diff options
| author | (no author) <(no author)@57ff6487-cd31-0410-9ec3-f628ee90f5f0> | 2003-03-10 22:36:23 +0000 |
|---|---|---|
| committer | (no author) <(no author)@57ff6487-cd31-0410-9ec3-f628ee90f5f0> | 2003-03-10 22:36:23 +0000 |
| commit | 1c463b12e75d982b0dc9515016c661433f7d33f2 (patch) | |
| tree | ebc5b9a3a400b48f16bd43806632845deb2ea6f2 | |
| parent | e60d1a76f0ff3c9b00475594aedfaa0b78687ded (diff) | |
| download | cryptopp-1c463b12e75d982b0dc9515016c661433f7d33f2.tar.gz | |
This commit was manufactured by cvs2svn to create tagc50-fixes-merged
'c50-fixes-merged'.
git-svn-id: svn://svn.code.sf.net/p/cryptopp/code/tags/c50-fixes-merged@37 57ff6487-cd31-0410-9ec3-f628ee90f5f0
| -rw-r--r-- | c5/GNUmakefile | 14 | ||||
| -rw-r--r-- | c5/License.txt | 2 | ||||
| -rw-r--r-- | c5/Readme.txt | 12 | ||||
| -rw-r--r-- | c5/algparam.cpp | 6 | ||||
| -rw-r--r-- | c5/algparam.h | 4 | ||||
| -rw-r--r-- | c5/basecode.cpp | 2 | ||||
| -rw-r--r-- | c5/bench.cpp | 1 | ||||
| -rw-r--r-- | c5/config.h | 17 | ||||
| -rw-r--r-- | c5/cryptest.dsp | 96 | ||||
| -rw-r--r-- | c5/cryptlib.dsp | 86 | ||||
| -rw-r--r-- | c5/cryptlib.h | 4 | ||||
| -rw-r--r-- | c5/dh.h | 4 | ||||
| -rw-r--r-- | c5/files.cpp | 32 | ||||
| -rw-r--r-- | c5/files.h | 2 | ||||
| -rw-r--r-- | c5/filters.cpp | 24 | ||||
| -rw-r--r-- | c5/filters.h | 12 | ||||
| -rw-r--r-- | c5/fipstest.cpp | 34 | ||||
| -rw-r--r-- | c5/fltrimpl.h | 4 | ||||
| -rw-r--r-- | c5/hrtimer.cpp | 4 | ||||
| -rw-r--r-- | c5/hrtimer.h | 2 | ||||
| -rw-r--r-- | c5/integer.cpp | 14 | ||||
| -rw-r--r-- | c5/modes.cpp | 65 | ||||
| -rw-r--r-- | c5/modes.h | 22 | ||||
| -rw-r--r-- | c5/mqv.h | 2 | ||||
| -rw-r--r-- | c5/osrng.cpp | 4 | ||||
| -rw-r--r-- | c5/osrng.h | 25 | ||||
| -rw-r--r-- | c5/rng.cpp | 37 | ||||
| -rw-r--r-- | c5/rng.h | 5 | ||||
| -rw-r--r-- | c5/rsa.cpp | 2 | ||||
| -rw-r--r-- | c5/sapphire.cpp | 179 | ||||
| -rw-r--r-- | c5/sapphire.h | 115 | ||||
| -rw-r--r-- | c5/secblock.h | 9 | ||||
| -rw-r--r-- | c5/seckey.h | 8 | ||||
| -rw-r--r-- | c5/simple.h | 8 | ||||
| -rw-r--r-- | c5/strciphr.cpp | 2 | ||||
| -rw-r--r-- | c5/strciphr.h | 9 | ||||
| -rw-r--r-- | c5/test.cpp | 8 | ||||
| -rw-r--r-- | c5/validat1.cpp | 32 |
38 files changed, 369 insertions, 539 deletions
diff --git a/c5/GNUmakefile b/c5/GNUmakefile index 32226e2..d3aa37d 100644 --- a/c5/GNUmakefile +++ b/c5/GNUmakefile @@ -13,13 +13,21 @@ else CXXFLAGS += -pipe endif -ifeq ($(UNAME),Darwin) # -fpic conflicts with inline asm in integer.cpp on i386 +ifeq ($(UNAME),Darwin) +AR = libtool +ARFLAGS = -static -o +CXXFLAGS += -D__pic__ +IS_GCC2 = $(shell c++ -v 2>&1 | grep -c gcc-932) +ifeq ($(IS_GCC2),1) +CXXFLAGS += -fno-coalesce-templates -fno-coalesce-static-vtables CXX = c++ -CXXFLAGS += -fno-pic +LDLIBS += -lstdc++ +LDFLAGS += -flat_namespace -undefined suppress -m +endif endif ifeq ($(UNAME),SunOS) -LDLIBS = -lnsl -lsocket +LDLIBS += -lnsl -lsocket endif ifeq ($(CXX),gcc) # for some reason CXX is gcc on cygwin 1.1.4 diff --git a/c5/License.txt b/c5/License.txt index a848c33..cbe065f 100644 --- a/c5/License.txt +++ b/c5/License.txt @@ -18,7 +18,7 @@ Joan Daemen - 3way.cpp Leonard Janke - cast.cpp, seal.cpp Steve Reid - cast.cpp Phil Karn - des.cpp -Michael Paul Johnson - diamond.cpp, sapphire.cpp +Michael Paul Johnson - diamond.cpp Andrew M. Kuchling - md2.cpp, md4.cpp Colin Plumb - md5.cpp, md5mac.cpp Seal Woods - rc6.cpp diff --git a/c5/Readme.txt b/c5/Readme.txt index 37f5327..06a9a12 100644 --- a/c5/Readme.txt +++ b/c5/Readme.txt @@ -1,5 +1,5 @@ Crypto++: a C++ Class Library of Cryptographic Primitives -Version 5.0 9/11/2002 +Version 5.1 (in development) This library includes: @@ -11,8 +11,7 @@ This library includes: 3-WAY, GOST, SHARK, CAST-128, Square, Skipjack - generic block cipher modes: ECB, CBC, CBC ciphertext stealing (CTS), CFB, OFB, counter (CTR) mode -- stream ciphers: Panama, ARC4, SEAL, WAKE, WAKE-OFB, Sapphire II, - BlumBlumShub +- stream ciphers: Panama, ARC4, SEAL, WAKE, WAKE-OFB, BlumBlumShub - public key cryptography: RSA, DSA, ElGamal, Nyberg-Rueppel (NR), Rabin, Rabin-Williams (RW), LUC, LUCELG, DLIES (variants of DHAES), ESIGN - padding schemes for public-key systems: PKCS#1 v2.0, OAEP, PSSR, IEEE @@ -241,3 +240,10 @@ History - is being evaluated for FIPS 140-2 compliance - fixed a bug in HMAC::TruncatedFinal() - fixed SKIPJACK byte ordering following NIST clarification dated 5/9/02 + +5.01 (special FIPS 140-2 release, in development) + - added known answer test for X9.17 RNG in FIPS 140 power-up self test + +5.1 (in development) + - fixed a bug in CBC and ECB modes with processing non-aligned data + - removed Sapphire diff --git a/c5/algparam.cpp b/c5/algparam.cpp index 1ef7de4..1b980b6 100644 --- a/c5/algparam.cpp +++ b/c5/algparam.cpp @@ -6,7 +6,11 @@ NAMESPACE_BEGIN(CryptoPP) -const std::type_info &g_typeidInteger = typeid(Integer); +const std::type_info & IntegerTypeId() +{ + static const std::type_info &s_typeidInteger = typeid(Integer); + return s_typeidInteger; +} void AssignIntToInteger(void *pInteger, const void *pInt) { diff --git a/c5/algparam.h b/c5/algparam.h index 3e09d1f..624fcdc 100644 --- a/c5/algparam.h +++ b/c5/algparam.h @@ -241,7 +241,7 @@ AssignFromHelperClass<T, T> AssignFromHelper(T *pObject, const NameValuePairs &s void AssignIntToInteger(void *pInteger, const void *pInt); -extern const std::type_info &g_typeidInteger; +const std::type_info & IntegerTypeId(); template <class BASE, class T> class AlgorithmParameters : public NameValuePairs @@ -283,7 +283,7 @@ public: else if (strcmp(name, m_name) == 0) { // special case for retrieving an Integer parameter when an int was passed in - if (valueType == g_typeidInteger && typeid(T) == typeid(int)) + if (valueType == IntegerTypeId() && typeid(T) == typeid(int)) AssignIntToInteger(pValue, &m_value); else { diff --git a/c5/basecode.cpp b/c5/basecode.cpp index 51347b6..6a0bfad 100644 --- a/c5/basecode.cpp +++ b/c5/basecode.cpp @@ -82,7 +82,7 @@ unsigned int BaseN_Encoder::Put2(const byte *begin, unsigned int length, int mes FILTER_OUTPUT(2, m_outBuf, m_bytePos, messageEnd); m_bytePos = m_bitPos = 0; } - FILTER_END; + FILTER_END_NO_MESSAGE_END; } void BaseN_Decoder::IsolatedInitialize(const NameValuePairs ¶meters) diff --git a/c5/bench.cpp b/c5/bench.cpp index 9a38a03..1fece27 100644 --- a/c5/bench.cpp +++ b/c5/bench.cpp @@ -54,7 +54,6 @@ #include "modes.h" #include "mdc.h" #include "lubyrack.h" -#include "sapphire.h" #include "tea.h" #include "dh.h" #include "mqv.h" diff --git a/c5/config.h b/c5/config.h index cd4156b..a7f18e3 100644 --- a/c5/config.h +++ b/c5/config.h @@ -4,7 +4,7 @@ // ***************** Important Settings ******************** // define this if running on a big-endian CPU -#if !defined(IS_LITTLE_ENDIAN) && (defined(__sparc) || defined(__sparc__) || defined(__hppa__) || defined(__PPC__) || defined(__mips__) || (defined(__MWERKS__) && !defined(__INTEL__))) +#if !defined(IS_LITTLE_ENDIAN) && (defined(__BIG_ENDIAN__) || defined(__sparc) || defined(__sparc__) || defined(__hppa__) || defined(__mips__) || (defined(__MWERKS__) && !defined(__INTEL__))) # define IS_BIG_ENDIAN #endif @@ -84,7 +84,7 @@ // Unfortunately there is no way to tell whether or not socklen_t is defined. // To work around this, TYPE_OF_SOCKLEN_T is a macro so that you can change it from the makefile. #ifndef TYPE_OF_SOCKLEN_T -# if defined(_WIN32) || defined(__CYGWIN__) +# if defined(_WIN32) || defined(__CYGWIN__) || defined(__MACH__) # define TYPE_OF_SOCKLEN_T int # else # define TYPE_OF_SOCKLEN_T ::socklen_t @@ -194,11 +194,15 @@ NAMESPACE_END #define CRYPTOPP_WIN32_AVAILABLE #endif -#if !defined(NO_OS_DEPENDENCE) && defined(WORD64_AVAILABLE) && (defined(_WIN32) || defined(__unix__) || defined(macintosh)) +#if defined(__unix__) || defined(__MACH__) +#define