From f052bf8629523610f8061071ce7722b0a4ed706c Mon Sep 17 00:00:00 2001 From: jbj Date: Thu, 22 May 2003 17:53:03 +0000 Subject: Yet Another Merge with beecrypt-3.0.0. CVS patchset: 6869 CVS date: 2003/05/22 17:53:03 --- beecrypt/BENCHMARKS | 237 ++++------------------------------- beecrypt/BUGS | 37 ++++-- beecrypt/DOCUMENTATION | 51 +------- beecrypt/Makefile.am | 11 +- beecrypt/NEWS | 3 + beecrypt/acinclude.m4 | 143 ++++++++++----------- beecrypt/beecrypt.c | 10 +- beecrypt/blockmode.c | 12 +- beecrypt/blockmode.h | 8 +- beecrypt/configure.ac | 94 +++++++++----- beecrypt/dhaes.c | 4 +- beecrypt/dhaes.h | 8 +- beecrypt/dldp.c | 1 - beecrypt/dldp.h | 1 - beecrypt/dsa.h | 10 +- beecrypt/elgamal.h | 14 ++- beecrypt/gas/Makefile.am | 27 +++- beecrypt/gas/sha1opt.i586.m4 | 280 ------------------------------------------ beecrypt/mp.h | 17 ++- beecrypt/mpbarrett.c | 150 +++++++--------------- beecrypt/tests/.cvsignore | 1 + beecrypt/tests/Makefile.am | 15 +++ beecrypt/tests/testdldp.c | 2 - beecrypt/tests/testhmacsha1.c | 2 - beecrypt/tests/testmp.c | 19 ++- beecrypt/tests/testrsa.c | 4 +- 26 files changed, 365 insertions(+), 796 deletions(-) delete mode 100644 beecrypt/gas/sha1opt.i586.m4 diff --git a/beecrypt/BENCHMARKS b/beecrypt/BENCHMARKS index 4503db035..81d30f378 100644 --- a/beecrypt/BENCHMARKS +++ b/beecrypt/BENCHMARKS @@ -1,221 +1,38 @@ -Note: timings are average values and may vary under different conditions, i.e. the amount of free memory, swapped memory, amount of cpu cache, etc. I've tried to make them as accurate as possible, within limits. -Note: for block ciphers and hash functions, the test data will almost never completely fit completely in the processor cache, which gives a better estimate of real world performance. +Note: timings are average values and may vary under different conditions, +i.e. the amount of free memory, swapped memory, amount of cpu cache, etc. +I've tried to make them as accurate as possible, within limits. -Note: the Alpha, IA-64 and ARM systems were provided by Compaq's testdrive program; many thanks to them for giving us access to their systems. The timings on these systems are not guaranteed to be accurate; they should be treated as such. +Note: many of the testing systems were provided by HP's testdrive program; +many thanks to them for giving me access to their systems. -The tests: +Note: to avoid religious wars, in the table below read GNU/Linux for +Linux - I'm just a little cramped for space... -Modular exponentiations, (1024 bits ^ 1024 bits) mod 1024 bits, 100 times, sorted according to speed (less is better) +BENCHmark Modular Exponentation (more is better): -Note: since this operation is where servers really hurt (i.e. in SSL), it pays to make this operation as fast as possible. +BeeCrypt 3.0.0 | gcc-3.2.2 | Debian Linux 3.0 | Itanium 2 900 | 12 GB: 6992 () +BeeCrypt 3.0.0 | gcc-3.3 | RedHat AS 2.1 | P4 Xeon 2400 | 4 GB: 6920 (--with-arch=pentium4) +BeeCrypt 3.0.0 | gcc-2.95.4 | Debian Linux 3.0 | Alpha EV6.7 666 | 2 GB: 5742 () +BeeCrypt 3.0.0 | gcc-2.96 | RedHat AS 2.1 | P4 Xeon 2400 | 4 GB: 3280 (--with-arch=pentiumpro) +BeeCrypt 3.0.0 | gcc-3.2.2 | AIX 5.1 | POWER3-II 333 | 512 MB: 1782 (--with-arch=powerpc64) +BeeCrypt 3.0.0 | gcc-3.3 | SuSE Linux 8.2 | Pentium 3 600 | 512 MB: 1447 (--with-arch=pentium3) +BeeCrypt 3.0.0 | gcc-3.2.2 | AIX 5.1 | POWER3-II 333 | 512 MB: 756 () +BeeCrypt 3.0.0 | | Debian Linux 3.0 | StrongARM 1110 128 | 32 MB: 341 () +BeeCrypt 3.0.0 | gcc-2.95.4 | Debian Linux 3.0r1 | M68030 25 | 36 MB: 8 () -BeeCrypt 2.3.0 | Visual Studio .NET | Windows XP Pro | Pentium 4M 1700 | 512 MB: 1.3 sec -BeeCrypt 2.3.0 | gcc 3.2.1 | RedHat Linux 8.0 | Pentium 4M 1700 | 512 MB: 1.4 sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 128 MB: 1.7 sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows Millenium | Athlon 1000 | 128 MB: 1.9 sec -BeeCrypt 2.1.0 | Compaq C 6.3-025 | Tru64 Unix 5.1 | Alpha EV6.7 667 | 2 GB: 2.3 sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Pentium III 1000 | 512 MB: 2.5 sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | PIII Mobile 850 | 128 MB: 3.0 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC 7450 | : 3.3 sec -BeeCrypt 2.0.0 | gcc-2.95.3 | Mandrake Linux 7.1 | Pentium III 800 | 4 GB: 3.3 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Alpha EV6.7 667 | 2 GB: 3.4 sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Pentium III 600 | 256 MB: 4.3 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 4.8 sec -BeeCrypt 2.1.0 | gcc-2.96 | RedHat Linux 7.1 | Pentium III 450 | 128 MB: 5.7 sec -BeeCrypt 2.0.0 | gcc-2.95.2 | Solaris 8 | Pentium III 450 | 128 MB: 5.9 sec -BeeCrypt 2.0.0 | Forte C 6.0 | Solaris 8 | Pentium III 450 | 128 MB: 5.9 sec -BeeCrypt 2.1.0 | gcc-2.9-ia64-000717 | Linux64 | Itanium 733 | 2 GB: 8.4 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC G3 400 | 512 MB: 8.5 sec -BeeCrypt 2.1.0 | gcc-2.95.1 | Debian Linux 2.1 | StrongARM 110 222 | : 9.5 sec -BeeCrypt 2.0.0 | gcc-2.9-ia64-000216 | Linux64 | Itanium 666 | 2 GB: 9.7 sec -Java 1.4.0 | Sun Server VM | Windows 2000 | Pentium III 600 | 256 MB: 10.2 sec -BeeCrypt 2.1.0 | gcc-2.95.3 | LinuxPPC 2000Q4 | PowerPC 604 166 | 80 MB: 10.4 sec -Java 1.2.2 | | RedHat Linux 6.2 | Pentium III 450 | 128 MB: 11.6 sec -Java 1.3 | Sun Server VM | Windows 2000 | Pentium III 450 | 128 MB: 11.7 sec -BeeCrypt 2.1.0 | gcc-2.95.2 | Solaris 8 | UltraSparc II 450 | : 12.8 sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Pentium Pro 200 | 128 MB: 13.1 sec -BeeCrypt 2.1.0 | egcs-2.91.66 | RedHat Linux 6.2 | Pentium Pro 200 | 128 MB: 13.4 sec -Java 1.3.1 | HotSpot Client VM | MacOS X 10.1 | PowerPC G4 | MB: 13.7 sec -Java 1.3 | Sun Server VM | Solaris 8 | Pentium III 450 | 128 MB: 17.1 sec -Java 1.4.0 | Sun Client VM | Windows 2000 | Pentium III 600 | 256 MB: 19.7 sec -Java 1.2.2 | Sun Classic VM | Windows 2000 | Pentium III 450 | 128 MB: 22.0 sec -Java 1.3 | Sun Client VM | Windows 2000 | Pentium III 450 | 128 MB: 23.5 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | SuSE Linux S/390 | IBM zSeries 633 | 128 MB: 26.5 sec -Java 1.2.2 | Sun Classic VM | Windows NT 4.0 | Pentium II 333 | 128 MB: 29.8 sec -Java 1.2.2 | Sun Classic VM | Windows 98 | Pentium II 333 | 64 MB: 32.7 sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (64) | Solaris 8 | UltraSparc I 143 | 128 MB: 40.7 sec -BeeCrypt 2.1.0 | gcc-2.95.3 | Solaris 8 | UltraSparc I 143 | 128 MB: 41.0 sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (32) | Solaris 8 | UltraSparc I 143 | 128 MB: 42.2 sec -Java 1.2.2 | Sun Classic VM | Windows NT 4.0 | Pentium Pro 200 | 128 MB: 48.8 sec -Java 1.2.2 | Sun Classic VM | Solaris 7 | UltraSparc I 143 | 128 MB: 51.1 sec -Java 1.3 | Blackdown Client VM | RedHat Linux 6.2 | Pentium Pro 200 | 128 MB: 60.0 sec -Java 1.3.1 | Sun Server VM | Solaris 8 | UltraSparc I 143 | 128 MB: 83.4 sec -Java 1.3.1 | HotSpot Client VM | MacOS X 10.1 | PowerPC G3 400 | 512 MB: 84.6 sec -Java 1.3 | Sun Server VM | Solaris 7 | UltraSparc I 143 | 128 MB:100.0 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2r3 | Sparc v8 70 | 64 MB:106.1 sec -Java 1.3 | Sun Client VM | Solaris 7 | UltraSparc I 143 | 128 MB:150.0 sec -Java 1.3 | Blackdown Client VM | YellowDog Linux 2.0 | PowerPC G3 400 | 512 MB:630.0 sec +BENCHmark Hash Function (more is better): -Remarks: both on Solaris and Linux, beecrypt is least 5 times faster for this operation than a commercial product we at one time considered using. +MD5 +BeeCrypt 3.0.0 | gcc-2.96 | RedHat AS 2.1 | P4 Xeon 2400 | 4 GB: 137.0 MB/s (--with-arch=pentiumpro) -Some conclusions when comparing indivual processors: -- the assembler optimization for the Pentium family works pretty efficient; the Athlon, however, is unbeatable in this class. -- the Alpha processor is very fast even without