From 36e529420efa055ec57e6b07ebfc4f24f97fc00e Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Fri, 18 Oct 2019 13:01:13 +0200 Subject: [PATCH 1/4] put PRNG descriptor into state --- helper.pl | 1 - src/headers/tomcrypt_prng.h | 66 +++++++++------------- src/misc/crypt/crypt_find_prng.c | 29 ---------- src/misc/crypt/crypt_prng_descriptor.c | 14 ----- src/misc/crypt/crypt_prng_is_valid.c | 24 -------- src/misc/crypt/crypt_prng_rng_descriptor.c | 7 --- src/misc/crypt/crypt_register_all_prngs.c | 38 ------------- src/misc/crypt/crypt_register_prng.c | 42 -------------- src/misc/crypt/crypt_unregister_prng.c | 32 ----------- src/prngs/chacha20.c | 3 +- src/prngs/fortuna.c | 4 +- src/prngs/rc4.c | 3 +- src/prngs/rng_make_prng.c | 17 ++---- src/prngs/sober128.c | 3 +- src/prngs/sprng.c | 5 +- src/prngs/yarrow.c | 4 +- 16 files changed, 49 insertions(+), 243 deletions(-) delete mode 100644 src/misc/crypt/crypt_find_prng.c delete mode 100644 src/misc/crypt/crypt_prng_descriptor.c delete mode 100644 src/misc/crypt/crypt_prng_is_valid.c delete mode 100644 src/misc/crypt/crypt_prng_rng_descriptor.c delete mode 100644 src/misc/crypt/crypt_register_all_prngs.c delete mode 100644 src/misc/crypt/crypt_register_prng.c delete mode 100644 src/misc/crypt/crypt_unregister_prng.c diff --git a/helper.pl b/helper.pl index 7dbfe1043..bdec45ec2 100755 --- a/helper.pl +++ b/helper.pl @@ -133,7 +133,6 @@ sub check_descriptors { my $fails = 0; $fails = $fails + check_descriptor("ciphers", "cipher"); $fails = $fails + check_descriptor("hashes", "hash"); - $fails = $fails + check_descriptor("prngs", "prng"); return $fails; } diff --git a/src/headers/tomcrypt_prng.h b/src/headers/tomcrypt_prng.h index b8fa5854a..0c23f15de 100644 --- a/src/headers/tomcrypt_prng.h +++ b/src/headers/tomcrypt_prng.h @@ -48,31 +48,10 @@ struct sober128_prng { }; #endif -typedef struct { - union { - char dummy[1]; -#ifdef LTC_YARROW - struct yarrow_prng yarrow; -#endif -#ifdef LTC_RC4 - struct rc4_prng rc4; -#endif -#ifdef LTC_CHACHA20_PRNG - struct chacha20_prng chacha; -#endif -#ifdef LTC_FORTUNA - struct fortuna_prng fortuna; -#endif -#ifdef LTC_SOBER128 - struct sober128_prng sober128; -#endif - } u; - short ready; /* ready flag 0-1 */ - LTC_MUTEX_TYPE(lock) /* lock */ -} prng_state; +typedef struct ltc_prng_state prng_state; /** PRNG descriptor */ -extern struct ltc_prng_descriptor { +struct ltc_prng_descriptor { /** Name of the PRNG */ const char *name; /** size in bytes of exported state */ @@ -124,7 +103,31 @@ extern struct ltc_prng_descriptor { @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled */ int (*test)(void); -} prng_descriptor[]; +}; + +struct ltc_prng_state { + union { + char dummy[1]; +#ifdef LTC_YARROW + struct yarrow_prng yarrow; +#endif +#ifdef LTC_RC4 + struct rc4_prng rc4; +#endif +#ifdef LTC_CHACHA20_PRNG + struct chacha20_prng chacha; +#endif +#ifdef LTC_FORTUNA + struct fortuna_prng fortuna; +#endif +#ifdef LTC_SOBER128 + struct sober128_prng sober128; +#endif + } u; + short ready; /* ready flag 0-1 */ + struct ltc_prng_descriptor desc; + LTC_MUTEX_TYPE(lock) /* lock */ +}; #ifdef LTC_YARROW int yarrow_start(prng_state *prng); @@ -135,7 +138,6 @@ int yarrow_done(prng_state *prng); int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng); int yarrow_import(const unsigned char *in, unsigned long inlen, prng_state *prng); int yarrow_test(void); -extern const struct ltc_prng_descriptor yarrow_desc; #endif #ifdef LTC_FORTUNA @@ -149,7 +151,6 @@ int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng); int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng); int fortuna_update_seed(const unsigned char *in, unsigned long inlen, prng_state *prng); int fortuna_test(void); -extern const struct ltc_prng_descriptor fortuna_desc; #endif #ifdef LTC_RC4 @@ -161,7 +162,6 @@ int rc4_done(prng_state *prng); int rc4_export(unsigned char *out, unsigned long *outlen, prng_state *prng); int rc4_import(const unsigned char *in, unsigned long inlen, prng_state *prng); int rc4_test(void); -extern const struct ltc_prng_descriptor rc4_desc; #endif #ifdef LTC_CHACHA20_PRNG @@ -173,7 +173,6 @@ int chacha20_prng_done(prng_state *prng); int chacha20_prng_export(unsigned char *out, unsigned long *outlen, prng_state *prng); int chacha20_prng_import(const unsigned char *in, unsigned long inlen, prng_state *prng); int chacha20_prng_test(void); -extern const struct ltc_prng_descriptor chacha20_prng_desc; #endif #ifdef LTC_SPRNG @@ -185,7 +184,6 @@ int sprng_done(prng_state *prng); int sprng_export(unsigned char *out, unsigned long *outlen, prng_state *prng); int sprng_import(const unsigned char *in, unsigned long inlen, prng_state *prng); int sprng_test(void); -extern const struct ltc_prng_descriptor sprng_desc; #endif #ifdef LTC_SOBER128 @@ -197,16 +195,8 @@ int sober128_done(prng_state *prng); int sober128_export(unsigned char *out, unsigned long *outlen, prng_state *prng); int sober128_import(const unsigned char *in, unsigned long inlen, prng_state *prng); int sober128_test(void); -extern const struct ltc_prng_descriptor sober128_desc; #endif -int find_prng(const char *name); -int register_prng(const struct ltc_prng_descriptor *prng); -int unregister_prng(const struct ltc_prng_descriptor *prng); -int register_all_prngs(void); -int prng_is_valid(int idx); -LTC_MUTEX_PROTO(ltc_prng_mutex) - /* Slow RNG you **might** be able to use to seed a PRNG with. Be careful as this * might not work on all platforms as planned */ @@ -214,7 +204,7 @@ unsigned long rng_get_bytes(unsigned char *out, unsigned long outlen, void (*callback)(void)); -int rng_make_prng(int bits, int wprng, prng_state *prng, void (*callback)(void)); +int rng_make_prng(int bits, prng_state *prng, void (*callback)(void)); #ifdef LTC_PRNG_ENABLE_LTC_RNG extern unsigned long (*ltc_rng)(unsigned char *out, unsigned long outlen, diff --git a/src/misc/crypt/crypt_find_prng.c b/src/misc/crypt/crypt_find_prng.c deleted file mode 100644 index 7297982b1..000000000 --- a/src/misc/crypt/crypt_find_prng.c +++ /dev/null @@ -1,29 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis */ -/* SPDX-License-Identifier: Unlicense */ -#include "tomcrypt_private.h" - -/** - @file crypt_find_prng.c - Find a PRNG, Tom St Denis -*/ - -/** - Find a registered PRNG by name - @param name The name of the PRNG to look for - @return >= 0 if found, -1 if not present -*/ -int find_prng(const char *name) -{ - int x; - LTC_ARGCHK(name != NULL); - LTC_MUTEX_LOCK(<c_prng_mutex); - for (x = 0; x < TAB_SIZE; x++) { - if ((prng_descriptor[x].name != NULL) && XSTRCMP(prng_descriptor[x].name, name) == 0) { - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return x; - } - } - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return -1; -} - diff --git a/src/misc/crypt/crypt_prng_descriptor.c b/src/misc/crypt/crypt_prng_descriptor.c deleted file mode 100644 index 94c26b8da..000000000 --- a/src/misc/crypt/crypt_prng_descriptor.c +++ /dev/null @@ -1,14 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis */ -/* SPDX-License-Identifier: Unlicense */ -#include "tomcrypt_private.h" - -/** - @file crypt_prng_descriptor.c - Stores the PRNG descriptors, Tom St Denis -*/ -struct ltc_prng_descriptor prng_descriptor[TAB_SIZE] = { -{ NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL } -}; - -LTC_MUTEX_GLOBAL(ltc_prng_mutex) - diff --git a/src/misc/crypt/crypt_prng_is_valid.c b/src/misc/crypt/crypt_prng_is_valid.c deleted file mode 100644 index f1ba67b19..000000000 --- a/src/misc/crypt/crypt_prng_is_valid.c +++ /dev/null @@ -1,24 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis */ -/* SPDX-License-Identifier: Unlicense */ -#include "tomcrypt_private.h" - -/** - @file crypt_prng_is_valid.c - Determine if PRNG is valid, Tom St Denis -*/ - -/* - Test if a PRNG index is valid - @param idx The index of the PRNG to search for - @return CRYPT_OK if valid -*/ -int prng_is_valid(int idx) -{ - LTC_MUTEX_LOCK(<c_prng_mutex); - if (idx < 0 || idx >= TAB_SIZE || prng_descriptor[idx].name == NULL) { - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return CRYPT_INVALID_PRNG; - } - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return CRYPT_OK; -} diff --git a/src/misc/crypt/crypt_prng_rng_descriptor.c b/src/misc/crypt/crypt_prng_rng_descriptor.c deleted file mode 100644 index 49a456fb3..000000000 --- a/src/misc/crypt/crypt_prng_rng_descriptor.c +++ /dev/null @@ -1,7 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis */ -/* SPDX-License-Identifier: Unlicense */ -#include "tomcrypt_private.h" - -#ifdef LTC_PRNG_ENABLE_LTC_RNG -unsigned long (*ltc_rng)(unsigned char *out, unsigned long outlen, void (*callback)(void)); -#endif diff --git a/src/misc/crypt/crypt_register_all_prngs.c b/src/misc/crypt/crypt_register_all_prngs.c deleted file mode 100644 index 4a2e2ef59..000000000 --- a/src/misc/crypt/crypt_register_all_prngs.c +++ /dev/null @@ -1,38 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis */ -/* SPDX-License-Identifier: Unlicense */ - -#include "tomcrypt_private.h" - -/** - @file crypt_register_all_prngs.c - - Steffen Jaeckel -*/ - -#define REGISTER_PRNG(h) do {\ - LTC_ARGCHK(register_prng(h) != -1); \ -} while(0) - -int register_all_prngs(void) -{ -#ifdef LTC_YARROW - REGISTER_PRNG(&yarrow_desc); -#endif -#ifdef LTC_FORTUNA - REGISTER_PRNG(&fortuna_desc); -#endif -#ifdef LTC_RC4 - REGISTER_PRNG(&rc4_desc); -#endif -#ifdef LTC_CHACHA20_PRNG - REGISTER_PRNG(&chacha20_prng_desc); -#endif -#ifdef LTC_SOBER128 - REGISTER_PRNG(&sober128_desc); -#endif -#ifdef LTC_SPRNG - REGISTER_PRNG(&sprng_desc); -#endif - - return CRYPT_OK; -} diff --git a/src/misc/crypt/crypt_register_prng.c b/src/misc/crypt/crypt_register_prng.c deleted file mode 100644 index 08e056b53..000000000 --- a/src/misc/crypt/crypt_register_prng.c +++ /dev/null @@ -1,42 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis */ -/* SPDX-License-Identifier: Unlicense */ -#include "tomcrypt_private.h" - -/** - @file crypt_register_prng.c - Register a PRNG, Tom St Denis -*/ - -/** - Register a PRNG with the descriptor table - @param prng The PRNG you wish to register - @return value >= 0 if successfully added (or already present), -1 if unsuccessful -*/ -int register_prng(const struct ltc_prng_descriptor *prng) -{ - int x; - - LTC_ARGCHK(prng != NULL); - - /* is it already registered? */ - LTC_MUTEX_LOCK(<c_prng_mutex); - for (x = 0; x < TAB_SIZE; x++) { - if (XMEMCMP(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) == 0) { - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return x; - } - } - - /* find a blank spot */ - for (x = 0; x < TAB_SIZE; x++) { - if (prng_descriptor[x].name == NULL) { - XMEMCPY(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)); - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return x; - } - } - - /* no spot */ - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return -1; -} diff --git a/src/misc/crypt/crypt_unregister_prng.c b/src/misc/crypt/crypt_unregister_prng.c deleted file mode 100644 index 1aa11e006..000000000 --- a/src/misc/crypt/crypt_unregister_prng.c +++ /dev/null @@ -1,32 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis */ -/* SPDX-License-Identifier: Unlicense */ -#include "tomcrypt_private.h" - -/** - @file crypt_unregister_prng.c - Unregister a PRNG, Tom St Denis -*/ - -/** - Unregister a PRNG from the descriptor table - @param prng The PRNG descriptor to remove - @return CRYPT_OK on success -*/ -int unregister_prng(const struct ltc_prng_descriptor *prng) -{ - int x; - - LTC_ARGCHK(prng != NULL); - - /* is it already registered? */ - LTC_MUTEX_LOCK(<c_prng_mutex); - for (x = 0; x < TAB_SIZE; x++) { - if (XMEMCMP(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) == 0) { - prng_descriptor[x].name = NULL; - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return CRYPT_OK; - } - } - LTC_MUTEX_UNLOCK(<c_prng_mutex); - return CRYPT_ERROR; -} diff --git a/src/prngs/chacha20.c b/src/prngs/chacha20.c index d9bd7b075..2fffc7e96 100644 --- a/src/prngs/chacha20.c +++ b/src/prngs/chacha20.c @@ -9,7 +9,7 @@ #ifdef LTC_CHACHA20_PRNG -const struct ltc_prng_descriptor chacha20_prng_desc = +static const struct ltc_prng_descriptor chacha20_prng_desc = { "chacha20", 40, @@ -34,6 +34,7 @@ int chacha20_prng_start(prng_state *prng) prng->ready = 0; XMEMSET(&prng->u.chacha.ent, 0, sizeof(prng->u.chacha.ent)); prng->u.chacha.idx = 0; + prng->desc = chacha20_prng_desc; LTC_MUTEX_INIT(&prng->lock) return CRYPT_OK; } diff --git a/src/prngs/fortuna.c b/src/prngs/fortuna.c index 9c92595e9..8717e91da 100644 --- a/src/prngs/fortuna.c +++ b/src/prngs/fortuna.c @@ -51,7 +51,7 @@ we reseed automatically when len(pool0) >= 64 or every LTC_FORTUNA_WD calls to t #define AES_TEST aes_test #endif -const struct ltc_prng_descriptor fortuna_desc = { +static const struct ltc_prng_descriptor fortuna_desc = { "fortuna", 64, &fortuna_start, @@ -256,6 +256,8 @@ int fortuna_start(prng_state *prng) } zeromem(prng->u.fortuna.IV, 16); + prng->desc = fortuna_desc; + LTC_MUTEX_INIT(&prng->lock) return CRYPT_OK; diff --git a/src/prngs/rc4.c b/src/prngs/rc4.c index edcd73f7d..9b413e835 100644 --- a/src/prngs/rc4.c +++ b/src/prngs/rc4.c @@ -9,7 +9,7 @@ #ifdef LTC_RC4 -const struct ltc_prng_descriptor rc4_desc = +static const struct ltc_prng_descriptor rc4_desc = { "rc4", 32, @@ -36,6 +36,7 @@ int rc4_start(prng_state *prng) prng->u.rc4.s.x = 0; /* clear entropy (key) buffer */ XMEMSET(&prng->u.rc4.s.buf, 0, sizeof(prng->u.rc4.s.buf)); + prng->desc = rc4_desc; LTC_MUTEX_INIT(&prng->lock) return CRYPT_OK; } diff --git a/src/prngs/rng_make_prng.c b/src/prngs/rng_make_prng.c index a7b726ca2..bdf71ba8c 100644 --- a/src/prngs/rng_make_prng.c +++ b/src/prngs/rng_make_prng.c @@ -21,7 +21,7 @@ @param callback A pointer to a void function for when the RNG is slow, this can be NULL @return CRYPT_OK if successful */ -int rng_make_prng(int bits, int wprng, prng_state *prng, +int rng_make_prng(int bits, prng_state *prng, void (*callback)(void)) { unsigned char* buf; @@ -30,20 +30,15 @@ int rng_make_prng(int bits, int wprng, prng_state *prng, LTC_ARGCHK(prng != NULL); - /* check parameter */ - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - if (bits == -1) { - bytes = prng_descriptor[wprng].export_size; + bytes = prng->desc.export_size; } else if (bits < 64 || bits > 1024) { return CRYPT_INVALID_PRNGSIZE; } else { bytes = (unsigned long)((bits+7)/8) * 2; } - if ((err = prng_descriptor[wprng].start(prng)) != CRYPT_OK) { + if ((err = prng->desc.start(prng)) != CRYPT_OK) { return err; } @@ -58,15 +53,15 @@ int rng_make_prng(int bits, int wprng, prng_state *prng, } if (bits == -1) { - if ((err = prng_descriptor[wprng].pimport(buf, bytes, prng)) != CRYPT_OK) { + if ((err = prng->desc.pimport(buf, bytes, prng)) != CRYPT_OK) { goto LBL_ERR; } } else { - if ((err = prng_descriptor[wprng].add_entropy(buf, bytes, prng)) != CRYPT_OK) { + if ((err = prng->desc.add_entropy(buf, bytes, prng)) != CRYPT_OK) { goto LBL_ERR; } } - if ((err = prng_descriptor[wprng].ready(prng)) != CRYPT_OK) { + if ((err = prng->desc.ready(prng)) != CRYPT_OK) { goto LBL_ERR; } diff --git a/src/prngs/sober128.c b/src/prngs/sober128.c index 64545784e..52fc6a6c2 100644 --- a/src/prngs/sober128.c +++ b/src/prngs/sober128.c @@ -11,7 +11,7 @@ #ifdef LTC_SOBER128 -const struct ltc_prng_descriptor sober128_desc = +static const struct ltc_prng_descriptor sober128_desc = { "sober128", 40, @@ -36,6 +36,7 @@ int sober128_start(prng_state *prng) prng->ready = 0; XMEMSET(&prng->u.sober128.ent, 0, sizeof(prng->u.sober128.ent)); prng->u.sober128.idx = 0; + prng->desc = sober128_desc; LTC_MUTEX_INIT(&prng->lock) return CRYPT_OK; } diff --git a/src/prngs/sprng.c b/src/prngs/sprng.c index e40471827..553f51365 100644 --- a/src/prngs/sprng.c +++ b/src/prngs/sprng.c @@ -14,7 +14,7 @@ #ifdef LTC_SPRNG -const struct ltc_prng_descriptor sprng_desc = +static const struct ltc_prng_descriptor sprng_desc = { "sprng", 0, &sprng_start, @@ -34,7 +34,8 @@ const struct ltc_prng_descriptor sprng_desc = */ int sprng_start(prng_state *prng) { - LTC_UNUSED_PARAM(prng); + LTC_ARGCHK(prng != NULL); + prng->desc = sprng_desc; return CRYPT_OK; } diff --git a/src/prngs/yarrow.c b/src/prngs/yarrow.c index 40cb46a65..c097b071e 100644 --- a/src/prngs/yarrow.c +++ b/src/prngs/yarrow.c @@ -9,7 +9,7 @@ #ifdef LTC_YARROW -const struct ltc_prng_descriptor yarrow_desc = +static const struct ltc_prng_descriptor yarrow_desc = { "yarrow", 64, &yarrow_start, @@ -111,6 +111,8 @@ int yarrow_start(prng_state *prng) return err; } + prng->desc = yarrow_desc; + /* zero the memory used */ zeromem(prng->u.yarrow.pool, sizeof(prng->u.yarrow.pool)); LTC_MUTEX_INIT(&prng->lock) From d032c5c97bb63b04dce62b5ea7574c8c0d5d05dc Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 19 Oct 2019 16:29:18 +0200 Subject: [PATCH 2/4] remove prng registry --- demos/ltcrypt.c | 3 +- demos/small.c | 1 - demos/timing.c | 68 ++++++++++++++++++++++--------- demos/tv_gen.c | 1 - src/headers/tomcrypt_math.h | 2 - src/headers/tomcrypt_pk.h | 56 ++++++++++++------------- src/headers/tomcrypt_pkcs.h | 4 +- src/headers/tomcrypt_private.h | 9 ++-- src/math/rand_bn.c | 11 ++--- src/math/rand_prime.c | 9 +--- src/misc/crypt/crypt_fsa.c | 9 +--- src/pk/dh/dh_generate_key.c | 10 ++--- src/pk/dsa/dsa_encrypt_key.c | 11 ++--- src/pk/dsa/dsa_generate_key.c | 5 +-- src/pk/dsa/dsa_generate_pqg.c | 12 +++--- src/pk/dsa/dsa_make_key.c | 7 ++-- src/pk/dsa/dsa_sign_hash.c | 13 ++---- src/pk/ec25519/tweetnacl.c | 8 +--- src/pk/ecc/ecc_encrypt_key.c | 5 +-- src/pk/ecc/ecc_make_key.c | 13 +++--- src/pk/ecc/ecc_sign_hash.c | 7 ++-- src/pk/ed25519/ed25519_make_key.c | 5 +-- src/pk/pkcs1/pkcs_1_oaep_encode.c | 9 +--- src/pk/pkcs1/pkcs_1_pss_encode.c | 11 ++--- src/pk/pkcs1/pkcs_1_v1_5_encode.c | 10 ++--- src/pk/rsa/rsa_encrypt_key.c | 12 ++---- src/pk/rsa/rsa_make_key.c | 22 ++++------ src/pk/rsa/rsa_sign_hash.c | 12 ++---- src/pk/x25519/x25519_make_key.c | 13 ++---- src/prngs/rng_make_prng.c | 14 +++---- tests/dh_test.c | 10 ++--- tests/dsa_test.c | 10 ++--- tests/ecc_test.c | 30 +++++++------- tests/ed25519_test.c | 2 +- tests/no_prng.c | 15 ++++--- tests/pkcs_1_eme_test.c | 9 ++-- tests/pkcs_1_emsa_test.c | 2 +- tests/pkcs_1_oaep_test.c | 9 ++-- tests/pkcs_1_pss_test.c | 11 ++--- tests/pkcs_1_test.c | 11 +++-- tests/prng_test.c | 62 ++++++++++++++++++++-------- tests/rsa_test.c | 43 ++++++++++--------- tests/test.c | 25 ++---------- tests/tomcrypt_test.h | 4 +- tests/x25519_test.c | 3 +- 45 files changed, 277 insertions(+), 341 deletions(-) diff --git a/demos/ltcrypt.c b/demos/ltcrypt.c index a4be30ecd..d3d60d64e 100644 --- a/demos/ltcrypt.c +++ b/demos/ltcrypt.c @@ -41,7 +41,6 @@ int main(int argc, char *argv[]) /* register algs, so they can be printed */ register_all_ciphers(); register_all_hashes(); - register_all_prngs(); if (argc < 4) { if ((argc > 2) && (!strcmp(argv[1], "-t"))) { @@ -153,7 +152,7 @@ int main(int argc, char *argv[]) } else { /* encrypt */ /* Setup yarrow for random bytes for IV */ - if ((err = rng_make_prng(128, find_prng("yarrow"), &prng, NULL)) != CRYPT_OK) { + if ((err = rng_make_prng(128, &prng, NULL)) != CRYPT_OK) { printf("Error setting up PRNG, %s\n", error_to_string(err)); } diff --git a/demos/small.c b/demos/small.c index aa8902ce1..9e3497962 100644 --- a/demos/small.c +++ b/demos/small.c @@ -6,7 +6,6 @@ int main(void) { register_cipher(&rijndael_enc_desc); - register_prng(&yarrow_desc); register_hash(&sha256_desc); return 0; } diff --git a/demos/timing.c b/demos/timing.c index 7dc430c88..cbdbbbf8e 100644 --- a/demos/timing.c +++ b/demos/timing.c @@ -592,22 +592,49 @@ static void time_prng(void) unsigned long x, y; int err; + + + typedef int (*fp_prng_start)(prng_state*); + + fp_prng_start prng_start[] = { +#ifdef LTC_YARROW + yarrow_start, +#endif +#ifdef LTC_FORTUNA + fortuna_start, +#endif +#ifdef LTC_RC4 + rc4_start, +#endif +#ifdef LTC_CHACHA20_PRNG + chacha20_prng_start, +#endif +#ifdef LTC_SOBER128 + sober128_start, +#endif +#ifdef LTC_SPRNG + sprng_start, +#endif + NULL + }; + fprintf(stderr, "Timing PRNGs (cycles/byte output, cycles add_entropy (32 bytes) :\n"); - for (x = 0; prng_descriptor[x].name != NULL; x++) { + for (x = 0; prng_start[x] != NULL; x++) { + + prng_start[x](&tprng); /* sanity check on prng */ - if ((err = prng_descriptor[x].test()) != CRYPT_OK) { - fprintf(stderr, "\n\nERROR: PRNG %s failed self-test %s\n", prng_descriptor[x].name, error_to_string(err)); + if ((err = tprng.desc.test()) != CRYPT_OK) { + fprintf(stderr, "\n\nERROR: PRNG %s failed self-test %s\n", tprng.desc.name, error_to_string(err)); exit(EXIT_FAILURE); } - prng_descriptor[x].start(&tprng); zeromem(buf, 256); - prng_descriptor[x].add_entropy(buf, 256, &tprng); - prng_descriptor[x].ready(&tprng); + tprng.desc.add_entropy(buf, 256, &tprng); + tprng.desc.ready(&tprng); t2 = -1; -#define DO1 if (prng_descriptor[x].read(buf, 4096, &tprng) != 4096) { fprintf(stderr, "\n\nERROR READ != 4096\n\n"); exit(EXIT_FAILURE); } +#define DO1 if (tprng.desc.read(buf, 4096, &tprng) != 4096) { fprintf(stderr, "\n\nERROR READ != 4096\n\n"); exit(EXIT_FAILURE); } #define DO2 DO1 DO1 for (y = 0; y < 10000; y++) { t_start(); @@ -616,11 +643,11 @@ static void time_prng(void) t1 = (t_read() - t1)>>1; if (t1 < t2) t2 = t1; } - fprintf(stderr, "%20s: %5"PRI64"u ", prng_descriptor[x].name, t2>>12); + fprintf(stderr, "%20s: %5"PRI64"u ", tprng.desc.name, t2>>12); #undef DO2 #undef DO1 -#define DO1 prng_descriptor[x].start(&tprng); prng_descriptor[x].add_entropy(buf, 32, &tprng); prng_descriptor[x].ready(&tprng); prng_descriptor[x].done(&tprng); +#define DO1 tprng.desc.start(&tprng); tprng.desc.add_entropy(buf, 32, &tprng); tprng.desc.ready(&tprng); tprng.desc.done(&tprng); #define DO2 DO1 DO1 for (y = 0; y < 10000; y++) { t_start(); @@ -663,11 +690,11 @@ static const struct { for (y = 0; y < 4; y++) { t_start(); t1 = t_read(); - if ((err = dsa_generate_pqg(&yarrow_prng, find_prng("yarrow"), groups[x].group, groups[x].modulus, &key)) != CRYPT_OK) { + if ((err = dsa_generate_pqg(&yarrow_prng, groups[x].group, groups[x].modulus, &key)) != CRYPT_OK) { fprintf(stderr, "\n\ndsa_generate_pqg says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); } - if ((err = dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) { + if ((err = dsa_generate_key(&yarrow_prng, &key)) != CRYPT_OK) { fprintf(stderr, "\n\ndsa_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); } @@ -710,7 +737,7 @@ static void time_rsa(void) for (y = 0; y < 4; y++) { t_start(); t1 = t_read(); - if ((err = rsa_make_key(&yarrow_prng, find_prng("yarrow"), x/8, 65537, &key)) != CRYPT_OK) { + if ((err = rsa_make_key(&yarrow_prng, x/8, 65537, &key)) != CRYPT_OK) { fprintf(stderr, "\n\nrsa_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); } @@ -735,7 +762,7 @@ static void time_rsa(void) t1 = t_read(); z = sizeof(buf[1]); if ((err = rsa_encrypt_key(buf[0], 32, buf[1], &z, (const unsigned char *)"testprog", 8, &yarrow_prng, - find_prng("yarrow"), find_hash("sha1"), + find_hash("sha1"), &key)) != CRYPT_OK) { fprintf(stderr, "\n\nrsa_encrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); @@ -776,7 +803,7 @@ static void time_rsa(void) t1 = t_read(); z = sizeof(buf[1]); if ((err = rsa_sign_hash(buf[0], 20, buf[1], &z, &yarrow_prng, - find_prng("yarrow"), find_hash("sha1"), 8, &key)) != CRYPT_OK) { + find_hash("sha1"), 8, &key)) != CRYPT_OK) { fprintf(stderr, "\n\nrsa_sign_hash says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); } @@ -846,7 +873,7 @@ static void time_dh(void) t_start(); t1 = t_read(); - if ((err = dh_generate_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) { + if ((err = dh_generate_key(&yarrow_prng, &key)) != CRYPT_OK) { fprintf(stderr, "\n\ndh_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); } @@ -906,7 +933,7 @@ static void time_ecc(void) for (y = 0; y < 256; y++) { t_start(); t1 = t_read(); - if ((err = ecc_make_key(&yarrow_prng, find_prng("yarrow"), x, &key)) != CRYPT_OK) { + if ((err = ecc_make_key(&yarrow_prng, x, &key)) != CRYPT_OK) { fprintf(stderr, "\n\necc_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); } @@ -930,7 +957,7 @@ static void time_ecc(void) t_start(); t1 = t_read(); z = sizeof(buf[1]); - if ((err = ecc_encrypt_key(buf[0], 20, buf[1], &z, &yarrow_prng, find_prng("yarrow"), find_hash("sha1"), + if ((err = ecc_encrypt_key(buf[0], 20, buf[1], &z, &yarrow_prng, find_hash("sha1"), &key)) != CRYPT_OK) { fprintf(stderr, "\n\necc_encrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); @@ -970,7 +997,7 @@ static void time_ecc(void) t1 = t_read(); z = sizeof(buf[1]); if ((err = ecc_sign_hash(buf[0], 20, buf[1], &z, &yarrow_prng, - find_prng("yarrow"), &key)) != CRYPT_OK) { + &key)) != CRYPT_OK) { fprintf(stderr, "\n\necc_sign_hash says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); } @@ -1358,7 +1385,6 @@ const char* mpi_provider = NULL; init_timer(); register_all_ciphers(); register_all_hashes(); -register_all_prngs(); #ifdef USE_LTM mpi_provider = "ltm"; @@ -1376,7 +1402,9 @@ register_all_prngs(); crypt_mp_init(mpi_provider); -if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT_OK) { + yarrow_start(&yarrow_prng); + +if ((err = rng_make_prng(128, &yarrow_prng, NULL)) != CRYPT_OK) { fprintf(stderr, "rng_make_prng failed: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } diff --git a/demos/tv_gen.c b/demos/tv_gen.c index ef9f919cc..8de4e3fcf 100644 --- a/demos/tv_gen.c +++ b/demos/tv_gen.c @@ -770,7 +770,6 @@ int main(void) { register_all_ciphers(); register_all_hashes(); - register_all_prngs(); #ifdef USE_LTM ltc_mp = ltm_desc; #elif defined(USE_TFM) diff --git a/src/headers/tomcrypt_math.h b/src/headers/tomcrypt_math.h index b7dedf6be..b67d151c2 100644 --- a/src/headers/tomcrypt_math.h +++ b/src/headers/tomcrypt_math.h @@ -443,7 +443,6 @@ typedef struct { /** RSA Key Generation @param prng An active PRNG state - @param wprng The index of the PRNG desired @param size The size of the key in octets @param e The "e" value (public key). e==65537 is a good choice @@ -451,7 +450,6 @@ typedef struct { @return CRYPT_OK if successful, upon error all allocated ram is freed */ int (*rsa_keygen)(prng_state *prng, - int wprng, int size, long e, rsa_key *key); diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h index dcf714d7d..917a74d4e 100644 --- a/src/headers/tomcrypt_pk.h +++ b/src/headers/tomcrypt_pk.h @@ -57,7 +57,7 @@ enum public_key_type { PK_CURVEOID = 0x4000 }; -int rand_prime(void *N, long len, prng_state *prng, int wprng); +int rand_prime(void *N, long len, prng_state *prng); /* ---- RSA ---- */ #ifdef LTC_MRSA @@ -84,8 +84,8 @@ typedef struct Rsa_key { void *dQ; } rsa_key; -int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key); -int rsa_make_key_ubin_e(prng_state *prng, int wprng, int size, +int rsa_make_key(prng_state *prng, int size, long e, rsa_key *key); +int rsa_make_key_ubin_e(prng_state *prng, int size, const unsigned char *e, unsigned long elen, rsa_key *key); int rsa_get_size(const rsa_key *key); @@ -96,14 +96,14 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, void rsa_free(rsa_key *key); /* These use PKCS #1 v2.0 padding */ -#define rsa_encrypt_key(in, inlen, out, outlen, lparam, lparamlen, prng, prng_idx, hash_idx, key) \ - rsa_encrypt_key_ex(in, inlen, out, outlen, lparam, lparamlen, prng, prng_idx, hash_idx, -1, LTC_PKCS_1_OAEP, key) +#define rsa_encrypt_key(in, inlen, out, outlen, lparam, lparamlen, prng, hash_idx, key) \ + rsa_encrypt_key_ex(in, inlen, out, outlen, lparam, lparamlen, prng, hash_idx, -1, LTC_PKCS_1_OAEP, key) #define rsa_decrypt_key(in, inlen, out, outlen, lparam, lparamlen, hash_idx, stat, key) \ rsa_decrypt_key_ex(in, inlen, out, outlen, lparam, lparamlen, hash_idx, -1, LTC_PKCS_1_OAEP, stat, key) -#define rsa_sign_hash(in, inlen, out, outlen, prng, prng_idx, hash_idx, saltlen, key) \ - rsa_sign_hash_ex(in, inlen, out, outlen, LTC_PKCS_1_PSS, prng, prng_idx, hash_idx, saltlen, key) +#define rsa_sign_hash(in, inlen, out, outlen, prng, hash_idx, saltlen, key) \ + rsa_sign_hash_ex(in, inlen, out, outlen, LTC_PKCS_1_PSS, prng, hash_idx, saltlen, key) #define rsa_verify_hash(sig, siglen, hash, hashlen, hash_idx, saltlen, stat, key) \ rsa_verify_hash_ex(sig, siglen, hash, hashlen, LTC_PKCS_1_PSS, hash_idx, saltlen, stat, key) @@ -115,7 +115,7 @@ void rsa_free(rsa_key *key); int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, const unsigned char *lparam, unsigned long lparamlen, - prng_state *prng, int prng_idx, + prng_state *prng, int mgf_hash, int lparam_hash, int padding, const rsa_key *key); @@ -130,7 +130,7 @@ int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int padding, - prng_state *prng, int prng_idx, + prng_state *prng, int hash_idx, unsigned long saltlen, const rsa_key *key); @@ -188,7 +188,7 @@ int dh_set_pg_dhparam(const unsigned char *dhparam, unsigned long dhparamlen, dh int dh_set_pg_groupsize(int groupsize, dh_key *key); int dh_set_key(const unsigned char *in, unsigned long inlen, int type, dh_key *key); -int dh_generate_key(prng_state *prng, int wprng, dh_key *key); +int dh_generate_key(prng_state *prng, dh_key *key); int dh_shared_secret(const dh_key *private_key, const dh_key *public_key, unsigned char *out, unsigned long *outlen); @@ -303,13 +303,13 @@ int ecc_get_size(const ecc_key *key); int ecc_find_curve(const char* name_or_oid, const ltc_ecc_curve** cu); int ecc_set_curve(const ltc_ecc_curve *cu, ecc_key *key); -int ecc_generate_key(prng_state *prng, int wprng, ecc_key *key); +int ecc_generate_key(prng_state *prng, ecc_key *key); int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key *key); int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key); int ecc_get_oid_str(char *out, unsigned long *outlen, const ecc_key *key); -int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key); -int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_curve *cu); +int ecc_make_key(prng_state *prng, int keysize, ecc_key *key); +int ecc_make_key_ex(prng_state *prng, ecc_key *key, const ltc_ecc_curve *cu); void ecc_free(ecc_key *key); int ecc_export(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key); @@ -330,18 +330,18 @@ int ecc_shared_secret(const ecc_key *private_key, const ecc_key *public_key, int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, int hash, + prng_state *prng, int hash, const ecc_key *key); int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, const ecc_key *key); -#define ecc_sign_hash_rfc7518(in_, inlen_, out_, outlen_, prng_, wprng_, key_) \ - ecc_sign_hash_ex(in_, inlen_, out_, outlen_, prng_, wprng_, LTC_ECCSIG_RFC7518, NULL, key_) +#define ecc_sign_hash_rfc7518(in_, inlen_, out_, outlen_, prng_, key_) \ + ecc_sign_hash_ex(in_, inlen_, out_, outlen_, prng_, LTC_ECCSIG_RFC7518, NULL, key_) -#define ecc_sign_hash(in_, inlen_, out_, outlen_, prng_, wprng_, key_) \ - ecc_sign_hash_ex(in_, inlen_, out_, outlen_, prng_, wprng_, LTC_ECCSIG_ANSIX962, NULL, key_) +#define ecc_sign_hash(in_, inlen_, out_, outlen_, prng_, key_) \ + ecc_sign_hash_ex(in_, inlen_, out_, outlen_, prng_, LTC_ECCSIG_ANSIX962, NULL, key_) #define ecc_verify_hash_rfc7518(sig_, siglen_, hash_, hashlen_, stat_, key_) \ ecc_verify_hash_ex(sig_, siglen_, hash_, hashlen_, LTC_ECCSIG_RFC7518, stat_, key_) @@ -351,7 +351,7 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_signature_type sigformat, + prng_state *prng, ecc_signature_type sigformat, int *recid, const ecc_key *key); int ecc_verify_hash_ex(const unsigned char *sig, unsigned long siglen, @@ -382,7 +382,7 @@ typedef struct { /** Ed25519 Signature API */ -int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key); +int ed25519_make_key(prng_state *prng, curve25519_key *key); int ed25519_export( unsigned char *out, unsigned long *outlen, int which, @@ -422,7 +422,7 @@ int ed25519ph_verify(const unsigned char *msg, unsigned long msglen, const curve25519_key *public_key); /** X25519 Key-Exchange API */ -int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key); +int x25519_make_key(prng_state *prng, curve25519_key *key); int x25519_export( unsigned char *out, unsigned long *outlen, int which, @@ -476,27 +476,27 @@ typedef struct { void *y; } dsa_key; -int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key); +int dsa_make_key(prng_state *prng, int group_size, int modulus_size, dsa_key *key); int dsa_set_pqg(const unsigned char *p, unsigned long plen, const unsigned char *q, unsigned long qlen, const unsigned char *g, unsigned long glen, dsa_key *key); int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen, dsa_key *key); -int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key); +int dsa_generate_pqg(prng_state *prng, int group_size, int modulus_size, dsa_key *key); int dsa_set_key(const unsigned char *in, unsigned long inlen, int type, dsa_key *key); -int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key); +int dsa_generate_key(prng_state *prng, dsa_key *key); void dsa_free(dsa_key *key); int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, - void *r, void *s, - prng_state *prng, int wprng, const dsa_key *key); + void *r, void *s, + prng_state *prng, const dsa_key *key); int dsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, const dsa_key *key); + prng_state *prng, const dsa_key *key); int dsa_verify_hash_raw( void *r, void *s, const unsigned char *hash, unsigned long hashlen, @@ -508,7 +508,7 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, int hash, + prng_state *prng, int hash, const dsa_key *key); int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, diff --git a/src/headers/tomcrypt_pkcs.h b/src/headers/tomcrypt_pkcs.h index cca013c07..3acf69f27 100644 --- a/src/headers/tomcrypt_pkcs.h +++ b/src/headers/tomcrypt_pkcs.h @@ -33,7 +33,6 @@ int pkcs_1_v1_5_encode(const unsigned char *msg, int block_type, unsigned long modulus_bitlen, prng_state *prng, - int prng_idx, unsigned char *out, unsigned long *outlen); @@ -49,7 +48,6 @@ int pkcs_1_v1_5_decode(const unsigned char *msg, int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, const unsigned char *lparam, unsigned long lparamlen, unsigned long modulus_bitlen, prng_state *prng, - int prng_idx, int mgf_hash, int lparam_hash, unsigned char *out, unsigned long *outlen); @@ -62,7 +60,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, unsigned long saltlen, prng_state *prng, - int prng_idx, int hash_idx, + int hash_idx, unsigned long modulus_bitlen, unsigned char *out, unsigned long *outlen); diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 2617e3aae..e68a5a584 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -377,8 +377,8 @@ int pem_read(void *pem, unsigned long *w, struct pem_headers *hdr, struct get_ch /* tomcrypt_pk.h */ -int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng); -int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng); +int rand_bn_bits(void *N, int bits, prng_state *prng); +int rand_bn_upto(void *N, void *limit, prng_state *prng); int pk_get_oid(enum ltc_oid_id id, const char **st); int pk_get_pka_id(enum ltc_oid_id id, enum ltc_pka_id *pka); @@ -391,8 +391,7 @@ int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, #ifdef LTC_MRSA int rsa_init(rsa_key *key); void rsa_shrink_key(rsa_key *key); -int rsa_make_key_bn_e(prng_state *prng, int wprng, int size, void *e, - rsa_key *key); /* used by op-tee */ +int rsa_make_key_bn_e(prng_state *prng, int size, void *e, rsa_key *key); /* used by op-tee */ int rsa_import_pkcs1(const unsigned char *in, unsigned long inlen, rsa_key *key); int rsa_import_pkcs8_asn1(ltc_asn1_list *alg_id, ltc_asn1_list *priv_key, rsa_key *key); #endif /* LTC_MRSA */ @@ -505,7 +504,7 @@ int tweetnacl_crypto_sign_open( const unsigned char *sm,unsigned long long smlen, const unsigned char *ctx, unsigned long long cs, const unsigned char *pk); -int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, unsigned char *pk,unsigned char *sk); +int tweetnacl_crypto_sign_keypair(prng_state *prng, unsigned char *pk,unsigned char *sk); int tweetnacl_crypto_sk_to_pk(unsigned char *pk, const unsigned char *sk); int tweetnacl_crypto_scalarmult(unsigned char *q, const unsigned char *n, const unsigned char *p); int tweetnacl_crypto_scalarmult_base(unsigned char *q,const unsigned char *n); diff --git a/src/math/rand_bn.c b/src/math/rand_bn.c index 03a81b7e2..274613ad9 100644 --- a/src/math/rand_bn.c +++ b/src/math/rand_bn.c @@ -7,7 +7,7 @@ Generate a random number N with given bitlength (note: MSB can be 0) */ -int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng) +int rand_bn_bits(void *N, int bits, prng_state *prng) { int res, bytes; unsigned char *buf, mask; @@ -15,9 +15,6 @@ int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng) LTC_ARGCHK(N != NULL); LTC_ARGCHK(bits > 1); - /* check PRNG */ - if ((res = prng_is_valid(wprng)) != CRYPT_OK) return res; - bytes = (bits+7) >> 3; mask = 0xff >> (bits % 8 == 0 ? 0 : 8 - bits % 8); @@ -25,7 +22,7 @@ int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng) if ((buf = XCALLOC(1, bytes)) == NULL) return CRYPT_MEM; /* generate random bytes */ - if (prng_descriptor[wprng].read(buf, bytes, prng) != (unsigned long)bytes) { + if (prng->desc.read(buf, bytes, prng) != (unsigned long)bytes) { res = CRYPT_ERROR_READPRNG; goto cleanup; } @@ -47,7 +44,7 @@ int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng) /** Generate a random number N in a range: 1 <= N < limit */ -int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng) +int rand_bn_upto(void *N, void *limit, prng_state *prng) { int res, bits; @@ -56,7 +53,7 @@ int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng) bits = mp_count_bits(limit); do { - res = rand_bn_bits(N, bits, prng, wprng); + res = rand_bn_bits(N, bits, prng); if (res != CRYPT_OK) return res; } while (mp_cmp_d(N, 0) != LTC_MP_GT || mp_cmp(N, limit) != LTC_MP_LT); diff --git a/src/math/rand_prime.c b/src/math/rand_prime.c index 498912cb3..b136a0ef7 100644 --- a/src/math/rand_prime.c +++ b/src/math/rand_prime.c @@ -11,7 +11,7 @@ #define USE_BBS 1 -int rand_prime(void *N, long len, prng_state *prng, int wprng) +int rand_prime(void *N, long len, prng_state *prng) { int err, res, type; unsigned char *buf; @@ -31,11 +31,6 @@ int rand_prime(void *N, long len, prng_state *prng, int wprng) return CRYPT_INVALID_PRIME_SIZE; } - /* valid PRNG? Better be! */ - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - /* allocate buffer to work with */ buf = XCALLOC(1, len); if (buf == NULL) { @@ -44,7 +39,7 @@ int rand_prime(void *N, long len, prng_state *prng, int wprng) do { /* generate value */ - if (prng_descriptor[wprng].read(buf, len, prng) != (unsigned long)len) { + if (prng->desc.read(buf, len, prng) != (unsigned long)len) { XFREE(buf); return CRYPT_ERROR_READPRNG; } diff --git a/src/misc/crypt/crypt_fsa.c b/src/misc/crypt/crypt_fsa.c index a23216dab..dfb19223f 100644 --- a/src/misc/crypt/crypt_fsa.c +++ b/src/misc/crypt/crypt_fsa.c @@ -8,7 +8,7 @@ LibTomCrypt FULL SPEED AHEAD!, Tom St Denis */ -/* format is