Merged with upstream.

19 files changed, 382 insertions, 16 deletions

diff --git a/lib/Crypto/Hash/HMAC.py b/lib/Crypto/Hash/HMAC.py
index 4daff2f..96e0afc 100644
--- a/lib/Crypto/Hash/HMAC.py
+++ b/lib/Crypto/Hash/HMAC.py
@@ -76,7 +76,13 @@ class HMAC:
         except AttributeError:
             self.digest_size = len(self.outer.digest())
 
-        blocksize = 64
+        try:
+            # The block size is 128 bytes for SHA384 and SHA512 and 64 bytes
+            # for the others hash function
+            blocksize = digestmod.block_size
+        except AttributeError:
+            blocksize = 64
+
         ipad = 0x36
         opad = 0x5C
 
diff --git a/lib/Crypto/Hash/SHA.py b/lib/Crypto/Hash/SHA.py
index c806f09..b7a8041 100644
--- a/lib/Crypto/Hash/SHA.py
+++ b/lib/Crypto/Hash/SHA.py
@@ -52,3 +52,4 @@ except ImportError:
     hashFactory = sha
 
 digest_size = 20
+block_size = 64
diff --git a/lib/Crypto/Hash/SHA224.py b/lib/Crypto/Hash/SHA224.py
new file mode 100644
index 0000000..ca0bbf7
--- /dev/null
+++ b/lib/Crypto/Hash/SHA224.py
@@ -0,0 +1,51 @@
+# -*- coding: utf-8 -*-
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+# Just use the SHA module from the Python standard library
+
+__revision__ = "$Id$"
+
+__all__ = ['new', 'digest_size']
+
+from Crypto.Util.wrapper import Wrapper
+
+# The OID for SHA-224 is:
+#
+# id-sha224    OBJECT IDENTIFIER ::= {
+#			joint-iso-itu-t(2)
+#			country(16) us(840) organization(1) gov(101) csor(3)
+#			nistalgorithm(4) hashalgs(2) 4
+#		}
+oid = '\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04'
+
+def new(data=""):
+    obj = Wrapper(hashFactory, data)
+    obj.oid = oid
+    obj.new = globals()['new']
+    if not hasattr(obj, 'digest_size'):
+        obj.digest_size = digest_size
+    return obj
+
+# TOFIX: This code will not work for python<2.5
+import hashlib
+hashFactory = hashlib.sha224
+
+digest_size = 28
+block_size = 64
diff --git a/lib/Crypto/Hash/SHA384.py b/lib/Crypto/Hash/SHA384.py
new file mode 100644
index 0000000..88e8e4a
--- /dev/null
+++ b/lib/Crypto/Hash/SHA384.py
@@ -0,0 +1,52 @@
+# -*- coding: utf-8 -*-
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+# Just use the SHA module from the Python standard library
+
+__revision__ = "$Id$"
+
+__all__ = ['new', 'digest_size']
+
+from Crypto.Util.wrapper import Wrapper
+
+# The OID for SHA-384 is:
+#
+# id-sha384    OBJECT IDENTIFIER ::= {
+#			joint-iso-itu-t(2)
+#			country(16) us(840) organization(1) gov(101) csor(3)
+#			nistalgorithm(4) hashalgs(2) 2
+#		}
+oid = '\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02'
+
+def new(data=""):
+    obj = Wrapper(hashFactory, data)
+    obj.oid = oid
+    obj.new = globals()['new']
+    if not hasattr(obj, 'digest_size'):
+        obj.digest_size = digest_size
+    return obj
+
+# TOFIX: This code will not work for python<2.5
+import hashlib
+hashFactory = hashlib.sha384
+
+digest_size = 48 
+block_size = 128
+
diff --git a/lib/Crypto/Hash/SHA512.py b/lib/Crypto/Hash/SHA512.py
new file mode 100644
index 0000000..e95349f
--- /dev/null
+++ b/lib/Crypto/Hash/SHA512.py
@@ -0,0 +1,52 @@
+# -*- coding: utf-8 -*-
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+# Just use the SHA module from the Python standard library
+
+__revision__ = "$Id$"
+
+__all__ = ['new', 'digest_size']
+
+from Crypto.Util.wrapper import Wrapper
+
+# The OID for SHA-512 is:
+#
+# id-sha512    OBJECT IDENTIFIER ::= {
+#			joint-iso-itu-t(2)
+#			country(16) us(840) organization(1) gov(101) csor(3)
+#			nistalgorithm(4) hashalgs(2) 3
+#		}
+oid = '\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03'
+
+def new(data=""):
+    obj = Wrapper(hashFactory, data)
+    obj.oid = oid
+    obj.new = globals()['new']
+    if not hasattr(obj, 'digest_size'):
+        obj.digest_size = digest_size
+    return obj
+
+# TOFIX: This code will not work for python<2.5
+import hashlib
+hashFactory = hashlib.sha512
+
+digest_size = 64
+block_size = 128
+
diff --git a/lib/Crypto/PublicKey/RSA.py b/lib/Crypto/PublicKey/RSA.py
index 49b9908..92600e0 100644
--- a/lib/Crypto/PublicKey/RSA.py
+++ b/lib/Crypto/PublicKey/RSA.py
@@ -33,6 +33,7 @@ __revision__ = "$Id$"
 __all__ = ['generate', 'construct', 'error', 'importKey' ]
 
