From 1929d30ab42693820dd9baf916eabdde0fc96e7b Mon Sep 17 00:00:00 2001 From: lloyd Date: Mon, 30 Jan 2012 00:58:03 +0000 Subject: Partially de-unroll the loop to make changes easier --- src/block/camellia/camellia.cpp | 127 +++++++++++++--------------------------- 1 file changed, 41 insertions(+), 86 deletions(-) (limited to 'src') diff --git a/src/block/camellia/camellia.cpp b/src/block/camellia/camellia.cpp index 30e638451..dcb35c1ed 100644 --- a/src/block/camellia/camellia.cpp +++ b/src/block/camellia/camellia.cpp @@ -115,52 +115,30 @@ void Camellia::encrypt_n(const byte in[], byte out[], size_t blocks) const u64bit D1 = load_be(in, 0); u64bit D2 = load_be(in, 1); - D1 ^= K[0]; - D2 ^= K[1]; - D2 ^= F(D1, K[2]); - D1 ^= F(D2, K[3]); - D2 ^= F(D1, K[4]); - D1 ^= F(D2, K[5]); - D2 ^= F(D1, K[6]); - D1 ^= F(D2, K[7]); - D1 = FL (D1, K[8]); - D2 = FLINV(D2, K[9]); - - D2 ^= F(D1, K[10]); - D1 ^= F(D2, K[11]); - D2 ^= F(D1, K[12]); - D1 ^= F(D2, K[13]); - D2 ^= F(D1, K[14]); - D1 ^= F(D2, K[15]); - D1 = FL (D1, K[16]); - D2 = FLINV(D2, K[17]); - - D2 ^= F(D1, K[18]); - D1 ^= F(D2, K[19]); - D2 ^= F(D1, K[20]); - D1 ^= F(D2, K[21]); - D2 ^= F(D1, K[22]); - D1 ^= F(D2, K[23]); - - if(K.size() == 34) - { - D1 = FL (D1, K[24]); - D2 = FLINV(D2, K[25]); - D2 ^= F(D1, K[26]); - D1 ^= F(D2, K[27]); - D2 ^= F(D1, K[28]); - D1 ^= F(D2, K[29]); - D2 ^= F(D1, K[30]); - D1 ^= F(D2, K[31]); - D2 ^= K[32]; - D1 ^= K[33]; - } - else + size_t koff = 0; + + D1 ^= K[koff++]; + D2 ^= K[koff++]; + + while(true) { - D2 ^= K[24]; - D1 ^= K[25]; + D2 ^= F(D1, K[koff++]); + D1 ^= F(D2, K[koff++]); + D2 ^= F(D1, K[koff++]); + D1 ^= F(D2, K[koff++]); + D2 ^= F(D1, K[koff++]); + D1 ^= F(D2, K[koff++]); + + if(koff == K.size() - 2) + break; + + D1 = FL (D1, K[koff++]); + D2 = FLINV(D2, K[koff++]); } + D2 ^= K[koff++]; + D1 ^= K[koff++]; + store_be(out, D2, D1); in += BLOCK_SIZE; @@ -180,52 +158,29 @@ void Camellia::decrypt_n(const byte in[], byte out[], size_t blocks) const u64bit D1 = load_be(in, 0); u64bit D2 = load_be(in, 1); - if(K.size() == 34) - { - D1 ^= K[32]; - D2 ^= K[33]; - - D2 ^= F(D1, K[31]); - D1 ^= F(D2, K[30]); - D2 ^= F(D1, K[29]); - D1 ^= F(D2, K[28]); - D2 ^= F(D1, K[27]); - D1 ^= F(D2, K[26]); - D1 = FL (D1, K[25]); - D2 = FLINV(D2, K[24]); - } - else + size_t koff = K.size()-1; + + D2 ^= K[koff--]; + D1 ^= K[koff--]; + + while(true) { - D1 ^= K[24]; - D2 ^= K[25]; + D2 ^= F(D1, K[koff--]); + D1 ^= F(D2, K[koff--]); + D2 ^= F(D1, K[koff--]); + D1 ^= F(D2, K[koff--]); + D2 ^= F(D1, K[koff--]); + D1 ^= F(D2, K[koff--]); + + if(koff == 1) + break; + + D1 = FL (D1, K[koff--]); + D2 = FLINV(D2, K[koff--]); } - D2 ^= F(D1, K[23]); - D1 ^= F(D2, K[22]); - D2 ^= F(D1, K[21]); - D1 ^= F(D2, K[20]); - D2 ^= F(D1, K[19]); - D1 ^= F(D2, K[18]); - D1 = FL (D1, K[17]); - D2 = FLINV(D2, K[16]); - - D2 ^= F(D1, K[15]); - D1 ^= F(D2, K[14]); - D2 ^= F(D1, K[13]); - D1 ^= F(D2, K[12]); - D2 ^= F(D1, K[11]); - D1 ^= F(D2, K[10]); - D1 = FL (D1, K[ 9]); - D2 = FLINV(D2, K[ 8]); - - D2 ^= F(D1, K[ 7]); - D1 ^= F(D2, K[ 6]); - D2 ^= F(D1, K[ 5]); - D1 ^= F(D2, K[ 4]); - D2 ^= F(D1, K[ 3]); - D1 ^= F(D2, K[ 2]); - D2 ^= K[0]; - D1 ^= K[1]; + D1 ^= K[koff--]; + D2 ^= K[koff]; store_be(out, D2, D1); -- cgit v1.2.3 From 4363e752c826cf5519967561d9e7be4456aadf3c Mon Sep 17 00:00:00 2001 From: lloyd Date: Mon, 30 Jan 2012 01:01:57 +0000 Subject: Pointer writing seems cleaner --- src/block/camellia/camellia.cpp | 200 ++++++++++++++++++++-------------------- src/block/camellia/camellia.h | 4 +- 2 files changed, 102 insertions(+), 102 deletions(-) (limited to 'src') diff --git a/src/block/camellia/camellia.cpp b/src/block/camellia/camellia.cpp index dcb35c1ed..054558c35 100644 --- a/src/block/camellia/camellia.cpp +++ b/src/block/camellia/camellia.cpp @@ -115,29 +115,29 @@ void Camellia::encrypt_n(const byte in[], byte out[], size_t blocks) const u64bit D1 = load_be(in, 0); u64bit D2 = load_be(in, 1); - size_t koff = 0; + const u64bit* K = &SK[0]; - D1 ^= K[koff++]; - D2 ^= K[koff++]; + D1 ^= *K++; + D2 ^= *K++; while(true) { - D2 ^= F(D1, K[koff++]); - D1 ^= F(D2, K[koff++]); - D2 ^= F(D1, K[koff++]); - D1 ^= F(D2, K[koff++]); - D2 ^= F(D1, K[koff++]); - D1 ^= F(D2, K[koff++]); - - if(koff == K.size() - 2) + D2 ^= F(D1, *K++); + D1 ^= F(D2, *K++); + D2 ^= F(D1, *K++); + D1 ^= F(D2, *K++); + D2 ^= F(D1, *K++); + D1 ^= F(D2, *K++); + + if(K == &SK[SK.size()-2]) break; - D1 = FL (D1, K[koff++]); - D2 = FLINV(D2, K[koff++]); + D1 = FL (D1, *K++); + D2 = FLINV(D2, *K++); } - D2 ^= K[koff++]; - D1 ^= K[koff++]; + D2 ^= *K++; + D1 ^= *K++; store_be(out, D2, D1); @@ -158,29 +158,29 @@ void Camellia::decrypt_n(const byte in[], byte out[], size_t blocks) const u64bit D1 = load_be(in, 0); u64bit D2 = load_be(in, 1); - size_t koff = K.size()-1; + const u64bit* K = &SK[SK.size()-1]; - D2 ^= K[koff--]; - D1 ^= K[koff--]; + D2 ^= *K--; + D1 ^= *K--; while(true) { - D2 ^= F(D1, K[koff--]); - D1 ^= F(D2, K[koff--]); - D2 ^= F(D1, K[koff--]); - D1 ^= F(D2, K[koff--]); - D2 ^= F(D1, K[koff--]); - D1 ^= F(D2, K[koff--]); - - if(koff == 1) + D2 ^= F(D1, *K--); + D1 ^= F(D2, *K--); + D2 ^= F(D1, *K--); + D1 ^= F(D2, *K--); + D2 ^= F(D1, *K--); + D1 ^= F(D2, *K--); + + if(K == &SK[1]) break; - D1 = FL (D1, K[koff--]); - D2 = FLINV(D2, K[koff--]); + D1 = FL (D1, *K--); + D2 = FLINV(D2, *K--); } - D1 ^= K[koff--]; - D2 ^= K[koff]; + D1 ^= *K--; + D2 ^= *K; store_be(out, D2, D1); @@ -232,79 +232,79 @@ void Camellia::key_schedule(const byte key[], size_t length) if(length == 16) { - K.resize(26); - - K[ 0] = KL_H; - K[ 1] = KL_L; - K[ 2] = KA_H; - K[ 3] = KA_L; - K[ 4] = left_rot_hi(KL_H, KL_L, 15); - K[ 5] = left_rot_lo(KL_H, KL_L, 15); - K[ 6] = left_rot_hi(KA_H, KA_L, 15); - K[ 7] = left_rot_lo(KA_H, KA_L, 15); - K[ 8] = left_rot_hi(KA_H, KA_L, 30); - K[ 9] = left_rot_lo(KA_H, KA_L, 30); - K[10] = left_rot_hi(KL_H, KL_L, 45); - K[11] = left_rot_lo(KL_H, KL_L, 45); - K[12] = left_rot_hi(KA_H, KA_L, 45); - K[13] = left_rot_lo(KL_H, KL_L, 60); - K[14] = left_rot_hi(KA_H, KA_L, 60); - K[15] = left_rot_lo(KA_H, KA_L, 60); - K[16] = left_rot_lo(KL_H, KL_L, 77-64); - K[17] = left_rot_hi(KL_H, KL_L, 77-64); - K[18] = left_rot_lo(KL_H, KL_L, 94-64); - K[19] = left_rot_hi(KL_H, KL_L, 94-64); - K[20] = left_rot_lo(KA_H, KA_L, 94-64); - K[21] = left_rot_hi(KA_H, KA_L, 94-64); - K[22] = left_rot_lo(KL_H, KL_L, 111-64); - K[23] = left_rot_hi(KL_H, KL_L, 111-64); - K[24] = left_rot_lo(KA_H, KA_L, 111-64); - K[25] = left_rot_hi(KA_H, KA_L, 111-64); + SK.resize(26); + + SK[ 0] = KL_H; + SK[ 1] = KL_L; + SK[ 2] = KA_H; + SK[ 3] = KA_L; + SK[ 4] = left_rot_hi(KL_H, KL_L, 15); + SK[ 5] = left_rot_lo(KL_H, KL_L, 15); + SK[ 6] = left_rot_hi(KA_H, KA_L, 15); + SK[ 7] = left_rot_lo(KA_H, KA_L, 15); + SK[ 8] = left_rot_hi(KA_H, KA_L, 30); + SK[ 9] = left_rot_lo(KA_H, KA_L, 30); + SK[10] = left_rot_hi(KL_H, KL_L, 45); + SK[11] = left_rot_lo(KL_H, KL_L, 45); + SK[12] = left_rot_hi(KA_H, KA_L, 45); + SK[13] = left_rot_lo(KL_H, KL_L, 60); + SK[14] = left_rot_hi(KA_H, KA_L, 60); + SK[15] = left_rot_lo(KA_H, KA_L, 60); + SK[16] = left_rot_lo(KL_H, KL_L, 77-64); + SK[17] = left_rot_hi(KL_H, KL_L, 77-64); + SK[18] = left_rot_lo(KL_H, KL_L, 94-64); + SK[19] = left_rot_hi(KL_H, KL_L, 94-64); + SK[20] = left_rot_lo(KA_H, KA_L, 94-64); + SK[21] = left_rot_hi(KA_H, KA_L, 94-64); + SK[22] = left_rot_lo(KL_H, KL_L, 111-64); + SK[23] = left_rot_hi(KL_H, KL_L, 111-64); + SK[24] = left_rot_lo(KA_H, KA_L, 111-64); + SK[25] = left_rot_hi(KA_H, KA_L, 111-64); } else { - K.resize(34); - - K[ 0] = KL_H; - K[ 1] = KL_L; - K[ 2] = KB_H; - K[ 3] = KB_L; - - K[ 4] = left_rot_hi(KR_H, KR_L, 15); - K[ 5] = left_rot_lo(KR_H, KR_L, 15); - K[ 6] = left_rot_hi(KA_H, KA_L, 15); - K[ 7] = left_rot_lo(KA_H, KA_L, 15); - - K[ 8] = left_rot_hi(KR_H, KR_L, 30); - K[ 9] = left_rot_lo(KR_H, KR_L, 30); - K[10] = left_rot_hi(KB_H, KB_L, 30); - K[11] = left_rot_lo(KB_H, KB_L, 30); - - K[12] = left_rot_hi(KL_H, KL_L, 45); - K[13] = left_rot_lo(KL_H, KL_L, 45); - K[14] = left_rot_hi(KA_H, KA_L, 45); - K[15] = left_rot_lo(KA_H, KA_L, 45); - - K[16] = left_rot_hi(KL_H, KL_L, 60); - K[17] = left_rot_lo(KL_H, KL_L, 60); - K[18] = left_rot_hi(KR_H, KR_L, 60); - K[19] = left_rot_lo(KR_H, KR_L, 60); - K[20] = left_rot_hi(KB_H, KB_L, 60); - K[21] = left_rot_lo(KB_H, KB_L, 60); - - K[22] = left_rot_lo(KL_H, KL_L, 77-64); - K[23] = left_rot_hi(KL_H, KL_L, 77-64); - K[24] = left_rot_lo(KA_H, KA_L, 77-64); - K[25] = left_rot_hi(KA_H, KA_L, 77-64); - - K[26] = left_rot_lo(KR_H, KR_L, 94-64); - K[27] = left_rot_hi(KR_H, KR_L, 94-64); - K[28] = left_rot_lo(KA_H, KA_L, 94-64); - K[29] = left_rot_hi(KA_H, KA_L, 94-64); - K[30] = left_rot_lo(KL_H, KL_L, 111-64); - K[31] = left_rot_hi(KL_H, KL_L, 111-64); - K[32] = left_rot_lo(KB_H, KB_L, 111-64); - K[33] = left_rot_hi(KB_H, KB_L, 111-64); + SK.resize(34); + + SK[ 0] = KL_H; + SK[ 1] = KL_L; + SK[ 2] = KB_H; + SK[ 3] = KB_L; + + SK[ 4] = left_rot_hi(KR_H, KR_L, 15); + SK[ 5] = left_rot_lo(KR_H, KR_L, 15); + SK[ 6] = left_rot_hi(KA_H, KA_L, 15); + SK[ 7] = left_rot_lo(KA_H, KA_L, 15); + + SK[ 8] = left_rot_hi(KR_H, KR_L, 30); + SK[ 9] = left_rot_lo(KR_H, KR_L, 30); + SK[10] = left_rot_hi(KB_H, KB_L, 30); + SK[11] = left_rot_lo(KB_H, KB_L, 30); + + SK[12] = left_rot_hi(KL_H, KL_L, 45); + SK[13] = left_rot_lo(KL_H, KL_L, 45); + SK[14] = left_rot_hi(KA_H, KA_L, 45); + SK[15] = left_rot_lo(KA_H, KA_L, 45); + + SK[16] = left_rot_hi(KL_H, KL_L, 60); + SK[17] = left_rot_lo(KL_H, KL_L, 60); + SK[18] = left_rot_hi(KR_H, KR_L, 60); + SK[19] = left_rot_lo(KR_H, KR_L, 60); + SK[20] = left_rot_hi(KB_H, KB_L, 60); + SK[21] = left_rot_lo(KB_H, KB_L, 60); + + SK[22] = left_rot_lo(KL_H, KL_L, 77-64); + SK[23] = left_rot_hi(KL_H, KL_L, 77-64); + SK[24] = left_rot_lo(KA_H, KA_L, 77-64); + SK[25] = left_rot_hi(KA_H, KA_L, 77-64); + + SK[26] = left_rot_lo(KR_H, KR_L, 94-64); + SK[27] = left_rot_hi(KR_H, KR_L, 94-64); + SK[28] = left_rot_lo(KA_H, KA_L, 94-64); + SK[29] = left_rot_hi(KA_H, KA_L, 94-64); + SK[30] = left_rot_lo(KL_H, KL_L, 111-64); + SK[31] = left_rot_hi(KL_H, KL_L, 111-64); + SK[32] = left_rot_lo(KB_H, KB_L, 111-64); + SK[33] = left_rot_hi(KB_H, KB_L, 111-64); } } diff --git a/src/block/camellia/camellia.h b/src/block/camellia/camellia.h index 7795f1fcf..aaf3ad9e3 100644 --- a/src/block/camellia/camellia.h +++ b/src/block/camellia/camellia.h @@ -21,13 +21,13 @@ class BOTAN_DLL Camellia : public Block_Cipher_Fixed_Params<16, 16, 32, 8> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { K.clear(); } + void