[svn] gcry - r1437 - in branches/LIBGCRYPT-1-4-BRANCH: . cipher doc src tests
svn author wk
cvs at cvs.gnupg.org
Tue Jul 13 16:25:04 CEST 2010
Author: wk
Date: 2010-07-13 16:25:01 +0200 (Tue, 13 Jul 2010)
New Revision: 1437
Added:
branches/LIBGCRYPT-1-4-BRANCH/tests/aeswrap.c
Modified:
branches/LIBGCRYPT-1-4-BRANCH/ChangeLog
branches/LIBGCRYPT-1-4-BRANCH/NEWS
branches/LIBGCRYPT-1-4-BRANCH/README
branches/LIBGCRYPT-1-4-BRANCH/cipher/ChangeLog
branches/LIBGCRYPT-1-4-BRANCH/cipher/cipher.c
branches/LIBGCRYPT-1-4-BRANCH/cipher/md.c
branches/LIBGCRYPT-1-4-BRANCH/cipher/tiger.c
branches/LIBGCRYPT-1-4-BRANCH/configure.ac
branches/LIBGCRYPT-1-4-BRANCH/doc/announce.txt
branches/LIBGCRYPT-1-4-BRANCH/src/ChangeLog
branches/LIBGCRYPT-1-4-BRANCH/src/cipher.h
branches/LIBGCRYPT-1-4-BRANCH/src/gcrypt.h.in
branches/LIBGCRYPT-1-4-BRANCH/tests/ChangeLog
branches/LIBGCRYPT-1-4-BRANCH/tests/Makefile.am
branches/LIBGCRYPT-1-4-BRANCH/tests/basic.c
Log:
Add new algorithms and modes.
Prepare a release.
Modified: branches/LIBGCRYPT-1-4-BRANCH/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/ChangeLog 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/ChangeLog 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,3 +1,9 @@
+2010-07-13 Werner Koch <wk at g10code.com>
+
+ Release 1.4.6.
+
+ * configure.ac: Bump LT version to C17/A6/R0.
+
2009-12-11 Werner Koch <wk at g10code.com>
Release 1.4.5.
@@ -45,7 +51,7 @@
2008-08-19 Werner Koch <wk at g10code.com>
Release 1.4.2rc1.
-
+
* configure.ac: Bump LT version to C16/A5/R0.
2008-08-18 Werner Koch <wk at g10code.com>
@@ -65,7 +71,7 @@
2008-04-25 Werner Koch <wk at g10code.com>
Release 1.4.1.
-
+
* configure.ac: Bump LT version to C15/A4/R4.
2008-04-22 Werner Koch <wk at g10code.com>
@@ -103,7 +109,7 @@
2007-12-10 Werner Koch <wk at g10code.com>
Released 1.4.0.
-
+
* configure.ac: Set LT to C15/A4/R3.
2007-12-05 Werner Koch <wk at g10code.com>
@@ -143,7 +149,7 @@
in the test program which lurked there for 4 years. Adjusted name
of libtools global_system_pipe variable and add extra cut stage.
Reported by Gregor Riepl.
-
+
2007-06-15 Werner Koch <wk at g10code.com>
* autogen.sh (FORCE): Use = and not == in test to be POSIXly correct.
@@ -180,7 +186,7 @@
Released 1.3.0.
* configure.ac: Set LT to C15/A4/R0.
-
+
* configure.ac: Require automake 1.10
(AM_PROG_CC_C_O): New.
@@ -190,7 +196,7 @@
2007-05-02 Werner Koch <wk at g10code.com>
- * configure.ac (LIBGCRYPT_DIGESTS, LIBGCRYPT_CIPHERS)
+ * configure.ac (LIBGCRYPT_DIGESTS, LIBGCRYPT_CIPHERS)
(LIBGCRYPT_PUBKEY_CIPHERS): Ac_define lists of algorithms.
(default_ciphers): Don't make camellia a default.
@@ -234,7 +240,7 @@
* configure.ac: Bump LT version to C14/A3/R0 in preparation for a
release.
-
+
* autogen.sh: Add option --force.
* configure.ac: New option --disable-endian-check. Use a real
noexecstack test instead of requiring an option. Add SVN version
@@ -287,7 +293,7 @@
2006-07-26 Werner Koch <wk at g10code.com>
* configure.ac: New options --enable-noexecstack and
- --disable-optimization.
+ --disable-optimization.
2006-07-04 Marcus Brinkmann <marcus at g10code.de>
@@ -329,7 +335,7 @@
* configure.ac: Move detection of basic stuff to the top. For
example we need to know whether gcc is used before testing for it.
Reported by Ralf Fassel.
-
+
2005-04-23 Moritz Schulte <moritz at g10code.com>
* acinclude.m4 (TYPE_SOCKLEN_T): New type definition test;
@@ -351,9 +357,9 @@
2005-01-04 Werner Koch <wk at g10code.com>
Updated to automake 1.9.
-
- * acinclude.m4: Updated for use with automake 1.9.
+ * acinclude.m4: Updated for use with automake 1.9.
+
* configure.ac: Require libgpg-error 1.0; not really needed but
that is the first stable version.
@@ -387,7 +393,7 @@
2004-04-15 Werner Koch <wk at gnupg.org>
Released 1.2.0.
-
+
* configure.ac: Set LT to C12/A1/R1.
2004-04-06 Werner Koch <wk at gnupg.org>
@@ -412,7 +418,7 @@
Released 1.1.93.
- * configure.ac (LIBGCRYPT_CONFIG_SONAME_NUMBER): Replaced by
+ * configure.ac (LIBGCRYPT_CONFIG_SONAME_NUMBER): Replaced by
LIBGCRYPT_CONPIG_API_VERSION. Set it to 1. Set LT to C11/A0/R1.
2004-03-05 Werner Koch <wk at gnupg.org>
@@ -422,7 +428,7 @@
2004-02-20 Werner Koch <wk at gnupg.org>
Released 1.1.92.
-
+
* configure.ac: Set LT to C11/A0/R0.
2004-02-11 Werner Koch <wk at gnupg.org>
@@ -440,7 +446,7 @@
2003-12-19 Werner Koch <wk at gnupg.org>
Released 1.1.91.
-
+
* configure.ac: Bumbed LT version to C10/A3/R1.
2003-12-08 Werner Koch <wk at gnupg.org>
@@ -458,9 +464,9 @@
2003-11-14 Werner Koch <wk at gnupg.org>
Released 1.1.90.
-
+
* configure.ac: Bumbed LT version to C10/A3/R0.
-
+
* configure.ac (have_ld_version_script): Set the default in
a separate test.
(PRINTABLE_OS_NAME): Don't handle the Hurd extra, this leads to
@@ -478,7 +484,7 @@
development
Released 1.1.44.
-
+
* acinclude.m4 (AC_CHECK_PTH): Added.
* configure.ac: Use it here instead of the generic lib test.
Bumbed LT vesion to C9/A2/R0.
@@ -521,7 +527,7 @@
2003-07-31 Werner Koch <wk at gnupg.org>
Released 1.1.42.
-
+
* configure.ac: Set LT version to 7/0/0.
