From aa341655cd08be7b827e1bd3331d1bb6bb9df29c Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 26 Jul 2006 11:10:45 +0000 Subject: Collected changes - see ChangeLogs --- ChangeLog | 5 +++ NEWS | 27 +++++++------- THANKS | 1 + cipher/ChangeLog | 15 ++++++++ cipher/ac.c | 2 +- cipher/blowfish.c | 3 +- cipher/primegen.c | 12 +++--- cipher/random.c | 13 +++++-- cipher/rmd160.c | 2 +- configure.ac | 28 ++++++++++++-- doc/gcrypt.texi | 22 +++++------ mpi/ChangeLog | 12 ++++++ mpi/Makefile.am | 1 + mpi/config.links | 2 +- mpi/mpicoder.c | 108 ++++++++++++++++++++++++++++-------------------------- mpi/mpiutil.c | 2 +- src/gcrypt.h | 2 +- src/global.c | 2 +- src/sexp.c | 2 +- tests/ChangeLog | 6 +++ tests/benchmark.c | 34 +++++++++++------ 21 files changed, 192 insertions(+), 109 deletions(-) diff --git a/ChangeLog b/ChangeLog index 76c534e8..a01bdba0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2006-07-26 Werner Koch + + * configure.ac: New options --enable-noexecstack and + --disable-optimization. + 2006-07-04 Marcus Brinkmann * configure.ac: Call AC_LIBTOO_WIN32_DLL and AC_LIBTOOL_RC. diff --git a/NEWS b/NEWS index 1d30c1cd..e4bbad4f 100644 --- a/NEWS +++ b/NEWS @@ -13,19 +13,20 @@ Noteworthy changes in version 1.3.0 (unreleased) * Support for SHA-224 and HMAC using SHA-384 and SHA-512. * Interface changes relative to the 1.2.0 release: -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -gcry_fast_random_poll NEW -gcry_pk_algo_name CHANGED (minor change in respect to return value) -gcry_cipher_algo_name CHANGED (minor change in respect to return value) -GCRY_MD_SHA224 NEW -GCRY_PK_USAGE_CERT NEW -GCRY_PK_USAGE_AUTH NEW -GCRY_PK_USAGE_UNKN NEW - -FIXME: Please add API changes immediatley so that we don't - forget about them. - -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + gcry_fast_random_poll NEW + gcry_pk_algo_name CHANGED (minor change in respect to return value) + gcry_cipher_algo_name CHANGED (minor change in respect to return value) + GCRY_MD_SHA224 NEW + GCRY_PK_USAGE_CERT NEW + GCRY_PK_USAGE_AUTH NEW + GCRY_PK_USAGE_UNKN NEW + gcry_mpi_scan CHANGED: Argument BUFFER is now void*. + + FIXME: Please add API changes immediatley so that we don't + forget about them. + + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Noteworthy changes in version 1.2.0 (2004-04-15) diff --git a/THANKS b/THANKS index d4948e55..5aefc554 100644 --- a/THANKS +++ b/THANKS @@ -127,6 +127,7 @@ Tommi Komulainen Tommi.Komulainen@iki.fi Thomas Mikkelsen tbm@image.dk Ulf Möller 3umoelle@informatik.uni-hamburg.de Umberto Salsi salsi@icosaedro.it +Uoti Urpala Urko Lusa ulusa@euskalnet.net Walter Koch koch@u32.de Werner Koch wk@gnupg.org diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 238f9a37..a6cb45b4 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,18 @@ +2006-07-26 Werner Koch + + * rmd160.c (_gcry_rmd160_mixblock): Add cast to transform call. + + * blowfish.c (selftest): Cast string to usnigned char*. + + * primegen.c (prime_generate_internal): Cast unsigned/char* + mismatch in calling m_out_od_n. + (is_prime): Changed COUNT to unsigned int *. + + * ac.c (_gcry_ac_data_copy): Initialize DATA_MPIS. + + * random.c (gcry_create_nonce): Update the pid after a fork. + Reported by Uoti Urpala. + 2006-07-04 Marcus Brinkmann * sha512.c: Fix typo in copyright notice. diff --git a/cipher/ac.c b/cipher/ac.c index 5ecdc101..3f0be4a7 100644 --- a/cipher/ac.c +++ b/cipher/ac.c @@ -256,7 +256,7 @@ ac_data_mpi_copy (gcry_ac_mpi_t *data_mpis, unsigned int data_mpis_n, gcry_error_t _gcry_ac_data_copy (gcry_ac_data_t *data_cp, gcry_ac_data_t data) { - gcry_ac_mpi_t *data_mpis; + gcry_ac_mpi_t *data_mpis = NULL; gcry_ac_data_t data_new; gcry_error_t err; diff --git a/cipher/blowfish.c b/cipher/blowfish.c index