clear() { SK.clear(); } std::string name() const { return "Camellia"; } BlockCipher* clone() const { return new Camellia; } private: void key_schedule(const byte key[], size_t length); - SecureVector K; + SecureVector SK; }; } -- cgit v1.2.3 From 83c5eb0bde3efe7025d52ec5d6cfdf05415814fc Mon Sep 17 00:00:00 2001 From: lloyd Date: Mon, 30 Jan 2012 01:18:20 +0000 Subject: Remove debug printfs, stdio includes --- src/math/numbertheory/numthry.cpp | 2 -- src/selftest/selftest.cpp | 4 ---- src/wrap/python/filter.cpp | 5 ----- 3 files changed, 11 deletions(-) (limited to 'src') diff --git a/src/math/numbertheory/numthry.cpp b/src/math/numbertheory/numthry.cpp index 16fa8ca0c..c7896c17a 100644 --- a/src/math/numbertheory/numthry.cpp +++ b/src/math/numbertheory/numthry.cpp @@ -10,8 +10,6 @@ #include #include -#include - namespace Botan { namespace { diff --git a/src/selftest/selftest.cpp b/src/selftest/selftest.cpp index 7b87bcb61..0dac31cef 100644 --- a/src/selftest/selftest.cpp +++ b/src/selftest/selftest.cpp @@ -10,8 +10,6 @@ #include #include -#include - namespace Botan { namespace { @@ -28,8 +26,6 @@ bool test_filter_kat(Filter* filter, const std::string output = pipe.read_all_as_string(); - //printf("%s %s\n", output.c_str(), expected_output.c_str()); - return (output == expected_output); } diff --git a/src/wrap/python/filter.cpp b/src/wrap/python/filter.cpp index 437c5239f..e329ed708 100644 --- a/src/wrap/python/filter.cpp +++ b/src/wrap/python/filter.cpp @@ -26,7 +26,6 @@ class Py_Filter : public Filter void send_str(const std::string& str) { - printf("Py_Filter::send_str\n"); send((const byte*)str.data(), str.length()); } }; @@ -36,14 +35,12 @@ class FilterWrapper : public Py_Filter, public wrapper public: void start_msg() { - printf("wrapper start_msg\n"); if(override start_msg = this->get_override("start_msg")) start_msg(); } void end_msg() { - printf("wrapper end_msg\n"); if(override end_msg = this->get_override("end_msg")) end_msg(); } @@ -53,7 +50,6 @@ class FilterWrapper : public Py_Filter, public wrapper virtual void write_str(const std::string& str) { - printf("wrapper write\n"); this->get_override("write")(str); } }; @@ -125,7 +121,6 @@ void prepend_filter(Pipe& pipe, std::auto_ptr filter) void do_send(std::auto_ptr filter, const std::string& data) { - printf("Sending %s to %p\n", data.c_str(), filter.get()); filter->send_str(data); } -- cgit v1.2.3 From e415e7a520980d801694d335e96849f2e79f1d43 Mon Sep 17 00:00:00 2001 From: lloyd Date: Wed, 1 Feb 2012 17:58:50 +0000 Subject: Disable this version of the SSL code by default --- doc/log.txt | 4 ++++ src/ssl/info.txt | 8 ++++++-- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/doc/log.txt b/doc/log.txt index 38944227b..478b27a94 100644 --- a/doc/log.txt +++ b/doc/log.txt @@ -10,6 +10,10 @@ Series 1.10 Version 1.10.2, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* The SSL/TLS code is disabled by default in this release. A new + version is being developed and the current iteration should not be + used unless needed for existing code. + * Add the Camellia block cipher * An implementation of SRP-6a compatible with the specification in diff --git a/src/ssl/info.txt b/src/ssl/info.txt index f920a733d..169b76115 100644 --- a/src/ssl/info.txt +++ b/src/ssl/info.txt @@ -1,8 +1,12 @@ define SSL_TLS +load_on request + -The SSL/TLS code is complex, new, and not yet reviewed, there may be -serious bugs or security issues. +A new TLS API is being developed. This version has numerous +performance and usability issues and will not be supported in the +future. Only use it if you need it for compatability with code written +against previous versions. uses_tr1 yes -- cgit v1.2.3 From dd2011140c06661e1cc554aae560a2ef9162faff Mon Sep 17 00:00:00 2001 From: lloyd Date: Thu, 2 Feb 2012 12:29:50 +0000 Subject: Whitespace --- src/pubkey/ec_group/ec_group.h | 6 +++--- src/pubkey/ecdh/ecdh.h | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/pubkey/ec_group/ec_group.h b/src/pubkey/ec_group/ec_group.h index b7b09985e..9430a8e38 100644 --- a/src/pubkey/ec_group/ec_group.h +++ b/src/pubkey/ec_group/ec_group.h @@ -40,9 +40,9 @@ class BOTAN_DLL EC_Group * @param cofactor the cofactor */ EC_Group(const CurveGFp& curve, - const PointGFp& base_point, - const BigInt& order, - const BigInt& cofactor) : + const PointGFp& base_point, + const BigInt& order, + const BigInt& cofactor) : curve(curve), base_point(base_point), order(order), diff --git a/src/pubkey/ecdh/ecdh.h b/src/pubkey/ecdh/ecdh.h index 2edbfe86d..6fe0697bf 100644 --- a/src/pubkey/ecdh/ecdh.h +++ b/src/pubkey/ecdh/ecdh.h @@ -22,7 +22,6 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey { public: - ECDH_PublicKey(const AlgorithmIdentifier& alg_id, const MemoryRegion& key_bits) : EC_PublicKey(alg_id, key_bits) {} -- cgit v1.2.3 From 88626b546863966ba6cf100d68fb9d73bc2a9fb9 Mon Sep 17 00:00:00 2001 From: lloyd Date: Fri, 3 Feb 2012 21:17:14 +0000 Subject: Support ECDH key creation in the key factory function. Patch from Sean Cassidy, sent to the mailing list. --- src/pubkey/pk_algs.cpp | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'src') diff --git a/src/pubkey/pk_algs.cpp b/src/pubkey/pk_algs.cpp index e500cfc2e..9b3218ac4 100644 --- a/src/pubkey/pk_algs.cpp +++ b/src/pubkey/pk_algs.cpp @@ -40,6 +40,10 @@ #include #endif +#if defined(BOTAN_HAS_ECDH) + #include +#endif + namespace Botan { Public_Key* make_public_key(const AlgorithmIdentifier& alg_id, @@ -89,6 +93,11 @@ Public_Key* make_public_key(const AlgorithmIdentifier& alg_id, return new GOST_3410_PublicKey(alg_id, key_bits); #endif +#if defined(BOTAN_HAS_ECDH) + if(alg_name == "ECDH") + return new ECDH_PublicKey(alg_id, key_bits); +#endif + return 0; } @@ -140,6 +149,11 @@ Private_Key* make_private_key(const AlgorithmIdentifier& alg_id, return new GOST_3410_PrivateKey(alg_id, key_bits); #endif +#if defined(BOTAN_HAS_ECDH) + if(alg_name == "ECDH") + return new ECDH_PrivateKey(alg_id, key_bits); +#endif + return 0; } -- cgit v1.2.3 From 718d9503e3bad05fa58d61af11784976a495e21a Mon Sep 17 00:00:00 2001 From: lloyd Date: Wed, 15 Feb 2012 16:53:08 +0000 Subject: Force a reseed in HMAC_RNG after 20 bytes have been added, rather than waiting for a full kilobyte. This is for the benefit of DSA/ECDSA which want a call to add_entropy to update the state in some way, passing just a hash input which might be as small as 20 bytes. --- src/rng/hmac_rng/hmac_rng.cpp | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/rng/hmac_rng/hmac_rng.cpp b/src/rng/hmac_rng/hmac_rng.cpp index 7912e58af..55503382a 100644 --- a/src/rng/hmac_rng/hmac_rng.cpp +++ b/src/rng/hmac_rng/hmac_rng.cpp @@ -110,7 +110,11 @@ void HMAC_RNG::reseed(size_t poll_bits) counter = 0; user_input_len = 0; - if(accum.bits_collected() >= 128) + /* + Consider ourselves seeded once we've collected an estimated 128 bits of + entropy in a single poll. + */ + if(seeded == false && accum.bits_collected() >= 128) seeded = true; } @@ -119,15 +123,18 @@ void HMAC_RNG::reseed(size_t poll_bits) */ void HMAC_RNG::add_entropy(const byte input[], size_t length) { + const size_t USER_ENTROPY_WATERSHED = 20; + extractor->update(input, length); user_input_len += length; /* - * After we've accumulated >= 1024 bytes of user input, reseed. - * This input will automatically have been included if reseed was - * called already, as it's just included in the extractor input. + * After we've accumulated at least USER_ENTROPY_WATERSHED bytes of + * user input, reseed. This input will automatically have been + * included if reseed was called already, as it's just included in + * the extractor input. */ - if(user_input_len >= 1024) + if(user_input_len >= USER_ENTROPY_WATERSHED) reseed(128); } -- cgit v1.2.3 From cee8707b07952838e378ea7193af9eff83800b4e Mon Sep 17 00:00:00 2001 From: lloyd Date: Fri, 17 Feb 2012 13:16:17 +0000 Subject: Be more conservative about entropy estimates. In particular, instead of giving /dev/random, EGD, and CryptoAPI a full 8 bits per byte of entropy, estimate at 6 bits. In the proc walker, allow more files to be read, read more of any particular file, and count each bit for 1/10 as much as before. Reading more of the file seems especially valuable, as some files are quite random, whereas others are very static, and this should ensure we read more of the actually unpredictable inputs. Prefer /dev/random over /dev/urandom --- src/entropy/cryptoapi_rng/es_capi.cpp | 2 +- src/entropy/dev_random/dev_random.cpp | 2 +- src/entropy/egd/es_egd.cpp | 2 +- src/entropy/proc_walk/es_ftw.cpp | 6 +++--- src/libstate/global_rng.cpp | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/entropy/cryptoapi_rng/es_capi.cpp b/src/entropy/cryptoapi_rng/es_capi.cpp index d3d076641..c9069ce65 100644 --- a/src/entropy/cryptoapi_rng/es_capi.cpp +++ b/src/entropy/cryptoapi_rng/es_capi.cpp @@ -65,7 +65,7 @@ void Win32_CAPI_EntropySource::poll(Entropy_Accumulator& accum) if(got) { - accum.add(&io_buffer[0], io_buffer.size(), 8); + accum.add(&io_buffer[0], io_buffer.size(), 6); break; } } diff --git a/src/entropy/dev_random/dev_random.cpp b/src/entropy/dev_random/dev_random.cpp index d14ae43ae..c16f48768 100644 --- a/src/entropy/dev_random/dev_random.cpp +++ b/src/entropy/dev_random/dev_random.cpp @@ -117,7 +117,7 @@ void Device_EntropySource::poll(Entropy_Accumulator& accum) if(got) { - accum.add(&io_buffer[0], got, 8); + accum.add(&io_buffer[0], got, 6); break; } } diff --git a/src/entropy/egd/es_egd.cpp b/src/entropy/egd/es_egd.cpp index b2b629930..e0ebf9509 100644 --- a/src/entropy/egd/es_egd.cpp +++ b/src/entropy/egd/es_egd.cpp @@ -147,7 +147,7 @@ void EGD_EntropySource::poll(Entropy_Accumulator& accum) if(got) { - accum.add(&io_buffer[0], got, 8); + accum.add(&io_buffer[0], got, 6); break; } } diff --git a/src/entropy/proc_walk/es_ftw.cpp b/src/entropy/proc_walk/es_ftw.cpp index 5d58f9869..7bf6c3310 100644 --- a/src/entropy/proc_walk/es_ftw.cpp +++ b/src/entropy/proc_walk/es_ftw.cpp @@ -127,12 +127,12 @@ FTW_EntropySource::~FTW_EntropySource() void FTW_EntropySource::poll(Entropy_Accumulator& accum) { - const size_t MAX_FILES_READ_PER_POLL = 1024; + const size_t MAX_FILES_READ_PER_POLL = 2048; if(!dir) dir = new Directory_Walker(path); - MemoryRegion& io_buffer = accum.get_io_buffer(128); + MemoryRegion& io_buffer = accum.get_io_buffer(4096); for(size_t i = 0; i != MAX_FILES_READ_PER_POLL; ++i) { @@ -150,7 +150,7 @@ void FTW_EntropySource::poll(Entropy_Accumulator& accum) ::close(fd); if(got > 