arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Additional documentation; fixed issues with Clang integrated assembler and different versions numbers for LLVM Clang and Apple Clang; fixed missing header in DSA class

pull/75/head
Jeffrey Walton 2015-11-19 13:09:33 -05:00
parent 6911cc9e91
commit b3e49d8c96
23 changed files with 1095 additions and 820 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
GNUmakefile
View File

@ -435,7 +435,7 @@ bench benchmark benchmarks: cryptest.exe
echo "<BODY>" >> benchmarks.html
echo "<H1><a href=\"http://www.cryptopp.com\">Crypto++</a>" $(LIB_MAJOR).$(LIB_MINOR).$(LIB_REVISION) "Benchmarks</H1>" >> benchmarks.html
echo "<P>Here are speed benchmarks for some commonly used cryptographic algorithms.</P>" >> benchmarks.html
cryptest.exe b 3 2.4+1e9 >> benchmarks.html
cryptest.exe b 3 2.4 >> benchmarks.html
echo "</BODY>" >> benchmarks.html
echo "</HTML>" >> benchmarks.html

22
Readme.txt
View File

@ -1,5 +1,5 @@
Crypto++: a C++ Class Library of Cryptographic Schemes
Version 5.6.3 - NOV/01/2015
Version 5.6.3 - NOV/20/2015
Crypto++ Library is a free C++ class library of cryptographic schemes.
Currently the library contains the following algorithms:
@ -454,14 +454,14 @@ the mailing list.
- fixed CVE-2015-2141
- cleared most Undefined Behavior Sanitizer (UBsan) findings
- cleared all Address Sanitizer (Asan) findings
- cleared most Valgrind findings
- cleared most Coverity findings
- cleared all Valgrind findings
- cleared all Coverity findings
- cleared all Enterprise Analysis (/analyze) findings
- cleared most GCC warnings with -Wall
- cleared most Clang warnings with -Wall
- cleared most MSVC warnings with /W4
- added -fPIC for x86_64/amd64 builds. Off by default for i386
- added HKDF class for RFC 5868
- added -fPIC 64-bit builds. Off by default for i386
- added HKDF class from RFC 5868
- switched to member_ptr due to C++ 11 warnings for auto_ptr
- initialization of C++ static objects, off by default
* GCC and init_priotirty/constructor attributes
@ -469,13 +469,11 @@ the mailing list.
* CRYPTOPP_INIT_PRIORITY disabled by default, but available
- improved OS X support
- improved GNUmakefile support for Testing and QA
- added additional self tests for improved Testing and QA
- added self tests for additional Testing and QA
- added cryptest.sh for systematic Testing and QA
- added GNU Gold linker support
- added Visual Studio 2010 solution and project files in vs2010.zip
- added Visual Studio 2010 solution and project files in vs2010.zip
- added Clang integrated assembler support
- added more complete ARM, ARM64, MIPS, MIPS64, S/390 and X32 (ILP32) support
- __ARM_FEATURE_UNALIGNED and definition of CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS
- unconditionally define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS for Makefile
target 'ubsan' and at -O3 due to GCC vectorization on x86 and x86_64
- workaround ARMEL/GCC 5.2 bug and failed self test
@ -487,13 +485,15 @@ the mailing list.
- fixed X32 (ILP32) feature detection
- removed _CRT_SECURE_NO_DEPRECATE for Microsoft platforms
- utilized bound checking interfaces from ISO/IEC TR 24772 when available
- improved ARM, ARM64, MIPS, MIPS64, S/390 and X32 (ILP32) support
- introduced CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
- added additional Doxygen documentation
- added additional Doxygen-based documentation
- ported to MSVC 2015, Xcode 7.2, GCC 5.2, Clang 3.7, Intel C++ 16.00
5.7 - nearly identical to 5.6.3
- minor breaks to the ABI and API
- cleared remaining Undefined Behavior Sanitizer (UBsan) findings
- cleared remaining Valgrind findings
- cleared remaining GCC and Visual Studio warnings
- removed CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
Written by Wei Dai and the Crypto++ Project

2
base32.h
View File

@ -1,7 +1,7 @@
// base32.h - written and placed in the public domain by Wei Dai
//! \file
//! \brief Classes for Base32 encoder and decoder
//! \brief Classes for Base32Encoder and Base32Decoder
#ifndef CRYPTOPP_BASE32_H
#define CRYPTOPP_BASE32_H

2
base64.h
View File

@ -1,4 +1,4 @@
// .h - written and placed in the public domain by Wei Dai
// base64.h - written and placed in the public domain by Wei Dai
//! \file
//! \brief Classes for the Base64Encoder, Base64Decoder, Base64URLEncoder and Base64URLDecoder