2003-07-30 Werner Koch <wk at gnupg.org>
@@ -545,7 +551,7 @@
2003-07-05 Moritz Schulte <moritz at g10code.com>
* README: Few changes, mention libgpg-error.
-
+
2003-06-18 Moritz Schulte <moritz at g10code.com>
* configure.ac (available_ciphers): Removed Serpent, hrrm.
@@ -558,7 +564,7 @@
GNUPG_SYS_SYMBOL_UNDERSCORE, GNUPG_FUNC_MKDIR_TAKES_ONE_ARG,
GPH_PROG_DB2ANY.
Added macro definitions: AM_PATH_GPG_ERROR.
-
+
* configure.ac: Use alternative approach for building based on
conditional sources, which does not make automake eat all your
memory, etc.
@@ -633,8 +639,8 @@
* configure.ac: Removed code for generating contruct.c.
Remove digest modules from the static_modules list, only handle
random module selection.
-
+
2003-03-24 Moritz Schulte <moritz at g10code.com>
* NEWS: Mention new CBC_MAC flag.
@@ -650,7 +656,7 @@
2003-01-21 Werner Koch <wk at gnupg.org>
- * README (Configure options): New.
+ * README (Configure options): New.
* configure.ac (have_ld_version_script): New option
--enable-ld-version-script.
@@ -661,13 +667,13 @@
2003-01-20 Werner Koch <wk at gnupg.org>
Released 1.1.12.
-
+
* configure.ac (LIBGCRYPT_LT_REVISION): Bumbed up.
2002-12-21 Werner Koch <wk at gnupg.org>
Released 1.1.11.
-
+
* configure.ac (LIBGCRYPT_LT_CURRENT: Bumbed to 6/5/0 due to a new
interface
@@ -692,7 +698,7 @@
2002-09-18 Timo Schulz <ts at winpt.org>
* configure.ac: Added makefile for the W32 DLL.
-
+
2002-09-17 Werner Koch <wk at gnupg.org>
* configure.ac: Check for Pth and Pthreads.
@@ -700,7 +706,7 @@
2002-08-23 Werner Koch <wk at gnupg.org>
Released 1.1.9.
-
+
* configure.ac (LIBGCRYPT_CONFIG_CFLAGS): Renamed from
LIBGCRYPT_CFLAGS and removed the libpath because it is set by the
config script.
@@ -709,13 +715,13 @@
2002-06-25 Werner Koch <wk at gnupg.org>
Released 1.1.8.
-
- * configure.ac: Set LT version to 5/4/0.
+ * configure.ac: Set LT version to 5/4/0.
+
2002-05-21 Werner Koch <wk at gnupg.org>
Released 1.1.7.
-
+
* configure.ac: Set LT version to 4/3/0.
2002-05-17 Werner Koch <wk at gnupg.org>
@@ -741,7 +747,7 @@
* configure.ac (jnlib/Makefile): Removed.
* configure.ac: Define _REENTRANT.
-
+
2002-02-18 Werner Koch <wk at gnupg.org>
* configure.ac (MPI_EXTRA_ASM_OBJS): Use .lo suffix.
@@ -749,7 +755,7 @@
2002-02-07 Werner Koch <wk at gnupg.org>
- Released 1.1.6.
+ Released 1.1.6.
2002-01-24 Werner Koch <wk at gnupg.org>
@@ -778,7 +784,7 @@
Released 1.1.4.
* acinclude.m4 (GNUPG_CHECK_TYPEDEF): Define GNU Source.
-
+
Migrated to autoconf 2.52.
* acinclude.m4: Removed GNUPG_LINK_FILES and converted.
* acconfig.h: Removed
@@ -789,7 +795,7 @@
* tests/: New.
* Makefile.am: Included tests directory
-
+
* configure.in (DYNLINK_MOD_CFLAGS): Use -shared with dec-osf.
Reported by Chris Adams. Merged some cases.
@@ -1339,9 +1345,9 @@
* configure.in : Fixed zlib stuff
* Makefile.am: Likewise
-
+
Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006,
- 2007, 2008, 2009 Free Software Foundation, Inc.
+ 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
@@ -1350,4 +1356,3 @@
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-
Modified: branches/LIBGCRYPT-1-4-BRANCH/cipher/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/cipher/ChangeLog 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/cipher/ChangeLog 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,3 +1,26 @@
+2010-07-13 Werner Koch <wk at g10code.com>
+
+ * cipher.c (do_aeswrap_encrypt, do_aeswrap_decrypt): New. Take
+ from current SVN trunk.
+ (gcry_cipher_open, gcry_cipher_encrypt, gcry_cipher_decrypt): Hook
+ them in.
+ (struct gcry_cipher_handle): Add field MARKS.
+ (cipher_setkey, cipher_setiv): Set MARKS.
+ (cipher_reset): Clear MARKS.
+
+2010-07-09 Werner Koch <wk at g10code.com>
+
+ * tiger.c (asn): Unfetter the old TIGER from an OID.
+ (TIGER_CONTEXT): Add field VARIANT.
+ (tiger_init): Factor code out to ...
+ (do_init): ... new.
+ (tiger1_init, tiger2_init): New.
+ (_gcry_digest_spec_tiger1, _gcry_digest_spec_tiger2): New.
+ * md.c (digest_table): Add TIGER1 and TIGER2 variants.
+
+ * md.c (md_read): Fix incomplete check for NULL. Reported by
+ Fabian Kail.
+
2009-12-11 Werner Koch <wk at g10code.com>
* Makefile.am (o_flag_munging): New.
Modified: branches/LIBGCRYPT-1-4-BRANCH/src/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/src/ChangeLog 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/src/ChangeLog 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,3 +1,15 @@
+2010-07-13 Werner Koch <wk at g10code.com>
+
+ * gcrypt.h.in (GCRY_CIPHER_MODE_AESWRAP): New.
+
+2010-07-09 Werner Koch <wk at g10code.com>
+
+ * gcrypt.h.in (GCRY_MD_TIGER1, GCRY_MD_TIGER2): New.
+
+ * gcrypt.h.in [!__GNUC__ && W32]: Typedef ssize_t and pid_t to
+ help building with MSVC.
+ * gcrypt.h.in [W32]: Include time.h and not sys/time.h.
+
2009-11-29 Werner Koch <wk at g10code.com>
* hwfeatures.c (detect_ia32_gnuc): Replace "=r" by "+r" so that
Modified: branches/LIBGCRYPT-1-4-BRANCH/tests/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/tests/ChangeLog 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/tests/ChangeLog 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,3 +1,12 @@
+2010-07-13 Werner Koch <wk at g10code.com>
+
+ * aeswrap.c: New. Take from trunk.
+
+2010-07-09 Werner Koch <wk at g10code.com>
+
+ * basic.c (check_digests): Add tests for TIGER1 and TIGER2 from
+ the NESSIE project.
+
2010-06-10 Werner Koch <wk at g10code.com>
* t-mpi-bit.c (mpi2bitstr_nlz): Handle case for LENGTH==0.