0) - accum.add(&io_buffer[0], got, .01); + accum.add(&io_buffer[0], got, .001); if(accum.polling_goal_achieved()) break; diff --git a/src/libstate/global_rng.cpp b/src/libstate/global_rng.cpp index a73924213..e9ea530ac 100644 --- a/src/libstate/global_rng.cpp +++ b/src/libstate/global_rng.cpp @@ -68,7 +68,7 @@ void add_entropy_sources(RandomNumberGenerator* rng) #if defined(BOTAN_HAS_ENTROPY_SRC_DEV_RANDOM) rng->add_entropy_source( new Device_EntropySource( - split_on("/dev/urandom:/dev/random:/dev/srandom", ':') + split_on("/dev/random:/dev/srandom:/dev/urandom", ':') ) ); #endif -- cgit v1.2.3 From ec3d97c4b9cde8c017afa0f6c1dc7e69c6ac1229 Mon Sep 17 00:00:00 2001 From: lloyd Date: Mon, 20 Feb 2012 21:02:26 +0000 Subject: Avoid having more than one directory open at a time by just keeping a list of directory names (without the open DIRs) plus the one currently active dir. --- src/entropy/proc_walk/es_ftw.cpp | 77 +++++++++++++++++++++++++--------------- 1 file changed, 49 insertions(+), 28 deletions(-) (limited to 'src') diff --git a/src/entropy/proc_walk/es_ftw.cpp b/src/entropy/proc_walk/es_ftw.cpp index 7bf6c3310..8b4408aee 100644 --- a/src/entropy/proc_walk/es_ftw.cpp +++ b/src/entropy/proc_walk/es_ftw.cpp @@ -1,6 +1,6 @@ /* * FTW EntropySource -* (C) 1999-2008 Jack Lloyd +* (C) 1999-2008,2012 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -41,60 +41,81 @@ namespace { class Directory_Walker : public File_Descriptor_Source { public: - Directory_Walker(const std::string& root) { add_directory(root); } - ~Directory_Walker(); + Directory_Walker(const std::string& root) : + m_cur_dir(std::make_pair(0, "")) + { + if(DIR* root_dir = ::opendir(root.c_str())) + m_cur_dir = std::make_pair(root_dir, root); + } + + ~Directory_Walker() + { + if(m_cur_dir.first) + ::closedir(m_cur_dir.first); + } int next_fd(); private: - void add_directory(const std::string&); + void add_directory(const std::string& dirname) + { + m_dirlist.push_back(dirname); + } - std::deque > dirs; - }; + std::pair get_next_dirent(); -void Directory_Walker::add_directory(const std::string& dirname) - { - DIR* dir = ::opendir(dirname.c_str()); - if(dir) - dirs.push_back(std::make_pair(dir, dirname)); - } + std::pair m_cur_dir; + std::deque m_dirlist; + }; -Directory_Walker::~Directory_Walker() +std::pair Directory_Walker::get_next_dirent() { - while(dirs.size()) + while(m_cur_dir.first) { - ::closedir(dirs[0].first); - dirs.pop_front(); + struct dirent* dir = ::readdir(m_cur_dir.first); + + if(dir) + return std::make_pair(dir, m_cur_dir.second); + + ::closedir(m_cur_dir.first); + m_cur_dir = std::make_pair(0, ""); + + while(!m_dirlist.empty() && m_cur_dir.first == 0) + { + const std::string next_dir_name = m_dirlist[0]; + m_dirlist.pop_front(); + + if(DIR* next_dir = ::opendir(next_dir_name.c_str())) + m_cur_dir = std::make_pair(next_dir, next_dir_name); + } } + + return std::make_pair(0, ""); // nothing left } int Directory_Walker::next_fd() { - while(dirs.size()) + while(true) { - std::pair dirinfo = dirs[0]; + std::pair entry = get_next_dirent(); - struct dirent* entry = ::readdir(dirinfo.first); + if(!entry.first) + break; // no more dirs - if(!entry) - { - ::closedir(dirinfo.first); - dirs.pop_front(); - continue; - } - - const std::string filename = entry->d_name; + const std::string filename = entry.first->d_name; if(filename == "." || filename == "..") continue; - const std::string full_path = dirinfo.second + '/' + filename; + const std::string full_path = entry.second + '/' + filename; struct stat stat_buf; if(::lstat(full_path.c_str(), &stat_buf) == -1) continue; if(S_ISDIR(stat_buf.st_mode)) + { add_directory(full_path); + } else if(S_ISREG(stat_buf.st_mode) && (stat_buf.st_mode & S_IROTH)) { int fd = ::open(full_path.c_str(), O_RDONLY | O_NOCTTY); -- cgit v1.2.3 From 018bfa3c50ec857ce93b44096fc1890dc7dd65a5 Mon Sep 17 00:00:00 2001 From: lloyd Date: Mon, 20 Feb 2012 21:04:50 +0000 Subject: Avoid blocking more than 100 ms in the random device reader. Scale up how much we ask for on the basis of how many bits we're counting each byte as contributing. Change /dev/*random estimate to 7 bits per byte. Small cleanup in HMAC_RNG. --- src/entropy/dev_random/dev_random.cpp | 9 ++++++--- src/rng/hmac_rng/hmac_rng.cpp | 3 ++- 2 files changed, 8 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/entropy/dev_random/dev_random.cpp b/src/entropy/dev_random/dev_random.cpp index c16f48768..9e4f0b373 100644 --- a/src/entropy/dev_random/dev_random.cpp +++ b/src/entropy/dev_random/dev_random.cpp @@ -105,9 +105,12 @@ Device_EntropySource::~Device_EntropySource() */ void Device_EntropySource::poll(Entropy_Accumulator& accum) { - size_t go_get = std::min(accum.desired_remaining_bits() / 8, 48); + const size_t ENTROPY_BITS_PER_BYTE = 7; - size_t read_wait_ms = std::max(go_get, 1000); + const size_t go_get = std::min( + accum.desired_remaining_bits() / ENTROPY_BITS_PER_BYTE, 32); + + const size_t read_wait_ms = std::max(go_get, 100); MemoryRegion& io_buffer = accum.get_io_buffer(go_get); for(size_t i = 0; i != devices.size(); ++i) @@ -117,7 +120,7 @@ void Device_EntropySource::poll(Entropy_Accumulator& accum) if(got) { - accum.add(&io_buffer[0], got, 6); + accum.add(&io_buffer[0], got, ENTROPY_BITS_PER_BYTE); break; } } diff --git a/src/rng/hmac_rng/hmac_rng.cpp