1416
config.recommend
View File

File diff suppressed because it is too large Load Diff

35
cryptlib.h
View File

@ -1076,7 +1076,7 @@ typedef SymmetricCipher StreamCipher;
//! \class RandomNumberGenerator
//! \brief Interface for random number generators
//! \details The library provides a number of random number generators, from software based to hardware based generators.
//! \details All return values are uniformly distributed over the range specified.
//! \details All generated values are uniformly distributed over the range specified.
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE RandomNumberGenerator : public Algorithm
{
public:
@ -1084,9 +1084,9 @@ public:
//! \param input the entropy to add to the generator
//! \param length the size of the input buffer
//! \throws NotImplemented
//! \details A generator may or may not accept additional entropy. Call CanIncorporateEntropy to test for the
//! \details A generator may or may not accept additional entropy. Call CanIncorporateEntropy() to test for the
//! ability to use additional entropy.
//! \details If a derived class does not override IncorporateEntropy, then the base class throws
//! \details If a derived class does not override IncorporateEntropy(), then the base class throws
//! NotImplemented.
virtual void IncorporateEntropy(const byte *input, size_t length)
{
@ -1095,41 +1095,52 @@ public:
}
//! \brief Determines if a generator can accept additional entropy
//! \returns true if IncorporateEntropy is implemented
//! \returns true if IncorporateEntropy() is implemented
virtual bool CanIncorporateEntropy() const {return false;}
//! \brief Generate new random byte and return it
//! \details default implementation is to call GenerateBlock() with one byte
//! \returns a random 8-bit byte
//! \details Default implementation calls GenerateBlock() with one byte.
//! \details All generated values are uniformly distributed over the range specified within the
//! the contraints of a particular generator.
virtual byte GenerateByte();
//! \brief Generate new random bit and return it
//! \returns a random bit
//! \details The default implementation calls GenerateByte() and return its lowest bit.
//! \details All generated values are uniformly distributed over the range specified within the
//! the contraints of a particular generator.
virtual unsigned int GenerateBit();
//! \brief Generate a random 32 bit word in the range min to max, inclusive
//! \param min the lower bound of the range
//! \param max the upper bound of the range
//! \returns a random 32-bit word
//! \details The default implementation calls Crop on the difference between max and
//! min, and then returns the result added to min.
//! \details The default implementation calls Crop() on the difference between max and
//! min, and then returns the result added to min.
//! \details All generated values are uniformly distributed over the range specified within the
//! the contraints of a particular generator.
virtual word32 GenerateWord32(word32 min=0, word32 max=0xffffffffUL);
//! \brief Generate random array of bytes
//! \param output the byte buffer
//! \param size the length of the buffer, in bytes
//! \note A derived generator \a must override either GenerateBlock or
//! GenerateIntoBufferedTransformation. They can override both, or have one call the other.
//! \details All generated values are uniformly distributed over the range specified within the
//! the contraints of a particular generator.
//! \note A derived generator \a must override either GenerateBlock() or
//! GenerateIntoBufferedTransformation(). They can override both, or have one call the other.
virtual void GenerateBlock(byte *output, size_t size);
//! \brief Generate random bytes into a BufferedTransformation
//! \param target the BufferedTransformation object which receives the bytes
//! \param channel the channel on which the bytes should be pumped
//! \param length the number of bytes to generate
//! \details The default implementation calls GenerateBlock() and pumps the result into
//! \details The default implementation calls GenerateBlock() and pumps the result into
//! the DEFAULT_CHANNEL of the target.
//! \note A derived generator \a must override either GenerateBlock or
//! GenerateIntoBufferedTransformation. They can override both, or have one call the other.
//! \details All generated values are uniformly distributed over the range specified within the
//! the contraints of a particular generator.
//! \note A derived generator \a must override either GenerateBlock() or
//! GenerateIntoBufferedTransformation(). They can override both, or have one call the other.
virtual void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length);
//! \brief Generate and discard n bytes

30
dsa.h
View File

@ -2,20 +2,38 @@
//! \file
//! \headerfile dsa.h
//! \brief Classes for DSA signature algorithm
//! \brief Classes for the DSA signature algorithm
#ifndef CRYPTOPP_DSA_H
#define CRYPTOPP_DSA_H
#include "cryptlib.h"
#include "gfpcrypt.h"
NAMESPACE_BEGIN(CryptoPP)
/*! The DSA signature format used by Crypto++ is as defined by IEEE P1363.
Java uses the DER format, and OpenPGP uses the OpenPGP format. */
enum DSASignatureFormat {DSA_P1363, DSA_DER, DSA_OPENPGP};
/** This function converts between these formats, and returns length of signature in the target format.
If toFormat == DSA_P1363, bufferSize must equal publicKey.SignatureLength() */
//! \brief DSA Signature Format
//! \details The DSA signature format used by Crypto++ is as defined by IEEE P1363.
//! Java nad .Net use the DER format, and OpenPGP uses the OpenPGP format.
enum DSASignatureFormat {
//! \brief Crypto++ native signature encoding format
DSA_P1363,
//! \brief signature encoding format used by Java and .Net
DSA_DER,
//! \brief OpenPGP signature encoding format
DSA_OPENPGP
};
//! \brief Converts between signature encoding formats
//! \param buffer byte buffer for the converted signature encoding
//! \param bufferSize the length of the converted signature encoding buffer
//! \param toFormat the source signature format
//! \param signature byte buffer for the existing signature encoding
//! \param signatureLen the length of the existing signature encoding buffer
//! \param fromFormat the source signature format
//! \details This function converts between these formats, and returns length
//! of signature in the target format. If <tt>toFormat == DSA_P1363</tt>, then
//! <tt>bufferSize</tt> must equal <tt>publicKey.SignatureLength()</tt>
size_t DSAConvertSignatureFormat(byte *buffer, size_t bufferSize, DSASignatureFormat toFormat,
const byte *signature, size_t signatureLen, DSASignatureFormat fromFormat);

4
filters.h
View File

@ -370,11 +370,11 @@ protected:
};
//! \struct BlockPaddingSchemeDef
//! \detils Padding schemes used for block ciphers.
//! \details Padding schemes used for block ciphers.
struct BlockPaddingSchemeDef
{
//! \enum BlockPaddingScheme
//! \detils Padding schemes used for block ciphers.
//! \details Padding schemes used for block ciphers.
//! \details DEFAULT_PADDING means PKCS_PADDING if <tt>cipher.MandatoryBlockSize() > 1 &&
//! cipher.MinLastBlockSize() == 0</tt>, which holds for ECB or CBC mode. Otherwise,
//! NO_PADDING for modes like OFB, CFB, CTR, CBC-CTS.

