summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS4
-rw-r--r--cipher/ChangeLog14
-rw-r--r--cipher/md.c4
-rw-r--r--cipher/tiger.c101
-rw-r--r--doc/gcrypt.texi14
-rw-r--r--src/cipher.h2
-rw-r--r--src/gcrypt.h.in6
-rw-r--r--tests/ChangeLog5
-rw-r--r--tests/basic.c68
9 files changed, 192 insertions, 26 deletions
diff --git a/NEWS b/NEWS
index 3f48d241..0b1ecbc6 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
Noteworthy changes in version 1.5.x (unreleased)
------------------------------------------------
+ * New variants of the TIGER algorithm.
+
* New cipher algorithm mode for AES-WRAP.
* Fixed minor memory leak in DSA key generation.
@@ -20,6 +22,8 @@ Noteworthy changes in version 1.5.x (unreleased)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GCRY_CIPHER_MODE_AESWRAP NEW.
GCRY_PK_ECDH NEW.
+ GCRY_MD_TIGER1 NEW.
+ GCRY_MD_TIGER2 NEW.
Noteworthy changes in version 1.4.4 (2009-01-22)
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index b6ba4d4e..6e199b0a 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,3 +1,13 @@
+2010-03-26 Werner Koch <wk@g10code.com>
+
+ * tiger.c (asn): Unfetter the old TIGER from an OID.
+ (TIGER_CONTEXT): Add field VARIANT.
+ (tiger_init): Factor code out to ...
+ (do_init): New.
+ (tiger1_init, tiger2_init): New.
+ (_gcry_digest_spec_tiger1, _gcry_digest_spec_tiger2): New.
+ * md.c (digest_table): Add TIGER1 and TIGER2 variants.
+
2009-12-11 Werner Koch <wk@g10code.com>
* sha256.c (Cho, Maj, Sum0, Sum1): Turn macros into inline
@@ -3953,8 +3963,8 @@ Mon Feb 16 10:08:47 1998 Werner Koch (wk@isil.d.shuttle.de)
(digest_algo_to_string): New.
- Copyright 1998,1999,2000,2001,2002,2003,2004,2005,2006
- 2007, 2008, 2009 Free Software Foundation, Inc.
+ Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006
+ 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
diff --git a/cipher/md.c b/cipher/md.c
index 9528f6d3..a353f3c3 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -87,6 +87,10 @@ static struct digest_table_entry
#if USE_TIGER
{ &_gcry_digest_spec_tiger,
&dummy_extra_spec, GCRY_MD_TIGER },
+ { &_gcry_digest_spec_tiger1,
+ &dummy_extra_spec, GCRY_MD_TIGER1 },
+ { &_gcry_digest_spec_tiger2,
+ &dummy_extra_spec, GCRY_MD_TIGER2 },
#endif
#if USE_WHIRLPOOL
{ &_gcry_digest_spec_whirlpool,
diff --git a/cipher/tiger.c b/cipher/tiger.c
index 320cdb19..88fd3483 100644
--- a/cipher/tiger.c
+++ b/cipher/tiger.c
@@ -1,5 +1,5 @@
/* tiger.c - The TIGER hash function
- * Copyright (C) 1998, 2001, 2002, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 2001, 2002, 2003, 2010 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
@@ -18,6 +18,8 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
+/* See http://www.cs.technion.ac.il/~biham/Reports/Tiger/ */
+
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
@@ -26,16 +28,16 @@
#include "g10lib.h"
#include "cipher.h"
+/* We really need a 64 bit type for this code. */
#ifdef HAVE_U64_TYPEDEF
-/* we really need it here, but as this is only experiment we
- * can live without Tiger */
-
-typedef struct {
- u64 a, b, c;
- byte buf[64];
- int count;
- u32 nblocks;
+typedef struct
+{
+ u64 a, b, c;
+ byte buf[64];
+ int count;
+ u32 nblocks;
+ int variant; /* 0 = old code, 1 = fixed code, 2 - TIGER2. */
} TIGER_CONTEXT;
@@ -587,7 +589,7 @@ static u64 sbox4[256] = {
};
static void
-tiger_init( void *context )
+do_init (void *context, int variant)
{
TIGER_CONTEXT *hd = context;
@@ -596,6 +598,25 @@ tiger_init( void *context )
hd->c = 0xf096a5b4c3b2e187LL;
hd->nblocks = 0;
hd->count = 0;
+ hd->variant = variant;
+}
+
+static void
