arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Sync with Upstream master

pull/461/head
Jeffrey Walton 2017-08-02 18:58:23 -04:00
parent c870ad9d6f 4da4ece5a5
commit 89bae6e686
3 changed files with 44 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
randpool.cpp
View File

@ -86,6 +86,11 @@ OldRandomPool::OldRandomPool(unsigned int poolSize)
::memset(key, 0, key.size()); ::memset(key, 0, key.size());
} }
void OldRandomPool::IncorporateEntropy(const byte *input, size_t length)
{
OldRandomPool::Put(input, length);
}
void OldRandomPool::Stir() void OldRandomPool::Stir()
{ {
CFB_Mode<OldRandomPoolCipher>::Encryption cipher; CFB_Mode<OldRandomPoolCipher>::Encryption cipher;

29
randpool.h
View File

@ -33,11 +33,11 @@ NAMESPACE_BEGIN(CryptoPP)
//! AES-256 to produce the stream. Entropy is stirred in using SHA-256. //! AES-256 to produce the stream. Entropy is stirred in using SHA-256.
//! \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5 //! \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
//! RandomPool was redesigned to reduce the risk of reusing random numbers after state //! RandomPool was redesigned to reduce the risk of reusing random numbers after state
//! rollback (which may occur when running in a virtual machine like VMware or a hosted //! rollback, which may occur when running in a virtual machine like VMware or a hosted
//! environment). //! environment.
//! \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You //! \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
//! should migrate away from OldRandomPool at the earliest opportunity. Use RandomPool //! should migrate away from OldRandomPool at the earliest opportunity.
//! or AutoSeededRandomPool instead. //! \sa OldRandomPool
//! \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based) //! \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
class CRYPTOPP_DLL RandomPool : public RandomNumberGenerator, public NotCopyable class CRYPTOPP_DLL RandomPool : public RandomNumberGenerator, public NotCopyable
{ {
@ -49,10 +49,6 @@ public:
void IncorporateEntropy(const byte *input, size_t length); void IncorporateEntropy(const byte *input, size_t length);
void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size); void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
// for backwards compatibility. use RandomNumberSource, RandomNumberStore, and
// RandomNumberSink for other BufferTransformation functionality
void Put(const byte *input, size_t length) {IncorporateEntropy(input, length);}
private: private:
FixedSizeAlignedSecBlock<byte, 16, true> m_seed; FixedSizeAlignedSecBlock<byte, 16, true> m_seed;
FixedSizeAlignedSecBlock<byte, 32> m_key; FixedSizeAlignedSecBlock<byte, 32> m_key;
@ -64,11 +60,17 @@ private:
//! \brief Randomness Pool based on PGP 2.6.x with MDC //! \brief Randomness Pool based on PGP 2.6.x with MDC
//! \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. The //! \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. The
//! OldRandomPool class is always available so you dont need to define //! OldRandomPool class is always available so you dont need to define
//! CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY. However, you should migrate away from //! CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY. OldRandomPool also provides the modern
//! OldRandomPool at the earliest opportunity. Use RandomPool or AutoSeededRandomPool instead. //! interface, including <tt>CanIncorporateEntropy</tt>, <tt>IncorporateEntropy</tt> and
//! <tt>GenerateIntoBufferedTransformation</tt>.
//! \details You should migrate away from OldRandomPool at the earliest opportunity. Use a
//! modern random number generator or key derivation function, like AutoSeededRandomPool or
//! HKDF.
//! \deprecated This class uses an old style PGP 2.6.x with MDC. The generator risks reusing //! \deprecated This class uses an old style PGP 2.6.x with MDC. The generator risks reusing
//! random random numbers after state rollback. Migrate to RandomPool or AutoSeededRandomPool //! random random numbers after state rollback. You should migrate away from OldRandomPool
//! at the earliest opportunity. //! at the earliest opportunity.
//! HKDF.
//! \sa RandomPool, AutoSeededRandomPool, HKDF, P1363_KDF2, PKCS12_PBKDF, PKCS5_PBKDF2_HMAC
//! \since Crypto++ 6.0 (PGP 2.6.x style) //! \since Crypto++ 6.0 (PGP 2.6.x style)
class CRYPTOPP_DLL OldRandomPool : public RandomNumberGenerator, class CRYPTOPP_DLL OldRandomPool : public RandomNumberGenerator,
public Bufferless<BufferedTransformation> public Bufferless<BufferedTransformation>
@ -79,6 +81,11 @@ public:
//! \details poolSize must be greater than 16 //! \details poolSize must be greater than 16
OldRandomPool(unsigned int poolSize=384); OldRandomPool(unsigned int poolSize=384);
// RandomNumberGenerator interface (Crypto++ 5.5 and above)
bool CanIncorporateEntropy() const {return true;}
void IncorporateEntropy(const byte *input, size_t length);
// BufferedTransformation interface (Crypto++ 5.4 and below)
size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking); size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
bool AnyRetrievable() const {return true;} bool AnyRetrievable() const {return true;}