80
fips140.h
View File

@ -1,46 +1,94 @@
// fips140.h - written and placed in the public domain by Wei Dai
//! \file fips140.h
//! \brief Classes and functions for the FIPS 140-2 validated library
//! \details The FIPS validated library is only available on Windows as a DLL. Once compiled,
//! the library is always in FIPS mode contingent upon successful execution of
//! DoPowerUpSelfTest() or DoDllPowerUpSelfTest().
//! \sa <A HREF="http://cryptopp.com/wiki/Visual_Studio">Visual Studio</A> and
//! <A HREF="http://cryptopp.com/wiki/config.h">config.h</A> on the Crypto++ wiki.
#ifndef CRYPTOPP_FIPS140_H
#define CRYPTOPP_FIPS140_H
/*! \file
FIPS 140 related functions and classes.
*/
#include "cryptlib.h"
#include "secblock.h"
NAMESPACE_BEGIN(CryptoPP)
//! exception thrown when a crypto algorithm is used after a self test fails
//! \class SelfTestFailure
//! Exception thrown when a crypto algorithm is used after a self test fails
//! \details The self tests for an algorithm are performed by Algortihm class
//! when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined.
class CRYPTOPP_DLL SelfTestFailure : public Exception
{
public:
explicit SelfTestFailure(const std::string &s) : Exception(OTHER_ERROR, s) {}
};
//! returns whether FIPS 140-2 compliance features were enabled at compile time
//! \brief Determines whether the library provides FIPS validated cryptography
//! \returns true if FIPS 140-2 validated features were enabled at compile time.
//! \details true if FIPS 140-2 validated features were enabled at compile time,
//! false otherwise.
//! \note FIPS mode is enabled at compile time. A program or other module cannot
//! arbitrarily enter or exit the mode.
CRYPTOPP_DLL bool CRYPTOPP_API FIPS_140_2_ComplianceEnabled();
//! enum values representing status of the power-up self test
enum PowerUpSelfTestStatus {POWER_UP_SELF_TEST_NOT_DONE, POWER_UP_SELF_TEST_FAILED, POWER_UP_SELF_TEST_PASSED};
//! \brief Status of the power-up self test
enum PowerUpSelfTestStatus {
//! \brief The self tests have not been performed.
POWER_UP_SELF_TEST_NOT_DONE,
//! \brief The self tests were executed via DoPowerUpSelfTest() or
//! DoDllPowerUpSelfTest(), but the result was failure.
POWER_UP_SELF_TEST_FAILED,
//! \brief The self tests were executed via DoPowerUpSelfTest() or
//! DoDllPowerUpSelfTest(), and the result was success.
POWER_UP_SELF_TEST_PASSED
};
//! perform the power-up self test, and set the self test status
//! \brief Performs the power-up self test
//! \param moduleFilename the fully qualified name of the module
//! \param expectedModuleMac the expected MAC of the components protected by the integrity check
//! \details Performs the power-up self test, and sets the self test status to
//! POWER_UP_SELF_TEST_PASSED or POWER_UP_SELF_TEST_FAILED.
//! \details The self tests for an algorithm are performed by the Algortihm class
//! when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined.
CRYPTOPP_DLL void CRYPTOPP_API DoPowerUpSelfTest(const char *moduleFilename, const byte *expectedModuleMac);
//! perform the power-up self test using the filename of this DLL and the embedded module MAC
//! \brief Performs the power-up self test on the DLL
//! \details Performs the power-up self test using the filename of this DLL and the
//! embedded module MAC, and sets the self test status to POWER_UP_SELF_TEST_PASSED or
//! POWER_UP_SELF_TEST_FAILED.
//! \details The self tests for an algorithm are performed by the Algortihm class
//! when CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined.
CRYPTOPP_DLL void CRYPTOPP_API DoDllPowerUpSelfTest();
//! set the power-up self test status to POWER_UP_SELF_TEST_FAILED
//! \brief Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED
//! \details Sets the power-up self test status to POWER_UP_SELF_TEST_FAILED to simulate failure.
CRYPTOPP_DLL void CRYPTOPP_API SimulatePowerUpSelfTestFailure();
//! return the current power-up self test status
//! \brief Provides the current power-up self test status
//! \returns the current power-up self test status
CRYPTOPP_DLL PowerUpSelfTestStatus CRYPTOPP_API GetPowerUpSelfTestStatus();
#ifndef CRYPTOPP_DOXYGEN_PROCESSING
typedef PowerUpSelfTestStatus (CRYPTOPP_API * PGetPowerUpSelfTestStatus)();
#endif
//! \brief Class object that calculates the MAC on the module
//! \returns the MAC for the module
CRYPTOPP_DLL MessageAuthenticationCode * CRYPTOPP_API NewIntegrityCheckingMAC();
//! \brief Verifies the MAC on the module
//! \param moduleFilename the fully qualified name of the module
//! \param expectedModuleMac the expected MAC of the components protected by the integrity check
//! \param pActualMac the actual MAC of the components calculated by the integrity check
//! \param pMacFileLocation the offest of the MAC in the PE/PE+ module
//! \returns true if the MAC is valid, false otherwise
CRYPTOPP_DLL bool CRYPTOPP_API IntegrityCheckModule(const char *moduleFilename, const byte *expectedModuleMac, SecByteBlock *pActualMac = NULL, unsigned long *pMacFileLocation = NULL);
#ifndef CRYPTOPP_DOXYGEN_PROCESSING
// this is used by Algorithm constructor to allow Algorithm objects to be constructed for the self test
bool PowerUpSelfTestInProgressOnThisThread();
@ -51,7 +99,13 @@ void EncryptionPairwiseConsistencyTest(const PK_Encryptor &encryptor, const PK_D
void SignaturePairwiseConsistencyTest_FIPS_140_Only(const PK_Signer &signer, const PK_Verifier &verifier);
void EncryptionPairwiseConsistencyTest_FIPS_140_Only(const PK_Encryptor &encryptor, const PK_Decryptor &decryptor);
#endif
//! \brief The placeholder used prior to embedding the actual MAC in the module.
//! \details After the DLL is built but before it is MAC'd, the string CRYPTOPP_DUMMY_DLL_MAC
//! is used as a placeholder for the actual MAC. A post-build step is performed which calculates
//! the MAC of the DLL and embeds it in the module. The actual MAC is written by the
//! <tt>cryptest.exe</tt> program using the <tt>mac_dll</tt> subcommand.
#define CRYPTOPP_DUMMY_DLL_MAC "MAC_51f34b8db820ae8"
NAMESPACE_END

