From 8ed4d0b51f46172055622b43b121a58990481da9 Mon Sep 17 00:00:00 2001 From: Aurel Puppi Date: Wed, 14 May 2025 12:39:27 +0200 Subject: [PATCH] Remove trailing whitespace --- debian/README.Debian | 26 +- debian/copyright.in | 2 +- debian/dropbear.postinst | 2 +- fuzz/fuzz-common.c | 18 +- fuzz/fuzz-sshpacketmutator.c | 6 +- fuzz/fuzz-wrapfd.c | 2 +- fuzz/fuzzer-kexcurve25519.c | 2 +- fuzz/fuzzer-kexdh.c | 2 +- fuzz/fuzzer-kexecdh.c | 2 +- fuzz/fuzzer-verify.c | 2 +- libtomcrypt/Doxyfile | 926 +++++++++++------------ libtomcrypt/LICENSE | 2 +- libtomcrypt/changes | 372 ++++----- libtomcrypt/demos/encrypt.c | 28 +- libtomcrypt/demos/test.c | 2 +- libtomcrypt/genlist.sh | 6 +- libtomcrypt/makefile.icc | 22 +- libtomcrypt/notes/base64_tv.txt | 2 +- libtomcrypt/notes/etc/saferp_optimizer.c | 46 +- libtomcrypt/notes/etc/whirlgen.c | 24 +- libtomcrypt/notes/etc/whirltest.c | 2 +- libtomcrypt/notes/tech0001.txt | 14 +- libtomcrypt/notes/tech0002.txt | 22 +- libtomcrypt/notes/tech0003.txt | 8 +- libtomcrypt/notes/tech0004.txt | 42 +- libtomcrypt/notes/tech0005.txt | 4 +- libtomcrypt/notes/tech0006.txt | 26 +- libtomcrypt/parsenames.pl | 12 +- libtomcrypt/src/prngs/sober128tab.c | 6 +- libtomcrypt/testprof/base64_test.c | 2 +- libtomcrypt/testprof/cipher_hash_test.c | 8 +- libtomcrypt/testprof/der_tests.c | 188 ++--- libtomcrypt/testprof/dsa_test.c | 6 +- libtomcrypt/testprof/ecc_test.c | 6 +- libtomcrypt/testprof/katja_test.c | 24 +- libtomcrypt/testprof/mac_test.c | 10 +- libtomcrypt/testprof/makefile.icc | 2 +- libtomcrypt/testprof/modes_test.c | 22 +- libtomcrypt/testprof/pkcs_1_test.c | 6 +- libtomcrypt/testprof/rsa_test.c | 128 ++-- libtomcrypt/testprof/x86_prof.c | 72 +- src/agentfwd.h | 10 +- src/algo.h | 18 +- src/atomicio.c | 2 +- src/auth.h | 16 +- src/bignum.c | 18 +- src/bignum.h | 10 +- src/buffer.c | 10 +- src/buffer.h | 8 +- src/chachapoly.c | 8 +- src/chachapoly.h | 8 +- src/channel.h | 10 +- src/chansession.h | 8 +- src/circbuffer.c | 10 +- src/circbuffer.h | 10 +- src/cli-agentfwd.c | 12 +- src/cli-auth.c | 20 +- src/cli-authinteract.c | 8 +- src/cli-authpasswd.c | 12 +- src/cli-authpubkey.c | 18 +- src/cli-channel.c | 8 +- src/cli-chansession.c | 16 +- src/cli-kex.c | 14 +- src/cli-main.c | 8 +- src/cli-session.c | 20 +- src/cli-tcpfwd.c | 22 +- src/common-algo.c | 36 +- src/common-channel.c | 58 +- src/common-chansession.c | 8 +- src/common-kex.c | 56 +- src/common-session.c | 24 +- src/compat.c | 8 +- src/compat.h | 8 +- src/curve25519.c | 12 +- src/curve25519.h | 8 +- src/dbhelpers.h | 6 +- src/dbmulti.c | 8 +- src/dbrandom.c | 26 +- src/dbrandom.h | 8 +- src/dbutil.c | 20 +- src/dbutil.h | 8 +- src/debug.h | 10 +- src/dh_groups.c | 4 +- src/dropbearconvert.c | 14 +- src/dropbearkey.c | 12 +- src/dss.c | 12 +- src/dss.h | 10 +- src/ecc.c | 6 +- src/ecdsa.c | 82 +- src/ed25519.c | 8 +- src/ed25519.h | 10 +- src/fake-rfc2553.c | 18 +- src/fake-rfc2553.h | 10 +- src/fuzz-wrapfd.h | 2 +- src/fuzz.h | 4 +- src/gcm.c | 8 +- src/gcm.h | 8 +- src/gendss.c | 8 +- src/gendss.h | 8 +- src/gened25519.c | 8 +- src/gened25519.h | 8 +- src/genrsa.c | 12 +- src/genrsa.h | 8 +- src/gensignkey.c | 4 +- src/ifndef_wrapper.sh | 2 +- src/includes.h | 22 +- src/install-sh | 10 +- src/kex-dh.c | 16 +- src/kex-ecdh.c | 4 +- src/kex.h | 8 +- src/keyimport.c | 24 +- src/keyimport.h | 8 +- src/listener.c | 12 +- src/listener.h | 12 +- src/loginrec.c | 2 +- src/ltc_prng.c | 22 +- src/netio.c | 24 +- src/netio.h | 2 +- src/packet.c | 38 +- src/packet.h | 8 +- src/process-packet.c | 12 +- src/pubkeyapi.h | 28 +- src/queue.c | 8 +- src/queue.h | 8 +- src/rsa.c | 18 +- src/rsa.h | 14 +- src/scp.c | 2 +- src/scpmisc.c | 2 +- src/service.h | 8 +- src/session.h | 16 +- src/signkey.c | 22 +- src/signkey.h | 12 +- src/ssh.h | 10 +- src/sshpty.c | 4 +- src/svr-agentfwd.c | 10 +- src/svr-auth.c | 18 +- src/svr-authpam.c | 32 +- src/svr-authpasswd.c | 12 +- src/svr-authpubkeyoptions.c | 26 +- src/svr-chansession.c | 32 +- src/svr-kex.c | 12 +- src/svr-main.c | 18 +- src/svr-runopts.c | 18 +- src/svr-service.c | 10 +- src/svr-session.c | 18 +- src/svr-tcpfwd.c | 8 +- src/svr-x11fwd.c | 10 +- src/sysoptions.h | 6 +- src/tcp-accept.c | 14 +- src/tcpfwd.h | 10 +- src/termcodes.c | 8 +- src/termcodes.h | 8 +- src/x11fwd.h | 8 +- 153 files changed, 1816 insertions(+), 1816 deletions(-) diff --git a/debian/README.Debian b/debian/README.Debian index 8cdac3821..6b89f19ca 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -1,36 +1,36 @@ Dropbear for Debian ------------------- -This package will attempt to listen on port 22. If the OpenSSH -package ("ssh") is installed, the file /etc/default/dropbear +This package will attempt to listen on port 22. If the OpenSSH +package ("ssh") is installed, the file /etc/default/dropbear will be set up so that the server does not start by default. -You can run Dropbear concurrently with OpenSSH 'sshd' by -modifying /etc/default/dropbear so that "NO_START" is set to -"0" and changing the port number that Dropbear runs on. Follow +You can run Dropbear concurrently with OpenSSH 'sshd' by +modifying /etc/default/dropbear so that "NO_START" is set to +"0" and changing the port number that Dropbear runs on. Follow the instructions in the file. -This package suggests you install the "ssh" package. This package -provides the "ssh" client program, as well as the "/usr/bin/scp" -binary you will need to be able to retrieve files from a server +This package suggests you install the "ssh" package. This package +provides the "ssh" client program, as well as the "/usr/bin/scp" +binary you will need to be able to retrieve files from a server running Dropbear via SCP. Replacing OpenSSH "sshd" with Dropbear -------------------------------------- -You will still want to have the "ssh" package installed, as it -provides the "ssh" and "scp" binaries. When you install this -package, it checks for existing OpenSSH host keys and if found, +You will still want to have the "ssh" package installed, as it +provides the "ssh" and "scp" binaries. When you install this +package, it checks for existing OpenSSH host keys and if found, converts them to the Dropbear format. -If this appears to have worked, you should be able to change over +If this appears to have worked, you should be able to change over by following these steps: 1. Stop the OpenSSH server % /etc/init.d/ssh stop 2. Prevent the OpenSSH server from starting in the future % touch /etc/ssh/sshd_not_to_be_run -3. Modify the Dropbear defaults file, set NO_START to 0 and +3. Modify the Dropbear defaults file, set NO_START to 0 and ensure DROPBEAR_PORT is set to 22. % editor /etc/default/dropbear 4. Restart the Dropbear server. diff --git a/debian/copyright.in b/debian/copyright.in index 79526d3fa..44551c1e7 100644 --- a/debian/copyright.in +++ b/debian/copyright.in @@ -7,5 +7,5 @@ It was downloaded from http://matt.ucc.asn.au/dropbear/ Upstream Author: Matt Johnston -Copyright: +Copyright: diff --git a/debian/dropbear.postinst b/debian/dropbear.postinst index 2491e45db..e649da0c3 100644 --- a/debian/dropbear.postinst +++ b/debian/dropbear.postinst @@ -23,7 +23,7 @@ if test ! -e /etc/dropbear/dropbear_dss_host_key; then dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key fi fi -if test ! -s /etc/default/dropbear; then +if test ! -s /etc/default/dropbear; then # check whether OpenSSH seems to be installed. if test -x /usr/sbin/sshd; then cat <len); - } + } } } diff --git a/fuzz/fuzz-wrapfd.c b/fuzz/fuzz-wrapfd.c index d411f9906..431bcbf07 100644 --- a/fuzz/fuzz-wrapfd.c +++ b/fuzz/fuzz-wrapfd.c @@ -192,7 +192,7 @@ int wrapfd_write(int fd, const void* in, size_t count) { return nrand48(rand_state) % (count+1); } -int wrapfd_select(int nfds, fd_set *readfds, fd_set *writefds, +int wrapfd_select(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout) { int i, nset, sel; int ret = 0; diff --git a/fuzz/fuzzer-kexcurve25519.c b/fuzz/fuzzer-kexcurve25519.c index 9651ca6e0..2399d3c93 100644 --- a/fuzz/fuzzer-kexcurve25519.c +++ b/fuzz/fuzzer-kexcurve25519.c @@ -37,7 +37,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { m_malloc_set_epoch(1); if (setjmp(fuzz.jmp) == 0) { - /* Based on recv_msg_kexdh_init()/send_msg_kexdh_reply() + /* Based on recv_msg_kexdh_init()/send_msg_kexdh_reply() with DROPBEAR_KEX_CURVE25519 */ ses.newkeys = keep_newkeys; diff --git a/fuzz/fuzzer-kexdh.c b/fuzz/fuzzer-kexdh.c index 1c44455de..5b961a3a1 100644 --- a/fuzz/fuzzer-kexdh.c +++ b/fuzz/fuzzer-kexdh.c @@ -36,7 +36,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { m_malloc_set_epoch(1); if (setjmp(fuzz.jmp) == 0) { - /* Based on recv_msg_kexdh_init()/send_msg_kexdh_reply() + /* Based on recv_msg_kexdh_init()/send_msg_kexdh_reply() with DROPBEAR_KEX_NORMAL_DH */ ses.newkeys = keep_newkeys; diff --git a/fuzz/fuzzer-kexecdh.c b/fuzz/fuzzer-kexecdh.c index b633c59d4..0a97a205f 100644 --- a/fuzz/fuzzer-kexecdh.c +++ b/fuzz/fuzzer-kexecdh.c @@ -46,7 +46,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { m_malloc_set_epoch(1); if (setjmp(fuzz.jmp) == 0) { - /* Based on recv_msg_kexdh_init()/send_msg_kexdh_reply() + /* Based on recv_msg_kexdh_init()/send_msg_kexdh_reply() with DROPBEAR_KEX_ECDH */ ses.newkeys = keep_newkeys; diff --git a/fuzz/fuzzer-verify.c b/fuzz/fuzzer-verify.c index f2937af31..df68c85cb 100644 --- a/fuzz/fuzzer-verify.c +++ b/fuzz/fuzzer-verify.c @@ -45,7 +45,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } if (buf_verify(fuzz.input, key, sigtype, verifydata) == DROPBEAR_SUCCESS) { /* The fuzzer is capable of generating keys with a signature to match. - We don't want false positives if the key is bogus, since a client/server + We don't want false positives if the key is bogus, since a client/server wouldn't be trusting a bogus key anyway */ int boguskey = 0; diff --git a/libtomcrypt/Doxyfile b/libtomcrypt/Doxyfile index f07c339bf..5358bfdfe 100644 --- a/libtomcrypt/Doxyfile +++ b/libtomcrypt/Doxyfile @@ -14,191 +14,191 @@ # Project related configuration options #--------------------------------------------------------------------------- -# The PROJECT_NAME tag is a single word (or a sequence of words surrounded +# The PROJECT_NAME tag is a single word (or a sequence of words surrounded # by quotes) that should identify the project. PROJECT_NAME = LibTomCrypt -# The PROJECT_NUMBER tag can be used to enter a project or revision number. -# This could be handy for archiving the generated documentation or +# The PROJECT_NUMBER tag can be used to enter a project or revision number. +# This could be handy for archiving the generated documentation or # if some version control system is used. PROJECT_NUMBER = 1.17 -# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) -# base path where the generated documentation will be put. -# If a relative path is entered, it will be relative to the location +# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) +# base path where the generated documentation will be put. +# If a relative path is entered, it will be relative to the location # where doxygen was started. If left blank the current directory will be used. OUTPUT_DIRECTORY = doc/doxygen -# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create -# 4096 sub-directories (in 2 levels) under the output directory of each output -# format and will distribute the generated files over these directories. -# Enabling this option can be useful when feeding doxygen a huge amount of source -# files, where putting all generated files in the same directory would otherwise +# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create +# 4096 sub-directories (in 2 levels) under the output directory of each output +# format and will distribute the generated files over these directories. +# Enabling this option can be useful when feeding doxygen a huge amount of source +# files, where putting all generated files in the same directory would otherwise # cause performance problems for the file system. CREATE_SUBDIRS = NO -# The OUTPUT_LANGUAGE tag is used to specify the language in which all -# documentation generated by doxygen is written. Doxygen will use this -# information to generate all constant output in the proper language. -# The default language is English, other supported languages are: -# Brazilian, Catalan, Chinese, Chinese-Traditional, Croatian, Czech, Danish, -# Dutch, Finnish, French, German, Greek, Hungarian, Italian, Japanese, -# Japanese-en (Japanese with English messages), Korean, Korean-en, Norwegian, -# Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovene, Spanish, +# The OUTPUT_LANGUAGE tag is used to specify the language in which all +# documentation generated by doxygen is written. Doxygen will use this +# information to generate all constant output in the proper language. +# The default language is English, other supported languages are: +# Brazilian, Catalan, Chinese, Chinese-Traditional, Croatian, Czech, Danish, +# Dutch, Finnish, French, German, Greek, Hungarian, Italian, Japanese, +# Japanese-en (Japanese with English messages), Korean, Korean-en, Norwegian, +# Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovene, Spanish, # Swedish, and Ukrainian. OUTPUT_LANGUAGE = English -# This tag can be used to specify the encoding used in the generated output. -# The encoding is not always determined by the language that is chosen, -# but also whether or not the output is meant for Windows or non-Windows users. -# In case there is a difference, setting the USE_WINDOWS_ENCODING tag to YES -# forces the Windows encoding (this is the default for the Windows binary), -# whereas setting the tag to NO uses a Unix-style encoding (the default for +# This tag can be used to specify the encoding used in the generated output. +# The encoding is not always determined by the language that is chosen, +# but also whether or not the output is meant for Windows or non-Windows users. +# In case there is a difference, setting the USE_WINDOWS_ENCODING tag to YES +# forces the Windows encoding (this is the default for the Windows binary), +# whereas setting the tag to NO uses a Unix-style encoding (the default for # all platforms other than Windows). USE_WINDOWS_ENCODING = NO -# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will -# include brief member descriptions after the members that are listed in -# the file and class documentation (similar to JavaDoc). +# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will +# include brief member descriptions after the members that are listed in +# the file and class documentation (similar to JavaDoc). # Set to NO to disable this. BRIEF_MEMBER_DESC = YES -# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend -# the brief description of a member or function before the detailed description. -# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the +# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend +# the brief description of a member or function before the detailed description. +# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the # brief descriptions will be completely suppressed. REPEAT_BRIEF = YES -# This tag implements a quasi-intelligent brief description abbreviator -# that is used to form the text in various listings. Each string -# in this list, if found as the leading text of the brief description, will be -# stripped from the text and the result after processing the whole list, is used -# as the annotated text. Otherwise, the brief description is used as-is. If left -# blank, the following values are used ("$name" is automatically replaced with the -# name of the entity): "The $name class" "The $name widget" "The $name file" +# This tag implements a quasi-intelligent brief description abbreviator +# that is used to form the text in various listings. Each string +# in this list, if found as the leading text of the brief description, will be +# stripped from the text and the result after processing the whole list, is used +# as the annotated text. Otherwise, the brief description is used as-is. If left +# blank, the following values are used ("$name" is automatically replaced with the +# name of the entity): "The $name class" "The $name widget" "The $name file" # "is" "provides" "specifies" "contains" "represents" "a" "an" "the" -ABBREVIATE_BRIEF = +ABBREVIATE_BRIEF = -# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then -# Doxygen will generate a detailed section even if there is only a brief +# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then +# Doxygen will generate a detailed section even if there is only a brief # description. ALWAYS_DETAILED_SEC = NO -# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all inherited -# members of a class in the documentation of that class as if those members were -# ordinary class members. Constructors, destructors and assignment operators of +# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all inherited +# members of a class in the documentation of that class as if those members were +# ordinary class members. Constructors, destructors and assignment operators of # the base classes will not be shown. INLINE_INHERITED_MEMB = NO -# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full -# path before files name in the file list and in the header files. If set +# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full +# path before files name in the file list and in the header files. If set # to NO the shortest path that makes the file name unique will be used. FULL_PATH_NAMES = YES -# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag -# can be used to strip a user-defined part of the path. Stripping is -# only done if one of the specified strings matches the left-hand part of -# the path. The tag can be used to show relative paths in the file list. -# If left blank the directory from which doxygen is run is used as the +# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag +# can be used to strip a user-defined part of the path. Stripping is +# only done if one of the specified strings matches the left-hand part of +# the path. The tag can be used to show relative paths in the file list. +# If left blank the directory from which doxygen is run is used as the # path to strip. STRIP_FROM_PATH = src -# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of -# the path mentioned in the documentation of a class, which tells -# the reader which header file to include in order to use a class. -# If left blank only the name of the header file containing the class -# definition is used. Otherwise one should specify the include paths that +# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of +# the path mentioned in the documentation of a class, which tells +# the reader which header file to include in order to use a class. +# If left blank only the name of the header file containing the class +# definition is used. Otherwise one should specify the include paths that # are normally passed to the compiler using the -I flag. STRIP_FROM_INC_PATH = src/headers -# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter -# (but less readable) file names. This can be useful is your file systems +# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter +# (but less readable) file names. This can be useful is your file systems # doesn't support long names like on DOS, Mac, or CD-ROM. SHORT_NAMES = NO -# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen -# will interpret the first line (until the first dot) of a JavaDoc-style -# comment as the brief description. If set to NO, the JavaDoc -# comments will behave just like the Qt-style comments (thus requiring an +# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen +# will interpret the first line (until the first dot) of a JavaDoc-style +# comment as the brief description. If set to NO, the JavaDoc +# comments will behave just like the Qt-style comments (thus requiring an # explicit @brief command for a brief description. JAVADOC_AUTOBRIEF = YES -# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen -# treat a multi-line C++ special comment block (i.e. a block of //! or /// -# comments) as a brief description. This used to be the default behaviour. -# The new default is to treat a multi-line C++ comment block as a detailed +# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen +# treat a multi-line C++ special comment block (i.e. a block of //! or /// +# comments) as a brief description. This used to be the default behaviour. +# The new default is to treat a multi-line C++ comment block as a detailed # description. Set this tag to YES if you prefer the old behaviour instead. MULTILINE_CPP_IS_BRIEF = NO -# If the DETAILS_AT_TOP tag is set to YES then Doxygen +# If the DETAILS_AT_TOP tag is set to YES then Doxygen # will output the detailed description near the top, like JavaDoc. -# If set to NO, the detailed description appears after the member +# If set to NO, the detailed description appears after the member # documentation. DETAILS_AT_TOP = YES -# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented -# member inherits the documentation from any documented member that it +# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented +# member inherits the documentation from any documented member that it # re-implements. INHERIT_DOCS = YES -# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC -# tag is set to YES, then doxygen will reuse the documentation of the first -# member in the group (if any) for the other members of the group. By default +# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC +# tag is set to YES, then doxygen will reuse the documentation of the first +# member in the group (if any) for the other members of the group. By default # all members of a group must be documented explicitly. DISTRIBUTE_GROUP_DOC = NO -# The TAB_SIZE tag can be used to set the number of spaces in a tab. +# The TAB_SIZE tag can be used to set the number of spaces in a tab. # Doxygen uses this value to replace tabs by spaces in code fragments. TAB_SIZE = 4 -# This tag can be used to specify a number of aliases that acts -# as commands in the documentation. An alias has the form "name=value". -# For example adding "sideeffect=\par Side Effects:\n" will allow you to -# put the command \sideeffect (or @sideeffect) in the documentation, which -# will result in a user-defined paragraph with heading "Side Effects:". +# This tag can be used to specify a number of aliases that acts +# as commands in the documentation. An alias has the form "name=value". +# For example adding "sideeffect=\par Side Effects:\n" will allow you to +# put the command \sideeffect (or @sideeffect) in the documentation, which +# will result in a user-defined paragraph with heading "Side Effects:". # You can put \n's in the value part of an alias to insert newlines. -ALIASES = +ALIASES = -# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources -# only. Doxygen will then generate output that is more tailored for C. -# For instance, some of the names that are used will be different. The list +# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources +# only. Doxygen will then generate output that is more tailored for C. +# For instance, some of the names that are used will be different. The list # of all members will be omitted, etc. OPTIMIZE_OUTPUT_FOR_C = YES -# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java sources -# only. Doxygen will then generate output that is more tailored for Java. -# For instance, namespaces will be presented as packages, qualified scopes +# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java sources +# only. Doxygen will then generate output that is more tailored for Java. +# For instance, namespaces will be presented as packages, qualified scopes # will look different, etc. OPTIMIZE_OUTPUT_JAVA = NO -# Set the SUBGROUPING tag to YES (the default) to allow class member groups of -# the same type (for instance a group of public functions) to be put as a -# subgroup of that type (e.g. under the Public Functions section). Set it to -# NO to prevent subgrouping. Alternatively, this can be done per class using +# Set the SUBGROUPING tag to YES (the default) to allow class member groups of +# the same type (for instance a group of public functions) to be put as a +# subgroup of that type (e.g. under the Public Functions section). Set it to +# NO to prevent subgrouping. Alternatively, this can be done per class using # the \nosubgrouping command. SUBGROUPING = YES @@ -207,162 +207,162 @@ SUBGROUPING = YES # Build related configuration options #--------------------------------------------------------------------------- -# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in -# documentation are documented, even if no documentation was available. -# Private class members and static file members will be hidden unless +# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in +# documentation are documented, even if no documentation was available. +# Private class members and static file members will be hidden unless # the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES EXTRACT_ALL = YES -# If the EXTRACT_PRIVATE tag is set to YES all private members of a class +# If the EXTRACT_PRIVATE tag is set to YES all private members of a class # will be included in the documentation. EXTRACT_PRIVATE = YES -# If the EXTRACT_STATIC tag is set to YES all static members of a file +# If the EXTRACT_STATIC tag is set to YES all static members of a file # will be included in the documentation. EXTRACT_STATIC = YES -# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) -# defined locally in source files will be included in the documentation. +# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) +# defined locally in source files will be included in the documentation. # If set to NO only classes defined in header files are included. EXTRACT_LOCAL_CLASSES = YES -# This flag is only useful for Objective-C code. When set to YES local -# methods, which are defined in the implementation section but not in -# the interface are included in the documentation. +# This flag is only useful for Objective-C code. When set to YES local +# methods, which are defined in the implementation section but not in +# the interface are included in the documentation. # If set to NO (the default) only methods in the interface are included. EXTRACT_LOCAL_METHODS = YES -# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all -# undocumented members of documented classes, files or namespaces. -# If set to NO (the default) these members will be included in the -# various overviews, but no documentation section is generated. +# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all +# undocumented members of documented classes, files or namespaces. +# If set to NO (the default) these members will be included in the +# various overviews, but no documentation section is generated. # This option has no effect if EXTRACT_ALL is enabled. HIDE_UNDOC_MEMBERS = NO -# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all -# undocumented classes that are normally visible in the class hierarchy. -# If set to NO (the default) these classes will be included in the various +# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all +# undocumented classes that are normally visible in the class hierarchy. +# If set to NO (the default) these classes will be included in the various # overviews. This option has no effect if EXTRACT_ALL is enabled. HIDE_UNDOC_CLASSES = NO -# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all -# friend (class|struct|union) declarations. -# If set to NO (the default) these declarations will be included in the +# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all +# friend (class|struct|union) declarations. +# If set to NO (the default) these declarations will be included in the # documentation. HIDE_FRIEND_COMPOUNDS = NO -# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any -# documentation blocks found inside the body of a function. -# If set to NO (the default) these blocks will be appended to the +# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any +# documentation blocks found inside the body of a function. +# If set to NO (the default) these blocks will be appended to the # function's detailed documentation block. HIDE_IN_BODY_DOCS = NO -# The INTERNAL_DOCS tag determines if documentation -# that is typed after a \internal command is included. If the tag is set -# to NO (the default) then the documentation will be excluded. +# The INTERNAL_DOCS tag determines if documentation +# that is typed after a \internal command is included. If the tag is set +# to NO (the default) then the documentation will be excluded. # Set it to YES to include the internal documentation. INTERNAL_DOCS = NO -# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate -# file names in lower-case letters. If set to YES upper-case letters are also -# allowed. This is useful if you have classes or files whose names only differ -# in case and if your file system supports case sensitive file names. Windows +# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate +# file names in lower-case letters. If set to YES upper-case letters are also +# allowed. This is useful if you have classes or files whose names only differ +# in case and if your file system supports case sensitive file names. Windows # and Mac users are advised to set this option to NO. CASE_SENSE_NAMES = YES -# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen -# will show members with their full class and namespace scopes in the +# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen +# will show members with their full class and namespace scopes in the # documentation. If set to YES the scope will be hidden. HIDE_SCOPE_NAMES = NO -# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen -# will put a list of the files that are included by a file in the documentation +# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen +# will put a list of the files that are included by a file in the documentation # of that file. SHOW_INCLUDE_FILES = YES -# If the INLINE_INFO tag is set to YES (the default) then a tag [inline] +# If the INLINE_INFO tag is set to YES (the default) then a tag [inline] # is inserted in the documentation for inline members. INLINE_INFO = YES -# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen -# will sort the (detailed) documentation of file and class members -# alphabetically by member name. If set to NO the members will appear in +# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen +# will sort the (detailed) documentation of file and class members +# alphabetically by member name. If set to NO the members will appear in # declaration order. SORT_MEMBER_DOCS = YES -# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the -# brief documentation of file, namespace and class members alphabetically -# by member name. If set to NO (the default) the members will appear in +# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the +# brief documentation of file, namespace and class members alphabetically +# by member name. If set to NO (the default) the members will appear in # declaration order. SORT_BRIEF_DOCS = NO -# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be -# sorted by fully-qualified names, including namespaces. If set to -# NO (the default), the class list will be sorted only by class name, -# not including the namespace part. +# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be +# sorted by fully-qualified names, including namespaces. If set to +# NO (the default), the class list will be sorted only by class name, +# not including the namespace part. # Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. -# Note: This option applies only to the class list, not to the +# Note: This option applies only to the class list, not to the # alphabetical list. SORT_BY_SCOPE_NAME = YES -# The GENERATE_TODOLIST tag can be used to enable (YES) or -# disable (NO) the todo list. This list is created by putting \todo +# The GENERATE_TODOLIST tag can be used to enable (YES) or +# disable (NO) the todo list. This list is created by putting \todo # commands in the documentation. GENERATE_TODOLIST = YES -# The GENERATE_TESTLIST tag can be used to enable (YES) or -# disable (NO) the test list. This list is created by putting \test +# The GENERATE_TESTLIST tag can be used to enable (YES) or +# disable (NO) the test list. This list is created by putting \test # commands in the documentation. GENERATE_TESTLIST = YES -# The GENERATE_BUGLIST tag can be used to enable (YES) or -# disable (NO) the bug list. This list is created by putting \bug +# The GENERATE_BUGLIST tag can be used to enable (YES) or +# disable (NO) the bug list. This list is created by putting \bug # commands in the documentation. GENERATE_BUGLIST = YES -# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or -# disable (NO) the deprecated list. This list is created by putting +# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or +# disable (NO) the deprecated list. This list is created by putting # \deprecated commands in the documentation. GENERATE_DEPRECATEDLIST= YES -# The ENABLED_SECTIONS tag can be used to enable conditional +# The ENABLED_SECTIONS tag can be used to enable conditional # documentation sections, marked by \if sectionname ... \endif. -ENABLED_SECTIONS = +ENABLED_SECTIONS = -# The MAX_INITIALIZER_LINES tag determines the maximum number of lines -# the initial value of a variable or define consists of for it to appear in -# the documentation. If the initializer consists of more lines than specified -# here it will be hidden. Use a value of 0 to hide initializers completely. -# The appearance of the initializer of individual variables and defines in the -# documentation can be controlled using \showinitializer or \hideinitializer +# The MAX_INITIALIZER_LINES tag determines the maximum number of lines +# the initial value of a variable or define consists of for it to appear in +# the documentation. If the initializer consists of more lines than specified +# here it will be hidden. Use a value of 0 to hide initializers completely. +# The appearance of the initializer of individual variables and defines in the +# documentation can be controlled using \showinitializer or \hideinitializer # command in the documentation regardless of this setting. MAX_INITIALIZER_LINES = 30 -# Set the SHOW_USED_FILES tag to NO to disable the list of files generated -# at the bottom of the documentation of classes and structs. If set to YES the +# Set the SHOW_USED_FILES tag to NO to disable the list of files generated +# at the bottom of the documentation of classes and structs. If set to YES the # list will mention the files that were used to generate the documentation. SHOW_USED_FILES = YES @@ -371,133 +371,133 @@ SHOW_USED_FILES = YES # configuration options related to warning and progress messages #--------------------------------------------------------------------------- -# The QUIET tag can be used to turn on/off the messages that are generated +# The QUIET tag can be used to turn on/off the messages that are generated # by doxygen. Possible values are YES and NO. If left blank NO is used. QUIET = NO -# The WARNINGS tag can be used to turn on/off the warning messages that are -# generated by doxygen. Possible values are YES and NO. If left blank +# The WARNINGS tag can be used to turn on/off the warning messages that are +# generated by doxygen. Possible values are YES and NO. If left blank # NO is used. WARNINGS = YES -# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings -# for undocumented members. If EXTRACT_ALL is set to YES then this flag will +# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings +# for undocumented members. If EXTRACT_ALL is set to YES then this flag will # automatically be disabled. WARN_IF_UNDOCUMENTED = YES -# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for -# potential errors in the documentation, such as not documenting some -# parameters in a documented function, or documenting parameters that +# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for +# potential errors in the documentation, such as not documenting some +# parameters in a documented function, or documenting parameters that # don't exist or using markup commands wrongly. WARN_IF_DOC_ERROR = YES -# The WARN_FORMAT tag determines the format of the warning messages that -# doxygen can produce. The string should contain the $file, $line, and $text -# tags, which will be replaced by the file and line number from which the +# The WARN_FORMAT tag determines the format of the warning messages that +# doxygen can produce. The string should contain the $file, $line, and $text +# tags, which will be replaced by the file and line number from which the # warning originated and the warning text. WARN_FORMAT = "$file:$line: $text" -# The WARN_LOGFILE tag can be used to specify a file to which warning -# and error messages should be written. If left blank the output is written +# The WARN_LOGFILE tag can be used to specify a file to which warning +# and error messages should be written. If left blank the output is written # to stderr. -WARN_LOGFILE = +WARN_LOGFILE = #--------------------------------------------------------------------------- # configuration options related to the input files #--------------------------------------------------------------------------- -# The INPUT tag can be used to specify the files and/or directories that contain -# documented source files. You may enter file names like "myfile.cpp" or -# directories like "/usr/src/myproject". Separate the files or directories +# The INPUT tag can be used to specify the files and/or directories that contain +# documented source files. You may enter file names like "myfile.cpp" or +# directories like "/usr/src/myproject". Separate the files or directories # with spaces. INPUT = src -# If the value of the INPUT tag contains directories, you can use the -# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp -# and *.h) to filter out the source-files in the directories. If left -# blank the following patterns are tested: -# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx *.hpp +# If the value of the INPUT tag contains directories, you can use the +# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp +# and *.h) to filter out the source-files in the directories. If left +# blank the following patterns are tested: +# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx *.hpp # *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm -FILE_PATTERNS = +FILE_PATTERNS = -# The RECURSIVE tag can be used to turn specify whether or not subdirectories -# should be searched for input files as well. Possible values are YES and NO. +# The RECURSIVE tag can be used to turn specify whether or not subdirectories +# should be searched for input files as well. Possible values are YES and NO. # If left blank NO is used. RECURSIVE = YES -# The EXCLUDE tag can be used to specify files and/or directories that should -# excluded from the INPUT source files. This way you can easily exclude a +# The EXCLUDE tag can be used to specify files and/or directories that should +# excluded from the INPUT source files. This way you can easily exclude a # subdirectory from a directory tree whose root is specified with the INPUT tag. -EXCLUDE = +EXCLUDE = -# The EXCLUDE_SYMLINKS tag can be used select whether or not files or directories +# The EXCLUDE_SYMLINKS tag can be used select whether or not files or directories # that are symbolic links (a Unix filesystem feature) are excluded from the input. EXCLUDE_SYMLINKS = NO -# If the value of the INPUT tag contains directories, you can use the -# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude +# If the value of the INPUT tag contains directories, you can use the +# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude # certain files from those directories. -EXCLUDE_PATTERNS = +EXCLUDE_PATTERNS = -# The EXAMPLE_PATH tag can be used to specify one or more files or -# directories that contain example code fragments that are included (see +# The EXAMPLE_PATH tag can be used to specify one or more files or +# directories that contain example code fragments that are included (see # the \include command). -EXAMPLE_PATH = +EXAMPLE_PATH = -# If the value of the EXAMPLE_PATH tag contains directories, you can use the -# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp -# and *.h) to filter out the source-files in the directories. If left +# If the value of the EXAMPLE_PATH tag contains directories, you can use the +# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp +# and *.h) to filter out the source-files in the directories. If left # blank all files are included. -EXAMPLE_PATTERNS = +EXAMPLE_PATTERNS = -# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be -# searched for input files to be used with the \include or \dontinclude -# commands irrespective of the value of the RECURSIVE tag. +# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be +# searched for input files to be used with the \include or \dontinclude +# commands irrespective of the value of the RECURSIVE tag. # Possible values are YES and NO. If left blank NO is used. EXAMPLE_RECURSIVE = NO -# The IMAGE_PATH tag can be used to specify one or more files or -# directories that contain image that are included in the documentation (see +# The IMAGE_PATH tag can be used to specify one or more files or +# directories that contain image that are included in the documentation (see # the \image command). -IMAGE_PATH = +IMAGE_PATH = -# The INPUT_FILTER tag can be used to specify a program that doxygen should -# invoke to filter for each input file. Doxygen will invoke the filter program -# by executing (via popen()) the command , where -# is the value of the INPUT_FILTER tag, and is the name of an -# input file. Doxygen will then use the output that the filter program writes -# to standard output. If FILTER_PATTERNS is specified, this tag will be +# The INPUT_FILTER tag can be used to specify a program that doxygen should +# invoke to filter for each input file. Doxygen will invoke the filter program +# by executing (via popen()) the command , where +# is the value of the INPUT_FILTER tag, and is the name of an +# input file. Doxygen will then use the output that the filter program writes +# to standard output. If FILTER_PATTERNS is specified, this tag will be # ignored. -INPUT_FILTER = +INPUT_FILTER = -# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern -# basis. Doxygen will compare the file name with each pattern and apply the -# filter if there is a match. The filters are a list of the form: -# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further -# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER +# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern +# basis. Doxygen will compare the file name with each pattern and apply the +# filter if there is a match. The filters are a list of the form: +# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further +# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER # is applied to all files. -FILTER_PATTERNS = +FILTER_PATTERNS = -# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using -# INPUT_FILTER) will be used to filter the input files when producing source +# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using +# INPUT_FILTER) will be used to filter the input files when producing source # files to browse (i.e. when SOURCE_BROWSER is set to YES). FILTER_SOURCE_FILES = NO @@ -506,38 +506,38 @@ FILTER_SOURCE_FILES = NO # configuration options related to source browsing #--------------------------------------------------------------------------- -# If the SOURCE_BROWSER tag is set to YES then a list of source files will -# be generated. Documented entities will be cross-referenced with these sources. -# Note: To get rid of all source code in the generated output, make sure also +# If the SOURCE_BROWSER tag is set to YES then a list of source files will +# be generated. Documented entities will be cross-referenced with these sources. +# Note: To get rid of all source code in the generated output, make sure also # VERBATIM_HEADERS is set to NO. SOURCE_BROWSER = YES -# Setting the INLINE_SOURCES tag to YES will include the body +# Setting the INLINE_SOURCES tag to YES will include the body # of functions and classes directly in the documentation. INLINE_SOURCES = YES -# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct -# doxygen to hide any special comment blocks from generated source code +# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct +# doxygen to hide any special comment blocks from generated source code # fragments. Normal C and C++ comments will always remain visible. STRIP_CODE_COMMENTS = NO -# If the REFERENCED_BY_RELATION tag is set to YES (the default) -# then for each documented function all documented +# If the REFERENCED_BY_RELATION tag is set to YES (the default) +# then for each documented function all documented # functions referencing it will be listed. REFERENCED_BY_RELATION = YES -# If the REFERENCES_RELATION tag is set to YES (the default) -# then for each documented function all documented entities +# If the REFERENCES_RELATION tag is set to YES (the default) +# then for each documented function all documented entities # called/used by that function will be listed. REFERENCES_RELATION = YES -# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen -# will generate a verbatim copy of the header file for each class for +# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen +# will generate a verbatim copy of the header file for each class for # which an include is specified. Set to NO to disable this. VERBATIM_HEADERS = YES @@ -546,133 +546,133 @@ VERBATIM_HEADERS = YES # configuration options related to the alphabetical class index #--------------------------------------------------------------------------- -# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index -# of all compounds will be generated. Enable this if the project +# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index +# of all compounds will be generated. Enable this if the project # contains a lot of classes, structs, unions or interfaces. ALPHABETICAL_INDEX = YES -# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then -# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns +# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then +# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns # in which this list will be split (can be a number in the range [1..20]) COLS_IN_ALPHA_INDEX = 5 -# In case all classes in a project start with a common prefix, all -# classes will be put under the same header in the alphabetical index. -# The IGNORE_PREFIX tag can be used to specify one or more prefixes that +# In case all classes in a project start with a common prefix, all +# classes will be put under the same