dh-gen.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dh-gen.c,v 1.2 2000/07/29 10:01:58 mdw Exp $ + * $Id: dh-gen.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Generate Diffie-Hellman parameters * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dh-gen.c,v $ - * Revision 1.2 2000/07/29 10:01:58 mdw - * Track change in primitive-element generation. - * - * Revision 1.1 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dh.h" diff --git a/dh-limlee.c b/dh-limlee.c index 2027617..dd11d26 100644 --- a/dh-limlee.c +++ b/dh-limlee.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dh-limlee.c,v 1.2 2000/07/29 17:02:00 mdw Exp $ + * $Id: dh-limlee.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Generate Diffie-Hellman parameters from Lim-Lee primes * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dh-limlee.c,v $ - * Revision 1.2 2000/07/29 17:02:00 mdw - * (dh_limlee): Bug fix. Return @dp->q@ as the subgroup order, which isn't - * necessarily the first factor. - * - * Revision 1.1 2000/07/29 10:01:31 mdw - * Diffie-Hellman parameter generation based on Lim-Lee primes. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dh.h" diff --git a/dh-param.c b/dh-param.c index 66bee09..2e31c83 100644 --- a/dh-param.c +++ b/dh-param.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dh-param.c,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: dh-param.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Reading Diffie-Hellman parameters * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dh-param.c,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dh.h" diff --git a/dh.h b/dh.h index 56dbf0a..5fcb611 100644 --- a/dh.h +++ b/dh.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dh.h,v 1.8 2004/04/01 12:50:09 mdw Exp $ + * $Id: dh.h,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Diffie-Hellman and related public-key systems * @@ -27,34 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dh.h,v $ - * Revision 1.8 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.7 2001/02/03 16:08:24 mdw - * Add consistency checking for public keys. - * - * Revision 1.6 2000/07/29 10:01:16 mdw - * Supply commentry for the Diffie-Hellman parameters. Add Lim-Lee - * parameter generation. - * - * Revision 1.5 2000/07/01 11:20:51 mdw - * New functions for freeing public and private keys. - * - * Revision 1.4 2000/06/17 10:52:47 mdw - * Minor changes for key fetching. - * - * Revision 1.3 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - */ - #ifndef CATACOMB_DH_H #define CATACOMB_DH_H diff --git a/dsa-check.c b/dsa-check.c index 88a5686..5e04b25 100644 --- a/dsa-check.c +++ b/dsa-check.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsa-check.c,v 1.1 2001/02/03 16:08:24 mdw Exp $ + * $Id: dsa-check.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Consistency checking for DSA keys * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsa-check.c,v $ - * Revision 1.1 2001/02/03 16:08:24 mdw - * Add consistency checking for public keys. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dh.h" diff --git a/dsa-gen.c b/dsa-gen.c index cd475bc..482d240 100644 --- a/dsa-gen.c +++ b/dsa-gen.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsa-gen.c,v 1.9 2001/02/03 16:09:29 mdw Exp $ + * $Id: dsa-gen.c,v 1.10 2004/04/08 01:36:15 mdw Exp $ * * Generate DSA shared parameters * @@ -27,40 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsa-gen.c,v $ - * Revision 1.9 2001/02/03 16:09:29 mdw - * Allow the caller to fetch the parameter generation seed and counter. - * - * Revision 1.8 2000/10/08 12:12:47 mdw - * Use @MP_EQ@ instead of @MP_CMP@. Remove vestages of @primorial@. - * - * Revision 1.7 2000/08/15 21:45:05 mdw - * Use the new trial division equipment in pfilt. This gives a 10% - * performance improvement in dsa-gen.t. - * - * Revision 1.6 2000/07/29 10:00:14 mdw - * Rename `dsa_seed' to `dsa_gen' for consistency with other parameter- - * generation interfaces. - * - * Revision 1.5 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.4 1999/12/22 15:52:44 mdw - * Reworking for new prime-search system. - * - * Revision 1.3 1999/12/10 23:18:38 mdw - * Change interface for suggested destinations. - * - * Revision 1.2 1999/11/20 22:23:48 mdw - * Allow event handler to abort the search process. - * - * Revision 1.1 1999/11/19 19:28:00 mdw - * Implementation of the Digital Signature Algorithm. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/dsa-sign.c b/dsa-sign.c index 613a07e..9bb4a5b 100644 --- a/dsa-sign.c +++ b/dsa-sign.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsa-sign.c,v 1.2 1999/12/10 23:18:38 mdw Exp $ + * $Id: dsa-sign.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * DSA signing operation * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsa-sign.c,v $ - * Revision 1.2 1999/12/10 23:18:38 mdw - * Change interface for suggested destinations. - * - * Revision 1.1 1999/11/19 19:28:00 mdw - * Implementation of the Digital Signature Algorithm. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dsa.h" @@ -64,7 +53,7 @@ void dsa_mksig(const dsa_param *dp, mp *a, mp *m, mp *k, mp **rr, mp **ss) { mpmont pm; mpbarrett qb; - mp *k1 = MP_NEW, *r; + mp *k1, *r; mp *ar; /* --- Compute %$r = (g^k \bmod p) \bmod q$% --- */ @@ -76,7 +65,7 @@ void dsa_mksig(const dsa_param *dp, mp *a, mp *m, mp *k, mp **rr, mp **ss) /* --- Compute %$k^{-1} \bmod q$% --- */ - mp_gcd(0, 0, &k1, dp->q, k); + k1 = mp_modinv(MP_NEW, k, dp->q); /* --- Now for %$k^{-1}(m + ar)$% --- */ diff --git a/dsa-verify.c b/dsa-verify.c index a39c11b..dbab2df 100644 --- a/dsa-verify.c +++ b/dsa-verify.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsa-verify.c,v 1.6 2001/06/16 12:56:38 mdw Exp $ + * $Id: dsa-verify.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * DSA signature verification * @@ -27,29 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsa-verify.c,v $ - * Revision 1.6 2001/06/16 12:56:38 mdw - * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@. - * - * Revision 1.5 2000/10/08 12:13:17 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.4 2000/06/17 10:53:35 mdw - * Typesetting fixes. - * - * Revision 1.3 1999/12/10 23:18:38 mdw - * Change interface for suggested destinations. - * - * Revision 1.2 1999/11/23 00:20:04 mdw - * Remove stray debugging code. - * - * Revision 1.1 1999/11/19 19:28:00 mdw - * Implementation of the Digital Signature Algorithm. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dsa.h" @@ -92,8 +69,7 @@ int dsa_vrfy(const dsa_param *dp, mp *y, mp *m, mp *r, mp *s) /* --- Compute %$w = s^{-1} \bmod q$% --- */ { - mp *z = MP_NEW; - mp_gcd(0, 0, &z, dp->q, s); + mp *z = mp_modinv(MP_NEW, s, dp->q); w = mpmont_mul(&qm, MP_NEW, z, qm.r2); mp_drop(z); } diff --git a/dsa.h b/dsa.h index ce7e762..95bd156 100644 --- a/dsa.h +++ b/dsa.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsa.h,v 1.8 2001/02/03 16:08:24 mdw Exp $ + * $Id: dsa.h,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Digital Signature Algorithm * @@ -27,35 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsa.h,v $ - * Revision 1.8 2001/02/03 16:08:24 mdw - * Add consistency checking for public keys. - * - * Revision 1.7 2000/07/29 09:59:44 mdw - * Share data structures with Diffie-Hellman stuff. - * - * Revision 1.6 2000/07/01 11:20:51 mdw - * New functions for freeing public and private keys. - * - * Revision 1.5 2000/06/17 10:53:42 mdw - * Minor changes for key fetching. Typesetting fixes. - * - * Revision 1.4 1999/12/22 15:52:44 mdw - * Reworking for new prime-search system. - * - * Revision 1.3 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.2 1999/11/20 22:23:48 mdw - * Allow event handler to abort the search process. - * - * Revision 1.1 1999/11/19 19:28:00 mdw - * Implementation of the Digital Signature Algorithm. - * - */ - #ifndef CATACOMB_DSA_H #define CATACOMB_DSA_H diff --git a/dsarand.c b/dsarand.c index 4f12b98..ccb2c46 100644 --- a/dsarand.c +++ b/dsarand.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsarand.c,v 1.3 2001/02/03 16:08:56 mdw Exp $ + * $Id: dsarand.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Random number generator for DSA * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsarand.c,v $ - * Revision 1.3 2001/02/03 16:08:56 mdw - * Give generic random objects separate namespaces for their supported misc - * ops. Add operations for reading the current seed value. - * - * Revision 1.2 2000/06/17 10:54:00 mdw - * Typesetting fixes. Arena support. - * - * Revision 1.1 1999/12/22 15:53:12 mdw - * Random number generator for finding DSA parameters. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/dsarand.h b/dsarand.h index 4d36d6d..2d4ea09 100644 --- a/dsarand.h +++ b/dsarand.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsarand.h,v 1.3 2001/02/03 16:08:56 mdw Exp $ + * $Id: dsarand.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Random number generator for DSA * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsarand.h,v $ - * Revision 1.3 2001/02/03 16:08:56 mdw - * Give generic random objects separate namespaces for their supported misc - * ops. Add operations for reading the current seed value. - * - * Revision 1.2 2000/06/17 10:54:14 mdw - * Typesetting fixes. - * - * Revision 1.1 1999/12/22 15:53:12 mdw - * Random number generator for finding DSA parameters. - * - */ - #ifndef CATACOMB_DSARAND_H #define CATACOMB_DSARAND_H diff --git a/dsig.c b/dsig.c index 030ad0a..6e624c6 100644 --- a/dsig.c +++ b/dsig.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsig.c,v 1.9 2004/04/08 01:02:15 mdw Exp $ + * $Id: dsig.c,v 1.10 2004/04/08 01:36:15 mdw Exp $ * * Verify signatures on distribuitions of files * @@ -27,42 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsig.c,v $ - * Revision 1.9 2004/04/08 01:02:15 mdw - * Incompatible change! Add new signature schemes. Key now implies - * algorithms (integrity checked by new fingerprinting rules), so don't put - * that stuff in the manifest. - * - * Revision 1.8 2004/04/04 19:42:59 mdw - * Add set -e. - * - * Revision 1.7 2001/02/23 09:04:17 mdw - * Add new hash functions. Provide full help for subcommands. Run the - * hash function over parts of the header in a canonical order. - * - * Revision 1.6 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.5 2000/10/08 12:12:09 mdw - * Shut up some warnings. - * - * Revision 1.4 2000/08/04 23:23:44 mdw - * Various fixes. - * - * Revision 1.3 2000/07/15 20:53:23 mdw - * More hash functions. Bug fix in getstring. - * - * Revision 1.2 2000/07/01 11:27:22 mdw - * Use new PKCS#1 padding functions rather than rolling by hand. - * - * Revision 1.1 2000/06/17 10:54:29 mdw - * Program to generate and verify signatures on multiple files. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" diff --git a/ec-bin.c b/ec-bin.c index 209e43a..30e19a9 100644 --- a/ec-bin.c +++ b/ec-bin.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-bin.c,v 1.8 2004/04/03 03:32:05 mdw Exp $ + * $Id: ec-bin.c,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Arithmetic for elliptic curves over binary fields * @@ -27,43 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-bin.c,v $ - * Revision 1.8 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.7 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.6 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.5 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.4 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.3 2004/03/22 02:19:09 mdw - * Rationalise the sliding-window threshold. Drop guarantee that right - * arguments to EC @add@ are canonical, and fix up projective implementations - * to cope. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/ec-exp.c b/ec-exp.c index 26953e7..edcf620 100644 --- a/ec-exp.c +++ b/ec-exp.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-exp.c,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: ec-exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Point multiplication for elliptic curves * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-exp.c,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "ec.h" diff --git a/ec-exp.h b/ec-exp.h index 93a576f..fc08fe4 100644 --- a/ec-exp.h +++ b/ec-exp.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-exp.h,v 1.5 2004/04/03 03:32:05 mdw Exp $ + * $Id: ec-exp.h,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Exponentiation operations for elliptic curves * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-exp.h,v $ - * Revision 1.5 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.4 2004/03/22 02:19:10 mdw - * Rationalise the sliding-window threshold. Drop guarantee that right - * arguments to EC @add@ are canonical, and fix up projective implementations - * to cope. - * - * Revision 1.3 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.2.4.1 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.2 2003/05/15 23:25:59 mdw - * Make elliptic curve stuff build. - * - * Revision 1.1 2002/01/13 13:48:44 mdw - * Further progress. - * - */ - #ifndef CATACOMB_EC_EXP_H #define CATACOMB_EC_EXP_H diff --git a/ec-fetch.c b/ec-fetch.c index ed7faa7..cce9d00 100644 --- a/ec-fetch.c +++ b/ec-fetch.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-fetch.c,v 1.1 2004/03/28 01:58:47 mdw Exp $ + * $Id: ec-fetch.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Key fetching for elliptic curve public and private keys * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-fetch.c,v $ - * Revision 1.1 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "ec-keys.h" diff --git a/ec-info.c b/ec-info.c index 0805c26..1a95cd2 100644 --- a/ec-info.c +++ b/ec-info.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-info.c,v 1.4 2004/04/03 03:32:05 mdw Exp $ + * $Id: ec-info.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Elliptic curve information management * @@ -27,29 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-info.c,v $ - * Revision 1.4 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.3 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.2 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.1 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "ec.h" diff --git a/ec-keys.h b/ec-keys.h index c7561e7..7e25319 100644 --- a/ec-keys.h +++ b/ec-keys.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-keys.h,v 1.2 2004/04/01 12:50:09 mdw Exp $ + * $Id: ec-keys.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Elliptic curve key-fetching * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-keys.h,v $ - * Revision 1.2 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.1 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - */ - #ifndef CATACOMB_EC_KEYS_H #define CATACOMB_EC_KEYS_H diff --git a/ec-prime.c b/ec-prime.c index 41ba9c4..8f3c731 100644 --- a/ec-prime.c +++ b/ec-prime.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-prime.c,v 1.10 2004/04/03 03:32:05 mdw Exp $ + * $Id: ec-prime.c,v 1.11 2004/04/08 01:36:15 mdw Exp $ * * Elliptic curves over prime fields * @@ -27,56 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-prime.c,v $ - * Revision 1.10 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.9 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.8 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.7 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - * Revision 1.6 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.5 2004/03/22 02:19:10 mdw - * Rationalise the sliding-window threshold. Drop guarantee that right - * arguments to EC @add@ are canonical, and fix up projective implementations - * to cope. - * - * Revision 1.4 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.3.4.3 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.3.4.2 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.3.4.1 2003/06/10 13:43:53 mdw - * Simple (non-projective) curves over prime fields now seem to work. - * - * Revision 1.3 2003/05/15 23:25:59 mdw - * Make elliptic curve stuff build. - * - * Revision 1.2 2002/01/13 13:48:44 mdw - * Further progress. - * - * Revision 1.1 2001/04/29 18:12:33 mdw - * Prototype version. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/ec-raw.c b/ec-raw.c index ad9b583..4ec9f28 100644 --- a/ec-raw.c +++ b/ec-raw.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-raw.c,v 1.1 2004/04/04 19:04:11 mdw Exp $ + * $Id: ec-raw.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Raw formatting of elliptic curve points * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-raw.c,v $ - * Revision 1.1 2004/04/04 19:04:11 mdw - * Raw I/O of elliptic curve points and group elements. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "ec.h" diff --git a/ec-raw.h b/ec-raw.h index e0fde75..822ab53 100644 --- a/ec-raw.h +++ b/ec-raw.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-raw.h,v 1.1 2004/04/04 19:04:11 mdw Exp $ + * $Id: ec-raw.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Raw formatting of elliptic curve points * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-raw.h,v $ - * Revision 1.1 2004/04/04 19:04:11 mdw - * Raw I/O of elliptic curve points and group elements. - * - */ - #ifndef CATACOMB_EC_RAW_H #define CATACOMB_EC_RAW_H diff --git a/ec-test.c b/ec-test.c index de01ad8..e83e3ee 100644 --- a/ec-test.c +++ b/ec-test.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-test.c,v 1.5 2004/04/02 01:03:49 mdw Exp $ + * $Id: ec-test.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Code for testing elliptic-curve stuff * @@ -27,30 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-test.c,v $ - * Revision 1.5 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.4 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.3 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.2 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - * Revision 1.1 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/ec-test.h b/ec-test.h index a4ca0d7..875ffc6 100644 --- a/ec-test.h +++ b/ec-test.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec-test.h,v 1.1 2004/03/23 15:19:32 mdw Exp $ + * $Id: ec-test.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Elliptic curve test functions * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec-test.h,v $ - * Revision 1.1 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - */ - #ifndef CATACOMB_EC_TEST_H #define CATACOMB_EC_TEST_H diff --git a/ec.c b/ec.c index 9a929ca..a84dd7a 100644 --- a/ec.c +++ b/ec.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec.c,v 1.9 2004/04/01 21:28:41 mdw Exp $ + * $Id: ec.c,v 1.10 2004/04/08 01:36:15 mdw Exp $ * * Elliptic curve definitions * @@ -27,51 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec.c,v $ - * Revision 1.9 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.8 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.7 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.6 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.5 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.4.4.2 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.4.4.1 2003/06/10 13:43:53 mdw - * Simple (non-projective) curves over prime fields now seem to work. - * - * Revision 1.4 2003/05/15 23:25:59 mdw - * Make elliptic curve stuff build. - * - * Revision 1.3 2002/01/13 13:48:44 mdw - * Further progress. - * - * Revision 1.2 2001/05/07 17:29:44 mdw - * Treat projective coordinates as an internal representation. Various - * minor interface changes. - * - * Revision 1.1 2001/04/29 18:12:33 mdw - * Prototype version. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "ec.h" diff --git a/ec.h b/ec.h index 24bd6b2..bd71810 100644 --- a/ec.h +++ b/ec.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ec.h,v 1.10 2004/04/03 03:32:05 mdw Exp $ + * $Id: ec.h,v 1.11 2004/04/08 01:36:15 mdw Exp $ * * Elliptic curve definitions * @@ -27,57 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ec.h,v $ - * Revision 1.10 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.9 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.8 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.7 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.6 2004/03/22 02:19:10 mdw - * Rationalise the sliding-window threshold. Drop guarantee that right - * arguments to EC @add@ are canonical, and fix up projective implementations - * to cope. - * - * Revision 1.5 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.4.4.3 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.4.4.2 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.4.4.1 2003/06/10 13:43:53 mdw - * Simple (non-projective) curves over prime fields now seem to work. - * - * Revision 1.4 2003/05/15 23:25:59 mdw - * Make elliptic curve stuff build. - * - * Revision 1.3 2002/01/13 13:48:44 mdw - * Further progress. - * - * Revision 1.2 2001/05/07 17:29:44 mdw - * Treat projective coordinates as an internal representation. Various - * minor interface changes. - * - * Revision 1.1 2001/04/29 18:12:33 mdw - * Prototype version. - * - */ - #ifndef CATACOMB_EC_H #define CATACOMB_EC_H diff --git a/ecb-def.h b/ecb-def.h index 473d35a..49a232b 100644 --- a/ecb-def.h +++ b/ecb-def.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ecb-def.h,v 1.2 2000/06/17 10:54:43 mdw Exp $ + * $Id: ecb-def.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Definitions electronic code book mode * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ecb-def.h,v $ - * Revision 1.2 2000/06/17 10:54:43 mdw - * Use secure arena for memory allocation. - * - * Revision 1.1 1999/12/10 23:16:39 mdw - * Split mode macros into interface and implementation. - * - */ - #ifndef CATACOMB_ECB_DEF_H #define CATACOMB_ECB_DEF_H diff --git a/ecb.h b/ecb.h index f5ce880..a434f7d 100644 --- a/ecb.h +++ b/ecb.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ecb.h,v 1.2 1999/12/10 23:16:40 mdw Exp $ + * $Id: ecb.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Electronic code book for block ciphers * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ecb.h,v $ - * Revision 1.2 1999/12/10 23:16:40 mdw - * Split mode macros into interface and implementation. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - #ifndef CATACOMB_ECB_H #define CATACOMB_ECB_H diff --git a/ectab.h b/ectab.h index d75e79c..734bc07 100644 --- a/ectab.h +++ b/ectab.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ectab.h,v 1.3 2004/04/01 21:28:41 mdw Exp $ + * $Id: ectab.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Table of standard elliptic curves * @@ -27,26 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ectab.h,v $ - * Revision 1.3 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.2 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.1 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - */ - #ifndef CATACOMB_ECTAB_H #define CATACOMB_ECTAB_H diff --git a/exp.c b/exp.c index ed11485..64f0e9e 100644 --- a/exp.c +++ b/exp.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: exp.c,v 1.1 2001/06/16 13:00:59 mdw Exp $ + * $Id: exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generalized exponentiation * @@ -27,15 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: exp.c,v $ - * Revision 1.1 2001/06/16 13:00:59 mdw - * New generic exponentation code. Includes sliding-window simultaneous - * exponentiation. - * - */ - /*----- Header files ------------------------------------------------------*/ #define EXP_TYPE /* Hack */ diff --git a/exp.h b/exp.h index 59cb632..a8b3812 100644 --- a/exp.h +++ b/exp.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: exp.h,v 1.3 2004/03/22 02:19:10 mdw Exp $ + * $Id: exp.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Generalized exponentiation * @@ -27,26 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: exp.h,v $ - * Revision 1.3 2004/03/22 02:19:10 mdw - * Rationalise the sliding-window threshold. Drop guarantee that right - * arguments to EC @add@ are canonical, and fix up projective implementations - * to cope. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.4.1 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.1 2001/06/16 13:00:59 mdw - * New generic exponentation code. Includes sliding-window simultaneous - * exponentiation. - * - */ - #ifdef CATACOMB_EXP_H # error "Multiple inclusion of " #endif diff --git a/f-binpoly.c b/f-binpoly.c index 9c09356..4282ad4 100644 --- a/f-binpoly.c +++ b/f-binpoly.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: f-binpoly.c,v 1.8 2004/04/02 01:03:49 mdw Exp $ + * $Id: f-binpoly.c,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Binary fields with polynomial basis representation * @@ -27,41 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: f-binpoly.c,v $ - * Revision 1.8 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.7 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.6 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.5 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.4 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.3 2004/03/23 12:08:26 mdw - * Random field-element selection. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -102,7 +67,7 @@ static mp *fsqr(field *ff, mp *d, mp *x) { } static mp *finv(field *ff, mp *d, mp *x) - { fctx *f = (fctx *)ff; gf_gcd(0, 0, &d, f->r.p, x); return (d); } + { fctx *f = (fctx *)ff; d = gf_modinv(d, x, f->r.p); return (d); } static mp *freduce(field *ff, mp *d, mp *x) { fctx *f = (fctx *)ff; return (gfreduce_do(&f->r, d, x)); } diff --git a/f-niceprime.c b/f-niceprime.c index 8f0b43d..8645cb6 100644 --- a/f-niceprime.c +++ b/f-niceprime.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: f-niceprime.c,v 1.5 2004/04/02 01:03:49 mdw Exp $ + * $Id: f-niceprime.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Prime fields with efficient reduction for special-form primes * @@ -27,32 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: f-niceprime.c,v $ - * Revision 1.5 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.4 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.3 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.2 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.1 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -106,7 +80,7 @@ static mp *fsqr(field *ff, mp *d, mp *x) { } static mp *finv(field *ff, mp *d, mp *x) - { fctx *f = (fctx *)ff; mp_gcd(0, 0, &d, f->r.p, x); return (d); } + { fctx *f = (fctx *)ff; d = mp_modinv(d, x, f->r.p); return (d); } static mp *freduce(field *ff, mp *d, mp *x) { fctx *f = (fctx *)ff; return (mpreduce_do(&f->r, d, x)); } diff --git a/f-prime.c b/f-prime.c index 43d6da3..f58bf63 100644 --- a/f-prime.c +++ b/f-prime.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: f-prime.c,v 1.11 2004/04/03 03:32:05 mdw Exp $ + * $Id: f-prime.c,v 1.12 2004/04/08 01:36:15 mdw Exp $ * * Prime fields with Montgomery arithmetic * @@ -27,59 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: f-prime.c,v $ - * Revision 1.11 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.10 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.9 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.8 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.7 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.6 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.5 2004/03/23 12:08:26 mdw - * Random field-element selection. - * - * Revision 1.4 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.3.4.3 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.3.4.2 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.3.4.1 2003/06/10 13:43:53 mdw - * Simple (non-projective) curves over prime fields now seem to work. - * - * Revision 1.3 2003/05/15 23:25:59 mdw - * Make elliptic curve stuff build. - * - * Revision 1.2 2002/01/13 13:48:44 mdw - * Further progress. - * - * Revision 1.1 2001/04/29 18:12:33 mdw - * Prototype version. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -141,7 +88,7 @@ static mp *fsqr(field *ff, mp *d, mp *x) { static mp *finv(field *ff, mp *d, mp *x) { fctx *f = (fctx *)ff; d = mpmont_reduce(&f->mm, d, x); - mp_gcd(0, 0, &d, f->mm.m, d); return (mpmont_mul(&f->mm, d, d, f->mm.r2)); + d = mp_modinv(d, d, f->mm.m); return (mpmont_mul(&f->mm, d, d, f->mm.r2)); } static mp *freduce(field *ff, mp *d, mp *x) diff --git a/factorial.c b/factorial.c index 789de90..54b9845 100644 --- a/factorial.c +++ b/factorial.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: factorial.c,v 1.3 2002/01/13 19:51:59 mdw Exp $ + * $Id: factorial.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Example factorial computation * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: factorial.c,v $ - * Revision 1.3 2002/01/13 19:51:59 mdw - * Provide proper help and options parsing. Allow more bases. Use - * @mptext@ to read integers for the better base support. - * - * Revision 1.2 2001/06/16 13:22:59 mdw - * Added command-line option to select output radix. - * - * Revision 1.1 2000/07/09 21:30:49 mdw - * Demo program to compute factorials. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" diff --git a/fibrand.c b/fibrand.c index eb2e86d..4196e98 100644 --- a/fibrand.c +++ b/fibrand.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: fibrand.c,v 1.4 2002/10/09 00:35:18 mdw Exp $ + * $Id: fibrand.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Fibonacci generator * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: fibrand.c,v $ - * Revision 1.4 2002/10/09 00:35:18 mdw - * Fix bogus type name. - * - * Revision 1.3 2000/12/06 20:31:06 mdw - * Simplify uniform range transformation. - * - * Revision 1.2 2000/06/17 10:55:24 mdw - * Typesetting fixes. Add flags word to generatic random generator. - * - * Revision 1.1 1999/12/10 23:15:27 mdw - * Noncryptographic random number generator. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/fibrand.h b/fibrand.h index 10b683f..5a75542 100644 --- a/fibrand.h +++ b/fibrand.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: fibrand.h,v 1.2 2000/06/17 10:54:59 mdw Exp $ + * $Id: fibrand.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Fibonacci generator * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: fibrand.h,v $ - * Revision 1.2 2000/06/17 10:54:59 mdw - * Typesetting fixes. - * - * Revision 1.1 1999/12/10 23:15:27 mdw - * Noncryptographic random number generator. - * - */ - /*----- Notes on the Fibonacci generator ----------------------------------* * * The generator was originally suggested by G. J. Mitchell and D. P. Moore diff --git a/field-parse.c b/field-parse.c index 7e83fc0..5f9092a 100644 --- a/field-parse.c +++ b/field-parse.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: field-parse.c,v 1.3 2004/04/03 03:32:05 mdw Exp $ + * $Id: field-parse.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Parse field descriptions * @@ -27,22 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: field-parse.c,v $ - * Revision 1.3 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.2 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.1 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "field.h" diff --git a/field.c b/field.c index f0968dd..c8e31d2 100644 --- a/field.c +++ b/field.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: field.c,v 1.3 2004/04/01 12:50:09 mdw Exp $ + * $Id: field.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Abstract field operations * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: field.c,v $ - * Revision 1.3 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.4.1 2003/06/10 13:43:53 mdw - * Simple (non-projective) curves over prime fields now seem to work. - * - * Revision 1.1 2001/05/07 17:30:13 mdw - * Add an internal-representation no-op function. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "field.h" diff --git a/field.h b/field.h index 3a46ac9..5790284 100644 --- a/field.h +++ b/field.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: field.h,v 1.10 2004/04/01 21:28:41 mdw Exp $ + * $Id: field.h,v 1.11 2004/04/08 01:36:15 mdw Exp $ * * Definitions for field arithmetic * @@ -27,53 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: field.h,v $ - * Revision 1.10 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - * Revision 1.9 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.8 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.7 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - * Revision 1.6 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.5 2004/03/23 12:08:26 mdw - * Random field-element selection. - * - * Revision 1.4 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.3.4.2 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.3.4.1 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.3 2002/01/13 13:48:44 mdw - * Further progress. - * - * Revision 1.2 2001/05/07 17:30:13 mdw - * Add an internal-representation no-op function. - * - * Revision 1.1 2001/04/29 18:12:33 mdw - * Prototype version. - * - */ - #ifndef CATACOMB_FIELD_H #define CATACOMB_FIELD_H diff --git a/fipstest.c b/fipstest.c index 30f270b..c780a33 100644 --- a/fipstest.c +++ b/fipstest.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: fipstest.c,v 1.3 2000/08/11 21:34:34 mdw Exp $ + * $Id: fipstest.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * FIPS140 randomness tests * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: fipstest.c,v $ - * Revision 1.3 2000/08/11 21:34:34 mdw - * Change to use the new thresholds given in the draft FIPS140-2. - * - * Revision 1.2 2000/06/17 12:21:39 mdw - * Add braces to shut compiler up. Reformat code slightly. - * - * Revision 1.1 2000/06/17 10:55:38 mdw - * FIPS 140-1 random generator test. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/fipstest.h b/fipstest.h index 9596d8a..5bdd8dc 100644 --- a/fipstest.h +++ b/fipstest.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: fipstest.h,v 1.3 2000/12/06 20:33:27 mdw Exp $ + * $Id: fipstest.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * FIPS140 randomness tests * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: fipstest.h,v $ - * Revision 1.3 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.2 2000/08/11 21:34:34 mdw - * Change to use the new thresholds given in the draft FIPS140-2. - * - * Revision 1.1 2000/06/17 10:55:38 mdw - * FIPS 140-1 random generator test. - * - */ - #ifndef CATACOMB_FIPSTEST_H #define CATACOMB_FIPSTEST_H diff --git a/g-ec.c b/g-ec.c index dcf8a10..1809e6c 100644 --- a/g-ec.c +++ b/g-ec.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: g-ec.c,v 1.3 2004/04/04 19:04:11 mdw Exp $ + * $Id: g-ec.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Abstraction for elliptic curve groups * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: g-ec.c,v $ - * Revision 1.3 2004/04/04 19:04:11 mdw - * Raw I/O of elliptic curve points and group elements. - * - * Revision 1.2 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/g-prime.c b/g-prime.c index 97f455f..aa17685 100644 --- a/g-prime.c +++ b/g-prime.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: g-prime.c,v 1.3 2004/04/04 19:04:11 mdw Exp $ + * $Id: g-prime.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Abstraction for prime groups * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: g-prime.c,v $ - * Revision 1.3 2004/04/04 19:04:11 mdw - * Raw I/O of elliptic curve points and group elements. - * - * Revision 1.2 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -109,7 +91,7 @@ static void gsqr(group *gg, mp **d, mp **x) { static void ginv(group *gg, mp **d, mp **x) { gctx *g = (gctx *)gg; mp *r = mpmont_reduce(&g->mm, *d, *x); - mp_gcd(0, 0, &r, g->mm.m, r); *d = mpmont_mul(&g->mm, r, r, g->mm.r2); + r = mp_modinv(r, r, g->mm.m); *d = mpmont_mul(&g->mm, r, r, g->mm.r2); } static void gexp(group *gg, mp **d, mp **x, mp *n) @@ -137,8 +119,8 @@ static mp *gtoint(group *gg, mp *d, mp **x) { gctx *g = (gctx *)gg; return (mpmont_reduce(&g->mm, d, *x)); } static int gfromint(group *gg, mp **d, mp *x) { - gctx *g = (gctx *)gg; mp_div(0, &x, x, g->mm.m); mp_drop(*d); - *d = mpmont_mul(&g->mm, x, x, g->mm.r2); return (0); + gctx *g = (gctx *)gg; mp_div(0, d, x, g->mm.m); + *d = mpmont_mul(&g->mm, *d, *d, g->mm.r2); return (0); } static int gtobuf(group *gg, buf *b, mp **x) { diff --git a/gcipher.h b/gcipher.h index f25fb93..97c3047 100644 --- a/gcipher.h +++ b/gcipher.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gcipher.h,v 1.3 2004/04/04 19:42:30 mdw Exp $ + * $Id: gcipher.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Generic symmetric cipher interface * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gcipher.h,v $ - * Revision 1.3 2004/04/04 19:42:30 mdw - * Make tables of standard encryption schemes etc. - * - * Revision 1.2 2000/06/17 10:56:00 mdw - * New key size interface. - * - * Revision 1.1 1999/12/10 23:16:01 mdw - * Generic interface. - * - */ - #ifndef CATACOMB_GCIPHER_H #define CATACOMB_GCIPHER_H diff --git a/gdsa.c b/gdsa.c index 8723847..9b23f4f 100644 --- a/gdsa.c +++ b/gdsa.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gdsa.c,v 1.1 2004/04/04 19:42:59 mdw Exp $ + * $Id: gdsa.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generalized version of DSA * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gdsa.c,v $ - * Revision 1.1 2004/04/04 19:42:59 mdw - * Add set -e. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "gdsa.h" @@ -105,7 +97,7 @@ have_k: mpbarrett_create(&b, g->r); ss = mp_mul(ss, sr, c->u); ss = mpbarrett_reduce(&b, ss, ss); ss = mp_add(ss, ss, mr); mp_div(0, &ss, ss, g->r); - mp_gcd(0, 0, &k, g->r, k); + k = mp_modinv(k, k, g->r); ss = mp_mul(ss, ss, k); ss = mpbarrett_reduce(&b, ss, ss); s->r = sr; s->s = ss; mp_drop(k); mp_drop(mr); mpbarrett_destroy(&b); G_DESTROY(g, z); @@ -127,14 +119,14 @@ int gdsa_verify(const gdsa *c, const gdsa_sig *s, const void *m) group *g = c->g; group_expfactor e[2]; mpbarrett b; - mp *h = MP_NEW, *t; + mp *h, *t; ge *w; int rc = -1; if (MP_CMP(s->r, <, MP_ONE) || MP_CMP(s->r, >=, g->r) || MP_CMP(s->s, <, MP_ONE) || MP_CMP(s->s, >=, g->r)) return (-1); - mpbarrett_create(&b, g->r); mp_gcd(0, 0, &h, g->r, s->s); + mpbarrett_create(&b, g->r); h = mp_modinv(MP_NEW, s->s, g->r); e[0].base = g->g; e[1].base = c->p; t = mp_loadb(MP_NEW, m, c->h->hashsz); mp_div(0, &t, t, g->r); t = mp_mul(t, t, h); e[0].exp = t = mpbarrett_reduce(&b, t, t); diff --git a/gdsa.h b/gdsa.h index 6d88a4d..479ef3c 100644 --- a/gdsa.h +++ b/gdsa.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gdsa.h,v 1.1 2004/04/04 19:42:59 mdw Exp $ + * $Id: gdsa.