20
gcm.cpp
View File

@ -684,11 +684,11 @@ size_t GCM_Base::AuthenticateBlocks(const byte *data, size_t len)
AS2( pxor xmm5, xmm2 )
AS2( psrldq xmm0, 15 )
#if defined(CRYPTOPP_APPLE_CLANG_VERSION)
AS2( mov WORD_REG(di), xmm0 )
#elif defined(CRYPTOPP_CLANG_VERSION)
#if (CRYPTOPP_CLANG_VERSION >= 30600) || (CRYPTOPP_APPLE_CLANG_VERSION >= 70000)
AS2( movd edi, xmm0 )
#else
#elif defined(CRYPTOPP_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION)
AS2( mov WORD_REG(di), xmm0 )
#else // GNU Assembler
AS2( movd WORD_REG(di), xmm0 )
#endif
AS2( movzx eax, WORD PTR [RED_TABLE + WORD_REG(di)*2] )
@ -699,10 +699,10 @@ size_t GCM_Base::AuthenticateBlocks(const byte *data, size_t len)
AS2( pxor xmm4, xmm5 )
AS2( psrldq xmm1, 15 )
#if defined(CRYPTOPP_APPLE_CLANG_VERSION)
AS2( mov WORD_REG(di), xmm1 )
#elif defined(CRYPTOPP_CLANG_VERSION)
#if (CRYPTOPP_CLANG_VERSION >= 30600) || (CRYPTOPP_APPLE_CLANG_VERSION >= 70000)
AS2( movd edi, xmm1 )
#elif defined(CRYPTOPP_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION)
AS2( mov WORD_REG(di), xmm1 )
#else
AS2( movd WORD_REG(di), xmm1 )
#endif
@ -710,10 +710,10 @@ size_t GCM_Base::AuthenticateBlocks(const byte *data, size_t len)
AS2( shl eax, 8 )
AS2( psrldq xmm0, 15 )
#if defined(CRYPTOPP_APPLE_CLANG_VERSION)
#if (CRYPTOPP_CLANG_VERSION >= 30600) || (CRYPTOPP_APPLE_CLANG_VERSION >= 70000)
AS2( movd edi, xmm0 )
#elif defined(CRYPTOPP_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION)
AS2( mov WORD_REG(di), xmm0 )
#elif defined(CRYPTOPP_CLANG_VERSION)
AS2( movd edi, xmm0 )
#else
AS2( movd WORD_REG(di), xmm0 )
#endif

5
hex.h
View File

@ -1,3 +1,8 @@
// hex.h - written and placed in the public domain by Wei Dai
//! \file
//! \brief Classes for HexEncoder and HexDecoder
#ifndef CRYPTOPP_HEX_H
#define CRYPTOPP_HEX_H

3
hmac.h
View File

@ -1,5 +1,8 @@
// hmac.h - written and placed in the public domain by Wei Dai
//! \file
//! \brief Classes for HMAC message authentication codes
#ifndef CRYPTOPP_HMAC_H
#define CRYPTOPP_HMAC_H

9
ida.h
View File

@ -1,3 +1,8 @@
// ida.h - written and placed in the public domain by Wei Dai
//! \file
//! \brief Classes for Information Dispersal Algorithm (IDA)
#ifndef CRYPTOPP_IDA_H
#define CRYPTOPP_IDA_H
@ -6,11 +11,9 @@
#include "filters.h"
#include "channels.h"
#include "secblock.h"
#include "stdcpp.h"
#include "misc.h"
#include <map>
#include <vector>
NAMESPACE_BEGIN(CryptoPP)
/// base class for secret sharing and information dispersal