assembler-optimized code. -- the ARM processor is incredibly fast with respect to its clock speed. -- the PowerPC 604 processor is an excellent multi-precision integer cruncher with respect to its clock speed; the G3 apparently doesn't continue that line; the G4 seems faster than the G3, but slower than the 604. +SHA-1 +BeeCrypt 3.0.0 | gcc-2.96 | RedHat AS 2.1 | P4 Xeon 2400 | 4 GB: 77.0 MB/s (--with-arch=pentiumpro) -Some conclusions when comparing compilers: -- Compaq's Alpha compilers produce extremely fast output for multi-precision integers; much better than gcc. -- Microsoft Visual C++ 6 seems to be the best compiler for BeeCrypt for the PC platform, even when compared Intel's C++ compiler. -- until the time that we have compilers better suited to Itanium's VLIW architecture, comparison of this CPU will be skewed. Better software-pipelined 64-bit routines, which will make this platform scream in comparison with the current results, is being worked on. These improvements should place Itanium at the top of the list. +SHA-256 +BeeCrypt 3.0.0 | gcc-2.96 | RedHat AS 2.1 | P4 Xeon 2400 | 4 GB: 37.8 MB/s (--with-arch=pentiumpro) -Some conclusions when comparing BeeCrypt's multiprecision integers to Java: -- as of version 1.0.1 BeeCrypt now beats Java on every platform, including UltraSparc. Depending on the version of Java, BeeCrypt is from twice to four times faster. -- with the release of the Java 1.3 client VM on Sparc, Sun has really shot themselves in the foot with the performance of modular exponentations: over three times slower than the previous version. On MacOS 10.1, modular exponentiation seems to be ten times slower than in BeeCrypt. I have no clue what Blackdown's latest Java on PowerPC is doing, but it takes about 80 times longer than BeeCrypt. +BENCHmark Block Cipher (more is better): -It's also about time to re-implement this test, because on the fastest systems the timing is becoming inaccurate. Fixed period timing looks like the way to go (e.g. see how many we can do in one minute). +AES, 128 bits -RSA Signing operation (1024 bits), 100 times -BeeCrypt 2.2.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 768 MB: 0.55 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Alpha EV6.7 667 | 2 GB: 1.07 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Pentium III 600 | 512 MB: 1.48 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 1.51 sec - -RSA Verify operation (1024 bits), 100 times -BeeCrypt 2.2.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 768 MB: 0.04 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Alpha EV6.7 667 | 2 GB: 0.077 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Pentium III 600 | 512 MB: 0.100 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 0.110 sec - -DSA Signing operation (1024 bits), 100 times -BeeCrypt 2.2.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 768 MB: 0.27 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC 7450 | : 0.55 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Alpha EV6.7 667 | 2 GB: 0.56 sec -BeeCrypt 2.2.0 | Visual C 6.0 | Windows 2000 | Pentium III 600 | 256 MB: 0.70 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 0.80 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC G3 400 | 512 MB: 1.39 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Solaris 8 | UltraSparc II 450 | : 2.10 sec -BeeCrypt 2.2.0 | gcc-2.95.3 | Solaris 8 | UltraSparc I 143 | 128 MB: 6.60 sec - -DSA Verify operation (1024 bits), 100 times -BeeCrypt 2.2.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 768 MB: 0.53 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC 7450 | : 1.09 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Alpha EV6.7 667 | 2 GB: 1.11 sec -BeeCrypt 2.2.0 | Visual C 6.0 | Windows 2000 | Pentium III 600 | 256 MB: 1.38 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 1.58 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC G3 400 | 512 MB: 3.75 sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Solaris 8 | UltraSparc II 450 | : 4.16 sec -BeeCrypt 2.2.0 | gcc-2.95.3 | Solaris 8 | UltraSparc I 143 | 128 MB: 13.20 sec - - -Block cipher encryption (more is better) - -AES (10 rounds) ECB: - -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Alpha EV6.7 667 | 2 GB: 23.15 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Pentium III 600 | 512 MB: 18.18 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 16.00 MB/sec - -AES (12 rounds) ECB: - -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Alpha EV6.7 667 | 2 GB: 20.34 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Pentium III 600 | 512 MB: 15.68 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 13.56 MB/sec - -AES (14 rounds) ECB: - -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Alpha EV6.7 667 | 2 GB: 18.15 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Pentium III 600 | 512 MB: 13.97 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 11.94 MB/sec - -Blowfish ECB: -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 128 MB: 42.00 MB/sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows Millenium | Athlon 1000 | 128 MB: 36.36 MB/sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Pentium III 1000 | 512 MB: 28.47 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.3 | Mandrake Linux 7.1 | Pentium III 800 | 4 GB: 25.00 MB/sec -BeeCrypt 2.1.0 | Compaq C 6.3-025 | Tru64 Unix 5.1 | Alpha EV6.7 667 | 2 GB: 21.82 MB/sec -BeeCrypt 2.1.0 | gcc-2.96 | RedHat Linux 7.0 | Alpha EV6.7 667 | 2 GB: 18.25 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.2 | FreeBSD 4.1 | Alpha EV6 667 | 2 GB: 18.18 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | Pentium III 600 | 512 MB: 18.18 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 16.85 MB/sec -BeeCrypt 2.1.0 | Compaq C 6.3-126 | Tru64 Unix 5.1 | Alpha EV6 500 | 2 GB: 15.48 MB/sec -BeeCrypt 2.0.0 | Visual C 6.0 | Windows 2000 | Pentium III 450 | 128 MB: 14.60 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.2 | Solaris 8 | UltraSparc II 450 | : 12.90 MB/sec -BeeCrypt 2.0.0 | gcc-2.9-ia64-00216 | Linux64 | Itanium 666 | 2 GB: 12.00 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.3 | LinuxPPC 2000Q4 | PowerPC 604 166 | 80 MB: 6.25 MB/sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (32) | Solaris 8 | UltraSparc I 143 | 128 MB: 4.97 MB/sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (64) | Solaris 8 | UltraSparc I 143 | 128 MB: 3.57 MB/sec - -Hash functions (more is better) - -MD5: -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 128 MB: 96.00 MB/sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows Millenium | Athlon 1000 | 128 MB: 85.00 MB/sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Pentium III 1000 | 512 MB: 73.00 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.3 | Mandrake Linux 7.1 | Pentium III 800 | 4 GB: 66.67 MB/sec -BeeCrypt 2.0.0 | egcs-2.91.66 | RedHat Linux 6.2 | Alpha EV6.7 667 | 2 GB: 52.50 MB/sec -BeeCrypt 2.1.0 | Compaq C 6.3-025 | Tru64 Unix 5.1 | Alpha EV6.7 667 | 2 GB: 51.90 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.2 | FreeBSD 4.1 | Alpha EV6 667 | 2 GB: 48.00 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC 7450 | : 47.00 MB/sec -BeeCrypt 2.1.0 | gcc-2.96 | RedHat Linux 7.0 | Alpha EV6.7 667 | 2 GB: 42.47 MB/sec -BeeCrypt 2.1.0 | gcc-2.96 | RedHat Linux 7.1 | Pentium III 450 | 128 MB: 39.00 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.2 | Solaris 8 | Pentium III 450 | 128 MB: 31.00 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 30.19 MB/sec -BeeCrypt 2.0.0 | Forte C 6.0 | Solaris 8 | Pentium III 450 | 128 MB: 29.60 MB/sec -BeeCrypt 2.1.0 | gcc-2.9-ia64-000717 | Linux64 | Itanium 733 | 2 GB: 28.67 MB/sec -BeeCrypt 2.0.0 | gcc-2.9-ia64-000216 | Linux64 | Itanium 666 | 2 GB: 22.70 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.2 | Solaris 8 | UltraSparc II 450 | : 21.92 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.1 | Debian Linux 2.1 | StrongARM 110 222 | ?: 18.60 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.3 | LinuxPPC 2000Q4 | PowerPC 604 166 | 80 MB: 13.91 MB/sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (64) | Solaris 8 | UltraSparc I 143 | 128 MB: 7.62 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.3 | Solaris 8 | UltraSparc I 143 | 128 MB: 7.54 MB/sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (32) | Solaris 8 | UltraSparc I 143 | 128 MB: 7.00 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2r3 | Sparc v8 70 | 64 MB: 2.87 MB/sec - -SHA-1: -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 128 MB: 72.00 MB/sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows Millenium | Athlon 1000 | 128 MB: 62.00 MB/sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Pentium III 1000 | 512 MB: 40.50 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.3 | Mandrake Linux 7.1 | Pentium III 800 | 4 GB: 39.00 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC 7450 | : 34.80 MB/sec -BeeCrypt 2.1.0 | Compaq C 6.3-025 | Tru64 Unix 5.1 | Alpha EV6.7 667 | 2 GB: 28.24 MB/sec -BeeCrypt 2.1.0 | gcc-2.96 | RedHat Linux 7.0 | Alpha EV6.7 667 | 2 GB: 27.25 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.2 | FreeBSD 4.1 | Alpha EV6 667 | 2 GB: 24.80 MB/sec -BeeCrypt 2.1.0 | gcc-2.96 | RedHat Linux 7.1 | Pentium III 450 | 128 MB: 22.22 MB/sec -BeeCrypt 2.1.0 | Compaq C 6.3-126 | Tru64 Unix 5.1 | Alpha EV6 500 | 2 GB: 21.10 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 20.78 MB/sec -BeeCrypt 2.0.0 | Visual C 6.0 | Windows 2000 | Pentium III 450 | 128 MB: 20.15 MB/sec -BeeCrypt 2.0.0 | Forte C 6.0 | Solaris 8 | Pentium III 450 | 128 MB: 19.50 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.2 | Solaris 8 | Pentium III 450 | 128 MB: 19.50 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.2 | Solaris 8 | UltraSparc II 450 | : 16.00 MB/sec -BeeCrypt 2.1.0 | gcc-2.9-ia64-000717 | Linux64 | Itanium 733 | 2 GB: 10.32 MB/sec -BeeCrypt 2.0.0 | gcc-2.9-ia64-000216 | Linux64 | Itanium 666 | 2 GB: 9.60 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.3 | LinuxPPC 2000Q4 | PowerPC 604 166 | 80 MB: 9.35 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.1 | Debian Linux 2.1 | StrongARM 110 222 | ?: 8.74 MB/sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (64) | Solaris 8 | UltraSparc I 143 | 128 MB: 5.75 MB/sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (32) | Solaris 8 | UltraSparc I 143 | 128 MB: 5.71 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.3 | Solaris 8 | UltraSparc I 143 | 128 MB: 5.09 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2r3 | Sparc v8 70 | 64 MB: 1.47 MB/sec - -SHA-256: -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Athlon 1200 | 128 MB: 32.50 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | MacOS X 10.1 | PowerPC 7450 | : 28.50 MB/sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows Millenium | Athlon 1000 | 128 MB: 28.00 MB/sec -BeeCrypt 2.1.0 | Visual C 6.0 | Windows 2000 | Pentium III 1000 | 512 MB: 23.27 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.3 | Mandrake Linux 7.1 | Pentium III 800 | 4 GB: 18.60 MB/sec -BeeCrypt 2.1.0 | gcc-2.96 | RedHat Linux 7.0 | Alpha EV6.7 667 | 2 GB: 18.00 MB/sec -BeeCrypt 2.1.0 | Compaq C 6.3-025 | Tru64 Unix 5.1 | Alpha EV6.7 667 | 2 GB: 17.30 MB/sec -BeeCrypt 2.0.0 | gcc-2.95.2 | FreeBSD 4.1 | Alpha EV6 667 | 2 GB: 17.20 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2 | PowerPC 604ev 375 | 768 MB: 14.28 MB/sec -BeeCrypt 2.0.0 | Visual C 6.0 | Windows 2000 | Pentium III 450 | 128 MB: 10.90 MB/sec -BeeCrypt 2.1.0 | gcc-2.96 | RedHat Linux 7.1 | Pentium III 450 | 128 MB: 10.49 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.2 | Solaris 8 | UltraSparc II 450 | : 10.00 MB/sec -BeeCrypt 2.1.0 | gcc-2.9-ia64-000717 | Linux64 | Itanium 733 | 2 GB: 9.04 MB/sec -BeeCrypt 2.0.0 | Forte C 6.0 | Solaris 8 | Pentium III 450 | 128 MB: 7.66 MB/sec -BeeCrypt 2.0.0 | gcc-2.9-ia64-000216 | Linux64 | Itanium 666 | 2 GB: 7.12 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.3 | LinuxPPC 2000Q4 | PowerPC 604 166 | 80 MB: 6.44 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.1 | Debian Linux 2.1 | StrongARM 110 222 | ?: 5.41 MB/sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (32) | Solaris 8 | UltraSparc I 143 | 128 MB: 3.66 MB/sec -BeeCrypt 2.0.0 | Forte C++ 6.1 (64) | Solaris 8 | UltraSparc I 143 | 128 MB: 3.39 MB/sec -BeeCrypt 2.1.0 | gcc-2.95.3 | Solaris 8 | UltraSparc I 143 | 128 MB: 3.01 MB/sec -BeeCrypt 2.2.0 | gcc-2.95.2 | Debian Linux 2.2r3 | Sparc v8 70 | 64 MB: 0.98 MB/sec +BLowfish, 128 bits diff --git a/beecrypt/BUGS b/beecrypt/BUGS index e69297448..367149a53 100644 --- a/beecrypt/BUGS +++ b/beecrypt/BUGS @@ -2,27 +2,45 @@ Legend: - = open bug * = fixed bug -2.2.0: +3.0.0pre: + - Intel icc can't cope with gcj headers; there's also a problem in + combination with aio.h. Solution should be to not test gcj when using + this compiler. As a workaround, you can specify --without-javaglue. + +2.3.0pre: * bug in certain instances of computing modular inverse. - * incorrectly translated intel-style assembler version of x86 mp32odd and mp32even routines into gnu assembler format. + * incorrectly translated intel-style assembler version of x86 mp32odd + and mp32even routines into gnu assembler format. * base64 decoding of '+' and '/' characters is wrong. * incorrect testing of the result of the gcd operation in mp32prndconone. * Chinese Remainer Theorem for RSA private key operation doesn't work + * incorrect header file inclusion when --disable-threads is selected or + when no multithreading is available. + +2.2.0: + [ Released by Jeff Johnson of RedHat, Inc.; lint & doxygen enhanced version + of 2.1.0. ] 2.1.0: - * Entropy gathering from /dev/dsp contained error; size in words of entropy data to gather was overwritten with audio sample size - which resulted in much less entropy. + * Entropy gathering from /dev/dsp contained error; size in words of entropy + data to gather was overwritten with audio sample size - which resulted in + much less entropy. 2.0.0: - - Chinese Remainder Theorem for RSA private key operation doesn't work; it needs fixing. + - Chinese Remainder Theorem for RSA private key operation doesn't work; it + needs fixing. 1.1.2: - * SHA-1 i586 assembler code uses local variables below the current stack frame. + * SHA-1 i586 assembler code uses local variables below the current stack + frame. 1.1.1: - * discrete logarithm domain parameter generator calculations contains bugs - was detected in this release but present since the first release. + * discrete logarithm domain parameter generator calculations contains bugs + - was detected in this release but present since the first release. 