diff options
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | cipher/ChangeLog | 14 | ||||
-rw-r--r-- | cipher/md.c | 4 | ||||
-rw-r--r-- | cipher/tiger.c | 101 | ||||
-rw-r--r-- | doc/gcrypt.texi | 14 | ||||
-rw-r--r-- | src/cipher.h | 2 | ||||
-rw-r--r-- | src/gcrypt.h.in | 6 | ||||
-rw-r--r-- | tests/ChangeLog | 5 | ||||
-rw-r--r-- | tests/basic.c | 68 |
9 files changed, 192 insertions, 26 deletions
@@ -1,6 +1,8 @@ Noteworthy changes in version 1.5.x (unreleased) ------------------------------------------------ + * New variants of the TIGER algorithm. + * New cipher algorithm mode for AES-WRAP. * Fixed minor memory leak in DSA key generation. @@ -20,6 +22,8 @@ Noteworthy changes in version 1.5.x (unreleased) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GCRY_CIPHER_MODE_AESWRAP NEW. GCRY_PK_ECDH NEW. + GCRY_MD_TIGER1 NEW. + GCRY_MD_TIGER2 NEW. Noteworthy changes in version 1.4.4 (2009-01-22) diff --git a/cipher/ChangeLog b/cipher/ChangeLog index b6ba4d4e..6e199b0a 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,13 @@ +2010-03-26 Werner Koch <wk@g10code.com> + + * tiger.c (asn): Unfetter the old TIGER from an OID. + (TIGER_CONTEXT): Add field VARIANT. + (tiger_init): Factor code out to ... + (do_init): New. + (tiger1_init, tiger2_init): New. + (_gcry_digest_spec_tiger1, _gcry_digest_spec_tiger2): New. + * md.c (digest_table): Add TIGER1 and TIGER2 variants. + 2009-12-11 Werner Koch <wk@g10code.com> * sha256.c (Cho, Maj, Sum0, Sum1): Turn macros into inline @@ -3953,8 +3963,8 @@ Mon Feb 16 10:08:47 1998 Werner Koch (wk@isil.d.shuttle.de) (digest_algo_to_string): New. - Copyright 1998,1999,2000,2001,2002,2003,2004,2005,2006 - 2007, 2008, 2009 Free Software Foundation, Inc. + Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006 + 2007, 2008, 2009, 2010 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without diff --git a/cipher/md.c b/cipher/md.c index 9528f6d3..a353f3c3 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -87,6 +87,10 @@ static struct digest_table_entry #if USE_TIGER { &_gcry_digest_spec_tiger, &dummy_extra_spec, GCRY_MD_TIGER }, + { &_gcry_digest_spec_tiger1, + &dummy_extra_spec, GCRY_MD_TIGER1 }, + { &_gcry_digest_spec_tiger2, + &dummy_extra_spec, GCRY_MD_TIGER2 }, #endif #if USE_WHIRLPOOL { &_gcry_digest_spec_whirlpool, diff --git a/cipher/tiger.c b/cipher/tiger.c index 320cdb19..88fd3483 100644 --- a/cipher/tiger.c +++ b/cipher/tiger.c @@ -1,5 +1,5 @@ /* tiger.c - The TIGER hash function - * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 2001, 2002, 2003, 2010 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -18,6 +18,8 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ +/* See http://www.cs.technion.ac.il/~biham/Reports/Tiger/ */ + #include <config.h> #include <stdio.h> #include <stdlib.h> @@ -26,16 +28,16 @@ #include "g10lib.h" #include "cipher.h" +/* We really need a 64 bit type for this code. */ #ifdef HAVE_U64_TYPEDEF -/* we really need it here, but as this is only experiment we - * can live without Tiger */ - -typedef struct { - u64 a, b, c; - byte buf[64]; - int count; - u32 nblocks; +typedef struct +{ + u64 a, b, c; + byte buf[64]; + int count; + u32 nblocks; + int variant; /* 