diff options
author | lloyd <[email protected]> | 2008-09-05 12:49:05 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2008-09-05 12:49:05 +0000 |
commit | a10b1c70bcbdc8b1f2978928a58b60a3aa2ffa2c (patch) | |
tree | 732862d6950a8ed86debedb01b7c8142844373fa | |
parent | 3bac1d990af53d6646f768a2b47d5b18d933fea2 (diff) | |
parent | e292d9c1263fc74c26b26b9bd6f879ab25cc19ee (diff) |
propagate from branch 'net.randombit.botan' (head 6af2a53b621670d7f0a7f0dc5db05c21475ec87b)
to branch 'net.randombit.botan.ecdsa' (head 615b9b32d55f374b935f9b9bfb4049dfad765e6c)
66 files changed, 922 insertions, 983 deletions
diff --git a/.mtn-ignore b/.mtn-ignore index 79bc2183c..a6256de22 100644 --- a/.mtn-ignore +++ b/.mtn-ignore @@ -12,3 +12,5 @@ ^check$ ^doc/examples/.*\.pem$ ^misc/nist_tests/x509test$ +/?callgrind.out.* + diff --git a/checks/bench.cpp b/checks/bench.cpp index d3a9e06c4..f05bf8848 100644 --- a/checks/bench.cpp +++ b/checks/bench.cpp @@ -10,6 +10,7 @@ using Botan::byte; using Botan::u64bit; #include "common.h" +#include "timer.h" #include "bench.h" /* Discard output to reduce overhead */ @@ -29,26 +30,24 @@ double bench_filter(std::string name, Botan::Filter* filter, bool html, double seconds) { Botan::Pipe pipe(filter, new BitBucket); - pipe.start_msg(); - static const u32bit BUFFERSIZE = 32*1024; - byte buf[BUFFERSIZE]; + pipe.start_msg(); - rng.randomize(buf, BUFFERSIZE); + byte buf[32 * 1024]; + Timer timer(name, sizeof(buf)); - u32bit iterations = 0; - u64bit start = get_clock(), clocks_used = 0; - u64bit go_up_to = static_cast<u64bit>(seconds * get_ticks()); + rng.randomize(buf, sizeof(buf)); - while(clocks_used < go_up_to) + while(timer.seconds() < seconds) { - iterations++; - pipe.write(buf, BUFFERSIZE); - clocks_used = get_clock() - start; + timer.start(); + pipe.write(buf, sizeof(buf)); + timer.stop(); } - double bytes_per_sec = (static_cast<double>(iterations) * BUFFERSIZE) / - (static_cast<double>(clocks_used) / get_ticks()); + pipe.end_msg(); + + double bytes_per_sec = timer.events() / timer.seconds(); double mbytes_per_sec = bytes_per_sec / (1024.0 * 1024.0); std::cout.setf(std::ios::fixed, std::ios::floatfield); diff --git a/checks/bench.h b/checks/bench.h index e101acdc2..f58ce3250 100644 --- a/checks/bench.h +++ b/checks/bench.h @@ -4,6 +4,25 @@ #include <botan/rng.h> #include <string> +#include <map> +#include <set> +#include "timer.h" + +#include <iostream> + +class Benchmark_Report + { + public: + void report(const std::string& name, Timer timer) + { + std::cout << name << " " << timer << "\n"; + data[name].insert(timer); + } + + private: + std::map<std::string, std::set<Timer> > data; + }; + void benchmark(const std::string&, Botan::RandomNumberGenerator&, bool html, double seconds); diff --git a/checks/clock.cpp b/checks/clock.cpp deleted file mode 100644 index ed417b21f..000000000 --- a/checks/clock.cpp +++ /dev/null @@ -1,58 +0,0 @@ -#include <botan/botan.h> -using namespace Botan; - -#include "common.h" -#include <time.h> - -/* - Using clock() or similiar is bad news when using a hardware-based Engine, - as all the stuff is offloaded and we use zero CPU time, which makes the - benchmarks and such take forever. -*/ - -#define USE_CLOCK 1 -#define USE_TIMES 0 -#define USE_POSIX_GETTIME 0 -#define USE_RDTSC 0 - -/* If using USE_RDTSC, set to your CPU's Mhz */ -#define CPU_MHZ 2400 - -#if USE_CLOCK - - u64bit get_clock() { return clock(); } - u64bit get_ticks() { return CLOCKS_PER_SEC; } - -#elif USE_TIMES - - #include <sys/times.h> - #include <unistd.h> - u64bit get_clock() { return times(0); } - u64bit get_ticks() { return sysconf(_SC_CLK_TCK); } - -#elif USE_POSIX_GETTIME - -u64bit get_clock() - { - struct timespec tv; - clock_gettime(CLOCK_REALTIME, &tv); - - return (tv.tv_sec * 1000000000 + tv.tv_nsec) / 1000; - } - -u64bit get_ticks() { return 1000000; } -#elif USE_RDTSC - - u64bit get_clock() - { - u64bit rtc = 0; - u32bit rtc_low = 0, rtc_high = 0; - asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low)); - rtc = ((u64bit)rtc_high << 32) | rtc_low; - return rtc / 1000; - } - - u64bit get_ticks() { return CPU_MHZ * 1000; } -#else - #error "Must choose a timing method!" -#endif diff --git a/checks/common.h b/checks/common.h index 06cb638ee..ac3daaf76 100644 --- a/checks/common.h +++ b/checks/common.h @@ -37,9 +37,6 @@ std::vector<std::string> parse(const std::string& line); std::string hex_encode(const byte in[], u32bit len); Botan::SecureVector<byte> decode_hex(const std::string&); -Botan::u64bit get_clock(); -Botan::u64bit get_ticks(); - Botan::Filter* lookup(const std::string& algname, const std::vector<std::string>& params, const std::string& section); @@ -70,7 +67,7 @@ class Fixed_Output_RNG : public Botan::RandomNumberGenerator return out; } - void randomize(byte out[], u32bit len) throw() + void randomize(byte out[], u32bit len) { for(u32bit j = 0; j != len; j++) out[j] = random(); diff --git a/checks/keys/rsa1024.pem b/checks/keys/rsa1024.pem deleted file mode 100644 index 6ab9326ca..000000000 --- a/checks/keys/rsa1024.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMWoYknxc2v0eCy6 -IPlkssAFbBG0zS7yMVYimlny6zJ0WcpUuMR9gYp6oeP3/dYQOW072VPqH4YtaEnE -rE+df5Elecx/EGugLqHRlOKHWVAYSu9QRsPiu29nyM/jJ2LE1nNFggu8+t8su59p -CbkzL5sClgkwYanfBQAKt49+5JwlAgMBAAECgYA88ySD6qmN44/fMvISFWQtZD6j -4x3WWSavifIQxKCUKV66zo8/P/hfLFuZgZJLnSsoLOliP/LCnGPpQ3VjA40fOD80 -l71satQmrmIJR7TOJeTh/EQ5glDh8exfcmrZqvIbStghRPveSmHt2boz13mCJLGo -DnIt9YpHQW5wtiCuTQJBAP0GAzRowQatvKomrEtr0kz0kZ6l7rmUWNbjx1jtYG1j -mqPTsLw2z8rsNQetAoC/bp+cPrz0GgszqVzG7rvdV+8CQQDH+6LLn7JMYDTJ4jnp -NQCArIucstyNQoxaHacnZxeWeRAhCTgJ9feQUqysoewe1+AZgY2LLUF+j8YIEu4a -Z5krAkAvbvce1hyJofxicYmPQhFUt+ysrzLHu5XEA0OV2jpfh3KwD7lsL2JZClsO -q1JyzHByn5nrVl+jhfXUHL8YnPAlAkEAvC1IjpqCx+NvSNia7Zp2Ep5J8PVNG48X -SmTEuQsE4w6f4rYuCRFuFlv1J6xl5s/zi4ygh+nZyyG2kjpd2nLJaQJAKkYVTfeL -VxZZZKAU5rDvMsnVccTbtLdQQVXxYLpDdr7gtM2znbZWiQ67Ep/DIFetxlwMwSJS -QBNFkdn1Ut01Rg== ------END PRIVATE KEY----- diff --git a/checks/keys/rsa1536.pem b/checks/keys/rsa1536.pem deleted file mode 100644 index 4475a3d9d..000000000 --- a/checks/keys/rsa1536.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIDlAIBADANBgkqhkiG9w0BAQEFAASCA34wggN6AgEAAoHBAKuFaCy1yWWztcvs -D5tRWSPVRHDx2MGM97Z8STLs77GCV9JBf6kEAYheU+CNrxstVXHw/g3gnFxR285C -WW89uabpk10jhWJQgctupTyQePkzISfoQqguSMSNO0rIpFqk6+vy1n/l8muJwu7/ -9jchnPUhfN6W4ABy1kJVRO0MSos6ZtsbnjzLQomaQ4sJPOUOrBXTprhWHC387T4X -V6Ud/1dGFSuV+VxcieBibXLCzTpCEFWPfKQeMeDRYb47e170BwIDAQABAoG/dl2a -MUCXu5eeiHEKVCUktEB4+s3rclErTBkjwAEYE2ff3eQANU3jwOKs/59x4qS7p+X8 -wkGUUMws5Co64zRgP3pG4qpLYjgsr4xWe3U4BsFCIEgoYpI4+sB8KnT29uwtbLtF -J+X4f5pqotwn2e1ewwIWryf8xW+MYh/mzuEtLxJgURi7TnK8+VuBgwra3n2SKr1q -haA4T37jQa2m8fx3lNx7IWBAw91xaFMhp8Nz1pwI+zibwZ4PBaS6UnaoYaECYQDU -6XQvhF59ftGJ3CzdLejN8c7xwkkcbd+5viGjfJY61vTXX0FTP4XDDdpcXcuPHbkI -qKNbuqcb+8b4ud/e3wpaglFPZqn8BH8F6yxApGVlVSvygaTzae0KMF7LjkmYzckC -YQDOO5O+v5VJd77Qc8lJaMGlMGEWf5IqaPfDBskPbuGgNbaF8t+1minPGrBgG/AD -z3dpdQlC8kqoJwVNPTzolNHe0yGT8HHzArrCpsaJsolBCB/oeqIbm2uE8oVptHgJ -W08CYBCEO7sj7aCWofKr3d8anKC9TWx7wegurdhe44UnORA/dKbwgMTQfLPw8yuP -KydjCuOdEW8gP65wDbNl1/QWIVt8GIqsUCt4vdHbuIcbObJutQYPAJjRcs4DipcH -5rWv4QJgef4V/Hy5o1bZIdeMFweHnN6MX9GgtcOX496sqpttjeaYDI5JtNP3rVHd -SUzdYnOj8FbR3q8SaHuEkFcMI4x8xPFhaHCQBy7zKNeck7FvrW9P6KY6JFiAdok7 -T/b4FpjTAmB5TzlevCW/gT1JKoBZofGjwJm5tf6dJMpUMZjdlMcpMCF+3qgg5ZL9 -Ko0660+LIwNRI6ZRdLoSF5U9Y0BWy4jpL/jW0LLtNs132PUVhM7jaMok+flCzwri -bmB853nwE+k= ------END PRIVATE KEY----- diff --git a/checks/keys/rsa2048.pem b/checks/keys/rsa2048.pem deleted file mode 100644 index 6c23215ee..000000000 --- a/checks/keys/rsa2048.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDQQoiJtweVqGrM -T/5KlAYf7ZMcDTfMp5y+4vXsPTBuREEbEfyP//+prb1333XiAvBuR/ybKGu/yofa -Uu99pCkf2Gsop3fdHSoil+a4ehPi2KQa6l0mgJ6+Ibxy2o6O4CKM/NN/WHvBAqgC -YijPSaxKEOy1KvYNaF+3mBdMuPF+Bq7IgheF41e+3auszSF486Nr5pzu1FpMreuJ -SuLN29FngHyIw0aGtVpNGIV9VEFJ/SUrhXy6BDne9ANfDYxDqVLajKKLV5/k1ZV3 -+IYiHB8h6yYXO/nrZCmlNwDfTqxYa9s4xUjw/bcpy7wsnbs2QC4z2ilXPPWeJ75O -tXnmCmQZAgMBAAECggEAAKeqInbcN4LnPgRjxanHrAyFxSiB+SFCyr/JPS66sTiH -5J6deTBWKDVTkL4QpvvRDlz0SUr/G0LVHr6rfqvht25Zrp2ZWoOKK5Y2A1CBvnuZ -2akgCviRMQfCK8Z1nEV1HYrhrYO5VZ92swXU8VmdfmDUbmSwlPRgMqTbK3QBr+KG -M4Z7sldrnwDgmzn+tDY1CUxdHzCDK82+FAvDbwBzXgbl741u0D5S082x8fDLfgTG -EeDZLiMVNRFN8xTmcxzLtjreqQirMQJoMWUAEF/9Wumt7lSM4FVu6M4A/o4b1YhA -9pmE5YUQEBUEQZnN2xz7SA4/ltJKNQfKG/pAI4+hrQKBgQD67CsGByIFGynRp+HT -4GDOPMvLKcz8aIGfJrt1ZrfFu9AsFsWpnn+OwiqnBQF13qLGyJOaJPv9kBXaXDPJ -4TmF9ueI47sCdxpLJztMnTduggTkae4UM85K3ueP9rC5ZEVnPVoMsQFWZHtfBBjM -R6NGnG0AJ9aq68QC0t26HaW2kwKBgQDUeV0hQHqyNhUedZV7RZB/J7z83Dig2eMi -sfKBD62jWWFSfxg0sZCb2v3Y1rd5xgaU42OAukXPx4b9KMgxCu5iMEMvugmW6H0i -93ktEB6kwXGq44lWdi4+2y3MiRm6Amn5zeaz2V9tnsk9ItEY/Mg3su5ZkNboTLGB -00Fvz/qaIwKBgQDKKPZsz9hf5seli63NJ4y2/JJwp8foYEZ2tBz59H0BSVTqAJrW -EsXQfa0hjU3k6i+ZGkaZPUzsuGZy3DA5aUUQIqHeTyP/U3gSrpP/IPdlCEnqwVG4 -YxjEh5xnB6jQZPHpwKtJaF6cfS5Mmh9kjh8FJ8hGBNLWOEdewwczCOnXEwKBgGyx -YTj/eUTtccRRNpUHMzI5K+7W4Yk3rYA0M/BeCt/De4vuRH3AUE/KqY1h2h5LdVZ5 -NI/HuqreUWn0kOS1yNkmA1jI/NrcOBfJLY4l7uctpm5bVAiNEH9LNJSrliOX1Irc -ECb1DmJPlnbV9s2nku0bdd8Pv0C66xuU7Ka8aGCtAoGAW3YzomBT17iRaoVIj33l -MBELk/0vNaePxuhYq3G5Sg/4LZ0giPKNbjgnCNP7yDOEhLcWSW5RFFuIS8Vs0ZKk -TWqQrV68YzTFk46vhKXdB+1NRJ0DcO+n3cKajAXBPESJStHw7K8TCyvEt7rId0W9 -xLAaxucFT6SRHKC+klTALu8= ------END PRIVATE KEY----- diff --git a/checks/keys/rsa3072.pem b/checks/keys/rsa3072.pem deleted file mode 100644 index 1101062bc..000000000 --- a/checks/keys/rsa3072.pem +++ /dev/null @@ -1,40 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQCwE5Upn2qTRbJ5 -sZXt0cpMy03dYlGJom6unGAKMdmoQL0/3tycep8rei+bJre06qQz3+jWom2AujWu -TmA+RcT41Q0gBaEMW0pmIBp2TcINdqvwTslo3sjAvdCh408FH6GwSko4BBBGDkxK -Avl5uVAKxIJfb0bcD1cqSRK6+vnl18J9QLtHZZeHxcp2y4znXIChvKE8GSdkUnji -xqOuehIDii0+VGz3rZvsvO9Z+r0nhcU0KYbFuKlS/Cwt4kRR18PFWFCXnzVhxgQY -TUJFtCw8BnOwoRfmbk/WbFEPNPAzZSpsL5LefundtVCJ2jv9jKaBZy4ZkBxt7o46 -ZESHyXyf+OhL3wFcyAi/EB/YTFqw3+sp8/KMl28pqKxVazgawK6tg+VsZDJ22gMa -M2j0tkSnqPcfSKSm6fYKxSxv3JtTLu4K/plml1oZuKOkSfFhRHYoHrTc9nvgYt7B -a+btkhXbDktyrJEuH4q58eFjVK5FeGDWjvvo8Csz8800gpf/koMCAwEAAQKCAYBL -pV4kL7Ud6Iew+LatIcCEFaQyRJc7Rmm+4rfwKVKVkpq74gdtwtC3YRsq0QuD0nsR -PlVOQSJCd72wUUPP/TGOphmpdEGoiWABWDGGOgnwttdPusmVIIGnLOWBZ6L/VIOm -tYQFZNmI/4OPGJAN16untJ0+WxRaXszYAeTmKAVM1dFc9n5/QgpD7pn5R6IVlAw/ -cEblBvmBhF0jMKwJvbAXjTm62ZKnJhMjNliuk6bIYBRFQMICGD/Gw0hHvjoT31op -FDixfeynEr3urWqovzvheFta8Vp6pziPJHAVN7i16qyN1aLekfQUBWp4XpGSgg0P -Tds/YH25hp4WR0SykrSRy0n0ImgbKoi+cX5b92M21Tds7DFDfOltk12d7mcvFynu -RxteSHUH9+r5mohn0UqR/wIQpiSgnu3ztT4v3uqJKHLRDMZ8uUbnLI9y5vDpZfsI -oCm9v7//b7faDJkGGOYQD3fkotQ0PX4owHtld0wwzA67HjAZtKGVk201aqYx46EC -gcEA6jF4iiejWka4s8N4/m73cLf/zcXpLQM+rMYy/a+IWkAbRGVvrJSAYqx7B49i -FBzVz4qcnXk0yYY2vducD+0+sWX5T0zvkYmwTLK4c+vpqteaEhriKnHy4uRmhPe7 -V2nGB10E059qwScI+I9sI1BZsddknjWV7Ancafb5x2ciQEt/WpQuArAUBrE6A9UU -5/UtHEUhPLYlBps6kHhRUe1Ek567/KU4RWjxvL5NIXqaYSuASvhBoN0SNnK9sLrb -CdSnAoHBAMB4xEnsseEY6D0MMU9TtjAeXZkz8iJBCCh53RlE+p4pAD1WHVZ1dlZT -JjHxuuEl6vDTaqGyewbRhhpmAgcfWaPyS3pLVHrhfyuuEAVdk2iD6e6JUt5Te9FA -esFk7gB9jz3M4s13+baG6F6eCotDfcBOR8T5HW8o2cbkEx28/Q40wNUm4wesnT8K -Qwtb6fau286ctcuW4ZGXIcGx+8eh8WJMZGZBmjxh6MMGFJXEPcmtE6/zAJ6pfTPd -xpZwT6FixQKBwQClhbGcc8eQ1stUwqORsPxSProdxfO4TMLPeoYvpxDIOOcMwGTd -pVfYZe/OuBip/ndf6Kgo5LHafXHTXpQ+7X+SAnDjC42HX7mre+XCiMruZNQQV8/i -EAeLNcL/19ghQDEmoyf2KoZZXi2JAFV94ByFBaen6le8LHwMqPKBbPNYXgP1ESYz -4B9HW5uVedT83Ny1Tmbfch1ZPf12fpN7RCdj7p0PQ/cxl6rDq/z33J+gbg6O7kf0 -Wku1EAPiFS8bE6ECgcEAplM2fROYHAdkGe1BZ2XV2PtEszHampNMM34r/LxJPwf7 -dwXF0IMtQigUp7BXaF1WC8sHKLiN7DSACKwCMJl841pss0AJvy7CsMJ4gcp9qiHk -tAfjntDR/OAVtK49phra//LgQ+Lb3kny4GD+h55JOzfqeWM1dmv81g0eH+LDY9Ve -llRGeMlIEcQSb+x74Hr25DM0Pr0iLKhHuZTPGZLuf524XU1vtaJ+fJnyjAHLy05P -5wq9jF63HW0XQcXIapRpAoHAbem3wm1Y/C+HgGU3U0XPX7CnjU/1iV1ddvLVbgo/ -LQEYTU4oYjHlJK/2+LE/kmiZR2g3OCjNUzBOL8WXY5X9cP1+aJ2zDUEo0nD4CeKt -L4b94uXAjV/fy2Spu6y/LuqL2H4+KM0SzTJWAlr69dUhmTVlvJQ7i/XTXrBTaECc -+OQIuU0ao70CBqKdmAbm1MQkmhUxODOG81jemSb6AhHPJ1ueNN2LWAY+cvQonYGB -oPL/+MMli/3s/RTU8y9rh4dw ------END PRIVATE KEY----- diff --git a/checks/keys/rsa4096.pem b/checks/keys/rsa4096.pem deleted file mode 100644 index ec6855e01..000000000 --- a/checks/keys/rsa4096.pem +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCuo+I8il3o5RmO -b9bWyFWBQuyXDRPOeoNvtpPHGmG7zZs1n2++jpXzaF1aKqJQSlWf2bUh2k73xpA1 -4rcW2yhIOE6wQP01k9HrvFjvqzebxtKrykFC+Y1h4K/Yoj4CvHIKTS3gwTwe6Wzo -ke4MBNbIprk5s/hBjlN2ZJLdbekEvRQ+MQFjQayGWF9rnFYUXmEzuWuCM46et3En -FUyoPuaYNks2miBr3TyFGovSwxNpighv5l+oliVueb5k9oKhXJKa4cBmieQfJ3Wg -h9VxcnJfMCYnp17zbMfWQH4QSf0dYhAnGRISakviNzcaZrqoMyLrQG0fZ4NWlJK8 -g4QqwAiTfIj3rag64LNH4S4QNolixitHUPqYvjXjmCqMwh/0fyCCOQUXJcpMYobg -Olf7KX6n2/3xbVRm3QSc0XtdtnvyE/LLfWbIWWHUDzUSVxqK/DFaOxz0pWnOfdGf -VMNjOHotePnqVTBV92ipc5LIbgsds8wDofLkd6d3OSO2ur8ZITvOVSTx2rxdshkx -RagewBGIQnAy2fTIlHeMiQOwca5gWqtF8j5TX5djcnTZGmbggy2uj/Z0mqX8JYXY -XAxfklR8BAopaAm0yCiHyfDOBHw2ZRfIj7VrypYodoREVhDoALU6O6fSJBM2GTSO -sPt4EvBPRgCoLgcgsyUQ7rAeFAh21QIDAQABAoICABQD1k7n8MFbWGV5rd6p0Rri -Z6kcJ5P3eI7aFu+vt1nFw68Omcj2IHtoD6Lg1f9rtYp/cgHyOjCtgiOa2y70aRZ1 -1Zbfq+VzDpD84hh9v/7Ld6OWp4ocfbalAKJMXd0EafGCTOrAWrqUOBYje2vHNjKC -4SGa3a3tuOUNu8NC8HzJisNh7G3KvhIbmLwFi9wDwRIjgw3GCOdp0L8Q8tspclYp -is80NNkH3wLGOxYpo1TqK/NfLMFui9WwgECj++6wZGD51Ior7YgghpuiVbUNz8vX -Adhzly9A3VpRw+DsCeVPMti4R9jyc8X2XAtbkLLsQWlC1f7OZ0AKARM343Le1VyZ -SDdQOdErSH+ltvRdHiWDT4q/f9vOt9YBdbATrRRurKL4xK12oXweW3i0ombx9b+t -15Wp5I9LJtrIwGDh2dvViyolVril5HnYsiI0mVjSsfoF4aZx7yJdE4DWiE0Db2NF -iYaZdF+0TJliOqHODPvTHm6wofLS+M9SLplegon9/4wHqJtfjm8PHI8xiPI8ofWe -Lx4F6AxZYTTMDx8dKkCU32kL0xr7DwCtrwQqJtlHw7YpN/sdKy8T+gWcTcZxIok9 -J2zTGziIgSCuu9lwTbF3TOhe5ZtvmXpKOuIQtKbJ0vKDhweDxSdQ/mkCmKerfbC3 -0yhBo6gCPiRJ0fuT/3KBAoIBAQDi1guM1dvvnNAJbCtIMaE5ee/DchHfDdZU7zM+ -g/vp8JRf+t2CiMyC/AmpOfqMr1WQgqHyQipQNndudIVYX3nR+66f5ITTcdGtvl8M -ZYC2aLW+55raMbvO2tcRX8VuAxyn31D5BVknK3iSAcprZbusjkL6R/EYXyWcD+28 -0xaIoSp/xrpaw5gZ0WZR/0ylygaCqdPh5j2qbN5K0V7YlGTSrFtH1AxuLXovQoJY -xUcWTlXmPIl74F7yFrXJFL9/DX5Shi6rzXoTHRskSCF7gwDwLjUAedlsSoyD/J1w -n2Em0Ho3Z9NM9iE+y1rpknBpEHYzqsBFHwSOS7r2EV37UrV1AoIBAQDFF+Qagwuj -fcbxZtImDTp2MiQV6gdhXfJtz/gF+QPN97zbMvseTGoq4WhfLnHkqwA8cSLq5B2L -RDaClRZkOJCuhVGtYz+VKycd4IhSZCVeDtRpROpscpV89+A4/S1knEK3popl6qq3 -wcB66CRmJHvk4F7m1icdCXWJpwpcKl2UkFiJTm9kGSFLZsOe47C/2Xotf4npxgEr -OWci1JVqBRkcf0b9TPjaPNPv3449AzMEnJ0az1h0WFWe08wX8oV+TL0DiBH2RxSC -VxVDGxX71HDUgOIyScXt7O3tg4SN5JwALZvWhpSktzQRiHTgvuB2duXwBJSMgnxD -LZJeP1ZnnK/hAoIBAQChcZ4+2mbynzUhv67+bvREqBiRjjpR+tM1GBnswJsm4Wd4 -+F93bE3CXAe0PeOpBZFsjM0eUyEyfdF698uAHlPhs7ORcV9n7nZBpmCXvhZhvRy9 -hrGb4hG9I9w2LWei6OwYPsSut7PAQRxLLqMW1Q1Bvu7EmzdpFS77aArYfZRoIezR -jGtN9i/nEDY23fF7fdIsZRq8iNYS2fFMZr+Ofe9UUf+Vm8JNGGkCAeArthzmL1LL -zwI6/HIW8zrmprG0h7IEoiPNey0LNYf/xqat9YtRZlGqyQ6KGHTx63VSltzadz7E -+ExXVkZLHwjRfLwsyt6V302A5JalgBjM0YeGPFORAoIBADFdpY2aayzdERpf1Z0g -TRdTwcQXZRfXLySgJZBhabmKJqyEnW9eVm09HiZQ/Mf4qMt6zvMkhd3fDQQyEXSy -0lJUJDwYktFrCJYsKhjw6ocfkcZ4M3tMS/MMJwY/K8J6fR+AwEN8vpveFLb0NEG9 -O6b9J+gLlappNx5uT2L8XYobiYGCutXIkZVQPQksIJY9A6QnwMRkCuDntNR9iJsQ -gdSocIB7ag1HlRIM3ZScm4e5LoSLkK07ft6UUBdjcFpNID6lM1KLRTDMXQ/81cnI -0SX4zi8oWUIZyRJnkaj0rLpCsjjOZqbHGGyX0CaGyLQDXd57VzXGbRdqb7HZjWvQ -TCECggEAA4w9jyVBJvy/RNQQYXHy1+s8hOx2TUIc2Ui1tDHNrIdjIAR9AmXXPezt -VrStFRSUK86S6/Y+JbxM42Nf4UBUOuS0xT+O8YC45uBZ2r+S4/A+Bka1MyAFx+fp -v/NbkXicsC4s9pGOgsPS4xVp3ShXC41jzPVWuMXibPPuCYvp7BydVDSGMEdfqkRf -XA0HCqlp4k3PHJhfpOBeoSLelstIYpdPUT4vEOovudNSTOlCMSlbBr4x4U+mixsi -rPGe/QYtoKHpuZLZUkqkWc2+cGYD7/aNRT0EzYMhnwaM0T9rCSTJkDrM6/q7WKsl -isKJKuWLCOKvGIWKQS326uF2r4vnyw== ------END PRIVATE KEY----- diff --git a/checks/keys/rsa512.pem b/checks/keys/rsa512.pem deleted file mode 100644 index e359f492c..000000000 --- a/checks/keys/rsa512.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA0yKodbN10WvQ6Hjv -6WQE8QLJt0bxI5kYPv3i21aZhhZpvl4fqnJkDPTd7tTS6RtI9inJ58bLjs4yOcJE -41196QIDAQABAkAOIUmo5uPBqjeG92EG+5yhDJC3ZVYKDdrjjFY8W6VWpdYsR5an -UpEP5l29QIsPOH+BjGnG7NfURUjAdGaenr0pAiEA90/j88/FvfUXpQqIdnbnzC0g -xQl1i3ZXrKtz391YHQcCIQDajW0K4blZuKRGzjgH8ZW8ZzdJFJAgZTWsj4Xl1uXB -jwIhAO4/cWtsqqOv3EJrXkE5lV6Vzu7iiPF8ZUP7u9pa4sq7AiBmdU7dfxzp1woM -t7jE4JkWDj144U8AIPKcx1w6eBiWOQIhAJ438klFZuGDVbDUllF9AeO1KpVT4btp -2K7pByk+bP79 ------END PRIVATE KEY----- diff --git a/checks/keys/rw1024.pem b/checks/keys/rw1024.pem deleted file mode 100644 index 8272014bf..000000000 --- a/checks/keys/rw1024.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdQIBADAOBgorBgEEAYHFKgEBBQAEggJeMIICWgIBAAKBgQC28nMTDzUzMD+c -YqWG1FoW3FDMJxyr2RLMufrpAr2pKkBDHuzHBzzcFV2T8/0zuFFDlD5A3waqXV0E -3uYXGpv4AiiXPiIs75cQIkEsKfcaKR+TkkTIhfiZ1nvFcrDuwBKvaQzt24326xRI -DdOi8L2+vJQSQSjsAdG4SgAGC17BRQIBAgKBgANEVFcyjqoOk2vvedAfOHdD7yg3 -jjntBOg6LZ+W5/VOeAEy1oON1/Gk8/Ttf/M1k7yipa7faUMKz2AWRBvXVRIc3wMO -73jMy+s54NkFj/6fXxpI/OdSNEEnVq84G7IRXSuOj6JpZ6PNbDnpNWlE8t2bM3uN -vEcZtHV9XvhqpBZ/AkEA45gV+4e6y8z3ebxm6grpeE/JXg2glOm+3pn7Rfc+IHgw -OK4EiFOaLOmCtPGA/HGFjy5XWeYeLFpfr6Q1ujpiowJBAM3H1f44BVcuo/9VTAhs -fdQCCjzkjfWgmlzrdeaqvNM4+ADzYkSOh85+GlUzGt8rvzois+YTQDX9pS2VeP0/ -cvcCQDjmBX7h7rLzPd5vGbqCul4T8leDaCU6b7emftF9z4geDA4rgSIU5os6YK08 -YD8cYWPLldZ5h4sWl+vpDW6OmKkCQQCaVeB+qgQBYvr/f/kGUV5fAYetq2p4OHPF -sJhtAA2earoAtomzauXa3pO/5lQnYM9rmgbsjnAofjviMBq975Y5AkAXYycCq+zk -1z1CYY9D7/hTagRK3tRYweFh9zR6PdwN6NfnWYktFOONzHz2eupU73A3dG+TbTDy -HeFDKOXf54Ar ------END PRIVATE KEY----- diff --git a/checks/keys/rw512.pem b/checks/keys/rw512.pem deleted file mode 100644 index 05e900c61..000000000 --- a/checks/keys/rw512.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIBVAIBADAOBgorBgEEAYHFKgEBBQAEggE9MIIBOQIBAAJBALIxGscaieOzc3oN -cq5T0xOxYRm9WcSUeydWU6fFE2GbKEUkmYmMiaoAUnNd0GJU0aiiSChgfT5dbJ/M -I7fm2uUCAQICQBZGI1jjUTx2bm9BrlXKemJ2LCM3qziSj2TqynT4omwzLzgEMH57 -pRyVwg5hJfWaPt2Fl1m9IM2w+0m/P/WnwgICIQDyFiSihzJ0O76bGisyDKMe9KEn -RWVHrN9cUjmV4lqZCwIhALxu3nMOfOyJk6bmKW6o37vH1GYVEi8j9jX/mI4oTjHP -AiEAtZCbeeVl1yzO9FOgZYl6Vzd43XQL9cGnhT2rMGnD8sgCIC8bt5zDnzsiZOm5 -iluqN+7x9RmFRIvI/Y1/5iOKE4x0AiEAqgdTQJW1OyOYKkA62QcUyP5gexP/n0X8 -prrrIxjkekA= ------END PRIVATE KEY----- diff --git a/checks/pk.cpp b/checks/pk.cpp index 263f8e090..7a8f821fa 100644 --- a/checks/pk.cpp +++ b/checks/pk.cpp @@ -612,40 +612,48 @@ u32bit do_pk_validation_tests(const std::string& filename, u32bit new_errors = 0; - if(algorithm.find("DSA/") != std::string::npos) - new_errors = validate_dsa_sig(algorithm, substr, rng); - else if(algorithm.find("DSA_VA/") != std::string::npos) - new_errors = validate_dsa_ver(algorithm, substr); - - else if(algorithm.find("RSAES_PKCS8/") != std::string::npos) - new_errors = validate_rsa_enc_pkcs8(algorithm, substr, rng); - else if(algorithm.find("RSAVA_X509/") != std::string::npos) - new_errors = validate_rsa_ver_x509(algorithm, substr); - - else if(algorithm.find("RSAES/") != std::string::npos) - new_errors = validate_rsa_enc(algorithm, substr, rng); - else if(algorithm.find("RSASSA/") != std::string::npos) - new_errors = validate_rsa_sig(algorithm, substr, rng); - else if(algorithm.find("RSAVA/") != std::string::npos) - new_errors = validate_rsa_ver(algorithm, substr); - else if(algorithm.find("RWVA/") != std::string::npos) - new_errors = validate_rw_ver(algorithm, substr); - else if(algorithm.find("RW/") != std::string::npos) - new_errors = validate_rw_sig(algorithm, substr, rng); - else if(algorithm.find("NR/") != std::string::npos) - new_errors = validate_nr_sig(algorithm, substr, rng); - else if(algorithm.find("ElGamal/") != std::string::npos) - new_errors = validate_elg_enc(algorithm, substr, rng); - else if(algorithm.find("DH/") != std::string::npos) - new_errors = validate_dh(algorithm, substr, rng); - else if(algorithm.find("DLIES/") != std::string::npos) - new_errors = validate_dlies(algorithm, substr, rng); - else - std::cout << "WARNING: Unknown PK algorithm " - << algorithm << std::endl; - - alg_count++; - errors += new_errors; + try + { + + if(algorithm.find("DSA/") != std::string::npos) + new_errors = validate_dsa_sig(algorithm, substr, rng); + else if(algorithm.find("DSA_VA/") != std::string::npos) + new_errors = validate_dsa_ver(algorithm, substr); + + else if(algorithm.find("RSAES_PKCS8/") != std::string::npos) + new_errors = validate_rsa_enc_pkcs8(algorithm, substr, rng); + else if(algorithm.find("RSAVA_X509/") != std::string::npos) + new_errors = validate_rsa_ver_x509(algorithm, substr); + + else if(algorithm.find("RSAES/") != std::string::npos) + new_errors = validate_rsa_enc(algorithm, substr, rng); + else if(algorithm.find("RSASSA/") != std::string::npos) + new_errors = validate_rsa_sig(algorithm, substr, rng); + else if(algorithm.find("RSAVA/") != std::string::npos) + new_errors = validate_rsa_ver(algorithm, substr); + else if(algorithm.find("RWVA/") != std::string::npos) + new_errors = validate_rw_ver(algorithm, substr); + else if(algorithm.find("RW/") != std::string::npos) + new_errors = validate_rw_sig(algorithm, substr, rng); + else if(algorithm.find("NR/") != std::string::npos) + new_errors = validate_nr_sig(algorithm, substr, rng); + else if(algorithm.find("ElGamal/") != std::string::npos) + new_errors = validate_elg_enc(algorithm, substr, rng); + else if(algorithm.find("DH/") != std::string::npos) + new_errors = validate_dh(algorithm, substr, rng); + else if(algorithm.find("DLIES/") != std::string::npos) + new_errors = validate_dlies(algorithm, substr, rng); + else + std::cout << "WARNING: Unknown PK algorithm " + << algorithm << std::endl; + + alg_count++; + errors += new_errors; + } + catch(std::exception& e) + { + std::cout << "Exception: " << e.what() << "\n"; + } if(new_errors) std::cout << "ERROR: \"" << algorithm << "\" failed test #" diff --git a/checks/pk_bench.cpp b/checks/pk_bench.cpp index 8bb4e791c..df1c6cde1 100644 --- a/checks/pk_bench.cpp +++ b/checks/pk_bench.cpp @@ -7,11 +7,13 @@ #include <botan/parsing.h> #include <botan/pkcs8.h> +#include <botan/mem_ops.h> #include <botan/look_pk.h> using namespace Botan; #include "common.h" +#include "timer.h" #include "bench.h" #include <iostream> @@ -19,369 +21,312 @@ using namespace Botan; #include <string> #include <memory> -#define PRINT_MS_PER_OP 0 /* If 0, print ops / second */ - -void bench_enc(PK_Encryptor*, RandomNumberGenerator&, - const std::string&, double, bool); -void bench_dec(PK_Encryptor*, PK_Decryptor*, RandomNumberGenerator&, - const std::string&, double, bool); -void bench_sig(PK_Signer*, RandomNumberGenerator&, - const std::string&, double, bool); -void bench_ver(PK_Signer*, PK_Verifier*, - RandomNumberGenerator&, - const std::string&, double, bool); -void bench_kas(PK_Key_Agreement*, RandomNumberGenerator&, - const