b/src/rng/hmac_rng/hmac_rng.cpp index 55503382a..74ba522a4 100644 --- a/src/rng/hmac_rng/hmac_rng.cpp +++ b/src/rng/hmac_rng/hmac_rng.cpp @@ -75,7 +75,8 @@ void HMAC_RNG::reseed(size_t poll_bits) while(!accum.polling_goal_achieved() && poll_attempt < poll_bits) { - entropy_sources[poll_attempt % entropy_sources.size()]->poll(accum); + const size_t src_idx = poll_attempt % entropy_sources.size(); + entropy_sources[src_idx]->poll(accum); ++poll_attempt; } } -- cgit v1.2.3 From 51125f18bbea71640523eb628ae0e595cb826544 Mon Sep 17 00:00:00 2001 From: lloyd Date: Tue, 21 Feb 2012 22:55:27 +0000 Subject: Allow the semi-standard but rarely used 1.3.132.1.12 OID for ECDH keys on decoding by default, and add a comment showing how to enable it for encoding. --- src/libstate/policy.cpp | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/libstate/policy.cpp b/src/libstate/policy.cpp index f91eed1d8..7abea7d4d 100644 --- a/src/libstate/policy.cpp +++ b/src/libstate/policy.cpp @@ -37,7 +37,19 @@ void set_default_oids(Library_State& config) add_oid(config, "1.3.6.1.4.1.3029.1.2.1", "ElGamal"); add_oid(config, "1.3.6.1.4.1.25258.1.1", "RW"); add_oid(config, "1.3.6.1.4.1.25258.1.2", "NR"); - add_oid(config, "1.2.840.10045.2.1", "ECDSA"); // X9.62 + + // X9.62 ecPublicKey, valid for ECDSA and ECDH (RFC 3279 sec 2.3.5) + add_oid(config, "1.2.840.10045.2.1", "ECDSA"); + + /* + * This is an OID defined for ECDH keys though rarely used for such. + * In this configuration it is accepted on decoding, but not used for + * encoding. You can enable it for encoding by calling + * global_state().set("str2oid", "ECDH", "1.3.132.1.12") + * from your application code. + */ + config.set("oid2str", "1.3.132.1.12", "ECDH"); + add_oid(config, "1.2.643.2.2.19", "GOST-34.10"); // RFC 4491 /* Ciphers */ -- cgit v1.2.3 From 7f0c020ee0aa07f544381037e25bfc7eb02518cd Mon Sep 17 00:00:00 2001 From: lloyd Date: Fri, 9 Mar 2012 18:53:28 +0000 Subject: Typo in comment --- src/pubkey/ec_group/ec_group.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/pubkey/ec_group/ec_group.h b/src/pubkey/ec_group/ec_group.h index 9430a8e38..59a1918c0 100644 --- a/src/pubkey/ec_group/ec_group.h +++ b/src/pubkey/ec_group/ec_group.h @@ -64,7 +64,7 @@ class BOTAN_DLL EC_Group /** * Create an EC domain from PEM encoding (as from PEM_encode), - * or from an OID name (eg "secp16r1", or "1.3.132.0.8") + * or from an OID name (eg "secp160r1", or "1.3.132.0.8") * @param pem_or_oid PEM-encoded data, or an OID */ EC_Group(const std::string& pem_or_oid = ""); -- cgit v1.2.3 From cc041b2a855331b33a6458377498625b05f076bb Mon Sep 17 00:00:00 2001 From: lloyd Date: Fri, 30 Mar 2012 01:03:19 +0000 Subject: Add more comments explaining what is going on in dl_work_factor --- src/pubkey/workfactor.cpp | 55 ++++++++++++++++++++++++----------------------- src/pubkey/workfactor.h | 2 +- 2 files changed, 29 insertions(+), 28 deletions(-) (limited to 'src') diff --git a/src/pubkey/workfactor.cpp b/src/pubkey/workfactor.cpp index f3d5d164a..72ba75cf9 100644 --- a/src/pubkey/workfactor.cpp +++ b/src/pubkey/workfactor.cpp @@ -1,6 +1,6 @@ /* * Public Key Work Factor Functions -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2007,2012 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -11,39 +11,40 @@ namespace Botan { -/* -* Choose the exponent size for a DL group -*/ size_t dl_work_factor(size_t bits) { -#if 0 /* - These values were taken from RFC 3526 + Based on GNFS work factors. Constant is 1.43 times the asymptotic + value; I'm not sure but I believe that came from a paper on 'real + world' runtimes, but I don't remember where now. + + Sample return values: + |512| -> 64 + |1024| -> 86 + |1536| -> 102 + |2048| -> 116 + |3072| -> 138 + |4096| -> 155 + |8192| -> 206 + + For DL algos, we use an exponent of twice the size of the result; + the assumption is that an arbitrary discrete log on a group of size + bits would take about 2^n effort, and thus using an exponent of + size 2^(2*n) implies that all available attacks are about as easy + (as e.g Pollard's kangaroo algorithm can compute the DL in sqrt(x) + operations) while minimizing the exponent size for performance + reasons. */ - if(bits <= 1536) - return 90; - else if(bits <= 2048) - return 110; - else if(bits <= 3072) - return 130; - else if(bits <= 4096) - return 150; - else if(bits <= 6144) - return 170; - else if(bits <= 8192) - return 190; - return 256; -#else - const double MIN_ESTIMATE = 64; - - const double log_x = bits / 1.44; + + const size_t MIN_WORKFACTOR = 64; + + // approximates natural logarithm of p + const double log_p = bits / 1.4426; const double strength = - 2.76 * std::pow(log_x, 1.0/3.0) * std::pow(std::log(log_x), 2.0/3.0); + 2.76 * std::pow(log_p, 1.0/3.0) * std::pow(std::log(log_p), 2.0/3.0); - return static_cast(std::max(strength, MIN_ESTIMATE)); -#endif + return std::max(static_cast(strength), MIN_WORKFACTOR); } - } diff --git a/src/pubkey/workfactor.h b/src/pubkey/workfactor.h index bd1a43298..179b580e7 100644 --- a/src/pubkey/workfactor.h +++ b/src/pubkey/workfactor.h @@ -13,7 +13,7 @@ namespace Botan { /** -* Estimate work factor +* Estimate work factor for discrete logarithm * @param prime_group_size size of the group in bits * @return