da9d0744..2f76ba95 100644 --- a/cipher/blowfish.c +++ b/cipher/blowfish.c @@ -472,7 +472,8 @@ selftest(void) byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 }; byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 }; - bf_setkey( (void *) &c, "abcdefghijklmnopqrstuvwxyz", 26 ); + bf_setkey( (void *) &c, + (const unsigned char*)"abcdefghijklmnopqrstuvwxyz", 26 ); encrypt_block( (void *) &c, buffer, plain ); if( memcmp( buffer, "\x32\x4E\xD0\xFE\xF4\x13\xA2\x03", 8 ) ) return "Blowfish selftest failed (1)."; diff --git a/cipher/primegen.c b/cipher/primegen.c index 7e805178..924e1fab 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -41,7 +41,7 @@ static gcry_mpi_t gen_prime (unsigned int nbits, int secret, int randomlevel, void *extra_check_arg); static int check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds, gcry_prime_check_func_t cb_func, void *cb_arg ); -static int is_prime( gcry_mpi_t n, int steps, int *count ); +static int is_prime (gcry_mpi_t n, int steps, unsigned int *count); static void m_out_of_n( char *array, int m, int n ); static void (*progress_cb) (void *,const char*,int,int, int ); @@ -313,7 +313,7 @@ prime_generate_internal (int mode, } else { - m_out_of_n (perms, n, m); + m_out_of_n ( (char*)perms, n, m); for (i = j = 0; (i < m) && (j < n); i++) if (perms[i]) { @@ -535,8 +535,8 @@ gen_prime (unsigned int nbits, int secret, int randomlevel, { gcry_mpi_t prime, ptest, pminus1, val_2, val_3, result; int i; - unsigned x, step; - unsigned count1, count2; + unsigned int x, step; + unsigned int count1, count2; int *mods; /* if ( DBG_CIPHER ) */ @@ -646,7 +646,7 @@ check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds, { int i; unsigned int x; - int count=0; + unsigned int count=0; /* Check against small primes. */ for (i=0; (x = small_prime_numbers[i]); i++ ) @@ -691,7 +691,7 @@ check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds, * Return true if n is probably a prime */ static int -is_prime (gcry_mpi_t n, int steps, int *count) +is_prime (gcry_mpi_t n, int steps, unsigned int *count) { gcry_mpi_t x = mpi_alloc( mpi_get_nlimbs( n ) ); gcry_mpi_t y = mpi_alloc( mpi_get_nlimbs( n ) ); diff --git a/cipher/random.c b/cipher/random.c index 039997d4..e38b8773 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -1224,6 +1224,7 @@ gcry_create_nonce (unsigned char *buffer, size_t length) compiler does not optimize the code away in case the getpid function is badly attributed. */ + volatile pid_t apid; unsigned char *p; size_t n; int err; @@ -1241,11 +1242,12 @@ gcry_create_nonce (unsigned char *buffer, size_t length) log_fatal ("failed to acquire the nonce buffer lock: %s\n", strerror (err)); + apid = getpid (); /* The first time intialize our buffer. */ if (!nonce_buffer_initialized) { - pid_t apid = getpid (); time_t atime = time (NULL); + pid_t xpid = apid; my_pid = apid; @@ -1256,8 +1258,8 @@ gcry_create_nonce (unsigned char *buffer, size_t length) a failure of gcry_randomize won't affect us too much. Don't care about the uninitialized remaining bytes. */ p = nonce_buffer; - memcpy (p, &apid, sizeof apid); - p += sizeof apid; + memcpy (p, &xpid, sizeof xpid); + p += sizeof xpid; memcpy (p, &atime, sizeof atime); /* Initialize the never changing private part of 64 bits. */ @@ -1265,11 +1267,14 @@ gcry_create_nonce (unsigned char *buffer, size_t length) nonce_buffer_initialized = 1; } - else if ( my_pid != getpid () ) + else if ( my_pid != apid ) { /* We forked. Need to reseed the buffer - doing this for the private part should be sufficient. */ gcry_randomize (nonce_buffer+20, 8, GCRY_WEAK_RANDOM); + /* Update the pid so that we won't run into here again and + again. */ + my_pid = apid; } /* Create the nonce by hashing the entire buffer, returning the hash diff --git