header in the alphabetical index. +# The IGNORE_PREFIX tag can be used to specify one or more prefixes that # should be ignored while generating the index headers. -IGNORE_PREFIX = +IGNORE_PREFIX = #--------------------------------------------------------------------------- # configuration options related to the HTML output #--------------------------------------------------------------------------- -# If the GENERATE_HTML tag is set to YES (the default) Doxygen will +# If the GENERATE_HTML tag is set to YES (the default) Doxygen will # generate HTML output. GENERATE_HTML = YES -# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be +# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. +# If a relative path is entered the value of OUTPUT_DIRECTORY will be # put in front of it. If left blank `html' will be used as the default path. HTML_OUTPUT = html -# The HTML_FILE_EXTENSION tag can be used to specify the file extension for -# each generated HTML page (for example: .htm,.php,.asp). If it is left blank +# The HTML_FILE_EXTENSION tag can be used to specify the file extension for +# each generated HTML page (for example: .htm,.php,.asp). If it is left blank # doxygen will generate files with .html extension. HTML_FILE_EXTENSION = .html -# The HTML_HEADER tag can be used to specify a personal HTML header for -# each generated HTML page. If it is left blank doxygen will generate a +# The HTML_HEADER tag can be used to specify a personal HTML header for +# each generated HTML page. If it is left blank doxygen will generate a # standard header. HTML_HEADER = doc/header.html -# The HTML_FOOTER tag can be used to specify a personal HTML footer for -# each generated HTML page. If it is left blank doxygen will generate a +# The HTML_FOOTER tag can be used to specify a personal HTML footer for +# each generated HTML page. If it is left blank doxygen will generate a # standard footer. HTML_FOOTER = doc/footer.html -# The HTML_STYLESHEET tag can be used to specify a user-defined cascading -# style sheet that is used by each HTML page. It can be used to -# fine-tune the look of the HTML output. If the tag is left blank doxygen -# will generate a default style sheet. Note that doxygen will try to copy -# the style sheet file to the HTML output directory, so don't put your own +# The HTML_STYLESHEET tag can be used to specify a user-defined cascading +# style sheet that is used by each HTML page. It can be used to +# fine-tune the look of the HTML output. If the tag is left blank doxygen +# will generate a default style sheet. Note that doxygen will try to copy +# the style sheet file to the HTML output directory, so don't put your own # stylesheet in the HTML output directory as well, or it will be erased! -HTML_STYLESHEET = +HTML_STYLESHEET = -# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, -# files or namespaces will be aligned in HTML using tables. If set to +# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, +# files or namespaces will be aligned in HTML using tables. If set to # NO a bullet list will be used. HTML_ALIGN_MEMBERS = YES -# If the GENERATE_HTMLHELP tag is set to YES, additional index files -# will be generated that can be used as input for tools like the -# Microsoft HTML help workshop to generate a compressed HTML help file (.chm) +# If the GENERATE_HTMLHELP tag is set to YES, additional index files +# will be generated that can be used as input for tools like the +# Microsoft HTML help workshop to generate a compressed HTML help file (.chm) # of the generated HTML documentation. GENERATE_HTMLHELP = NO -# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can -# be used to specify the file name of the resulting .chm file. You -# can add a path in front of the file if the result should not be +# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can +# be used to specify the file name of the resulting .chm file. You +# can add a path in front of the file if the result should not be # written to the html output directory. -CHM_FILE = +CHM_FILE = -# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can -# be used to specify the location (absolute path including file name) of -# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run +# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can +# be used to specify the location (absolute path including file name) of +# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run # the HTML help compiler on the generated index.hhp. -HHC_LOCATION = +HHC_LOCATION = -# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag -# controls if a separate .chi index file is generated (YES) or that +# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag +# controls if a separate .chi index file is generated (YES) or that # it should be included in the master .chm file (NO). GENERATE_CHI = NO -# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag -# controls whether a binary table of contents is generated (YES) or a +# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag +# controls whether a binary table of contents is generated (YES) or a # normal table of contents (NO) in the .chm file. BINARY_TOC = NO -# The TOC_EXPAND flag can be set to YES to add extra items for group members +# The TOC_EXPAND flag can be set to YES to add extra items for group members # to the contents of the HTML help documentation and to the tree view. TOC_EXPAND = NO -# The DISABLE_INDEX tag can be used to turn on/off the condensed index at -# top of each HTML page. The value NO (the default) enables the index and +# The DISABLE_INDEX tag can be used to turn on/off the condensed index at +# top of each HTML page. The value NO (the default) enables the index and # the value YES disables it. DISABLE_INDEX = NO -# This tag can be used to set the number of enum values (range [1..20]) +# This tag can be used to set the number of enum values (range [1..20]) # that doxygen will group on one line in the generated HTML documentation. ENUM_VALUES_PER_LINE = 1 # If the GENERATE_TREEVIEW tag is set to YES, a side panel will be -# generated containing a tree-like index structure (just like the one that -# is generated for HTML Help). For this to work a browser that supports -# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+, -# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are +# generated containing a tree-like index structure (just like the one that +# is generated for HTML Help). For this to work a browser that supports +# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+, +# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are # probably better off using the HTML help feature. GENERATE_TREEVIEW = YES -# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be -# used to set the initial width (in pixels) of the frame in which the tree +# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be +# used to set the initial width (in pixels) of the frame in which the tree # is shown. TREEVIEW_WIDTH = 250 @@ -681,74 +681,74 @@ TREEVIEW_WIDTH = 250 # configuration options related to the LaTeX output #--------------------------------------------------------------------------- -# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will +# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will # generate Latex output. GENERATE_LATEX = YES -# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be +# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put. +# If a relative path is entered the value of OUTPUT_DIRECTORY will be # put in front of it. If left blank `latex' will be used as the default path. LATEX_OUTPUT = latex -# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be +# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be # invoked. If left blank `latex' will be used as the default command name. LATEX_CMD_NAME = latex -# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to -# generate index for LaTeX. If left blank `makeindex' will be used as the +# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to +# generate index for LaTeX. If left blank `makeindex' will be used as the # default command name. MAKEINDEX_CMD_NAME = makeindex -# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact -# LaTeX documents. This may be useful for small projects and may help to +# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact +# LaTeX documents. This may be useful for small projects and may help to # save some trees in general. COMPACT_LATEX = NO -# The PAPER_TYPE tag can be used to set the paper type that is used -# by the printer. Possible values are: a4, a4wide, letter, legal and +# The PAPER_TYPE tag can be used to set the paper type that is used +# by the printer. Possible values are: a4, a4wide, letter, legal and # executive. If left blank a4wide will be used. PAPER_TYPE = a4wide -# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX +# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX # packages that should be included in the LaTeX output. -EXTRA_PACKAGES = +EXTRA_PACKAGES = -# The LATEX_HEADER tag can be used to specify a personal LaTeX header for -# the generated latex document. The header should contain everything until -# the first chapter. If it is left blank doxygen will generate a +# The LATEX_HEADER tag can be used to specify a personal LaTeX header for +# the generated latex document. The header should contain everything until +# the first chapter. If it is left blank doxygen will generate a # standard header. Notice: only use this tag if you know what you are doing! -LATEX_HEADER = +LATEX_HEADER = -# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated -# is prepared for conversion to pdf (using ps2pdf). The pdf file will -# contain links (just like the HTML output) instead of page references +# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated +# is prepared for conversion to pdf (using ps2pdf). The pdf file will +# contain links (just like the HTML output) instead of page references # This makes the output suitable for online browsing using a pdf viewer. PDF_HYPERLINKS = YES -# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of -# plain latex in the generated Makefile. Set this option to YES to get a +# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of +# plain latex in the generated Makefile. Set this option to YES to get a # higher quality PDF documentation. USE_PDFLATEX = YES -# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode. -# command to the generated LaTeX files. This will instruct LaTeX to keep -# running if errors occur, instead of asking the user for help. +# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode. +# command to the generated LaTeX files. This will instruct LaTeX to keep +# running if errors occur, instead of asking the user for help. # This option is also used when generating formulas in HTML. LATEX_BATCHMODE = NO -# If LATEX_HIDE_INDICES is set to YES then doxygen will not -# include the index chapters (such as File Index, Compound Index, etc.) +# If LATEX_HIDE_INDICES is set to YES then doxygen will not +# include the index chapters (such as File Index, Compound Index, etc.) # in the output. LATEX_HIDE_INDICES = NO @@ -757,68 +757,68 @@ LATEX_HIDE_INDICES = NO # configuration options related to the RTF output #--------------------------------------------------------------------------- -# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output -# The RTF output is optimized for Word 97 and may not look very pretty with +# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output +# The RTF output is optimized for Word 97 and may not look very pretty with # other RTF readers or editors. GENERATE_RTF = NO -# The RTF_OUTPUT tag is used to specify where the RTF docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be +# The RTF_OUTPUT tag is used to specify where the RTF docs will be put. +# If a relative path is entered the value of OUTPUT_DIRECTORY will be # put in front of it. If left blank `rtf' will be used as the default path. RTF_OUTPUT = rtf -# If the COMPACT_RTF tag is set to YES Doxygen generates more compact -# RTF documents. This may be useful for small projects and may help to +# If the COMPACT_RTF tag is set to YES Doxygen generates more compact +# RTF documents. This may be useful for small projects and may help to # save some trees in general. COMPACT_RTF = NO -# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated -# will contain hyperlink fields. The RTF file will -# contain links (just like the HTML output) instead of page references. -# This makes the output suitable for online browsing using WORD or other -# programs which support those fields. +# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated +# will contain hyperlink fields. The RTF file will +# contain links (just like the HTML output) instead of page references. +# This makes the output suitable for online browsing using WORD or other +# programs which support those fields. # Note: wordpad (write) and others do not support links. RTF_HYPERLINKS = YES -# Load stylesheet definitions from file. Syntax is similar to doxygen's -# config file, i.e. a series of assignments. You only have to provide +# Load stylesheet definitions from file. Syntax is similar to doxygen's +# config file, i.e. a series of assignments. You only have to provide # replacements, missing definitions are set to their default value. -RTF_STYLESHEET_FILE = +RTF_STYLESHEET_FILE = -# Set optional variables used in the generation of an rtf document. +# Set optional variables used in the generation of an rtf document. # Syntax is similar to doxygen's config file. -RTF_EXTENSIONS_FILE = +RTF_EXTENSIONS_FILE = #--------------------------------------------------------------------------- # configuration options related to the man page output #--------------------------------------------------------------------------- -# If the GENERATE_MAN tag is set to YES (the default) Doxygen will +# If the GENERATE_MAN tag is set to YES (the default) Doxygen will # generate man pages GENERATE_MAN = NO -# The MAN_OUTPUT tag is used to specify where the man pages will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be +# The MAN_OUTPUT tag is used to specify where the man pages will be put. +# If a relative path is entered the value of OUTPUT_DIRECTORY will be # put in front of it. If left blank `man' will be used as the default path. MAN_OUTPUT = man -# The MAN_EXTENSION tag determines the extension that is added to +# The MAN_EXTENSION tag determines the extension that is added to # the generated man pages (default is the subroutine's section .3) MAN_EXTENSION = .3 -# If the MAN_LINKS tag is set to YES and Doxygen generates man output, -# then it will generate one additional man file for each entity -# documented in the real man page(s). These additional files -# only source the real man page, but without them the man command +# If the MAN_LINKS tag is set to YES and Doxygen generates man output, +# then it will generate one additional man file for each entity +# documented in the real man page(s). These additional files +# only source the real man page, but without them the man command # would be unable to find the correct page. The default is NO. MAN_LINKS = NO @@ -827,33 +827,33 @@ MAN_LINKS = NO # configuration options related to the XML output #--------------------------------------------------------------------------- -# If the GENERATE_XML tag is set to YES Doxygen will -# generate an XML file that captures the structure of +# If the GENERATE_XML tag is set to YES Doxygen will +# generate an XML file that captures the structure of # the code including all documentation. GENERATE_XML = NO -# The XML_OUTPUT tag is used to specify where the XML pages will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be +# The XML_OUTPUT tag is used to specify where the XML pages will be put. +# If a relative path is entered the value of OUTPUT_DIRECTORY will be # put in front of it. If left blank `xml' will be used as the default path. XML_OUTPUT = xml -# The XML_SCHEMA tag can be used to specify an XML schema, -# which can be used by a validating XML parser to check the +# The XML_SCHEMA tag can be used to specify an XML schema, +# which can be used by a validating XML parser to check the # syntax of the XML files. -XML_SCHEMA = +XML_SCHEMA = -# The XML_DTD tag can be used to specify an XML DTD, -# which can be used by a validating XML parser to check the +# The XML_DTD tag can be used to specify an XML DTD, +# which can be used by a validating XML parser to check the # syntax of the XML files. -XML_DTD = +XML_DTD = -# If the XML_PROGRAMLISTING tag is set to YES Doxygen will -# dump the program listings (including syntax highlighting -# and cross-referencing information) to the XML output. Note that +# If the XML_PROGRAMLISTING tag is set to YES Doxygen will +# dump the program listings (including syntax highlighting +# and cross-referencing information) to the XML output. Note that # enabling this will significantly increase the size of the XML output. XML_PROGRAMLISTING = YES @@ -862,10 +862,10 @@ XML_PROGRAMLISTING = YES # configuration options for the AutoGen Definitions output #--------------------------------------------------------------------------- -# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will -# generate an AutoGen Definitions (see autogen.sf.net) file -# that captures the structure of the code including all -# documentation. Note that this feature is still experimental +# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will +# generate an AutoGen Definitions (see autogen.sf.net) file +# that captures the structure of the code including all +# documentation. Note that this feature is still experimental # and incomplete at the moment. GENERATE_AUTOGEN_DEF = NO @@ -874,282 +874,282 @@ GENERATE_AUTOGEN_DEF = NO # configuration options related to the Perl module output #--------------------------------------------------------------------------- -# If the GENERATE_PERLMOD tag is set to YES Doxygen will -# generate a Perl module file that captures the structure of -# the code including all documentation. Note that this -# feature is still experimental and incomplete at the +# If the GENERATE_PERLMOD tag is set to YES Doxygen will +# generate a Perl module file that captures the structure of +# the code including all documentation. Note that this +# feature is still experimental and incomplete at the # moment. GENERATE_PERLMOD = NO -# If the PERLMOD_LATEX tag is set to YES Doxygen will generate -# the necessary Makefile rules, Perl scripts and LaTeX code to be able +# If the PERLMOD_LATEX tag is set to YES Doxygen will generate +# the necessary Makefile rules, Perl scripts and LaTeX code to be able # to generate PDF and DVI output from the Perl module output. PERLMOD_LATEX = NO -# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be -# nicely formatted so it can be parsed by a human reader. This is useful -# if you want to understand what is going on. On the other hand, if this -# tag is set to NO the size of the Perl module output will be much smaller +# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be +# nicely formatted so it can be parsed by a human reader. This is useful +# if you want to understand what is going on. On the other hand, if this +# tag is set to NO the size of the Perl module output will be much smaller # and Perl will parse it just the same. PERLMOD_PRETTY = YES -# The names of the make variables in the generated doxyrules.make file -# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX. -# This is useful so different doxyrules.make files included by the same +# The names of the make variables in the generated doxyrules.make file +# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX. +# This is useful so different doxyrules.make files included by the same # Makefile don't overwrite each other's variables. -PERLMOD_MAKEVAR_PREFIX = +PERLMOD_MAKEVAR_PREFIX = #--------------------------------------------------------------------------- -# Configuration options related to the preprocessor +# Configuration options related to the preprocessor #--------------------------------------------------------------------------- -# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will -# evaluate all C-preprocessor directives found in the sources and include +# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will +# evaluate all C-preprocessor directives found in the sources and include # files. ENABLE_PREPROCESSING = YES -# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro -# names in the source code. If set to NO (the default) only conditional -# compilation will be performed. Macro expansion can be done in a controlled +# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro +# names in the source code. If set to NO (the default) only conditional +# compilation will be performed. Macro expansion can be done in a controlled # way by setting EXPAND_ONLY_PREDEF to YES. MACRO_EXPANSION = NO -# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES -# then the macro expansion is limited to the macros specified with the +# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES +# then the macro expansion is limited to the macros specified with the # PREDEFINED and EXPAND_AS_PREDEFINED tags. EXPAND_ONLY_PREDEF = NO -# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files +# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files # in the INCLUDE_PATH (see below) will be search if a #include is found. SEARCH_INCLUDES = YES -# The INCLUDE_PATH tag can be used to specify one or more directories that -# contain include files that are not input files but should be processed by +# The INCLUDE_PATH tag can be used to specify one or more directories that +# contain include files that are not input files but should be processed by # the preprocessor. INCLUDE_PATH = src/headers -# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard -# patterns (like *.h and *.hpp) to filter out the header-files in the -# directories. If left blank, the patterns specified with FILE_PATTERNS will +# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard +# patterns (like *.h and *.hpp) to filter out the header-files in the +# directories. If left blank, the patterns specified with FILE_PATTERNS will # be used. -INCLUDE_FILE_PATTERNS = +INCLUDE_FILE_PATTERNS = -# The PREDEFINED tag can be used to specify one or more macro names that -# are defined before the preprocessor is started (similar to the -D option of -# gcc). The argument of the tag is a list of macros of the form: name -# or name=definition (no spaces). If the definition and the = are -# omitted =1 is assumed. To prevent a macro definition from being -# undefined via #undef or recursively expanded use the := operator +# The PREDEFINED tag can be used to specify one or more macro names that +# are defined before the preprocessor is started (similar to the -D option of +# gcc). The argument of the tag is a list of macros of the form: name +# or name=definition (no spaces). If the definition and the = are +# omitted =1 is assumed. To prevent a macro definition from being +# undefined via #undef or recursively expanded use the := operator # instead of the = operator. -PREDEFINED = +PREDEFINED = -# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then -# this tag can be used to specify a list of macro names that should be expanded. -# The macro definition that is found in the sources will be used. +# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then +# this tag can be used to specify a list of macro names that should be expanded. +# The macro definition that is found in the sources will be used. # Use the PREDEFINED tag if you want to use a different macro definition. -EXPAND_AS_DEFINED = +EXPAND_AS_DEFINED = -# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then -# doxygen's preprocessor will remove all function-like macros that are alone -# on a line, have an all uppercase name, and do not end with a semicolon. Such -# function macros are typically used for boiler-plate code, and will confuse the +# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then +# doxygen's preprocessor will remove all function-like macros that are alone +# on a line, have an all uppercase name, and do not end with a semicolon. Such +# function macros are typically used for boiler-plate code, and will confuse the # parser if not removed. SKIP_FUNCTION_MACROS = YES #--------------------------------------------------------------------------- -# Configuration::additions related to external references +# Configuration::additions related to external references #--------------------------------------------------------------------------- -# The TAGFILES option can be used to specify one or more tagfiles. -# Optionally an initial location of the external documentation -# can be added for each tagfile. The format of a tag file without -# this location is as follows: -# TAGFILES = file1 file2 ... -# Adding location for the tag files is done as follows: -# TAGFILES = file1=loc1 "file2 = loc2" ... -# where "loc1" and "loc2" can be relative or absolute paths or -# URLs. If a location is present for each tag, the installdox tool +# The TAGFILES option can be used to specify one or more tagfiles. +# Optionally an initial location of the external documentation +# can be added for each tagfile. The format of a tag file without +# this location is as follows: +# TAGFILES = file1 file2 ... +# Adding location for the tag files is done as follows: +# TAGFILES = file1=loc1 "file2 = loc2" ... +# where "loc1" and "loc2" can be relative or absolute paths or +# URLs. If a location is present for each tag, the installdox tool # does not have to be run to correct the links. # Note that each tag file must have a unique name # (where the name does NOT include the path) -# If a tag file is not located in the directory in which doxygen +# If a tag file is not located in the directory in which doxygen # is run, you must also specify the path to the tagfile here. -TAGFILES = +TAGFILES = -# When a file name is specified after GENERATE_TAGFILE, doxygen will create +# When a file name is specified after GENERATE_TAGFILE, doxygen will create # a tag file that is based on the input files it reads. -GENERATE_TAGFILE = +GENERATE_TAGFILE = -# If the ALLEXTERNALS tag is set to YES all external classes will be listed -# in the class index. If set to NO only the inherited external classes +# If the ALLEXTERNALS tag is set to YES all external classes will be listed +# in the class index. If set to NO only the inherited external classes # will be listed. ALLEXTERNALS = NO -# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed -# in the modules index. If set to NO, only the current project's groups will +# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed +# in the modules index. If set to NO, only the current project's groups will # be listed. EXTERNAL_GROUPS = YES -# The PERL_PATH should be the absolute path and name of the perl script +# The PERL_PATH should be the absolute path and name of the perl script # interpreter (i.e. the result of `which perl'). PERL_PATH = /usr/bin/perl #--------------------------------------------------------------------------- -# Configuration options related to the dot tool +# Configuration options related to the dot tool #--------------------------------------------------------------------------- -# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will -# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base or -# super classes. Setting the tag to NO turns the diagrams off. Note that this -# option is superseded by the HAVE_DOT option below. This is only a fallback. It is +# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will +# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base or +# super classes. Setting the tag to NO turns the diagrams off. Note that this +# option is superseded by the HAVE_DOT option below. This is only a fallback. It is # recommended to install and use dot, since it yields more powerful graphs. CLASS_DIAGRAMS = YES -# If set to YES, the inheritance and collaboration graphs will hide -# inheritance and usage relations if the target is undocumented +# If set to YES, the inheritance and collaboration graphs will hide +# inheritance and usage relations if the target is undocumented # or is not a class. HIDE_UNDOC_RELATIONS = NO -# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is -# available from the path. This tool is part of Graphviz, a graph visualization -# toolkit from AT&T and Lucent Bell Labs. The other options in this section +# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is +# available from the path. This tool is part of Graphviz, a graph visualization +# toolkit from AT&T and Lucent Bell Labs. The other options in this section # have no effect if this option is set to NO (the default) HAVE_DOT = NO -# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for each documented class showing the direct and -# indirect inheritance relations. Setting this tag to YES will force the +# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen +# will generate a graph for each documented class showing the direct and +# indirect inheritance relations. Setting this tag to YES will force the # the CLASS_DIAGRAMS tag to NO. CLASS_GRAPH = YES -# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for each documented class showing the direct and -# indirect implementation dependencies (inheritance, containment, and +# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen +# will generate a graph for each documented class showing the direct and +# indirect implementation dependencies (inheritance, containment, and # class references variables) of the class with other documented classes. COLLABORATION_GRAPH = YES -# If the UML_LOOK tag is set to YES doxygen will generate inheritance and -# collaboration diagrams in a style similar to the OMG's Unified Modeling +# If the UML_LOOK tag is set to YES doxygen will generate inheritance and +# collaboration diagrams in a style similar to the OMG's Unified Modeling # Language. UML_LOOK = NO -# If set to YES, the inheritance and collaboration graphs will show the +# If set to YES, the inheritance and collaboration graphs will show the # relations between templates and their instances. TEMPLATE_RELATIONS = NO -# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT -# tags are set to YES then doxygen will generate a graph for each documented -# file showing the direct and indirect include dependencies of the file with +# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT +# tags are set to YES then doxygen will generate a graph for each documented +# file showing the direct and indirect include dependencies of the file with # other documented files. INCLUDE_GRAPH = YES -# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and -# HAVE_DOT tags are set to YES then doxygen will generate a graph for each -# documented header file showing the documented files that directly or +# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and +# HAVE_DOT tags are set to YES then doxygen will generate a graph for each +# documented header file showing the documented files that directly or # indirectly include this file. INCLUDED_BY_GRAPH = YES -# If the CALL_GRAPH and HAVE_DOT tags are set to YES then doxygen will -# generate a call dependency graph for every global function or class method. -# Note that enabling this option will significantly increase the time of a run. -# So in most cases it will be better to enable call graphs for selected +# If the CALL_GRAPH and HAVE_DOT tags are set to YES then doxygen will +# generate a call dependency graph for every global function or class method. +# Note that enabling this option will significantly increase the time of a run. +# So in most cases it will be better to enable call graphs for selected # functions only using the \callgraph command. CALL_GRAPH = YES -# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen +# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen # will graphical hierarchy of all classes instead of a textual one. GRAPHICAL_HIERARCHY = YES -# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images +# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images # generated by dot. Possible values are png, jpg, or gif # If left blank png will be used. DOT_IMAGE_FORMAT = png -# The tag DOT_PATH can be used to specify the path where the dot tool can be +# The tag DOT_PATH can be used to specify the path where the dot tool can be # found. If left blank, it is assumed the dot tool can be found on the path. -DOT_PATH = +DOT_PATH = -# The DOTFILE_DIRS tag can be used to specify one or more directories that -# contain dot files that are included in the documentation (see the +# The DOTFILE_DIRS tag can be used to specify one or more directories that +# contain dot files that are included in the documentation (see the # \dotfile command). -DOTFILE_DIRS = +DOTFILE_DIRS = -# The MAX_DOT_GRAPH_WIDTH tag can be used to set the maximum allowed width -# (in pixels) of the graphs generated by dot. If a graph becomes larger than -# this value, doxygen will try to truncate the graph, so that it fits within -# the specified constraint. Beware that most browsers cannot cope with very +# The MAX_DOT_GRAPH_WIDTH tag can be used to set the maximum allowed width +# (in pixels) of the graphs generated by dot. If a graph becomes larger than +# this value, doxygen will try to truncate the graph, so that it fits within +# the specified constraint. Beware that most browsers cannot cope with very # large images. MAX_DOT_GRAPH_WIDTH = 1024 -# The MAX_DOT_GRAPH_HEIGHT tag can be used to set the maximum allows height -# (in pixels) of the graphs generated by dot. If a graph becomes larger than -# this value, doxygen will try to truncate the graph, so that it fits within -# the specified constraint. Beware that most browsers cannot cope with very +# The MAX_DOT_GRAPH_HEIGHT tag can be used to set the maximum allows height +# (in pixels) of the graphs generated by dot. If a graph becomes larger than +# this value, doxygen will try to truncate the graph, so that it fits within +# the specified constraint. Beware that most browsers cannot cope with very # large images. MAX_DOT_GRAPH_HEIGHT = 1024 -# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the -# graphs generated by dot. A depth value of 3 means that only nodes reachable -# from the root by following a path via at most 3 edges will be shown. Nodes that -# lay further from the root node will be omitted. Note that setting this option to -# 1 or 2 may greatly reduce the computation time needed for large code bases. Also -# note that a graph may be further truncated if the graph's image dimensions are -# not sufficient to fit the graph (see MAX_DOT_GRAPH_WIDTH and MAX_DOT_GRAPH_HEIGHT). +# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the +# graphs generated by dot. A depth value of 3 means that only nodes reachable +# from the root by following a path via at most 3 edges will be shown. Nodes that +# lay further from the root node will be omitted. Note that setting this option to +# 1 or 2 may greatly reduce the computation time needed for large code bases. Also +# note that a graph may be further truncated if the graph's image dimensions are +# not sufficient to fit the graph (see MAX_DOT_GRAPH_WIDTH and MAX_DOT_GRAPH_HEIGHT). # If 0 is used for the depth value (the default), the graph is not depth-constrained. MAX_DOT_GRAPH_DEPTH = 0 -# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will -# generate a legend page explaining the meaning of the various boxes and +# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will +# generate a legend page explaining the meaning of the various boxes and # arrows in the dot generated graphs. GENERATE_LEGEND = YES -# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will -# remove the intermediate dot files that are used to generate +# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will +# remove the intermediate dot files that are used to generate # the various graphs. DOT_CLEANUP = YES #--------------------------------------------------------------------------- -# Configuration::additions related to the search engine +# Configuration::additions related to the search engine #--------------------------------------------------------------------------- -# The SEARCHENGINE tag specifies whether or not a search engine should be +# The SEARCHENGINE tag specifies whether or not a search engine should be # used. If set to NO the values of all tags below this one will be ignored. SEARCHENGINE = NO diff --git a/libtomcrypt/LICENSE b/libtomcrypt/LICENSE index c4afbc6b5..07f8582bf 100644 --- a/libtomcrypt/LICENSE +++ b/libtomcrypt/LICENSE @@ -24,6 +24,6 @@ Tom St Denis DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - 0. You just DO WHAT THE FUCK YOU WANT TO. + 0. You just DO WHAT THE FUCK YOU WANT TO. [/LICENSE #2] diff --git a/libtomcrypt/changes b/libtomcrypt/changes index dc56d08d8..1475cdb17 100644 --- a/libtomcrypt/changes +++ b/libtomcrypt/changes @@ -76,9 +76,9 @@ v1.18.0 -- Brought back Diffie-Hellman May 12th, 2007 -v1.17 -- Cryptography Research Inc. contributed another small volley of patches, one to fix __WCHAR_DEFINED__ for BSD platforms, +v1.17 -- Cryptography Research Inc. contributed another small volley of patches, one to fix __WCHAR_DEFINED__ for BSD platforms, another to silence MSVC warnings. - -- Added LTC_XCBC_PURE to XCBC mode which lets you use it in three-key mode. + -- Added LTC_XCBC_PURE to XCBC mode which lets you use it in three-key mode. -- [CRI] Added libtomcrypt.dsp for Visual C++ users. -- [CRI] Added more functions for manipulating the ECC fixed point cache (including saving and loading) -- [CRI] Modified ecc_make_key() to always produce keys smaller than base point order, for standards-compliance @@ -94,14 +94,14 @@ December 16th, 2006 v1.16 -- Brian Gladman pointed out that a recent change to GCM broke how the IV was handled. Currently the code complies against his test vectors so the code should be considered frozen now. -- Trevor from Cryptography Research Inc. submitted patches to convert the ECC code to be generic allowing curve parameters to be submitted - at runtime. + at runtime. -- Fixed various doxygen comments -- Added UTF8 support to the ASN1 code -- Fixed STOREXXH macros for x86 platforms (Fix found at Elliptic Inc.) -- Added makefile.unix which is BSD compatible, you have to manually tweak it since well I don't use it normally -- removed a few lingering memcpy's -- Fixed memory free errors in ecc_sign_hash() that can arise if the mp_init_multi() fails - -- Fixed incorrect return value in pkcs_1_pss_decode() which would correctly set res to 0 (indicating an incorrect signature) but + -- Fixed incorrect return value in pkcs_1_pss_decode() which would correctly set res to 0 (indicating an incorrect signature) but would return CRYPT_OK to the caller -- ltc_ecc_mulmod() could leak memory if mp_init(&mu) failed, fixed. Would you believe that ltc_ecc_mulmod_timing() had the same bug? Also fixed. :-) @@ -114,7 +114,7 @@ v1.16 -- Brian Gladman pointed out that a recent change to GCM broke how the IV -- Cryptography Research Inc. contributed a bunch of fixes to silence warnings (with MSVC) w.r.t. assigned data to unsigned char types. -- Martin Marko suggested some fixes to make the RNG build with WinCE. -- Updates to the manual for print (some fixes thanks to Martin Marko) - + November 17th, 2006 v1.15 -- Andreas Lange found that if sha256_init DID fail in fortuna it wouldn't clean up the state correctly. Thanks. @@ -122,7 +122,7 @@ v1.15 -- Andreas Lange found that if sha256_init DID fail in fortuna it wouldn't -- Andreas Lange contributed RMD-256 and RMD-320 code. -- Removed mutex locks from fortuna_import as they create a deadlock and aren't required anyways [Avi Zelmanovich] -- Added LTC_NO_PROTOTYPES to avoid prototyping functions like memset/memcpy. Required for fans of GCC 3.3.x - -- David Eder caught a off by one overrun bug in pmac_done() which can be exploited if your output tag buffer is + -- David Eder caught a off by one overrun bug in pmac_done() which can be exploited if your output tag buffer is smaller than the block size of the cipher, e.g. if you have a 4-byte buffer and you tell pmac_done that you want a 4-byte TAG it will store 4 bytes but return an outlen of 5. -- Added signatures to the ECC and RSA benchmarks @@ -135,7 +135,7 @@ v1.15 -- Andreas Lange found that if sha256_init DID fail in fortuna it wouldn't -- Added XCBC-MAC support [RFC 3566] -- fixed LOAD32H and LOAD64H to stop putting out that darn warning :-) -- Added the Korean SEED block cipher [RFC 4269] - -- Added LTC_VALGRIND define which makes SOBER-128 and RC4 a pure PRNG (and not a stream cipher). Useful if you use + -- Added LTC_VALGRIND define which makes SOBER-128 and RC4 a pure PRNG (and not a stream cipher). Useful if you use Valgrind to debug your code (reported by Andreas Lange) -- Made SOBER-128 more portable by removing the ASCII key in the test function (my bad, sorry). -- Martin Mocko pointed out that if you have no PRNGs defined the lib won't build. Fixed, also fixed for if you have no @@ -146,7 +146,7 @@ v1.15 -- Andreas Lange found that if sha256_init DID fail in fortuna it wouldn't -- Added ctr_test() to test CTR mode against RFC 3686 -- Added crypt_fsa() ... O_o -- Fixed LTC_ECC_TIMING_RESISTANT so it once again builds properly (pt add/dbl are through the plugin now) - -- Added ANSI X9.63 (sec 4.3.6) import/export of public keys (cannot export to compressed formats but will import + -- Added ANSI X9.63 (sec 4.3.6) import/export of public keys (cannot export to compressed formats but will import hybrid compressed) -- Added SECP curves for 112, 128, and 160 bits (only the 'r1' curves) -- Added 3GPP-F9 MAC (thanks to Greg Rose for the test vectors) @@ -154,7 +154,7 @@ v1.15 -- Andreas Lange found that if sha256_init DID fail in fortuna it wouldn't -- Added F9/XCBC/OMAC callbacks to the cipher plugin -- Added RSA PKCS #1 v1.5 signature/encrypt tests to rsa_test.c -- Fix to yarrow_test() to not call yarrow_done() which is invalid in that context (thanks Valgrind) - -- Christophe Devine pointed out that Anubis would fail on various 64-bit UNIX boxes when "x>>24" was used as an index, we needed + -- Christophe Devine pointed out that Anubis would fail on various 64-bit UNIX boxes when "x>>24" was used as an index, we needed to mask it with 0xFF. Thanks. Fixed. August 0x1E, 0x07D6 @@ -173,7 +173,7 @@ v1.14 -- Renamed the chaining mode macros from XXX to LTC_XXX_MODE. Should help -- two fixes to CCM for corner cases [L+noncelen > 15] and fixing the CTR pad to encrypt the CBC-MAC tag -- Franz Glasner pointed out the ARGTYPE=4 is not actually valid. Fixed. -- Fixed bug in f8_start() if your key < saltkey unspecified behaviour occurs. :-( - -- Documented F8 mode. Yeah, because you read the manual. + -- Documented F8 mode. Yeah, because you read the manual. -- Minor updates to the technotes. @@ -190,7 +190,7 @@ v1.13 -- Fixed to fortuna_start() to clean up state if an error occurs. Not rea May 29th, 2006 v1.12 -- Fixed OID encoder/decoder/length to properly handle the first two parts of an OID, matches 2002 X.690 now. - -- [Wesley Shields] Allows both GMP/LTM and TFM to be defined now. + -- [Wesley Shields] Allows both GMP/LTM and TFM to be defined now. -- [Wesley Shields] GMP pluggin is cleaner now and doesn't use deprecated symbols. Yipee -- Added count_lsb_bits to get the number of leading LSB zero bits there are. -- Fixed a bug in the INTEGER encoders for values of -(256**k)/2 @@ -202,7 +202,7 @@ v1.12 -- Fixed OID encoder/decoder/length to properly handle the first two parts ECC point multiplier. It's fast, it's sexy and what's more it's hella fast [did I mention it's fast?] You can tune it somewhat with FP_LUT (default to 8) for look-up width. Read section 8.2 of the manual for more info. - It is disabled by default, you'll have to build LTC with it defined to get it. + It is disabled by default, you'll have to build LTC with it defined to get it. -- Fixed bug in ecc_test.c (from testprof) to include the 521 [not 512] bit curve. :-) April 4th, 2006 @@ -212,10 +212,10 @@ v1.11 -- Removed printf's from lrw_test ... whoops -- Adam Miller reported a bug in the flexi decoder with elements past the end of a sequence. Fixed. -- Bruce Guenter suggested I use --tag=CC for libtool builds where the compiler may think it's C++. (I applied this to LTM and TFM) -- Optimized the ECC for TFM a bit by removing the useless "if" statements (most TFM functions don't return error codes) - Actually shaved a good chunk of time off and made the code smaller. By default with TFM the stock LTC point add/dbl functions + Actually shaved a good chunk of time off and made the code smaller. By default with TFM the stock LTC point add/dbl functions will be totally omitted (ECC-256 make key times on a Prescott for old vs. new are 11.03M vs. 9.59M cycles) -- added missing CVS tags to ltc_ecc_mulmod.c - -- corrected typo in tomcrypt_cfg.h about what the file has been called + -- corrected typo in tomcrypt_cfg.h about what the file has been called -- corrected my address in the user manual. A "bit" out of date. -- added lrw_gen to tv_gen -- added GMP plugin, only tested on a AMD64 and x86_32 Gentoo Linux box so be aware @@ -232,9 +232,9 @@ February 11th, 2006 v1.10 -- Free ecb/cbc/ctr/lrw structures in timing code by calling the "done" function -- fixed bug in lrw_process() which would always use the slow update ... -- vastly sped up gcm_gf_mult() when LTC_FAST is defined. This speeds up LRW and GCM state creation, useful for servers with GCM - -- Removed NLS since there are some attacks against it. + -- Removed NLS since there are some attacks against it. -- fixed memory leak in rsa_import reported by John Kuhns - ++ re-released as the rsa fix was incorrect (bad John bad ... hehehe) and I missed some NULLs in the static descriptor entry for ciphers + ++ re-released as the rsa fix was incorrect (bad John bad ... hehehe) and I missed some NULLs in the static descriptor entry for ciphers January 26th, 2006 v1.09 -- Added missing doxygen comments to some of the ASN.1 routines @@ -274,7 +274,7 @@ v1.07 -- Craig Schlenter pointed out the "encrypt" demo doesn't call ctr_start() -- Made makefile accept a NODOCS flag to disable the requirement of tetex to install LTC for you no tetex people... all 3 of ya :-) -- Cleaned up rsa_export() since "zero" was handled with a SHORT_INTEGER -- Cleaned up the LIBTEST_S definitions in both GNU makefiles. A few minor touchups as well. - -- Made the cipher ecb encrypt/decrypt return an int as well, changed ALL dependent code to check for this. + -- Made the cipher ecb encrypt/decrypt return an int as well, changed ALL dependent code to check for this. -- der_decode_choice() would