estimated security level for this group */ -- cgit v1.2.3 From cdde9a171e3fcb164e7946c198ba4d8f9ef486fb Mon Sep 17 00:00:00 2001 From: lloyd Date: Thu, 5 Apr 2012 01:17:22 +0000 Subject: Remove the client SRP6 class, really free standing functions are fine for this. Add a new function that identifies a named SRP group from the N/g params - this is important as we need to verify the SRP groups, the easiest way to do that is to to force them to be a known/published value. Add the 1536, 3072, 4096, 6144, and 8192 bit groups from RFC 5054 --- src/constructs/srp6/srp6.cpp | 47 ++++++++++++++++++------- src/constructs/srp6/srp6.h | 68 +++++++++++++++++------------------ src/libstate/policy.cpp | 84 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 152 insertions(+), 47 deletions(-) (limited to 'src') diff --git a/src/constructs/srp6/srp6.cpp b/src/constructs/srp6/srp6.cpp index 287f0bdfb..cb9bf27bc 100644 --- a/src/constructs/srp6/srp6.cpp +++ b/src/constructs/srp6/srp6.cpp @@ -69,14 +69,37 @@ BigInt compute_x(const std::string& hash_id, } +std::string srp6_group_identifier(const BigInt& N, const BigInt& g) + { + /* + This function assumes that only one 'standard' SRP parameter set has + been defined for a particular bitsize. As of this writing that is the case. + */ + try + { + const std::string group_name = "modp/srp/" + to_string(N.bits()); + + DL_Group group(group_name); + + if(group.get_p() == N && group.get_g() == g) + return group_name; + + throw std::runtime_error("Unknown SRP params"); + } + catch(...) + { + throw Invalid_Argument("Bad SRP group parameters"); + } + } + std::pair -SRP6_Client_Session:: step1(const std::string& identifier, - const std::string& password, - const std::string& group_id, - const std::string& hash_id, - const MemoryRegion& salt, - const BigInt& B, - RandomNumberGenerator& rng) +srp6_client_agree(const std::string& identifier, + const std::string& password, + const std::string& group_id, + const std::string& hash_id, + const MemoryRegion& salt, + const BigInt& B, + RandomNumberGenerator& rng) { DL_Group group(group_id); const BigInt& g = group.get_g(); @@ -104,11 +127,11 @@ SRP6_Client_Session:: step1(const std::string& identifier, return std::make_pair(A, Sk); } -BigInt SRP6_Client_Session::generate_verifier(const std::string& identifier, - const std::string& password, - const MemoryRegion& salt, - const std::string& group_id, - const std::string& hash_id) +BigInt generate_srp6_verifier(const std::string& identifier, + const std::string& password, + const MemoryRegion& salt, + const std::string& group_id, + const std::string& hash_id) { const BigInt x = compute_x(hash_id, identifier, password, salt); diff --git a/src/constructs/srp6/srp6.h b/src/constructs/srp6/srp6.h index 01bd2a4c7..bf5cb4863 100644 --- a/src/constructs/srp6/srp6.h +++ b/src/constructs/srp6/srp6.h @@ -17,44 +17,42 @@ namespace Botan { /** -* Represents a SRP-6a client session +* SRP6a Client side +* @param username the username we are attempting login for +* @param password the password we are attempting to use +* @param group_id specifies the shared SRP group +* @param hash_id specifies a secure hash function +* @param salt is the salt value sent by the server +* @param B is the server's public value +* @param rng is a random number generator +* +* @return (A,K) the client public key and the shared secret key */ -class BOTAN_DLL SRP6_Client_Session - { - public: +std::pair srp6_client_agree(const std::string& username, + const std::string& password, + const std::string& group_id, + const std::string& hash_id, + const MemoryRegion& salt, + const BigInt& B, + RandomNumberGenerator& rng); - /** - * Client side step 1 - * @param username the username we are attempting login for - * @param password the password we are attempting to use - * @param group_id specifies the shared SRP group - * @param hash_id specifies a secure hash function - * @param salt is the salt value sent by the server - * @param B is the server's public value - * @param rng is a random number generator - * - * @return (A,K) the client public key and the shared secret key - */ - std::pair step1(const std::string& username, - const std::string& password, - const std::string& group_id, - const std::string& hash_id, - const MemoryRegion& salt, - const BigInt& B, - RandomNumberGenerator& rng); +/** +* Generate a new SRP-6 verifier +* @param identifier a username or other client identifier +* @param password the secret used to authenticate user +* @param salt a randomly chosen value, at least 128 bits long +*/ +BigInt generate_srp6_verifier(const std::string& identifier, + const std::string& password, + const MemoryRegion& salt, + const std::string& group_id, + const std::string& hash_id); - /** - * Generate a new SRP-6 verifier - * @param identifier a username or other client identifier - * @param password the secret used to authenticate user - * @param salt a randomly chosen value, at least 128 bits long - */ - static BigInt generate_verifier(const std::string& identifier, - const std::string& password, - const MemoryRegion& salt, - const std::string& group_id, - const std::string& hash_id); - }; +/** +* Return the group id for this SRP param set, or else thrown an +* exception +*/ +std::string