Mercurial > dropbear

comparison changes @ 143:5d99163f7e32 libtomcrypt-orig

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
import of libtomcrypt 0.99
author Matt Johnston <matt@ucc.asn.au>
date Sun, 19 Dec 2004 11:34:45 +0000
parents 6362d3854bb4
children 1c15b283127b
comparison
equal deleted inserted replaced
15:6362d3854bb4 143:5d99163f7e32
1 October 29th, 2004
2 v0.99 -- Merged in the latest version of LTM which includes all of the recent bug fixes
3 -- Deprecated LTMSSE and removed it (to be replaced with TFM later on)
4 -- Stefan Arentz pointed out that mp_s_rmap should be extern
5 -- Kristian Gj�steen pointed out that there are typos in the
6 "test" makefile and minor issues in Yarrow and Sober [just cosmetics really]
7 -- Matthew P. Cashdollar pointed out that "export" is a C++ keyword
8 so changed the PRNG api to use "pexport" and "pimport"
9 -- Updated "hashsum" demo so it builds ;-)
10 -- Added automatic support for x86-64 (will configure for 64-bit little endian automagically)
11 -- Zhi Chen pointed out a bug in rsa_exptmod which would leak memory on error.
12 -- Made hash functions "init" return an int. slight change to API ;-(
13 -- Added "CHC" mode which turns any cipher into a hash the other LTC functions can use
14 -- Added CHC mode stuff to demos such as tv_gen and hashsum
15 -- Added "makefile.shared" which builds and installs shared/static object copies
16 of the library.
17 -- Added DER for bignum support
18 -- RSA is now fully joy. rsa_export/rsa_import use PKCS #1 encodings and should be
19 compatible with other crypto libs that use the format.
20 -- Added support for x86-64 for the ROL/ROR macros
21 -- Changed the DLL and SO makefiles to optimize for speed, commented SMALL_CODE in
22 mycrypt_custom.h and added -DSMALL_CODE to the default makefile
23 -- Updated primality testing code so it does a minimum of 5 tests [of Miller-Rabin]
24 (AFAIK not a security fix, just warm fuzzies)
25 -- Minor updates to the OMAC code (additional __ARGCHK and removed printf from omac_test... oops!)
26 -- Update build and configuration info which was really really really out of date. (Chapter 14)
27 ++ Minor update, switch RSA to use the PKCS style CRT
28
29 August 6th, 2004
30 v0.98 -- Update to hmac_init to free all allocated memory on error
31 -- Update to PRNG API to fix import/export functions of Fortuna and Yarrow
32 -- Added test functions to PRNG api, RC4 now conforms ;-) [was a minor issue]
33 -- Added the SOBER-128 PRNG based off of code donated by Greg Rose.
34 -- Added Tech Note #4 [notes/tech0004.txt]
35 -- Changed RC4 back [due to request]. It will now XOR the output so you can use it like
36 a stream cipher easily.
37 -- Update Fortuna's export() to emit a hash of each pool. This means that the accumulated
38 entropy that was spread over all the pools isn't entirely lost when you export/import.
39 -- Zhi Chen suggested a comment for rsa_encrypt_key() to let users know [easily] that it was
40 PKCS #1 v2.0 padding. (updated other rsa_* functions)
41 -- Cleaned up Noekeon to remove unrolling [wasn't required, was messy and actually slower with GCC/ICC]
42 -- Updated RC4 so that when you feed it >256 bytes of entropy it quietly ignores additional
43 bytes. Also removed the % from the key setup to speed it up a bit.
44 -- Added cipher/hash/prng tests to x86_prof to help catch bugs while testing
45 -- Made the PRNG "done" return int, fixed sprng_done to not require prng* to be non-null
46 -- Spruced up mycrypt_custom.h to trap more errors and also help prevent LTMSSE from being defined
47 on non-i386 platforms by accident.
48 -- Added RSA/ECC/DH speed tests to x86_prof and cleaned it up to build with zero warnings
49 -- Changed Fortuna to count only entropy [not the 2 byte header] added to pool[0] into the
50 reseed mechanism.
51 -- Added "export_size" member to prng_descriptor tables so you can know in advance the size of
52 the exported state for any given PRNG.
53 -- Ported over patch on LTM 0.30 [not ready to release LTM 0.31] that fixes bug in mp_mul()/mp_div()
54 that used to result in negative zeroes when you multiplied zero by a negative integer.
55 (patch due to "Wolfgang Ehrhardt" <[email protected]>)
56 -- Fixed rsa_*decrypt_key() and rsa_*verify_hash() to default to invalid "stat" or "res". This way
57 if any of the higher level functions fail [before you get to the padding] the result will be in
58 a known state]. Applied to both v2 and v1.5 padding helpers.
59 -- Added MACs to x86_prof
60 -- Fixed up "warnings" in x86_prof and tv_gen
61 -- Added a "profiled" target back [for GCC 3.4 and ICC v8]. Doesn't seem to help but might be worth
62 tinkering with.
63 -- Beefed up load/store test in demos/test
64
65 ++ New note, in order to use the optimized LOAD/STORE macros your platform
66 must support unaligned 32/64 bit load/stores. The x86s support this
67 but some [ARM for instance] do not. If your platform cannot perform
68 unaligned operations you must use the endian neutral code which is safe for
69 any sort of platform.
70
71 July 23rd, 2004
72 v0.97b -- Added PKCS #1 v1.5 RSA encrypt/sign helpers (like rsa_sign_hash, etc...)