fail to mark a NULL as "used" when decoding. Fixed -- ecc_decrypt_key() now uses find_hash_oid() to clean up the code ;-) -- Added mp_neg() to the math descriptors. @@ -309,27 +309,27 @@ v1.06 -- Fixed rand_prime() to accept negative inputs as a signal for BBS primes -- Fixed two doxy comment errors in the UTCTIME functions -- rsa_import() can now read OpenSSL format DER public keys as well as the PKCS #1 RSAPublicKey format. Note that rsa_export() **ONLY** writes PKCS #1 formats - -- Changed MIN/MAX to only define if not already present. -- Kirk J from Demonware ... + -- Changed MIN/MAX to only define if not already present. -- Kirk J from Demonware ... -- Ported tv_gen to new framework (and yes, I made ecc vectors BEFORE changing the API and YES they match now :-)) -- ported testing scripts to support pluggable math. yipee! -- Wrote a TFM descriptor ... yipee - -- Cleaned up LTC_FAST in CBC mode a bit + -- Cleaned up LTC_FAST in CBC mode a bit -- Merged in patches from Michael Brown for the sparc/sparc64 targets -- Added find_hash_oid() to search for a hash by its OID -- Cleaned up a few stray CLEAN_STACKs that should have been LTC_CLEAN_STACK - -- Added timing resistant ECC, enable by defining LTC_ECC_TIMING_RESISTANT then use ECC API as normal + -- Added timing resistant ECC, enable by defining LTC_ECC_TIMING_RESISTANT then use ECC API as normal -- Updated the ECC documentation as it was a bit out of date June 27th, 2005 v1.05 - -- Added Technote #6 which covers the current PK compliance. + -- Added Technote #6 which covers the current PK compliance. -- Fixed buffer overflow in OAEP decoder -- Added CHOICE to the list of ASN.1 types -- Added UTCTIME to the list of ASN.1 types -- Added MUTEX locks around descriptor table functions [but not on the functions that are dependent on them] - All functions call *_is_valid() before using a descriptor index which means the respective table must be unlocked before - it can be accessed. However, during the operation [e.g. CCM] if the descriptor has been altered the results will be - undefined. + All functions call *_is_valid() before using a descriptor index which means the respective table must be unlocked before + it can be accessed. However, during the operation [e.g. CCM] if the descriptor has been altered the results will be + undefined. -- Minor updates to the manual to reflect recent changes -- Added a catch to for an error that should never come up in rsa_exptmod(). Just being thorough. @@ -354,27 +354,27 @@ v1.03 -- Added a LTC_FAST specific test to the testing software. -- Updated test driver to actually halt on errors and just print them out (useful for say... automated testing...) -- Added bounds checking to Pelican MAC - -- Added BIT and OCTET STRING to the ASN.1 side of things. - -- Pekka Riikonen pointed out that my ctr_start() function should accept the counter mode. + -- Added BIT and OCTET STRING to the ASN.1 side of things. + -- Pekka Riikonen pointed out that my ctr_start() function should accept the counter mode. -- Cleaned up warnings in testprof -- Removed redundant mu and point mapping in ecc_verify_hash() so it should be a bit faster now -- Pekka pointed out that the AES key structure was using 32 bytes more than it ought to. - -- Added quick defines to remove entire classes of algorithms. This makes it easier if you want to build with just + -- Added quick defines to remove entire classes of algorithms. This makes it easier if you want to build with just one algorithm (say AES or SHA-256). Defines are LTC_NO_CIPHERS, LTC_NO_MODES, LTC_NO_HASHES, LTC_NO_MACS, LTC_NO_PRNGS, LTC_NO_PK, LTC_NO_PKCS -- As part of the move for ECC to X9.62 I've changed the signature algorithm to EC DSA. No API changes. -- Pekka helped me clean up the PKCS #1 v2.1 [OAEP/PSS] code -- Wrote new DER SEQUENCE coder/decoder -- RSA, DSA and ECDSA now use the DER SEQUENCE code (saves a lot of code!) - -- DSA output is now a DER SEQUENCE (so not compatible with previous releases). + -- DSA output is now a DER SEQUENCE (so not compatible with previous releases). -- Added Technote #5 which shows how to build LTC on an AMD64 to have a variety of algorithms in only ~80KB of code. -- Changed temp variable in LOAD/STORE macros to "ulong32" for 32-bit ops. Makes it safer on Big endian platforms - -- Added INSTALL_GROUP and INSTALL_USER which you can specify on the build to override the default USER/GROUP the library + -- Added INSTALL_GROUP and INSTALL_USER which you can specify on the build to override the default USER/GROUP the library is to be installed as - -- Removed "testprof" from the default build. + -- Removed "testprof" from the default build. -- Added IA5, NULL and Object Identifier to the list of ASN.1 DER supported types -- The "no_oops" target (part of zipup) now scans for non-cvs files. This helps prevent temp/scratch files from appearing in releases ;-) - -- Added DERs for missing hashes, but just the OID not the PKCS #1 v1.5 additions. + -- Added DERs for missing hashes, but just the OID not the PKCS #1 v1.5 additions. -- Removed PKCS #1 v1.5 from the tree since it's taking up space and you ought to use v2.1 anyways -- Kevin Kenny pointed out a few stray // comments -- INTEGER code properly supports negatives and zero padding [Pekka!] @@ -401,12 +401,12 @@ v1.02 -- Added LTC_TEST support to gcm_test() -- "pt/ct" can now be NULL in gcm_process() if you are processing zero bytes -- Optimized GCM by removing the "double copy" handling of the plaintext/aad - -- Richard Outerbridge pointed out that x86_prof won't build on MACOS and that the manual + -- Richard Outerbridge pointed out that x86_prof won't build on MACOS and that the manual erroneously refers to "mycrypt" all over the place. Fixed. April 17th, 2005 v1.01 - ** Secure Science Corporation has supported this release cycle by sponsoring the development time taken. Their + ** Secure Science Corporation has supported this release cycle by sponsoring the development time taken. Their continuing support of this project has helped me maintain a steady pace in order to keep LibTomCrypt up to date, stable and more efficient. ----------------------------------------------------------------------------------------------------- @@ -423,7 +423,7 @@ v1.01 -- Added missing ASN.1 header to the RSA keys ... oops... now the rsa_export/import are FULLY compatible with other libs like OpenSSL (comment: Test vectors would go a long way RSA...) -- Manually merged in fix to the prime_random_ex() LTM function that ensures the 2nd MSB is set properly. Now - When you say "I want a 1024/8 byte RSA key" the MSB bit of the modulus is set as expected. Note I generally + When you say "I want a 1024/8 byte RSA key" the MSB bit of the modulus is set as expected. Note I generally don't view this as a "huge issue" but it's just one less nit to worry about. [Bryan Klisch] -- A new CVS has been setup on my Athlon64 box... if you want developer access send me an email (and at this point the email would have to be awesome). -- Updated API for ECB and CBC shell code. Now can process N whole blocks in one call (like $DEITY intended) @@ -432,7 +432,7 @@ v1.01 if you [say] call ctr_encrypt() with a cipher descriptor that has hardware CTR it will automatically be used (e.g. no code rewrites) -- Now ships with 20% more love. - -- x86_prof now uses ECB shell code (hint: accelerators) and outputs cycles per BLOCK not byte. This will make it a bit + -- x86_prof now uses ECB shell code (hint: accelerators) and outputs cycles per BLOCK not byte. This will make it a bit easier to compare hardware vs. software cipher implementations. It also emits timings for CBC and CTR modes -- [Peter LaDow] fixed a typo w.r.t. XREALLOC macro (spelling counts kids!) -- Fixed bug with __x86_64__ where ROL64/ROR64 with LTC_NO_ROLC would be the 32-bit versions instead... @@ -440,7 +440,7 @@ v1.01 -- Added Pelican MAC [it's an AES based fast MAC] to the list of supported MACs -- Added LTC_FAST [and you can disable by defining LTC_NO_FAST] so that CBC and CTR mode XOR whole words [e.g. 32 or 64 bits] at a time instead of one byte. On my AMD64 this reduced the overhead for AES-128-CBC from 4.56 cycles/byte to around 1 cycle/byte. This requires - that you either allow unaligned read/writes [e.g. x86_32/x86_64] or align all your data. It won't go out of it's way to ensure + that you either allow unaligned read/writes [e.g. x86_32/x86_64] or align all your data. It won't go out of it's way to ensure aligned access. Only enabled for x86_* platforms by default since they allow unaligned read/writes. -- Added LTC_FAST support to PMAC (drops the cycle/byte by about 9 cycles on my AMD64) [note: I later rewrote this prior to release] -- Updated "profiled" target to work with the new directory layout @@ -456,11 +456,11 @@ v1.01 -- Added "done" function to ciphers and the five chaining modes [and things like omac/pmac/etc] -- Changed install group to "wheel" from "root". -- Replaced // comments with /**/ so it will build on older UNIX-like platforms - -- x86_prof builds and runs with IntelCC fine now + -- x86_prof builds and runs with IntelCC fine now -- Added "stest" build to intel CC to test static linked from within the dir (so you don't have to install to test) - -- Moved testing/benchmark into testprof directory and build it as part of the build. Now you can link against libtomcrypt_prof.a to get + -- Moved testing/benchmark into testprof directory and build it as part of the build. Now you can link against libtomcrypt_prof.a to get testing info (hint: hardware developers ;-) ) - -- Added CCM to tv_gen + -- Added CCM to tv_gen -- Added demos to MSVC makefile -- Removed -funroll-all-loops from GCC makefile and replaced with -funroll-loops which is a bit more sane (P4 ain't got much cache for the IDATA) -- Fixed GCM prior to release and re-enabled it. It has not been optimized but it does conform when compiled with optimizations. @@ -474,7 +474,7 @@ v1.01 -- Removed "profile" target since it was slower anyways (go figure...) December 31st, 2004 -v1.00 +v1.00 -- Added "r,s == 0" check to dsa_verify_hash() -- Added "multi block" helpers for hash, hmac, pmac and omac routines so you can process multiple non-adjacent blocks of data with one call (added demos/multi.c to make sure they work) @@ -482,7 +482,7 @@ v1.00 -- Also I don't use them in other functions (like pkcs_5_2()) because I didn't have the time. Job for the new LTC maintainer ;-) -- Added tweaked Anubis test vectors and made it default (undefined ANUBIS_TWEAK to get original Anubis) -- Merged in fix for mp_prime_random_ex() to deal with MSB and LSB "bugs" - -- Removed tim_exptmod() completely, updated several RSA functions (notably v15 and the decrypt/verify) so they + -- Removed tim_exptmod() completely, updated several RSA functions (notably v15 and the decrypt/verify) so they don't require a prng now -- This release brought to you by the fine tunes of Macy Gray. We miss you. @@ -509,10 +509,10 @@ v1.00rc1 is not root. Now the makefiles allow this to be changed easily. -- Renamed "struct _*_descriptor" to "struct ltc_*_descriptor" to avoid using a leading _ Also renamed _ARGCHK to LTC_ARGCHK - -- Zed Shaw pointed out that I still defined the prng structs in tomcrypt_prng.h even if they + -- Zed Shaw pointed out that I still defined the prng structs in tomcrypt_prng.h even if they weren't defined. This made undef'ing FORTUNA break the build. -- Added LTC_NO_ASM to disable inline asm macros [ROL/ROR/etc] - -- Changed RSA decrypt functions to change the output length variable name from "keylen" to "outlen" to make + -- Changed RSA decrypt functions to change the output length variable name from "keylen" to "outlen" to make it more consistent. -- Added the 64-bit Khazad block cipher [NESSIE] -- Added the 128-bit Anubis block cipher [with key support for 128...320 bit keys] [NESSIE] @@ -528,29 +528,29 @@ v1.00rc1 These changes require no code changes on the behalf of developers fortunately -- Started a SAFER+ optimizer [does encrypt only] which shaves a good 30 or so cycles/byte on my AMD64 at an expense of huge code. It's in notes/etc/saferp_optimizer.c - -- DSA sign/verify now uses DER encoded output/inputs and no LTC style headers. - -- Matt Johnston found a missing semi-colon in mp_exptmod(). Fix has been merged in. + -- DSA sign/verify now uses DER encoded output/inputs and no LTC style headers. + -- Matt Johnston found a missing semi-colon in mp_exptmod(). Fix has been merged in. October 29th, 2004 v0.99 -- Merged in the latest version of LTM which includes all of the recent bug fixes -- Deprecated LTMSSE and removed it (to be replaced with TFM later on) -- Stefan Arentz pointed out that mp_s_rmap should be extern - -- Kristian Gj?steen pointed out that there are typos in the + -- Kristian Gj?steen pointed out that there are typos in the "test" makefile and minor issues in Yarrow and Sober [just cosmetics really] - -- Matthew P. Cashdollar pointed out that "export" is a C++ keyword + -- Matthew P. Cashdollar pointed out that "export" is a C++ keyword so changed the PRNG api to use "pexport" and "pimport" -- Updated "hashsum" demo so it builds ;-) -- Added automatic support for x86-64 (will configure for 64-bit little endian automagically) - -- Zhi Chen pointed out a bug in rsa_exptmod which would leak memory on error. + -- Zhi Chen pointed out a bug in rsa_exptmod which would leak memory on error. -- Made hash functions "init" return an int. slight change to API ;-( -- Added "CHC" mode which turns any cipher into a hash the other LTC functions can use -- Added CHC mode stuff to demos such as tv_gen and hashsum -- Added "makefile.shared" which builds and installs shared/static object copies of the library. - -- Added DER for bignum support - -- RSA is now fully joy. rsa_export/rsa_import use PKCS #1 encodings and should be + -- Added DER for bignum support + -- RSA is now fully joy. rsa_export/rsa_import use PKCS #1 encodings and should be compatible with other crypto libs that use the format. - -- Added support for x86-64 for the ROL/ROR macros + -- Added support for x86-64 for the ROL/ROR macros -- Changed the DLL and SO makefiles to optimize for speed, commented SMALL_CODE in mycrypt_custom.h and added -DSMALL_CODE to the default makefile -- Updated primality testing code so it does a minimum of 5 tests [of Miller-Rabin] @@ -564,10 +564,10 @@ v0.98 -- Update to hmac_init to free all allocated memory on error -- Update to PRNG API to fix import/export functions of Fortuna and Yarrow -- Added test functions to PRNG api, RC4 now conforms ;-) [was a minor issue] -- Added the SOBER-128 PRNG based off of code donated by Greg Rose. - -- Added Tech Note #4 [notes/tech0004.txt] - -- Changed RC4 back [due to request]. It will now XOR the output so you can use it like + -- Added Tech Note #4 [notes/tech0004.txt] + -- Changed RC4 back [due to request]. It will now XOR the output so you can use it like a stream cipher easily. - -- Update Fortuna's export() to emit a hash of each pool. This means that the accumulated + -- Update Fortuna's export() to emit a hash of each pool. This means that the accumulated entropy that was spread over all the pools isn't entirely lost when you export/import. -- Zhi Chen suggested a comment for rsa_encrypt_key() to let users know [easily] that it was PKCS #1 v2.0 padding. (updated other rsa_* functions) @@ -579,12 +579,12 @@ v0.98 -- Update to hmac_init to free all allocated memory on error -- Spruced up mycrypt_custom.h to trap more errors and also help prevent LTMSSE from being defined on non-i386 platforms by accident. -- Added RSA/ECC/DH speed tests to x86_prof and cleaned it up to build with zero warnings - -- Changed Fortuna to count only entropy [not the 2 byte header] added to pool[0] into the - reseed mechanism. - -- Added "export_size" member to prng_descriptor tables so you can know in advance the size of - the exported state for any given PRNG. + -- Changed Fortuna to count only entropy [not the 2 byte header] added to pool[0] into the + reseed mechanism. + -- Added "export_size" member to prng_descriptor tables so you can know in advance the size of + the exported state for any given PRNG. -- Ported over patch on LTM 0.30 [not ready to release LTM 0.31] that fixes bug in mp_mul()/mp_div() - that used to result in negative zeroes when you multiplied zero by a negative integer. + that used to result in negative zeroes when you multiplied zero by a negative integer. (patch due to "Wolfgang Ehrhardt" ) -- Fixed rsa_*decrypt_key() and rsa_*verify_hash() to default to invalid "stat" or "res". This way if any of the higher level functions fail [before you get to the padding] the result will be in @@ -598,35 +598,35 @@ v0.98 -- Update to hmac_init to free all allocated memory on error ++ New note, in order to use the optimized LOAD/STORE macros your platform must support unaligned 32/64 bit load/stores. The x86s support this but some [ARM for instance] do not. If your platform cannot perform - unaligned operations you must use the endian neutral code which is safe for + unaligned operations you must use the endian neutral code which is safe for any sort of platform. July 23rd, 2004 v0.97b -- Added PKCS #1 v1.5 RSA encrypt/sign helpers (like rsa_sign_hash, etc...) - -- Added missing prng check to rsa_decrypt_key() [not critical as I don't use + -- Added missing prng check to rsa_decrypt_key() [not critical as I don't use descriptors directly in that function] -- Merged in LTM-SSE, define LTMSSE before you build and you will get SSE2 optimized math ;-) (roughly 3x faster on a P4 Northwood). By default it will compile as ISO C portable code (when LTMSSE is undefined). -- Fixed bug in ltc_tommath.h where I had the kara/toom cutoffs not marked as ``extern'' Thanks to "Stefan Arentz" - -- Steven Dake and Richard Amacker submitted patches to + -- Steven Dake and Richard Amacker submitted patches to fix pkcs_5_2(). It now matches the output of another crypto library. Whoops... hehehe -- Updated PRNG api. Added Fortuna PRNG to the list of supported PRNGs -- Fixed up the descriptor tables since globals are automatically zero'ed on startup. -- Changed RC4 to store it's output. If you want to encrypt with RC4 you'll have to do the XOR yourself. - -- Fixed buffer overflows/overruns in the HMAC code. + -- Fixed buffer overflows/overruns in the HMAC code. ++ API change for the PRNGs there now is a done() function per PRNG. You should call it when you are done with a prng state. So far it's not absolutely required (won't cause problems) but is a good idea to - start. + start. June 23rd, 2004 v0.97a ++ Fixed several potentially crippling bugs... [read on] - -- Fixed bug in OAEP decoder that would incorrectly report + -- Fixed bug in OAEP decoder that would incorrectly report buffer overflows. [Zhi Chen] -- Fixed headers which had various C++ missing [extern "C"]'s -- Added "extern" to sha384_desc descriptor which I removed by mistake @@ -634,10 +634,10 @@ v0.97a ++ Fixed several potentially crippling bugs... [read on] -- Updated tiger.c and des.c to not shadow "round" which is intrinsic on some C compilers. -- Updated demos/test/rsa_test.c to test the RSA functionality better - ++ This update has been tested with GCC [v3.3.3], ICC [v8] and MSVC [v6+SP6] + ++ This update has been tested with GCC [v3.3.3], ICC [v8] and MSVC [v6+SP6] all on a x86 P4 [GCC/ICC tested in Gentoo Linux, MSVC in WinXP] ++ Outcome: The bug Zhi Chen pointed out has been fixed. So have the bugs - that Matt Johnston found. + that Matt Johnston found. June 19th, 2004 v0.97 -- Removed spurious unused files [arrg!] @@ -646,14 +646,14 @@ v0.97 -- Removed spurious unused files [arrg!] -- Reduced stack usage in PKCS #1 v2.0 padding functions (by several KBs) -- Removed useless extern's that were an artifact from the project start... ;-) -- Replaced memcpy/memset with XMEMCPY and XMEMSET for greater flexibility - -- fixed bugs in hmac_done()/hmac_init()/[various others()] where I didn't trap errors + -- fixed bugs in hmac_done()/hmac_init()/[various others()] where I didn't trap errors -- Reduced stack usage in OMAC/PMAC/HMAC/EAX/OCB/PKCS#5 by mallocing any significant sized arrays (e.g. > 100 bytes or so). Only in non-critical functions (e.g. eax_init()) -- "Zhi Chen" pointed out that rsa_decrypt_key() requires an incorrect output size (too large). Fixed. -- Added a "pretty" target to the GCC makefile. Requires PERL. It is NEAT! -- Minor updates to ch1 of the manual. - -- Cleaned up the indentation and added comments to rsa_make_key(), rsa_exptmod() and + -- Cleaned up the indentation and added comments to rsa_make_key(), rsa_exptmod() and rsa_verify_hash() -- Updated makefile.icc so the "install" target would work ;-) -- Removed demos/test.c [deprecated from demos/test/test.c] @@ -675,15 +675,15 @@ v0.96 -- Removed GF and Keyring code -- replaced old test harness with new over-engineer'ed one in /demos/test/ -- updated cbc/cfb/ofb/ctr code with setiv/getiv functions to change/read the IV without re-keying. -- Added PKCS #1 v1.5 RSA encryption and signature padding routines - -- Added DER OID's to most hash descriptors (as many as I could find) - -- modded rsa_exptmod() to use timing-resilient tim_exptmod() when doing private key operations + -- Added DER OID's to most hash descriptors (as many as I could find) + -- modded rsa_exptmod() to use timing-resilient tim_exptmod() when doing private key operations added #define RSA_TIMING which can turn on/off this feature. -- No more config.pl so please just read mycrypt_custom.h for build-time tweaks -- Small update to rand_prime() -- Updated sha1, md5 and sha256 so they are smaller when SMALL_CODE is defined. If you want speed though, you're going to have to undefine SMALL_CODE ;-) -- Worked over AES so that it's even smaller now [in both modes]. - + May 12th, 2004 v0.95 -- Optimized AES and WHIRLPOOL for SMALL_CODE by taking advantage of the fact the transforms are circulant. AES dropped 5KB and WHIRLPOOL dropped 13KB @@ -692,7 +692,7 @@ v0.95 -- Optimized AES and WHIRLPOOL for SMALL_CODE by taking advantage of the CLEAN_STACK has been defined. -- added LTC_TEST support to rmd160 -- updates to mycrypt_pk.h - -- updated rand_prime() to faciliate making RSA composites + -- updated rand_prime() to faciliate making RSA composites -- DSA/RSA now makes composites of the exact size desired. -- Refactored quite a bit of the code, fewer functions per C file -- cleaned up the makefiles to organize the objects logically @@ -701,8 +701,8 @@ v0.95 -- Optimized AES and WHIRLPOOL for SMALL_CODE by taking advantage of the -- GCC 3.4.0 tested and seems to work -- Added PKCS #5 support -- Fixed typo in comment header of .C files ;-) - -- Added PKCS #1 OAEP and PSS support. - + -- Added PKCS #1 OAEP and PSS support. + Feb 20th, 2004 v0.94 -- removed unused variables from ocb.c and fixed it to match known test vectors. -- Added PMAC support, minor changes to OMAC/EAX code [I think....] @@ -717,14 +717,14 @@ v0.94 -- removed unused variables from ocb.c and fixed it to match known test v error conversion from MPI to LTC codes. I also spotted a few "off by one" error checking which could have been used to force the code to read past the end of the buffer (in theory, haven't checked if it would work) by a few bytes. - -- Added checks to OUTPUT_BIGNUM so the *_export() functions cannot overflow the output and I + -- Added checks to OUTPUT_BIGNUM so the *_export() functions cannot