 from Crypto.Util.python_compat import *
+from Crypto.Util.number import getRandomRange
 
 from Crypto.PublicKey import _RSA, _slowmath, pubkey
 from Crypto import Random
@@ -65,9 +66,12 @@ class _RSAobj(pubkey.pubkey):
     #:  - **u**, the CRT coefficient (1/p) mod q.
     keydata = ['n', 'e', 'd', 'p', 'q', 'u']
 
-    def __init__(self, implementation, key):
+    def __init__(self, implementation, key, randfunc=None):
         self.implementation = implementation
         self.key = key
+        if randfunc is None:
+            randfunc = Random.new().read
+        self._randfunc = randfunc
 
     def __getattr__(self, attrname):
         if attrname in self.keydata:
@@ -86,7 +90,16 @@ class _RSAobj(pubkey.pubkey):
                                # instead, but this is more compatible and we're
                                # going to replace the Crypto.PublicKey API soon
                                # anyway.
-        return self.key._decrypt(ciphertext)
+
+        # Blinded RSA decryption (to prevent timing attacks):
+        # Step 1: Generate random secret blinding factor r, such that 0 < r < n-1
+        r = getRandomRange(1, self.key.n-1, randfunc=self._randfunc)
+        # Step 2: Compute c' = c * r**e mod n
+        cp = self.key._blind(ciphertext, r)
+        # Step 3: Compute m' = c'**d mod n       (ordinary RSA decryption)
+        mp = self.key._decrypt(cp)
+        # Step 4: Compute m = m**(r-1) mod n
+        return self.key._unblind(mp, r)
 
     def _blind(self, m, r):
         return self.key._blind(m, r)
diff --git a/lib/Crypto/SelfTest/Hash/__init__.py b/lib/Crypto/SelfTest/Hash/__init__.py
index 6f6df2b..b6e6053 100644
--- a/lib/Crypto/SelfTest/Hash/__init__.py
+++ b/lib/Crypto/SelfTest/Hash/__init__.py
@@ -34,7 +34,10 @@ def get_tests(config={}):
     import test_MD5;    tests += test_MD5.get_tests(config=config)
     import test_RIPEMD; tests += test_RIPEMD.get_tests(config=config)
     import test_SHA;    tests += test_SHA.get_tests(config=config)
+    import test_SHA224; tests += test_SHA224.get_tests(config=config)
     import test_SHA256; tests += test_SHA256.get_tests(config=config)
+    import test_SHA384; tests += test_SHA384.get_tests(config=config)
+    import test_SHA512; tests += test_SHA512.get_tests(config=config)
     return tests
 
