diff options
208 files changed, 1788 insertions, 2110 deletions
diff --git a/.mtn-ignore b/.mtn-ignore index 844c48f8a..79bc2183c 100644 --- a/.mtn-ignore +++ b/.mtn-ignore @@ -1,13 +1,14 @@ -^check$ ^Makefile$ ^botan-config$ ^build$ +^build/build\.h$ ^build/checks$ +^build/checks/.*\.o$ ^build/include$ ^build/include/botan$ +^build/include/botan/.*\.h$ ^build/lib$ ^build/lib/.*\.o$ -^build/checks/.*\.o$ -^build/include/botan/.*\.h$ -^build/build\.h$ +^check$ +^doc/examples/.*\.pem$ ^misc/nist_tests/x509test$ diff --git a/checks/algos.cpp b/checks/algos.cpp index be9e2e358..f9d8dc0aa 100644 --- a/checks/algos.cpp +++ b/checks/algos.cpp @@ -84,5 +84,8 @@ std::vector<algorithm> get_algos() algos.push_back(algorithm("RNG", "Randpool")); algos.push_back(algorithm("RNG", "X9.31-RNG")); + algos.push_back(algorithm("Codec", "Base64_Encode")); + algos.push_back(algorithm("Codec", "Base64_Decode")); + return algos; } diff --git a/checks/bench.cpp b/checks/bench.cpp index b8d1cbd23..089b229f2 100644 --- a/checks/bench.cpp +++ b/checks/bench.cpp @@ -35,7 +35,7 @@ double bench_filter(std::string name, Botan::Filter* filter, u32bit iterations = 0; u64bit start = get_clock(), clocks_used = 0; - u64bit go_up_to = (u64bit)(seconds * get_ticks()); + u64bit go_up_to = static_cast<u64bit>(seconds * get_ticks()); while(clocks_used < go_up_to) { @@ -44,8 +44,8 @@ double bench_filter(std::string name, Botan::Filter* filter, clocks_used = get_clock() - start; } - double bytes_per_sec = ((double)iterations * BUFFERSIZE) / - ((double)clocks_used / get_ticks()); + double bytes_per_sec = (static_cast<double>(iterations) * BUFFERSIZE) / + (static_cast<double>(clocks_used) / get_ticks()); double mbytes_per_sec = bytes_per_sec / (1024.0 * 1024.0); std::cout.setf(std::ios::fixed, std::ios::floatfield); @@ -121,7 +121,7 @@ void benchmark(const std::string& what, bool html, double seconds) if(html) std::cout << "</TABLE>\n\n"; - double average = std::exp(sum / (double)how_many); + double average = std::exp(sum / static_cast<double>(how_many)); if(what == "All" && html) std::cout << "\n<P>Overall speed average: " << average diff --git a/checks/check.cpp b/checks/check.cpp index a6074b685..f31c9d204 100644 --- a/checks/check.cpp +++ b/checks/check.cpp @@ -47,7 +47,7 @@ int main(int argc, char* argv[]) << " --validate: Check test vectors\n" << " --benchmark: Benchmark everything\n" << " --bench-type={block,mode,stream,hash,mac,rng,pk}:\n" - << " Benchmark only algorithms of a particular type\n" + << " Benchmark only algorithms of a particular type\n" << " --html: Produce HTML output for benchmarks\n" << " --seconds=n: Benchmark for n seconds\n" << " --init=<str>: Pass <str> to the library\n" @@ -63,7 +63,7 @@ int main(int argc, char* argv[]) if(opts.is_set("seconds")) { seconds = std::atof(opts.value("seconds").c_str()); - if((seconds < 0.1 || seconds > 30) && seconds != 0) + if(seconds && (seconds < 0.1 || seconds > (5 * 60))) { std::cout << "Invalid argument to --seconds\n"; return 2; diff --git a/checks/dolook2.cpp b/checks/dolook2.cpp index 53e71dc26..b6c9ba339 100644 --- a/checks/dolook2.cpp +++ b/checks/dolook2.cpp @@ -19,7 +19,7 @@ class S2K_Filter : public Filter { public: void write(const byte in[], u32bit len) - { passphrase += std::string((const char*)in, len); } + { passphrase += std::string(reinterpret_cast<const char*>(in), len); } void end_msg() { s2k->change_salt(salt, salt.size()); diff --git a/checks/keys/rsa1024.key b/checks/keys/rsa1024.pem index 6ab9326ca..6ab9326ca 100644 --- a/checks/keys/rsa1024.key +++ b/checks/keys/rsa1024.pem diff --git a/checks/keys/rsa1536.key b/checks/keys/rsa1536.pem index 4475a3d9d..4475a3d9d 100644 --- a/checks/keys/rsa1536.key +++ b/checks/keys/rsa1536.pem diff --git a/checks/keys/rsa2048.key b/checks/keys/rsa2048.pem index 6c23215ee..6c23215ee 100644 --- a/checks/keys/rsa2048.key +++ b/checks/keys/rsa2048.pem diff --git a/checks/keys/rsa3072.key b/checks/keys/rsa3072.pem index 1101062bc..1101062bc 100644 --- a/checks/keys/rsa3072.key +++ b/checks/keys/rsa3072.pem diff --git a/checks/keys/rsa4096.key b/checks/keys/rsa4096.pem index ec6855e01..ec6855e01 100644 --- a/checks/keys/rsa4096.key +++ b/checks/keys/rsa4096.pem diff --git a/checks/keys/rsa512.key b/checks/keys/rsa512.pem index e359f492c..e359f492c 100644 --- a/checks/keys/rsa512.key +++ b/checks/keys/rsa512.pem diff --git a/checks/keys/rw1024.key b/checks/keys/rw1024.key deleted file mode 100644 index b17e34343..000000000 --- a/checks/keys/rw1024.key +++ /dev/null @@ -1,3 +0,0 @@ -2 -E39815FB87BACBCCF779BC66EA0AE9784FC95E0DA094E9BEDE99FB45F73E20783038AE0488539A2CE982B4F180FC71858F2E5759E61E2C5A5FAFA435BA3A62A3 -CDC7D5FE3805572EA3FF554C086C7DD4020A3CE48DF5A09A5CEB75E6AABCD338F800F362448E87CE7E1A55331ADF2BBF3A22B3E6134035FDA52D9578FD3F72F7 diff --git a/checks/keys/rw1024.pem b/checks/keys/rw1024.pem new file mode 100644 index 000000000..8272014bf --- /dev/null +++ b/checks/keys/rw1024.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICdQIBADAOBgorBgEEAYHFKgEBBQAEggJeMIICWgIBAAKBgQC28nMTDzUzMD+c +YqWG1FoW3FDMJxyr2RLMufrpAr2pKkBDHuzHBzzcFV2T8/0zuFFDlD5A3waqXV0E +3uYXGpv4AiiXPiIs75cQIkEsKfcaKR+TkkTIhfiZ1nvFcrDuwBKvaQzt24326xRI +DdOi8L2+vJQSQSjsAdG4SgAGC17BRQIBAgKBgANEVFcyjqoOk2vvedAfOHdD7yg3 +jjntBOg6LZ+W5/VOeAEy1oON1/Gk8/Ttf/M1k7yipa7faUMKz2AWRBvXVRIc3wMO +73jMy+s54NkFj/6fXxpI/OdSNEEnVq84G7IRXSuOj6JpZ6PNbDnpNWlE8t2bM3uN +vEcZtHV9XvhqpBZ/AkEA45gV+4e6y8z3ebxm6grpeE/JXg2glOm+3pn7Rfc+IHgw +OK4EiFOaLOmCtPGA/HGFjy5XWeYeLFpfr6Q1ujpiowJBAM3H1f44BVcuo/9VTAhs +fdQCCjzkjfWgmlzrdeaqvNM4+ADzYkSOh85+GlUzGt8rvzois+YTQDX9pS2VeP0/ +cvcCQDjmBX7h7rLzPd5vGbqCul4T8leDaCU6b7emftF9z4geDA4rgSIU5os6YK08 +YD8cYWPLldZ5h4sWl+vpDW6OmKkCQQCaVeB+qgQBYvr/f/kGUV5fAYetq2p4OHPF +sJhtAA2earoAtomzauXa3pO/5lQnYM9rmgbsjnAofjviMBq975Y5AkAXYycCq+zk +1z1CYY9D7/hTagRK3tRYweFh9zR6PdwN6NfnWYktFOONzHz2eupU73A3dG+TbTDy +HeFDKOXf54Ar +-----END PRIVATE KEY----- diff --git a/checks/keys/rw512.key b/checks/keys/rw512.key deleted file mode 100644 index ea6ba4226..000000000 --- a/checks/keys/rw512.key +++ /dev/null @@ -1,3 +0,0 @@ -2 -F21624A28732743BBE9B1A2B320CA31EF4A127456547ACDF5C523995E25A990B -BC6EDE730E7CEC8993A6E6296EA8DFBBC7D46615122F23F635FF988E284E31CF diff --git a/checks/keys/rw512.pem b/checks/keys/rw512.pem new file mode 100644 index 000000000..05e900c61 --- /dev/null +++ b/checks/keys/rw512.pem @@ -0,0 +1,10 @@ +-----BEGIN PRIVATE KEY----- +MIIBVAIBADAOBgorBgEEAYHFKgEBBQAEggE9MIIBOQIBAAJBALIxGscaieOzc3oN +cq5T0xOxYRm9WcSUeydWU6fFE2GbKEUkmYmMiaoAUnNd0GJU0aiiSChgfT5dbJ/M +I7fm2uUCAQICQBZGI1jjUTx2bm9BrlXKemJ2LCM3qziSj2TqynT4omwzLzgEMH57 +pRyVwg5hJfWaPt2Fl1m9IM2w+0m/P/WnwgICIQDyFiSihzJ0O76bGisyDKMe9KEn +RWVHrN9cUjmV4lqZCwIhALxu3nMOfOyJk6bmKW6o37vH1GYVEi8j9jX/mI4oTjHP +AiEAtZCbeeVl1yzO9FOgZYl6Vzd43XQL9cGnhT2rMGnD8sgCIC8bt5zDnzsiZOm5 +iluqN+7x9RmFRIvI/Y1/5iOKE4x0AiEAqgdTQJW1OyOYKkA62QcUyP5gexP/n0X8 +prrrIxjkekA= +-----END PRIVATE KEY----- diff --git a/checks/pk.cpp b/checks/pk.cpp index bb0a27f2a..f2c2401fd 100644 --- a/checks/pk.cpp +++ b/checks/pk.cpp @@ -28,7 +28,7 @@ using namespace Botan; static BigInt to_bigint(const std::string& h) { - return BigInt::decode((const byte*)h.data(), + return BigInt::decode(reinterpret_cast<const byte*>(h.data()), h.length(), BigInt::Hexadecimal); } @@ -326,7 +326,9 @@ u32bit validate_rsa_enc_pkcs8(const std::string& algo, strip_newlines(pass); /* it will have a newline thanks to the messy decoding method we use */ - DataSource_Memory keysource((const byte*)str[0].c_str(), str[0].length()); + DataSource_Memory keysource(reinterpret_cast<const byte*>(str[0].c_str()), + str[0].length()); + Private_Key* privkey = PKCS8::load_key(keysource, pass); RSA_PrivateKey* rsapriv = dynamic_cast<RSA_PrivateKey*>(privkey); @@ -441,7 +443,8 @@ u32bit validate_rsa_ver_x509(const std::string& algo, if(str.size() != 5) /* is actually 3, parse() adds extra empty ones */ throw Exception("Invalid input from pk_valid.dat"); - DataSource_Memory keysource((const byte*)str[0].c_str(), str[0].length()); + DataSource_Memory keysource(reinterpret_cast<const byte*>(str[0].c_str()), + str[0].length()); Public_Key* key = X509::load_key(keysource); @@ -518,7 +521,9 @@ u32bit validate_dsa_sig(const std::string& algo, strip_newlines(pass); /* it will have a newline thanks to the messy decoding method we use */ - DataSource_Memory keysource((const byte*)str[0].c_str(), str[0].length()); + DataSource_Memory keysource(reinterpret_cast<const byte*>(str[0].c_str()), + str[0].length()); + Private_Key* privkey = PKCS8::load_key(keysource, pass); DSA_PrivateKey* dsapriv = dynamic_cast<DSA_PrivateKey*>(privkey); @@ -545,7 +550,9 @@ u32bit validate_dsa_ver(const std::string& algo, if(str.size() != 5) /* is actually 3, parse() adds extra empty ones */ throw Exception("Invalid input from pk_valid.dat"); - DataSource_Memory keysource((const byte*)str[0].c_str(), str[0].length()); + DataSource_Memory keysource(reinterpret_cast<const byte*>(str[0].c_str()), + str[0].length()); + Public_Key* key = X509::load_key(keysource); DSA_PublicKey* dsakey = dynamic_cast<DSA_PublicKey*>(key); diff --git a/checks/pk_bench.cpp b/checks/pk_bench.cpp index f3b4ad04e..c6277b4bd 100644 --- a/checks/pk_bench.cpp +++ b/checks/pk_bench.cpp @@ -16,88 +16,21 @@ using namespace Botan; #include <iostream> #include <fstream> #include <string> - -#define DEBUG 0 +#include <memory> #define PRINT_MS_PER_OP 0 /* If 0, print ops / second */ -RSA_PrivateKey* load_rsa_key(const std::string&); -RW_PrivateKey load_rw_key(const std::string&); - -static BigInt to_bigint(const std::string& h) - { - return BigInt::decode((const byte*)h.data(), - h.length(), BigInt::Hexadecimal); - } - void bench_enc(PK_Encryptor*, const std::string&, double, bool); void bench_dec(PK_Encryptor*, PK_Decryptor*, const std::string&, double, bool); void bench_sig(PK_Signer*, const std::string&, double, bool); void bench_ver(PK_Signer*, PK_Verifier*, const std::string&, double, bool); void bench_kas(PK_Key_Agreement*, const std::string&, double, bool); -void bench_rsa(RSA_PrivateKey& key, const std::string keybits, - double seconds, bool html) - { - bench_enc(get_pk_encryptor(key, "Raw"), - "RSA-" + keybits, seconds, html); - bench_dec(get_pk_encryptor(key, "Raw"), - get_pk_decryptor(key, "Raw"), - "RSA-" + keybits, seconds, html); - } - -void bench_dsa(DSA_PrivateKey& key, const std::string keybits, - double seconds, bool html) - { - bench_ver(get_pk_signer(key, "EMSA1(SHA-1)"), - get_pk_verifier(key, "EMSA1(SHA-1)"), - "DSA-" + keybits, seconds, html); - bench_sig(get_pk_signer(key, "EMSA1(SHA-1)"), - "DSA-" + keybits, seconds, html); - } - -void bench_dh(DH_PrivateKey& key, const std::string keybits, - double seconds, bool html) - { - bench_kas(get_pk_kas(key, "Raw"), - "DH-" + keybits, seconds, html); - } - -void bench_rw(RW_PrivateKey& key, const std::string keybits, - double seconds, bool html) - { - bench_ver(get_pk_signer(key, "EMSA2(SHA-1)"), - get_pk_verifier(key, "EMSA2(SHA-1)"), - "RW-" + keybits, seconds, html); - bench_sig(get_pk_signer(key, "EMSA2(SHA-1)"), - "RW-" + keybits, seconds, html); - } - -void bench_nr(NR_PrivateKey& key, const std::string keybits, - double seconds, bool html) - { - bench_ver(get_pk_signer(key, "EMSA1(SHA-1)"), - get_pk_verifier(key, "EMSA1(SHA-1)"), - "NR-" + keybits, seconds, html); - bench_sig(get_pk_signer(key, "EMSA1(SHA-1)"), - "NR-" + keybits, seconds, html); - } - -void bench_elg(ElGamal_PrivateKey& key, const std::string keybits, - double seconds, bool html) - { - bench_enc(get_pk_encryptor(key, "Raw"), - "ELG-" + keybits, seconds, html); - bench_dec(get_pk_encryptor(key, "Raw"), - get_pk_decryptor(key, "Raw"), - "ELG-" + keybits, seconds, html); - } - void bench_pk(const std::string& algo, bool html, double seconds) { /* There is some strangeness going on here. It looks like algorithms - at the end take some kind of pentalty. For example, running the RW tests + at the end take some kind of penalty. For example, running the RW tests first got a result of: RW-1024: 148.14 ms / private operation but running them last output: @@ -124,123 +57,130 @@ void bench_pk(const std::string& algo, bool html, double seconds) if(algo == "All" || algo == "RSA") { - #define DO_RSA(NUM_STR, FILENAME) \ - { \ - RSA_PrivateKey* rsa = load_rsa_key(FILENAME); \ - bench_rsa(*rsa, NUM_STR, seconds, html); \ - delete rsa; \ - } + const u32bit keylen[] = { 512, 1024, 1536, 2048, 3072, 4096, 0 }; - DO_RSA("512", "checks/keys/rsa512.key") - DO_RSA("1024", "checks/keys/rsa1024.key") - DO_RSA("1536", "checks/keys/rsa1536.key") - DO_RSA("2048", "checks/keys/rsa2048.key") - DO_RSA("3072", "checks/keys/rsa3072.key") - DO_RSA("4096", "checks/keys/rsa4096.key") - #undef DO_RSA + for(size_t j = 0; keylen[j]; j++) + { + const std::string len_str = to_string(keylen[j]); + const std::string file = "checks/keys/rsa" + len_str + ".pem"; + + std::auto_ptr<RSA_PrivateKey> key( + dynamic_cast<RSA_PrivateKey*>(PKCS8::load_key(file)) + ); + + if(key.get() == 0) + throw Invalid_Argument(file + " doesn't have an RSA key in it!"); + + bench_enc(get_pk_encryptor(*key, "Raw"), + "RSA-" + len_str, seconds, html); + + bench_dec(get_pk_encryptor(*key, "Raw"), + get_pk_decryptor(*key, "Raw"), + "RSA-" + len_str, seconds, html); + } } + if(algo == "All" || algo == "DSA") { - #define DO_DSA(NUM_STR, GROUP) \ - { \ - DSA_PrivateKey dsa(GROUP); \ - bench_dsa(dsa, NUM_STR, seconds, html); \ - } + const u32bit keylen[] = { 512, 768, 1024, 0 }; + + for(size_t j = 0; keylen[j]; j++) + { + const std::string len_str = to_string(keylen[j]); + + DSA_PrivateKey key("dsa/jce/" + len_str); - DO_DSA("512", DL_Group("dsa/jce/512")); - DO_DSA("768", DL_Group("dsa/jce/768")); - DO_DSA("1024", DL_Group("dsa/jce/1024")); - //DO_DSA("2048", DL_Group(DL_Group::DSA_Kosherizer, 2048, 256)); - //DO_DSA("3072", DL_Group(DL_Group::DSA_Kosherizer, 3072, 256)); - #undef DO_DSA + bench_ver(get_pk_signer(key, "EMSA1(SHA-1)"), + get_pk_verifier(key, "EMSA1(SHA-1)"), + "DSA-" + len_str, seconds, html); + + bench_sig(get_pk_signer(key, "EMSA1(SHA-1)"), + "DSA-" + len_str, seconds, html); + } } + if(algo == "All" || algo == "DH") { - #define DO_DH(NUM_STR, GROUP) \ - { \ - DH_PrivateKey dh(DL_Group(GROUP)); \ - bench_dh(dh, NUM_STR, seconds, html); \ - } + const u32bit keylen[] = { 768, 1024, 1536, 2048, 3072, 4096, 0 }; - DO_DH("768", "modp/ietf/768"); - DO_DH("1024", "modp/ietf/1024"); - DO_DH("1536", "modp/ietf/1536"); - DO_DH("2048", "modp/ietf/2048"); - DO_DH("3072", "modp/ietf/3072"); - DO_DH("4096", "modp/ietf/4096"); - #undef DO_DH + for(size_t j = 0; keylen[j]; j++) + { + const std::string len_str = to_string(keylen[j]); + + DH_PrivateKey key("modp/ietf/" + len_str); + + bench_kas(get_pk_kas(key, "Raw"), "DH-" + len_str, seconds, html); + } } if(algo == "All" || algo == "ELG" || algo == "ElGamal") { - #define DO_ELG(NUM_STR, GROUP) \ - { \ - ElGamal_PrivateKey elg(DL_Group(GROUP)); \ - bench_elg(elg, NUM_STR, seconds, html); \ + const u32bit keylen[] = { 768, 1024, 1536, 2048, 3072, 4096, 0 }; + + for(size_t j = 0; keylen[j]; j++) + { + const std::string len_str = to_string(keylen[j]); + + ElGamal_PrivateKey key("modp/ietf/" + len_str); + + bench_enc(get_pk_encryptor(key, "Raw"), + "ELG-" + len_str, seconds, html); + + bench_dec(get_pk_encryptor(key, "Raw"), + get_pk_decryptor(key, "Raw"), + "ELG-" + len_str, seconds, html); } - DO_ELG("768", "modp/ietf/768"); - DO_ELG("1024", "modp/ietf/1024"); - DO_ELG("1536", "modp/ietf/1536"); - DO_ELG("2048", "modp/ietf/2048"); - DO_ELG("3072", "modp/ietf/3072"); - DO_ELG("4096", "modp/ietf/4096"); - #undef DO_ELG } if(algo == "All" || algo == "NR") { - #define DO_NR(NUM_STR, GROUP) \ - { \ - NR_PrivateKey nr(DL_Group(GROUP)); \ - bench_nr(nr, NUM_STR, seconds, html); \ - } + const u32bit keylen[] = { 512, 768, 1024, 0 }; + + for(size_t j = 0; keylen[j]; j++) + { + const std::string len_str = to_string(keylen[j]); - DO_NR("512", "dsa/jce/512"); - DO_NR("768", "dsa/jce/768"); - DO_NR("1024", "dsa/jce/1024"); - #undef DO_NR + NR_PrivateKey key("dsa/jce/" + len_str); + + bench_ver(get_pk_signer(key, "EMSA1(SHA-1)"), + get_pk_verifier(key, "EMSA1(SHA-1)"), + "NR-" + len_str, seconds, html); + + bench_sig(get_pk_signer(key, "EMSA1(SHA-1)"), + "NR-" + len_str, seconds, html); + } } if(algo == "All" || algo == "RW") { - #define DO_RW(NUM_STR, FILENAME) \ - { \ - RW_PrivateKey rw = load_rw_key(FILENAME); \ - bench_rw(rw, NUM_STR, seconds, html); \ - } + const u32bit keylen[] = { 512, 1024, 0 }; - DO_RW("512", "checks/keys/rw512.key") - DO_RW("1024", "checks/keys/rw1024.key") - #undef DO_RW - } - } - catch(Botan::Exception& e) - { - std::cout << "Exception caught: " << e.what() << std::endl; - return; - } - catch(std::exception& e) - { - std::cout << "Standard library exception caught: " - << e.what() << std::endl; - return; - } - catch(...) - { - std::cout << "Unknown exception caught." << std::endl; - return; - } + for(size_t j = 0; keylen[j]; j++) + { + const std::string len_str = to_string(keylen[j]); + const std::string file = "checks/keys/rw" + len_str + ".pem"; + RW_PrivateKey* key = + dynamic_cast<RW_PrivateKey*>(PKCS8::load_key(file)); + + bench_ver(get_pk_signer(*key, "EMSA2(SHA-1)"), + get_pk_verifier(*key, "EMSA2(SHA-1)"), + "RW-" + len_str, seconds, html); + bench_sig(get_pk_signer(*key, "EMSA2(SHA-1)"), + "RW-" + len_str, seconds, html); + + delete key; + } + } } void print_result(bool html, u32bit runs, u64bit clocks_used, const std::string& algo_name, const std::string& op) { - double seconds = (double)clocks_used / get_ticks(); + double seconds = static_cast<double>(clocks_used) / get_ticks(); double mseconds_per_run = 1000 * (seconds / runs); double runs_per_sec = runs / seconds; - if(html) { std::cout << " <TR><TH>" << algo_name << " (" << op << ") <TH>"; @@ -260,9 +200,9 @@ void print_result(bool html, u32bit runs, u64bit clocks_used, std::cout.precision(2); if(PRINT_MS_PER_OP) - std::cout << mseconds_per_run << " ms / " << op << std::endl; + std::cout << mseconds_per_run << " ms / " << op << "\n"; else - std::cout << runs_per_sec << " ops / second (" << op << ")" << std::endl; + std::cout << runs_per_sec << " ops / second (" << op << ")\n"; } } @@ -424,35 +364,3 @@ void bench_kas(PK_Key_Agreement* kas, const std::string& algo_name, print_result(html, runs, clocks_used, algo_name, "key agreement"); } - -/************************************************* -* Key loading procedures * -*************************************************/ -RSA_PrivateKey* load_rsa_key(const std::string& file) - { - Private_Key* key = PKCS8::load_key(file); - - RSA_PrivateKey* rsakey = dynamic_cast<RSA_PrivateKey*>(key); - - if(rsakey == 0) - throw Invalid_Argument(file + " doesn't have an RSA key in it!"); - - return rsakey; - } - -RW_PrivateKey load_rw_key(const std::string& file) - { - std::ifstream keyfile(file.c_str()); - if(!keyfile) - throw Exception("Couldn't open the RW key file " + file); - - std::string e, p, q; - - std::getline(keyfile, e); - std::getline(keyfile, p); - std::getline(keyfile, q); - - RW_PrivateKey key(to_bigint(p), to_bigint(q), to_bigint(e)); - - return key; - } diff --git a/checks/validate.cpp b/checks/validate.cpp index b10b53b98..d634d3bb3 100644 --- a/checks/validate.cpp +++ b/checks/validate.cpp @@ -263,7 +263,7 @@ bool failed_test(const std::string& algo, bool OK = true; for(u32bit j = offset; j != offset+length; j++) - if((byte)output[j] != peekbuf[j-offset]) + if(static_cast<byte>(output[j]) != peekbuf[j-offset]) OK = false; if(!OK) diff --git a/checks/validate.dat b/checks/validate.dat index 99a1b7e1c..5852836a0 100644 --- a/checks/validate.dat +++ b/checks/validate.dat @@ -31180,142 +31180,226 @@ D41D8CD98F00B204E9800998ECF8427E # MAC format is input:mac:key -#[CBC-MAC(DES)] -#37363534333231204E6F77206973207468652074696D6520666F7220:\ -#F1D30F6849312CA4:0123456789ABCDEF -# -#:0000000000000000:67C6697351FF4AEC -# -#29:616FE88F809D55FE:CDBAABF2FBE3467C -# -#C254:AED0202A4D19E0E1:F81BE8E78D765A2E -# -#63339F:69E2BBE362FFA373:C99A66320DB73158 -# -#A35A255D:99AF085AE0872883:051758E95ED4ABB2 -# -#CDC69BB454:346750C009F85AE7:110E827441213DDC -# -#8770E93EA141:457FA6D39A704CDB:E1FC673E017E97EA -# -#DC6B968F385C2A:725FFF0F41477E42:ECB03BFB32AF3C54 -# -#EC18DB5C021AFE43:1D119FAEB0BB44C3:FBFAAA3AFB29D1E6 -# -#053C7C9475D8BE6189:E4DD5474534FE9DA:F95CBBA8990F95B1 -# -#EBF1B305EFF700E9A13A:BEE63E65CAEFA450:E5CA0BCBD0484764 -# -#BD1F231EA81C7B64C51473:495FF947F6665F45:5AC55E4B79633B70 -# -#6424119E09DCAAD4ACF21B10:53C806C8B69CF03C:AF3B33CDE3504847 -# -#155CBB6F2219BA9B7DF50BE11A:2CFD97F2BD38C7A0:1C7F23F829F8A41B -# -#13B5CA4EE8983238E0794D3D34BC:A83C88744DF51267:5F4E77FACB6C05AC -# -#86212BAA1A55A2BE70B5733B045CD3:112C46B74BD7D1EC:3694B3AFE2F0E49E -# -#4F321549FD824EA90870D4B28A295448:F12831C24A551F5C:9A0ABCD50E18A844 -# -#AC5BF38E4CD72D9B0942E506C433AFCDA3:0AB4EC81A81F5C6C:847F2DADD47647DE -# -#321CEC4AC430F62023856CFBB20704F4EC0B:B2D3297BE75E9505:B920BA86C33E05F1 -# -#ECD96733B79950A3E314D3D934F75EA0F210A8:0AA5F1B82E138AB3:F6059401BEB4BC44 -# -#78FA4969E623D01ADA696A7E4C7E5125B3488453:7143592230891CC9:3A94FB3199903257 -# -#44EE9BBCE9E525CF08F5E9E25E5360AAD2B2D085FA:90E6F543EDA1AC82:54D835E8D4668264 -# -#98D9A8877565705A8A3F62802944DE7CA5894E5759D3:491310A9E2B8B18C:51ADAC869580EC17 -# -#E485F18C0C66F17CC07CBB22FCE466DA610B63AF62BC83:302E436ABB2B6193:B4692F3AFFAF2716 -# -#93AC071FB86D11342D8DEF4F89D4B66335C1C7E4248367D8:\ -#1ED636A10A187609:ED9612EC453902D8 -# -#E50AF89D7709D1A596C1F41F95AA82CA6C49AE90CD1668BAAC:\ -#2A02740B45449296:7AA6F2B4A8CA99B2 -# -#C2372ACB08CF61C9C3805E6E0328DA4CD76A19EDD2D3994C798B:\ -#CEA8016EAE33A92B:0022569AD418D1FE -# -#E4D9CD45A391C601FFC92AD91501432FEE150287617C13629E69FC:\ -#E584507E7606DD42:7281CD7165A63EAB -# -#49CF714BCE3A75A74F76EA7E64FF81EB61FDFEC39B67BF0DE98C7E4E:\ -#5A09D5EF7B21251E:32BDF97C8C6AC75B -# -#A43C02F4B2ED7216ECF3014DF000108B67CF99505B179F8ED4980A6103:\ -#3AA4E5750CA579D9:D1BCA70DBE9BBFAB -# -#0ED59801D6E5F2D6F67D3EC5168E212E2DAF02C6B963C98A1F7097DE0C56:\ -#FAC262455D9691C6:891A2B211B01070D -# -#D8FD8B16C2A1A4E3CFD292D2984B3561D555D16C33DDC2BCF7EDDE13EFE520:\ -#32127540A949B873:C7E2ABDDA44D8188 -# -#[CBC-MAC(AES-128)] -# -#:00000000000000000000000000000000:67C6697351FF4AEC29CDBAABF2FBE346 -# -#7C:A2F5C113EBEE0F124B649287C7F7986F:C254F81BE8E78D765A2E63339FC99A66 -# -#320D:5C787D4CDAF3B4D106A7AA09F41BCFCA:B73158A35A255D051758E95ED4ABB2CD -# -#C69BB4:B32F25C34E061A972C49E4B0A0678AA5:54110E827441213DDC8770E93EA141E1 -# -#FC673E01:B5D6A0E8F3202BFF37796DB5EB920B7E:7E97EADC6B968F385C2AECB03BFB32AF -# -#3C54EC18DB:F3896484B179F90BE3B62DCE3F748C52:5C021AFE43FBFAAA3AFB29D1E6053C7C -# -#9475D8BE6189:100D2CDA97B85428D785D9EECC8D51E2:F95CBBA8990F95B1EBF1B305EFF700E9 -# -#A13AE5CA0BCBD0:\ -#92A7A024C4F6D8C82C53030545C23C10:484764BD1F231EA81C7B64C514735AC5 -# -#5E4B79633B706424:\ -#E235CFD4C307E2B3D44199E83E5D83C6:119E09DCAAD4ACF21B10AF3B33CDE350 -# -#4847155CBB6F2219BA:\ -#2379D24A48EF60E46807E92C1A602AA6:9B7DF50BE11A1C7F23F829F8A41B13B5 -# -#CA4EE8983238E0794D3D:\ -#D6DA42CAE5C664F3C4D597CF6CE1DDD7:34BC5F4E77FACB6C05AC86212BAA1A55 -# -#A2BE70B5733B045CD33694:\ -#93990491923BF761B3220C1E45ACD359:B3AFE2F0E49E4F321549FD824EA90870 -# -#D4B28A2954489A0ABCD50E18:\ -#9B14531370EE1EFFCF5A3BBC2161D25C:A844AC5BF38E4CD72D9B0942E506C433 -# -#AFCDA3847F2DADD47647DE321C:\ -#EB597AD53F1B208B4FEB5C20D78545AB:EC4AC430F62023856CFBB20704F4EC0B -# -#B920BA86C33E05F1ECD96733B799:\ -#91C3626B64EA3B16E15C2F9B32189C68:50A3E314D3D934F75EA0F210A8F60594 -# -#01BEB4BC4478FA4969E623D01ADA69:\ -#F6251F1A89FE388121DED78B8CA9FD7C:6A7E4C7E5125B34884533A94FB319990 -# -#325744EE9BBCE9E525CF08F5E9E25E53:\ -#E55A004723589CAA843140BA5AC52119:60AAD2B2D085FA54D835E8D466826498 -# -#D9A8877565705A8A3F62802944DE7CA589:\ -#53A217151AA961BBF0C7AD4AFDCB9B5F:4E5759D351ADAC869580EC17E485F18C -# -#0C66F17CC07CBB22FCE466DA610B63AF62BC:\ -#CE21D27F4D455511CD327D205853EE85:83B4692F3AFFAF271693AC071FB86D11 -# -#342D8DEF4F89D4B66335C1C7E4248367D8ED96:\ -#4DC9B5ED541B7382F0FCC7CFAB5AAFE0:12EC453902D8E50AF89D7709D1A596C1 -# -#F41F95AA82CA6C49AE90CD1668BAAC7AA6F2B4A8:\ -#2FB0B595042C8D7AD592583D7E6C76F7:CA99B2C2372ACB08CF61C9C3805E6E03 -# -#28DA4CD76A19EDD2D3994C798B0022569AD418D1FE:\ -#AC464531064DA66A2F8591AFAB2931D0:E4D9CD45A391C601FFC92AD91501432F +[CBC-MAC(DES)] +37363534333231204E6F77206973207468652074696D6520666F7220:\ +F1D30F6849312CA4:0123456789ABCDEF + +:0000000000000000:67C6697351FF4AEC + +29:616FE88F809D55FE:CDBAABF2FBE3467C + +C254:AED0202A4D19E0E1:F81BE8E78D765A2E + +63339F:69E2BBE362FFA373:C99A66320DB73158 + +A35A255D:99AF085AE0872883:051758E95ED4ABB2 + +CDC69BB454:346750C009F85AE7:110E827441213DDC + +8770E93EA141:457FA6D39A704CDB:E1FC673E017E97EA + +DC6B968F385C2A:725FFF0F41477E42:ECB03BFB32AF3C54 + +EC18DB5C021AFE43:1D119FAEB0BB44C3:FBFAAA3AFB29D1E6 + +053C7C9475D8BE6189:E4DD5474534FE9DA:F95CBBA8990F95B1 + +EBF1B305EFF700E9A13A:BEE63E65CAEFA450:E5CA0BCBD0484764 + +BD1F231EA81C7B64C51473:495FF947F6665F45:5AC55E4B79633B70 + +6424119E09DCAAD4ACF21B10:53C806C8B69CF03C:AF3B33CDE3504847 + +155CBB6F2219BA9B7DF50BE11A:2CFD97F2BD38C7A0:1C7F23F829F8A41B + +13B5CA4EE8983238E0794D3D34BC:A83C88744DF51267:5F4E77FACB6C05AC + +86212BAA1A55A2BE70B5733B045CD3:112C46B74BD7D1EC:3694B3AFE2F0E49E + +4F321549FD824EA90870D4B28A295448:F12831C24A551F5C:9A0ABCD50E18A844 + +AC5BF38E4CD72D9B0942E506C433AFCDA3:0AB4EC81A81F5C6C:847F2DADD47647DE + +321CEC4AC430F62023856CFBB20704F4EC0B:B2D3297BE75E9505:B920BA86C33E05F1 + +ECD96733B79950A3E314D3D934F75EA0F210A8:0AA5F1B82E138AB3:F6059401BEB4BC44 + +78FA4969E623D01ADA696A7E4C7E5125B3488453:7143592230891CC9:3A94FB3199903257 + +44EE9BBCE9E525CF08F5E9E25E5360AAD2B2D085FA:90E6F543EDA1AC82:54D835E8D4668264 + +98D9A8877565705A8A3F62802944DE7CA5894E5759D3:491310A9E2B8B18C:51ADAC869580EC17 + +E485F18C0C66F17CC07CBB22FCE466DA610B63AF62BC83:\ +302E436ABB2B6193:B4692F3AFFAF2716 + +93AC071FB86D11342D8DEF4F89D4B66335C1C7E4248367D8:\ +1ED636A10A187609:ED9612EC453902D8 + +E50AF89D7709D1A596C1F41F95AA82CA6C49AE90CD1668BAAC:\ +2A02740B45449296:7AA6F2B4A8CA99B2 + +C2372ACB08CF61C9C3805E6E0328DA4CD76A19EDD2D3994C798B:\ +CEA8016EAE33A92B:0022569AD418D1FE + +E4D9CD45A391C601FFC92AD91501432FEE150287617C13629E69FC:\ +E584507E7606DD42:7281CD7165A63EAB + +49CF714BCE3A75A74F76EA7E64FF81EB61FDFEC39B67BF0DE98C7E4E:\ +5A09D5EF7B21251E:32BDF97C8C6AC75B + +A43C02F4B2ED7216ECF3014DF000108B67CF99505B179F8ED4980A6103:\ +3AA4E5750CA579D9:D1BCA70DBE9BBFAB + +0ED59801D6E5F2D6F67D3EC5168E212E2DAF02C6B963C98A1F7097DE0C56:\ +FAC262455D9691C6:891A2B211B01070D + +D8FD8B16C2A1A4E3CFD292D2984B3561D555D16C33DDC2BCF7EDDE13EFE520:\ +32127540A949B873:C7E2ABDDA44D8188 + +[CBC-MAC(AES-128)] + +:00000000000000000000000000000000:67C6697351FF4AEC29CDBAABF2FBE346 + +7C:A2F5C113EBEE0F124B649287C7F7986F:C254F81BE8E78D765A2E63339FC99A66 + +320D:5C787D4CDAF3B4D106A7AA09F41BCFCA:B73158A35A255D051758E95ED4ABB2CD + +C69BB4:B32F25C34E061A972C49E4B0A0678AA5:54110E827441213DDC8770E93EA141E1 + +FC673E01:B5D6A0E8F3202BFF37796DB5EB920B7E:7E97EADC6B968F385C2AECB03BFB32AF + +3C54EC18DB:F3896484B179F90BE3B62DCE3F748C52:5C021AFE43FBFAAA3AFB29D1E6053C7C + +9475D8BE6189:100D2CDA97B85428D785D9EECC8D51E2:F95CBBA8990F95B1EBF1B305EFF700E9 + +A13AE5CA0BCBD0:\ +92A7A024C4F6D8C82C53030545C23C10:484764BD1F231EA81C7B64C514735AC5 + +5E4B79633B706424:\ +E235CFD4C307E2B3D44199E83E5D83C6:119E09DCAAD4ACF21B10AF3B33CDE350 + +4847155CBB6F2219BA:\ +2379D24A48EF60E46807E92C1A602AA6:9B7DF50BE11A1C7F23F829F8A41B13B5 + +CA4EE8983238E0794D3D:\ +D6DA42CAE5C664F3C4D597CF6CE1DDD7:34BC5F4E77FACB6C05AC86212BAA1A55 + +A2BE70B5733B045CD33694:\ +93990491923BF761B3220C1E45ACD359:B3AFE2F0E49E4F321549FD824EA90870 + +D4B28A2954489A0ABCD50E18:\ +9B14531370EE1EFFCF5A3BBC2161D25C:A844AC5BF38E4CD72D9B0942E506C433 + +AFCDA3847F2DADD47647DE321C:\ +EB597AD53F1B208B4FEB5C20D78545AB:EC4AC430F62023856CFBB20704F4EC0B + +B920BA86C33E05F1ECD96733B799:\ +91C3626B64EA3B16E15C2F9B32189C68:50A3E314D3D934F75EA0F210A8F60594 + +01BEB4BC4478FA4969E623D01ADA69:\ +F6251F1A89FE388121DED78B8CA9FD7C:6A7E4C7E5125B34884533A94FB319990 + +325744EE9BBCE9E525CF08F5E9E25E53:\ +E55A004723589CAA843140BA5AC52119:60AAD2B2D085FA54D835E8D466826498 + +D9A8877565705A8A3F62802944DE7CA589:\ +53A217151AA961BBF0C7AD4AFDCB9B5F:4E5759D351ADAC869580EC17E485F18C + +0C66F17CC07CBB22FCE466DA610B63AF62BC:\ +CE21D27F4D455511CD327D205853EE85:83B4692F3AFFAF271693AC071FB86D11 + +342D8DEF4F89D4B66335C1C7E4248367D8ED96:\ +4DC9B5ED541B7382F0FCC7CFAB5AAFE0:12EC453902D8E50AF89D7709D1A596C1 + +F41F95AA82CA6C49AE90CD1668BAAC7AA6F2B4A8:\ +2FB0B595042C8D7AD592583D7E6C76F7:CA99B2C2372ACB08CF61C9C3805E6E03 + +28DA4CD76A19EDD2D3994C798B0022569AD418D1FE:\ +AC464531064DA66A2F8591AFAB2931D0:E4D9CD45A391C601FFC92AD91501432F + +D4A628D05B1663A1BABEA82646DE1005197A63C1EB5C:\ +A16EADA7B6D32D01FE75759FB6DE2E1D:F466C626BC51E907F0BDAE188D092EF1 + +ABE8AF530FF6311FFB4B995F0C84BB00EA8226A7D30FAE:\ +7D980A5E6DA633CE4FED22E815A1C5AD:C3CC5CDB5A660A4B11F2FA6401F09621 + +ECE1BA4BED3F06ED298813D05B237F1EEFDBFA4941049452:\ +425497C221479FC5696D3078D062E725:F68FB7F87F4D196B2ED3B61B12BD083C + +451B0CA13E8BBF2E67B977A8BD0CFBB49BB2AC1AFFC5862D98:\ +90029A6EE195A0665D02997A844BE499:3C48ABF950E73F6BF3E0AA7F9FD8E659 + +4F8E165B89CAF63B76113A3B9767D4D3AF7FCDFF660C6B59EC15:\ +BCA39FFF3C95AB00DACF2B2A9A37C7FE:D88BEDBEE43C4DFB98D6C58E123C9F4C + +7736B44B0A63CAD76330E3CE8ACFE3625AD0213F0C6E3AA444FF33:\ +D55DC707BA4568B0642E3D70116308D1:563BD2A3B30957FE13BAC9EA1DF9CDEB + +839CCEE6F69E0735AB756F4FB96F8210AA55B35D5E0A5C71C4255BE2:\ +295F3F2DC91B300874147AADBF2132FE:1E28CDA2C49C88BA3A8FF0E5045F35BD + +CEB7CD790C80D66A8A32DB4F573631765EFE18229AA0DDD52FCDBA332C:\ +049AE1796CE825B2ABB88AA1EBE8D7D2:EFF0FBA7BE74B33E4A1EC97DF918D430 + +494A8E4762B1E2028EB7315B7164876155820813F6BB5141D91ABED33292:\ +AD921BBF28C028B76D9E1B4F92D36DCC:037BDD91C33F42A542D05C732BCDD8B3 + +2E2D3536402CF2916DCBAC2B9EDEBDA15A9A331DDA75C21C461E8F71EB6724:\ +952D487FE1B8A1F63B26B2027217AC14:1A945A50D4864266F30E121EACF0DB4E + +4A76816750F6296C3C47FBAE3363D24DF72C9DCCB2E032A5EE44C39A349FE87F:\ +ED1B41F593FF135A1E6DC7C85A2F1A2B:1569E6656010D19C57CC4A8A2F1DD727 + +4975F3FC5525A1436965DD9D04C61C192F037E8F134F2C6A1B76F54B93CC72DD41:\ +29326E91479F46720D9D1B067B10E617:65D9968A7AD9F3DFB790E37DADFCACB0 + +7A3CC3C9682DE5DE223072EFA24F300728C791A2A08482571465D4C1628171DCBD34:\ +440A055C9D93DE336B725E0FAE8BCB3D:A625628B0384BB75735DC4A464EC6BF5 + +8F0B7911638D76374FD8B8C0B575F55B9A57E69EDBA1134FFED8F362C45E575369D064:\ +345B392931218A9395F08BD1A45A9B43:CC5DDB04ACB3BC6D683262C3CCB9A96A + +944A7EE34856D6AA1A34016E9ED1D26A2FAD6EDB612B48C95DAA8D29633694F88112DBC9:\ +2D49E335B07A2519287CDA50D482FC48:68B27482E675F08447C3EF76705D51D1 + +889A9BE544280FA85EA3A0DFB57BA91D2D1D9F14929098D953874FC3E5A1956D3B30537F58:\ +900A6FB8FD5661FF12B7F391279DB085:6227B605C796BA433FD7705C7684EE06 + +1DC859A4171D89B8B2F7F3E24A733AAC9AF0B162866BA5C5421521B89A10BFB7D8185BEF35E5:\ +096DCD92F3919145B298201BC3820612:A8E7DC9BC9260E03D2A9F4830B7AEEB0 + +4030C561E85F71A71649C07239F557E1DD337CA6\ +598BAA2B349EAE3F189CEF58CCB4BAB4142B5C:\ +2E8B2AF6CFF3FD6AF55898BC1374609D:2A751C9CAE11F38FEE260B957F963FAA + +CADD5809F5F4F84EC0AD0875C133D1EBA8ED8856\ +FE7BE5EDA2F1822187C1CC529E245B931954E1D9:\ +351E0741D63B5CCED0131A483C3B89F0:01E94EC21D1FADC50C351C0BB101F853 + +F27A747A3B40CCD965276C7E7B4E577C37A63E54\ +C5EC1AD22136DDD237D5252A4F9AA48ADA70633F97:\ +5F144222C4B8C33CA82A85CCC177A0AF:CFBD131D158F55BBCEA980BAC352DBF9 + +2FAE3104D35B536DFFDD486F4087061045192D5A\ +A98215772C9531EFE80CE917BA1A1C8E756FFB744D43:\ +5FD061418DDE0BB0A8A3E6A4FD5BD2A8:E38DCBE99D1003CB6AAC4D7F23791454 + +69FC6052141B6C30A9E19FA455ECE8387AB32117\ +C324E22DD030ACF3A9C04712BDA864D1C3D0016CB1A010:\ +73E376B5D0B9466453438B5CEFB27EEF:068DF83E07AB601E6E84019B55314748 + +DA0890EDC5385196FB229767D33777DAC47018CB\ +1B78EA8AFDEB25521C6D9AF6752AE33A6235D05D5767C42A:\ +03F54C4F6B9E5E214BE93289CB2F2D4B:9E3C0463AC1D2EC7951851920377E41F + +E47F1659A9F9930C2E636985CA2EB0686AB4CB16\ +D1FADD67122FF916A6DE358A5D4BE30645761273D97CF9A3AA:\ +9FA99D925751C9613D3A8D42E3B604B0:A90B145DD72A2FD10796E3368FF9DC6D + +2F66CA7A49D1BFBFE333985F2C3B09D5471D321E\ +4761EF4FF7D28587CC62F4FBC8BF75129035D173686AD394A5DC:\ +BF0557B787C01A589BBD6EBB83F3A330:69ECFA9B0A41FDF990F4CC167B987870 [CMAC(AES)] # First twelve vectors come from a paper, they were generated by Eisuke Kuroda diff --git a/configure.pl b/configure.pl index 09579b401..567d2d300 100755 --- a/configure.pl +++ b/configure.pl @@ -9,7 +9,7 @@ use File::Copy; my $MAJOR_VERSION = 1; my $MINOR_VERSION = 7; -my $PATCH_VERSION = 1; +my $PATCH_VERSION = 3; my $VERSION_STRING = "$MAJOR_VERSION.$MINOR_VERSION.$PATCH_VERSION"; @@ -24,19 +24,13 @@ my @DOCS = ( 'credits.txt', 'info.txt', 'license.txt', 'log.txt', 'thanks.txt', 'todo.txt', 'pgpkeys.asc'); -my %MODULE_SETS = - ( - 'unix' => [ 'alloc_mmap', 'es_egd', 'es_ftw', 'es_unix', 'fd_unix', - 'tm_unix' ], - 'beos' => [ 'es_beos', 'es_unix', 'fd_unix', 'tm_unix' ], - 'win32' => ['es_capi', 'es_win32', 'mux_win32', 'tm_win32' ], - ); - my $TRACING = 0; ################################################## # Run main() and Quit # ################################################## +my $config = {}; + main(); exit; @@ -44,8 +38,6 @@ exit; # Main Driver # ################################################## sub main { - my $config = {}; - my $base_dir = where_am_i(); $$config{'base-dir'} = $base_dir; @@ -68,7 +60,7 @@ sub main { 'version' => $VERSION_STRING, }); - my ($target, $module_list) = get_options($config); + get_options($config); my $default_value_is = sub { my ($var, $val) = @_; @@ -82,8 +74,10 @@ sub main { &$default_value_is('local_config', ''); if(defined($$config{'build-dir'})) { - $$config{'botan-config'} = File::Spec->catfile($$config{'build-dir'}, 'botan-config'); - $$config{'makefile'} = File::Spec->catfile($$config{'build-dir'}, 'Makefile'); + $$config{'botan-config'} = + File::Spec->catfile($$config{'build-dir'}, 'botan-config'); + $$config{'makefile'} = + File::Spec->catfile($$config{'build-dir'}, 'Makefile'); $$config{'check_prefix'} = $$config{'build-dir'}; $$config{'lib_prefix'} = $$config{'build-dir'}; } @@ -95,7 +89,7 @@ sub main { $$config{'lib_prefix'} = ''; } - choose_target($config, $target); + choose_target($config); my $os = $$config{'os'}; my $cc = $$config{'compiler'}; @@ -105,7 +99,7 @@ sub main { &$default_value_is('docdir', os_info_for($os, 'doc_dir')); &$default_value_is('make_style', $COMPILER{$cc}{'makefile_style'}); - my @modules = choose_modules($config, $module_list); + autoload_modules($config) if($$config{'autoconfig'}); add_to($config, { 'includedir' => os_info_for($os, 'header_dir'), @@ -117,9 +111,8 @@ sub main { 'build_include_botan' => File::Spec->catdir($$config{'build-dir'}, 'include', 'botan'), - 'modules' => [ @modules ], - 'mp_bits' => find_mp_bits(@modules), - 'mod_libs' => [ using_libs($os, @modules) ], + 'mp_bits' => find_mp_bits(sort keys %{$$config{'modules'}}), + 'mod_libs' => [ using_libs($os, sort keys %{$$config{'modules'}}) ], 'sources' => { map_to($$config{'src-dir'}, dir_list($$config{'src-dir'})) @@ -138,9 +131,11 @@ sub main { load_modules($config); - mkdirs($$config{'build-dir'}, - $$config{'build_include'}, $$config{'build_include_botan'}, - $$config{'build_lib'}, $$config{'build_check'}); + my @dirs = mkdirs($$config{'build-dir'}, + $$config{'build_include'}, $$config{'build_include_botan'}, + $$config{'build_lib'}, $$config{'build_check'}); + + #autoconfig('Created ' . join(' ', @dirs)) if @dirs; write_pkg_config($config); @@ -180,11 +175,12 @@ sub croak { } sub warning { - warn with_diagnostic('note', @_); + warn with_diagnostic('warning', @_); } sub autoconfig { - print with_diagnostic('autoconfig', @_); + print with_diagnostic('autoconfig', @_) + if($$config{'verbose'}); } sub emit_help { @@ -207,74 +203,113 @@ sub trace { # Display Help and Quit # ################################################## sub display_help { - my $sets = join('|', sort keys %MODULE_SETS); + sub module_sets { + my %modsets; + for my $name (sort keys %MODULES) { + my %info = %{$MODULES{$name}}; + next unless (defined($info{'modset'})); + + for my $s (split(/,/, $info{'modset'})) { + $modsets{$s} = undef; + } + } + + return sort keys %modsets; + } - my $helptxt = <<ENDOFHELP; -Usage: $0 [options] CC-OS-CPU + my $sets = join(' ', module_sets()); -See doc/building.pdf for more information about this program. + my $listing = sub { + my (@list) = @_; + + return '' if (@list == 0); + + my ($output, $len) = ('', 0); + + my $append = sub { + my ($to_append) = @_; + $output .= $to_append; + $len += length $to_append; + }; + + foreach my $name (sort @list) { + next if $name eq 'defaults'; + if($len > 65) { + $output .= "\n "; + $len = 8; + } + &$append($name . ' '); + } + chop $output; + return $output; + }; + + my $modules = &$listing(keys %MODULES); + my $compilers = &$listing(keys %COMPILER); + my $oses = &$listing(keys %OPERATING_SYSTEM); + my $cpus = &$listing(keys %CPU); + + my $helptxt = <<ENDOFHELP; + +Usage for $0 (Botan $VERSION_STRING): + + --help display this help + --version display the version of Botan + --quiet display only warnings and errors + --trace enable tracing + + To change where the library is installed: -Options: --prefix=PATH: set the base installation directory --libdir=PATH: install library files in \${prefix}/\${libdir} --docdir=PATH: install documentation in \${prefix}/\${docdir} + + To change build options: + --build-dir=DIR: setup the build in DIR --local-config=FILE: include the contents of FILE into build.h - --modules=MODS: add module(s) MODS to the library. - --module-set=SET: add a pre-specified set of modules ($sets) - --module-info: display some information about known modules - --debug: set compiler flags for debugging - --disable-shared: disable building shared libararies - --noauto: disable autoconfiguration + --no-asm: disable all modules that contain assembly code + --no-shared: don't build shared libararies --make-style=STYLE: override the guess as to what type of makefile to use -You may use 'generic' for OS or CPU (useful if your OS or CPU isn't listed). + To change what modules to use: -CPU can be a generic family name or a specific model name. Common aliases are -supported but not listed. Choosing a specific submodel will usually result in -code that will not run on earlier versions of that architecture. + --modules= + [$modules] -ENDOFHELP + To add a set of modules: + --module-set=[$sets] - my $listing = sub { - my ($header, @list) = @_; + --module-info: display more information about modules + --noauto: don't enable any modules unless specifically named - return '' if (@list == 0); + Normally $0 will guess the right compiler, OS, and CPU. + To override it: - my ($output, $len) = ('', 0); + --cc=[$compilers] + --os=[$oses generic] + --cpu=[$cpus generic] - my $append = sub { - my ($to_append) = @_; - $output .= $to_append; - $len += length $to_append; - }; + --endian=[little big none] + --unaligned-mem=[yes no] - &$append($header . ': '); + For more information about support CPUs, use --arch-info: - foreach my $name (sort @list) { - next if $name eq 'defaults'; - if($len > 71) { - $output .= "\n "; - $len = 3; - } - &$append($name . ' '); - } - return $output . "\n"; - }; + --arch-info=[$cpus] - emit_help($helptxt, - &$listing('CC', keys %COMPILER), - &$listing('OS', keys %OPERATING_SYSTEM), - &$listing('CPU', keys %CPU), - &$listing('Modules', keys %MODULES)); +See doc/building.pdf for more information about this program. + +ENDOFHELP + + emit_help($helptxt); } ################################################## # Display Further Information about Modules # ################################################## -sub display_module_info { +sub module_info { my $info = ''; foreach my $mod (sort keys %MODULES) { @@ -284,24 +319,26 @@ sub display_module_info { while(length($mod) < 10) { $mod .= ' '; } $info .= "$mod - $fullname\n"; } - emit_help($info); + + return $info; } ################################################## # ################################################## sub choose_target { - my ($config, $target) = @_; + my ($config) = @_; - if($target eq '' and $$config{'autoconfig'}) { - $target = guess_triple(); - autoconfig("Guessing your system config is $target"); - } + my $cc = $$config{'compiler'}; + my $os = $$config{'os'}; + my $cpu = $$config{'cpu'}; - my ($cc,$os,$submodel) = split(/-/,$target,3); + $cpu = guess_cpu() if not defined($cpu); + $cc = guess_compiler() if not defined($cc); + $os = guess_os() if not defined($os); display_help() - unless(defined($cc) and defined($os) and defined($submodel)); + unless(defined($cc) and defined($os) and defined($cpu)); croak("Compiler $cc isn't known (try --help)") unless defined($COMPILER{$cc}); @@ -312,19 +349,7 @@ sub choose_target { croak("OS $os isn't known (try --help)") unless ($os eq 'generic' or defined($OPERATING_SYSTEM{$os})); - my $arch = undef; - ($arch, $submodel) = figure_out_arch($submodel); - - croak(realname($os), " doesn't run on $arch ($submodel)") - unless($arch eq 'generic' or $os eq 'generic' or - in_array($arch, $OPERATING_SYSTEM{$os}{'arch'})); - - croak(realname($cc), " doesn't run on $arch ($submodel)") - unless($arch eq 'generic' or - (in_array($arch, $ccinfo{'arch'}))); - - croak(realname($cc), " doesn't run on ", realname($os)) - unless($os eq 'generic' or (in_array($os, $ccinfo{'os'}))); + my ($arch, $submodel) = figure_out_arch($cpu); # hacks if($cc eq 'gcc') { @@ -337,30 +362,29 @@ sub choose_target { $gcc_version = '' if not defined $gcc_version; - # Some versions of GCC are a little buggy dealing with - # long long in C++. The last check is because on Cygwin - # (at least for me) gcc_version doesn't get the output, - # maybe something to do with the stderr redirection? If - # it's Cygwin and we didn't get output, assume it's a - # buggy GCC. There is no reduction in code quality so even - # if we're wrong it's OK. - - if(($gcc_version =~ /4\.[01]/) || ($gcc_version =~ /3\.[34]/) || - ($gcc_version =~ /2\.95\.[0-4]/) || - ($gcc_version eq '' && $^O eq 'cygwin')) + my $has_ll_bug = 0; + $has_ll_bug = 1 if($gcc_version =~ /4\.[0123]/); + $has_ll_bug = 1 if($gcc_version =~ /3\.[34]/); + $has_ll_bug = 1 if($gcc_version =~ /2\.25\.[0-4]/); + $has_ll_bug = 1 if($gcc_version eq ''); + + $has_ll_bug = 0 if($arch eq 'alpha' or $arch =~ /.*64$/); + + if($has_ll_bug) { warning('Enabling -fpermissive to work around ', 'possible GCC bug'); $$config{'gcc_bug'} = 1; } - if($gcc_version =~ /2\.95\.[0-4]/) - { - warning('GCC 2.95.x issues many spurious warnings'); - } + + warning('GCC 2.95.x issues many spurious warnings') + if($gcc_version =~ /2\.95\.[0-4]/); } } + trace("using $cc $os $arch $submodel"); + add_to($config, { 'compiler' => $cc, 'os' => $os, @@ -369,31 +393,60 @@ sub choose_target { }); } -sub choose_modules { - my ($config, $mod_str) = @_; +# Add modules that we think would work (unless autoconfig is off) +# to $$config{'modules'} +sub autoload_modules { + my ($config) = @_; - my @modules = grep { $_ ne '' } split(/,/, $mod_str); + my $cc = $$config{'compiler'}; + my $os = $$config{'os'}; + my $arch = $$config{'arch'}; + my $submodel = $$config{'submodel'}; - if($$config{'autoconfig'}) - { - foreach my $mod (guess_mods($config)) { + my $asm_ok = $$config{'asm_ok'}; - autoconfig("Enabling module $mod") - unless in_array($mod, \@modules); + foreach my $mod (sort keys %MODULES) { + my %modinfo = %{ $MODULES{$mod} }; - push @modules, $mod; + if(defined($$config{'modules'}{$mod})) { + autoconfig("Module $mod - loading by user request"); + next; } - } - # Uniqify @modules - my %uniqed_mods = map_to(undef, @modules); - @modules = sort keys %uniqed_mods; + my @arch_list = @{ $modinfo{'arch'} }; + if(scalar @arch_list > 0 && + !in_array($arch, \@arch_list) && + !in_array($submodel, \@arch_list)) { + autoconfig("Module $mod - won't use, " . + "doesn't run on CPU $arch/$submodel"); + next; + } + + my @os_list = @{ $modinfo{'os'} }; + if(scalar @os_list > 0 && !in_array($os, \@os_list)) { + autoconfig("Module $mod - won't use, not compatible with OS $os"); + next; + } + + my @cc_list = @{ $modinfo{'cc'} }; + if(scalar @cc_list > 0 && !in_array($cc, \@cc_list)) { + autoconfig("Module $mod - won't use, not compatbile with CC $cc"); + next; + } + + if(!$asm_ok and $modinfo{'load_on'} eq 'asm_ok') { + autoconfig("Module $mod - won't use; avoiding due to use of --no-asm"); + next; + } - foreach (@modules) { - croak("Module '$_' isn't known (try --help)") - unless defined $MODULES{$_}; + if($modinfo{'load_on'} eq 'request') { + autoconfig("Module $mod - won't use, loaded by request only"); + next; + } + + autoconfig("Module $mod - autoloading"); + $$config{'modules'}{$mod} = 1; } - return @modules; } sub get_options { @@ -405,13 +458,88 @@ sub get_options { $$config{$opt} = $val; }; - my $module_set = ''; - my @modules; + $$config{'verbose'} = 1; + $$config{'asm_ok'} = 1; + $$config{'modules'} = {}; + + sub arch_info { + my $arg = $_[0]; + + my $arch = find_arch($arg); + + unless(defined($arch) and defined($CPU{$arch})) { + warning("Unknown arch name '$arg' passed to --arch-info (try --help)"); + return ''; + } + + my %info = %{ $CPU{$arch} }; + + my $out = "Information for $arg ($arch)\n--------\n"; + + if(@{$info{'aliases'}}) { + $out .= 'Aliases: ' . join(' ', @{$info{'aliases'}}) . "\n"; + } + + if(@{$info{'submodels'}}) { + $out .= 'Submodels: ' . join(' ', @{$info{'submodels'}}) . "\n"; + } + + foreach my $k (keys %{$info{'submodel_aliases'}}) { + $out .= "Alias '$k' -> '" . $info{'submodel_aliases'}{$k} . "'\n"; + } + + if(defined($info{'endian'})) { + $out .= 'Default endian: ' . $info{'endian'} . "\n"; + } + + if(defined($info{'unaligned'})) { + $out .= 'Unaligned memory access: ' . $info{'unaligned'} . "\n"; + } + + return $out; + } + + sub add_modules { + my ($config,$mods) = @_; + + foreach my $mod (split(/,/, $mods)) { + $$config{'modules'}{$mod} = 1; + } + } + + sub add_module_sets { + my ($config,$sets) = @_; + + foreach my $set (split(/,/, $sets)) { + for my $name (sort keys %MODULES) { + my %info = %{$MODULES{$name}}; + + next unless (defined($info{'modset'})); + + for my $s (split(/,/, $info{'modset'})) { + if($s eq $set) { + $$config{'modules'}{$name} = 1; + } + } + } + } + } + exit 1 unless GetOptions( 'help' => sub { display_help(); }, - 'module-info' => sub { display_module_info(); }, + 'module-info' => sub { emit_help(module_info()); }, 'version' => sub { emit_help("Botan $VERSION_STRING\n") }, + 'quiet' => sub { $$config{'verbose'} = 0; }, + + 'cc=s' => sub { &$save_option('compiler', $_[1]) }, + 'os=s' => sub { &$save_option(@_) }, + 'cpu=s' => sub { &$save_option(@_) }, + 'endian=s' => sub { &$save_option(@_); }, + 'unaligned-mem=s' => sub { &$save_option(@_); }, + + 'arch-info=s' => sub { emit_help(arch_info($_[1])); }, + 'prefix=s' => sub { &$save_option(@_); }, 'docdir=s' => sub { &$save_option(@_); }, 'libdir=s' => sub { &$save_option(@_); }, @@ -421,34 +549,50 @@ sub get_options { 'make-style=s' => sub { &$save_option(@_); }, - 'modules=s' => \@modules, - 'module-set=s' => \$module_set, + 'module=s' => sub { add_modules($config, $_[1]); }, + 'modules=s' => sub { add_modules($config, $_[1]); }, + 'module-set=s' => sub { add_module_sets($config, $_[1]); }, + 'module-sets=s' => sub { add_module_sets($config, $_[1]); }, 'trace' => sub { $TRACING = 1; }, 'debug' => sub { &$save_option($_[0], 1); }, - 'disable-shared' => sub { $$config{'shared'} = 'no'; }, + 'no-shared' => sub { $$config{'shared'} = 'no'; }, + 'no-asm' => sub { $$config{'asm_ok'} = 0; }, 'noauto' => sub { $$config{'autoconfig'} = 0; }, 'dumb-gcc|gcc295x' => sub { $$config{'gcc_bug'} = 1; } ); - croak("Module set $module_set isn't known (try --help)") - if($module_set && !defined($MODULE_SETS{$module_set})); - - if($module_set) { - foreach (@{ $MODULE_SETS{$module_set} }) { push @modules,$_; } - } - - my $mod_str = join(',', @modules); - - return ('', $mod_str) if($#ARGV == -1); - return ($ARGV[0], $mod_str) if($#ARGV == 0); - display_help(); + # All arguments should now be consumed + croak("Unknown option $ARGV[0] (try --help)") unless($#ARGV == -1); } ################################################## # Functions to search the info tables # ################################################## +sub find_arch { + my $name = $_[0]; + + foreach my $arch (keys %CPU) { + my %info = %{$CPU{$arch}}; + + return $arch if($name eq $arch); + + foreach my $alias (@{$info{'aliases'}}) { + return $arch if($name eq $alias); + } + + foreach my $submodel (@{$info{'submodels'}}) { + return $arch if($name eq $submodel); + } + + foreach my $submodel (keys %{$info{'submodel_aliases'}}) { + return $arch if($name eq $submodel); + } + } + return undef; +}; + sub figure_out_arch { my ($name) = @_; @@ -473,30 +617,7 @@ sub figure_out_arch { return ''; }; - my $find_arch = sub { - my $name = $_[0]; - - foreach my $arch (keys %CPU) { - my %info = %{$CPU{$arch}}; - - return $arch if($name eq $arch); - - foreach my $alias (@{$info{'aliases'}}) { - return $arch if($name eq $alias); - } - - foreach my $submodel (@{$info{'submodels'}}) { - return $arch if($name eq $submodel); - } - - foreach my $submodel (keys %{$info{'submodel_aliases'}}) { - return $arch if($name eq $submodel); - } - } - return undef; - }; - - my $arch = &$find_arch($name); + my $arch = find_arch($name); croak("Arch type $name isn't known (try --help)") unless defined $arch; trace("mapped name '$name' to arch '$arch'"); @@ -507,7 +628,7 @@ sub figure_out_arch { if($submodel eq '') { $submodel = $archinfo{'default_submodel'}; - warning("Using $submodel as default type for family ", realname($arch)) + autoconfig("Using $submodel as default type for family ", realname($arch)) if($submodel ne $arch); } @@ -537,6 +658,8 @@ sub os_alias { sub os_info_for { my ($os,$what) = @_; + die unless defined($os); + croak('os_info_for called with an os of defaults (internal problem)') if($os eq 'defaults'); @@ -708,11 +831,15 @@ sub dir_list { sub mkdirs { my (@dirs) = @_; + + my @created; foreach my $dir (@dirs) { next if( -e $dir and -d $dir ); # skip it if it's already there mkdir($dir, 0777) or croak("Could not create directory $dir ($!)"); + push @created, $dir; } + return @created; } sub slurp_file { @@ -813,9 +940,7 @@ sub realname { sub load_modules { my ($config) = @_; - my @modules = @{$$config{'modules'}}; - - foreach my $mod (@modules) { + foreach my $mod (sort keys %{$$config{'modules'}}) { load_module($config, $mod); } @@ -828,8 +953,15 @@ sub load_modules { my %cpu_info = %{$CPU{$arch}}; my $endian = $cpu_info{'endian'}; - $arch = uc $arch; - $defines .