1.1.0: - * The javaglue produces a NullPointerException when initializing with a null IV; this should be treated correctly, i.e. as an all zero IV. + * The javaglue produces a NullPointerException when initializing with a + null IV; this should be treated correctly, i.e. as an all zero IV. 1.0.2: @@ -30,5 +48,8 @@ Legend: * The Windows 2000 bug is still around 1.0.0: - * On Windows 2000, the entropy system gets error WAVERR_BADFORMAT in waveInOpen; So far I've been unable to determine why the system does this for format WAVE_FORMAT_PCM. Suggestions to fix this problem are more than welcome. + * On Windows 2000, the entropy system gets error WAVERR_BADFORMAT in + waveInOpen; So far I've been unable to determine why the system does this + for format WAVE_FORMAT_PCM. Suggestions to fix this problem are more than + welcome. * The assembler code for SHA-1 in gnu/fips180opt.gas.i586.s contains bugs. diff --git a/beecrypt/DOCUMENTATION b/beecrypt/DOCUMENTATION index 8b3bc1ec1..fb36fd28a 100644 --- a/beecrypt/DOCUMENTATION +++ b/beecrypt/DOCUMENTATION @@ -1,50 +1 @@ -NOTE: The documentation is incomplete, but will be improved in the near future. - -So okay, you've got the BeeCrypt source code. Now in which way can you use it to protect your data and shield it from prying eyes? You'll have to develop your own programs to do that, or you can use this library with Virtual Unlimited's Beeyond Beehive. - -A word of caution: before you attempt to write your own applications, make sure you familiarize yourself with the concepts of cryptography, read the books recommended in the 'README' file, figure out the math, find information on the internet, in newsgroups, web pages, etc. In other words: study. -Cryptography is not necessarily difficult, but an application is only as strong as its weakest part. More often then not there are unintentional security holes in applications, which result in a dramatically lower level of security than claimed and intended by the author(s). - -To start, there's an example program included called 'beetest.c', which will test and benchmark some of the library's routines after it's been installed. - -Each .h file should contain enough information on how the use the structs and functions it contains. Each .c file should contain comment to explain the tricky parts, and references to textbooks. - -Furthermore, I'll explain briefly what can be found in each file, and how to use it: - -beecrypt.h, beecrypt.c: the definitions and generic functions for accessing pseudo-random generators, hash functions, keyed hash functions, and block ciphers. - -mp32.h, mp32.c: the multiprecision integer basic routines. - -mp32opt.h mp32opt.gas..s: the platform-specific assembler optimized routines for multipreceision integer operations. - -mp32barrett.h, mp32barrett.c: the routines for Barrett Modular Reduction of multiprecision integers. - -mp32prime.h, mp32prime.c: the routines for probabilistic primality testing and generation of multiprecision integers. - -dldp.h, dldp.c: the definitions of Discrete Logarithm Domain Parameters (only prime field variant at this time), plus functions to generate and test them. Generators can be determined over the whole field, or over a prime subfield. - -dlpk.h, dlpk.c: the definitions of Discrete Logarithm Public Keys (only prime field variant at this time), plus functions to initialize and test them. - -dlkp.h, dlkp.c: the definitions of Discrete Logarithm Key Pairs (only prime field variant at this time), plus functions to initialize and generate them. - -dlsvdp-dh.h, dlsvdp-dh.c: the definitions of Diffie-Hellman key agreement (only prime field variant at this time) - -elgamal.h, elgamal.c: the ElGamal signature scheme (two variants) (only prime field variant at this time) - -blockmode.h, blockmode.c: implementation of the different modes block ciphers can operate in (ECB, CBC, etc.) - -blowfish.h, blowfish.c: the blowfish blockciper, plus the stub for hooking it into the beecrypt library. - -blowfishopt.h, blowfishopt.gas..s: the platform-specific assembler optimized routines for blowfish encryption/decryption. - -entropy.h, entropy.c: the entropy gathering system; don't use directly - only use these routines through the beecrypt generics stubs; you can modify this file if you want to add custom entropy provider(s) to the library. - -fips180.h, fips180.c: the SHA-1 hash algorithm, plus the stub for hooking it into the beecrypt library. - -fips186.h, fips186.c: the NIST FIPS-186 pseudo-random number generator, plus the stub for hooking it into the beecrypt library; in the future, the rest of FIPS-186 (the DSA algorithm) will be added. - -hmac.h, hmac.c: the base for the HMAC algorithm; combined with a hash function, it can be used as a keyed hash function. - -mtprng.h, mtprng.c: the Mersenne Twister pseudo-random number generator; it has a very high period, but needs more analysis on whether it's cryptographically strong enough. - -sha1hmac.h, sha1hmac.c: the implementation of the SHA-1/HMAC keyed hash function; uses routines from fips186 and hmac. +To generate the documentation, please use doxygen. diff --git a/beecrypt/Makefile.am b/beecrypt/Makefile.am index ef028ea4d..01b58ddd5 100644 --- a/beecrypt/Makefile.am +++ b/beecrypt/Makefile.am @@ -36,7 +36,7 @@ AUTOMAKE_OPTIONS = gnu check-news no-dependencies LINT = splint -SUBDIRS = docs gas masm mwerks python tests +SUBDIRS = docs gas masm python tests SUFFIXES = .s @@ -56,14 +56,19 @@ libbeecrypt_la_DEPENDENCIES = $(BEECRYPT_OBJECTS) $(BEECRYPT_JAVA_OBJECTS) libbeecrypt_la_LIBADD = aesopt.lo blowfishopt.lo mpopt.lo sha1opt.lo -libbeecrypt_la_LDFLAGS = -version-info $(LIBBEECRYPT_LT_CURRENT):$(LIBBEECRYPT_LT_REVISION):$(LIBBEECRYPT_LT_AGE) +libbeecrypt_la_LDFLAGS = -no-undefined -version-info $(LIBBEECRYPT_LT_CURRENT):$(LIBBEECRYPT_LT_REVISION):$(LIBBEECRYPT_LT_AGE) pkginclude_HEADERS = aes.h base64.h beecrypt.h beecrypt.api.h beecrypt.gnu.h blockmode.h blockpad.h blowfish.h dhaes.h dldp.h dlkp.h dlpk.h dlsvdp-dh.h dsa.h elgamal.h endianness.h entropy.h fips186.h hmac.h hmacmd5.h hmacsha1.h hmacsha256.h md5.h memchunk.h mp.h mpbarrett.h mpnumber.h mpprime.h mtprng.h rsa.h rsakp.h rsapk.h sha1.h sha256.h timestamp.h noinst_HEADERS = aesopt.h beecrypt.win.h \ blowfishopt.h debug.h mpopt.h sha1opt.h system.h -EXTRA_DIST = BENCHMARKS BUGS CONTRIBUTORS Doxyfile.in Doxyheader README README.DLL README.WIN32 autogen.sh beecrypt.mcp beecrypt.gnu.h.in beecrypt.rc beecrypt.spec javaglue.h +EXTRA_DIST = BENCHMARKS BUGS CONTRIBUTORS Doxyfile.in Doxyheader README README.DLL README.WIN32 beecrypt.gnu.h.in beecrypt.rc beecrypt.spec javaglue.h autogen.sh Makefile.mak + +DISTCLEANFILES = mpopt.s aesopt.s blowfishopt.s sha1opt.s + +bench: + (cd tests && $(MAKE) $(AM_MAKEFLAGS) bench) .PHONY: beetest beetest: all diff --git a/beecrypt/NEWS b/beecrypt/NEWS index aaeea00c0..5c20960f7 100644 --- a/beecrypt/NEWS +++ b/beecrypt/NEWS @@ -1,4 +1,5 @@ 3.0.0pre: + - Cleaned up installed header files. - Modified the API so that all keys can be passed as arrays of bytes. - Modified the API so that all key sizes are given in bits. - Modified the multi-precision integer library to work better on 64-bit @@ -9,6 +10,8 @@ Itanium. - Added multi-precision integer assembler routines for PowerPC 64-bit. - Added multi-precision integer assembler routines for Alpha. + - Added multi-precision integer assembler routines for Opteron. + - Added multi-precision integer assembler routines for M68K. - Added new benchmarking programs. 2.3.0pre: diff --git a/beecrypt/acinclude.m4 b/beecrypt/acinclude.m4 index 6c687b204..a723df683 100644 --- a/beecrypt/acinclude.m4 +++ b/beecrypt/acinclude.m4 @@ -279,6 +279,7 @@ AC_DEFUN(BEECRYPT_GNU_CC,[ esac fi if test "$ac_enable_debug" = yes; then + BEECRYPT_CFLAGS_REM([-O2]) CFLAGS="$CFLAGS -Wall" else # Generic optimizations, including cpu tuning @@ -587,80 +588,82 @@ AC_DEFUN(BEECRYPT_ASM_SOURCES,[ echo > aesopt.s echo > blowfishopt.s echo > sha1opt.s - case $bc_target_arch in - arm) - AC_CONFIG_COMMANDS([mpopt.arm],[ - m4 $srcdir/gas/mpopt.arm.m4 > mpopt.s - ]) - ;; - alpha*) - AC_CONFIG_COMMANDS([mpopt.alpha],[ - m4 $srcdir/gas/mpopt.alpha.m4 > mpopt.s - ]) - ;; - athlon* | i[[3456]]86 | pentium*) - AC_CONFIG_COMMANDS([mpopt.x86],[ - m4 $srcdir/gas/mpopt.x86.m4 > mpopt.s - ]) - AC_CONFIG_COMMANDS([sha1opt.x86],[ - m4 $srcdir/gas/sha1opt.x86.m4 > sha1opt.s - ]) - ;; - ia64) - AC_CONFIG_COMMANDS([mpopt.ia64],[ - m4 $srcdir/gas/mpopt.ia64.m4 > mpopt.s - ]) - ;; - m68k) - AC_CONFIG_COMMANDS([mpopt.m68k],[ - m4 $srcdir/gas/mpopt.m68k.m4 > mpopt.s - ]) - ;; - powerpc) - AC_CONFIG_COMMANDS([mpopt.ppc],[ - m4 $srcdir/gas/mpopt.ppc.m4 > mpopt.s - ]) - AC_CONFIG_COMMANDS([blowfishopt.ppc],[ - m4 $srcdir/gas/blowfishopt.ppc.m4 > blowfishopt.s - ]) - ;; - powerpc64) - AC_CONFIG_COMMANDS([mpopt.ppc64],[ - m4 $srcdir/gas/mpopt.ppc64.m4 > mpopt.s - ]) - ;; - s390x) - AC_CONFIG_COMMANDS([mpopt.s390x],[ - m4 $srcdir/gas/mpopt.s390x.m4 > mpopt.s - ]) - ;; - sparcv8) - AC_CONFIG_COMMANDS([mpopt.sparcv8],[ - m4 $srcdir/gas/mpopt.sparcv8.m4 > mpopt.s - ]) - ;; - sparcv8plus) - AC_CONFIG_COMMANDS([mpopt.sparcv8plus],[ - m4 $srcdir/gas/mpopt.sparcv8plus.m4 > mpopt.s - ]) - ;; - x86_64) - AC_CONFIG_COMMANDS([mpopt.x86_64],[ - m4 $srcdir/gas/mpopt.x86_64.m4 > mpopt.s - ]) - ;; - esac - if test "$ac_with_arch" = yes; then - # Code is i586-specific! + if test "$ac_enable_debug" != yes; then case $bc_target_arch in - athlon* | i[[56]]86 | pentium*) - AC_CONFIG_COMMANDS([aesopt.i586],[ - m4 $srcdir/gas/aesopt.i586.m4 > aesopt.s + arm) + AC_CONFIG_COMMANDS([mpopt.arm],[ + m4 $srcdir/gas/mpopt.arm.m4 > mpopt.s ]) - AC_CONFIG_COMMANDS([blowfishopt.i586],[ - m4 $srcdir/gas/blowfishopt.i586.m4 > blowfishopt.s + ;; + alpha*) + AC_CONFIG_COMMANDS([mpopt.alpha],[ + m4 $srcdir/gas/mpopt.alpha.m4 > mpopt.s + ]) + ;; + athlon* | i[[3456]]86 | pentium*) + AC_CONFIG_COMMANDS([mpopt.x86],[ + m4 $srcdir/gas/mpopt.x86.m4 > mpopt.s + ]) + AC_CONFIG_COMMANDS([sha1opt.x86],[ + m4 $srcdir/gas/sha1opt.x86.m4 > sha1opt.s + ]) + ;; + ia64) + AC_CONFIG_COMMANDS([mpopt.ia64],[ + m4 $srcdir/gas/mpopt.ia64.m4 > mpopt.s + ]) + ;; + m68k) + AC_CONFIG_COMMANDS([mpopt.m68k],[ + m4 $srcdir/gas/mpopt.m68k.m4 > mpopt.s + ]) + ;; + powerpc) + AC_CONFIG_COMMANDS([mpopt.ppc],[ + m4 $srcdir/gas/mpopt.ppc.m4 > mpopt.s + ]) + AC_CONFIG_COMMANDS([blowfishopt.ppc],[ + m4 $srcdir/gas/blowfishopt.ppc.m4 > blowfishopt.s + ]) + ;; + powerpc64) + AC_CONFIG_COMMANDS([mpopt.ppc64],[ + m4 $srcdir/gas/mpopt.ppc64.m4 > mpopt.s + ]) + ;; + s390x) + AC_CONFIG_COMMANDS([mpopt.s390x],[ + m4 $srcdir/gas/mpopt.s390x.m4 > mpopt.s + ]) + ;; + sparcv8) + AC_CONFIG_COMMANDS([mpopt.sparcv8],[ + m4 $srcdir/gas/mpopt.sparcv8.m4 > mpopt.s + ]) + ;; + sparcv8plus) + AC_CONFIG_COMMANDS([mpopt.sparcv8plus],[ + m4 $srcdir/gas/mpopt.sparcv8plus.m4 > mpopt.s + ]) + ;; + x86_64) + AC_CONFIG_COMMANDS([mpopt.x86_64],[ + m4 $srcdir/gas/mpopt.x86_64.m4 > mpopt.s ]) ;; esac + if test "$ac_with_arch" = yes; then + # Code is i586-specific! + case $bc_target_arch in + athlon* | i[[56]]86 | pentium*) + AC_CONFIG_COMMANDS([aesopt.i586],[ + m4 $srcdir/gas/aesopt.i586.m4 > aesopt.s + ]) + AC_CONFIG_COMMANDS([blowfishopt.i586],[ + m4 $srcdir/gas/blowfishopt.i586.m4 > blowfishopt.s + ]) + ;; + esac + fi fi ]) diff --git a/beecrypt/beecrypt.c b/beecrypt/beecrypt.c index 873936b5e..a10c565c7 100644 --- a/beecrypt/beecrypt.c +++ b/beecrypt/beecrypt.c @@ -47,9 +47,9 @@ static entropySource entropySourceList[] = { #if WIN32 + { "wincrypt", entropy_wincrypt }, { "wavein", entropy_wavein }, { "console", entropy_console }, - { "wincrypt", entropy_wincrypt }, #else # if HAVE_DEV_URANDOM { "urandom", entropy_dev_urandom }, @@ -57,14 +57,14 @@ static entropySource entropySourceList[] = # if HAVE_DEV_RANDOM { "random", entropy_dev_random }, # endif -# if HAVE_DEV_DSP - { "dsp", entropy_dev_dsp }, +# if HAVE_DEV_TTY + { "tty", entropy_dev_tty }, # endif # if HAVE_DEV_AUDIO { "audio", entropy_dev_audio }, # endif -# if HAVE_DEV_TTY - { "tty", entropy_dev_tty }, +# if HAVE_DEV_DSP + { "dsp", entropy_dev_dsp }, # endif #endif }; diff --git a/beecrypt/blockmode.c b/beecrypt/blockmode.c index 256568ddf..f9967c0c8 100644 --- a/beecrypt/blockmode.c +++ b/beecrypt/blockmode.c @@ -32,7 +32,7 @@ * \{ */ -int blockEncryptECB(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, const uint32_t* src, size_t nblocks) +int blockEncryptECB(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, const uint32_t* src, unsigned int nblocks) { register const unsigned int blockwords = bc->blocksize >> 2; @@ -50,7 +50,7 @@ int blockEncryptECB(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, return 0; } -int blockDecryptECB(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, const uint32_t* src, size_t nblocks) +int blockDecryptECB(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, const uint32_t* src, unsigned int nblocks) { register const unsigned int blockwords = bc->blocksize >> 2; @@ -68,9 +68,9 @@ int blockDecryptECB(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, return 0; } -int blockEncryptCBC(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, const uint32_t* src, size_t nblocks) +int blockEncryptCBC(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, const uint32_t* src, unsigned int nblocks) { - register unsigned int blockwords = bc->blocksize >> 2; + register const unsigned int blockwords = bc->blocksize >> 2; register uint32_t* fdback = bc->getfb(bp); if (nblocks > 0) @@ -112,10 +112,10 @@ int blockEncryptCBC(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, return 0; } -int blockDecryptCBC(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, const uint32_t* src, size_t nblocks) +int blockDecryptCBC(const blockCipher* bc, blockCipherParam* bp, uint32_t* dst, const uint32_t* src, unsigned int nblocks) { /* assumes that every blockcipher's blocksize is a multiple of 32 bits */ - register unsigned int blockwords = bc->blocksize >> 2; + register const unsigned int blockwords = bc->blocksize >> 2; register uint32_t* fdback = bc->getfb(bp); register uint32_t* buf = (uint32_t*) malloc(blockwords * sizeof(*buf)); diff --git a/beecrypt/blockmode.h b/beecrypt/blockmode.h index 90b0f88a4..8a67e0759 100644 --- a/beecrypt/blockmode.h +++ b/beecrypt/blockmode.h @@ -43,7 +43,7 @@ extern "C" { * @retval 0 on success. */ BEECRYPTAPI -int blockEncryptECB(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint32_t* dst, const uint32_t* src, size_t nblocks) +int blockEncryptECB(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint32_t* dst, const uint32_t* src, unsigned int nblocks) /*@modifies bp, dst @*/; /** @@ -56,7 +56,7 @@ int blockEncryptECB(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint3 * @retval 0 on success. */ BEECRYPTAPI -int blockDecryptECB(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint32_t* dst, const uint32_t* src, size_t nblocks) +int blockDecryptECB(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint32_t* dst, const uint32_t* src, unsigned int nblocks) /*@modifies bp, dst @*/; /** @@ -69,7 +69,7 @@ int blockDecryptECB(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint3 * @retval 0 on success. */ BEECRYPTAPI -int blockEncryptCBC(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint32_t* dst, const uint32_t* src, size_t nblocks) +int blockEncryptCBC(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint32_t* dst, const uint32_t* src, unsigned int nblocks) /*@modifies bp, dst @*/; /** @@ -82,7 +82,7 @@ int blockEncryptCBC(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint3 * @retval 0 on success. */ BEECRYPTAPI -int blockDecryptCBC(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint32_t* dst, const uint32_t* src, size_t nblocks) +int blockDecryptCBC(const blockCipher* bc, blockCipherParam* bp, /*@out@*/ uint32_t* dst, const uint32_t* src, unsigned int nblocks) /*@modifies bp, dst @*/; #ifdef __cplusplus diff --git a/beecrypt/configure.ac b/beecrypt/configure.ac index 75cd4f7a0..ae7d44d8a 100644 --- a/beecrypt/configure.ac +++ b/beecrypt/configure.ac @@ -423,6 +423,38 @@ fi AH_TEMPLATE([JAVAGLUE],[Define to 1 if you want to include the Java code]) if test "$ac_with_javaglue" = yes ; then + AC_CHECK_PROG(ac_cv_have_gcj, gcj, yes, no) + if test "$ac_cv_have_gcj" = yes; then + AC_CACHE_CHECK([for java native interface headers], ac_cv_java_include, [ + cat > conftest.java << EOF +public class conftest +{ + public static void main(String[[]] argv) + { + System.out.println(System.getProperty("java.home")); + } +} +EOF + java_home="`gcj --main=conftest -o conftest