tree checksum vpatch file split hunks

all signers: diana_coman

antecedents: eucrypt_ch12_wrapper_rsa_oaep_c_ada eucrypt_ch13_smg_rng eucrypt_ch14_crc32

press order:

eucrypt_genesisdiana_coman
eucrypt_ch8_bit_keccakdiana_coman
eucrypt_ch6_keccak_permutationsdiana_coman
eucrypt_ch7_keccak_spongediana_coman
eucrypt_ch9_keccak_endiannessdiana_coman
eucrypt_ch10_oaep_tmsrdiana_coman
eucrypt_oaep_fix_checksdiana_coman
eucrypt_ch11_serpentdiana_coman
ch1_mpidiana_coman
eucrypt_mpi_fix_copy_incrdiana_coman
ch2_truerandomdiana_coman
eucrypt_ch3_miller_rabindiana_coman
eucrypt_ch4_rpngdiana_coman
eucrypt_ch5_rsa_keysdiana_coman
eucrypt_ch12_wrapper_rsa_oaep_c_adadiana_coman
eucrypt_keccak_bitrate_fixdiana_coman
eucrypt_check_nreaddiana_coman
eucrypt_ch13_smg_rngdiana_coman
eucrypt_manifestdiana_coman
eucrypt_fix_256diana_coman
eucrypt_ch14_crc32diana_coman
eucrypt_ch15_arbitrary_ediana_coman

patch:

- E1A9FB1198B0F060412BB794B454AC7CC62A29E3730256D8E0D30BBD403B6B68A2F267514294478B33039EDA10AA334E450F159F876F34C192BF58EA4ECA48B0
+ 4983488AC0CC9138C74AF005F6D96D29BF589323D25AE661408AE12F5E49DE0F6AE8CC9530D6559E265351F506F41EC54865E6C878936F256FDBA606BC7561F0
eucrypt/manifest
(19 . 3)(19 . 4)
5 527560 eucrypt_manifest diana_coman Adds this manifest file that should be modified each time a new patch is added to EuCrypt.
6 543780 eucrypt_fix_256 diana_coman Fix the error in smg_oaep.adb that used 255 instead of 256 when calculating/retrieving length stored on 2 octets.
7 545170 eucrypt_ch14_crc32 diana_coman A simple implementation of CRC32 checksum using a lookup table. The CRC32 lib can be compiled on its own or together with the whole EuCrypt.
8 552693 eucrypt_ch15_arbitrary_e diana_coman Changes to allow the user to pick their desired length for the public exponent when generating a new pair of RSA keys.
- DAB95B2F666390284B7BA75171F6836E16847E0B910755599C439F5792E1CDF83CA43C198D03A19491FAF213313D34635C373BFC13A97ED432C1CA4FAAEFDF18
+ 167507120C4C88ACA1148FAEF1AFEF73D8618BD35DA845EABF96A1B7413EAA181D89391CF47D8DDB35D668AC5FEC00BBC10DF326F08A3DA8D6C05F5632EF86A6
eucrypt/smg_rsa/include/smg_rsa.h
(21 . 6)(21 . 16)
13 */
14 static const int KEY_LENGTH_OCTETS = 512;
15
16 /**
17 * This is the length of the public exponent e, given in octets.
18 * TMSR standard e has KEY_LENGTH_OCTETS / 2 octets.
19 * Eulora's communication protocol uses however e with 8 octets length.
20 * New keypairs generated will have e precisely this length.
21 * Change this to your preferred size of e for generating new keys with that size of e.
22 * NB: this impacts key generation ONLY! (i.e. NOT encrypt/decrypt).
23 */
24 static const int E_LENGTH_OCTETS = 256;
25
26 /*
27 * This is the maximum length of a plain-text message (in octets) that can be
28 * oeap+rsa encrypted in a single block. Its value is defined in smg_oaep.ads
(224 . 6)(234 . 8)
30 output!
31 * @param pk the public key that will be used to encrypt input
32 *
33 * NB: ALL MPIs (key, input) should be normalized (i.e. NO leading 0s) as otherwise
34 * underlying MPI operations may take a long time/never return!
35 * Precondition:
36 * output != input
37 * Output and input have to be two distinct MPIs because of the sorry state of
(250 . 6)(262 . 8)
39 your needs though!
40 * NB: it is the caller's responsibility to allocate memory for output!
41 * NB: NO checks are made on input!
42 * NB: ALL MPIs (key, input) should be normalized (i.e. NO leading 0s) as otherwise
43 * underlying MPI operations may take a long time/never return!
44 *
45 * @param output MPI with enough allocated memory to hold result of decryption
46 * @param input MPI containing content to decrypt
- C506F05A540F43FF34059CC5398431AA58B1F4F2294C38A1A793B19D9CCDC9B21C21A06577C95623401EF4154009E77301B640FD323FDEA9E3570C1407368BD6
+ A8521AFBD09107DDCE7EE4683886C44F1A8C2A17B29CB7583F18CB858B8D7833E446EC1AA2C5371246759E99A163DF5676686EBDF202075EF50A34D5CDFABCC7
eucrypt/smg_rsa/rsa.c
(52 . 7)(52 . 7)
51 /* choose random prime e, public exponent, with 3 < e < phi */
52 /* because e is prime, gcd(e, phi) is always 1 so no need to check it */
53 do {
54 gen_random_prime( noctets_pq, sk->e);
55 gen_random_prime( E_LENGTH_OCTETS, sk->e);
56 } while ( (mpi_cmp_ui(sk->e, 3) < 0) || (mpi_cmp(sk->e, phi) > 0));
57
58 /* calculate private exponent d, 1 < d < phi, where e * d = 1 mod phi */
- 89B1C405D92E249341BDC0BDDC5A98D8AE8DD0349E04A165063D938F01DF557A057BE544C51B0EFB6D72D505F1424A1AA3A6D7957E83F229711677240123E2FD
+ 07CDFD546DCAA1B548E7A1DAEE2091450A84F21710BAFBB9E6E794C9A11F7A7B081BDB0C5A1A8841A35699A6CF3F19B6274073690E01B6CED048B4B5AB3AFE3F
eucrypt/smg_rsa/tests/tests.c
(305 . 6)(305 . 104)
63
64 }
65
66 void test_rsa_8e(int nruns) {
67 RSA_secret_key sk;
68 int noctets = KEY_LENGTH_OCTETS;
69 int noctets_pq = noctets / 2;
70 int nlimbs_pq = mpi_nlimb_hint_from_nbytes(noctets_pq);
71
72 sk.n = mpi_alloc(0);
73 sk.e = mpi_alloc(0);
74 sk.d = mpi_alloc(0);
75 sk.p = mpi_alloc(0);
76 sk.q = mpi_alloc(0);
77 sk.u = mpi_alloc(0);
78
79 mpi_fromstr(sk.n, "0x\
80 B51BE851F39159EAC714F3E0376713A84DAD36A82D446D0A257A391870F45FAE13C4CC\
81 F400DDA9F604991134C0934161554EEFEAA3147BF0EADC77B99E2B9B6E4EE942EA9D07\
82 5F015EE2465B491F4130E04E1BBB6CCDC98F6E8789D4F7FCA3E3FF83C6100CAF2B764E\
83 A5AF7CBA9B27C13EE72EA7A8602F34B32E17C2BA56CFBA4223F7D9A03C23336095D34F\
84 BF66E88BF5CE661D66C251DFAD4CB2BA8D1E1669AC927894EA20DABABD2495BC2A4BA3\
85 A25C79ABEC2D57F45F0F889D962C777A663D0AB25D3650DFDC6D77C528803C0C6E12BD\