117
osrng.h
View File

@ -1,7 +1,11 @@
#ifndef CRYPTOPP_OSRNG_H
#define CRYPTOPP_OSRNG_H
// osrng.h - written and placed in the public domain by Wei Dai
//! \file
//! \headerfile osrng.h
//! \brief Classes for access to the operating system's random number generators
#ifndef CRYPTOPP_OSRNG_H
#define CRYPTOPP_OSRNG_H
#include "config.h"
@ -17,19 +21,26 @@
NAMESPACE_BEGIN(CryptoPP)
//! Exception class for Operating-System Random Number Generator.
//! \class OS_RNG_Err
//! \brief Exception thrown when an operating system error is encountered
class CRYPTOPP_DLL OS_RNG_Err : public Exception
{
public:
//! \brief Constructs an OS_RNG_Err
//! \param operation the operation or API call when the error occurs
OS_RNG_Err(const std::string &operation);
};
#ifdef NONBLOCKING_RNG_AVAILABLE
#ifdef CRYPTOPP_WIN32_AVAILABLE
//! \class MicrosoftCryptoProvider
//! \brief Wrapper for Microsoft crypto service provider
//! \sa \def USE_MS_CRYPTOAPI, \def WORKAROUND_MS_BUG_Q258000
class CRYPTOPP_DLL MicrosoftCryptoProvider
{
public:
//! \brief Construct a MicrosoftCryptoProvider
MicrosoftCryptoProvider();
~MicrosoftCryptoProvider();
@ -42,7 +53,12 @@ public:
typedef unsigned long ProviderHandle;
#endif
//! \brief Retrieves the CryptoAPI provider handle
//! \returns CryptoAPI provider handle
//! \details The handle is acquired by a call to CryptAcquireContext().
//! CryptReleaseContext() is called upon destruction.
ProviderHandle GetProviderHandle() const {return m_hProvider;}
private:
ProviderHandle m_hProvider;
};
@ -53,12 +69,20 @@ private:
#endif //CRYPTOPP_WIN32_AVAILABLE
//! encapsulate CryptoAPI's CryptGenRandom or /dev/urandom
//! \class NonblockingRng
//! \brief Wrapper class for /dev/random and /dev/srandom
//! \details Encapsulates CryptoAPI's CryptGenRandom() on Windows, or /dev/urandom on Unix and compatibles.
class CRYPTOPP_DLL NonblockingRng : public RandomNumberGenerator
{
public:
//! \brief Construct a NonblockingRng
NonblockingRng();
~NonblockingRng();
//! \brief Generate random array of bytes
//! \param output the byte buffer
//! \param size the length of the buffer, in bytes
//! \details GenerateIntoBufferedTransformation() calls are routed to GenerateBlock().
void GenerateBlock(byte *output, size_t size);
protected:
@ -73,14 +97,22 @@ protected:
#endif
#ifdef BLOCKING_RNG_AVAILABLE
#if defined(BLOCKING_RNG_AVAILABLE) || defined(CRYPTOPP_DOXYGEN_PROCESSING)
//! encapsulate /dev/random, or /dev/srandom on OpenBSD
//! \class BlockingRng
//! \brief Wrapper class for /dev/random and /dev/srandom
//! \details Encapsulates /dev/random on Linux, OS X and Unix; and /dev/srandom on the BSDs.
class CRYPTOPP_DLL BlockingRng : public RandomNumberGenerator
{
public:
//! \brief Construct a BlockingRng
BlockingRng();
~BlockingRng();
//! \brief Generate random array of bytes
//! \param output the byte buffer
//! \param size the length of the buffer, in bytes
//! \details GenerateIntoBufferedTransformation() calls are routed to GenerateBlock().
void GenerateBlock(byte *output, size_t size);
protected:
@ -89,34 +121,82 @@ protected:
#endif
//! OS_GenerateRandomBlock
//! \brief Generate random array of bytes
//! \param output the byte buffer
//! \param size the length of the buffer, in bytes
//! \details OS_GenerateRandomBlock() uses the underlying operating system's
//! random number generator. On Windows, CryptGenRandom() is called using NonblockingRng.
//! \details On Unix and compatibles, /dev/urandom is called if blocking is false using
//! NonblockingRng. If blocking is true, then either /dev/randomd or /dev/srandom is used
//! by way of BlockingRng, if available.
CRYPTOPP_DLL void CRYPTOPP_API OS_GenerateRandomBlock(bool blocking, byte *output, size_t size);
//! Automatically Seeded Randomness Pool
/*! This class seeds itself using an operating system provided RNG. */
//! \class AutoSeededRandomPool
//! \brief Automatically Seeded Randomness Pool
//! \details This class seeds itself using an operating system provided RNG.
class CRYPTOPP_DLL AutoSeededRandomPool : public RandomPool
{
public:
//! use blocking to choose seeding with BlockingRng or NonblockingRng. the parameter is ignored if only one of these is available
//! \brief Construct an AutoSeededRandomPool
//! \param blocking controls seeding with BlockingRng or NonblockingRng
//! \param seedSize the size of the seed, in bytes
//! \details Use blocking to choose seeding with BlockingRng or NonblockingRng.
//! The parameter is ignored if only one of these is available.
explicit AutoSeededRandomPool(bool blocking = false, unsigned int seedSize = 32)
{Reseed(blocking, seedSize);}
//! \brief Reseed an AutoSeededRandomPool
//! \param blocking controls seeding with BlockingRng or NonblockingRng
//! \param seedSize the size of the seed, in bytes
void Reseed(bool blocking = false, unsigned int seedSize = 32);
};
//! RNG from ANSI X9.17 Appendix C, seeded using an OS provided RNG
//! \class AutoSeededX917RNG
//! \tparam BLOCK_CIPHER a block cipher
//! \brief Automatically Seeded X9.17 RNG
//! \details AutoSeededX917RNG is from ANSI X9.17 Appendix C, seeded using an OS provided RNG.
//! If 3-key TripleDES (DES_EDE3) is used, then its a X9.17 conforming generator. If AES is
//! used, then its a X9.31 conforming generator.
//! \details Though ANSI X9 prescribes 3-key TripleDES, the template parameter BLOCK_CIPHER can be any
//! BlockTransformation derived class.
//! \sa X917RNG, DefaultAutoSeededRNG
template <class BLOCK_CIPHER>
class AutoSeededX917RNG : public RandomNumberGenerator, public NotCopyable
{
public:
//! use blocking to choose seeding with BlockingRng or NonblockingRng. the parameter is ignored if only one of these is available
//! \brief Construct an AutoSeededX917RNG
//! \param blocking controls seeding with BlockingRng or NonblockingRng
//! \param autoSeed controls auto seeding of the generator
//! \details Use blocking to choose seeding with BlockingRng or NonblockingRng.
//! The parameter is ignored if only one of these is available.
//! \sa X917RNG
explicit AutoSeededX917RNG(bool blocking = false, bool autoSeed = true)
{if (autoSeed) Reseed(blocking);}
//! \brief Reseed an AutoSeededX917RNG
//! \param blocking controls seeding with BlockingRng or NonblockingRng
//! \param additionalEntropy additional entropy to add to the generator
//! \param length the size of the additional entropy, in bytes
//! \details Internally, the generator uses SHA256 to extract the entropy from
//! from the seed and then stretch the material for the block cipher's key
//! and initialization vector.
void Reseed(bool blocking = false, const byte *additionalEntropy = NULL, size_t length = 0);
// exposed for testing
//! \brief Deterministically reseed an AutoSeededX917RNG for testing
//! \param key the key to use for the deterministic reseeding
//! \param keylength the size of the key, in bytes
//! \param seed the seed to use for the deterministic reseeding
//! \param timeVector a time vector to use for deterministic reseeding
//! \details This is a testing interface for testing purposes, and should \a NOT
//! be used in production.
void Reseed(const byte *key, size_t keylength, const byte *seed, const byte *timeVector);
bool CanIncorporateEntropy() const {return true;}
void IncorporateEntropy(const byte *input, size_t length) {Reseed(false, input, length);}
void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length) {m_rng->GenerateIntoBufferedTransformation(target, channel, length);}
void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length)
{m_rng->GenerateIntoBufferedTransformation(target, channel, length);}
private:
member_ptr<RandomNumberGenerator> m_rng;
@ -152,12 +232,21 @@ void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(bool blocking, const byte *input, s
CRYPTOPP_DLL_TEMPLATE_CLASS AutoSeededX917RNG<AES>;
//! this is AutoSeededX917RNG\<AES\> in FIPS mode, otherwise it's AutoSeededRandomPool
#if defined(CRYPTOPP_DOXYGEN_PROCESSING)
//! \class DefaultAutoSeededRNG
//! \brief A typedef providing a default generator
//! \details DefaultAutoSeededRNG is a typedef of either AutoSeededX917RNG<AES> or AutoSeededRandomPool.
//! If CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2 is defined, then DefaultAutoSeededRNG is
//! AutoSeededX917RNG<AES>. Otherwise, DefaultAutoSeededRNG is AutoSeededRandomPool.
class DefaultAutoSeededRNG {}
#else
// AutoSeededX917RNG<AES> in FIPS mode, otherwise it's AutoSeededRandomPool
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
typedef AutoSeededX917RNG<AES> DefaultAutoSeededRNG;
#else
typedef AutoSeededRandomPool DefaultAutoSeededRNG;
#endif
#endif // CRYPTOPP_DOXYGEN_PROCESSING
NAMESPACE_END