0 = old code, 1 = fixed code, 2 - TIGER2. */ } TIGER_CONTEXT; @@ -587,7 +589,7 @@ static u64 sbox4[256] = { }; static void -tiger_init( void *context ) +do_init (void *context, int variant) { TIGER_CONTEXT *hd = context; @@ -596,6 +598,25 @@ tiger_init( void *context ) hd->c = 0xf096a5b4c3b2e187LL; hd->nblocks = 0; hd->count = 0; + hd->variant = variant; +} + +static void +tiger_init (void *context) +{ + do_init (context, 0); +} + +static void +tiger1_init (void *context) +{ + do_init (context, 1); +} + +static void +tiger2_init (void *context) +{ + do_init (context, 2); } static void @@ -762,6 +783,7 @@ tiger_final( void *context ) TIGER_CONTEXT *hd = context; u32 t, msb, lsb; byte *p; + byte pad = hd->variant == 2? 0x80 : 0x01; tiger_write(hd, NULL, 0); /* flush */; @@ -781,13 +803,13 @@ tiger_final( void *context ) if( hd->count < 56 ) /* enough room */ { - hd->buf[hd->count++] = 0x01; /* pad */ + hd->buf[hd->count++] = pad; while( hd->count < 56 ) hd->buf[hd->count++] = 0; /* pad */ } else /* need one extra block */ { - hd->buf[hd->count++] = 0x01; /* pad character */ + hd->buf[hd->count++] = pad; /* pad character */ while( hd->count < 64 ) hd->buf[hd->count++] = 0; tiger_write(hd, NULL, 0); /* flush */; @@ -814,10 +836,24 @@ tiger_final( void *context ) *p++ = hd->a >> 24; *p++ = hd->a >> 16; \ *p++ = hd->a >> 8; *p++ = hd->a; } while(0) #endif - X(a); - X(b); - X(c); +#define Y(a) do { *p++ = hd->a ; *p++ = hd->a >> 8; \ + *p++ = hd->a >> 16; *p++ = hd->a >> 24; \ + *p++ = hd->a >> 32; *p++ = hd->a >> 40; \ + *p++ = hd->a >> 48; *p++ = hd->a >> 56; } while(0) + if (hd->variant == 0) + { + X(a); + X(b); + X(c); + } + else + { + Y(a); + Y(b); + Y(c); + } #undef X +#undef Y } static byte * @@ -828,22 +864,47 @@ tiger_read( void *context ) return hd->buf; } -static byte asn[19] = /* Object ID is 1.3.6.1.4.1.11591.12.2 */ + + +/* This is the old TIGER variant based on the unfixed reference + implementation. IT was used in GnupG up to 1.3.2. We don't provide + an OID anymore because that would not be correct. */ +gcry_md_spec_t _gcry_digest_spec_tiger = + { + "TIGER192", NULL, 0, NULL, 24, + tiger_init, tiger_write, tiger_final, tiger_read, + sizeof (TIGER_CONTEXT) + }; + + + +/* This is the fixed TIGER implemenation. */ +static byte asn1[19] = /* Object ID is 1.3.6.1.4.1.11591.12.2 */ { 0x30, 0x29, 0x30, 0x0d, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xda, 0x47, 0x0c, 0x02, 0x05, 0x00, 0x04, 0x18 }; -static gcry_md_oid_spec_t oid_spec_tiger[] = +static gcry_md_oid_spec_t oid_spec_tiger1[] = { /* GNU.digestAlgorithm TIGER */ { "1.3.6.1.4.1.11591.12.2" }, { NULL } }; -gcry_md_spec_t _gcry_digest_spec_tiger = +gcry_md_spec_t _gcry_digest_spec_tiger1 = { - "TIGER192", asn, DIM (asn), oid_spec_tiger, 24, - tiger_init, tiger_write, tiger_final, tiger_read, + "TIGER", asn1, DIM (asn1), oid_spec_tiger1, 24, + tiger1_init, tiger_write, tiger_final, tiger_read, + sizeof (TIGER_CONTEXT) + }; + + + +/* This is TIGER2 which usues a changed padding algorithm. */ +gcry_md_spec_t _gcry_digest_spec_tiger2 = + { + "TIGER2", NULL, 0, NULL, 24, + tiger2_init, tiger_write, tiger_final, tiger_read, sizeof (TIGER_CONTEXT) }; diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 