std::string&, double, bool); +namespace { -void bench_pk(RandomNumberGenerator& rng, - const std::string& algo, bool html, double seconds) +void benchmark_enc_dec(PK_Encryptor& enc, PK_Decryptor& dec, + Timer& enc_timer, Timer& dec_timer, + RandomNumberGenerator& rng, + u32bit runs, double seconds) { - /* - There is some strangeness going on here. It looks like algorithms - at the end take some kind of penalty. For example, running the RW tests - first got a result of: - RW-1024: 148.14 ms / private operation - but running them last output: - RW-1024: 363.54 ms / private operation - - I think it's from memory fragmentation in the allocators, but I'm - not really sure. Need to investigate. - - Until then, I've basically ordered the tests in order of most important - algorithms (RSA, DSA) to least important (NR, RW). + SecureVector<byte> plaintext, ciphertext; - This strange behaviour does not seem to occur with DH (?) - - To get more accurate runs, use --bench-algo (RSA|DSA|DH|ELG|NR); in this - case the distortion is less than 5%, which is good enough. - - We do random keys with the DL schemes, since it's so easy and fast to - generate keys for them. For RSA and RW, we load the keys from a file. The - RSA keys are stored in a PKCS #8 structure, while RW is stored in a more - ad-hoc format (the RW algorithm has no assigned OID that I know of, so - there is no way to encode a RW key into a PKCS #8 structure). - */ - - if(algo == "All" || algo == "RSA") + for(u32bit i = 0; i != runs; ++i) { - const u32bit keylen[] = { 512, 1024, 1536, 2048, 3072, 4096, 0 }; - - for(size_t j = 0; keylen[j]; j++) + if(enc_timer.seconds() < seconds || ciphertext.size() == 0) { - const std::string len_str = to_string(keylen[j]); - const std::string file = "checks/keys/rsa" + len_str + ".pem"; - - std::auto_ptr<RSA_PrivateKey> key( - dynamic_cast<RSA_PrivateKey*>(PKCS8::load_key(file, rng)) - ); - - if(key.get() == 0) - throw Invalid_Argument("Failure reading RSA key from " + file); + plaintext.create(48); + rng.randomize(plaintext.begin(), plaintext.size()); + plaintext[0] |= 0x80; - bench_enc(get_pk_encryptor(*key, "Raw"), - rng, "RSA-" + len_str, seconds, html); - - bench_dec(get_pk_encryptor(*key, "Raw"), - get_pk_decryptor(*key, "Raw"), - rng, "RSA-" + len_str, seconds, html); + enc_timer.start(); + ciphertext = enc.encrypt(plaintext, rng); + enc_timer.stop(); } - } - - if(algo == "All" || algo == "DSA") - { - const u32bit keylen[] = { 512, 768, 1024, 0 }; - for(size_t j = 0; keylen[j]; j++) + if(dec_timer.seconds() < seconds) { - const std::string len_str = to_string(keylen[j]); - - DSA_PrivateKey key(rng, "dsa/jce/" + len_str); + dec_timer.start(); + SecureVector<byte> plaintext2 = dec.decrypt(ciphertext); + dec_timer.stop(); - bench_ver(get_pk_signer(key, "EMSA1(SHA-1)"), - get_pk_verifier(key, "EMSA1(SHA-1)"), - rng, "DSA-" + len_str, seconds, html); - - bench_sig(get_pk_signer(key, "EMSA1(SHA-1)"), - rng, "DSA-" + len_str, seconds, html); + if(plaintext != plaintext2) + std::cerr << "Contents mismatched on decryption in RSA benchmark!\n"; } } + } - if(algo == "All" || algo == "DH") - { - const u32bit keylen[] = { 768, 1024, 1536, 2048, 3072, 4096, 0 }; +void benchmark_sig_ver(PK_Verifier& ver, PK_Signer& sig, + Timer& verify_timer, Timer& sig_timer, + RandomNumberGenerator& rng, + u32bit runs, double seconds) + { + SecureVector<byte> message, signature; - for(size_t j = 0; keylen[j]; j++) + for(u32bit i = 0; i != runs; ++i) + { + if(sig_timer.seconds() < seconds || signature.size() == 0) { - const std::string len_str = to_string(keylen[j]); + message.create(48); + rng.randomize(message.begin(), message.size()); - DH_PrivateKey key(rng, - "modp/ietf/" + len_str); - - bench_kas(get_pk_kas(key, "Raw"), rng, - "DH-" + len_str, seconds, html); + sig_timer.start(); + signature = sig.sign_message(message, rng); + sig_timer.stop(); } - } - - if(algo == "All" || algo == "ELG" || algo == "ElGamal") - { - const u32bit keylen[] = { 768, 1024, 1536, 2048, 3072, 4096, 0 }; - for(size_t j = 0; keylen[j]; j++) + if(verify_timer.seconds() < seconds) { - const std::string len_str = to_string(keylen[j]); - - ElGamal_PrivateKey key(rng, "modp/ietf/" + len_str); + verify_timer.start(); + bool verified = ver.verify_message(message, signature); + verify_timer.stop(); - bench_enc(get_pk_encryptor(key, "Raw"), - rng, "ELG-" + len_str, seconds, html); - - bench_dec(get_pk_encryptor(key, "Raw"), - get_pk_decryptor(key, "Raw"), - rng, "ELG-" + len_str, seconds, html); + if(!verified) + std::cerr << "Signature verification failure\n"; } } + } - if(algo == "All" || algo == "NR") +template<typename PRIV_KEY_TYPE> +void benchmark_rsa_rw(RandomNumberGenerator& rng, + double seconds, + Benchmark_Report& report) + { + const u32bit keylens[] = { 512, 1024, 2048, 3072, 4096, 6144, 8192, 0 }; + + const std::string algo_name = PRIV_KEY_TYPE().algo_name(); + + for(size_t j = 0; keylens[j]; j++) { - const u32bit keylen[] = { 512, 768, 1024, 0 }; + u32bit keylen = keylens[j]; - for(size_t j = 0; keylen[j]; j++) + Timer keygen_timer("keygen"); + Timer verify_timer("verify"); + Timer sig_timer("signature"); + + while(verify_timer.seconds() < seconds || + sig_timer.seconds() < seconds) { - const std::string len_str = to_string(keylen[j]); + keygen_timer.start(); + PRIV_KEY_TYPE key(rng, keylen); + keygen_timer.stop(); - NR_PrivateKey key(rng, "dsa/jce/" + len_str); + std::string padding = "EMSA4(SHA-1)"; - bench_ver(get_pk_signer(key, "EMSA1(SHA-1)"), - get_pk_verifier(key, "EMSA1(SHA-1)"), - rng, "NR-" + len_str, seconds, html); + std::auto_ptr<PK_Signer> sig(get_pk_signer(key, padding)); + std::auto_ptr<PK_Verifier> ver(get_pk_verifier(key, padding)); - bench_sig(get_pk_signer(key, "EMSA1(SHA-1)"), - rng, "NR-" + len_str, seconds, html); + benchmark_sig_ver(*ver, *sig, verify_timer, sig_timer, rng, 10000, seconds); } + + const std::string nm = algo_name + "-" + to_string(keylen); + report.report(nm, keygen_timer); + report.report(nm, verify_timer); + report.report(nm, sig_timer); } + } - if(algo == "All" || algo == "RW") +template<typename PRIV_KEY_TYPE> +void benchmark_dsa_nr(RandomNumberGenerator& rng, + double seconds, + Benchmark_Report& report) + { + const char* domains[] = { "dsa/jce/512", + "dsa/jce/768", + "dsa/jce/1024", + "dsa/botan/2048", + "dsa/botan/3072", + NULL }; + + const std::string algo_name = PRIV_KEY_TYPE().algo_name(); + + for(size_t j = 0; domains[j]; j++) { - const u32bit keylen[] = { 512, 1024, 0 }; + u32bit pbits = to_u32bit(split_on(domains[j], '/')[2]); + u32bit qbits = (pbits <= 1024) ? 160 : 256; + + Timer keygen_timer("keygen"); + Timer verify_timer("verify"); + Timer sig_timer("signature"); - for(size_t j = 0; keylen[j]; j++) + while(verify_timer.seconds() < seconds || + sig_timer.seconds() < seconds) { - const std::string len_str = to_string(keylen[j]); - const std::string file = "checks/keys/rw" + len_str + ".pem"; + DL_Group group(domains[j]); - RW_PrivateKey* key = - dynamic_cast<RW_PrivateKey*>(PKCS8::load_key(file, rng)); + keygen_timer.start(); + PRIV_KEY_TYPE key(rng, group); + keygen_timer.stop(); - bench_ver(get_pk_signer(*key, "EMSA2(SHA-1)"), - get_pk_verifier(*key, "EMSA2(SHA-1)"), - rng, "RW-" + len_str, seconds, html); - bench_sig(get_pk_signer(*key, "EMSA2(SHA-1)"), - rng, "RW-" + len_str, seconds, html); + const std::string padding = "EMSA1(SHA-" + to_string(qbits) + ")"; - delete key; + std::auto_ptr<PK_Signer> sig(get_pk_signer(key, padding)); + std::auto_ptr<PK_Verifier> ver(get_pk_verifier(key, padding)); + + benchmark_sig_ver(*ver, *sig, verify_timer, sig_timer, rng, 100, seconds); } + + const std::string nm = algo_name + "-" + to_string(pbits); + report.report(nm, keygen_timer); + report.report(nm, verify_timer); + report.report(nm, sig_timer); } } -namespace { - -void print_result(bool html, u32bit runs, u64bit clocks_used, - const std::string& algo_name, const std::string& op) +void benchmark_dh(RandomNumberGenerator& rng, + double seconds, + Benchmark_Report& report) { - double seconds = static_cast<double>(clocks_used) / get_ticks(); - double mseconds_per_run = 1000 * (seconds / runs); - double runs_per_sec = runs / seconds; - - if(html) + const char* domains[] = { "modp/ietf/768", + "modp/ietf/1024", + "modp/ietf/2048", + "modp/ietf/3072", + "modp/ietf/4096", + "modp/ietf/6144", + NULL }; + + for(size_t j = 0; domains[j]; j++) { - std::cout << " <TR><TH>" << algo_name << " (" << op << ") <TH>"; + Timer keygen_timer("keygen"); + Timer kex_timer("kex"); - if(PRINT_MS_PER_OP) - std::cout << mseconds_per_run; - else - std::cout << runs_per_sec; + while(kex_timer.seconds() < seconds) + { + DL_Group group(domains[j]); - std::cout << std::endl; - } - else - { - std::cout << algo_name << ": "; + keygen_timer.start(); + DH_PrivateKey dh1(rng, group); + keygen_timer.stop(); - std::cout.setf(std::ios::fixed, std::ios::floatfield); - std::cout.precision(2); + keygen_timer.start(); + DH_PrivateKey dh2(rng, group); + keygen_timer.stop(); - if(PRINT_MS_PER_OP) - std::cout << mseconds_per_run << " ms / " << op << "\n"; - else - std::cout << runs_per_sec << " ops / second (" << op << ")\n"; - } - } + DH_PublicKey pub1(dh1); + DH_PublicKey pub2(dh2); -} + SecureVector<byte> secret1, secret2; -void bench_enc(PK_Encryptor* enc, - RandomNumberGenerator& rng, - const std::string& algo_name, - double seconds, bool html) - { - static const u32bit MSG_SIZE = 16; - byte msg[MSG_SIZE]; + for(u32bit i = 0; i != 100; ++i) + { + if(kex_timer.seconds() > seconds) + break; - u32bit runs = 0; + kex_timer.start(); + secret1 = dh1.derive_key(pub2); + kex_timer.stop(); - u64bit clocks_used = 0; + kex_timer.start(); + secret2 = dh2.derive_key(pub1); + kex_timer.stop(); - const u64bit ticks = get_ticks(); - while(clocks_used < seconds * ticks) - { - runs++; - rng.randomize(msg, MSG_SIZE); + if(secret1 != secret2) + { + std::cerr << "DH secrets did not match, bug in the library!?!