CRYPTOPP_UNIX_AVAILABLE +#endif + +#if defined(WORD64_AVAILABLE) && (defined(CRYPTOPP_WIN32_AVAILABLE) || defined(CRYPTOPP_UNIX_AVAILABLE) || defined(macintosh)) # define HIGHRES_TIMER_AVAILABLE #endif -#if defined(__unix__) +#ifdef CRYPTOPP_UNIX_AVAILABLE # define HAS_BERKELEY_STYLE_SOCKETS #endif @@ -225,13 +229,10 @@ NAMESPACE_END # define OS_RNG_AVAILABLE #endif -#if (defined(__FreeBSD__) || defined(__linux__) || defined(__MACH__)) +#ifdef CRYPTOPP_UNIX_AVAILABLE # define NONBLOCKING_RNG_AVAILABLE # define BLOCKING_RNG_AVAILABLE # define OS_RNG_AVAILABLE -#endif - -#ifdef __unix__ # define HAS_PTHREADS # define THREADS_AVAILABLE #endif diff --git a/c5/cryptest.dsp b/c5/cryptest.dsp index dc4ba3f..515e1a5 100644 --- a/c5/cryptest.dsp +++ b/c5/cryptest.dsp @@ -1,10 +1,10 @@ # Microsoft Developer Studio Project File - Name="cryptest" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 +# Microsoft Developer Studio Generated Build File, Format Version 60000 # ** DO NOT EDIT ** # TARGTYPE "Win32 (x86) Console Application" 0x0103 -CFG=cryptest - Win32 FIPS 140 Debug +CFG=cryptest - Win32 Debug !MESSAGE This is not a valid makefile. To build this project using NMAKE, !MESSAGE use the Export Makefile command and run !MESSAGE @@ -13,129 +13,137 @@ CFG=cryptest - Win32 FIPS 140 Debug !MESSAGE You can specify a configuration when running NMAKE !MESSAGE by defining the macro CFG on the command line. For example: !MESSAGE -!MESSAGE NMAKE /f "cryptest.mak" CFG="cryptest - Win32 FIPS 140 Debug" +!MESSAGE NMAKE /f "cryptest.mak" CFG="cryptest - Win32 Debug" !MESSAGE !MESSAGE Possible choices for configuration are: !MESSAGE -!MESSAGE "cryptest - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "cryptest - Win32 Debug" (based on "Win32 (x86) Console Application") !MESSAGE "cryptest - Win32 FIPS 140 Release" (based on "Win32 (x86) Console Application") !MESSAGE "cryptest - Win32 FIPS 140 Debug" (based on "Win32 (x86) Console Application") +!MESSAGE "cryptest - Win32 Release" (based on "Win32 (x86) Console Application") +!MESSAGE "cryptest - Win32 Debug" (based on "Win32 (x86) Console Application") !MESSAGE # Begin Project # PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName ""$/cryptlib", BAAAAAAA" -# PROP Scc_LocalPath "." +# PROP Scc_ProjName "" +# PROP Scc_LocalPath "" CPP=cl.exe RSC=rc.exe -!IF "$(CFG)" == "cryptest - Win32 Release" +!IF "$(CFG)" == "cryptest - Win32 FIPS 140 Release" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "cryptes0" -# PROP BASE Intermediate_Dir "cryptes0" +# PROP BASE Output_Dir "cryptest___Win32_FIPS_140_Release" +# PROP BASE Intermediate_Dir "cryptest___Win32_FIPS_140_Release" +# PROP BASE Ignore_Export_Lib 0 # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 0 -# PROP Output_Dir "CTRelease" -# PROP Intermediate_Dir "CTRelease" +# PROP Output_Dir "CT_FIPS_140_Release" +# PROP Intermediate_Dir "CT_FIPS_140_Release" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /GB /Gd /MT /W3 /GX /Zi /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /Zm200 /c +# ADD BASE CPP /nologo /G5 /Gz /MT /W3 /GX /Zi /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /Zm200 /c +# ADD CPP /nologo /G5 /Gz /MT /W3 /GX /Zi /O2 /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /D "WIN32" /YX /FD /Zm200 /c # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /OPT:NOWIN98 # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /OPT:NOWIN98 +# Begin Special Build Tool +SOURCE="$(InputPath)" +PostBuild_Cmds=echo This configuration is used to build a static binary for FIPS 140 evaluation by a testing laboratory. echo Crypto++ users should not build this configuration directly. +# End Special Build Tool -!ELSEIF "$(CFG)" == "cryptest - Win32 Debug" +!ELSEIF "$(CFG)" == "cryptest - Win32 FIPS 140 Debug" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "cryptes1" -# PROP BASE Intermediate_Dir "cryptes1" +# PROP BASE Output_Dir "cryptest___Win32_FIPS_140_Debug" +# PROP BASE Intermediate_Dir "cryptest___Win32_FIPS_140_Debug" +# PROP BASE Ignore_Export_Lib 0 # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 1 -# PROP Output_Dir "CTDebug" -# PROP Intermediate_Dir "CTDebug" +# PROP Output_Dir "CT_FIPS_140_Debug" +# PROP Intermediate_Dir "CT_FIPS_140_Debug" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MTd /W3 /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /Zm200 /c +# ADD BASE CPP /nologo /MTd /W3 /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /Zm200 /c +# ADD CPP /nologo /G5 /Gz /MTd /W3 /GX /ZI /Od /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /D "WIN32" /YX /FD /Zm200 /c # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /OPT:NOWIN98 # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /OPT:NOWIN98 +# Begin Special Build Tool +SOURCE="$(InputPath)" +PostBuild_Cmds=echo This configuration is used to build a static binary for FIPS 140 evaluation by a testing laboratory. echo Crypto++ users should not build this configuration directly. +# End Special Build Tool -!ELSEIF "$(CFG)" == "cryptest - Win32 FIPS 140 Release" +!ELSEIF "$(CFG)" == "cryptest - Win32 Release" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "cryptest___Win32_FIPS_140_Release" -# PROP BASE Intermediate_Dir "cryptest___Win32_FIPS_140_Release" -# PROP BASE Ignore_Export_Lib 0 +# PROP BASE Output_Dir "cryptes0" +# PROP BASE Intermediate_Dir "cryptes0" # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 0 -# PROP Output_Dir "CT_FIPS_140_Release" -# PROP Intermediate_Dir "CT_FIPS_140_Release" +# PROP Output_Dir "CTRelease" +# PROP Intermediate_Dir "CTRelease" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /G5 /Gz /MT /W3 /GX /Zi /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /Zm200 /c -# ADD CPP /nologo /G5 /Gz /MT /W3 /GX /Zi /O2 /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /D "WIN32" /YX /FD /Zm200 /c +# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c +# ADD CPP /nologo /MT /W3 /GX /Zi /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /Zm200 /c # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /OPT:NOWIN98 +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /OPT:NOWIN98 -!ELSEIF "$(CFG)" == "cryptest - Win32 FIPS 140 Debug" +!ELSEIF "$(CFG)" == "cryptest - Win32 Debug" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "cryptest___Win32_FIPS_140_Debug" -# PROP BASE Intermediate_Dir "cryptest___Win32_FIPS_140_Debug" -# PROP BASE Ignore_Export_Lib 0 +# PROP BASE Output_Dir "cryptes1" +# PROP BASE Intermediate_Dir "cryptes1" # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 1 -# PROP Output_Dir "CT_FIPS_140_Debug" -# PROP Intermediate_Dir "CT_FIPS_140_Debug" +# PROP Output_Dir "CTDebug" +# PROP Intermediate_Dir "CTDebug" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MTd /W3 /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /Zm200 /c -# ADD CPP /nologo /G5 /Gz /MTd /W3 /GX /ZI /Od /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /D "WIN32" /YX /FD /Zm200 /c +# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c +# ADD CPP /nologo /MTd /W3 /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /Zm200 /c # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /OPT:NOWIN98 +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /OPT:NOWIN98 !ENDIF # Begin Target -# Name "cryptest - Win32 Release" -# Name "cryptest - Win32 Debug" # Name "cryptest - Win32 FIPS 140 Release" # Name "cryptest - Win32 FIPS 140 Debug" +# Name "cryptest - Win32 Release" +# Name "cryptest - Win32 Debug" # Begin Group "Test Data" # PROP Default_Filter ".dat" @@ -358,7 +366,7 @@ SOURCE=.\xtrdh342.dat # End Group # Begin Group "Source Code" -# PROP Default_Filter "" +# PROP Default_Filter ".cpp;.h" # Begin Source File SOURCE=.