Modified: branches/LIBGCRYPT-1-4-BRANCH/NEWS
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/NEWS 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/NEWS 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,3 +1,17 @@
+Noteworthy changes in version 1.4.6 (2010-07-13)
+------------------------------------------------
+
+ * New variants of the TIGER algorithm.
+
+ * New cipher algorithm mode for AES-WRAP.
+
+ * Interface changes relative to the 1.4.2 release:
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ GCRY_MD_TIGER1 NEW.
+ GCRY_MD_TIGER2 NEW.
+ GCRY_CIPHER_MODE_AESWRAP NEW.
+
+
Noteworthy changes in version 1.4.5 (2009-12-11)
------------------------------------------------
@@ -601,7 +615,7 @@
Copyright 2001, 2002, 2003, 2004, 2007, 2008,
- 2009 Free Software Foundation, Inc.
+ 2009, 2010 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
Modified: branches/LIBGCRYPT-1-4-BRANCH/README
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/README 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/README 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,10 +1,10 @@
Libgcrypt - The GNU Crypto Library
------------------------------------
- Version 1.4.5
+ Version 1.4.6
Copyright 2000, 2002, 2003, 2004, 2007, 2008,
- 2009 Free Software Foundation, Inc.
+ 2009, 2010 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
Modified: branches/LIBGCRYPT-1-4-BRANCH/cipher/cipher.c
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/cipher/cipher.c 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/cipher/cipher.c 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,6 +1,6 @@
/* cipher.c - cipher dispatcher
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- * 2005, 2007, 2008 Free Software Foundation, Inc.
+ * 2005, 2007, 2008, 2010 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
@@ -192,6 +192,11 @@
int mode;
unsigned int flags;
+ struct {
+ unsigned int key:1; /* Set to 1 if a key has been set. */
+ unsigned int iv:1; /* Set to 1 if a IV has been set. */
+ } marks;
+
/* The initialization vector. To help code optimization we make
sure that it is aligned on an unsigned long and u32 boundary. */
union {
@@ -724,6 +729,7 @@
case GCRY_CIPHER_MODE_CFB:
case GCRY_CIPHER_MODE_OFB:
case GCRY_CIPHER_MODE_CTR:
+ case GCRY_CIPHER_MODE_AESWRAP:
if ((cipher->encrypt == dummy_encrypt_block)
|| (cipher->decrypt == dummy_decrypt_block))
err = GPG_ERR_INV_CIPHER_MODE;
@@ -882,7 +888,10 @@
memcpy ((void *) ((char *) &c->context.c + c->cipher->contextsize),
(void *) &c->context.c,
c->cipher->contextsize);
+ c->marks.key = 1;
}
+ else
+ c->marks.key = 0;
return gcry_error (ret);
}
@@ -905,7 +914,11 @@
if (ivlen > c->cipher->blocksize)
ivlen = c->cipher->blocksize;
memcpy (c->u_iv.iv, iv, ivlen);
+ c->marks.iv = 1;
}
+ else
+ c->marks.iv = 0;
+
c->unused = 0;
}
@@ -918,6 +931,7 @@
memcpy (&c->context.c,
(char *) &c->context.c + c->cipher->contextsize,
c->cipher->contextsize);
+ memset (&c->marks, 0, sizeof c->marks);
memset (c->u_iv.iv, 0, c->cipher->blocksize);
memset (c->lastiv, 0, c->cipher->blocksize);
memset (c->ctr, 0, c->cipher->blocksize);
@@ -1391,6 +1405,171 @@
}
+/* Perform the AES-Wrap algorithm as specified by RFC3394. We
+ implement this as a mode usable with any cipher algorithm of
+ blocksize 128. */
+static gcry_err_code_t
+do_aeswrap_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
+ const byte *inbuf, unsigned int inbuflen )
+{
+ int j, x;
+ unsigned int n, i;
+ unsigned char *r, *a, *b;
+ unsigned char t[8];
+
+#if MAX_BLOCKSIZE < 8
+#error Invalid block size
+#endif
+ /* We require a cipher with a 128 bit block length. */
+ if (c->cipher->blocksize != 16)
+ return GPG_ERR_INV_LENGTH;
+
+ /* The output buffer must be able to hold the input data plus one
+ additional block. */
+ if (outbuflen < inbuflen + 8)
+ return GPG_ERR_BUFFER_TOO_SHORT;
+ /* Input data must be multiple of 64 bits. */
+ if (inbuflen % 8)
+ return GPG_ERR_INV_ARG;
+
+ n = inbuflen / 8;
+
+ /* We need at least two 64 bit blocks. */
+ if (n < 2)
+ return GPG_ERR_INV_ARG;
+
+ r = outbuf;
+ a = outbuf; /* We store A directly in OUTBUF. */
+ b = c->ctr; /* B is also used to concatenate stuff. */
+
+ /* If an IV has been set we use that IV as the Alternative Initial
+ Value; if it has not been set we use the standard value. */
+ if (c->marks.iv)
+ memcpy (a, c->u_iv.iv, 8);
+ else
+ memset (a, 0xa6, 8);
+
+ /* Copy the inbuf to the outbuf. */
+ memmove (r+8, inbuf, inbuflen);
+
+ memset (t, 0, sizeof t); /* t := 0. */
+
+ for (j = 0; j <= 5; j++)
+ {
+ for (i = 1; i <= n; i++)
+ {
+ /* B := AES_k( A | R[i] ) */
+ memcpy (b, a, 8);
+ memcpy (b+8, r+i*8, 8);
+ c->cipher->encrypt (&c->context.c, b, b);
+ /* t := t + 1 */
+ for (x = 7; x >= 0; x--)
+ {
+ t[x]++;
+ if (t[x])
+ break;
+ }
+ /* A := MSB_64(B) ^ t */
+ for (x=0; x < 8; x++)
+ a[x] = b[x] ^ t[x];
+ /* R[i] := LSB_64(B) */
+ memcpy (r+i*8, b+8, 8);
+ }
+ }
+
+ return 0;
+}
+
+/* Perform the AES-Unwrap algorithm as specified by RFC3394. We
+ implement this as a mode usable with any cipher algorithm of
+ blocksize 128. */
+static gcry_err_code_t
+do_aeswrap_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
+ const byte *inbuf, unsigned int inbuflen)
+{
+ int j, x;
+ unsigned int n, i;
+ unsigned char *r, *a, *b;
+ unsigned char t[8];
+
+#if MAX_BLOCKSIZE < 8
+#error Invalid block size
+#endif
+ /* We require a cipher with a 128 bit block length. */
+ if (c->cipher->blocksize != 16)
+ return GPG_ERR_INV_LENGTH;
+
+ /* The output buffer must be able to hold the input data minus one
+ additional block. Fixme: The caller has more restrictive checks
+ - we may want to fix them for this mode. */
+ if (outbuflen + 8 < inbuflen)
+ return GPG_ERR_BUFFER_TOO_SHORT;
+ /* Input data must be multiple of 64 bits. */
+ if (inbuflen % 8)
+ return GPG_ERR_INV_ARG;
+
+ n = inbuflen / 8;
+
+ /* We need at least three 64 bit blocks. */
+ if (n < 3)
+ return GPG_ERR_INV_ARG;
+
+ r = outbuf;
+ a = c->lastiv; /* We use c->LASTIV as buffer for A. */
+ b = c->ctr; /* B is also used to concatenate stuff. */
+
+ /* Copy the inbuf to the outbuf and save A. */
+ memcpy (a, inbuf, 8);
+ memmove (r, inbuf+8, inbuflen-8);
+ n--; /* Reduce to actual number of data blocks. */
+
+ /* t := 6 * n */
+ i = n * 6; /* The range is valid because: n = inbuflen / 8 - 1. */
+ for (x=0; x < 8 && x < sizeof (i); x++)
+ t[7-x] = i >> (8*x);
+ for (; x < 8; x++)
+ t[7-x] = 0;
+
+ for (j = 5; j >= 0; j--)
+ {
+ for (i = n; i >= 1; i--)
+ {
+ /* B := AES_k^1( (A ^ t)| R[i] ) */
+ for (x = 0; x < 8; x++)
+ b[x] = a[x] ^ t[x];
+ memcpy (b+8, r+(i-1)*8, 8);
+ c->cipher->decrypt (&c->context.c, b, b);
+ /* t := t - 1 */
+ for (x = 7; x >= 0; x--)
+ {
+ t[x]--;
+ if (t[x] != 0xff)
+ break;
+ }
+ /* A := MSB_64(B) */
+ memcpy (a, b, 8);
+ /* R[i] := LSB_64(B) */
+ memcpy (r+(i-1)*8, b+8, 8);
+ }
+ }
+
+ /* If an IV has been set we compare against this Alternative Initial
+ Value; if it has not been set we compare against the standard IV. */
+ if (c->marks.iv)
+ j = memcmp (a, c->u_iv.iv, 8);
+ else
+ {
+ for (j=0, x=0; x < 8; x++)
+ if (a[x] != 0xa6)
+ {
+ j=1;
+ break;
+ }
+ }
+ return j? GPG_ERR_CHECKSUM : 0;
+}
+
+
/****************
* Encrypt INBUF to OUTBUF with the mode selected at open.