a/cipher/rmd160.c b/cipher/rmd160.c index 8d0c4ae5..1c863c02 100644 --- a/cipher/rmd160.c +++ b/cipher/rmd160.c @@ -447,7 +447,7 @@ _gcry_rmd160_mixblock( RMD160_CONTEXT *hd, char *buffer ) { char *p = buffer; - transform( hd, buffer ); + transform( hd, (unsigned char *)buffer ); #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) X(0); X(1); diff --git a/configure.ac b/configure.ac index 95f62417..9f21c94b 100644 --- a/configure.ac +++ b/configure.ac @@ -400,6 +400,14 @@ AC_ARG_WITH(capabilities, [use_capabilities="$withval"],[use_capabilities=no]) AC_MSG_RESULT($use_capabilities) +# We don't have a test to check whether as(1) knows about the +# non executable stack option. Thus we provide an option to enable it. +AC_MSG_CHECKING([whether non excutable stack support is requested]) +AC_ARG_ENABLE(noexecstack, + AC_HELP_STRING([--enable-noexecstack], + [enable non executable stack support (gcc only)]), + noexecstack_support=$enableval, noexecstack_support=no) +AC_MSG_RESULT($noexecstack_support) AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME", @@ -643,9 +651,15 @@ fi AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes) -# We don't check for GNU make anymore - automake should not have the -# old flaws anymore. -#GNUPG_CHECK_GNUMAKE + +# This is handy for debugging so the compiler doesn't rearrange +# things and eliminate variables. +AC_ARG_ENABLE(optimization, + AC_HELP_STRING([--disable-optimization], + [disable compiler optimization]), + [if test $enableval = no ; then + CFLAGS=`echo $CFLAGS | sed 's/-O[[0-9]]//'` + fi]) AC_ARG_ENABLE(gcc-warnings, AC_HELP_STRING([--enable-gcc-warnings], @@ -665,7 +679,15 @@ if test "$GCC" = yes; then else CFLAGS="$CFLAGS -Wall" fi + + # Non exec stack hack. Fixme: Write a test to check whether as + # can cope with it and use the enable-noexecstack option only to + # disable it in case it is required on some platforms. + if test "$noexecstack_support" = yes; then + NOEXECSTACK_FLAGS="-Wa,--noexecstack" + fi fi +AC_SUBST(NOEXECSTACK_FLAGS) # # Make the version number in src/gcrypt.h the same as the one here. diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 483dc0ed..ba698d87 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -165,8 +165,8 @@ Utilities @end detailmenu -@end menu +@end menu @c ********************************************************** @@ -3963,11 +3963,7 @@ boundary. @node Generation @section Generation -@deftypefun gcry_error_t gcry_prime_generate (gcry_mpi_t *@var{prime}, -unsigned int @var{prime_bits}, unsigned int @var{factor_bits}, -gcry_mpi_t **@var{factors}, gcry_prime_check_func_t @var{cb_func}, -void *@var{cb_arg}, gcry_random_level_t @var{random_level}, -unsigned int @var{flags}) +@deftypefun gcry_error_t gcry_prime_generate (gcry_mpi_t *@var{prime},unsigned int @var{prime_bits}, unsigned int @var{factor_bits}, gcry_mpi_t **@var{factors}, gcry_prime_check_func_t @var{cb_func}, void *@var{cb_arg}, gcry_random_level_t @var{random_level}, unsigned int @var{flags}) Generate a new prime number of @var{prime_bits} bits and store it in @var{prime}. If @var{factor_bits} is non-zero, one of the prime factors @@ -3980,10 +3976,10 @@ might be used to influence the prime number generation process. @deftypefun gcry_prime_group_generator (gcry_mpi_t *@var{r_g}, gcry_mpi_t @var{prime}, gcry_mpi_t *@var{factors}, gcry_mpi_t @var{start_g}) -Find a generator for @var{prime} where the factorization of (@var{prime} -- 1) is in the @code{NULL} terminated array @var{factors}. Return the -generator as a newly allocated MPI in @var{r_g}. If @var{start_g} is -not NULL, use this as the start for the search. +Find a generator for @var{prime} where the factorization of +(@var{prime}-1) is in the @code{NULL} terminated array @var{factors}. +Return the