overflow the output and I also modded it so it stores in the output provided to the function (that is not on the local stack) which saves memory and time. -- Made SAFER default to disabled for now (plans are to cleanhouse write an implementation later) -- Added the 512-bit one-way hash WHIRLPOOL which clocks in at 138 cycles per byte on my - Athlon XP [for comparison, SHA-512 clocks in at 77 cycles per byte]. This code uses the + Athlon XP [for comparison, SHA-512 clocks in at 77 cycles per byte]. This code uses the teams new sbox design (not the original NESSIE one). - + Jan 25th, 2004 v0.93 -- [note: deleted v0.93 changes by accident... recreating from memory...] @@ -736,10 +736,10 @@ v0.93 -- [note: deleted v0.93 changes by accident... recreating from memory...] -- Added EAX Encrypt+Authenticate support -- Fix to DSA to check return of a few LTM functions I forgot [mp_to_unsigned_bin] -- Added common headers to all C files - -- CTR mode supports big and little [default] endian counters now. + -- CTR mode supports big and little [default] endian counters now. -- fix to find_cipher_any() so that it can handle a fragmented cipher_descriptor table. -- added find_hash_any() akin to find_cipher_any(). - -- Added EAX code to demos/tv_gen.c Hazaa! + -- Added EAX code to demos/tv_gen.c Hazaa! -- Removed SONY defines and files from codebase. -- Added OCB support [patents be damned] and to demos/tv_gen.c -- Merge all of the INPUT/OUTPUT BIGNUM macros (less toc) into mycrypt_pk.h @@ -756,12 +756,12 @@ v0.92 -- Updated the config.pl script so the options have more details. -- config.pl has been updated so rmd128.o and rmd160.o are objects included in the build [oops] -- Andrew Mann found a bug in rsa_exptmod() which wouldn't indicate if the wrong type of key was specified (e.g. not PK_PRIVATE or PK_PUBLIC) - -- Fixed up demos/x86_prof so it sorts the output now :-) + -- Fixed up demos/x86_prof so it sorts the output now :-) -- The project is now powered by radioactive rubber pants. - -- Fixed dh_encrypt_key() so if you pass it a hash with a smaller output than the input key it + -- Fixed dh_encrypt_key() so if you pass it a hash with a smaller output than the input key it will return CRYPT_INVALID_HASH [to match what ecc_encrypt_key() will do] -- Merge the store/encrypt key part of ecc_encrypt_key() as per dh_encrypt_key() [can you guess what I'm upto?] - -- Massive updates to the prime generation code. I use the LTM random prime functions [and provide a nice + -- Massive updates to the prime generation code. I use the LTM random prime functions [and provide a nice interface between the LTC PRNG's and the LTM generic prng prototype]. I also use a variable number of tests depending on the input size. This nicely speeds up most prime generation/testing within the library. -- Added SHA-224 to the list of hashes. @@ -770,27 +770,27 @@ v0.92 -- Updated the config.pl script so the options have more details. -- Added generic HASH_PROCESS macro to mycrypt_hash.h which simplifies the hash "process" functions I also optimized the compression functions of all but MD2 to not perform input copies when avoidable. -- Removed the division from the Blowfish setup function [dropped 3k cycles on my Athlon] - -- Added stack cleaning to rijndael, cast5 so now all ciphers have CLEAN_STACK code. - -- Added Skipjack to the list of ciphers [made appropriate changes to demos/test.c, demos/tv_gen.c and + -- Added stack cleaning to rijndael, cast5 so now all ciphers have CLEAN_STACK code. + -- Added Skipjack to the list of ciphers [made appropriate changes to demos/test.c, demos/tv_gen.c and demos/x86_prof.c] -- Added mechanical testing to cipher test vector routines. Now it encrypts 1000 times, then decrypts and compares. Any fault (e.g. bug in code, compiler) in the routines is likely to show through. Doesn't stress test the key gen though... - -- Matt Johnson found a bug in the blowfish.c apparently I was out of my mind and put twofish defines in there + -- Matt Johnson found a bug in the blowfish.c apparently I was out of my mind and put twofish defines in there The code now builds with any config. Thanks. -- Added OMAC1 Message Authentication Code support to the library. - -- Re-prototyped the hash "process" and "done" to prevent buffer overflows [which don't seem easy to exploit]. + -- Re-prototyped the hash "process" and "done" to prevent buffer overflows [which don't seem easy to exploit]. Updated HMAC code to use them too. Hazaa! -- Fixed bug in ECC code which wouldn't do an _ARGCHK on stat in ecc_verify_hash(). - -- Fixed [temp fix] bug in all PK where the OUTPUT_BIGNUM macros would not trap errors on the to_unsigned_bin + -- Fixed [temp fix] bug in all PK where the OUTPUT_BIGNUM macros would not trap errors on the to_unsigned_bin conversion [now returns CRYPT_MEM, will fix it up better later] - -- Added DSA to the list of supported PK algorithms. + -- Added DSA to the list of supported PK algorithms. -- Fixed up various ciphers to &255 the input key bytes where required [e.g. where used to index a table] to prevent - problems on platforms where CHAR_BIT != 8 + problems on platforms where CHAR_BIT != 8 -- Merged in LibTomMath v0.28 -- Updated demos/x86_prof.c to use Yarrow during the key sched testing [was horribly slow on platforms with blockable - /dev/random]. - -- Added OMAC/HMAC tests to demos/tv_gen and I now store the output of this in notes/ + /dev/random]. + -- Added OMAC/HMAC tests to demos/tv_gen and I now store the output of this in notes/ -- Fixed a bug in config.pl that wouldn't have TWOFISH_TABLES defined by default (too many commas on the line) -- Fixed bug in hmac_done(). Apparently FIPS-198 [HMAC] specifies that the output can be truncated. My code would not support that (does now just like the new OMAC code). @@ -855,12 +855,12 @@ v0.88 -- Sped up CAST5 key schedule for MSVC -- Fixed up the makefile to use -fomit-frame-pointer more liberally -- Added tv_gen program which makes test vectors for ciphers/hashes -- Merged in LibTomMath v0.22 - + Jun 19th, 2003 v0.87 -- Many MSVC optimizations to the code base -- Improved the AES and Twofish key schedule [faster, more constant time] - -- Tons of optimizations here and there. - + -- Tons of optimizations here and there. + Jun 15th, 2003 v0.86 -- Fixed up AES to workaround MSVC optimizer bug -- Merged in fresh LTM base [based on v0.20] so there are no warnings with MSVC @@ -871,22 +871,22 @@ v0.86 -- Fixed up AES to workaround MSVC optimizer bug with the global "errno" -- Removed a set of unused variables from certain functions -- Removed {#line 0 "..."} stuff from mpi.c to comply with ISO C :-) - + Jun 11th, 2003 v0.85 -- Swapped in a new AES routine -- Removed Serpent -- Added TDCAL policy document - + Jun 1st, 2003 v0.84 -- Removed a 4KB buffer from rsa_decrypt_key that wasn't being used no more - -- Fixed another potential buffer problem. Not an overflow but could cause the + -- Fixed another potential buffer problem. Not an overflow but could cause the PK import routines to read past the end of the buffer. -- Optimized the ECC mulmod more by removing a if condition that will always be false -- Optimized prime.c to not include a 2nd prime table, removed code from is_prime calls prime test from LibTomMath now -- Added LTC_TEST define which when defined will enable the test vector routines [see mycrypt_custom.h] -- Removed ampi.o from the depends cuz it ain't no not working in *nix with it [routines are in mpi.c now]. - + Mar 29th, 2003 v0.83 -- Optimized the ecc_mulmod, it's faster and takes less heap/stack space @@ -895,18 +895,18 @@ v0.83 -- Optimized the ecc_mulmod, it's faster and takes less heap/stack space buffer overflow. -- Fixed a bug in the hmac testing code if you don't register all the hashes it won't return errors now. - + Mar 15th, 2003 v0.82 -- Manual updated -- Added MSVC makefile [back, actually its written from scratch to work with NMAKE] -- Change to HMAC helper functions API to avoid buffer overflow [source changes] - -- the rsa_encrypt_key was supposed to reject key sizes out of bounds ... - same fix to the rsa_sign_hash + -- the rsa_encrypt_key was supposed to reject key sizes out of bounds ... + same fix to the rsa_sign_hash -- Added code to ensure that that chaining mode code (cfb/ofb/ctr/cbc) have valid structures when being called. E.g. the indexes to the pad/ivs are not out of bounds -- Cleaned up the DES code and simplified the core desfunc routine. -- Simplified one of the boolean functions in MD4 - + Jan 16th, 2003 v0.81 -- Merged in new makefile from Clay Culver and Mike Frysinger -- Sped up the ECC mulmod() routine by making the word size adapt to the input. Saves a whopping 9 point @@ -919,7 +919,7 @@ v0.81 -- Merged in new makefile from Clay Culver and Mike Frysinger -- Changed the build process so that by default "mycrypt_custom.h" is included and provided The makefile doesn't include any build options anymore -- Removed the PS2 and VC makefiles. - + Dec 16th, 2002 v0.80 -- Found a change I made to the MPI that is questionable. Not quite a bug but definately not desired. Had todo with the digit shifting. In v0.79 I simply truncated without zeroing. It didn't cause problems during my @@ -928,7 +928,7 @@ v0.80 -- Found a change I made to the MPI that is questionable. Not quite a bu -- Fixed in rsa_exptmod() where I was getting the size of the result. Basically it accomplishes the same thing but the fixed code is more readable. -- Fixed slight bug in dh_sign_hash() where the random "k" value was 1 byte shorter than it should have been. I've - also made the #define FAST_PK speed up signatures as well. Essentially FAST_PK tells the DH sub-system to + also made the #define FAST_PK speed up signatures as well. Essentially FAST_PK tells the DH sub-system to limit any private exponent to 256-bits. Note that when FAST_PK is defined does not make the library binary or source incompatible with a copy of the library with it undefined. -- Removed the DSA code. If you want fast diffie-hellman just define FAST_PK :-) @@ -945,14 +945,14 @@ v0.80 -- Found a change I made to the MPI that is questionable. Not quite a bu -- Used splint to check alot of the code out. Tons of minor fixes and explicit casts added. -- Also made all the internal functions of MPI are now static to avoid poluting the namespace -- **Notice**: There are no planned future releases for at least a month from the this release date. - + Dec 14th, 2002 v0.79 -- Change to PK code [binary and source]. I made it so you have to pass the buffer size to the *_decrypt_key and *_verify_hash functions. This prevents malformed packets from performing buffer overflows. I've also trimmed the packet header size [by 4 bytes]. -- Made the test program halt on the first error it occurs. Also made it trap more errors than before. -- Wrote the first chapter of my new book [DRAFT!], not in this package but check my website! - -- Included a perl script "config.pl" that will make "makefile.out" according to the users needs. + -- Included a perl script "config.pl" that will make "makefile.out" according to the users needs. -- Added shell script to look for latest release -- Merge DH and ECC key defines from mycrypt_cfg.h into the makefiles -- updated the makefile to use BSD friendly archiving invokations @@ -970,7 +970,7 @@ v0.79 -- Change to PK code [binary and source]. I made it so you have to pass -- Fixed up the ECC point multiplication, its about 15% faster now -- While I was at it [since the lib isn't binary backwards compatible anyways] I've fixed the PK export routines so they export as "unsigned" types saving 1 byte per bignum outputted. Not a lot but heck why not. - + Nov 28th, 2002 v0.78 -- Made the default ARGCHK macro a function call instead which reduced the code size from 264KB to 239KB. -- Fixed a bug in the XTEA keysize function which called ARGCHK incorrectly. @@ -984,7 +984,7 @@ v0.78 -- Made the default ARGCHK macro a function call instead which reduced th bug where improperly made key packets could result in reading passed the end of the buffer. This means the code is no longer source compatible but still binary compatible. -- Fixed a few other minor bugs in the PK import code while I was at it. - + Nov 26th, 2002 v0.77 -- Updated the XTEA code to use pre-computed keys. With optimizations for speed it achieves 222Mbit/sec compared to the 121Mbit/sec before. It is 288 bytes bigger than before. @@ -997,11 +997,11 @@ v0.77 -- Updated the XTEA code to use pre-computed keys. With optimizations fo that a invalid value could have caused segfaults, etc... -- **NOTE** Changed the way the ECC/DH export/import functions work. They are source but not binary compatible with v0.76. Essentially insteading of exporting the setting index like before I export the key size. Now - if you ever re-configure which key settings are supported the lib will still be able to make use of your + if you ever re-configure which key settings are supported the lib will still be able to make use of your keys. - -- Optimized Blowfish by inlining the round function, unrolling it for four rounds then using a for loop for the - rest. It achieves a rate of 425Mbit/sec with the new code compared to 314Mbit/sec before. The new blowfish - object file is 7,813 bytes compared to 8,663 before and is 850 bytes smaller. So the code is both smaller and + -- Optimized Blowfish by inlining the round function, unrolling it for four rounds then using a for loop for the + rest. It achieves a rate of 425Mbit/sec with the new code compared to 314Mbit/sec before. The new blowfish + object file is 7,813 bytes compared to 8,663 before and is 850 bytes smaller. So the code is both smaller and faster! -- Optimized Twofish as well by inlining the round function. Gets ~400Mbit/sec compared to 280Mbit/sec before and the code is only 78 bytes larger than the previous copy. @@ -1017,11 +1017,11 @@ v0.76 -- Updated makefiles a bit more, use "-Os" instead of "-O2" to optimize f -- fixed a bug in the test program where errors in the hash test routines would not be reported correctly. I found this by temporarily changing one of the bytes of the test vectors. All the hashes check out [the demos/test.c would still have reported an error, just the wrong one]. - + Nov 24th, 2002 v0.75 -- Fixed a flaw in hash_filehandle, it should ARGCHK that the filehandle is not NULL - -- Fixed a bug where in hash_file if the call to hash_filehandle failed the open file would + -- Fixed a bug where in hash_file if the call to hash_filehandle failed the open file would not be closed. -- Added more strict rules to build process, starting to weed out "oh this works in GCC" style code In the next release "-Wconversion" will be enabled which will deal with all implicit casts. @@ -1047,7 +1047,7 @@ v0.73 -- Fixed bug in RC4 code where it could only use 255 byte keys. Nov 21th, 2002 v0.72 -- Fixed bug in the prime testing. In the Miller-Rabin test I was raising the base to "N-1" not "r". - The math still worked out fine because in effect it was performing a Fermat test. Tested the new code and it + The math still worked out fine because in effect it was performing a Fermat test. Tested the new code and it works properly -- Fixed some of the code where it was still using the old error syntax -- Sped up the RSA decrypt/sign routines @@ -1058,7 +1058,7 @@ v0.72 -- Fixed bug in the prime testing. In the Miller-Rabin test I was raisin Nov 19th, 2002 v0.71 -- HELP TOM. I need tuition for the January semester. Now I don't want to force donations [nor will I ever] but I really need the help! See my website http://tom.iahu.ca/help_tom.html for more details. Please help - if you can! + if you can! -------------------------------------------------------------------------------------------------------------- -- Officially the library is no longer supported in GCC 3.2 in windows [cygwin]. In windows you can either use GCC 2.95.3 or try your luck with 3.2 It seems that @@ -1067,21 +1067,21 @@ v0.71 -- HELP TOM. I need tuition for the January semester. Now I don't want -- Started new error handling API. Similar to the previous except there are more error codes than just CRYPT_ERROR -- Added my implementation of the MD2 hash function [despite the errors in the RFC I managed to get it right!] - -- Merged in more changes from Sky Schulz. I have to make mention here that he has been a tremendous help in + -- Merged in more changes from Sky Schulz. I have to make mention here that he has been a tremendous help in getting me motivated to make some much needed updates to the library! -- Fixed one of the many mistakes in the manual as pointed out by Daniel Richards -- Fixed a bug in the RC4 code [wasn't setting up the key correctly] -- Added my implementation of the CAST5 [aka CAST-128] block cipher (conforms...) -- Fixed numerous bugs in the PK code. Essentially I was "freeing" keys when the import failed. This is neither - required nor a good a idea [double free]. + required nor a good a idea [double free]. -- Tom needs a job. -- Fixed up the test harness as requested by Sky Schulz. Also modifed the timing routines to run for X seconds and count # of ops performed. This is more suitable than say encrypting 10 million blocks on a slow processor where it could take minutes! -- Modified test programs hashsum/encrypt to use the new algorithms and error handling syntax -- Removed the PKCS code since it was incomplete. In the future I plan on writing a "add-on" library that - provides PKCS support... - -- updated the config system so the #defines are in the makefiles instead of mycrypt_cfg.h + provides PKCS support... + -- updated the config system so the #defines are in the makefiles instead of mycrypt_cfg.h -- Willing to work on an hourly basis for 15$ CDN per hour. -- updated the test program to not test ciphers not included -- updated the makefile to make "rsa_sys.c" a dependency of rsa.o [helps develop the code...] @@ -1112,7 +1112,7 @@ v0.70 -- Updated so you can swap out the default malloc/calloc/free routines at -- Started towards new API setup. Instead of checking for "== CRYPT_ERROR" you should check "!= CRYPT_OK" In future releases functions will return things other than CRYPT_ERROR on error to give more useful thread safe error reporting. The manual will be updated to reflect this. For this release all - errors are returned as CRYPT_ERROR (except as noted) but in future releases this will change. + errors are returned as CRYPT_ERROR (except as noted) but in future releases this will change. -- Removed the zlib branch since its not really required anyways. Makes the package smaller Nov 11th, 2002 @@ -1125,18 +1125,18 @@ v0.68 -- Fixed flaw in kr_import/kr_export that wasted 4 bytes. Source but not -- kr_clear now sets the pointer to NULL to facilate debugging [e.g. using the keyring after clearing] -- static functions in _write/_read in keyring.c now check the return of ctr_encrypt/ctr_decrypt. -- Updated blowfish/rc2/rc5/rc6 keysize() function to not reject keys larger than the biggest key the - respective ciphers can use. + respective ciphers can use. -- Fixed a bug in hashsum demo that would report the hash for files that don't exist! Oct 16th, 2002 -v0.67 -- Moved the function prototypes into files mycrypt_*.h. To "install" the lib just copy all the +v0.67 -- Moved the function prototypes into files mycrypt_*.h. To "install" the lib just copy all the header files "*.h" from the base of this project into your global include path. -- Made the OFB/CFB/CTR functions use "unsigned long" for the length instead of "int" -- Added keyring support for the PK functions -- ***API CHANGE*** changed the ecc_make_key and dh_make_key to act more like rsa_make_key. Basically move the first argument to the next to last. -- Fixed bug in dh_test() that wouldn't test the primality of the order of the sub-group - -- replaced the primes in the DH code with new ones that are larger than the size they are + -- replaced the primes in the DH code with new ones that are larger than the size they are associated with. That is a 1024-bit DH key will have a 1025-bit prime as the modulus -- cleaned up all the PK code, changed a bit of the API around [not source compatible with v0.66] -- major editing of the manual, started Docer program @@ -1149,21 +1149,21 @@ v0.67 -- Moved the function prototypes into files mycrypt_*.h. To "install" th Returns int now instead of void. Sept 24th, 2002 -v0.66 -- Updated the /demos/test.c program to time the hashes correctly. Also it uses the yarrow PRNG for all of the - tests meaning its possible to run on RNG less platforms +v0.66 -- Updated the /demos/test.c program to time the hashes correctly. Also it uses the yarrow PRNG for all of the + tests meaning its possible to run on RNG less platforms -- Updated the /demos/hashsum.c program to hash from the standard input -- Updated the RSA code to make keys a bit quicker [update by Wayne Scott] by not making both primes at the same time. -- Dan Kaminsky suggested some cleanups for the code and the MPI config Code ships in unix LF format by default now too... will still build in MSVC and all... but if you want - to read the stuff you'll have to convert it + to read the stuff you'll have to convert it -- Changes to the manual to reflect new API [e.g. hash_memory/file have v0.65 prototypes]and some typos fixed Sept 20th, 2002 -v0.65 -- Wayne Scott (wscott@bitmover.com) made a few of suggestions to improve the library. Most - importantly he pointed out the math lib is not really required. He's also tested the lib on 18 - different platforms. According to him with only a few troubles [lack of /dev/random, etc] the - library worked as it was supposed to. You can find the list at +v0.65 -- Wayne Scott (wscott@bitmover.com) made a few of suggestions to improve the library. Most + importantly he pointed out the math lib is not really required. He's also tested the lib on 18 + different platforms. According to him with only a few troubles [lack of /dev/random, etc] the + library worked as it was supposed to. You can find the list at http://www.bitkeeper.com/Products.BitKeeper.Platforms.html -- Updated the hash_file and hash_memory functions to keep track of the size of the output -- Wayne Scott updated the demos/test.c file to use the SPRNG less and Yarrow more @@ -1175,14 +1175,14 @@ v0.64 -- wrote makefile for the GBA device [and hacked the demos/test.c file to -- fixed more typos in the manual -- removed all unused variables from the core library (ignore the ID_TAG stuff) -- added "const char *crypt_build_settings" string which is a build time constant that gives a listing - of all the build time options. Useful for debugging since you can send that to me and I will know what + of all the build time options. Useful for debugging since you can send that to me and I will know what exactly you had set for the mycrypt_cfg.h file. - -- Added control over endianess. Out of the box it defaults to endianess neutral but you can trivially - configure the library for your platform. Using this I boosted RC5 from 660Mbit/sec to 785Mbit/sec on my + -- Added control over endianess. Out of the box it defaults to endianess neutral but you can trivially + configure the library for your platform. Using this I boosted RC5 from 660Mbit/sec to 785Mbit/sec on my Athlon box. See "mycrypt_cfg.h" for more information. Sept 11th, 2002 -v0.63 -- Made hashsum demo output like the original md5sum program +v0.63 -- Made hashsum demo output like