conftest.java; ./conftest`" + if test X"$java_home" = X; then + java_home=/usr + fi + if test -d "$java_home" -a -d "$java_home/include" -a -f "$java_home/include/jni.h"; then + ac_cv_java_headers=yes + ac_cv_java_include="-I$java_home/include" + gcjpath="$java_home/lib/gcc-lib/`gcj -dumpmachine`/`gcj -dumpversion`" + if test -d "$gcjpath" -a -d "$gcjpath/include"; then + ac_cv_java_include="$ac_cv_java_include -I$gcjpath/include" + fi + else + AC_MSG_WARN([java headers not found, disabling javaglue]) + ac_cv_java_headers=no + ac_cv_java_include= + ac_with_javaglue=no + fi + rm -fr conftest* + ]) + else AC_CHECK_PROG(ac_cv_have_java, java, yes, no) if test "$ac_cv_have_java" = yes; then AC_CHECK_PROG(ac_cv_have_javac, javac, yes, no) @@ -442,20 +474,36 @@ EOF cygwin*) java_home=`cygpath -u -p "$java_home"` ;; esac - if test -d "$ac_cv_java_include" ; then - ac_cv_java_headers=yes - else + if test -d "$java_home"; then case $target_os in darwin*) - ac_cv_java_include="$java_home"/../../../Headers ;; + java_include="$java_home/../../../Headers" ;; *) - ac_cv_java_include="$java_home"/../include ;; + java_include="$java_home"/../include ;; esac - if test -d "$ac_cv_java_include" ; then + if test -d "$java_include" -a -f "$java_include/jni.h"; then ac_cv_java_headers=yes + ac_cv_java_include="-I$java_include" + case $target_os in + aix*) + ac_cv_java_include="-I$java_include -I$java_include/aix" ;; + cygwin*) + ac_cv_java_include="-I$java_include -I$java_include/win32" ;; + darwin*) ;; + linux*) + ac_cv_java_include="-I$java_include -I$java_include/linux" ;; + osf*) + ac_cv_java_include="-I$java_include -I$java_include/osf" ;; + solaris*) + ac_cv_java_include="-I$java_include -I$java_include/solaris" ;; + *) + AC_MSG_WARN([please add appropriate -I$java_include/ flag]) + ac_cv_java_include="-I$java_include" ;; + esac else AC_MSG_WARN([java headers not found, disabling javaglue]) ac_cv_java_headers=no + ac_cv_java_include= ac_with_javaglue=no fi fi @@ -464,6 +512,8 @@ EOF else AC_MSG_WARN([javac not found, disabling javaglue]) ac_cv_java_headers=no + ac_cv_java_include= + ac_with_javaglue=no fi else AC_MSG_WARN([java not found, disabling javaglue]) @@ -471,6 +521,7 @@ EOF ac_with_javaglue=no fi fi +fi if test "$ac_with_javaglue" = yes ; then AC_DEFINE([JAVAGLUE],1) @@ -617,9 +668,7 @@ if test "$ac_enable_debug" != yes; then esac fi -if test "$ac_enable_debug" = yes; then - CFLAGS="$CFLAGS -g" -else +if test "$ac_enable_debug" != yes; then # find out how to use assembler BEECRYPT_ASM_DEFS BEECRYPT_ASM_TEXTSEG @@ -627,38 +676,17 @@ else BEECRYPT_ASM_GSYM_PREFIX BEECRYPT_ASM_LSYM_PREFIX BEECRYPT_ASM_ALIGN +fi + # generate assembler source files from m4 files BEECRYPT_ASM_SOURCES -fi # Check for standard types and integers of specific sizes BEECRYPT_INT_TYPES BEECRYPT_CPU_BITS if test "$ac_with_javaglue" = yes ; then - CFLAGS="$CFLAGS -I$ac_cv_java_include" - case $target_os in - aix*) - CFLAGS="$CFLAGS -I$ac_cv_java_include"/aix - ;; - cygwin*) - CFLAGS="$CFLAGS -I$ac_cv_java_include"/win32 - ;; - darwin*) - ;; - linux*) - CFLAGS="$CFLAGS -I$ac_cv_java_include"/linux - ;; - osf*) - CFLAGS="$CFLAGS -I$ac_cv_java_include"/osf - ;; - solaris*) - CFLAGS="$CFLAGS -I$ac_cv_java_include"/solaris - ;; - *) - AC_MSG_WARN([please add appropriate -I$ac_cv_java_include/ flag]) - ;; - esac + CFLAGS="$CFLAGS $ac_cv_java_include" fi # Generate output files. diff --git a/beecrypt/dhaes.c b/beecrypt/dhaes.c index d4c10e7b7..2c518c9ee 100644 --- a/beecrypt/dhaes.c +++ b/beecrypt/dhaes.c @@ -182,7 +182,7 @@ int dhaes_pContextFree(dhaes_pContext* ctxt) /** */ -static int dhaes_pContextSetup(dhaes_pContext* ctxt, const mpnumber* privkey, const mpnumber* pubkey, const mpnumber* message, cipherOperation op) +static int dhaes_pContextSetup(dhaes_pContext* ctxt, const mpnumber* private, const mpnumber* public, const mpnumber* message, cipherOperation op) /*@modifies ctxt @*/ { register int rc; @@ -196,7 +196,7 @@ static int dhaes_pContextSetup(dhaes_pContext* ctxt, const mpnumber* privkey, co /* compute the shared secret, Diffie-Hellman style */ mpnzero(&secret); - if (dlsvdp_pDHSecret(&ctxt->param, privkey, pubkey, &secret)) + if (dlsvdp_pDHSecret(&ctxt->param, private, public, &secret)) { mpnfree(&secret); free(digest); diff --git a/beecrypt/dhaes.h b/beecrypt/dhaes.h index 5ae3683ce..aca8da2f3 100644 --- a/beecrypt/dhaes.h +++ b/beecrypt/dhaes.h @@ -44,8 +44,8 @@ typedef struct const hashFunction* hash; const blockCipher* cipher; const keyedHashFunction* mac; - size_t cipherkeybits; - size_t mackeybits; + int cipherkeybits; + int mackeybits; } dhaes_pParameters; /** @@ -58,8 +58,8 @@ typedef struct hashFunctionContext hash; blockCipherContext cipher; keyedHashFunctionContext mac; - size_t cipherkeybits; - size_t mackeybits; + int cipherkeybits; + int mackeybits; } dhaes_pContext; #ifdef __cplusplus diff --git a/beecrypt/dldp.c b/beecrypt/dldp.c index 079aa6493..839595b81 100644 --- a/beecrypt/dldp.c +++ b/beecrypt/dldp.c @@ -341,7 +341,6 @@ int dldp_pgonMakeSafe(dldp_p* dp, randomGeneratorContext* rgc, size_t pbits) { /* generate safe p */ mpprndsafe_w(&dp->p, rgc, pbits, mpptrials(pbits), temp); - /*@=globs@*/ /* set n */ mpbsubone(&dp->p, temp); diff --git a/beecrypt/dldp.h b/beecrypt/dldp.h index 453de990f..4c1f6cf3f 100644 --- a/beecrypt/dldp.h +++ b/beecrypt/dldp.h @@ -26,7 +26,6 @@ #ifndef _DLDP_H #define _DLDP_H -#include "beecrypt.h" #include "mpbarrett.h" /** diff --git a/beecrypt/dsa.h b/beecrypt/dsa.h index 4a682dce8..c96379695 100644 --- a/beecrypt/dsa.h +++ b/beecrypt/dsa.h @@ -18,9 +18,15 @@ */ /*!\file dsa.h - * \brief Digital Signature Algorithm, headers. + * \brief Digital Signature Algorithm, as specified by NIST FIPS 186. + * + * FIPS 186 specifies the DSA algorithm as having a large prime \f$p\f$, + * a cofactor \f$q\f$ and a generator \f$g\f$ of a subgroup of + * \f$\mathds{Z}^{*}_p\f$ with order \f$q\f$. The private and public key + * values are \f$x\f$ and \f$y\f$ respectively. + * * \author Bob Deblier - * \ingroup DL_m DL_dsa_m + * \ingroup DL_dsa_m */ #ifndef _DSA_H diff --git a/beecrypt/elgamal.h b/beecrypt/elgamal.h index 2961fcbda..7f04c0d59 100644 --- a/beecrypt/elgamal.h +++ b/beecrypt/elgamal.h @@ -18,7 +18,19 @@ */ /*!\file elgamal.h - * \brief ElGamal algorithm, headers. + * \brief ElGamal algorithm. + * + * For more information on this algorithm, see: + * "Handbook of Applied Cryptography", + * 11.5.2: "The ElGamal signature scheme", p. 454-459 + * + * Two of the signature variants in Note 11.70 are implemented. + * + * \todo Implement ElGamal encryption and decryption. + * + * \todo Explore the possibility of using simultaneous multiple exponentiation, + * as described in HAC, 14.87 (iii). + * * \author Bob Deblier * \ingroup DL_m DL_elgamal_m */ diff --git a/beecrypt/gas/Makefile.am b/beecrypt/gas/Makefile.am index 4bcbc7cd5..d63e000de 100644 --- a/beecrypt/gas/Makefile.am +++ b/beecrypt/gas/Makefile.am @@ -22,4 +22,29 @@ AUTOMAKE_OPTIONS = gnu no-dependencies -EXTRA_DIST = aesopt.i586.m4 aesopt.ppc.m4 alpha.m4 asmdefs.m4 blowfishopt.i586.m4 blowfishopt.ppc.m4 ia64.m4 mpopt.alpha.m4 mpopt.arm.m4 mpopt.ia64.m4 mpopt.m68k.m4 mpopt.ppc.m4 mpopt.ppc64.m4 mpopt.sparcv8.m4 mpopt.sparcv8plus.m4 mpopt.x86.m4 ppc.m4 ppc64.m4 sha1opt.i586.m4 sparc.m4 x86.m4 +EXTRA_DIST = \ + aesopt.i586.m4 \ + aesopt.ppc.m4 \ + alpha.m4 \ + asmdefs.m4 \ + blowfishopt.i586.m4 \ + blowfishopt.ppc.m4 \ + ia64.m4 \ + m68k.m4 \ + mpopt.alpha.m4 \ + mpopt.arm.m4 \ + mpopt.ia64.m4 \ + mpopt.m68k.m4 \ + mpopt.ppc.m4 \ + mpopt.ppc64.m4 \ + mpopt.s390x.m4 \ + mpopt.sparcv8.m4 \ + mpopt.sparcv8plus.m4 \ + mpopt.x86.m4 \ + mpopt.x86_64.m4 \ + ppc.m4 \ + ppc64.m4 \ + sha1opt.x86.m4 \ + sparc.m4 \ + x86.m4 \ + x86_64.m4 diff --git a/beecrypt/gas/sha1opt.i586.m4 b/beecrypt/gas/sha1opt.i586.m4 deleted file mode 