Just import the Dropbear 0.47 libtomcrypt changes

--HG-- branch : libtomcrypt-dropbear extra : convert_revision : 20dccfc09627970a312d77fb41dc2970b62689c3
2025-06-14 18:28:31 +00:00 · 2006-03-08 13:02:58 +00:00 · 2006-03-08 13:02:58 +00:00 · 33defd1f9b
commit 33defd1f9b
parent c57e1d8def
9 changed files with 70 additions and 9305 deletions
--- a/Makefile.in
+++ b/Makefile.in
@ -6,6 +6,9 @@
 # The version
 VERSION=1.05
 VPATH=@srcdir@
 srcdir=@srcdir@
 # Compiler and Linker Names
 #CC=gcc
 #LD=ld
@ -15,25 +18,22 @@ VERSION=1.05
 #ARFLAGS=r
 # Compilation flags. Note the += does not write over the user's CFLAGS!
-CFLAGS += -c -I./testprof/ -I./src/headers/ -Wall -Wsign-compare -W -Wshadow -Wno-unused-parameter
+# The rest of the flags come from the parent Dropbear makefile
 CFLAGS += -c -I$(srcdir)/src/headers/ -I$(srcdir)/../
 # additional warnings (newer GCC 3.4 and higher)
 #CFLAGS += -Wsystem-headers -Wdeclaration-after-statement -Wbad-function-cast -Wcast-align -Wstrict-prototypes -Wmissing-prototypes \
 #		  -Wmissing-declarations -Wpointer-arith 
 ifndef IGNORE_SPEED
 # optimize for SPEED
-CFLAGS += -O3 -funroll-loops
+#CFLAGS += -O3 -funroll-loops
 # add -fomit-frame-pointer.  hinders debugging!
-CFLAGS += -fomit-frame-pointer
+#CFLAGS += -fomit-frame-pointer
 # optimize for SIZE
 #CFLAGS += -Os -DLTC_SMALL_CODE
 endif
 # older GCCs can't handle the "rotate with immediate" ROLc/RORc/etc macros
 # define this to help
 #CFLAGS += -DLTC_NO_ROLC
@ -77,9 +77,9 @@ endif
 #List of objects to compile.
 #Leave MPI built-in or force developer to link against libtommath?
-ifndef IGNORE_MPI
+#MPIOBJECT=src/misc/mpi/mpi.o
-MPIOBJECT=src/misc/mpi/mpi.o
+#Dropbear uses libtommath
-endif
+MPIOBJECT=
 OBJECTS=src/ciphers/aes/aes_enc.o $(MPIOBJECT) src/ciphers/aes/aes.o src/ciphers/anubis.o \
 src/ciphers/blowfish.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/khazad.o src/ciphers/noekeon.o \
@ -130,37 +130,7 @@ src/modes/ctr/ctr_getiv.o src/modes/ctr/ctr_setiv.o src/modes/ctr/ctr_start.o \
 src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \
 src/modes/ecb/ecb_start.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \
 src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \
-src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \
+src/modes/ofb/ofb_start.o 
 src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \
 src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \
 src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \
 src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \
 src/pk/asn1/der/integer/der_length_integer.o \
 src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
 src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
 src/pk/asn1/der/object_identifier/der_length_object_identifier.o \
 src/pk/asn1/der/octet/der_decode_octet_string.o src/pk/asn1/der/octet/der_encode_octet_string.o \
 src/pk/asn1/der/octet/der_length_octet_string.o \
 src/pk/asn1/der/printable_string/der_decode_printable_string.o \
 src/pk/asn1/der/printable_string/der_encode_printable_string.o \
 src/pk/asn1/der/printable_string/der_length_printable_string.o \