8
pubkey.h
View File

@ -1875,10 +1875,14 @@ public:
#endif
};
//! Base class for public key encryption standard classes. These classes are used to select from variants of algorithms. Note that not all standards apply to all algorithms.
//! \brief Base class for public key encryption standard classes.
//! \details These classes are used to select from variants of algorithms.
//! \note Not all standards apply to all algorithms.
struct EncryptionStandard {};
//! Base class for public key signature standard classes. These classes are used to select from variants of algorithms. Note that not all standards apply to all algorithms.
//! \brief Base class for public key signature standard classes.
//! \details These classes are used to select from variants of algorithms.
//! \note Not all standards apply to all algorithms.
struct SignatureStandard {};
template <class STANDARD, class KEYS, class ALG_INFO>

2
rabin.h
View File

@ -2,7 +2,7 @@
//! \file
//! \headerfile rabin.h
//! \brief Classes Rabin encryption and signature schemes
//! \brief Classes for Rabin encryption and signature schemes
#ifndef CRYPTOPP_RABIN_H
#define CRYPTOPP_RABIN_H

2
rdrand.cpp
View File

@ -102,7 +102,7 @@
#endif
// Debug diagnostics
#if !defined(NDEBUG)
#if 0
# if MASM_RDRAND_ASM_AVAILABLE
# pragma message ("MASM_RDRAND_ASM_AVAILABLE is 1")
# elif NASM_RDRAND_ASM_AVAILABLE

4
rdrand.h
View File

@ -55,7 +55,7 @@ public:
}
//! \brief Set the number of retries used by the generator
//! \param the number of times GenerateBlock will attempt to recover from a failed generation
//! \param retries number of times GenerateBlock() will attempt to recover from a failed generation
void SetRetries(unsigned int retries)
{
m_retries = retries;
@ -134,7 +134,7 @@ public:
}
//! \brief Set the number of retries used by the generator
//! \param the number of times GenerateBlock will attempt to recover from a failed generation
//! \param retries number of times GenerateBlock() will attempt to recover from a failed generation
void SetRetries(unsigned int retries)
{
m_retries = retries;