= "#define BOTAN_TARGET_ARCH_IS_$arch\n"; + if(defined($$config{'endian'})) { + $endian = $$config{'endian'}; + $endian = undef unless($endian eq 'little' || $endian eq 'big'); + } + elsif(defined($endian)) { + autoconfig("Since arch is $arch, assuming $endian endian mode"); + } + + $defines .= "#define BOTAN_TARGET_ARCH_IS_" . (uc $arch) . "\n"; my $submodel = $$config{'submodel'}; if($arch ne $submodel) { @@ -838,14 +970,41 @@ sub load_modules { $defines .= "#define BOTAN_TARGET_CPU_IS_$submodel\n"; } + my $unaligned_ok = 0; + if(defined($endian)) { $endian = uc $endian; $defines .= "#define BOTAN_TARGET_CPU_IS_${endian}_ENDIAN\n"; + + if(defined($$config{'unaligned_mem'})) { + my $spec = $$config{'unaligned_mem'}; + + if($spec eq 'yes') { + $unaligned_ok = 1; + } + elsif($spec eq 'no') { + $unaligned_ok = 0; + } + else { + warning("Unknown arg to --unaligned-mem '$spec', will ignore"); + $unaligned_ok = 0; + } + } + elsif(defined($cpu_info{'unaligned'}) and + $cpu_info{'unaligned'} eq 'ok') + { + autoconfig("Since arch is $arch, " . + "assuming unaligned memory access is OK"); + $unaligned_ok = 1; + } } + + $defines .= + "#define BOTAN_TARGET_UNALIGNED_LOADSTOR_OK $unaligned_ok\n"; } my @defarray; - foreach my $mod (@modules) { + foreach my $mod (sort keys %{$$config{'modules'}}) { my $defs = $MODULES{$mod}{'define'}; next unless $defs; @@ -1123,20 +1282,19 @@ sub read_module_files { ################################################## # # ################################################## + sub get_module_info { my ($name, $file) = @_; my $reader = make_reader($file); my %info; $info{'name'} = $name; - $info{'load_on'} = 'requeste'; # default unless specified + $info{'load_on'} = 'request'; # default unless specified $info{'libs'} = {}; while($_ = &$reader()) { match_any_of($_, \%info, 'quoted', 'realname:note'); - match_any_of($_, \%info, 'unquoted', 'define:mp_bits'); - - $info{'load_on'} = $1 if(/^load_on: (.*)$/); + match_any_of($_, \%info, 'unquoted', 'define:mp_bits:modset:load_on'); read_list($_, $reader, 'arch', list_push(\@{$info{'arch'}})); read_list($_, $reader, 'cc', list_push(\@{$info{'cc'}})); @@ -1186,8 +1344,8 @@ sub get_arch_info { while($_ = &$reader()) { match_any_of($_, \%info, 'quoted', 'realname'); - match_any_of($_, \%info, 'unquoted', 'default_submodel'); - match_any_of($_, \%info, 'unquoted', 'endian'); + match_any_of($_, \%info, 'unquoted', + 'default_submodel:endian:unaligned'); read_list($_, $reader, 'aliases', list_push(\@{$info{'aliases'}})); read_list($_, $reader, 'submodels', list_push(\@{$info{'submodels'}})); @@ -1222,7 +1380,6 @@ sub get_os_info { 'install_cmd_data:install_cmd_exec'); read_list($_, $reader, 'aliases', list_push(\@{$info{'aliases'}})); - read_list($_, $reader, 'arch', list_push(\@{$info{'arch'}})); read_list($_, $reader, 'supports_shared', list_push(\@{$info{'supports_shared'}})); @@ -1251,9 +1408,6 @@ sub get_cc_info { match_any_of($_, \%info, 'unquoted', 'makefile_style'); - read_list($_, $reader, 'os', list_push(\@{$info{'os'}})); - read_list($_, $reader, 'arch', list_push(\@{$info{'arch'}})); - sub quoted_mapping { my $hashref = $_[0]; return sub { @@ -1280,40 +1434,6 @@ sub get_cc_info { return %info; } -sub guess_mods { - my ($config) = @_; - - my $cc = $$config{'compiler'}; - my $os = $$config{'os'}; - my $arch = $$config{'arch'}; - my $submodel = $$config{'submodel'}; - - my $asm_ok = ($$config{'debug'} == 0); - - my @usable_modules; - - foreach my $mod (sort keys %MODULES) { - my %modinfo = %{ $MODULES{$mod} }; - - next if($modinfo{'load_on'} eq 'request'); - next if(!$asm_ok and $modinfo{'load_on'} eq 'asm_ok'); - - my @cc_list = @{ $modinfo{'cc'} }; - next if(scalar @cc_list > 0 && !in_array($cc, \@cc_list)); - - my @os_list = @{ $modinfo{'os'} }; - next if(scalar @os_list > 0 && !in_array($os, \@os_list)); - - my @arch_list = @{ $modinfo{'arch'} }; - next if(scalar @arch_list > 0 && - !in_array($arch, \@arch_list) && - !in_array($submodel, \@arch_list)); - - push @usable_modules, $mod; - } - return @usable_modules; -} - ################################################## # # ################################################## @@ -1594,6 +1714,8 @@ sub generate_makefile { trace("'$make_style' -> '$template'"); process_template($template, $$config{'makefile'}, $config); + + #autoconfig('Created ' . $$config{'makefile'}); } ################################################## @@ -1650,131 +1772,122 @@ sub guess_cpu_from_this # Do some WAGing and see if we can figure out what system we are. Think about # this as a really moronic config.guess -sub guess_triple +sub guess_compiler { - # /bin/sh, good bet we're on something Unix-y (at least it'll have uname) - if(-f '/bin/sh') + my @CCS = ('gcc', 'msvc', 'icc', 'compaq', 'kai'); + + # First try the CC enviornmental variable, if it's set + if(defined($ENV{CC})) { - my $os = lc `uname -s 2>/dev/null`; chomp $os; + my @new_CCS = ($ENV{CC}); + foreach my $cc (@CCS) { push @new_CCS, $cc; } + @CCS = @new_CCS; + } - # Let the crappy hacks commence! + foreach (@CCS) + { + my $bin_name = $COMPILER{$_}{'binary_name'}; + autoconfig("Guessing you want to use $_ as the compiler"); + return $_ if(which($bin_name) ne ''); + } - # Cygwin's uname -s is cygwin_<windows version> - $os = 'cygwin' if($os =~ /^cygwin/); - $os = os_alias($os); + croak( + "Can't find a usable C++ compiler, is your PATH right?\n" . + "You might need to run with explicit compiler/system flags;\n" . + " run '$0 --help' for more information\n"); +} - if(!defined $OPERATING_SYSTEM{$os}) - { - warning("Unknown uname -s output: $os, falling back to 'generic'"); - $os = 'generic'; - } +sub guess_os +{ + sub recognize_os + { + my $os = os_alias($_[0]); + if(defined($OPERATING_SYSTEM{$os})) { + autoconfig("Guessing your operating system is $os"); + return $os; + } + return undef; + } - my $cpu = ''; + my $guess = recognize_os($^O); + return $guess if $guess; - # If we have /proc/cpuinfo, try to get nice specific information about - # what kind of CPU we're running on. - my $cpuinfo = '/proc/cpuinfo'; + trace("Can't guess os from $^O"); - if(-e $cpuinfo and -r $cpuinfo) - { - $cpu = guess_cpu_from_this(slurp_file($cpuinfo)); - } + my $uname = `uname -s 2>/dev/null`; + chomp $uname; + $uname = lc $uname; - # `umame -p` is sometimes something stupid like unknown, but in some - # cases it can be more specific (useful) than `uname -m` - if($cpu eq '') # no guess so far - { - my $uname_p = `uname -p 2>/dev/null`; - chomp $uname_p; - $cpu = guess_cpu_from_this($uname_p); + $guess = recognize_os($uname); + return $guess if $guess; - # If guess_cpu_from_this didn't figure it out, try it plain - if($cpu eq '') { $cpu = lc $uname_p; } + trace("Can't guess os from $uname"); - sub known_arch { - my ($name) = @_; + warning("Unknown OS ('$^O', '$uname'), falling back to generic code"); + return 'generic'; +} - foreach my $arch (keys %CPU) { - my %info = %{$CPU{$arch}}; +sub guess_cpu +{ + # If we have /proc/cpuinfo, try to get nice specific information about + # what kind of CPU we're running on. + my $cpuinfo = '/proc/cpuinfo'; - return 1 if $name eq $info{'name'}; - foreach my $submodel (@{$info{'submodels'}}) { - return 1 if $name eq $submodel; - } + if(-e $cpuinfo and -r $cpuinfo) + { + my $cpu = guess_cpu_from_this(slurp_file($cpuinfo)); + if($cpu) { + autoconfig("Guessing (based on $cpuinfo) that your CPU is a $cpu"); + return $cpu; + } + } - foreach my $alias (@{$info{'aliases'}}) { - return 1 if $name eq $alias; - } + # `umame -p` is sometimes something stupid like unknown, but in some + # cases it can be more specific (useful) than `uname -m` + my $uname_p = `uname -p 2>/dev/null`; + chomp $uname_p; + my $cpu = guess_cpu_from_this($uname_p); - if(defined($info{'submodel_aliases'})) { - my %submodel_aliases = %{$info{'submodel_aliases'}}; - foreach my $sm_alias (keys %submodel_aliases) { - return 1 if $name eq $sm_alias; - } - } - } - return 0; + # If guess_cpu_from_this didn't figure it out, try it as is + if($cpu eq '') { $cpu = lc $uname_p; } + + sub known_arch { + my ($name) = @_; + + foreach my $arch (keys %CPU) { + my %info = %{$CPU{$arch}}; + + return 1 if $name eq $info{'name'}; + foreach my $submodel (@{$info{'submodels'}}) { + return 1 if $name eq $submodel; } - if(!known_arch($cpu)) - { - # Nope, couldn't figure out uname -p - $cpu = lc `uname -m 2>/dev/null`; - chomp $cpu; + foreach my $alias (@{$info{'aliases'}}) { + return 1 if $name eq $alias; + } - if(!known_arch($cpu)) - { - $cpu = 'generic'; + if(defined($info{'submodel_aliases'})) { + my %submodel_aliases = %{$info{'submodel_aliases'}}; + foreach my $sm_alias (keys %submodel_aliases) { + return 1 if $name eq $sm_alias; } } } + return 0; + } - my @CCS = ('gcc', 'icc', 'compaq', 'kai'); # Skips several, oh well... - - # First try the CC enviornmental variable, if it's set - if(defined($ENV{CC})) - { - my @new_CCS = ($ENV{CC}); - foreach my $cc (@CCS) { push @new_CCS, $cc; } - @CCS = @new_CCS; - } + if(!known_arch($cpu)) + { + # Nope, couldn't figure out uname -p + $cpu = lc `uname -m 2>/dev/null`; + chomp $cpu; - my $cc = ''; - foreach (@CCS) + if(!known_arch($cpu)) { - my $bin_name = $COMPILER{$_}{'binary_name'}; - $cc = $_ if(which($bin_name) ne ''); - last if($cc ne ''); + $cpu = 'generic'; } - - if($cc eq '') { - my $msg = - "Can't find a usable C++ compiler, is your PATH right?\n" . - "You might need to run with explicit compiler/system flags;\n" . - " run '$0 --help' for more information\n"; - croak($msg); - } - - return "$cc-$os-$cpu"; - } - elsif($^O eq 'MSWin32' or $^O eq 'dos') - { - my $os = 'windows'; # obviously - - # Suggestions on this? The Win32 'shell' env is not so hot. We could - # try using cpuinfo, except that will crash hard on NT/Alpha (like what - # we're doing now won't!). In my defense of choosing i686: - # a) There are maybe a few hundred Alpha/MIPS boxes running NT4 today - # b) Anyone running Windows on < Pentium Pro deserves to lose. - my $cpu = 'i686'; - - # No /bin/sh, so not cygwin. Assume VC++; again, this could be much - # smarter - my $cc = 'msvc'; - return "$cc-$os-$cpu"; - } - else - { - croak('Autoconfiguration failed (try --help)'); } + + autoconfig("Guessing (based on uname -p) your CPU is a $cpu"); + return $cpu; } diff --git a/doc/api.tex b/doc/api.tex index 1cd641d48..212db77bb 100644 --- a/doc/api.tex +++ b/doc/api.tex @@ -212,12 +212,6 @@ privileges on many systems. On systems that don't (currently) have any specialized allocators, like MS Windows, this option is ignored. -\option{config=/path/to/configfile}: Process the specified -configuration file. Configuration files can specify things like the -various options, new aliases, and new OIDs for algorithms. An example -can be found in \filename{doc/botan.rc}. Currently only one config= -argument will be processed, the rest will be ignored. - \option{use\_engines}: Use any available ``engine'' modules to speed up processing. Currently Botan has support for engines based on the AEP1000/AEP2000 crypto hardware cards, GNU MP, and OpenSSL's BN @@ -2762,105 +2756,6 @@ in the United States. and much less commonly used. \end{list} -\subsection{Configuration Files} - -Botan has a number of options, which can be configured by calling the -appropriate functions, documented earlier in this section. But this is somewhat -inconvenient for the users of applications which use Botan. So Botan also -supports reading options from a file which looks rather like Windows .INI files -or OpenSSL configurations. You can find an example config (which simply matches -the compiled-in defaults) in \filename{doc/botan.rc} - -Each set of options is part of a 'section', for example, ``base'', ``rng'', or -``x509''. These names are essentially arbitrary, and are (in theory) chosen on -the basis of what the options pertain to. To set the option -``x509/ca/default\_expire'' (which tells \type{X509\_CA} how long newly minted -X.509 certificates should be valid for), you could use either of the following -methods: - -\begin{verbatim} -[x509/ca] # section is x509/ca -default_expire = 1y # x509/ca + default_expire -> x509/ca/default_expire - -# same as above -[x509] # section is x509 -# other x509/ options in here... -ca/default_expire = 1y # x509 + ca/default_expire -> x509/ca/default_expire -\end{verbatim} - -There are also two special sections, ``oids'' and ``aliases''. The aliases -section is easier to understand, and probably more useful for the average user. -By adding a new line in an alias section, \verb|alias = officialname|, you can -create a new way to reference a particular algorithm (in those cases when you -ask for an algorithm object with a string specifying its type). For example, if -the line \verb|MyAlgo = Blowfish| was included in an aliases section, then one -could do this: - -\begin{verbatim} -Pipe pipe(get_cipher(``MyAlgo/CBC/PKCS7'', key, iv, ENCRYPTION)); -\end{verbatim} - -and get a Blowfish CBC encryptor. Initially this was implemented due to the -number of algorithms with multiple names (such as ``SHA1'', ``SHA-1'', and -``SHA-160''), but might also be useful in other, more interesting, contexts. - -The OIDs section gives a mapping between ASN.1 OIDs and the algorithm or object -it represents, in the form \verb|name = oid|, where oid is the usual -decimal-dotted representation. For readability and easy of extension in -configuration files, a simple variable interpolation scheme is also -available. Consider the following: - -\begin{verbatim} -[oids] -ISO_MEMBER = 1.2 -US_BODY = ISO_MEMBER.840 # US_BODY = 1.2.840 -RSA_DSI = US_BODY.113549 # RSA_DSI = 1.2.840.113549 -\end{verbatim} - -This only works when the variable name is at the start of the string; since the -primary reason for its inclusion is for with OIDs, this is acceptable. In some -cases, adding a new OID in is sufficient for code to work with new algorithms -(though not always). For example, by setting the proper OIDs, you can make it -possible to import, export, create, and process X.509 certificates that use -Rabin-Williams. - -\subsubsection{Syntax} - -Each line is either a comment, blank, a section name, or a name/value pair -separated by a '='. Comments start with the '\#' character and continue to the -end of line. The reader allows escaping, so if you wanted to include an actual -\# sign you could use \verb|\#|, or include it in a string ('\#' or ``\#''). A -section name is specified by \verb|[somename]|; a section name must have at -least one character, and a section must appear before any name/value pairs. A -name must be alphanumeric, but a value can contain spaces or other strange -things (you must either enclose the argument in quotes or escape each space -with a backslash). An example showing some of the trickier parts of how input -is interpreted follows (but the reader is cautioned that relying on this -behavior is not a good idea): - -\begin{verbatim} -[examples] -foo1 = a b c # stored as abc (not quoted, ws removed) -foo2 = 'a b c' # stored as a b c (quoted, keep ws) -foo3 = "a b c" # stored as a b c (quoted, keep ws) -tricky = "Jack \"I like pie\" Lloyd" # stored as Jack "I like pie" Lloyd -simpler = "Jack 'I like pie' Lloyd" # no escapes needed - -hashmark = "#" # set to a hash -hashmark2 = \# # also set to a hash - -[oids] -RW = 1.2.3.4.5.6 # Now RW keys can be imported/exported! -NR = 1.2.3.4.5.7 # Now NR can be imported/exported too. - # Note these OIDs are *not* allocated for RW/NR, in fact I have no idea who - # owns that section of the OID space, but it's certainly not me. Someone will - # have to allocate OIDs for RW/NR before this is 'legal' - -some_thing = 1.2.3 # some OID -another_thing = some_thing.4.5 # another_thing = 1.2.3.4.5 -\end{verbatim} - - \pagebreak \section{Botan's Modules} diff --git a/doc/building.tex b/doc/building.tex index 448fcc4ac..c5794019c 100644 --- a/doc/building.tex +++ b/doc/building.tex @@ -55,41 +55,27 @@ beginning script files, or that have Perl installed in an unusual spot, you might need to prefix the \texttt{configure.pl} command with \texttt{perl} or \texttt{/path/to/perl}. -The autoconfiguaration abilities of \filename{configure.pl} were only recently -added, so they may break if you run it on something unusual. In addition, you -are certain to get more features, and possibly better optimization, by -explicitly specifying how you want to library configured. How to do this is -detailed below. Also, if you don't want to use the default compiler (typically -either GNU C++ or Visual C++, depending on the platform), you will need to -specify one. - \section{Building the Library} -The first step is to run \filename{configure.pl}, which is a Perl script that -creates various directories, config files, and a Makefile for building -everything. It is run as \verb|./configure.pl CC-OS-CPU <extra args>|. The -script requires at least Perl 5.6; any later version should also work. - -The tuple CC-OS-CPU specifies what system Botan is being built for, in terms of -the C++ compiler, the operating system, and the CPU model. For example, to use -GNU C++ on a FreeBSD box that has an Alpha EV6 CPU, one would use -``gcc-freebsd-alphaev6'', and for Visual C++ on Windows with a Pentium II, -``msvc-windows-pentium2''. To get the list of values for \verb|CC|, \verb|OS|, -and \verb|CPU| that \filename{configure.pl} supports, run it with the -``\verb|--help|'' option. - -You can put basically anything reasonable for CPU: the script knows -about a large number of different architectures, their sub-models, and -common aliases for them. The script does not display all the -possibilities in its help message because there are simply too many -entries. You should only select the 64-bit version of a CPU (such as -``sparc64'' or ``mips64'') if your operating system knows how to +The first step is to run \filename{configure.pl}, which is a Perl +script that creates various directories, config files, and a Makefile +for building everything. The script requires at least Perl 5.6; any +later version should also work. + +The script will attempt to guess what kind of system you are trying +to compile for (and will print messages telling you what it guessed). +You can override this process by passing the options \verb|--cc|, +\verb|--os|, and \verb|--arch| -- acceptable values are printed if +you run \verb|configure.pl| with \verb|--help|. + +You can pass basically anything reasonable with \verb|--cpu|: the +script knows about a large number of different architectures, their +sub-models, and common aliases for them. The script does not display +all the possibilities in its help message because there are simply too +many entries. You should only select the 64-bit version of a CPU (such +as ``sparc64'' or ``mips64'') if your operating system knows how to handle 64-bit object code -- a 32-bit kernel on a 64-bit CPU will -generally not like 64-bit code. For example, gcc-solaris-sparc64 will -not work unless you're running a 64-bit Solaris kernel (for 32-bit -Solaris running on an UltraSPARC system, you want -gcc-solaris-sparc32-v9). You may or may not have to install 64-bit -versions of libc and related system libraries as well. +generally not like 64-bit code. The script also knows about the various extension modules available. You can enable one or more with the option @@ -128,13 +114,16 @@ script for VMS), you will need to create a new template file in The basic build procedure on Unix and Unix-like systems is: \begin{verbatim} - $ ./configure.pl CC-OS-CPU --module-set=[unix|beos] --modules=<other mods> + $ ./configure.pl --module-set=[unix|beos] --modules=<other mods> $ make # You may need to set your LD_LIBRARY_PATH or equivalent for ./check to run $ make check # optional, but a good idea $ make install \end{verbatim} +This will probably default to using GCC, depending on what can be +found within your PATH. + The 'unix' module set should work on most POSIX/Unix systems out there (including MacOS X), while the 'beos' module is specific to BeOS. While the two sets share a number of modules, some normal Unix ones don't work on BeOS (in @@ -142,9 +131,9 @@ particular, BeOS doesn't have a working \function{mmap} function), and BeOS has a few extras just for it. The library will pick a default module set for you based on the value of OS, so there is rarely a reason to specify that. -The \verb|make install| target has a default directory in which it will install -Botan (on everything that's a real Unix, it's \verb|/usr/local|). You can -override this by using the \texttt{--prefix} argument to +The \verb|make install| target has a default directory in which it +will install Botan (typically \verb|/usr/local|). You can override +this by using the \texttt{--prefix} argument to \filename{configure.pl}, like so: \verb|./configure.pl --prefix=/opt <other arguments>| @@ -173,15 +162,16 @@ The situation is not much different here. We'll assume you're using Visual C++ have a copy of Perl installed, and have both Perl and Visual C++ in your path. \begin{verbatim} - > perl configure.pl msvc-windows-<CPU> --module-set=win32 + > perl configure.pl --cc=msvc --os=windows [--cpu=CPU] --module-set=win32 > nmake > nmake check # optional, but recommended \end{verbatim} -By default, the configure script will include the 'win32' module set for you. -This includes a pair of entropy sources for use on Windows; at some point in -the future it will also add support for high-resolution timers, mutexes for -thread safety, and other useful things. +The configure script will include the 'win32' module set by default if +you pass \verb|--os=windows|. This module set includes a pair of +entropy sources for use on Windows; at some point in the future it +will also add support for high-resolution timers, mutexes for thread +safety, and other useful things. For Win95 pre OSR2, the \verb|es_capi| module will not work, because CryptoAPI didn't exist. All versions of NT4 lack the ToolHelp32 diff --git a/doc/credits.txt b/doc/credits.txt index 2805b3ed6..3db695235 100644 --- a/doc/credits.txt +++ b/doc/credits.txt @@ -20,6 +20,7 @@ D: Windows porting N: Yves Jerschow D: Optimizations for memory load/store and HMAC +D: Support for IPv4 addresses in X.509 alternative names S: Germany N: Matt Johnston @@ -42,5 +43,5 @@ S: New York NY, USA N: Luca Piccarreta -D: x86/amd64 assembler, BigInt optimizations, Win32 mutex +D: x86/amd64 assembler, BigInt optimizations, Win32 mutex module S: Italy diff --git a/doc/examples/asn1.cpp b/doc/examples/asn1.cpp index 84fb6b276..72b576653 100644 --- a/doc/examples/asn1.cpp +++ b/doc/examples/asn1.cpp @@ -58,8 +58,6 @@ int main(int argc, char* argv[]) } try { - LibraryInitializer init; - DataSource_Stream in(argv[1]); if(!PEM_Code::matches(in)) diff --git a/doc/examples/base.cpp b/doc/examples/base.cpp index 5a1328ccf..b81daa410 100644 --- a/doc/examples/base.cpp +++ b/doc/examples/base.cpp @@ -5,21 +5,33 @@ using namespace Botan; /* This is how you can do compile-time version checking */ -/* -#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,3,9) - #error Your Botan installation is too old; upgrade to 1.3.9 or later + +#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,6,3) + #error Your Botan installation is too old; upgrade to 1.6.3 or later #endif -*/ #include <iostream> -int main() +int main(int argc, char* argv[]) { - try { + try + { /* Put it inside the try block so exceptions at startup/shutdown will get caught. + + It will be initialized with default options */ - LibraryInitializer init; + + if(argc > 2) + { + std::cout << "Usage: " << argv[0] << "[initializer args]\n"; + return 2; + } + + std::string args = (argc == 2) ? argv[1] : ""; + + LibraryInitializer init(args); + // your operations here } catch(std::exception& e) { diff --git a/doc/examples/base64.cpp b/doc/examples/base64.cpp index c1260b8f4..8f9a06648 100644 --- a/doc/examples/base64.cpp +++ b/doc/examples/base64.cpp @@ -26,8 +26,6 @@ int main(int argc, char* argv[]) return 1; } - Botan::LibraryInitializer init; - int column = 78; bool wrap = false; bool encoding = true; diff --git a/doc/examples/bzip.cpp b/doc/examples/bzip.cpp index 46ac8abce..82bc3100a 100644 --- a/doc/examples/bzip.cpp +++ b/doc/examples/bzip.cpp @@ -29,7 +29,6 @@ int main(int argc, char* argv[]) return 1; } - Botan::LibraryInitializer init; std::vector<std::string> files; bool decompress = false, small = false; diff --git a/doc/examples/ca.cpp b/doc/examples/ca.cpp index a28227357..5458a98cc 100644 --- a/doc/examples/ca.cpp +++ b/doc/examples/ca.cpp @@ -21,29 +21,35 @@ using namespace Botan; int main(int argc, char* argv[]) { - if(argc != 2) + if(argc != 5) { - std::cout << "Usage: " << argv[0] << " passphrase" << std::endl; + std::cout << "Usage: " << argv[0] << " <passphrase> " + << "<ca cert> <ca key> <pkcs10>" << std::endl; return 1; } - try { - LibraryInitializer init; + try + { + const std::string arg_passphrase = argv[1]; + const std::string arg_ca_cert = argv[2]; + const std::string arg_ca_key = argv[3]; + const std::string arg_req_file = argv[4]; + + X509_Certificate ca_cert(arg_ca_cert); - // set up our CA - X509_Certificate ca_cert("cacert.pem"); std::auto_ptr<PKCS8_PrivateKey> privkey( - PKCS8::load_key("caprivate.pem", argv[1]) + PKCS8::load_key(arg_ca_key, arg_passphrase) ); + X509_CA ca(ca_cert, *privkey); // got a request - PKCS10_Request req("req.pem"); + PKCS10_Request req(arg_req_file); - // presumably attempt to verify the req for sanity/accuracy here, but - // as Verisign, etc have shown, that's not a must. :) + // you would insert checks here, and perhaps modify the request + // (this example should be extended to show how) - // now sign it + // now sign the request X509_Certificate new_cert = ca.sign_request(req); // send the new cert back to the requestor diff --git a/doc/examples/decrypt.cpp b/doc/examples/decrypt.cpp index 84490cb1b..c5daeece5 100644 --- a/doc/examples/decrypt.cpp +++ b/doc/examples/decrypt.cpp @@ -80,9 +80,6 @@ int main(int argc, char* argv[]) std::string algo; try { - - LibraryInitializer init; - std::string header, salt_str, mac_str; std::getline(in, header); std::getline(in, algo); diff --git a/doc/examples/dh.cpp b/doc/examples/dh.cpp index 8dcc93f88..17dd29f56 100644 --- a/doc/examples/dh.cpp +++ b/doc/examples/dh.cpp @@ -14,8 +14,6 @@ using namespace Botan; int main() { try { - LibraryInitializer init; - // Alice creates a DH key and sends (the public part) to Bob DH_PrivateKey private_a(DL_Group("modp/ietf/1024")); DH_PublicKey public_a = private_a; // Bob gets this diff --git a/doc/examples/dsa_kgen.cpp b/doc/examples/dsa_kgen.cpp index 2e42c06b7..3dc55a443 100644 --- a/doc/examples/dsa_kgen.cpp +++ b/doc/examples/dsa_kgen.cpp @@ -40,8 +40,6 @@ int main(int argc, char* argv[]) } try { - LibraryInitializer init; - DSA_PrivateKey key(DL_Group("dsa/jce/1024")); pub << X509::PEM_encode(key); diff --git a/doc/examples/dsa_sign.cpp b/doc/examples/dsa_sign.cpp index 26f9e9dac..97d8e2918 100644 --- a/doc/examples/dsa_sign.cpp +++ b/doc/examples/dsa_sign.cpp @@ -48,8 +48,6 @@ int main(int argc, char* argv[]) return 1; } - LibraryInitializer init; - std::auto_ptr<PKCS8_PrivateKey> key( PKCS8::load_key(argv[1], passphrase) ); diff --git a/doc/examples/dsa_ver.cpp b/doc/examples/dsa_ver.cpp index fb6eb7079..8cc01c6dc 100644 --- a/doc/examples/dsa_ver.cpp +++ b/doc/examples/dsa_ver.cpp @@ -56,8 +56,6 @@ int main(int argc, char* argv[]) std::string sigstr; getline(sigfile, sigstr); - LibraryInitializer init; - std::auto_ptr<X509_PublicKey> key(X509::load_key(argv[1])); DSA_PublicKey* dsakey = dynamic_cast<DSA_PublicKey*>(key.get()); if(!dsakey) diff --git a/doc/examples/encrypt.cpp b/doc/examples/encrypt.cpp index c2cf2c5ba..7d64949f6 100644 --- a/doc/examples/encrypt.cpp +++ b/doc/examples/encrypt.cpp @@ -109,51 +109,49 @@ int main(int argc, char* argv[]) return 1; } - try { - - LibraryInitializer init; - - if(!have_block_cipher(algo)) + try { - std::cout << "Don't know about the block cipher \"" << algo << "\"\n"; - return 1; - } + if(!have_block_cipher(algo)) + { + std::cout << "Don't know about the block cipher \"" << algo << "\"\n"; + return 1; + } - const u32bit key_len = max_keylength_of(algo); - const u32bit iv_len = block_size_of(algo); - - std::auto_ptr<S2K> s2k(get_s2k("PBKDF2(SHA-1)")); - s2k->set_iterations(8192); - s2k->new_random_salt(8); - - SymmetricKey bc_key = s2k->derive_key(key_len, "BLK" + passphrase); - InitializationVector iv = s2k->derive_key(iv_len, "IVL" + passphrase); - SymmetricKey mac_key = s2k->derive_key(16, "MAC" + passphrase); - - // Just to be all fancy we even write a (simple) header. - out << "-------- ENCRYPTED FILE --------" << std::endl; - out << algo << std::endl; - out << b64_encode(s2k->current_salt()) << std::endl; - - Pipe pipe(new Fork( - new Chain(new MAC_Filter("HMAC(SHA-1)", mac_key), - new Base64_Encoder - ), - new Chain(new Zlib_Compression, - get_cipher(algo + "/CBC", bc_key, iv, ENCRYPTION), - new Base64_Encoder(true) + const u32bit key_len = max_keylength_of(algo); + const u32bit iv_len = block_size_of(algo); + + std::auto_ptr<S2K> s2k(get_s2k("PBKDF2(SHA-1)")); + s2k->set_iterations(8192); + s2k->new_random_salt(8); + + SymmetricKey bc_key = s2k->derive_key(key_len, "BLK" + passphrase); + InitializationVector iv = s2k->derive_key(iv_len, "IVL" + passphrase); + SymmetricKey mac_key = s2k->derive_key(16, "MAC" + passphrase); + + // Just to be all fancy we even write a (simple) header. + out << "-------- ENCRYPTED FILE --------" << std::endl; + out << algo << std::endl; + out << b64_encode(s2k->current_salt()) << std::endl; + + Pipe pipe(new Fork( + new Chain(new MAC_Filter("HMAC(SHA-1)", mac_key), + new Base64_Encoder + ), + new Chain(new Zlib_Compression, + get_cipher(algo + "/CBC", bc_key, iv, ENCRYPTION), + new Base64_Encoder(true) + ) ) - ) - ); + ); - pipe.start_msg(); - in >> pipe; - pipe.end_msg(); + pipe.start_msg(); + in >> pipe; + pipe.end_msg(); - out << pipe.read_all_as_string(0) << std::endl; - out << pipe.read_all_as_string(1); + out << pipe.read_all_as_string(0) << std::endl; + out << pipe.read_all_as_string(1); - } + } catch(Algorithm_Not_Found) { std::cout << "Don't know about the block cipher \"" << algo << "\"\n"; diff --git a/doc/examples/factor.cpp b/doc/examples/factor.cpp index bdd6319b7..6972ec108 100644 --- a/doc/examples/factor.cpp +++ b/doc/examples/factor.cpp @@ -119,8 +119,6 @@ int main(int argc, char* argv[]) try { - LibraryInitializer init; - BigInt n(argv[1]); std::vector<BigInt> factors = factorize(n); diff --git a/doc/examples/hash.cpp b/doc/examples/hash.cpp index a97cd6082..7c9500160 100644 --- a/doc/examples/hash.cpp +++ b/doc/examples/hash.cpp @@ -22,8 +22,6 @@ int main(int argc, char* argv[]) return 1; } - Botan::LibraryInitializer init; - std::string hash = argv[1]; /* a couple of special cases, kind of a crock */ if(hash == "sha1") hash = "SHA-1"; diff --git a/doc/examples/hash_fd.cpp b/doc/examples/hash_fd.cpp index 19d744287..d6487095a 100644 --- a/doc/examples/hash_fd.cpp +++ b/doc/examples/hash_fd.cpp @@ -33,29 +33,28 @@ int main(int argc, char* argv[]) return 1; } - Botan::LibraryInitializer init; - - try { - Botan::Pipe pipe(new Botan::Hash_Filter(argv[1]), - new Botan::Hex_Encoder); - - int skipped = 0; - for(int j = 2; argv[j] != 0; j++) + try { - int file = open(argv[j], O_RDONLY); - if(file == -1) + Botan::Pipe pipe(new Botan::Hash_Filter(argv[1]), + new Botan::Hex_Encoder); + + int skipped = 0; + for(int j = 2; argv[j] != 0; j++) { - std::cout << "ERROR: could not open " << argv[j] << std::endl; - skipped++; - continue; + int file = open(argv[j], O_RDONLY); + if(file == -1) + { + std::cout << "ERROR: could not open " << argv[j] << std::endl; + skipped++; + continue; + } + pipe.start_msg(); + file >> pipe; + pipe.end_msg(); + close(file); + pipe.set_default_msg(j-2-skipped); + std::cout << pipe << " " << argv[j] << std::endl; } - pipe.start_msg(); - file >> pipe; - pipe.end_msg(); - close(file); - pipe.set_default_msg(j-2-skipped); - std::cout << pipe << " " << argv[j] << std::endl; - } } catch(Botan::Algorithm_Not_Found) { diff --git a/doc/examples/hasher.cpp b/doc/examples/hasher.cpp index 5ba982fc0..55a2ecd4b 100644 --- a/doc/examples/hasher.cpp +++ b/doc/examples/hasher.cpp @@ -20,8 +20,6 @@ int main(int argc, char* argv[]) return 1; } - Botan::LibraryInitializer init; - const int COUNT = 3; std::string name[COUNT] = { "MD5", "SHA-1", "RIPEMD-160" }; diff --git a/doc/examples/hasher2.cpp b/doc/examples/hasher2.cpp index 12d3c853d..e71ebf63e 100644 --- a/doc/examples/hasher2.cpp +++ b/doc/examples/hasher2.cpp @@ -23,8 +23,6 @@ int main(int argc, char* argv[]) return 1; } - Botan::LibraryInitializer init; - const int COUNT = 3; std::string name[COUNT] = { "MD5", "SHA-1", "RIPEMD-160" }; diff --git a/doc/examples/passhash.cpp b/doc/examples/passhash.cpp index 19b4abc40..a270e8256 100644 --- a/doc/examples/passhash.cpp +++ b/doc/examples/passhash.cpp @@ -18,10 +18,9 @@ int main(int argc, char* argv[]) try { - LibraryInitializer init; - if(argc == 2) - std::cout << "H('" << argv[1] << "') = " << password_hash(argv[1]) << '\n'; + std::cout << "H('" << argv[1] << "') = " + << password_hash(argv[1]) << '\n'; else { bool ok = password_hash_ok(argv[1], argv[2]); @@ -73,4 +72,3 @@ bool password_hash_ok(const std::string& pass, const std::string& hash) return same_mem(cmp.begin(), hash_bin.begin() + 6, 12); } - diff --git a/doc/examples/pkcs10.cpp b/doc/examples/pkcs10.cpp index 4639353df..a4f6efb04 100644 --- a/doc/examples/pkcs10.cpp +++ b/doc/examples/pkcs10.cpp @@ -26,8 +26,6 @@ int main(int argc, char* argv[]) } try { - LibraryInitializer init; - RSA_PrivateKey priv_key(1024); // If you want a DSA key instead of RSA, comment out the above line and // uncomment this one: diff --git a/doc/examples/rsa_dec.cpp b/doc/examples/rsa_dec.cpp index d50f6781a..77b5e5dd4 100644 --- a/doc/examples/rsa_dec.cpp +++ b/doc/examples/rsa_dec.cpp @@ -32,9 +32,6 @@ int main(int argc, char* argv[]) } try { - - LibraryInitializer init; - std::auto_ptr<PKCS8_PrivateKey> key(PKCS8::load_key(argv[1], argv[3])); RSA_PrivateKey* rsakey = dynamic_cast<RSA_PrivateKey*>(key.get()); if(!rsakey) diff --git a/doc/examples/rsa_enc.cpp b/doc/examples/rsa_enc.cpp index 49b62989c..b24074038 100644 --- a/doc/examples/rsa_enc.cpp +++ b/doc/examples/rsa_enc.cpp @@ -65,9 +65,6 @@ int main(int argc, char* argv[]) } try { - - LibraryInitializer init; - std::auto_ptr<X509_PublicKey> key(X509::load_key(argv[1])); RSA_PublicKey* rsakey = dynamic_cast<RSA_PublicKey*>(key.get()); if(!rsakey) diff --git a/doc/examples/rsa_kgen.cpp b/doc/examples/rsa_kgen.cpp index 210eca52c..e57f60c06 100644 --- a/doc/examples/rsa_kgen.cpp +++ b/doc/examples/rsa_kgen.cpp @@ -42,7 +42,6 @@ int main(int argc, char* argv[]) try { - LibraryInitializer init; RSA_PrivateKey key(bits); pub << X509::PEM_encode(key); diff --git a/doc/examples/self_sig.cpp b/doc/examples/self_sig.cpp index c117ff3aa..d00bcb3b4 100644 --- a/doc/examples/self_sig.cpp +++ b/doc/examples/self_sig.cpp @@ -28,8 +28,6 @@ int main(int argc, char* argv[]) return 1; } - LibraryInitializer init; - std::string CA_flag = argv[2]; bool do_CA = false; diff --git a/doc/examples/stack.cpp b/doc/examples/stack.cpp index 1522b05f5..389b12e7e 100644 --- a/doc/examples/stack.cpp +++ b/doc/examples/stack.cpp @@ -20,8 +20,6 @@ int main(int argc, char* argv[]) return 1; } - Botan::LibraryInitializer init; - // this is a pretty vacuous example, but it's useful as a test Botan::Pipe pipe; diff --git a/doc/examples/x509info.cpp b/doc/examples/x509info.cpp index 343628922..4bcf17a20 100644 --- a/doc/examples/x509info.cpp +++ b/doc/examples/x509info.cpp @@ -57,8 +57,6 @@ int main(int argc, char* argv[]) } try { - LibraryInitializer init; - X509_Certificate cert(argv[1]); std::cout << "Version: " << cert.x509_version() << std::endl; @@ -71,6 +69,9 @@ int main(int argc, char* argv[]) do_subject(cert, "Locality"); do_subject(cert, "State"); do_subject(cert, "Country"); + do_subject(cert, "IP"); + do_subject(cert, "DNS"); + do_subject(cert, "URI"); do_subject(cert, "PKIX.XMPPAddr"); std::cout << "Issuer" << std::endl; @@ -81,6 +82,9 @@ int main(int argc, char* argv[]) do_issuer(cert, "Locality"); do_issuer(cert, "State"); do_issuer(cert, "Country"); + do_issuer(cert, "IP"); + do_issuer(cert, "DNS"); + do_issuer(cert, "URI"); std::cout << "Validity" << std::endl; diff --git a/doc/examples/xor_ciph.cpp b/doc/examples/xor_ciph.cpp index 92902a483..b9e46d91c 100644 --- a/doc/examples/xor_ciph.cpp +++ b/doc/examples/xor_ciph.cpp @@ -55,8 +55,6 @@ void XOR_Cipher::key(const byte key[], u32bit length) int main() { - LibraryInitializer init; - add_algorithm(new XOR_Cipher); // make it available to use global_config().add_alias("Vernam", "XOR"); // make Vernam an alias for XOR diff --git a/doc/logs/log-17.txt b/doc/logs/log-17.txt index 1a3b7707b..cab6dabbe 100644 --- a/doc/logs/log-17.txt +++ b/doc/logs/log-17.txt @@ -1,4 +1,22 @@ +* 1.7.3, November 4, 2007 + - New invocation syntax for configure.pl with several new options + - Support for IPv4 addresses in a subject alternative name + - New fast poll for the generic Unix entropy source (es_unix) + - The malloc allocator does not inherit from Pooling_Allocator anymore + - The dirs that es_unix will search in are now fully user-configurable + - Truncate X9.42 PRF output rather than allow counter overflow + - PowerPC is now assumed to be big-endian + +* 1.7.2, October 13, 2007 + - Initialize the global library state lazily + - Add plain CBC-MAC for backwards compatability with old systems + - Clean up some of the self test code + - Throw a sensible exception if a DL_Group is not found + - Truncate KDF2 output rather than allowing counter overflow + - Add newly assigned OIDs for SHA-2 and DSA with SHA-224/256 + - Fix a Visual Studio compilation problem in x509stat.cpp + * 1.7.1, July 23, 2007 - Fix a race condition in the algorithm object cache - HMAC key schedule optimization diff --git a/doc/porting.txt b/doc/porting.txt deleted file mode 100644 index 48c095837..000000000 --- a/doc/porting.txt +++ /dev/null @@ -1,144 +0,0 @@ -* Botan Porting Guide, 1.2.x -> 1.4.x - -This is a guide for how to port your code from 1.2.x to 1.4.x. For the most -part, they are compatible, but there are a few cases that might cause -problems. The externally visible changes are much smaller than 1.0->1.2 changes -were. If you run into something that used to work that doesn't now and isn't -mentioned here, let me know so I can either fix it, or document it here. - -If you can provide a solid reason for 1.4.x to supply backwards-compatible -behavior with something that's mentioned here, I'll consider it, but no -promises. - -* Memory Containers - -The memory containers (SecureBuffer, SecureVector) have been changed to -subclass another object, MemoryRegion (a third subclass, MemoryVector, is just -like SecureVector, except it never locks memory - though it will clear it when -freeing). On it's own, this shouldn't cause any problems, but there are some -cases to be aware of. - -The ptr() function was renamed begin() to match the STL. This is probably the -change most likely to cause problems. - -Various other functions (such as compare) were removed or renamed. The ones -that were removed can be replaced with STL algorithms (for example, compare -> -lexicographical_compare) and the renamed ones were typically renamed to match -the STL. - -SecureBuffer can now be resized, so the second template parameter shouldn't be -considered to be the same as the actual size; it is instead the *initial* size -of the buffer. You can get the current size by calling the size() member -function. While it's possible to modify the size of a SecureBuffer now, don't -do it: it's really confusing, and you should just use a SecureVector instead. - -Second (optional, but a good idea): convert any functions taking a "const -SecureVector<T>&" to "const MemoryRegion<T>&"; this will let them work with -arbitrary memory types; in particular, it will work with a MemoryVector, which -doesn't lock. In fact, the compiler will convert it for you, but this will slow -things down quite a bit (since copying it requires an allocation and a memcpy), -so it's a good idea to do the change. - -* OctetString / SymmetricKey / InitializationVector - -This probably wins the 'most likely to cause compile errors' award. There are -two changes: - -1) copy() was renamed bits_of() - -2) The implicit conversion to byte* was removed. If you were passing it to - another library function as a byte*/u32bit pair, there is probably a version - taking the object directly; use that instead. - - If you were using it for something else, do the following: 1) call bits_of() - and use the returned SecureVector<byte> to get the byte* value, and 2) email - me so I can figure out if what you're doing it worth supporting in the - library (obviously strike this last part if what you're doing is so totally - one-off that nobody would ever need it elsewhere). - -* BigInt::zero() / BigInt::one() - -They were removed. Just use integer constants (0/1) instead; the performance -gain was extremely questionable, and there was lots of special glue to make -sure they worked correctly. - -* ASN.1 decoding - -If something took an X509_Encoding flag before, it probably doesn't -anymore. Some magical heuristics (BER::maybe_BER and PEM_Code::matches) have -been added which can successfully tell if something is PEM or BER/DER encoded -by looking at the data. The heuristics are not perfect (that's why I'm calling -them heuristics), but they work pretty well, and for the most part you would -have to go quite out of your way to fool them (you will be rewarded for your -hard work with an exception, when the decoding fails). - -The places that took it for encoding still do, as the library has no way to -guess which format you want it in. - -* General PK - -PK_Key::check_params() was renamed check_key() to better reflect what -operations are performed. - -* X.509 - -The first two arguments of X509_CA::update_crl (the list of new entries and the -CRL) have been swapped. Now the CRL is the first argument, and the list of -entires is the second. This just seemed a lot more natural. - -CRL_Usage was moved from being a global enumeration to a member of X509_Store, -which makes more sense as that is the only class that uses it. Just replace -CRL_Usage with X509_Store::CRL_Usage, and similarly for any elements of -CRL_Usage (ie, instead of TLS_SERVER, use X509_Store::TLS_SERVER). - -* PKCS #8 - -The PKCS #8 key loading interface has changed significantly in 1.4.0. First, -the versions taking memory objects have been completely removed. While it is, -in fact, quite useful to do this, it's not so useful that it's worth supporting -it in the library (IMO). Just create a DataSource_Memory and pass that to -load_key instead. In fact, here's the code: - -PKCS8_PrivateKey* load_key(const SecureVector<byte>& buffer, - const std::string& pass) - { - DataSource_Memory source(buffer); - return PKCS8::load_key(source, pass); - } - -See, that was easy. :) - -Second, instead of passing a std::string, representing the passphrase, you pass -a User_Interface& object, which a) will not be used if the key isn't encrypted, -and b) will be called as many times as needed until the correct passphrase it -entered (or until the number of tries exceeds the config option -"base/pkcs8_tries", which defaults to 3 (or until the ui object returns -CANCEL_ACTION)). - -The base User_Interface class is pretty brain-dead. The constructor takes an -(optional) passphrase, which it spits back out the first time it's called. The -second time it gets called, it will return CANCEL_ACTION. This behavior is for -compatibility with the old std::string interface (the functions still exist as -forwarding functions, which just create the base UI object and pass it to the -real decoding functions). - -Updating your code to use the new PKCS #8 functions could make things much -nicer in your interface (for example, popping up a dialog box that asks for the -passphrase, but only if the key really is encrypted). There is a GTK+ example -that shows how to do this, check the web page. - -* Public/Private Keys - -This is a pretty big change. Almost all of the PK objects used to have a -constructor taking a DataSource&, from which it would read the key. However, -this was a poor design, because if you guess incorrectly as to what kind of key -was in use, bad stuff would happen. So basically it was impossible to use -safely. In addition, it was rather complex to support. - -Use {X509,PKCS8}::load_key and dynamic_cast<> instead. It's a bit more code, -but it's worth it for the flexibility and better error handling. If you really -want something like the constructors, you can look at the try_load functions in -1.2.x's pkcs8.cpp and x509_key.cpp to see how they did it (you won't get the -same exact effect, since you can't add a constructor, but you can do something -that looks fairly similar). - diff --git a/include/allocate.h b/include/allocate.h index ec5868a47..eabfe1c79 100644 --- a/include/allocate.h +++ b/include/allocate.h @@ -12,7 +12,7 @@ namespace Botan { /************************************************* -* Allocator * +* Allocator Interface * *************************************************/ class Allocator { @@ -30,10 +30,6 @@ class Allocator virtual ~Allocator() {} }; -/************************************************* -* Get an allocator * -*************************************************/ - } #endif diff --git a/include/asn1_obj.h b/include/asn1_obj.h index 46ba5c678..99aefbca3 100644 --- a/include/asn1_obj.h +++ b/include/asn1_obj.h @@ -129,7 +129,7 @@ class AlternativeName : public ASN1_Object bool has_items() const; AlternativeName(const std::string& = "", const std::string& = "", - const std::string& = ""); + const std::string& = "", const std::string& = ""); private: std::multimap<std::string, std::string> alt_info; std::multimap<OID, ASN1_String> othernames; diff --git a/include/bit_ops.h b/include/bit_ops.h index 5883d2163..9949a1dbb 100644 --- a/include/bit_ops.h +++ b/include/bit_ops.h @@ -7,7 +7,6 @@ #define BOTAN_BIT_OPS_H__ #include <botan/types.h> -#include <botan/loadstor.h> namespace Botan { @@ -25,13 +24,20 @@ template<typename T> inline T rotate_right(T input, u32bit rot) } /************************************************* -* XOR Functions * +* Byteswap * +*************************************************/ +u16bit reverse_bytes(u16bit); +u32bit reverse_bytes(u32bit); +u64bit reverse_bytes(u64bit); + +/************************************************* +* Array XOR * *************************************************/ void xor_buf(byte[], const byte[], u32bit); void xor_buf(byte[], const byte[], const byte[], u32bit); /************************************************* -* Misc Utility Functions * +* Simple Bit Manipulation * *************************************************/ bool power_of_2(u64bit); u32bit high_bit(u64bit); diff --git a/include/cbc_mac.h b/include/cbc_mac.h new file mode 100644 index 000000000..aec1c42f1 --- /dev/null +++ b/include/cbc_mac.h @@ -0,0 +1,36 @@ +/************************************************* +* CBC-MAC Header File * +* (C) 1999-2007 The Botan Project * +*************************************************/ + +#ifndef BOTAN_CBC_MAC__ +#define BOTAN_CBC_MAC__ + +#include <botan/base.h> + +namespace Botan { + +/************************************************* +* CBC-MAC * +*************************************************/ +class CBC_MAC : public MessageAuthenticationCode + { + public: + void clear() throw(); + std::string name() const; + MessageAuthenticationCode* clone() const; + CBC_MAC(const std::string&); + ~CBC_MAC(); + private: + void add_data(const byte[], u32bit); + void final_result(byte[]); + void key(const byte[], u32bit); + + BlockCipher* e; + SecureVector<byte> state; + u32bit position; + }; + +} + +#endif diff --git a/include/defalloc.h b/include/defalloc.h index 184378d84..c663116d0 100644 --- a/include/defalloc.h +++ b/include/defalloc.h @@ -13,14 +13,13 @@ namespace Botan { /************************************************* * Malloc Allocator * *************************************************/ -class Malloc_Allocator : public Pooling_Allocator +class Malloc_Allocator : public Allocator { public: - Malloc_Allocator() : Pooling_Allocator(64*1024, false) {} + void* allocate(u32bit); + void deallocate(void*, u32bit); + std::string type() const { return "malloc"; } - private: - void* alloc_block(u32bit); - void dealloc_block(void*, u32bit); }; /************************************************* diff --git a/include/idea.h b/include/idea.h index 6f6932c38..10b0f7049 100644 --- a/include/idea.h +++ b/include/idea.h @@ -24,7 +24,6 @@ class IDEA : public BlockCipher void enc(const byte[], byte[]) const; void dec(const byte[], byte[]) const; void key(const byte[], u32bit); - static u16bit mul_inv(u16bit); SecureBuffer<u16bit, 52> EK, DK; }; diff --git a/include/init.h b/include/init.h index 9936b8c6f..5a9181c8d 100644 --- a/include/init.h +++ b/include/init.h @@ -24,8 +24,6 @@ class InitializerOptions bool fips_mode() const; bool self_test() const; - std::string config_file() const; - InitializerOptions(const std::string&); private: std::map<std::string, std::string> args; diff --git a/include/libstate.h b/include/libstate.h index dcd6f26a5..666677ff3 100644 --- a/include/libstate.h +++ b/include/libstate.h @@ -8,6 +8,7 @@ #include <botan/base.h> #include <botan/enums.h> +#include <botan/init.h> #include <botan/ui.h> #include <string> #include <vector> @@ -21,6 +22,15 @@ namespace Botan { class Library_State { public: + Library_State(); + ~Library_State(); + + void initialize(const InitializerOptions&, Modules&); + + void load(Modules&); + + void add_engine(class Engine*); + class Engine_Iterator { public: @@ -52,15 +62,11 @@ class Library_State void add_entropy(EntropySource&, bool); u32bit seed_prng(bool, u32bit); - void load(class Modules&); - void set_timer(class Timer*); u64bit system_clock() const; class Config& config() const; - void add_engine(class Engine*); - class Mutex* get_mutex() const; class Mutex* get_named_mutex(const std::string&); @@ -73,9 +79,6 @@ class Library_State void set_transcoder(class Charset_Transcoder*); std::string transcode(const std::string, Character_Set, Character_Set) const; - - Library_State(class Mutex_Factory*); - ~Library_State(); private: Library_State(const Library_State&) {} Library_State& operator=(const Library_State&) { return (*this); } @@ -84,7 +87,7 @@ class Library_State class Mutex_Factory* mutex_factory; class Timer* timer; - class Config* config_obj; + mutable class Config* config_obj; class X509_GlobalState* x509_state_obj; std::map<std::string, class Mutex*> locks; diff --git a/include/parsing.h b/include/parsing.h index ce36365fe..dcfde9568 100644 --- a/include/parsing.h +++ b/include/parsing.h @@ -27,6 +27,12 @@ u32bit parse_expr(const std::string&); std::string to_string(u64bit, u32bit = 0); u32bit to_u32bit(const std::string&); +/************************************************* +* String/Network Address Conversions * +*************************************************/ +u32bit string_to_ipv4(const std::string&); +std::string ipv4_to_string(u32bit); + } #endif diff --git a/include/x509self.h b/include/x509self.h index 30acbdbaa..eb9628a0b 100644 --- a/include/x509self.h +++ b/include/x509self.h @@ -26,7 +26,7 @@ class X509_Cert_Options std::string state; std::string serial_number; - std::string email, uri, dns, xmpp; + std::string email, uri, dns, ip, xmpp; std::string challenge; diff --git a/misc/botan.rc b/misc/botan.rc deleted file mode 100644 index aaa1b3f91..000000000 --- a/misc/botan.rc +++ /dev/null @@ -1,225 +0,0 @@ -# Botan configuration (v1.4.2) - -# This config, as shipped, matches the library defaults, but is much easier to -# tweak than recompiling everything. You can use it as a base for your own -# configurations. Read section 10.4 "Configuration Files" in the API doc for -# more information. - -[base] -memory_chunk = 32*1024 # size of the chunk of memory allocated at once -default_pbe = PBE-PKCS5v20(SHA-1,TripleDES/CBC) -pkcs8_tries = 3 - -[pk] -blinder_size = 64 -test/public = basic -test/private = basic -test/private_gen = all - -[pem] -search = 4*1024 -forgive = 8 -width = 64 - -[rng] -# LibraryInitializer will try to acquire at least this many bits of entropy -min_entropy = 384 -es_files = /dev/urandom:/dev/random # path for random devices -egd_path = /var/run/egd-pool:/dev/egd-pool # path to search for an EGD socket -ms_capi_prov_type = INTEL_SEC:RSA_FULL # prefered MS CryptoAPI providers -unix_path = /usr/ucb:/usr/etc:/etc - -[x509] -validity_slack = 24h # how much wiggle room is given when checking validity -v1_assume_ca = false # should v1/v2 certificates be considered CA certs? -cache_verify_results = 30m # how long to cache verification results - -[x509/ca] -allow_ca = false # should PKCS #10 requests be able to ask to be a CA? - # should basic_constraints be included in all certs, including end-user? -basic_constraints = always -default_expire = 1y # default expire time for new certs -signing_offset = 30s # offset the PKCS #10 validity times by this amount -rsa_hash = SHA-1 # what hash to use when using RSA to sign new certs -str_type = latin1 # default string encoding (latin1 or utf8) - -[x509/crl] -# can be 'ignore' or 'throw': ignore matches X.509-2000 behavior, throw is PKIX -unknown_critical = ignore - -# When generating a new CRL, this is the default next update time. Can also be -# set in the call to X509_CA::update_crl/X509_CA::new_crl as the last arg -next_update = 7d - -[x509/exts] -# Each of these can be one of: -# - critical: Extension is marked as critical, if we have the info for it -# - yes or noncritical: Extension is included if needed, but not critical -# - no: Extension is not included, even if the information is available -basic_constraints = critical -subject_key_id = yes -authority_key_id = yes -subject_alternative_name = yes -issuer_alternative_name = yes -key_usage = critical -extended_key_usage = yes -crl_number = yes - -[aliases] -Rijndael = AES -3DES = TripleDES -DES-EDE = TripleDES -CAST5 = CAST-128 -3-Way = ThreeWay -SHARK = SHARK-E -SEAL = SEAL-3.0-BE -SHA1 = SHA-160 -SHA-1 = SHA-160 # Don't change or remove this -MARK-4 = ARC4(256) - -OpenPGP.Cipher.1 = IDEA -OpenPGP.Cipher.2 = TripleDES -OpenPGP.Cipher.3 = CAST-128 -OpenPGP.Cipher.4 = Blowfish -OpenPGP.Cipher.5 = SAFER-SK(13) -OpenPGP.Cipher.7 = AES-128 -OpenPGP.Cipher.8 = AES-192 -OpenPGP.Cipher.9 = AES-256 -OpenPGP.Cipher.10 = Twofish - -OpenPGP.Digest.1 = MD5 -OpenPGP.Digest.2 = SHA-1 -OpenPGP.Digest.3 = RIPEMD-160 -OpenPGP.Digest.5 = MD2 -OpenPGP.Digest.6 = Tiger(24,3) -OpenPGP.Digest.7 = HAVAL(20,5) -OpenPGP.Digest.8 = SHA-256 - -TLS.Digest.0 = Parallel(MD5,SHA-1) - -EME-PKCS1-v1_5 = PKCS1v15 -OAEP-MGF1 = EME1 -EME-OAEP = EME1 -X9.31 = EMSA2 -EMSA-PKCS1-v1_5 = EMSA3 -PSS-MGF1 = EMSA4 -EMSA-PSS = EMSA4 - -[oids] -ISO_MEMBER = 1.2 -US_BODY = ISO_MEMBER.840 -X500 = 2.5 - -RSA_DSI = US_BODY.113549 -ANSI_X957 = US_BODY.10040 -ANSI_X942 = US_BODY.10046 -NIST_ALGO = 2.16.840.1.101.3.4 -PKIX_USAGE = 1.3.6.1.5.5.7.3 -GNU_PROJECT = 1.3.6.1.4.1.11591 -OIW_ALGO = 1.3.14.3.2 -DN_ATTR = X500.4 -X509_KU = X500.29 - -PKCS = RSA_DSI.1 -PKCS1 = PKCS.1 -PKCS5 = PKCS.5 -PKCS7 = PKCS.7 -PKCS9 = PKCS.9 - -DES/CBC = OIW_ALGO.7 -TripleDES/CBC = RSA_DSI.3.7 -RC2/CBC = RSA_DSI.3.2 -CAST-128/CBC = US_BODY.113533.7.66.10 -AES-128/CBC = NIST_ALGO.1.2 -AES-192/CBC = NIST_ALGO.1.22 -AES-256/CBC = NIST_ALGO.1.42 - -MD5 = RSA_DSI.2.5 -SHA-160 = OIW_ALGO.26 -Tiger(24,3) = GNU_PROJECT.12.2 - -KeyWrap.TripleDES = PKCS9.16.3.6 -KeyWrap.RC2 = PKCS9.16.3.7 -KeyWrap.CAST-128 = US_BODY.113533.7.66.15 -KeyWrap.AES-128 = NIST_ALGO.1.5 -KeyWrap.AES-192 = NIST_ALGO.1.25 -KeyWrap.AES-256 = NIST_ALGO.1.45 - -Compression.Zlib = PKCS9.16.3.8 - -RSA = PKCS1.1 -RSA = X500.8.1.1 -DSA = ANSI_X957.4.1 -DH = ANSI_X942.2.1 - -DSA/EMSA1(SHA-160)/DER = ANSI_X957.4.3 -DSA/EMSA1(SHA-160) = ANSI_X957.4.3 -RSA/EMSA3(MD2) = PKCS1.2 -RSA/EMSA3(MD5) = PKCS1.4 -RSA/EMSA3(SHA-160) = PKCS1.5 -RSA/EMSA3(SHA-256) = PKCS1.11 -RSA/EMSA3(SHA-384) = PKCS1.12 -RSA/EMSA3(SHA-512) = PKCS1.13 -RSA/EMSA3(RIPEMD-160) = 1.3.36.3.3.1.2 - -PBE-PKCS5v15(MD2,DES/CBC) = PKCS5.1 -PBE-PKCS5v15(MD2,RC2/CBC) = PKCS5.4 -PBE-PKCS5v15(MD5,DES/CBC) = PKCS5.3 -PBE-PKCS5v15(MD5,RC2/CBC) = PKCS5.6 -PBE-PKCS5v15(SHA-160,DES/CBC) = PKCS5.10 -PBE-PKCS5v15(SHA-160,RC2/CBC) = PKCS5.11 -PBE-PKCS5v20 = PKCS5.13 -PKCS5.PBKDF2 = PKCS5.12 - -CMS.DataContent = PKCS7.1 -CMS.SignedData = PKCS7.2 -CMS.EnvelopedData = PKCS7.3 -CMS.DigestedData = PKCS7.5 -CMS.EncryptedData = PKCS7.6 -CMS.AuthenticatedData = PKCS9.16.1.2 -CMS.CompressedData = PKCS9.16.1.9 - -PKCS9.EmailAddress = PKCS9.1 -PKCS9.UnstructuredName = PKCS9.2 -PKCS9.ContentType = PKCS9.3 -PKCS9.MessageDigest = PKCS9.4 -PKCS9.ChallengePassword = PKCS9.7 -PKCS9.ExtensionRequest = PKCS9.14 - -X520.CommonName = DN_ATTR.3 -X520.Surname = DN_ATTR.4 -X520.SerialNumber = DN_ATTR.5 -X520.Country = DN_ATTR.6 -X520.Locality = DN_ATTR.7 -X520.State = DN_ATTR.8 -X520.Organization = DN_ATTR.10 -X520.OrganizationalUnit = DN_ATTR.11 -X520.Title = DN_ATTR.12 -X520.GivenName = DN_ATTR.42 -X520.Initials = DN_ATTR.43 -X520.GenerationalQualifier = DN_ATTR.44 -X520.DNQualifier = DN_ATTR.46 -X520.Pseudonym = DN_ATTR.65 - -X509v3.SubjectKeyIdentifier = X509_KU.14 -X509v3.KeyUsage = X509_KU.15 -X509v3.SubjectAlternativeName = X509_KU.17 -X509v3.IssuerAlternativeName = X509_KU.18 -X509v3.BasicConstraints = X509_KU.19 -X509v3.CRLNumber = X509_KU.20 -X509v3.ReasonCode = X509_KU.21 -X509v3.HoldInstructionCode = X509_KU.23 -X509v3.InvalidityDate = X509_KU.24 -X509v3.CertificatePolicies = X509_KU.32 -X509v3.AuthorityKeyIdentifier = X509_KU.35 -X509v3.PolicyConstraints = X509_KU.36 -X509v3.ExtendedKeyUsage = X509_KU.37 - -PKIX.ServerAuth = PKIX_USAGE.1 -PKIX.ClientAuth = PKIX_USAGE.2 -PKIX.CodeSigning = PKIX_USAGE.3 -PKIX.EmailProtection = PKIX_USAGE.4 -PKIX.IPsecEndSystem = PKIX_USAGE.5 -PKIX.IPsecTunnel = PKIX_USAGE.6 -PKIX.IPsecUser = PKIX_USAGE.7 -PKIX.TimeStamping = PKIX_USAGE.8 diff --git a/misc/config/arch/alpha b/misc/config/arch/alpha index 51c5e7220..16159207f 100644 --- a/misc/config/arch/alpha +++ b/misc/config/arch/alpha @@ -1,6 +1,7 @@ realname "DEC Alpha" default_submodel alpha-ev5 +endian little <aliases> axp diff --git a/misc/config/arch/amd64 b/misc/config/arch/amd64 index 2291ef055..403ac47ec 100644 --- a/misc/config/arch/amd64 +++ b/misc/config/arch/amd64 @@ -3,6 +3,7 @@ realname "AMD64" default_submodel amd64 endian little +unaligned ok <aliases> x86-64 diff --git a/misc/config/arch/ia32 b/misc/config/arch/ia32 index 1eec8cdbe..1d2b36af1 100644 --- a/misc/config/arch/ia32 +++ b/misc/config/arch/ia32 @@ -1,8 +1,9 @@ realname "IA-32" -default_submodel i586 +default_submodel i686 endian little +unaligned ok <aliases> x86 diff --git a/misc/config/arch/ppc b/misc/config/arch/ppc index 01cd92ad0..0f7ceac2b 100644 --- a/misc/config/arch/ppc +++ b/misc/config/arch/ppc @@ -1,5 +1,7 @@ realname "PowerPC" +endian big + # G3; probably a reasonable assumption these days default_submodel ppc740 diff --git a/misc/config/arch/ppc64 b/misc/config/arch/ppc64 index cbd74bb9f..2bb789949 100644 --- a/misc/config/arch/ppc64 +++ b/misc/config/arch/ppc64 @@ -1,5 +1,7 @@ realname "PowerPC 64" +endian big + default_submodel power4 <submodel_aliases> diff --git a/misc/config/cc/bcc b/misc/config/cc/bcc index 56206fb81..a3bf7cf6f 100644 --- a/misc/config/cc/bcc +++ b/misc/config/cc/bcc @@ -26,11 +26,3 @@ i686 -> "/G6" athlon -> "/G6" pentium4 -> "/G6" </mach_opt> - -<arch> -ia32 -</arch> - -<os> -windows -</os> diff --git a/misc/config/cc/compaq b/misc/config/cc/compaq index 5710698a0..90811b039 100644 --- a/misc/config/cc/compaq +++ b/misc/config/cc/compaq @@ -24,12 +24,3 @@ default -> "$(CXX) -shared -soname $(SONAME)" <mach_opt> alpha -> "-arch=SUBMODEL" alpha- </mach_opt> - -<arch> -alpha -</arch> - -<os> -tru64 -linux -</os> diff --git a/misc/config/cc/ekopath b/misc/config/cc/ekopath index abf0b5b1c..f8bd8f2fe 100644 --- a/misc/config/cc/ekopath +++ b/misc/config/cc/ekopath @@ -35,12 +35,3 @@ core2duo -> "-mcpu=core" ia32 -> "-mcpu=anyx86" amd64 -> "-mcpu=athlon64" </mach_opt> - -<os> -linux -</os> - -<arch> -ia32 -amd64 -</arch> diff --git a/misc/config/cc/gcc b/misc/config/cc/gcc index 1485037c2..2111f9940 100644 --- a/misc/config/cc/gcc +++ b/misc/config/cc/gcc @@ -81,39 +81,3 @@ freebsd -> "-pthread" netbsd -> "-pthread" qnx -> "-fexceptions -D_QNX_SOURCE" </mach_abi_linking> - -<os> -aix -beos -cygwin -darwin -freebsd -hpux -irix -linux -netbsd -openbsd -qnx -solaris -tru64 -windows -</os> - -<arch> -alpha -amd64 -arm -hppa -ia32 -ia64 -m68k -mips32 -mips64 -ppc -ppc64 -s390 -s390x -sh -sparc32 -sparc64 -</arch> diff --git a/misc/config/cc/hpcc b/misc/config/cc/hpcc index 7167be329..2048c5bb2 100644 --- a/misc/config/cc/hpcc +++ b/misc/config/cc/hpcc @@ -27,11 +27,3 @@ hppa2.0 -> "+DA2.0W" <so_link_flags> default -> "$(CXX) +Z -b -Wl,+h,$(SONAME)" # Documented in cc(1), but not CC(1) (?) </so_link_flags> - -<arch> -hppa -</arch> - -<os> -hpux -</os> diff --git a/misc/config/cc/icc b/misc/config/cc/icc index ad9957e1d..4d51b5fe9 100644 --- a/misc/config/cc/icc +++ b/misc/config/cc/icc @@ -1,6 +1,6 @@ realname "Intel C++" -binary_name "icc" +binary_name "icpc" compile_option "-c " output_to_option "-o " @@ -11,30 +11,20 @@ add_lib_option "-l" lib_opt_flags "-O3 -ip -unroll" check_opt_flags "-O2" debug_flags "-g" -no_debug_flags "" +no_debug_flags "-fomit-frame-pointer" lang_flags "" warning_flags "-w1" -so_obj_flags "-KPIC" +so_obj_flags "-fPIC" makefile_style unix <mach_opt> -i586 -> "-tpp5" -i686 -> "-tpp6 -xiM" -athlon -> "-tpp6 -xiM" -pentium4 -> "-tpp7 -xiMW" +i686 -> "-march=pentium3" +athlon -> "-march=pentium3" +pentium4 -> "-march=pentium4" +core2duo -> "-msse3" </mach_opt> <so_link_flags> -default -> "$(CXX) -KPIC -shared" +default -> "$(CXX) -fPIC -shared" </so_link_flags> - -<arch> -amd64 -ia32 -ia64 -</arch> - -<os> -linux -</os> diff --git a/misc/config/cc/kai b/misc/config/cc/kai index 49afd1a3b..564ca2157 100644 --- a/misc/config/cc/kai +++ b/misc/config/cc/kai @@ -25,22 +25,3 @@ default -> "$(CXX) --soname $(SONAME)" <mach_abi_linking> all -> "--one_per" </mach_abi_linking> - -<arch> -alpha -hppa -ia32 -mips32 -mips64 -sparc32 -sparc64 -</arch> - -<os> -hpux -irix -linux -solaris -tru64 -</os> - diff --git a/misc/config/cc/mipspro b/misc/config/cc/mipspro index 2f01cf29e..8ceeb52b7 100644 --- a/misc/config/cc/mipspro +++ b/misc/config/cc/mipspro @@ -37,12 +37,3 @@ mips64-r10000 -> "-mips4 -r10000" mips32 -> "-n32" mips64 -> "-64" </mach_abi_linking> - -<arch> -mips32 -mips64 -</arch> - -<os> -irix -</os> diff --git a/misc/config/cc/msvc b/misc/config/cc/msvc index cb5b56b5d..5bcec8e23 100644 --- a/misc/config/cc/msvc +++ b/misc/config/cc/msvc @@ -10,7 +10,7 @@ add_lib_option "" lib_opt_flags "/O2 /Ob2" check_opt_flags "/O2" -debug_flags "" +debug_flags "/Zi" no_debug_flags "" lang_flags "/EHsc /GR /D_CONSOLE" warning_flags "" @@ -18,11 +18,3 @@ warning_flags "" ar_command "link /lib" makefile_style nmake - -<arch> -ia32 -</arch> - -<os> -windows -</os> diff --git a/misc/config/cc/pgi b/misc/config/cc/pgi index 9b5a24611..b67edbcc3 100644 --- a/misc/config/cc/pgi +++ b/misc/config/cc/pgi @@ -26,12 +26,3 @@ athlon -> "-tp k7" pentium4 -> "-tp p6" ia32 -> "-tp px" </mach_opt> - -<arch> -ia32 -</arch> - -<os> -linux -solaris -</os> diff --git a/misc/config/cc/sgipro64 b/misc/config/cc/sgipro64 index b1429df94..5bb561834 100644 --- a/misc/config/cc/sgipro64 +++ b/misc/config/cc/sgipro64 @@ -25,11 +25,3 @@ default -> "$(CXX) -shared -Wl,-soname,$(SONAME)" <mach_opt> </mach_opt> - -<arch> -ia64 -</arch> - -<os> -linux -</os> diff --git a/misc/config/cc/sunwspro b/misc/config/cc/sunwspro index 179b06408..842df153f 100644 --- a/misc/config/cc/sunwspro +++ b/misc/config/cc/sunwspro @@ -41,13 +41,3 @@ sparc64 -> "-xchip=SUBMODEL" sparc64- <mach_abi_linking> sparc64 -> "-xarch=v9" </mach_abi_linking> - -<arch> -ia32 -sparc32 -sparc64 -</arch> - -<os> -solaris -</os> diff --git a/misc/config/os/aix b/misc/config/os/aix index fd7330f18..cec818580 100644 --- a/misc/config/os/aix +++ b/misc/config/os/aix @@ -5,9 +5,3 @@ os_type unix <supports_shared> all </supports_shared> - -<arch> -ia64 -ppc -ppc64 -</arch> diff --git a/misc/config/os/beos b/misc/config/os/beos index 498bd493d..2b12792bb 100644 --- a/misc/config/os/beos +++ b/misc/config/os/beos @@ -11,11 +11,6 @@ doc_dir documentation all </supports_shared> -<arch> -ia32 -ppc -</arch> - <aliases> haiku </aliases> diff --git a/misc/config/os/cygwin b/misc/config/os/cygwin index ce10e504b..c2aadea98 100644 --- a/misc/config/os/cygwin +++ b/misc/config/os/cygwin @@ -11,9 +11,3 @@ doc_dir docs <supports_shared> #all </supports_shared> - -<arch> -ia32 -amd64 # in theory -ia64 # in theory -</arch> diff --git a/misc/config/os/freebsd b/misc/config/os/freebsd index d7818cdc6..6cc184d98 100644 --- a/misc/config/os/freebsd +++ b/misc/config/os/freebsd @@ -7,12 +7,3 @@ install_group wheel <supports_shared> all </supports_shared> - -<arch> -alpha -amd64 -ia32 -ia64 -powerpc -sparc64 -</arch> diff --git a/misc/config/os/hpux b/misc/config/os/hpux index 7a12d10dd..6e17d3b73 100644 --- a/misc/config/os/hpux +++ b/misc/config/os/hpux @@ -8,11 +8,6 @@ so_suffix sl all </supports_shared> -<arch> -hppa -ia64 -</arch> - <aliases> hp-ux </aliases> diff --git a/misc/config/os/irix b/misc/config/os/irix index 773942391..fd8b43287 100644 --- a/misc/config/os/irix +++ b/misc/config/os/irix @@ -5,9 +5,3 @@ os_type unix <supports_shared> all </supports_shared> - -<arch> -mips32 -mips64 -</arch> - diff --git a/misc/config/os/linux b/misc/config/os/linux index 701fc9091..acf224244 100644 --- a/misc/config/os/linux +++ b/misc/config/os/linux @@ -6,22 +6,3 @@ os_type unix <supports_shared> all </supports_shared> - -<arch> -alpha -amd64 -arm -hppa -ia32 -ia64 -m68k -mips32 -mips64 -ppc -ppc64 -sh -sparc32 -sparc64 -s390 -s390x -</arch> diff --git a/misc/config/os/netbsd b/misc/config/os/netbsd index b0caeff70..da713e3a0 100644 --- a/misc/config/os/netbsd +++ b/misc/config/os/netbsd @@ -7,17 +7,3 @@ install_group wheel <supports_shared> all </supports_shared> - -<arch> -alpha -amd64 -arm -hppa -ia32 -ia64 -m68k -mips32 -mips64 -ppc -sparc32 -</arch> diff --git a/misc/config/os/openbsd b/misc/config/os/openbsd index 8d0329e1e..9f966bf49 100644 --- a/misc/config/os/openbsd +++ b/misc/config/os/openbsd @@ -7,13 +7,3 @@ install_group wheel <supports_shared> all </supports_shared> - -<arch> -alpha -ia32 -m68k -mips32 -ppc -sparc32 -sparc64 -</arch> diff --git a/misc/config/os/qnx b/misc/config/os/qnx index cd5ddab5f..28bc8dea9 100644 --- a/misc/config/os/qnx +++ b/misc/config/os/qnx @@ -5,11 +5,3 @@ os_type unix <supports_shared> all </supports_shared> - -<arch> -arm -ia32 -mips32 -ppc -sh -</arch> diff --git a/misc/config/os/solaris b/misc/config/os/solaris index 078019584..58b458e9b 100644 --- a/misc/config/os/solaris +++ b/misc/config/os/solaris @@ -9,12 +9,6 @@ install_cmd_exec install -u OWNER -g GROUP -m 755 all </supports_shared> -<arch> -ia32 -sparc32 -sparc64 -</arch> - <aliases> sunos </aliases> diff --git a/misc/config/os/tru64 b/misc/config/os/tru64 index e2b264104..e320c1df4 100644 --- a/misc/config/os/tru64 +++ b/misc/config/os/tru64 @@ -6,10 +6,6 @@ os_type unix all </supports_shared> -<arch> -alpha -</arch> - <aliases> osf1 </aliases> diff --git a/misc/config/os/windows b/misc/config/os/windows index 44b2a102b..2f21da309 100644 --- a/misc/config/os/windows +++ b/misc/config/os/windows @@ -19,12 +19,7 @@ install_group <nil> #all </supports_shared> -<arch> -ia32 -amd64 # in theory -ia64 # in theory -</arch> - <aliases> win32 +mswin32 </aliases> diff --git a/modules/alg_amd64/modinfo.txt b/modules/alg_amd64/modinfo.txt index f9023b273..313d9ea03 100644 --- a/modules/alg_amd64/modinfo.txt +++ b/modules/alg_amd64/modinfo.txt @@ -2,7 +2,7 @@ realname "Algorithm x86-64 Assembler" mp_bits 64 -load_on: asm_ok +load_on asm_ok <replace> sha160.cpp diff --git a/modules/alg_amd64/sha160.cpp b/modules/alg_amd64/sha160.cpp index 0c9b3b7dc..76937a577 100644 --- a/modules/alg_amd64/sha160.cpp +++ b/modules/alg_amd64/sha160.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/sha160.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/modules/alg_ia32/md4.cpp b/modules/alg_ia32/md4.cpp index 4c1fca4c3..497c6dbe7 100644 --- a/modules/alg_ia32/md4.cpp +++ b/modules/alg_ia32/md4.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/md4.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/modules/alg_ia32/md5.cpp b/modules/alg_ia32/md5.cpp index 1f5c0c05b..5f2e7061e 100644 --- a/modules/alg_ia32/md5.cpp +++ b/modules/alg_ia32/md5.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/md5.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/modules/alg_ia32/modinfo.txt b/modules/alg_ia32/modinfo.txt index fdd955d11..33d30e8bf 100644 --- a/modules/alg_ia32/modinfo.txt +++ b/modules/alg_ia32/modinfo.txt @@ -2,7 +2,7 @@ realname "Algorithm x86 Assembler" mp_bits 32 -load_on: asm_ok +load_on asm_ok <replace> md4.cpp diff --git a/modules/alg_ia32/serpent.cpp b/modules/alg_ia32/serpent.cpp index 3cb5c6305..bf13772e6 100644 --- a/modules/alg_ia32/serpent.cpp +++ b/modules/alg_ia32/serpent.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/serpent.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/modules/alg_ia32/sha160.cpp b/modules/alg_ia32/sha160.cpp index ffa88e080..11cd5dadb 100644 --- a/modules/alg_ia32/sha160.cpp +++ b/modules/alg_ia32/sha160.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/sha160.