 if __name__ == '__main__':
diff --git a/lib/Crypto/SelfTest/Hash/test_HMAC.py b/lib/Crypto/SelfTest/Hash/test_HMAC.py
index 572ffc3..44b4022 100644
--- a/lib/Crypto/SelfTest/Hash/test_HMAC.py
+++ b/lib/Crypto/SelfTest/Hash/test_HMAC.py
@@ -174,12 +174,34 @@ test_data = [
             bfdc63644f0713938a7f51535c3a35e2
         '''),
         'RFC 4231 #7 (HMAC-SHA256)'),
+
+    # Test case 8 (SHA224)
+    ('4a656665',
+        '7768617420646f2079612077616e74'
+        + '20666f72206e6f7468696e673f',
+        dict(SHA224='a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44'),
+        'RFC 4634 8.4 SHA224 (HMAC-SHA224)'),
+
+    # Test case 9 (SHA384)
+    ('4a656665',
+        '7768617420646f2079612077616e74'
+        + '20666f72206e6f7468696e673f',
+        dict(SHA384='af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649'),
+        'RFC 4634 8.4 SHA384 (HMAC-SHA384)'),
+
+   # Test case 10 (SHA512)
+    ('4a656665',
+        '7768617420646f2079612077616e74'
+        + '20666f72206e6f7468696e673f',
+        dict(SHA512='164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737'),
+        'RFC 4634 8.4 SHA512 (HMAC-SHA512)'),
+
 ]
 
 def get_tests(config={}):
-    from Crypto.Hash import HMAC, MD5, SHA as SHA1, SHA256
+    from Crypto.Hash import HMAC, MD5, SHA as SHA1, SHA256, SHA224, SHA384, SHA512
     from common import make_mac_tests
-    hashmods = dict(MD5=MD5, SHA1=SHA1, SHA256=SHA256, default=None)
+    hashmods = dict(MD5=MD5, SHA1=SHA1, SHA224=SHA224, SHA256=SHA256, SHA384=SHA384, SHA512=SHA512, default=None)
     return make_mac_tests(HMAC, "HMAC", test_data, hashmods)
 
 if __name__ == '__main__':
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA224.py b/lib/Crypto/SelfTest/Hash/test_SHA224.py
new file mode 100644
index 0000000..66a24bb
--- /dev/null
+++ b/lib/Crypto/SelfTest/Hash/test_SHA224.py
@@ -0,0 +1,54 @@
+# -*- coding: utf-8 -*-
+#
+#  SelfTest/Hash/test_SHA224.py: Self-test for the SHA-224 hash function
+#
+# Written in 2008 by Dwayne C. Litzenberger <dlitz@dlitz.net>
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+"""Self-test suite for Crypto.Hash.SHA224"""
+
+__revision__ = "$Id$"
+
+# Test vectors from various sources
+# This is a list of (expected_result, input[, description]) tuples.
+test_data = [
+
+    # RFC 3874: Section 3.1, "Test Vector #1
+    ('23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7', 'abc'),
+
+    # RFC 3874: Section 3.2, "Test Vector #2
+    ('75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525', 'abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq'),
+
+    # RFC 3874: Section 3.3, "Test Vector #3
+    ('20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67', 'a' * 10**6),
+
+]
+
+def get_tests(config={}):
+    from Crypto.Hash import SHA224
+    from common import make_hash_tests
+    return make_hash_tests(SHA224, "SHA224", test_data, '\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04')
+
+if __name__ == '__main__':
+    import unittest
+    suite = lambda: unittest.TestSuite(get_tests())
+    unittest.main(defaultTest='suite')
+
+# vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA256.py b/lib/Crypto/SelfTest/Hash/test_SHA256.py
index a43608e..b6d7f76 100644
--- a/lib/Crypto/SelfTest/Hash/test_SHA256.py
+++ b/lib/Crypto/SelfTest/Hash/test_SHA256.py
@@ -1,6 +1,6 @@
 # -*- coding: utf-8 -*-
 #
-#  SelfTest/Hash/SHA256.py: Self-test for the SHA-256 hash function
+#  SelfTest/Hash/test_SHA256.py: Self-test for the SHA-256 hash function
 #
 # Written in 2008 by Dwayne C. Litzenberger <dlitz@dlitz.net>
 #
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA384.py b/lib/Crypto/SelfTest/Hash/test_SHA384.py
new file mode 100644
index 0000000..83708b4
--- /dev/null
+++ b/lib/Crypto/SelfTest/Hash/test_SHA384.py
@@ -0,0 +1,54 @@
+# -*- coding: utf-8 -*-
+#
+#  SelfTest/Hash/test_SHA.py: Self-test for the SHA-384 hash function
+#
+# Written in 2008 by Dwayne C. Litzenberger <dlitz@dlitz.net>
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+"""Self-test suite for Crypto.Hash.SHA384"""
+
+__revision__ = "$Id$"
+
+# Test vectors from various sources
+# This is a list of (expected_result, input[, description]) tuples.
+test_data = [
+
+    # RFC 4634: Section Page 8.4, "Test 1"
+    ('cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7', 'abc'),
+
+    # RFC 4634: Section Page 8.4, "Test 2.2"
+    ('09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039', 'abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu'),
+
+    # RFC 4634: Section Page 8.4, "Test 3"
+    ('9d0e1809716474cb086e834e310a4a1ced149e9c00f248527972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985', 'a' * 10**6),
+
+]
+
+def get_tests(config={}):
+    from Crypto.Hash import SHA384
+    from common import make_hash_tests
+    return make_hash_tests(SHA384, "SHA384", test_data, '\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02')
+
+if __name__ == '__main__':
+    import unittest
+    suite = lambda: unittest.TestSuite(get_tests())
+    unittest.main(defaultTest='suite')
+
+# vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/lib/Crypto/SelfTest/Hash/test_SHA512.py b/lib/Crypto/SelfTest/Hash/test_SHA512.py
new file mode 100644
index 0000000..8edfbaf
--- /dev/null
+++ b/lib/Crypto/SelfTest/Hash/test_SHA512.py
@@ -0,0 +1,54 @@
+# -*- coding: utf-8 -*-
+#
+#  SelfTest/Hash/test_SHA512.py: Self-test for the SHA-512 hash function
+#
+# Written in 2008 by Dwayne C. Litzenberger <dlitz@dlitz.net>
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+"""Self-test suite for Crypto.Hash.SHA512"""
+
+__revision__ = "$Id$"
+
+# Test vectors from various sources
+# This is a list of (expected_result, input[, description]) tuples.
+test_data = [
+
+    # RFC 4634: Section Page 8.4, "Test 1"
+    ('ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f', 'abc'),
+
+    # RFC 4634: Section Page 8.4, "Test 2.1"
+    ('8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909', 'abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu'),
+
+    # RFC 4634: Section Page 8.4, "Test 3"
+    ('e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b', 'a' * 10**6),
+
+]
+
+def get_tests(config={}):
+    from Crypto.Hash import SHA512
+    from common import make_hash_tests
+    return make_hash_tests(SHA512, "SHA512", test_data, "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03")
+
+if __name__ == '__main__':
+    import unittest
+    suite = lambda: unittest.TestSuite(get_tests())
+    unittest.main(defaultTest='suite')
+
+# vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/src/MD2.c b/src/MD2.c
index 66e795f..6bb2906 100644
--- a/src/MD2.c
+++ b/src/MD2.c
@@ -32,6 +32,7 @@
 