ltc_mp, cipher_desc, [cipher_desc], NULL, hash_desc, [hash_desc], NULL, prng_desc, [prng_desc], NULL */ +/* format is ltc_mp, cipher_desc, [cipher_desc], NULL, hash_desc, [hash_desc], NULL */ int crypt_fsa(void *mp, ...) { va_list args; @@ -33,13 +33,6 @@ int crypt_fsa(void *mp, ...) } } - while ((p = va_arg(args, void*)) != NULL) { - if (register_prng(p) == -1) { - va_end(args); - return CRYPT_INVALID_PRNG; - } - } - va_end(args); return CRYPT_OK; } diff --git a/src/pk/dh/dh_generate_key.c b/src/pk/dh/dh_generate_key.c index 39ef8e14c..4e1a9920a 100644 --- a/src/pk/dh/dh_generate_key.c +++ b/src/pk/dh/dh_generate_key.c @@ -34,20 +34,16 @@ static int s_dh_groupsize_to_keysize(int groupsize) return 0; } -int dh_generate_key(prng_state *prng, int wprng, dh_key *key) +int dh_generate_key(prng_state *prng, dh_key *key) { unsigned char *buf; unsigned long keysize; int err, max_iterations = LTC_PK_MAX_RETRIES; + LTC_ARGCHK(prng != NULL); LTC_ARGCHK(key != NULL); LTC_ARGCHK(ltc_mp.name != NULL); - /* good prng? */ - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - keysize = s_dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime)); if (keysize == 0) { err = CRYPT_INVALID_KEYSIZE; @@ -64,7 +60,7 @@ int dh_generate_key(prng_state *prng, int wprng, dh_key *key) key->type = PK_PRIVATE; do { /* make up random buf */ - if (prng_descriptor[wprng].read(buf, keysize, prng) != keysize) { + if (prng->desc.read(buf, keysize, prng) != keysize) { err = CRYPT_ERROR_READPRNG; goto freebuf; } diff --git a/src/pk/dsa/dsa_encrypt_key.c b/src/pk/dsa/dsa_encrypt_key.c index 2f4609218..9189693b8 100644 --- a/src/pk/dsa/dsa_encrypt_key.c +++ b/src/pk/dsa/dsa_encrypt_key.c @@ -16,14 +16,13 @@ @param out [out] The destination for the ciphertext @param outlen [in/out] The max size and resulting size of the ciphertext @param prng An active PRNG state - @param wprng The index of the PRNG you wish to use @param hash The index of the hash you want to use @param key The DSA key you want to encrypt to @return CRYPT_OK if successful */ int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, int hash, + prng_state *prng, int hash, const dsa_key *key) { unsigned char *expt, *skey; @@ -36,11 +35,7 @@ int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(key != NULL); - /* check that wprng/cipher/hash are not invalid */ - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - + /* check that cipher/hash are not invalid */ if ((err = hash_is_valid(hash)) != CRYPT_OK) { return err; } @@ -70,7 +65,7 @@ int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, /* make a random g_priv, g_pub = g^x pair private key x should be in range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */ - if ((err = rand_bn_upto(g_priv, key->q, prng, wprng)) != CRYPT_OK) { + if ((err = rand_bn_upto(g_priv, key->q, prng)) != CRYPT_OK) { goto LBL_ERR; } diff --git a/src/pk/dsa/dsa_generate_key.c b/src/pk/dsa/dsa_generate_key.c index bc83c0ed9..88b8de990 100644 --- a/src/pk/dsa/dsa_generate_key.c +++ b/src/pk/dsa/dsa_generate_key.c @@ -12,11 +12,10 @@ /** Create a DSA key @param prng An active PRNG state - @param wprng The index of the PRNG desired @param key [in/out] Where to store the created key @return CRYPT_OK if successful. */ -int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key) +int dsa_generate_key(prng_state *prng, dsa_key *key) { int err; @@ -27,7 +26,7 @@ int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key) Now we need a random exponent [mod q] and it's power g^x mod p */ /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */ - if ((err = rand_bn_upto(key->x, key->q, prng, wprng)) != CRYPT_OK) { return err; } + if ((err = rand_bn_upto(key->x, key->q, prng)) != CRYPT_OK) { return err; } if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { return err; } key->type = PK_PRIVATE; diff --git a/src/pk/dsa/dsa_generate_pqg.c b/src/pk/dsa/dsa_generate_pqg.c index d607782fa..bdfe72de2 100644 --- a/src/pk/dsa/dsa_generate_pqg.c +++ b/src/pk/dsa/dsa_generate_pqg.c @@ -12,7 +12,6 @@ /** Create DSA parameters (INTERNAL ONLY, not part of public API) @param prng An active PRNG state - @param wprng The index of the PRNG desired @param group_size Size of the multiplicative group (octets) @param modulus_size Size of the modulus (octets) @param p [out] bignum where generated 'p' is stored (must be initialized by caller) @@ -20,7 +19,7 @@ @param g [out] bignum where generated 'g' is stored (must be initialized by caller) @return CRYPT_OK if successful, upon error this function will free all allocated memory */ -static int s_dsa_make_params(prng_state *prng, int wprng, int group_size, int modulus_size, void *p, void *q, void *g) +static int s_dsa_make_params(prng_state *prng, int group_size, int modulus_size, void *p, void *q, void *g) { unsigned long L, N, n, outbytes, seedbytes, counter, j, i; int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash; @@ -121,7 +120,7 @@ static int s_dsa_make_params(prng_state *prng, int wprng, int group_size, int mo for(found_p=0; !found_p;) { /* q */ for(found_q=0; !found_q;) { - if (prng_descriptor[wprng].read(sbuf, seedbytes, prng) != seedbytes) { err = CRYPT_ERROR_READPRNG; goto cleanup; } + if (prng->desc.read(sbuf, seedbytes, prng) != seedbytes) { err = CRYPT_ERROR_READPRNG; goto cleanup; } i = outbytes; if ((err = hash_memory(hash, sbuf, seedbytes, digest, &i)) != CRYPT_OK) { goto cleanup; } if ((err = mp_read_unsigned_bin(U, digest, outbytes)) != CRYPT_OK) { goto cleanup; } @@ -178,7 +177,7 @@ static int s_dsa_make_params(prng_state *prng, int wprng, int group_size, int mo i = mp_count_bits(p); do { do { - if ((err = rand_bn_bits(h, i, prng, wprng)) != CRYPT_OK) { goto cleanup; } + if ((err = rand_bn_bits(h, i, prng)) != CRYPT_OK) { goto cleanup; } } while (mp_cmp(h, p) != LTC_MP_LT || mp_cmp_d(h, 2) != LTC_MP_GT); if ((err = mp_sub_d(h, 1, h)) != CRYPT_OK) { goto cleanup; } /* h is randon and 1 < h < (p-1) */ @@ -199,20 +198,19 @@ static int s_dsa_make_params(prng_state *prng, int wprng, int group_size, int mo /** Generate DSA parameters p, q & g @param prng An active PRNG state - @param wprng The index of the PRNG desired @param group_size Size of the multiplicative group (octets) @param modulus_size Size of the modulus (octets) @param key [out] Where to store the created key @return CRYPT_OK if successful. */ -int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key) +int dsa_generate_pqg(prng_state *prng, int group_size, int modulus_size, dsa_key *key) { int err; /* init key */ if ((err = dsa_int_init(key)) != CRYPT_OK) return err; /* generate params */ - err = s_dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g); + err = s_dsa_make_params(prng, group_size, modulus_size, key->p, key->q, key->g); if (err != CRYPT_OK) { goto cleanup; } diff --git a/src/pk/dsa/dsa_make_key.c b/src/pk/dsa/dsa_make_key.c index 5a205b272..3389fc9a8 100644 --- a/src/pk/dsa/dsa_make_key.c +++ b/src/pk/dsa/dsa_make_key.c @@ -12,18 +12,17 @@ /** Old-style creation of a DSA key @param prng An active PRNG state - @param wprng The index of the PRNG desired @param group_size Size of the multiplicative group (octets) @param modulus_size Size of the modulus (octets) @param key [out] Where to store the created key @return CRYPT_OK if successful. */ -int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key) +int dsa_make_key(prng_state *prng, int group_size, int modulus_size, dsa_key *key) { int err; - if ((err = dsa_generate_pqg(prng, wprng, group_size, modulus_size, key)) != CRYPT_OK) { return err; } - if ((err = dsa_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } + if ((err = dsa_generate_pqg(prng, group_size, modulus_size, key)) != CRYPT_OK) { return err; } + if ((err = dsa_generate_key(prng, key)) != CRYPT_OK) { return err; } return CRYPT_OK; } diff --git a/src/pk/dsa/dsa_sign_hash.c b/src/pk/dsa/dsa_sign_hash.c index 56baa8039..c434778ca 100644 --- a/src/pk/dsa/dsa_sign_hash.c +++ b/src/pk/dsa/dsa_sign_hash.c @@ -16,13 +16,12 @@ @param r The "r" integer of the signature (caller must initialize with mp_init() first) @param s The "s" integer of the signature (caller must initialize with mp_init() first) @param prng An active PRNG state - @param wprng The index of the PRNG desired @param key A private DSA key @return CRYPT_OK if successful */ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, void *r, void *s, - prng_state *prng, int wprng, const dsa_key *key) + prng_state *prng, const dsa_key *key) { void *k, *kinv, *tmp; unsigned char *buf; @@ -33,9 +32,6 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, LTC_ARGCHK(s != NULL); LTC_ARGCHK(key != NULL); - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } if (key->type != PK_PRIVATE) { return CRYPT_PK_NOT_PRIVATE; } @@ -58,7 +54,7 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, do { /* gen random k */ - if ((err = rand_bn_bits(k, qbits, prng, wprng)) != CRYPT_OK) { goto error; } + if ((err = rand_bn_bits(k, qbits, prng)) != CRYPT_OK) { goto error; } /* k should be from range: 1 <= k <= q-1 (see FIPS 186-4 B.2.2) */ if (mp_cmp_d(k, 0) != LTC_MP_GT || mp_cmp(k, key->q) != LTC_MP_LT) { goto retry; } @@ -105,13 +101,12 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, @param out [out] Where to store the signature @param outlen [in/out] The max size and resulting size of the signature @param prng An active PRNG state - @param wprng The index of the PRNG desired @param key A private DSA key @return CRYPT_OK if successful */ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, const dsa_key *key) + prng_state *prng, const dsa_key *key) { void *r, *s; int err; @@ -125,7 +120,7 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, return CRYPT_MEM; } - if ((err = dsa_sign_hash_raw(in, inlen, r, s, prng, wprng, key)) != CRYPT_OK) { + if ((err = dsa_sign_hash_raw(in, inlen, r, s, prng, key)) != CRYPT_OK) { goto error; } diff --git a/src/pk/ec25519/tweetnacl.c b/src/pk/ec25519/tweetnacl.c index 9db0dcd8e..feb60578a 100644 --- a/src/pk/ec25519/tweetnacl.c +++ b/src/pk/ec25519/tweetnacl.c @@ -322,16 +322,12 @@ int tweetnacl_crypto_sk_to_pk(u8 *pk, const u8 *sk) return 0; } -int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, u8 *pk, u8 *sk) +int tweetnacl_crypto_sign_keypair(prng_state *prng, u8 *pk, u8 *sk) { int err; /* randombytes(sk,32); */ - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - - if (prng_descriptor[wprng].read(sk,32, prng) != 32) { + if (prng->desc.read(sk,32, prng) != 32) { return CRYPT_ERROR_READPRNG; } diff --git a/src/pk/ecc/ecc_encrypt_key.c b/src/pk/ecc/ecc_encrypt_key.c index 9929ff5af..9285e2b4c 100644 --- a/src/pk/ecc/ecc_encrypt_key.c +++ b/src/pk/ecc/ecc_encrypt_key.c @@ -17,14 +17,13 @@ @param out [out] The destination for the ciphertext @param outlen [in/out] The max size and resulting size of the ciphertext @param prng An active PRNG state - @param wprng The index of the PRNG you wish to use @param hash The index of the hash you want to use @param key The ECC key you want to encrypt to @return CRYPT_OK if successful */ int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, int hash, + prng_state *prng, int hash, const ecc_key *key) { unsigned char *pub_expt, *ecc_shared, *skey; @@ -47,7 +46,7 @@ int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, /* make a random key and export the public copy */ if ((err = ecc_copy_curve(key, &pubkey)) != CRYPT_OK) { return err; } - if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { return err; } + if ((err = ecc_generate_key(prng, &pubkey)) != CRYPT_OK) { return err; } pub_expt = XMALLOC(ECC_BUF_SIZE); ecc_shared = XMALLOC(ECC_BUF_SIZE); diff --git a/src/pk/ecc/ecc_make_key.c b/src/pk/ecc/ecc_make_key.c index 1b047417b..087525fbf 100644 --- a/src/pk/ecc/ecc_make_key.c +++ b/src/pk/ecc/ecc_make_key.c @@ -13,29 +13,28 @@ /** Make a new ECC key @param prng An active PRNG state - @param wprng The index of the PRNG you wish to use @param keysize The keysize for the new key (in octets from 20 to 65 bytes) @param key [out] Destination of the newly created key @return CRYPT_OK if successful, upon error all allocated memory will be freed */ -int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key) +int ecc_make_key(prng_state *prng, int keysize, ecc_key *key) { int err; if ((err = ecc_set_curve_by_size(keysize, key)) != CRYPT_OK) { return err; } - if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } + if ((err = ecc_generate_key(prng, key)) != CRYPT_OK) { return err; } return CRYPT_OK; } -int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_curve *cu) +int ecc_make_key_ex(prng_state *prng, ecc_key *key, const ltc_ecc_curve *cu) { int err; if ((err = ecc_set_curve(cu, key)) != CRYPT_OK) { return err; } - if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } + if ((err = ecc_generate_key(prng, key)) != CRYPT_OK) { return err; } return CRYPT_OK; } -int ecc_generate_key(prng_state *prng, int wprng, ecc_key *key) +int ecc_generate_key(prng_state *prng, ecc_key *key) { int err; @@ -50,7 +49,7 @@ int ecc_generate_key(prng_state *prng, int wprng, ecc_key *key) * c/ if k not in [1, order-1] go to b/ * e/ Q = k*G */ - if ((err = rand_bn_upto(key->k, key->dp.order, prng, wprng)) != CRYPT_OK) { + if ((err = rand_bn_upto(key->k, key->dp.order, prng)) != CRYPT_OK) { goto error; } diff --git a/src/pk/ecc/ecc_sign_hash.c b/src/pk/ecc/ecc_sign_hash.c index 229ced195..39ff0f174 100644 --- a/src/pk/ecc/ecc_sign_hash.c +++ b/src/pk/ecc/ecc_sign_hash.c @@ -17,7 +17,6 @@ @param out [out] The destination for the signature @param outlen [in/out] The max size and resulting size of the signature @param prng An active PRNG state - @param wprng The index of the PRNG you wish to use @param sigformat The format of the signature to generate (ecc_signature_type) @param recid [out] The recovery ID for this signature (optional) @param key A private ECC key @@ -25,7 +24,7 @@ */ int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_signature_type sigformat, + prng_state *prng, ecc_signature_type sigformat, int *recid, const ecc_key *key) { ecc_key pubkey; @@ -73,7 +72,7 @@ int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, /* make up a key and export the public copy */ do { if ((err = ecc_copy_curve(key, &pubkey)) != CRYPT_OK) { goto errnokey; } - if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { goto errnokey; } + if ((err = ecc_generate_key(prng, &pubkey)) != CRYPT_OK) { goto errnokey; } /* find r = x1 mod n */ if ((err = mp_mod(pubkey.pubkey.x, p, r)) != CRYPT_OK) { goto error; } @@ -93,7 +92,7 @@ int ecc_sign_hash_ex(const unsigned char *in, unsigned long inlen, if (mp_iszero(r) == LTC_MP_YES) { ecc_free(&pubkey); } else { - if ((err = rand_bn_upto(b, p, prng, wprng)) != CRYPT_OK) { goto error; } /* b = blinding value */ + if ((err = rand_bn_upto(b, p, prng)) != CRYPT_OK) { goto error; } /* b = blinding value */ /* find s = (e + xr)/k */ if ((err = mp_mulmod(pubkey.k, b, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = kb */ if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/kb */ diff --git a/src/pk/ed25519/ed25519_make_key.c b/src/pk/ed25519/ed25519_make_key.c index 289313b5c..0787d2368 100644 --- a/src/pk/ed25519/ed25519_make_key.c +++ b/src/pk/ed25519/ed25519_make_key.c @@ -12,18 +12,17 @@ /** Create an Ed25519 key @param prng An active PRNG state - @param wprng The index of the PRNG desired @param key [out] Destination of a newly created private key pair @return CRYPT_OK if successful */ -int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key) +int ed25519_make_key(prng_state *prng, curve25519_key *key) { int err; LTC_ARGCHK(prng != NULL); LTC_ARGCHK(key != NULL); - if ((err = tweetnacl_crypto_sign_keypair(prng, wprng, key->pub, key->priv)) != CRYPT_OK) { + if ((err = tweetnacl_crypto_sign_keypair(prng, key->pub, key->priv)) != CRYPT_OK) { return err; } diff --git a/src/pk/pkcs1/pkcs_1_oaep_encode.c b/src/pk/pkcs1/pkcs_1_oaep_encode.c index 294583d9c..bb734653c 100644 --- a/src/pk/pkcs1/pkcs_1_oaep_encode.c +++ b/src/pk/pkcs1/pkcs_1_oaep_encode.c @@ -17,7 +17,6 @@ @param lparamlen The length of the lparam data @param modulus_bitlen The bit length of the RSA modulus @param prng An active PRNG state - @param prng_idx The index of the PRNG desired @param hash_idx The index of the hash desired @param out [out] The destination for the encoded data @param outlen [in/out] The max size and resulting size of the encoded data @@ -26,7 +25,6 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, const unsigned char *lparam, unsigned long lparamlen, unsigned long modulus_bitlen, prng_state *prng, - int prng_idx, int mgf_hash, int lparam_hash, unsigned char *out, unsigned long *outlen) { @@ -51,11 +49,6 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, lparam_hash_used = mgf_hash; } - /* valid prng */ - if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) { - return err; - } - hLen = hash_descriptor[lparam_hash_used].hashsize; modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); @@ -111,7 +104,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, } /* now choose a random seed */ - if (prng_descriptor[prng_idx].read(seed, hLen, prng) != hLen) { + if (prng->desc.read(seed, hLen, prng) != hLen) { err = CRYPT_ERROR_READPRNG; goto LBL_ERR; } diff --git a/src/pk/pkcs1/pkcs_1_pss_encode.c b/src/pk/pkcs1/pkcs_1_pss_encode.c index 2a4e3728a..2b1047843 100644 --- a/src/pk/pkcs1/pkcs_1_pss_encode.c +++ b/src/pk/pkcs1/pkcs_1_pss_encode.c @@ -15,7 +15,6 @@ @param msghashlen The length of the hash (octets) @param saltlen The length of the salt desired (octets) @param prng An active PRNG context - @param prng_idx The index of the PRNG desired @param hash_idx The index of the hash desired @param modulus_bitlen The bit length of the RSA modulus @param out [out] The destination of the encoding @@ -24,7 +23,7 @@ */ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, unsigned long saltlen, prng_state *prng, - int prng_idx, int hash_idx, + int hash_idx, unsigned long modulus_bitlen, unsigned char *out, unsigned long *outlen) { @@ -37,13 +36,10 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); - /* ensure hash and PRNG are valid */ + /* ensure hash are valid */ if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { return err; } - if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) { - return err; - } hLen = hash_descriptor[hash_idx].hashsize; modulus_bitlen--; @@ -78,7 +74,8 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, /* generate random salt */ if (saltlen > 0) { - if (prng_descriptor[prng_idx].read(salt, saltlen, prng) != saltlen) { + LTC_ARGCHK(prng != NULL); + if (prng->desc.read(salt, saltlen, prng) != saltlen) { err = CRYPT_ERROR_READPRNG; goto LBL_ERR; } diff --git a/src/pk/pkcs1/pkcs_1_v1_5_encode.c b/src/pk/pkcs1/pkcs_1_v1_5_encode.c index a21df4bfe..152d1094a 100644 --- a/src/pk/pkcs1/pkcs_1_v1_5_encode.c +++ b/src/pk/pkcs1/pkcs_1_v1_5_encode.c @@ -16,7 +16,6 @@ * \param block_type Block type to use in padding (\sa ltc_pkcs_1_v1_5_blocks) * \param modulus_bitlen The bit length of the RSA modulus * \param prng An active PRNG state (only for LTC_PKCS_1_EME) - * \param prng_idx The index of the PRNG desired (only for LTC_PKCS_1_EME) * \param out [out] The destination for the encoded data * \param outlen [in/out] The max size and resulting size of the encoded data * @@ -27,7 +26,6 @@ int pkcs_1_v1_5_encode(const unsigned char *msg, int block_type, unsigned long modulus_bitlen, prng_state *prng, - int prng_idx, unsigned char *out, unsigned long *outlen) { @@ -46,9 +44,7 @@ int pkcs_1_v1_5_encode(const unsigned char *msg, } if (block_type == LTC_PKCS_1_EME) { /* encryption padding, we need a valid PRNG */ - if ((result = prng_is_valid(prng_idx)) != CRYPT_OK) { - return result; - } + LTC_ARGCHK(prng != NULL); } modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); @@ -70,7 +66,7 @@ int pkcs_1_v1_5_encode(const unsigned char *msg, if (block_type == LTC_PKCS_1_EME) { /* now choose a random ps */ - if (prng_descriptor[prng_idx].read(ps, ps_len, prng) != ps_len) { + if (prng->desc.read(ps, ps_len, prng) != ps_len) { result = CRYPT_ERROR_READPRNG; goto bail; } @@ -78,7 +74,7 @@ int pkcs_1_v1_5_encode(const unsigned char *msg, /* transform zero bytes (if any) to non-zero random bytes */ for (i = 0; i < ps_len; i++) { while (ps[i] == 0) { - if (prng_descriptor[prng_idx].read(&ps[i], 1, prng) != 1) { + if (prng->desc.read(&ps[i], 1, prng) != 1) { result = CRYPT_ERROR_READPRNG; goto bail; } diff --git a/src/pk/rsa/rsa_encrypt_key.c b/src/pk/rsa/rsa_encrypt_key.c index 8739bb277..4dc65c4d7 100644 --- a/src/pk/rsa/rsa_encrypt_key.c +++ b/src/pk/rsa/rsa_encrypt_key.c @@ -18,7 +18,6 @@ @param lparam The system "lparam" for the encryption @param lparamlen The length of lparam (octets) @param prng An active PRNG - @param prng_idx The index of the desired prng @param hash_idx The index of the desired hash @param padding Type of padding (LTC_PKCS_1_OAEP or LTC_PKCS_1_V1_5) @param key The RSA key to encrypt to @@ -27,7 +26,7 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, const unsigned char *lparam, unsigned long lparamlen, - prng_state *prng, int prng_idx, + prng_state *prng, int mgf_hash, int lparam_hash, int padding, const rsa_key *key) @@ -46,11 +45,6 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, return CRYPT_PK_INVALID_PADDING; } - /* valid prng? */ - if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) { - return err; - } - if (padding == LTC_PKCS_1_OAEP) { /* valid hash? */ if ((err = hash_is_valid(mgf_hash)) != CRYPT_OK) { @@ -72,7 +66,7 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, /* OAEP pad the key */ x = *outlen; if ((err = pkcs_1_oaep_encode(in, inlen, lparam, - lparamlen, modulus_bitlen, prng, prng_idx, mgf_hash, + lparamlen, modulus_bitlen, prng, mgf_hash, lparam_hash, out, &x)) != CRYPT_OK) { return err; } @@ -80,7 +74,7 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, /* PKCS #1 v1.5 pad the key */ x = *outlen; if ((err = pkcs_1_v1_5_encode(in, inlen, LTC_PKCS_1_EME, - modulus_bitlen, prng, prng_idx, + modulus_bitlen, prng, out, &x)) != CRYPT_OK) { return err; } diff --git a/src/pk/rsa/rsa_make_key.c b/src/pk/rsa/rsa_make_key.c index 6bfc0419b..ac5a654ed 100644 --- a/src/pk/rsa/rsa_make_key.c +++ b/src/pk/rsa/rsa_make_key.c @@ -9,7 +9,7 @@ #ifdef LTC_MRSA -static int s_rsa_make_key(prng_state *prng, int wprng, int size, void *e, rsa_key *key) +static int s_rsa_make_key(prng_state *prng, int size, void *e, rsa_key *key) { void *p, *q, *tmp1, *tmp2; int err; @@ -18,10 +18,6 @@ static int s_rsa_make_key(prng_state *prng, int wprng, int size, void *e, rsa_ke LTC_ARGCHK(key != NULL); LTC_ARGCHK(size > 0); - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, LTC_NULL)) != CRYPT_OK) { return err; } @@ -30,14 +26,14 @@ static int s_rsa_make_key(prng_state *prng, int wprng, int size, void *e, rsa_ke /* make prime "p" */ do { - if ((err = rand_prime( p, size/2, prng, wprng)) != CRYPT_OK) { goto cleanup; } + if ((err = rand_prime( p, size/2, prng)) != CRYPT_OK) { goto cleanup; } if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = p-1 */ if ((err = mp_gcd( tmp1, e, tmp2)) != CRYPT_OK) { goto cleanup; } /* tmp2 = gcd(p-1, e) */ } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides p-1 */ /* make prime "q" */ do { - if ((err = rand_prime( q, size/2, prng, wprng)) != CRYPT_OK) { goto cleanup; } + if ((err = rand_prime( q, size/2, prng)) != CRYPT_OK) { goto cleanup; } if ((err = mp_sub_d( q, 1, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = q-1 */ if ((err = mp_gcd( tmp1, e, tmp2)) != CRYPT_OK) { goto cleanup; } /* tmp2 = gcd(q-1, e) */ } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides q-1 */ @@ -89,7 +85,7 @@ static int s_rsa_make_key(prng_state *prng, int wprng, int size, void *e, rsa_ke @param key [out] Destination of a newly created private key pair @return CRYPT_OK if successful, upon error all allocated ram is freed */ -int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key) +int rsa_make_key(prng_state *prng, int size, long e, rsa_key *key) { void *tmp_e; int err; @@ -103,7 +99,7 @@ int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key) } if ((err = mp_set_int(tmp_e, e)) == CRYPT_OK) - err = s_rsa_make_key(prng, wprng, size, tmp_e, key); + err = s_rsa_make_key(prng, size, tmp_e, key); mp_clear(tmp_e); @@ -120,7 +116,7 @@ int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key) @param key [out] Destination of a newly created private key pair @return CRYPT_OK if successful, upon error all allocated ram is freed */ -int rsa_make_key_ubin_e(prng_state *prng, int wprng, int size, +int rsa_make_key_ubin_e(prng_state *prng, int size, const unsigned char *e, unsigned long elen, rsa_key *key) { int err; @@ -131,7 +127,7 @@ int rsa_make_key_ubin_e(prng_state *prng, int wprng, int size, } if ((err = mp_read_unsigned_bin(tmp_e, (unsigned char *)e, elen)) == CRYPT_OK) - err = rsa_make_key_bn_e(prng, wprng, size, tmp_e, key); + err = rsa_make_key_bn_e(prng, size, tmp_e, key); mp_clear(tmp_e); @@ -147,14 +143,14 @@ int rsa_make_key_ubin_e(prng_state *prng, int wprng, int size, @param key [out] Destination of a newly created private key pair @return CRYPT_OK if successful, upon error all allocated ram is freed */ -int rsa_make_key_bn_e(prng_state *prng, int wprng, int size, void *e, rsa_key *key) +int rsa_make_key_bn_e(prng_state *prng, int size, void *e, rsa_key *key) { int err; int e_bits; e_bits = mp_count_bits(e); if ((e_bits > 1 && e_bits < 256) && (mp_get_digit(e, 0) & 1)) { - err = s_rsa_make_key(prng, wprng, size, e, key); + err = s_rsa_make_key(prng, size, e, key); } else { err = CRYPT_INVALID_ARG; } diff --git a/src/pk/rsa/rsa_sign_hash.c b/src/pk/rsa/rsa_sign_hash.c index aec30e2ab..b2ebbe94e 100644 --- a/src/pk/rsa/rsa_sign_hash.c +++ b/src/pk/rsa/rsa_sign_hash.c @@ -17,7 +17,6 @@ @param outlen [in/out] The max size and resulting size of the signature @param padding Type of padding (LTC_PKCS_1_PSS, LTC_PKCS_1_V1_5 or LTC_PKCS_1_V1_5_NA1) @param