\bench.cpp diff --git a/c5/cryptlib.dsp b/c5/cryptlib.dsp index c3eb412..2448b98 100644 --- a/c5/cryptlib.dsp +++ b/c5/cryptlib.dsp @@ -4,7 +4,7 @@ # TARGTYPE "Win32 (x86) Static Library" 0x0104 -CFG=cryptlib - Win32 FIPS 140 Debug +CFG=cryptlib - Win32 Debug !MESSAGE This is not a valid makefile. To build this project using NMAKE, !MESSAGE use the Export Makefile command and run !MESSAGE @@ -13,37 +13,35 @@ CFG=cryptlib - Win32 FIPS 140 Debug !MESSAGE You can specify a configuration when running NMAKE !MESSAGE by defining the macro CFG on the command line. For example: !MESSAGE -!MESSAGE NMAKE /f "cryptlib.mak" CFG="cryptlib - Win32 FIPS 140 Debug" +!MESSAGE NMAKE /f "cryptlib.mak" CFG="cryptlib - Win32 Debug" !MESSAGE !MESSAGE Possible choices for configuration are: !MESSAGE -!MESSAGE "cryptlib - Win32 Release" (based on "Win32 (x86) Static Library") -!MESSAGE "cryptlib - Win32 Debug" (based on "Win32 (x86) Static Library") !MESSAGE "cryptlib - Win32 FIPS 140 Release" (based on "Win32 (x86) Static Library") !MESSAGE "cryptlib - Win32 FIPS 140 Debug" (based on "Win32 (x86) Static Library") +!MESSAGE "cryptlib - Win32 Release" (based on "Win32 (x86) Static Library") +!MESSAGE "cryptlib - Win32 Debug" (based on "Win32 (x86) Static Library") !MESSAGE # Begin Project # PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName ""$/cryptlib", BAAAAAAA" -# PROP Scc_LocalPath "." CPP=cl.exe RSC=rc.exe -!IF "$(CFG)" == "cryptlib - Win32 Release" +!IF "$(CFG)" == "cryptlib - Win32 FIPS 140 Release" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "cryptlib" -# PROP BASE Intermediate_Dir "cryptlib" +# PROP BASE Output_Dir "cryptlib___Win32_FIPS_140_Release" +# PROP BASE Intermediate_Dir "cryptlib___Win32_FIPS_140_Release" # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 0 -# PROP Output_Dir "release" -# PROP Intermediate_Dir "release" +# PROP Output_Dir "FIPS_140_Release" +# PROP Intermediate_Dir "FIPS_140_Release" # PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /FD /c -# ADD CPP /nologo /GB /Gd /MT /W3 /GX /Zi /O2 /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /Yu"pch.h" /FD /c +# ADD BASE CPP /nologo /G5 /Gz /MT /W3 /GX /Zi /O2 /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /Yu"pch.h" /FD /c +# ADD CPP /nologo /G5 /Gz /MT /W3 /GX /Zi /O2 /D "NDEBUG" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /D "WIN32" /D CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2=1 /Yu"pch.h" /Fd"FIPS_140_Release/cryptopp" /FD /c # ADD BASE RSC /l 0x409 # ADD RSC /l 0x409 BSC32=bscmake.exe @@ -51,22 +49,22 @@ BSC32=bscmake.exe # ADD BSC32 /nologo LIB32=link.exe -lib # ADD BASE LIB32 /nologo -# ADD LIB32 /nologo +# ADD LIB32 /nologo /out:"FIPS_140_Release\cryptopp.lib" -!ELSEIF "$(CFG)" == "cryptlib - Win32 Debug" +!ELSEIF "$(CFG)" == "cryptlib - Win32 FIPS 140 Debug" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "cryptli0" -# PROP BASE Intermediate_Dir "cryptli0" +# PROP BASE Output_Dir "cryptlib___Win32_FIPS_140_Debug" +# PROP BASE Intermediate_Dir "cryptlib___Win32_FIPS_140_Debug" # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 1 -# PROP Output_Dir "debug" -# PROP Intermediate_Dir "debug" +# PROP Output_Dir "FIPS_140_Debug" +# PROP Intermediate_Dir "FIPS_140_Debug" # PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /Z7 /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /FD /c -# ADD CPP /nologo /MTd /W3 /GX /ZI /Od /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /Yu"pch.h" /FD /c +# ADD BASE CPP /nologo /MTd /W3 /GX /ZI /Od /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /Yu"pch.h" /FD /c +# ADD CPP /nologo /G5 /Gz /MTd /W3 /GX /ZI /Od /D "_DEBUG" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /D "WIN32" /D CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2=1 /Yu"pch.h" /Fd"FIPS_140_Debug/cryptopp" /FD /c # ADD BASE RSC /l 0x409 # ADD RSC /l 0x409 BSC32=bscmake.exe @@ -74,22 +72,22 @@ BSC32=bscmake.exe # ADD BSC32 /nologo LIB32=link.exe -lib # ADD BASE LIB32 /nologo -# ADD LIB32 /nologo +# ADD LIB32 /nologo /out:"FIPS_140_Debug\cryptopp.lib" -!ELSEIF "$(CFG)" == "cryptlib - Win32 FIPS 140 Release" +!ELSEIF "$(CFG)" == "cryptlib - Win32 Release" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "cryptlib___Win32_FIPS_140_Release" -# PROP BASE Intermediate_Dir "cryptlib___Win32_FIPS_140_Release" +# PROP BASE Output_Dir "cryptlib" +# PROP BASE Intermediate_Dir "cryptlib" # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 0 -# PROP Output_Dir "FIPS_140_Release" -# PROP Intermediate_Dir "FIPS_140_Release" +# PROP Output_Dir "Release" +# PROP Intermediate_Dir "Release" # PROP Target_Dir "" -# ADD BASE CPP /nologo /G5 /Gz /MT /W3 /GX /Zi /O2 /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /Yu"pch.h" /FD /c -# ADD CPP /nologo /G5 /Gz /MT /W3 /GX /Zi /O2 /D "NDEBUG" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /D "WIN32" /D CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2=1 /Yu"pch.h" /Fd"FIPS_140_Release/cryptopp" /FD /c +# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /FD /c +# ADD CPP /nologo /MT /W3 /GX /Zi /O2 /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /Yu"pch.h" /FD /c # ADD BASE RSC /l 0x409 # ADD RSC /l 0x409 BSC32=bscmake.exe @@ -97,22 +95,22 @@ BSC32=bscmake.exe # ADD BSC32 /nologo LIB32=link.exe -lib # ADD BASE LIB32 /nologo -# ADD LIB32 /nologo /out:"FIPS_140_Release\cryptopp.lib" +# ADD LIB32 /nologo -!ELSEIF "$(CFG)" == "cryptlib - Win32 FIPS 140 Debug" +!ELSEIF "$(CFG)" == "cryptlib - Win32 Debug" # PROP BASE Use_MFC 0 # PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "cryptlib___Win32_FIPS_140_Debug" -# PROP BASE Intermediate_Dir "cryptlib___Win32_FIPS_140_Debug" +# PROP BASE Output_Dir "cryptli0" +# PROP BASE Intermediate_Dir "cryptli0" # PROP BASE Target_Dir "" # PROP Use_MFC 0 # PROP Use_Debug_Libraries 1 -# PROP Output_Dir "FIPS_140_Debug" -# PROP Intermediate_Dir "FIPS_140_Debug" +# PROP Output_Dir "Debug" +# PROP Intermediate_Dir "Debug" # PROP Target_Dir "" -# ADD BASE CPP /nologo /MTd /W3 /GX /ZI /Od /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /Yu"pch.h" /FD /c -# ADD CPP /nologo /G5 /Gz /MTd /W3 /GX /ZI /Od /D "_DEBUG" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /D "WIN32" /D CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2=1 /Yu"pch.h" /Fd"FIPS_140_Debug/cryptopp" /FD /c +# ADD BASE CPP /nologo /W3 /GX /Z7 /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /FD /c +# ADD CPP /nologo /MTd /W3 /GX /ZI /Od /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "USE_PRECOMPILED_HEADERS" /Yu"pch.h" /FD /c # ADD BASE RSC /l 0x409 # ADD RSC /l 0x409 BSC32=bscmake.exe @@ -120,16 +118,16 @@ BSC32=bscmake.exe # ADD BSC32 /nologo LIB32=link.exe -lib # ADD BASE LIB32 /nologo -# ADD LIB32 /nologo /out:"FIPS_140_Debug\cryptopp.lib" +# ADD LIB32 /nologo !ENDIF # Begin Target -# Name "cryptlib - Win32 Release" -# Name "cryptlib - Win32 Debug" # Name "cryptlib - Win32 FIPS 140 Release" # Name "cryptlib - Win32 FIPS 140 Debug" +# Name "cryptlib - Win32 Release" +# Name "cryptlib - Win32 Debug" # Begin Group "Source Files" # PROP Default_Filter ".cpp" @@ -460,10 +458,6 @@ SOURCE=.\safer.cpp # End Source File # Begin Source File -SOURCE=.\sapphire.cpp -# End Source File -# Begin Source File - SOURCE=.\seal.cpp # End Source File # Begin Source File @@ -920,10 +914,6 @@ SOURCE=.\safer.h # End Source File # Begin Source File -SOURCE=.\sapphire.h -# End Source File -# Begin Source File - SOURCE=.