16
rijndael.h
View File

@ -1,8 +1,9 @@
// rijndael.h - written and placed in the public domain by Wei Dai
//! \file
//! \headerfile rijndael.h
//! \file rijndael.h
//! \brief Classes for Rijndael encryption algorithm
//! \details All key sizes are supported. The library only provides Rijndael with 128-bit blocks,
//! and not 192-bit or 256-bit blocks
#ifndef CRYPTOPP_RIJNDAEL_H
#define CRYPTOPP_RIJNDAEL_H
@ -16,15 +17,18 @@
NAMESPACE_BEGIN(CryptoPP)
//! _
//! \brief Rijndael block cipher information
struct Rijndael_Info : public FixedBlockSize<16>, public VariableKeyLength<16, 16, 32, 8>
{
CRYPTOPP_DLL static const char * CRYPTOPP_API StaticAlgorithmName() {return CRYPTOPP_RIJNDAEL_NAME;}
};
/// <a href="http://www.weidai.com/scan-mirror/cs.html#Rijndael">Rijndael</a>
//! \brief Rijndael block cipher implementation details
//! \sa <a href="http://www.weidai.com/scan-mirror/cs.html#Rijndael">Rijndael</a>
class CRYPTOPP_DLL Rijndael : public Rijndael_Info, public BlockCipherDocumentation
{
//! \brief Rijndael block cipher data processing functionss
//! \details Provides implementation common to encryption and decryption
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Base : public BlockCipherImpl<Rijndael_Info>
{
public:
@ -44,6 +48,8 @@ class CRYPTOPP_DLL Rijndael : public Rijndael_Info, public BlockCipherDocumentat
FixedSizeAlignedSecBlock<word32, 4*15> m_key;
};
//! \brief Rijndael block cipher data processing functions
//! \details Provides implementation for encryption transformation
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Enc : public Base
{
public:
@ -53,6 +59,8 @@ class CRYPTOPP_DLL Rijndael : public Rijndael_Info, public BlockCipherDocumentat
#endif
};
//! \brief Rijndael block cipher data processing functions
//! \details Provides implementation for decryption transformation
class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE Dec : public Base
{
public:

5
ripemd.h
View File

@ -1,3 +1,8 @@
// ripemd.h - written and placed in the public domain by Wei Dai
//! \file
//! \brief Classes for RIPEMD message digest
#ifndef CRYPTOPP_RIPEMD_H
#define CRYPTOPP_RIPEMD_H

34
rng.h
View File

@ -1,4 +1,4 @@
//! rng.h - written and placed in the public domain by Wei Dai
// rng.h - written and placed in the public domain by Wei Dai
//! \file rng.h
//! \brief Miscellaneous classes for RNGs
@ -15,8 +15,8 @@
NAMESPACE_BEGIN(CryptoPP)
//! linear congruential generator
/*! originally by William S. England, do not use for cryptographic purposes */
//! \brief Linear Congruential Generator (LCG)
//! \details Originally by William S. England, do not use for cryptographic purposes
class LC_RNG : public RandomNumberGenerator
{
public:
@ -36,19 +36,37 @@ private:
static const word16 r;
};
//! RNG derived from ANSI X9.17 Appendix C
//! \class X917RNG
//! \brief ANSI X9.17 RNG
//! \details X917RNG is from ANSI X9.17 Appendix C.
//! \sa AutoSeededX917RNG, DefaultAutoSeededRNG
class CRYPTOPP_DLL X917RNG : public RandomNumberGenerator, public NotCopyable
{
public:
// cipher will be deleted by destructor, deterministicTimeVector = 0 means obtain time vector from system
//! \brief Construct a X917RNG
//! \param cipher the block cipher to use for the generator
//! \param seed a byte buffer to use as a seed
//! \param deterministicTimeVector additional entropy
//! \details <tt>cipher</tt> will be deleted by the destructor. <tt>seed</tt> must be at least
//! BlockSize() in length. <tt>deterministicTimeVector = 0</tt> means obtain time vector
//! from the system.
//! \details When constructing an AutoSeededX917RNG, the generator must be keyed or an
//! access violation will occur because the time vector is encrypted using the block cipher.
//! To key the generator during constructions, perform the following:
//! <pre>
//! SecByteBlock key(AES::DEFAULT_KEYLENGTH), seed(AES::BLOCKSIZE);
//! OS_GenerateRandomBlock(false, key, key.size());
//! OS_GenerateRandomBlock(false, seed, seed.size());
//! X917RNG prng(new AES::Encryption(key, AES::DEFAULT_KEYLENGTH), seed, NULL);
//! </pre>
//! \sa AutoSeededX917RNG
X917RNG(BlockTransformation *cipher, const byte *seed, const byte *deterministicTimeVector = 0);
void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
private:
member_ptr<BlockTransformation> cipher;
unsigned int S; // blocksize of cipher
const unsigned int S; // blocksize of cipher
SecByteBlock dtbuf; // buffer for enciphered timestamp
SecByteBlock randseed, m_lastBlock, m_deterministicTimeVector;
};
@ -66,6 +84,8 @@ public:
size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking);
//! \brief Provides the number of bytes of input is needed by the test
//! \returns how many more bytes of input is needed by the test
// BytesNeeded() returns how many more bytes of input is needed by the test
// GetTestValue() should not be called before BytesNeeded()==0
unsigned int BytesNeeded() const {return n >= (Q+K) ? 0 : Q+K-n;}