73 -- Added missing prng check to rsa_decrypt_key() [not critical as I don't use
74 descriptors directly in that function]
75 -- Merged in LTM-SSE, define LTMSSE before you build and you will get SSE2 optimized math ;-)
76 (roughly 3x faster on a P4 Northwood). By default it will compile as ISO C portable
77 code (when LTMSSE is undefined).
78 -- Fixed bug in ltc_tommath.h where I had the kara/toom cutoffs not marked as ``extern''
79 Thanks to "Stefan Arentz" <stefan at organicnetwork.net>
80 -- Steven Dake <[email protected]> and Richard Amacker <[email protected]> submitted patches to
81 fix pkcs_5_2(). It now matches the output of another crypto library. Whoops... hehehe
82 -- Updated PRNG api. Added Fortuna PRNG to the list of supported PRNGs
83 -- Fixed up the descriptor tables since globals are automatically zero'ed on startup.
84 -- Changed RC4 to store it's output. If you want to encrypt with RC4
85 you'll have to do the XOR yourself.
86 -- Fixed buffer overflows/overruns in the HMAC code.
87
88 ++ API change for the PRNGs there now is a done() function per PRNG. You
89 should call it when you are done with a prng state. So far it's
90 not absolutely required (won't cause problems) but is a good idea to
91 start.
92
93
94 June 23rd, 2004
95 v0.97a ++ Fixed several potentially crippling bugs... [read on]
96 -- Fixed bug in OAEP decoder that would incorrectly report
97 buffer overflows. [Zhi Chen]
98 -- Fixed headers which had various C++ missing [extern "C"]'s
99 -- Added "extern" to sha384_desc descriptor which I removed by mistake
100 -- Fixed bugs in ENDIAN_BIG macros using the wrong byte order [Matt Johnston]
101 -- Updated tiger.c and des.c to not shadow "round" which is intrinsic on
102 some C compilers.
103 -- Updated demos/test/rsa_test.c to test the RSA functionality better
104 ++ This update has been tested with GCC [v3.3.3], ICC [v8] and MSVC [v6+SP6]
105 all on a x86 P4 [GCC/ICC tested in Gentoo Linux, MSVC in WinXP]
106 ++ Outcome: The bug Zhi Chen pointed out has been fixed. So have the bugs
107 that Matt Johnston found.
108
109 June 19th, 2004
110 v0.97 -- Removed spurious unused files [arrg!]
111 -- Patched buffer overflow in tim_exptmod()
112 -- Fixed buffer overrun bug in pkcs_1_v15_es_decode()
113 -- Reduced stack usage in PKCS #1 v2.0 padding functions (by several KBs)
114 -- Removed useless extern's that were an artifact from the project start... ;-)
115 -- Replaced memcpy/memset with XMEMCPY and XMEMSET for greater flexibility
116 -- fixed bugs in hmac_done()/hmac_init()/[various others()] where I didn't trap errors
117 -- Reduced stack usage in OMAC/PMAC/HMAC/EAX/OCB/PKCS#5 by mallocing any significant sized
118 arrays (e.g. > 100 bytes or so). Only in non-critical functions (e.g. eax_init())
119 -- "Zhi Chen" <[email protected]> pointed out that rsa_decrypt_key() requires
120 an incorrect output size (too large). Fixed.
121 -- Added a "pretty" target to the GCC makefile. Requires PERL. It is NEAT!
122 -- Minor updates to ch1 of the manual.
123 -- Cleaned up the indentation and added comments to rsa_make_key(), rsa_exptmod() and
124 rsa_verify_hash()
125 -- Updated makefile.icc so the "install" target would work ;-)
126 -- Removed demos/test.c [deprecated from demos/test/test.c]
127 -- Changed MAXBLOCKSIZE from 128 to 64 to reflect the true size...
128
1 May 30th, 2004 129 May 30th, 2004
2 v0.96 -- Removed GF and Keyring code 130 v0.96 -- Removed GF and Keyring code
3 -- Extended OAEP decoder to distinguish better [and use a more uniform API] 131 -- Extended OAEP decoder to distinguish better [and use a more uniform API]
4 -- Changed PSS/OAEP API slightly to be more consistent with other PK functions (order of arguments) 132 -- Changed PSS/OAEP API slightly to be more consistent with other PK functions (order of arguments)
5 -- rsa_exptmod() now pads with leading zeroes as per I2OSP. 133 -- rsa_exptmod() now pads with leading zeroes as per I2OSP.
6 -- added error checking to yarrow code 134 -- added error checking to yarrow code
7 -- Mike Frysinger pointed out that tommath.h from this distro will overwrite tommath.h 135 -- pointed out that tommath.h from this distro will overwrite tommath.h
8 from libtommath. I changed this to ltc_tommath.h to avoid any such problems. 136 from libtommath. I changed this to ltc_tommath.h to avoid any such problems.
9 -- Fixed bug in PSS encoder/decoder that didn't handle the MSB properly 137 -- Fixed bug in PSS encoder/decoder that didn't handle the MSB properly
10 -- refactored AES, now sports an "encrypt only" descriptor which uses half as much code space. 138 -- refactored AES, now sports an "encrypt only" descriptor which uses half as much code space.
11 -- modded Yarrow to try and use refactored AES code and added WHIRLPOOL support (d'oh) ;-) 139 -- modded Yarrow to try and use refactored AES code and added WHIRLPOOL support (d'oh) ;-)
12 -- updated ECB, OCB and CBC decrypt functions to detect when "encrypt only" descriptor is used. 140 -- updated ECB, OCB and CBC decrypt functions to detect when "encrypt only" descriptor is used.