+tiger_init (void *context)
+{
+ do_init (context, 0);
+}
+
+static void
+tiger1_init (void *context)
+{
+ do_init (context, 1);
+}
+
+static void
+tiger2_init (void *context)
+{
+ do_init (context, 2);
}
static void
@@ -762,6 +783,7 @@ tiger_final( void *context )
TIGER_CONTEXT *hd = context;
u32 t, msb, lsb;
byte *p;
+ byte pad = hd->variant == 2? 0x80 : 0x01;
tiger_write(hd, NULL, 0); /* flush */;
@@ -781,13 +803,13 @@ tiger_final( void *context )
if( hd->count < 56 ) /* enough room */
{
- hd->buf[hd->count++] = 0x01; /* pad */
+ hd->buf[hd->count++] = pad;
while( hd->count < 56 )
hd->buf[hd->count++] = 0; /* pad */
}
else /* need one extra block */
{
- hd->buf[hd->count++] = 0x01; /* pad character */
+ hd->buf[hd->count++] = pad; /* pad character */
while( hd->count < 64 )
hd->buf[hd->count++] = 0;
tiger_write(hd, NULL, 0); /* flush */;
@@ -814,10 +836,24 @@ tiger_final( void *context )
*p++ = hd->a >> 24; *p++ = hd->a >> 16; \
*p++ = hd->a >> 8; *p++ = hd->a; } while(0)
#endif
- X(a);
- X(b);
- X(c);
+#define Y(a) do { *p++ = hd->a ; *p++ = hd->a >> 8; \
+ *p++ = hd->a >> 16; *p++ = hd->a >> 24; \
+ *p++ = hd->a >> 32; *p++ = hd->a >> 40; \
+ *p++ = hd->a >> 48; *p++ = hd->a >> 56; } while(0)
+ if (hd->variant == 0)
+ {
+ X(a);
+ X(b);
+ X(c);
+ }
+ else
+ {
+ Y(a);
+ Y(b);
+ Y(c);
+ }
#undef X
+#undef Y
}
static byte *
@@ -828,22 +864,47 @@ tiger_read( void *context )
return hd->buf;
}
-static byte asn[19] = /* Object ID is 1.3.6.1.4.1.11591.12.2 */
+
+
+/* This is the old TIGER variant based on the unfixed reference
+ implementation. IT was used in GnupG up to 1.3.2. We don't provide
+ an OID anymore because that would not be correct. */
+gcry_md_spec_t _gcry_digest_spec_tiger =
+ {
+ "TIGER192", NULL, 0, NULL, 24,
+ tiger_init, tiger_write, tiger_final, tiger_read,
+ sizeof (TIGER_CONTEXT)
+ };
+
+
+
+/* This is the fixed TIGER implemenation. */
+static byte asn1[19] = /* Object ID is 1.3.6.1.4.1.11591.12.2 */
{ 0x30, 0x29, 0x30, 0x0d, 0x06, 0x09, 0x2b, 0x06,
0x01, 0x04, 0x01, 0xda, 0x47, 0x0c, 0x02,
0x05, 0x00, 0x04, 0x18 };
-static gcry_md_oid_spec_t oid_spec_tiger[] =
+static gcry_md_oid_spec_t oid_spec_tiger1[] =
{
/* GNU.digestAlgorithm TIGER */
{ "1.3.6.1.4.1.11591.12.2" },
{ NULL }
};
-gcry_md_spec_t _gcry_digest_spec_tiger =
+gcry_md_spec_t _gcry_digest_spec_tiger1 =
{
- "TIGER192", asn, DIM (asn), oid_spec_tiger, 24,
- tiger_init, tiger_write, tiger_final, tiger_read,
+ "TIGER", asn1, DIM (asn1), oid_spec_tiger1, 24,
+ tiger1_init, tiger_write, tiger_final, tiger_read,
+ sizeof (TIGER_CONTEXT)
+ };
+
+
+
+/* This is TIGER2 which usues a changed padding algorithm. */
+gcry_md_spec_t _gcry_digest_spec_tiger2 =
+ {
+ "TIGER2", NULL, 0, NULL, 24,
+ tiger2_init, tiger_write, tiger_final, tiger_read,
sizeof (TIGER_CONTEXT)
};
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index 5e736244..01c352f2 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -3427,7 +3427,7 @@ are also supported.
@cindex SHA-224, SHA-256, SHA-384, SHA-512
@cindex RIPE-MD-160
@cindex MD2, MD4, MD5
-@cindex TIGER
+@cindex TIGER, TIGER1, TIGER2
@cindex HAVAL
@cindex Whirlpool
@cindex CRC32
@@ -3464,7 +3464,17 @@ This is an reserved identifier for MD-2; there is no implementation yet.
This algorithm has severe weaknesses and should not be used.
@item GCRY_MD_TIGER
-This is the TIGER/192 algorithm which yields a message digest of 24 bytes.
+This is the TIGER/192 algorithm which yields a message digest of 24
+bytes. Actually this is a variant of TIGER with a different output
+print order as used by GnuPG up to version 1.3.2.