26
validat1.cpp
View File

@ -339,6 +339,7 @@ bool TestSettings()
std::cout << std::endl; std::cout << std::endl;
#ifdef CRYPTOPP_CPUID_AVAILABLE #ifdef CRYPTOPP_CPUID_AVAILABLE
bool hasISSE = HasISSE();
bool hasSSE2 = HasSSE2(); bool hasSSE2 = HasSSE2();
bool hasSSSE3 = HasSSSE3(); bool hasSSSE3 = HasSSSE3();
bool hasSSE41 = HasSSE41(); bool hasSSE41 = HasSSE41();
@ -354,7 +355,7 @@ bool TestSettings()
else else
std::cout << "passed: "; std::cout << "passed: ";
std::cout << "hasSSE2 == " << hasSSE2 << ", hasSSSE3 == " << hasSSSE3 << ", hasSSE4.1 == " << hasSSE41 << ", hasSSE4.2 == " << hasSSE42; std::cout << "hasISSE == " << hasISSE << "hasSSE2 == " << hasSSE2 << ", hasSSSE3 == " << hasSSSE3 << ", hasSSE4 == " << hasSSE4;
std::cout << ", hasAESNI == " << HasAESNI() << ", hasCLMUL == " << HasCLMUL() << ", hasRDRAND == " << HasRDRAND() << ", hasRDSEED == " << HasRDSEED(); std::cout << ", hasAESNI == " << HasAESNI() << ", hasCLMUL == " << HasCLMUL() << ", hasRDRAND == " << HasRDRAND() << ", hasRDSEED == " << HasRDSEED();
std::cout << ", hasSHA == " << HasSHA() << ", isP4 == " << isP4 << ", cacheLineSize == " << cacheLineSize << std::endl; std::cout << ", hasSHA == " << HasSHA() << ", isP4 == " << isP4 << ", cacheLineSize == " << cacheLineSize << std::endl;
@ -722,7 +723,7 @@ bool TestRandomPool()
// with it in 2017. The missing functionality was a barrier to upgrades. // with it in 2017. The missing functionality was a barrier to upgrades.
std::cout << "\nTesting OldRandomPool generator...\n\n"; std::cout << "\nTesting OldRandomPool generator...\n\n";
{ {
OldRandomPool prng; OldRandomPool old1;
static const unsigned int ENTROPY_SIZE = 32; static const unsigned int ENTROPY_SIZE = 32;
// https://github.com/weidai11/cryptopp/issues/452 // https://github.com/weidai11/cryptopp/issues/452
@ -734,9 +735,9 @@ bool TestRandomPool()
}; };
SecByteBlock seed(0x00, 384); SecByteBlock seed(0x00, 384);
prng.Put(seed, seed.size()); old1.Put(seed, seed.size());
prng.GenerateBlock(result, sizeof(result)); old1.GenerateBlock(result, sizeof(result));
fail = (0 != ::memcmp(result, expected, sizeof(expected))); fail = (0 != ::memcmp(result, expected, sizeof(expected)));
pass &= !fail; pass &= !fail;
@ -744,8 +745,23 @@ bool TestRandomPool()
std::cout << "FAILED:"; std::cout << "FAILED:";
else else
std::cout << "passed:"; std::cout << "passed:";
std::cout << " Expected sequence from PGP-style RandomPool (2007 version)\n"; std::cout << " Expected sequence from PGP-style RandomPool (circa 2007)\n";
OldRandomPool old2;
old2.IncorporateEntropy(seed, seed.size());
ArraySink sink(result, sizeof(result));
old2.GenerateIntoBufferedTransformation(sink, DEFAULT_CHANNEL, sizeof(result));
fail = (0 != ::memcmp(result, expected, sizeof(expected)));
pass &= !fail;
if (fail)
std::cout << "FAILED:";
else
std::cout << "passed:";
std::cout << " Expected sequence from PGP-style RandomPool new interface (circa 2007)\n";
OldRandomPool prng;
MeterFilter meter(new Redirector(TheBitBucket())); MeterFilter meter(new Redirector(TheBitBucket()));
RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter))); RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));