\n"; + } - u64bit start = get_clock(); - enc->encrypt(msg, MSG_SIZE, rng); - clocks_used += get_clock() - start; - } + } - delete enc; + } - print_result(html, runs, clocks_used, algo_name, "public operation"); + const std::string nm = "DH-" + split_on(domains[j], '/')[2]; + report.report(nm, keygen_timer); + report.report(nm, kex_timer); + } } -void bench_dec(PK_Encryptor* enc, PK_Decryptor* dec, - RandomNumberGenerator& rng, - const std::string& algo_name, - double seconds, bool html) +void benchmark_elg(RandomNumberGenerator& rng, + double seconds, + Benchmark_Report& report) { - static const u32bit MSG_SIZE = 16; - byte msg[MSG_SIZE]; - rng.randomize(msg, MSG_SIZE); - SecureVector<byte> output; + const char* domains[] = { "modp/ietf/768", + "modp/ietf/1024", + "modp/ietf/2048", + "modp/ietf/3072", + "modp/ietf/4096", + NULL }; - u32bit runs = 0; - u64bit clocks_used = 0; + const std::string algo_name = "ElGamal"; - SecureVector<byte> encrypted_msg = enc->encrypt(msg, MSG_SIZE, rng); - - const u64bit ticks = get_ticks(); - while(clocks_used < seconds * ticks) + for(size_t j = 0; domains[j]; j++) { - runs++; - - rng.randomize(msg, MSG_SIZE); - msg[0] |= 0x80; // make sure it works with "Raw" padding - encrypted_msg = enc->encrypt(msg, MSG_SIZE, rng); + u32bit pbits = to_u32bit(split_on(domains[j], '/')[2]); - u64bit start = get_clock(); - output = dec->decrypt(encrypted_msg); - clocks_used += get_clock() - start; + Timer keygen_timer("keygen"); + Timer enc_timer("encrypt"); + Timer dec_timer("decrypt"); - if(output.size() != MSG_SIZE || - std::memcmp(msg, output, MSG_SIZE) != 0) + while(enc_timer.seconds() < seconds || + dec_timer.seconds() < seconds) { - std::cout << hex_encode(msg, MSG_SIZE) << std::endl; - std::cout << hex_encode(output, output.size()) << std::endl; - throw Internal_Error("Decrypt check failed during benchmark"); - } - } + DL_Group group(domains[j]); - delete enc; - delete dec; + keygen_timer.start(); + ElGamal_PrivateKey key(rng, group); + keygen_timer.stop(); - print_result(html, runs, clocks_used, algo_name, "private operation"); - } + const std::string padding = "Raw"; //"EME1(SHA-1)"; -void bench_sig(PK_Signer* sig, - RandomNumberGenerator& rng, - const std::string& algo_name, - double seconds, bool html) - { - static const u32bit MSG_SIZE = 16; - byte msg[MSG_SIZE]; + std::auto_ptr<PK_Decryptor> dec(get_pk_decryptor(key, padding)); + std::auto_ptr<PK_Encryptor> enc(get_pk_encryptor(key, padding)); - u32bit runs = 0; - u64bit clocks_used = 0; + benchmark_enc_dec(*enc, *dec, enc_timer, dec_timer, rng, 100, seconds); + } - const u64bit ticks = get_ticks(); - while(clocks_used < seconds * ticks) - { - runs++; - rng.randomize(msg, MSG_SIZE); - u64bit start = get_clock(); - sig->update(msg, MSG_SIZE); - sig->signature(rng); - clocks_used += get_clock() - start; + const std::string nm = algo_name + "-" + to_string(pbits); + report.report(nm, keygen_timer); + report.report(nm, enc_timer); + report.report(nm, dec_timer); } - - delete sig; - - print_result(html, runs, clocks_used, algo_name, "private operation"); } -void bench_ver(PK_Signer* sig, PK_Verifier* ver, - RandomNumberGenerator& rng, - const std::string& algo_name, - double seconds, bool html) +} + +void bench_pk(RandomNumberGenerator& rng, + const std::string& algo, bool, double seconds) { - static const u32bit MSG_SIZE = 16; - byte msg[MSG_SIZE]; - rng.randomize(msg, MSG_SIZE); + /* + There is some strangeness going on here. It looks like algorithms + at the end take some kind of penalty. For example, running the RW tests + first got a result of: + RW-1024: 148.14 ms / private operation + but running them last output: + RW-1024: 363.54 ms / private operation - sig->update(msg, MSG_SIZE); - SecureVector<byte> signature = sig->signature(rng); - u32bit runs = 0; - u64bit clocks_used = 0; + I think it's from memory fragmentation in the allocators, but I'm + not really sure. Need to investigate. - const u64bit ticks = get_ticks(); - while(clocks_used < seconds * ticks) - { - // feel free to tweak, but make sure this always runs when runs == 0 - if(runs % 100 == 0) - { - rng.randomize(msg, MSG_SIZE); - sig->update(msg, MSG_SIZE); - signature = sig->signature(rng); - } + Until then, I've basically ordered the tests in order of most important + algorithms (RSA, DSA) to least important (NR, RW). - runs++; + This strange behaviour does not seem to occur with DH (?) - u64bit start = get_clock(); - ver->update(msg, MSG_SIZE); - bool result = ver->check_signature(signature, signature.size()); - clocks_used += get_clock() - start; - if(!result) - throw Internal_Error("Signature check failed during benchmark"); - } + To get more accurate runs, use --bench-algo (RSA|DSA|DH|ELG|NR); in this + case the distortion is less than 5%, which is good enough. - delete sig; - delete ver; + We do random keys with the DL schemes, since it's so easy and fast to + generate keys for them. For RSA and RW, we load the keys from a file. The + RSA keys are stored in a PKCS #8 structure, while RW is stored in a more + ad-hoc format (the RW algorithm has no assigned OID that I know of, so + there is no way to encode a RW key into a PKCS #8 structure). + */ - print_result(html, runs, clocks_used, algo_name, "public operation"); - } + Benchmark_Report report; -void bench_kas(PK_Key_Agreement* kas, - RandomNumberGenerator& rng, - const std::string& algo_name, - double seconds, bool html) - { - /* 128 bits: should always be considered valid (what about ECC?) */ - static const u32bit REMOTE_KEY_SIZE = 16; - byte key[REMOTE_KEY_SIZE]; + if(algo == "All" || algo == "RSA") + benchmark_rsa_rw<RSA_PrivateKey>(rng, seconds, report); - u32bit runs = 0; - u64bit clocks_used = 0; + if(algo == "All" || algo == "DSA") + benchmark_dsa_nr<DSA_PrivateKey>(rng, seconds, report); - const u64bit ticks = get_ticks(); - while(clocks_used < seconds * ticks) - { - runs++; - rng.randomize(key, REMOTE_KEY_SIZE); + if(algo == "All" || algo == "DH") + benchmark_dh(rng, seconds, report); - u64bit start = get_clock(); - kas->derive_key(0, key, REMOTE_KEY_SIZE); - clocks_used += get_clock() - start; - } + if(algo == "All" || algo == "ELG" || algo == "ElGamal") + benchmark_elg(rng, seconds, report); - delete kas; + if(algo == "All" || algo == "NR") + benchmark_dsa_nr<NR_PrivateKey>(rng, seconds, report); - print_result(html, runs, clocks_used, algo_name, "key agreement"); + if(algo == "All" || algo == "RW") + benchmark_rsa_rw<RW_PrivateKey>(rng, seconds, report); } diff --git a/checks/timer.cpp b/checks/timer.cpp new file mode 100644 index 000000000..0a5a05de2 --- /dev/null +++ b/checks/timer.cpp @@ -0,0 +1,63 @@ +#include "timer.h" +#include <time.h> +#include <iomanip> + +u64bit Timer::get_clock() + { + struct timespec tv; + clock_gettime(CLOCK_REALTIME, &tv); + return (tv.tv_sec * 1000000000ULL + tv.tv_nsec); + } + +Timer::Timer(const std::string& n, u32bit e_mul) : + name(n), event_mult(e_mul) + { + time_used = 0; + timer_start = 0; + event_count = 0; + } + +void Timer::start() + { + stop(); + timer_start = get_clock(); + } + +void Timer::stop() + { + if(timer_start) + { + u64bit now = get_clock(); + + if(now > timer_start) + time_used += (now - timer_start); + + timer_start = 0; + ++event_count; + } + } + +std::ostream& operator<<(std::ostream& out, Timer& timer) + { + //out << timer.value() << " "; + + int events_per_second = timer.events() / timer.seconds(); + + out << events_per_second << " " << timer.get_name() << " per second; "; + + if(timer.seconds_per_event() < 10) + out << std::setprecision(2) << std::fixed + << timer.ms_per_event() << " ms/" << timer.get_name(); + else + out << std::setprecision(4) << std::fixed + << timer.seconds_per_event() << " s/" << timer.get_name(); + + if(timer.seconds() < 10) + out << " (" << timer.events() << " ops in " + << timer.milliseconds() << " ms)"; + else + out << " (" << timer.events() << " ops in " + << timer.seconds() << " s)"; + + return out; + } diff --git a/checks/timer.h b/checks/timer.h new file mode 100644 index 000000000..4bdc08154 --- /dev/null +++ b/checks/timer.h @@ -0,0 +1,50 @@ + +#ifndef BOTAN_BENCHMARK_TIMER_H__ +#define BOTAN_BENCHMARK_TIMER_H__ + +#include <botan/types.h> +#include <ostream> +#include <string> + +using Botan::u64bit; +using Botan::u32bit; + +class Timer + { + public: + static u64bit get_clock(); + + Timer(const std::string& name, u32bit event_mult = 1); + + void start(); + + void stop(); + + u64bit value() { stop(); return time_used; } + double seconds() { return milliseconds() / 1000.0; } + double milliseconds() { return value() / 1000000.0; } + + double ms_per_event() { return milliseconds() / events(); } + double seconds_per_event() { return seconds() / events(); } + + u32bit events() const { return event_count * event_mult; } + std::string get_name() const { return name; } + private: + std::string name; + u64bit time_used, timer_start; + u32bit event_count, event_mult; + }; + +inline bool operator<(const Timer& x, const Timer& y) + { + return (x.get_name() < y.get_name()); + } + +inline bool operator==(const Timer& x, const Timer& y) + { + return (x.get_name() == y.get_name()); + } + +std::ostream& operator<<(std::ostream&, Timer&); + +#endif diff --git a/checks/validate.cpp b/checks/validate.cpp index 5c3aca6d5..8fb225137 100644 --- a/checks/validate.cpp +++ b/checks/validate.cpp @@ -144,9 +144,18 @@ u32bit do_validation_tests(const std::string& filename, } counter++; - bool failed = failed_test(algorithm, substr, - is_extension, should_pass, - section, last_missing, rng); + bool failed = true; // until proven otherwise + + try + { + failed = failed_test(algorithm, substr, + is_extension, should_pass, + section, last_missing, rng); + } + catch(std::exception& e) + { + std::cout << "Exception: " << e.what() << "\n"; + } if(failed && should_pass) { diff --git a/doc/examples/dsa_kgen.cpp b/doc/examples/dsa_kgen.cpp index 2a66d90a3..258ad6cf6 100644 --- a/doc/examples/dsa_kgen.cpp +++ b/doc/examples/dsa_kgen.cpp @@ -47,7 +47,9 @@ int main(int argc, char* argv[]) std::auto_ptr<RandomNumberGenerator> rng( RandomNumberGenerator::make_rng()); - DSA_PrivateKey key(*rng, DL_Group("dsa/jce/1024")); + DL_Group group(*rng, DL_Group::DSA_Kosherizer, 2048, 256); + + DSA_PrivateKey key(*rng, group); pub << X509::PEM_encode(key); if(argc == 1) diff --git a/doc/examples/xor_ciph.cpp b/doc/examples/xor_ciph.cpp index b9e46d91c..496d23323 100644 --- a/doc/examples/xor_ciph.cpp +++ b/doc/examples/xor_ciph.cpp @@ -13,6 +13,8 @@ using namespace Botan; class XOR_Cipher : public StreamCipher { public: + void clear() throw() { mask.destroy(); mask_pos = 0; } + // what we want to call this cipher std::string name() const { return "XOR"; } @@ -51,12 +53,12 @@ void XOR_Cipher::key(const byte key[], u32bit length) #include <botan/look_add.h> #include <botan/lookup.h> #include <botan/filters.h> -#include <botan/config.h> +#include <botan/libstate.h> int main() { add_algorithm(new XOR_Cipher); // make it available to use - global_config().add_alias("Vernam", "XOR"); // make Vernam an alias for XOR + global_state().add_alias("Vernam", "XOR"); // make Vernam an alias for XOR // a hex key value SymmetricKey key("010203040506070809101112AAFF"); diff --git a/include/bit_ops.h b/include/bit_ops.h index 0b2e85db5..42b922620 100644 --- a/include/bit_ops.h +++ b/include/bit_ops.h @@ -11,84 +11,65 @@ namespace Botan { /************************************************* -* Word Rotation Functions * +* Return true iff arg is 2**n for some n > 0 * +* T should be an unsigned integer type * +* *************************************************/ -template<typename T> inline T rotate_left(T input, u32bit rot) +template<typename T> +inline bool power_of_2(T arg) { - return static_cast<T>((input << rot) | (input >> (8*sizeof(T)-rot)));; - } - -template<typename T> inline T rotate_right(T input, u32bit rot) - { - return static_cast<T>((input >> rot) | (input << (8*sizeof(T)-rot))); + return ((arg != 0 && arg != 1) && ((arg & (arg-1)) == 0)); } /************************************************* -* Byte Swapping Functions * +* Return the index of the highest set bit +* T is an unsigned integer type *************************************************/ -inline u16bit reverse_bytes(u16bit input) - { - return rotate_left(input, 8); - } - -inline u32bit reverse_bytes(u32bit input) +template<typename T> +inline u32bit high_bit(T n) { - input = ((input & 0xFF00FF00) >> 8) | ((input & 