generator as a newly allocated MPI in @var{r_g}. If +@var{start_g} is not NULL, use this as the start for the search. @end deftypefun @deftypefun void gcry_prime_release_factors (gcry_mpi_t *@var{factors}) @@ -3994,8 +3990,7 @@ Convenience function to release the @var{factors} array. @node Checking @section Checking -@deftypefun gcry_error_t gcry_prime_check (gcry_mpi_t @var{p}, -unsigned int @var{flags}) +@deftypefun gcry_error_t gcry_prime_check (gcry_mpi_t @var{p}, unsigned int @var{flags}) Check wether the number @var{p} is prime. Returns zero in case @var{p} is indeed a prime, returns @code{GPG_ERR_NO_PRIME} in case @var{p} is @@ -4003,6 +3998,9 @@ not a prime and a different error code in case something went horribly wrong. @end deftypefun +@c ********************************************************** +@c ******************** Utilities *************************** +@c ********************************************************** @node Utilities @chapter Utilities diff --git a/mpi/ChangeLog b/mpi/ChangeLog index 2439e564..c82cc6c6 100644 --- a/mpi/ChangeLog +++ b/mpi/ChangeLog @@ -1,3 +1,15 @@ +2006-07-26 Werner Koch + + * mpiutil.c (gcry_mpi_randomize): Changed P to unsigned char*. + + * mpicoder.c (gcry_mpi_scan): Changed arg BUFFER to void*. + (mpi_read_from_buffer): Made BUFFER arg const. + (gcry_mpi_scan): Removed now needless cast. Add cast for arg to + mpi_fromstr. + (gcry_mpi_print): Made TMP unsigned. + + * Makefile.am (AM_CCASFLAGS): New. + 2005-10-09 Moritz Schulte * mpi-cmp.c (gcry_mpi_cmp_ui): Rewritten; correctly handle case of diff --git a/mpi/Makefile.am b/mpi/Makefile.am index e1098bb8..a1eb810e 100644 --- a/mpi/Makefile.am +++ b/mpi/Makefile.am @@ -23,6 +23,7 @@ INCLUDES = -I$(top_srcdir)/src ASFLAGS = @MPI_SFLAGS@ +AM_CCASFLAGS = $(NOEXECSTACK_FLAGS) # We don't have .S sources listed, so automake does not autocreate these CCASCOMPILE = $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS) diff --git a/mpi/config.links b/mpi/config.links index a5abb67a..b27157e2 100644 --- a/mpi/config.links +++ b/mpi/config.links @@ -1,4 +1,4 @@ -# config.links - helper for ../configure +# config.links - helper for ../configure -*- mode: sh -*- # Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc. # # This file is part of Libgcrypt. diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c index d501fe4b..038bf899 100644 --- a/mpi/mpicoder.c +++ b/mpi/mpicoder.c @@ -32,50 +32,54 @@ static gcry_mpi_t -mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure) +mpi_read_from_buffer (const unsigned char *buffer, unsigned *ret_nread, + int secure) { - int i, j; - unsigned int nbits, nbytes, nlimbs, nread=0; - mpi_limb_t a; - gcry_mpi_t val = MPI_NULL; - - if( *ret_nread < 2 ) - goto leave; - nbits = buffer[0] << 8 | buffer[1]; - if( nbits > MAX_EXTERN_MPI_BITS ) { - log_error("mpi too large (%u bits)\n", nbits); - goto leave; + int i, j; + unsigned int nbits, nbytes, nlimbs, nread=0; + mpi_limb_t a; + gcry_mpi_t val = MPI_NULL; + + if ( *ret_nread < 2 ) + goto leave; + nbits = buffer[0] << 8 | buffer[1]; + if ( nbits > MAX_EXTERN_MPI_BITS ) + { + log_error ("mpi too large (%u bits)\n", nbits); + goto leave; } - else if( !nbits ) { - log_error("an mpi of size 0 is not allowed\n"); - goto leave; + else if( !nbits ) + { + log_error ("an mpi of size 0 is not allowed\n"); + goto leave; } - buffer += 2; - nread = 2; - - nbytes = (nbits+7) / 8; - nlimbs = (nbytes+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB; - val = secure? mpi_alloc_secure( nlimbs ) - : mpi_alloc( nlimbs ); - i = BYTES_PER_MPI_LIMB - nbytes % BYTES_PER_MPI_LIMB; - i %= BYTES_PER_MPI_LIMB; - j= val->nlimbs = nlimbs; - val->sign = 0; - for( ; j > 0; j-- ) { - a = 0; - for(; i < BYTES_PER_MPI_LIMB; i++ ) { - if( ++nread > *ret_nread ) - log_bug("mpi larger than buffer"); - a <<= 8; - a |= *buffer++; + buffer += 2; + nread = 2; + + nbytes = (nbits+7) / 8; + nlimbs = (nbytes+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB; + val = secure? mpi_alloc_secure (nlimbs) : mpi_alloc( nlimbs ); + i = BYTES_PER_MPI_LIMB - nbytes % BYTES_PER_MPI_LIMB; + i %= BYTES_PER_MPI_LIMB; + j= val->nlimbs = nlimbs; + val->sign = 0; + for ( ; j > 0; j-- ) + { + a = 0; + for (; i < BYTES_PER_MPI_LIMB; i++ ) + { + if ( ++nread > *ret_nread ) + log_bug ("mpi larger than buffer"); + a <<= 8; + a |= *buffer++; } - i = 0; - val->d[j-1] = a; + i = 0; + val->d[j-1] = a; } - - leave: - *ret_nread = nread; - return val; + + leave: + *ret_nread = nread; + return val; } @@ -333,8 +337,9 @@ _gcry_mpi_set_buffer( gcry_mpi_t a, const byte *buffer, unsigned nbytes, int sig bytes actually scanned after a successful operation. */ gcry_error_t gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, - const unsigned char *buffer, size_t buflen, size_t *nscanned ) + const void *buffer_arg, size_t buflen, size_t *nscanned ) { + const unsigned char *buffer = (const unsigned char*)buffer_arg; struct gcry_mpi *a = NULL; unsigned int len; int secure = (buffer && gcry_is_secure (buffer)); @@ -384,7 +389,7 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, return gcry_error (GPG_ERR_NO_ERROR); } else if( format == GCRYMPI_FMT_PGP ) { - a = mpi_read_from_buffer( (char*)buffer, &len, secure); + a = mpi_read_from_buffer (buffer, &len, secure); if( nscanned ) *nscanned = len; if( ret_mpi && a ) { @@ -396,7 +401,7 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, return gcry_error (a ? GPG_ERR_NO_ERROR : GPG_ERR_INV_OBJ); } else if( format == GCRYMPI_FMT_SSH ) { - const byte *s = buffer; + const unsigned char *s = buffer; size_t n; if( len && len < 4 ) @@ -437,7 +442,7 @@ gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, return gcry_error (GPG_ERR_INV_ARG); /* can only handle C strings for now */ a = secure? mpi_alloc_secure (0) : mpi_alloc(0); - if( mpi_fromstr( a, buffer ) ) + if( mpi_fromstr ( a, (const char *)buffer ) ) return gcry_error (GPG_ERR_INV_OBJ); if( ret_mpi ) { mpi_normalize ( a ); @@ -472,7 +477,7 @@ gcry_mpi_print( enum gcry_mpi_format format, len = buflen; *nwritten = 0; if( format == GCRYMPI_FMT_STD ) { - char *tmp; + unsigned char *tmp; int extra = 0; unsigned int n; @@ -486,11 +491,12 @@ gcry_mpi_print( enum gcry_mpi_format format, } if (buffer && n > len) { - gcry_free(tmp); - return gcry_error (GPG_ERR_TOO_SHORT); /* the provided buffer is too short */ + /* The provided buffer is too short. */ + gcry_free (tmp); + return gcry_error (GPG_ERR_TOO_SHORT); } if( buffer ) { - byte *s = buffer; + unsigned char *s = buffer; if( extra ) *s++ = 0; @@ -509,7 +515,7 @@ gcry_mpi_print( enum gcry_mpi_format format, if (buffer && n > len) return gcry_error (GPG_ERR_TOO_SHORT); /* the provided buffer is too short */ if( buffer ) { - char *tmp; + unsigned char *tmp; tmp = _gcry_mpi_get_buffer( a, &n, NULL ); memcpy( buffer, tmp, n ); gcry_free(tmp); @@ -526,8 +532,8 @@ gcry_mpi_print( enum gcry_mpi_format format, if (buffer && n+2 > len) return gcry_error (GPG_ERR_TOO_SHORT); /* the provided buffer is too short */ if( buffer ) { - char *tmp; - byte *s = buffer; + unsigned char *tmp; + unsigned char *s = buffer; s[0] = nbits >> 8; s[1] = nbits; @@ -539,7 +545,7 @@ gcry_mpi_print( enum gcry_mpi_format format, return gcry_error (GPG_ERR_NO_ERROR); } else if( format == GCRYMPI_FMT_SSH ) { - char *tmp; + unsigned char *tmp; int extra = 0; unsigned int n; diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index f50268f3..f6f9a8b2 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -405,7 +405,7 @@ void gcry_mpi_randomize( gcry_mpi_t w, unsigned int nbits, enum gcry_random_level