* inbuf and outbuf may overlap or be the same.
@@ -1461,8 +1640,19 @@
{
gcry_err_code_t err;
- if (!in)
+ if (h->mode == GCRY_CIPHER_MODE_AESWRAP)
{
+ /* Hack to implement AESWRAP without touching the other modes.
+ The actual function has been taken from the current
+ development version which does all error checking in each
+ mode function. */
+ if (!in)
+ err = do_aeswrap_encrypt (h, out, outsize, out, outsize);
+ else
+ err = do_aeswrap_encrypt (h, out, outsize, in, inlen);
+ }
+ else if (!in)
+ {
/* Caller requested in-place encryption. */
/* Actually cipher_encrypt() does not need to know about it, but
* we may change it in the future to get better performance. */
@@ -1556,8 +1746,19 @@
{
gcry_err_code_t err = 0;
- if (!in)
+ if (h->mode == GCRY_CIPHER_MODE_AESWRAP)
{
+ /* Hack to implement AESWRAP without touching the other modes.
+ The actual function has been taken from the current
+ development version which does all error checking in each
+ mode function. */
+ if (!in)
+ err = do_aeswrap_decrypt (h, out, outsize, out, outsize);
+ else
+ err = do_aeswrap_decrypt (h, out, outsize, in, inlen);
+ }
+ else if (!in)
+ {
/* Caller requested in-place encryption. */
/* Actually cipher_encrypt() does not need to know about it, but
* we may change it in the future to get better performance. */
Modified: branches/LIBGCRYPT-1-4-BRANCH/cipher/md.c
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/cipher/md.c 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/cipher/md.c 2010-07-13 14:25:01 UTC (rev 1437)
@@ -87,6 +87,10 @@
#if USE_TIGER
{ &_gcry_digest_spec_tiger,
&dummy_extra_spec, GCRY_MD_TIGER },
+ { &_gcry_digest_spec_tiger1,
+ &dummy_extra_spec, GCRY_MD_TIGER1 },
+ { &_gcry_digest_spec_tiger2,
+ &dummy_extra_spec, GCRY_MD_TIGER2 },
#endif
#if USE_WHIRLPOOL
{ &_gcry_digest_spec_whirlpool,
@@ -948,10 +952,13 @@
if (! algo)
{
- /* return the first algorithm */
- if (r && r->next)
- log_debug ("more than one algorithm in md_read(0)\n");
- return r->digest->read( &r->context.c );
+ /* Return the first algorithm. */
+ if (r)
+ {
+ if (r->next)
+ log_debug ("more than one algorithm in md_read(0)\n");
+ return r->digest->read( &r->context.c );
+ }
}
else
{
Modified: branches/LIBGCRYPT-1-4-BRANCH/cipher/tiger.c
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/cipher/tiger.c 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/cipher/tiger.c 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,5 +1,5 @@
/* tiger.c - The TIGER hash function
- * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 2001, 2002, 2003, 2010 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
@@ -14,10 +14,11 @@
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
+/* See http://www.cs.technion.ac.il/~biham/Reports/Tiger/ */
+
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
@@ -37,6 +38,7 @@
byte buf[64];
int count;
u32 nblocks;
+ int variant; /* 0 = old code, 1 = fixed code, 2 - TIGER2. */
} TIGER_CONTEXT;
@@ -588,7 +590,7 @@
};
static void
-tiger_init( void *context )
+do_init (void *context, int variant)
{
TIGER_CONTEXT *hd = context;
@@ -597,9 +599,28 @@
hd->c = 0xf096a5b4c3b2e187LL;
hd->nblocks = 0;
hd->count = 0;
+ hd->variant = variant;
}
static void
+tiger_init( void *context )
+{
+ do_init (context, 0);
+}
+
+static void
+tiger1_init( void *context )
+{
+ do_init (context, 1);
+}
+
+static void
+tiger2_init( void *context )
+{
+ do_init (context, 2);
+}
+
+static void
tiger_round( u64 *ra, u64 *rb, u64 *rc, u64 x, int mul )
{
u64 a = *ra;
@@ -763,6 +784,7 @@
TIGER_CONTEXT *hd = context;
u32 t, msb, lsb;
byte *p;
+ byte pad = hd->variant == 2? 0x80 : 0x01;
tiger_write(hd, NULL, 0); /* flush */;
@@ -782,13 +804,13 @@
if( hd->count < 56 ) /* enough room */
{
- hd->buf[hd->count++] = 0x01; /* pad */
+ hd->buf[hd->count++] = pad;
while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */
}
else /* need one extra block */
{
- hd->buf[hd->count++] = 0x01; /* pad character */
+ hd->buf[hd->count++] = pad;
while( hd->count < 64 )
hd->buf[hd->count++] = 0;
tiger_write(hd, NULL, 0); /* flush */;
@@ -815,10 +837,24 @@
*p++ = hd->a >> 24; *p++ = hd->a >> 16; \
*p++ = hd->a >> 8; *p++ = hd->a; } while(0)
#endif
- X(a);
- X(b);
- X(c);
+#define Y(a) do { *p++ = hd->a ; *p++ = hd->a >> 8; \
+ *p++ = hd->a >> 16; *p++ = hd->a >> 24; \
+ *p++ = hd->a >> 32; *p++ = hd->a >> 40; \
+ *p++ = hd->a >> 48; *p++ = hd->a >> 56; } while(0)
+ if (hd->variant == 0)
+ {
+ X(a);
+ X(b);
+ X(c);
+ }
+ else
+ {
+ Y(a);
+ Y(b);
+ Y(c);
+ }
#undef X
+#undef Y
}
static byte *
@@ -829,23 +865,49 @@
return hd->buf;
}
-static byte asn[19] = /* Object ID is 1.3.6.1.4.1.11591.12.2 */
+
+/* This is the old TIGER variant based on the unfixed reference
+ implementation. It was used in GnuPG up to 1.3.2. We don't provide
+ an OID anymore because that would not be correct. */
+gcry_md_spec_t _gcry_digest_spec_tiger =
+ {
+ "TIGER192", NULL, 0, NULL, 24,
+ tiger_init, tiger_write, tiger_final, tiger_read,
+ sizeof (TIGER_CONTEXT)
+ };
+
+
+�
+/* This is the fixed TIGER implementation. */
+static byte asn1[19] = /* Object ID is 1.3.6.1.4.1.11591.12.2 */
{ 0x30, 0x29, 0x30, 0x0d, 0x06, 0x09, 0x2b, 0x06,
0x01, 0x04, 0x01, 0xda, 0x47, 0x0c, 0x02,
0x05, 0x00, 0x04, 0x18 };
