| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| |
| | |
This should fix a FreeBSD build issue:
https://bugs.launchpad.net/pycrypto/+bug/1264130
Thanks to Richard Mitchell <richard.j.mitchell@gmail.com> for suggesting
how to fix this.
|
| | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Original tarball downloaded from:
http://libtom.org/files/crypt-1.17.tar.bz2
http://libtom.org/files/crypt-1.17.tar.bz2.sig
SHA256 sums:
e33b47d77a495091c8703175a25c8228aff043140b2554c08a3c3cd71f79d116 *crypt-1.17.tar.bz2
8f52ddfb17656f7a2e510d92a26c8b33e0c1f431af7febd9cf1298a77b5fd932 *crypt-1.17.tar.bz2.sig
libtomcrypt-1.17/LICENSE says:
LibTomCrypt is public domain. As should all quality software be.
Tom St Denis
|
|
|
|
| |
tomcrypt_des.c
|
|
|
|
|
|
|
| |
clang provides the same constant as bit_AESNI in some versions, and doesn't
provide it at all in others.
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
|
|
|
|
|
| |
clang-3.3 is stricter regarding the second argument of _mm_shuffle_epi32.
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
|\ |
|
| | |
|
|/ |
|
|
|
|
|
|
|
| |
- Set errno properly when using posix_memalign
- Rename to aligned_malloc_wrapper / aligned_free_wrapper
- Use a single set of #if blocks, to avoid the possibility of
mismatching them.
|
|\ |
|
| |
| |
| |
| | |
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
| |
| |
| |
| | |
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
| |
| |
| |
| |
| |
| |
| | |
For _aligned_malloc calling free is illegal. We need to use_aligned_free
instead.
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
| |
| |
| |
| |
| |
| | |
This also fixes the order of arguments passed to _aligned_malloc.
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
| |
| |
| |
| |
| |
| |
| |
| | |
ek and dk are used as operands in instructions that require 16 byte alignment.
Thanks to Greg Price for finding this issue.
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
| |
| |
| |
| |
| |
| | |
This is the counterpart to block_init which is called from ALGnew.
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
| |
| |
| |
| | |
Signed-off-by: Sebastian Ramacher <sebastian+dev@ramacher.at>
|
| | |
|
| | |
|
|/
|
|
|
|
|
|
|
|
|
|
| |
The IV parameter is currently ignored when initializing
a cipher in ECB or CTR mode.
For CTR mode, it is confusing: it takes some time to see
that a different parameter is needed (the counter).
For ECB mode, it is outright dangerous.
This patch forces an exception to be raised.
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes this warning:
In file included from src/CAST.c:453:0:
src/block_template.c: In function ‘ALG_Encrypt’:
src/block_template.c:426:12: warning: format ‘%i’ expects argument of
type ‘int’, but argument 3 has type ‘Py_ssize_t’ [-Wformat=]
ctr->buf_size, BLOCK_SIZE);
^
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GCM mode requires GHASH for 2 different operations: one for
the data (AD + ciphertext) and one for the IV.
Construction of tables to speed-up GHASH is very expensive
and it is worth doing only for the data, not for the IV.
This patch ensures that the GHASH for the IV does not
use tables, with a ~40% faster key setup.
[dlitz@dlitz.net: Whitespace fixed with "git rebase --whitespace=fix"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tables take 64KByte per each key.
Encryption performance is more than doubled
(29 MBps vs 8MBps for AES128).
As a drawback, key setup is much slower (1300 key/s
on the same machine).
[dlitz@dlitz.net: Replaced MacMismatchError with ValueError]
[dlitz@dlitz.net: Replaced ApiUsageError with TypeError]
[dlitz@dlitz.net: Included changes from the following commits from the author's pull request:]
- [9c13f9c] Rename 'IV' parameter to 'nonce' for AEAD modes.
- [ca460a7] Made blockalgo.py more PEP-8 compliant; The second parameter
of the _GHASH constructor is now the length of the block
(block_size) and not the full module.
[dlitz@dlitz.net: Whitespace fixed with "git rebase --whitespace=fix"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The main change done by this commit is adding support
for MODE_GCM (NIST SP 800 38D). Test vectors are included.
The mode uses a C extension (Crypto.Util.galois._ghash)
to compute the GHASH step. The C implementation is the most
basic one and it is still significantly (5x times) slower than CTR.
Optimizations can be introduced using tables (CPU/memory trade-off)
or even AES NI instructions on newer x86 CPUs.
This patch also simplifies Crypto.Cipher.blockalgo.py by:
* removing duplicated code previously shared by digest() and verify().
* removing duplicated code previously shared by Crypto.Hash.CMAC
and Crypto.Cipher.block_algo (management of internal buffers
for MACs that can only operate on block aligned data, like
CMAC, CBCMAC, and now also GHASH).
[dlitz@dlitz.net: Included changes from the following commits from the author's pull request:]
- [9c13f9c] Rename 'IV' parameter to 'nonce' for AEAD modes.
- [ca460a7] Made blockalgo.py more PEP-8 compliant;
The second parameter of the _GHASH constructor
is now the length of the block (block_size)
and not the full module.
[dlitz@dlitz.net: Replaced MacMismatchError with ValueError]
[dlitz@dlitz.net: Replaced ApiUsageError with TypeError]
[dlitz@dlitz.net: Replaced renamed variable `ht` with original `h`]
[dlitz@dlitz.net: Whitespace fixed with "git rebase --whitespace=fix"]
|
|
|
|
|
|
| |
When the counter function returns an incorrect counter block to
the cipher in CTR mode, the error message includes both the required and
the provided amount of data (in bytes).
|
|
|
|
| |
Closes: https://bugs.launchpad.net/pycrypto/+bug/1096857
|
|
|
|
|
|
| |
Closes: https://bugs.launchpad.net/pycrypto/+bug/996193
Closes: https://github.com/dlitz/pycrypto/pull/26
[dlitz: Squashed and fixed whitespace.]
|
|
|
|
|
|
|
|
| |
- Add __all__ to C cipher & hash modules
- Update hash module docstrings to document the block_size and
digest_size variables.
Closes: https://bugs.launchpad.net/pycrypto/+bug/1179255
|
| |
|
| |
|
|
|
|
| |
Also rename _fastmath_module -> m for consistency
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
This is the first of a series of changes that aims to reduce code
duplication between the Python 3 and Python 2 versions of the C
extensions.
|
| |
|
|
|
|
|
| |
Many years ago, this was removed from block_template, but not from
stream_template.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `disable_shortcut` option served as a workaround in case
`__PCT_CTR_SHORTCUT__` leaked through a wrapper object, but I don't
think anyone actually used it, and it was a bad idea to expose it as
part of the public API.
Now that we do strong type checking inside block_template.c, there
shoujld be no need to ever use this option. It's now a no-op, retained
for backward compatibility only. It will be removed in some future
version of PyCrypto.
|
|
|
|
|
|
|
|
|
| |
The leak arose from the string creation in this line:
PyObject_HasAttr(counter, PyUnicode_FromString("__PCT_CTR_SHORTCUT__"))
This commit replaces the __PCT_CTR_SHORTCUT__ hack with code that
imports the _counter module and checks the appropriate types.
|