90
validat1.cpp
View File

@ -459,26 +459,50 @@ bool TestAutoSeeded()
bool TestRDRAND()
{
RDRAND rdrand;
bool generate = true, discard = true;
bool maurer = true, generate = true, discard = true;
static const unsigned int SIZE = 10000;
if (HasRDRAND())
{
cout << "\nTesting RDRAND generator...\n\n";
MeterFilter meter(new Redirector(TheBitBucket()));
RandomNumberSource test(rdrand, 100000, true, new Deflator(new Redirector(meter)));
vector_ptr<byte> rdbytes(SIZE);
RandomNumberSource rns(rdrand, SIZE, true, new ArraySink(rdbytes, rdbytes.size()));
ArraySource as(rdbytes, rdbytes.size(), true);
if (meter.GetTotalBytes() < 100000)
MaurerRandomnessTest mt;
as.CopyTo(mt);
const double mv = mt.GetTestValue();
if (mv < 0.98f)
{
cout << "FAILED:";
maurer = false;
}
else
cout << "passed:";
const std::streamsize oldp = cout.precision(5);
const std::ios::fmtflags oldf = cout.setf(std::ios::fixed, std::ios::floatfield);
cout << " Maurer Randomness Test value of " << mv << endl;
cout.precision(oldp);
cout.setf(oldf, std::ios::floatfield);
MeterFilter meter(new Redirector(TheBitBucket()));
as.CopyTo(meter);
if (meter.GetTotalBytes() < SIZE)
{
cout << "FAILED:";
generate = false;
}
else
cout << "passed:";
cout << " 100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE" << endl;
cout << " " << SIZE << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
try
{
rdrand.DiscardBytes(100000);
rdrand.DiscardBytes(SIZE);
}
catch(const Exception&)
{
@ -489,12 +513,15 @@ bool TestRDRAND()
cout << "FAILED:";
else
cout << "passed:";
cout << " discarded 10000 bytes" << endl;
cout << " discarded " << SIZE << " bytes\n";
}
else
cout << "\nRDRAND generator not available, skipping test." << endl;
cout << "\nRDRAND generator not available, skipping test.\n";
if (!(maurer && generate && discard))
cout.flush();
return generate && discard;
return maurer && generate && discard;
}
#endif
@ -502,26 +529,50 @@ bool TestRDRAND()
bool TestRDSEED()
{
RDSEED rdseed;
bool generate = true, discard = true;
bool maurer = true, generate = true, discard = true;
static const unsigned int SIZE = 10000;
if (HasRDSEED())
{
cout << "\nTesting RDSEED generator...\n\n";
MeterFilter meter(new Redirector(TheBitBucket()));
RandomNumberSource test(rdseed, 100000, true, new Deflator(new Redirector(meter)));
vector_ptr<byte> rdbytes(SIZE);
RandomNumberSource rns(rdseed, SIZE, true, new ArraySink(rdbytes, rdbytes.size()));
ArraySource as(rdbytes, rdbytes.size(), true);
if (meter.GetTotalBytes() < 100000)
MaurerRandomnessTest mt;
as.CopyTo(mt);
const double mv = mt.GetTestValue();
if (mv < 0.98f)
{
cout << "FAILED:";
maurer = false;
}
else
cout << "passed:";
const std::streamsize oldp = cout.precision(5);
const std::ios::fmtflags oldf = cout.setf(std::ios::fixed, std::ios::floatfield);
cout << " Maurer Randomness Test value of " << mv << endl;
cout.precision(oldp);
cout.setf(oldf, std::ios::floatfield);
MeterFilter meter(new Redirector(TheBitBucket()));
as.CopyTo(meter);
if (meter.GetTotalBytes() < SIZE)
{
cout << "FAILED:";
generate = false;
}
else
cout << "passed:";
cout << " 100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE" << endl;
cout << " " << SIZE << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
try
{
rdseed.DiscardBytes(100000);
rdseed.DiscardBytes(SIZE);
}
catch(const Exception&)
{
@ -532,12 +583,15 @@ bool TestRDSEED()
cout << "FAILED:";
else
cout << "passed:";
cout << " discarded 10000 bytes" << endl;
cout << " discarded " << SIZE << " bytes\n";
}
else
cout << "\nRDSEED generator not available, skipping test." << endl;
cout << "\nRDSEED generator not available, skipping test.\n";
if (!(maurer && generate && discard))
cout.flush();
return generate && discard;
return maurer && generate && discard;
}
#endif

7
validat2.cpp
View File

@ -467,6 +467,7 @@ bool ValidateDSA(bool thorough)
assert(pub.GetKey() == pub1.GetKey());
pass = SignatureValidate(priv, pub, thorough) && pass;
pass = RunTestDataFile("TestVectors/dsa.txt", g_nullNameValuePairs, thorough) && pass;
return pass;
}
@ -654,9 +655,9 @@ bool TestPolynomialMod2()
pass3 &= (str1 == str2);
}
cout << (!pass1 ? "FAILED" : "passed") << " " << "1 shifted over range [0," << 2 * WORD_BITS + 1 << "]" << "\n";
cout << (!pass2 ? "FAILED" : "passed") << " " << "0x" << hex << word(SIZE_MAX) << " shifted over range [0," << dec << 2 * WORD_BITS + 1 << "]" << "\n";
cout << (!pass3 ? "FAILED" : "passed") << " " << "random values shifted over range [0," << dec << 2 * WORD_BITS + 1 << "]" << "\n";
cout << (!pass1 ? "FAILED" : "passed") << " " << "1 shifted over range [" << dec << start << "," << stop << "]" << "\n";
cout << (!pass2 ? "FAILED" : "passed") << " " << "0x" << hex << word(SIZE_MAX) << dec << " shifted over range [" << start << "," << stop << "]" << "\n";
cout << (!pass3 ? "FAILED" : "passed") << " " << "random values shifted over range [" << dec << start << "," << stop << "]" << "\n";
if (!(pass1 && pass2 && pass3))
cout.flush();