0x00FF00FF) << 8); - return rotate_left(input, 16); - } - -inline u64bit reverse_bytes(u64bit input) - { - u32bit hi = ((input >> 40) & 0x00FF00FF) | ((input >> 24) & 0xFF00FF00); - u32bit lo = ((input & 0xFF00FF00) >> 8) | ((input & 0x00FF00FF) << 8); - hi = (hi << 16) | (hi >> 16); - lo = (lo << 16) | (lo >> 16); - return (static_cast<u64bit>(lo) << 32) | hi; + for(u32bit i = 8*sizeof(T); i > 0; --i) + if((n >> (i - 1)) & 0x01) + return i; + return 0; } /************************************************* -* XOR Arrays * +* Return the index of the lowest set bit * *************************************************/ -inline void xor_buf(byte data[], const byte mask[], u32bit length) +template<typename T> +inline u32bit low_bit(T n) { - while(length >= 8) - { - data[0] ^= mask[0]; data[1] ^= mask[1]; - data[2] ^= mask[2]; data[3] ^= mask[3]; - data[4] ^= mask[4]; data[5] ^= mask[5]; - data[6] ^= mask[6]; data[7] ^= mask[7]; - data += 8; mask += 8; length -= 8; - } - for(u32bit j = 0; j != length; ++j) - data[j] ^= mask[j]; + for(u32bit i = 0; i != 8*sizeof(T); ++i) + if((n >> i) & 0x01) + return (i + 1); + return 0; } /************************************************* -* XOR Arrays * +* Return the number of significant bytes in n * *************************************************/ -inline void xor_buf(byte out[], const byte in[], - const byte mask[], u32bit length) +template<typename T> +inline u32bit significant_bytes(T n) { - while(length >= 8) - { - out[0] = in[0] ^ mask[0]; out[1] = in[1] ^ mask[1]; - out[2] = in[2] ^ mask[2]; out[3] = in[3] ^ mask[3]; - out[4] = in[4] ^ mask[4]; out[5] = in[5] ^ mask[5]; - out[6] = in[6] ^ mask[6]; out[7] = in[7] ^ mask[7]; - in += 8; out += 8; mask += 8; length -= 8; - } - for(u32bit j = 0; j != length; ++j) - out[j] = in[j] ^ mask[j]; + for(u32bit j = 0; j != sizeof(T); ++j) + if(get_byte(j, n)) + return sizeof(T)-j; + return 0; } /************************************************* -* Simple Bit Manipulation * +* Return the Hamming weight of n * *************************************************/ -bool power_of_2(u64bit); -u32bit high_bit(u64bit); -u32bit low_bit(u64bit); -u32bit significant_bytes(u64bit); -u32bit hamming_weight(u64bit); +template<typename T> +inline u32bit hamming_weight(T n) + { + u32bit weight = 0; + for(u32bit j = 0; j != 8*sizeof(T); ++j) + if((n >> j) & 0x01) + ++weight; + return weight; + } } diff --git a/include/bswap.h b/include/bswap.h new file mode 100644 index 000000000..e38d3c6fa --- /dev/null +++ b/include/bswap.h @@ -0,0 +1,39 @@ +/************************************************* +* Byte Swapping Operations Header File * +* (C) 1999-2008 Jack Lloyd * +*************************************************/ + +#ifndef BOTAN_BSWAP_H__ +#define BOTAN_BSWAP_H__ + +#include <botan/types.h> +#include <botan/rotate.h> + +namespace Botan { + +/************************************************* +* Byte Swapping Functions * +*************************************************/ +inline u16bit reverse_bytes(u16bit input) + { + return rotate_left(input, 8); + } + +inline u32bit reverse_bytes(u32bit input) + { + input = ((input & 0xFF00FF00) >> 8) | ((input & 0x00FF00FF) << 8); + return rotate_left(input, 16); + } + +inline u64bit reverse_bytes(u64bit input) + { + u32bit hi = ((input >> 40) & 0x00FF00FF) | ((input >> 24) & 0xFF00FF00); + u32bit lo = ((input & 0xFF00FF00) >> 8) | ((input & 0x00FF00FF) << 8); + hi = (hi << 16) | (hi >> 16); + lo = (lo << 16) | (lo >> 16); + return (static_cast<u64bit>(lo) << 32) | hi; + } + +} + +#endif diff --git a/include/dl_group.h b/include/dl_group.h index 74a11b5d5..37871f38d 100644 --- a/include/dl_group.h +++ b/include/dl_group.h @@ -21,7 +21,17 @@ class BOTAN_DLL DL_Group const BigInt& get_q() const; const BigInt& get_g() const; - enum Format { ANSI_X9_42, ANSI_X9_57, PKCS_3 }; + enum Format { + ANSI_X9_42, + ANSI_X9_57, + PKCS_3, + + DSA_PARAMETERS = ANSI_X9_57, + DH_PARAMETERS = ANSI_X9_42, + X942_DH_PARAMETERS = ANSI_X9_42, + PKCS3_DH_PARAMETERS = PKCS_3 + }; + enum PrimeType { Strong, Prime_Subgroup, DSA_Kosherizer }; bool verify_group(RandomNumberGenerator& rng, bool) const; @@ -38,8 +48,8 @@ class BOTAN_DLL DL_Group DL_Group(RandomNumberGenerator& rng, const MemoryRegion<byte>&, u32bit = 1024, u32bit = 0); - DL_Group(const BigInt&, const BigInt&); - DL_Group(const BigInt&, const BigInt&, const BigInt&); + DL_Group(const BigInt& p, const BigInt& g); + DL_Group(const BigInt& p, const BigInt& g, const BigInt& q); private: static BigInt make_dsa_generator(const BigInt&, const BigInt&); diff --git a/include/loadstor.h b/include/loadstor.h index 5b5746cdb..0bcafe411 100644 --- a/include/loadstor.h +++ b/include/loadstor.h @@ -8,11 +8,11 @@ #define BOTAN_LOAD_STORE_H__ #include <botan/types.h> +#include <botan/bswap.h> +#include <botan/rotate.h> #if BOTAN_TARGET_UNALIGNED_LOADSTOR_OK -#include <botan/bit_ops.h> - #if defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN) #define BOTAN_ENDIAN_N2B(x) (x) diff --git a/include/rotate.h b/include/rotate.h new file mode 100644 index 000000000..d90e207b5 --- /dev/null +++ b/include/rotate.h @@ -0,0 +1,28 @@ +/************************************************* +* Word Rotation Operations Header File * +* (C) 1999-2008 Jack Lloyd * +*************************************************/ + +#ifndef BOTAN_WORD_ROTATE_H__ +#define BOTAN_WORD_ROTATE_H__ + +#include <botan/types.h> + +namespace Botan { + +/************************************************* +* Word Rotation Functions * +*************************************************/ +template<typename T> inline T rotate_left(T input, u32bit rot) + { + return static_cast<T>((input << rot) | (input >> (8*sizeof(T)-rot)));; + } + +template<typename T> inline T rotate_right(T input, u32bit rot) + { + return static_cast<T>((input >> rot) | (input << (8*sizeof(T)-rot))); + } + +} + +#endif diff --git a/include/xor_buf.h b/include/xor_buf.h new file mode 100644 index 000000000..0a71aef3e --- /dev/null +++ b/include/xor_buf.h @@ -0,0 +1,65 @@ +/************************************************* +* Xor Operations Header File * +* (C) 1999-2008 Jack Lloyd * +*************************************************/ + +#ifndef BOTAN_XOR_BUF_H__ +#define BOTAN_XOR_BUF_H__ + +#include <botan/types.h> + +namespace Botan { + +/************************************************* +* XOR Arrays * +*************************************************/ +inline void xor_buf(byte out[], const byte in[], u32bit length) + { + while(length >= 8) + { +#if BOTAN_UNALIGNED_LOADSTOR_OK + *reinterpret_cast<u64bit*>(out) ^= *reinterpret_cast<const u64bit*>(in); +#else + out[0] ^= in[0]; out[1] ^= in[1]; + out[2] ^= in[2]; out[3] ^= in[3]; + out[4] ^= in[4]; out[5] ^= in[5]; + out[6] ^= in[6]; out[7] ^= in[7]; +#endif + + out += 8; in += 8; length -= 8; + } + for(u32bit j = 0; j != length; ++j) + out[j] ^= in[j]; + } + +/************************************************* +* XOR Arrays * +*************************************************/ +inline void xor_buf(byte out[], + const byte in[], + const byte in2[], + u32bit length) + { + while(length >= 8) + { +#if BOTAN_UNALIGNED_LOADSTOR_OK + *reinterpret_cast<u64bit*>(out) = + *reinterpret_cast<const u64bit*>(in) ^ + *reinterpret_cast<const u64bit*>(in2); +#else + out[0] = in[0] ^ in2[0]; out[1] = in[1] ^ in2[1]; + out[2] = in[2] ^ in2[2]; out[3] = in[3] ^ in2[3]; + out[4] = in[4] ^ in2[4]; out[5] = in[5] ^ in2[5]; + out[6] = in[6] ^ in2[6]; out[7] = in[7] ^ in2[7]; +#endif + + in += 8; in2 += 8; out += 8; length -= 8; + } + + for(u32bit j = 0; j != length; ++j) + out[j] = in[j] ^ in2[j]; + } + +} + +#endif diff --git a/misc/config/cc/gcc b/misc/config/cc/gcc index 376817947..36c5158e2 100644 --- a/misc/config/cc/gcc +++ b/misc/config/cc/gcc @@ -9,7 +9,8 @@ add_lib_dir_option "-L" add_lib_option "-l" lang_flags "-D_REENTRANT -ansi -Wno-long-long" -warning_flags "-W -Wall" +#warning_flags "-W -Wall" +warning_flags "-Werror -Wall -Wextra -Wstrict-aliasing -Wstrict-overflow -Wcast-qual -Wmissing-declarations" lib_opt_flags "-O2 -finline-functions" check_opt_flags "-O2" diff --git a/modules/comp_bzip2/bzip2.cpp b/modules/comp_bzip2/bzip2.cpp index ae717b7fd..32e60c0d2 100644 --- a/modules/comp_bzip2/bzip2.cpp +++ b/modules/comp_bzip2/bzip2.cpp @@ -100,12 +100,12 @@ void Bzip_Compression::start_msg() *************************************************/ void Bzip_Compression::write(const byte input[], u32bit length) { - bz->stream.next_in = (char*)input; + bz->stream.next_in = reinterpret_cast<char*>(const_cast<byte*>(input)); bz->stream.avail_in = length; while(bz->stream.avail_in != 0) { - bz->stream.next_out = (char*)buffer.begin(); + bz->stream.next_out = reinterpret_cast<char*>(buffer.begin()); bz->stream.avail_out = buffer.size(); BZ2_bzCompress(&(bz->stream), BZ_RUN); send(buffer, buffer.size() - bz->stream.avail_out); @@ -123,7 +123,7 @@ void Bzip_Compression::end_msg() int rc = BZ_OK; while(rc != BZ_STREAM_END) { - bz->stream.next_out = (char*)buffer.begin(); + bz->stream.next_out = reinterpret_cast<char*>(buffer.begin()); bz->stream.avail_out = buffer.size(); rc = BZ2_bzCompress(&(bz->stream), BZ_FINISH); send(buffer, buffer.size() - bz->stream.avail_out); @@ -142,7 +142,7 @@ void Bzip_Compression::flush() int rc = BZ_OK; while(rc != BZ_RUN_OK) { - bz->stream.next_out = (char*)buffer.begin(); + bz->stream.next_out = reinterpret_cast<char*>(buffer.begin()); bz->stream.avail_out = buffer.size(); rc = BZ2_bzCompress(&(bz->stream), BZ_FLUSH); send(buffer, buffer.size() - bz->stream.avail_out); @@ -176,12 +176,12 @@ Bzip_Decompression::Bzip_Decompression(bool s) : void Bzip_Decompression::write(const byte input[], u32bit length) { if(length) no_writes = false; - bz->stream.next_in = (char*)input; + bz->stream.next_in = reinterpret_cast<char*>(const_cast<byte*>(input)); bz->stream.avail_in = length; while(bz->stream.avail_in != 0) { - bz->stream.next_out = (char*)buffer.begin(); + bz->stream.next_out = reinterpret_cast<char*>(buffer.begin()); bz->stream.avail_out = buffer.size(); int rc = BZ2_bzDecompress(&(bz->stream)); @@ -201,7 +201,7 @@ void Bzip_Decompression::write(const byte input[], u32bit length) { u32bit read_from_block = length - bz->stream.avail_in; start_msg(); - bz->stream.next_in = (char*)input + read_from_block; + bz->stream.next_in = reinterpret_cast<char*>(const_cast<byte*>(input)) + read_from_block; bz->stream.avail_in = length - read_from_block; input += read_from_block; length -= read_from_block; @@ -233,7 +233,7 @@ void Bzip_Decompression::end_msg() int rc = BZ_OK; while(rc != BZ_STREAM_END) { - bz->stream.next_out = (char*)buffer.begin(); + bz->stream.next_out = reinterpret_cast<char*>(buffer.begin()); bz->stream.avail_out = buffer.size(); rc = BZ2_bzDecompress(&(bz->stream)); if(rc != BZ_OK && rc != BZ_STREAM_END) diff --git a/modules/comp_zlib/zlib.cpp b/modules/comp_zlib/zlib.cpp index 1c2b31957..c8abd7909 100644 --- a/modules/comp_zlib/zlib.cpp +++ b/modules/comp_zlib/zlib.cpp @@ -99,12 +99,12 @@ void Zlib_Compression::start_msg() *************************************************/ void Zlib_Compression::write(const byte input[], u32bit length) { - zlib->stream.next_in = (Bytef*)input; + zlib->stream.next_in = static_cast<Bytef*>(const_cast<byte*>(input)); zlib->stream.avail_in = length; while(zlib->stream.avail_in != 0) { - zlib->stream.next_out = (Bytef*)buffer.begin(); + zlib->stream.next_out = static_cast<Bytef*>(buffer.begin()); zlib->stream.avail_out = buffer.size(); deflate(&(zlib->stream), Z_NO_FLUSH); send(buffer.begin(), buffer.size() - zlib->stream.avail_out); @@ -122,7 +122,7 @@ void Zlib_Compression::end_msg() int rc = Z_OK; while(rc != Z_STREAM_END) { - zlib->stream.next_out = (Bytef*)buffer.begin(); + zlib->stream.next_out = reinterpret_cast<Bytef*>(buffer.begin()); zlib->stream.avail_out = buffer.size(); rc = deflate(&(zlib->stream), Z_FINISH); send(buffer.begin(), buffer.size() - zlib->stream.avail_out); diff --git a/modules/mp_amd64/bit_ops.h b/modules/mp_amd64/bit_ops.h deleted file mode 100644 index 1a829af96..000000000 --- a/modules/mp_amd64/bit_ops.h +++ /dev/null @@ -1,91 +0,0 @@ -/************************************************* -* Bit/Word Operations Header File * -* (C) 1999-2008 Jack Lloyd * -*************************************************/ - -#ifndef BOTAN_BIT_OPS_H__ -#define BOTAN_BIT_OPS_H__ - -#include <botan/types.h> - -namespace Botan { - -/************************************************* -* Word Rotation Functions * -*************************************************/ -template<typename T> inline T rotate_left(T input, u32bit rot) - { - return static_cast<T>((input << rot) | (input >> (8*sizeof(T)-rot)));; - } - -template<typename T> inline T rotate_right(T input, u32bit rot) - { - return static_cast<T>((input >> rot) | (input << (8*sizeof(T)-rot))); - } - -/************************************************* -* Byte Swapping Functions * -*************************************************/ -inline u16bit reverse_bytes(u16bit input) - { - return rotate_left(input, 8); - } - -inline u32bit reverse_bytes(u32bit input) - { - asm("bswapl %0" : "=r" (input) : "0" (input)); - return input; - } - -inline u64bit reverse_bytes(u64bit input) - { - asm("bswapq %0" : "=r" (input) : "0" (input)); - return input; - } - -/************************************************* -* XOR Arrays * -*************************************************/ -inline void xor_buf(byte out[], const byte in[], u32bit length) - { - while(length >= 8) - { - *reinterpret_cast<u64bit*>(out) ^= *reinterpret_cast<const u64bit*>(in); - in += 8; out += 8; length -= 8; - } - - for(u32bit j = 0; j != length; ++j) - out[j] ^= in[j]; - } - -/************************************************* -* XOR Arrays * -*************************************************/ -inline void xor_buf(byte out[], const byte in[], - const byte in2[], u32bit length) - { - while(length >= 8) - { - *reinterpret_cast<u64bit*>(out) = - *reinterpret_cast<const u64bit*>(in) ^ - *reinterpret_cast<const u64bit*>(in2); - - in += 8; in2 += 8; out += 8; length -= 8; - } - - for(u32bit j = 0; j != length; ++j) - out[j] = in[j] ^ in2[j]; - } - -/************************************************* -* Simple Bit Manipulation * -*************************************************/ -bool power_of_2(u64bit); -u32bit high_bit(u64bit); -u32bit low_bit(u64bit); -u32bit significant_bytes(u64bit); -u32bit hamming_weight(u64bit); - -} - -#endif diff --git a/modules/mp_amd64/bswap.h b/modules/mp_amd64/bswap.h new file mode 100644 index 000000000..3c77b460c --- /dev/null +++ b/modules/mp_amd64/bswap.h @@ -0,0 +1,36 @@ +/************************************************* +* Byte Swapping Operations Header File * +* (C) 1999-2008 Jack Lloyd * +*************************************************/ + +#ifndef BOTAN_BSWAP_H__ +#define BOTAN_BSWAP_H__ + +#include <botan/types.h> +#include <botan/rotate.h> + +namespace Botan { + +/************************************************* +* Byte Swapping Functions * +*************************************************/ +inline u16bit reverse_bytes(u16bit input) + { + return rotate_left(input, 8); + } + +inline u32bit reverse_bytes(u32bit input) + { + asm("bswapl %0" : "=r" (input) : "0" (input)); + return input; + } + +inline u64bit reverse_bytes(u64bit input) + { + asm("bswapq %0" : "=r" (input) : "0" (input)); + return input; + } + +} + +#endif diff --git a/modules/mp_amd64/modinfo.txt b/modules/mp_amd64/modinfo.txt index 4353ec71e..8e6b72d20 100644 --- a/modules/mp_amd64/modinfo.txt +++ b/modules/mp_amd64/modinfo.txt @@ -5,7 +5,7 @@ mp_bits 64 load_on asm_ok <replace> -bit_ops.h +bswap.h mp_asm.h mp_asmi.h </replace> diff --git a/src/aes.cpp b/src/aes.cpp index 18a3afbf1..24f1f6213 100644 --- a/src/aes.cpp +++ b/src/aes.cpp @@ -5,7 +5,6 @@ #include <botan/aes.h> #include <botan/loadstor.h> -#include <botan/bit_ops.h> namespace Botan { diff --git a/src/arc4.cpp b/src/arc4.cpp index f317239c0..238567cdc 100644 --- a/src/arc4.cpp +++ b/src/arc4.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/arc4.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <botan/parsing.h> namespace Botan { diff --git a/src/bit_ops.cpp b/src/bit_ops.cpp deleted file mode 100644 index 5fd14704e..000000000 --- a/src/bit_ops.cpp +++ /dev/null @@ -1,68 +0,0 @@ -/************************************************* -* Bit/Word Operations Source File * -* (C) 1999-2008 Jack Lloyd * -*************************************************/ - -#include <botan/bit_ops.h> -#include <botan/loadstor.h> - -namespace Botan { - -/************************************************* -* Return true iff arg is 2**n for some n > 0 * -*************************************************/ -bool power_of_2(u64bit arg) - { - if(arg == 0 || arg == 1) - return false; - if((arg & (arg-1)) == 0) - return true; - return false; - } - -/************************************************* -* Return the index of the highest set bit * -*************************************************/ -u32bit high_bit(u64bit n) - { - for(u32bit count = 64; count > 0; --count) - if((n >> (count - 1)) & 0x01) - return count; - return 0; - } - -/************************************************* -* Return the index of the lowest set bit * -*************************************************/ -u32bit low_bit(u64bit n) - { - for(u32bit count = 0; count != 64; ++count) - if((n >> count) & 0x01) - return (count + 1); - return 0; - } - -/************************************************* -* Return the number of significant bytes in n * -*************************************************/ -u32bit significant_bytes(u64bit n) - { - for(u32bit j = 0; j != 8; ++j) - if(get_byte(j, n)) - return 8-j; - return 0; - } - -/************************************************* -* Return the Hamming weight of n * -*************************************************/ -u32bit hamming_weight(u64bit n) - { - u32bit weight = 0; - for(u32bit j = 0; j != 64; ++j) - if((n >> j) & 0x01) - ++weight; - return weight; - } - -} diff --git a/src/buf_es.cpp b/src/buf_es.cpp index 9f7be3e9b..19f30e22c 100644 --- a/src/buf_es.cpp +++ b/src/buf_es.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/buf_es.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <botan/util.h> #include <algorithm> diff --git a/src/cbc.cpp b/src/cbc.cpp index 5561aa0e0..9ad598bed 100644 --- a/src/cbc.cpp +++ b/src/cbc.cpp @@ -5,7 +5,7 @@ #include <botan/cbc.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> namespace Botan { diff --git a/src/cbc_mac.cpp b/src/cbc_mac.cpp index 0f403b9b3..d5275b0ed 100644 --- a/src/cbc_mac.cpp +++ b/src/cbc_mac.cpp @@ -5,7 +5,7 @@ #include <botan/cbc_mac.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> namespace Botan { diff --git a/src/cfb.cpp b/src/cfb.cpp index 357dce6f7..dbfbff6ae 100644 --- a/src/cfb.cpp +++ b/src/cfb.cpp @@ -6,7 +6,7 @@ #include <botan/cfb.h> #include <botan/lookup.h> #include <botan/parsing.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> namespace Botan { diff --git a/src/cmac.cpp b/src/cmac.cpp index 5e0b56db5..210fa6768 100644 --- a/src/cmac.cpp +++ b/src/cmac.cpp @@ -5,7 +5,7 @@ #include <botan/cmac.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> namespace Botan { diff --git a/src/ctr.cpp b/src/ctr.cpp index e30d07d24..8b8c5f35f 100644 --- a/src/ctr.cpp +++ b/src/ctr.cpp @@ -5,7 +5,7 @@ #include <botan/ctr.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> namespace Botan { diff --git a/src/cts.cpp b/src/cts.cpp index 56ea8f06c..8af775713 100644 --- a/src/cts.cpp +++ b/src/cts.cpp @@ -5,7 +5,7 @@ #include <botan/cts.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> namespace Botan { diff --git a/src/des.cpp b/src/des.cpp index feb5df037..d09752854 100644 --- a/src/des.cpp +++ b/src/des.cpp @@ -5,7 +5,7 @@ #include <botan/des.h> #include <botan/loadstor.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> namespace Botan { diff --git a/src/dl_group.cpp b/src/dl_group.cpp index f1a7cb26e..b37bc238c 100644 --- a/src/dl_group.cpp +++ b/src/dl_group.cpp @@ -87,7 +87,7 @@ DL_Group::DL_Group(RandomNumberGenerator& rng, const MemoryRegion<byte>& seed, u32bit pbits, u32bit qbits) { if(!generate_dsa_primes(rng, p, q, pbits, qbits, seed)) - throw Invalid_Argument("DL_Group: The seed/counter given does not " + throw Invalid_Argument("DL_Group: The seed given does not " "generate a DSA group"); g = make_dsa_generator(p, q); diff --git a/src/dlies.cpp b/src/dlies.cpp index 22e606403..2a2f33925 100644 --- a/src/dlies.cpp +++ b/src/dlies.cpp @@ -6,7 +6,7 @@ #include <botan/dlies.h> #include <botan/lookup.h> #include <botan/look_pk.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <memory> namespace Botan { diff --git a/src/dsa_gen.cpp b/src/dsa_gen.cpp index d0b60f73c..baaba66ee 100644 --- a/src/dsa_gen.cpp +++ b/src/dsa_gen.cpp @@ -19,12 +19,15 @@ namespace { *************************************************/ bool fips186_3_valid_size(u32bit pbits, u32bit qbits) { - if(pbits == 1024 && qbits == 160) - return true; - if(pbits == 2048 && (qbits == 224 || qbits == 256)) - return true; - if(pbits == 3072 && qbits == 256) - return true; + if(qbits == 160) + return (pbits == 512 || pbits == 768 || pbits == 1024); + + if(qbits == 224) + return (pbits == 2048); + + if(qbits == 256) + return (pbits == 2048 || pbits == 3072); + return false; } diff --git a/src/eax.cpp b/src/eax.cpp index f244f0290..c5ae5e9fa 100644 --- a/src/eax.cpp +++ b/src/eax.cpp @@ -5,7 +5,7 @@ #include <botan/eax.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <botan/parsing.h> #include <algorithm> diff --git a/src/hmac.cpp b/src/hmac.cpp index 5604145f4..b8c76e8f6 100644 --- a/src/hmac.cpp +++ b/src/hmac.cpp @@ -6,7 +6,7 @@ #include <botan/hmac.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> namespace Botan { diff --git a/src/lion.cpp b/src/lion.cpp index 65b8560ae..009e98408 100644 --- a/src/lion.cpp +++ b/src/lion.cpp @@ -5,7 +5,7 @@ #include <botan/lion.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <botan/parsing.h> namespace Botan { diff --git a/src/lubyrack.cpp b/src/lubyrack.cpp index 66a7ba2bd..4a5408e1d 100644 --- a/src/lubyrack.cpp +++ b/src/lubyrack.cpp @@ -5,7 +5,7 @@ #include <botan/lubyrack.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> namespace Botan { diff --git a/src/md2.cpp b/src/md2.cpp index ff7d5436c..c609eda10 100644 --- a/src/md2.cpp +++ b/src/md2.