-static gcry_md_oid_spec_t oid_spec_tiger[] =
+static gcry_md_oid_spec_t oid_spec_tiger1[] =
{
/* GNU.digestAlgorithm TIGER */
{ "1.3.6.1.4.1.11591.12.2" },
{ NULL }
};
-gcry_md_spec_t _gcry_digest_spec_tiger =
+gcry_md_spec_t _gcry_digest_spec_tiger1 =
{
- "TIGER192", asn, DIM (asn), oid_spec_tiger, 24,
- tiger_init, tiger_write, tiger_final, tiger_read,
+ "TIGER", asn1, DIM (asn1), oid_spec_tiger1, 24,
+ tiger1_init, tiger_write, tiger_final, tiger_read,
sizeof (TIGER_CONTEXT)
};
+
+�
+/* This is TIGER2 which uses a changed padding algorithm. */
+gcry_md_spec_t _gcry_digest_spec_tiger2 =
+ {
+ "TIGER2", NULL, 0, NULL, 24,
+ tiger2_init, tiger_write, tiger_final, tiger_read,
+ sizeof (TIGER_CONTEXT)
+ };
+
+
+
#endif /* HAVE_U64_TYPEDEF */
Modified: branches/LIBGCRYPT-1-4-BRANCH/configure.ac
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/configure.ac 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/configure.ac 2010-07-13 14:25:01 UTC (rev 1437)
@@ -26,7 +26,7 @@
# Remember to change the version number immediately *after* a release.
# Set my_issvn to "yes" for non-released code. Remember to run an
# "svn up" and "autogen.sh" right before creating a distribution.
-m4_define([my_version], [1.4.5])
+m4_define([my_version], [1.4.6])
m4_define([my_issvn], [no])
m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \
@@ -38,9 +38,9 @@
# (Interfaces removed: CURRENT++, AGE=0, REVISION=0)
# (Interfaces added: CURRENT++, AGE++, REVISION=0)
# (No interfaces changed: REVISION++)
-LIBGCRYPT_LT_CURRENT=16
-LIBGCRYPT_LT_AGE=5
-LIBGCRYPT_LT_REVISION=3
+LIBGCRYPT_LT_CURRENT=17
+LIBGCRYPT_LT_AGE=7
+LIBGCRYPT_LT_REVISION=0
# If the API is changed in an incompatible way: increment the next counter.
Modified: branches/LIBGCRYPT-1-4-BRANCH/doc/announce.txt
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/doc/announce.txt 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/doc/announce.txt 2010-07-13 14:25:01 UTC (rev 1437)
@@ -5,70 +5,63 @@
Hello!
The GNU project is pleased to announce the availability of Libgcrypt
-version 1.4.3.
+version 1.4.5.
Libgcrypt is a general purpose library of cryptographic building
blocks. It is originally based on code used by GnuPG. It does not
provide any implementation of OpenPGP or other protocols. Thorough
-understanding of applied cryptography is required to use Libgcrypt.
+understanding of applied cryptography is required to use Libgcrypt.
-Noteworthy changes in version 1.4.3:
+Noteworthy changes in version 1.4.5:
- * Try to auto-initialize Libgcrypt to minimize the effect of
- applications not doing that correctly. This is not a perfect
- solution but given that many applicationion would totally fail
- without such a hack, we try to help at least with the most common
- cases. Folks, please read the manual to learn how to properly
- initialize Libgcrypt!
+ * Fixed minor memory leak in DSA key generation.
- * Auto-initialize the secure memory to 32k instead of aborting the
- process.
+ * No more switching to FIPS mode if /proc/version is not readable.
- * Log fatal errors via syslog.
+ * Fixed a sigill during Padlock detection on old CPUs.
- * Changed the name and the semantics of the fips mode config file.
+ * Fixed a hang on some W2000 machines.
- * Add convenience macro gcry_fips_mode_active.
+ * Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3;
+ SHA-256 went up by 25%.
- * More self-tests.
- * Documentation cleanups.
-
-
Source code is hosted at the GnuPG FTP server and its mirrors as
-listed at http://www.gnupg.org/download/mirrors.html . On the primary
-server the source file and its digital signatures is:
+listed at <http://www.gnupg.org/download/mirrors.html>. On the
+primary server the source file and its digital signature is:
- ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.3.tar.bz2 (1062k)
- ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.3.tar.bz2.sig
+ ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.bz2 (1121k)
+ ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.bz2.sig
This file is bzip2 compressed. A gzip compressed version is also
available:
- ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.3.tar.gz (1325k)
- ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.3.tar.gz.sig
+ ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.gz (1386k)
+ ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.gz.sig
-Alternativley you may upgrade version 1.4.2 using this patch file:
+Alternativley you may upgrade version 1.4.4 using this patch file:
- ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.2-1.4.3.diff.bz2 (42k)
+ ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.4-1.4.5.diff.bz2 (93k)
The SHA-1 checksums are:
-bdc67c1fdcec464a94dca691615f2335a12db5ce libgcrypt-1.4.3.tar.bz2
-3d9d583501ce951596fa7dd3667afd357ac7d056 libgcrypt-1.4.3.tar.gz
-e28b74c5824364e20ae7f147f1b89925f5426669 libgcrypt-1.4.2-1.4.3.diff.bz2
+ef7ecbd3a03a7978094366bcd1257b3654608d28 libgcrypt-1.4.5.tar.bz2
+8d83a60ca55f2ea40b5d5bc99463905b7a1dcb56 libgcrypt-1.4.5.tar.gz
+5307e361da5232cd771c300adddc69e57f0e366d libgcrypt-1.4.4-1.4.5.diff.bz2
For help on developing with Libgcrypt you should read the included
-manual and optional ask on the gcrypt-devel mailing list [1].