\seal.h # End Source File # Begin Source File diff --git a/c5/cryptlib.h b/c5/cryptlib.h index 9be8849..9dce778 100644 --- a/c5/cryptlib.h +++ b/c5/cryptlib.h @@ -4,7 +4,7 @@ classes that provide a uniform interface to this library. */ -/*! \mainpage <a href="http://www.cryptopp.com">Crypto++</a><sup><small>TM</small></sup> Library 5.0 Reference Manual +/*! \mainpage <a href="http://www.cryptopp.com">Crypto++</a><sup><small>TM</small></sup> Library 5.1 Reference Manual <dl> <dt>Abstract Base Classes<dd> cryptlib.h @@ -106,7 +106,7 @@ public: OTHER_ERROR }; - explicit Exception(ErrorType errorType, const std::string &s) : m_what(s) {} + explicit Exception(ErrorType errorType, const std::string &s) : m_errorType(errorType), m_what(s) {} virtual ~Exception() throw() {} const char *what() const throw() {return (m_what.c_str());} const std::string &GetWhat() const {return m_what;} @@ -33,7 +33,7 @@ public: {m_groupParameters.Initialize(v1, v2);} template <class T2, class T3> - DH_Domain(RandomNumberGenerator &v1, const T2 &v2, const T2 &v3) + DH_Domain(RandomNumberGenerator &v1, const T2 &v2, const T3 &v3) {m_groupParameters.Initialize(v1, v2, v3);} template <class T2, class T3, class T4> @@ -45,7 +45,7 @@ public: {m_groupParameters.Initialize(v1, v2);} template <class T1, class T2, class T3> - DH_Domain(const T1 &v1, const T2 &v2, const T2 &v3) + DH_Domain(const T1 &v1, const T2 &v2, const T3 &v3) {m_groupParameters.Initialize(v1, v2, v3);} template <class T1, class T2, class T3, class T4> diff --git a/c5/files.cpp b/c5/files.cpp index 01028c6..2b42010 100644 --- a/c5/files.cpp +++ b/c5/files.cpp @@ -44,21 +44,6 @@ unsigned long FileStore::MaxRetrievable() const return end-current; } -unsigned int FileStore::Peek(byte &outByte) const -{ - if (!m_stream) - return 0; - - int result = m_stream->peek(); - if (result == EOF) // GCC workaround: 2.95.2 doesn't have char_traits<char>::eof() - return 0; - else - { - outByte = byte(result); - return 1; - } -} - unsigned int FileStore::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking) { if (!m_stream) @@ -103,6 +88,19 @@ unsigned int FileStore::CopyRangeTo2(BufferedTransformation &target, unsigned lo if (!m_stream) return 0; + if (begin == 0 && end == 1) + { + int result = m_stream->peek(); + if (result == EOF) // GCC workaround: 2.95.2 doesn't have char_traits<char>::eof() + return 0; + else + { + unsigned int blockedBytes = target.ChannelPut(channel, byte(result), blocking); + begin += 1-blockedBytes; + return blockedBytes; + } + } + // TODO: figure out what happens on cin streampos current = m_stream->tellg(); streampos endPosition = m_stream->seekg(0, ios::end).tellg(); @@ -164,7 +162,7 @@ bool FileSink::IsolatedFlush(bool hardFlush, bool blocking) m_stream->flush(); if (!m_stream->good()) - throw WriteErr(); + throw WriteErr(); return false; } @@ -180,7 +178,7 @@ unsigned int FileSink::Put2(const byte *inString, unsigned int length, int messa m_stream->flush(); if (!m_stream->good()) - throw WriteErr(); + throw WriteErr(); return 0; } @@ -30,8 +30,6 @@ public: std::istream* GetStream() {return m_stream;} unsigned long MaxRetrievable() const; - unsigned int Peek(byte &outByte) const; - unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true); unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const; diff --git a/c5/filters.cpp b/c5/filters.cpp index 78e6b3c..d2b08fe 100644 --- a/c5/filters.cpp +++ b/c5/filters.cpp @@ -145,7 +145,7 @@ unsigned int MeterFilter::Put2(const byte *begin, unsigned int length, int messa } FILTER_OUTPUT(1, begin, length, messageEnd); - FILTER_END; + FILTER_END_NO_MESSAGE_END; } bool MeterFilter::IsolatedMessageSeriesEnd(bool blocking) @@ -387,35 +387,27 @@ void Redirector::ChannelInitialize(const std::string &channel, const NameValuePa // ************************************************************* ProxyFilter::ProxyFilter(BufferedTransformation *filter, unsigned int firstSize, unsigned int lastSize, BufferedTransformation *attachment) - : FilterWithBufferedInput(firstSize, 1, lastSize, attachment), m_filter(filter), m_proxy(NULL) + : FilterWithBufferedInput(firstSize, 1, lastSize, attachment), m_filter(filter) { if (m_filter.get()) - m_filter->Attach(m_proxy = new OutputProxy(*this, false)); + m_filter->Attach(new OutputProxy(*this, false)); } -void ProxyFilter::IsolatedFlush(bool completeFlush) +bool ProxyFilter::IsolatedFlush(bool hardFlush, bool blocking) { - if (m_filter.get()) - { - bool passSignal = m_proxy->GetPassSignal(); - m_proxy->SetPassSignal(false); - m_filter->Flush(completeFlush, -1); - m_proxy->SetPassSignal(passSignal); - } + return m_filter.get() ? m_filter->Flush(hardFlush, -1, blocking) : false; } void ProxyFilter::SetFilter(Filter *filter) { - bool passSignal = m_proxy ? m_proxy->GetPassSignal() : false; m_filter.reset(filter); if (filter) { - std::auto_ptr<OutputProxy> temp(m_proxy = new OutputProxy(*this, passSignal)); - m_filter->TransferAllTo(*m_proxy); + OutputProxy *proxy; + std::auto_ptr<OutputProxy> temp(proxy = new OutputProxy(*this, false)); + m_filter->TransferAllTo(*proxy); m_filter->Attach(temp.release()); } - else - m_proxy=NULL; } void ProxyFilter::NextPutMultiple(const byte *s, unsigned int len) diff --git a/c5/filters.h b/c5/filters.h index 2b11662..eb119b2 100644 --- a/c5/filters.h +++ b/c5/filters.h @@ -144,8 +144,8 @@ public: /*! calls ForceNextPut() if hardFlush is true */ bool IsolatedFlush(bool hardFlush, bool blocking); - /*! the input buffer may contain more than blockSize bytes if lastSize != 0 - ForceNextPut() forces a call to NextPut() if this is the case + /*! The input buffer may contain more than blockSize bytes if lastSize != 0. + ForceNextPut() forces a call to NextPut() if this is the case. */ void ForceNextPut(); @@ -360,7 +360,7 @@ private: bool m_verified; }; -typedef SignatureVerificationFilter VerifierFilter; // for backwards compatibility +typedef SignatureVerificationFilter VerifierFilter; // for backwards compatibility //! Redirect input to another BufferedTransformation without owning it class Redirector : public CustomSignalPropagation<Sink> @@ -440,14 +440,13 @@ class ProxyFilter : public FilterWithBufferedInput public: ProxyFilter(BufferedTransformation *filter, unsigned int firstSize, unsigned int lastSize, BufferedTransformation *attachment); - void IsolatedFlush(bool completeFlush); + bool IsolatedFlush(bool hardFlush, bool blocking); void SetFilter(Filter *filter); void NextPutMultiple(const byte *s, unsigned int len); protected: member_ptr<BufferedTransformation> m_filter; - OutputProxy *m_proxy; }; //! simple proxy filter that doesn't modify the underlying filter's input or output @@ -494,7 +493,8 @@ public: {if (!parameters.GetValue("OutputStringPointer", m_output)) throw InvalidArgument("StringSink: OutputStringPointer not specified");} unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking) { - m_output->append((const char_type *)begin, (const char_type *)begin+length); + if (length > 0) + m_output->append((const char_type *)begin, (const char_type *)begin+length); return 0; } diff --git a/c5/fipstest.cpp b/c5/fipstest.cpp index 063ab6b..5699390 100644 --- a/c5/fipstest.cpp +++ b/c5/fipstest.cpp @@ -23,6 +23,34 @@ NAMESPACE_BEGIN(CryptoPP) extern PowerUpSelfTestStatus g_powerUpSelfTestStatus; +void KnownAnswerTest(RandomNumberGenerator &rng, const char *output) +{ + EqualityComparisonFilter comparison; + + RandomNumberStore(rng, strlen(output)/2).TransferAllTo(comparison, "0"); + StringSource(output, true, new HexDecoder(new ChannelSwitch(comparison, "1"))); + + comparison.ChannelMessageSeriesEnd("0"); + comparison.ChannelMessageSeriesEnd("1"); +} + +template <class CIPHER> +void X917RNG_KnownAnswerTest( + const char *key, + const char *seed, + const char *output, + unsigned int deterministicTimeVector, + CIPHER *dummy = NULL) +{ + std::string decodedKey, decodedSeed; + StringSource(key, true, new HexDecoder(new StringSink(decodedKey))); + StringSource(seed, true, new HexDecoder(new StringSink(decodedSeed))); + + AutoSeededX917RNG<CIPHER> rng; + rng.Reseed((const byte *)decodedKey.data(), decodedKey.size(), (const