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/md2.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> namespace Botan { diff --git a/src/mgf1.cpp b/src/mgf1.cpp index c6f30eee9..70f5a50a0 100644 --- a/src/mgf1.cpp +++ b/src/mgf1.cpp @@ -6,7 +6,7 @@ #include <botan/mgf1.h> #include <botan/lookup.h> #include <botan/loadstor.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> #include <memory> diff --git a/src/numthry.cpp b/src/numthry.cpp index 2b900e96c..9f05b6114 100644 --- a/src/numthry.cpp +++ b/src/numthry.cpp @@ -1,9 +1,10 @@ /************************************************* * Number Theory Source File * -* (C) 1999-2007 Jack Lloyd * +* (C) 1999-2008 Jack Lloyd * *************************************************/ #include <botan/numthry.h> +#include <botan/bit_ops.h> #include <algorithm> namespace Botan { @@ -73,12 +74,27 @@ u32bit miller_rabin_test_iterations(u32bit bits, bool verify) *************************************************/ u32bit low_zero_bits(const BigInt& n) { - if(n.is_zero()) return 0; + if(n.is_negative() || n.is_zero()) return 0; - u32bit bits = 0, max_bits = n.bits(); - while((n.get_bit(bits) == 0) && bits < max_bits) - ++bits; - return bits; + u32bit low_zero = 0; + + if(n.is_positive() && n.is_nonzero()) + { + for(u32bit i = 0; i != n.size(); ++i) + { + word x = n[i]; + + if(x) + { + low_zero += __builtin_ctzl(x); + break; + } + else + low_zero += BOTAN_MP_WORD_BITS; + } + } + + return low_zero; } /************************************************* diff --git a/src/ofb.cpp b/src/ofb.cpp index 568bd02fa..db254d329 100644 --- a/src/ofb.cpp +++ b/src/ofb.cpp @@ -5,7 +5,7 @@ #include <botan/ofb.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> namespace Botan { diff --git a/src/pkcs5.cpp b/src/pkcs5.cpp index 77d8c9200..8a6e7b5a8 100644 --- a/src/pkcs5.cpp +++ b/src/pkcs5.cpp @@ -6,7 +6,7 @@ #include <botan/pkcs5.h> #include <botan/lookup.h> #include <botan/loadstor.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <botan/hmac.h> #include <algorithm> #include <memory> diff --git a/src/policy.cpp b/src/policy.cpp index 5f94098c6..834ea8442 100644 --- a/src/policy.cpp +++ b/src/policy.cpp @@ -242,128 +242,201 @@ void set_default_config(Library_State& config) void set_default_dl_groups(Library_State& config) { config.set("dl", "modp/ietf/768", - "-----BEGIN X942 DH PARAMETERS-----" - "MIHIAmEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxObIlFK" - "CHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjo2IP//" - "////////AgECAmB//////////+SH7VEQtGEaYmMxRcBuDmiUgScERTPmOgEF31Md" - "ic2RKKUEPMcaAm73yozZ5p0hjZgVhTb5L4obp/Catrao4SLyQtq7MS8/Y3omIXTT" - "HRsQf/////////8=" - "-----END X942 DH PARAMETERS-----"); + "-----BEGIN X942 DH PARAMETERS-----" + "MIHIAmEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxObIlFK" + "CHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjo2IP//" + "////////AgECAmB//////////+SH7VEQtGEaYmMxRcBuDmiUgScERTPmOgEF31Md" + "ic2RKKUEPMcaAm73yozZ5p0hjZgVhTb5L4obp/Catrao4SLyQtq7MS8/Y3omIXTT" + "HRsQf/////////8=" + "-----END X942 DH PARAMETERS-----"); config.set("dl", "modp/ietf/1024", - "-----BEGIN X942 DH PARAMETERS-----" - "MIIBCgKBgQD//////////8kP2qIhaMI0xMZii4DcHNEpAk4IimfMdAILvqY7E5si" - "UUoIeY40BN3vlRmzzTpDGzArCm3yXxQ3T+E1bW1RwkXkhbV2Yl5+xvRMQummN+1r" - "C/9ctvQGt+3uOGv7Womfpa6fJBF8Sx/mSShmUezmU4H//////////wIBAgKBgH//" - "////////5IftURC0YRpiYzFFwG4OaJSBJwRFM+Y6AQXfUx2JzZEopQQ8xxoCbvfK" - "jNnmnSGNmBWFNvkvihun8Jq2tqjhIvJC2rsxLz9jeiYhdNMb9rWF/65begNb9vcc" - "Nf2tRM/S10+SCL4lj/MklDMo9nMpwP//////////" - "-----END X942 DH PARAMETERS-----"); + "-----BEGIN X942 DH PARAMETERS-----" + "MIIBCgKBgQD//////////8kP2qIhaMI0xMZii4DcHNEpAk4IimfMdAILvqY7E5si" + "UUoIeY40BN3vlRmzzTpDGzArCm3yXxQ3T+E1bW1RwkXkhbV2Yl5+xvRMQummN+1r" + "C/9ctvQGt+3uOGv7Womfpa6fJBF8Sx/mSShmUezmU4H//////////wIBAgKBgH//" + "////////5IftURC0YRpiYzFFwG4OaJSBJwRFM+Y6AQXfUx2JzZEopQQ8xxoCbvfK" + "jNnmnSGNmBWFNvkvihun8Jq2tqjhIvJC2rsxLz9jeiYhdNMb9rWF/65begNb9vcc" + "Nf2tRM/S10+SCL4lj/MklDMo9nMpwP//////////" + "-----END X942 DH PARAMETERS-----"); config.set("dl", "modp/ietf/1536", - "-----BEGIN X942 DH PARAMETERS-----" - "MIIBigKBwQD//////////8kP2qIhaMI0xMZii4DcHNEpAk4IimfMdAILvqY7E5si" - "UUoIeY40BN3vlRmzzTpDGzArCm3yXxQ3T+E1bW1RwkXkhbV2Yl5+xvRMQummN+1r" - "C/9ctvQGt+3uOGv7Womfpa6fJBF8Sx/mSShmUezkWz3CAHy4oWO/BZjaSDYcVdOa" - "aRY/qP0kz1+DZV0j3KOtlhxi81YghVK7ntUpB3CWlm1nDDVOSryYBPF0bAjKI3Mn" - "//////////8CAQICgcB//////////+SH7VEQtGEaYmMxRcBuDmiUgScERTPmOgEF" - "31Mdic2RKKUEPMcaAm73yozZ5p0hjZgVhTb5L4obp/Catrao4SLyQtq7MS8/Y3om" - "IXTTG/a1hf+uW3oDW/b3HDX9rUTP0tdPkgi+JY/zJJQzKPZyLZ7hAD5cULHfgsxt" - "JBsOKunNNIsf1H6SZ6/Bsq6R7lHWyw4xeasQQqldz2qUg7hLSzazhhqnJV5MAni6" - "NgRlEbmT//////////8=" - "-----END X942 DH PARAMETERS-----"); + "-----BEGIN X942 DH PARAMETERS-----" + "MIIBigKBwQD//////////8kP2qIhaMI0xMZii4DcHNEpAk4IimfMdAILvqY7E5si" + "UUoIeY40BN3vlRmzzTpDGzArCm3yXxQ3T+E1bW1RwkXkhbV2Yl5+xvRMQummN+1r" + "C/9ctvQGt+3uOGv7Womfpa6fJBF8Sx/mSShmUezkWz3CAHy4oWO/BZjaSDYcVdOa" + "aRY/qP0kz1+DZV0j3KOtlhxi81YghVK7ntUpB3CWlm1nDDVOSryYBPF0bAjKI3Mn" + "//////////8CAQICgcB//////////+SH7VEQtGEaYmMxRcBuDmiUgScERTPmOgEF" + "31Mdic2RKKUEPMcaAm73yozZ5p0hjZgVhTb5L4obp/Catrao4SLyQtq7MS8/Y3om" + "IXTTG/a1hf+uW3oDW/b3HDX9rUTP0tdPkgi+JY/zJJQzKPZyLZ7hAD5cULHfgsxt" + "JBsOKunNNIsf1H6SZ6/Bsq6R7lHWyw4xeasQQqldz2qUg7hLSzazhhqnJV5MAni6" + "NgRlEbmT//////////8=" + "-----END X942 DH PARAMETERS-----"); config.set("dl", "modp/ietf/2048", - "-----BEGIN X942 DH PARAMETERS-----" - "MIICDAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" - "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" - "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" - "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" - "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" - "5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAgKCAQB//////////+SH7VEQtGEa" - "YmMxRcBuDmiUgScERTPmOgEF31Mdic2RKKUEPMcaAm73yozZ5p0hjZgVhTb5L4ob" - "p/Catrao4SLyQtq7MS8/Y3omIXTTG/a1hf+uW3oDW/b3HDX9rUTP0tdPkgi+JY/z" - "JJQzKPZyLZ7hAD5cULHfgsxtJBsOKunNNIsf1H6SZ6/Bsq6R7lHWyw4xeasQQqld" - "z2qUg7hLSzazhhqnJV5MAni6NgRlDBC+GUgvIxcbZx3xzzuWDAdDAc2TwdF2A9FH" - "2uKu+DemKWTvFeX7SqwLjBzKpL51SrVyiukTDEx9AogKuUctRVZVNH//////////" - "-----END X942 DH PARAMETERS-----"); + "-----BEGIN X942 DH PARAMETERS-----" + "MIICDAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" + "5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAgKCAQB//////////+SH7VEQtGEa" + "YmMxRcBuDmiUgScERTPmOgEF31Mdic2RKKUEPMcaAm73yozZ5p0hjZgVhTb5L4ob" + "p/Catrao4SLyQtq7MS8/Y3omIXTTG/a1hf+uW3oDW/b3HDX9rUTP0tdPkgi+JY/z" + "JJQzKPZyLZ7hAD5cULHfgsxtJBsOKunNNIsf1H6SZ6/Bsq6R7lHWyw4xeasQQqld" + "z2qUg7hLSzazhhqnJV5MAni6NgRlDBC+GUgvIxcbZx3xzzuWDAdDAc2TwdF2A9FH" + "2uKu+DemKWTvFeX7SqwLjBzKpL51SrVyiukTDEx9AogKuUctRVZVNH//////////" + "-----END X942 DH PARAMETERS-----"); config.set("dl", "modp/ietf/3072", - "-----BEGIN X942 DH PARAMETERS-----" - "MIIDDAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" - "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" - "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" - "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" - "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" - "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" - "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" - "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS" - "yv//////////AgECAoIBgH//////////5IftURC0YRpiYzFFwG4OaJSBJwRFM+Y6" - "AQXfUx2JzZEopQQ8xxoCbvfKjNnmnSGNmBWFNvkvihun8Jq2tqjhIvJC2rsxLz9j" - "eiYhdNMb9rWF/65begNb9vccNf2tRM/S10+SCL4lj/MklDMo9nItnuEAPlxQsd+C" - "zG0kGw4q6c00ix/UfpJnr8GyrpHuUdbLDjF5qxBCqV3PapSDuEtLNrOGGqclXkwC" - "eLo2BGUMEL4ZSC8jFxtnHfHPO5YMB0MBzZPB0XYD0Ufa4q74N6YpZO8V5ftKrAuM" - "HMqkvnVKtXKK6RMMTH0CiAq5Ry1FVWIW1pmLhoIoPRnUKpDV745dMnZ9woIsbfeF" - "RXU4q66DBj7Zy4fC03DyY9X610ZthJnrj0ZKcCUSsM7ncekTDWl3NfiX/QNsxQQy" - "bDsBOZ9kNTIpD5WMC72QBl3wi6u9MK62O4TEYF1so3EEcSfQOnLVmKHtrf5wfohH" - "JcFokFSdaWV//////////w==" - "-----END X942 DH PARAMETERS-----"); + "-----BEGIN X942 DH PARAMETERS-----" + "MIIDDAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" + "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" + "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" + "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS" + "yv//////////AgECAoIBgH//////////5IftURC0YRpiYzFFwG4OaJSBJwRFM+Y6" + "AQXfUx2JzZEopQQ8xxoCbvfKjNnmnSGNmBWFNvkvihun8Jq2tqjhIvJC2rsxLz9j" + "eiYhdNMb9rWF/65begNb9vccNf2tRM/S10+SCL4lj/MklDMo9nItnuEAPlxQsd+C" + "zG0kGw4q6c00ix/UfpJnr8GyrpHuUdbLDjF5qxBCqV3PapSDuEtLNrOGGqclXkwC" + "eLo2BGUMEL4ZSC8jFxtnHfHPO5YMB0MBzZPB0XYD0Ufa4q74N6YpZO8V5ftKrAuM" + "HMqkvnVKtXKK6RMMTH0CiAq5Ry1FVWIW1pmLhoIoPRnUKpDV745dMnZ9woIsbfeF" + "RXU4q66DBj7Zy4fC03DyY9X610ZthJnrj0ZKcCUSsM7ncekTDWl3NfiX/QNsxQQy" + "bDsBOZ9kNTIpD5WMC72QBl3wi6u9MK62O4TEYF1so3EEcSfQOnLVmKHtrf5wfohH" + "JcFokFSdaWV//////////w==" + "-----END X942 DH PARAMETERS-----"); config.set("dl", "modp/ietf/4096", - "-----BEGIN X942 DH PARAMETERS-----" - "MIIEDAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" - "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" - "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" - "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" - "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" - "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" - "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" - "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI" - "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O" - "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI" - "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQICggIA" - "f//////////kh+1RELRhGmJjMUXAbg5olIEnBEUz5joBBd9THYnNkSilBDzHGgJu" - "98qM2eadIY2YFYU2+S+KG6fwmra2qOEi8kLauzEvP2N6JiF00xv2tYX/rlt6A1v2" - "9xw1/a1Ez9LXT5IIviWP8ySUMyj2ci2e4QA+XFCx34LMbSQbDirpzTSLH9R+kmev" - "wbKuke5R1ssOMXmrEEKpXc9qlIO4S0s2s4YapyVeTAJ4ujYEZQwQvhlILyMXG2cd" - "8c87lgwHQwHNk8HRdgPRR9rirvg3pilk7xXl+0qsC4wcyqS+dUq1corpEwxMfQKI" - "CrlHLUVVYhbWmYuGgig9GdQqkNXvjl0ydn3Cgixt94VFdTirroMGPtnLh8LTcPJj" - "1frXRm2EmeuPRkpwJRKwzudx6RMNaXc1+Jf9A2zFBDJsOwE5n2Q1MikPlYwLvZAG" - "XfCLq70wrrY7hMRgXWyjcQRxJ9A6ctWYoe2t/nB+iEclwWiQVJCEAI05HglTw/Nr" - "xDjNCF7dLZNM4ZOMNXpxHg1KNBpbCoXtEsH05RVqJnRt3eFtgm9HfJdHfgoP32VT" - "FD4so6c14C7M2Usn0Ehh0RGd0MMorfP2j7CUuGdxa9fcDe67ELgkDmgDSJPq2C1U" - "ydp1TEbH7uDDf9vuSFNgR6b6GuSaAxjM//////////8=" - "-----END X942 DH PARAMETERS-----"); + "-----BEGIN X942 DH PARAMETERS-----" + "MIIEDAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" + "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" + "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" + "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI" + "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O" + "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI" + "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQICggIA" + "f//////////kh+1RELRhGmJjMUXAbg5olIEnBEUz5joBBd9THYnNkSilBDzHGgJu" + "98qM2eadIY2YFYU2+S+KG6fwmra2qOEi8kLauzEvP2N6JiF00xv2tYX/rlt6A1v2" + "9xw1/a1Ez9LXT5IIviWP8ySUMyj2ci2e4QA+XFCx34LMbSQbDirpzTSLH9R+kmev" + "wbKuke5R1ssOMXmrEEKpXc9qlIO4S0s2s4YapyVeTAJ4ujYEZQwQvhlILyMXG2cd" + "8c87lgwHQwHNk8HRdgPRR9rirvg3pilk7xXl+0qsC4wcyqS+dUq1corpEwxMfQKI" + "CrlHLUVVYhbWmYuGgig9GdQqkNXvjl0ydn3Cgixt94VFdTirroMGPtnLh8LTcPJj" + "1frXRm2EmeuPRkpwJRKwzudx6RMNaXc1+Jf9A2zFBDJsOwE5n2Q1MikPlYwLvZAG" + "XfCLq70wrrY7hMRgXWyjcQRxJ9A6ctWYoe2t/nB+iEclwWiQVJCEAI05HglTw/Nr" + "xDjNCF7dLZNM4ZOMNXpxHg1KNBpbCoXtEsH05RVqJnRt3eFtgm9HfJdHfgoP32VT" + "FD4so6c14C7M2Usn0Ehh0RGd0MMorfP2j7CUuGdxa9fcDe67ELgkDmgDSJPq2C1U" + "ydp1TEbH7uDDf9vuSFNgR6b6GuSaAxjM//////////8=" + "-----END