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generalized version of DSA * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gdsa.h,v $ - * Revision 1.1 2004/04/04 19:42:59 mdw - * Add set -e. - * - */ - #ifndef CATACOMB_GDSA_H #define CATACOMB_GDSA_H diff --git a/gengctab b/gengctab index 3211b42..9c8c17b 100755 --- a/gengctab +++ b/gengctab @@ -17,7 +17,8 @@ cat < diff --git a/gf-arith.c b/gf-arith.c index 209c3fc..c23aa19 100644 --- a/gf-arith.c +++ b/gf-arith.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gf-arith.c,v 1.3 2004/03/27 17:54:11 mdw Exp $ + * $Id: gf-arith.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Basic arithmetic on binary polynomials * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gf-arith.c,v $ - * Revision 1.3 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "gf.h" diff --git a/gf-gcd.c b/gf-gcd.c index 7c09d3a..8eb9bbf 100644 --- a/gf-gcd.c +++ b/gf-gcd.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gf-gcd.c,v 1.2 2004/03/21 22:52:06 mdw Exp $ + * $Id: gf-gcd.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Euclidian algorithm on binary polynomials * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gf-gcd.c,v $ - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "gf.h" @@ -186,6 +175,28 @@ void gf_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) MP_DROP(a); MP_DROP(b); } +/* -- @gf_modinv@ --- * + * + * Arguments: @mp *d@ = destination + * @mp *x@ = argument + * @mp *p@ = modulus + * + * Returns: The inverse %$x^{-1} \bmod p$%. + * + * Use: Computes a modular inverse, the catch being that the + * arguments and results are binary polynomials. An assertion + * fails if %$p$% has no inverse. + */ + +mp *gf_modinv(mp *d, mp *x, mp *p) +{ + mp *g = MP_NEW; + gf_gcd(&g, 0, &d, p, x); + assert(MP_EQ(g, MP_ONE)); + mp_drop(g); + return (d); +} + /*----- Test rig ----------------------------------------------------------*/ #ifdef TEST_RIG @@ -202,7 +213,7 @@ static int gcd(dstr *v) mp *gg = MP_NEW, *xx = MP_NEW, *yy = MP_NEW; gf_gcd(&gg, &xx, &yy, a, b); if (!MP_EQ(x, xx)) { - fputs("\n*** mp_gcd(x) failed", stderr); + fputs("\n*** gf_gcd(x) failed", stderr); fputs("\na = ", stderr); mp_writefile(a, stderr, 16); fputs("\nb = ", stderr); mp_writefile(b, stderr, 16); fputs("\nexpect = ", stderr); mp_writefile(x, stderr, 16); @@ -211,7 +222,7 @@ static int gcd(dstr *v) ok = 0; } if (!MP_EQ(y, yy)) { - fputs("\n*** mp_gcd(y) failed", stderr); + fputs("\n*** gf_gcd(y) failed", stderr); fputs("\na = ", stderr); mp_writefile(a, stderr, 16); fputs("\nb = ", stderr); mp_writefile(b, stderr, 16); fputs("\nexpect = ", stderr); mp_writefile(y, stderr, 16); @@ -231,7 +242,7 @@ static int gcd(dstr *v) } if (!MP_EQ(g, gg)) { - fputs("\n*** mp_gcd(gcd) failed", stderr); + fputs("\n*** gf_gcd(gcd) failed", stderr); fputs("\na = ", stderr); mp_writefile(a, stderr, 16); fputs("\nb = ", stderr); mp_writefile(b, stderr, 16); fputs("\nexpect = ", stderr); mp_writefile(g, stderr, 16); diff --git a/gf.h b/gf.h index fba801c..2429e95 100644 --- a/gf.h +++ b/gf.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gf.h,v 1.3 2004/03/27 17:54:11 mdw Exp $ + * $Id: gf.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Arithmetic on binary polynomials * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gf.h,v $ - * Revision 1.3 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - #ifndef CATACOMB_GF_H #define CATACOMB_GF_H @@ -130,6 +116,21 @@ extern int gf_irreduciblep(mp */*f*/); extern void gf_gcd(mp **/*gcd*/, mp **/*xx*/, mp **/*yy*/, mp */*a*/, mp */*b*/); +/* -- @gf_modinv@ --- * + * + * Arguments: @mp *d@ = destination + * @mp *x@ = argument + * @mp *p@ = modulus + * + * Returns: The inverse %$x^{-1} \bmod p$%. + * + * Use: Computes a modular inverse, the catch being that the + * arguments and results are binary polynomials. An assertion + * fails if %$p$% has no inverse. + */ + +extern mp *gf_modinv(mp */*d*/, mp */*x*/, mp */*p*/); + /*----- That's all, folks -------------------------------------------------*/ #ifdef __cplusplus diff --git a/gfn.c b/gfn.c index 1b5a98c..b03df25 100644 --- a/gfn.c +++ b/gfn.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfn.c,v 1.1 2004/04/01 21:28:41 mdw Exp $ + * $Id: gfn.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Normal-basis translation for binary fields * @@ -27,16 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfn.c,v $ - * Revision 1.1 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "gfreduce.h" diff --git a/gfn.h b/gfn.h index 48531b9..94a74c5 100644 --- a/gfn.h +++ b/gfn.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfn.h,v 1.1 2004/04/01 21:28:41 mdw Exp $ + * $Id: gfn.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Normal-basis translation for binary fields * @@ -27,16 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfn.h,v $ - * Revision 1.1 2004/04/01 21:28:41 mdw - * Normal basis support (translates to poly basis internally). Rewrite - * EC and prime group table generators in awk, so that they can reuse data - * for repeated constants. - * - */ - #ifndef CATACOMB_GFN_H #define CATACOMB_GFN_H diff --git a/gfreduce-exp.h b/gfreduce-exp.h index f826fc7..ae13dcf 100644 --- a/gfreduce-exp.h +++ b/gfreduce-exp.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfreduce-exp.h,v 1.2 2004/03/21 22:52:06 mdw Exp $ + * $Id: gfreduce-exp.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Exponentiation operations for binary field reduction * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfreduce-exp.h,v $ - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - #ifndef CATACOMB_GFREDUCE_EXP_H #define CATACOMB_GFREDUCE_EXP_H diff --git a/gfreduce.c b/gfreduce.c index 4f07ccf..ae31d5c 100644 --- a/gfreduce.c +++ b/gfreduce.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfreduce.c,v 1.4 2004/03/27 00:04:46 mdw Exp $ + * $Id: gfreduce.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Efficient reduction modulo sparse binary polynomials * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfreduce.c,v $ - * Revision 1.4 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - * Revision 1.3 2004/03/23 15:19:32 mdw - * Test elliptic curves more thoroughly. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/gfreduce.h b/gfreduce.h index 9840b5e..ec343b4 100644 --- a/gfreduce.h +++ b/gfreduce.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfreduce.h,v 1.2 2004/03/21 22:52:06 mdw Exp $ + * $Id: gfreduce.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Reduction modulo sparse binary polynomials * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfreduce.h,v $ - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - #ifndef CATACOMB_GFREDUCE_H #define CATACOMB_GFREDUCE_H diff --git a/gfshare-mktab.c b/gfshare-mktab.c index 6e37420..7ce7244 100644 --- a/gfshare-mktab.c +++ b/gfshare-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfshare-mktab.c,v 1.3 2000/06/18 23:26:09 mdw Exp $ + * $Id: gfshare-mktab.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Generate tables for %$\gf{2^8}$% multiplication * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfshare-mktab.c,v $ - * Revision 1.3 2000/06/18 23:26:09 mdw - * Whoops. Fix a typo. - * - * Revision 1.2 2000/06/18 23:12:15 mdw - * Change typesetting of Galois Field names. - * - * Revision 1.1 2000/06/17 10:56:30 mdw - * Fast but nonstandard secret sharing system. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/gfshare.c b/gfshare.c index 841e556..a46f948 100644 --- a/gfshare.c +++ b/gfshare.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfshare.c,v 1.8 2004/04/02 01:03:49 mdw Exp $ + * $Id: gfshare.c,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Secret sharing over %$\gf{2^8}$% * @@ -27,38 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfshare.c,v $ - * Revision 1.8 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.7 2001/06/16 23:42:17 mdw - * Typesetting fixes. - * - * Revision 1.6 2000/12/06 20:30:10 mdw - * Change secret sharing interface: present the secret at share - * construction time. - * - * Revision 1.5 2000/06/24 19:11:47 mdw - * Fix daft error in the comment for @gfshare_get@. - * - * Revision 1.4 2000/06/24 18:29:05 mdw - * Interface change: allow shares to be extracted from a context on demand, - * rather than building them all up-front. - * - * Revision 1.3 2000/06/22 18:04:13 mdw - * Improve secret reconstruction -- compute coefficients as needed rather - * than making a big array of them. - * - * Revision 1.2 2000/06/18 23:12:15 mdw - * Change typesetting of Galois Field names. - * - * Revision 1.1 2000/06/17 10:56:30 mdw - * Fast but nonstandard secret sharing system. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/gfshare.h b/gfshare.h index fe09d8a..a53d137 100644 --- a/gfshare.h +++ b/gfshare.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfshare.h,v 1.6 2000/12/06 20:30:10 mdw Exp $ + * $Id: gfshare.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Secret sharing over %$\gf{2^8}$% * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfshare.h,v $ - * Revision 1.6 2000/12/06 20:30:10 mdw - * Change secret sharing interface: present the secret at share - * construction time. - * - * Revision 1.5 2000/06/24 19:11:47 mdw - * Fix daft error in the comment for @gfshare_get@. - * - * Revision 1.4 2000/06/24 18:29:05 mdw - * Interface change: allow shares to be extracted from a context on demand, - * rather than building them all up-front. - * - * Revision 1.3 2000/06/18 23:12:15 mdw - * Change typesetting of Galois Field names. - * - * Revision 1.2 2000/06/17 11:05:27 mdw - * Add a commentary on the system. - * - * Revision 1.1 2000/06/17 10:56:30 mdw - * Fast but nonstandard secret sharing system. - * - */ - /*----- Notes on the system -----------------------------------------------* * * This uses a variant of Shamir's secret sharing system. Shamir's original diff --git a/gfx-kmul.c b/gfx-kmul.c index c692f9c..aaf1109 100644 --- a/gfx-kmul.c +++ b/gfx-kmul.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfx-kmul.c,v 1.3 2004/03/27 17:54:11 mdw Exp $ + * $Id: gfx-kmul.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Karatsuba's multiplication algorithm on binary polynomials * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfx-kmul.c,v $ - * Revision 1.3 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.2 2002/10/09 00:36:03 mdw - * Fix bounds on workspace for Karatsuba operations. - * - * Revision 1.1 2000/10/08 15:49:37 mdw - * First glimmerings of binary polynomial arithmetic. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/gfx-sqr-mktab.c b/gfx-sqr-mktab.c index 70801c1..64f7a87 100644 --- a/gfx-sqr-mktab.c +++ b/gfx-sqr-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfx-sqr-mktab.c,v 1.1 2000/10/08 15:49:37 mdw Exp $ + * $Id: gfx-sqr-mktab.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Build table for squaring of binary polynomials * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfx-sqr-mktab.c,v $ - * Revision 1.1 2000/10/08 15:49:37 mdw - * First glimmerings of binary polynomial arithmetic. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/gfx-sqr.c b/gfx-sqr.c index 60e1b3c..6acc4a3 100644 --- a/gfx-sqr.c +++ b/gfx-sqr.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfx-sqr.c,v 1.3 2004/04/02 01:03:49 mdw Exp $ + * $Id: gfx-sqr.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Sqaring binary polynomials * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfx-sqr.c,v $ - * Revision 1.3 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.4.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.1 2000/10/08 15:49:37 mdw - * First glimmerings of binary polynomial arithmetic. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mpx.h" diff --git a/gfx.c b/gfx.c index 97320f9..0fabd5c 100644 --- a/gfx.c +++ b/gfx.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfx.c,v 1.1 2000/10/08 15:49:37 mdw Exp $ + * $Id: gfx.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Low-level arithmetic on binary polynomials * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfx.c,v $ - * Revision 1.1 2000/10/08 15:49:37 mdw - * First glimmerings of binary polynomial arithmetic. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/gfx.h b/gfx.h index 18ac9a5..2a325c1 100644 --- a/gfx.h +++ b/gfx.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gfx.h,v 1.2 2004/03/21 22:52:06 mdw Exp $ + * $Id: gfx.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Low-level arithmetic on binary polynomials * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gfx.h,v $ - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.4.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.1 2000/10/08 15:49:37 mdw - * First glimmerings of binary polynomial arithmetic. - * - */ - #ifndef CATACOMB_GFX_H #define CATACOMB_GFX_H diff --git a/ghash-def.h b/ghash-def.h index da4063d..3f0266c 100644 --- a/ghash-def.h +++ b/ghash-def.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ghash-def.h,v 1.6 2004/04/04 19:42:59 mdw Exp $ + * $Id: ghash-def.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Definitions for generic hash interface * @@ -27,33 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ghash-def.h,v $ - * Revision 1.6 2004/04/04 19:42:59 mdw - * Add set -e. - * - * Revision 1.5 2001/01/25 21:39:58 mdw - * Burn the hash context when it's done with, for paranoia's sake. - * - * Revision 1.4 2000/07/15 10:00:58 mdw - * New generic hash operation for copying hash contexts. - * - * Revision 1.3 2000/07/02 18:27:42 mdw - * (ghash->ops->done): Interface change. Passing in a null buffer pointer - * uses a buffer internal to the ghash object. The operation returns the - * address of the buffer it used. Clients of generic hashes no longer need - * to use dynamically allocated memory for hash results. - * - * Revision 1.2 2000/06/17 11:22:03 mdw - * Use secure arena for memory allocation. Minor changes in the generic - * hash interface. - * - * Revision 1.1 1999/12/10 23:21:37 mdw - * Generic interface. - * - */ - #ifndef CATACOMB_GHASH_DEF_H #define CATACOMB_GHASH_DEF_H diff --git a/ghash.h b/ghash.h index 9d63419..3b83a19 100644 --- a/ghash.h +++ b/ghash.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ghash.h,v 1.6 2004/04/04 19:42:30 mdw Exp $ + * $Id: ghash.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Generic hash function interface * @@ -27,32 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ghash.h,v $ - * Revision 1.6 2004/04/04 19:42:30 mdw - * Make tables of standard encryption schemes etc. - * - * Revision 1.5 2000/07/15 10:00:58 mdw - * New generic hash operation for copying hash contexts. - * - * Revision 1.4 2000/07/03 18:08:24 mdw - * Include `bits.h'. - * - * Revision 1.3 2000/07/02 18:27:42 mdw - * (ghash->ops->done): Interface change. Passing in a null buffer pointer - * uses a buffer internal to the ghash object. The operation returns the - * address of the buffer it used. Clients of generic hashes no longer need - * to use dynamically allocated memory for hash results. - * - * Revision 1.2 2000/06/17 11:22:17 mdw - * Minor changes in the generic hash interface. - * - * Revision 1.1 1999/12/10 23:16:01 mdw - * Generic interface. - * - */ - #ifndef CATACOMB_GHASH_H #define CATACOMB_GHASH_H @@ -81,7 +55,7 @@ typedef struct ghash_ops { } ghash_ops; #define GH_INIT(ch) (ch)->init() -#define GH_CLASS(H) (h)->ops->c +#define GH_CLASS(h) (h)->ops->c #define GH_HASH(h, p, sz) (h)->ops->hash((h), (p), (sz)) #define GH_DONE(h, buf) (h)->ops->done((h), (buf)) #define GH_DESTROY(h) (h)->ops->destroy((h)) diff --git a/gkcdsa.c b/gkcdsa.c index f7119f5..6d812ff 100644 --- a/gkcdsa.c +++ b/gkcdsa.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gkcdsa.c,v 1.1 2004/04/04 19:42:59 mdw Exp $ + * $Id: gkcdsa.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generalized version of KCDSA * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gkcdsa.c,v $ - * Revision 1.1 2004/04/04 19:42:59 mdw - * Add set -e. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "gkcdsa.h" @@ -61,7 +53,6 @@ ghash *gkcdsa_beginhash(const gkcdsa *c) mp *v = G_TOINT(c->g, MP_NEW, c->p); size_t sz = c->h->bufsz; void *p = xmalloc(sz); - if (/*ouch*/ !v) memset(p, 0, sz); else mp_storeb(v, p, sz); GH_HASH(h, p, sz); @@ -238,7 +229,7 @@ static int tsign(dstr *v) DENSURE(&d, c.h->hashsz); d.len = c.h->hashsz; memset(d.buf, 0, d.len); ss.r = (octet *)d.buf; - x = MP_NEW; mp_gcd(0, 0, &x, c.g->r, c.u); + x = mp_modinv(MP_NEW, c.u, c.g->r); c.p = G_CREATE(c.g); G_EXP(c.g, c.p, c.g->g, x); h = gkcdsa_beginhash(&c); GH_HASH(h, v[3].buf, v[3].len); diff --git a/gkcdsa.h b/gkcdsa.h index 8901b87..ec27eab 100644 --- a/gkcdsa.h +++ b/gkcdsa.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gkcdsa.h,v 1.1 2004/04/04 19:42:59 mdw Exp $ + * $Id: gkcdsa.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generalized version of KCDSA * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gkcdsa.h,v $ - * Revision 1.1 2004/04/04 19:42:59 mdw - * Add set -e. - * - */ - #ifndef CATACOMB_GKCDSA_H #define CATACOMB_GKCDSA_H diff --git a/gmac.h b/gmac.h index cf134ac..9419bbf 100644 --- a/gmac.h +++ b/gmac.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gmac.h,v 1.3 2004/04/04 19:42:30 mdw Exp $ + * $Id: gmac.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Generic MAC function interface * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: gmac.h,v $ - * Revision 1.3 2004/04/04 19:42:30 mdw - * Make tables of standard encryption schemes etc. - * - * Revision 1.2 2000/06/17 11:22:46 mdw - * Minor changes in the generic hash and MAC interfaces. - * - * Revision 1.1 1999/12/10 23:16:01 mdw - * Generic interface. - * - */ - #ifndef CATACOMB_GMAC_H #define CATACOMB_GMAC_H diff --git a/grand.c b/grand.c index b7118ab..ca0492b 100644 --- a/grand.c +++ b/grand.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: grand.c,v 1.2 2000/12/06 20:31:06 mdw Exp $ + * $Id: grand.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Generic interface to random number generators * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: grand.c,v $ - * Revision 1.2 2000/12/06 20:31:06 mdw - * Simplify uniform range transformation. - * - * Revision 1.1 1999/12/10 23:16:01 mdw - * Generic interface. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/grand.h b/grand.h index 160663e..0446b2b 100644 --- a/grand.h +++ b/grand.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: grand.h,v 1.4 2001/04/19 18:23:53 mdw Exp $ + * $Id: grand.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Generic interface to random number generators * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: grand.h,v $ - * Revision 1.4 2001/04/19 18:23:53 mdw - * Use unsigned integer rather than enum for flags. - * - * Revision 1.3 2001/02/03 16:07:33 mdw - * Give generic random objects separate namespaces for their supported misc - * ops. - * - * Revision 1.2 2000/06/17 11:23:11 mdw - * Typesetting fix. Add a flags word to the generic generator. - * - * Revision 1.1 1999/12/10 23:16:01 mdw - * Generic interface. - * - */ - #ifndef CATACOMB_GRAND_H #define CATACOMB_GRAND_H @@ -92,6 +74,12 @@ typedef struct grand_ops { void (*fill)(grand */*r*/, void */*p*/, size_t /*sz*/); /* Fill buffer */ } grand_ops; +#define GR_DESTROY(r) (r)->ops->destroy((r)) +#define GR_RAW(r) (r)->ops->raw((r)) +#define GR_WORD(r) (r)->ops->word((r)) +#define GR_RANGE(r, l) (r)->ops->range((r), (l)) +#define GR_FILL(r, p, sz) (r)->ops->fill((r), (p), (sz)) + /* --- Flag types --- */ #define GRAND_CRYPTO 1u /* Cryptographically strong */ diff --git a/group-dstr.c b/group-dstr.c index 7fe67a0..9b46b32 100644 --- a/group-dstr.c +++ b/group-dstr.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group-dstr.c,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: group-dstr.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Dynamic string I/O for group elements * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group-dstr.c,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "group.h" diff --git a/group-exp.c b/group-exp.c index 72bd5a0..2ca684c 100644 --- a/group-exp.c +++ b/group-exp.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group-exp.c,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: group-exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Exponentiation for abstract groups * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group-exp.c,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "group.h" diff --git a/group-exp.h b/group-exp.h index a736d29..244bebf 100644 --- a/group-exp.h +++ b/group-exp.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group-exp.h,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: group-exp.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Exponentiation operations for abstract groups * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group-exp.h,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - #ifndef CATACOMB_GROUP_EXP_H #define CATACOMB_GROUP_EXP_H diff --git a/group-file.c b/group-file.c index a819f92..e0ae8bb 100644 --- a/group-file.c +++ b/group-file.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group-file.c,v 1.2 2004/04/04 19:04:11 mdw Exp $ + * $Id: group-file.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * File I/O for group elements * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group-file.c,v $ - * Revision 1.2 2004/04/04 19:04:11 mdw - * Raw I/O of elliptic curve points and group elements. - * - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "group.h" diff --git a/group-parse.c b/group-parse.c index 276e2d2..1c0d614 100644 --- a/group-parse.c +++ b/group-parse.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group-parse.c,v 1.2 2004/04/03 03:32:05 mdw Exp $ + * $Id: group-parse.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Parse group description strings * @@ -26,21 +26,6 @@ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group-parse.c,v $ - * Revision 1.2 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "group.h" diff --git a/group-stdops.c b/group-stdops.c index 2e3e6d4..faa34f2 100644 --- a/group-stdops.c +++ b/group-stdops.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group-stdops.c,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: group-stdops.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Standard group operations * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group-stdops.c,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "group.h" diff --git a/group-string.c b/group-string.c index 598e973..f1e5859 100644 --- a/group-string.c +++ b/group-string.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group-string.c,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: group-string.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * String I/O for group elements * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group-string.c,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "group.h" diff --git a/group-test.c b/group-test.c index 7c1936b..851f912 100644 --- a/group-test.c +++ b/group-test.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group-test.c,v 1.2 2004/04/04 19:04:11 mdw Exp $ + * $Id: group-test.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Testing group operations * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group-test.c,v $ - * Revision 1.2 2004/04/04 19:04:11 mdw - * Raw I/O of elliptic curve points and group elements. - * - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/group.h b/group.h index 0e32de6..9211a58 100644 --- a/group.h +++ b/group.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: group.h,v 1.3 2004/04/04 19:04:11 mdw Exp $ + * $Id: group.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * General cyclic group abstraction * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: group.h,v $ - * Revision 1.3 2004/04/04 19:04:11 mdw - * Raw I/O of elliptic curve points and group elements. - * - * Revision 1.2 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - #ifndef CATACOMB_GROUP_H #define CATACOMB_GROUP_H diff --git a/has160.c b/has160.c index 7c7b7b9..727c01e 100644 --- a/has160.c +++ b/has160.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: has160.c,v 1.1 2004/04/04 19:42:59 mdw Exp $ + * $Id: has160.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The HAS160 message digest function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: has160.c,v $ - * Revision 1.1 2004/04/04 19:42:59 mdw - * Add set -e. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/has160.h b/has160.h index f60fdc9..4b263f9 100644 --- a/has160.h +++ b/has160.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: has160.h,v 1.1 2004/04/04 19:42:59 mdw Exp $ + * $Id: has160.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The HAS160 message digest function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: has160.h,v $ - * Revision 1.1 2004/04/04 19:42:59 mdw - * Add set -e. - * - */ - /*----- Notes on the HAS160 hash function ---------------------------------* * * HAS160 was designed by Chae Hoon Lim and the Korean Information Security diff --git a/hash.h b/hash.h index f5d21de..9c81a44 100644 --- a/hash.h +++ b/hash.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: hash.h,v 1.4 2004/03/21 22:42:27 mdw Exp $ + * $Id: hash.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Generic handling for message digest functions * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: hash.h,v $ - * Revision 1.4 2004/03/21 22:42:27 mdw - * Test hashing on long strings. - * - * Revision 1.3 2000/06/17 11:23:27 mdw - * Portability fix for broken compilers. - * - * Revision 1.2 1999/12/10 23:16:40 mdw - * Split mode macros into interface and implementation. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - #ifndef CATACOMB_HASH_H #define CATACOMB_HASH_H diff --git a/hashsum.c b/hashsum.c index 11a5d37..a175397 100644 --- a/hashsum.c +++ b/hashsum.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: hashsum.c,v 1.9 2004/04/04 19:42:59 mdw Exp $ + * $Id: hashsum.c,v 1.10 2004/04/08 01:36:15 mdw Exp $ * * Hash files using some secure hash function * @@ -27,41 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: hashsum.c,v $ - * Revision 1.9 2004/04/04 19:42:59 mdw - * Add set -e. - * - * Revision 1.8 2001/04/19 18:26:33 mdw - * Add CRC as another hash function. - * - * Revision 1.7 2001/02/21 20:03:22 mdw - * Added support for MD2 hash function. - * - * Revision 1.6 2001/01/25 21:40:14 mdw - * Support for new SHA variants added. - * - * Revision 1.5 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.4 2000/08/04 23:23:44 mdw - * Various fixes. - * - * Revision 1.3 2000/07/29 17:02:43 mdw - * (checkhash): Be pettier about spaces between the hash and filename, for - * compatiblity with `md5sum'. - * - * Revision 1.2 2000/07/15 21:14:05 mdw - * Missed `-e' out of the usage string. - * - * Revision 1.1 2000/07/15 20:52:34 mdw - * Useful replacement for `md5sum' with support for many different hash - * functions and for reading filename lists from `find'. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" @@ -120,11 +85,11 @@ static int fhash(const char *file, unsigned f, const gchash *gch, void *buf) else if ((fp = fopen(file, f & f_binary ? "rb" : "r")) == 0) return (-1); - h = gch->init(); + h = GH_INIT(gch); while ((sz = fread(fbuf, 1, sizeof(fbuf), fp)) > 0) - h->ops->hash(h, fbuf, sz); - h->ops->done(h, buf); - h->ops->destroy(h); + GH_HASH(h, fbuf, sz); + GH_DONE(h, buf); + GH_DESTROY(h); e = ferror(fp); if (file) fclose(fp); diff --git a/hmac-def.h b/hmac-def.h index ffd796c..d9075a1 100644 --- a/hmac-def.h +++ b/hmac-def.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: hmac-def.h,v 1.7 2001/04/19 18:24:45 mdw Exp $ + * $Id: hmac-def.h,v 1.8 2004/04/08 01:36:15 mdw Exp $ * * Definitions for HMAC and NMAC * @@ -27,37 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: hmac-def.h,v $ - * Revision 1.7 2001/04/19 18:24:45 mdw - * Provide correct key sizes for NMAC, HMAC and SSLMAC. - * - * Revision 1.6 2001/04/03 19:35:45 mdw - * Support the SSL HMAC variant (untested). - * - * Revision 1.5 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.4 2000/07/15 10:00:58 mdw - * New generic hash operation for copying hash contexts. - * - * Revision 1.3 2000/07/02 18:27:42 mdw - * (ghash->ops->done): Interface change. Passing in a null buffer pointer - * uses a buffer internal to the ghash object. The operation returns the - * address of the buffer it used. Clients of generic hashes no longer need - * to use dynamically allocated memory for hash results. - * - * Revision 1.2 2000/06/17 11:23:44 mdw - * Use secure arena for memory allocation. Minor changes in the generic - * hash interface. - * - * Revision 1.1 1999/12/10 23:16:40 mdw - * Split mode macros into interface and implementation. - * - */ - #ifndef CATACOMB_HMAC_DEF_H #define CATACOMB_HMAC_DEF_H diff --git a/hmac.h b/hmac.h index e9c8d78..e874200 100644 --- a/hmac.h +++ b/hmac.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: hmac.h,v 1.6 2001/04/19 18:24:45 mdw Exp $ + * $Id: hmac.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Generic code for HMAC and NMAC * @@ -27,30 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: hmac.h,v $ - * Revision 1.6 2001/04/19 18:24:45 mdw - * Provide correct key sizes for NMAC, HMAC and SSLMAC. - * - * Revision 1.5 2001/04/03 19:35:45 mdw - * Support the SSL HMAC variant (untested). - * - * Revision 1.4 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.3 2000/06/17 11:23:57 mdw - * New key size interface. - * - * Revision 1.2 1999/12/10 23:17:39 mdw - * Split mode macros into interface and implementation. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on the HMAC and NMAC constructions --------------------------* * * Designed by Mihir Bellare, Ran Canetti and Hugo Krawczyk, NMAC is a method diff --git a/idea.c b/idea.c index c0a1d07..ae4aa2d 100644 --- a/idea.c +++ b/idea.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: idea.c,v 1.4 2000/07/15 17:47:58 mdw Exp $ + * $Id: idea.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the IDEA cipher * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: idea.c,v $ - * Revision 1.4 2000/07/15 17:47:58 mdw - * Fix bug in decryption key scheduling. - * - * Revision 1.3 2000/07/02 18:24:39 mdw - * Use a new multiplication function from an Ascom white paper to resist - * timing attacks. - * - * Revision 1.2 2000/06/17 11:24:08 mdw - * New key size interface. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/idea.h b/idea.h index 326925f..771adda 100644 --- a/idea.h +++ b/idea.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: idea.h,v 1.3 2000/06/17 11:24:08 mdw Exp $ + * $Id: idea.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the IDEA cipher * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: idea.h,v $ - * Revision 1.3 2000/06/17 11:24:08 mdw - * New key size interface. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on the IDEA block cipher ------------------------------------* * * IDEA was invented by James Massey and Xuejia Lai. The fundamental idea diff --git a/karatsuba.h b/karatsuba.h index 4add2c1..f1d1870 100644 --- a/karatsuba.h +++ b/karatsuba.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: karatsuba.h,v 1.2 2000/10/08 15:47:47 mdw Exp $ + * $Id: karatsuba.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Macros for Karatsuba functions * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: karatsuba.h,v $ - * Revision 1.2 2000/10/08 15:47:47 mdw - * Rename from `mpx-kmac.h', and add macros for @gfx_kmul@. - * - * Revision 1.1 2000/06/17 11:42:11 mdw - * Moved the Karatsuba macros into a separate file for better sharing. - * Fixed some comments. - * - */ - #ifndef CATACOMB_KARATSUBA_H #define CATACOMB_KARATSUBA_H diff --git a/key-attr.c b/key-attr.c index 75b2f1e..7057570 100644 --- a/key-attr.c +++ b/key-attr.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-attr.c,v 1.4 2004/04/08 01:02:49 mdw Exp $ + * $Id: key-attr.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Key attribute manipulation * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-attr.c,v $ - * Revision 1.4 2004/04/08 01:02:49 mdw - * key-binary.c - * - * Revision 1.3 2001/06/22 19:39:43 mdw - * Allow tagging if the tag is owned by a deleted key. - * - * Revision 1.2 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.1 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-binary.c b/key-binary.c index 6726152..75cfbe7 100644 --- a/key-binary.c +++ b/key-binary.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-binary.c,v 1.6 2004/04/08 01:03:22 mdw Exp $ + * $Id: key-binary.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Key binary encoding * @@ -27,34 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-binary.c,v $ - * Revision 1.6 2004/04/08 01:03:22 mdw - * Force subkeys to be sorted in structured keys. - * - * Revision 1.5 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.4 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - * Revision 1.3 2001/02/03 11:57:00 mdw - * Track mLib change: symbols no longer need to include a terminating - * null. - * - * Revision 1.2 2000/06/17 11:25:20 mdw - * Use secure memory interface from MP library. - * - * Revision 1.1 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-data.c b/key-data.c index 494e9c8..7cbc6fd 100644 --- a/key-data.c +++ b/key-data.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-data.c,v 1.5 2004/03/28 01:58:47 mdw Exp $ + * $Id: key-data.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Encoding and decoding of key data * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-data.c,v $ - * Revision 1.5 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - * Revision 1.4 2000/07/16 19:51:58 mdw - * Shut stupid compiler up. - * - * Revision 1.3 2000/06/17 11:26:03 mdw - * key_structfind: track minor data structure change, and cope if the - * subkey isn't available. - * - * Revision 1.2 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.1 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-data.h b/key-data.h index 4eb8845..40b8b4b 100644 --- a/key-data.h +++ b/key-data.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-data.h,v 1.3 2004/03/28 01:58:47 mdw Exp $ + * $Id: key-data.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Manipulating key data * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-data.h,v $ - * Revision 1.3 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - * Revision 1.2 2000/06/17 11:26:18 mdw - * Add the key packing interface. - * - * Revision 1.1 2000/02/12 18:21:23 mdw - * Overhaul of key management (again). - * - */ - #ifndef CATACOMB_KEY_DATA_H #define CATACOMB_KEY_DATA_H diff --git a/key-error.c b/key-error.c index 400e6bf..75e4246 100644 --- a/key-error.c +++ b/key-error.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-error.c,v 1.3 2004/04/08 01:02:49 mdw Exp $ + * $Id: key-error.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Translating key error codes into strings * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-error.c,v $ - * Revision 1.3 2004/04/08 01:02:49 mdw - * key-binary.c - * - * Revision 1.2 2000/02/12 18:55:40 mdw - * Make it all compile properly. - * - * Revision 1.1 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-fetch.c b/key-fetch.c index 9f4863a..8972603 100644 --- a/key-fetch.c +++ b/key-fetch.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-fetch.c,v 1.1 2000/06/17 10:42:54 mdw Exp $ + * $Id: key-fetch.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Higher-level key unpacking * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-fetch.c,v $ - * Revision 1.1 2000/06/17 10:42:54 mdw - * Convenient table-driven extraction of structured keys. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-file.c b/key-file.c index 2e556e9..15b0304 100644 --- a/key-file.c +++ b/key-file.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-file.c,v 1.2 2001/02/03 11:57:38 mdw Exp $ + * $Id: key-file.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * System-dependent key filing operations * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-file.c,v $ - * Revision 1.2 2001/02/03 11:57:38 mdw - * Allow creating keyfiles with no file attached. - * - * Revision 1.1 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-flags.c b/key-flags.c index d80da4f..605eb06 100644 --- a/key-flags.c +++ b/key-flags.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-flags.c,v 1.4 2004/04/02 01:03:49 mdw Exp $ + * $Id: key-flags.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Reading and writing key flag strings * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-flags.c,v $ - * Revision 1.4 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.3 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - * Revision 1.2 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.1 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -123,6 +106,8 @@ int key_readflags(const char *p, char **pp, unsigned *ff, unsigned *mm) /* --- Look up the string in the flags table --- */ + if (sz == 4 && strncmp(p, "none", 4) == 0) + goto next; for (e = flagtab; e->name; e++) { if (strncmp(e->name, p, sz) == 0) { if (e->name[sz] == 0) { @@ -146,6 +131,7 @@ int key_readflags(const char *p, char **pp, unsigned *ff, unsigned *mm) return (KERR_BADFLAGS); m |= ee->m; f |= ee->f; + next: p += sz; if (*p == 0 || *p == ':') break; diff --git a/key-io.c b/key-io.c index a2d1c91..c78b967 100644 --- a/key-io.c +++ b/key-io.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-io.c,v 1.5 2003/10/17 16:30:46 mdw Exp $ + * $Id: key-io.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Adding new keys to a key file * @@ -27,26 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-io.c,v $ - * Revision 1.5 2003/10/17 16:30:46 mdw - * Report errors if key files don't exist! - * - * Revision 1.4 2001/02/03 11:57:38 mdw - * Allow creating keyfiles with no file attached. - * - * Revision 1.3 2001/01/20 11:56:48 mdw - * Use mLib exported tuning parameters for hashtable. - * - * Revision 1.2 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.1 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-misc.c b/key-misc.c index a502293..37027c0 100644 --- a/key-misc.c +++ b/key-misc.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-misc.c,v 1.4 2004/04/08 01:02:49 mdw Exp $ + * $Id: key-misc.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Simple key management * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-misc.c,v $ - * Revision 1.4 2004/04/08 01:02:49 mdw - * key-binary.c - * - * Revision 1.3 2001/06/22 19:39:12 mdw - * New interface to find out whether a key has expired. Also, a bug fix - * to @key_bytag@ so that it finds expired keys correctly. - * - * Revision 1.2 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.1 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-moan.c b/key-moan.c index 8111cce..b2c88b7 100644 --- a/key-moan.c +++ b/key-moan.