 src/pk/asn1/der/sequence/der_decode_sequence.o src/pk/asn1/der/sequence/der_decode_sequence_multi.o \
 src/pk/asn1/der/sequence/der_encode_sequence.o src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
 src/pk/asn1/der/sequence/der_length_sequence.o \
 src/pk/asn1/der/short_integer/der_decode_short_integer.o \
 src/pk/asn1/der/short_integer/der_encode_short_integer.o \
 src/pk/asn1/der/short_integer/der_length_short_integer.o src/pk/asn1/der/utctime/der_decode_utctime.o \
 src/pk/asn1/der/utctime/der_encode_utctime.o src/pk/asn1/der/utctime/der_length_utctime.o \
 src/pk/dh/dh.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
 src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
 src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/packet_store_header.o src/pk/packet_valid_header.o \
 src/pk/pkcs1/pkcs_1_i2osp.o src/pk/pkcs1/pkcs_1_mgf1.o src/pk/pkcs1/pkcs_1_oaep_decode.o \
 src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1/pkcs_1_os2ip.o src/pk/pkcs1/pkcs_1_pss_decode.o \
 src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_import.o \
 src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o \
 src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
 src/prngs/sprng.o src/prngs/yarrow.o 
 HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h src/headers/tomcrypt_mac.h \
 src/headers/tomcrypt_macros.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
@ -207,7 +177,7 @@ $(LIBTEST):
 $(LIBNAME): $(OBJECTS)
 	$(AR) $(ARFLAGS) $@ $(OBJECTS) 
-	ranlib $(LIBNAME)
+	$(RANLIB) $(LIBNAME)
 #This rule makes the hash program included with libtomcrypt
 hashsum: library $(HASHOBJECTS)
@ -260,24 +230,8 @@ profile:
 #This rule cleans the source tree of all compiled code, not including the pdf
 #documentation.
 clean:
-	rm -f `find . -type f | grep "[.]o" | xargs`
+	-rm -f $(OBJECTS)
-	rm -f `find . -type f | grep "[.]lo"  | xargs`
+	-rm -f libtomcrypt.a
 	rm -f `find . -type f | grep "[.]a" | xargs`
 	rm -f `find . -type f | grep "[.]la"  | xargs`
 	rm -f `find . -type f | grep "[.]obj" | xargs`
 	rm -f `find . -type f | grep "[.]lib" | xargs`
 	rm -f `find . -type f | grep "[.]exe" | xargs`
 	rm -f `find . -type f | grep "[.]gcda" | xargs`
 	rm -f `find . -type f | grep "[.]gcno" | xargs`
 	rm -f `find . -type f | grep "[.]il" | xargs`
 	rm -f `find . -type f | grep "[.]dyn" | xargs`
 	rm -f `find . -type f | grep "[.]dpi" | xargs`
 	rm -rf `find . -type d | grep "[.]libs" | xargs`
 	rm -f crypt.aux  crypt.dvi  crypt.idx  crypt.ilg  crypt.ind  crypt.log crypt.toc
 	rm -f $(TV) $(PROF) $(SMALL) $(CRYPT) $(HASHSUM) $(MULTI) $(TIMING) $(TEST)
 	rm -rf doc/doxygen
 	rm -f doc/*.pdf
 	rm -f *.txt
 #build the doxy files (requires Doxygen, tetex and patience)
 doxy:
--- a/doc/crypt.pdf
+++ b/doc/crypt.pdf
--- a/src/ciphers/aes/aes.c
+++ b/src/ciphers/aes/aes.c
@ -43,6 +43,7 @@
 #define ECB_TEST rijndael_test
 #define ECB_KS   rijndael_keysize
 #if 0
 const struct ltc_cipher_descriptor rijndael_desc =
 {
    "rijndael",
@ -51,6 +52,7 @@ const struct ltc_cipher_descriptor rijndael_desc =
    SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS,
    NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 #endif
 const struct ltc_cipher_descriptor aes_desc =