byte *)decodedSeed.data(), deterministicTimeVector); + KnownAnswerTest(rng, output); +} + void KnownAnswerTest(StreamTransformation &encryption, StreamTransformation &decryption, const char *plaintext, const char *ciphertext) { EqualityComparisonFilter comparison; @@ -208,6 +236,12 @@ void DoPowerUpSelfTest(const char *moduleFilename, const byte *expectedModuleSha // algorithm tests + X917RNG_KnownAnswerTest<DES_EDE3>( + "48851090B4992453E83CDA86416534E53EA2FCE1A0B3A40C", // key + "7D00BD0A79F6B0F5", // seed + "22B590B08B53363AEB89AD65F81A5B6FB83F326CE06BF35751E6C41B43B729C4", // output + 1489728269); // time vector + SymmetricEncryptionKnownAnswerTest<DES>( "0123456789abcdef", // key "1234567890abcdef", // IV diff --git a/c5/fltrimpl.h b/c5/fltrimpl.h index 6c37bfa..a35e68b 100644 --- a/c5/fltrimpl.h +++ b/c5/fltrimpl.h @@ -17,11 +17,13 @@ FILTER_END_NO_MESSAGE_END_NO_RETURN \ return 0; +/* #define FILTER_END \ case -1: \ - if (Output(-1, NULL, 0, messageEnd, blocking)) \ + if (messageEnd && Output(-1, NULL, 0, messageEnd, blocking)) \ return 1; \ FILTER_END_NO_MESSAGE_END +*/ #define FILTER_OUTPUT2(site, statement, output, length, messageEnd) \ {\ diff --git a/c5/hrtimer.cpp b/c5/hrtimer.cpp index 2dafbca..5245841 100644 --- a/c5/hrtimer.cpp +++ b/c5/hrtimer.cpp @@ -8,7 +8,7 @@ #if defined(CRYPTOPP_WIN32_AVAILABLE) #include <windows.h> -#elif defined(__unix__) +#elif defined(CRYPTOPP_UNIX_AVAILABLE) #include <sys/time.h> #elif defined(macintosh) #include <Timer.h> @@ -24,7 +24,7 @@ word64 Timer::GetCurrentTimerValue() FILETIME now; GetSystemTimeAsFileTime(&now); return now.dwLowDateTime + ((word64)now.dwHighDateTime << 32); -#elif defined(__unix__) +#elif defined(CRYPTOPP_UNIX_AVAILABLE) timeval now; gettimeofday(&now, NULL); return (word64)now.tv_sec * 1000000 + now.tv_usec; diff --git a/c5/hrtimer.h b/c5/hrtimer.h index 81d9fcd..d05dfd1 100644 --- a/c5/hrtimer.h +++ b/c5/hrtimer.h @@ -22,7 +22,7 @@ public: { #if defined(CRYPTOPP_WIN32_AVAILABLE) return 10000; -#elif defined(__unix__) || defined(macintosh) +#elif defined(CRYPTOPP_UNIX_AVAILABLE) || defined(macintosh) return 1000; #endif } diff --git a/c5/integer.cpp b/c5/integer.cpp index 0df3540..35312f6 100644 --- a/c5/integer.cpp +++ b/c5/integer.cpp @@ -1295,8 +1295,10 @@ carry2: class PentiumOptimized : public Portable { public: +#ifndef __pic__ // -fpic uses up a register, leaving too few for the asm code static word Add(word *C, const word *A, const word *B, unsigned int N); static word Subtract(word *C, const word *A, const word *B, unsigned int N); +#endif static void Square4(word *R, const word *A); static void Multiply4(word *C, const word *A, const word *B); static void Multiply8(word *C, const word *A, const word *B); @@ -1306,6 +1308,7 @@ typedef PentiumOptimized LowLevel; // Add and Subtract assembly code originally contributed by Alister Lee +#ifndef __pic__ __attribute__((regparm(3))) word PentiumOptimized::Add(word *C, const word *A, const word *B, unsigned int N) { assert (N%2 == 0); @@ -1381,6 +1384,7 @@ __attribute__((regparm(3))) word PentiumOptimized::Subtract(word *C, const word return carry; } +#endif // __pic__ // Comba square and multiply assembly code originally contributed by Leonard Janke @@ -2142,11 +2146,11 @@ void MontgomeryReduce(word *R, word *T, const word *X, const word *M, const word { MultiplyBottom(R, T, X, U, N); MultiplyTop(T, T+N, X, R, M, N); - if (Subtract(R, X+N, T, N)) - { - word carry = Add(R, R, M, N); - assert(carry); - } + word borrow = Subtract(T, X+N, T, N); + // defend against timing attack by doing this Add even when not needed + word carry = Add(T+N, T, M, N); + assert(carry || !borrow); + CopyWords(R, T + (borrow ? N : 0), N); } // R[N] --- result = X/(2**(WORD_BITS*N/2)) mod M diff --git a/c5/modes.cpp b/c5/modes.cpp index 0222260..70c2323 100644 --- a/c5/modes.cpp +++ b/c5/modes.cpp @@ -63,29 +63,66 @@ void CipherModeBase::SetIV(const byte *iv) void CTR_ModePolicy::SeekToIteration(dword iterationCount) { int carry=0; - for (int i=BlockSize()-1; i>=0 && (iterationCount || carry); i--) + for (int i=BlockSize()-1; i>=0; i--) { - unsigned int sum = m_counterArray[i] + byte(iterationCount) + carry; + unsigned int sum = m_register[i] + byte(iterationCount) + carry; m_counterArray[i] = (byte) sum; carry = sum >> 8; iterationCount >>= 8; } } +static inline void IncrementCounterByOne(byte *inout, unsigned int s) +{ + for (int i=s-1, carry=1; i>=0 && carry; i--) + carry = !++inout[i]; +} + +static inline void IncrementCounterByOne(byte *output, const byte *input, unsigned int s) +{ + for (int i=s-1, carry=1; i>=0; i--) + carry = !(output[i] = input[i]+carry) && carry; +} + +inline void CTR_ModePolicy::ProcessMultipleBlocks(byte *output, const byte *input, unsigned int n) +{ + unsigned int s = BlockSize(), j = 0; + for (unsigned int i=1; i<n; i++, j+=s) + IncrementCounterByOne(m_counterArray + j + s, m_counterArray + j, s); + m_cipher->ProcessAndXorMultipleBlocks(m_counterArray, input, output, n); + IncrementCounterByOne(m_counterArray, m_counterArray + s*(n-1), s); +} + void CTR_ModePolicy::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, unsigned int iterationCount) { unsigned int maxBlocks = m_cipher->OptimalNumberOfParallelBlocks(); - unsigned int sizeIncrement = maxBlocks * m_cipher->BlockSize(); - while (iterationCount >= maxBlocks) + if (maxBlocks == 1) { - ProcessMultipleBlocks(output, input, maxBlocks); - output += sizeIncrement; - input += sizeIncrement; - iterationCount -= maxBlocks; + unsigned int sizeIncrement = BlockSize(); + while (iterationCount) + { + m_cipher->ProcessAndXorBlock(m_counterArray, input, output); + IncrementCounterByOne(m_counterArray, sizeIncrement); + output += sizeIncrement; + input += sizeIncrement; + iterationCount -= 1; + } + } + else + { + unsigned int sizeIncrement = maxBlocks * BlockSize(); + while (iterationCount >= maxBlocks) + { + ProcessMultipleBlocks(output, input, maxBlocks); + output += sizeIncrement; + input += sizeIncrement; + iterationCount -= maxBlocks; + } + if (iterationCount > 0) + ProcessMultipleBlocks(output, input, iterationCount); } - if (iterationCount > 0) - ProcessMultipleBlocks(output, input, iterationCount); } + void CTR_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv) { unsigned int s = BlockSize(); @@ -107,11 +144,11 @@ void BlockOrientedCipherModeBase::ProcessData(byte *outString, const byte *inStr unsigned int s = BlockSize(); assert(length % s == 0); unsigned int alignment = m_cipher->BlockAlignment(); - bool requireAlignedInput = RequireAlignedInput(); + bool inputAlignmentOk = !RequireAlignedInput() || IsAlignedOn(inString, alignment); if (IsAlignedOn(outString, alignment)) { - if (!requireAlignedInput || IsAlignedOn(inString, alignment)) + if (inputAlignmentOk) ProcessBlocks(outString, inString, length / s); else { @@ -123,7 +160,7 @@ void BlockOrientedCipherModeBase::ProcessData(byte *outString, const byte *inStr { while (length) { - if (!requireAlignedInput || IsAlignedOn(inString, alignment)) + if (inputAlignmentOk) ProcessBlocks(m_buffer, inString, 1); else { @@ -131,6 +168,8 @@ void BlockOrientedCipherModeBase::ProcessData(byte *outString, const byte *inStr ProcessBlocks(m_buffer, m_buffer, 1); } memcpy(outString, m_buffer, s); + inString += s; + outString += s; length -= s; } } @@ -9,6 +9,7 @@ #include "misc.h" #include "strciphr.h" #include "argnames.h" +#include "algparam.h" NAMESPACE_BEGIN(CryptoPP) @@ -142,19 +143,7 @@ class CTR_ModePolicy : public ModePolicyCommonTemplate<AdditiveCipherAbstractPol void SeekToIteration(dword iterationCount); IV_Requirement IVRequirement() const {return STRUCTURED_IV;} - static inline void IncrementCounterByOne(byte *output, const byte *input, unsigned int s) - { - for (int i=s-1, carry=1; i>=0 && carry; i--) - carry = !