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-moan.c,v 1.1 1999/12/22 15:47:48 mdw Exp $ + * $Id: key-moan.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Standard error handling function for key loading * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-moan.c,v $ - * Revision 1.1 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-pack.c b/key-pack.c index 575fd93..cc0f20a 100644 --- a/key-pack.c +++ b/key-pack.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-pack.c,v 1.2 2004/03/28 01:58:47 mdw Exp $ + * $Id: key-pack.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Packing and unpacking key data * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-pack.c,v $ - * Revision 1.2 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - * Revision 1.1 2000/06/17 10:42:41 mdw - * Packing and unpacking structured keys. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-pass.c b/key-pass.c index d31b31f..7e02daf 100644 --- a/key-pass.c +++ b/key-pass.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-pass.c,v 1.4 2004/03/28 01:58:26 mdw Exp $ + * $Id: key-pass.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Encrypting keys with passphrases * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-pass.c,v $ - * Revision 1.4 2004/03/28 01:58:26 mdw - * Ooops, fix all the bugs. - * - * Revision 1.3 2004/03/27 00:04:19 mdw - * INCOMPATIBLE CHANGE. Use proper authentication on encrypted keys. - * - * Revision 1.2 2000/06/17 11:26:35 mdw - * `rand_getgood' is deprecated. - * - * Revision 1.1 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key-text.c b/key-text.c index a072368..dcfe354 100644 --- a/key-text.c +++ b/key-text.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key-text.c,v 1.5 2004/04/01 13:42:48 mdw Exp $ + * $Id: key-text.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Key textual encoding * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key-text.c,v $ - * Revision 1.5 2004/04/01 13:42:48 mdw - * Missed off \! - * - * Revision 1.4 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - * Revision 1.3 2001/02/03 11:57:00 mdw - * Track mLib change: symbols no longer need to include a terminating - * null. - * - * Revision 1.2 2000/06/17 11:27:20 mdw - * Use secure memory interface from MP library. - * - * Revision 1.1 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/key.1 b/key.1 index cab0d41..1b6c7e5 100644 --- a/key.1 +++ b/key.1 @@ -87,6 +87,8 @@ is one of: .B fingerprint .RB [ \-f .IR filter ] +.RB [ \-a +.IR hash ] .RI [ tag ...] .br .B tidy @@ -744,10 +746,18 @@ The following option is supported: Specifies a filter. Only keys and key components which match the filter are fingerprinted. The default is to only fingerprint nonsecret components. +.TP +.BI "\-a, \-\-algorithm " hash +Names the hashing algorithm. Run +.B hashsum -a list +for a list of hashing algorithms. The default is +.BR rmd160 . .PP The keys to be fingerprinted are named by their tags or keyids given as command line arguments. If no key tags are given, all keys which match -the filter are fingerprinted. +the filter are fingerprinted. See +.BR keyring (5) +for a description of how key fingerprints are computed. .SS "tidy" Simply reads the keyring from file and writes it back again. This has the effect of removing any deleted keys from the file. diff --git a/key.h b/key.h index 05ba9a3..ada6260 100644 --- a/key.h +++ b/key.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: key.h,v 1.10 2004/04/08 01:02:49 mdw Exp $ + * $Id: key.h,v 1.11 2004/04/08 01:36:15 mdw Exp $ * * Simple key management * @@ -27,42 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: key.h,v $ - * Revision 1.10 2004/04/08 01:02:49 mdw - * key-binary.c - * - * Revision 1.9 2001/06/22 19:37:59 mdw - * New interface to enquire whether a key has expired. - * - * Revision 1.8 2001/02/03 11:57:38 mdw - * Allow creating keyfiles with no file attached. - * - * Revision 1.7 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.6 2000/06/17 11:27:43 mdw - * Add key fetching interface. - * - * Revision 1.5 2000/02/12 18:55:40 mdw - * Make it all compile properly. - * - * Revision 1.4 2000/02/12 18:21:02 mdw - * Overhaul of key management (again). - * - * Revision 1.3 1999/12/22 15:47:48 mdw - * Major key-management revision. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - #ifndef CATACOMB_KEY_H #define CATACOMB_KEY_H diff --git a/keycheck-mp.c b/keycheck-mp.c index 8b71bf3..9f93c0e 100644 --- a/keycheck-mp.c +++ b/keycheck-mp.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: keycheck-mp.c,v 1.1 2001/02/03 16:08:24 mdw Exp $ + * $Id: keycheck-mp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Key consistency checking tools for large integers * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: keycheck-mp.c,v $ - * Revision 1.1 2001/02/03 16:08:24 mdw - * Add consistency checking for public keys. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/keycheck-report.c b/keycheck-report.c index 8a7accd..88dae63 100644 --- a/keycheck-report.c +++ b/keycheck-report.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: keycheck-report.c,v 1.1 2001/02/03 16:08:24 mdw Exp $ + * $Id: keycheck-report.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * A standard reporter function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: keycheck-report.c,v $ - * Revision 1.1 2001/02/03 16:08:24 mdw - * Add consistency checking for public keys. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/keycheck.c b/keycheck.c index 164303f..11f1171 100644 --- a/keycheck.c +++ b/keycheck.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: keycheck.c,v 1.2 2002/01/13 13:49:01 mdw Exp $ + * $Id: keycheck.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Framework for checking consistency of keys * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: keycheck.c,v $ - * Revision 1.2 2002/01/13 13:49:01 mdw - * Track @dstr_vputf@ change. - * - * Revision 1.1 2001/02/03 16:08:24 mdw - * Add consistency checking for public keys. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/keycheck.h b/keycheck.h index 7fe159f..8c60ffb 100644 --- a/keycheck.h +++ b/keycheck.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: keycheck.h,v 1.1 2001/02/03 16:08:24 mdw Exp $ + * $Id: keycheck.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Framework for checking consistency of keys * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: keycheck.h,v $ - * Revision 1.1 2001/02/03 16:08:24 mdw - * Add consistency checking for public keys. - * - */ - #ifndef CATACOMB_KEYCHECK_H #define CATACOMB_KEYCHECK_H diff --git a/keyring.5 b/keyring.5 index 10b2f5b..b155112 100644 --- a/keyring.5 +++ b/keyring.5 @@ -183,11 +183,13 @@ The integer is stored, base-256, one digit per octet, in big-endian order, using as few octets as possible. The value 0 has length zero. .TP .B "struct" -A sequence of subkeys is stored. Each subkey consists of a single -octet giving the length of the subkey's label; the label itself in -ASCII, zero-octet padding to make the subkey start at a multiple of four -octets, and then the encoding of the subkey. There is no terminator: -the outer length field indicates when to stop reading subkeys. +A sequence of subkeys is stored; the sequence is sorted by +lexicographical order of the subkeys' labels. Each subkey consists of a +single octet giving the length of the subkey's label; the label itself +in ASCII, zero-octet padding to make the subkey start at a multiple of +four octets, and then the encoding of the subkey. There is no +terminator: the outer length field indicates when to stop reading +subkeys. .TP .B "string" The string is stored as-is, with no terminator. @@ -206,5 +208,13 @@ the two coordinates. .B "encrypt" The key data is encoded as binary and encrypted as described above. The resulting ciphertext is stored as is. +.SS "Fingerprints" +The fingerprint is computed by hashing the binary representation of (the +selected parts of) a key's data followed by the key type preceded by a +single length octet, and the key's attributes, in lexicographic order of +the attribute name. Each attribute consists of the attribute's name +preceded by a single length octet, followed by the value preceded by a +two-octet length. The lengths do not include themselves; neither string +has a terminator character; there is no padding. .SH AUTHOR Mark Wooding, diff --git a/keysz.c b/keysz.c index 7a2a794..e8da691 100644 --- a/keysz.c +++ b/keysz.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: keysz.c,v 1.1 2000/06/17 11:27:52 mdw Exp $ + * $Id: keysz.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * General block cipher utilities * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: keysz.c,v $ - * Revision 1.1 2000/06/17 11:27:52 mdw - * Key size table interpretation. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/keyutil.c b/keyutil.c index 2df4368..0251b43 100644 --- a/keyutil.c +++ b/keyutil.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: keyutil.c,v 1.23 2004/04/08 01:02:49 mdw Exp $ + * $Id: keyutil.c,v 1.24 2004/04/08 01:36:15 mdw Exp $ * * Simple key manager program * @@ -27,90 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: keyutil.c,v $ - * Revision 1.23 2004/04/08 01:02:49 mdw - * key-binary.c - * - * Revision 1.22 2004/04/03 15:45:06 mdw - * Oops. Fix formatting. :-S - * - * Revision 1.21 2004/04/03 15:15:19 mdw - * Fix stupid error in previous rashly-committed version. - * - * Revision 1.20 2004/04/03 15:14:28 mdw - * Handle points at infinity properly in listings. - * - * Revision 1.19 2004/04/03 03:31:01 mdw - * Allow explicit group parameters for DH groups. - * - * Revision 1.18 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.17 2004/03/28 01:58:47 mdw - * Generate, store and retreive elliptic curve keys. - * - * Revision 1.16 2003/10/15 09:31:45 mdw - * Fix help message. - * - * Revision 1.15 2003/05/15 23:23:24 mdw - * Fix behaviour with bogus trailing attributes. - * - * Revision 1.14 2001/02/23 09:03:27 mdw - * Simplify usage message by removing nonexistant options. - * - * Revision 1.13 2001/02/21 20:04:27 mdw - * Provide help on individual commands (some need it desparately). Allow - * atomic retagging of keys. - * - * Revision 1.12 2001/02/03 11:58:22 mdw - * Store the correct seed information and count for DSA keys now that it's - * available. - * - * Revision 1.11 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.10 2000/10/08 12:02:21 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.9 2000/08/15 21:40:49 mdw - * Minor formatting change in listing attributes. - * - * Revision 1.8 2000/07/29 09:59:13 mdw - * Support Lim-Lee primes in Diffie-Hellman parameter generation. - * - * Revision 1.7 2000/07/01 11:18:51 mdw - * Use new interfaces for key manipulation. - * - * Revision 1.6 2000/06/17 11:28:22 mdw - * Use secure memory interface from MP library. `rand_getgood' is - * deprecated. - * - * Revision 1.5 2000/02/12 18:21:03 mdw - * Overhaul of key management (again). - * - * Revision 1.4 1999/12/22 15:48:10 mdw - * Track new key-management changes. Support new key generation - * algorithms. - * - * Revision 1.3 1999/11/02 15:23:24 mdw - * Fix newlines in keyring list. - * - * Revision 1.2 1999/10/15 21:05:28 mdw - * In `key list', show timezone for local times, and support `-u' option - * for UTC output. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" diff --git a/lcrand.c b/lcrand.c index f53a3f2..15e94a8 100644 --- a/lcrand.c +++ b/lcrand.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: lcrand.c,v 1.4 2000/12/06 20:31:06 mdw Exp $ + * $Id: lcrand.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Simple linear congruential generator * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: lcrand.c,v $ - * Revision 1.4 2000/12/06 20:31:06 mdw - * Simplify uniform range transformation. - * - * Revision 1.3 2000/06/17 11:29:03 mdw - * Add the flags word to the generic generator. - * - * Revision 1.2 1999/12/13 15:34:01 mdw - * Add support for seeding from a generic pseudorandom source. - * - * Revision 1.1 1999/12/10 23:15:27 mdw - * Noncryptographic random number generator. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/lcrand.h b/lcrand.h index a8128dd..20e254f 100644 --- a/lcrand.h +++ b/lcrand.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: lcrand.h,v 1.2 2000/06/17 11:28:51 mdw Exp $ + * $Id: lcrand.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Simple linear congruential generator * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: lcrand.h,v $ - * Revision 1.2 2000/06/17 11:28:51 mdw - * Amend the notes slightly. - * - * Revision 1.1 1999/12/10 23:15:27 mdw - * Noncryptographic random number generator. - * - */ - /*----- Notes on the linear congruential generator ------------------------* * * This pseudorandom number generator is simple, but has absolutely no diff --git a/limlee.c b/limlee.c index 3f8435b..5708156 100644 --- a/limlee.c +++ b/limlee.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: limlee.c,v 1.8 2001/02/03 11:59:07 mdw Exp $ + * $Id: limlee.c,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Generate Lim-Lee primes * @@ -27,38 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: limlee.c,v $ - * Revision 1.8 2001/02/03 11:59:07 mdw - * Don't use the @pgen@ random number generator for generating primes: it's - * only for testing them. Use a caller-supplied one instead. - * - * Revision 1.7 2001/01/25 21:40:44 mdw - * Remove dead code now that the new stepper structure is trustworthy. - * - * Revision 1.6 2001/01/25 21:16:20 mdw - * Boring cosmetic stuff. - * - * Revision 1.5 2000/08/18 19:16:51 mdw - * New stepper interface for constructing Lim-Lee primes. - * - * Revision 1.4 2000/08/15 21:45:05 mdw - * Use the new trial division equipment in pfilt. This gives a 10% - * performance improvement in dsa-gen.t. - * - * Revision 1.3 2000/07/29 09:58:32 mdw - * (limlee): Bug fix. Old versions didn't set the filter step if @ql@ was - * an exact divisor of @pl@. - * - * Revision 1.2 2000/07/26 18:00:00 mdw - * No footer line! - * - * Revision 1.1 2000/07/09 21:30:58 mdw - * Lim-Lee prime generation. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -413,7 +381,7 @@ mp *limlee(const char *name, mp *d, mp *newp, d = pgen(name, d, 0, oev, oec, on, limlee_step, &l, rabin_iters(pl), pgen_test, &rr); - if (f) { + if (d && f) { mp **v; size_t i; v = xmalloc(l.nf * sizeof(mp *)); diff --git a/limlee.h b/limlee.h index 0131cb0..9c7b357 100644 --- a/limlee.h +++ b/limlee.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: limlee.h,v 1.4 2001/02/03 11:59:07 mdw Exp $ + * $Id: limlee.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Generate Lim-Lee primes * @@ -27,25 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: limlee.h,v $ - * Revision 1.4 2001/02/03 11:59:07 mdw - * Don't use the @pgen@ random number generator for generating primes: it's - * only for testing them. Use a caller-supplied one instead. - * - * Revision 1.3 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.2 2000/08/18 19:16:51 mdw - * New stepper interface for constructing Lim-Lee primes. - * - * Revision 1.1 2000/07/09 21:30:58 mdw - * Lim-Lee prime generation. - * - */ - #ifndef CATACOMB_LIMLEE_H #define CATACOMB_LIMLEE_H diff --git a/lmem.c b/lmem.c index e534d4a..1d4ae87 100644 --- a/lmem.c +++ b/lmem.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: lmem.c,v 1.5 2004/04/02 01:03:49 mdw Exp $ + * $Id: lmem.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Locked memory allocation (Unix-specific) * @@ -27,26 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: lmem.c,v $ - * Revision 1.5 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.4 2002/01/24 22:26:11 mdw - * Fix build failure when @mlock@ not available. - * - * Revision 1.3 2000/07/29 21:58:15 mdw - * (l_destroy): New function for destroying locked memory blocks. - * - * Revision 1.2 2000/06/17 11:29:20 mdw - * Add arena support. - * - * Revision 1.1 1999/12/22 16:02:52 mdw - * Interface to allocating `locked' memory (which isn't paged out). - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" diff --git a/lmem.h b/lmem.h index 3f84c6e..f7cb6ed 100644 --- a/lmem.h +++ b/lmem.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: lmem.h,v 1.4 2000/12/06 20:33:27 mdw Exp $ + * $Id: lmem.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Locked memory allocation * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: lmem.h,v $ - * Revision 1.4 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.3 2000/07/29 21:58:15 mdw - * (l_destroy): New function for destroying locked memory blocks. - * - * Revision 1.2 2000/06/17 11:29:38 mdw - * Add arena support. - * - * Revision 1.1 1999/12/22 16:02:52 mdw - * Interface to allocating `locked' memory (which isn't paged out). - * - */ - #ifndef CATACOMB_LMEM_H #define CATACOMB_LMEM_H diff --git a/manual/catacomb.tex b/manual/catacomb.tex index 7cd8423..5aaa73f 100644 --- a/manual/catacomb.tex +++ b/manual/catacomb.tex @@ -1,6 +1,6 @@ %%% -*-latex-*- %%% -%%% $Id: catacomb.tex,v 1.2 1999/12/13 15:35:27 mdw Exp $ +%%% $Id: catacomb.tex,v 1.3 2004/04/08 01:36:15 mdw Exp $ %%% %%% Catacomb manual %%% @@ -26,16 +26,6 @@ %%% Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, %%% MA 02111-1307, USA. -%%%----- Revision history --------------------------------------------------- -%%% -%%% $Log: catacomb.tex,v $ -%%% Revision 1.2 1999/12/13 15:35:27 mdw -%%% More changes. Still embryonic. -%%% -%%% Revision 1.1 1999/12/10 23:27:11 mdw -%%% Embryonic library reference manual. -%%% - \documentclass[numbering]{strayman} \usepackage[T1]{fontenc} \usepackage[palatino, helvetica, courier, maths=cmr]{mdwfonts} diff --git a/mars-mktab.c b/mars-mktab.c index 12bbfc5..ad1a3ef 100644 --- a/mars-mktab.c +++ b/mars-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mars-mktab.c,v 1.1 2001/04/29 18:11:19 mdw Exp $ + * $Id: mars-mktab.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generate the MARS S-box table * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mars-mktab.c,v $ - * Revision 1.1 2001/04/29 18:11:19 mdw - * New block cipher MARS. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mars.c b/mars.c index b427dcd..2c0fcd0 100644 --- a/mars.c +++ b/mars.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mars.c,v 1.1 2001/04/29 18:11:19 mdw Exp $ + * $Id: mars.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The MARS block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mars.c,v $ - * Revision 1.1 2001/04/29 18:11:19 mdw - * New block cipher MARS. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mars.h b/mars.h index 91d79e1..e124472 100644 --- a/mars.h +++ b/mars.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mars.h,v 1.1 2001/04/29 18:11:19 mdw Exp $ + * $Id: mars.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The MARS block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mars.h,v $ - * Revision 1.1 2001/04/29 18:11:19 mdw - * New block cipher MARS. - * - */ - /*----- Notes on the MARS block cipher ------------------------------------* * * MARS was IBM's submission to the AES contest. It was designed by a number diff --git a/maurer.c b/maurer.c index e474175..e657969 100644 --- a/maurer.c +++ b/maurer.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: maurer.c,v 1.3 2000/08/16 17:56:59 mdw Exp $ + * $Id: maurer.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Maurer's universal statistical test * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: maurer.c,v $ - * Revision 1.3 2000/08/16 17:56:59 mdw - * (more): Remove spurious function. - * - * Revision 1.2 2000/08/11 21:34:59 mdw - * New restartable interface to Maurer testing. - * - * Revision 1.1 2000/06/17 11:29:49 mdw - * Maurer's universal statistical test. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/maurer.h b/maurer.h index 904e4a2..6dbaa67 100644 --- a/maurer.h +++ b/maurer.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: maurer.h,v 1.2 2000/08/11 21:34:59 mdw Exp $ + * $Id: maurer.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Maurer's universal statistical test * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: maurer.h,v $ - * Revision 1.2 2000/08/11 21:34:59 mdw - * New restartable interface to Maurer testing. - * - * Revision 1.1 2000/06/17 11:29:49 mdw - * Maurer's universal statistical test. - * - */ - #ifndef CATACOMB_MAURER_H #define CATACOMB_MAURER_H diff --git a/md2-tab.h b/md2-tab.h index 5bdc4a9..7cf0d95 100644 --- a/md2-tab.h +++ b/md2-tab.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: md2-tab.h,v 1.1 2001/02/21 20:03:22 mdw Exp $ + * $Id: md2-tab.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Tables for MD2 * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: md2-tab.h,v $ - * Revision 1.1 2001/02/21 20:03:22 mdw - * Added support for MD2 hash function. - * - */ - #ifndef CATACOMB_MD2_TAB_H #define CATACOMB_MD2_TAB_H diff --git a/md2.c b/md2.c index d374d87..08e033f 100644 --- a/md2.c +++ b/md2.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: md2.c,v 1.2 2004/04/02 01:03:49 mdw Exp $ + * $Id: md2.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The MD2 message digest function * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: md2.c,v $ - * Revision 1.2 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.1 2001/02/21 20:03:22 mdw - * Added support for MD2 hash function. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/md2.h b/md2.h index 02c4a75..135c95a 100644 --- a/md2.h +++ b/md2.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: md2.h,v 1.1 2001/02/21 20:03:22 mdw Exp $ + * $Id: md2.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The MD2 message digest function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: md2.h,v $ - * Revision 1.1 2001/02/21 20:03:22 mdw - * Added support for MD2 hash function. - * - */ - /*----- Notes on the MD2 hash function ------------------------------------* * * MD2 was designed by Ron Rivest. It's not recommended for new applications diff --git a/md4.c b/md4.c index fe0c788..5c16203 100644 --- a/md4.c +++ b/md4.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: md4.c,v 1.3 2000/06/17 11:31:43 mdw Exp $ + * $Id: md4.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The MD4 message digest function * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: md4.c,v $ - * Revision 1.3 2000/06/17 11:31:43 mdw - * Portability fix for broken compilers. - * - * Revision 1.2 1999/12/10 23:20:03 mdw - * New hash interface requirements. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/md4.h b/md4.h index 32202ae..411bb59 100644 --- a/md4.h +++ b/md4.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: md4.h,v 1.4 2000/10/15 19:09:20 mdw Exp $ + * $Id: md4.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * The MD4 message digest function * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: md4.h,v $ - * Revision 1.4 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.3 2000/06/17 11:32:52 mdw - * Change buffer offset to be unsigned. - * - * Revision 1.2 1999/12/10 23:20:03 mdw - * New hash interface requirements. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on the MD4 hash function ------------------------------------* * * MD4 was designed by Ron Rivest. It's now well and truly broken: not only diff --git a/md5.c b/md5.c index fa078e9..b3eb3c6 100644 --- a/md5.c +++ b/md5.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: md5.c,v 1.3 2000/06/17 11:31:43 mdw Exp $ + * $Id: md5.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The MD5 message digest function * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: md5.c,v $ - * Revision 1.3 2000/06/17 11:31:43 mdw - * Portability fix for broken compilers. - * - * Revision 1.2 1999/12/10 23:20:03 mdw - * New hash interface requirements. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/md5.h b/md5.h index 5dc6c3b..e09dfa3 100644 --- a/md5.h +++ b/md5.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: md5.h,v 1.4 2000/10/15 19:09:20 mdw Exp $ + * $Id: md5.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * The MD5 message digest function * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: md5.h,v $ - * Revision 1.4 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.3 2000/06/17 11:32:52 mdw - * Change buffer offset to be unsigned. - * - * Revision 1.2 1999/12/10 23:20:03 mdw - * New hash interface requirements. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on the MD5 hash function ------------------------------------* * * MD5 was designed by Ron Rivest. It was intended to be a more conservative diff --git a/mgf-def.h b/mgf-def.h index 9565093..6d7048e 100644 --- a/mgf-def.h +++ b/mgf-def.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mgf-def.h,v 1.1 2000/06/17 11:33:11 mdw Exp $ + * $Id: mgf-def.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Definitions for the MGF-1 mask generator * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mgf-def.h,v $ - * Revision 1.1 2000/06/17 11:33:11 mdw - * MGF-1 support, as defined in PKCS#1. - * - */ - #ifndef CATACOMB_MGF_DEF_H #define CATACOMB_MGF_DEF_H diff --git a/mgf.h b/mgf.h index 14d2c82..617ede1 100644 --- a/mgf.h +++ b/mgf.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mgf.h,v 1.1 2000/06/17 11:33:11 mdw Exp $ + * $Id: mgf.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The MGF mask generation function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mgf.h,v $ - * Revision 1.1 2000/06/17 11:33:11 mdw - * MGF-1 support, as defined in PKCS#1. - * - */ - /*----- Notes on the MGF-1 mask generating function -----------------------* * * The idea of a mask-generating function is that given an input of arbitrary diff --git a/mkphrase.c b/mkphrase.c index cf325bb..3954418 100644 --- a/mkphrase.c +++ b/mkphrase.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mkphrase.c,v 1.3 2003/01/24 20:16:04 mdw Exp $ + * $Id: mkphrase.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Generate passphrases from word lists * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mkphrase.c,v $ - * Revision 1.3 2003/01/24 20:16:04 mdw - * Fix stupidity in reading wordlists from stdin. (Thanks to James - * Harvey.) - * - * Revision 1.2 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.1 2000/08/06 10:50:55 mdw - * (mkphrase): New program for generating random passphrases with measured - * strength. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" diff --git a/mp-arith.c b/mp-arith.c index 53584e7..736be2f 100644 --- a/mp-arith.c +++ b/mp-arith.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-arith.c,v 1.17 2003/10/12 15:03:35 mdw Exp $ + * $Id: mp-arith.c,v 1.18 2004/04/08 01:36:15 mdw Exp $ * * Basic arithmetic on multiprecision integers * @@ -27,69 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-arith.c,v $ - * Revision 1.17 2003/10/12 15:03:35 mdw - * Merge fix from other branch. - * - * Revision 1.16.2.1 2003/06/10 13:21:10 mdw - * Fix bug dividing small things by large ones. - * - * Revision 1.16 2003/05/16 09:09:24 mdw - * Fix @mp_lsl2c@. Turns out to be surprisingly tricky. - * - * Revision 1.15 2002/10/19 17:56:50 mdw - * Fix bit operations. Test them (a bit) better. - * - * Revision 1.14 2002/10/15 19:18:31 mdw - * New operation to negate numbers. - * - * Revision 1.13 2002/10/15 00:19:40 mdw - * Bit setting and clearing functions. - * - * Revision 1.12 2002/10/09 00:36:03 mdw - * Fix bounds on workspace for Karatsuba operations. - * - * Revision 1.11 2002/10/06 22:52:50 mdw - * Pile of changes for supporting two's complement properly. - * - * Revision 1.10 2001/04/03 19:36:05 mdw - * Add some simple bitwise operations so that Perl can use them. - * - * Revision 1.9 2000/10/08 15:48:35 mdw - * Rename Karatsuba constants now that we have @gfx_kmul@ too. - * - * Revision 1.8 2000/10/08 12:02:21 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.7 2000/06/22 19:02:53 mdw - * New function @mp_odd@ to extract powers of two from an integer. This is - * common code from the Rabin-Miller test, RSA key recovery and modular - * square-root extraction. - * - * Revision 1.6 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.5 1999/12/22 15:54:41 mdw - * Adjust Karatsuba parameters. Calculate destination size better. - * - * Revision 1.4 1999/12/13 15:35:16 mdw - * Slightly different rules on memory allocation. - * - * Revision 1.3 1999/12/11 10:57:43 mdw - * Karatsuba squaring algorithm. - * - * Revision 1.2 1999/12/10 23:18:39 mdw - * Change interface for suggested destinations. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mp-const.c b/mp-const.c index f98da7c..3416e7a 100644 --- a/mp-const.c +++ b/mp-const.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-const.c,v 1.2 2000/06/17 11:45:09 mdw Exp $ + * $Id: mp-const.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Useful multiprecision constants * @@ -27,19 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-const.c,v $ - * Revision 1.2 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mp-gcd.c b/mp-gcd.c index 6135e54..5e663a1 100644 --- a/mp-gcd.c +++ b/mp-gcd.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-gcd.c,v 1.6 2004/03/21 22:52:06 mdw Exp $ + * $Id: mp-gcd.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Extended GCD calculation * @@ -27,33 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-gcd.c,v $ - * Revision 1.6 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.5.4.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - * Revision 1.5 2000/10/08 12:02:41 mdw - * Use Euclid's algorithm rather than the binary one. - * - * Revision 1.4 2000/06/17 11:34:46 mdw - * More hacking for the signs of the outputs. - * - * Revision 1.3 1999/12/10 23:18:39 mdw - * Change interface for suggested destinations. - * - * Revision 1.2 1999/11/22 20:49:56 mdw - * Fix bug which failed to favour `x' when `y' wasn't wanted and the two - * arguments needed swapping. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" @@ -256,6 +229,27 @@ void mp_gcd(mp **gcd, mp **xx, mp **yy, mp *a, mp *b) MP_DROP(a); MP_DROP(b); } +/* -- @mp_modinv@ --- * + * + * Arguments: @mp *d@ = destination + * @mp *x@ = argument + * @mp *p@ = modulus + * + * Returns: The inverse %$x^{-1} \bmod p$%. + * + * Use: Computes a modular inverse. An assertion fails if %$p$% + * has no inverse. + */ + +mp *mp_modinv(mp *d, mp *x, mp *p) +{ + mp *g = MP_NEW; + mp_gcd(&g, 0, &d, p, x); + assert(MP_EQ(g, MP_ONE)); + mp_drop(g); + return (d); +} + /*----- Test rig ----------------------------------------------------------*/ #ifdef TEST_RIG diff --git a/mp-io.c b/mp-io.c index 0a102e9..4ef8ee0 100644 --- a/mp-io.c +++ b/mp-io.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-io.c,v 1.6 2002/10/20 01:12:31 mdw Exp $ + * $Id: mp-io.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Loading and storing of multiprecision integers * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-io.c,v $ - * Revision 1.6 2002/10/20 01:12:31 mdw - * Two's complement I/O fixes. - * - * Revision 1.5 2002/10/06 22:52:50 mdw - * Pile of changes for supporting two's complement properly. - * - * Revision 1.4 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.3 1999/11/21 22:13:02 mdw - * Add mp version of MPX_BITS. - * - * Revision 1.2 1999/11/19 13:19:06 mdw - * Set flags on results correctly. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mp-jacobi.c b/mp-jacobi.c index 0e187cf..2562342 100644 --- a/mp-jacobi.c +++ b/mp-jacobi.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-jacobi.c,v 1.4 2000/12/06 20:31:33 mdw Exp $ + * $Id: mp-jacobi.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Compute Jacobi symbol * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-jacobi.c,v $ - * Revision 1.4 2000/12/06 20:31:33 mdw - * Add assertion to prevent crapness. - * - * Revision 1.3 2000/07/20 17:14:34 mdw - * Simplify by using @mp_odd@. - * - * Revision 1.2 1999/12/10 23:19:02 mdw - * Improve error-checking. - * - * Revision 1.1 1999/11/22 20:50:37 mdw - * Add support for computing Jacobi symbols. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mp-mem.c b/mp-mem.c index 78a72ff..4d9ee48 100644 --- a/mp-mem.c +++ b/mp-mem.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-mem.c,v 1.6 2004/04/03 03:30:22 mdw Exp $ + * $Id: mp-mem.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Memory management for multiprecision numbers * @@ -27,32 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-mem.c,v $ - * Revision 1.6 2004/04/03 03:30:22 mdw - * Fix long-standing stupidity in @mp_dest@. - * - * Revision 1.5 2001/06/16 12:57:00 mdw - * Implement some missing functions. - * - * Revision 1.4 2001/02/03 12:00:29 mdw - * Now @mp_drop@ checks its argument is non-NULL before attempting to free - * it. Note that the macro version @MP_DROP@ doesn't do this. - * - * Revision 1.3 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.2 1999/12/10 23:19:02 mdw - * Improve error-checking. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mp-misc.c b/mp-misc.c index 15c582d..e615b3f 100644 --- a/mp-misc.c +++ b/mp-misc.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-misc.c,v 1.3 2000/07/29 17:03:31 mdw Exp $ + * $Id: mp-misc.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Miscellaneous multiprecision support functions * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-misc.c,v $ - * Revision 1.3 2000/07/29 17:03:31 mdw - * Add support for left-to-right bitscanning, for use in modular - * exponentiation. - * - * Revision 1.2 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mp-modsqrt.c b/mp-modsqrt.c index df60aba..f9e4b0f 100644 --- a/mp-modsqrt.c +++ b/mp-modsqrt.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-modsqrt.c,v 1.4 2001/06/16 12:56:38 mdw Exp $ + * $Id: mp-modsqrt.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Compute square roots modulo a prime * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-modsqrt.c,v $ - * Revision 1.4 2001/06/16 12:56:38 mdw - * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@. - * - * Revision 1.3 2001/02/03 12:00:29 mdw - * Now @mp_drop@ checks its argument is non-NULL before attempting to free - * it. Note that the macro version @MP_DROP@ doesn't do this. - * - * Revision 1.2 2000/10/08 12:02:21 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.1 2000/06/22 19:01:31 mdw - * Compute square roots in a prime field. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "fibrand.h" @@ -103,8 +85,7 @@ mp *mp_modsqrt(mp *d, mp *a, mp *p) /* --- Find the inverse of %$a$% --- */ - ainv = MP_NEW; - mp_gcd(0, &ainv, 0, a, p); + ainv = mp_modinv(MP_NEW, a, p); /* --- Split %$p - 1$% into a power of two and an odd number --- */ diff --git a/mp-sqrt.c b/mp-sqrt.c index 83880f9..01fe000 100644 --- a/mp-sqrt.c +++ b/mp-sqrt.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-sqrt.c,v 1.4 2004/03/27 17:54:11 mdw Exp $ + * $Id: mp-sqrt.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Compute integer square roots * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-sqrt.c,v $ - * Revision 1.4 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - * Revision 1.3 2001/02/03 12:00:29 mdw - * Now @mp_drop@ checks its argument is non-NULL before attempting to free - * it. Note that the macro version @MP_DROP@ doesn't do this. - * - * Revision 1.2 2000/10/08 12:02:21 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.1 2000/06/22 19:01:44 mdw - * Compute (approximations to) integer square roots. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mp-test.c b/mp-test.c index 018b537..0e9bc33 100644 --- a/mp-test.c +++ b/mp-test.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp-test.c,v 1.1 1999/11/17 18:02:16 mdw Exp $ + * $Id: mp-test.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Testing functionality for multiprecision integers * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp-test.c,v $ - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mp.h b/mp.h index bfed14a..8319173 100644 --- a/mp.h +++ b/mp.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mp.h,v 1.18 2004/04/03 03:32:05 mdw Exp $ + * $Id: mp.h,v 1.19 2004/04/08 01:36:15 mdw Exp $ * * Simple multiprecision arithmetic * @@ -27,67 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mp.h,v $ - * Revision 1.18 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.17 2003/05/16 09:09:24 mdw - * Fix @mp_lsl2c@. Turns out to be surprisingly tricky. - * - * Revision 1.16 2002/10/15 22:57:22 mdw - * Handy new comparison macros. - * - * Revision 1.15 2002/10/15 19:18:31 mdw - * New operation to negate numbers. - * - * Revision 1.14 2002/10/15 00:19:40 mdw - * Bit setting and clearing functions. - * - * Revision 1.13 2002/10/06 22:52:50 mdw - * Pile of changes for supporting two's complement properly. - * - * Revision 1.12 2001/06/16 12:57:43 mdw - * Move the @mpmont_factor@ structure and rename it now that it's used for - * Barrett simultaneous exponentiation too. - * - * Revision 1.11 2001/04/03 19:36:05 mdw - * Add some simple bitwise operations so that Perl can use them. - * - * Revision 1.10 2000/10/08 12:03:16 mdw - * Provide @mp_eq@ and @MP_EQ@ for rapidly testing equality of two - * integers. - * - * Revision 1.9 2000/07/29 17:03:31 mdw - * Add support for left-to-right bitscanning, for use in modular - * exponentiation. - * - * Revision 1.8 2000/06/22 19:02:01 mdw - * Add new functions. - * - * Revision 1.7 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.6 1999/12/10 23:19:46 mdw - * Minor bugfixes. New interface for suggested destinations. - * - * Revision 1.5 1999/11/22 20:50:37 mdw - * Add support for computing Jacobi symbols. - * - * Revision 1.4 1999/11/21 22:13:02 mdw - * Add mp version of MPX_BITS. - * - * Revision 1.3 1999/11/19 13:19:14 mdw - * Fix const annotation. - * - * Revision 1.2 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - #ifndef CATACOMB_MP_H #define CATACOMB_MP_H @@ -975,6 +914,20 @@ extern mp *mp_sqrt(mp */*d*/, mp */*a*/); extern void mp_gcd(mp **/*gcd*/, mp **/*xx*/, mp **/*yy*/, mp */*a*/, mp */*b*/); +/* -- @mp_modinv@ --- * + * + * Arguments: @mp *d@ = destination + * @mp *x@ = argument + * @mp *p@ = modulus + * + * Returns: The inverse %$x^{-1} \bmod p$%. + * + * Use: Computes a modular inverse. An assertion fails if %$p$% + * has no inverse. + */ + +extern mp *mp_modinv(mp */*d*/, mp */*x*/, mp */*p*/); + /* --- @mp_jacobi@ --- * * * Arguments: @mp *a@ = an integer less than @n@ diff --git a/mparena.c b/mparena.c index b9b1f84..49315f5 100644 --- a/mparena.c +++ b/mparena.