86 05281B33C603BEA66A0C2ACBEBD1CA53D32C2269294C9B93E742CA563AF39E939C32CE\
87 51D5ED827F9C217EF58CC518B635D0E03BA778BCEBAF9A2CDB493282D751A5977CB907\
88 C8708D1EF1CAE644C1F2525DDE98E29761B1ADF0965F08AA856DF540AEFD67F96B92AE\
89 83636C31A507C59635C6D435C5E7EE333DC2257C07BC0FCE27CF400F6EB7A6B90FFF00\
90 C3C1179615BF5DA6137476926C09D8CCD03257DFCAEF12BE9DC1D3F621D6C97D7F3E6D\
91 534337579B4B65AE212ACC26FC3861E24033E6F12A601D473A65EFC5F25ABD5D6049EA\
92 DD6D76BA60AA218C5EBE13439AAFFF0088C49ACC0E9F7DE56DB03F585E1AC2862EB990\
93 59724FD407C4ACD3DD14A53A6A35F6AFAE03EA53A4E742CC370087692E206A2422FF9D");
94
95 sk.e = mpi_alloc(nlimbs_pq);
96 int i;
97 char echar[109];
98 int ne = 109;
99 for (i=0;i<ne;i++)
100 echar[i] = 0;
101
102 echar[ne-1] = 59;
103 echar[ne-2] = 153;
104 echar[ne-3] = 145;
105 echar[ne-4] = 109;
106 echar[ne-5] = 236;
107 echar[ne-6] = 157;
108 echar[ne-7] = 64;
109 echar[ne-8] = 195;
110 //NB: this test WILL FAIL if only mpi_set_buffer called.
111 mpi_set_buffer(sk.e, echar, ne, 0);
112 mpi_normalize(sk.e);
113
114 mpi_fromstr(sk.d, "0x\
115 7694F5266A995D31DCF3AE40A35AAE4B6F6E2D625EDE8AEF3DF4418C1C5B6D46FBC8AC\
116 1C018B475BB531807C6CB649A3D2A3044B11560B15DFD17E29E2294CBBE4D2E787B048\
117 D7EF19DB02392534DBBE8C0F57DCA17448B5DCDA08A69C3177749BEA150BBC506372DD\
118 D6DBE48869567B31B00FB855AB4700A0458570393F2AA6A5887DAB0E6FD194B970AED2\
119 A6AA1AE13C1B4BA1154F7D2C55699429CD634425460B961C581639E6CC005B6FDEF273\
120 E5A8A34F39E5F7999AEA6E6767A9842203C00763BEDECFB2FCBC4D071AADB81D3DBB32\
121 58872EBA06804183AE66DE1859758BB1752486DC95887DA71BA231E115FFA43AB5F596\
122 21F5DA9BDF780BB35E3DAA06C2BE83FFE160BE6C625D8D33A42491510E22AD545AE0FE\
123 933F2A70FCBF794156EE6FDB4351404706EC528BD865A3F75B66ACE3186620B5713F44\
124 D2D185BC2F8B42B2C9BD8274D11D4E4449D9237398A4D576A0722871B96C2675E32EAD\
125 C8E2DB958FB016D9DBDE9653FC7A346689D348F1161C3E183C19DDD92A313E2191435E\
126 449E819FC3B04CA8B7874B3283AE52FEE822525BAAA14F7E28DF2B1EA9383FBEFA7A4B\
127 AB22BC178CDCF5064E09D8EAAAC4EEF50550E8CB5D3F3079D80FECC4A7B2587BFA6B68\
128 0798D6A6175BA3ABAC52B2BE583849FC3C47A6B7B9BB6CE18AF23BFC54E8F04AA6AF3");
129 mpi_fromstr(sk.p, "0x\
130 C9AE5920BA2CFC9A765C25D8B75E8A42845F5B13F8B9386698C31D01BDDE572BD181E4\
131 5FD46666BB9D3F5043D2B3F7B4B3D301DA403CED22ADBB60544D2000EBB3FEF3E1674D\
132 B2F2BB81A81573B3556689FD2AF740367EB9C7CFFC08BD95471849C456B9AD93BA9462\
133 A541FBD7618E9BF8F8B8DC76233D22826085E06F8CC22C4DB46DE8A6E666FBF678052E\
134 80B5D116B4CAC4FCA1C3348F45895D823842E6A4E2B605F0F8CCD9A75F59B3B4BBC102\
135 B9B7F948EC28AB60BF4FD5441E4EF48B25D6A50C5AAEB882EE9862E042F54510366730\
136 B8DD56C02FC43CD95F6EF7B92379E6DED28764CDD22899C845F484EF8F777B9A527FC1");
137 mpi_fromstr(sk.q, "0x\
138 E5E324CDCAEA29DE1EFB3E2280B51E4461A692A5844F64E6917677907A7825A8ABBEF1\
139 1E0D8A5D70DF703D4D4014FE0A125E5A409AD7DC9B5F2ECBDF518C8ECE783F217268CF\
140 ED93689AEB5D970B3C898B7ACB8868E2D284A85F1B82926C67F6F6675F78799CC280E4\
141 197AB3800B00ED9B063B9A00F483CDD5158DCE31B575F579E4206D32E483994B58D5EA\
142 7FBE224326672ED00BA1B432796E78B80816D641BE4F81BF8CCA5A2E93A0E9FA4D6133\
143 4E893903E133DA215295FAF00F9BA1F224BC700ABCD6A94FB4C1A006BD5673D304B207\
144 F8EE6752F41C4D2F7DE310266EAF61B0545A26FAC66A46B90015FC2374D4FD01F836DD");
145 mpi_fromstr(sk.u, "0x\
146 746B5BD406C84FDBC8EF4DEC7D79831630B45579D7865695BDB288C0E8DB39749200B0\
147 720F6FAF1CBB3F2EE6C6FF3DA72B4C8505D50732DBEE2E92CD9A13B6919D5173DBA708\
148 B44C36129A3494DCD77B9991F88F528FF11706E0D6EFC67705937F5A11FCBC984F89F2\
149 A4168A8ED2A391FAD06C1E15F838B890126DF650DA803661448F8CEA755F15432A83C8\
150 99CB0AFCB5D922514DF19697416DDC79CA2AC7CB30AEADEC2D68B0F43D178DAB33656E\
151 3CDF08A3D2B903797E74210478526D49AA740F906789740826DDD3CF2E5F032B9E0536\
152 85560848F127A1A844BF00C5819FFEB2016E0DBC86BF375554DC28EC2DC7FD8830AA3D");
153
154 test_rsa_keys(&sk, noctets_pq, stdout);
155
156 mpi_free(sk.n);
157 mpi_free(sk.e);
158 mpi_free(sk.d);
159 mpi_free(sk.p);
160 mpi_free(sk.q);
161 mpi_free(sk.u);
162 }
163
164 void test_rsa_exp() {
165 MPI msg = mpi_alloc(0);
166 MPI expected = mpi_alloc(0);
(737 . 6)(835 . 9)
168 case 14:
169 test_uint64_rng(nruns);
170 break;
171 case 15:
172 test_rsa_8e(nruns);
173 break;
174 default:
175 printf("Current test ids:\n");
176 printf("0 for timing entropy source\n");
(755 . 6)(856 . 7)
178 printf("12 for testing smg_rng ieee 745/1985 float\n");
179 printf("13 for testing smg_rng uint32 \n");
180 printf("14 for testing smg_rng uint64 \n");
181 printf("15 for testing rsa with 8-octets e \n");
182 }
183
184 return 0;