(output[i] = input[i]+1); - } - inline void ProcessMultipleBlocks(byte *output, const byte *input, unsigned int n) - { - unsigned int s = BlockSize(), j = 0; - for (unsigned int i=1; i<n; i++, j+=s) - IncrementCounterByOne(m_counterArray + j + s, m_counterArray + j, s); - m_cipher->ProcessAndXorMultipleBlocks(m_counterArray, input, output, n); - IncrementCounterByOne(m_counterArray, m_counterArray + s*(n-1), s); - } + inline void ProcessMultipleBlocks(byte *output, const byte *input, unsigned int n); SecByteBlock m_counterArray; }; @@ -209,6 +198,8 @@ class CBC_CTS_Encryption : public CBC_Encryption { public: void SetStolenIV(byte *iv) {m_stolenIV = iv;} + unsigned int MinLastBlockSize() const {return BlockSize()+1;} + void ProcessLastBlock(byte *outString, const byte *inString, unsigned int length); protected: void UncheckedSetKey(const NameValuePairs ¶ms, const byte *key, unsigned int length) @@ -216,8 +207,6 @@ protected: CBC_Encryption::UncheckedSetKey(params, key, length); m_stolenIV = params.GetValueWithDefault(Name::StolenIV(), (byte *)NULL); } - unsigned int MinLastBlockSize() const {return BlockSize()+1;} - void ProcessLastBlock(byte *outString, const byte *inString, unsigned int length); byte *m_stolenIV; }; @@ -238,6 +227,7 @@ protected: class CBC_CTS_Decryption : public CBC_Decryption { +public: unsigned int MinLastBlockSize() const {return BlockSize()+1;} void ProcessLastBlock(byte *outString, const byte *inString, unsigned int length); }; @@ -372,7 +362,7 @@ struct CBC_CTS_Mode_ExternalCipher : public CipherModeDocumentation typedef CFB_Mode_ExternalCipher::Encryption CFBEncryption; typedef CFB_Mode_ExternalCipher::Decryption CFBDecryption; typedef OFB_Mode_ExternalCipher::Encryption OFB; -typedef OFB_Mode_ExternalCipher::Encryption CounterMode; +typedef CTR_Mode_ExternalCipher::Encryption CounterMode; #endif NAMESPACE_END @@ -30,7 +30,7 @@ public: {m_groupParameters.Initialize(v1, v2);} template <class T1, class T2, class T3> - MQV_Domain(T1 v1, T2 v2, T2 v3) + MQV_Domain(T1 v1, T2 v2, T3 v3) {m_groupParameters.Initialize(v1, v2, v3);} template <class T1, class T2, class T3, class T4> diff --git a/c5/osrng.cpp b/c5/osrng.cpp index 9f45b86..57f92e7 100644 --- a/c5/osrng.cpp +++ b/c5/osrng.cpp @@ -15,7 +15,9 @@ #endif #include <windows.h> #include <wincrypt.h> -#else +#endif + +#ifdef CRYPTOPP_UNIX_AVAILABLE #include <errno.h> #include <fcntl.h> #include <unistd.h> @@ -96,6 +96,8 @@ public: explicit AutoSeededX917RNG(bool blocking = false) {Reseed(blocking);} void Reseed(bool blocking = false); + // exposed for testing + void Reseed(const byte *key, unsigned int keylength, const byte *seed, unsigned long timeVector); byte GenerateByte(); @@ -107,6 +109,20 @@ private: }; template <class BLOCK_CIPHER> +void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(const byte *key, unsigned int keylength, const byte *seed, unsigned long timeVector) +{ + m_rng.reset(new X917RNG(new typename BLOCK_CIPHER::Encryption(key, keylength), seed, timeVector)); + + if (FIPS_140_2_ComplianceEnabled()) + { + m_lastBlock.resize(16); + m_rng->GenerateBlock(m_lastBlock, m_lastBlock.size()); + m_counter = 0; + m_isDifferent = false; + } +} + +template <class BLOCK_CIPHER> void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(bool blocking) { SecByteBlock seed(BLOCK_CIPHER::BLOCKSIZE + BLOCK_CIPHER::DEFAULT_KEYLENGTH); @@ -117,15 +133,8 @@ void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(bool blocking) key = seed + BLOCK_CIPHER::BLOCKSIZE; } // check that seed and key don't have same value while (memcmp(key, seed, STDMIN((unsigned int)BLOCK_CIPHER::BLOCKSIZE, (unsigned int)BLOCK_CIPHER::DEFAULT_KEYLENGTH)) == 0); - m_rng.reset(new X917RNG(new typename BLOCK_CIPHER::Encryption(key, BLOCK_CIPHER::DEFAULT_KEYLENGTH), seed)); - if (FIPS_140_2_ComplianceEnabled()) - { - m_lastBlock.resize(16); - m_rng->GenerateBlock(m_lastBlock, m_lastBlock.size()); - m_counter = 0; - m_isDifferent = false; - } + Reseed(key, BLOCK_CIPHER::DEFAULT_KEYLENGTH, seed, 0); } template <class BLOCK_CIPHER> @@ -51,20 +51,29 @@ byte LC_RNG::GenerateByte() // ******************************************************** -X917RNG::X917RNG(BlockTransformation *c, const byte *seed) +X917RNG::X917RNG(BlockTransformation *c, const byte *seed, unsigned long deterministicTimeVector) : cipher(c), S(cipher->BlockSize()), dtbuf(S), randseed(seed, S), randbuf(S), - randbuf_counter(0) + randbuf_counter(0), + m_deterministicTimeVector(deterministicTimeVector) { - time_t tstamp1 = time(0); - xorbuf(dtbuf, (byte *)&tstamp1, STDMIN((int)sizeof(tstamp1), S)); - cipher->ProcessBlock(dtbuf); - clock_t tstamp2 = clock(); - xorbuf(dtbuf, (byte *)&tstamp2, STDMIN((int)sizeof(tstamp2), S)); - cipher->ProcessBlock(dtbuf); + if (m_deterministicTimeVector) + { + memset(dtbuf, 0, S); + memcpy(dtbuf, (byte *)&m_deterministicTimeVector, STDMIN((int)sizeof(m_deterministicTimeVector), S)); + } + else + { + time_t tstamp1 = time(0); + xorbuf(dtbuf, (byte *)&tstamp1, STDMIN((int)sizeof(tstamp1), S)); + cipher->ProcessBlock(dtbuf); + clock_t tstamp2 = clock(); + xorbuf(dtbuf, (byte *)&tstamp2, STDMIN((int)sizeof(tstamp2), S)); + cipher->ProcessBlock(dtbuf); + } } byte X917RNG::GenerateByte() @@ -72,8 +81,16 @@ byte X917RNG::GenerateByte() if (randbuf_counter==0) { // calculate new enciphered timestamp - clock_t tstamp = clock(); - xorbuf(dtbuf, (byte *)&tstamp, STDMIN((int)sizeof(tstamp), S)); + if (m_deterministicTimeVector) + { + xorbuf(dtbuf, (byte *)&m_deterministicTimeVector, STDMIN((int)sizeof(m_deterministicTimeVector), S)); + while (++m_deterministicTimeVector == 0) {} // skip 0 + } + else + { + clock_t tstamp = clock(); + xorbuf(dtbuf, (byte *)&tstamp, STDMIN((int)sizeof(tstamp), S)); + } cipher->ProcessBlock(dtbuf); // combine enciphered timestamp with seed @@ -32,8 +32,8 @@ private: class X917RNG : public RandomNumberGenerator { public: - // cipher will be deleted by destructor - X917RNG(BlockTransformation *cipher, const byte *seed); + // cipher will be deleted by destructor, deterministicTimeVector = 0 means obtain time vector from system + X917RNG(BlockTransformation *cipher, const byte *seed, unsigned long deterministicTimeVector = 0); byte GenerateByte(); @@ -43,6 +43,7 @@ private: SecByteBlock dtbuf; // buffer for enciphered timestamp SecByteBlock randseed, randbuf; int randbuf_counter; // # of unused bytes left in randbuf + unsigned long m_deterministicTimeVector; }; /** This class implements Maurer's Universal Statistical Test for Random Bit Generators @@ -22,7 +22,9 @@ void RSA_TestInstantiations() RSASSA<PKCS1v15, SHA>::Verifier x5(x3); RSASSA<PKCS1v15, SHA>::Signer x6 = x2; RSAES<PKCS1v15>::Encryptor x7(x2); +#ifndef __GNUC__ RSAES<PKCS1v15>::Encryptor x8(x3); +#endif RSAES<OAEP<SHA> >::Encryptor x9(x2); x6 = x2; diff --git a/c5/sapphire.cpp b/c5/sapphire.cpp deleted file mode 100644 index 7e46ea7..0000000 --- a/c5/sapphire.cpp +++ /dev/null @@ -1,179 +0,0 @@ -// sapphire.cpp -- modified by Wei Dai from: - -/* sapphire.cpp -- the Saphire II stream cipher class. - Dedicated to the Public Domain the author and inventor: - (Michael Paul Johnson). This code comes with no warranty. - Use it at your own risk. - Ported from the Pascal implementation of the Sapphire Stream - Cipher 9 December 1994. - Added hash pre- and post-processing 27 December 1994. - Modified initialization to make index variables key dependent, - made the output function more resistant to cryptanalysis, - and renamed to Sapphire II 2 January 1995 -*/ - -#include "pch.h" -#include "sapphire.h" - -NAMESPACE_BEGIN(CryptoPP) - -byte SapphireBase::keyrand(unsigned int limit, - const byte *user_key, - byte keysize, - byte *rsum, - unsigned *keypos) -{ - unsigned u, // Value from 0 to