+manual and optional ask on the gcrypt-devel mailing list [1]. Note
+that this version is from the stable branch; the current development
+version is available at <svn://cvs.gnupg.org/libgcrypt/trunk> .
Improving Libgcrypt is costly, but you can help! We are looking for
organizations that find Libgcrypt useful and wish to contribute back.
You can contribute by reporting bugs, improve the software [2], order
extensions or support or more general by donating money to the Free
-Software movement [3].
+Software movement (e.g. <http://www.fsfe.org/donate/>).
-Commercial support contracts for Libgcrypt are available [4], and they
+Commercial support contracts for Libgcrypt are available [3], and they
help finance continued maintenance. g10 Code GmbH, a Duesseldorf
based company, is currently funding Libgcrypt development. We are
always looking for interesting development projects.
@@ -83,9 +76,6 @@
-
-[1] See http://www.gnupg.org/documentation/mailing-lists.html .
+[1] See <http://www.gnupg.org/documentation/mailing-lists.html>.
[2] Note that copyright assignments to the FSF are required.
-[3] For example see http://donate.fsf.org .
-[4] See the service directory at http://www.gnupg.org/service.html .
-
+[3] See the service directory at <http://www.gnupg.org/service.html>.
Modified: branches/LIBGCRYPT-1-4-BRANCH/src/cipher.h
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/src/cipher.h 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/src/cipher.h 2010-07-13 14:25:01 UTC (rev 1437)
@@ -114,6 +114,8 @@
extern gcry_md_spec_t _gcry_digest_spec_sha512;
extern gcry_md_spec_t _gcry_digest_spec_sha384;
extern gcry_md_spec_t _gcry_digest_spec_tiger;
+extern gcry_md_spec_t _gcry_digest_spec_tiger1;
+extern gcry_md_spec_t _gcry_digest_spec_tiger2;
extern gcry_md_spec_t _gcry_digest_spec_whirlpool;
extern md_extra_spec_t _gcry_digest_extraspec_sha1;
Modified: branches/LIBGCRYPT-1-4-BRANCH/src/gcrypt.h.in
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/src/gcrypt.h.in 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/src/gcrypt.h.in 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1,6 +1,6 @@
/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
- 2007, 2008, 2009 Free Software Foundation, Inc.
+ 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
This file is part of Libgcrypt.
@@ -33,13 +33,18 @@
#if defined _WIN32 || defined __WIN32__
# include <winsock2.h>
# include <ws2tcpip.h>
+# include <time.h>
+# ifndef __GNUC__
+ typedef long ssize_t;
+ typedef int pid_t;
+# endif /*!__GNUC__*/
#else
# include <sys/socket.h>
+# include <sys/time.h>
#endif /*!_WIN32*/
@FALLBACK_SOCKLEN_T@
-#include <sys/time.h>
/* This is required for error code compatibility. */
#define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
@@ -849,7 +854,8 @@
GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
- GCRY_CIPHER_MODE_CTR = 6 /* Counter. */
+ GCRY_CIPHER_MODE_CTR = 6, /* Counter. */
+ GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */
};
/* Flags used with the open function. */
@@ -909,7 +915,7 @@
void *out, size_t outsize,
const void *in, size_t inlen);
-/* Set KEY of length KEYLEN for the cipher handle HD. */
+/* Set KEY of length KEYLEN bytes for the cipher handle HD. */
gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
const void *key, size_t keylen);
@@ -935,10 +941,10 @@
gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
const void *ctr, size_t ctrlen);
-/* Retrieved the key length used with algorithm A. */
+/* Retrieved the key length in bytes used with algorithm A. */
size_t gcry_cipher_get_algo_keylen (int algo);
-/* Retrieve the block length used with algorithm A. */
+/* Retrieve the block length in bytes used with algorithm A. */
size_t gcry_cipher_get_algo_blklen (int algo);
/* Return 0 if the algorithm A is available for use. */
@@ -1059,7 +1065,7 @@
GCRY_MD_SHA1 = 2,
GCRY_MD_RMD160 = 3,
GCRY_MD_MD2 = 5,
- GCRY_MD_TIGER = 6, /* TIGER/192. */
+ GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */
GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
GCRY_MD_SHA256 = 8,
GCRY_MD_SHA384 = 9,
@@ -1069,7 +1075,9 @@
GCRY_MD_CRC32 = 302,
GCRY_MD_CRC32_RFC1510 = 303,
GCRY_MD_CRC24_RFC2440 = 304,
- GCRY_MD_WHIRLPOOL = 305
+ GCRY_MD_WHIRLPOOL = 305,
+ GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */
+ GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */
};
/* Flags used with the open function. */
@@ -1174,7 +1182,7 @@
int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
/* For use with the HMAC feature, the set MAC key to the KEY of
- KEYLEN. */
+ KEYLEN bytes. */
gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
/* Start or stop debugging for digest handle HD; i.e. create a file
Modified: branches/LIBGCRYPT-1-4-BRANCH/tests/Makefile.am
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/tests/Makefile.am 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/tests/Makefile.am 2010-07-13 14:25:01 UTC (rev 1437)
@@ -19,7 +19,7 @@
## Process this file with automake to produce Makefile.in
TESTS = version t-mpi-bit prime register ac ac-schemes ac-data basic \
- mpitests tsexp keygen pubkey hmac keygrip fips186-dsa
+ mpitests tsexp keygen pubkey hmac keygrip fips186-dsa aeswrap
# random.c uses fork() thus a test for W32 does not make any sense.
Added: branches/LIBGCRYPT-1-4-BRANCH/tests/aeswrap.c
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/tests/aeswrap.c (rev 0)
+++ branches/LIBGCRYPT-1-4-BRANCH/tests/aeswrap.c 2010-07-13 14:25:01 UTC (rev 1437)
@@ -0,0 +1,259 @@
+/* aeswrap.c - AESWRAP mode regression tests
+ * Copyright (C) 2009 Free Software Foundation, Inc.
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+
+#include "../src/gcrypt.h"
+
+static int verbose;
+static int error_count;
+
+static void
+fail (const char *format, ...)
+{
+ va_list arg_ptr;
+
+ va_start (arg_ptr, format);
+ vfprintf (stderr, format, arg_ptr);
+ va_end (arg_ptr);
+ error_count++;
+}
+
+static void
+die (const char *format, ...)