 #define MODULE_NAME MD2
 #define DIGEST_SIZE 16
+#define BLOCK_SIZE 64
 
 /**
  * id-md2      OBJECT IDENTIFIER ::= {
diff --git a/src/MD4.c b/src/MD4.c
index c5b5711..344982d 100644
--- a/src/MD4.c
+++ b/src/MD4.c
@@ -32,6 +32,7 @@
 
 #define MODULE_NAME MD4
 #define DIGEST_SIZE 16
+#define BLOCK_SIZE 64
 
 /**
  * id-md4      OBJECT IDENTIFIER ::= {
diff --git a/src/RIPEMD160.c b/src/RIPEMD160.c
index 10e8fcf..28aba26 100644
--- a/src/RIPEMD160.c
+++ b/src/RIPEMD160.c
@@ -49,6 +49,7 @@
 #include "Python.h"
 
 #define RIPEMD160_DIGEST_SIZE 20
+#define BLOCK_SIZE 64
 
 /**
  * See http://homes.esat.kuleuven.be/~bosselae/ripemd160.html#More
diff --git a/src/SHA256.c b/src/SHA256.c
index bcdc60f..ae01e95 100644
--- a/src/SHA256.c
+++ b/src/SHA256.c
@@ -34,6 +34,7 @@
 #include "Python.h"
 #define MODULE_NAME SHA256
 #define DIGEST_SIZE 32
+#define BLOCK_SIZE 64
 