X942 DH PARAMETERS-----"); + + config.set("dl", "modp/ietf/6144", + "-----BEGIN X942 DH PARAMETERS-----" + "MIIGDAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" + "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" + "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" + "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI" + "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O" + "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI" + "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG" + "3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU" + "7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId" + "A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha" + "xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/" + "8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA" + "JP//////////AoIDAH//////////5IftURC0YRpiYzFFwG4OaJSBJwRFM+Y6AQXf" + "Ux2JzZEopQQ8xxoCbvfKjNnmnSGNmBWFNvkvihun8Jq2tqjhIvJC2rsxLz9jeiYh" + "dNMb9rWF/65begNb9vccNf2tRM/S10+SCL4lj/MklDMo9nItnuEAPlxQsd+CzG0k" + "Gw4q6c00ix/UfpJnr8GyrpHuUdbLDjF5qxBCqV3PapSDuEtLNrOGGqclXkwCeLo2" + "BGUMEL4ZSC8jFxtnHfHPO5YMB0MBzZPB0XYD0Ufa4q74N6YpZO8V5ftKrAuMHMqk" + "vnVKtXKK6RMMTH0CiAq5Ry1FVWIW1pmLhoIoPRnUKpDV745dMnZ9woIsbfeFRXU4" + "q66DBj7Zy4fC03DyY9X610ZthJnrj0ZKcCUSsM7ncekTDWl3NfiX/QNsxQQybDsB" + "OZ9kNTIpD5WMC72QBl3wi6u9MK62O4TEYF1so3EEcSfQOnLVmKHtrf5wfohHJcFo" + "kFSQhACNOR4JU8Pza8Q4zQhe3S2TTOGTjDV6cR4NSjQaWwqF7RLB9OUVaiZ0bd3h" + "bYJvR3yXR34KD99lUxQ+LKOnNeAuzNlLJ9BIYdERndDDKK3z9o+wlLhncWvX3A3u" + "uxC4JA5oA0iT6tgtVMnadUxGx+7gw3/b7khTYEem+hrkmgFCSRth/VppPjgTYOpu" + "WTATI29kuo87Ht0b3vx/ygNWzymHcu2cF6CYANdYNSn2yBPsGIvLk9hDLUSMbR9t" + "9efNinaiZzZdZ2pdje2/iiPzZhKlmZAoqJXr16E33HoAm8ZpX6zB5QDjJcl2eBl1" + "Cui5DoH6QWvnNzp/e2qvOBejTAZBWtQgGMgFjk8s8+S/32P0eZHUvT8bZkRfB46i" + "2/+sLWKl6gPZFaCqVWZHtr9fpHDsCmYvaQfAG/BTy4r3eU3xlANQ6sXb4u07eqhV" + "HsUP3/h1jOZY0Ynqrm0rZPYXeUsZHD/0a7ceAjQCH0ezH6Qwdwlflq2Fujprc0p8" + "jzbmIBJ//////////wIBAg==" + "-----END X942 DH PARAMETERS-----"); config.set("dl", "dsa/jce/512", - "-----BEGIN DSA PARAMETERS-----" - "MIGdAkEA/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B81uRpH5t9jQT" - "xeEu0ImbzRMqzVDZkVG9xD7nN1kuFwIVAJYu3cw2nLqOuyYO5rahJtk0bjjFAkEA" - "3gtU76vylwh+5iPVylWIxkgo70/eT/uuHs0gBndrBbEbgeo83pvDlkwWh8UyW/Q9" - "fM76DQqGvl3/3dDRFD3NdQ==" - "-----END DSA PARAMETERS-----"); + "-----BEGIN DSA PARAMETERS-----" + "MIGdAkEA/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B81uRpH5t9jQT" + "xeEu0ImbzRMqzVDZkVG9xD7nN1kuFwIVAJYu3cw2nLqOuyYO5rahJtk0bjjFAkEA" + "3gtU76vylwh+5iPVylWIxkgo70/eT/uuHs0gBndrBbEbgeo83pvDlkwWh8UyW/Q9" + "fM76DQqGvl3/3dDRFD3NdQ==" + "-----END DSA PARAMETERS-----"); config.set("dl", "dsa/jce/768", - "-----BEGIN DSA PARAMETERS-----" - "MIHdAmEA6eZCWZ01XzfJf/01ZxILjiXJzUPpJ7OpZw++xdiQFBki0sOzrSSACTeZ" - "hp0ehGqrSfqwrSbSzmoiIZ1HC859d31KIfvpwnC1f2BwAvPO+Dk2lM9F7jaIwRqM" - "VqsSej2vAhUAnNvYTJ8awvOND4D0KrlS5zOL9RECYQDe7p717RUWzn5pXmcrjO5F" - "5s17NuDmOF+JS6hhY/bz5sbU6KgRRtQBfe/dccvZD6Akdlm4i3zByJT0gmn9Txqs" - "CjBTjf9rP8ds+xMcnnlltYhYqwpDtVczWRKoqlR/lWg=" - "-----END DSA PARAMETERS-----"); + "-----BEGIN DSA PARAMETERS-----" + "MIHdAmEA6eZCWZ01XzfJf/01ZxILjiXJzUPpJ7OpZw++xdiQFBki0sOzrSSACTeZ" + "hp0ehGqrSfqwrSbSzmoiIZ1HC859d31KIfvpwnC1f2BwAvPO+Dk2lM9F7jaIwRqM" + "VqsSej2vAhUAnNvYTJ8awvOND4D0KrlS5zOL9RECYQDe7p717RUWzn5pXmcrjO5F" + "5s17NuDmOF+JS6hhY/bz5sbU6KgRRtQBfe/dccvZD6Akdlm4i3zByJT0gmn9Txqs" + "CjBTjf9rP8ds+xMcnnlltYhYqwpDtVczWRKoqlR/lWg=" + "-----END DSA PARAMETERS-----"); config.set("dl", "dsa/jce/1024", - "-----BEGIN DSA PARAMETERS-----" - "MIIBHgKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9" - "jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX" - "58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8V" - "IwvMspK5gqLrhAvwWBz1AoGARpYDUS4wJ4zTlHWV2yLuyYJqYyKtyXNE9B10DDJX" - "JMj577qn1NgD/4xgnc0QDrxb38+tfGpCX66nhuogUOvpg1HqH9of3yTWlHqmuaoj" - "dmlTgC9NfUqOy6BtGXaKJJH/sW0O+cQ6mbX3FnL/bwoktETQc20E04oaEyLa9s3Y" - "jJ0=" - "-----END DSA PARAMETERS-----"); + "-----BEGIN DSA PARAMETERS-----" + "MIIBHgKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9" + "jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX" + "58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8V" + "IwvMspK5gqLrhAvwWBz1AoGARpYDUS4wJ4zTlHWV2yLuyYJqYyKtyXNE9B10DDJX" + "JMj577qn1NgD/4xgnc0QDrxb38+tfGpCX66nhuogUOvpg1HqH9of3yTWlHqmuaoj" + "dmlTgC9NfUqOy6BtGXaKJJH/sW0O+cQ6mbX3FnL/bwoktETQc20E04oaEyLa9s3Y" + "jJ0=" + "-----END DSA PARAMETERS-----"); + + config.set("dl", "dsa/botan/2048", + "-----BEGIN DSA PARAMETERS-----" + "MIICLAKCAQEAkcSKT9+898Aq6V59oSYSK13Shk9Vm4fo50oobVL1m9HeaN/WRdDg" + "DGDAgAMYkZgDdO61lKUyv9Z7mgnqxLhmOgeRDmjzlGX7cEDSXfE5MuusQ0elMOy6" + "YchU+biA08DDZgCAWHxFVm2t4mvVo5S+CTtMDyS1r/747GxbPlf7iQJam8FnaZMh" + "MeFtPJTvyrGNDfBhIDzFPmEDvHLVWUv9QMplOA9EqahR3LB1SV/AM6ilgHGhvXj+" + "BS9mVVZI60txnSr+i0iA+NrW8VgYuhePiSdMhwvpuW6wjEbEAEDMLv4d+xsYaN0x" + "nePDSjKmOrbrEiQgmkGWgMx5AtFyjU354QIhAIzX1FD4bwrZTu5M5GmodW0evRBY" + "JBlD6v+ws1RYXpJNAoIBAA2fXgdhtNvRgz1qsalhoJlsXyIwP3LYTBQPZ8Qx2Uq1" + "cVvqgaDJjTnOS8941rnryJXTT+idlAkdWEhhXvFfXobxHZb2yWniA936WDVkIKSc" + "tES1lbkBqTPP4HZ7WU8YoHt/kd7NukRriJkPePL/kfL+fNQ/0uRtGOraH3u2YCxh" + "f27zpLKE8v2boQo2BC3o+oeiyjZZf+yBFXoUheRAQd8CgwERy4gLvm7UlIFIhvll" + "zcMTX1zPE4Nyi/ZbgG+WksCxDWxMCcdabKO0ATyxarLBBfa+I66pAA6rIXiYX5cs" + "mAV+HIbkTnIYaI6krg82NtzKdFydzU5q/7Z8y8E9YTE=" + "-----END DSA PARAMETERS-----"); + + config.set("dl", "dsa/botan/3072", + "-----BEGIN DSA PARAMETERS-----" + "MIIDLAKCAYEA5LUIgHWWY1heFCRgyi2d/xMviuTIQN2jomZoiRJP5WOLhOiim3rz" + "+hIJvmv8S1By7Tsrc4e68/hX9HioAijvNgC3az3Pth0g00RlslBtLK+H3259wM6R" + "vS0Wekb2rcwxxTHk+cervbkq3fNbCoBsZikqX14X6WTdCZkDczrEKKs12A6m9oW/" + "uovkBo5UGK5eytno/wc94rY+Tn6tNciptwtb1Hz7iNNztm83kxk5sKtxvVWVgJCG" + "2gFVM30YWg5Ps2pRmxtiArhZHmACRJzxzTpmOE9tIHOxzXO+ypO68eGmEX0COPIi" + "rh7X/tGFqJDn9n+rj+uXU8wTSlGD3+h64llfe1wtn7tCJJ/dWVE+HTOWs+sv2GaE" + "8oWoRI/nV6ApiBxAdguU75Gb35dAw4OJWZ7FGm6btRmo4GhJHpzgovz+PLYNZs8N" + "+tIKjsaEBIaEphREV1vRck1zUrRKdgB3s71r04XOWwpyUMwL92jagpI4Buuc+7E4" + "hDcxthggjHWbAiEAs+vTZOxp74zzuvZDt1c0sWM5suSeXN4bWcHp+0DuDFsCggGA" + "K+0h7vg5ZKIwrom7px2ffDnFL8gim047x+WUTTKdoQ8BDqyee69sAJ/E6ylgcj4r" + "Vt9GY+TDrIAOkljeL3ZJ0gZ4KJP4Ze/KSY0u7zAHTqXop6smJxKk2UovOwuaku5A" + "D7OKPMWaXcfkNtXABLIuNQKDgbUck0B+sy1K4P1Cy0XhLQ7O6KJiOO3iCCp7FSIR" + "PGbO+NdFxs88uUX4TS9N4W1Epx3hmCcOE/A1U8iLjTI60LlIob8hA6lJl5tu0W+1" + "88lT2Vt8jojKZ9z1pjb7nKOdkkIV96iE7Wx+48ltjZcVQnl0t8Q1EoLhPTdz99KL" + "RS8QiSoTx1hzKN6kgntrNpsqjcFyrcWD9R8qZZjFSD5bxGewL5HQWcQC0Y4sJoD3" + "dqoG9JKAoscsF8xC1bbnQMXEsas8UcLtCSviotiwU65Xc9FCXtKwjwbi3VBZLfGk" + "eMFVkc39EVZP+I/zi3IdQjkv2kcyEtz9jS2IqXagCv/m//tDCjWeZMorNRyiQSOU" + "-----END DSA PARAMETERS-----"); } - } /************************************************* diff --git a/src/randpool.cpp b/src/randpool.cpp index 24086c984..69ef3b9e7 100644 --- a/src/randpool.cpp +++ b/src/randpool.cpp @@ -6,7 +6,7 @@ #include <botan/randpool.h> #include <botan/lookup.h> #include <botan/loadstor.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <botan/util.h> #include <botan/stl_util.h> #include <algorithm> diff --git a/src/rsa.cpp b/src/rsa.cpp index 7f2e15892..8faec9972 100644 --- a/src/rsa.cpp +++ b/src/rsa.cpp @@ -55,7 +55,7 @@ SecureVector<byte> RSA_PublicKey::verify(const byte in[], u32bit len) const RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng, u32bit bits, u32bit exp) { - if(bits < 1024) + if(bits < 512) throw Invalid_Argument(algo_name() + ": Can't make a key that is only " + to_string(bits) + " bits long"); if(exp < 3 || exp % 2 == 0) diff --git a/src/rw.cpp b/src/rw.cpp index 4cbed6097..39cbcdd6e 100644 --- a/src/rw.cpp +++ b/src/rw.cpp @@ -55,7 +55,7 @@ SecureVector<byte> RW_PublicKey::verify(const byte in[], u32bit len) const RW_PrivateKey::RW_PrivateKey(RandomNumberGenerator& rng, u32bit bits, u32bit exp) { - if(bits < 1024) + if(bits < 512) throw Invalid_Argument(algo_name() + ": Can't make a key that is only " + to_string(bits) + " bits long"); if(exp < 2 || exp % 2 == 1) diff --git a/src/safer_sk.cpp b/src/safer_sk.cpp index c861cfdda..639130714 100644 --- a/src/safer_sk.cpp +++ b/src/safer_sk.cpp @@ -6,6 +6,7 @@ #include <botan/safer_sk.h> #include <botan/bit_ops.h> #include <botan/parsing.h> +#include <botan/rotate.h> namespace Botan { diff --git a/src/symkey.cpp b/src/symkey.cpp index f07421bef..7cc1bce64 100644 --- a/src/symkey.cpp +++ b/src/symkey.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/symkey.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <botan/rng.h> #include <botan/pipe.h> #include <botan/hex.h> diff --git a/src/turing.cpp b/src/turing.cpp index 53881d9a5..017b5cf1d 100644 --- a/src/turing.cpp +++ b/src/turing.cpp @@ -5,7 +5,7 @@ #include <botan/turing.h> #include <botan/loadstor.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> namespace Botan { diff --git a/src/util.cpp b/src/util.cpp index e340ee7f4..dea0778a1 100644 --- a/src/util.cpp +++ b/src/util.cpp @@ -6,7 +6,6 @@ #include <botan/util.h> #include <botan/bit_ops.h> #include <algorithm> -#include <cmath> namespace Botan { @@ -29,23 +28,26 @@ u32bit round_down(u32bit n, u32bit align_to) } /************************************************* -* Return the work required for solving DL * +* Choose the exponent size for a DL group *************************************************/ -u32bit dl_work_factor(u32bit n_bits) +u32bit dl_work_factor(u32bit bits) { - const u32bit MIN_ESTIMATE = 64; - - if(n_bits < 32) - return 0; - - const double log_x = n_bits / 1.44; - - const double strength = - 2.76 * std::pow(log_x, 1.0/3.0) * std::pow(std::log(log_x), 2.0/3.0); - - if(strength > MIN_ESTIMATE) - return static_cast<u32bit>(strength); - return MIN_ESTIMATE; + /* + These values were taken from RFC 3526 + */ + if(bits <= 1536) + return 90; + else if(bits <= 2048) + return 110; + else if(bits <= 3072) + return 130; + else if(bits <= 4096) + return 150; + else if(bits <= 6144) + return 170; + else if(bits <= 8192) + return 190; + return 256; } /************************************************* diff --git a/src/wid_wake.cpp b/src/wid_wake.cpp index 7e69cf457..d7ebdece0 100644 --- a/src/wid_wake.cpp +++ b/src/wid_wake.cpp @@ -5,7 +5,7 @@ #include <botan/wid_wake.h> #include <botan/loadstor.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> namespace Botan { diff --git a/src/x919_mac.cpp b/src/x919_mac.cpp index b9c6fd2c5..92ec7b7b8 100644 --- a/src/x919_mac.cpp +++ b/src/x919_mac.cpp @@ -5,7 +5,7 @@ #include <botan/x919_mac.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> namespace Botan { diff --git a/src/x931_rng.cpp b/src/x931_rng.cpp index 8f454dcb8..f4b0f71a9 100644 --- a/src/x931_rng.cpp +++ b/src/x931_rng.cpp @@ -5,7 +5,7 @@ #include <botan/x931_rng.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/xor_buf.h> #include <algorithm> namespace Botan { |