limit to return. - retry_limiter, // No infinite loops allowed. - mask; // Select just enough bits. - - retry_limiter = 0; - mask = 1; // Fill mask with enough bits to cover - while (mask < limit) // the desired range. - mask = (mask << 1) + 1; - do - { - *rsum = cards[*rsum] + user_key[(*keypos)++]; - if (*keypos >= keysize) - { - *keypos = 0; // Recycle the user key. - *rsum += keysize; // key "aaaa" != key "aaaaaaaa" - } - u = mask & *rsum; - if (++retry_limiter > 11) - u %= limit; // Prevent very rare long loops. - } - while (u > limit); - return u; -} - -SapphireBase::SapphireBase() - : cards(256) -{ -} - -SapphireBase::SapphireBase(const byte *key, unsigned int keysize) - : cards(256) -{ - assert(keysize < 256); - // Key size may be up to 256 bytes. - // Pass phrases may be used directly, with longer length - // compensating for the low entropy expected in such keys. - // Alternatively, shorter keys hashed from a pass phrase or - // generated randomly may be used. For random keys, lengths - // of from 4 to 16 bytes are recommended, depending on how - // secure you want this to be. - - int i; - byte rsum; - unsigned keypos; - - // Start with cards all in order, one of each. - - for (i=0;i<256;i++) - cards[i] = i; - - // Swap the card at each position with some other card. - - keypos = 0; // Start with first byte of user key. - rsum = 0; - for (i=255;i;i--) - std::swap(cards[i], cards[keyrand(i, key, keysize, &rsum, &keypos)]); - - // Initialize the indices and data dependencies. - // Indices are set to different values instead of all 0 - // to reduce what is known about the state of the cards - // when the first byte is emitted. - - rotor = cards[1]; - ratchet = cards[3]; - avalanche = cards[5]; - last_plain = cards[7]; - last_cipher = cards[rsum]; - - rsum = 0; - keypos = 0; -} - -SapphireBase::~SapphireBase() -{ - rotor = ratchet = avalanche = last_plain = last_cipher = 0; -} - -void SapphireEncryption::ProcessString(byte *outString, const byte *inString, unsigned int length) -{ - while(length--) - *outString++ = SapphireEncryption::ProcessByte(*inString++); -} - -void SapphireEncryption::ProcessString(byte *inoutString, unsigned int length) -{ - while(length--) - { - *inoutString = SapphireEncryption::ProcessByte(*inoutString); - inoutString++; - } -} - -void SapphireDecryption::ProcessString(byte *outString, const byte *inString, unsigned int length) -{ - while(length--) - *outString++ = SapphireDecryption::ProcessByte(*inString++); -} - -void SapphireDecryption::ProcessString(byte *inoutString, unsigned int length) -{ - while(length--) - { - *inoutString = SapphireDecryption::ProcessByte(*inoutString); - inoutString++; - } -} - -SapphireHash::SapphireHash(unsigned int hashLength) - : hashLength(hashLength) -{ - Init(); -} - -void SapphireHash::Init() -{ - // This function is used to initialize non-keyed hash - // computation. - - int i, j; - - // Initialize the indices and data dependencies. - - rotor = 1; - ratchet = 3; - avalanche = 5; - last_plain = 7; - last_cipher = 11; - - // Start with cards all in inverse order. - - for (i=0, j=255;i<256;i++,j--) - cards[i] = (byte) j; -} - -void SapphireHash::Update(const byte *input, unsigned int length) -{ - while(length--) - SapphireEncryption::ProcessByte(*input++); -} - -void SapphireHash::TruncatedFinal(byte *hash, unsigned int size) -{ - ThrowIfInvalidTruncatedSize(size); - - for (int i=255; i>=0; i--) - ProcessByte((byte) i); - - for (unsigned int j=0; j<size; j++) - hash[j] = ProcessByte(0); - - Init(); -} - -NAMESPACE_END diff --git a/c5/sapphire.h b/c5/sapphire.h deleted file mode 100644 index 481554d..0000000 --- a/c5/sapphire.h +++ /dev/null @@ -1,115 +0,0 @@ -#ifndef CRYPTOPP_SAPPHIRE_H -#define CRYPTOPP_SAPPHIRE_H - -#include "seckey.h" -#include "secblock.h" - -NAMESPACE_BEGIN(CryptoPP) - -/// base class, do not use directly -class SapphireBase : public VariableKeyLength<16, 1, 255> -{ -protected: - SapphireBase(); - SapphireBase(const byte *userKey, unsigned int keyLength); - ~SapphireBase(); - - inline void ShuffleCards() - { - ratchet += cards[rotor++]; - byte swaptemp = cards[last_cipher]; - cards[last_cipher] = cards[ratchet]; - cards[ratchet] = cards[last_plain]; - cards[last_plain] = cards[rotor]; - cards[rotor] = swaptemp; - avalanche += cards[swaptemp]; - } - - // These variables comprise the state of the state machine. - - SecByteBlock cards; // A permutation of 0-255. - byte rotor, // Index that rotates smoothly - ratchet, // Index that moves erratically - avalanche, // Index heavily data dependent - last_plain, // Last plain text byte - last_cipher; // Last cipher text byte - -private: - byte keyrand(unsigned int limit, const byte *user_key, byte keysize, byte *rsum, unsigned *keypos); -}; - -/// <a href="http://www.weidai.com/scan-mirror/cs.html#Sapphire-II">Sapphire-II Cipher</a> -class SapphireEncryption : public StreamTransformation, public SapphireBase -{ -public: - SapphireEncryption(const byte *userKey, unsigned int keyLength=DEFAULT_KEYLENGTH) - : SapphireBase(userKey, keyLength) {} - - inline byte ProcessByte(byte b) - { - ShuffleCards(); - last_cipher = b^cards[(cards[ratchet] + cards[rotor]) & 0xFF] ^ - cards[cards[(cards[last_plain] + - cards[last_cipher] + - cards[avalanche])&0xFF]]; - last_plain = b; - return last_cipher; - } - - void ProcessString(byte *outString, const byte *inString, unsigned int length); - void ProcessString(byte *inoutString, unsigned int length); - -protected: - SapphireEncryption() {} // for SapphireHash -}; - -/// <a href="http://www.weidai.com/scan-mirror/cs.html#Sapphire-II">Sapphire-II cipher</a> -class SapphireDecryption : public StreamTransformation, public SapphireBase -{ -public: - SapphireDecryption(const byte *userKey, unsigned int keyLength=DEFAULT_KEYLENGTH) - : SapphireBase(userKey, keyLength) {} - - inline byte ProcessByte(byte b) - { - ShuffleCards(); - last_plain = b^cards[(cards[ratchet] + cards[rotor]) & 0xFF] ^ - cards[cards[(cards[last_plain] + - cards[last_cipher] + - cards[avalanche])&0xFF]]; - last_cipher = b; - return last_plain; - } - - void ProcessString(byte *outString, const byte *inString, unsigned int length); - void ProcessString(byte *inoutString, unsigned int length); -}; - -/// Sapphire Random Number Generator -class SapphireRNG : public RandomNumberGenerator, private SapphireEncryption -{ -public: - SapphireRNG(const byte *seed, unsigned int seedLength) - : SapphireEncryption(seed, seedLength) {} - - inline byte GetByte() {return SapphireEncryption::ProcessByte(0);} -}; - -//! Sapphire Hash -/*! Digest Length = 160 bits */ -class SapphireHash : public HashTransformation, private SapphireEncryption -{ -public: - SapphireHash(unsigned int hashLength=20); - void Update(const byte *input, unsigned int length); - void TruncatedFinal(byte *hash, unsigned int size); - unsigned int DigestSize() const {return hashLength;} - -private: - void Init(); - const unsigned int hashLength; -}; - -NAMESPACE_END - -#endif diff --git a/c5/secblock.h b/c5/secblock.h index 31997b6..e07c6a2 100644 --- a/c5/secblock.h +++ b/c5/secblock.h @@ -371,6 +371,15 @@ inline void swap(CryptoPP::SecBlock<T, A> &a, CryptoPP::SecBlock<T, A> &b) a.swap(b); } +#if defined(_STLPORT_VERSION) && !defined(_STLP_MEMBER_TEMPLATE_CLASSES) +template <class _Tp1, class _Tp2> +inline CryptoPP::AllocatorWithCleanup<_Tp2>& +__stl_alloc_rebind(CryptoPP::AllocatorWithCleanup<_Tp1>& __a, const _Tp2*) +{ + return (CryptoPP::AllocatorWithCleanup<_Tp2>&)(__a); +} +#endif + NAMESPACE_END #endif diff --git a/c5/seckey.h b/c5/seckey.h index aa85d14..36ecd36 100644 --- a/c5/seckey.h +++ b/c5/seckey.h @@ -101,7 +101,7 @@ public: if (n < (unsigned int)MIN_KEYLENGTH) return MIN_KEYLENGTH; else if (n > (unsigned int)MAX_KEYLENGTH) - return