100644 index a8d8ec6b5..000000000 --- a/beecrypt/gas/sha1opt.i586.m4 +++ /dev/null @@ -1,280 +0,0 @@ -dnl sha1opt.i586.m4 -dnl -dnl Copyright (c) 2003 Bob Deblier -dnl -dnl Author: Bob Deblier -dnl -dnl This library is free software; you can redistribute it and/or -dnl modify it under the terms of the GNU Lesser General Public -dnl License as published by the Free Software Foundation; either -dnl version 2.1 of the License, or (at your option) any later version. -dnl -dnl This library is distributed in the hope that it will be useful, -dnl but WITHOUT ANY WARRANTY; without even the implied warranty of -dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -dnl Lesser General Public License for more details. -dnl -dnl You should have received a copy of the GNU Lesser General Public -dnl License along with this library; if not, write to the Free Software -dnl Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -include(config.m4) -include(ASM_SRCDIR/x86.m4) - - .equ K00, 0x5a827999 - .equ K20, 0x6ed9eba1 - .equ K40, 0x8f1bbcdc - .equ K60, 0xca62c1d6 - - .equ PARAM_H, 0 - .equ PARAM_DATA, 20 - -define(`subround1',` - movl $2,%ecx - movl $1,%ebx - movl $3,%edx - roll `$'5,%eax - xorl %edx,%ecx - addl $4,%eax - andl %ebx,%ecx - addl `$'K00,%eax - rorl `$'2,%ebx - addl $5(%esi,%edi),%eax - xorl %edx,%ecx - movl %ebx,$1 - addl %ecx,%eax - movl %eax,$4 -') - -define(`subround2',` - movl $2,%ecx - movl $1,%ebx - roll `$'5,%eax - xorl %ebx,%ecx - addl $4,%eax - xorl $3,%ecx - addl `$'K20,%eax - rorl `$'2,%ebx - addl $5(%esi,%edi),%eax - movl %ebx,$1 - addl %ecx,%eax - movl %eax,$4 -') - -define(`subround3',` - movl $2,%ecx - roll `$'5,%eax - movl $1,%ebx - movl %ecx,%edx - addl $4,%eax - orl %ebx,%ecx - andl %ebx,%edx - andl $3,%ecx - addl `$'K40,%eax - orl %edx,%ecx - addl $5(%esi,%edi),%eax - rorl `$'2,%ebx - addl %ecx,%eax - movl %ebx,$1 - movl %eax,$4 -') - -define(`subround4',` - movl $2,%ecx - movl $1,%ebx - roll `$'5,%eax - xorl %ebx,%ecx - addl $4,%eax - xorl $3,%ecx - addl `$'K60,%eax - rorl `$'2,%ebx - addl $5(%esi,%edi),%eax - movl %ebx,$1 - addl %ecx,%eax - movl %eax,$4 -') - -C_FUNCTION_BEGIN(sha1Process) - pushl %edi - pushl %esi - pushl %ebx - pushl %ebp - - movl 20(%esp),%esi - subl `$'20,%esp - leal PARAM_DATA(%esi),%edi - movl %esp,%ebp - - movl `$'4,%ecx -LOCAL(0): - movl (%esi,%ecx,4),%edx - movl %edx,(%ebp,%ecx,4) - decl %ecx - jns LOCAL(0) - - movl `$'15,%ecx - xorl %eax,%eax - - .align 4 -LOCAL(1): - movl (%edi,%ecx,4),%edx - bswap %edx - mov %edx,(%edi,%ecx,4) - decl %ecx - jns LOCAL(1) - - leal PARAM_DATA(%esi),%edi - movl `$'16,%ecx - - .align 4 -LOCAL(2): - movl 52(%edi),%eax - movl 56(%edi),%ebx - xorl 32(%edi),%eax - xorl 36(%edi),%ebx - xorl 8(%edi),%eax - xorl 12(%edi),%ebx - xorl (%edi),%eax - xorl 4(%edi),%ebx - roll `$'1,%eax - roll `$'1,%ebx - movl %eax,64(%edi) - movl %ebx,68(%edi) - movl 60(%edi),%eax - movl 64(%edi),%ebx - xorl 40(%edi),%eax - xorl 44(%edi),%ebx - xorl 16(%edi),%eax - xorl 20(%edi),%ebx - xorl 8(%edi),%eax - xorl 12(%edi),%ebx - roll `$'1,%eax - roll `$'1,%ebx - movl %eax,72(%edi) - movl %ebx,76(%edi) - addl `$'16,%edi - decl %ecx - jnz LOCAL(2) - - movl `$'PARAM_DATA,%edi - - movl (%ebp),%eax -LOCAL(01_20): - subround1( 4(%ebp), 8(%ebp), 12(%ebp), 16(%ebp), 0) - subround1( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround1(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround1(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround1( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround1( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround1( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround1(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround1(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround1( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround1( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround1( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround1(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround1(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround1( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround1( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround1( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround1(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround1(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround1( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - -LOCAL(21_40): - subround2( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround2( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround2(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround2(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround2( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround2( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround2( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround2(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround2(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround2( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround2( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround2( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround2(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround2(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround2( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround2( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround2( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround2(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround2(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround2( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - -LOCAL(41_60): - subround3( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround3( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround3(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround3(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround3( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround3( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround3( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround3(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround3(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround3( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround3( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround3( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround3(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround3(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround3( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround3( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround3( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround3(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround3(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround3( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - -LOCAL(61_80): - subround4( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround4( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround4(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround4(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround4( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround4( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround4( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround4(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround4(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround4( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround4( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround4( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround4(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround4(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround4( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - addl `$'20,%edi - subround4( 4(%ebp), %ebx , 12(%ebp), 16(%ebp), 0) - subround4( (%ebp), %ebx , 8(%ebp), 12(%ebp), 4) - subround4(16(%ebp), %ebx , 4(%ebp), 8(%ebp), 8) - subround4(12(%ebp), %ebx , (%ebp), 4(%ebp), 12) - subround4( 8(%ebp), %ebx , 16(%ebp), (%ebp), 16) - - movl `$'4,%ecx - - .align 4 -LOCAL(3): - movl (%ebp,%ecx,4),%eax - addl %eax,(%esi,%ecx,4) - decl %ecx - jns LOCAL(3) - - addl `$'20,%esp - popl %ebp - popl %ebx - popl %esi - popl %edi - ret -C_FUNCTION_END(sha1Process) diff --git a/beecrypt/mp.h b/beecrypt/mp.h index 7f878e424..2d41b3155 100644 --- a/beecrypt/mp.h +++ b/beecrypt/mp.h @@ -18,7 +18,22 @@ */ /*!\file mp.h - * \brief Multi-precision integer routines, headers. + * \brief Multi-precision integer routines. + * + * The routines declared here are all low-level operations, most of them + * suitable to be implemented in assembler. Prime candidates are in order + * of importance (according to gprof): + *