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/modules/alloc_mmap/mmap_mem.cpp b/modules/alloc_mmap/mmap_mem.cpp index 2ca73b4b7..b40d24ca0 100644 --- a/modules/alloc_mmap/mmap_mem.cpp +++ b/modules/alloc_mmap/mmap_mem.cpp @@ -59,15 +59,15 @@ void* MemoryMapping_Allocator::alloc_block(u32bit n) filepath = new char[path.length() + 1]; std::strcpy(filepath, path.c_str()); - mode_t old_umask = umask(077); - fd = mkstemp(filepath); - umask(old_umask); + mode_t old_umask = ::umask(077); + fd = ::mkstemp(filepath); + ::umask(old_umask); } ~TemporaryFile() { delete[] filepath; - if(fd != -1 && close(fd) == -1) + if(fd != -1 && ::close(fd) == -1) throw MemoryMapping_Failed("Could not close file"); } private: @@ -80,15 +80,15 @@ void* MemoryMapping_Allocator::alloc_block(u32bit n) if(file.get_fd() == -1) throw MemoryMapping_Failed("Could not create file"); - if(unlink(file.path().c_str())) - throw MemoryMapping_Failed("Could not unlink file " + file.path()); + if(::unlink(file.path().c_str())) + throw MemoryMapping_Failed("Could not unlink file '" + file.path() + "'"); - lseek(file.get_fd(), n-1, SEEK_SET); - if(write(file.get_fd(), "\0", 1) != 1) + ::lseek(file.get_fd(), n-1, SEEK_SET); + if(::write(file.get_fd(), "\0", 1) != 1) throw MemoryMapping_Failed("Could not write to file"); - void* ptr = mmap(0, n, PROT_READ | PROT_WRITE, MAP_SHARED, - file.get_fd(), 0); + void* ptr = ::mmap(0, n, PROT_READ | PROT_WRITE, MAP_SHARED, + file.get_fd(), 0); if(ptr == static_cast<void*>(MAP_FAILED)) throw MemoryMapping_Failed("Could not map file"); @@ -101,23 +101,21 @@ void* MemoryMapping_Allocator::alloc_block(u32bit n) *************************************************/ void MemoryMapping_Allocator::dealloc_block(void* ptr, u32bit n) { - if(ptr == 0) return; + if(ptr == 0) + return; - const u32bit OVERWRITE_PASSES = 12; const byte PATTERNS[] = { 0x00, 0xFF, 0xAA, 0x55, 0x73, 0x8C, 0x5F, 0xA0, - 0x6E, 0x91, 0x30, 0xCF, 0xD3, 0x2C, 0xAC, 0x53 }; + 0x6E, 0x91, 0x30, 0xCF, 0xD3, 0x2C, 0xAC, 0x00 }; - for(u32bit j = 0; j != OVERWRITE_PASSES; j++) + for(u32bit j = 0; j != sizeof(PATTERNS); j++) { - std::memset(ptr, PATTERNS[j % sizeof(PATTERNS)], n); - if(msync(ptr, n, MS_SYNC)) + std::memset(ptr, PATTERNS[j], n); + + if(::msync(ptr, n, MS_SYNC)) throw MemoryMapping_Failed("Sync operation failed"); } - std::memset(ptr, 0, n); - if(msync(ptr, n, MS_SYNC)) - throw MemoryMapping_Failed("Sync operation failed"); - if(munmap(ptr, n)) + if(::munmap(ptr, n)) throw MemoryMapping_Failed("Could not unmap file"); } diff --git a/modules/alloc_mmap/modinfo.txt b/modules/alloc_mmap/modinfo.txt index 6426bdf24..8cc2b206e 100644 --- a/modules/alloc_mmap/modinfo.txt +++ b/modules/alloc_mmap/modinfo.txt @@ -1,8 +1,9 @@ realname "Disk Based Allocation System" define ALLOC_MMAP +modset unix -load_on: auto +load_on auto <add> mmap_mem.cpp diff --git a/modules/comp_bzip2/modinfo.txt b/modules/comp_bzip2/modinfo.txt index 92ffb2085..efedc097f 100644 --- a/modules/comp_bzip2/modinfo.txt +++ b/modules/comp_bzip2/modinfo.txt @@ -3,8 +3,9 @@ realname "Bzip2 Compressor" define COMPRESSOR_BZIP2 +modset compression -load_on: request +load_on request <add> bzip2.h diff --git a/modules/comp_zlib/modinfo.txt b/modules/comp_zlib/modinfo.txt index 1687ad312..c1f1f998c 100644 --- a/modules/comp_zlib/modinfo.txt +++ b/modules/comp_zlib/modinfo.txt @@ -4,7 +4,8 @@ realname "Zlib Compressor" define COMPRESSOR_ZLIB #define COMPRESSOR_ZLIB,COMPRESSOR_GZIP -load_on: request +load_on request +modset compression <add> zlib.h diff --git a/modules/comp_zlib/zlib.cpp b/modules/comp_zlib/zlib.cpp index 4bb014b69..59f8e88c4 100644 --- a/modules/comp_zlib/zlib.cpp +++ b/modules/comp_zlib/zlib.cpp @@ -97,12 +97,12 @@ void Zlib_Compression::start_msg() *************************************************/ void Zlib_Compression::write(const byte input[], u32bit length) { - zlib->stream.next_in = (Bytef*)input; + zlib->stream.next_in = static_cast<Bytef*>(input); zlib->stream.avail_in = length; while(zlib->stream.avail_in != 0) { - zlib->stream.next_out = (Bytef*)buffer.begin(); + zlib->stream.next_out = static_cast<Bytef*>(buffer.begin()); zlib->stream.avail_out = buffer.size(); deflate(&(zlib->stream), Z_NO_FLUSH); send(buffer.begin(), buffer.size() - zlib->stream.avail_out); @@ -120,7 +120,7 @@ void Zlib_Compression::end_msg() int rc = Z_OK; while(rc != Z_STREAM_END) { - zlib->stream.next_out = (Bytef*)buffer.begin(); + zlib->stream.next_out = static_cast<Bytef*>(buffer.begin()); zlib->stream.avail_out = buffer.size(); rc = deflate(&(zlib->stream), Z_FINISH); send(buffer.begin(), buffer.size() - zlib->stream.avail_out); @@ -138,7 +138,7 @@ void Zlib_Compression::flush() while(true) { - zlib->stream.next_out = (Bytef*)buffer.begin(); + zlib->stream.next_out = static_cast<Bytef*>(buffer.begin()); zlib->stream.avail_out = buffer.size(); deflate(&(zlib->stream), Z_FULL_FLUSH); send(buffer.begin(), buffer.size() - zlib->stream.avail_out); @@ -188,12 +188,12 @@ void Zlib_Decompression::write(const byte input[], u32bit length) { if(length) no_writes = false; - zlib->stream.next_in = (Bytef*)input; + zlib->stream.next_in = static_cast<Bytef*>(input; zlib->stream.avail_in = length; while(zlib->stream.avail_in != 0) { - zlib->stream.next_out = (Bytef*)buffer.begin(); + zlib->stream.next_out = static_cast<Bytef*>(buffer.begin(); zlib->stream.avail_out = buffer.size(); int rc = inflate(&(zlib->stream), Z_SYNC_FLUSH); @@ -213,7 +213,7 @@ void Zlib_Decompression::write(const byte input[], u32bit length) { u32bit read_from_block = length - zlib->stream.avail_in; start_msg(); - zlib->stream.next_in = (Bytef*)input + read_from_block; + zlib->stream.next_in = static_cast<Bytef*>(input + read_from_block; zlib->stream.avail_in = length - read_from_block; input += read_from_block; length -= read_from_block; @@ -233,7 +233,7 @@ void Zlib_Decompression::end_msg() int rc = Z_OK; while(rc != Z_STREAM_END) { - zlib->stream.next_out = (Bytef*)buffer.begin(); + zlib->stream.next_out = static_cast<Bytef*>(buffer.begin(); zlib->stream.avail_out = buffer.size(); rc = inflate(&(zlib->stream), Z_SYNC_FLUSH); if(rc != Z_OK && rc != Z_STREAM_END) diff --git a/modules/eng_aep/modinfo.txt b/modules/eng_aep/modinfo.txt index 1ffdb81d5..497a0c89f 100644 --- a/modules/eng_aep/modinfo.txt +++ b/modules/eng_aep/modinfo.txt @@ -2,7 +2,7 @@ realname "AEP Engine" define ENGINE_AEP,ENTROPY_SRC_AEP -load_on: request +load_on request <add> eng_aep.cpp diff --git a/modules/eng_gmp/modinfo.txt b/modules/eng_gmp/modinfo.txt index bc44986de..e65e411fd 100644 --- a/modules/eng_gmp/modinfo.txt +++ b/modules/eng_gmp/modinfo.txt @@ -2,7 +2,7 @@ realname "GMP Engine" define ENGINE_GNU_MP -load_on: request +load_on request <add> eng_gmp.cpp diff --git a/modules/eng_ossl/modinfo.txt b/modules/eng_ossl/modinfo.txt index 3378a9158..7892e8e90 100644 --- a/modules/eng_ossl/modinfo.txt +++ b/modules/eng_ossl/modinfo.txt @@ -2,7 +2,7 @@ realname "OpenSSL Engine" define ENGINE_OPENSSL -load_on: request +load_on request <add> eng_ossl.cpp diff --git a/modules/es_beos/modinfo.txt b/modules/es_beos/modinfo.txt index 292f7832d..a7e62cfb3 100644 --- a/modules/es_beos/modinfo.txt +++ b/modules/es_beos/modinfo.txt @@ -1,8 +1,9 @@ realname "BeOS Entropy Source" define ENTROPY_SRC_BEOS +modset beos -load_on: auto +load_on auto <add> es_beos.h diff --git a/modules/es_capi/modinfo.txt b/modules/es_capi/modinfo.txt index 8a0f3041c..40104664b 100644 --- a/modules/es_capi/modinfo.txt +++ b/modules/es_capi/modinfo.txt @@ -1,8 +1,8 @@ realname "Win32 CryptoAPI Entropy Source" define ENTROPY_SRC_CAPI - -load_on: auto +load_on auto +modset win32 <add> es_capi.h diff --git a/modules/es_dev/es_dev.cpp b/modules/es_dev/es_dev.cpp new file mode 100644 index 000000000..61127388a --- /dev/null +++ b/modules/es_dev/es_dev.cpp @@ -0,0 +1,118 @@ +/************************************************* +* Device EntropySource Source File * +* (C) 1999-2007 The Botan Project * +*************************************************/ + +#include <botan/es_dev.h> +#include <botan/config.h> +#include <sys/select.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <sys/fcntl.h> +#include <unistd.h> + +namespace Botan { + +namespace { + +/************************************************* +* A class handling reading from a device * +*************************************************/ +class Device_Reader + { + public: + typedef int fd_type; + + Device_Reader(fd_type device_fd) : fd(device_fd) {} + ~Device_Reader() { ::close(fd); } + u32bit get(byte out[], u32bit length); + + static fd_type open(const std::string& pathname); + private: + fd_type fd; + }; + +/************************************************* +* Read from a device file * +*************************************************/ +u32bit Device_Reader::get(byte out[], u32bit length) + { + if(fd < 0) + return 0; + + if(fd >= FD_SETSIZE) + return 0; + + const u32bit READ_WAIT_MS = 10; + + fd_set read_set; + FD_ZERO(&read_set); + FD_SET(fd, &read_set); + + struct ::timeval timeout; + timeout.tv_sec = 0; + timeout.tv_usec = READ_WAIT_MS * 1000; + + if(::select(fd + 1, &read_set, 0, 0, &timeout) < 0) + return 0; + + if(!(FD_ISSET(fd, &read_set))) + return 0; + + const ssize_t got = ::read(fd, out, length); + if(got <= 0) + return 0; + + const u32bit ret = static_cast<u32bit>(got); + + if(ret > length) + return 0; + + return ret; + } + +/************************************************* +* Attempt to open a device * +*************************************************/ +int Device_Reader::open(const std::string& pathname) + { +#ifndef O_NONBLOCK + #define O_NONBLOCK 0 +#endif + +#ifndef O_NOCTTY + #define O_NOCTTY 0 +#endif + + const int flags = O_RDONLY | O_NONBLOCK | O_NOCTTY; + return ::open(pathname.c_str(), flags); + } + +} + +/************************************************* +* Gather entropy from a RNG device * +*************************************************/ +u32bit Device_EntropySource::slow_poll(byte output[], u32bit length) + { + std::vector<std::string> sources = + global_config().option_as_list("rng/es_files"); + + u32bit read = 0; + + for(size_t j = 0; j != sources.size(); ++j) + { + const std::string source = sources[j]; + + Device_Reader reader(Device_Reader::open(source)); + + read += reader.get(output + read, length - read); + + if(read == length) + break; + } + + return read; + } + +} diff --git a/include/es_file.h b/modules/es_dev/es_dev.h index 5be6eccdc..d491a7b18 100644 --- a/include/es_file.h +++ b/modules/es_dev/es_dev.h @@ -1,19 +1,19 @@ /************************************************* -* File EntropySource Header File * +* Device EntropySource Header File * * (C) 1999-2007 The Botan Project * *************************************************/ -#ifndef BOTAN_ENTROPY_SRC_FILE_H__ -#define BOTAN_ENTROPY_SRC_FILE_H__ +#ifndef BOTAN_ENTROPY_SRC_DEVICE_H__ +#define BOTAN_ENTROPY_SRC_DEVICE_H__ #include <botan/base.h> namespace Botan { /************************************************* -* File Based Entropy Source * +* Device Based Entropy Source * *************************************************/ -class File_EntropySource : public EntropySource +class Device_EntropySource : public EntropySource { public: u32bit slow_poll(byte[], u32bit); diff --git a/modules/es_dev/modinfo.txt b/modules/es_dev/modinfo.txt new file mode 100644 index 000000000..3a766013d --- /dev/null +++ b/modules/es_dev/modinfo.txt @@ -0,0 +1,11 @@ +realname "RNG Device Reader" + +define ENTROPY_SRC_DEVICE + +load_on auto +modset unix + +<add> +es_dev.h +es_dev.cpp +</add> diff --git a/modules/es_egd/es_egd.cpp b/modules/es_egd/es_egd.cpp index 0ff19a90b..2fbd03598 100644 --- a/modules/es_egd/es_egd.cpp +++ b/modules/es_egd/es_egd.cpp @@ -52,25 +52,25 @@ u32bit EGD_EntropySource::do_poll(byte output[], u32bit length, throw Exception("EGD_EntropySource: Socket path is too long"); std::strcpy(addr.sun_path, path.c_str()); - int fd = socket(addr.sun_family, SOCK_STREAM, 0); + int fd = ::socket(addr.sun_family, SOCK_STREAM, 0); if(fd == -1) return 0; int len = sizeof(addr.sun_family) + std::strlen(addr.sun_path) + 1; - if(connect(fd, (struct sockaddr*)&addr, len)) - { close(fd); return 0; } + if(::connect(fd, reinterpret_cast<struct ::sockaddr*>(&addr), len)) + { ::close(fd); return 0; } byte buffer[2]; buffer[0] = 1; buffer[1] = static_cast<byte>(length); - if(write(fd, buffer, 2) != 2) { close(fd); return 0; } - if(read(fd, buffer, 1) != 1) { close(fd); return 0; } + if(::write(fd, buffer, 2) != 2) { ::close(fd); return 0; } + if(::read(fd, buffer, 1) != 1) { ::close(fd); return 0; } - ssize_t count = read(fd, output, buffer[0]); + ssize_t count = ::read(fd, output, buffer[0]); if(count == -1) { close(fd); return 0; } - close(fd); + ::close(fd); return count; } diff --git a/modules/es_egd/modinfo.txt b/modules/es_egd/modinfo.txt index 06261862c..6b34f395c 100644 --- a/modules/es_egd/modinfo.txt +++ b/modules/es_egd/modinfo.txt @@ -2,7 +2,8 @@ realname "EGD Entropy Source" define ENTROPY_SRC_EGD -load_on: auto +load_on auto +modset unix <add> es_egd.h diff --git a/modules/es_ftw/es_ftw.cpp b/modules/es_ftw/es_ftw.cpp index 412a95f57..63531eb53 100644 --- a/modules/es_ftw/es_ftw.cpp +++ b/modules/es_ftw/es_ftw.cpp @@ -56,32 +56,32 @@ void FTW_EntropySource::gather_from_dir(const std::string& dirname) if(dirname == "" || files_read >= max_read) return; - DIR* dir = opendir(dirname.c_str()); + DIR* dir = ::opendir(dirname.c_str()); if(dir == 0) return; std::vector<std::string> subdirs; - dirent* entry = readdir(dir); + dirent* entry = ::readdir(dir); while(entry && (files_read < max_read)) { if((std::strcmp(entry->d_name, ".") == 0) || (std::strcmp(entry->d_name, "..") == 0)) - { entry = readdir(dir); continue; } + { entry = ::readdir(dir); continue; } const std::string filename = dirname + '/' + entry->d_name; - struct stat stat_buf; - if(lstat(filename.c_str(), &stat_buf) == -1) - { entry = readdir(dir); continue; } + struct ::stat stat_buf; + if(::lstat(filename.c_str(), &stat_buf) == -1) + { entry = ::readdir(dir); continue; } if(S_ISREG(stat_buf.st_mode)) gather_from_file(filename); else if(S_ISDIR(stat_buf.st_mode)) subdirs.push_back(filename); - entry = readdir(dir); + entry = ::readdir(dir); } - closedir(dir); + ::closedir(dir); for(u32bit j = 0; j != subdirs.size(); j++) gather_from_dir(subdirs[j]); @@ -98,7 +98,7 @@ void FTW_EntropySource::gather_from_file(const std::string& filename) SecureVector<byte> read_buf(1024); ssize_t got = ::read(fd, read_buf.begin(), read_buf.size()); - close(fd); + ::close(fd); if(got > 0) { diff --git a/modules/es_ftw/modinfo.txt b/modules/es_ftw/modinfo.txt index d3e93db69..d932523fd 100644 --- a/modules/es_ftw/modinfo.txt +++ b/modules/es_ftw/modinfo.txt @@ -2,7 +2,8 @@ realname "File Tree Walking Entropy Source" define ENTROPY_SRC_FTW -load_on: auto +load_on auto +modset unix <add> es_ftw.h diff --git a/modules/es_unix/es_unix.cpp b/modules/es_unix/es_unix.cpp index 243ba9164..40be78e22 100644 --- a/modules/es_unix/es_unix.cpp +++ b/modules/es_unix/es_unix.cpp @@ -8,6 +8,10 @@ #include <botan/parsing.h> #include <botan/config.h> #include <algorithm> +#include <sys/time.h> +#include <sys/stat.h> +#include <sys/resource.h> +#include <unistd.h> namespace Botan { @@ -43,7 +47,35 @@ void Unix_EntropySource::add_sources(const Unix_Program srcs[], u32bit count) *************************************************/ void Unix_EntropySource::do_fast_poll() { - gather(2*1024); + const char* STAT_TARGETS[] = { "/", "/tmp", ".", "..", 0 }; + + for(u32bit j = 0; STAT_TARGETS[j]; j++) + { + struct ::stat statbuf; + clear_mem(&statbuf, 1); + ::stat(STAT_TARGETS[j], &statbuf); + add_bytes(&statbuf, sizeof(statbuf)); + } + + add_bytes(::getpid()); + add_bytes(::getppid()); + + add_bytes(::getuid()); + add_bytes(::getgid()); + add_bytes(::geteuid()); + add_bytes(::getegid()); + + add_bytes(::getpgrp()); + add_bytes(::getsid(0)); + + struct ::rusage usage; + + clear_mem(&usage, 1); + ::getrusage(RUSAGE_SELF, &usage); + add_bytes(&usage, sizeof(usage)); + + ::getrusage(RUSAGE_CHILDREN, &usage); + add_bytes(&usage, sizeof(usage)); } /************************************************* @@ -51,56 +83,34 @@ void Unix_EntropySource::do_fast_poll() *************************************************/ void Unix_EntropySource::do_slow_poll() { - gather(16*1024); - } - -/************************************************* -* Gather Entropy From Several Unix_Programs * -*************************************************/ -void Unix_EntropySource::gather(u32bit target_amount) - { + const u32bit TRY_TO_GET = 16 * 1024; const u32bit MINIMAL_WORKING = 32; + const std::string PATH = global_config().option("rng/unix_path"); + u32bit got = 0; for(u32bit j = 0; j != sources.size(); j++) { add_timestamp(); - got += gather_from(sources[j]); - sources[j].working = (got >= MINIMAL_WORKING) ? true : false; + DataSource_Command pipe(sources[j].name_and_args, PATH); + SecureVector<byte> buffer(DEFAULT_BUFFERSIZE); - if(got >= target_amount) - break; - } - } + u32bit got_from_src = 0; -/************************************************* -* Gather entropy from a Unix program * -*************************************************/ -u32bit Unix_EntropySource::gather_from(const Unix_Program& prog) - { - const std::string BASE_PATH = "/bin:/sbin:/usr/bin:/usr/sbin"; - const std::string EXTRA_PATH = global_config().option("rng/unix_path"); + while(!pipe.end_of_data()) + { + u32bit this_loop = pipe.read(buffer, buffer.size()); + add_bytes(buffer, this_loop); + got_from_src += this_loop; + } - std::string PATH = BASE_PATH; - if(EXTRA_PATH != "") - PATH += ':' + EXTRA_PATH; + sources[j].working = (got_from_src >= MINIMAL_WORKING) ? true : false; + got += got_from_src; - DataSource_Command pipe(prog.name_and_args, PATH); - if(pipe.end_of_data()) - return 0; - - u32bit got = 0; - SecureVector<byte> buffer(DEFAULT_BUFFERSIZE); - - while(!pipe.end_of_data()) - { - u32bit this_loop = pipe.read(buffer, buffer.size()); - add_bytes(buffer, this_loop); - got += this_loop; + if(got >= TRY_TO_GET) + break; } - - return got; } } diff --git a/modules/es_unix/es_unix.h b/modules/es_unix/es_unix.h index 167bafc89..149e6f395 100644 --- a/modules/es_unix/es_unix.h +++ b/modules/es_unix/es_unix.h @@ -21,11 +21,10 @@ class Unix_EntropySource : public Buffered_EntropySource void add_sources(const Unix_Program[], u32bit); Unix_EntropySource(); private: + static void add_default_sources(std::vector<Unix_Program>&); + void do_fast_poll(); void do_slow_poll(); - void gather(u32bit); - u32bit gather_from(const Unix_Program&); - static void add_default_sources(std::vector<Unix_Program>&); std::vector<Unix_Program> sources; }; diff --git a/modules/es_unix/modinfo.txt b/modules/es_unix/modinfo.txt index ccb499b82..f16e21289 100644 --- a/modules/es_unix/modinfo.txt +++ b/modules/es_unix/modinfo.txt @@ -1,8 +1,9 @@ realname "Generic Unix Entropy Source" define ENTROPY_SRC_UNIX +modset unix,beos -load_on: auto +load_on auto <add> es_unix.cpp diff --git a/modules/es_unix/unix_cmd.cpp b/modules/es_unix/unix_cmd.cpp index dbefc7e3e..65def8c74 100644 --- a/modules/es_unix/unix_cmd.cpp +++ b/modules/es_unix/unix_cmd.cpp @@ -41,7 +41,7 @@ void do_exec(const std::vector<std::string>& arg_list, { const std::string full_path = paths[j] + "/" + arg_list[0]; const char* fsname = full_path.c_str(); - execl(fsname, fsname, arg1, arg2, arg3, arg4, 0); + ::execl(fsname, fsname, arg1, arg2, arg3, arg4, 0); } } @@ -69,12 +69,12 @@ u32bit DataSource_Command::read(byte buf[], u32bit length) FD_ZERO(&set); FD_SET(pipe->fd, &set); - struct timeval tv; + struct ::timeval tv; tv.tv_sec = 0; tv.tv_usec = MAX_BLOCK_USECS; ssize_t got = 0; - if(select(pipe->fd + 1, &set, 0, 0, &tv) == 1) + if(::select(pipe->fd + 1, &set, 0, 0, &tv) == 1) { if(FD_ISSET(pipe->fd, &set)) got = ::read(pipe->fd, buf, length); @@ -136,7 +136,7 @@ void DataSource_Command::create_pipe(const std::string& path) for(u32bit j = 0; j != paths.size(); j++) { const std::string full_path = paths[j] + "/" + arg_list[0]; - if(access(full_path.c_str(), X_OK) == 0) + if(::access(full_path.c_str(), X_OK) == 0) { found_something = true; break; @@ -149,31 +149,31 @@ void DataSource_Command::create_pipe(const std::string& path) if(::pipe(pipe_fd) != 0) return; - pid_t pid = fork(); + pid_t pid = ::fork(); if(pid == -1) { - close(pipe_fd[0]); - close(pipe_fd[1]); + ::close(pipe_fd[0]); + ::close(pipe_fd[1]); } else if(pid > 0) { pipe = new pipe_wrapper; pipe->fd = pipe_fd[0]; pipe->pid = pid; - close(pipe_fd[1]); + ::close(pipe_fd[1]); } else { if(dup2(pipe_fd[1], STDOUT_FILENO) == -1) - exit(127); + ::exit(127); if(close(pipe_fd[0]) != 0 || close(pipe_fd[1]) != 0) - exit(127); + ::exit(127); if(close(STDERR_FILENO) != 0) - exit(127); + ::exit(127); do_exec(arg_list, paths); - exit(127); + ::exit(127); } } @@ -190,23 +190,23 @@ void DataSource_Command::shutdown_pipe() { kill(pipe->pid, SIGTERM); - struct timeval tv; + struct ::timeval tv; tv.tv_sec = 0; tv.tv_usec = KILL_WAIT; select(0, 0, 0, 0, &tv); - reaped = waitpid(pipe->pid, 0, WNOHANG); + reaped = ::waitpid(pipe->pid, 0, WNOHANG); if(reaped == 0) { - kill(pipe->pid, SIGKILL); + ::kill(pipe->pid, SIGKILL); do - reaped = waitpid(pipe->pid, 0, 0); + reaped = ::waitpid(pipe->pid, 0, 0); while(reaped == -1); } } - close(pipe->fd); + ::close(pipe->fd); delete pipe; pipe = 0; } diff --git a/modules/es_win32/modinfo.txt b/modules/es_win32/modinfo.txt index cc8a525bc..931760979 100644 --- a/modules/es_win32/modinfo.txt +++ b/modules/es_win32/modinfo.txt @@ -4,8 +4,9 @@ realname "Win32 Entropy Source" #note "This module will not run under NT4" define ENTROPY_SRC_WIN32 +modset win32 -load_on: auto +load_on auto <add> es_win32.h diff --git a/modules/fd_unix/modinfo.txt b/modules/fd_unix/modinfo.txt index c659f5377..e1f30ea28 100644 --- a/modules/fd_unix/modinfo.txt +++ b/modules/fd_unix/modinfo.txt @@ -1,8 +1,9 @@ realname "Unix I/O support for Pipe" define PIPE_UNIXFD_IO +modset unix,beos -load_on: auto +load_on auto <add> fd_unix.h diff --git a/modules/ml_unix/modinfo.txt b/modules/ml_unix/modinfo.txt index b25468586..201a30ead 100644 --- a/modules/ml_unix/modinfo.txt +++ b/modules/ml_unix/modinfo.txt @@ -1,6 +1,6 @@ realname "Memory Locking for Unix" -load_on: auto +load_on auto <replace> mlock.cpp diff --git a/modules/ml_win32/modinfo.txt b/modules/ml_win32/modinfo.txt index e886c758f..92936e1de 100644 --- a/modules/ml_win32/modinfo.txt +++ b/modules/ml_win32/modinfo.txt @@ -1,6 +1,6 @@ realname "Memory Locking for Win32" -load_on: auto +load_on auto <replace> mlock.cpp diff --git a/modules/mp_amd64/modinfo.txt b/modules/mp_amd64/modinfo.txt index 0e24da0d9..527d9a2c6 100644 --- a/modules/mp_amd64/modinfo.txt +++ b/modules/mp_amd64/modinfo.txt @@ -2,7 +2,7 @@ realname "MPI Assembler Backend for x86-64/AMD64 Systems" mp_bits 64 -load_on: asm_ok +load_on asm_ok <replace> mp_asm.h diff --git a/modules/mp_asm64/modinfo.txt b/modules/mp_asm64/modinfo.txt index 256a439d3..e371c9ede 100644 --- a/modules/mp_asm64/modinfo.txt +++ b/modules/mp_asm64/modinfo.txt @@ -2,16 +2,14 @@ realname "MPI Assembler Backend for 64 bit Systems" mp_bits 64 -load_on: asm_ok +load_on asm_ok <replace> mp_asm.h </replace> -# Disable amd64 since (nominally) the mp_amd64 module has that covered <arch> alpha -# amd64 ia64 mips64 ppc64 diff --git a/modules/mp_asm64/mp_asm.h b/modules/mp_asm64/mp_asm.h index b3a60219d..6abab6166 100644 --- a/modules/mp_asm64/mp_asm.h +++ b/modules/mp_asm64/mp_asm.h @@ -12,14 +12,7 @@ #error The mp_asm64 module requires that BOTAN_MP_WORD_BITS == 64 #endif -#if defined(BOTAN_TARGET_ARCH_IS_AMD64) - -#define BOTAN_WORD_MUL(a,b,z1,z0) do { \ - asm("mulq %3" : "=d" (z0), "=a" (z1) : \ - "a" (a), "rm" (b) : "cc"); \ -} while(0); - -#elif defined(BOTAN_TARGET_ARCH_IS_ALPHA) +#if defined(BOTAN_TARGET_ARCH_IS_ALPHA) #define BOTAN_WORD_MUL(a,b,z1,z0) do { \ asm("umulh %1,%2,%0" : "=r" (z0) : "r" (a), "r" (b)); \ diff --git a/modules/mp_ia32/modinfo.txt b/modules/mp_ia32/modinfo.txt index 805fb656f..2fa8db56e 100644 --- a/modules/mp_ia32/modinfo.txt +++ b/modules/mp_ia32/modinfo.txt @@ -2,7 +2,7 @@ realname "MPI Assembler Backend for x86 Systems" mp_bits 32 -load_on: asm_ok +load_on asm_ok <replace> mp_asm.h diff --git a/modules/mux_pthr/modinfo.txt b/modules/mux_pthr/modinfo.txt index f14137dd5..88de70de0 100644 --- a/modules/mux_pthr/modinfo.txt +++ b/modules/mux_pthr/modinfo.txt @@ -2,7 +2,7 @@ realname "Pthread Mutex" define MUTEX_PTHREAD -load_on: auto +load_on auto <add> mux_pthr.cpp diff --git a/modules/mux_qt/modinfo.txt b/modules/mux_qt/modinfo.txt index 32094eaf4..a21108c79 100644 --- a/modules/mux_qt/modinfo.txt +++ b/modules/mux_qt/modinfo.txt @@ -4,7 +4,7 @@ define MUTEX_QT note "You'll probably have to add -I/-L flags to the Makefile to find Qt" -load_on: request +load_on request <add> mux_qt.cpp diff --git a/modules/mux_win32/modinfo.txt b/modules/mux_win32/modinfo.txt index 320d21b5b..d235ff73c 100644 --- a/modules/mux_win32/modinfo.txt +++ b/modules/mux_win32/modinfo.txt @@ -1,8 +1,9 @@ realname "Win32 Mutex" define MUTEX_WIN32 +modset win32 -load_on: auto +load_on auto <add> mux_win32.cpp diff --git a/modules/tm_hard/modinfo.txt b/modules/tm_hard/modinfo.txt index 35f13dd91..5c928cf83 100644 --- a/modules/tm_hard/modinfo.txt +++ b/modules/tm_hard/modinfo.txt @@ -2,7 +2,7 @@ realname "Hardware Timer" define TIMER_HARDWARE -load_on: asm_ok +load_on asm_ok <add> tm_hard.cpp diff --git a/modules/tm_hard/tm_hard.cpp b/modules/tm_hard/tm_hard.cpp index da9aa3fd2..251fc9cfd 100644 --- a/modules/tm_hard/tm_hard.cpp +++ b/modules/tm_hard/tm_hard.cpp @@ -18,11 +18,11 @@ u64bit Hardware_Timer::clock() const #if defined(BOTAN_TARGET_ARCH_IS_IA32) || defined(BOTAN_TARGET_ARCH_IS_AMD64) u32bit rtc_low = 0, rtc_high = 0; asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low)); - rtc = ((u64bit)rtc_high << 32) | rtc_low; + rtc = (static_cast<u64bit>(rtc_high) << 32) | rtc_low; #elif defined(BOTAN_TARGET_ARCH_IS_PPC) || defined(BOTAN_TARGET_ARCH_IS_PPC64) u32bit rtc_low = 0, rtc_high = 0; asm volatile("mftbu %0; mftb %1" : "=r" (rtc_high), "=r" (rtc_low)); - rtc = ((u64bit)rtc_high << 32) | rtc_low; + rtc = (static_cast<u64bit>(rtc_high) << 32) | rtc_low; #elif defined(BOTAN_TARGET_ARCH_IS_ALPHA) asm volatile("rpcc %0" : "=r" (rtc)); #elif defined(BOTAN_TARGET_ARCH_IS_SPARC64) diff --git a/modules/tm_posix/modinfo.txt b/modules/tm_posix/modinfo.txt index b6c1d6916..e9298a81c 100644 --- a/modules/tm_posix/modinfo.txt +++ b/modules/tm_posix/modinfo.txt @@ -2,7 +2,7 @@ realname "POSIX Timer" define TIMER_POSIX -load_on: auto +load_on auto <add> tm_posix.cpp diff --git a/modules/tm_posix/tm_posix.cpp b/modules/tm_posix/tm_posix.cpp index 7a6b667c4..e5e1f3f93 100644 --- a/modules/tm_posix/tm_posix.cpp +++ b/modules/tm_posix/tm_posix.cpp @@ -23,8 +23,8 @@ namespace Botan { *************************************************/ u64bit POSIX_Timer::clock() const { - struct timespec tv; - clock_gettime(CLOCK_REALTIME, &tv); + struct ::timespec tv; + ::clock_gettime(CLOCK_REALTIME, &tv); return combine_timers(tv.tv_sec, tv.tv_nsec, 1000000000); } diff --git a/modules/tm_unix/modinfo.txt b/modules/tm_unix/modinfo.txt index 405e341c4..495914589 100644 --- a/modules/tm_unix/modinfo.txt +++ b/modules/tm_unix/modinfo.txt @@ -2,7 +2,8 @@ realname "Unix Timer" define TIMER_UNIX -load_on: auto +load_on auto +modset unix,beos <add> tm_unix.cpp diff --git a/modules/tm_unix/tm_unix.cpp b/modules/tm_unix/tm_unix.cpp index cb9a8431f..51224a7d2 100644 --- a/modules/tm_unix/tm_unix.cpp +++ b/modules/tm_unix/tm_unix.cpp @@ -14,8 +14,8 @@ namespace Botan { *************************************************/ u64bit Unix_Timer::clock() const { - struct timeval tv; - gettimeofday(&tv, 0); + struct ::timeval tv; + ::gettimeofday(&tv, 0); return combine_timers(tv.tv_sec, tv.tv_usec, 1000000); } diff --git a/modules/tm_win32/modinfo.txt b/modules/tm_win32/modinfo.txt index cc5f06197..74c4a59ea 100644 --- a/modules/tm_win32/modinfo.txt +++ b/modules/tm_win32/modinfo.txt @@ -1,8 +1,9 @@ realname "Win32 Timer" define TIMER_WIN32 +modset win32 -load_on: auto +load_on auto <add> tm_win32.cpp diff --git a/readme.txt b/readme.txt index 9acc5eb87..882db47d6 100644 --- a/readme.txt +++ b/readme.txt @@ -1,4 +1,4 @@ -Botan 1.7.1 +Botan 1.7.3 (prerelease) Please note that this is an experimental / development version of Botan. Don't be surprised by bugs. No, the documentation hasn't been @@ -8,5 +8,8 @@ stable release (either 1.4.x or, preferably, 1.6.x). You can file bugs at http://www.randombit.net/bugzilla +For more information, see info.txt, the API manual, and the tutorial, +all of which can be found in the doc/ directory. + Jack diff --git a/src/adler32.cpp b/src/adler32.cpp index 51f6cbea3..e2ee02cb8 100644 --- a/src/adler32.cpp +++ b/src/adler32.