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mparena.c,v 1.6 2004/04/03 03:32:05 mdw Exp $ + * $Id: mparena.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Allocation and freeing of MP buffers * @@ -27,29 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mparena.c,v $ - * Revision 1.6 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.5 2000/06/17 11:35:48 mdw - * Overhaul to use mLib's arena system underneath. - * - * Revision 1.4 1999/12/10 23:28:52 mdw - * Memory allocation counting. - * - * Revision 1.3 1999/11/22 13:58:00 mdw - * Document the tweakables. - * - * Revision 1.2 1999/11/21 22:14:19 mdw - * Fix bug. Improve diagnostic capabilities. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mparena.h b/mparena.h index 92bf4b6..08722b3 100644 --- a/mparena.h +++ b/mparena.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mparena.h,v 1.3 2000/06/17 11:35:48 mdw Exp $ + * $Id: mparena.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Allocation and freeing of MP buffers * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mparena.h,v $ - * Revision 1.3 2000/06/17 11:35:48 mdw - * Overhaul to use mLib's arena system underneath. - * - * Revision 1.2 1999/12/10 23:28:59 mdw - * Memory allocation counting. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - #ifndef CATACOMB_MPARENA_H #define CATACOMB_MPARENA_H diff --git a/mpbarrett-exp.c b/mpbarrett-exp.c index 87d8af2..56e7c76 100644 --- a/mpbarrett-exp.c +++ b/mpbarrett-exp.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpbarrett-exp.c,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: mpbarrett-exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Modular exponentiation using Barrett reduction * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpbarrett-exp.c,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" @@ -64,12 +52,8 @@ mp *mpbarrett_exp(mpbarrett *mb, mp *d, mp *a, mp *e) MP_COPY(a); MP_SHRINK(e); - if (e->f & MP_NEG) { - mp *g = MP_NEW; - mp_gcd(&g, 0, &a, mb->m, a); - assert(MP_EQ(g, MP_ONE)); - mp_drop(g); - } + if (e->f & MP_NEG) + a = mp_modinv(a, a, mb->m); if (!MP_LEN(e)) ; else if (MP_LEN(e) < EXP_THRESH) diff --git a/mpbarrett-exp.h b/mpbarrett-exp.h index dd02637..46ffa12 100644 --- a/mpbarrett-exp.h +++ b/mpbarrett-exp.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpbarrett-exp.h,v 1.2 2004/03/21 22:52:06 mdw Exp $ + * $Id: mpbarrett-exp.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Exponentiation operations for Barrett reduction * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpbarrett-exp.h,v $ - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.4.1 2004/03/20 00:20:05 mdw - * Projective coordinates for prime curves - * - * Revision 1.1 2001/06/16 12:58:12 mdw - * Parameters for generic exponentiation. - * - */ - #ifndef CATACOMB_MPBARRETT_EXP_H #define CATACOMB_MPBARRETT_EXP_H diff --git a/mpbarrett-mexp.c b/mpbarrett-mexp.c index 68917aa..4be854d 100644 --- a/mpbarrett-mexp.c +++ b/mpbarrett-mexp.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpbarrett-mexp.c,v 1.2 2004/04/01 12:50:09 mdw Exp $ + * $Id: mpbarrett-mexp.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Multiple simultaneous exponentiations * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpbarrett-mexp.c,v $ - * Revision 1.2 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.1 2001/06/16 12:58:34 mdw - * Added simultaneous exponentiation with Barrett reduction. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" @@ -80,11 +65,8 @@ mp *mpbarrett_mexp(mpbarrett *mb, mp *d, const mp_expfactor *f, size_t n) spare = MP_NEWSEC; if (!(f[i].exp->f & MP_NEG)) ff[i].base = MP_COPY(f[i].base); - else { - ff[i].base = MP_NEW; - mp_gcd(&g, 0, &ff[i].base, mb->m, f[i].base); - assert(MP_EQ(g, MP_ONE)); - } + else + ff[i].base = mp_modinv(MP_NEW, f[i].base, mb->m); ff[i].exp = f[i].exp; } mp_drop(g); diff --git a/mpbarrett.c b/mpbarrett.c index 934097d..ffd2649 100644 --- a/mpbarrett.c +++ b/mpbarrett.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpbarrett.c,v 1.9 2004/04/01 12:50:09 mdw Exp $ + * $Id: mpbarrett.c,v 1.10 2004/04/08 01:36:15 mdw Exp $ * * Barrett modular reduction * @@ -27,46 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpbarrett.c,v $ - * Revision 1.9 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.8 2001/06/16 13:00:20 mdw - * Use the generic exponentiation functions. - * - * Revision 1.7 2001/04/19 18:25:26 mdw - * Use sliding-window exponentiation. - * - * Revision 1.6 2000/10/08 12:03:44 mdw - * (mpbarrett_reduce): Cope with negative numbers. - * - * Revision 1.5 2000/07/29 17:04:33 mdw - * Change to use left-to-right bitwise exponentiation. This will improve - * performance when the base is small. - * - * Revision 1.4 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.3 1999/12/12 15:08:52 mdw - * Don't bother shifting %$q$% in @mpbarrett_reduce@, just skip the least - * significant digits. - * - * Revision 1.2 1999/12/11 01:50:56 mdw - * Improve initialization slightly. - * - * Revision 1.1 1999/12/10 23:21:59 mdw - * Barrett reduction support: works with even moduli. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mpbarrett.h b/mpbarrett.h index 3168205..85c4a14 100644 --- a/mpbarrett.h +++ b/mpbarrett.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpbarrett.h,v 1.4 2004/04/01 12:50:09 mdw Exp $ + * $Id: mpbarrett.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Barrett modular reduction * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpbarrett.h,v $ - * Revision 1.4 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.3 2001/06/16 12:58:47 mdw - * Added simultaneous exponentiation with Barrett reduction. - * - * Revision 1.2 2000/10/08 12:03:44 mdw - * (mpbarrett_reduce): Cope with negative numbers. - * - * Revision 1.1 1999/12/10 23:22:00 mdw - * Barrett reduction support: works with even moduli. - * - */ - /*----- Notes on Barrett reduction ----------------------------------------* * * Barrett reduction is a technique for computing modular residues. Unlike diff --git a/mpcrt.c b/mpcrt.c index 17bc6ad..c79b00b 100644 --- a/mpcrt.c +++ b/mpcrt.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpcrt.c,v 1.5 2001/04/29 17:39:33 mdw Exp $ + * $Id: mpcrt.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Chinese Remainder Theorem computations (Gauss's algorithm) * @@ -27,26 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpcrt.c,v $ - * Revision 1.5 2001/04/29 17:39:33 mdw - * Fix memory leak. - * - * Revision 1.4 2001/04/19 18:25:38 mdw - * Use mpmul for the multiplication. - * - * Revision 1.3 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.2 1999/12/10 23:22:32 mdw - * Interface changes for suggested destinations. Use Barrett reduction. - * - * Revision 1.1 1999/11/22 20:50:57 mdw - * Add support for solving Chinese Remainder Theorem problems. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" @@ -113,7 +93,10 @@ void mpcrt_create(mpcrt *c, mpcrt_mod *v, size_t k, mp *n) */ if (!v[0].ni && !v[1].ni) { - mp_gcd(0, &v[0].ni, &v[1].ni, v[0].n, v[1].n); + mp *g = MP_NEW; + mp_gcd(&g, &v[0].ni, &v[1].ni, v[0].n, v[1].n); + assert(MP_EQ(g, MP_ONE)); + mp_drop(g); v[0].ni = mp_add(v[0].ni, v[0].ni, v[1].n); } else { int i, j; @@ -141,7 +124,7 @@ void mpcrt_create(mpcrt *c, mpcrt_mod *v, size_t k, mp *n) if (!v[i].n) mp_div(&v[i].n, 0, n, v[i].m); if (!v[i].ni) - mp_gcd(0, &v[i].ni, 0, v[i].n, v[i].m); + v[i].ni = mp_modinv(MP_NEW, v[i].n, v[i].m); if (!v[i].nni) v[i].nni = mp_mul(MP_NEW, v[i].n, v[i].ni); } diff --git a/mpcrt.h b/mpcrt.h index a5dd71c..d2e43a8 100644 --- a/mpcrt.h +++ b/mpcrt.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpcrt.h,v 1.2 1999/12/10 23:22:32 mdw Exp $ + * $Id: mpcrt.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Chinese Remainder Theorem computations (Gauss's algorithm) * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpcrt.h,v $ - * Revision 1.2 1999/12/10 23:22:32 mdw - * Interface changes for suggested destinations. Use Barrett reduction. - * - * Revision 1.1 1999/11/22 20:50:57 mdw - * Add support for solving Chinese Remainder Theorem problems. - * - */ - #ifndef CATACOMB_MPCRT_H #define CATACOMB_MPCRT_H diff --git a/mpdump.c b/mpdump.c index 5a8030f..3396f0c 100644 --- a/mpdump.c +++ b/mpdump.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpdump.c,v 1.1 2004/03/27 17:54:11 mdw Exp $ + * $Id: mpdump.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Dump a multiprecision integer as C data * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpdump.c,v $ - * Revision 1.1 2004/03/27 17:54:11 mdw - * Standard curves and curve checking. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mpint.c b/mpint.c index 8988ac9..627c1fc 100644 --- a/mpint.c +++ b/mpint.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpint.c,v 1.3 2000/10/08 12:11:22 mdw Exp $ + * $Id: mpint.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Conversion between MPs and standard C integers * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpint.c,v $ - * Revision 1.3 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.2 1999/12/10 23:22:53 mdw - * Support for uint32. - * - * Revision 1.1 1999/11/25 11:38:31 mdw - * Support for conversions between MPs and C integers. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mpint.h" diff --git a/mpint.h b/mpint.h index ed614a8..13df890 100644 --- a/mpint.h +++ b/mpint.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpint.h,v 1.5 2002/01/13 19:23:16 mdw Exp $ + * $Id: mpint.h,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Conversion between MPs and standard C integers * @@ -27,28 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpint.h,v $ - * Revision 1.5 2002/01/13 19:23:16 mdw - * Fix division-by-zero bug translating @MPW_MAX@ to an @mp@. - * - * Revision 1.4 2000/10/08 12:04:01 mdw - * Remove spurious semicolon. - * - * Revision 1.3 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.2 1999/12/10 23:22:53 mdw - * Support for uint32. - * - * Revision 1.1 1999/11/25 11:38:31 mdw - * Support for conversions between MPs and C integers. - * - */ - #ifndef CATACOMB_MPINT_H #define CATACOMB_MPINT_H diff --git a/mpmont-exp.c b/mpmont-exp.c index f67a8ec..c43d02f 100644 --- a/mpmont-exp.c +++ b/mpmont-exp.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpmont-exp.c,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: mpmont-exp.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Modular exponentiation with Montgomery reduction * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpmont-exp.c,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" @@ -65,12 +53,9 @@ mp *mpmont_expr(mpmont *mm, mp *d, mp *a, mp *e) MP_COPY(a); MP_SHRINK(e); if (e->f & MP_NEG) { - mp *g = MP_NEW; a = mpmont_reduce(mm, a, a); - mp_gcd(&g, 0, &a, mm->m, a); - assert(MP_EQ(g, MP_ONE)); + a = mp_modinv(a, a, mm->m); a = mpmont_mul(mm, a, a, mm->r2); - mp_drop(g); } if (MP_LEN(e) == 0) ; diff --git a/mpmont-exp.h b/mpmont-exp.h index 5f2b31d..335bde0 100644 --- a/mpmont-exp.h +++ b/mpmont-exp.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpmont-exp.h,v 1.2 2004/03/21 22:52:06 mdw Exp $ + * $Id: mpmont-exp.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Exponentiation operations for Montgomery reduction * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpmont-exp.h,v $ - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.4.1 2004/03/20 00:13:31 mdw - * Projective coordinates for prime curves - * - * Revision 1.1 2001/06/16 12:58:12 mdw - * Parameters for generic exponentiation. - * - */ - #ifndef CATACOMB_MPMONT_EXP_H #define CATACOMB_MPMONT_EXP_H diff --git a/mpmont-mexp.c b/mpmont-mexp.c index 7589990..884d660 100644 --- a/mpmont-mexp.c +++ b/mpmont-mexp.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpmont-mexp.c,v 1.8 2004/04/01 12:50:09 mdw Exp $ + * $Id: mpmont-mexp.c,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Multiple simultaneous exponentiations * @@ -27,42 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpmont-mexp.c,v $ - * Revision 1.8 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.7 2002/01/13 13:49:14 mdw - * Make @const@-correct. - * - * Revision 1.6 2001/06/16 13:00:20 mdw - * Use the generic exponentiation functions. - * - * Revision 1.5 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.4 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.3 1999/12/10 23:18:39 mdw - * Change interface for suggested destinations. - * - * Revision 1.2 1999/11/21 11:35:10 mdw - * Performance improvement: use @mp_sqr@ and @mpmont_reduce@ instead of - * @mpmont_mul@ for squaring in exponentiation. - * - * Revision 1.1 1999/11/19 13:19:29 mdw - * Simultaneous exponentiation support. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" @@ -93,7 +57,6 @@ static mp *mexpr(mpmont *mm, mp *d, mp_expfactor *f, size_t n) { mp *a = MP_COPY(mm->r); mp *spare = MP_NEW; - mp *g = MP_NEW; size_t i; for (i = 0; i < n; i++) { @@ -102,12 +65,10 @@ static mp *mexpr(mpmont *mm, mp *d, mp_expfactor *f, size_t n) spare = MP_NEWSEC; if (f[i].exp->f & MP_NEG) { t = mpmont_reduce(mm, f[i].base, f[i].base); - mp_gcd(&g, 0, &t, mm->m, t); - assert(MP_EQ(g, MP_ONE)); + t = mp_modinv(t, t, mm->m); f[i].base = mpmont_mul(mm, t, t, mm->r2); } } - mp_drop(g); EXP_SIMUL(a, f, n); mp_drop(d); mp_drop(spare); diff --git a/mpmont.c b/mpmont.c index bfede63..39f51ed 100644 --- a/mpmont.c +++ b/mpmont.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpmont.c,v 1.18 2004/04/03 03:32:05 mdw Exp $ + * $Id: mpmont.c,v 1.19 2004/04/08 01:36:15 mdw Exp $ * * Montgomery reduction * @@ -27,79 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpmont.c,v $ - * Revision 1.18 2004/04/03 03:32:05 mdw - * General robustification. - * - * Revision 1.17 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.16 2002/01/13 13:40:31 mdw - * Avoid trashing arguments before we've used them. - * - * Revision 1.15 2001/06/16 13:00:20 mdw - * Use the generic exponentiation functions. - * - * Revision 1.14 2001/02/22 09:04:26 mdw - * Cosmetic fix. - * - * Revision 1.13 2001/02/03 12:00:29 mdw - * Now @mp_drop@ checks its argument is non-NULL before attempting to free - * it. Note that the macro version @MP_DROP@ doesn't do this. - * - * Revision 1.12 2000/10/08 15:48:35 mdw - * Rename Karatsuba constants now that we have @gfx_kmul@ too. - * - * Revision 1.11 2000/10/08 12:04:27 mdw - * (mpmont_reduce, mpmont_mul): Cope with negative numbers. - * - * Revision 1.10 2000/07/29 17:05:43 mdw - * (mpmont_expr): Use sliding window exponentiation, with a drop-through - * for small exponents to use a simple left-to-right bitwise routine. This - * can reduce modexp times by up to a quarter. - * - * Revision 1.9 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.8 1999/12/22 15:55:00 mdw - * Adjust Karatsuba parameters. - * - * Revision 1.7 1999/12/11 01:51:14 mdw - * Use a Karatsuba-based reduction for large moduli. - * - * Revision 1.6 1999/12/10 23:18:39 mdw - * Change interface for suggested destinations. - * - * Revision 1.5 1999/11/22 13:58:40 mdw - * Add an option to disable Montgomery reduction, so that performance - * comparisons can be done. - * - * Revision 1.4 1999/11/21 12:27:06 mdw - * Remove a division from the Montgomery setup by calculating - * %$R^2 \bmod m$% first and then %$R \bmod m$% by Montgomery reduction of - * %$R^2$%. - * - * Revision 1.3 1999/11/21 11:35:10 mdw - * Performance improvement: use @mp_sqr@ and @mpmont_reduce@ instead of - * @mpmont_mul@ for squaring in exponentiation. - * - * Revision 1.2 1999/11/19 13:17:26 mdw - * Add extra interface to exponentiation which returns a Montgomerized - * result. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" @@ -161,8 +88,7 @@ void mpmont_create(mpmont *mm, mp *m) /* --- Find the magic value @mi@ --- */ mp_build(&r, r2->v + n, r2->vl); - mm->mi = MP_NEW; - mp_gcd(0, 0, &mm->mi, &r, m); + mm->mi = mp_modinv(MP_NEW, m, &r); mm->mi = mp_sub(mm->mi, &r, mm->mi); /* --- Discover the values %$R \bmod m$% and %$R^2 \bmod m$% --- */ diff --git a/mpmont.h b/mpmont.h index 913f6f5..b931162 100644 --- a/mpmont.h +++ b/mpmont.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpmont.h,v 1.7 2004/04/01 12:50:09 mdw Exp $ + * $Id: mpmont.h,v 1.8 2004/04/08 01:36:15 mdw Exp $ * * Montgomery reduction * @@ -27,39 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpmont.h,v $ - * Revision 1.7 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.6 2002/01/13 13:49:25 mdw - * Make @const@-correct. - * - * Revision 1.5 2001/06/16 13:00:04 mdw - * Moved @mpmont_factor@ to . Documented interface change to - * @mpmont_expr@ and @mpmont_mexpr@ -- the arguments are now in Montgomery - * form. - * - * Revision 1.4 1999/12/11 01:51:14 mdw - * Use a Karatsuba-based reduction for large moduli. - * - * Revision 1.3 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.2 1999/11/19 13:17:43 mdw - * Add extra interface to exponentiation which returns a Montgomerized - * result. Add simultaneous exponentiation interface. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - #ifndef CATACOMB_MPMONT_H #define CATACOMB_MPMONT_H diff --git a/mpmul.c b/mpmul.c index 4dd6a68..29f499a 100644 --- a/mpmul.c +++ b/mpmul.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpmul.c,v 1.4 2001/02/03 12:00:29 mdw Exp $ + * $Id: mpmul.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Multiply many small numbers together * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpmul.c,v $ - * Revision 1.4 2001/02/03 12:00:29 mdw - * Now @mp_drop@ checks its argument is non-NULL before attempting to free - * it. Note that the macro version @MP_DROP@ doesn't do this. - * - * Revision 1.3 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.2 2000/07/09 21:31:10 mdw - * Fix bug, and add a test rig. - * - * Revision 1.1 2000/07/01 11:21:39 mdw - * New interface for computing products of many (small) integers. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mpmul.h b/mpmul.h index 76c9559..8b6fd03 100644 --- a/mpmul.h +++ b/mpmul.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpmul.h,v 1.1 2000/07/01 11:21:39 mdw Exp $ + * $Id: mpmul.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Multiply many small numbers together * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpmul.h,v $ - * Revision 1.1 2000/07/01 11:21:39 mdw - * New interface for computing products of many (small) integers. - * - */ - #ifndef CATACOMB_MPMUL_H #define CATACOMB_MPMUL_H diff --git a/mprand.c b/mprand.c index 46e603c..0baae4f 100644 --- a/mprand.c +++ b/mprand.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mprand.c,v 1.4 2001/05/07 17:31:19 mdw Exp $ + * $Id: mprand.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Generate a random multiprecision integer * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mprand.c,v $ - * Revision 1.4 2001/05/07 17:31:19 mdw - * Fix off-by one bug in mprand_range. Probably security critical: the old - * code generated numbers between zero and the highest power of 2 less than - * the given range. - * - * Revision 1.3 2000/06/17 11:45:09 mdw - * Major memory management overhaul. Added arena support. Use the secure - * arena for secret integers. Replace and improve the MP management macros - * (e.g., replace MP_MODIFY by MP_DEST). - * - * Revision 1.2 1999/12/22 15:55:33 mdw - * Modify `mprand' slightly. Add `mprand_range'. - * - * Revision 1.1 1999/12/10 23:23:05 mdw - * Support for generating random large integers. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mprand.h b/mprand.h index ea1bc21..ea5d521 100644 --- a/mprand.h +++ b/mprand.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mprand.h,v 1.2 1999/12/22 15:55:43 mdw Exp $ + * $Id: mprand.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Generate a random multiprecision integer * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mprand.h,v $ - * Revision 1.2 1999/12/22 15:55:43 mdw - * Add `mprand_range'. - * - * Revision 1.1 1999/12/10 23:23:05 mdw - * Support for generating random large integers. - * - */ - #ifndef CATACOMB_MPRAND_H #define CATACOMB_MPRAND_H diff --git a/mpreduce-exp.h b/mpreduce-exp.h index 781cfab..67ec50d 100644 --- a/mpreduce-exp.h +++ b/mpreduce-exp.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpreduce-exp.h,v 1.1 2004/03/27 00:04:46 mdw Exp $ + * $Id: mpreduce-exp.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Exponentiation operations for binary field reduction * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpreduce-exp.h,v $ - * Revision 1.1 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - * Revision 1.2 2004/03/21 22:52:06 mdw - * Merge and close elliptic curve branch. - * - * Revision 1.1.2.1 2004/03/21 22:39:46 mdw - * Elliptic curves on binary fields work. - * - */ - #ifndef CATACOMB_MPREDUCE_EXP_H #define CATACOMB_MPREDUCE_EXP_H diff --git a/mpreduce.c b/mpreduce.c index 857549a..7d31334 100644 --- a/mpreduce.c +++ b/mpreduce.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpreduce.c,v 1.1 2004/03/27 00:04:46 mdw Exp $ + * $Id: mpreduce.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Efficient reduction modulo nice primes * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpreduce.c,v $ - * Revision 1.1 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mpreduce.h b/mpreduce.h index 72f27fa..c885ccb 100644 --- a/mpreduce.h +++ b/mpreduce.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpreduce.h,v 1.1 2004/03/27 00:04:46 mdw Exp $ + * $Id: mpreduce.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Efficient reduction modulo nice primes * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpreduce.h,v $ - * Revision 1.1 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - */ - #ifndef CATACOMB_MPREDUCE_H #define CATACOMB_MPREDUCE_H diff --git a/mpscan.c b/mpscan.c index 0a5b4f0..480f5aa 100644 --- a/mpscan.c +++ b/mpscan.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpscan.c,v 1.3 2000/07/29 17:03:31 mdw Exp $ + * $Id: mpscan.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Sequential bit scan of multiprecision integers * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpscan.c,v $ - * Revision 1.3 2000/07/29 17:03:31 mdw - * Add support for left-to-right bitscanning, for use in modular - * exponentiation. - * - * Revision 1.2 1999/11/13 01:55:10 mdw - * Fixed so that they compile. Minor interface changes. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mpscan.h" diff --git a/mpscan.h b/mpscan.h index 619681d..aaee049 100644 --- a/mpscan.h +++ b/mpscan.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpscan.h,v 1.4 2000/07/29 17:03:31 mdw Exp $ + * $Id: mpscan.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Sequential bit scan of multiprecision integers * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpscan.h,v $ - * Revision 1.4 2000/07/29 17:03:31 mdw - * Add support for left-to-right bitscanning, for use in modular - * exponentiation. - * - * Revision 1.3 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.2 1999/11/13 01:55:10 mdw - * Fixed so that they compile. Minor interface changes. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - #ifndef CATACOMB_MPSCAN_H #define CATACOMB_MPSCAN_H diff --git a/mptext-dstr.c b/mptext-dstr.c index 729c27e..2928eb6 100644 --- a/mptext-dstr.c +++ b/mptext-dstr.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mptext-dstr.c,v 1.3 2000/08/04 23:23:44 mdw Exp $ + * $Id: mptext-dstr.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Reading and writing large integers on strings * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mptext-dstr.c,v $ - * Revision 1.3 2000/08/04 23:23:44 mdw - * Various fixes. - * - * Revision 1.2 1999/12/22 15:56:21 mdw - * Make the buffer passed to `put' op constant. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mptext-file.c b/mptext-file.c index 6e7aa35..fbb1ef2 100644 --- a/mptext-file.c +++ b/mptext-file.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mptext-file.c,v 1.2 1999/12/22 15:56:21 mdw Exp $ + * $Id: mptext-file.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Reading and writing large integers on files * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mptext-file.c,v $ - * Revision 1.2 1999/12/22 15:56:21 mdw - * Make the buffer passed to `put' op constant. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mptext-len.c b/mptext-len.c index e9aee49..5baa389 100644 --- a/mptext-len.c +++ b/mptext-len.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mptext-len.c,v 1.1 2002/10/15 22:58:29 mdw Exp $ + * $Id: mptext-len.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Work out length of a number's string representation * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mptext-len.c,v $ - * Revision 1.1 2002/10/15 22:58:29 mdw - * Fast estimation of number representation lengths. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/mptext-string.c b/mptext-string.c index bdd6230..ac6e94a 100644 --- a/mptext-string.c +++ b/mptext-string.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mptext-string.c,v 1.4 2004/04/01 12:50:09 mdw Exp $ + * $Id: mptext-string.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Reading and writing large integers on strings * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mptext-string.c,v $ - * Revision 1.4 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.3 2000/08/04 23:23:44 mdw - * Various fixes. - * - * Revision 1.2 1999/12/22 15:56:21 mdw - * Make the buffer passed to `put' op constant. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mptext.c b/mptext.c index 3eb58cf..8130679 100644 --- a/mptext.c +++ b/mptext.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mptext.c,v 1.17 2002/10/19 11:59:04 mdw Exp $ + * $Id: mptext.c,v 1.18 2004/04/08 01:36:15 mdw Exp $ * * Textual representation of multiprecision numbers * @@ -27,66 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mptext.c,v $ - * Revision 1.17 2002/10/19 11:59:04 mdw - * Fix leftovers bug in reading. - * - * Revision 1.16 2002/10/15 22:57:43 mdw - * Bug fix: prevent negative zero. - * - * Revision 1.15 2002/10/15 19:18:15 mdw - * Fix fencepost bugs in binary radix writing. - * - * Revision 1.14 2002/10/09 00:33:44 mdw - * Allow `0o' and `0b' prefixes for octal and binary (from Haskell) - * - * Revision 1.13 2002/10/09 00:21:06 mdw - * Allow user-specified `r_xx' bases to be up to 62. - * - * Revision 1.12 2002/01/13 19:51:18 mdw - * Extend the textual format to bases up to 62 by distinguishing case. - * - * Revision 1.11 2001/06/16 23:42:17 mdw - * Typesetting fixes. - * - * Revision 1.10 2001/06/16 13:22:39 mdw - * Added fast-track code for binary output bases, and tests. - * - * Revision 1.9 2001/02/03 16:05:17 mdw - * Make flags be unsigned. Improve the write algorithm: recurse until the - * parts are one word long and use single-precision arithmetic from there. - * Fix off-by-one bug when breaking the number apart. - * - * Revision 1.8 2000/12/06 20:32:42 mdw - * Reduce binary bytes (to allow marker bits to be ignored). Fix error - * message string a bit. Allow leading `+' signs. - * - * Revision 1.7 2000/07/15 10:01:08 mdw - * Bug fix in binary input. - * - * Revision 1.6 2000/06/25 12:58:23 mdw - * Fix the derivation of `depth' commentary. - * - * Revision 1.5 2000/06/17 11:46:19 mdw - * New and much faster stack-based algorithm for reading integers. Support - * reading and writing binary integers in bases between 2 and 256. - * - * Revision 1.4 1999/12/22 15:56:56 mdw - * Use clever recursive algorithm for writing numbers out. - * - * Revision 1.3 1999/12/10 23:23:26 mdw - * Allocate slightly less memory. - * - * Revision 1.2 1999/11/20 22:24:15 mdw - * Use function versions of MPX_UMULN and MPX_UADDN. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mptext.h b/mptext.h index 57c4dc2..ddd6328 100644 --- a/mptext.h +++ b/mptext.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mptext.h,v 1.6 2002/10/15 22:58:29 mdw Exp $ + * $Id: mptext.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Textual representation of multiprecision numbers * @@ -27,30 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mptext.h,v $ - * Revision 1.6 2002/10/15 22:58:29 mdw - * Fast estimation of number representation lengths. - * - * Revision 1.5 2000/10/08 12:04:58 mdw - * (MP_DOFPRINTFR): cope with null pointers. - * - * Revision 1.4 2000/06/17 11:46:58 mdw - * Convenience macros for producing debugging output containing MP - * integers. - * - * Revision 1.3 1999/12/22 15:56:30 mdw - * Make the buffer passed to `put' op constant. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/11/17 18:02:16 mdw - * New multiprecision integer arithmetic suite. - * - */ - #ifndef CATACOMB_MPTEXT_H #define CATACOMB_MPTEXT_H diff --git a/mptypes.c b/mptypes.c index f10ed7e..3502ba3 100644 --- a/mptypes.c +++ b/mptypes.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mptypes.c,v 1.4 2000/10/08 12:05:24 mdw Exp $ + * $Id: mptypes.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Generate `mptypes.h' header file for current architecture * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mptypes.c,v $ - * Revision 1.4 2000/10/08 12:05:24 mdw - * Make later versions of GCC shut up about @long long@. - * - * Revision 1.3 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.2 1999/11/13 01:54:32 mdw - * Format source code properly ;-). Attach suffixes to the `max' - * constants. - * - */ - /*----- Header files ------------------------------------------------------*/ #define _GNU_SOURCE diff --git a/mpw.h b/mpw.h index 3a9763c..b5269dc 100644 --- a/mpw.h +++ b/mpw.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpw.h,v 1.2 1999/12/10 23:29:48 mdw Exp $ + * $Id: mpw.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Very low-level multiprecision definitions * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpw.h,v $ - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/11/13 01:52:34 mdw - * Very low-level definitions for MP types. - * - * Revision 1.1 1999/11/13 01:50:17 mdw - * Veyr low level definitions for MP types. - * - */ - #ifndef CATACOMB_MPW_H #define CATACOMB_MPW_H diff --git a/mpx-kmul.c b/mpx-kmul.c index 228cabd..fbc1b02 100644 --- a/mpx-kmul.c +++ b/mpx-kmul.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpx-kmul.c,v 1.9 2004/03/27 17:54:12 mdw Exp $ + * $Id: mpx-kmul.c,v 1.10 2004/04/08 01:36:15 mdw Exp $ * * Karatsuba's multiplication algorithm * @@ -27,39 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpx-kmul.c,v $ - * Revision 1.9 2004/03/27 17:54:12 mdw - * Standard curves and curve checking. - * - * Revision 1.8 2002/10/09 00:36:03 mdw - * Fix bounds on workspace for Karatsuba operations. - * - * Revision 1.7 2000/10/08 15:48:35 mdw - * Rename Karatsuba constants now that we have @gfx_kmul@ too. - * - * Revision 1.6 2000/10/08 12:11:01 mdw - * Use @mpx_ueq@ instead of @MPX_UCMP@. - * - * Revision 1.5 2000/07/29 17:04:02 mdw - * Remove useless header `mpscan.h'. - * - * Revision 1.4 2000/06/17 11:42:11 mdw - * Moved the Karatsuba macros into a separate file for better sharing. - * Fixed some comments. - * - * Revision 1.3 1999/12/13 15:35:01 mdw - * Simplify and improve. - * - * Revision 1.2 1999/12/11 10:58:02 mdw - * Remove tweakable comments. - * - * Revision 1.1 1999/12/10 23:23:51 mdw - * Karatsuba-Ofman multiplication algorithm. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mpx-ksqr.c b/mpx-ksqr.c index 8a0ad64..fb59d0d 100644 --- a/mpx-ksqr.c +++ b/mpx-ksqr.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpx-ksqr.c,v 1.7 2002/10/09 00:36:03 mdw Exp $ + * $Id: mpx-ksqr.c,v 1.8 2004/04/08 01:36:15 mdw Exp $ * * Karatsuba-based squaring algorithm * @@ -27,34 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpx-ksqr.c,v $ - * Revision 1.7 2002/10/09 00:36:03 mdw - * Fix bounds on workspace for Karatsuba operations. - * - * Revision 1.6 2000/10/08 15:48:35 mdw - * Rename Karatsuba constants now that we have @gfx_kmul@ too. - * - * Revision 1.5 2000/10/08 12:11:01 mdw - * Use @mpx_ueq@ instead of @MPX_UCMP@. - * - * Revision 1.4 2000/07/29 17:04:02 mdw - * Remove useless header `mpscan.h'. - * - * Revision 1.3 2000/06/17 11:42:54 mdw - * Moved the Karatsuba macros into a separate file for better sharing. - * Fixed some comments. Use an improved technique so that all the - * operations are squarings. - * - * Revision 1.2 1999/12/13 15:35:01 mdw - * Simplify and improve. - * - * Revision 1.1 1999/12/11 10:57:43 mdw - * Karatsuba squaring algorithm. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mpx.c b/mpx.c index ef93e3e..e122760 100644 --- a/mpx.c +++ b/mpx.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpx.c,v 1.19 2004/04/03 03:29:40 mdw Exp $ + * $Id: mpx.c,v 1.20 2004/04/08 01:36:15 mdw Exp $ * * Low-level multiprecision arithmetic * @@ -27,74 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpx.c,v $ - * Revision 1.19 2004/04/03 03:29:40 mdw - * Fix overrun in @mpx_lsr@. - * - * Revision 1.18 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.17 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - * Revision 1.16 2003/05/16 09:09:24 mdw - * Fix @mp_lsl2c@. Turns out to be surprisingly tricky. - * - * Revision 1.15 2002/10/20 01:12:31 mdw - * Two's complement I/O fixes. - * - * Revision 1.14 2002/10/19 18:55:08 mdw - * Fix overflows in shift primitives. - * - * Revision 1.13 2002/10/19 17:56:50 mdw - * Fix bit operations. Test them (a bit) better. - * - * Revision 1.12 2002/10/06 22:52:50 mdw - * Pile of changes for supporting two's complement properly. - * - * Revision 1.11 2001/04/03 19:36:05 mdw - * Add some simple bitwise operations so that Perl can use them. - * - * Revision 1.10 2000/10/08 12:06:12 mdw - * Provide @mpx_ueq@ for rapidly testing equality of two integers. - * - * Revision 1.9 2000/06/26 07:52:50 mdw - * Portability fix for the bug fix. - * - * Revision 1.8 2000/06/25 12:59:02 mdw - * (mpx_udiv): Fix bug in quotient digit estimation. - * - * Revision 1.7 1999/12/22 15:49:07 mdw - * New function for division by a small integer. - * - * Revision 1.6 1999/11/20 22:43:44 mdw - * Integrate testing for MPX routines. - * - * Revision 1.5 1999/11/20 22:23:27 mdw - * Add function versions of some low-level macros with wider use. - * - * Revision 1.4 1999/11/17 18:04:09 mdw - * Add two's-complement functionality. Improve mpx_udiv a little by - * performing the multiplication of the divisor by q with the subtraction - * from r. - * - * Revision 1.3 1999/11/13 01:57:31 mdw - * Remove stray debugging code. - * - * Revision 1.2 1999/11/13 01:50:59 mdw - * Multiprecision routines finished and tested. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/mpx.h b/mpx.h index 13b63cc..f79cffd 100644 --- a/mpx.h +++ b/mpx.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: mpx.h,v 1.17 2004/03/27 00:04:46 mdw Exp $ + * $Id: mpx.h,v 1.18 2004/04/08 01:36:15 mdw Exp $ * * Low level multiprecision arithmetic * @@ -27,62 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: mpx.h,v $ - * Revision 1.17 2004/03/27 00:04:46 mdw - * Implement efficient reduction for pleasant-looking primes. - * - * Revision 1.16 2003/05/16 09:09:24 mdw - * Fix @mp_lsl2c@. Turns out to be surprisingly tricky. - * - * Revision 1.15 2002/10/19 17:56:50 mdw - * Fix bit operations. Test them (a bit) better. - * - * Revision 1.14 2002/10/09 00:36:03 mdw - * Fix bounds on workspace for Karatsuba operations. - * - * Revision 1.13 2002/10/06 22:52:50 mdw - * Pile of changes for supporting two's complement properly. - * - * Revision 1.12 2001/04/03 19:36:05 mdw - * Add some simple bitwise operations so that Perl can use them. - * - * Revision 1.11 2000/10/08 15:48:35 mdw - * Rename Karatsuba constants now that we have @gfx_kmul@ too. - * - * Revision 1.10 2000/10/08 12:06:12 mdw - * Provide @mpx_ueq@ for rapidly testing equality of two integers. - * - * Revision 1.9 1999/12/22 15:49:07 mdw - * New function for division by a small integer. - * - * Revision 1.8 1999/12/11 10:57:43 mdw - * Karatsuba squaring algorithm. - * - * Revision 1.7 1999/12/11 01:51:28 mdw - * Change Karatsuba parameters slightly. - * - * Revision 1.6 1999/12/10 23:23:51 mdw - * Karatsuba-Ofman multiplication algorithm. - * - * Revision 1.5 1999/11/20 22:23:27 mdw - * Add function versions of some low-level macros with wider use. - * - * Revision 1.4 1999/11/17 18:04:43 mdw - * Add two's complement support. Fix a bug in MPX_UMLAN. - * - * Revision 1.3 1999/11/13 01:51:29 mdw - * Minor interface changes. Should be stable now. - * - * Revision 1.2 1999/11/11 17:47:55 mdw - * Minor changes for different `mptypes.h' format. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - #ifndef CATACOMB_MPX_H #define CATACOMB_MPX_H diff --git a/noekeon.c b/noekeon.c index a773eb0..6020e0c 100644 --- a/noekeon.c +++ b/noekeon.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: noekeon.c,v 1.2 2001/06/16 23:42:17 mdw Exp $ + * $Id: noekeon.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Noekeon block cipher * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: noekeon.c,v $ - * Revision 1.2 2001/06/16 23:42:17 mdw - * Typesetting fixes. - * - * Revision 1.1 2001/05/08 22:17:41 mdw - * New cipher Noekeon added. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/noekeon.h b/noekeon.h index 9a5a43c..16ec01a 100644 --- a/noekeon.h +++ b/noekeon.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: noekeon.h,v 1.1 2001/05/08 22:17:41 mdw Exp $ + * $Id: noekeon.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Noekeon block cipher * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: noekeon.h,v $ - * Revision 1.1 2001/05/08 22:17:41 mdw - * New cipher Noekeon added. - * - * Revision 1.3 2001/05/07 17:31:53 mdw - * Separate out key scheduling. - * - * Revision 1.2 2000/10/08 15:48:58 mdw - * Update comments now that AES has been chosen. - * - * Revision 1.1 2000/06/17 11:56:07 mdw - * New cipher. - * - */ - /*----- Notes on the Noekeon block cipher --------------------------------* * * A Nessie entry, by Joan Daemen, Michael Peeters, Gilles Van Assche and diff --git a/noise.c b/noise.c index 8e5129b..0244869 100644 --- a/noise.c +++ b/noise.