5e736244..01c352f2 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -3427,7 +3427,7 @@ are also supported. @cindex SHA-224, SHA-256, SHA-384, SHA-512 @cindex RIPE-MD-160 @cindex MD2, MD4, MD5 -@cindex TIGER +@cindex TIGER, TIGER1, TIGER2 @cindex HAVAL @cindex Whirlpool @cindex CRC32 @@ -3464,7 +3464,17 @@ This is an reserved identifier for MD-2; there is no implementation yet. This algorithm has severe weaknesses and should not be used. @item GCRY_MD_TIGER -This is the TIGER/192 algorithm which yields a message digest of 24 bytes. +This is the TIGER/192 algorithm which yields a message digest of 24 +bytes. Actually this is a variant of TIGER with a different output +print order as used by GnuPG up to version 1.3.2. + +@item GCRY_MD_TIGER1 +This is the TIGER variant as used by the NESSIE project. It uses the +most commonly used output print order. + +@item GCRY_MD_TIGER2 +This is another variant of TIGER with a different padding scheme. + @item GCRY_MD_HAVAL This is an reserved value for the HAVAL algorithm with 5 passes and 160 diff --git a/src/cipher.h b/src/cipher.h index 62ca745a..48baab42 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -114,6 +114,8 @@ extern gcry_md_spec_t _gcry_digest_spec_sha256; extern gcry_md_spec_t _gcry_digest_spec_sha512; extern gcry_md_spec_t _gcry_digest_spec_sha384; extern gcry_md_spec_t _gcry_digest_spec_tiger; +extern gcry_md_spec_t _gcry_digest_spec_tiger1; +extern gcry_md_spec_t _gcry_digest_spec_tiger2; extern gcry_md_spec_t _gcry_digest_spec_whirlpool; extern md_extra_spec_t _gcry_digest_extraspec_sha1; diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index e5bd704c..ff08d69b 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1061,7 +1061,7 @@ enum gcry_md_algos GCRY_MD_SHA1 = 2, GCRY_MD_RMD160 = 3, GCRY_MD_MD2 = 5, - GCRY_MD_TIGER = 6, /* TIGER/192. */ + GCRY_MD_TIGER = 6, /* TIGER/192 as used by gpg <= 1.3.2. */ GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */ GCRY_MD_SHA256 = 8, GCRY_MD_SHA384 = 9, @@ -1071,7 +1071,9 @@ enum gcry_md_algos GCRY_MD_CRC32 = 302, GCRY_MD_CRC32_RFC1510 = 303, GCRY_MD_CRC24_RFC2440 = 304, - GCRY_MD_WHIRLPOOL = 305 + GCRY_MD_WHIRLPOOL = 305, + GCRY_MD_TIGER1 = 306, /* TIGER fixed. */ + GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */ }; /* Flags used with the open function. */ diff --git a/tests/ChangeLog b/tests/ChangeLog index 09397f99..45f36ac4 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,8 @@ +2010-03-26 Werner Koch <wk@g10code.com> + + * basic.c (check_digests): Add tests for TIGER1 and TIGER2 from + the NESSIE project. + 2010-01-21 Werner Koch <wk@g10code.com> * benchmark.c [_GCRYPT_IN_LIBGCRYPT]: Include libcompat.h. diff --git a/tests/basic.c b/tests/basic.c index 2cd6d9f8..d60297d0 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -1319,6 +1319,7 @@ check_digests (void) #endif { GCRY_MD_CRC24_RFC2440, "", "\xb7\x04\xce" }, { GCRY_MD_CRC24_RFC2440, "foo", "\x4f\xc2\x55" }, + { GCRY_MD_TIGER, "", "\x24\xF0\x13\x0C\x63\xAC\x93\x32\x16\x16\x6E\x76" "\xB1\xBB\x92\x5F\xF3\x73\xDE\x2D\x49\x58\x4E\x7A" }, @@ -1355,6 +1356,73 @@ check_digests (void) "TUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-", "\x00\xB8\x3E\xB4\xE5\x34\x40\xC5\x76\xAC\x6A\xAE" "\xE0\xA7\x48\x58\x25\xFD\x15\xE7\x0A\x59\xFF\xE4" }, + + { GCRY_MD_TIGER1, "", + "\x32\x93\xAC\x63\x0C\x13\xF0\x24\x5F\x92\xBB\xB1" + "\x76\x6E\x16\x16\x7A\x4E\x58\x49\x2D\xDE\x73\xF3" }, + { GCRY_MD_TIGER1, "a", + "\x77\xBE\xFB\xEF\x2E\x7E\xF8\xAB\x2E\xC8\xF9\x3B" + "\xF5\x87\xA7\xFC\x61\x3E\x24\x7F\x5F\x24\x78\x09" }, + { GCRY_MD_TIGER1, "abc", + "\x2A\xAB\x14\x84\xE8\xC1\x58\xF2\xBF\xB8\xC5\xFF" + "\x41\xB5\x7A\x52\x51\x29\x13\x1C\x95\x7B\x5F\x93" }, + { GCRY_MD_TIGER1, "message digest", + "\xD9\x81\xF8\xCB\x78\x20\x1A\x95\x0D\xCF\x30\x48" + "\x75\x1E\x44\x1C\x51\x7F\xCA\x1A\xA5\x5A\x29\xF6" }, + { GCRY_MD_TIGER1, "abcdefghijklmnopqrstuvwxyz", + "\x17\x14\xA4\x72\xEE\xE5\x7D\x30\x04\x04\x12\xBF" + "\xCC\x55\x03\x2A\x0B\x11\x60\x2F\xF3\x7B\xEE\xE9" }, + { GCRY_MD_TIGER1, + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + "\x0F\x7B\xF9\xA1\x9B\x9C\x58\xF2\xB7\x61\x0D\xF7" + "\xE8\x4F\x0A\xC3\xA7\x1C\x63\x1E\x7B\x53\xF7\x8E" }, + { GCRY_MD_TIGER1, + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz" "0123456789", + "\x8D\xCE\xA6\x80\xA1\x75\x83\xEE\x50\x2B\xA3\x8A" + "\x3C\x36\x86\x51\x89\x0F\xFB\xCC\xDC\x49\xA8\xCC" }, + { GCRY_MD_TIGER1, + "1234567890" "1234567890" "1234567890" "1234567890" + "1234567890" "1234567890" "1234567890" "1234567890", + "\x1C\x14\x79\x55\x29\xFD\x9F\x20\x7A\x95\x8F\x84" + "\xC5\x2F\x11\xE8\x87\xFA\x0C\xAB\xDF\xD9\x1B\xFD" }, + { GCRY_MD_TIGER1, "!", + "\x6D\xB0\xE2\x72\x9C\xBE\xAD\x93\xD7\x15\xC6\xA7" + "\xD3\x63\x02\xE9\xB3\xCE\xE0\xD2\xBC\x31\x4B\x41" }, + + { GCRY_MD_TIGER2, "", + "\x44\x41\xBE\x75\xF6\x01\x87\x73\xC2\x06\xC2\x27" + "\x45\x37\x4B\x92\x4A\xA8\x31\x3F\xEF\x91\x9F\x41" }, + { GCRY_MD_TIGER2, "a", + "\x67\xE6\xAE\x8E\x9E\x96\x89\x99\xF7\x0A\x23\xE7" + "\x2A\xEA\xA9\x25\x1C\xBC\x7C\x78\xA7\x91\x66\x36" }, + { GCRY_MD_TIGER2, "abc", + "\xF6\x8D\x7B\xC5\xAF\x4B\x43\xA0\x6E\x04\x8D\x78" + "\x29\x56\x0D\x4A\x94\x15\x65\x8B\xB0\xB1\xF3\xBF" }, + { GCRY_MD_TIGER2, "message digest", + "\xE2\x94\x19\xA1\xB5\xFA\x25\x9D\xE8\x00\x5E\x7D" + "\xE7\x50\x78\xEA\x81\xA5\x42\xEF\x25\x52\x46\x2D" }, + { GCRY_MD_TIGER2, "abcdefghijklmnopqrstuvwxyz", + "\xF5\xB6\xB6\xA7\x8C\x40\x5C\x85\x47\xE9\x1C\xD8" + "\x62\x4C\xB8\xBE\x83\xFC\x80\x4A\x47\x44\x88\xFD" }, + { GCRY_MD_TIGER2, + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + "\xA6\x73\x7F\x39\x97\xE8\xFB\xB6\x3D\x20\xD2\xDF" + "\x88\xF8\x63\x76\xB5\xFE\x2D\x5C\xE3\x66\x46\xA9" }, + { GCRY_MD_TIGER2, + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz" "0123456789", + "\xEA\x9A\xB6\x22\x8C\xEE\x7B\x51\xB7\x75\x44\xFC" + "\xA6\x06\x6C\x8C\xBB\x5B\xBA\xE6\x31\x95\x05\xCD" }, + { GCRY_MD_TIGER2, + "1234567890" "1234567890" "1234567890" "1234567890" + "1234567890" "1234567890" "1234567890" "1234567890", + "\xD8\x52\x78\x11\x53\x29\xEB\xAA\x0E\xEC\x85\xEC" + "\xDC\x53\x96\xFD\xA8\xAA\x3A\x58\x20\x94\x2F\xFF" }, + { GCRY_MD_TIGER2, "!", + "\xE0\x68\x28\x1F\x06\x0F\x55\x16\x28\xCC\x57\x15" + "\xB9\xD0\x22\x67\x96\x91\x4D\x45\xF7\x71\x7C\xF4" }, + { GCRY_MD_WHIRLPOOL, "", "\x19\xFA\x61\xD7\x55\x22\xA4\x66\x9B\x44\xE3\x9C\x1D\x2E\x17\x26" "\xC5\x30\x23\x21\x30\xD4\x07\xF8\x9A\xFE\xE0\x96\x49\x97\xF7\xA7" |