+
+@item GCRY_MD_TIGER1
+This is the TIGER variant as used by the NESSIE project. It uses the
+most commonly used output print order.
+
+@item GCRY_MD_TIGER2
+This is another variant of TIGER with a different padding scheme.
+
@item GCRY_MD_HAVAL
This is an reserved value for the HAVAL algorithm with 5 passes and 160
diff --git a/src/cipher.h b/src/cipher.h
index 62ca745a..48baab42 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -114,6 +114,8 @@ extern gcry_md_spec_t _gcry_digest_spec_sha256;
extern gcry_md_spec_t _gcry_digest_spec_sha512;
extern gcry_md_spec_t _gcry_digest_spec_sha384;
extern gcry_md_spec_t _gcry_digest_spec_tiger;
+extern gcry_md_spec_t _gcry_digest_spec_tiger1;
+extern gcry_md_spec_t _gcry_digest_spec_tiger2;
extern gcry_md_spec_t _gcry_digest_spec_whirlpool;
extern md_extra_spec_t _gcry_digest_extraspec_sha1;
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
index e5bd704c..ff08d69b 100644
--- a/src/gcrypt.h.in
+++ b/src/gcrypt.h.in
@@ -1061,7 +1061,7 @@ enum gcry_md_algos
GCRY_MD_SHA1 = 2,
GCRY_MD_RMD160 = 3,
GCRY_MD_MD2 = 5,
- GCRY_MD_TIGER = 6, /* TIGER/192. */
+ GCRY_MD_TIGER = 6, /* TIGER/192 as used by gpg <= 1.3.2. */
GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
GCRY_MD_SHA256 = 8,
GCRY_MD_SHA384 = 9,
@@ -1071,7 +1071,9 @@ enum gcry_md_algos
GCRY_MD_CRC32 = 302,
GCRY_MD_CRC32_RFC1510 = 303,
GCRY_MD_CRC24_RFC2440 = 304,
- GCRY_MD_WHIRLPOOL = 305
+ GCRY_MD_WHIRLPOOL = 305,
+ GCRY_MD_TIGER1 = 306, /* TIGER fixed. */
+ GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */
};
/* Flags used with the open function. */
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 09397f99..45f36ac4 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,8 @@
+2010-03-26 Werner Koch <wk@g10code.com>
+
+ * basic.c (check_digests): Add tests for TIGER1 and TIGER2 from
+ the NESSIE project.
+
2010-01-21 Werner Koch <wk@g10code.com>
* benchmark.c [_GCRYPT_IN_LIBGCRYPT]: Include libcompat.h.
diff --git a/tests/basic.c b/tests/basic.c
index 2cd6d9f8..d60297d0 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -1319,6 +1319,7 @@ check_digests (void)
#endif
{ GCRY_MD_CRC24_RFC2440, "", "\xb7\x04\xce" },
{ GCRY_MD_CRC24_RFC2440, "foo", "\x4f\xc2\x55" },
+
{ GCRY_MD_TIGER, "",
"\x24\xF0\x13\x0C\x63\xAC\x93\x32\x16\x16\x6E\x76"
"\xB1\xBB\x92\x5F\xF3\x73\xDE\x2D\x49\x58\x4E\x7A" },
@@ -1355,6 +1356,73 @@ check_digests (void)
"TUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-",
"\x00\xB8\x3E\xB4\xE5\x34\x40\xC5\x76\xAC\x6A\xAE"
"\xE0\xA7\x48\x58\x25\xFD\x15\xE7\x0A\x59\xFF\xE4" },
+
+ { GCRY_MD_TIGER1, "",
+ "\x32\x93\xAC\x63\x0C\x13\xF0\x24\x5F\x92\xBB\xB1"
+ "\x76\x6E\x16\x16\x7A\x4E\x58\x49\x2D\xDE\x73\xF3" },
+ { GCRY_MD_TIGER1, "a",
+ "\x77\xBE\xFB\xEF\x2E\x7E\xF8\xAB\x2E\xC8\xF9\x3B"
+ "\xF5\x87\xA7\xFC\x61\x3E\x24\x7F\x5F\x24\x78\x09" },
+ { GCRY_MD_TIGER1, "abc",