+{
+ va_list arg_ptr;
+
+ va_start (arg_ptr, format);
+ vfprintf (stderr, format, arg_ptr);
+ va_end (arg_ptr);
+ exit (1);
+}
+
+
+
+static void
+check (int algo,
+ const void *kek, size_t keklen,
+ const void *data, size_t datalen,
+ const void *expected, size_t expectedlen)
+{
+ gcry_error_t err;
+ gcry_cipher_hd_t hd;
+ unsigned char outbuf[32+8];
+ size_t outbuflen;
+
+ err = gcry_cipher_open (&hd, algo, GCRY_CIPHER_MODE_AESWRAP, 0);
+ if (err)
+ {
+ fail ("gcry_cipher_open failed: %s\n", gpg_strerror (err));
+ return;
+ }
+
+ err = gcry_cipher_setkey (hd, kek, keklen);
+ if (err)
+ {
+ fail ("gcry_cipher_setkey failed: %s\n", gpg_strerror (err));
+ return;
+ }
+
+ outbuflen = datalen + 8;
+ if (outbuflen > sizeof outbuf)
+ err = gpg_error (GPG_ERR_INTERNAL);
+ else
+ err = gcry_cipher_encrypt (hd, outbuf, outbuflen, data, datalen);
+ if (err)
+ {
+ fail ("gcry_cipher_encrypt failed: %s\n", gpg_strerror (err));
+ return;
+ }
+
+ if (outbuflen != expectedlen || memcmp (outbuf, expected, expectedlen))
+ {
+ const unsigned char *s;
+ int i;
+
+ fail ("mismatch at encryption!\n");
+ fprintf (stderr, "computed: ");
+ for (i = 0; i < outbuflen; i++)
+ fprintf (stderr, "%02x ", outbuf[i]);
+ fprintf (stderr, "\nexpected: ");
+ for (s = expected, i = 0; i < expectedlen; s++, i++)
+ fprintf (stderr, "%02x ", *s);
+ putc ('\n', stderr);
+ }
+
+
+ outbuflen = expectedlen - 8;
+ if (outbuflen > sizeof outbuf)
+ err = gpg_error (GPG_ERR_INTERNAL);
+ else
+ err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen);
+ if (err)
+ {
+ fail ("gcry_cipher_decrypt failed: %s\n", gpg_strerror (err));
+ return;
+ }
+
+ if (outbuflen != datalen || memcmp (outbuf, data, datalen))
+ {
+ const unsigned char *s;
+ int i;
+
+ fail ("mismatch at decryption!\n");
+ fprintf (stderr, "computed: ");
+ for (i = 0; i < outbuflen; i++)
+ fprintf (stderr, "%02x ", outbuf[i]);
+ fprintf (stderr, "\nexpected: ");
+ for (s = data, i = 0; i < datalen; s++, i++)
+ fprintf (stderr, "%02x ", *s);
+ putc ('\n', stderr);
+ }
+
+ /* Now the last step again with a key reset. */
+ gcry_cipher_reset (hd);
+
+ outbuflen = expectedlen - 8;
+ if (outbuflen > sizeof outbuf)
+ err = gpg_error (GPG_ERR_INTERNAL);
+ else
+ err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen);
+ if (err)
+ {
+ fail ("gcry_cipher_decrypt(2) failed: %s\n", gpg_strerror (err));
+ return;
+ }
+
+ if (outbuflen != datalen || memcmp (outbuf, data, datalen))
+ fail ("mismatch at decryption(2)!\n");
+
+ /* And once ore without a key reset. */
+ outbuflen = expectedlen - 8;
+ if (outbuflen > sizeof outbuf)
+ err = gpg_error (GPG_ERR_INTERNAL);
+ else
+ err = gcry_cipher_decrypt (hd, outbuf, outbuflen, expected, expectedlen);
+ if (err)
+ {
+ fail ("gcry_cipher_decrypt(3) failed: %s\n", gpg_strerror (err));
+ return;
+ }
+
+ if (outbuflen != datalen || memcmp (outbuf, data, datalen))
+ fail ("mismatch at decryption(3)!\n");
+
+ gcry_cipher_close (hd);
+}
+
+
+static void
+check_all (void)
+{
+ if (verbose)
+ fprintf (stderr, "4.1 Wrap 128 bits of Key Data with a 128-bit KEK\n");
+ check
+ (GCRY_CIPHER_AES128,
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", 16,
+ "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16,
+ "\x1F\xA6\x8B\x0A\x81\x12\xB4\x47\xAE\xF3\x4B\xD8\xFB\x5A\x7B\x82"
+ "\x9D\x3E\x86\x23\x71\xD2\xCF\xE5", 24);
+
+ if (verbose)
+ fprintf (stderr, "4.2 Wrap 128 bits of Key Data with a 192-bit KEK\n");
+ check
+ (GCRY_CIPHER_AES192,
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"
+ "\x10\x11\x12\x13\x14\x15\x16\x17", 24,
+ "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16,
+ "\x96\x77\x8B\x25\xAE\x6C\xA4\x35\xF9\x2B\x5B\x97\xC0\x50\xAE\xD2"
+ "\x46\x8A\xB8\xA1\x7A\xD8\x4E\x5D", 24);
+
+ if (verbose)
+ fprintf (stderr, "4.3 Wrap 128 bits of Key Data with a 256-bit KEK\n");
+ check
+ (GCRY_CIPHER_AES256,
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"
+ "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32,
+ "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF", 16,
+ "\x64\xE8\xC3\xF9\xCE\x0F\x5B\xA2\x63\xE9\x77\x79\x05\x81\x8A\x2A"
+ "\x93\xC8\x19\x1E\x7D\x6E\x8A\xE7", 24);
+
+ if (verbose)
+ fprintf (stderr, "4.4 Wrap 192 bits of Key Data with a 192-bit KEK\n");
+ check
+ (GCRY_CIPHER_AES192,
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"
+ "\x10\x11\x12\x13\x14\x15\x16\x17", 24,
+ "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"
+ "\x00\x01\x02\x03\x04\x05\x06\x07", 24,
+ "\x03\x1D\x33\x26\x4E\x15\xD3\x32\x68\xF2\x4E\xC2\x60\x74\x3E\xDC"
+ "\xE1\xC6\xC7\xDD\xEE\x72\x5A\x93\x6B\xA8\x14\x91\x5C\x67\x62\xD2", 32);
+
+ if (verbose)
+ fprintf (stderr, "4.5 Wrap 192 bits of Key Data with a 256-bit KEK\n");
+ check
+ (GCRY_CIPHER_AES256,
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"
+ "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32,
+ "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"