 {
--- a/src/ciphers/des.c
+++ b/src/ciphers/des.c
@ -20,6 +20,7 @@
 #define EN0 0 
 #define DE1 1
 #if 0
 const struct ltc_cipher_descriptor des_desc =
 {
    "des",
@ -33,6 +34,7 @@ const struct ltc_cipher_descriptor des_desc =
    &des_keysize,
    NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 #endif
 const struct ltc_cipher_descriptor des3_desc =
 {
@ -1518,6 +1520,7 @@ static void desfunc(ulong32 *block, const ulong32 *keys)
 }
 #endif
 #if 0
 /**
    Initialize the DES block cipher
    @param key The symmetric key you wish to pass
@ -1544,6 +1547,7 @@ int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
    return CRYPT_OK;
 }
 #endif
 /**
    Initialize the 3DES-EDE block cipher
@ -1577,6 +1581,7 @@ int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_k
    return CRYPT_OK;
 }
 #if 0
 /**
  Encrypts a block of text with DES
  @param pt The input plaintext (8 bytes)
@ -1614,6 +1619,7 @@ void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
    STORE32H(work[0],pt+0);
    STORE32H(work[1],pt+4);
 }
 #endif
 /**
  Encrypts a block of text with 3DES-EDE
@ -1658,6 +1664,7 @@ void des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key
    STORE32H(work[1],pt+4);
 }
 #if 0
 /**
  Performs a self-test of the DES block cipher
  @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled
@ -1804,6 +1811,7 @@ int des_test(void)
    return CRYPT_OK;
  #endif
 }
 #endif
 int des3_test(void)
 {
@ -1841,12 +1849,14 @@ int des3_test(void)
 #endif
 }
 #if 0
 /** Terminate the context 
   @param skey    The scheduled key
 */
 void des_done(symmetric_key *skey)
 {
 }
 #endif
 /** Terminate the context 
   @param skey    The scheduled key
@ -1856,6 +1866,7 @@ void des3_done(symmetric_key *skey)
 }
 #if 0
 /**
  Gets suitable key size
  @param keysize [in/out] The length of the recommended key (in bytes).  This function will store the suitable size back in this variable.
@ -1870,6 +1881,7 @@ int des_keysize(int *keysize)
    *keysize = 8;
    return CRYPT_OK;
 }
 #endif
 /**
  Gets suitable key size
--- a/src/ciphers/twofish/twofish.c
+++ b/src/ciphers/twofish/twofish.c
@ -43,12 +43,14 @@ const struct ltc_cipher_descriptor twofish_desc =
 #define RS_POLY           0x14D
 /* The 4x4 MDS Linear Transform */
 #if 0
 static const unsigned char MDS[4][4] = {
    { 0x01, 0xEF, 0x5B, 0x5B },
    { 0x5B, 0xEF, 0xEF, 0x01 },
    { 0xEF, 0x5B, 0x01, 0xEF },
    { 0xEF, 0x01, 0xEF, 0x5B }
 };
 #endif
 /* The 4x8 RS Linear Transform */
 static const unsigned char RS[4][8] = {
--- a/src/headers/tomcrypt.h
+++ b/src/headers/tomcrypt.h
@ -23,7 +23,8 @@ extern "C" {
 #define MAXBLOCKSIZE  128
 /* descriptor table size */
-#define TAB_SIZE      32
+/* Dropbear change - this should be smaller, saves some size */
 #define TAB_SIZE    4
 /* error codes [will be expanded in future releases] */
 enum {
--- a/src/headers/tomcrypt_custom.h
+++ b/src/headers/tomcrypt_custom.h
@ -1,6 +1,9 @@
 #ifndef TOMCRYPT_CUSTOM_H_
 #define TOMCRYPT_CUSTOM_H_
 /* this will sort out which stuff based on the user-config in options.h */
 #include "options.h"
 /* macros for various libc functions you can change for embedded targets */