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: noise.c,v 1.7 2004/04/02 01:03:49 mdw Exp $ + * $Id: noise.c,v 1.8 2004/04/08 01:36:15 mdw Exp $ * * Acquisition of environmental noise (Unix-specific) * @@ -27,33 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: noise.c,v $ - * Revision 1.7 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.6 2000/06/17 12:57:47 mdw - * New free counter noise generator, for use if /dev/random is - * unavailable. - * - * Revision 1.5 1999/12/22 15:57:55 mdw - * Label system-specific parts more clearly. - * - * Revision 1.4 1999/12/10 23:25:15 mdw - * Bug fix: remove old spurious fflush. - * - * Revision 1.3 1999/12/10 23:24:11 mdw - * Bug fix: flush buffers before forking. - * - * Revision 1.2 1999/11/11 00:59:08 mdw - * A bit of reformatting. Initialize the uid and gid correctly. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" diff --git a/noise.h b/noise.h index 9252809..0147c95 100644 --- a/noise.h +++ b/noise.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: noise.h,v 1.5 2004/04/02 01:03:49 mdw Exp $ + * $Id: noise.h,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Acquisition of environmental noise (Unix-specific) * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: noise.h,v $ - * Revision 1.5 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.4 2000/06/17 12:57:47 mdw - * New free counter noise generator, for use if /dev/random is - * unavailable. - * - * Revision 1.3 1999/12/22 15:57:55 mdw - * Label system-specific parts more clearly. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - #ifndef CATACOMB_NOISE_H #define CATACOMB_NOISE_H diff --git a/oaep.c b/oaep.c index f69c864..2b9d779 100644 --- a/oaep.c +++ b/oaep.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: oaep.c,v 1.5 2002/01/13 20:20:39 mdw Exp $ + * $Id: oaep.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Optimal asymmetric encryption packing * @@ -27,26 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: oaep.c,v $ - * Revision 1.5 2002/01/13 20:20:39 mdw - * Hack the @oaep_decode@ code some more, to make it work again. - * - * Revision 1.4 2002/01/13 13:50:21 mdw - * Allow only one error return, to frustrate Manger's attack against OAEP. - * - * Revision 1.3 2001/02/22 09:04:39 mdw - * Fix memory leaks. - * - * Revision 1.2 2000/07/15 10:01:48 mdw - * Test rig added, based on RIPEMD160-MGF1 test vectors. - * - * Revision 1.1 2000/07/01 11:18:30 mdw - * Support for Optimal Asymmetric Encryption Padding. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -58,25 +38,28 @@ #include "gcipher.h" #include "ghash.h" #include "grand.h" -#include "oaep.h" +#include "rsa.h" /*----- Main code ---------------------------------------------------------*/ /* --- @oaep_encode@ --- * * - * Arguments: @const void *msg@ = pointer to message data + * Arguments: @mp *d@ = where to put the answer + * @const void *m@ = pointer to message data * @size_t msz@ = size of message data - * @void *buf@ = pointer to output buffer - * @size_t sz@ = size of the output buffer + * @octet *b@ = spare buffer + * @size_t sz@ = size of the buffer (big enough) + * @unsigned long nbits@ = length of bits of @n@ * @void *p@ = pointer to OAEP parameter block * - * Returns: Zero if all went well, negative on failure. + * Returns: The encoded plaintext, or null on failure. * * Use: Implements the operation @EME-OAEP-ENCODE@, as defined in * PKCS#1 v. 2.0 (RFC2437). */ -int oaep_encode(const void *msg, size_t msz, void *buf, size_t sz, void *p) +mp *oaep_encode(mp *d, const void *m, size_t msz, octet *b, size_t sz, + unsigned long nbits, void *p) { oaep *o = p; size_t hsz = o->ch->hashsz; @@ -89,50 +72,51 @@ int oaep_encode(const void *msg, size_t msz, void *buf, size_t sz, void *p) /* --- Ensure that everything is sensibly sized --- */ if (2 * hsz + 2 + msz > sz) - return (-1); + return (0); /* --- Make the `seed' value --- */ - q = buf; + q = b; *q++ = 0; sz--; mq = q + hsz; qq = q + sz; - o->r->ops->fill(o->r, q, hsz); + GR_FILL(o->r, q, hsz); /* --- Fill in the rest of the buffer --- */ - h = o->ch->init(); - h->ops->hash(h, o->ep, o->epsz); - h->ops->done(h, mq); - h->ops->destroy(h); + h = GH_INIT(o->ch); + GH_HASH(h, o->ep, o->epsz); + GH_DONE(h, mq); + GH_DESTROY(h); pp = mq + hsz; n = sz - 2 * hsz - msz - 1; memset(pp, 0, n); pp += n; *pp++ = 1; - memcpy(pp, msg, msz); + memcpy(pp, m, msz); /* --- Do the packing --- */ n = sz - hsz; - c = o->cc->init(q, hsz); - c->ops->encrypt(c, mq, mq, n); - c->ops->destroy(c); + c = GC_INIT(o->cc, q, hsz); + GC_ENCRYPT(c, mq, mq, n); + GC_DESTROY(c); - c = o->cc->init(mq, n); - c->ops->encrypt(c, q, q, hsz); - c->ops->destroy(c); + c = GC_INIT(o->cc, mq, n); + GC_ENCRYPT(c, q, q, hsz); + GC_DESTROY(c); /* --- Done --- */ - return (0); + return (mp_loadb(d, b, sz + 1)); } /* --- @oaep_decode@ --- * * - * Arguments: @const void *buf@ = pointer to encoded buffer - * @size_t sz@ = size of the encoded buffer - * @dstr *d@ = pointer to destination string + * Arguments: @mp *m@ = the decrypted message + * @octet *b@ = pointer to a buffer to work in + * @size_t sz@ = the size of the buffer (big enough) + * @unsigned long nbits@ = the number of bits in @n@ * @void *p@ = pointer to OAEP parameter block * * Returns: The length of the output string if successful, negative on @@ -142,7 +126,18 @@ int oaep_encode(const void *msg, size_t msz, void *buf, size_t sz, void *p) * PKCS#1 v. 2.0 (RFC2437). */ -int oaep_decode(const void *buf, size_t sz, dstr *d, void *p) +static int memeq(const void *xx, const void *yy, size_t sz) +{ + int eq = 1; + const octet *x = xx, *y = yy; + while (sz) { /* Always check every byte */ + if (*x++ != *y++) eq = 0; + sz--; + } + return (eq); +} + +int oaep_decode(mp *m, octet *b, size_t sz, unsigned long nbits, void *p) { oaep *o = p; gcipher *c; @@ -152,39 +147,37 @@ int oaep_decode(const void *buf, size_t sz, dstr *d, void *p) unsigned bad = 0; size_t n; size_t hsz = o->ch->hashsz; - int rc = -1; /* --- Ensure that the block is large enough --- */ - if (sz < 2 * hsz) + if (sz < 2 * hsz) /* Doesn't depend on ciphertext */ return (-1); - q = x_alloc(d->a, sz); - memcpy(q, buf, sz); - /* --- Decrypt the message --- */ + mp_storeb(m, b, sz); + q = b; bad = *q; q++; sz--; mq = q + hsz; qq = q + sz; n = sz - hsz; - c = o->cc->init(mq, n); - c->ops->decrypt(c, q, q, hsz); - c->ops->destroy(c); + c = GC_INIT(o->cc, mq, n); + GC_DECRYPT(c, q, q, hsz); + GC_DESTROY(c); - c = o->cc->init(q, hsz); - c->ops->decrypt(c, mq, mq, n); - c->ops->destroy(c); + c = GC_INIT(o->cc, q, hsz); + GC_DECRYPT(c, mq, mq, n); + GC_DESTROY(c); q--; /* --- Check the hash on the encoding parameters --- */ - h = o->ch->init(); - h->ops->hash(h, o->ep, o->epsz); - h->ops->done(h, q); - h->ops->destroy(h); - bad |= memcmp(q, mq, hsz); + h = GH_INIT(o->ch); + GH_HASH(h, o->ep, o->epsz); + GH_DONE(h, q); + GH_DESTROY(h); + bad |= !memeq(q, mq, hsz); /* --- Now find the start of the actual message --- */ @@ -193,98 +186,8 @@ int oaep_decode(const void *buf, size_t sz, dstr *d, void *p) pp++; bad |= (pp >= qq) | (*pp++ != 1); n = qq - pp; - dstr_putm(d, pp, n); - if (!bad) - rc = n; - - x_free(d->a, q); - return (rc); -} - -/*----- Test rig ----------------------------------------------------------*/ - -#ifdef TEST_RIG - -#include - -#include "rmd160.h" -#include "rmd160-mgf.h" - -typedef struct gctx { - grand r; - octet *buf; -} gctx; - -static void rfill(grand *r, void *buf, size_t sz) -{ - gctx *g = (gctx *)r; - memcpy(buf, g->buf, sz); -} - -static const grand_ops gops = { - "const", 0, 0, - 0, 0, - 0, 0, 0, 0, rfill -}; - -static int verify(dstr *v) -{ - gctx gr; - dstr d = DSTR_INIT; - oaep o; - int ok = 1; - - dstr_ensure(&d, v[3].len); - d.len = v[3].len; - gr.r.ops = &gops; - gr.buf = (octet *)v[2].buf; - - o.cc = &rmd160_mgf; - o.ch = &rmd160; - o.r = &gr.r; - o.ep = v[1].buf; - o.epsz = v[1].len; - - if (oaep_encode(v[0].buf, v[0].len, d.buf, d.len, &o) || - memcmp(d.buf, v[3].buf, d.len) != 0) { - ok = 0; - fputs("\nfailure in oaep_encode", stderr); - fputs("\n message = ", stderr); type_hex.dump(&v[0], stderr); - fputs("\n params = ", stderr); type_hex.dump(&v[1], stderr); - fputs("\n salt = ", stderr); type_hex.dump(&v[2], stderr); - fputs("\nexpected = ", stderr); type_hex.dump(&v[3], stderr); - fputs("\n output = ", stderr); type_hex.dump(&d, stderr); - fputc('\n', stderr); - } - - DRESET(&d); - if (oaep_decode(v[3].buf, v[3].len, &d, &o) < 0 || - d.len != v[0].len || memcmp(d.buf, v[0].buf, d.len) != 0) { - ok = 0; - fputs("\nfailure in oaep_decode", stderr); - fputs("\n goop = ", stderr); type_hex.dump(&v[3], stderr); - fputs("\n params = ", stderr); type_hex.dump(&v[1], stderr); - fputs("\n salt = ", stderr); type_hex.dump(&v[2], stderr); - fputs("\nexpected = ", stderr); type_hex.dump(&v[0], stderr); - fputs("\n output = ", stderr); type_hex.dump(&d, stderr); - fputc('\n', stderr); - } - - dstr_destroy(&d); - return (ok); + memmove(q, pp, n); + return (bad ? -1 : n); } -static test_chunk tests[] = { - { "oaep", verify, { &type_hex, &type_hex, &type_hex, &type_hex, 0 } }, - { 0, 0, { 0 } } -}; - -int main(int argc, char *argv[]) -{ - test_run(argc, argv, tests, SRCDIR "/tests/oaep"); - return (0); -} - -#endif - /*----- That's all, folks -------------------------------------------------*/ diff --git a/oaep.h b/oaep.h deleted file mode 100644 index 3f956b6..0000000 --- a/oaep.h +++ /dev/null @@ -1,123 +0,0 @@ -/* -*-c-*- - * - * $Id: oaep.h,v 1.1 2000/07/01 11:18:30 mdw Exp $ - * - * Optimal asymmetric encryption packing - * - * (c) 2000 Straylight/Edgeware - */ - -/*----- Licensing notice --------------------------------------------------* - * - * This file is part of Catacomb. - * - * Catacomb is free software; you can redistribute it and/or modify - * it under the terms of the GNU Library General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * Catacomb is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Library General Public License for more details. - * - * You should have received a copy of the GNU Library General Public - * License along with Catacomb; if not, write to the Free - * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, - * MA 02111-1307, USA. - */ - -/*----- Revision history --------------------------------------------------* - * - * $Log: oaep.h,v $ - * Revision 1.1 2000/07/01 11:18:30 mdw - * Support for Optimal Asymmetric Encryption Padding. - * - */ - -/*----- Notes on OAEP -----------------------------------------------------* - * - * Applying OAEP before RSA encryption renders the construction plaintext- - * aware under the random oracle model. This is probably a good thing. OAEP - * was designed by Bellare and Rogaway. This particular variant is the one - * specified in PKCS#1 version 2.0. It's apparently not compatible with the - * OAEP used in the SET protocols. - */ - -#ifndef CATACOMB_OAEP_H -#define CATACOMB_OAEP_H - -#ifdef __cplusplus - extern "C" { -#endif - -/*----- Header files ------------------------------------------------------*/ - -#include -#include - -#ifndef CATACOMB_GCIPHER_H -# include "gcipher.h" -#endif - -#ifndef CATACOMB_GHASH_H -# include "ghash.h" -#endif - -#ifndef CATACOMB_GRAND_H -# include "grand.h" -#endif - -/*----- Data structures ---------------------------------------------------*/ - -typedef struct oaep { - const gccipher *cc; /* Cipher class for masking */ - const gchash *ch; /* Hash class for parameter block */ - grand *r; /* Random number source */ - const void *ep; /* Encoding parameters block */ - size_t epsz; /* Size of the parameter block */ -} oaep; - -/*----- Functions provided ------------------------------------------------*/ - -/* --- @oaep_encode@ --- * - * - * Arguments: @const void *msg@ = pointer to message data - * @size_t msz@ = size of message data - * @void *buf@ = pointer to output buffer - * @size_t sz@ = size of the output buffer - * @void *p@ = pointer to OAEP parameter block - * - * Returns: Zero if all went well, negative on failure. - * - * Use: Implements the operation @EME-OAEP-ENCODE@, as defined in - * PKCS#1 v. 2.0 (RFC2437). - */ - -extern int oaep_encode(const void */*msg*/, size_t /*msz*/, - void */*buf*/, size_t /*sz*/, void */*p*/); - -/* --- @oaep_decode@ --- * - * - * Arguments: @const void *buf@ = pointer to encoded buffer - * @size_t sz@ = size of the encoded buffer - * @dstr *d@ = pointer to destination string - * @void *p@ = pointer to OAEP parameter block - * - * Returns: The length of the output string if successful, negative on - * failure. - * - * Use: Implements the operation @EME-OAEP-DECODE@, as defined in - * PKCS#1 v. 2.0 (RFC2437). - */ - -extern int oaep_decode(const void */*buf*/, size_t /*sz*/, - dstr */*d*/, void */*p*/); - -/*----- That's all, folks -------------------------------------------------*/ - -#ifdef __cplusplus - } -#endif - -#endif diff --git a/ofb-def.h b/ofb-def.h index 67d3a6a..8f21a87 100644 --- a/ofb-def.h +++ b/ofb-def.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ofb-def.h,v 1.6 2004/04/02 01:03:49 mdw Exp $ + * $Id: ofb-def.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Definitions for output feedback mode * @@ -27,29 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ofb-def.h,v $ - * Revision 1.6 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.5 2001/06/17 00:10:51 mdw - * Typesetting fixes - * - * Revision 1.4 2001/04/03 19:36:36 mdw - * Don't use @va_arg@ as an argument to @STORE32@! - * - * Revision 1.3 2000/06/17 11:48:02 mdw - * Use secure arena for memory allocation. Rearrange setiv slightly. - * - * Revision 1.2 1999/12/13 15:34:01 mdw - * Add support for seeding from a generic pseudorandom source. - * - * Revision 1.1 1999/12/10 23:16:40 mdw - * Split mode macros into interface and implementation. - * - */ - #ifndef CATACOMB_OFB_DEF_H #define CATACOMB_OFB_DEF_H diff --git a/ofb.h b/ofb.h index 33afdb9..e38dae2 100644 --- a/ofb.h +++ b/ofb.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ofb.h,v 1.4 2001/06/17 00:10:51 mdw Exp $ + * $Id: ofb.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Output feedback for block ciphers * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ofb.h,v $ - * Revision 1.4 2001/06/17 00:10:51 mdw - * Typesetting fixes - * - * Revision 1.3 2000/06/17 11:48:24 mdw - * Change buffer offset to be unsigned. - * - * Revision 1.2 1999/12/10 23:16:40 mdw - * Split mode macros into interface and implementation. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - #ifndef CATACOMB_OFB_H #define CATACOMB_OFB_H diff --git a/papers/rand.tex b/papers/rand.tex index 1c489cc..d4ae0c1 100644 --- a/papers/rand.tex +++ b/papers/rand.tex @@ -1,6 +1,6 @@ %%% -*-latex-*- %%% -%%% $Id: rand.tex,v 1.3 1999/10/15 21:05:56 mdw Exp $ +%%% $Id: rand.tex,v 1.4 2004/04/08 01:36:15 mdw Exp $ %%% %%% Description of Catacomb's random number generator %%% @@ -26,19 +26,6 @@ %%% Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, %%% MA 02111-1307, USA. -%%%----- Revision history --------------------------------------------------- -%%% -%%% $Log: rand.tex,v $ -%%% Revision 1.3 1999/10/15 21:05:56 mdw -%%% Add a little more explanatory text for the pool and buffer sizes. -%%% -%%% Revision 1.2 1999/10/12 21:00:34 mdw -%%% Updated. Almost finished, in fact. ;-) -%%% -%%% Revision 1.1 1999/09/03 08:41:13 mdw -%%% Initial import. -%%% - %%%----- Header ------------------------------------------------------------- \documentclass[a4paper, article, 10pt, notitlepage, numbering]{strayman} diff --git a/paranoia.h b/paranoia.h index 58873bc..5a65ed5 100644 --- a/paranoia.h +++ b/paranoia.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: paranoia.h,v 1.2 1999/12/10 23:29:48 mdw Exp $ + * $Id: paranoia.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Macros and functions for cryptographic paranoia * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: paranoia.h,v $ - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - #ifndef CATACOMB_PARANOIA_H #define CATACOMB_PARANOIA_H diff --git a/passphrase.c b/passphrase.c index d27b9a4..0b8ddcf 100644 --- a/passphrase.c +++ b/passphrase.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: passphrase.c,v 1.5 2002/01/13 13:41:37 mdw Exp $ + * $Id: passphrase.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Reading of passphrases (Unix-specific) * @@ -27,28 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: passphrase.c,v $ - * Revision 1.5 2002/01/13 13:41:37 mdw - * Fix stupidity in passphrase verification. - * - * Revision 1.4 2001/04/19 18:26:01 mdw - * Re-request broken passphrases. - * - * Revision 1.3 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.2 2000/06/17 11:49:37 mdw - * New pixie protocol allowing application to request passphrases and send - * them to the pixie. - * - * Revision 1.1 1999/12/22 15:58:20 mdw - * Portable interface to reading passphrases. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/passphrase.h b/passphrase.h index 146251f..85ec58e 100644 --- a/passphrase.h +++ b/passphrase.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: passphrase.h,v 1.1 1999/12/22 15:58:20 mdw Exp $ + * $Id: passphrase.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Reading passphrases * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: passphrase.h,v $ - * Revision 1.1 1999/12/22 15:58:20 mdw - * Portable interface to reading passphrases. - * - */ - #ifndef CATACOMB_PASSPHRASE_H #define CATACOMB_PASSPHRASE_H diff --git a/pfilt.c b/pfilt.c index e3d1d3d..7f44569 100644 --- a/pfilt.c +++ b/pfilt.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pfilt.c,v 1.5 2004/04/01 12:50:09 mdw Exp $ + * $Id: pfilt.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Finding and testing prime numbers * @@ -27,46 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pfilt.c,v $ - * Revision 1.5 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.4 2000/10/08 12:14:57 mdw - * Remove vestiges of @primorial@. - * - * Revision 1.3 2000/08/15 21:44:27 mdw - * (pfilt_smallfactor): New function for doing trial division the hard - * way. - * - * (pfilt_create): Use @mpx_udivn@ for computing residues, for improved - * performance. - * - * Pull the `small prime' test into a separate function, and do it - * properly. - * - * Revision 1.2 2000/06/17 11:54:27 mdw - * Use new MP memory management functions. - * - * Revision 1.1 1999/12/22 15:49:39 mdw - * Renamed from `pgen'. Reworking for new prime-search system. - * - * Revision 1.3 1999/12/10 23:28:35 mdw - * Track suggested destination changes. - * - * Revision 1.2 1999/11/20 22:23:05 mdw - * Add multiply-and-add function for Diffie-Hellman safe prime generation. - * - * Revision 1.1 1999/11/19 13:17:57 mdw - * Prime number generator and tester. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/pfilt.h b/pfilt.h index 963b765..652d2eb 100644 --- a/pfilt.h +++ b/pfilt.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pfilt.h,v 1.3 2004/04/01 12:50:09 mdw Exp $ + * $Id: pfilt.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Finding and testing prime numbers * @@ -27,34 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pfilt.h,v $ - * Revision 1.3 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.2 2000/08/15 21:42:56 mdw - * Use the small primes type from `genprimes' output. New function for - * doing trial division the hard way. - * - * Revision 1.1 1999/12/22 15:49:39 mdw - * Renamed from `pgen'. Reworking for new prime-search system. - * - * Revision 1.3 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.2 1999/11/20 22:23:05 mdw - * Add multiply-and-add function for Diffie-Hellman safe prime generation. - * - * Revision 1.1 1999/11/19 13:17:57 mdw - * Prime number generator and tester. - * - */ - #ifndef CATACOMB_PFILT_H #define CATACOMB_PFILT_H diff --git a/pgen-gcd.c b/pgen-gcd.c index 35b770a..71a1c49 100644 --- a/pgen-gcd.c +++ b/pgen-gcd.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pgen-gcd.c,v 1.2 2000/07/01 11:09:20 mdw Exp $ + * $Id: pgen-gcd.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Prime search stepper ensuring a low GCD for %$(p - 1)/2$% * @@ -27,19 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pgen-gcd.c,v $ - * Revision 1.2 2000/07/01 11:09:20 mdw - * (pgen_gcd): Bug fix -- check the GCDs of the right things when deciding - * whether to abort. - * - * Revision 1.1 2000/06/17 11:51:53 mdw - * Filter which imposes additional restrictions on GCD of %$(p - 1)/2$% - * with a given integer. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/pgen-safe.c b/pgen-safe.c index 03ba35a..115f7b4 100644 --- a/pgen-safe.c +++ b/pgen-safe.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pgen-safe.c,v 1.4 2000/07/03 18:09:27 mdw Exp $ + * $Id: pgen-safe.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Safe prime generation * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pgen-safe.c,v $ - * Revision 1.4 2000/07/03 18:09:27 mdw - * Bug fix to the GCD check. With any luck, this is the last of these to - * need nailing to the wall. - * - * Revision 1.3 2000/06/17 11:52:36 mdw - * Signal a pgen abort if the jump and base share a common factor. - * - * Revision 1.2 2000/02/12 18:21:03 mdw - * Overhaul of key management (again). - * - * Revision 1.1 1999/12/22 16:01:34 mdw - * Find `safe' primes (i.e., %$p = 2q + 1$%). - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/pgen-stdev.c b/pgen-stdev.c index bc867bb..9ecb3b4 100644 --- a/pgen-stdev.c +++ b/pgen-stdev.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pgen-stdev.c,v 1.3 2000/08/18 19:16:12 mdw Exp $ + * $Id: pgen-stdev.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Standard event handlers * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pgen-stdev.c,v $ - * Revision 1.3 2000/08/18 19:16:12 mdw - * New event handler for showing in detail sub-prime generation. - * - * Revision 1.2 2000/07/09 21:31:34 mdw - * Delete the spinner when the search finishes. - * - * Revision 1.1 1999/12/22 16:01:57 mdw - * Standard progress-reporting functions. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/pgen.c b/pgen.c index 9cc4334..ac8db38 100644 --- a/pgen.c +++ b/pgen.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pgen.c,v 1.9 2004/04/01 12:50:09 mdw Exp $ + * $Id: pgen.c,v 1.10 2004/04/08 01:36:15 mdw Exp $ * * Prime generation glue * @@ -27,36 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pgen.c,v $ - * Revision 1.9 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.8 2002/01/13 13:42:53 mdw - * More efficient Rabin-Miller test: with random witnesses, skip redundant - * Montgomerization. (Being bijective, it can't affect the distribution.) - * - * Revision 1.7 2001/02/03 16:05:32 mdw - * Now @mp_drop@ checks its argument is non-NULL before attempting to free - * it. Note that the macro version @MP_DROP@ doesn't do this. - * - * Revision 1.6 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.5 2000/06/17 11:52:36 mdw - * Signal a pgen abort if the jump and base share a common factor. - * - * Revision 1.4 1999/12/22 16:01:11 mdw - * Same file, completely different code. Main interface for new prime- - * search system. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/pgen.h b/pgen.h index 1834f03..421819a 100644 --- a/pgen.h +++ b/pgen.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pgen.h,v 1.8 2004/04/01 12:50:09 mdw Exp $ + * $Id: pgen.h,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Prime generation glue * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pgen.h,v $ - * Revision 1.8 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - * Revision 1.7 2000/08/18 19:16:12 mdw - * New event handler for showing in detail sub-prime generation. - * - * Revision 1.6 2000/06/17 11:52:12 mdw - * Add the GCD filter. - * - * Revision 1.5 2000/02/12 18:21:03 mdw - * Overhaul of key management (again). - * - * Revision 1.4 1999/12/22 16:01:11 mdw - * Same file, completely different code. Main interface for new prime- - * search system. - * - */ - #ifndef CATACOMB_PGEN_H #define CATACOMB_PGEN_H diff --git a/pixie-client.c b/pixie-client.c index f1b8678..1597426 100644 --- a/pixie-client.c +++ b/pixie-client.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pixie-client.c,v 1.2 2000/06/17 11:49:37 mdw Exp $ + * $Id: pixie-client.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Simple passphrase pixie client (Unix-specific) * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pixie-client.c,v $ - * Revision 1.2 2000/06/17 11:49:37 mdw - * New pixie protocol allowing application to request passphrases and send - * them to the pixie. - * - * Revision 1.1 1999/12/22 15:58:41 mdw - * Passphrase pixie support. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/pixie-common.c b/pixie-common.c index 59b7c5c..6efd763 100644 --- a/pixie-common.c +++ b/pixie-common.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pixie-common.c,v 1.1 1999/12/22 15:58:41 mdw Exp $ + * $Id: pixie-common.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Common code for Pixie client and server (Unix-specific) * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pixie-common.c,v $ - * Revision 1.1 1999/12/22 15:58:41 mdw - * Passphrase pixie support. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/pixie.c b/pixie.c index ba1285a..2ce007d 100644 --- a/pixie.c +++ b/pixie.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pixie.c,v 1.13 2004/03/21 22:43:05 mdw Exp $ + * $Id: pixie.c,v 1.14 2004/04/08 01:36:15 mdw Exp $ * * Passphrase pixie for Catacomb * @@ -27,74 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pixie.c,v $ - * Revision 1.13 2004/03/21 22:43:05 mdw - * Keep quiet about expected errors on incoming connections. - * - * Revision 1.12 2002/01/13 13:50:42 mdw - * Various fixes tracking mLib changes. - * - * Revision 1.11 2002/01/13 13:43:05 mdw - * Fix bug in daemon mode. - * - * Revision 1.10 2001/02/21 20:03:54 mdw - * Handle select errors (by bombing out). Cosmetic tweak. - * - * Revision 1.9 2001/02/03 16:06:44 mdw - * Don't set a handler for @SIGINT@ if it's ignored at startup. Add some - * error handling for the @select@ loop. - * - * Revision 1.8 2001/01/25 22:19:31 mdw - * Make flags be unsigned. - * - * Revision 1.7 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.6 2000/10/08 12:06:46 mdw - * Change size passed to socket function to be a @size_t@. Insert missing - * type name for flag declaration. - * - * Revision 1.5 2000/07/29 22:05:22 mdw - * Miscellaneous tidyings: - * - * * Change the timeout to something more appropriate for real use. - * - * * Check assumptions about object types when binding the socket. In - * particular, don't zap the socket if it's really something else. - * - * * In @p_request@, return a failure if the shell command returned - * nonzero. Fix a bug in @p_get@ which incorrectly passes on a success - * code when this happens. - * - * * Dispose of the locked memory in client mode to avoid being - * antisocial. - * - * * Also in client mode, don't report closure from the server if we're - * running noninteractively. - * - * * Insert a missing option letter into the usage string. - * - * * Change to the root directory after forking in daemon mode. - * - * Revision 1.4 2000/06/17 11:50:53 mdw - * New pixie protocol allowing application to request passphrases and send - * them to the pixie. Use the secure arena interface for the input - * buffer. Extend the input buffer. Other minor fixes. - * - * Revision 1.3 1999/12/22 22:14:40 mdw - * Only produce initialization message if verbose. - * - * Revision 1.2 1999/12/22 22:13:42 mdw - * Fix bug in passphrase flushing loop. - * - * Revision 1.1 1999/12/22 15:58:41 mdw - * Passphrase pixie support. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" diff --git a/pixie.h b/pixie.h index e66a8ba..25cd86f 100644 --- a/pixie.h +++ b/pixie.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pixie.h,v 1.2 2000/06/17 11:49:49 mdw Exp $ + * $Id: pixie.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Passphrase pixie definitions (Unix-specific) * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pixie.h,v $ - * Revision 1.2 2000/06/17 11:49:49 mdw - * New pixie protocol allowing application to request passphrases and send - * them to the pixie. - * - * Revision 1.1 1999/12/22 15:58:41 mdw - * Passphrase pixie support. - * - */ - #ifndef CATACOMB_PIXIE_H #define CATACOMB_PIXIE_H diff --git a/pkcs1.c b/pkcs1.c index dd19569..3460467 100644 --- a/pkcs1.c +++ b/pkcs1.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pkcs1.c,v 1.3 2000/10/08 12:07:04 mdw Exp $ + * $Id: pkcs1.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * PKCS#1 1.5 packing * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pkcs1.c,v $ - * Revision 1.3 2000/10/08 12:07:04 mdw - * Don't do arithmetic on @void *@ pointers. - * - * Revision 1.2 2000/07/05 17:49:48 mdw - * Fix decoding functions, so that they don't run off the end of the - * buffer. - * - * Revision 1.1 2000/07/01 11:17:38 mdw - * New support for PKCS#1 message encoding. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -50,62 +35,71 @@ #include #include "grand.h" -#include "pkcs1.h" +#include "rsa.h" /*----- Main code ---------------------------------------------------------*/ /* --- @pkcs1_cryptencode@ --- * * - * Arguments: @const void *msg@ = pointer to message data + * Arguments: @mp *d@ = where to put the answer + * @const void *m@ = pointer to message data * @size_t msz@ = size of message data - * @void *buf@ = pointer to output buffer - * @size_t sz@ = size of the output buffer + * @octet *b@ = spare buffer + * @size_t sz@ = size of the buffer (big enough) + * @unsigned long nbits@ = length of bits of @n@ * @void *p@ = pointer to PKCS1 parameter block * - * Returns: Zero if all went well, negative on failure. + * Returns: The encoded result, or null. * * Use: Implements the operation @EME-PKCS1-V1_5-ENCODE@, as defined * in PKCS#1 v. 2.0 (RFC2437). */ -int pkcs1_cryptencode(const void *msg, size_t msz, void *buf, size_t sz, - void *p) +mp *pkcs1_cryptencode(mp *d, const void *m, size_t msz, octet *b, size_t sz, + unsigned long nbits, void *p) { pkcs1 *pp = p; grand *r = pp->r; - octet *q, *qq; + octet *q; size_t i, n; /* --- Ensure that the buffer is sensibly sized --- */ if (pp->epsz + msz + 11 > sz) - return (-1); + return (0); - /* --- Fill in the buffer --- */ + /* --- Allocate the buffer and fill it in --- */ - q = buf; - qq = q + sz; - *q++ = 0; - *q++ = 2; + q = b; + *q++ = 0x00; + *q++ = 0x02; n = sz - msz - pp->epsz - 3; - r->ops->fill(r, q, n); + GR_FILL(r, q, n); for (i = 0; i < n; i++) { if (*q == 0) *q = r->ops->range(r, 255) + 1; q++; } *q++ = 0; - memcpy(q, pp->ep, pp->epsz); - q += pp->epsz; - memcpy(q, msg, msz); - return (0); + if (pp->ep) { + memcpy(q, pp->ep, pp->epsz); + q += pp->epsz; + } + memcpy(q, m, msz); + q += msz; + assert(q == b + sz); + + /* --- Collect the result --- */ + + return (mp_loadb(d, b, sz)); } /* --- @pkcs1_cryptdecode@ --- * * - * Arguments: @const void *buf@ = pointer to encoded buffer - * @size_t sz@ = size of the encoded buffer - * @dstr *d@ = pointer to destination string + * Arguments: @mp *m@ = the decrypted message + * @octet *b@ = pointer to a buffer to work in + * @size_t sz@ = the size of the buffer (big enough) + * @unsigned long nbits@ = the number of bits in @n@ * @void *p@ = pointer to PKCS1 parameter block * * Returns: The length of the output string if successful, negative on @@ -115,94 +109,113 @@ int pkcs1_cryptencode(const void *msg, size_t msz, void *buf, size_t sz, * in PKCS#1 v. 2.0 (RFC2437). */ -int pkcs1_cryptdecode(const void *buf, size_t sz, dstr *d, void *p) +static int memeq(const void *xx, const void *yy, size_t sz) +{ + int eq = 1; + const octet *x = xx, *y = yy; + while (sz) { /* Always check every byte */ + if (*x++ != *y++) eq = 0; + sz--; + } + return (eq); +} + +int pkcs1_cryptdecode(mp *m, octet *b, size_t sz, + unsigned long nbits, void *p) { pkcs1 *pp = p; const octet *q, *qq; size_t n, i; + int bad = 0; /* --- Check the size of the block looks sane --- */ - if (pp->epsz + 11 > sz) + if (pp->epsz + 11 > sz) /* OK: independent of ciphertext */ return (-1); - q = buf; + mp_storeb(m, b, sz); + q = b; qq = q + sz; /* --- Ensure that the block looks OK --- */ - if (*q++ != 0 || *q++ != 2) - return (-1); + bad |= (*q++ != 0x00 || *q++ != 0x02); /* --- Check the nonzero padding --- */ i = 0; while (*q != 0 && q < qq) i++, q++; - if (i < 8 || qq - q < pp->epsz + 1) - return (-1); + bad |= (i < 8 || qq - q < pp->epsz + 1); q++; /* --- Check the encoding parameters --- */ - if (memcmp(q, pp->ep, pp->epsz) != 0) - return (-1); + bad |= (pp->ep && !memeq(bad ? b : q, pp->ep, pp->epsz)); q += pp->epsz; /* --- Done --- */ n = qq - q; - dstr_putm(d, q, n); - return (n); + memmove(b, bad ? b + 1 : q, n); + return (bad ? -1 : n); } /* --- @pkcs1_sigencode@ --- * * - * Arguments: @const void *msg@ = pointer to message data + * Arguments: @mp *d@ = where to put the answer + * @const void *m@ = pointer to message data * @size_t msz@ = size of message data - * @void *buf@ = pointer to output buffer - * @size_t sz@ = size of the output buffer + * @octet *b@ = spare buffer + * @size_t sz@ = size of the buffer (big enough) + * @unsigned long nbits@ = length of bits of @n@ * @void *p@ = pointer to PKCS1 parameter block * - * Returns: Zero if all went well, negative on failure. + * Returns: The encoded message representative, or null. * * Use: Implements the operation @EMSA-PKCS1-V1_5-ENCODE@, as defined * in PKCS#1 v. 2.0 (RFC2437). */ -int pkcs1_sigencode(const void *msg, size_t msz, void *buf, size_t sz, - void *p) +mp *pkcs1_sigencode(mp *d, const void *m, size_t msz, octet *b, size_t sz, + unsigned long nbits, void *p) { pkcs1 *pp = p; - octet *q, *qq; + octet *q; size_t n; /* --- Ensure that the buffer is sensibly sized --- */ if (pp->epsz + msz + 11 > sz) - return (-1); + return (0); /* --- Fill in the buffer --- */ - q = buf; - qq = q + sz; - *q++ = 0; - *q++ = 1; + q = b; + *q++ = 0x00; + *q++ = 0x01; n = sz - msz - pp->epsz - 3; memset(q, 0xff, n); q += n; *q++ = 0; - memcpy(q, pp->ep, pp->epsz); - q += pp->epsz; - memcpy(q, msg, msz); - return (0); + if (pp->ep) { + memcpy(q, pp->ep, pp->epsz); + q += pp->epsz; + } + memcpy(q, m, msz); + q += msz; + assert(q == b + sz); + return (mp_loadb(d, b, sz)); } /* --- @pkcs1_sigdecode@ --- * * - * Arguments: @const void *buf@ = pointer to encoded buffer - * @size_t sz@ = size of the encoded buffer - * @dstr *d@ = pointer to destination string - * @void *p@ = pointer to PKCS1 parameter block + * Arguments: @mp *s@ = the message representative + * @const void *m@ = the original message, or null (ignored) + * @size_t msz@ = the message size (ignored) + * @octet *b@ = a scratch buffer + * @size_t sz@ = size of the buffer (large enough) + * @unsigned long nbits@ = number of bits in @n@ + * @void *p@ = pointer to PKCS1 parameters * * Returns: The length of the output string if successful, negative on * failure. @@ -211,7 +224,8 @@ int pkcs1_sigencode(const void *msg, size_t msz, void *buf, size_t sz, * in PKCS#1 v. 2.0 (RFC2437). */ -int pkcs1_sigdecode(const void *buf, size_t sz, dstr *d, void *p) +int pkcs1_sigdecode(mp *s, const void *m, size_t msz, octet *b, size_t sz, + unsigned long nbits, void *p) { pkcs1 *pp = p; const octet *q, *qq; @@ -221,12 +235,13 @@ int pkcs1_sigdecode(const void *buf, size_t sz, dstr *d, void *p) if (pp->epsz + 10 > sz) return (-1); - q = buf; + mp_storeb(s, b, sz); + q = b; qq = q + sz; /* --- Ensure that the block looks OK --- */ - if (*q++ != 0 || *q++ != 1) + if (*q++ != 0x00 || *q++ != 0x01) return (-1); /* --- Check the padding --- */ @@ -239,14 +254,14 @@ int pkcs1_sigdecode(const void *buf, size_t sz, dstr *d, void *p) /* --- Check the encoding parameters --- */ - if (memcmp(q, pp->ep, pp->epsz) != 0) + if (pp->ep && memcmp(q, pp->ep, pp->epsz) != 0) return (-1); q += pp->epsz; /* --- Done --- */ n = qq - q; - dstr_putm(d, q, n); + memmove(b, q, n); return (n); } diff --git a/pkcs1.h b/pkcs1.h deleted file mode 100644 index ff5123f..0000000 --- a/pkcs1.h +++ /dev/null @@ -1,138 +0,0 @@ -/* -*-c-*- - * - * $Id: pkcs1.h,v 1.1 2000/07/01 11:17:38 mdw Exp $ - * - * PKCS#1 1.5 packing - * - * (c) 2000 Straylight/Edgeware - */ - -/*----- Licensing notice --------------------------------------------------* - * - * This file is part of Catacomb. - * - * Catacomb is free software; you can redistribute it and/or modify - * it under the terms of the GNU Library General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * Catacomb is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Library General Public License for more details. - * - * You should have received a copy of the GNU Library General Public - * License along with Catacomb; if not, write to the Free - * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, - * MA 02111-1307, USA. - */ - -/*----- Revision history --------------------------------------------------* - * - * $Log: pkcs1.h,v $ - * Revision 1.1 2000/07/01 11:17:38 mdw - * New support for PKCS#1 message encoding. - * - */ - -#ifndef CATACOMB_PKCS1_H -#define CATACOMB_PKCS1_H - -#ifdef __cplusplus - extern "C" { -#endif - -/*----- Header files ------------------------------------------------------*/ - -#include -#include - -#ifndef CATACOMB_GRAND_H -# include "grand.h" -#endif - -/*----- Data structures ---------------------------------------------------*/ - -typedef struct pkcs1 { - grand *r; /* Random number source */ - const void *ep; /* Encoding parameters block */ - size_t epsz; /* Size of the parameter block */ -} pkcs1; - -/*----- Functions provided ------------------------------------------------*/ - -/* --- @pkcs1_cryptencode@ --- * - * - * Arguments: @const void *msg@ = pointer to message data - * @size_t msz@ = size of message data - * @void *buf@ = pointer to output buffer - * @size_t sz@ = size of the output buffer - * @void *p@ = pointer to PKCS1 parameter block - * - * Returns: Zero if all went well, negative on failure. - * - * Use: Implements the operation @EME-PKCS1-V1_5-ENCODE@, as defined - * in PKCS#1 v. 2.0 (RFC2437). - */ - -extern int pkcs1_cryptencode(const void */*msg*/, size_t /*msz*/, - void */*buf*/, size_t /*sz*/, void */*p*/); - -/* --- @pkcs1_cryptdecode@ --- * - * - * Arguments: @const void *buf@ = pointer to encoded buffer) - * @size_t sz@ = size of the encoded buffer - * @dstr *d@ = pointer to destination string - * @void *p@ = pointer to PKCS1 parameter block - * - * Returns: The length of the output string if successful, negative on - * failure. - * - * Use: Implements the operation @EME-PKCS1-V1_5-DECODE@, as defined - * in PKCS#1 v. 2.0 (RFC2437). - */ - -extern int pkcs1_cryptdecode(const void */*buf*/, size_t /*sz*/, - dstr */*d*/, void */*p*/); - -/* --- @pkcs1_sigencode@ --- * - * - * Arguments: @const void *msg@ = pointer to message data - * @size_t msz@ = size of message data - * @void *buf@ = pointer to output buffer - * @size_t sz@ = size of the output buffer - * @void *p@ = pointer to PKCS1 parameter block - * - * Returns: Zero if all went well, negative on failure. - * - * Use: Implements the operation @EMSA-PKCS1-V1_5-ENCODE@, as defined - * in PKCS#1 v. 2.0 (RFC2437). - */ - -extern int pkcs1_sigencode(const void */*msg*/, size_t /*msz*/, - void */*buf*/, size_t /*sz*/, void */*p*/); - -/* --- @pkcs1_sigdecode@ --- * - * - * Arguments: @const void *buf@ = pointer to encoded buffer - * @size_t sz@ = size of the encoded buffer - * @dstr *d@ = pointer to destination string - * @void *p@ = pointer to PKCS1 parameter block - * - * Returns: The length of the output string if successful, negative on - * failure. - * - * Use: Implements the operation @EMSA-PKCS1-V1_5-DECODE@, as defined - * in PKCS#1 v. 2.0 (RFC2437). - */ - -extern int pkcs1_sigdecode(const void */*buf*/, size_t /*sz*/, - dstr */*d*/, void */*p*/); - -/*----- That's all, folks -------------------------------------------------*/ - -#ifdef __cplusplus - } -#endif - -#endif diff --git a/prim.c b/prim.c index 752da9f..79ab731 100644 --- a/prim.c +++ b/prim.