+ "\x00\x01\x02\x03\x04\x05\x06\x07", 24,
+ "\xA8\xF9\xBC\x16\x12\xC6\x8B\x3F\xF6\xE6\xF4\xFB\xE3\x0E\x71\xE4"
+ "\x76\x9C\x8B\x80\xA3\x2C\xB8\x95\x8C\xD5\xD1\x7D\x6B\x25\x4D\xA1", 32);
+
+ if (verbose)
+ fprintf (stderr, "4.6 Wrap 256 bits of Key Data with a 256-bit KEK\n");
+ check
+ (GCRY_CIPHER_AES,
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"
+ "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", 32,
+ "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"
+ "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", 32,
+ "\x28\xC9\xF4\x04\xC4\xB8\x10\xF4\xCB\xCC\xB3\x5C\xFB\x87\xF8\x26"
+ "\x3F\x57\x86\xE2\xD8\x0E\xD3\x26\xCB\xC7\xF0\xE7\x1A\x99\xF4\x3B"
+ "\xFB\x98\x8B\x9B\x7A\x02\xDD\x21", 40);
+}
+
+int
+main (int argc, char **argv)
+{
+ int debug = 0;
+
+ if (argc > 1 && !strcmp (argv[1], "--verbose"))
+ verbose = 1;
+ else if (argc > 1 && !strcmp (argv[1], "--debug"))
+ verbose = debug = 1;
+
+ if (!gcry_check_version (GCRYPT_VERSION))
+ die ("version mismatch\n");
+
+ gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
+ gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
+ if (debug)
+ gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
+ check_all ();
+
+ return error_count ? 1 : 0;
+}
Modified: branches/LIBGCRYPT-1-4-BRANCH/tests/basic.c
===================================================================
--- branches/LIBGCRYPT-1-4-BRANCH/tests/basic.c 2010-07-09 08:21:44 UTC (rev 1436)
+++ branches/LIBGCRYPT-1-4-BRANCH/tests/basic.c 2010-07-13 14:25:01 UTC (rev 1437)
@@ -1280,6 +1280,74 @@
"TUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-",
"\x00\xB8\x3E\xB4\xE5\x34\x40\xC5\x76\xAC\x6A\xAE"
"\xE0\xA7\x48\x58\x25\xFD\x15\xE7\x0A\x59\xFF\xE4" },
+
+ { GCRY_MD_TIGER1, "",
+ "\x32\x93\xAC\x63\x0C\x13\xF0\x24\x5F\x92\xBB\xB1"
+ "\x76\x6E\x16\x16\x7A\x4E\x58\x49\x2D\xDE\x73\xF3" },
+ { GCRY_MD_TIGER1, "a",
+ "\x77\xBE\xFB\xEF\x2E\x7E\xF8\xAB\x2E\xC8\xF9\x3B"
+ "\xF5\x87\xA7\xFC\x61\x3E\x24\x7F\x5F\x24\x78\x09" },
+ { GCRY_MD_TIGER1, "abc",
+ "\x2A\xAB\x14\x84\xE8\xC1\x58\xF2\xBF\xB8\xC5\xFF"
+ "\x41\xB5\x7A\x52\x51\x29\x13\x1C\x95\x7B\x5F\x93" },
+ { GCRY_MD_TIGER1, "message digest",
+ "\xD9\x81\xF8\xCB\x78\x20\x1A\x95\x0D\xCF\x30\x48"
+ "\x75\x1E\x44\x1C\x51\x7F\xCA\x1A\xA5\x5A\x29\xF6" },
+ { GCRY_MD_TIGER1, "abcdefghijklmnopqrstuvwxyz",
+ "\x17\x14\xA4\x72\xEE\xE5\x7D\x30\x04\x04\x12\xBF"
+ "\xCC\x55\x03\x2A\x0B\x11\x60\x2F\xF3\x7B\xEE\xE9" },
+ { GCRY_MD_TIGER1,
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ "\x0F\x7B\xF9\xA1\x9B\x9C\x58\xF2\xB7\x61\x0D\xF7"
+ "\xE8\x4F\x0A\xC3\xA7\x1C\x63\x1E\x7B\x53\xF7\x8E" },
+ { GCRY_MD_TIGER1,
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz" "0123456789",
+ "\x8D\xCE\xA6\x80\xA1\x75\x83\xEE\x50\x2B\xA3\x8A"
+ "\x3C\x36\x86\x51\x89\x0F\xFB\xCC\xDC\x49\xA8\xCC" },
+ { GCRY_MD_TIGER1,
+ "1234567890" "1234567890" "1234567890" "1234567890"
+ "1234567890" "1234567890" "1234567890" "1234567890",
+ "\x1C\x14\x79\x55\x29\xFD\x9F\x20\x7A\x95\x8F\x84"
+ "\xC5\x2F\x11\xE8\x87\xFA\x0C\xAB\xDF\xD9\x1B\xFD" },
+ { GCRY_MD_TIGER1, "!",
+ "\x6D\xB0\xE2\x72\x9C\xBE\xAD\x93\xD7\x15\xC6\xA7"
+ "\xD3\x63\x02\xE9\xB3\xCE\xE0\xD2\xBC\x31\x4B\x41" },
+
+ { GCRY_MD_TIGER2, "",
+ "\x44\x41\xBE\x75\xF6\x01\x87\x73\xC2\x06\xC2\x27"
+ "\x45\x37\x4B\x92\x4A\xA8\x31\x3F\xEF\x91\x9F\x41" },
+ { GCRY_MD_TIGER2, "a",
+ "\x67\xE6\xAE\x8E\x9E\x96\x89\x99\xF7\x0A\x23\xE7"
+ "\x2A\xEA\xA9\x25\x1C\xBC\x7C\x78\xA7\x91\x66\x36" },
+ { GCRY_MD_TIGER2, "abc",
+ "\xF6\x8D\x7B\xC5\xAF\x4B\x43\xA0\x6E\x04\x8D\x78"
+ "\x29\x56\x0D\x4A\x94\x15\x65\x8B\xB0\xB1\xF3\xBF" },
+ { GCRY_MD_TIGER2, "message digest",
+ "\xE2\x94\x19\xA1\xB5\xFA\x25\x9D\xE8\x00\x5E\x7D"
+ "\xE7\x50\x78\xEA\x81\xA5\x42\xEF\x25\x52\x46\x2D" },
+ { GCRY_MD_TIGER2, "abcdefghijklmnopqrstuvwxyz",
+ "\xF5\xB6\xB6\xA7\x8C\x40\x5C\x85\x47\xE9\x1C\xD8"
+ "\x62\x4C\xB8\xBE\x83\xFC\x80\x4A\x47\x44\x88\xFD" },
+ { GCRY_MD_TIGER2,
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ "\xA6\x73\x7F\x39\x97\xE8\xFB\xB6\x3D\x20\xD2\xDF"
+ "\x88\xF8\x63\x76\xB5\xFE\x2D\x5C\xE3\x66\x46\xA9" },
+ { GCRY_MD_TIGER2,
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz" "0123456789",
+ "\xEA\x9A\xB6\x22\x8C\xEE\x7B\x51\xB7\x75\x44\xFC"
+ "\xA6\x06\x6C\x8C\xBB\x5B\xBA\xE6\x31\x95\x05\xCD" },
+ { GCRY_MD_TIGER2,
+ "1234567890" "1234567890" "1234567890" "1234567890"
+ "1234567890" "1234567890" "1234567890" "1234567890",
+ "\xD8\x52\x78\x11\x53\x29\xEB\xAA\x0E\xEC\x85\xEC"
+ "\xDC\x53\x96\xFD\xA8\xAA\x3A\x58\x20\x94\x2F\xFF" },
+ { GCRY_MD_TIGER2, "!",
+ "\xE0\x68\x28\x1F\x06\x0F\x55\x16\x28\xCC\x57\x15"
+ "\xB9\xD0\x22\x67\x96\x91\x4D\x45\xF7\x71\x7C\xF4" },
+
+
{ GCRY_MD_WHIRLPOOL, "",
"\x19\xFA\x61\xD7\x55\x22\xA4\x66\x9B\x44\xE3\x9C\x1D\x2E\x17\x26"
"\xC5\x30\x23\x21\x30\xD4\x07\xF8\x9A\xFE\xE0\x96\x49\x97\xF7\xA7"
More information about the Gnupg-commits
mailing list