 #define XMALLOC  malloc
 #define XREALLOC realloc
@ -13,13 +16,16 @@
 #define XCLOCK   clock
 #define XCLOCKS_PER_SEC CLOCKS_PER_SEC
-/* Use small code where possible */
+#ifdef DROPBEAR_SMALL_CODE
-/* #define LTC_SMALL_CODE */
+#define LTC_SMALL_CODE
 #endif
 /* These spit out warnings etc */
 #define LTC_NO_ROLC
 /* Enable self-test test vector checking */
-#ifndef LTC_NO_TEST
+/* Not for dropbear */
-   #define LTC_TEST
+//#define LTC_TEST
 #endif
 /* clean the stack of functions which put private information on stack */
 /* #define LTC_CLEAN_STACK */
@ -36,217 +42,51 @@
 /* disable BSWAP on x86 */
 /* #define LTC_NO_BSWAP */
 /* ---> Symmetric Block Ciphers <--- */
 #ifndef LTC_NO_CIPHERS
 #ifdef DROPBEAR_BLOWFISH_CBC
 #define BLOWFISH
 #define RC2
 #define RC5
 #define RC6
 #define SAFERP
 #define RIJNDAEL
 #define XTEA
 /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format
 * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */
 #define TWOFISH
 #ifndef LTC_NO_TABLES
   #define TWOFISH_TABLES
   /* #define TWOFISH_ALL_TABLES */
 #else
   #define TWOFISH_SMALL
 #endif
-/* #define TWOFISH_SMALL */
+
-/* DES includes EDE triple-DES */
+#ifdef DROPBEAR_AES_CBC
 #define RIJNDAEL
 #endif
 #ifdef DROPBEAR_TWOFISH_CBC
 #define TWOFISH
 /* enabling just TWOFISH_SMALL will make the binary ~1kB smaller, turning on
 * TWOFISH_TABLES will make it a few kB bigger, but perhaps reduces runtime
 * memory usage? */
 #define TWOFISH_SMALL
 /*#define TWOFISH_TABLES*/
 #endif
 #ifdef DROPBEAR_3DES_CBC
 #define DES
-#define CAST5
+#endif
 #define NOEKEON
 #define SKIPJACK
 #define SAFER
 #define KHAZAD
 #define ANUBIS
 #define ANUBIS_TWEAK
 #endif /* LTC_NO_CIPHERS */
 /* ---> Block Cipher Modes of Operation <--- */
 #ifndef LTC_NO_MODES
 #define CFB
 #define OFB
 #define ECB
 #define CBC
 #define CTR
-#endif /* LTC_NO_MODES */
+#if defined(DROPBEAR_DSS) && defined(DSS_PROTOK)
 /* ---> One-Way Hash Functions <--- */
 #ifndef LTC_NO_HASHES 
 #define CHC_HASH
 #define WHIRLPOOL
 #define SHA512
-#define SHA384
+#endif
-#define SHA256
+
 #define SHA224
 #define TIGER
 #define SHA1
 #ifdef DROPBEAR_MD5_HMAC
 #define MD5
-#define MD4
+#endif
 #define MD2
 #define RIPEMD128
 #define RIPEMD160
 #endif /* LTC_NO_HASHES */
 /* ---> MAC functions <--- */
 #ifndef LTC_NO_MACS
 #define HMAC
 #define OMAC
 #define PMAC
 #define PELICAN
 #if defined(PELICAN) && !defined(RIJNDAEL)
   #error Pelican-MAC requires RIJNDAEL
 #endif
 /* ---> Encrypt + Authenticate Modes <--- */
 #define EAX_MODE
 #if defined(EAX_MODE) && !(defined(CTR) && defined(OMAC))
   #error EAX_MODE requires CTR and OMAC mode
 #endif
 #define OCB_MODE
 #define CCM_MODE
 #define GCM_MODE
 /* Use 64KiB tables */
 #ifndef LTC_NO_TABLES
   #define GCM_TABLES 
 #endif
 #endif /* LTC_NO_MACS */
 /* Various tidbits of modern neatoness */
 #define BASE64
 /* --> Pseudo Random Number Generators <--- */
 #ifndef LTC_NO_PRNGS
 /* Yarrow */
 #define YARROW
 /* which descriptor of AES to use?  */
 /* 0 = rijndael_enc 1 = aes_enc, 2 = rijndael [full], 3 = aes [full] */
 #define YARROW_AES 0
 #if defined(YARROW) && !defined(CTR)
   #error YARROW requires CTR chaining mode to be defined!