srp6_group_identifier(const BigInt& N, const BigInt& g); /** * Represents a SRP-6a server session diff --git a/src/libstate/policy.cpp b/src/libstate/policy.cpp index 7abea7d4d..b1da22ce8 100644 --- a/src/libstate/policy.cpp +++ b/src/libstate/policy.cpp @@ -337,6 +337,15 @@ void set_default_dl_groups(Library_State& config) "NgRlEbmT//////////8=" "-----END X942 DH PARAMETERS-----"); + config.set("dl", "modp/srp/1536", + "-----BEGIN DH PARAMETERS-----" + "MIHHAoHBAJ3vPK+5OSd6sfEqhheke7vbpR30maxMgL7uqWFLGcxNX09fVW4ny95R" + "xqlL5GB6KRVYkDug0PhDgLZVu5oi6NzfAop87Gfw0IE0sci5eYkUm2CeC+O6tj1H" + "VIOB28Wx/HZOP0tT3Z2hFYv9PiucjPVu3wGVOTSWJ9sv1T0kt8SGZXcuQ31sf4zk" + "QnNK98y3roN8Jkrjqb64f4ov6bi1KS5aAh//XpFHnoznoowkQsbzFRgPk0maI03P" + "duP+0TX5uwIBAg==" + "-----END DH PARAMETERS-----"); + config.set("dl", "modp/ietf/2048", "-----BEGIN X942 DH PARAMETERS-----" "MIICDAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" @@ -388,6 +397,19 @@ void set_default_dl_groups(Library_State& config) "JcFokFSdaWV//////////w==" "-----END X942 DH PARAMETERS-----"); + config.set("dl", "modp/srp/3072", + "-----BEGIN DH PARAMETERS-----" + "MIIBiAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" + "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" + "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" + "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS" + "yv//////////AgEF" + "-----END DH PARAMETERS-----"); + config.set("dl", "modp/ietf/4096", "-----BEGIN X942 DH PARAMETERS-----" "MIIEDAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" @@ -414,6 +436,21 @@ void set_default_dl_groups(Library_State& config) "ydp1TEbH7uDDf9vuSFNgR6b6GuSaAxjM//////////8=" "-----END X942 DH PARAMETERS-----"); + config.set("dl", "modp/srp/4096", + "-----BEGIN DH PARAMETERS-----" + "MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" + "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" + "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" + "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI" + "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O" + "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI" + "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQU=" + "-----END DH PARAMETERS-----"); + config.set("dl", "modp/ietf/6144", "-----BEGIN X942 DH PARAMETERS-----" "MIIGDAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" @@ -451,6 +488,27 @@ void set_default_dl_groups(Library_State& config) "jzbmIBJ//////////wIBAg==" "-----END X942 DH PARAMETERS-----"); + config.set("dl", "modp/srp/6144", + "-----BEGIN DH PARAMETERS-----" + "MIIDCAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" + "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" + "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" + "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI" + "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O" + "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI" + "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG" + "3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU" + "7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId" + "A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha" + "xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/" + "8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA" + "JP//////////AgEF" + "-----END DH PARAMETERS-----"); + config.set("dl", "modp/ietf/8192", "-----BEGIN X942 DH PARAMETERS-----" "MIIIDAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" @@ -498,6 +556,32 @@ void set_default_dl_groups(Library_State& config) "034BNyPKrHIjqzv01U8YKHE7K0pv5A+rdEBctziwZMBuzHbp7///////////AgEC" "-----END X942 DH PARAMETERS-----"); + config.set("dl", "modp/srp/8192", + "-----BEGIN DH PARAMETERS-----" + "MIIECAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb" + "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft" + "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT" + "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh" + "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq" + "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM" + "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq" + "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI" + "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O" + "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI" + "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG" + "3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU" + "7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId" + "A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha" + "xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/" + "8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebb4R" + "WXSjkm8S/uXkOHd8tqky34zYvsTQc7kxujvIMraNndMAdB+nv4r8R+0ldvaTa6Qk" + "ZjqrY5xa5PVoNCO0dCvxyXgjjxbL451lLeP9uL78hIrZIiIuBKQDfAcT61eoGiPw" + "xzRz/GRs6jBrS8vIhi+Dhd36nUt/osCH6HloMwPtW906Bis89bOieKZtKhP4P0T4" + "Ld8xDuB0q2o2RZfomaAlXcFk8xzFCEaFHfmrSBld7X6hsdUQvX7nTXP682vDHs+i" + "aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU" + "38gfVuiAuW5xYMmA3Zjt09///////////wIBEw==" + "-----END DH PARAMETERS-----"); + config.set("dl", "dsa/jce/512", "-----BEGIN DSA PARAMETERS-----" "MIGdAkEA/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B81uRpH5t9jQT" -- cgit v1.2.3