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: prim.c,v 1.3 2000/10/08 12:11:22 mdw Exp $ + * $Id: prim.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Finding primitive elements * @@ -27,22 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: prim.c,v $ - * Revision 1.3 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.2 2000/07/29 09:57:42 mdw - * Improve primitive-element testing a lot. Now much more sensible and - * orthogonal: you can find a generator for any given subgroup order by - * putting in the appropriate parameters. - * - * Revision 1.1 1999/12/22 15:58:59 mdw - * Search for primitive elements using prime-search equipment. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/prim.h b/prim.h index 90b1156..193d058 100644 --- a/prim.h +++ b/prim.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: prim.h,v 1.2 2000/07/29 09:57:42 mdw Exp $ + * $Id: prim.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Finding primitive elements * @@ -27,19 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: prim.h,v $ - * Revision 1.2 2000/07/29 09:57:42 mdw - * Improve primitive-element testing a lot. Now much more sensible and - * orthogonal: you can find a generator for any given subgroup order by - * putting in the appropriate parameters. - * - * Revision 1.1 1999/12/22 15:58:59 mdw - * Search for primitive elements using prime-search equipment. - * - */ - #ifndef CATACOMB_PRIM_H #define CATACOMB_PRIM_H diff --git a/pss.c b/pss.c index 8bbccca..7379b11 100644 --- a/pss.c +++ b/pss.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: pss.c,v 1.1 2000/07/20 20:13:38 mdw Exp $ + * $Id: pss.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Probabistic signature scheme * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: pss.c,v $ - * Revision 1.1 2000/07/20 20:13:38 mdw - * Added Bellare and Rogaway's PSS encoding for RSA signatures. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -46,191 +38,151 @@ #include "gcipher.h" #include "ghash.h" #include "grand.h" -#include "pss.h" +#include "rsa.h" -/*----- Main code ---------------------------------------------------------*/ +/*----- Magic statics -----------------------------------------------------*/ -/* --- @pss_presign@ --- * - * - * Arguments: @pss *pp@ = pointer to PSS parameter block - * - * Returns: An initialized generic hash context. - * - * Use: Initializes a hash function for signing with PSS. A salt is - * chosen and written into the parameter block. - */ - -ghash *pss_presign(pss *pp) -{ - size_t hsz = pp->ch->hashsz; - octet *salt = xmalloc(hsz); - ghash *h; +static const octet z8[8] = { 0 }; - pp->r->ops->fill(pp->r, salt, hsz); - pp->salt = salt; - h = pp->ch->init(); - h->ops->hash(h, salt, hsz); - return (h); -} +/*----- Main code ---------------------------------------------------------*/ /* --- @pss_encode@ --- * * - * Arguments: @const void *msg@ = pointer to message (hash) data - * @size_t msz@ = size of message data - * @void *buf@ = pointer to output buffer - * @size_t sz@ = size of the output buffer - * @void *p@ = pointer to PSS parameter block + * Arguments: @mp *d@ = where to put the answer + * @const void *m@ = pointer to the message hash + * @size_t msz@ = the size of the message hash + * @octet *b@ = scratch buffer + * @size_t sz@ = sizeo of the buffer (large enough) + * @unsigned long nbits@ = size in bits of @n@ + * @void *p@ = pointer to the PSS parameters * - * Returns: Zero of all went well, negative on failure. + * Returns: Encoded message representative, or null on error. * * Use: Implements the operation @EMSA-PSS-ENCODE@, as defined in - * PKCS#1 v. 2.1 draft 1. + * PKCS#1 v. 2.1 (RFC3447). */ -int pss_encode(const void *msg, size_t msz, void *buf, size_t sz, void *p) +mp *pss_encode(mp *d, const void *m, size_t msz, octet *b, size_t sz, + unsigned long nbits, void *p) { pss *pp = p; - octet *q, *mq, *qq; + octet *s, *r; + ghash *h; gcipher *c; - size_t hsz = pp->ch->hashsz; - size_t n; - - /* --- Ensure that everything is sensibly sized --- */ - - if (hsz + msz + 1 > sz) - return (-1); - - /* --- Fill in the initial buffer --- */ - - q = buf; - *q++ = 0; sz--; - mq = q + msz; - qq = q + sz; - n = sz - msz; - memcpy(q, msg, msz); - if (pp->salt) - memcpy(mq, pp->salt, hsz); - else - memset(mq, 0, hsz); - memset(mq + hsz, 0, n - hsz); - - /* --- Do the encryption --- */ - - c = pp->cc->init(msg, msz); - c->ops->encrypt(c, mq, mq, n); - c->ops->destroy(c); - - /* --- Done --- */ - - return (0); + unsigned mask; + size_t pssz, hsz = pp->ch->hashsz; + + /* --- Check the message length --- */ + + nbits--; + sz = (nbits + 7)/8; + mask = (1 << nbits%8) - 1; + if (!mask) mask = 0xff; + if (hsz + pp->ssz + 2 > sz) + return (0); + + /* --- Generate a random salt --- */ + + pssz = sz - pp->ssz - hsz - 2; + memset(b, 0, pssz); + b[pssz] = 0x01; + s = b + pssz + 1; + r = s + pp->ssz; + GR_FILL(pp->r, s, pp->ssz); + + /* --- Compute the salted hash --- */ + + h = GH_INIT(pp->ch); + GH_HASH(h, z8, 8); + GH_HASH(h, m, msz); + GH_HASH(h, s, pp->ssz); + GH_DONE(h, r); + r[hsz] = 0xbc; + + /* --- Do the masking --- */ + + c = GC_INIT(pp->cc, r, hsz); + GC_ENCRYPT(c, b, b, pssz + pp->ssz + 1); + GC_DESTROY(c); + b[0] &= mask; + return (mp_loadb(d, b, sz)); } /* --- @pss_decode@ --- * * - * Arguments: @const void *buf@ = pointer to encoded buffer - * @size_t sz@ = size of the encoded byffer - * @dstr *d@ = pointer to destination string - * @void *p@ = pointer to PSS parameter block + * Arguments: @mp *s@ = the message representative + * @const void *m@ = the original message + * @size_t msz@ = the message size + * @octet *b@ = a scratch buffer + * @size_t sz@ = size of the buffer (large enough) + * @unsigned long nbits@ = number of bits in @n@ + * @void *p@ = pointer to PKCS1 parameters * - * Returns: The length of the output string (hash) if successful, - * negative on failure. + * Returns: The length of the output string if successful, negative on + * failure. * - * Use: Implements most of the operation @EMSA_PSS_VERIFY@, as - * defined in PCSK#1 v. 2.1 draft 1. The salt value is filled - * in ready for hashing of the data to start. + * Use: Implements the operation @EMSA_PSS_VERIFY@, as defined in + * PCSK#1 v. 2.1 (RFC3447). */ -int pss_decode(const void *buf, size_t sz, dstr *d, void *p) +int pss_decode(mp *mi, const void *m, size_t msz, octet *b, size_t sz, + unsigned long nbits, void *p) { pss *pp = p; + octet *s, *r; + ghash *h; gcipher *c; - octet *q, *mq, *qq; - octet *ppp; - size_t n; - size_t hsz = pp->ch->hashsz; - int rc = -1; + unsigned mask; + size_t pssz, hsz = pp->ch->hashsz, i; + int rc; - /* --- Ensure that the block is large enough --- */ + /* --- Check the message length --- */ - if (sz < 2 * hsz + 1) + nbits--; + sz = (nbits + 7)/8; + if (mp_octets(mi) > sz) return (-1); + mask = (1 << nbits%8) - 1; + if (!mask) mask = 0xff; + if (hsz + pp->ssz + 2 > sz) + return (-1); + mp_storeb(mi, b, sz); - q = x_alloc(d->a, sz); - memcpy(q, buf, sz); - - /* --- Recover the salt --- */ - - if (*q++ != 0) - goto fail; - sz--; - mq = q + hsz; - qq = q + sz; - n = sz - hsz; - c = pp->cc->init(q, hsz); - c->ops->decrypt(c, mq, mq, n); - c->ops->destroy(c); - - /* --- Now check the recovery --- */ + /* --- Split up the buffer --- */ - ppp = mq + hsz; - while (ppp < qq) { - if (*ppp) - goto fail; - ppp++; - } + pssz = sz - hsz - pp->ssz - 2; + s = b + pssz + 1; + r = s + pp->ssz; + if (r[hsz] != 0xbc) + return (-1); - /* --- Done --- */ + /* --- Decode the seed --- */ - if (pp->salt) { - if (memcmp(pp->salt, mq, hsz) != 0) - goto fail; - } else { - qq = xmalloc(hsz); - memcpy(qq, mq, hsz); - pp->salt = qq; - } - dstr_putm(d, q, hsz); - rc = hsz; - -fail: - x_free(d->a, q - 1); - return (rc); -} + if (b[0] & ~mask) + return (-1); + c = GC_INIT(pp->cc, r, hsz); + GC_DECRYPT(c, b, b, pssz + pp->ssz + 1); + GC_DESTROY(c); + b[0] &= mask; + for (i = 0; i < pssz; i++) + if (b[i]) return (-1); + if (b[pssz] != 0x01) + return (-1); -/* --- @pss_preverify@ --- * - * - * Arguments: @pss *pp@ = pointer to PSS parameter block - * - * Returns: An initialized generic hash context. - * - * Use: Initializes a hash function for use with PSS. A salt is - * read from the parameter block, where @pss_decode@ should have - * left it. - */ + /* --- Hash the message --- */ -ghash *pss_preverify(pss *pp) -{ - size_t hsz = pp->ch->hashsz; - ghash *h = pp->ch->init(); - h->ops->hash(h, pp->salt, hsz); - return (h); -} + h = GH_INIT(pp->ch); + GH_HASH(h, z8, 8); + GH_HASH(h, m, msz); + GH_HASH(h, s, pp->ssz); + s = GH_DONE(h, 0); + rc = !memcmp(s, r, hsz); + GH_DESTROY(h); + if (!rc) return (-1); -/* --- @pss_done@ --- * - * - * Arguments: @pss *pp@ = pointer to PSS parameter block - * - * Returns: --- - * - * Use: Disposes of a PSS parameter block once it's finished with. - */ + /* --- Done --- */ -void pss_done(pss *pp) -{ - if (pp->salt) { - xfree(pp->salt); - pp->salt = 0; - } + return (0); } /*----- That's all, folks -------------------------------------------------*/ diff --git a/pss.h b/pss.h deleted file mode 100644 index 32928e4..0000000 --- a/pss.h +++ /dev/null @@ -1,167 +0,0 @@ -/* -*-c-*- - * - * $Id: pss.h,v 1.2 2003/05/16 09:42:03 mdw Exp $ - * - * Probabistic signature scheme - * - * (c) 2000 Straylight/Edgeware - */ - -/*----- Licensing notice --------------------------------------------------* - * - * This file is part of Catacomb. - * - * Catacomb is free software; you can redistribute it and/or modify - * it under the terms of the GNU Library General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * Catacomb is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Library General Public License for more details. - * - * You should have received a copy of the GNU Library General Public - * License along with Catacomb; if not, write to the Free - * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, - * MA 02111-1307, USA. - */ - -/*----- Revision history --------------------------------------------------* - * - * $Log: pss.h,v $ - * Revision 1.2 2003/05/16 09:42:03 mdw - * Declare @pss_preverify@ instead of repeating @pss_resign@. - * - * Revision 1.1 2000/07/20 20:13:38 mdw - * Added Bellare and Rogaway's PSS encoding for RSA signatures. - * - */ - -/*----- Notes on PSS ------------------------------------------------------* - * - * Applying PSS before RSA signing renders the construction provably secure, - * in that the difficulty of forging a signature is directly related to the - * difficulty of inverting the RSA function, in the random oracle model. - * This is a good thing. PSS was designed by Bellare and Rogaway. This - * particular variant is the one specified in draft 1 of PKCS#1 version 2.1. - * - * Stanford University have a patent claim on PSS, although if (as seems - * likely) PSS is included in IEEE P1363, they'll grant a free world-wide - * licence to use the scheme for signatures with appendix (rather than - * signatures with message recovery). - */ - -#ifndef CATACOMB_PSS_H -#define CATACOMB_PSS_H - -#ifdef __cplusplus - extern "C" { -#endif - -/*----- Header files ------------------------------------------------------*/ - -#include -#include - -#ifndef CATACOMB_GCIPHER_H -# include "gcipher.h" -#endif - -#ifndef CATACOMB_GHASH_H -# include "ghash.h" -#endif - -#ifndef CATACOMB_GRAND_H -# include "grand.h" -#endif - -/*----- Data structures ---------------------------------------------------*/ - -typedef struct pss { - const gccipher *cc; /* Cipher class for masking */ - const gchash *ch; /* Hash class for choosing a seed */ - grand *r; /* Random number source */ - void *salt; /* Pointer to the salt */ -} pss; - -/*----- Functions provided ------------------------------------------------*/ - -/* --- @pss_presign@ --- * - * - * Arguments: @pss *pp@ = pointer to PSS parameter block - * - * Returns: An initialized generic hash context. - * - * Use: Initializes a hash function for signing with PSS. A salt is - * chosen and written into the parameter block. - */ - -extern ghash *pss_presign(pss */*pp*/); - -/* --- @pss_encode@ --- * - * - * Arguments: @const void *msg@ = pointer to message (hash) data - * @size_t msz@ = size of message data - * @void *buf@ = pointer to output buffer - * @size_t sz@ = size of the output buffer - * @void *p@ = pointer to PSS parameter block - * - * Returns: Zero of all went well, negative on failure. - * - * Use: Implements the operation @EMSA-PSS-ENCODE@, as defined in - * PKCS#1 v. 2.1 draft 1. - */ - -extern int pss_encode(const void */*msg*/, size_t /*msz*/, - void */*buf*/, size_t /*sz*/, void */*p*/); - -/* --- @pss_decode@ --- * - * - * Arguments: @const void *buf@ = pointer to encoded buffer - * @size_t sz@ = size of the encoded byffer - * @dstr *d@ = pointer to destination string - * @void *p@ = pointer to PSS parameter block - * - * Returns: The length of the output string (hash) if successful, - * negative on failure. - * - * Use: Implements most of the operation @EMSA_PSS_VERIFY@, as - * defined in PCSK#1 v. 2.1 draft 1. The salt value is filled - * in ready for hashing of the data to start. - */ - -extern int pss_decode(const void */*buf*/, size_t /*sz*/, - dstr */*d*/, void */*p*/); - -/* --- @pss_preverify@ --- * - * - * Arguments: @pss *pp@ = pointer to PSS parameter block - * - * Returns: An initialized generic hash context. - * - * Use: Initializes a hash function for use with PSS. A salt is - * read from the parameter block, where @pss_decode@ should have - * left it. - */ - -extern ghash *pss_preverify(pss */*pp*/); - -/* --- @pss_done@ --- * - * - * Arguments: @pss *pp@ = pointer to PSS parameter block - * - * Returns: --- - * - * Use: Disposes of a PSS parameter block once it's finished with. - */ - -extern void pss_done(pss */*pp*/); - -/*----- That's all, folks -------------------------------------------------*/ - -#ifdef __cplusplus - } -#endif - -#endif diff --git a/ptab.h b/ptab.h index 271eb57..05e1a5b 100644 --- a/ptab.h +++ b/ptab.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: ptab.h,v 1.1 2004/04/01 12:50:09 mdw Exp $ + * $Id: ptab.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Table of standard prime groups * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: ptab.h,v $ - * Revision 1.1 2004/04/01 12:50:09 mdw - * Add cyclic group abstraction, with test code. Separate off exponentation - * functions for better static linking. Fix a buttload of bugs on the way. - * Generally ensure that negative exponents do inversion correctly. Add - * table of standard prime-field subgroups. (Binary field subgroups are - * currently unimplemented but easy to add if anyone ever finds a good one.) - * - */ - #ifndef CATACOMB_PTAB_H #define CATACOMB_PTAB_H diff --git a/qdparse.c b/qdparse.c index 2fe6998..4b38b02 100644 --- a/qdparse.c +++ b/qdparse.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: qdparse.c,v 1.1 2004/03/27 17:54:12 mdw Exp $ + * $Id: qdparse.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Quick-and-dirty parser * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: qdparse.c,v $ - * Revision 1.1 2004/03/27 17:54:12 mdw - * Standard curves and curve checking. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/qdparse.h b/qdparse.h index 078b344..bbc900a 100644 --- a/qdparse.h +++ b/qdparse.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: qdparse.h,v 1.1 2004/03/27 17:54:12 mdw Exp $ + * $Id: qdparse.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Quick-and-dirty parser * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: qdparse.h,v $ - * Revision 1.1 2004/03/27 17:54:12 mdw - * Standard curves and curve checking. - * - */ - #ifndef CATACOMB_QDPARSE_H #define CATACOMB_QDPARSE_H diff --git a/rabin.c b/rabin.c index 200ab0d..729ecce 100644 --- a/rabin.c +++ b/rabin.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rabin.c,v 1.8 2004/04/02 01:03:49 mdw Exp $ + * $Id: rabin.c,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Miller-Rabin primality test * @@ -27,37 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rabin.c,v $ - * Revision 1.8 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.7 2002/01/13 13:42:53 mdw - * More efficient Rabin-Miller test: with random witnesses, skip redundant - * Montgomerization. (Being bijective, it can't affect the distribution.) - * - * Revision 1.6 2001/06/16 12:56:38 mdw - * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@. - * - * Revision 1.5 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.4 2000/06/22 19:03:02 mdw - * Use the new @mp_odd@ function. - * - * Revision 1.3 1999/12/22 15:50:29 mdw - * Reworking for new prime-search system. Add function for working out how - * many iterations to use for a particular number. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/11/19 13:17:57 mdw - * Prime number generator and tester. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/rabin.h b/rabin.h index d5ee9d3..7fe4965 100644 --- a/rabin.h +++ b/rabin.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rabin.h,v 1.6 2002/01/13 13:42:53 mdw Exp $ + * $Id: rabin.h,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Miller-Rabin primality test * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rabin.h,v $ - * Revision 1.6 2002/01/13 13:42:53 mdw - * More efficient Rabin-Miller test: with random witnesses, skip redundant - * Montgomerization. (Being bijective, it can't affect the distribution.) - * - * Revision 1.5 2000/07/09 21:32:16 mdw - * rabin_test: Correct error in comment. - * - * Revision 1.4 2000/06/17 11:52:48 mdw - * Typesetting fix. - * - * Revision 1.3 1999/12/22 15:50:29 mdw - * Reworking for new prime-search system. Add function for working out how - * many iterations to use for a particular number. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/11/19 13:17:57 mdw - * Prime number generator and tester. - * - */ - #ifndef CATACOMB_RABIN_H #define CATACOMB_RABIN_H diff --git a/rand.c b/rand.c index c3b777d..827474b 100644 --- a/rand.c +++ b/rand.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rand.c,v 1.5 2000/06/17 11:53:55 mdw Exp $ + * $Id: rand.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Secure random number generator * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rand.c,v $ - * Revision 1.5 2000/06/17 11:53:55 mdw - * Deprecate `rand_getgood'. Provide a new interface to ensure that a pool - * is well seeded. Use secure arena for memory allocation. - * - * Revision 1.4 1999/12/13 15:34:28 mdw - * Increase the entropy threshhold in rand_getgood. - * - * Revision 1.3 1999/12/10 23:28:07 mdw - * Bug fix: rand_getgood didn't update buffer pointer. - * - * Revision 1.2 1999/10/12 21:00:15 mdw - * Make pool and buffer sizes more sensible. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rand.h b/rand.h index 05721fc..fc6247b 100644 --- a/rand.h +++ b/rand.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rand.h,v 1.8 2001/02/03 16:07:33 mdw Exp $ + * $Id: rand.h,v 1.9 2004/04/08 01:36:15 mdw Exp $ * * Secure random number generator * @@ -27,37 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rand.h,v $ - * Revision 1.8 2001/02/03 16:07:33 mdw - * Give generic random objects separate namespaces for their supported misc - * ops. - * - * Revision 1.7 2000/10/08 12:07:18 mdw - * Remove spurious comma in enum. - * - * Revision 1.6 2000/06/17 11:53:38 mdw - * Deprecate `rand_getgood'. Provide a new interface to ensure that a pool - * is well seeded. - * - * Revision 1.5 1999/12/13 15:34:15 mdw - * Fix a typo. - * - * Revision 1.4 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.3 1999/10/15 21:04:30 mdw - * Increase output buffer a bit for performance. - * - * Revision 1.2 1999/10/12 21:00:15 mdw - * Make pool and buffer sizes more sensible. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on the random number generator ------------------------------* * * The algorithm is one of the author's own devising. It may therefore be diff --git a/rc2-tab.h b/rc2-tab.h index f08adba..795afb6 100644 --- a/rc2-tab.h +++ b/rc2-tab.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rc2-tab.h,v 1.1 2001/04/29 17:39:52 mdw Exp $ + * $Id: rc2-tab.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Substitution table for RC2 * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rc2-tab.h,v $ - * Revision 1.1 2001/04/29 17:39:52 mdw - * Moved big horrible table to a separate header. - * - */ - #ifndef CATACOMB_RC2_TAB_H #define CATACOMB_RC2_TAB_H diff --git a/rc2.c b/rc2.c index be158f8..3fbeadc 100644 --- a/rc2.c +++ b/rc2.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rc2.c,v 1.2 2001/04/29 17:39:52 mdw Exp $ + * $Id: rc2.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The RC2 block cipher * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rc2.c,v $ - * Revision 1.2 2001/04/29 17:39:52 mdw - * Moved big horrible table to a separate header. - * - * Revision 1.1 2000/06/17 11:54:34 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rc2.h b/rc2.h index 5217a33..99965fb 100644 --- a/rc2.h +++ b/rc2.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rc2.h,v 1.1 2000/06/17 11:54:34 mdw Exp $ + * $Id: rc2.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The RC2 block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rc2.h,v $ - * Revision 1.1 2000/06/17 11:54:34 mdw - * New cipher. - * - */ - /*----- Notes on the RC2 block cipher -------------------------------------* * * RC2 was designed by Ron Rivest, and for a long time was a trade secret of diff --git a/rc4.c b/rc4.c index bf978d3..ac011b1 100644 --- a/rc4.c +++ b/rc4.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rc4.c,v 1.5 2001/04/03 19:36:36 mdw Exp $ + * $Id: rc4.c,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * The alleged RC4 stream cipher * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rc4.c,v $ - * Revision 1.5 2001/04/03 19:36:36 mdw - * Don't use @va_arg@ as an argument to @STORE32@! - * - * Revision 1.4 2000/06/17 11:55:22 mdw - * New key size interface. Allow key material to be combined with an - * existing initialized context. Use secure arena for memory allocation. - * - * Revision 1.3 1999/12/13 15:34:01 mdw - * Add support for seeding from a generic pseudorandom source. - * - * Revision 1.2 1999/12/10 23:27:35 mdw - * Generic cipher and RNG interfaces. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rc4.h b/rc4.h index 856846e..ae22b4a 100644 --- a/rc4.h +++ b/rc4.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rc4.h,v 1.3 2000/06/17 11:55:13 mdw Exp $ + * $Id: rc4.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The alleged RC4 stream cipher * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rc4.h,v $ - * Revision 1.3 2000/06/17 11:55:13 mdw - * New key size interface. Allow key material to be combined with an - * existing initialized context. - * - * Revision 1.2 1999/12/10 23:27:46 mdw - * Generic cipher and RNG interfaces. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on RC4 ------------------------------------------------------* * * RC4 is a stream cipher desgigned by Ron Rivest. For a while RC4 was a diff --git a/rc5.c b/rc5.c index a1cae70..1636532 100644 --- a/rc5.c +++ b/rc5.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rc5.c,v 1.2 2000/06/17 11:56:00 mdw Exp $ + * $Id: rc5.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The RC5-32/12 block cipher * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rc5.c,v $ - * Revision 1.2 2000/06/17 11:56:00 mdw - * New key size interface. Use secure arena for memory allocation. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rc5.h b/rc5.h index 04bcf32..93a0a9e 100644 --- a/rc5.h +++ b/rc5.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rc5.h,v 1.3 2000/06/17 11:55:50 mdw Exp $ + * $Id: rc5.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The RC5-32/12 block cipher * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rc5.h,v $ - * Revision 1.3 2000/06/17 11:55:50 mdw - * New key size interface. Add notes about the cipher. - * - * Revision 1.2 1999/12/10 23:29:48 mdw - * Change header file guard names. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on the RC5 block cipher -------------------------------------* * * RC5 was designed by Ron Rivest as a test vehicle for the use of data- diff --git a/rho.c b/rho.c index 57754d3..d762460 100644 --- a/rho.c +++ b/rho.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rho.c,v 1.4 2004/04/02 01:03:49 mdw Exp $ + * $Id: rho.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Pollard's rho algorithm for discrete logs * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rho.c,v $ - * Revision 1.4 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.3 2001/06/16 12:56:38 mdw - * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@. - * - * Revision 1.2 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.1 2000/07/09 21:32:30 mdw - * Pollard's rho algorithm for computing discrete logs. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "fibrand.h" diff --git a/rho.h b/rho.h index 2760096..c4eb12a 100644 --- a/rho.h +++ b/rho.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rho.h,v 1.2 2004/04/02 01:03:49 mdw Exp $ + * $Id: rho.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Pollard's rho algorithm for discrete logs * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rho.h,v $ - * Revision 1.2 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.1 2000/07/09 21:32:30 mdw - * Pollard's rho algorithm for computing discrete logs. - * - */ - #ifndef CATACOMB_RHO_H #define CATACOMB_RHO_H diff --git a/rijndael-base.c b/rijndael-base.c index 0fe7213..b2480c8 100644 --- a/rijndael-base.c +++ b/rijndael-base.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael-base.c,v 1.1 2001/05/07 17:31:37 mdw Exp $ + * $Id: rijndael-base.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Low-level stuff for all Rijndael block sizes * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael-base.c,v $ - * Revision 1.1 2001/05/07 17:31:37 mdw - * Centralize Rijndael tables and key scheduling. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rijndael-base.h b/rijndael-base.h index 1c17fdf..684dadb 100644 --- a/rijndael-base.h +++ b/rijndael-base.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael-base.h,v 1.1 2001/05/07 17:31:37 mdw Exp $ + * $Id: rijndael-base.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Internal header for Rijndael implementation * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael-base.h,v $ - * Revision 1.1 2001/05/07 17:31:37 mdw - * Centralize Rijndael tables and key scheduling. - * - */ - #ifndef CATACOMB_RIJNDAEL_BASE_H #define CATACOMB_RIJNDAEL_BASE_H diff --git a/rijndael-mktab.c b/rijndael-mktab.c index f5a73b8..4360f20 100644 --- a/rijndael-mktab.c +++ b/rijndael-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael-mktab.c,v 1.3 2000/10/14 17:13:19 mdw Exp $ + * $Id: rijndael-mktab.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Build precomputed tables for the Rijndael block cipher * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael-mktab.c,v $ - * Revision 1.3 2000/10/14 17:13:19 mdw - * Fix some compile errors. - * - * Revision 1.2 2000/06/18 23:12:15 mdw - * Change typesetting of Galois Field names. - * - * Revision 1.1 2000/06/17 11:56:07 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rijndael.c b/rijndael.c index 981e79c..dc86274 100644 --- a/rijndael.c +++ b/rijndael.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael.c,v 1.4 2001/05/07 17:31:53 mdw Exp $ + * $Id: rijndael.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * The Rijndael block cipher * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael.c,v $ - * Revision 1.4 2001/05/07 17:31:53 mdw - * Separate out key scheduling. - * - * Revision 1.3 2001/05/07 15:44:46 mdw - * Fix unusual numbers of rounds. Simplify implementation. - * - * Revision 1.2 2000/12/06 20:32:59 mdw - * Fix round count for weird key sizes. - * - * Revision 1.1 2000/06/17 11:56:07 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rijndael.h b/rijndael.h index 282cef8..6b772e2 100644 --- a/rijndael.h +++ b/rijndael.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael.h,v 1.3 2001/05/07 17:31:53 mdw Exp $ + * $Id: rijndael.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The Rijndael block cipher * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael.h,v $ - * Revision 1.3 2001/05/07 17:31:53 mdw - * Separate out key scheduling. - * - * Revision 1.2 2000/10/08 15:48:58 mdw - * Update comments now that AES has been chosen. - * - * Revision 1.1 2000/06/17 11:56:07 mdw - * New cipher. - * - */ - /*----- Notes on the Rijndael block cipher --------------------------------* * * Invented by Joan Daemen and Vincent Rijmen, Rijndael is a fast, elegant diff --git a/rijndael192.c b/rijndael192.c index 1ed3b23..d6af09b 100644 --- a/rijndael192.c +++ b/rijndael192.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael192.c,v 1.1 2001/05/07 17:32:03 mdw Exp $ + * $Id: rijndael192.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Rijndael block cipher, 192-bit version * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael192.c,v $ - * Revision 1.1 2001/05/07 17:32:03 mdw - * New Rijndael block sizes. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rijndael192.h b/rijndael192.h index 39e2186..39f74c9 100644 --- a/rijndael192.h +++ b/rijndael192.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael192.h,v 1.1 2001/05/07 17:32:03 mdw Exp $ + * $Id: rijndael192.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Rijndael block cipher, 192-bit version * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael192.h,v $ - * Revision 1.1 2001/05/07 17:32:03 mdw - * New Rijndael block sizes. - * - */ - #ifndef CATACOMB_RIJNDAEL192_H #define CATACOMB_RIJNDAEL192_H diff --git a/rijndael256.c b/rijndael256.c index 7fc9633..957e544 100644 --- a/rijndael256.c +++ b/rijndael256.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael256.c,v 1.1 2001/05/07 17:32:03 mdw Exp $ + * $Id: rijndael256.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Rijndael block cipher, 256-bit version * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael256.c,v $ - * Revision 1.1 2001/05/07 17:32:03 mdw - * New Rijndael block sizes. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rijndael256.h b/rijndael256.h index 69ad8cb..add26be 100644 --- a/rijndael256.h +++ b/rijndael256.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rijndael256.h,v 1.1 2001/05/07 17:32:03 mdw Exp $ + * $Id: rijndael256.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Rijndael block cipher, 256-bit version * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rijndael256.h,v $ - * Revision 1.1 2001/05/07 17:32:03 mdw - * New Rijndael block sizes. - * - */ - #ifndef CATACOMB_RIJNDAEL256_H #define CATACOMB_RIJNDAEL256_H diff --git a/rmd128.c b/rmd128.c index c3a3012..781258f 100644 --- a/rmd128.c +++ b/rmd128.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rmd128.c,v 1.1 2000/07/09 21:30:31 mdw Exp $ + * $Id: rmd128.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The RIPEMD-128 message digest function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rmd128.c,v $ - * Revision 1.1 2000/07/09 21:30:31 mdw - * New RIPEMD variants. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rmd128.h b/rmd128.h index d5dc313..8549697 100644 --- a/rmd128.h +++ b/rmd128.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rmd128.h,v 1.2 2000/10/15 19:09:20 mdw Exp $ + * $Id: rmd128.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The RIPEMD-128 message digest function * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rmd128.h,v $ - * Revision 1.2 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.1 2000/07/09 21:30:31 mdw - * New RIPEMD variants. - * - */ - /*----- Notes on the RIPEMD-128 hash function -----------------------------* * * RIPEMD-128 was invented by Hans Dobbertin, Antoon Bosselaers and Bart diff --git a/rmd160.c b/rmd160.c index 3d56e0d..05a2c5d 100644 --- a/rmd160.c +++ b/rmd160.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rmd160.c,v 1.3 2000/06/17 11:31:43 mdw Exp $ + * $Id: rmd160.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The RIPEMD-160 message digest function * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rmd160.c,v $ - * Revision 1.3 2000/06/17 11:31:43 mdw - * Portability fix for broken compilers. - * - * Revision 1.2 1999/12/10 23:20:03 mdw - * New hash interface requirements. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rmd160.h b/rmd160.h index 47454e9..13c7701 100644 --- a/rmd160.h +++ b/rmd160.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rmd160.h,v 1.4 2000/10/15 19:09:20 mdw Exp $ + * $Id: rmd160.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * The RIPEMD-160 message digest function * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rmd160.h,v $ - * Revision 1.4 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.3 2000/06/17 11:32:52 mdw - * Change buffer offset to be unsigned. - * - * Revision 1.2 1999/12/10 23:20:03 mdw - * New hash interface requirements. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on the RIPEMD-160 hash function -----------------------------* * * RIPEMD-160 was invented by Hans Dobbertin, Antoon Bosselaers and Bart diff --git a/rmd256.c b/rmd256.c index e4068e4..e545436 100644 --- a/rmd256.c +++ b/rmd256.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rmd256.c,v 1.2 2001/02/23 09:02:52 mdw Exp $ + * $Id: rmd256.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The RIPEMD-256 message digest function * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rmd256.c,v $ - * Revision 1.2 2001/02/23 09:02:52 mdw - * Fix poorly copied comment. - * - * Revision 1.1 2000/07/09 21:30:31 mdw - * New RIPEMD variants. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rmd256.h b/rmd256.h index 28a9dfd..d9d6d40 100644 --- a/rmd256.h +++ b/rmd256.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rmd256.h,v 1.2 2000/10/15 19:09:20 mdw Exp $ + * $Id: rmd256.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The RIPEMD-256 message digest function * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rmd256.h,v $ - * Revision 1.2 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.1 2000/07/09 21:30:31 mdw - * New RIPEMD variants. - * - */ - /*----- Notes on the RIPEMD-256 hash function -----------------------------* * * RIPEMD-256 was invented by Hans Dobbertin, Antoon Bosselaers and Bart diff --git a/rmd320.c b/rmd320.c index 8e948c2..ed38f15 100644 --- a/rmd320.c +++ b/rmd320.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rmd320.c,v 1.1 2000/07/09 21:30:31 mdw Exp $ + * $Id: rmd320.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The RIPEMD-320 message digest function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rmd320.c,v $ - * Revision 1.1 2000/07/09 21:30:31 mdw - * New RIPEMD variants. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/rmd320.h b/rmd320.h index 5afa688..ae774d9 100644 --- a/rmd320.h +++ b/rmd320.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rmd320.h,v 1.2 2000/10/15 19:09:20 mdw Exp $ + * $Id: rmd320.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The RIPEMD-320 message digest function * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rmd320.h,v $ - * Revision 1.2 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.1 2000/07/09 21:30:31 mdw - * New RIPEMD variants. - * - */ - /*----- Notes on the RIPEMD-320 hash function -----------------------------* * * RIPEMD-320 was invented by Hans Dobbertin, Antoon Bosselaers and Bart diff --git a/rsa-fetch.c b/rsa-fetch.c index feb8e97..4436946 100644 --- a/rsa-fetch.c +++ b/rsa-fetch.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rsa-fetch.c,v 1.2 2000/07/01 11:19:22 mdw Exp $ + * $Id: rsa-fetch.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Key fetching for RSA public and private keys * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rsa-fetch.c,v $ - * Revision 1.2 2000/07/01 11:19:22 mdw - * New functions for freeing public and private keys. - * - * Revision 1.1 2000/06/17 10:41:45 mdw - * Table for driving key data extraction. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "key.h" diff --git a/rsa-gen.c b/rsa-gen.c index e3f5fda..951ab9f 100644 --- a/rsa-gen.c +++ b/rsa-gen.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rsa-gen.c,v 1.4 2000/10/08 12:11:22 mdw Exp $ + * $Id: rsa-gen.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * RSA parameter generation * @@ -27,38 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rsa-gen.c,v $ - * Revision 1.4 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.3 2000/07/01 11:22:22 mdw - * Remove bad type name `rsa_param'. - * - * Revision 1.2 2000/06/17 12:05:15 mdw - * Lots of changes: - * - * * Apply limits on %$\gcd(p - 1, q - 1)$% to reduce the space of - * equivalent decryption exponents. - * - * * Force %$e = F_4 = 2^{16} + 1$% to avoid small-encryption-exponent - * attacks. - * - * * Ensure that %$p > q$% and that %$p - q$% is large to deter - * square-root-based factoring methods. - * - * * Use %$e d \equiv 1 \pmod{\lambda(n)}$%, where %$\lambda(n)$% is - * %$\lcm(p - 1, q - 1)$%, as recommended in PKCS#1, rather than the - * more usual %$\varphi(n) = (p - 1)(q - 1)$%. - * - * * Handle aborts from pgen_jump. - * - * Revision 1.1 1999/12/22 15:50:45 mdw - * Initial RSA support. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -163,7 +131,7 @@ again: /* --- Work out the modulus and the CRT coefficient --- */ rp->n = mp_mul(MP_NEW, rp->p, rp->q); - rp->q_inv = MP_NEW; mp_gcd(0, 0, &rp->q_inv, rp->p, rp->q); + rp->q_inv = mp_modinv(MP_NEW, rp->q, rp->p); /* --- Work out %$\varphi(n) = (p - 1)(q - 1)$% --- * * diff --git a/rsa-priv.c b/rsa-priv.c index a529f0b..8869ca4 100644 --- a/rsa-priv.c +++ b/rsa-priv.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rsa-priv.c,v 1.3 2001/06/16 12:56:38 mdw Exp $ + * $Id: rsa-priv.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * RSA private-key operations * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rsa-priv.c,v $ - * Revision 1.3 2001/06/16 12:56:38 mdw - * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@. - * - * Revision 1.2 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.1 2000/07/01 11:23:20 mdw - * Renamed from `rsa-decrypt', since the name was no longer appropriate. - * Add functions for doing padded RSA decryption and signing. - * - * --- Previous lives as rsa-decrypt.c --- - * - * Revision 1.2 2000/06/17 11:57:56 mdw - * Improve bulk performance by making better use of Montgomery - * multiplication and separating out initialization and finalization from - * the main code. - * - * Revision 1.1 1999/12/22 15:50:45 mdw - * Initial RSA support. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -228,82 +203,59 @@ mp *rsa_qprivop(rsa_priv *rp, mp *d, mp *c, grand *r) /* --- @rsa_sign@ --- * * * Arguments: @rsa_privctx *rp@ = pointer to an RSA private key context + * @mp *d@ = where to put the result * @const void *m@ = pointer to input message - * @size_t sz@ = size of input message - * @dstr *d@ = pointer to output string - * @rsa_encodeproc e@ = encoding procedure + * @size_t msz@ = size of input message + * @rsa_pad *e@ = encoding procedure * @void *earg@ = argument pointer for encoding procedure * - * Returns: The length of the output string if successful, negative on + * Returns: The signature, as a multiprecision integer, or null on * failure. * * Use: Computes an RSA digital signature. */ -int rsa_sign(rsa_privctx *rp, const void *m, size_t sz, - dstr *d, rsa_encodeproc e, void *earg) +mp *rsa_sign(rsa_privctx *rp, mp *d, const void *m, size_t msz, + rsa_pad *e, void *earg) { - mp *x; - size_t n = mp_octets(rp->rp->n); octet *p; - int rc; - - /* --- Sort out some space --- */ - - dstr_ensure(d, n); - p = (octet *)d->buf + d->len; - p[0] = 0; - - /* --- Do the packing --- */ - - if ((rc = e(m, sz, p, n, earg)) < 0) - return (rc); - - /* --- Do the encryption --- */ - - x = mp_loadb(MP_NEWSEC, p, n); - x = rsa_privop(rp, x, x); - mp_storeb(x, p, n); - d->len += n; - mp_drop(x); - return (n); + unsigned long nb = mp_bits(rp->rp->n); + size_t n = (nb + 7)/8; + arena *a = d && d->a ? d->a->a : arena_global; + + p = x_alloc(a, n); + d = e(d, m, msz, p, n, nb, earg); + x_free(a, p); + return (d ? rsa_privop(rp, d, d) : 0); } /* --- @rsa_decrypt@ --- * * * Arguments: @rsa_privctx *rp@ = pointer to an RSA private key context - * @const void *m@ = pointer to input message - * @size_t sz@ = size of input message + * @mp *m@ = encrypted message, as a multiprecision integer * @dstr *d@ = pointer to output string - * @rsa_decodeproc e@ = decoding procedure + * @rsa_decunpad *e@ = decoding procedure * @void *earg@ = argument pointer for decoding procedure * * Returns: The length of the output string if successful, negative on * failure. * - * Use: Does RSA signature verification. + * Use: Does RSA decryption. */ -int rsa_decrypt(rsa_privctx *rp, const void *m, size_t sz, - dstr *d, rsa_decodeproc e, void *earg) +int rsa_decrypt(rsa_privctx *rp, mp *m, dstr *d, + rsa_decunpad *e, void *earg) { - mp *x; - size_t n = mp_octets(rp->rp->n); - octet *p; + mp *p = rsa_privop(rp, MP_NEW, m); + unsigned long nb = mp_bits(rp->rp->n); + size_t n = (nb + 7)/8; int rc; - /* --- Do the exponentiation --- */ - - p = x_alloc(d->a, n); - x = mp_loadb(MP_NEW, m, sz); - x = rsa_privop(rp, x, x); - mp_storeb(x, p, n); - mp_drop(x); - - /* --- Do the decoding --- */ - - rc = e(p, n, d, earg); - x_free(d->a, p); + dstr_ensure(d, n); + rc = e(p, (octet *)d->buf + d->len, n, nb, earg); + if (rc >= 0) + d->len += rc; + mp_drop(p); return (rc); } diff --git a/rsa-pub.c b/rsa-pub.c index e5ec16c..df3fed1 100644 --- a/rsa-pub.c +++ b/rsa-pub.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rsa-pub.c,v 1.2 2000/10/08 16:00:32 mdw Exp $ + * $Id: rsa-pub.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * [RSA encryption with padding * * (c) 2000 Straylight/Edgeware @@ -26,18 +26,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rsa-pub.c,v $ - * Revision 1.2 2000/10/08 16:00:32 mdw - * Fix compiler warning. - * - * Revision 1.1 2000/07/01 11:23:52 mdw - * Public-key operations, for symmetry with `rsa-priv.c'. Functions for - * doing padded RSA encryption and signature verification. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -121,82 +109,83 @@ mp *rsa_qpubop(rsa_pub *rp, mp *d, mp *c) /* --- @rsa_encrypt@ --- * * * Arguments: @rsa_pubctx *rp@ = pointer to an RSA public key context + * @mp *d@ = proposed destination integer * @const void *m@ = pointer to input message - * @size_t sz@ = size of input message - * @dstr *d@ = pointer to output string - * @rsa_encodeproc e@ = encoding procedure + * @size_t msz@ = size of input message + * @rsa_pad *e@ = encoding procedure * @void *earg@ = argument pointer for encoding procedure * - * Returns: The length of the output string if successful, negative on - * failure. + * Returns: The encrypted message, as a multiprecision integer, or null + * on failure. * * Use: Does RSA encryption. */ -int rsa_encrypt(rsa_pubctx *rp, const void *m, size_t sz, - dstr *d, rsa_encodeproc e, void *earg) +mp *rsa_encrypt(rsa_pubctx *rp, mp *d, const void *m, size_t msz, + rsa_pad *e, void *earg) { - mp *x; - size_t n = mp_octets(rp->rp->n); octet *p; - int rc; - - /* --- Sort out some space --- */ - - dstr_ensure(d, n); - p = (octet *)d->buf + d->len; - p[0] = 0; - - /* --- Do the packing --- */ - - if ((rc = e(m, sz, p, n, earg)) < 0) - return (rc); - - /* --- Do the encryption --- */ - - x = mp_loadb(MP_NEWSEC, p, n); - x = rsa_pubop(rp, x, x); - mp_storeb(x, p, n); - d->len += n; - mp_drop(x); - return (n); + unsigned long nb = mp_bits(rp->rp->n); + size_t n = (nb + 7)/8; + arena *a = d && d->a ? d->a->a : arena_global; + + p = x_alloc(a, n); + d = e(d, m, msz, p, n, nb, earg); + x_free(a, p); + return (d ? rsa_pubop(rp, d, d) : 0); } /* --- @rsa_verify@ --- * * - * Arguments: @rsa_pubctx *rp@ = pointer to an RSA public key context - * @const void *m@ = pointer to input message - * @size_t sz@ = size of input message - * @dstr *d@ = pointer to output string - * @rsa_decodeproc e@ = decoding procedure + * Arguments: @rsa_pubctx *rp@ = pointer to an RSA public key contxt + * @mp *s@ = the signature, as a multiprecision integer + * @const void *m@ = pointer to message to verify, or null + * @size_t msz@ = size of input message + * @dstr *d@ = pointer to output string, or null + * @rsa_vfrunpad *e@ = decoding procedure * @void *earg@ = argument pointer for decoding procedure * - * Returns: The length of the output string if successful, negative on - * failure. + * Returns: The length of the output string if successful (0 if no output + * was wanted); negative on failure. * - * Use: Does RSA signature verification. + * Use: Does RSA signature verification. To use a signature scheme + * with recovery, pass in @m == 0@ and @d != 0@: the recovered + * message should appear in @d@. To use a signature scheme with + * appendix, provide @m != 0@ and @d == 0@; the result should be + * zero for success. */ -int rsa_verify(rsa_pubctx *rp, const void *m, size_t sz, - dstr *d, rsa_decodeproc e, void *earg) +int rsa_verify(rsa_pubctx *rp, mp *s, const void *m, size_t msz, + dstr *d, rsa_vrfunpad *e, void *earg) { - mp *x; - size_t n = mp_octets(rp->rp->n); - octet *p; + mp *p = rsa_pubop(rp, MP_NEW, s); + unsigned long nb = mp_bits(rp->rp->n); + size_t n = (nb + 7)/8; + dstr dd = DSTR_INIT; int rc; - /* --- Do the exponentiation --- */ - - p = x_alloc(d->a, n); - x = mp_loadb(MP_NEW, m, sz); - x = rsa_pubop(rp, x, x); - mp_storeb(x, p, n); - mp_drop(x); + /* --- Decoder protocol --- * + * + * We deal with two kinds of decoders: ones with message recovery and ones + * with appendix. A decoder with recovery will leave a message in the + * buffer and exit nonzero: we'll check that against @m@ if provided and + * just leave it otherwise. A decoder with appendix will inspect @m@ and + * return zero or @-1@ itself. + */ - /* --- Do the decoding --- */ - - rc = e(p, n, d, earg); - x_free(d->a, p); + if (!d) d = ⅆ + dstr_ensure(d, n); + rc = e(p, m, msz, (octet *)d->buf + d->len, n, nb, earg); + if (rc > 0 && m) { + if (rc != msz || memcmp(d->buf + d->len, m, msz) != 0) + rc = -1; + else + rc = 0; + } + if (rc > 0) + d->len += rc; + mp_drop(p); + dstr_destroy(&dd); return (rc); } diff --git a/rsa-recover.c b/rsa-recover.c index 8052ddc..5cf1f06 100644 --- a/rsa-recover.c +++ b/rsa-recover.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rsa-recover.c,v 1.6 2001/06/16 12:56:38 mdw Exp $ + * $Id: rsa-recover.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Recover RSA parameters * @@ -27,31 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rsa-recover.c,v $ - * Revision 1.6 2001/06/16 12:56:38 mdw - * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@. - * - * Revision 1.5 2000/10/08 12:11:22 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.4 2000/07/01 11:22:22 mdw - * Remove bad type name `rsa_param'. - * - * Revision 1.3 2000/06/22 19:03:14 mdw - * Use the new @mp_odd@ function. - * - * Revision 1.2 2000/06/17 12:07:19 mdw - * Fix a bug in argument validation. Force %$p > q$% in output. Use - * %$\lambda(n) = \lcm(p - 1, q - 1)$% rather than the more traditional - * %$\phi(n) = (p - 1)(q - 1)$% when computing the decryption exponent. - * - * Revision 1.1 1999/12/22 15:50:45 mdw - * Initial RSA support. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "mp.h" diff --git a/rsa-test.c b/rsa-test.c new file mode 100644 index 0000000..16f44e5 --- /dev/null +++ b/rsa-test.c @@ -0,0 +1,514 @@ +/* -*-c-*- + * + * $Id: rsa-test.c,v 1.1 2004/04/08 01:36:15 mdw Exp $ + * + * Testing RSA padding operations + * + * (c) 2004 Straylight/Edgeware + */ + +/*----- Licensing notice --------------------------------------------------* + * + * This file is part of Catacomb. + * + * Catacomb is free software; you can redistribute it and/or modify + * it under the terms of the GNU Library General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * Catacomb is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with Catacomb; if not, write to the Free + * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +/*----- Header files ------------------------------------------------------*/ + +#include "fibrand.h" +#include "rsa.h" + +/*----- Main code ---------------------------------------------------------*/ + +static int tencpad(int nbits, + dstr *p, int rc, mp *c, + const char *ename, dstr *eparam, rsa_pad *e, void *earg) +{ + size_t n = (nbits + 7)/8; + void *q = xmalloc(n); + mp *d; + int ok = 1; + + d = e(MP_NEW, p->buf, p->len, q, n, nbits, earg); + if (!d == !rc || (!rc && !MP_EQ(d, c))) { + ok = 0; + fprintf(stderr, "*** %s padding failed!\n", ename); + fprintf(stderr, "*** padding bits = %d\n", nbits); + if (eparam) { + fprintf(stderr, "*** encoding parameters = "); + type_hex.dump(eparam, stderr); + fputc('\n', stderr); + } + fprintf(stderr, "*** input message = "); type_hex.dump(p, stderr); + if (rc) + fprintf(stderr, "\n*** expected failure\n"); + else { + MP_EPRINTX("\n*** expected", c); + MP_EPRINTX("*** computed", d); + } + } + mp_drop(d); + mp_drop(c); + xfree(q); + assert(mparena_count(MPARENA_GLOBAL) == 0); + return (ok); +} + +#define tsigpad tencpad + +#define DSTR_EQ(x, y) \ + ((x)->len == (y)->len && !memcmp((x)->buf, (y)->buf, (x)->len)) + +static int tdecpad(int nbits, + mp *c, int rc, dstr *p, + const char *ename, dstr *eparam, + rsa_decunpad *e, void *earg) +{ + dstr d = DSTR_INIT; + int n = (nbits + 7)/8; + int ok = 1; + + dstr_ensure(&d, n); + n = e(c, (octet *)d.buf, n, nbits, earg); + if (n >= 0) + d.len += n; + if (n != rc || (rc >= 0 && !DSTR_EQ(&d, p))) { + ok = 0; + fprintf(stderr, "*** %s encryption unpadding failed!\n", ename); + fprintf(stderr, "*** padding bits = %d\n", nbits); + if (eparam) { + fprintf(stderr, "*** encoding parameters = "); + type_hex.dump(eparam, stderr); + fputc('\n', stderr); + } + MP_EPRINTX("*** input", c); + if (rc < 0) + fprintf(stderr, "*** expected failure\n"); + else { + fprintf(stderr, "*** expected: %d = ", rc); type_hex.dump(p, stderr); + fprintf(stderr, "\n*** computed: %d = ", n); type_hex.dump(&d, stderr); + fprintf(stderr, "\n"); + } + } + mp_drop(c); + dstr_destroy(&d); + assert(mparena_count(MPARENA_GLOBAL) == 0); + return (ok); +} + +static int tvrfpad(int nbits, + mp *c, dstr *m, int rc, dstr *p, + const char *ename, dstr *eparam, + rsa_vrfunpad *e, void *earg) +{ + dstr d = DSTR_INIT; + int n = (nbits + 7)/8; + int ok = 1; + + dstr_ensure(&d, n); + n = e(c, m->len ? (octet *)m->buf : 0, m->len, + (octet *)d.buf, n, nbits, earg); + if (n >= 0) + d.len += n; + if (n != rc || (rc >= 0 && !DSTR_EQ(&d, p))) { + ok = 0; + fprintf(stderr, "*** %s signature unpadding failed!\n", ename); + fprintf(stderr, "*** padding bits = %d\n", nbits); + MP_EPRINTX("*** input", c); + if (eparam) { + fprintf(stderr, "*** encoding parameters = "); + type_hex.dump(eparam, stderr); + fputc('\n', stderr); + } + fprintf(stderr, "*** message = "); type_hex.dump(m, stderr); + if (rc < 0) + fprintf(stderr, "\n*** expected failure\n"); + else { + fprintf(stderr, "\n*** expected = %d: ", rc); type_hex.dump(p, stderr); + fprintf(stderr, "\n*** computed = %d: ", n); type_hex.dump(&d, stderr); + fprintf(stderr, "\n"); + } + } + mp_drop(c); + dstr_destroy(&d); + assert(mparena_count(MPARENA_GLOBAL) == 0); + return (ok); +} + +static int tencpub(rsa_pub *rp, + dstr *p, int rc, mp *c, + const char *ename, dstr *eparam, rsa_pad *e, void *earg) +{ + mp *d; + rsa_pubctx rpc; + int ok = 1; + + rsa_pubcreate(&rpc, rp); + d = rsa_encrypt(&rpc, MP_NEW, p->buf, p->len, e, earg); + if (!d == !rc || (!rc && !MP_EQ(d, c))) { + ok = 0; + fprintf(stderr, "*** encrypt with %s padding failed!\n", ename); + MP_EPRINTX("*** key.n", rp->n); + MP_EPRINTX("*** key.e", rp->e); + if (eparam) { + fprintf(stderr, "*** encoding parameters = "); + type_hex.dump(eparam, stderr); + fputc('\n', stderr); + } + fprintf(stderr, "*** input message = "); type_hex.dump(p, stderr); + if (rc) + fprintf(stderr, "\n*** expected failure\n"); + else { + MP_EPRINTX("\n*** expected", c); + MP_EPRINTX("*** computed", d); + } + } + rsa_pubdestroy(&rpc); + rsa_pubfree(rp); + mp_drop(d); + mp_drop(c); + assert(mparena_count(MPARENA_GLOBAL) == 0); + return (ok); +} + +static int tsigpriv(rsa_priv *rp, + dstr *p, int rc, mp *c, + const char *ename, dstr *eparam, rsa_pad *e, void *earg) +{ + mp *d; + grand *r = fibrand_create(0); + rsa_privctx rpc; + int ok = 1; + + rsa_privcreate(&rpc, rp, r); + d = rsa_sign(&rpc, MP_NEW, p->buf, p->len, e, earg); + if (!d == !rc || (!rc && !MP_EQ(d, c))) { + ok = 0; + fprintf(stderr, "*** sign with %s padding failed!\n", ename); + MP_EPRINTX("*** key.n", rp->n); + MP_EPRINTX("*** key.d", rp->d); + MP_EPRINTX("*** key.e", rp->e); + if (eparam) { + fprintf(stderr, "*** encoding parameters = "); + type_hex.dump(eparam, stderr); + fputc('\n', stderr); + } + fprintf(stderr, "*** input message = "); type_hex.dump(p, stderr); + if (rc) + fprintf(stderr, "\n*** expected failure\n"); + else { + MP_EPRINTX("\n*** expected", c); + MP_EPRINTX("\n*** computed", d); + } + } + rsa_privdestroy(&rpc); + rsa_privfree(rp); + mp_drop(d); + mp_drop(c); + GR_DESTROY(r); + assert(mparena_count(MPARENA_GLOBAL) == 0); + return (ok); +} + +static int tdecpriv(rsa_priv *rp, + mp *c, int rc, dstr *p, + const char *ename, dstr *eparam, + rsa_decunpad *e, void *earg) +{ + rsa_privctx rpc; + dstr d = DSTR_INIT; + grand *r = fibrand_create(0); + int n; + int ok = 1; + + rsa_privcreate(&rpc, rp, r); + n = rsa_decrypt(&rpc, c, &d, e, earg); + if (n != rc || (rc >= 0 && !DSTR_EQ(&d, p))) { + ok = 0; + fprintf(stderr, "*** decryption with %s padding failed!\n", ename); + MP_EPRINTX("*** key.n", rp->n); + MP_EPRINTX("*** key.d", rp->d); + MP_EPRINTX("*** key.e", rp->e); + if (eparam) { + fprintf(stderr, "*** encoding parameters = "); + type_hex.dump(eparam, stderr); + fputc('\n', stderr); + } + MP_EPRINTX("*** input", c); + if (rc < 0) + fprintf(stderr, "*** expected failure\n"); + else { + fprintf(stderr, "*** expected = %d: ", rc); type_hex.dump(p, stderr); + fprintf(stderr, "\n*** computed = %d: ", n); type_hex.dump(&d, stderr); + fprintf(stderr, "\n"); + } + } + rsa_privdestroy(&rpc); + rsa_privfree(rp); + mp_drop(c); + dstr_destroy(&d); + GR_DESTROY(r); + assert(mparena_count(MPARENA_GLOBAL) == 0); + return (ok); +} + +static int tvrfpub(rsa_pub *rp, + mp *c, dstr *m, int rc, dstr *p, + const char *ename, dstr *eparam, + rsa_vrfunpad *e, void *earg) +{ + rsa_pubctx rpc; + dstr d = DSTR_INIT; + int n; + int ok = 1; + + rsa_pubcreate(&rpc, rp); + n = rsa_verify(&rpc, c, m->len ? m->buf : 0, m->len, &d, e, earg); + if (n != rc || (rc >= 0 && !DSTR_EQ(&d, p))) { + ok = 0; + fprintf(stderr, "*** verification with %s padding failed!\n", ename); + MP_EPRINTX("*** key.n", rp->n); + MP_EPRINTX("*** key.e", rp->e); + if (eparam) { + fprintf(stderr, "*** encoding parameters = "); + type_hex.dump(eparam, stderr); + fputc('\n', stderr); + } + MP_EPRINTX("*** input", c); + fprintf(stderr, "*** message = "); type_hex.dump(m, stderr); + if (rc < 0) + fprintf(stderr, "*** expected failure\n"); + else { + fprintf(stderr, "*** expected = %d: ", rc); type_hex.dump(p, stderr); + fprintf(stderr, "\n*** computed = %d: ", n); type_hex.dump(&d, stderr); + fprintf(stderr, "\n"); + } + } + rsa_pubdestroy(&rpc); + rsa_pubfree(rp); + mp_drop(c); + dstr_destroy(&d); + assert(mparena_count(MPARENA_GLOBAL) == 0); + return (ok); +} + +/*----- Deep magic --------------------------------------------------------* + * + * Wahey! Whacko macro programming on curry and lager. There's nothing like + * it. + */ + +#define DECL_priv \ + rsa_priv rp = { 0 }; +#define FUNC_priv \ + rp.n = *(mp **)v++->buf; \ + rp.e = *(mp **)v++->buf; \ + rp.d = *(mp **)v++->buf; \ + rsa_recover(&rp); +#define ARG_priv \ + &rp, +#define TAB_priv \ + &type_mp, &type_mp, &type_mp, + +#define DECL_pub \ + rsa_pub rp; +#define FUNC_pub \ + rp.n = *(mp **)v++->buf; \ + rp.e = *(mp **)v++->buf; +#define ARG_pub \ + &rp, +#define TAB_pub \ + &type_mp, &type_mp, + +#define DECL_pad \ + int nbits; +#define FUNC_pad \ + nbits = *(int *)v++->buf; +#define ARG_pad \ + nbits, +#define TAB_pad \ + &type_int, + +#define DECL_enc \ + dstr *p; \ + int rc; \ + mp *c; +#define FUNC_enc \ + p = v++; \ + rc = *(int *)v++->buf; \ + c = *(mp **)v++->buf; +#define ARG_enc \ + p, rc, c, +#define TAB_enc \ + &type_hex, &type_int, &type_mp, + +#define DECL_sig DECL_enc +#define FUNC_sig FUNC_enc +#define ARG_sig ARG_enc +#define TAB_sig TAB_enc + +#define DECL_dec \ + mp *c; \ + int rc; \ + dstr *p; +#define FUNC_dec \ + c = *(mp **)v++->buf; \ + rc = *(int *)v++->buf; \ + p = v++; +#define ARG_dec \ + c, rc, p, +#define TAB_dec \ + &type_mp, &type_int, &type_hex, + +#define DECL_vrf \ + mp *c; \ + dstr *m; \ + int rc; \ + dstr *p; +#define FUNC_vrf \ + c = *(mp **)v++->buf; \ + m = v++; \ + rc = *(int *)v++->buf; \ + p = v++; +#define ARG_vrf \ + c, m, rc, p, +#define TAB_vrf \ + &type_mp, &type_hex, &type_int, &type_hex, + +#define DECL_p1enc \ + pkcs1 p1; \ + dstr *ep; +#define FUNC_p1enc \ + p1.r = fib; \ + ep = v++; \ + p1.ep = ep->buf; \ + p1.epsz = ep->len; +#define ARG_p1enc \ + "pkcs1", ep, pkcs1_cryptencode, &p1 +#define TAB_p1enc \ + &type_hex + +#define DECL_p1sig DECL_p1enc +#define FUNC_p1sig FUNC_p1enc +#define ARG_p1sig \ + "pkcs1", ep, pkcs1_sigencode, &p1 +#define TAB_p1sig TAB_p1enc + +#define DECL_p1dec DECL_p1enc +#define FUNC_p1dec FUNC_p1enc +#define ARG_p1dec \ + "pkcs1", ep, pkcs1_cryptdecode, &p1 +#define TAB_p1dec TAB_p1enc + +#define DECL_p1vrf DECL_p1enc +#define FUNC_p1vrf FUNC_p1enc +#define ARG_p1vrf \ + "pkcs1", ep, pkcs1_sigdecode, &p1 +#define TAB_p1vrf TAB_p1enc + +#define DECL_oaepenc \ + oaep o; \ + dstr *ep; +#define FUNC_oaepenc \ + o.r = fib; \ + o.cc = gcipher_byname(v++->buf); \ + o.ch = ghash_byname(v++->buf); \ + ep = v++; \ + o.ep = ep->buf; \ + o.epsz = ep->len; +#define ARG_oaepenc \ + "oaep", ep, oaep_encode, &o +#define TAB_oaepenc \ + &type_string, &type_string, &type_hex + +#define DECL_oaepdec DECL_oaepenc +#define FUNC_oaepdec FUNC_oaepenc +#define ARG_oaepdec \ + "oaep", ep, oaep_decode, &o +#define TAB_oaepdec TAB_oaepenc + +#define DECL_psssig \ + pss pp; +#define FUNC_psssig \ + pp.r = fib; \ + pp.cc = gcipher_byname(v++->buf); \ + pp.ch = ghash_byname(v++->buf); \ + pp.ssz = *(int *)v++->buf; +#define ARG_psssig \ + "pss", 0, pss_encode, &pp +#define TAB_psssig \ + &type_string, &type_string, &type_int + +#define DECL_pssvrf DECL_psssig +#define FUNC_pssvrf FUNC_psssig +#define ARG_pssvrf \ + "pss", 0, pss_decode, &pp +#define TAB_pssvrf TAB_psssig + +#define TESTS(DO) \ + DO(pad, enc, p1enc) \ + DO(pad, dec, p1dec) \ + DO(pad, sig, p1sig) \ + DO(pad, vrf, p1vrf) \ + DO(pub, enc, p1enc) \ + DO(priv, dec, p1dec) \ + DO(priv, sig, p1sig) \ + DO(pub, vrf, p1vrf) \ + DO(pad, enc, oaepenc) \ + DO(pad, dec, oaepdec) \ + DO(pub, enc, oaepenc) \ + DO(priv, dec, oaepdec) \ + DO(pad, sig, psssig) \ + DO(pad, vrf, pssvrf) \ + DO(priv, sig, psssig) \ + DO(pub, vrf, pssvrf) + +#define FUNCS(key, op, enc) \ + int t_##key##_##enc(dstr *v) \ + { \ + DECL_##key \ + DECL_##op \ + DECL_##enc \ + fib->ops->misc(fib, GRAND_SEEDINT, 14); \ + FUNC_##key \ + FUNC_##op \ + FUNC_##enc \ + return (t##op##key(ARG_##key ARG_##op ARG_##enc)); \ + } + +#define TAB(key, op, enc) \ + { #enc "-" #key, t_##key##_##enc, { TAB_##key TAB_##op TAB_##enc } }, + +static grand *fib; + +TESTS(FUNCS) + +static const test_chunk tests[] = { + TESTS(TAB) + { 0 } +}; + +int main(int argc, char *argv[]) +{ + sub_init(); + fib = fibrand_create(0); + test_run(argc, argv, tests, SRCDIR "/tests/rsa"); + GR_DESTROY(fib); + return (0); +} + +/*----- That's all, folks -------------------------------------------------*/ diff --git a/rsa.h b/rsa.h index e40f5e4..cf8848c 100644 --- a/rsa.h +++ b/rsa.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rsa.h,v 1.3 2000/07/01 11:24:37 mdw Exp $ + * $Id: rsa.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The RSA public-key cryptosystem * @@ -27,22 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rsa.h,v $ - * Revision 1.3 2000/07/01 11:24:37 mdw - * Remove bad type name `rsa_param'. New functions for freeing public and - * private keys. Add types and functions for doing pubic key operations, - * and padded RSA operations. - * - * Revision 1.2 2000/06/17 12:07:36 mdw - * Add key fetching interface. Add new rsa_decrypt interface. - * - * Revision 1.1 1999/12/22 15:50:45 mdw - * Initial RSA support. - * - */ - #ifndef CATACOMB_RSA_H #define CATACOMB_RSA_H @@ -56,6 +40,14 @@ # include "grand.h" #endif +#ifndef CATACOMB_GCIPHER_H +# include "gcipher.h" +#endif + +#ifndef CATACOMB_GHASH_H +# include "ghash.h" +#endif + #ifndef CATACOMB_KEY_H # include "key.h" #endif @@ -104,10 +96,16 @@ typedef struct rsa_pubctx { * See `oaep.h' and `pkcs1.h' for appropriate encoding functions. */ -typedef int (*rsa_encodeproc)(const void */*m*/, size_t /*msz*/, - void */*buf*/, size_t /*sz*/, void */*p*/); -typedef int (*rsa_decodeproc)(const void */*m*/, size_t /*msz*/, - dstr */*d*/, void */*p*/); +typedef mp *rsa_pad(mp */*d*/, const void */*m*/, size_t /*msz*/, + octet */*b*/, size_t /*sz*/, + unsigned long /*nbits*/, void */*p*/); + +typedef int rsa_decunpad(mp */*m*/, octet */*b*/, size_t /*sz*/, + unsigned long /*nbits*/, void */*p*/); + +typedef int rsa_vrfunpad(mp */*s*/, const void */*m*/, size_t /*msz*/, + octet */*b*/, size_t /*sz*/, + unsigned long /*nbits*/, void */*p*/); /*----- Key fetching ------------------------------------------------------*/ @@ -196,38 +194,38 @@ extern mp *rsa_qprivop(rsa_priv */*rp*/, mp */*d*/, mp */*c*/, grand */*r*/); /* --- @rsa_sign@ --- * * * Arguments: @rsa_privctx *rp@ = pointer to an RSA private key context + * @mp *d@ = where to put the result * @const void *m@ = pointer to input message - * @size_t sz@ = size of input message - * @dstr *d@ = pointer to output string - * @rsa_encodeproc e@ = encoding procedure + * @size_t msz@ = size of input message + * @rsa_pad *e@ = encoding procedure * @void *earg@ = argument pointer for encoding procedure * - * Returns: The length of the output string if successful, negative on + * Returns: The signature, as a multiprecision integer, or null on * failure. * * Use: Computes an RSA digital signature. */ -extern int rsa_sign(rsa_privctx */*rp*/, const void */*m*/, size_t /*sz*/, - dstr */*d*/, rsa_encodeproc /*e*/, void */*earg*/); +extern mp *rsa_sign(rsa_privctx */*rp*/, mp */*d*/, + const void */*m*/, size_t /*msz*/, + rsa_pad */*e*/, void */*earg*/); /* --- @rsa_decrypt@ --- * * * Arguments: @rsa_privctx *rp@ = pointer to an RSA private key context - * @const void *m@ = pointer to input message - * @size_t sz@ = size of input message + * @mp *m@ = encrypted message, as a multiprecision integer * @dstr *d@ = pointer to output string - * @rsa_decodeproc e@ = decoding procedure + * @rsa_decunpad *e@ = decoding procedure * @void *earg@ = argument pointer for decoding procedure * * Returns: The length of the output string if successful, negative on * failure. * - * Use: Does RSA signature verification. + * Use: Does RSA decryption. */ -extern int rsa_decrypt(rsa_privctx */*rp*/, const void */*m*/, size_t /*sz*/, - dstr */*d*/, rsa_decodeproc /*e*/, void */*earg*/); +extern int rsa_decrypt(rsa_privctx */*rp*/, mp */*m*/, + dstr */*d*/, rsa_decunpad */*e*/, void */*earg*/); /*----- RSA public key operations -----------------------------------------*/ @@ -283,38 +281,45 @@ extern mp *rsa_qpubop(rsa_pub */*rp*/, mp */*d*/, mp */*c*/); /* --- @rsa_encrypt@ --- * * * Arguments: @rsa_pubctx *rp@ = pointer to an RSA public key context + * @mp *d@ = proposed destination integer * @const void *m@ = pointer to input message - * @size_t sz@ = size of input message - * @dstr *d@ = pointer to output string - * @rsa_encodeproc e@ = encoding procedure + * @size_t msz@ = size of input message + * @rsa_pad *e@ = encoding procedure * @void *earg@ = argument pointer for encoding procedure * - * Returns: The length of the output string if successful, negative on - * failure. + * Returns: The encrypted message, as a multiprecision integer, or null + * on failure. * * Use: Does RSA encryption. */ -extern int rsa_encrypt(rsa_pubctx */*rp*/, const void */*m*/, size_t /*sz*/, - dstr */*d*/, rsa_encodeproc /*e*/, void */*earg*/); +extern mp *rsa_encrypt(rsa_pubctx */*rp*/, mp */*d*/, + const void */*m*/, size_t /*msz*/, + rsa_pad */*e*/, void */*earg*/); /* --- @rsa_verify@ --- * * * Arguments: @rsa_pubctx *rp@ = pointer to an RSA public key contxt - * @const void *m@ = pointer to input message + * @mp *s@ = the signature, as a multiprecision integer + * @const void *m@ = pointer to message to verify, or null * @size_t sz@ = size of input message - * @dstr *d@ = pointer to output string - * @rsa_decodeproc e@ = decoding procedure + * @dstr *d@ = pointer to output string, or null + * @rsa_vfrunpad *e@ = decoding procedure * @void *earg@ = argument pointer for decoding procedure * - * Returns: The length of the output string if successful, negative on - * failure. + * Returns: The length of the output string if successful (0 if no output + * was wanted); negative on failure. * - * Use: Does RSA signature verification. + * Use: Does RSA signature verification. To use a signature scheme + * with recovery, pass in @m == 0@ and @d != 0@: the recovered + * message should appear in @d@. To use a signature scheme with + * appendix, provide @m != 0@ and @d == 0@; the result should be + * zero for success. */ -extern int rsa_verify(rsa_pubctx */*rp*/, const void */*m*/, size_t /*sz*/, - dstr */*d*/, rsa_decodeproc /*e*/, void */*earg*/); +extern int rsa_verify(rsa_pubctx */*rp*/, mp */*s*/, + const void */*m*/, size_t /*sz*/, dstr */*d*/, + rsa_vrfunpad */*e*/, void */*earg*/); /*----- Miscellaneous operations ------------------------------------------*/ @@ -350,6 +355,46 @@ extern int rsa_gen(rsa_priv */*rp*/, unsigned /*nbits*/, extern int rsa_recover(rsa_priv */*rp*/); +/*----- Padding schemes ---------------------------------------------------*/ + +/* --- PKCS1 padding --- */ + +typedef struct pkcs1 { + grand *r; /* Random number source */ + const void *ep; /* Encoding parameters block */ + size_t epsz; /* Size of the parameter block */ +} pkcs1; + +extern rsa_pad pkcs1_cryptencode; +extern rsa_decunpad pkcs1_cryptdecode; +extern rsa_pad pkcs1_sigencode; +extern rsa_vrfunpad pkcs1_sigdecode; + +/* --- OAEP --- */ + +typedef struct oaep { + const gccipher *cc; /* Cipher class for masking */ + const gchash *ch; /* Hash class for parameter block */ + grand *r; /* Random number source */ + const void *ep; /* Encoding parameters block */ + size_t epsz; /* Size of the parameter block */ +} oaep; + +extern rsa_pad oaep_encode; +extern rsa_decunpad oaep_decode; + +/* --- PSS --- */ + +typedef struct pss { + const gccipher *cc; /* Cipher class for masking */ + const gchash *ch; /* Hash class for choosing a seed */ + grand *r; /* Random number source */ + size_t ssz; /* Requested salt size */ +} pss; + +extern rsa_pad pss_encode; +extern rsa_vrfunpad pss_decode; + /*----- That's all, folks -------------------------------------------------*/ #ifdef __cplusplus diff --git a/rspit.c b/rspit.c index 831dde7..e9d5c29 100644 --- a/rspit.c +++ b/rspit.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: rspit.c,v 1.19 2001/06/16 23:42:17 mdw Exp $ + * $Id: rspit.c,v 1.20 2004/04/08 01:36:15 mdw Exp $ * * Spit out random numbers * @@ -27,75 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: rspit.c,v $ - * Revision 1.19 2001/06/16 23:42:17 mdw - * Typesetting fixes. - * - * Revision 1.18 2001/05/08 22:17:41 mdw - * New cipher Noekeon added. - * - * Revision 1.17 2001/05/07 17:33:19 mdw - * New Rijndael block sizes. - * - * Revision 1.16 2001/04/29 18:11:32 mdw - * New block ciphers. - * - * Revision 1.15 2001/04/19 18:26:13 mdw - * Use the new MAC keysize names. - * - * Revision 1.14 2001/02/21 20:03:22 mdw - * Added support for MD2 hash function. - * - * Revision 1.13 2000/12/06 20:33:27 mdw - * Make flags be macros rather than enumerations, to ensure that they're - * unsigned. - * - * Revision 1.12 2000/10/08 15:49:18 mdw - * Remove failed kludge for shutting up a warning. - * - * Revision 1.11 2000/10/08 12:10:32 mdw - * Make table have external linkage to bodge around deficiency in C. The - * problem is that @static gen generators[];@ is considered to be a - * `tentative definition', and therefore mustn't have incomplete type, - * which it obviously has. - * - * Revision 1.10 2000/08/11 21:34:59 mdw - * New restartable interface to Maurer testing. - * - * Revision 1.9 2000/08/04 23:24:15 mdw - * Add a timer and a discard option. - * - * Revision 1.8 2000/07/29 22:05:47 mdw - * Fix error in help message about Maurer test syntax. - * - * Revision 1.7 2000/07/18 23:01:26 mdw - * Improve progress indications, and allow user to choose chunk sizes for - * Maurer's test. - * - * Revision 1.6 2000/07/15 20:53:35 mdw - * Add a load of new ciphers and hashes. - * - * Revision 1.5 2000/07/01 11:27:03 mdw - * Portability fix: don't assume that `stdout' is a constant expression. - * Remove old type name `bbs_param'. - * - * Revision 1.4 2000/06/17 12:08:28 mdw - * Restructure handling of cipher-based generators. Add counter-mode - * ciphers and MGF-1 hash functions. Add FIPS 140-1 and Maurer's tests. - * - * Revision 1.3 2000/02/12 18:21:03 mdw - * Overhaul of key management (again). - * - * Revision 1.2 1999/12/22 15:59:51 mdw - * New prime-search system. Read BBS keys from key files. - * - * Revision 1.1 1999/12/10 23:29:13 mdw - * Emit random numbers for statistical tests. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "config.h" diff --git a/safer-mktab.c b/safer-mktab.c index 783ef14..bfcaed6 100644 --- a/safer-mktab.c +++ b/safer-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: safer-mktab.c,v 1.1 2001/04/29 17:49:54 mdw Exp $ + * $Id: safer-mktab.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generate tables for SAFER * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: safer-mktab.c,v $ - * Revision 1.1 2001/04/29 17:49:54 mdw - * Added SAFER block cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/safer.c b/safer.c index 1c97eab..4eaf34b 100644 --- a/safer.c +++ b/safer.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: safer.c,v 1.1 2001/04/29 17:37:35 mdw Exp $ + * $Id: safer.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The SAFER block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: safer.c,v $ - * Revision 1.1 2001/04/29 17:37:35 mdw - * Added SAFER block cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/safer.h b/safer.h index 8432bef..95b5b9e 100644 --- a/safer.h +++ b/safer.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: safer.h,v 1.2 2001/04/29 18:11:38 mdw Exp $ + * $Id: safer.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The SAFER block cipher * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: safer.h,v $ - * Revision 1.2 2001/04/29 18:11:38 mdw - * Add some notes. - * - * Revision 1.1 2001/04/29 17:37:35 mdw - * Added SAFER block cipher. - * - */ - /*----- Notes on the SAFER block cipher -----------------------------------* * * SAFER was designed by James Massey (who also worked on IDEA) for Cylink. diff --git a/seal.c b/seal.c index 92901b1..b3e96a1 100644 --- a/seal.c +++ b/seal.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: seal.c,v 1.1 2000/06/17 12:08:34 mdw Exp $ + * $Id: seal.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The SEAL pseudo-random function family * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: seal.c,v $ - * Revision 1.1 2000/06/17 12:08:34 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/seal.h b/seal.h index 62f6db9..ed5d9f3 100644 --- a/seal.h +++ b/seal.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: seal.h,v 1.1 2000/06/17 12:08:34 mdw Exp $ + * $Id: seal.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The SEAL pseudo-random function family * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: seal.h,v $ - * Revision 1.1 2000/06/17 12:08:34 mdw - * New cipher. - * - */ - /*----- Notes on the SEAL pseudo-random function family -------------------* * * SEAL is a slightly odd cryptographic primitive. It was designed by Phil diff --git a/serpent-check.c b/serpent-check.c index 647beea..9aac0f2 100644 --- a/serpent-check.c +++ b/serpent-check.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: serpent-check.c,v 1.1 2000/06/17 12:08:43 mdw Exp $ + * $Id: serpent-check.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Check the Serpent S-boxes * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: serpent-check.c,v $ - * Revision 1.1 2000/06/17 12:08:43 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/serpent-sbox.h b/serpent-sbox.h index 7285bb2..27b6f93 100644 --- a/serpent-sbox.h +++ b/serpent-sbox.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: serpent-sbox.h,v 1.1 2000/06/17 12:08:43 mdw Exp $ + * $Id: serpent-sbox.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Bitslice S-box implementations * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: serpent-sbox.h,v $ - * Revision 1.1 2000/06/17 12:08:43 mdw - * New cipher. - * - */ - /*----- Credit where it's due ---------------------------------------------* * * These S-box expressions are taken from the paper `Speeding up Serpent', by diff --git a/serpent.c b/serpent.c index d04d65b..75ceec8 100644 --- a/serpent.c +++ b/serpent.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: serpent.c,v 1.1 2000/06/17 12:08:43 mdw Exp $ + * $Id: serpent.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Serpent block cipher * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: serpent.c,v $ - * Revision 1.1 2000/06/17 12:08:43 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/serpent.h b/serpent.h index 0e6ce1c..02ea4de 100644 --- a/serpent.h +++ b/serpent.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: serpent.h,v 1.2 2000/10/08 15:48:58 mdw Exp $ + * $Id: serpent.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Serpent block cipher * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: serpent.h,v $ - * Revision 1.2 2000/10/08 15:48:58 mdw - * Update comments now that AES has been chosen. - * - * Revision 1.1 2000/06/17 12:08:43 mdw - * New cipher. - * - */ - /*----- Notes on the Serpent block cipher ---------------------------------* * * Serpent was designed and proposed for the AES contest by Ross Anderson, diff --git a/sha.c b/sha.c index 918e6d3..02f51bc 100644 --- a/sha.c +++ b/sha.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: sha.c,v 1.3 2000/06/17 11:31:43 mdw Exp $ + * $Id: sha.c,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the SHA-1 hash function * @@ -27,20 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: sha.c,v $ - * Revision 1.3 2000/06/17 11:31:43 mdw - * Portability fix for broken compilers. - * - * Revision 1.2 1999/12/10 23:20:03 mdw - * New hash interface requirements. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/sha.h b/sha.h index 97003ef..fe924c7 100644 --- a/sha.h +++ b/sha.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: sha.h,v 1.5 2000/10/15 19:09:20 mdw Exp $ + * $Id: sha.h,v 1.6 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the SHA-1 hash function * @@ -27,27 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: sha.h,v $ - * Revision 1.5 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.4 2000/06/17 11:32:52 mdw - * Change buffer offset to be unsigned. - * - * Revision 1.3 1999/12/10 23:20:03 mdw - * New hash interface requirements. - * - * Revision 1.2 1999/11/19 13:20:08 mdw - * Modify notes section slightly. - * - * Revision 1.1 1999/09/03 08:41:12 mdw - * Initial import. - * - */ - /*----- Notes on the SHA-1 hash function ----------------------------------* * * SHA (Secure Hash Algorithm) was designed by the NSA, for use with the diff --git a/sha256.c b/sha256.c index 8ffc689..74148b1 100644 --- a/sha256.c +++ b/sha256.