 #endif
 /* a PRNG that simply reads from an available system source */
 #define SPRNG
 /* The RC4 stream cipher */
 #define RC4
 /* Fortuna PRNG */
 #define FORTUNA
 /* reseed every N calls to the read function */
 #define FORTUNA_WD    10
 /* number of pools (4..32) can save a bit of ram by lowering the count */
 #define FORTUNA_POOLS 32
 /* Greg's SOBER128 PRNG ;-0 */
 #define SOBER128
 /* the *nix style /dev/random device */
 #define DEVRANDOM
 /* try /dev/urandom before trying /dev/random */
 #define TRY_URANDOM_FIRST
 #endif /* LTC_NO_PRNGS */
 /* ---> Public Key Crypto <--- */
 #ifndef LTC_NO_PK
 #define MRSA
 /* Digital Signature Algorithm */
 #define MDSA
 /* Max diff between group and modulus size in bytes */
 #define MDSA_DELTA     512
 /* Max DSA group size in bytes (default allows 4k-bit groups) */
 #define MDSA_MAX_GROUP 512
 /* Diffie-Hellman */
 #define MDH
 /* Supported Key Sizes */
 #define DH768
 #define DH1024
 #define DH1280
 #define DH1536
 #define DH1792
 #define DH2048
 #define DH2560
 #define DH3072
 #define DH4096
 /* ECC */
 #define MECC
 /* Supported Key Sizes */
 #define ECC192
 #define ECC224
 #define ECC256
 #define ECC384
 #define ECC521
 /* Include the MPI functionality?  (required by the PK algorithms) */
 #define MPI
 #endif /* LTC_NO_PK */
 /* PKCS #1 (RSA) and #5 (Password Handling) stuff */
 #ifndef LTC_NO_PKCS
 #define PKCS_1
 #define PKCS_5
 /* Include ASN.1 DER (required by DSA/RSA) */
 #define LTC_DER
 #if defined(LTC_DER) && !defined(MPI) 
   #error ASN.1 DER requires MPI functionality
 #endif
 #if (defined(MDSA) || defined(MRSA)) && !defined(LTC_DER)
   #error RSA/DSA requires ASN.1 DER functionality, make sure LTC_DER is enabled
 #endif
 #endif /* LTC_NO_PKCS */
 #endif
 /* THREAD management */
 #ifdef LTC_PTHREAD
 #include <pthread.h>
 #define LTC_MUTEX_GLOBAL(x)   pthread_mutex_t x = PTHREAD_MUTEX_INITIALIZER;
 #define LTC_MUTEX_PROTO(x)    extern pthread_mutex_t x;
 #define LTC_MUTEX_LOCK(x)     pthread_mutex_lock(x);
 #define LTC_MUTEX_UNLOCK(x)   pthread_mutex_unlock(x);
 #else 
 /* default no functions */
 #define LTC_MUTEX_GLOBAL(x)
 #define LTC_MUTEX_PROTO(x)
 #define LTC_MUTEX_LOCK(x)
 #define LTC_MUTEX_UNLOCK(x)
 #define FORTUNA_POOLS 0
 #endif
--- a/src/misc/crypt/crypt.c
+++ b/src/misc/crypt/crypt.c
@ -15,6 +15,7 @@
  Build strings, Tom St Denis
 */  
 /*
 const char *crypt_build_settings =
   "LibTomCrypt " SCRYPT " (Tom St Denis, tomstdenis@gmail.com)\n"
   "LibTomCrypt is public domain software.\n"
@ -308,6 +309,7 @@ const char *crypt_build_settings =
    "\n"
    "\n\n\n"
    ;
 	*/
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt.c,v $ */
--- a/src/misc/mpi/mpi.c
+++ b/src/misc/mpi/mpi.c