MAX_KEYLENGTH; + return (unsigned int)MAX_KEYLENGTH; else { n += KEYLENGTH_MULTIPLE-1; @@ -143,7 +143,7 @@ class SimpleKeyingInterfaceImpl : public BASE { public: unsigned int MinKeyLength() const {return INFO::MIN_KEYLENGTH;} - unsigned int MaxKeyLength() const {return INFO::MAX_KEYLENGTH;} + unsigned int MaxKeyLength() const {return (unsigned int)INFO::MAX_KEYLENGTH;} unsigned int DefaultKeyLength() const {return INFO::DEFAULT_KEYLENGTH;} unsigned int GetValidKeyLength(unsigned int n) const {return INFO::StaticGetValidKeyLength(n);} typename BASE::IV_Requirement IVRequirement() const {return (typename BASE::IV_Requirement)INFO::IV_REQUIREMENT;} @@ -179,7 +179,7 @@ public: CheckedSetKey(this, DIR, key, length, param); } - Clonable * Clone() {return new BlockCipherTemplate<DIR, BASE>(*this);} + Clonable * Clone() const {return new BlockCipherTemplate<DIR, BASE>(*this);} }; //! . @@ -205,7 +205,7 @@ public: CheckedSetKey(this, Empty(), key, length, param); } - Clonable * Clone() {return new MessageAuthenticationCodeTemplate<BASE>(*this);} + Clonable * Clone() const {return new MessageAuthenticationCodeTemplate<BASE>(*this);} }; // ************** documentation *************** diff --git a/c5/simple.h b/c5/simple.h index a9d4f42..f57d1f8 100644 --- a/c5/simple.h +++ b/c5/simple.h @@ -134,14 +134,14 @@ public: {ChannelInitialize(NULL_CHANNEL, parameters, propagation);} bool Flush(bool hardFlush, int propagation=-1, bool blocking=true) {return ChannelFlush(NULL_CHANNEL, hardFlush, propagation, blocking);} - void MessageSeriesEnd(int propagation) - {ChannelMessageSeriesEnd(NULL_CHANNEL, propagation);} + bool MessageSeriesEnd(int propagation=-1, bool blocking=true) + {return ChannelMessageSeriesEnd(NULL_CHANNEL, propagation, blocking);} byte * CreatePutSpace(unsigned int &size) {return ChannelCreatePutSpace(NULL_CHANNEL, size);} unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking) {return ChannelPut2(NULL_CHANNEL, begin, length, messageEnd, blocking);} - unsigned int PutModifiable2(byte *begin, byte *end, int messageEnd, bool blocking) - {return ChannelPutModifiable2(NULL_CHANNEL, begin, end, messageEnd, blocking);} + unsigned int PutModifiable2(byte *inString, unsigned int length, int messageEnd, bool blocking) + {return ChannelPutModifiable2(NULL_CHANNEL, inString, length, messageEnd, blocking);} // void ChannelMessageSeriesEnd(const std::string &channel, int propagation=-1) // {PropagateMessageSeriesEnd(propagation, channel);} diff --git a/c5/strciphr.cpp b/c5/strciphr.cpp index 694d158..78e1a3f 100644 --- a/c5/strciphr.cpp +++ b/c5/strciphr.cpp @@ -16,7 +16,7 @@ byte AdditiveCipherTemplate<S>::GenerateByte() m_leftOver = policy.GetBytesPerIteration(); } - return KeystreamBufferEnd()[-m_leftOver--]; + return *(KeystreamBufferEnd()-m_leftOver--); } template <class S> diff --git a/c5/strciphr.h b/c5/strciphr.h index 12fb95e..2a297bb 100644 --- a/c5/strciphr.h +++ b/c5/strciphr.h @@ -36,9 +36,10 @@ NAMESPACE_BEGIN(CryptoPP) template <class POLICY_INTERFACE, class BASE = Empty> class AbstractPolicyHolder : public BASE { -protected: +public: typedef POLICY_INTERFACE PolicyInterface; +protected: virtual const POLICY_INTERFACE & GetPolicy() const =0; virtual POLICY_INTERFACE & AccessPolicy() =0; }; @@ -130,9 +131,9 @@ public: bool IsRandomAccess() const {return GetPolicy().IsRandomAccess();} void Seek(dword position); -protected: typedef typename BASE::PolicyInterface PolicyInterface; +protected: void UncheckedSetKey(const NameValuePairs ¶ms, const byte *key, unsigned int length); unsigned int GetBufferByteSize(const PolicyInterface &policy) const {return policy.GetBytesPerIteration() * policy.GetIterationsToBuffer();} @@ -220,9 +221,9 @@ public: bool IsRandomAccess() const {return false;} bool IsSelfInverting() const {return false;} -protected: typedef typename BASE::PolicyInterface PolicyInterface; +protected: virtual void CombineMessageAndShiftRegister(byte *output, byte *reg, const byte *message, unsigned int length) =0; void UncheckedSetKey(const NameValuePairs ¶ms, const byte *key, unsigned int length); @@ -262,7 +263,7 @@ public: UncheckedSetKey(params, key, length); } - Clonable * Clone() {return new SymmetricCipherFinalTemplate<BASE, INFO>(*this);} + Clonable * Clone() const {return static_cast<SymmetricCipher *>(new SymmetricCipherFinalTemplate<BASE, INFO>(*this));} }; template <class S> diff --git a/c5/test.cpp b/c5/test.cpp index e5c87c9..77719fe 100644 --- a/c5/test.cpp +++ b/c5/test.cpp @@ -26,7 +26,7 @@ #include <iostream> #include <time.h> -#if defined(_WIN32) || defined(__CYGWIN__) +#ifdef CRYPTOPP_WIN32_AVAILABLE #include <windows.h> #endif @@ -110,7 +110,7 @@ int main(int argc, char *argv[]) { edcFilename = "edc.dat"; -#if defined(_WIN32) || defined(__CYGWIN__) +#ifdef CRYPTOPP_WIN32_AVAILABLE TCHAR filename[MAX_PATH]; GetModuleFileName(GetModuleHandle(NULL), filename, sizeof(filename)); executableName = filename; @@ -357,11 +357,11 @@ void FIPS140_SampleApplication(const char *moduleFilename, const char *edcFilena byte ciphertext[24]; byte decrypted[24]; - CFB_Mode<DES>::Encryption encryption_DES_CBC; + CBC_Mode<DES>::Encryption encryption_DES_CBC; encryption_DES_CBC.SetKeyWithIV(key, 8, iv); encryption_DES_CBC.ProcessString(ciphertext, plaintext, 24); - CFB_Mode<DES>::Decryption decryption_DES_CBC; + CBC_Mode<DES>::Decryption decryption_DES_CBC; decryption_DES_CBC.SetKeyWithIV(key, 8, iv); decryption_DES_CBC.ProcessString(decrypted, ciphertext, 24); diff --git a/c5/validat1.cpp b/c5/validat1.cpp index 88c5b52..9c03951 100644 --- a/c5/validat1.cpp +++ b/c5/validat1.cpp @@ -223,13 +223,18 @@ bool TestOS_RNG() { bool pass = true; + member_ptr<RandomNumberGenerator> rng; #ifdef BLOCKING_RNG_AVAILABLE + try {rng.reset(new BlockingRng);} + catch (OS_RNG_Err &) {} +#endif + + if (rng.get()) { cout << "\nTesting operating system provided blocking random number generator...\n\n"; - BlockingRng rng; ArraySink *sink; - RandomNumberSource test(rng, 100000, false, new Deflator(sink=new ArraySink(NULL,0))); + RandomNumberSource test(*rng, UINT_MAX, false, new Deflator(sink=new ArraySink(NULL,0))); unsigned long total=0, length=0; time_t t = time(NULL), t1 = 0; @@ -270,7 +275,9 @@ bool TestOS_RNG() total += 1; length += 1; } - if (length > 1024) + // turn off this test because it fails on several systems, including Darwin + // they don't block, or gather entropy too fast? + if (false) // (length > 1024) { cout << "FAILED:"; pass = false; @@ -291,17 +298,21 @@ bool TestOS_RNG() cout << "passed:"; cout << " " << total << " generated bytes compressed to " << sink->TotalPutLength() << " bytes by DEFLATE" << endl; } -#else - cout << "\nNo operating system provided blocking random number generator, skipping test." << endl; -#endif + else + cout << "\nNo operating system provided blocking random number generator, skipping test." << endl; + rng.reset(NULL); #ifdef NONBLOCKING_RNG_AVAILABLE + try {rng.reset(new NonblockingRng);} + catch (OS_RNG_Err &) {} +#endif + + if (rng.get()) { cout << "\nTesting operating system provided nonblocking random number generator...\n\n"; - NonblockingRng rng; ArraySink *sink; - RandomNumberSource test(rng, 100000, true, new Deflator(sink=new ArraySink(NULL, 0))); + RandomNumberSource test(*rng, 100000, true, new Deflator(sink=new ArraySink(NULL, 0))); if (sink->TotalPutLength() < 100000) { @@ -312,9 +323,8 @@ bool TestOS_RNG() cout << "passed:"; cout << " 100000 generated bytes compressed to " << sink->TotalPutLength() << " bytes by DEFLATE" << endl; } -#else - cout << "\nNo operating system provided nonblocking random number generator, skipping test." << endl; -#endif + else + cout << "\nNo operating system provided nonblocking random number generator, skipping test." << endl; return pass; } |