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: sha256.c,v 1.2 2004/03/21 22:43:34 mdw Exp $ + * $Id: sha256.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the SHA-256 hash function * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: sha256.c,v $ - * Revision 1.2 2004/03/21 22:43:34 mdw - * New hash variant SHA224. - * - * Revision 1.1 2000/10/15 17:48:14 mdw - * New SHA variants with longer outputs. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/sha256.h b/sha256.h index ca6e18c..c418118 100644 --- a/sha256.h +++ b/sha256.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: sha256.h,v 1.3 2004/03/21 22:43:34 mdw Exp $ + * $Id: sha256.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the SHA-256 hash function * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: sha256.h,v $ - * Revision 1.3 2004/03/21 22:43:34 mdw - * New hash variant SHA224. - * - * Revision 1.2 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.1 2000/10/15 17:48:15 mdw - * New SHA variants with longer outputs. - * - */ - /*----- Notes on the SHA-256 hash function ----------------------------------* * * SHA-1 (Secure Hash Algorithm) was designed by the NSA, for use with the diff --git a/sha512.c b/sha512.c index e9b7254..e913d67 100644 --- a/sha512.c +++ b/sha512.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: sha512.c,v 1.1 2000/10/15 17:48:15 mdw Exp $ + * $Id: sha512.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the SHA-512 hash function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: sha512.c,v $ - * Revision 1.1 2000/10/15 17:48:15 mdw - * New SHA variants with longer outputs. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/sha512.h b/sha512.h index 0a695f9..d2e3540 100644 --- a/sha512.h +++ b/sha512.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: sha512.h,v 1.2 2000/10/15 19:09:20 mdw Exp $ + * $Id: sha512.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the SHA-512 hash function * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: sha512.h,v $ - * Revision 1.2 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.1 2000/10/15 17:48:15 mdw - * New SHA variants with longer outputs. - * - */ - /*----- Notes on the SHA-512 hash function ----------------------------------* * * SHA-1 (Secure Hash Algorithm) was designed by the NSA, for use with the diff --git a/share.c b/share.c index d0fd0f5..23d730c 100644 --- a/share.c +++ b/share.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: share.c,v 1.6 2001/02/03 16:05:41 mdw Exp $ + * $Id: share.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * Shamir's secret sharing * @@ -27,33 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: share.c,v $ - * Revision 1.6 2001/02/03 16:05:41 mdw - * Now @mp_drop@ checks its argument is non-NULL before attempting to free - * it. Note that the macro version @MP_DROP@ doesn't do this. - * - * Revision 1.5 2000/12/06 20:30:10 mdw - * Change secret sharing interface: present the secret at share - * construction time. - * - * Revision 1.4 2000/10/08 12:16:17 mdw - * Use @MP_EQ@ instead of @MP_CMP@. - * - * Revision 1.3 2000/06/24 18:29:05 mdw - * Interface change: allow shares to be extracted from a context on demand, - * rather than building them all up-front. - * - * Revision 1.2 2000/06/18 23:05:19 mdw - * Minor performance tweak: use Barrett reduction rather than Montgomery. - * Fast secret sharing isn't done here, though: see `gfshare' instead. - * - * Revision 1.1 2000/06/17 12:09:38 mdw - * Shamir's secret sharing system. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -280,7 +253,7 @@ mp *share_combine(share *s) m = mp_sub(m, &ii, &jj); m = mp_sub(m, s->p, m); } - mp_gcd(0, 0, &m, s->p, m); + m = mp_modinv(m, m, s->p); c = mp_mul(c, c, &jj); c = mpbarrett_reduce(&mb, c, c); c = mp_mul(c, c, m); diff --git a/share.h b/share.h index a875e06..9683c07 100644 --- a/share.h +++ b/share.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: share.h,v 1.3 2000/12/06 20:30:10 mdw Exp $ + * $Id: share.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * Shamir's secret sharing * @@ -27,22 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: share.h,v $ - * Revision 1.3 2000/12/06 20:30:10 mdw - * Change secret sharing interface: present the secret at share - * construction time. - * - * Revision 1.2 2000/06/24 18:29:05 mdw - * Interface change: allow shares to be extracted from a context on demand, - * rather than building them all up-front. - * - * Revision 1.1 2000/06/17 12:09:38 mdw - * Shamir's secret sharing system. - * - */ - /*----- Notes on the sharing system ---------------------------------------* * * Shamir's secret-sharing system is based on polynomial interpolation modulo diff --git a/skipjack-tab.h b/skipjack-tab.h index ff357ac..344b6f3 100644 --- a/skipjack-tab.h +++ b/skipjack-tab.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: skipjack-tab.h,v 1.1 2000/07/27 18:08:34 mdw Exp $ + * $Id: skipjack-tab.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Skipjack S-box * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: skipjack-tab.h,v $ - * Revision 1.1 2000/07/27 18:08:34 mdw - * Skipjack S-box table - * - */ - #ifndef CATACOMB_SKIPJACK_TAB_H #define CATACOMB_SKIPJACK_TAB_H diff --git a/skipjack.c b/skipjack.c index f0a3f23..a4c65b5 100644 --- a/skipjack.c +++ b/skipjack.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: skipjack.c,v 1.4 2004/04/02 01:03:49 mdw Exp $ + * $Id: skipjack.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * The Skipjack block cipher * @@ -27,24 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: skipjack.c,v $ - * Revision 1.4 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.3 2000/08/01 00:28:34 mdw - * Performance improvement: read keys in as 32-bit words and deal them out - * byte-by-byte. - * - * Revision 1.2 2000/07/15 20:48:45 mdw - * Remove some useless tests in the G function. - * - * Revision 1.1 2000/07/15 15:39:33 mdw - * The NSA's Skipjack block cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/skipjack.h b/skipjack.h index 0740a69..25f8a28 100644 --- a/skipjack.h +++ b/skipjack.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: skipjack.h,v 1.2 2000/08/01 00:28:34 mdw Exp $ + * $Id: skipjack.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Skipjack block cipher * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: skipjack.h,v $ - * Revision 1.2 2000/08/01 00:28:34 mdw - * Performance improvement: read keys in as 32-bit words and deal them out - * byte-by-byte. - * - * Revision 1.1 2000/07/15 15:39:33 mdw - * The NSA's Skipjack block cipher. - * - */ - /*----- Notes on the Skipjack block cipher --------------------------------* * * Skipjack was designed by the NSA, as a type II algorithm to be used in the diff --git a/square-mktab.c b/square-mktab.c index a80aceb..ba2c539 100644 --- a/square-mktab.c +++ b/square-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: square-mktab.c,v 1.2 2000/08/04 18:03:19 mdw Exp $ + * $Id: square-mktab.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Build precomputed tables for the Square block cipher * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: square-mktab.c,v $ - * Revision 1.2 2000/08/04 18:03:19 mdw - * Fix comment describing the field in which inversion is done. - * - * Revision 1.1 2000/07/27 18:10:27 mdw - * Build precomuted tables for Square. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/square.c b/square.c index c0b2d76..7bdcfd8 100644 --- a/square.c +++ b/square.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: square.c,v 1.2 2001/05/07 15:44:02 mdw Exp $ + * $Id: square.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Square block cipher * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: square.c,v $ - * Revision 1.2 2001/05/07 15:44:02 mdw - * Simplify implementation. - * - * Revision 1.1 2000/07/15 20:51:58 mdw - * New block cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/square.h b/square.h index 6956536..1ea86b7 100644 --- a/square.h +++ b/square.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: square.h,v 1.1 2000/07/15 20:51:58 mdw Exp $ + * $Id: square.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Square block cipher * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: square.h,v $ - * Revision 1.1 2000/07/15 20:51:58 mdw - * New block cipher. - * - * Revision 1.1 2000/06/17 11:56:07 mdw - * New cipher. - * - */ - /*----- Notes on the Square block cipher ----------------------------------* * * Invented by Joan Daemen and Vincent Rijmen, Square is a fast and diff --git a/sslprf.c b/sslprf.c index e9682e5..05f64d1 100644 --- a/sslprf.c +++ b/sslprf.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: sslprf.c,v 1.1 2001/04/06 22:05:10 mdw Exp $ + * $Id: sslprf.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The SSL pseudo-random function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: sslprf.c,v $ - * Revision 1.1 2001/04/06 22:05:10 mdw - * Add support for SSL pseudo-random function. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -66,24 +58,24 @@ static void step(sslprf_ctx *c) ghash *h, *hh; octet *p; - h = c->ci->init(); + h = GH_INIT(c->ci); x = 'A' + c->i - 1; for (sz = c->i++; sz > 0; sz -= n) { n = sz; if (n > sizeof(buf)) n = sizeof(buf); memset(buf, x, n); - h->ops->hash(h, buf, n); + GH_HASH(h, buf, n); } - h->ops->hash(h, c->k, c->ksz); - h->ops->hash(h, c->sd, c->sdsz); - p = h->ops->done(h, 0); + GH_HASH(h, c->k, c->ksz); + GH_HASH(h, c->sd, c->sdsz); + p = GH_DONE(h, 0); - hh = c->co->init(); - hh->ops->hash(hh, c->k, c->ksz); - hh->ops->hash(hh, p, c->ihashsz); - c->p = hh->ops->done(hh, 0); - h->ops->destroy(h); + hh = GH_INIT(c->co); + GH_HASH(hh, c->k, c->ksz); + GH_HASH(hh, p, c->ihashsz); + c->p = GH_DONE(hh, 0); + GH_DESTROY(h); c->h = hh; c->sz = c->ohashsz; @@ -138,7 +130,7 @@ void sslprf_encrypt(sslprf_ctx *c, const void *src, void *dest, size_t sz) while (sz) { if (!c->sz) { - c->h->ops->destroy(c->h); + GH_DESTROY(c->h); step(c); } n = c->sz; @@ -170,7 +162,7 @@ void sslprf_encrypt(sslprf_ctx *c, const void *src, void *dest, size_t sz) void sslprf_free(sslprf_ctx *c) { - c->h->ops->destroy(c->h); + GH_DESTROY(c->h); } /* --- Generic random number generator --- */ diff --git a/sslprf.h b/sslprf.h index a46bc0f..ef7dcab 100644 --- a/sslprf.h +++ b/sslprf.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: sslprf.h,v 1.1 2001/04/06 22:05:10 mdw Exp $ + * $Id: sslprf.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The SSL pseudo-random function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: sslprf.h,v $ - * Revision 1.1 2001/04/06 22:05:10 mdw - * Add support for SSL pseudo-random function. - * - */ - #ifndef CATACOMB_SSLPRF_H #define CATACOMB_SSLPRF_H diff --git a/strongprime.c b/strongprime.c index 019691f..c1b43f4 100644 --- a/strongprime.c +++ b/strongprime.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: strongprime.c,v 1.4 2000/07/01 11:24:52 mdw Exp $ + * $Id: strongprime.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Generate `strong' prime numbers * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: strongprime.c,v $ - * Revision 1.4 2000/07/01 11:24:52 mdw - * Remove old debugging code. - * - * Revision 1.3 2000/06/17 12:10:09 mdw - * Add some argument checking. Use MP secure memory interface. - * - * Revision 1.2 2000/02/12 18:21:03 mdw - * Overhaul of key management (again). - * - * Revision 1.1 1999/12/22 15:51:22 mdw - * Find `strong' RSA primes using Gordon's algorithm. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/strongprime.h b/strongprime.h index 0b53a79..ba5a9a5 100644 --- a/strongprime.h +++ b/strongprime.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: strongprime.h,v 1.2 2000/02/12 18:21:03 mdw Exp $ + * $Id: strongprime.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * Generate `strong' prime numbers * @@ -27,17 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: strongprime.h,v $ - * Revision 1.2 2000/02/12 18:21:03 mdw - * Overhaul of key management (again). - * - * Revision 1.1 1999/12/22 15:51:22 mdw - * Find `strong' RSA primes using Gordon's algorithm. - * - */ - #ifndef CATACOMB_STRONGPRIME_H #define CATACOMB_STRONGPRIME_H diff --git a/tea.c b/tea.c index 2043337..97e92c4 100644 --- a/tea.c +++ b/tea.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tea.c,v 1.2 2000/07/29 09:56:47 mdw Exp $ + * $Id: tea.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Tiny Encryption Algorithm * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: tea.c,v $ - * Revision 1.2 2000/07/29 09:56:47 mdw - * Allow the number of rounds to be configured. This isn't exported - * through the gcipher interface, but it may be useful anyway. - * - * Revision 1.1 2000/07/15 13:44:31 mdw - * New ciphers. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/tea.h b/tea.h index 38a8da1..a7da678 100644 --- a/tea.h +++ b/tea.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tea.h,v 1.2 2000/07/29 09:56:47 mdw Exp $ + * $Id: tea.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Tiny Encryption Algorithm * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: tea.h,v $ - * Revision 1.2 2000/07/29 09:56:47 mdw - * Allow the number of rounds to be configured. This isn't exported - * through the gcipher interface, but it may be useful anyway. - * - * Revision 1.1 2000/07/15 13:44:31 mdw - * New ciphers. - * - */ - /*----- Notes on the Tiny Encryption Algorithm ----------------------------* * * TEA is an amazingly simple 64-round Feistel network. It's tiny, fairly diff --git a/tests/Makefile.m4 b/tests/Makefile.m4 index f0ce9ea..583e446 100644 --- a/tests/Makefile.m4 +++ b/tests/Makefile.m4 @@ -1,6 +1,6 @@ ## -*-fundamental-*- ## -## $Id: Makefile.m4,v 1.2 2001/04/29 18:11:20 mdw Exp $ +## $Id: Makefile.m4,v 1.3 2004/04/08 01:36:15 mdw Exp $ ## ## Build test vector files ## @@ -26,16 +26,6 @@ ## Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, ## MA 02111-1307, USA. -##----- Revision history ---------------------------------------------------- -## -## $Log: Makefile.m4,v $ -## Revision 1.2 2001/04/29 18:11:20 mdw -## New block cipher MARS. -## -## Revision 1.1 2000/06/17 12:12:20 mdw -## Build mLib test vector files from the AES files. -## - AUTOMAKE_OPTIONS = foreign ## --- Building test rigs --- diff --git a/tests/gdsa b/tests/gdsa index 60a9f6f..91e4f52 100644 --- a/tests/gdsa +++ b/tests/gdsa @@ -1,4 +1,4 @@ -# $Id: gdsa,v 1.1 2004/04/04 19:42:59 mdw Exp $ +# $Id: gdsa,v 1.2 2004/04/08 01:36:16 mdw Exp $ # # Tests for abstract-group implementation of DSA @@ -53,6 +53,20 @@ sign { 0x12e2f4e865bf6e034712b4f2ba6f3c825452d6419 0x30e0d918fde3a33781f984b877f8501356b6fbae9; + "ec { secp160r1 }" sha + 0xaa374ffc3ce144e6b073307972cb6d57b2a4e982 + "abc" + 0x7b012db7681a3f28b9185c8b2ac5d528decd52da + 0xce2873e5be449563391feb47ddcba2dc16379191 + 0x3480ec1371a091a464b31ce47df0cb8aa2d98b54; + + "ec { sect163k1 }" sha + 0x3a41434aa99c2ef40c8495b2ed9739cb2155a1e0d + "abc" + 0xa40b301cc315c257d51d442234f5aff8189d2b6c + 0x994d2c41aa30e52952aea8462370471b2b0a34ac + 0x152f95ca15da1997a8c449e00cd2aa2accb988d7f; + "ec { nist-p256 }" sha256 0x7fb838a8a0a95046b9d9d9fb4440f7bbc1a7bd3b4e853fc92d4e1588719986aa "An example message" @@ -150,6 +164,22 @@ verify { 0x30e0d918fde3a33781f984b877f8501356b6fbae9 0; + "ec { secp160r1 }" sha + "0x51b4496fecc406ed0e75a24a3c03206251419dc0, + 0xc28dcb4b73a514b468d793894f381ccc1756aa6c" + "abc" + 0xce2873e5be449563391feb47ddcba2dc16379191 + 0x3480ec1371a091a464b31ce47df0cb8aa2d98b54 + 0; + + "ec { sect163k1 }" sha + "0x037d529fa37e42195f10111127ffb2bb38644806bc, + 0x0447026eee8b34157f3eb51be5185d2be0249ed776" + "abc" + 0x994d2c41aa30e52952aea8462370471b2b0a34ac + 0x152f95ca15da1997a8c449e00cd2aa2accb988d7f + 0; + "ec { nist-p256 }" sha256 "0xcc2aecbc5c5f6d72cd7b937279d72a732abcf880ea47e012ebec77ddbca6ed40, 0x90f99cd799abc0ea571d0e02bad80f8323050b1adbdbff50060b6e1e6ebd8611" diff --git a/tests/oaep b/tests/oaep deleted file mode 100644 index de1e313..0000000 --- a/tests/oaep +++ /dev/null @@ -1,14 +0,0 @@ -# $Id: oaep,v 1.1 2000/07/15 10:03:30 mdw Exp $ -# -# Test vectors for OAEP encoding - -# --- From http://wwww.esat.kuleuven.ac.be/~bosselae/ripemd160.html --- - -oaep { - 54859b342c49ea2a "" aafd12f659cae63489b479e5076ddec2f06cb58f - 007dcfd33b1ca1107625a3fbd99075e7c8adc134bf3f5c201b7ad3e8b3ede0b48136002dd2ec034f04cda492db86973642dd59f018b0908a6504b4f845be3236; - 54859b342c49ea2a 3bf4c66f209e05f2a86eae213322fbf9252d6408 aafd12f659cae63489b479e5076ddec2f06cb58f - 0062732b7784ac93f3ed97ed1d89c7aedf1e98a21f171240b14fa63ee789e54e78fc34dc63650b0395cda492db86973642dd59f018b0908a6504b4f845be3236; - 54859b342c49ea2a 2771857832caf8f054940134a736233269f00d42 aafd12f659cae63489b479e5076ddec2f06cb58f - 00071c2309ec131348e4faeeb5a409135a9c728b72e42e655755cdca7764183c4872204bb51c9bbb2ecda492db86973642dd59f018b0908a6504b4f845be3236; -} diff --git a/tests/rsa b/tests/rsa new file mode 100644 index 0000000..314358a --- /dev/null +++ b/tests/rsa @@ -0,0 +1,232 @@ +# $Id: rsa,v 1.1 2004/04/08 01:36:16 mdw Exp $ +# +# Test vectors for the completely mad RSA infrastructure tests + +p1sig-pad { + # nbits msg rc result eparam + 256 "616263" 0 + 0x0001ffffffffffffffffffffffffffffffffffffffffffffff00cc22cc616263 + "cc22cc"; + 129 "616263" 0 0x0001ffffffffffffffff00cc22cc616263 "cc22cc"; + 128 "616263" -1 0 "cc22cc"; +} + +p1sig-priv { + # n e d msg rc result eparam + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 + 0x1fd9da85ec2d8ea09abe8f2c7804916853ac1f05189b657af9b294f73c515bf9 + "616263" 0 + 0xc484642d0e4dc4a4424d22410456dbdd9275b5c157d6974a66bee9aa02501c26 + "cc22cc"; + + 0xb6dd0145ada7547bba5db3a35d34e612a8d73e93c33c720f4e4506428cacc6861b2143ed3a0683394fd94cfab8ab66a024161e9c9c1848d50627b3ac46de6d1b1d73ae7b5540b3df65c53aed9d4bdf1f86c8ddacfaf608823bb3d307d89d4c8bb11b5198f9851a519538787cd054ced98734daa2f7f2dc5b51c8c02ea8c362ff + 0x10001 + 0xbee578ae84da6a17c0369191b97bbfb33b0f7904488c9185e8efa5d953820abd7515051461beeabea9dcefbfcd8921598c528b2272d1e7367b7676db222091443944672d439fe4cc75f4f9f0594a0b19a8c634fc7f88d0f16e08ec9a95f1f0c3c03ad467a2d7db37428c145cd26b8796264de2f2209a3c09f54fa51de689b81 + "a9993e364706816aba3e25717850c26c9cd0d89d" 0 + 0x0f642606b7aaf99ff4bb5853c51e31a02c58d8c1c33f3c584d4edc58b08a16d5dc8064b6e198edcc4dc06666171a113619d7da16dfd96cebfdb5cc5050af6fab3d9f2ca8b8d6ece1d513fabc98a11fe37892fcf0827ea2e792427a69b3523504f46c55ed8af9a1c59687ca73c4baad7235a1a3faedec14f95ddfa8d0554739a8 + "3021300906052b0e03021a05000414"; +} + +p1vrf-pad { + # nbits sig msg rc result eparam + 256 0x0001ffffffffffffffffffffffffffffffffffffffffffffff00cc22cc616263 + "" 3 "616263" "cc22cc"; + 256 0x0101ffffffffffffffffffffffffffffffffffffffffffffff00cc22cc616263 + "" -1 "" "cc22cc"; + 256 0x0002ffffffffffffffffffffffffffffffffffffffffffffff00cc22cc616263 + "" -1 "" "cc22cc"; + 256 0x0001ffffffffffffffffffffffffffffffffffffffffffffff01cc22cc616263 + "" -1 "" "cc22cc"; + 256 0x0001ffffffffffffffff00cc22ccffffffffffffffffffffff00cc22cc616263 + "" 18 "ffffffffffffffffffffff00cc22cc616263" "cc22cc"; + 256 0x0001ffffffffffffff00cc22ccffffffffffffffffffffffff00cc22cc616263 + "" -1 "" "cc22cc"; + 256 0x0001ffffffffffffffffffffffffffffffffffffffffffffff00cc21cc616263 + "" -1 "" "cc22cc"; + 256 0x0001ffffffffffffffffffffffffffffffffffffffffffffff00cc22cc616262 + "" 3 "616262" "cc22cc"; + 129 0x0001ffffffffffffffff00cc22cc616263 "" 3 "616263" "cc22cc"; + 128 0x0001ffffffffffffff00cc22cc616263 "" -1 "" "cc22cc"; +} + +p1vrf-pub { + # n e sig msg rc result eparam + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 + 0xc484642d0e4dc4a4424d22410456dbdd9275b5c157d6974a66bee9aa02501c26 + "" 3 "616263" "cc22cc"; + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 + 0xc484642d0e4dc4a4424d22410456dbdd9275b5c157d6974a66bee9aa02501c26 + "616263" 0 "" "cc22cc"; + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 + 0x27654c24f4ffefffc3bef7be8ae469db3069407702391eeb551ce9544621b63a + "" 18 "ffffffffffffffffffffff00cc22cc616263" "cc22cc"; + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 + 0xd980f3047ab74bc4e7bb99eeb17fcc657f50ee26146b7f2a9f982ef2f44cba + "" -1 "" "cc22cc"; + + 0xb6dd0145ada7547bba5db3a35d34e612a8d73e93c33c720f4e4506428cacc6861b2143ed3a0683394fd94cfab8ab66a024161e9c9c1848d50627b3ac46de6d1b1d73ae7b5540b3df65c53aed9d4bdf1f86c8ddacfaf608823bb3d307d89d4c8bb11b5198f9851a519538787cd054ced98734daa2f7f2dc5b51c8c02ea8c362ff + 0x10001 + 0x0f642606b7aaf99ff4bb5853c51e31a02c58d8c1c33f3c584d4edc58b08a16d5dc8064b6e198edcc4dc06666171a113619d7da16dfd96cebfdb5cc5050af6fab3d9f2ca8b8d6ece1d513fabc98a11fe37892fcf0827ea2e792427a69b3523504f46c55ed8af9a1c59687ca73c4baad7235a1a3faedec14f95ddfa8d0554739a8 + "" 20 "a9993e364706816aba3e25717850c26c9cd0d89d" + "3021300906052b0e03021a05000414"; +} + +p1enc-pad { + # nbits msg rc ct eparam + 256 "616263" 0 + 0x0002efbdfc524ad6419b65537a59b42a4662918436d6e0e4804b6b1000616263 ""; + 105 "616263" 0 + 0x0002efbd98524ad6419b00616263 ""; + 104 "616263" -1 0 ""; +} + +p1enc-pub { + # n e msg rc ct eparam + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 "616263" 0 + 0x8f20a0fc778b7c55567f41c344d39bfcdaca04fd475f2290dc05c236585a68ca ""; + + 0xb6dd0145ada7547bba5db3a35d34e612a8d73e93c33c720f4e4506428cacc6861b2143ed3a0683394fd94cfab8ab66a024161e9c9c1848d50627b3ac46de6d1b1d73ae7b5540b3df65c53aed9d4bdf1f86c8ddacfaf608823bb3d307d89d4c8bb11b5198f9851a519538787cd054ced98734daa2f7f2dc5b51c8c02ea8c362ff + 0x10001 + "616263" + 0 + 0xaf91f5abf4766348eaaff1e8e5561b10bc1e3b15b6dff221869389a70d371d649b6cf78c5444f5d03a9feac12d5741cbc340e09d112063b1486568fca7c59b4c90604f0b6243eccc18901afa9001fc5f669108ebc75d6713e28d4a081723184332d4fb2ca391e3247a76c85323e66352d60c0a6ce8240af6f0583058820b1e32 + ""; +} + +p1dec-pad { + # nbits msg rc pt eparam + 256 0x0002efbdfc524ad6419b65537a59b42a4662918436d6e0e4804b6b1000616263 + 3 "616263" ""; + 105 0x0002efbd98524ad6419b00616263 + 3 "616263" ""; + 104 0x0002efbd98524ad64100616263 + -1 "" ""; + 256 0x0002efbdfc524ad6419b00537a59b42a4662918436d6e0e4804b6b1000616263 + 21 "537a59b42a4662918436d6e0e4804b6b1000616263" ""; + 256 0x0002efbdfc524ad6419b00537a59b42a4662918436d6e0e4804b6b1000616263 + 3 "616263" "537a59b42a4662918436d6e0e4804b6b1000"; + 256 0x0102efbdfc524ad6419b65537a59b42a4662918436d6e0e4804b6b1000616263 + -1 "" ""; + 256 0x0001efbdfc524ad6419b65537a59b42a4662918436d6e0e4804b6b1000616263 + -1 "" ""; + 256 0x0002efbdfc524ad6419b65537a59b42a4662918436d6e0e4804b6b1000616263 + 3 "616263" ""; + 256 0x0002efbdfc524ad6410065537a59b42a4662918436d6e0e4804b6b1000616263 + -1 "" ""; +} + +p1dec-priv { + # p e d msg rc pt eparam + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 + 0x1fd9da85ec2d8ea09abe8f2c7804916853ac1f05189b657af9b294f73c515bf9 + 0x8f20a0fc778b7c55567f41c344d39bfcdaca04fd475f2290dc05c236585a68ca + 3 "616263" ""; + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 + 0x1fd9da85ec2d8ea09abe8f2c7804916853ac1f05189b657af9b294f73c515bf9 + 0x19d6408010f0c2722b44cd4d5e006b6ffaa634aa225d727fa37c7c6ec29c5155 + 21 "537a59b42a4662918436d6e0e4804b6b1000616263" ""; + 0xccbd3b508e1ac2ed16f0f85adfec8d17ad525018307e613e0ee3aa4652b7ceb3 + 0x10001 + 0x1fd9da85ec2d8ea09abe8f2c7804916853ac1f05189b657af9b294f73c515bf9~ + 0x952aa4893cd2620e4942f449529ea2f7105b9d67e041a676259fb986bc507b7d + -1 "" ""; + + 0xb6dd0145ada7547bba5db3a35d34e612a8d73e93c33c720f4e4506428cacc6861b2143ed3a0683394fd94cfab8ab66a024161e9c9c1848d50627b3ac46de6d1b1d73ae7b5540b3df65c53aed9d4bdf1f86c8ddacfaf608823bb3d307d89d4c8bb11b5198f9851a519538787cd054ced98734daa2f7f2dc5b51c8c02ea8c362ff + 0x10001 + 0xbee578ae84da6a17c0369191b97bbfb33b0f7904488c9185e8efa5d953820abd7515051461beeabea9dcefbfcd8921598c528b2272d1e7367b7676db222091443944672d439fe4cc75f4f9f0594a0b19a8c634fc7f88d0f16e08ec9a95f1f0c3c03ad467a2d7db37428c145cd26b8796264de2f2209a3c09f54fa51de689b81 + 0xaf91f5abf4766348eaaff1e8e5561b10bc1e3b15b6dff221869389a70d371d649b6cf78c5444f5d03a9feac12d5741cbc340e09d112063b1486568fca7c59b4c90604f0b6243eccc18901afa9001fc5f669108ebc75d6713e28d4a081723184332d4fb2ca391e3247a76c85323e66352d60c0a6ce8240af6f0583058820b1e32 + 3 "616263" ""; +} + +oaepenc-pad { + # nbits msg rc ct mgf hash eparam + 1024 "616263" 0 + 0x151709bd895ba510b5b3de3293c6de93adbb20cb065dcfbe3b2ca60aa39e458b30d14406eba05f0e479ddff40f554aba11da533c6d98df0321164c986807e8019c6918896817f37700a46c7fd71741a7692fcbd443952b67c32b838a576332b3bc1bab002fe3c941e9150d08b539908ef7f1901ac1246065c8520ac1beffed + sha-mgf sha ""; +} + +oaepdec-pad { + # nbits msg rc pt mgf hash eparam + 1024 + 0x151709bd895ba510b5b3de3293c6de93adbb20cb065dcfbe3b2ca60aa39e458b30d14406eba05f0e479ddff40f554aba11da533c6d98df0321164c986807e8019c6918896817f37700a46c7fd71741a7692fcbd443952b67c32b838a576332b3bc1bab002fe3c941e9150d08b539908ef7f1901ac1246065c8520ac1beffed + 3 "616263" sha-mgf sha ""; + 1024 + 0x151709bd895ba510b5b3de3293c6de93adbb20cb065dcfbe3b2ca60aa39e458b30d14406eba05f0e479ddff40f554aba11da533c6d98df0321164c986807e8019c6918896817f37700a46c7fd71741a7692fcbd443952b67c32b838a576332b3bc1bab002fe3c941e9150d08b539908ef7f1901ac1246065c8520ac1beffec + -1 "" sha-mgf sha ""; +} + +oaepenc-pub { + # n e msg rc ct mgf hash eparam + 0xb6dd0145ada7547bba5db3a35d34e612a8d73e93c33c720f4e4506428cacc6861b2143ed3a0683394fd94cfab8ab66a024161e9c9c1848d50627b3ac46de6d1b1d73ae7b5540b3df65c53aed9d4bdf1f86c8ddacfaf608823bb3d307d89d4c8bb11b5198f9851a519538787cd054ced98734daa2f7f2dc5b51c8c02ea8c362ff + 0x10001 + "616263" + 0 + 0xa5c94083e56aeff3490a4abd63251b332a26cca0e521815af5d2915b2422fbc7e672c8e67c3dea8c355e0b999a1f8acc905cc4437a6ddc5a7d6f54489436bd24922f83d75629d2cb92a7963d010727ef8981c3c01971962f454e42d54996e74617022d7513505fef7b1f7d5dbdeccc4673594d01f943236e4439b3175c3f801b + sha-mgf sha ""; +} + +oaepdec-priv { + # n e d msg rc pt mgf hash eparam + 0xb6dd0145ada7547bba5db3a35d34e612a8d73e93c33c720f4e4506428cacc6861b2143ed3a0683394fd94cfab8ab66a024161e9c9c1848d50627b3ac46de6d1b1d73ae7b5540b3df65c53aed9d4bdf1f86c8ddacfaf608823bb3d307d89d4c8bb11b5198f9851a519538787cd054ced98734daa2f7f2dc5b51c8c02ea8c362ff + 0x10001 + 0xbee578ae84da6a17c0369191b97bbfb33b0f7904488c9185e8efa5d953820abd7515051461beeabea9dcefbfcd8921598c528b2272d1e7367b7676db222091443944672d439fe4cc75f4f9f0594a0b19a8c634fc7f88d0f16e08ec9a95f1f0c3c03ad467a2d7db37428c145cd26b8796264de2f2209a3c09f54fa51de689b81 + 0x6ae9901c7c40104b38e10097bd42212afd437867ee4c72e7e81d7486b8721aeab493be40e3bd4335bef05c76bba1a2e30795e76fe04517d5f8fa87d16756002b061674594cb85c32b96c3a690e135d64923bd7551c45b6b89ebb89941377ce02d5c801feb33c20ebacf8dd6d6bd44d4f29bc2ff4dca35db52da545ef97733955 + 3 "616263" sha-mgf sha ""; + 0xb6dd0145ada7547bba5db3a35d34e612a8d73e93c33c720f4e4506428cacc6861b2143ed3a0683394fd94cfab8ab66a024161e9c9c1848d50627b3ac46de6d1b1d73ae7b5540b3df65c53aed9d4bdf1f86c8ddacfaf608823bb3d307d89d4c8bb11b5198f9851a519538787cd054ced98734daa2f7f2dc5b51c8c02ea8c362ff + 0x10001 + 0xbee578ae84da6a17c0369191b97bbfb33b0f7904488c9185e8efa5d953820abd7515051461beeabea9dcefbfcd8921598c528b2272d1e7367b7676db222091443944672d439fe4cc75f4f9f0594a0b19a8c634fc7f88d0f16e08ec9a95f1f0c3c03ad467a2d7db37428c145cd26b8796264de2f2209a3c09f54fa51de689b81 + 0x6ae9901c7c40104b38e10097bd42212afd437867ee4c72e7e81d7486b8721aeab493be40e3bd4335bef05c76bba1a2e30795e76fe04517d5f8fa87d16756002b061674594cb85c32b96c3a690e135d64923bd7551c45b6b89ebb89941377ce02d5c801feb33c20ebacf8dd6d6bd44d4f29bc2ff4dca35db52da545ef97733954 + -1 "" sha-mgf sha ""; +} + +psssig-pad { + # nbits msg rc result mgf hash saltsz + 256 "a9993e364706816aba3e25717850c26c9cd0d89d" 0 + 0x3426a2a3e34a2ea4b6831d1366f0477cf42d9b98fddf692f3d14f9b8a168e4bc + sha-mgf sha 10; + 256 "a9993e364706816aba3e25717850c26c9cd0d89d" -1 + 0 sha-mgf sha 20; + 273 "a9993e364706816aba3e25717850c26c9cd0d89d" 0 + 0xb5c91e4c0c00aaaffba7d581011366f0477cf42d9b98fddf692f3d14f9b8a168e4bc + sha-mgf sha 10; +} + +pssvrf-pad { + # nbits sig msg rc result mgf hash saltsz + 256 + 0x3426a2a3e34a2ea4b6831d1366f0477cf42d9b98fddf692f3d14f9b8a168e4bc + "a9993e364706816aba3e25717850c26c9cd0d89d" 0 "" sha-mgf sha 10; + 256 + 0x3426a2a3e34a2ea4b6831d1366f0477cf42d9b98fddf692f3d14f9b8a168e4bc + "a9993e364706816aba3e25717850c26c9cd0d89e" -1 "" sha-mgf sha 10; + 256 + 0x3426a2a3e34a2ea4b6831d1366f0477cf42d9b98fddf692f3d14f9b8a168e4bd + "a9993e364706816aba3e25717850c26c9cd0d89d" -1 "" sha-mgf sha 10; + 256 + 0x3526a2a3e34a2ea4b6831d1366f0477cf42d9b98fddf692f3d14f9b8a168e4bc + "a9993e364706816aba3e25717850c26c9cd0d89d" -1 "" sha-mgf sha 10; +} + +psssig-priv { + 0x6af87c8c97ae0c7668bc361ff1c358198309c80cd8a74a6d9d9cc846ea63ede9 + 0x10001 + 0x30ec4a0a5854d733a5ddc3e3584469f0a7d4b1f0cb38b8cfb04483c68b77a01 + "a9993e364706816aba3e25717850c26c9cd0d89d" 0 + 0x2b484543397da31ca7aaf774c4b19acd69eb8bc230b6d98a2ae10798793bd53f + sha-mgf sha 10; +} + +pssvrf-pub { + 0x6af87c8c97ae0c7668bc361ff1c358198309c80cd8a74a6d9d9cc846ea63ede9 + 0x10001 + 0x2b484543397da31ca7aaf774c4b19acd69eb8bc230b6d98a2ae10798793bd53f + "a9993e364706816aba3e25717850c26c9cd0d89d" 0 "" sha-mgf sha 10; +} diff --git a/tiger-base.h b/tiger-base.h index affd4dc..117affb 100644 --- a/tiger-base.h +++ b/tiger-base.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tiger-base.h,v 1.1 2000/07/15 10:02:43 mdw Exp $ + * $Id: tiger-base.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Common definitions for the Tiger hash function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: tiger-base.h,v $ - * Revision 1.1 2000/07/15 10:02:43 mdw - * Anderson and Biham's Tiger hash function added. - * - */ - #ifndef CATACOMB_TIGER_BASE_H #define CATACOMB_TIGER_BASE_H diff --git a/tiger-mktab.c b/tiger-mktab.c index c7b27e5..2281b14 100644 --- a/tiger-mktab.c +++ b/tiger-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tiger-mktab.c,v 1.1 2000/07/15 10:02:43 mdw Exp $ + * $Id: tiger-mktab.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * Generate S-boxes for the Tiger hash function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: tiger-mktab.c,v $ - * Revision 1.1 2000/07/15 10:02:43 mdw - * Anderson and Biham's Tiger hash function added. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/tiger.c b/tiger.c index fb75937..66d6dd1 100644 --- a/tiger.c +++ b/tiger.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tiger.c,v 1.1 2000/07/15 10:02:43 mdw Exp $ + * $Id: tiger.c,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The Tiger hash function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: tiger.c,v $ - * Revision 1.1 2000/07/15 10:02:43 mdw - * Anderson and Biham's Tiger hash function added. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/tiger.h b/tiger.h index ece7c86..e5f7389 100644 --- a/tiger.h +++ b/tiger.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tiger.h,v 1.2 2000/10/15 19:09:20 mdw Exp $ + * $Id: tiger.h,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Tiger hash function * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: tiger.h,v $ - * Revision 1.2 2000/10/15 19:09:20 mdw - * Support HMAC mode for hash functions which need to store more state than - * the hash output size. - * - * Revision 1.1 2000/07/15 10:02:43 mdw - * Anderson and Biham's Tiger hash function added. - * - */ - /*----- Notes on the Tiger hash function ----------------------------------* * * Tiger was designed by Eli Biham and Ross Anderson to be an efficient and diff --git a/tlsprf.c b/tlsprf.c index d45eb43..dafc247 100644 --- a/tlsprf.c +++ b/tlsprf.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tlsprf.c,v 1.2 2001/04/06 22:05:53 mdw Exp $ + * $Id: tlsprf.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The TLS pseudo-random function * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: tlsprf.c,v $ - * Revision 1.2 2001/04/06 22:05:53 mdw - * Change dummy names in grand objects so that they say what sort of thing - * they are. - * - * Revision 1.1 2001/04/04 20:10:52 mdw - * Add support for the TLS pseudo-random function. - * - */ - /*----- Header files ------------------------------------------------------*/ #include @@ -70,16 +58,16 @@ void tlsdx_init(tlsdx_ctx *c, gmac *m, const void *sd, size_t sdsz) { c->k = m; - c->hashsz = c->k->ops->c->hashsz; + c->hashsz = GM_CLASS(c->k)->hashsz; c->sd = sd; c->sdsz = sdsz; - c->i = c->k->ops->init(c->k); - c->i->ops->hash(c->i, sd, sdsz); - c->ai = c->i->ops->done(c->i, 0); - c->o = c->k->ops->init(c->k); - c->o->ops->hash(c->o, c->ai, c->hashsz); - c->o->ops->hash(c->o, sd, sdsz); - c->p = c->o->ops->done(c->o, 0); + c->i = GM_INIT(c->k); + GH_HASH(c->i, sd, sdsz); + c->ai = GH_DONE(c->i, 0); + c->o = GM_INIT(c->k); + GH_HASH(c->o, c->ai, c->hashsz); + GH_HASH(c->o, sd, sdsz); + c->p = GH_DONE(c->o, 0); c->sz = c->hashsz; } @@ -111,16 +99,16 @@ void tlsdx_encrypt(tlsdx_ctx *c, const void *src, void *dest, size_t sz) if (c->sz) n = c->sz; else { - h = c->k->ops->init(c->k); - h->ops->hash(h, c->ai, c->hashsz); - c->ai = h->ops->done(h, 0); - c->i->ops->destroy(c->i); + h = GM_INIT(c->k); + GH_HASH(h, c->ai, c->hashsz); + c->ai = GH_DONE(h, 0); + GH_DESTROY(c->i); c->i = h; - c->o->ops->destroy(c->o); - h = c->o = c->k->ops->init(c->k); - h->ops->hash(h, c->ai, c->hashsz); - h->ops->hash(h, c->sd, c->sdsz); - c->p = h->ops->done(h, 0); + GH_DESTROY(c->o); + h = c->o = GM_INIT(c->k); + GH_HASH(h, c->ai, c->hashsz); + GH_HASH(h, c->sd, c->sdsz); + c->p = GH_DONE(h, 0); c->sz = n = c->hashsz; } if (n > sz) @@ -151,8 +139,8 @@ void tlsdx_encrypt(tlsdx_ctx *c, const void *src, void *dest, size_t sz) void tlsdx_free(tlsdx_ctx *c) { - c->i->ops->destroy(c->i); - c->o->ops->destroy(c->o); + GH_DESTROY(c->i); + GH_DESTROY(c->o); } /* --- Generic random number generator --- */ @@ -284,7 +272,7 @@ grand *tlsdx_rand(const gcmac *mc, const void *k, size_t ksz, { dx_grctx *g = S_CREATE(dx_grctx); dstr d = DSTR_INIT; - gmac *m = mc->key(k, ksz); + gmac *m = GM_KEY(mc, k, ksz); octet *q = xmalloc(sdsz); memcpy(q, sd, sdsz); dstr_putf(&d, "tlsdx(%s)", mc->name); diff --git a/tlsprf.h b/tlsprf.h index 1868fbd..f625cdb 100644 --- a/tlsprf.h +++ b/tlsprf.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: tlsprf.h,v 1.1 2001/04/04 20:10:52 mdw Exp $ + * $Id: tlsprf.h,v 1.2 2004/04/08 01:36:15 mdw Exp $ * * The TLS pseudo-random function * @@ -27,14 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: tlsprf.h,v $ - * Revision 1.1 2001/04/04 20:10:52 mdw - * Add support for the TLS pseudo-random function. - * - */ - #ifndef CATACOMB_TLSPRF_H #define CATACOMB_TLSPRF_H diff --git a/twofish-mktab.c b/twofish-mktab.c index 35f6049..4acbf73 100644 --- a/twofish-mktab.c +++ b/twofish-mktab.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: twofish-mktab.c,v 1.4 2000/10/08 12:08:10 mdw Exp $ + * $Id: twofish-mktab.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Build constant tables for Twofish * @@ -27,25 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: twofish-mktab.c,v $ - * Revision 1.4 2000/10/08 12:08:10 mdw - * Escape literal newlines in output string. - * - * Revision 1.3 2000/06/26 17:14:42 mdw - * (rslog): Ensure that log(1) = 0 (not 255, as previously). While the two - * are strictly equivalent, it means that the exp table is larger than it - * otherwise needs to be. - * - * Revision 1.2 2000/06/18 23:12:15 mdw - * Change typesetting of Galois Field names. - * - * Revision 1.1 2000/06/17 12:10:17 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/twofish.c b/twofish.c index 6f79963..e70ad12 100644 --- a/twofish.c +++ b/twofish.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: twofish.c,v 1.4 2004/04/02 01:03:49 mdw Exp $ + * $Id: twofish.c,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * Implementation of the Twofish cipher * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: twofish.c,v $ - * Revision 1.4 2004/04/02 01:03:49 mdw - * Miscellaneous constification. - * - * Revision 1.3 2002/01/13 13:37:59 mdw - * Add support for Twofish family keys. - * - * Revision 1.2 2000/06/22 18:58:00 mdw - * Twofish can handle keys with any byte-aligned size. - * - * Revision 1.1 2000/06/17 12:10:17 mdw - * New cipher. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/twofish.h b/twofish.h index 79c697b..0f47569 100644 --- a/twofish.h +++ b/twofish.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: twofish.h,v 1.4 2002/01/13 13:37:59 mdw Exp $ + * $Id: twofish.h,v 1.5 2004/04/08 01:36:15 mdw Exp $ * * The Twofish block cipher * @@ -27,23 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: twofish.h,v $ - * Revision 1.4 2002/01/13 13:37:59 mdw - * Add support for Twofish family keys. - * - * Revision 1.3 2001/04/29 18:12:43 mdw - * Fix formatting. - * - * Revision 1.2 2000/10/08 15:48:58 mdw - * Update comments now that AES has been chosen. - * - * Revision 1.1 2000/06/17 12:10:17 mdw - * New cipher. - * - */ - /*----- Notes on the Twofish block cipher ---------------------------------* * * Twofish was designed by Bruce Schneier, John Kelsey, Doug Whiting, David diff --git a/xtea.c b/xtea.c index 32702fe..4f0ac57 100644 --- a/xtea.c +++ b/xtea.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: xtea.c,v 1.2 2000/07/29 09:56:47 mdw Exp $ + * $Id: xtea.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * The Extended Tiny Encryption Algorithm * @@ -27,18 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: xtea.c,v $ - * Revision 1.2 2000/07/29 09:56:47 mdw - * Allow the number of rounds to be configured. This isn't exported - * through the gcipher interface, but it may be useful anyway. - * - * Revision 1.1 2000/07/15 13:44:31 mdw - * New ciphers. - * - */ - /*----- Header files ------------------------------------------------------*/ #include diff --git a/xtea.h b/xtea.h index af6c3a0..fa2bffb 100644 --- a/xtea.h +++ b/xtea.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: xtea.h,v 1.3 2000/07/29 09:56:47 mdw Exp $ + * $Id: xtea.h,v 1.4 2004/04/08 01:36:15 mdw Exp $ * * The Extended Tiny Encryption Algorithm * @@ -27,21 +27,6 @@ * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: xtea.h,v $ - * Revision 1.3 2000/07/29 09:56:47 mdw - * Allow the number of rounds to be configured. This isn't exported - * through the gcipher interface, but it may be useful anyway. - * - * Revision 1.2 2000/07/15 13:47:14 mdw - * Whoops. Fix the purpose comment. - * - * Revision 1.1 2000/07/15 13:44:31 mdw - * New ciphers. - * - */ - /*----- Notes on the Tiny Encryption Algorithm ----------------------------* * * XTEA is an amazingly simple 64-round Feistel network. It's tiny, fairly -- 2.11.0