prng An active PRNG state - @param prng_idx The index of the PRNG desired @param hash_idx The index of the hash desired @param saltlen The length of the salt desired (octets) @param key The private RSA key to use @@ -26,7 +25,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int padding, - prng_state *prng, int prng_idx, + prng_state *prng, int hash_idx, unsigned long saltlen, const rsa_key *key) { @@ -46,10 +45,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, } if (padding == LTC_PKCS_1_PSS) { - /* valid prng ? */ - if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) { - return err; - } + LTC_ARGCHK(prng != NULL); } if (padding != LTC_PKCS_1_V1_5_NA1) { @@ -72,7 +68,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, if (padding == LTC_PKCS_1_PSS) { /* PSS pad the key */ x = *outlen; - if ((err = pkcs_1_pss_encode(in, inlen, saltlen, prng, prng_idx, + if ((err = pkcs_1_pss_encode(in, inlen, saltlen, prng, hash_idx, modulus_bitlen, out, &x)) != CRYPT_OK) { return err; } @@ -118,7 +114,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, } x = *outlen; - err = pkcs_1_v1_5_encode(tmpin, y, LTC_PKCS_1_EMSA, modulus_bitlen, NULL, 0, out, &x); + err = pkcs_1_v1_5_encode(tmpin, y, LTC_PKCS_1_EMSA, modulus_bitlen, NULL, out, &x); if (padding == LTC_PKCS_1_V1_5) { XFREE(tmpin); diff --git a/src/pk/x25519/x25519_make_key.c b/src/pk/x25519/x25519_make_key.c index a30003cc4..e50a9370b 100644 --- a/src/pk/x25519/x25519_make_key.c +++ b/src/pk/x25519/x25519_make_key.c @@ -12,22 +12,15 @@ /** Create a X25519 key @param prng An active PRNG state - @param wprng The index of the PRNG desired @param key [out] Destination of a newly created private key pair @return CRYPT_OK if successful */ -int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key) +int x25519_make_key(prng_state *prng, curve25519_key *key) { - int err; - LTC_ARGCHK(prng != NULL); LTC_ARGCHK(key != NULL); - if ((err = prng_is_valid(wprng)) != CRYPT_OK) { - return err; - } - - if (prng_descriptor[wprng].read(key->priv, sizeof(key->priv), prng) != sizeof(key->priv)) { + if (prng->desc.read(key->priv, sizeof(key->priv), prng) != sizeof(key->priv)) { return CRYPT_ERROR_READPRNG; } @@ -36,7 +29,7 @@ int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key) key->type = PK_PRIVATE; key->pka = LTC_PKA_X25519; - return err; + return CRYPT_OK; } #endif diff --git a/src/prngs/rng_make_prng.c b/src/prngs/rng_make_prng.c index bdf71ba8c..4b936ff86 100644 --- a/src/prngs/rng_make_prng.c +++ b/src/prngs/rng_make_prng.c @@ -16,7 +16,6 @@ but the imported data comes directly from the RNG. @param bits Number of bits of entropy desired (-1 or 64 ... 1024) - @param wprng Index of which PRNG to setup @param prng [out] PRNG state to initialize @param callback A pointer to a void function for when the RNG is slow, this can be NULL @return CRYPT_OK if successful @@ -24,6 +23,7 @@ int rng_make_prng(int bits, prng_state *prng, void (*callback)(void)) { + int (*import_entropy)(const unsigned char*, unsigned long, prng_state*); unsigned char* buf; unsigned long bytes; int err; @@ -32,10 +32,12 @@ int rng_make_prng(int bits, prng_state *prng, if (bits == -1) { bytes = prng->desc.export_size; + import_entropy = prng->desc.pimport; } else if (bits < 64 || bits > 1024) { return CRYPT_INVALID_PRNGSIZE; } else { bytes = (unsigned long)((bits+7)/8) * 2; + import_entropy = prng->desc.add_entropy; } if ((err = prng->desc.start(prng)) != CRYPT_OK) { @@ -52,14 +54,8 @@ int rng_make_prng(int bits, prng_state *prng, goto LBL_ERR; } - if (bits == -1) { - if ((err = prng->desc.pimport(buf, bytes, prng)) != CRYPT_OK) { - goto LBL_ERR; - } - } else { - if ((err = prng->desc.add_entropy(buf, bytes, prng)) != CRYPT_OK) { - goto LBL_ERR; - } + if ((err = import_entropy(buf, bytes, prng)) != CRYPT_OK) { + goto LBL_ERR; } if ((err = prng->desc.ready(prng)) != CRYPT_OK) { goto LBL_ERR; diff --git a/tests/dh_test.c b/tests/dh_test.c index 08f38027c..2c785a40f 100644 --- a/tests/dh_test.c +++ b/tests/dh_test.c @@ -118,7 +118,7 @@ static int s_dhparam_test(void) }; DO(dh_set_pg_dhparam(dhparam_der, sizeof(dhparam_der), &k)); - DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &k)); + DO(dh_generate_key(&yarrow_prng, &k)); if (mp_unsigned_bin_size(k.prime) > sizeof(buf)) { printf("dhparam_test: short buf\n"); dh_free(&k); @@ -294,7 +294,7 @@ static int s_set_test(void) dh_free(&k2); DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k3)); - DO(dh_generate_key(&yarrow_prng, find_prng("yarrow"), &k3)); + DO(dh_generate_key(&yarrow_prng, &k3)); len = mp_unsigned_bin_size(k3.prime); DO(mp_to_unsigned_bin(k3.prime, buf)); @@ -320,9 +320,9 @@ static int s_basic_test(void) /* make up two keys */ DO(dh_set_pg_groupsize(KEYSIZE/8, &usera)); - DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &usera)); + DO(dh_generate_key(&yarrow_prng, &usera)); DO(dh_set_pg_groupsize(KEYSIZE/8, &userb)); - DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &userb)); + DO(dh_generate_key(&yarrow_prng, &userb)); /* make the shared secret */ x = KEYSIZE; @@ -370,7 +370,7 @@ static int s_basic_test(void) if ((strcmp(ltc_mp.name, "TomsFastMath") == 0) && (ltc_dh_sets[x].size > 256)) break; DO(dh_set_pg_groupsize(ltc_dh_sets[x].size, &usera)); - DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &usera)); + DO(dh_generate_key(&yarrow_prng, &usera)); size = dh_get_groupsize(&usera); dh_free(&usera); if (size != ltc_dh_sets[x].size) { diff --git a/tests/dsa_test.c b/tests/dsa_test.c index 18ade7e6f..df6210b0b 100644 --- a/tests/dsa_test.c +++ b/tests/dsa_test.c @@ -207,7 +207,7 @@ static int s_dsa_compat_test(void) /* try import dsaparam */ DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key)); - DO(dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key)); + DO(dsa_generate_key(&yarrow_prng, &key)); /* verify it */ DO(dsa_verify_key(&key, &stat)); if (stat == 0) { @@ -326,8 +326,8 @@ int dsa_test(void) DO(s_dsa_wycheproof_test()); /* make a random key */ - DO(dsa_generate_pqg(&yarrow_prng, find_prng("yarrow"), 20, 128, &key)); - DO(dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key)); + DO(dsa_generate_pqg(&yarrow_prng, 20, 128, &key)); + DO(dsa_generate_key(&yarrow_prng, &key)); /* verify it */ DO(dsa_verify_key(&key, &stat1)); @@ -336,7 +336,7 @@ int dsa_test(void) /* encrypt a message */ for (ch = 0; ch < 16; ch++) { msg[ch] = ch; } x = sizeof(out); - DO(dsa_encrypt_key(msg, 16, out, &x, &yarrow_prng, find_prng("yarrow"), find_hash("sha1"), &key)); + DO(dsa_encrypt_key(msg, 16, out, &x, &yarrow_prng, find_hash("sha1"), &key)); /* decrypt */ y = sizeof(out2); @@ -349,7 +349,7 @@ int dsa_test(void) /* sign the message */ x = sizeof(out); - DO(dsa_sign_hash(msg, sizeof(msg), out, &x, &yarrow_prng, find_prng("yarrow"), &key)); + DO(dsa_sign_hash(msg, sizeof(msg), out, &x, &yarrow_prng, &key)); /* verify it once */ DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key)); diff --git a/tests/ecc_test.c b/tests/ecc_test.c index 869fa10d9..084d6e15b 100644 --- a/tests/ecc_test.c +++ b/tests/ecc_test.c @@ -230,7 +230,7 @@ static int s_ecc_issue630(void) ecc_sizes(&low, &high); - DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), high, &key)); + DO(ecc_make_key (&yarrow_prng, high, &key)); if (yarrow_read(protected_buffer, sizeof(protected_buffer), &yarrow_prng) != sizeof(protected_buffer)) { return CRYPT_ERROR_READPRNG; } @@ -408,8 +408,8 @@ static int s_ecc_old_api(void) for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) { /* make up two keys */ - DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera)); - DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb)); + DO(ecc_make_key (&yarrow_prng, sizes[s], &usera)); + DO(ecc_make_key (&yarrow_prng, sizes[s], &userb)); if (ecc_get_size(&usera) != (int)sizes[s]) return CRYPT_FAIL_TESTVECTOR; if (ecc_get_size(&userb) != (int)sizes[s]) return CRYPT_FAIL_TESTVECTOR; @@ -467,7 +467,7 @@ static int s_ecc_old_api(void) ecc_free (&userb); /* test encrypt_key */ - DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera)); + DO(ecc_make_key (&yarrow_prng, sizes[s], &usera)); /* export key */ x = sizeof(buf[0]); @@ -481,7 +481,7 @@ static int s_ecc_old_api(void) buf[0][ch] = ch; } y = sizeof (buf[1]); - DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_prng ("yarrow"), find_hash ("sha256"), &pubKey)); + DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_hash ("sha256"), &pubKey)); zeromem (buf[0], sizeof (buf[0])); x = sizeof (buf[0]); DO(ecc_decrypt_key (buf[1], y, buf[0], &x, &privKey)); @@ -500,7 +500,7 @@ static int s_ecc_old_api(void) buf[0][ch] = ch; } x = sizeof (buf[1]); - DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey)); + DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, &privKey)); DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey)); buf[0][0] ^= 1; DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey)); @@ -513,7 +513,7 @@ static int s_ecc_old_api(void) buf[0][ch] = ch; } x = sizeof (buf[1]); - DO(ecc_sign_hash_rfc7518(buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey)); + DO(ecc_sign_hash_rfc7518(buf[0], 16, buf[1], &x, &yarrow_prng, &privKey)); DO(ecc_verify_hash_rfc7518(buf[1], x, buf[0], 16, &stat, &pubKey)); buf[0][0] ^= 1; DO(ecc_verify_hash_rfc7518(buf[1], x, buf[0], 16, &stat2, &privKey)); @@ -560,7 +560,7 @@ static int s_ecc_new_api(void) for (i = 0; i < (int)(sizeof(curvenames)/sizeof(curvenames[0])); i++) { DO(ecc_find_curve(curvenames[i], &dp)); /* make new key */ - DO(ecc_make_key_ex(&yarrow_prng, find_prng ("yarrow"), &key, dp)); + DO(ecc_make_key_ex(&yarrow_prng, &key, dp)); len = sizeof(buf); DO(ecc_export(buf, &len, PK_PRIVATE, &key)); DO(ecc_import_ex(buf, len, &privkey, dp)); @@ -577,7 +577,7 @@ static int s_ecc_new_api(void) /* generate new key */ DO(ecc_set_curve(dp, &key)); - DO(ecc_generate_key(&yarrow_prng, find_prng ("yarrow"), &key)); + DO(ecc_generate_key(&yarrow_prng, &key)); len = sizeof(buf); DO(ecc_get_key(buf, &len, PK_PRIVATE, &key)); ecc_free(&key); @@ -608,7 +608,7 @@ static int s_ecc_new_api(void) /* test signature */ len = sizeof(buf); - DO(ecc_sign_hash(data16, 16, buf, &len, &yarrow_prng, find_prng ("yarrow"), &privkey)); + DO(ecc_sign_hash(data16, 16, buf, &len, &yarrow_prng, &privkey)); stat = 0; DO(ecc_verify_hash(buf, len, data16, 16, &stat, &pubkey)); if (stat != 1) return CRYPT_FAIL_TESTVECTOR; @@ -616,7 +616,7 @@ static int s_ecc_new_api(void) #ifdef LTC_SSH /* test SSH+ECDSA/RFC5656 signature */ len = sizeof(buf); - DO(ecc_sign_hash_ex(data16, 16, buf, &len, &yarrow_prng, find_prng ("yarrow"), + DO(ecc_sign_hash_ex(data16, 16, buf, &len, &yarrow_prng, LTC_ECCSIG_RFC5656, NULL, &privkey)); stat = 0; DO(ecc_verify_hash_ex(buf, len, data16, 16, LTC_ECCSIG_RFC5656, &stat, &pubkey)); @@ -630,7 +630,7 @@ static int s_ecc_new_api(void) ecc_key reckey; /* test recovery */ len = sizeof(buf); - DO(ecc_sign_hash(data16, 16, buf, &len, &yarrow_prng, find_prng ("yarrow"), &privkey)); + DO(ecc_sign_hash(data16, 16, buf, &len, &yarrow_prng, &privkey)); DO(ecc_set_curve(dp, &reckey)); for (j = 0; j < 2*(1+(int)privkey.dp.cofactor); j++) { stat = ecc_recover_key(buf, len, data16, 16, j, LTC_ECCSIG_ANSIX962, &reckey); @@ -645,7 +645,7 @@ static int s_ecc_new_api(void) /* test encryption */ len = sizeof(buf); - DO(ecc_encrypt_key(data16, 16, buf, &len, &yarrow_prng, find_prng("yarrow"), find_hash("sha256"), &pubkey)); + DO(ecc_encrypt_key(data16, 16, buf, &len, &yarrow_prng, find_hash("sha256"), &pubkey)); zeromem(data16, 16); len16 = 16; DO(ecc_decrypt_key(buf, len, data16, &len16, &privkey)); @@ -1573,7 +1573,7 @@ static int s_ecc_test_recovery(void) /* generate new key */ DO(ecc_set_curve(dp, &key)); - DO(ecc_generate_key(&yarrow_prng, find_prng ("yarrow"), &key)); + DO(ecc_generate_key(&yarrow_prng, &key)); /* export private key */ len = sizeof(buf); @@ -1596,7 +1596,7 @@ static int s_ecc_test_recovery(void) /* test signature */ len = sizeof(buf); recid = 0; - DO(ecc_sign_hash_ex(data16, 16, buf, &len, &yarrow_prng, find_prng ("yarrow"), LTC_ECCSIG_RFC7518, &recid, &privkey)); + DO(ecc_sign_hash_ex(data16, 16, buf, &len, &yarrow_prng, LTC_ECCSIG_RFC7518, &recid, &privkey)); /* test verification */ stat = 0; diff --git a/tests/ed25519_test.c b/tests/ed25519_test.c index d2e432165..7198a0af7 100644 --- a/tests/ed25519_test.c +++ b/tests/ed25519_test.c @@ -405,7 +405,7 @@ int ed25519_test(void) int ret; curve25519_key key; - if ((ret = ed25519_make_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) { + if ((ret = ed25519_make_key(&yarrow_prng, &key)) != CRYPT_OK) { return ret; } diff --git a/tests/no_prng.c b/tests/no_prng.c index 81d1adbf9..e207d9ff4 100644 --- a/tests/no_prng.c +++ b/tests/no_prng.c @@ -13,7 +13,7 @@ typedef struct { - struct ltc_prng_descriptor desc; + prng_state state; char name[64]; unsigned char entropy[1024]; unsigned long len; @@ -32,7 +32,6 @@ static int no_prng_start(prng_state *prng) LTC_ARGCHK(no_prng->name == (char*)no_prng + offsetof(no_prng_desc_t, name)); no_prng->len = 0; no_prng->offset = 0; - return CRYPT_OK; } @@ -155,26 +154,26 @@ static const struct ltc_prng_descriptor no_prng_desc = &no_prng_test }; -struct ltc_prng_descriptor* no_prng_desc_get(void) +prng_state* no_prng_desc_get(void) { int ret; no_prng_desc_t* no_prng = XMALLOC(sizeof(*no_prng)); if (no_prng == NULL) return NULL; - XMEMCPY(&no_prng->desc, &no_prng_desc, sizeof(no_prng_desc)); + XMEMCPY(&no_prng->state.desc, &no_prng_desc, sizeof(no_prng_desc)); ret = snprintf(no_prng->name, sizeof(no_prng->name), "no_prng@%p", no_prng); if((ret >= (int)sizeof(no_prng->name)) || (ret == -1)) { XFREE(no_prng); return NULL; } - no_prng->desc.name = no_prng->name; - return &no_prng->desc; + no_prng->state.desc.name = no_prng->name; + return &no_prng->state; } -void no_prng_desc_free(struct ltc_prng_descriptor* prng) +void no_prng_desc_free(prng_state* prng) { no_prng_desc_t *no_prng = (no_prng_desc_t*) prng; LTC_ARGCHKVD(no_prng != NULL); - LTC_ARGCHKVD(no_prng->name == (char*)no_prng + offsetof(no_prng_desc_t, name)); + LTC_ARGCHKVD(no_prng->state.desc.name == (char*)no_prng + offsetof(no_prng_desc_t, name)); XFREE(no_prng); } diff --git a/tests/pkcs_1_eme_test.c b/tests/pkcs_1_eme_test.c index 09d7c6da3..2825fa75d 100644 --- a/tests/pkcs_1_eme_test.c +++ b/tests/pkcs_1_eme_test.c @@ -10,15 +10,13 @@ int pkcs_1_eme_test(void) { - struct ltc_prng_descriptor* no_prng_desc = no_prng_desc_get(); - int prng_idx = register_prng(no_prng_desc); + prng_state* no_prng_desc = no_prng_desc_get(); int hash_idx = find_hash("sha1"); unsigned int i; unsigned int j; if (ltc_mp.name == NULL) return CRYPT_NOP; - DO(prng_is_valid(prng_idx)); DO(hash_is_valid(hash_idx)); for (i = 0; i < sizeof(testcases_eme)/sizeof(testcases_eme[0]); ++i) { @@ -42,8 +40,8 @@ int pkcs_1_eme_test(void) unsigned char buf[256], obuf[256]; unsigned long buflen = sizeof(buf), obuflen = sizeof(obuf); int stat; - prng_descriptor[prng_idx].add_entropy(s->o2, s->o2_l, (void*)no_prng_desc); - DOX(rsa_encrypt_key_ex(s->o1, s->o1_l, obuf, &obuflen, NULL, 0, (void*)no_prng_desc, prng_idx, -1, -1, LTC_PKCS_1_V1_5, key), s->name); + no_prng_desc->desc.add_entropy(s->o2, s->o2_l, no_prng_desc); + DOX(rsa_encrypt_key_ex(s->o1, s->o1_l, obuf, &obuflen, NULL, 0, (void*)no_prng_desc, -1, -1, LTC_PKCS_1_V1_5, key), s->name); COMPARE_TESTVECTOR(obuf, obuflen, s->o3, s->o3_l,s->name, j); DOX(rsa_decrypt_key_ex(obuf, obuflen, buf, &buflen, NULL, 0, -1, -1, LTC_PKCS_1_V1_5, &stat, key), s->name); DOX(stat == 1?CRYPT_OK:CRYPT_FAIL_TESTVECTOR, s->name); @@ -52,7 +50,6 @@ int pkcs_1_eme_test(void) mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, LTC_NULL); } /* for */ - unregister_prng(no_prng_desc); no_prng_desc_free(no_prng_desc); return 0; diff --git a/tests/pkcs_1_emsa_test.c b/tests/pkcs_1_emsa_test.c index 7f486bb75..09807eb84 100644 --- a/tests/pkcs_1_emsa_test.c +++ b/tests/pkcs_1_emsa_test.c @@ -40,7 +40,7 @@ int pkcs_1_emsa_test(void) unsigned long buflen = sizeof(buf), obuflen = sizeof(obuf); int stat; DOX(hash_memory(hash_idx, s->o1, s->o1_l, buf, &buflen), s->name); - DOX(rsa_sign_hash_ex(buf, buflen, obuf, &obuflen, LTC_PKCS_1_V1_5, NULL, -1, hash_idx, 0, key), s->name); + DOX(rsa_sign_hash_ex(buf, buflen, obuf, &obuflen, LTC_PKCS_1_V1_5, NULL, hash_idx, 0, key), s->name); COMPARE_TESTVECTOR(obuf, obuflen, s->o2, s->o2_l,s->name, j); DOX(rsa_verify_hash_ex(obuf, obuflen, buf, buflen, LTC_PKCS_1_V1_5, hash_idx, 0, &stat, key), s->name); DOX(stat == 1?CRYPT_OK:CRYPT_FAIL_TESTVECTOR, s->name); diff --git a/tests/pkcs_1_oaep_test.c b/tests/pkcs_1_oaep_test.c index 739105321..279e127d7 100644 --- a/tests/pkcs_1_oaep_test.c +++ b/tests/pkcs_1_oaep_test.c @@ -10,15 +10,13 @@ int pkcs_1_oaep_test(void) { - struct ltc_prng_descriptor* no_prng_desc = no_prng_desc_get(); - int prng_idx = register_prng(no_prng_desc); + prng_state* no_prng_desc = no_prng_desc_get(); int hash_idx = find_hash("sha1"); unsigned int i; unsigned int j; if (ltc_mp.name == NULL) return CRYPT_NOP; - DO(prng_is_valid(prng_idx)); DO(hash_is_valid(hash_idx)); for (i = 0; i < sizeof(testcases_oaep)/sizeof(testcases_oaep[0]); ++i) { @@ -42,8 +40,8 @@ int pkcs_1_oaep_test(void) unsigned char buf[256], obuf[256]; unsigned long buflen = sizeof(buf), obuflen = sizeof(obuf); int stat; - prng_descriptor[prng_idx].add_entropy(s->o2, s->o2_l, (void*)no_prng_desc); - DOX(rsa_encrypt_key(s->o1, s->o1_l, obuf, &obuflen, NULL, 0, (void*)no_prng_desc, prng_idx, hash_idx, key), s->name); + no_prng_desc->desc.add_entropy(s->o2, s->o2_l, no_prng_desc); + DOX(rsa_encrypt_key(s->o1, s->o1_l, obuf, &obuflen, NULL, 0, (void*)no_prng_desc, hash_idx, key), s->name); COMPARE_TESTVECTOR(obuf, obuflen, s->o3, s->o3_l,s->name, j); DOX(rsa_decrypt_key(obuf, obuflen, buf, &buflen, NULL, 0, hash_idx, &stat, key), s->name); DOX(stat == 1?CRYPT_OK:CRYPT_FAIL_TESTVECTOR, s->name); @@ -52,7 +50,6 @@ int pkcs_1_oaep_test(void) mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, LTC_NULL); } /* for */ - unregister_prng(no_prng_desc); no_prng_desc_free(no_prng_desc); return 0; diff --git a/tests/pkcs_1_pss_test.c b/tests/pkcs_1_pss_test.c index 82bdb0767..4cabf8ae2 100644 --- a/tests/pkcs_1_pss_test.c +++ b/tests/pkcs_1_pss_test.c @@ -10,15 +10,13 @@ int pkcs_1_pss_test(void) { - struct ltc_prng_descriptor* no_prng_desc = no_prng_desc_get(); - int prng_idx = register_prng(no_prng_desc); + prng_state* no_prng_state = no_prng_desc_get(); int hash_idx = find_hash("sha1"); unsigned int i; unsigned int j; if (ltc_mp.name == NULL) return CRYPT_NOP; - DO(prng_is_valid(prng_idx)); DO(hash_is_valid(hash_idx)); for (i = 0; i < sizeof(testcases_pss)/sizeof(testcases_pss[0]); ++i) { @@ -42,9 +40,9 @@ int pkcs_1_pss_test(void) unsigned char buf[20], obuf[256]; unsigned long buflen = sizeof(buf), obuflen = sizeof(obuf); int stat; - prng_descriptor[prng_idx].add_entropy(s->o2, s->o2_l, (void*)no_prng_desc); + no_prng_state->desc.add_entropy(s->o2, s->o2_l, no_prng_state); DOX(hash_memory(hash_idx, s->o1, s->o1_l, buf, &buflen), s->name); - DOX(rsa_sign_hash(buf, buflen, obuf, &obuflen, (void*)no_prng_desc, prng_idx, hash_idx, s->o2_l, key), s->name); + DOX(rsa_sign_hash(buf, buflen, obuf, &obuflen, (void*)no_prng_state, hash_idx, s->o2_l, key), s->name); COMPARE_TESTVECTOR(obuf, obuflen, s->o3, s->o3_l,s->name, j); DOX(rsa_verify_hash(obuf, obuflen, buf, buflen, hash_idx, s->o2_l, &stat, key), s->name); DOX(stat == 1?CRYPT_OK:CRYPT_FAIL_TESTVECTOR, s->name); @@ -53,8 +51,7 @@ int pkcs_1_pss_test(void) mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, LTC_NULL); } /* for */ - unregister_prng(no_prng_desc); - no_prng_desc_free(no_prng_desc); + no_prng_desc_free(no_prng_state); return 0; } diff --git a/tests/pkcs_1_test.c b/tests/pkcs_1_test.c index de0f7d307..2532da80e 100644 --- a/tests/pkcs_1_test.c +++ b/tests/pkcs_1_test.c @@ -13,16 +13,15 @@ int pkcs_1_test(void) { unsigned char buf[3][128]; - int res1, res2, res3, prng_idx, hash_idx; + int res1, res2, res3, hash_idx; unsigned long x, y, l1, l2, l3, i1, lparamlen, saltlen, modlen; static const unsigned char lparam[] = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16 }; /* get hash/prng */ hash_idx = find_hash("sha1"); - prng_idx = find_prng("yarrow"); - if (hash_idx == -1 || prng_idx == -1) { - fprintf(stderr, "pkcs_1 tests require sha1/yarrow"); + if (hash_idx == -1) { + fprintf(stderr, "pkcs_1 tests require sha1"); return 1; } @@ -46,7 +45,7 @@ int pkcs_1_test(void) /* encode it */ l1 = sizeof(buf[1]); - DO(pkcs_1_oaep_encode(buf[0], l3, lparam, lparamlen, modlen, &yarrow_prng, prng_idx, hash_idx, -1, buf[1], &l1)); + DO(pkcs_1_oaep_encode(buf[0], l3, lparam, lparamlen, modlen, &yarrow_prng, hash_idx, -1, buf[1], &l1)); /* decode it */ l2 = sizeof(buf[2]); @@ -68,7 +67,7 @@ int pkcs_1_test(void) /* test PSS */ l1 = sizeof(buf[1]); - DO(pkcs_1_pss_encode(buf[0], l3, saltlen, &yarrow_prng, prng_idx, hash_idx, modlen, buf[1], &l1)); + DO(pkcs_1_pss_encode(buf[0], l3, saltlen, &yarrow_prng, hash_idx, modlen, buf[1], &l1)); DO(pkcs_1_pss_decode(buf[0], l3, buf[1], l1, saltlen, hash_idx, modlen, &res1)); buf[0][i1 = abs(rand()) % l3] ^= 1; diff --git a/tests/prng_test.c b/tests/prng_test.c index 15448dd8e..0c2e0911c 100644 --- a/tests/prng_test.c +++ b/tests/prng_test.c @@ -28,6 +28,31 @@ int prng_test(void) unsigned long n, one; prng_state nprng; + typedef int (*fp_prng_start)(prng_state*); + char name[2] = { 0 }; + + fp_prng_start prng_start[] = { +#ifdef LTC_YARROW + yarrow_start, +#endif +#ifdef LTC_FORTUNA + fortuna_start, +#endif +#ifdef LTC_RC4 + rc4_start, +#endif +#ifdef LTC_CHACHA20_PRNG + chacha20_prng_start, +#endif +#ifdef LTC_SOBER128 + sober128_start, +#endif +#ifdef LTC_SPRNG + sprng_start, +#endif + NULL + }; + #ifdef LTC_PRNG_ENABLE_LTC_RNG unsigned long before; @@ -51,33 +76,34 @@ int prng_test(void) #endif /* test prngs (test, import/export) */ - for (x = 0; prng_descriptor[x].name != NULL; x++) { - if(strstr(prng_descriptor[x].name, "no_prng") == prng_descriptor[x].name) continue; - DOX(prng_descriptor[x].test(), prng_descriptor[x].name); - DOX(prng_descriptor[x].start(&nprng), prng_descriptor[x].name); - DOX(prng_descriptor[x].add_entropy((unsigned char *)"helloworld12", 12, &nprng), prng_descriptor[x].name); - DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name); + for (x = 0; prng_start[x] != NULL; x++) { + name[0] = '0' + (unsigned)x; + DOX(prng_start[x](&nprng), name); + DOX(nprng.desc.test(), nprng.desc.name); + DOX(nprng.desc.add_entropy((unsigned char *)"helloworld12", 12, &nprng), nprng.desc.name); + DOX(nprng.desc.ready(&nprng), nprng.desc.name); n = sizeof(buf); - if (strcmp(prng_descriptor[x].name, "sprng")) { + if (strcmp(nprng.desc.name, "sprng")) { one = 1; - if (prng_descriptor[x].pexport(buf, &one, &nprng) != CRYPT_BUFFER_OVERFLOW) { - fprintf(stderr, "Error testing pexport with a short buffer (%s)\n", prng_descriptor[x].name); + if (nprng.desc.pexport(buf, &one, &nprng) != CRYPT_BUFFER_OVERFLOW) { + fprintf(stderr, "Error testing pexport with a short buffer (%s)\n", nprng.desc.name); return CRYPT_ERROR; } } - DOX(prng_descriptor[x].pexport(buf, &n, &nprng), prng_descriptor[x].name); - prng_descriptor[x].done(&nprng); - DOX(prng_descriptor[x].pimport(buf, n, &nprng), prng_descriptor[x].name); - DOX(prng_descriptor[x].pimport(buf, sizeof(buf), &nprng), prng_descriptor[x].name); /* try to import larger data */ - DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name); - if (prng_descriptor[x].read(buf, 100, &nprng) != 100) { - fprintf(stderr, "Error reading from imported PRNG (%s)!\n", prng_descriptor[x].name); + DOX(nprng.desc.pexport(buf, &n, &nprng), nprng.desc.name); + nprng.desc.done(&nprng); + DOX(nprng.desc.pimport(buf, n, &nprng), nprng.desc.name); + DOX(nprng.desc.pimport(buf, sizeof(buf), &nprng), nprng.desc.name); /* try to import larger data */ + DOX(nprng.desc.ready(&nprng), nprng.desc.name); + if (nprng.desc.read(buf, 100, &nprng) != 100) { + fprintf(stderr, "Error reading from imported PRNG (%s)!\n", nprng.desc.name); return CRYPT_ERROR; } - prng_descriptor[x].done(&nprng); + nprng.desc.done(&nprng); } - if ((err = rng_make_prng(-1, find_prng("yarrow"), &nprng, NULL)) != CRYPT_OK) { + DO(yarrow_start(&nprng)); + if ((err = rng_make_prng(-1, &nprng, NULL)) != CRYPT_OK) { fprintf(stderr, "rng_make_prng(-1,..) with 'yarrow' failed: %s\n", error_to_string(err)); } DO(yarrow_done(&nprng)); diff --git a/tests/rsa_test.c b/tests/rsa_test.c index 266d395d7..fed00fa3e 100644 --- a/tests/rsa_test.c +++ b/tests/rsa_test.c @@ -191,7 +191,7 @@ static int rsa_compat_test(void) /* sign-verify a message with PKCS #1 v1.5 no ASN.1 */ len = sizeof(buf); - DO(rsa_sign_hash_ex((unsigned char*)"test", 4, buf, &len, LTC_PKCS_1_V1_5_NA1, NULL, 0, 0, 0, &key)); + DO(rsa_sign_hash_ex((unsigned char*)"test", 4, buf, &len, LTC_PKCS_1_V1_5_NA1, NULL, 0, 0, &key)); if (len != sizeof(openssl_rsautl_pkcs) || memcmp(buf, openssl_rsautl_pkcs, len)) { fprintf(stderr, "RSA rsa_sign_hash_ex + LTC_PKCS_1_V1_5_NA1 failed\n"); return 1; @@ -338,13 +338,13 @@ static int s_rsa_cryptx_issue_69(void) return CRYPT_OK; } -static int s_rsa_issue_301(int prng_idx) +static int s_rsa_issue_301(void) { rsa_key key, key_in; unsigned char buf[4096]; unsigned long len; - DO(rsa_make_key(&yarrow_prng, prng_idx, sizeof(buf)/8, 65537, &key)); + DO(rsa_make_key(&yarrow_prng, sizeof(buf)/8, 65537, &key)); len = sizeof(buf); DO(rsa_export(buf, &len, PK_PRIVATE, &key)); @@ -371,7 +371,7 @@ static int s_rsa_issue_301(int prng_idx) return CRYPT_OK; } -static int s_rsa_public_ubin_e(int prng_idx) +static int s_rsa_public_ubin_e(void) { rsa_key key; unsigned char e[32] = {0}; @@ -379,7 +379,7 @@ static int s_rsa_public_ubin_e(int prng_idx) /* Check public exponent too small */ e[elen - 1] = 1; - SHOULD_FAIL_WITH(rsa_make_key_ubin_e(&yarrow_prng, prng_idx, 128, e, elen, &key), + SHOULD_FAIL_WITH(rsa_make_key_ubin_e(&yarrow_prng, 128, e, elen, &key), CRYPT_INVALID_ARG); /* @@ -398,19 +398,19 @@ static int s_rsa_public_ubin_e(int prng_idx) /* Check public exponent overflow */ /* Set high bit of MSB set to get 256 bits, to get e overflow */ e[0] |= 0x80; - SHOULD_FAIL_WITH(rsa_make_key_ubin_e(&yarrow_prng, prng_idx, 128, e, elen, &key), + SHOULD_FAIL_WITH(rsa_make_key_ubin_e(&yarrow_prng, 128, e, elen, &key), CRYPT_INVALID_ARG); /* Check public exponent not odd but e value < 256 bits */ e[elen - 1] &= ~0x1; e[0] &= ~0x80; - SHOULD_FAIL_WITH(rsa_make_key_ubin_e(&yarrow_prng, prng_idx, 128, e, elen, &key), + SHOULD_FAIL_WITH(rsa_make_key_ubin_e(&yarrow_prng, 128, e, elen, &key), CRYPT_INVALID_ARG); /* Ensure that public exponent is odd value and e value < 256 bits */ e[elen - 1] |= 0x1; - DO(rsa_make_key_ubin_e(&yarrow_prng, prng_idx, 128, e, elen, &key)); + DO(rsa_make_key_ubin_e(&yarrow_prng, 128, e, elen, &key)); rsa_free(&key); return CRYPT_OK; @@ -452,7 +452,7 @@ int rsa_test(void) { unsigned char in[1024], out[1024], tmp[3072]; rsa_key key, privKey, pubKey; - int hash_idx, prng_idx, stat, stat2, i, mgf_hash, label_hash; + int hash_idx, stat, stat2, i, mgf_hash, label_hash; unsigned long rsa_msgsize, len, len2, len3, cnt, cnt2, max_msgsize; static unsigned char lparam[] = { 0x01, 0x02, 0x03, 0x04 }; void* dP; @@ -467,9 +467,8 @@ int rsa_test(void) } hash_idx = find_hash("sha1"); - prng_idx = find_prng("yarrow"); - if (hash_idx == -1 || prng_idx == -1) { - fprintf(stderr, "rsa_test requires LTC_SHA1 and yarrow"); + if (hash_idx == -1) { + fprintf(stderr, "rsa_test requires SHA1"); return 1; } @@ -481,12 +480,12 @@ int rsa_test(void) #endif DO(s_rsa_cryptx_issue_69()); - DO(s_rsa_issue_301(prng_idx)); - DO(s_rsa_public_ubin_e(prng_idx)); + DO(s_rsa_issue_301()); + DO(s_rsa_public_ubin_e()); /* make 10 random key */ for (cnt = 0; cnt < 10; cnt++) { - DO(rsa_make_key(&yarrow_prng, prng_idx, 1024/8, 65537, &key)); + DO(rsa_make_key(&yarrow_prng, 1024/8, 65537, &key)); if (mp_count_bits(key.N) != 1024) { fprintf(stderr, "rsa_1024 key modulus has %d bits\n", mp_count_bits(key.N)); @@ -535,7 +534,7 @@ print_hex("q", tmp, len); len = sizeof(out); len2 = rsa_msgsize; - DO(rsa_encrypt_key_ex(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, mgf_hash, label_hash, LTC_PKCS_1_OAEP, &key)); + DO(rsa_encrypt_key_ex(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, mgf_hash, label_hash, LTC_PKCS_1_OAEP, &key)); /* change a byte */ out[8] ^= 1; SHOULD_FAIL(rsa_decrypt_key_ex(out, len, tmp, &len2, NULL, 0, mgf_hash, label_hash, LTC_PKCS_1_OAEP, &stat2, &key)); @@ -553,7 +552,7 @@ print_hex("q", tmp, len); for (rsa_msgsize = 0; rsa_msgsize <= max_msgsize; rsa_msgsize++) { len = sizeof(out); len2 = rsa_msgsize; - DO(rsa_encrypt_key_ex(rsa_msgsize ? in : NULL, rsa_msgsize, out, &len, lparam, sizeof(lparam), &yarrow_prng, prng_idx, mgf_hash, label_hash, LTC_PKCS_1_OAEP, &key)); + DO(rsa_encrypt_key_ex(rsa_msgsize ? in : NULL, rsa_msgsize, out, &len, lparam, sizeof(lparam), &yarrow_prng, mgf_hash, label_hash, LTC_PKCS_1_OAEP, &key)); /* change a byte */ out[8] ^= 1; SHOULD_FAIL(rsa_decrypt_key_ex(out, len, tmp, &len2, lparam, sizeof(lparam), mgf_hash, label_hash, LTC_PKCS_1_OAEP, &stat2, &key)); @@ -577,7 +576,7 @@ print_hex("q", tmp, len); for (rsa_msgsize = 0; rsa_msgsize <= 117; rsa_msgsize++) { len = sizeof(out); len2 = rsa_msgsize; - DO(rsa_encrypt_key_ex(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, 0, -1, LTC_PKCS_1_V1_5, &key)); + DO(rsa_encrypt_key_ex(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, 0, -1, LTC_PKCS_1_V1_5, &key)); len2 = rsa_msgsize; DO(rsa_decrypt_key_ex(out, len, tmp, &len2, NULL, 0, 0, -1, LTC_PKCS_1_V1_5, &stat, &key)); @@ -587,7 +586,7 @@ print_hex("q", tmp, len); /* sign a message (unsalted, lower cholestorol and Atkins approved) now */ len = sizeof(out); - DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 0, &key)); + DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, hash_idx, 0, &key)); /* export key and import as both private and public */ len2 = sizeof(tmp); @@ -667,7 +666,7 @@ print_hex("q", tmp, len); /* sign a message (salted) now (use privKey to make, pubKey to verify) */ len = sizeof(out); - DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 8, &privKey)); + DO(rsa_sign_hash(in, 20, out, &len, &yarrow_prng, hash_idx, 8, &privKey)); DO(rsa_verify_hash(out, len, in, 20, hash_idx, 8, &stat, &pubKey)); /* change a byte */ in[0] ^= 1; @@ -683,7 +682,7 @@ print_hex("q", tmp, len); /* sign a message with PKCS #1 v1.5 */ len = sizeof(out); - DO(rsa_sign_hash_ex(in, 20, out, &len, LTC_PKCS_1_V1_5, &yarrow_prng, prng_idx, hash_idx, 8, &privKey)); + DO(rsa_sign_hash_ex(in, 20, out, &len, LTC_PKCS_1_V1_5, &yarrow_prng, hash_idx, 8, &privKey)); DO(rsa_verify_hash_ex(out, len, in, 20, LTC_PKCS_1_V1_5, hash_idx, 8, &stat, &pubKey)); /* change a byte */ in[0] ^= 1; @@ -720,7 +719,7 @@ print_hex("q", tmp, len); len = sizeof(in); len2 = sizeof(out); /* (1) */ - DO(rsa_sign_hash_ex(p, 20, p2, &len2, LTC_PKCS_1_V1_5, &yarrow_prng, prng_idx, hash_idx, 8, &privKey)); + DO(rsa_sign_hash_ex(p, 20, p2, &len2, LTC_PKCS_1_V1_5, &yarrow_prng, hash_idx, 8, &privKey)); /* (2) */ DOX(rsa_verify_hash_ex(p2, len2, p, 20, LTC_PKCS_1_V1_5, hash_idx, -1, &stat, &pubKey), "should succeed"); DOX(stat == 1?CRYPT_OK:CRYPT_FAIL_TESTVECTOR, "should succeed"); diff --git a/tests/test.c b/tests/test.c index 25cacaf17..528651d58 100644 --- a/tests/test.c +++ b/tests/test.c @@ -262,23 +262,6 @@ static void s_unregister_all(void) #ifdef LTC_CHC_HASH unregister_hash(&chc_desc); #endif - - unregister_prng(&yarrow_desc); -#ifdef LTC_FORTUNA - unregister_prng(&fortuna_desc); -#endif -#ifdef LTC_RC4 - unregister_prng(&rc4_desc); -#endif -#ifdef LTC_CHACHA20_PRNG - unregister_prng(&chacha20_prng_desc); -#endif -#ifdef LTC_SOBER128 - unregister_prng(&sober128_desc); -#endif -#ifdef LTC_SPRNG - unregister_prng(&sprng_desc); -#endif } /* s_cleanup() */ static void register_algs(void) @@ -298,12 +281,12 @@ static void register_algs(void) fprintf(stderr, "register_all_hashes err=%s\n", error_to_string(err)); exit(EXIT_FAILURE); } - if ((err = register_all_prngs()) != CRYPT_OK) { - fprintf(stderr, "register_all_prngs err=%s\n", error_to_string(err)); + + if ((err = yarrow_start(&yarrow_prng)) != CRYPT_OK) { + fprintf(stderr, "yarrow_start err=%s\n", error_to_string(err)); exit(EXIT_FAILURE); } - - if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT_OK) { + if ((err = rng_make_prng(128, &yarrow_prng, NULL)) != CRYPT_OK) { fprintf(stderr, "rng_make_prng failed: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } diff --git a/tests/tomcrypt_test.h b/tests/tomcrypt_test.h index 8d9b84710..05e64ee4e 100644 --- a/tests/tomcrypt_test.h +++ b/tests/tomcrypt_test.h @@ -46,8 +46,8 @@ int bcrypt_test(void); int no_null_termination_check_test(void); #ifdef LTC_PKCS_1 -struct ltc_prng_descriptor* no_prng_desc_get(void); -void no_prng_desc_free(struct ltc_prng_descriptor*); +prng_state* no_prng_desc_get(void); +void no_prng_desc_free(prng_state*); #endif #endif diff --git a/tests/x25519_test.c b/tests/x25519_test.c index 1ea2b4fdb..f3b078f43 100644 --- a/tests/x25519_test.c +++ b/tests/x25519_test.c @@ -187,13 +187,12 @@ static int s_x25519_compat_test(void) curve25519_key priv, pub, imported; unsigned char buf[1024]; unsigned long buflen = sizeof(buf); - int prng_idx = find_prng("yarrow"); XMEMSET(&priv, 0, sizeof(priv)); XMEMSET(&pub, 0, sizeof(pub)); XMEMSET(&imported, 0, sizeof(imported)); - DO(x25519_make_key(&yarrow_prng, prng_idx, &priv)); + DO(x25519_make_key(&yarrow_prng, &priv)); DO(x25519_export(buf, &buflen, PK_PRIVATE | PK_STD, &priv)); DO(x25519_import_pkcs8(buf, buflen, NULL, &imported)); From 58ea18e3b6fbd8dd3c33b1804d91ad59b5270b61 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 21 Oct 2019 11:57:33 +0200 Subject: [PATCH 3/4] remove `start()` from prng state --- demos/timing.c | 2 +- src/headers/tomcrypt_prng.h | 5 ----- src/prngs/chacha20.c | 1 - src/prngs/fortuna.c | 1 - src/prngs/rc4.c | 1 - src/prngs/rng_make_prng.c | 4 ---- src/prngs/sober128.c | 1 - src/prngs/sprng.c | 1 - src/prngs/yarrow.c | 1 - tests/no_prng.c | 2 +- 10 files changed, 2 insertions(+), 17 deletions(-) diff --git a/demos/timing.c b/demos/timing.c index cbdbbbf8e..47181dd55 100644 --- a/demos/timing.c +++ b/demos/timing.c @@ -647,7 +647,7 @@ static void time_prng(void) #undef DO2 #undef DO1 -#define DO1 tprng.desc.start(&tprng); tprng.desc.add_entropy(buf, 32, &tprng); tprng.desc.ready(&tprng); tprng.desc.done(&tprng); +#define DO1 prng_start[x](&tprng); tprng.desc.add_entropy(buf, 32, &tprng); tprng.desc.ready(&tprng); tprng.desc.done(&tprng); #define DO2 DO1 DO1 for (y = 0; y < 10000; y++) { t_start(); diff --git a/src/headers/tomcrypt_prng.h b/src/headers/tomcrypt_prng.h index 0c23f15de..32b1b5703 100644 --- a/src/headers/tomcrypt_prng.h +++ b/src/headers/tomcrypt_prng.h @@ -56,11 +56,6 @@ struct ltc_prng_descriptor { const char *name; /** size in bytes of exported state */ int export_size; - /** Start a PRNG state - @param prng [out] The state to initialize - @return CRYPT_OK if successful - */ - int (*start)(prng_state *prng); /** Add entropy to the PRNG @param in The entropy @param inlen Length of the entropy (octets)\ diff --git a/src/prngs/chacha20.c b/src/prngs/chacha20.c index 2fffc7e96..edc4dd35f 100644 --- a/src/prngs/chacha20.c +++ b/src/prngs/chacha20.c @@ -13,7 +13,6 @@ static const struct ltc_prng_descriptor chacha20_prng_desc = { "chacha20", 40, - &chacha20_prng_start, &chacha20_prng_add_entropy, &chacha20_prng_ready, &chacha20_prng_read, diff --git a/src/prngs/fortuna.c b/src/prngs/fortuna.c index 8717e91da..1114517c8 100644 --- a/src/prngs/fortuna.c +++ b/src/prngs/fortuna.c @@ -54,7 +54,6 @@ we reseed automatically when len(pool0) >= 64 or every LTC_FORTUNA_WD calls to t static const struct ltc_prng_descriptor fortuna_desc = { "fortuna", 64, - &fortuna_start, &fortuna_add_entropy, &fortuna_ready, &fortuna_read, diff --git a/src/prngs/rc4.c b/src/prngs/rc4.c index 9b413e835..c0a59a158 100644 --- a/src/prngs/rc4.c +++ b/src/prngs/rc4.c @@ -13,7 +13,6 @@ static const struct ltc_prng_descriptor rc4_desc = { "rc4", 32, - &rc4_start, &rc4_add_entropy, &rc4_ready, &rc4_read, diff --git a/src/prngs/rng_make_prng.c b/src/prngs/rng_make_prng.c index 4b936ff86..bb56cb8a6 100644 --- a/src/prngs/rng_make_prng.c +++ b/src/prngs/rng_make_prng.c @@ -40,10 +40,6 @@ int rng_make_prng(int bits, prng_state *prng, import_entropy = prng->desc.add_entropy; } - if ((err = prng->desc.start(prng)) != CRYPT_OK) { - return err; - } - buf = XMALLOC(bytes); if (buf == NULL) { return CRYPT_MEM; diff --git a/src/prngs/sober128.c b/src/prngs/sober128.c index 52fc6a6c2..ace8d5999 100644 --- a/src/prngs/sober128.c +++ b/src/prngs/sober128.c @@ -15,7 +15,6 @@ static const struct ltc_prng_descriptor sober128_desc = { "sober128", 40, - &sober128_start, &sober128_add_entropy, &sober128_ready, &sober128_read, diff --git a/src/prngs/sprng.c b/src/prngs/sprng.c index 553f51365..f45822838 100644 --- a/src/prngs/sprng.c +++ b/src/prngs/sprng.c @@ -17,7 +17,6 @@ static const struct ltc_prng_descriptor sprng_desc = { "sprng", 0, - &sprng_start, &sprng_add_entropy, &sprng_ready, &sprng_read, diff --git a/src/prngs/yarrow.c b/src/prngs/yarrow.c index c097b071e..5bf5892d2 100644 --- a/src/prngs/yarrow.c +++ b/src/prngs/yarrow.c @@ -12,7 +12,6 @@ static const struct ltc_prng_descriptor yarrow_desc = { "yarrow", 64, - &yarrow_start, &yarrow_add_entropy, &yarrow_ready, &yarrow_read, diff --git a/tests/no_prng.c b/tests/no_prng.c index e207d9ff4..9070bdf5f 100644 --- a/tests/no_prng.c +++ b/tests/no_prng.c @@ -144,7 +144,6 @@ static int no_prng_test(void) static const struct ltc_prng_descriptor no_prng_desc = { NULL, 0, - &no_prng_start, &no_prng_add_entropy, &no_prng_ready, &no_prng_read, @@ -166,6 +165,7 @@ prng_state* no_prng_desc_get(void) return NULL; } no_prng->state.desc.name = no_prng->name; + no_prng_start(&no_prng->state); return &no_prng->state; } From ce68ceef368b61d49eecb23d24baaaec8be5592b Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 21 Aug 2024 19:57:37 +0200 Subject: [PATCH 4/4] Update makefiles --- libtomcrypt_VS2008.vcproj | 28 ---------------------------- makefile.mingw | 15 ++++++--------- makefile.msvc | 15 ++++++--------- makefile.unix | 15 ++++++--------- makefile_include.mk | 15 ++++++--------- sources.cmake | 7 ------- 6 files changed, 24 insertions(+), 71 deletions(-) diff --git a/libtomcrypt_VS2008.vcproj b/libtomcrypt_VS2008.vcproj index 06fe0115d..4e3e1e2fd 100644 --- a/libtomcrypt_VS2008.vcproj +++ b/libtomcrypt_VS2008.vcproj @@ -1486,10 +1486,6 @@ RelativePath="src\misc\crypt\crypt_find_hash_oid.c" > - - @@ -1510,18 +1506,6 @@ RelativePath="src\misc\crypt\crypt_ltc_mp_descriptor.c" > - - - - - - @@ -1530,10 +1514,6 @@ RelativePath="src\misc\crypt\crypt_register_all_hashes.c" > - - @@ -1542,10 +1522,6 @@ RelativePath="src\misc\crypt\crypt_register_hash.c" > - - @@ -1558,10 +1534,6 @@ RelativePath="src\misc\crypt\crypt_unregister_hash.c" > - -