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/adler32.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/aes.cpp b/src/aes.cpp index b345763cb..09ff81234 100644 --- a/src/aes.cpp +++ b/src/aes.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/aes.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/asn1_alt.cpp b/src/asn1_alt.cpp index 3a1eca625..9941ef567 100644 --- a/src/asn1_alt.cpp +++ b/src/asn1_alt.cpp @@ -9,6 +9,8 @@ #include <botan/oids.h> #include <botan/stl_util.h> #include <botan/charset.h> +#include <botan/parsing.h> +#include <botan/loadstor.h> namespace Botan { @@ -17,11 +19,13 @@ namespace Botan { *************************************************/ AlternativeName::AlternativeName(const std::string& email_addr, const std::string& uri, - const std::string& dns) + const std::string& dns, + const std::string& ip) { add_attribute("RFC822", email_addr); add_attribute("DNS", dns); add_attribute("URI", uri); + add_attribute("IP", ip); } /************************************************* @@ -109,8 +113,18 @@ void encode_entries(DER_Encoder& encoder, std::pair<iter, iter> range = attr.equal_range(type); for(iter j = range.first; j != range.second; ++j) { - ASN1_String asn1_string(j->second, IA5_STRING); - encoder.add_object(tagging, CONTEXT_SPECIFIC, asn1_string.iso_8859()); + if(type == "RFC822" || type == "DNS" || type == "URI") + { + ASN1_String asn1_string(j->second, IA5_STRING); + encoder.add_object(tagging, CONTEXT_SPECIFIC, asn1_string.iso_8859()); + } + else if(type == "IP") + { + u32bit ip = string_to_ipv4(j->second); + byte ip_buf[4] = { 0 }; + store_be(ip, ip_buf); + encoder.add_object(tagging, CONTEXT_SPECIFIC, ip_buf, 4); + } } } @@ -126,6 +140,7 @@ void AlternativeName::encode_into(DER_Encoder& der) const encode_entries(der, alt_info, "RFC822", ASN1_Tag(1)); encode_entries(der, alt_info, "DNS", ASN1_Tag(2)); encode_entries(der, alt_info, "URI", ASN1_Tag(6)); + encode_entries(der, alt_info, "IP", ASN1_Tag(7)); std::multimap<OID, ASN1_String>::const_iterator i; for(i = othernames.begin(); i != othernames.end(); ++i) @@ -195,6 +210,14 @@ void AlternativeName::decode_from(BER_Decoder& source) if(tag == 2) add_attribute("DNS", value); if(tag == 6) add_attribute("URI", value); } + else if(tag == 7) + { + if(obj.value.size() == 4) + { + u32bit ip = load_be<u32bit>(obj.value.begin(), 0); + add_attribute("IP", ipv4_to_string(ip)); + } + } } } diff --git a/src/asn1_ku.cpp b/src/asn1_ku.cpp index 1fa236d9f..5d6711bbc 100644 --- a/src/asn1_ku.cpp +++ b/src/asn1_ku.cpp @@ -6,7 +6,6 @@ #include <botan/asn1_obj.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> -#include <botan/bit_ops.h> namespace Botan { diff --git a/src/ber_dec.cpp b/src/ber_dec.cpp index 5df9a2c35..2537a917b 100644 --- a/src/ber_dec.cpp +++ b/src/ber_dec.cpp @@ -5,7 +5,7 @@ #include <botan/ber_dec.h> #include <botan/bigint.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/big_base.cpp b/src/big_base.cpp index 25d0832c6..fce11fe73 100644 --- a/src/big_base.cpp +++ b/src/big_base.cpp @@ -5,7 +5,7 @@ #include <botan/bigint.h> #include <botan/mp_core.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> #include <botan/parsing.h> #include <botan/util.h> diff --git a/src/big_ops2.cpp b/src/big_ops2.cpp index 2e6c6df94..d28f343f2 100644 --- a/src/big_ops2.cpp +++ b/src/big_ops2.cpp @@ -4,10 +4,8 @@ *************************************************/ #include <botan/bigint.h> -#include <botan/numthry.h> #include <botan/mp_core.h> #include <botan/bit_ops.h> -#include <botan/util.h> #include <algorithm> namespace Botan { diff --git a/src/bit_ops.cpp b/src/bit_ops.cpp index 1847b5773..fa08c5a9f 100644 --- a/src/bit_ops.cpp +++ b/src/bit_ops.cpp @@ -4,11 +4,12 @@ *************************************************/ #include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { /************************************************* -* XOR arrays together * +* Array XOR * *************************************************/ void xor_buf(byte data[], const byte mask[], u32bit length) { @@ -24,6 +25,9 @@ void xor_buf(byte data[], const byte mask[], u32bit length) data[j] ^= mask[j]; } +/************************************************* +* Array XOR * +*************************************************/ void xor_buf(byte out[], const byte in[], const byte mask[], u32bit length) { while(length >= 8) @@ -39,6 +43,35 @@ void xor_buf(byte out[], const byte in[], const byte mask[], u32bit length) } /************************************************* +* Reverse bytes * +*************************************************/ +u16bit reverse_bytes(u16bit input) + { + return rotate_left(input, 8); + } + +/************************************************* +* Reverse bytes * +*************************************************/ +u32bit reverse_bytes(u32bit input) + { + input = ((input & 0xFF00FF00) >> 8) | ((input & 0x00FF00FF) << 8); + return rotate_left(input, 16); + } + +/************************************************* +* Reverse bytes * +*************************************************/ +u64bit reverse_bytes(u64bit input) + { + input = ((input & 0xFF00FF00FF00FF00) >> 8) | + ((input & 0x00FF00FF00FF00FF) << 8); + input = ((input & 0xFFFF0000FFFF0000) >> 16) | + ((input & 0x0000FFFF0000FFFF) << 16); + return rotate_left(input, 32); + } + +/************************************************* * Return true iff arg is 2**n for some n > 0 * *************************************************/ bool power_of_2(u64bit arg) diff --git a/src/blowfish.cpp b/src/blowfish.cpp index 779053266..f6f8213c4 100644 --- a/src/blowfish.cpp +++ b/src/blowfish.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/blowfish.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/buf_es.cpp b/src/buf_es.cpp index 409a98297..b0ae98865 100644 --- a/src/buf_es.cpp +++ b/src/buf_es.cpp @@ -36,6 +36,7 @@ u32bit Buffered_EntropySource::fast_poll(byte out[], u32bit length) u32bit Buffered_EntropySource::slow_poll(byte out[], u32bit length) { do_slow_poll(); + done_slow_poll = true; return copy_out(out, length, buffer.size()); } @@ -53,6 +54,7 @@ void Buffered_EntropySource::do_fast_poll() void Buffered_EntropySource::add_bytes(const void* entropy_ptr, u32bit length) { const byte* bytes = static_cast<const byte*>(entropy_ptr); + while(length) { u32bit copied = std::min(length, buffer.size() - write_pos); diff --git a/src/cast128.cpp b/src/cast128.cpp index 481897810..1d9222460 100644 --- a/src/cast128.cpp +++ b/src/cast128.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/cast128.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/cast256.cpp b/src/cast256.cpp index 1064ed0de..e7e978665 100644 --- a/src/cast256.cpp +++ b/src/cast256.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/cast256.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/cbc_mac.cpp b/src/cbc_mac.cpp new file mode 100644 index 000000000..ff2347497 --- /dev/null +++ b/src/cbc_mac.cpp @@ -0,0 +1,109 @@ +/************************************************* +* CBC-MAC Source File * +* (C) 1999-2007 The Botan Project * +*************************************************/ + +#include <botan/cbc_mac.h> +#include <botan/lookup.h> +#include <botan/bit_ops.h> +#include <algorithm> + +namespace Botan { + +/************************************************* +* Update an CBC-MAC Calculation * +*************************************************/ +void CBC_MAC::add_data(const byte input[], u32bit length) + { + u32bit xored = std::min(OUTPUT_LENGTH - position, length); + xor_buf(state + position, input, xored); + position += xored; + + if(position < OUTPUT_LENGTH) + return; + + e->encrypt(state); + input += xored; + length -= xored; + while(length >= OUTPUT_LENGTH) + { + xor_buf(state, input, OUTPUT_LENGTH); + e->encrypt(state); + input += OUTPUT_LENGTH; + length -= OUTPUT_LENGTH; + } + + xor_buf(state, input, length); + position = length; + } + +/************************************************* +* Finalize an CBC-MAC Calculation * +*************************************************/ +void CBC_MAC::final_result(byte mac[]) + { + if(position) + e->encrypt(state); + + copy_mem(mac, state.begin(), state.size()); + state.clear(); + position = 0; + } + +/************************************************* +* CBC-MAC Key Schedule * +*************************************************/ +void CBC_MAC::key(const byte key[], u32bit length) + { + e->set_key(key, length); + } + +/************************************************* +* Clear memory of sensitive data * +*************************************************/ +void CBC_MAC::clear() throw() + { + e->clear(); + state.clear(); + position = 0; + } + +/************************************************* +* Return the name of this type * +*************************************************/ +std::string CBC_MAC::name() const + { + return "CBC-MAC(" + e->name() + ")"; + } + +/************************************************* +* Return a clone of this object * +*************************************************/ +MessageAuthenticationCode* CBC_MAC::clone() const + { + return new CBC_MAC(e->name()); + } + +/************************************************* +* CBC-MAC Constructor * +*************************************************/ +CBC_MAC::CBC_MAC(const std::string& cipher) : + MessageAuthenticationCode(block_size_of(cipher), + min_keylength_of(cipher), + max_keylength_of(cipher), + keylength_multiple_of(cipher)), + state(block_size_of(cipher)) + { + e = get_block_cipher(cipher); + position = 0; + } + +/************************************************* +* CBC-MAC Destructor * +*************************************************/ +CBC_MAC::~CBC_MAC() + { + delete e; + } + +} diff --git a/src/crc24.cpp b/src/crc24.cpp index e5576a566..e7df4ea0f 100644 --- a/src/crc24.cpp +++ b/src/crc24.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/crc24.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/crc32.cpp b/src/crc32.cpp index e897cbc02..f950b136b 100644 --- a/src/crc32.cpp +++ b/src/crc32.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/crc32.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/def_alg.cpp b/src/def_alg.cpp index 09ae5c978..2dbd30621 100644 --- a/src/def_alg.cpp +++ b/src/def_alg.cpp @@ -52,6 +52,7 @@ #include <botan/whrlpool.h> #include <botan/par_hash.h> +#include <botan/cbc_mac.h> #include <botan/cmac.h> #include <botan/hmac.h> #include <botan/x919_mac.h> @@ -219,6 +220,7 @@ Default_Engine::find_mac(const std::string& algo_spec) const return 0; const std::string algo_name = deref_alias(name[0]); + HANDLE_TYPE_ONE_STRING("CBC-MAC", CBC_MAC); HANDLE_TYPE_ONE_STRING("CMAC", CMAC); HANDLE_TYPE_ONE_STRING("HMAC", HMAC); HANDLE_TYPE_NO_ARGS("X9.19-MAC", ANSI_X919_MAC); diff --git a/src/defalloc.cpp b/src/defalloc.cpp index a4a4727af..f7d880cda 100644 --- a/src/defalloc.cpp +++ b/src/defalloc.cpp @@ -50,7 +50,7 @@ void do_free(void* ptr, u32bit n, bool do_lock) /************************************************* * Malloc_Allocator's Allocation * *************************************************/ -void* Malloc_Allocator::alloc_block(u32bit n) +void* Malloc_Allocator::allocate(u32bit n) { return do_malloc(n, false); } @@ -58,7 +58,7 @@ void* Malloc_Allocator::alloc_block(u32bit n) /************************************************* * Malloc_Allocator's Deallocation * *************************************************/ -void Malloc_Allocator::dealloc_block(void* ptr, u32bit n) +void Malloc_Allocator::deallocate(void* ptr, u32bit n) { do_free(ptr, n, false); } diff --git a/src/der_enc.cpp b/src/der_enc.cpp index fa4575858..e418568bc 100644 --- a/src/der_enc.cpp +++ b/src/der_enc.cpp @@ -6,6 +6,7 @@ #include <botan/der_enc.h> #include <botan/asn1_int.h> #include <botan/bigint.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> #include <botan/parsing.h> #include <algorithm> diff --git a/src/des.cpp b/src/des.cpp index de95ed5be..18b183bc9 100644 --- a/src/des.cpp +++ b/src/des.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/des.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/dl_group.cpp b/src/dl_group.cpp index 9d50458dd..1b52102db 100644 --- a/src/dl_group.cpp +++ b/src/dl_group.cpp @@ -28,7 +28,12 @@ DL_Group::DL_Group() *************************************************/ DL_Group::DL_Group(const std::string& type) { - DataSource_Memory pem(global_config().get("dl", type)); + std::string grp_contents = global_config().get("dl", type); + + if(grp_contents == "") + throw Invalid_Argument("DL_Group: Unknown group " + type); + + DataSource_Memory pem(grp_contents); PEM_decode(pem); } diff --git a/src/dsa_gen.cpp b/src/dsa_gen.cpp index 28d27c06b..c4e475a49 100644 --- a/src/dsa_gen.cpp +++ b/src/dsa_gen.cpp @@ -7,7 +7,6 @@ #include <botan/numthry.h> #include <botan/libstate.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> #include <botan/parsing.h> #include <botan/rng.h> #include <algorithm> diff --git a/src/es_file.cpp b/src/es_file.cpp deleted file mode 100644 index 5d010fa70..000000000 --- a/src/es_file.cpp +++ /dev/null @@ -1,34 +0,0 @@ -/************************************************* -* File EntropySource Source File * -* (C) 1999-2007 The Botan Project * -*************************************************/ - -#include <botan/es_file.h> -#include <botan/config.h> -#include <fstream> - -namespace Botan { - -/************************************************* -* Gather Entropy from Randomness Source * -*************************************************/ -u32bit File_EntropySource::slow_poll(byte output[], u32bit length) - { - std::vector<std::string> sources = - global_config().option_as_list("rng/es_files"); - - u32bit read = 0; - for(u32bit j = 0; j != sources.size(); ++j) - { - std::ifstream random_source(sources[j].c_str(), std::ios::binary); - if(!random_source) continue; - random_source.read(reinterpret_cast<char*>(output) + read, length); - read += random_source.gcount(); - length -= random_source.gcount(); - if(length == 0) - break; - } - return read; - } - -} diff --git a/src/fork256.cpp b/src/fork256.cpp index af2d7a756..e0b39c5d7 100644 --- a/src/fork256.cpp +++ b/src/fork256.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/fork256.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/gost.cpp b/src/gost.cpp index d999d0d2d..6e82c57f6 100644 --- a/src/gost.cpp +++ b/src/gost.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/gost.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/has160.cpp b/src/has160.cpp index 7c6721903..8e7cb3fe7 100644 --- a/src/has160.cpp +++ b/src/has160.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/has160.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/hex.cpp b/src/hex.cpp index 88ee4b6ae..252c0622b 100644 --- a/src/hex.cpp +++ b/src/hex.cpp @@ -4,7 +4,6 @@ *************************************************/ #include <botan/hex.h> -#include <botan/bit_ops.h> #include <botan/parsing.h> #include <botan/charset.h> #include <algorithm> diff --git a/src/idea.cpp b/src/idea.cpp index c12f7b5b9..e2338fa0d 100644 --- a/src/idea.cpp +++ b/src/idea.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/idea.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { @@ -13,17 +13,44 @@ namespace { /************************************************* * Multiplication modulo 65537 * *************************************************/ -inline void mul(u16bit& a, u16bit b) +inline u16bit mul(u16bit x, u16bit y) { - if(a && b) + if(x && y) { - u32bit temp = static_cast<u32bit>(a) * b; - a = static_cast<u16bit>(temp >> 16); - b = static_cast<u16bit>(temp & 0xFFFF); - a = static_cast<u16bit>(b - a + ((b < a) ? 1 : 0)); + u32bit T = static_cast<u32bit>(x) * y; + x = static_cast<u16bit>(T >> 16); + y = static_cast<u16bit>(T & 0xFFFF); + return static_cast<u16bit>(y - x + ((y < x) ? 1 : 0)); } else - a = static_cast<u16bit>(1 - a - b); + return static_cast<u16bit>(1 - x - y); + } + +/************************************************* +* Find multiplicative inverses modulo 65537 * +*************************************************/ +u16bit mul_inv(u16bit x) + { + if(x <= 1) + return x; + + u16bit t0 = static_cast<u16bit>(65537 / x), t1 = 1; + u16bit y = static_cast<u16bit>(65537 % x); + + while(y != 1) + { + u16bit q = x / y; + x %= y; + t1 += q * t0; + + if(x == 1) + return t1; + + q = y / x; + y %= x; + t0 += q * t1; + } + return (1 - t0); } } @@ -40,24 +67,28 @@ void IDEA::enc(const byte in[], byte out[]) const for(u32bit j = 0; j != 8; ++j) { - mul(X1, EK[6*j+0]); + X1 = mul(X1, EK[6*j+0]); X2 += EK[6*j+1]; X3 += EK[6*j+2]; - mul(X4, EK[6*j+3]); + X4 = mul(X4, EK[6*j+3]); + u16bit T0 = X3; - X3 ^= X1; - mul(X3, EK[6*j+4]); + X3 = mul(X3 ^ X1, EK[6*j+4]); + u16bit T1 = X2; - X2 = static_cast<u16bit>((X2 ^ X4) + X3); - mul(X2, EK[6*j+5]); + X2 = mul((X2 ^ X4) + X3, EK[6*j+5]); X3 += X2; + X1 ^= X2; X4 ^= X3; X2 ^= T0; X3 ^= T1; } - mul(X1, EK[48]); X2 += EK[50]; X3 += EK[49]; mul(X4, EK[51]); + X1 = mul(X1, EK[48]); + X2 += EK[50]; + X3 += EK[49]; + X4 = mul(X4, EK[51]); store_be(out, X1, X3, X2, X4); } @@ -74,54 +105,33 @@ void IDEA::dec(const byte in[], byte out[]) const for(u32bit j = 0; j != 8; ++j) { - mul(X1, DK[6*j+0]); + X1 = mul(X1, DK[6*j+0]); X2 += DK[6*j+1]; X3 += DK[6*j+2]; - mul(X4, DK[6*j+3]); + X4 = mul(X4, DK[6*j+3]); + u16bit T0 = X3; - X3 ^= X1; - mul(X3, DK[6*j+4]); + X3 = mul(X3 ^ X1, DK[6*j+4]); + u16bit T1 = X2; - X2 = static_cast<u16bit>((X2 ^ X4) + X3); - mul(X2, DK[6*j+5]); + X2 = mul((X2 ^ X4) + X3, DK[6*j+5]); X3 += X2; + X1 ^= X2; X4 ^= X3; X2 ^= T0; X3 ^= T1; } - mul(X1, DK[48]); X2 += DK[50]; X3 += DK[49]; mul(X4, DK[51]); + X1 = mul(X1, DK[48]); + X2 += DK[50]; + X3 += DK[49]; + X4 = mul(X4, DK[51]); store_be(out, X1, X3, X2, X4); } /************************************************* -* Find multiplicative inverses modulo 65537 * -*************************************************/ -u16bit IDEA::mul_inv(u16bit x) - { - if(x <= 1) - return x; - - u16bit t0 = static_cast<u16bit>(65537 / x), t1 = 1; - u16bit y = static_cast<u16bit>(65537 % x); - - while(y != 1) - { - u16bit q = static_cast<u16bit>(x / y); - x %= y; - t1 += static_cast<u16bit>(q * t0); - if(x == 1) - return t1; - q = static_cast<u16bit>(y / x); - y %= x; - t0 += static_cast<u16bit>(q * t1); - } - return static_cast<u16bit>(1 - t0); - } - -/************************************************* * IDEA Key Schedule * *************************************************/ void IDEA::key(const byte key[], u32bit) diff --git a/src/inifile.cpp b/src/inifile.cpp deleted file mode 100644 index a75ca654f..000000000 --- a/src/inifile.cpp +++ /dev/null @@ -1,138 +0,0 @@ -/************************************************* -* Configuration Reader Source File * -* (C) 1999-2007 The Botan Project * -*************************************************/ - -#include <botan/config.h> -#include <botan/charset.h> -#include <botan/parsing.h> -#include <botan/exceptn.h> -#include <fstream> -#include <map> - -namespace Botan { - -namespace { - -/************************************************* -* Strip comments and whitespace from line * -*************************************************/ -std::string strip_whitespace(const std::string& line) - { - bool is_escaped = false, in_quote = false, in_string = false; - std::string new_line; - - for(std::string::const_iterator j = line.begin(); j != line.end(); ++j) - { - const char c = *j; - - if(c == '"' && !is_escaped && !in_string) - { in_quote = !in_quote; continue; } - if(c == '\'' && !is_escaped && !in_quote) - { in_string = !in_string; continue; } - if(c == '#' && !is_escaped && !in_quote && !in_string) - return new_line; - if(c == '\\' && !is_escaped) { is_escaped = true; continue; } - - if(Charset::is_space(c) && !in_quote && !in_string && !is_escaped) - continue; - - new_line += c; - is_escaped = false; - } - - return new_line; - } - -/************************************************* -* Do variable interpolation * -*************************************************/ -std::string interpolate(const std::string& value, - const std::map<std::string, std::string>& variables) - { - std::string variable, suffix; - - if(value.find('.') == std::string::npos) - variable = value; - else - { - variable = value.substr(0, value.find('.')); - suffix = value.substr(value.find('.'), std::string::npos); - } - - if(variables.find(variable) != variables.end()) - { - const std::string result = variables.find(variable)->second; - if(variable == result) - return value; - return interpolate(result, variables) + suffix; - } - return value; - } - -} - -/************************************************* -* Load a configuration file * -*************************************************/ -void Config::load_inifile(const std::string& fsname) - { - std::ifstream config(fsname.c_str()); - - if(!config) - throw Config_Error("Could not open config file " + fsname); - - u32bit line_no = 0; - std::string line, section; - std::map<std::string, std::string> variables; - - while(std::getline(config, line)) - { - ++line_no; - - line = strip_whitespace(line); - - if(line == "") - continue; - - if(line[0] == '[' && line[line.size()-1] == ']') - { - section = line.substr(1, line.size() - 2); - if(section == "") - throw Config_Error("Empty section name", line_no); - continue; - } - - if(section == "") - throw Config_Error("Section must be set before assignment", line_no); - - std::vector<std::string> name_and_value; - try { - name_and_value = split_on(line, '='); - } - catch(Format_Error) - { - throw Config_Error("Bad assignment: " + line, line_no); - } - - if(name_and_value.size() != 2) - throw Config_Error("Bad line: " + line, line_no); - const std::string name = name_and_value[0]; - const std::string value = interpolate(name_and_value[1], variables); - - if(variables.find(name) == variables.end()) - variables[name] = value; - - if(section == "oids") - { - set("oid2str", name, value, false); - set("str2oid", value, name, false); - } - else if(section == "aliases") - set("alias", name, value); - else - set("conf", section + '/' + name, value); - } - } - -} diff --git a/src/init_def.cpp b/src/init_def.cpp index 7f465d3eb..f77b65453 100644 --- a/src/init_def.cpp +++ b/src/init_def.cpp @@ -6,73 +6,20 @@ #include <botan/init.h> #include <botan/libstate.h> #include <botan/modules.h> -#include <botan/config.h> -#include <botan/defalloc.h> -#include <botan/fips140.h> -#include <botan/x931_rng.h> -#include <botan/def_char.h> namespace Botan { /************************************************* * Library Initialization * *************************************************/ -void LibraryInitializer::initialize(const std::string& arg_string) - { - InitializerOptions args(arg_string); - initialize(args); - } - -/************************************************* -* Library Initialization * -*************************************************/ -void LibraryInitializer::initialize(const InitializerOptions& args) - { - Builtin_Modules modules(args); - initialize(args, modules); - } - -/************************************************* -* Library Initialization * -*************************************************/ void LibraryInitializer::initialize(const InitializerOptions& args, Modules& modules) { try { - set_global_state( - new Library_State( - args.thread_safe() ? - modules.mutex_factory() : - new Default_Mutex_Factory - ) - ); - - global_state().config().load_defaults(); - if(args.config_file() != "") - global_config().load_inifile(args.config_file()); - - global_state().load(modules); - global_state().set_prng(new ANSI_X931_RNG); - - if(args.seed_rng()) - { - for(u32bit j = 0; j != 4; ++j) - { - global_state().seed_prng(true, 384); - if(global_state().rng_is_seeded()) - break; - } - - if(!global_state().rng_is_seeded()) - throw PRNG_Unseeded("Unable to collect sufficient entropy"); - } + set_global_state(new Library_State); - if(args.fips_mode() || args.self_test()) - { - if(!FIPS140::passes_self_tests()) - throw Self_Test_Failure("FIPS-140 startup tests"); - } + global_state().initialize(args, modules); } catch(...) { @@ -89,4 +36,25 @@ void LibraryInitializer::deinitialize() set_global_state(0); } +/************************************************* +* Library Initialization * +*************************************************/ +void LibraryInitializer::initialize(const std::string& arg_string) + { + InitializerOptions args(arg_string); + Builtin_Modules modules(args); + + initialize(args, modules); + } + +/************************************************* +* Library Initialization * +*************************************************/ +void LibraryInitializer::initialize(const InitializerOptions& args) + { + Builtin_Modules modules(args); + + initialize(args, modules); + } + } diff --git a/src/init_opt.cpp b/src/init_opt.cpp index a92d795b0..48dd00967 100644 --- a/src/init_opt.cpp +++ b/src/init_opt.cpp @@ -86,15 +86,6 @@ bool InitializerOptions::self_test() const } /************************************************* -* Return the config file to load, if any * -*************************************************/ -std::string InitializerOptions::config_file() const - { - std::map<std::string, std::string>::const_iterator i = args.find("config"); - return (i != args.end()) ? i->second : ""; - } - -/************************************************* * Setup an InitializerOptions * *************************************************/ InitializerOptions::InitializerOptions(const std::string& arg_string) diff --git a/src/kasumi.cpp b/src/kasumi.cpp index 43eff7311..18cc0438e 100644 --- a/src/kasumi.cpp +++ b/src/kasumi.