 /**
  * id-sha256    OBJECT IDENTIFIER ::= {
diff --git a/src/_fastmath.c b/src/_fastmath.c
index ed0f82b..cbf1536 100755
--- a/src/_fastmath.c
+++ b/src/_fastmath.c
@@ -134,7 +134,7 @@ dsaSign (dsaKey * key, mpz_t m, mpz_t k, mpz_t r, mpz_t s)
 		return 1;
 	}
 	mpz_init (temp);
-	mpz_powm (r, key->g, k, key->p);
+	mpz_powm_sec (r, key->g, k, key->p);
 	mpz_mod (r, r, key->q);
 	mpz_invert (s, k, key->q);
 	mpz_mul (temp, key->x, r);
@@ -163,8 +163,8 @@ dsaVerify (dsaKey * key, mpz_t m, mpz_t r, mpz_t s)
 	mpz_mod (u1, u1, key->q);
 	mpz_mul (u2, r, w);
 	mpz_mod (u2, u2, key->q);
-	mpz_powm (v1, key->g, u1, key->p);
-	mpz_powm (v2, key->y, u2, key->p);
+	mpz_powm_sec (v1, key->g, u1, key->p);
+	mpz_powm_sec (v2, key->y, u2, key->p);
 	mpz_mul (w, v1, v2);
 	mpz_mod (w, w, key->p);
 	mpz_mod (w, w, key->q);
@@ -188,7 +188,7 @@ rsaEncrypt (rsaKey * key, mpz_t v)
 	{
 		return 1;
 	}
-	mpz_powm (v, v, key->e, key->n);
+	mpz_powm_sec (v, v, key->e, key->n);
 	return 0;
 }
 
@@ -216,11 +216,11 @@ rsaDecrypt (rsaKey * key, mpz_t v)
         /* m1 = c ^ (d mod (p-1)) mod p */
         mpz_sub_ui(h, key->p, 1);
         mpz_fdiv_r(h, key->d, h);
-        mpz_powm(m1, v, h, key->p);
+        mpz_powm_sec(m1, v, h, key->p);
         /* m2 = c ^ (d mod (q-1)) mod q */
         mpz_sub_ui(h, key->q, 1);
         mpz_fdiv_r(h, key->d, h);
-        mpz_powm(m2, v, h, key->q);
+        mpz_powm_sec(m2, v, h, key->q);
         /* h = u * ( m2 - m1 + q) mod q */
         mpz_sub(h, m2, m1);
         if (mpz_sgn(h)==-1)
@@ -239,7 +239,7 @@ rsaDecrypt (rsaKey * key, mpz_t v)
     }
 
     /* slow */
-	mpz_powm (v, v, key->d, key->n);
+	mpz_powm_sec (v, v, key->d, key->n);
 	return 0;
 }
 
@@ -254,7 +254,7 @@ rsaBlind (rsaKey * key, mpz_t v, mpz_t b)
         {
             return 2;
         }
-    mpz_powm (b, b, key->e, key->n);
+    mpz_powm_sec (b, b, key->e, key->n);
     mpz_mul (v, v, b);
     mpz_mod (v, v, key->n);
     return 0;
@@ -1164,7 +1164,7 @@ rabinMillerTest (mpz_t n, int rounds, PyObject *randfunc)
 			}
 		} while (base_was_tested);
 		mpz_init_set (tested[i], a);
-		mpz_powm (z, a, m, n);
+		mpz_powm_sec (z, a, m, n);
 		if ((mpz_cmp_ui (z, 1) == 0) || (mpz_cmp (z, n_1) == 0))
 			continue;
 		composite = 1;
diff --git a/src/block_template.c b/src/block_template.c
index 9ce2de6..a4be66a 100644
--- a/src/block_template.c
+++ b/src/block_template.c
@@ -212,7 +212,6 @@ ALGnew(PyObject *self, PyObject *args, PyObject *kwdict)
 	block_init(&(new->st), key, keylen);
 	if (PyErr_Occurred())
 	{
-		Py_XDECREF(counter);
 		Py_DECREF(new);
 		return NULL;
 	}
diff --git a/src/hash_template.c b/src/hash_template.c
index c3e651f..9fd130b 100644
--- a/src/hash_template.c
+++ b/src/hash_template.c
@@ -270,6 +270,7 @@ _MODULE_NAME (void)
 
 	/* Add some symbolic constants to the module */
 	PyModule_AddIntConstant(m, "digest_size", DIGEST_SIZE);
+	PyModule_AddIntConstant(m, "block_size", BLOCK_SIZE);
 
 	/* Check for errors */
 	if (PyErr_Occurred())