Commit graph

423 commits

Author SHA1 Message Date
Dag-Erling Smørgrav
a09cdc6318 Fix equality predicates.
The count we passed to memcmp() in mpi_eq() and mpi_eq_abs() was actually the number of significant words in the MPI, rather than the number of bytes we wanted to compare.  Multiply by 4 to get the correct value.

To make the intent of the code more apparent, introduce a private MPI_MSW() macro which evaluates to the number of significant words (or 1-based index of the most significant word).  This also comes in handy in mpi_{add,sub,mul}_abs().

Add a couple of test cases which not only demonstrate the bug we fixed here but also demonstrate why we must compare whole words: on a big-endian machine, we would be comparing the unused upper bytes of the first and only word instead of the lower bytes which actually hold a value...
2017-04-22 05:32:25 +02:00
Dag-Erling Smørgrav
c365b9762a Merge pull request #9 from cryb-to/cryb-cipher
Fix counter increment in Salsa and ChaCha.
2017-04-22 03:33:01 +02:00
Dag-Erling Smørgrav
1036b2adf6 Merge pull request #8 from cryb-to/cryb-rolror
Add unit tests for {rol,ror}{8,16,32,64}.
2017-04-22 03:32:44 +02:00
Dag-Erling Smørgrav
b28507b0e9 Fix counter increment in Salsa and ChaCha.
In my eagerness to eliminate a branch which is taken once per 2^38 bytes of keystream, I forgot that the state words are in host order.  Thus, the counter increment code worked fine on little-endian machines, but not on big-endian ones.  Switch to a simpler (branchful) solution.
2017-04-22 03:10:10 +02:00
Dag-Erling Smørgrav
b69da31597 Add unit tests for {rol,ror}{8,16,32,64}. 2017-04-22 01:41:06 +02:00
Dag-Erling Smørgrav
6e5bac8747 Fix a typo that broke some of the tests on big-endian platforms. 2017-04-21 21:28:47 +02:00
Dag-Erling Smørgrav
bd3e353455 Add missing algorithms. 2017-04-21 18:57:51 +02:00
Dag-Erling Smørgrav
938dcaa450 Avoid any assumptions about the signedness of char. 2017-04-21 18:56:52 +02:00
Dag-Erling Smørgrav
d03b4c1958 New alpha release. 2017-04-06 21:30:15 +02:00
Dag-Erling Smørgrav
dd57dac67f Fix typo that prevented t_mpi.h from being distributed. 2017-04-06 21:29:11 +02:00
Dag-Erling Smørgrav
2597da2b29 Retroactively document 0.20170322. 2017-04-06 21:24:54 +02:00
Dag-Erling Smørgrav
24df7d433f Bump version. 2017-04-06 21:19:23 +02:00
Dag-Erling Smørgrav
ae9609ddf0 Merge pull request #7 from cryb-to/safe-rol-ror
Make rolN / rorN safe for all counts.
2017-04-06 21:14:55 +02:00
Dag-Erling Smørgrav
d2d16d26da Make rolN / rorN safe for all counts.
The current version invokes undefined behavior when the count is negative, zero, or equal to or greater than the width of the operand.  The new version masks the count to avoid these situations.  Although branchless, it is relatively inefficient if the compiler does not recognize it and translate it to a rol or ror instruction.  Empirical tests show that both clang and gcc get it right for constant counts, and recent versions of clang (but not gcc) get it right for variable counts as well.  Note that our current code base has no instances of rolN / rorN with a variable count.
2017-04-06 19:55:27 +02:00
Dag-Erling Smørgrav
c556bc0aa8 Implement MPI division. 2017-04-06 19:52:23 +02:00
Dag-Erling Smørgrav
3c2b134fe4 Implement fast increment / decrement functions. 2017-04-06 19:52:23 +02:00
Dag-Erling Smørgrav
111efcb949 Correct function descriptions. 2017-04-06 19:52:23 +02:00
Dag-Erling Smørgrav
2a66f62078 Implement MPI multiplication. 2017-04-06 19:52:23 +02:00
Dag-Erling Smørgrav
5170c0bc41 Print words in the correct order, and tack on the MSB. 2017-04-06 19:52:23 +02:00
Dag-Erling Smørgrav
206c6ffc85 Implement ffs() / fls() and use the latter to compute the MSB. 2017-04-06 19:52:23 +02:00
Dag-Erling Smørgrav
36739778ce Clear a vector that was supposed to be zero. 2017-04-06 19:52:23 +02:00
Dag-Erling Smørgrav
8477c4ae0b Slightly improve function descriptions. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
094635f394 Remove debugging code. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
115ea66061 Sort prototypes. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
83ca8031c5 Cosmetic fixups. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
b4eb918dad Implement GCD using Stein's binary algorithm. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
a11c52e896 Refactor the comparison predicates, check for identity first. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
47a0bf838f Add functions for comparing an MPI to an integer. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
26e434d64b Add functions that return the LSB and MSB of an MPI. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
7e05fe419a Remove unused headers. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
895d1eb539 Constify where possible. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
cdd1a65e84 Fix pasto which prevented cryb-mpi from being built. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
b31223ad15 Ensure that autogen.sh fails if any of its steps does. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
82ee73e14d Update ax_gcc_builtin macros from upstream. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
9ee45d4e34 Fix sign bug in special cases in mpi_{add,sub}_abs().
We failed to clear the negative flag when handling trivial cases, so if one of the terms was 0 and the other was negative, the result would be an exact copy of the non-zero term instead of its absolute value.
2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
fc99e7973b Split up the 150+ mpi test cases into smaller groups. 2017-04-06 19:51:47 +02:00
Dag-Erling Smørgrav
95ba4d39da Bump version. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
a176c38f8f Sync debian/copyright with LICENSE. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
1f8432f6a2 First shot at a Debian package. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
165e489017 Correct information about Joachim Strömbergson's contributions. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
f29927dfe5 Correct copyright year. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
a82671403f Use the correct variable for find(1). 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
f164c3ac6e Replace the old mkpkgng script with a true port Makefile. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
3a6ba51b86 Adjust UiO copyright. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
cdbb565482 Silence compiler warnings about operator precedence. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
c6536641c5 Major cleanup of the MD and SHA digests.
- Use the new vector byte-order conversion functions where appropriate.
- Use memset_s() instead of memset() where appropriate.
- Use consistent names and types for function arguments.
- Reindent, rename and reorganize to conform to Cryb style and idiom.

SHA224 and SHA256 were left mostly unchanged.  MD2 and MD4 were completely rewritten as the previous versions (taken from XySSL) seem to have been copied from RSAREF.

This breaks the ABI as some context structures have grown or shrunk and some function arguments have been changed from int to size_t.
2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
d96415b2c3 Define vector versions of the endianness conversion functions. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
ce5562d568 Remove unused struct member. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
6f794d4739 Fix typo, add missing declarations. 2017-04-06 19:51:46 +02:00
Dag-Erling Smørgrav
a8f0cc2e69 Neither AES nor DES have keystream functions. 2017-04-06 19:51:46 +02:00