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/kasumi.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/kdf.cpp b/src/kdf.cpp index b35fcd20a..22d8ac7cc 100644 --- a/src/kdf.cpp +++ b/src/kdf.cpp @@ -5,7 +5,7 @@ #include <botan/kdf.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> #include <algorithm> #include <memory> diff --git a/src/libstate.cpp b/src/libstate.cpp index e2a81d598..7b6a929c5 100644 --- a/src/libstate.cpp +++ b/src/libstate.cpp @@ -12,6 +12,8 @@ #include <botan/mutex.h> #include <botan/timers.h> #include <botan/charset.h> +#include <botan/x931_rng.h> +#include <botan/fips140.h> #include <algorithm> namespace Botan { @@ -31,7 +33,7 @@ Library_State* global_lib_state = 0; Library_State& global_state() { if(!global_lib_state) - throw Invalid_State("Library was not initialized correctly"); + LibraryInitializer::initialize(); return (*global_lib_state); } @@ -136,11 +138,8 @@ void Library_State::set_default_allocator(const std::string& type) const *************************************************/ void Library_State::set_timer(Timer* new_timer) { - if(new_timer) - { - delete timer; - timer = new_timer; - } + delete timer; + timer = new_timer; } /************************************************* @@ -312,18 +311,39 @@ void Library_State::pulse(Pulse_Type pulse_type) const Config& Library_State::config() const { if(!config_obj) - throw Invalid_State("Library_State::config(): No config set"); + { + config_obj = new Config(); + config_obj->load_defaults(); + } return (*config_obj); } /************************************************* -* Load modules * +* Load a set of modules * *************************************************/ -void Library_State::load(Modules& modules) +void Library_State::initialize(const InitializerOptions& args, + Modules& modules) { - set_timer(modules.timer()); - set_transcoder(modules.transcoder()); + if(mutex_factory) + throw Invalid_State("Library_State has already been initialized"); + + if(args.thread_safe()) + mutex_factory = modules.mutex_factory(); + else + mutex_factory = new Default_Mutex_Factory; + + cached_default_allocator = 0; + x509_state_obj = 0; + ui = 0; + + timer = modules.timer(); + transcoder = modules.transcoder(); + + locks["settings"] = get_mutex(); + locks["allocator"] = get_mutex(); + locks["rng"] = get_mutex(); + locks["engine"] = get_mutex(); std::vector<Allocator*> mod_allocs = modules.allocators(); for(u32bit j = 0; j != mod_allocs.size(); ++j) @@ -341,28 +361,44 @@ void Library_State::load(Modules& modules) std::vector<EntropySource*> sources = modules.entropy_sources(); for(u32bit j = 0; j != sources.size(); ++j) add_entropy_source(sources[j]); + + set_prng(new ANSI_X931_RNG); + + if(args.seed_rng()) + { + for(u32bit j = 0; j != 4; ++j) + { + seed_prng(true, 384); + if(rng_is_seeded()) + break; + } + + if(!rng_is_seeded()) + throw PRNG_Unseeded("Unable to collect sufficient entropy"); + } + + if(args.fips_mode() || args.self_test()) + { + if(!FIPS140::passes_self_tests()) + throw Self_Test_Failure("FIPS-140 startup tests"); + } } /************************************************* * Library_State Constructor * *************************************************/ -Library_State::Library_State(Mutex_Factory* mutex_factory) +Library_State::Library_State() { - if(!mutex_factory) - throw Exception("Library_State: no mutex found"); + mutex_factory = 0; - this->mutex_factory = mutex_factory; - this->timer = new Timer(); - this->transcoder = 0; - this->config_obj = new Config(); + timer = 0; + config_obj = 0; + x509_state_obj = 0; - locks["settings"] = get_mutex(); - locks["allocator"] = get_mutex(); - locks["rng"] = get_mutex(); - locks["engine"] = get_mutex(); + ui = 0; + transcoder = 0; rng = 0; cached_default_allocator = 0; - x509_state_obj = 0; ui = 0; } diff --git a/src/mars.cpp b/src/mars.cpp index 34327d717..52b5b812c 100644 --- a/src/mars.cpp +++ b/src/mars.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/mars.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/md4.cpp b/src/md4.cpp index b4cc4ce17..91dc3f3c7 100644 --- a/src/md4.cpp +++ b/src/md4.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/md4.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/md5.cpp b/src/md5.cpp index ec3703de5..edde36836 100644 --- a/src/md5.cpp +++ b/src/md5.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/md5.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/mdx_hash.cpp b/src/mdx_hash.cpp index f8020e2dc..312f798d6 100644 --- a/src/mdx_hash.cpp +++ b/src/mdx_hash.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/mdx_hash.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/mem_pool.cpp b/src/mem_pool.cpp index 29930b8a1..ec6bb344a 100644 --- a/src/mem_pool.cpp +++ b/src/mem_pool.cpp @@ -6,7 +6,6 @@ #include <botan/mem_pool.h> #include <botan/libstate.h> #include <botan/config.h> -#include <botan/bit_ops.h> #include <botan/util.h> #include <algorithm> diff --git a/src/mgf1.cpp b/src/mgf1.cpp index a0ce95530..dea792251 100644 --- a/src/mgf1.cpp +++ b/src/mgf1.cpp @@ -5,6 +5,7 @@ #include <botan/mgf1.h> #include <botan/lookup.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> #include <algorithm> #include <memory> diff --git a/src/misty1.cpp b/src/misty1.cpp index 6405dc335..44a6a852b 100644 --- a/src/misty1.cpp +++ b/src/misty1.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/misty1.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> #include <botan/parsing.h> namespace Botan { diff --git a/src/modules.cpp b/src/modules.cpp index fb30063a3..70ce21a01 100644 --- a/src/modules.cpp +++ b/src/modules.cpp @@ -7,7 +7,6 @@ #include <botan/defalloc.h> #include <botan/def_char.h> #include <botan/eng_def.h> -#include <botan/es_file.h> #include <botan/timers.h> #if defined(BOTAN_EXT_MUTEX_PTHREAD) @@ -48,6 +47,10 @@ #include <botan/es_aep.h> #endif +#if defined(BOTAN_EXT_ENTROPY_SRC_DEVICE) + #include <botan/es_dev.h> +#endif + #if defined(BOTAN_EXT_ENTROPY_SRC_EGD) #include <botan/es_egd.h> #endif @@ -149,8 +152,6 @@ std::vector<EntropySource*> Builtin_Modules::entropy_sources() const { std::vector<EntropySource*> sources; - sources.push_back(new File_EntropySource); - #if defined(BOTAN_EXT_ENTROPY_SRC_AEP) sources.push_back(new AEP_EntropySource); #endif @@ -159,6 +160,10 @@ std::vector<EntropySource*> Builtin_Modules::entropy_sources() const sources.push_back(new EGD_EntropySource); #endif +#if defined(BOTAN_EXT_ENTROPY_SRC_DEVICE) + sources.push_back(new Device_EntropySource); +#endif + #if defined(BOTAN_EXT_ENTROPY_SRC_CAPI) sources.push_back(new Win32_CAPI_EntropySource); #endif diff --git a/src/mp_mul.cpp b/src/mp_mul.cpp index 306ee642b..3c4248839 100644 --- a/src/mp_mul.cpp +++ b/src/mp_mul.cpp @@ -95,8 +95,8 @@ u32bit karatsuba_size(u32bit z_size, ((y_size == y_sw) && (y_size % 2))) return 0; - u32bit start = (x_sw > y_sw) ? x_sw : y_sw; - u32bit end = (x_size < y_size) ? x_size : y_size; + const u32bit start = (x_sw > y_sw) ? x_sw : y_sw; + const u32bit end = (x_size < y_size) ? x_size : y_size; if(start == end) { diff --git a/src/parsing.cpp b/src/parsing.cpp index f4d17318d..58be312a2 100644 --- a/src/parsing.cpp +++ b/src/parsing.cpp @@ -6,6 +6,7 @@ #include <botan/parsing.h> #include <botan/exceptn.h> #include <botan/charset.h> +#include <botan/loadstor.h> namespace Botan { @@ -30,7 +31,6 @@ u32bit to_u32bit(const std::string& number) return n; } - /************************************************* * Convert an integer into a string * *************************************************/ @@ -238,4 +238,46 @@ u32bit parse_expr(const std::string& expr) return to_u32bit(expr); } +/************************************************* +* Convert a decimal-dotted string to binary IP * +*************************************************/ +u32bit string_to_ipv4(const std::string& str) + { + std::vector<std::string> parts = split_on(str, '.'); + + if(parts.size() != 4) + throw Decoding_Error("Invalid IP string " + str); + + u32bit ip = 0; + + for(size_t j = 0; j != parts.size(); j++) + { + u32bit octet = to_u32bit(parts[j]); + + if(octet > 255) + throw Decoding_Error("Invalid IP string " + str); + + ip = (ip << 8) | (octet & 0xFF); + } + + return ip; + } + +/************************************************* +* Convert an IP address to decimal-dotted string * +*************************************************/ +std::string ipv4_to_string(u32bit ip) + { + std::string str; + + for(size_t j = 0; j != sizeof(ip); j++) + { + if(j) + str += "."; + str += to_string(get_byte(j, ip)); + } + + return str; + } + } diff --git a/src/pkcs5.cpp b/src/pkcs5.cpp index c762ecf31..6ed5ba0a9 100644 --- a/src/pkcs5.cpp +++ b/src/pkcs5.cpp @@ -5,6 +5,7 @@ #include <botan/pkcs5.h> #include <botan/lookup.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> #include <botan/hmac.h> #include <algorithm> diff --git a/src/policy.cpp b/src/policy.cpp index efd84ec68..d27d4e2d9 100644 --- a/src/policy.cpp +++ b/src/policy.cpp @@ -44,9 +44,14 @@ void set_default_oids(Config& config) add_oid(config, "2.16.840.1.101.3.4.1.42", "AES-256/CBC"); add_oid(config, "1.2.840.113549.2.5", "MD5"); - add_oid(config, "1.3.14.3.2.26", "SHA-160"); add_oid(config, "1.3.6.1.4.1.11591.12.2", "Tiger(24,3)"); + add_oid(config, "1.3.14.3.2.26", "SHA-160"); + add_oid(config, "2.16.840.1.101.3.4.2.4", "SHA-224"); + add_oid(config, "2.16.840.1.101.3.4.2.1", "SHA-256"); + add_oid(config, "2.16.840.1.101.3.4.2.2", "SHA-384"); + add_oid(config, "2.16.840.1.101.3.4.2.3", "SHA-512"); + add_oid(config, "1.2.840.113549.1.9.16.3.6", "KeyWrap.TripleDES"); add_oid(config, "1.2.840.113549.1.9.16.3.7", "KeyWrap.RC2"); add_oid(config, "1.2.840.113533.7.66.15", "KeyWrap.CAST-128"); @@ -64,7 +69,10 @@ void set_default_oids(Config& config) add_oid(config, "1.2.840.113549.1.1.12", "RSA/EMSA3(SHA-384)"); add_oid(config, "1.2.840.113549.1.1.13", "RSA/EMSA3(SHA-512)"); add_oid(config, "1.3.36.3.3.1.2", "RSA/EMSA3(RIPEMD-160)"); + add_oid(config, "1.2.840.10040.4.3", "DSA/EMSA1(SHA-160)"); + add_oid(config, "2.16.840.1.101.3.4.3.1", "DSA/EMSA1(SHA-224)"); + add_oid(config, "2.16.840.1.101.3.4.3.2", "DSA/EMSA1(SHA-256)"); add_oid(config, "1.3.6.1.4.1.25258.2.1.1.1", "RW/EMSA2(RIPEMD-160)"); add_oid(config, "1.3.6.1.4.1.25258.2.1.1.2", "RW/EMSA2(SHA-160)"); @@ -220,8 +228,8 @@ void set_default_config(Config& config) config.set_option("pem/width", "64"); config.set_option("rng/ms_capi_prov_type", "INTEL_SEC:RSA_FULL"); - config.set_option("rng/unix_path", "/usr/ucb:/usr/etc:/etc"); - config.set_option("rng/es_files", "/dev/urandom:/dev/random"); + config.set_option("rng/unix_path", "/bin:/sbin:/usr/bin:/usr/sbin"); + config.set_option("rng/es_files", "/dev/random:/dev/srandom:/dev/urandom"); config.set_option("rng/egd_path", "/var/run/egd-pool:/dev/egd-pool"); config.set_option("rng/slow_poll_request", "256"); diff --git a/src/prf_x942.cpp b/src/prf_x942.cpp index fd29aecdd..8ede79efa 100644 --- a/src/prf_x942.cpp +++ b/src/prf_x942.cpp @@ -7,7 +7,7 @@ #include <botan/der_enc.h> #include <botan/oids.h> #include <botan/lookup.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> #include <algorithm> #include <memory> @@ -40,7 +40,7 @@ SecureVector<byte> X942_PRF::derive(u32bit key_len, SecureVector<byte> key; u32bit counter = 1; - while(key.size() != key_len) + while(key.size() != key_len && counter) { hash->update(secret, secret_len); diff --git a/src/pubkey.cpp b/src/pubkey.cpp index cf9cb927c..dae6ee936 100644 --- a/src/pubkey.cpp +++ b/src/pubkey.cpp @@ -4,12 +4,12 @@ *************************************************/ #include <botan/pubkey.h> +#include <botan/lookup.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/bigint.h> #include <botan/parsing.h> #include <botan/bit_ops.h> -#include <botan/lookup.h> #include <memory> namespace Botan { diff --git a/src/randpool.cpp b/src/randpool.cpp index f51660160..2fdddf53e 100644 --- a/src/randpool.cpp +++ b/src/randpool.cpp @@ -5,12 +5,11 @@ #include <botan/randpool.h> #include <botan/lookup.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> #include <botan/util.h> #include <algorithm> -#include <assert.h> - namespace Botan { namespace { diff --git a/src/rc2.cpp b/src/rc2.cpp index e59e7d669..2462e52ad 100644 --- a/src/rc2.cpp +++ b/src/rc2.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/rc2.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/rc5.cpp b/src/rc5.cpp index 3e87dc8ab..00d72f486 100644 --- a/src/rc5.cpp +++ b/src/rc5.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/rc5.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> #include <botan/parsing.h> #include <algorithm> diff --git a/src/rc6.cpp b/src/rc6.cpp index e7c8a4725..6a22b96ce 100644 --- a/src/rc6.cpp +++ b/src/rc6.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/rc6.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> #include <algorithm> diff --git a/src/reducer.cpp b/src/reducer.cpp index 3e6d11e1c..03748d3af 100644 --- a/src/reducer.cpp +++ b/src/reducer.cpp @@ -4,7 +4,6 @@ *************************************************/ #include <botan/reducer.h> -#include <botan/bit_ops.h> #include <botan/numthry.h> #include <botan/mp_core.h> diff --git a/src/rmd128.cpp b/src/rmd128.cpp index ea7c11342..f0a573db7 100644 --- a/src/rmd128.cpp +++ b/src/rmd128.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/rmd128.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/rmd160.cpp b/src/rmd160.cpp index e092b19a2..fb962813e 100644 --- a/src/rmd160.cpp +++ b/src/rmd160.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/rmd160.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/seed.cpp b/src/seed.cpp index 9ed05b28f..38eefc147 100644 --- a/src/seed.cpp +++ b/src/seed.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/seed.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { @@ -34,14 +34,14 @@ void SEED::enc(const byte in[], byte out[]) const u32bit T0, T1; T0 = B2 ^ K[2*j]; - T1 = G(T0 ^ B3 ^ K[2*j+1]); + T1 = G(B2 ^ B3 ^ K[2*j+1]); T0 = G(T1 + T0); T1 = G(T1 + T0); B1 ^= T1; B0 ^= T0 + T1; T0 = B0 ^ K[2*j+2]; - T1 = G(T0 ^ B1 ^ K[2*j+3]); + T1 = G(B0 ^ B1 ^ K[2*j+3]); T0 = G(T1 + T0); T1 = G(T1 + T0); B3 ^= T1; @@ -68,14 +68,14 @@ void SEED::dec(const byte in[], byte out[]) const u32bit T0, T1; T0 = B2 ^ K[30-2*j]; - T1 = G(T0 ^ B3 ^ K[31-2*j]); + T1 = G(B2 ^ B3 ^ K[31-2*j]); T0 = G(T1 + T0); T1 = G(T1 + T0); B1 ^= T1; B0 ^= T0 + T1; T0 = B0 ^ K[28-2*j]; - T1 = G(T0 ^ B1 ^ K[29-2*j]); + T1 = G(B0 ^ B1 ^ K[29-2*j]); T0 = G(T1 + T0); T1 = G(T1 + T0); B3 ^= T1; @@ -107,14 +107,14 @@ void SEED::key(const byte key[], u32bit) for(u32bit j = 0; j != 16; j += 2) { K[2*j ] = G(WK[0] + WK[2] - RC[j]); - K[2*j+1] = G(WK[1] - WK[3] + RC[j]); + K[2*j+1] = G(WK[1] - WK[3] + RC[j]) ^ K[2*j]; byte T = get_byte(3, WK[0]); WK[0] = (WK[0] >> 8) | (get_byte(3, WK[1]) << 24); WK[1] = (WK[1] >> 8) | (T << 24); K[2*j+2] = G(WK[0] + WK[2] - RC[j+1]); - K[2*j+3] = G(WK[1] - WK[3] + RC[j+1]); + K[2*j+3] = G(WK[1] - WK[3] + RC[j+1]) ^ K[2*j+2]; T = get_byte(0, WK[3]); WK[3] = (WK[3] << 8) | get_byte(0, WK[2]); diff --git a/src/serpent.cpp b/src/serpent.cpp index 6bd7132a8..15c1c9b3c 100644 --- a/src/serpent.cpp +++ b/src/serpent.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/serpent.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/sha160.cpp b/src/sha160.cpp index 7581f3ea0..3e2b5d1bd 100644 --- a/src/sha160.cpp +++ b/src/sha160.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/sha160.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/sha256.cpp b/src/sha256.cpp index ae9849a57..533d8f775 100644 --- a/src/sha256.cpp +++ b/src/sha256.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/sha256.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/sha_64.cpp b/src/sha_64.cpp index 233071e21..6cdf88433 100644 --- a/src/sha_64.cpp +++ b/src/sha_64.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/sha_64.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/skipjack.cpp b/src/skipjack.cpp index 969841b53..d79c1d13f 100644 --- a/src/skipjack.cpp +++ b/src/skipjack.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/skipjack.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/square.cpp b/src/square.cpp index 988e56ef5..919c748c0 100644 --- a/src/square.cpp +++ b/src/square.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/square.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/tea.cpp b/src/tea.cpp index aa04b1df8..432927f7d 100644 --- a/src/tea.cpp +++ b/src/tea.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/tea.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { @@ -13,17 +13,17 @@ namespace Botan { *************************************************/ void TEA::enc(const byte in[], byte out[]) const { - u32bit left = load_be<u32bit>(in, 0), right = load_be<u32bit>(in, 1); + u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1); - u32bit sum = 0; + u32bit S = 0; for(u32bit j = 0; j != 32; ++j) { - sum += 0x9E3779B9; - left += ((right << 4) + K[0]) ^ (right + sum) ^ ((right >> 5) + K[1]); - right += ((left << 4) + K[2]) ^ (left + sum) ^ ((left >> 5) + K[3]); + S += 0x9E3779B9; + L += ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]); + R += ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]); } - store_be(out, left, right); + store_be(out, L, R); } /************************************************* @@ -31,17 +31,17 @@ void TEA::enc(const byte in[], byte out[]) const *************************************************/ void TEA::dec(const byte in[], byte out[]) const { - u32bit left = load_be<u32bit>(in, 0), right = load_be<u32bit>(in, 1); + u32bit L = load_be<u32bit>(in, 0), R = load_be<u32bit>(in, 1); - u32bit sum = 0xC6EF3720; + u32bit S = 0xC6EF3720; for(u32bit j = 0; j != 32; ++j) { - right -= ((left << 4) + K[2]) ^ (left + sum) ^ ((left >> 5) + K[3]); - left -= ((right << 4) + K[0]) ^ (right + sum) ^ ((right >> 5) + K[1]); - sum -= 0x9E3779B9; + R -= ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]); + L -= ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]); + S -= 0x9E3779B9; } - store_be(out, left, right); + store_be(out, L, R); } /************************************************* diff --git a/src/tiger.cpp b/src/tiger.cpp index a4dd657b2..ef2022568 100644 --- a/src/tiger.cpp +++ b/src/tiger.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/tiger.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> #include <botan/parsing.h> namespace Botan { diff --git a/src/turing.cpp b/src/turing.cpp index bf539117c..31b2ff7a6 100644 --- a/src/turing.cpp +++ b/src/turing.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/turing.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { @@ -169,7 +170,7 @@ void Turing::generate() } /************************************************* -* +* Turing's byte mixing step * *************************************************/ u32bit Turing::fixedS(u32bit W) { diff --git a/src/twofish.cpp b/src/twofish.cpp index 25359f635..779f966cc 100644 --- a/src/twofish.cpp +++ b/src/twofish.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/twofish.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { @@ -90,7 +91,10 @@ void Twofish::dec(const byte in[], byte out[]) const B = rotate_right(B ^ Y, 1); } - C ^= round_key[0]; D ^= round_key[1]; A ^= round_key[2]; B ^= round_key[3]; + C ^= round_key[0]; + D ^= round_key[1]; + A ^= round_key[2]; + B ^= round_key[3]; store_le(out, C, D, A, B); } diff --git a/src/whrlpool.cpp b/src/whrlpool.cpp index 960095d9b..f0d9da01e 100644 --- a/src/whrlpool.cpp +++ b/src/whrlpool.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/whrlpool.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> namespace Botan { diff --git a/src/wid_wake.cpp b/src/wid_wake.cpp index fe3fd8dab..0a9b6f698 100644 --- a/src/wid_wake.cpp +++ b/src/wid_wake.cpp @@ -4,6 +4,7 @@ *************************************************/ #include <botan/wid_wake.h> +#include <botan/loadstor.h> #include <botan/bit_ops.h> namespace Botan { diff --git a/src/x509cert.cpp b/src/x509cert.cpp index 404e56f29..549b916c5 100644 --- a/src/x509cert.cpp +++ b/src/x509cert.cpp @@ -350,7 +350,7 @@ AlternativeName create_alt_name(const Data_Store& info) }; std::multimap<std::string, std::string> names = - info.search_with(AltName_Matcher("RFC822/DNS/URI")); + info.search_with(AltName_Matcher("RFC822/DNS/URI/IP")); AlternativeName alt_name; diff --git a/src/x509self.cpp b/src/x509self.cpp index 255ee6219..1c94324ed 100644 --- a/src/x509self.cpp +++ b/src/x509self.cpp @@ -50,7 +50,7 @@ void load_info(const X509_Cert_Options& opts, X509_DN& subject_dn, subject_dn.add_attribute("X520.Organization", opts.organization); subject_dn.add_attribute("X520.OrganizationalUnit", opts.org_unit); subject_dn.add_attribute("X520.SerialNumber", opts.serial_number); - subject_alt = AlternativeName(opts.email, opts.uri, opts.dns); + subject_alt = AlternativeName(opts.email, opts.uri, opts.dns, opts.ip); subject_alt.add_othername(OIDS::lookup("PKIX.XMPPAddr"), opts.xmpp, UTF8_STRING); } diff --git a/src/xtea.cpp b/src/xtea.cpp index 5ecf3054e..b5d935513 100644 --- a/src/xtea.cpp +++ b/src/xtea.cpp @@ -4,7 +4,7 @@ *************************************************/ #include <botan/xtea.h> -#include <botan/bit_ops.h> +#include <botan/loadstor.h> #include <botan/parsing.h> namespace Botan { |