    + *
  • mpaddmul + *
  • mpsetmul + *
  • mpaddsqrtrc + *
  • mpsub + *
  • mpadd + *
+ * + * With some smart use of available assembler instructions, it's possible + * to speed these routines up by a factor of 2 to 4. + * * \author Bob Deblier * \ingroup MP_m */ diff --git a/beecrypt/mpbarrett.c b/beecrypt/mpbarrett.c index f7f8f19a6..bdc127afd 100644 --- a/beecrypt/mpbarrett.c +++ b/beecrypt/mpbarrett.c @@ -721,6 +721,7 @@ int mpbinv_w(const mpbarrett* b, size_t xsize, const mpw* xdata, mpw* result, mp */ register size_t size = b->size; + register int full; mpw* udata = wksp; mpw* vdata = udata+size+1; @@ -734,128 +735,71 @@ int mpbinv_w(const mpbarrett* b, size_t xsize, const mpw* xdata, mpw* result, mp mpzero(size+1, bdata); mpsetw(size+1, ddata, 1); - if (mpodd(b->size, b->modl)) + if ((full = mpeven(b->size, b->modl))) { - /* use simplified binary extended gcd algorithm */ + mpsetw(size+1, adata, 1); + mpzero(size+1, cdata); + } - while (1) + while (1) + { + while (mpeven(size+1, udata)) { - while (mpeven(size+1, udata)) - { - mpdivtwo(size+1, udata); + mpdivtwo(size+1, udata); - if (mpodd(size+1, bdata)) - (void) mpsubx(size+1, bdata, size, b->modl); - - mpsdivtwo(size+1, bdata); - } - while (mpeven(size+1, vdata)) - { - mpdivtwo(size+1, vdata); - - if (mpodd(size+1, ddata)) - (void) mpsubx(size+1, ddata, size, b->modl); - - mpsdivtwo(size+1, ddata); - } - if (mpge(size+1, udata, vdata)) + if ((full && mpodd(size+1, adata)) || mpodd(size+1, bdata)) { - (void) mpsub(size+1, udata, vdata); - (void) mpsub(size+1, bdata, ddata); - } - else - { - (void) mpsub(size+1, vdata, udata); - (void) mpsub(size+1, ddata, bdata); + if (full) (void) mpaddx(size+1, adata, xsize, xdata); + (void) mpsubx(size+1, bdata, size, b->modl); } - if (mpz(size+1, udata)) - { - if (mpisone(size+1, vdata)) - { - if (result) - { - mpsetx(size, result, size+1, ddata); - /*@-usedef@*/ - if (*ddata & MP_MSBMASK) - { - /* keep adding the modulus until we get a carry */ - while (!mpadd(size, result, b->modl)); - } - /*@=usedef@*/ - } - return 1; - } - return 0; - } + if (full) mpsdivtwo(size+1, adata); + mpsdivtwo(size+1, bdata); } - } - else - { - /* use full binary extended gcd algorithm */ - mpsetw(size+1, adata, 1); - mpzero(size+1, cdata); - - while (1) + while (mpeven(size+1, vdata)) { - while (mpeven(size+1, udata)) - { - mpdivtwo(size+1, udata); - - if (mpodd(size+1, adata) || mpodd(size+1, bdata)) - { - (void) mpaddx(size+1, adata, xsize, xdata); - (void) mpsubx(size+1, bdata, size, b->modl); - } + mpdivtwo(size+1, vdata); - mpsdivtwo(size+1, adata); - mpsdivtwo(size+1, bdata); - } - while (mpeven(size+1, vdata)) + if ((full && mpodd(size+1, cdata)) || mpodd(size+1, ddata)) { - mpdivtwo(size+1, vdata); - - if (mpodd(size+1, cdata) || mpodd(size+1, ddata)) - { - (void) mpaddx(size+1, cdata, xsize, xdata); - (void) mpsubx(size+1, ddata, size, b->modl); - } - - mpsdivtwo(size+1, cdata); - mpsdivtwo(size+1, ddata); - } - if (mpge(size+1, udata, vdata)) - { - (void) mpsub(size+1, udata, vdata); - (void) mpsub(size+1, adata, cdata); - (void) mpsub(size+1, bdata, ddata); - } - else - { - (void) mpsub(size+1, vdata, udata); - (void) mpsub(size+1, cdata, adata); - (void) mpsub(size+1, ddata, bdata); + if (full) (void) mpaddx(size+1, cdata, xsize, xdata); + (void) mpsubx(size+1, ddata, size, b->modl); } - if (mpz(size+1, udata)) + if (full) mpsdivtwo(size+1, cdata); + mpsdivtwo(size+1, ddata); + } + if (mpge(size+1, udata, vdata)) + { + (void) mpsub(size+1, udata, vdata); + if (full) (void) mpsub(size+1, adata, cdata); + (void) mpsub(size+1, bdata, ddata); + } + else + { + (void) mpsub(size+1, vdata, udata); + if (full) (void) mpsub(size+1, cdata, adata); + (void) mpsub(size+1, ddata, bdata); + } + + if (mpz(size+1, udata)) + { + if (mpisone(size+1, vdata)) { - if (mpisone(size+1, vdata)) + if (result) { - if (result) + mpsetx(size, result, size+1, ddata); + /*@-usedef@*/ + if (*ddata & MP_MSBMASK) { - mpsetx(size, result, size+1, ddata); - /*@-usedef@*/ - if (*ddata & MP_MSBMASK) - { - /* keep adding the modulus until we get a carry */ - while (!mpadd(size, result, b->modl)); - } - /*@=usedef@*/ + /* keep adding the modulus until we get a carry */ + while (!mpadd(size, result, b->modl)); } - return 1; + /*@=usedef@*/ } - return 0; + return 1; } + return 0; } } } diff --git a/beecrypt/tests/.cvsignore b/beecrypt/tests/.cvsignore index dacca89ad..2fa0bbbca 100644 --- a/beecrypt/tests/.cvsignore +++ b/beecrypt/tests/.cvsignore @@ -26,6 +26,7 @@ testdsa testhmacmd5 testhmacsha1 testmd5 +testmp testrsa testsha1 testsha256 diff --git a/beecrypt/tests/Makefile.am b/beecrypt/tests/Makefile.am index fecdd2cb9..dbc1c5f78 100644 --- a/beecrypt/tests/Makefile.am +++ b/beecrypt/tests/Makefile.am @@ -52,3 +52,18 @@ benchme_SOURCES = benchme.c benchhf_SOURCES = benchhf.c benchbc_SOURCES = benchbc.c + +# Run every benchmark test twice +bench: benchme benchhf benchbc + ./benchme + ./benchme + ./benchhf MD5 + ./benchhf MD5 + ./benchhf SHA-1 + ./benchhf SHA-1 + ./benchhf SHA-256 + ./benchhf SHA-256 + ./benchbc AES 128 + ./benchbc AES 128 + ./benchbc Blowfish 128 + ./benchbc Blowfish 128 diff --git a/beecrypt/tests/testdldp.c b/beecrypt/tests/testdldp.c index a6e8c27c2..8afb23f7d 100644 --- a/beecrypt/tests/testdldp.c +++ b/beecrypt/tests/testdldp.c @@ -53,8 +53,6 @@ int main() printf("failed test vector 1\n"); failures++; } - else - printf("ok\n"); mpnfree(&gq); diff --git a/beecrypt/tests/testhmacsha1.c b/beecrypt/tests/testhmacsha1.c index 7ccc98ebb..c9fce1327 100644 --- a/beecrypt/tests/testhmacsha1.c +++ b/beecrypt/tests/testhmacsha1.c @@ -96,8 +96,6 @@ int main() printf("failed test vector %d\n", i+1); failures++; } - else - printf("ok\n"); } return failures; diff --git a/beecrypt/tests/testmp.c b/beecrypt/tests/testmp.c index 161047ec7..04e533af5 100644 --- a/beecrypt/tests/testmp.c +++ b/beecrypt/tests/testmp.c @@ -11,9 +11,8 @@ static const mpw P[8] = { ~((mpw) 0U), ~((mpw) 0U), ~((mpw) 0U), ~((mpw) 0U) - 1 int main() { - int i; + int i, carry; mpw x[4]; - mpw y[4]; mpw r[8]; for (i = 0; i < 4; i++) @@ -72,6 +71,20 @@ int main() return 1; } + mpcopy(4, x, F); + carry = mpaddw(4, x, (mpw) 1U); + if (!carry || mpne(4, x, Z)) + { + printf("mpaddw failed"); + return 1; + } + carry = mpsubw(4, x, (mpw) 1U); + if (!carry || mpne(4, x, F)) + { + printf("mpsubw failed"); + return 1; + } + mpzero(8, r); mpmul(r, 4, F, 4, F); if (!mpeq(8, r, P)) @@ -88,7 +101,5 @@ int main() return 1; } - printf("success\n"); - return 0; } diff --git a/beecrypt/tests/testrsa.c b/beecrypt/tests/testrsa.c index 07952b3c7..8fcc8be0a 100644 --- a/beecrypt/tests/testrsa.c +++ b/beecrypt/tests/testrsa.c @@ -69,9 +69,7 @@ int main() if (rsapricrt(&keypair, &cipher, &decipher)) failures++; - if (mpeqx(m.size, m.data, decipher.size, decipher.data)) - printf("ok\n"); - else + if (mpnex(m.size, m.data, decipher.size, decipher.data)) failures++; mpnfree(&decipher); -- cgit v1.2.3