level ) { - char *p; + unsigned char *p; size_t nbytes = (nbits+7)/8; if (level == GCRY_WEAK_RANDOM) diff --git a/src/gcrypt.h b/src/gcrypt.h index 8bd259e2..3d823f77 100644 --- a/src/gcrypt.h +++ b/src/gcrypt.h @@ -538,7 +538,7 @@ int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v); RET_MPI. If NSCANNED is not NULL, it will receive the number of bytes actually scanned after a successful operation. */ gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format, - const unsigned char *buffer, size_t buflen, + const void *buffer, size_t buflen, size_t *nscanned); /* Convert the big integer A into the external representation diff --git a/src/global.c b/src/global.c index 7c52070c..f2faeb86 100644 --- a/src/global.c +++ b/src/global.c @@ -340,7 +340,7 @@ gcry_control (enum gcry_ctl_cmds cmd, ...) case GCRYCTL_USE_RANDOM_DAEMON: /* We need to do make sure that the random pool is really - initialized so that the poll fucntion is not a NOP. */ + initialized so that the poll function is not a NOP. */ _gcry_random_initialize (1); _gcry_use_random_daemon (!! va_arg (arg_ptr, int)); break; diff --git a/src/sexp.c b/src/sexp.c index 1d3a9cfe..80fed530 100644 --- a/src/sexp.c +++ b/src/sexp.c @@ -1,6 +1,6 @@ /* sexp.c - S-Expression handling * Copyright (C) 1999, 2000, 2001, 2002, 2003, - * 2004 Free Software Foundation, Inc. + * 2004, 2006 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * diff --git a/tests/ChangeLog b/tests/ChangeLog index 014fbbea..154bd5e2 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,9 @@ +2006-07-06 Werner Koch + + * benchmark.c (main): New option --use-random-daemon. New command + strongrandom. + (random_bench): New arg VERY_STRONG. + 2006-03-14 Werner Koch * benchmark.c (main): Allow for seed file argument to random bench. diff --git a/tests/benchmark.c b/tests/benchmark.c index a4e24b1a..9469d3e0 100644 --- a/tests/benchmark.c +++ b/tests/benchmark.c @@ -266,22 +266,26 @@ elapsed_time (void) static void -random_bench (void) +random_bench (int very_strong) { char buf[128]; int i; printf ("%-10s", "random"); - start_timer (); - for (i=0; i < 100; i++) - gcry_randomize (buf, sizeof buf, GCRY_STRONG_RANDOM); - stop_timer (); - printf (" %s", elapsed_time ()); + if (!very_strong) + { + start_timer (); + for (i=0; i < 100; i++) + gcry_randomize (buf, sizeof buf, GCRY_STRONG_RANDOM); + stop_timer (); + printf (" %s", elapsed_time ()); + } start_timer (); for (i=0; i < 100; i++) - gcry_randomize (buf, 8, GCRY_STRONG_RANDOM); + gcry_randomize (buf, 8, + very_strong? GCRY_VERY_STRONG_RANDOM:GCRY_STRONG_RANDOM); stop_timer (); printf (" %s", elapsed_time ()); @@ -688,8 +692,14 @@ main( int argc, char **argv ) fprintf (stderr, PGM ": version mismatch\n"); exit (1); } + if (argc && !strcmp (*argv, "--use-random-daemon")) + { + gcry_control (GCRYCTL_USE_RANDOM_DAEMON, 1); + argc--; argv++; + } gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + if ( !argc ) { md_bench (NULL); @@ -698,23 +708,23 @@ main( int argc, char **argv ) putchar ('\n'); mpi_bench (); putchar ('\n'); - random_bench (); + random_bench (0); } else if ( !strcmp (*argv, "--help")) fputs ("usage: benchmark [md|cipher|random|mpi|dsa [algonames]]\n", stdout); - else if ( !strcmp (*argv, "random")) + else if ( !strcmp (*argv, "random") || !strcmp (*argv, "strongrandom")) { if (argc == 1) - random_bench (); + random_bench ((**argv == 's')); else if (argc == 2) { gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, argv[1]); - random_bench (); + random_bench ((**argv == 's')); gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); } else - fputs ("usage: benchmark random [seedfile]\n", stdout); + fputs ("usage: benchmark [strong]random [seedfile]\n", stdout); } else if ( !strcmp (*argv, "md")) { -- cgit v1.2.1