+ "\x2A\xAB\x14\x84\xE8\xC1\x58\xF2\xBF\xB8\xC5\xFF"
+ "\x41\xB5\x7A\x52\x51\x29\x13\x1C\x95\x7B\x5F\x93" },
+ { GCRY_MD_TIGER1, "message digest",
+ "\xD9\x81\xF8\xCB\x78\x20\x1A\x95\x0D\xCF\x30\x48"
+ "\x75\x1E\x44\x1C\x51\x7F\xCA\x1A\xA5\x5A\x29\xF6" },
+ { GCRY_MD_TIGER1, "abcdefghijklmnopqrstuvwxyz",
+ "\x17\x14\xA4\x72\xEE\xE5\x7D\x30\x04\x04\x12\xBF"
+ "\xCC\x55\x03\x2A\x0B\x11\x60\x2F\xF3\x7B\xEE\xE9" },
+ { GCRY_MD_TIGER1,
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ "\x0F\x7B\xF9\xA1\x9B\x9C\x58\xF2\xB7\x61\x0D\xF7"
+ "\xE8\x4F\x0A\xC3\xA7\x1C\x63\x1E\x7B\x53\xF7\x8E" },
+ { GCRY_MD_TIGER1,
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz" "0123456789",
+ "\x8D\xCE\xA6\x80\xA1\x75\x83\xEE\x50\x2B\xA3\x8A"
+ "\x3C\x36\x86\x51\x89\x0F\xFB\xCC\xDC\x49\xA8\xCC" },
+ { GCRY_MD_TIGER1,
+ "1234567890" "1234567890" "1234567890" "1234567890"
+ "1234567890" "1234567890" "1234567890" "1234567890",
+ "\x1C\x14\x79\x55\x29\xFD\x9F\x20\x7A\x95\x8F\x84"
+ "\xC5\x2F\x11\xE8\x87\xFA\x0C\xAB\xDF\xD9\x1B\xFD" },
+ { GCRY_MD_TIGER1, "!",
+ "\x6D\xB0\xE2\x72\x9C\xBE\xAD\x93\xD7\x15\xC6\xA7"
+ "\xD3\x63\x02\xE9\xB3\xCE\xE0\xD2\xBC\x31\x4B\x41" },
+
+ { GCRY_MD_TIGER2, "",
+ "\x44\x41\xBE\x75\xF6\x01\x87\x73\xC2\x06\xC2\x27"
+ "\x45\x37\x4B\x92\x4A\xA8\x31\x3F\xEF\x91\x9F\x41" },
+ { GCRY_MD_TIGER2, "a",
+ "\x67\xE6\xAE\x8E\x9E\x96\x89\x99\xF7\x0A\x23\xE7"
+ "\x2A\xEA\xA9\x25\x1C\xBC\x7C\x78\xA7\x91\x66\x36" },
+ { GCRY_MD_TIGER2, "abc",
+ "\xF6\x8D\x7B\xC5\xAF\x4B\x43\xA0\x6E\x04\x8D\x78"
+ "\x29\x56\x0D\x4A\x94\x15\x65\x8B\xB0\xB1\xF3\xBF" },
+ { GCRY_MD_TIGER2, "message digest",
+ "\xE2\x94\x19\xA1\xB5\xFA\x25\x9D\xE8\x00\x5E\x7D"
+ "\xE7\x50\x78\xEA\x81\xA5\x42\xEF\x25\x52\x46\x2D" },
+ { GCRY_MD_TIGER2, "abcdefghijklmnopqrstuvwxyz",
+ "\xF5\xB6\xB6\xA7\x8C\x40\x5C\x85\x47\xE9\x1C\xD8"
+ "\x62\x4C\xB8\xBE\x83\xFC\x80\x4A\x47\x44\x88\xFD" },
+ { GCRY_MD_TIGER2,
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ "\xA6\x73\x7F\x39\x97\xE8\xFB\xB6\x3D\x20\xD2\xDF"
+ "\x88\xF8\x63\x76\xB5\xFE\x2D\x5C\xE3\x66\x46\xA9" },
+ { GCRY_MD_TIGER2,
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz" "0123456789",
+ "\xEA\x9A\xB6\x22\x8C\xEE\x7B\x51\xB7\x75\x44\xFC"
+ "\xA6\x06\x6C\x8C\xBB\x5B\xBA\xE6\x31\x95\x05\xCD" },
+ { GCRY_MD_TIGER2,
+ "1234567890" "1234567890" "1234567890" "1234567890"
+ "1234567890" "1234567890" "1234567890" "1234567890",
+ "\xD8\x52\x78\x11\x53\x29\xEB\xAA\x0E\xEC\x85\xEC"
+ "\xDC\x53\x96\xFD\xA8\xAA\x3A\x58\x20\x94\x2F\xFF" },
+ { GCRY_MD_TIGER2, "!",
+ "\xE0\x68\x28\x1F\x06\x0F\x55\x16\x28\xCC\x57\x15"
+ "\xB9\xD0\x22\x67\x96\x91\x4D\x45\xF7\x71\x7C\xF4" },
+
{ GCRY_MD_WHIRLPOOL, "",
"\x19\xFA\x61\xD7\x55\x22\xA4\x66\x9B\x44\xE3\x9C\x1D\x2E\x17\x26"
"\xC5\x30\x23\x21\x30\xD4\x07\xF8\x9A\xFE\xE0\x96\x49\x97\xF7\xA7"
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-27 08:51:57 +0000