the original md5sum program -- Made additions to the examples in the manual (fixed them up a bunch) -- Merged in the base64 code from Wayne Scott (wscott@bitmover.com) @@ -1201,7 +1201,7 @@ v0.59 -- Fixed a "unsigned long long" bug that caused v0.58 not to build in MSV -- added code that times the hash functions too in the test program Aug 3rd, 2002 -v0.58 -- Added more stack cleaning conditionals throughout the code. +v0.58 -- Added more stack cleaning conditionals throughout the code. -- corrected some CLEAR_STACK conditionals... should have been CLEAN_STACK -- Simplified the RSA, DH and ECC encrypt() routines where they use CTR to encode the message now they only make one call to ctr_encrypt()/ctr_decrypt(). @@ -1209,11 +1209,11 @@ v0.58 -- Added more stack cleaning conditionals throughout the code. Aug 2nd, 2002 v0.57 -- Fixed a few errors messages in the SAFER code to actually report the correct cipher name. -- rsa_encrypt() uses the "keysize()" method of the cipher being used to more accurately pick a - key size. By default rsa_encrypt() will choose to use a 256-bit key but the cipher can turn that + key size. By default rsa_encrypt() will choose to use a 256-bit key but the cipher can turn that down if required. -- The rsa_exptmod() function will now more reliably detect invalid inputs (e.g. greater than the modulus). -- The padding method for RSA is more clearly documented. Namely if you want to encrypt/sign something of length - N then your modulus must be of length 1+3N. So to sign a message with say SHA-384 [48 bytes] you need a + N then your modulus must be of length 1+3N. So to sign a message with say SHA-384 [48 bytes] you need a 145 byte (1160 bits) modulus. This is all in the manual now. -- Added build option CLEAN_STACK which will allow you to choose whether you want to clean the stack or not after every cipher/hash call @@ -1259,7 +1259,7 @@ v0.52 -- Fixed a bug in MD4 where the hash descriptor ID was the same as SHA-51 -- Added {} braces for as many if/for/blocks of code I could find. My rule is that every for/if/while/do block must have {} braces around it. -- made the rounds table in saferp_setup const [again for the ROM think about the ROM!] - -- fixed RC5 since it no longer requires rc5 to be registered in the lib. It used to since the descriptors used to + -- fixed RC5 since it no longer requires rc5 to be registered in the lib. It used to since the descriptors used to be part of the table... -- the packet.c code now makes crypt_error literal string errors when an error occurs -- cleaned up the SAFER+ key schedule to be a bit easier to read. @@ -1271,7 +1271,7 @@ July 11th, 2002 v0.51 -- Fixed a bug in SHA512/384 code for multi-block messages. -- Added more test vectors to the SHA384/512 and TIGER hash functions -- cleaned up the hash done routines to make more sense - + July 10th, 2002 v0.50 -- Fixed yarrow.c so that the cipher/hash used would be registered. Also fixed a bug where the SAFER+ name was "safer" but should have been "safer+". @@ -1304,7 +1304,7 @@ Apr 4th, 2002 v0.44 -- Fixed bug in ecc.c::new_point() where if the initial malloc fails it would not catch it. Mar 22nd, 2002 -v0.43 -- Changed the ZLIB code over to the 1.1.4 code base to avoid the "double free" bug. +v0.43 -- Changed the ZLIB code over to the 1.1.4 code base to avoid the "double free" bug. -- Updated the GCC makefile not to use -O3 or -funroll-loops -- Version tag in mycrypt.h has been updated :-) @@ -1343,15 +1343,15 @@ v0.37 -- Added support code so that if a hash size and key size for a cipher do January 22nd, 2002 v0.36 -- Corrections to the manual -- Made a modification to Twofish which lets you build a "small ram" variant. It requires - about 190 bytes of ram for the key storage compared to the 4,200 bytes the normal + about 190 bytes of ram for the key storage compared to the 4,200 bytes the normal variant requires. -- Reduced the stack space used in all of the PK routines. January 19th, 2002 -v0.35 -- If you removed the first hash or cipher from the library it wouldn't return an error if +v0.35 -- If you removed the first hash or cipher from the library it wouldn't return an error if you used an ID=0 [i.e blowfish or sha256] in any routine. Now it checks for that and will return an error like it should - -- Merged in new routines from Clay Culver. These routines are for the PK code so you can easily + -- Merged in new routines from Clay Culver. These routines are for the PK code so you can easily encode a symmetric key for multiple recipients. -- Made the ecc and DH make_key() routines make secret keys of the same size as the keysize listed. Originally I wanted to ensure that the keys were smaller than the order of the field used @@ -1390,27 +1390,27 @@ v0.33 -- Made the lower limit on keysizes for RSA 1024 bits again because I rea if you want a 1024-bit prime it would make a 1023-bit one. Now it ensures that the prime it makes is always greater than 2^(8n) (n == bytes in prime). This doesn't have a huge impact on security but I corrected it just the same. - -- Fixed the CTR routine to work on platforms where char != 8-bits + -- Fixed the CTR routine to work on platforms where char != 8-bits -- Fixed sha1/sha256/md5/blowfish to not assume "unsigned long == 32-bits", Basically any operation with carries I "AND" with 0xFFFFFFFF. That forces only the lower 32-bits to have information in it. On x86 platforms most compilers optimize out the AND operation since its a nop. January 16th, 2002 v0.32 -- Made Rijndael's setup function fully static so it is thread safe - -- Svante Seleborg suggested a cosmetic style fixup for aes.c, + -- Svante Seleborg suggested a cosmetic style fixup for aes.c, basically to remove some of the #defines to clean it up -- Made the PK routines not export the ASCII version of the names of ciphers/hashes which makes the PK message formats *incompatible* with previous releases. -- Merge in Zlib :-) - - + + January 15th, 2002 -v0.31 -- The RSA routines can now use CRT to speed up decryption/signatures. The routines are backwards +v0.31 -- The RSA routines can now use CRT to speed up decryption/signatures. The routines are backwards compatible with previous releases. - -- Fixed another bug that Svante Seleborg found. Basically you could buffer-overrun the + -- Fixed another bug that Svante Seleborg found. Basically you could buffer-overrun the rsa_exptmod() function itself if you're not careful. That's fixed now. Fixed another bug in - rsa_exptmod() where if it knows the buffer you passed is too small it wouldn't free all used - memory. + rsa_exptmod() where if it knows the buffer you passed is too small it wouldn't free all used + memory. -- improved the readability of the PK import/export functions -- Added a fix to RSA.C by Clay Culver -- Changed the CONST64 macro for MSVC to use the "unsigned __int64" type, e.g. "ui64" instead of "i64". @@ -1428,7 +1428,7 @@ v0.29 -- Added MPI code written by Svante Seleborg to the library. This will m -- Fixed bugs in dh_key_size and ecc_key_size which would return garbage for invalid key idx'es January 11th, 2002 -v0.28 -- Cleaned up some code so that it doesn't assume "char == 8bits". Mainly SAFER+ has been +v0.28 -- Cleaned up some code so that it doesn't assume "char == 8bits". Mainly SAFER+ has been changed. -- ***HUGE*** changes in the PK code. I check all return values in the bignum code so if there are errors [insufficient memory, etc..] it will be reported. This makes the code fairly more @@ -1467,7 +1467,7 @@ v0.24 -- Sped up Blowfish by unrolling and removing the swaps. -- moved the demos and documentation into their own directories so you can easily build the library with other tool chains by compiling the files in the root - -- converted functions with length of outputs to use + -- converted functions with length of outputs to use "unsigned long" so 16-bit platforms will like this library more. January 5th, 2002 @@ -1476,12 +1476,12 @@ v0.23 -- Fixed a small error in the MPI config it should build fine anywhere. January 4th, 2002 v0.22 -- faster gf_mul() code -- gf_shl() and gf_shr() are safe on 64-bit platforms now - -- Fixed an error in the hashes that Brian Gladman found. - Basically if the message has exactly 56 bytes left to be + -- Fixed an error in the hashes that Brian Gladman found. + Basically if the message has exactly 56 bytes left to be compressed I handled them incorrectly. January 4th, 2002 -v0.21 -- sped up the ECC code by removing redundant divisions in the +v0.21 -- sped up the ECC code by removing redundant divisions in the point add and double routines. I also extract the bits more efficiently in "ecc_mulmod()" now. -- sped up [and documented] the rand_prime() function. Now it just @@ -1501,35 +1501,35 @@ v0.19 -- Updated the manual to reflect the fact that Brian Gladman wrote the AE -- new DH signature/verification code works just like the RSA/ECC versions January 3rd, 2002 -v0.18 -- Added way more comments to each .C file +v0.18 -- Added way more comments to each .C file -- fixed a bug in cbc_decrypt(pt, ct, key) where pt == ct [i.e same buffer] -- fixed RC5 so it reads the default rounds out of the cipher_descriptor table -- cleaned up ecc_export() - -- Cleaned up dh_import() and ecc_import() which also perform more + -- Cleaned up dh_import() and ecc_import() which also perform more error checking now -- Fixed a serious flaw in rsa_import() with private keys. January 2nd, 2002 v0.17 -- Fixed a bug in the random prime generator that fixes the wrong bits to one - -- ECC and DH code verify that the moduli and orders are in fact prime. That - slows down the test routines alot but what are you gonna do? + -- ECC and DH code verify that the moduli and orders are in fact prime. That + slows down the test routines alot but what are you gonna do? -- Fixed a huge bug in the mp_exptmod() function which incorrectly calculates g^x mod p for some values of p. I replaced it with a slow function. Once the author of MPI fixes his faster routine I will switch back. - + January 1st, 2002 [whoa new year!] v0.16 -- Improved GF division code that is faster. -- documented the GF code December 31st, 2001 -v0.15 -- A 1792-bit and 2048-bit DH setting was added. Took me all night to +v0.15 -- A 1792-bit and 2048-bit DH setting was added. Took me all night to find a 1792 and 2048-bit strong prime but what the heck -- Library now has polynomial-basis GF(2^w) routines I wrote myself. Can be used to perform ECC over GF(2^w) later on.... -- Fixed a bug with the defines that allows it to build in windows - + December 30th, 2001 -v0.14 -- Fixed the xxx_encrypt() packet routines to make an IV of appropriate size +v0.14 -- Fixed the xxx_encrypt() packet routines to make an IV of appropriate size for the cipher used. It was defaulting to making a 256-bit IV... -- base64_encode() now appends a NULL byte, um "duh" stupid mistake now fixed... -- spell checked the manual again... :-) @@ -1538,7 +1538,7 @@ December 30th, 2001 v0.13 -- Switching back to older copy of MPI since it works! arrg.. -- Added sign/verify functions for ECC -- all signature verification routines default to invalid signatures. - -- Changed all calls to memset to zeromem. Fixed up some buffer problems + -- Changed all calls to memset to zeromem. Fixed up some buffer problems in other routines. All calls to zeromem let the compiler determine the size of the data to wipe. @@ -1563,21 +1563,21 @@ v0.11 -- Made #define's so you can trim the library down by removing to the 246kb the full library takes. -- Added ECC packet routines for encrypt/decrypt/sign/verify much akin to the RSA packet routines. - -- ECC now compresses the public key, a ECC-192 public key takes 33 bytes + -- ECC now compresses the public key, a ECC-192 public key takes 33 bytes for example.... December 28th, 2001 -v0.10 -- going to restart the manual from scratch to make it more +v0.10 -- going to restart the manual from scratch to make it more clear and professional -- Added ECC over Z/pZ. Basically provides as much as DH except its faster since the numbers are smaller. For example, A comparable 256-bit ECC key provides as much security as expected from a DH key over 1024-bits. -- Cleaned up the DH code to not export the symbol "sets[]" - -- Fixed a bug in the DH code that would not make the correct size - random string if you made the key short. For instance if you wanted - a 512-bit DH key it would make a 768-bit one but only make up 512-bits - for the exponent... now it makes the full 768 bits [or whatever the case + -- Fixed a bug in the DH code that would not make the correct size + random string if you made the key short. For instance if you wanted + a 512-bit DH key it would make a 768-bit one but only make up 512-bits + for the exponent... now it makes the full 768 bits [or whatever the case is] -- Fixed another ***SERIOUS*** bug in the DH code that would default to 768-bit keys by mistake. @@ -1594,36 +1594,36 @@ December 24th, 2001 v0.08 -- fixed a typo in the manual. MPI stores its bignums in BIG endian not little. -- Started adding a RNG to the library. Right now it tries - to open /dev/random and if that fails it uses either the - MS CSP or the clock drift RNG. It also allows callbacks + to open /dev/random and if that fails it uses either the + MS CSP or the clock drift RNG. It also allows callbacks since the drift RNG is slow (about 3.5 bytes/sec) -- the RNG can also automatically setup a PRNG as well now -v0.07 -- Added basic DH routines sufficient to - negotiate shared secrets +v0.07 -- Added basic DH routines sufficient to + negotiate shared secrets [see the manual for a complete example!] -- Fixed rsa_import to detect when the input - could be corrupt. + could be corrupt. -- added more to the manual. December 22nd, 2001 -v0.06 -- Fixed some formatting errors in +v0.06 -- Fixed some formatting errors in the hash functions [just source code cleaning] -- Fixed a typo in the error message for sha256 :-) - -- Fixed an error in base64_encode() that + -- Fixed an error in base64_encode() that would fail to catch all buffer overruns - -- Test program times the RSA and symmetric cipher + -- Test program times the RSA and symmetric cipher routines for kicks... - -- Added the "const" modifier to alot of routines to + -- Added the "const" modifier to alot of routines to clear up the purpose of each function. - -- Changed the name of the library to "TomCrypt" + -- Changed the name of the library to "TomCrypt" following a suggestion from a sci.crypt reader.... -v0.05 -- Fixed the ROL/ROR macro to be safe on platforms +v0.05 -- Fixed the ROL/ROR macro to be safe on platforms where unsigned long is not 32-bits - -- I have added a bit more to the documentation + -- I have added a bit more to the documentation manual "crypt.pdf" provided. - -- I have added a makefile for LCC-Win32. It should be + -- I have added a makefile for LCC-Win32. It should be easy to port to other LCC platforms by changing a few lines. -- Ran a spell checker over the manual. -- Changed the header and library from "crypt" to "mycrypt" to not diff --git a/libtomcrypt/demos/encrypt.c b/libtomcrypt/demos/encrypt.c index 12b234652..f650429de 100644 --- a/libtomcrypt/demos/encrypt.c +++ b/libtomcrypt/demos/encrypt.c @@ -11,7 +11,7 @@ int errno; -int usage(char *name) +int usage(char *name) { int x; @@ -25,7 +25,7 @@ int usage(char *name) void register_algs(void) { int x; - + #ifdef LTC_RIJNDAEL register_cipher (&aes_desc); #endif @@ -79,7 +79,7 @@ void register_algs(void) if (register_hash(&sha256_desc) == -1) { printf("Error registering LTC_SHA256\n"); exit(-1); - } + } if (register_prng(&yarrow_desc) == -1) { printf("Error registering yarrow PRNG\n"); @@ -92,7 +92,7 @@ void register_algs(void) } } -int main(int argc, char *argv[]) +int main(int argc, char *argv[]) { unsigned char plaintext[512],ciphertext[512]; unsigned char tmpkey[512], key[MAXBLOCKSIZE], IV[MAXBLOCKSIZE]; @@ -121,7 +121,7 @@ int main(int argc, char *argv[]) cipher = argv[1]; infile = argv[2]; outfile = argv[3]; - } + } /* file handles setup */ fdin = fopen(infile,"rb"); @@ -131,11 +131,11 @@ int main(int argc, char *argv[]) } fdout = fopen(outfile,"wb"); - if (fdout == NULL) { + if (fdout == NULL) { perror("Can't open output for writing"); exit(-1); } - + cipher_idx = find_cipher(cipher); if (cipher_idx == -1) { printf("Invalid cipher entered on command line.\n"); @@ -150,7 +150,7 @@ int main(int argc, char *argv[]) ivsize = cipher_descriptor[cipher_idx].block_length; ks = hash_descriptor[hash_idx].hashsize; - if (cipher_descriptor[cipher_idx].keysize(&ks) != CRYPT_OK) { + if (cipher_descriptor[cipher_idx].keysize(&ks) != CRYPT_OK) { printf("Invalid keysize???\n"); exit(-1); } @@ -162,14 +162,14 @@ int main(int argc, char *argv[]) printf("Error hashing key: %s\n", error_to_string(errno)); exit(-1); } - + if (decrypt) { /* Need to read in IV */ if (fread(IV,1,ivsize,fdin) != ivsize) { printf("Error reading IV from input.\n"); exit(-1); } - + if ((errno = ctr_start(cipher_idx,IV,key,ks,0,CTR_COUNTER_LITTLE_ENDIAN,&ctr)) != CRYPT_OK) { printf("ctr_start error: %s\n",error_to_string(errno)); exit(-1); @@ -194,10 +194,10 @@ int main(int argc, char *argv[]) } else { /* encrypt */ /* Setup yarrow for random bytes for IV */ - + if ((errno = rng_make_prng(128, find_prng("yarrow"), &prng, NULL)) != CRYPT_OK) { printf("Error setting up PRNG, %s\n", error_to_string(errno)); - } + } /* You can use rng_get_bytes on platforms that support it */ /* x = rng_get_bytes(IV,ivsize,NULL);*/ @@ -206,7 +206,7 @@ int main(int argc, char *argv[]) printf("Error reading PRNG for IV required.\n"); exit(-1); } - + if (fwrite(IV,1,ivsize,fdout) != ivsize) { printf("Error writing IV to output.\n"); exit(-1); @@ -229,7 +229,7 @@ int main(int argc, char *argv[]) printf("Error writing to output.\n"); exit(-1); } - } while (y == sizeof(inbuf)); + } while (y == sizeof(inbuf)); fclose(fdout); fclose(fdin); } diff --git a/libtomcrypt/demos/test.c b/libtomcrypt/demos/test.c index 54de8901e..50014ce1c 100644 --- a/libtomcrypt/demos/test.c +++ b/libtomcrypt/demos/test.c @@ -24,7 +24,7 @@ int main(void) printf("\nmac_test......"); fflush(stdout); x = mac_test(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE); printf("\npkcs_1_test..."); fflush(stdout); x = pkcs_1_test(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE); printf("\nrsa_test......"); fflush(stdout); x = rsa_test(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE); - printf("\necc_test......"); fflush(stdout); x = ecc_tests(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE); + printf("\necc_test......"); fflush(stdout); x = ecc_tests(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE); printf("\ndsa_test......"); fflush(stdout); x = dsa_test(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE); printf("\nkatja_test...."); fflush(stdout); x = katja_test(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE); printf("\n"); diff --git a/libtomcrypt/genlist.sh b/libtomcrypt/genlist.sh index 03e13b3fc..6bc53c1cf 100644 --- a/libtomcrypt/genlist.sh +++ b/libtomcrypt/genlist.sh @@ -5,6 +5,6 @@ perl ./parsenames.pl OBJECTS "$a" export a=`find . -type f | grep [.]/src | grep [.]h | sed -e 'se\./ee' | xargs` perl ./parsenames.pl HEADERS "$a" -# $Source: /cvs/libtom/libtomcrypt/genlist.sh,v $ -# $Revision: 1.4 $ -# $Date: 2005/07/17 23:15:12 $ +# $Source: /cvs/libtom/libtomcrypt/genlist.sh,v $ +# $Revision: 1.4 $ +# $Date: 2005/07/17 23:15:12 $ diff --git a/libtomcrypt/makefile.icc b/libtomcrypt/makefile.icc index c1ff1630a..1a15cbf4d 100644 --- a/libtomcrypt/makefile.icc +++ b/libtomcrypt/makefile.icc @@ -4,10 +4,10 @@ # # Be aware that ICC isn't quite as stable as GCC and several optimization switches # seem to break the code (that GCC and MSVC compile just fine). In particular -# "-ip" and "-x*" seem to break the code (ROL/ROR macro problems). As the makefile +# "-ip" and "-x*" seem to break the code (ROL/ROR macro problems). As the makefile # is shipped the code will build and execute properly. # -# Also note that ICC often makes code that is slower than GCC. This is probably due to +# Also note that ICC often makes code that is slower than GCC. This is probably due to # a mix of not being able to use "-ip" and just having fewer optimization algos than GCC. # # Tom St Denis @@ -38,7 +38,7 @@ default:library # -ax? specifies make code specifically for ? but compatible with IA-32 # -x? specifies compile solely for ? [not specifically IA-32 compatible] # -# where ? is +# where ? is # K - PIII # W - first P4 [Williamette] # N - P4 Northwood @@ -51,7 +51,7 @@ CFLAGS += -O2 -xP -ip endif ifndef IGNORE_SPEED -CFLAGS += -O3 -xP -ip +CFLAGS += -O3 -xP -ip endif # want to see stuff? @@ -203,7 +203,7 @@ src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_en src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_import.o \ src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o \ src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \ -src/prngs/sprng.o src/prngs/yarrow.o +src/prngs/sprng.o src/prngs/yarrow.o HEADERS=src/headers/tomcrypt_cfg.h src/headers/tomcrypt_mac.h src/headers/tomcrypt_macros.h \ src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cipher.h \ @@ -226,7 +226,7 @@ else GROUP=wheel endif -#ciphers come in two flavours... enc+dec and enc +#ciphers come in two flavours... enc+dec and enc aes_enc.o: aes.c aes_tab.c $(CC) $(CFLAGS) -DENCRYPT_ONLY -c aes.c -o aes_enc.o @@ -237,7 +237,7 @@ TVS=demos/tv_gen.o TIMINGS=demos/timing.o TESTS=demos/test.o -#ciphers come in two flavours... enc+dec and enc +#ciphers come in two flavours... enc+dec and enc src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c $(CC) $(CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes.c -o src/ciphers/aes/aes_enc.o @@ -278,7 +278,7 @@ timing: library $(TIMINGS) testprof/$(LIBTEST) test: library $(TESTS) testprof/$(LIBTEST) $(CC) $(TESTS) testprof/$(LIBTEST) $(LIBNAME) $(EXTRALIBS) -o $(TEST) - + #This rule installs the library and the header files. This must be run #as root in order to have a high enough permission to write to the correct #directories and to set the owner and group to root. @@ -289,7 +289,7 @@ install: library install -g $(GROUP) -o $(USER) $(LIBTEST) $(DESTDIR)$(LIBPATH) install -g $(GROUP) -o $(USER) $(HEADERS) $(DESTDIR)$(INCPATH) -# $Source: /cvs/libtom/libtomcrypt/makefile.icc,v $ -# $Revision: 1.76 $ -# $Date: 2007/02/16 16:36:25 $ +# $Source: /cvs/libtom/libtomcrypt/makefile.icc,v $ +# $Revision: 1.76 $ +# $Date: 2007/02/16 16:36:25 $ diff --git a/libtomcrypt/notes/base64_tv.txt b/libtomcrypt/notes/base64_tv.txt index 01c8a4e74..6d58cc489 100644 --- a/libtomcrypt/notes/base64_tv.txt +++ b/libtomcrypt/notes/base64_tv.txt @@ -1,6 +1,6 @@ Base64 vectors. These are the base64 encodings of the strings 00,01,02...NN-1 - 0: + 0: 1: AA== 2: AAE= 3: AAEC diff --git a/libtomcrypt/notes/etc/saferp_optimizer.c b/libtomcrypt/notes/etc/saferp_optimizer.c index 4a66d6340..355829d23 100644 --- a/libtomcrypt/notes/etc/saferp_optimizer.c +++ b/libtomcrypt/notes/etc/saferp_optimizer.c @@ -16,7 +16,7 @@ b2[4] = b[14]; b2[5] = b[7]; b2[6] = b[6]; b2[7] = b[13]; \ b2[8] = b[0]; b2[9] = b[9]; b2[10] = b[8]; b2[11] = b[1]; \ b2[12] = b[2]; b2[13] = b[11]; b2[14] = b[10]; b2[15] = b[3]; memcpy(b, b2, sizeof(b)); - + #define ROUND(b, i) \ b[0] = (safer_ebox[(b[0] ^ skey->saferp.K[i][0]) & 255] + skey->saferp.K[i+1][0]) & 255; \ b[1] = safer_lbox[(b[1] + skey->saferp.K[i][1]) & 255] ^ skey->saferp.K[i+1][1]; \ @@ -33,12 +33,12 @@ b[12] = (safer_ebox[(b[12] ^ skey->saferp.K[i][12]) & 255] + skey->saferp.K[i+1][12]) & 255; \ b[13] = safer_lbox[(b[13] + skey->saferp.K[i][13]) & 255] ^ skey->saferp.K[i+1][13]; \ b[14] = safer_lbox[(b[14] + skey->saferp.K[i][14]) & 255] ^ skey->saferp.K[i+1][14]; \ - b[15] = (safer_ebox[(b[15] ^ skey->saferp.K[i][15]) & 255] + skey->saferp.K[i+1][15]) & 255; + b[15] = (safer_ebox[(b[15] ^ skey->saferp.K[i][15]) & 255] + skey->saferp.K[i+1][15]) & 255; int main(void) { int b[16], b2[16], x, y, z; - + /* -- ENCRYPT --- */ for (x = 0; x < 16; x++) b[x] = x; /* emit encrypt preabmle */ @@ -55,7 +55,7 @@ printf( " /* do eight rounds */\n" " for (x = 0; x < 16; x++) {\n" " b[x] = pt[x];\n" -" }\n"); +" }\n"); /* do 8 rounds of ROUND; LT; */ for (x = 0; x < 8; x++) { @@ -64,7 +64,7 @@ printf( printf("b[%d] = (safer_%cbox[(b[%d] %c skey->saferp.K[%d][%d]) & 255] %c skey->saferp.K[%d][%d]) & 255;\n", b[y], "elle"[y&3], b[y], "^++^"[y&3], x*2, y, "+^^+"[y&3], x*2+1, y); } - + /* LT */ for (y = 0; y < 4; y++) { printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[0], b[0], b[1], b[0], b[1]); @@ -77,10 +77,10 @@ printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[12], printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[14], b[14], b[15], b[15], b[14]); if (y < 3) { SHUF; - } - } + } + } } - + printf( " if (skey->saferp.rounds <= 8) {\n"); /* finish */ @@ -88,14 +88,14 @@ printf( printf( " ct[%d] = (b[%d] %c skey->saferp.K[skey->saferp.rounds*2][%d]) & 255;\n", x, b[x], "^++^"[x&3], x); - } + } printf(" return;\n }\n"); - + /* 192-bit keys */ -printf( +printf( " /* 192-bit key? */\n" " if (skey->saferp.rounds > 8) {\n"); - + /* do 4 rounds of ROUND; LT; */ for (x = 8; x < 12; x++) { /* ROUND(..., x*2) */ @@ -103,7 +103,7 @@ printf( printf("b[%d] = (safer_%cbox[(b[%d] %c skey->saferp.K[%d][%d]) & 255] %c skey->saferp.K[%d][%d]) & 255;\n", b[y], "elle"[y&3], b[y], "^++^"[y&3], x*2, y, "+^^+"[y&3], x*2+1, y); } - + /* LT */ for (y = 0; y < 4; y++) { printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[0], b[0], b[1], b[0], b[1]); @@ -116,11 +116,11 @@ printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[12], printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[14], b[14], b[15], b[15], b[14]); if (y < 3) { SHUF; - } - } + } + } } printf("}\n"); - + printf( " if (skey->saferp.rounds <= 12) {\n"); /* finish */ @@ -128,14 +128,14 @@ printf( printf( " ct[%d] = (b[%d] %c skey->saferp.K[skey->saferp.rounds*2][%d]) & 255;\n", x, b[x], "^++^"[x&3], x); - } + } printf(" return;\n }\n"); /* 256-bit keys */ -printf( +printf( " /* 256-bit key? */\n" " if (skey->saferp.rounds > 12) {\n"); - + /* do 4 rounds of ROUND; LT; */ for (x = 12; x < 16; x++) { /* ROUND(..., x*2) */ @@ -143,7 +143,7 @@ printf( printf("b[%d] = (safer_%cbox[(b[%d] %c skey->saferp.K[%d][%d]) & 255] %c skey->saferp.K[%d][%d]) & 255;\n", b[y], "elle"[y&3], b[y], "^++^"[y&3], x*2, y, "+^^+"[y&3], x*2+1, y); } - + /* LT */ for (y = 0; y < 4; y++) { printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[0], b[0], b[1], b[0], b[1]); @@ -156,15 +156,15 @@ printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[12], printf(" b[%d] = (b[%d] + (b[%d] = (b[%d] + b[%d]) & 255)) & 255;\n", b[14], b[14], b[15], b[15], b[14]); if (y < 3) { SHUF; - } - } + } + } } /* finish */ for (x = 0; x < 16; x++) { printf( " ct[%d] = (b[%d] %c skey->saferp.K[skey->saferp.rounds*2][%d]) & 255;\n", x, b[x], "^++^"[x&3], x); - } + } printf(" return;\n"); printf(" }\n}\n\n"); diff --git a/libtomcrypt/notes/etc/whirlgen.c b/libtomcrypt/notes/etc/whirlgen.c index d537cefe2..a5485186a 100644 --- a/libtomcrypt/notes/etc/whirlgen.c +++ b/libtomcrypt/notes/etc/whirlgen.c @@ -3,15 +3,15 @@ unsigned E[16] = { 1, 0xb, 9, 0xc, 0xd, 6, 0xf, 3, 0xe, 8, 7, 4, 0xa, 2, 5, 0 }; unsigned Ei[16]; unsigned R[16] = { 7, 0xc, 0xb, 0xd, 0xe, 4, 9, 0xf, 6, 3, 8, 0xa, 2, 5, 1, 0 }; -unsigned cir[8][8] = { +unsigned cir[8][8] = { {1, 1, 4, 1, 8, 5, 2, 9 }, -}; +}; unsigned gf_mul(unsigned a, unsigned b) { unsigned r; - + r = 0; while (a) { if (a & 1) r ^= b; @@ -24,24 +24,24 @@ unsigned gf_mul(unsigned a, unsigned b) unsigned sbox(unsigned x) { unsigned a, b, w; - + a = x >> 4; b = x & 15; - + a = E[a]; b = Ei[b]; w = a ^ b; w = R[w]; a = E[a ^ w]; b = Ei[b ^ w]; - - + + return (a << 4) | b; } int main(void) { unsigned x, y; - + for (x = 0; x < 16; x++) Ei[E[x]] = x; - + // for (x = 0; x < 16; x++) printf("%2x ", sbox(x)); for (y = 1; y < 8; y++) { for (x = 0; x < 8; x++) { @@ -49,7 +49,7 @@ int main(void) } } -/* +/* printf("\n"); for (y = 0; y < 8; y++) { for (x = 0; x < 8; x++) printf("%2d ", cir[y][x]); @@ -74,7 +74,7 @@ int main(void) } printf("};\n\n"); } - + printf("static const ulong64 cont[] = {\n"); for (y = 0; y <= 10; y++) { printf("CONST64(0x"); @@ -85,7 +85,7 @@ int main(void) } printf("};\n\n"); return 0; - + } diff --git a/libtomcrypt/notes/etc/whirltest.c b/libtomcrypt/notes/etc/whirltest.c index d8c24e889..ce50eb38f 100644 --- a/libtomcrypt/notes/etc/whirltest.c +++ b/libtomcrypt/notes/etc/whirltest.c @@ -4,7 +4,7 @@ int main(void) { char buf[4096]; int x; - + while (fgets(buf, sizeof(buf)-2, stdin) != NULL) { for (x = 0; x < 128; ) { printf("0x%c%c, ", buf[x], buf[x+1]); diff --git a/libtomcrypt/notes/tech0001.txt b/libtomcrypt/notes/tech0001.txt index daf7e57a0..87fed18fb 100644 --- a/libtomcrypt/notes/tech0001.txt +++ b/libtomcrypt/notes/tech0001.txt @@ -15,8 +15,8 @@ At the very least the system requires one timer and one source of un-timed inter that do not occur at regular intervals [e.g. joypad/keypad input, network packets, etc...]. First we shall begin by taking an overview of how the Yarrow PRNG works within libtomcrypt. At the heart of all -PRNGs is the "prng_state" data type. This is a union of structures that hold the PRNG state for the various prngs. The -first thing we require is a state... +PRNGs is the "prng_state" data type. This is a union of structures that hold the PRNG state for the various prngs. The +first thing we require is a state... prng_state myPrng; @@ -30,8 +30,8 @@ At this point the PRNG is ready to accept fresh entropy which is added with int yarrow_add_entropy(const unsigned char *buf, unsigned long len, prng_state *prng) -This function is **NOT** thread safe which will come under consideration later. To add entropy to our PRNG we must -call this function with fresh data as its sampled. Lets say we have a timer counter called "uTimer" which is a 32-bit +This function is **NOT** thread safe which will come under consideration later. To add entropy to our PRNG we must +call this function with fresh data as its sampled. Lets say we have a timer counter called "uTimer" which is a 32-bit long and say a 32-bit joyPad state called "uPad". An example interrupt handler would look like void joypad_interrupt(...) { @@ -42,7 +42,7 @@ long and say a 32-bit joyPad state called "uPad". An example interrupt handler if (yarrow_add_entropy(buf, 8, &myPrng) != CRYPT_OK) { // this should never occur either unless you didn't call yarrow_start } - + // handle interrupt } @@ -54,7 +54,7 @@ This method doesn't gather alot of entropy and has to be used to for quite a whi multiple sources. If you have a network adapter and other sources of events (keyboard, mouse, etc...) trapping their data is ideal as well. Its important to gather the timer along with the event data. -As mentioned the "yarrow_add_entropy()" function is not thread safe. If your system allows interrupt handlers to be +As mentioned the "yarrow_add_entropy()" function is not thread safe. If your system allows interrupt handlers to be interrupted themselves then you could have trouble. One simple way is to detect when an interrupt is in progress and simply not add entropy during the call (jump over the yarrow_add_entropy() call) @@ -62,7 +62,7 @@ Once you feel that there has been enough entropy added to the pool then within a int yarrow_ready(prng_state *prng) -Now the PRNG is ready to read via the +Now the PRNG is ready to read via the unsigned long yarrow_read(unsigned char *buf, unsigned long len, prng_state *prng) diff --git a/libtomcrypt/notes/tech0002.txt b/libtomcrypt/notes/tech0002.txt index b9990e02e..f3dc9eae6 100644 --- a/libtomcrypt/notes/tech0002.txt +++ b/libtomcrypt/notes/tech0002.txt @@ -7,44 +7,44 @@ Introduction A timing attack is when an attacker can observe a side channel of the device (in this case time). In this tech note we consider only non-intrusive timing attacks with respect to online computations. That is an attacker can -determine when a computation (such as a public key encryption) begins and ends but cannot observe the device +determine when a computation (such as a public key encryption) begins and ends but cannot observe the device directly. This is specifically important for applications which transmit data via a public network. Consider a Diffie-Hellman encryption which requires the sender to make up a public key "y = g^x mod p". Libtomcrypt uses the MPI bignum library to perform the operation. The time it takes to compute y is controlled by the number of 1 bits in the exponent 'x'. To a large extent there will be the same number of squaring operations. "1" bits in -the exponent require the sender to perform a multiplication. This means to a certain extent an attacker can +the exponent require the sender to perform a multiplication. This means to a certain extent an attacker can determine not only the magnitude of 'x' but the number of one bits. With this information the attacker cannot directly learn the key used. However, good cryptography mandates the close scrutiny of any practical side channel. -Similar logic applies to the other various routines. Fortunately for this case there is a simple solution. First, +Similar logic applies to the other various routines. Fortunately for this case there is a simple solution. First, determine the maximum time the particular operation can require. For instance, on an Athlon 1.53Ghz XP processor a DH-768 encryption requires roughly 50 milliseconds. Take that time and round it up. Now place a delay after the call. -For example, +For example, void demo(void) { clock_t t1; // get initial clock t1 = clock(); - + // some PK function - - // now delay + + // now delay while (clock() < (t1 + 100)); - + // transmit data... - + } This code has the effect of taking at least 100 ms always. In effect someone analyzing the traffic will see that the -operations always take a fixed amount of time. Since no two platforms are the same this type of fix has not been +operations always take a fixed amount of time. Since no two platforms are the same this type of fix has not been incorporated into libtomcrypt (nor is it desired for many platforms). This requires on the developers part to profile the code to determine the delays required. Note that this "quick" fix has no effect against an intrusive attacker. For example, power consumption will drop -significantly in the loop after the operation. However, this type of fix is more important to secure the user of the +significantly in the loop after the operation. However, this type of fix is more important to secure the user of the application/device. For example, a user placing an order online won't try to cheat themselves by cracking open their device and performing side-channel cryptanalysis. An attacker over a network might try to use the timing information against the user. diff --git a/libtomcrypt/notes/tech0003.txt b/libtomcrypt/notes/tech0003.txt index 471378aae..35f348e07 100644 --- a/libtomcrypt/notes/tech0003.txt +++ b/libtomcrypt/notes/tech0003.txt @@ -9,12 +9,12 @@ For the most part the library can get by with around 20KB of stack and about 32K public key functions. If all you plan on using are the hashes and ciphers than only about 1KB of stack is required and no heap. -To save space all of the symmetric key scheduled keys are stored in a union called "symmetric_key". This means the +To save space all of the symmetric key scheduled keys are stored in a union called "symmetric_key". This means the size of a symmetric_key is the size of the largest scheduled key. By removing the ciphers you don't use from the build you can minimize the size of this structure. For instance, by removing both Twofish and Blowfish the size reduces to 768 bytes from the 4,256 bytes it would have been (on a 32-bit platform). Or if you remove -Blowfish and use Twofish with TWOFISH_SMALL defined its still 768 bytes. Even at its largest the structure is only -4KB which is normally not a problem for any platform. +Blowfish and use Twofish with TWOFISH_SMALL defined its still 768 bytes. Even at its largest the structure is only +4KB which is normally not a problem for any platform. Cipher Name | Size of scheduled key (bytes) | @@ -43,7 +43,7 @@ Memory used per cipher on a 32-bit platform. Noekeon is a fairly fast cipher and uses very little memory. Ideally in low-ram platforms all other ciphers should be left undefined and Noekeon should remain. While Noekeon is generally considered a secure block cipher (it is insecure -as a hash) CAST5 is perhaps a "runner-up" choice. CAST5 has been around longer (it is also known as CAST-128) and is +as a hash) CAST5 is perhaps a "runner-up" choice. CAST5 has been around longer (it is also known as CAST-128) and is fairly fast as well. You can easily accomplish this via the "config.pl" script. Simply answer "n" to all of the ciphers except the one you want diff --git a/libtomcrypt/notes/tech0004.txt b/libtomcrypt/notes/tech0004.txt index 2acd3782f..a41c4ee60 100644 --- a/libtomcrypt/notes/tech0004.txt +++ b/libtomcrypt/notes/tech0004.txt @@ -5,8 +5,8 @@ Tom St Denis Introduction ------------ -This tech note explains how to use three of the more useful pseudo random number generators and their -own little "issues". While all of the PRNGs have the same API and are roughly used in the same +This tech note explains how to use three of the more useful pseudo random number generators and their +own little "issues". While all of the PRNGs have the same API and are roughly used in the same manner their effectiveness really depends on the user knowing how they work. @@ -18,12 +18,12 @@ plus the additional bits storing the message digest back in the pool. E.g. pool = hash(pool || newbits) -Simply dump bits into the PRNG via yarrow_add_entropy() and call yarrow_ready() when you want to +Simply dump bits into the PRNG via yarrow_add_entropy() and call yarrow_ready() when you want to put them to use. This PRNG while simple is not entirely safe. An attacker who learns the state -of the pool and can control future events can control the PRNG. This requires an active attacker but +of the pool and can control future events can control the PRNG. This requires an active attacker but isn't entire impossible. -The pool is then used as a key for a cipher that is used in CTR mode. +The pool is then used as a key for a cipher that is used in CTR mode. Yarrow is mostly meant for short-term programs [e.g. like file utils]. This particular implementation is not meant for long-term usage. @@ -32,11 +32,11 @@ Fortuna ------- Fortuna was designed by Niels Fergusson and Bruce Schneier [Bruce is also the guy who invented Yarrow]. It -operates on a more defensive level than Yarrow. Instead of 1 entropy pool it has 32 and the new entropy -is spread [round robin] in all of the pools. +operates on a more defensive level than Yarrow. Instead of 1 entropy pool it has 32 and the new entropy +is spread [round robin] in all of the pools. -That is, each call to fortuna_add_entropy() puts the bits in the next [in the sequenece] pool of entropy. -Effective bits are added to the pool by sending them through a hash [but not terminating the hash]. +That is, each call to fortuna_add_entropy() puts the bits in the next [in the sequenece] pool of entropy. +Effective bits are added to the pool by sending them through a hash [but not terminating the hash]. Here's the main catch though. When the PRNG must be reseeded [so that you can extract bits from it] only certain pools are used. More precisely the i'th pool is used every 2**i'th reseeding. For example, pool[0] @@ -46,19 +46,19 @@ The pools are hashed together along with the current key and the result is the n operates in CTR mode [more about that in a sec]. Now this may seem odd at first however there is a good reason behind it. An attacker who learns pool[0] won't -strictly know the other pools. So the recovery rate of is not 0. In fact pool[0] can be completely +strictly know the other pools. So the recovery rate of is not 0. In fact pool[0] can be completely compromised and the PRNG will still eventually recover. The value FORTUNA_WD is the "WatchDog" counter. -Every FORTUNA_WD calls to fortuna_read will invoke the reseed operation. By default this is set to 10 which -means after 10 calls the PRNG will reseed itself. +Every FORTUNA_WD calls to fortuna_read will invoke the reseed operation. By default this is set to 10 which +means after 10 calls the PRNG will reseed itself. -The pools are combined with the running cipher key [256 bits] so that a cipher in CTR mode can produce -the stream. Unlike Yarrow the cipher is re-keyed after every call to fortuna_read() [so one big call +The pools are combined with the running cipher key [256 bits] so that a cipher in CTR mode can produce +the stream. Unlike Yarrow the cipher is re-keyed after every call to fortuna_read() [so one big call would be faster than many smaller calls]. This prevents too much data being encrypted under the same key [and mitigates a flaw in CTR mode that the same block can't be emitted twice under the same key]. -Fortuna is really meant for a kernel-level PRNG. The more sources [and often] you feed into it the +Fortuna is really meant for a kernel-level PRNG. The more sources [and often] you feed into it the healthier it will be. It's also meant to be used for long term purposes. Since it can recover from -compromises it is harder to control it. +compromises it is harder to control it. SOBER-128 ------ @@ -66,10 +66,10 @@ SOBER-128 SOBER-128 is actually a stream cipher but like most ciphers can easily be modelled in the context of a PRNG. This PRNG is extremely fast [4 cycles/byte on a P4] and was designed by a well known cryptographer [Greg Rose]. -SOBER-128 doesn't really "act" like the other two PRNGs. It's meant to be seeded once and then read as +SOBER-128 doesn't really "act" like the other two PRNGs. It's meant to be seeded once and then read as required. In such a sense it isn't a "system PRNG" but useful short term purposes. In particular -the sober128_read() function actually XORs against the input buffer you specify. This allows the -read() function to be used as an "encrypt" function as well. +the sober128_read() function actually XORs against the input buffer you specify. This allows the +read() function to be used as an "encrypt" function as well. You can only key SOBER-128 once [by calling sober128_add_entropy()]. Once it it is keyed subsequent calls to add_entropy() will be considered a "re-IV" operation. Changing the IV allows you to use same @@ -81,8 +81,8 @@ All inputs to sober128_add_entropy() must have a length that is a multiple of fo Overall ------- -Since SOBER-128 is *much* faster than the other two PRNGs a good setup would be to use Fortuna as your -system-wide PRNG and use SOBER-128 [key'ed from Fortuna] for encrypting streams or as a PRNG for +Since SOBER-128 is *much* faster than the other two PRNGs a good setup would be to use Fortuna as your +system-wide PRNG and use SOBER-128 [key'ed from Fortuna] for encrypting streams or as a PRNG for simulations. Yarrow is still a good candidate but only for "short lived" programs. However, since Fortuna is faster diff --git a/libtomcrypt/notes/tech0005.txt b/libtomcrypt/notes/tech0005.txt index c2502208c..12afa2f08 100644 --- a/libtomcrypt/notes/tech0005.txt +++ b/libtomcrypt/notes/tech0005.txt @@ -7,9 +7,9 @@ Introduction Tweaking... -You can disable whole classes of algorithms on the command line with the LTC_NO_* defines. From there you can manually turn on what you want to enable. +You can disable whole classes of algorithms on the command line with the LTC_NO_* defines. From there you can manually turn on what you want to enable. -The following build with GCC 3.4.4 on an AMD64 box gets you AES, CTR mode, SHA-256, HMAC, Yarrow, full RSA PKCS #1, PKCS #5 and ASN.1 DER in +The following build with GCC 3.4.4 on an AMD64 box gets you AES, CTR mode, SHA-256, HMAC, Yarrow, full RSA PKCS #1, PKCS #5 and ASN.1 DER in roughly 40KB of code (49KB on the ARMv4) (both excluding the math library). CFLAGS="-DLTC_NO_CIPHERS -DLTC_NO_HASHES -DLTC_NO_PRNGS -DLTC_NO_MACS -DLTC_NO_MODES -DLTC_NO_PK -DLTC_RIJNDAEL -DLTC_CTR_MODE -DSHA256 \ diff --git a/libtomcrypt/notes/tech0006.txt b/libtomcrypt/notes/tech0006.txt index ecbe8b080..df401c1b5 100644 --- a/libtomcrypt/notes/tech0006.txt +++ b/libtomcrypt/notes/tech0006.txt @@ -19,15 +19,15 @@ The NIST DSA algorithm Key Format: HomeBrew [see below] Signature : ANSI X9.62 format [see below]. -Keys are stored as +Keys are stored as DSAPublicKey ::= SEQUENCE { publicFlags BIT STRING(1), -- must be 0 g INTEGER , -- base generator, check that g^q mod p == 1 -- and that 1 < g < p - 1 - p INTEGER , -- prime modulus + p INTEGER , -- prime modulus q INTEGER , -- order of sub-group (must be prime) - y INTEGER , -- public key, specifically, g^x mod p, + y INTEGER , -- public key, specifically, g^x mod p, -- check that y^q mod p == 1 -- and that 1 < y < p - 1 } @@ -36,15 +36,15 @@ DSAPrivateKey ::= SEQUENCE { publicFlags BIT STRING(1), -- must be 1 g INTEGER , -- base generator, check that g^q mod p == 1 -- and that 1 < g < p - 1 - p INTEGER , -- prime modulus + p INTEGER , -- prime modulus q INTEGER , -- order of sub-group (must be prime) - y INTEGER , -- public key, specifically, g^x mod p, + y INTEGER , -- public key, specifically, g^x mod p, -- check that y^q mod p == 1 -- and that 1 < y < p - 1 x INTEGER -- private key } -Signatures are stored as +Signatures are stored as DSASignature ::= SEQUENCE { r, s INTEGER -- signature parameters @@ -61,16 +61,16 @@ Encryption : Homebrew [based on X9.63, differs in that the public point is st Shared Secret: X9.63 compliant ECCPublicKey ::= SEQUENCE { - flags BIT STRING(1), -- public/private flag (always zero), - keySize INTEGER, -- Curve size (in bits) divided by eight + flags BIT STRING(1), -- public/private flag (always zero), + keySize INTEGER, -- Curve size (in bits) divided by eight -- and rounded down, e.g. 521 => 65 pubkey.x INTEGER, -- The X co-ordinate of the public key point pubkey.y INTEGER, -- The Y co-ordinate of the public key point } ECCPrivateKey ::= SEQUENCE { - flags BIT STRING(1), -- public/private flag (always one), - keySize INTEGER, -- Curve size (in bits) divided by eight + flags BIT STRING(1), -- public/private flag (always one), + keySize INTEGER, -- Curve size (in bits) divided by eight -- and rounded down, e.g. 521 => 65 pubkey.x INTEGER, -- The X co-ordinate of the public key point pubkey.y INTEGER, -- The Y co-ordinate of the public key point @@ -86,6 +86,6 @@ ECCEncrypted ::= SEQUENCE { skey OCTET STRING -- The encrypted text (which the hash was XOR'ed against) } -% $Source: /cvs/libtom/libtomcrypt/notes/tech0006.txt,v $ -% $Revision: 1.2 $ -% $Date: 2005/06/18 02:26:27 $ +% $Source: /cvs/libtom/libtomcrypt/notes/tech0006.txt,v $ +% $Revision: 1.2 $ +% $Date: 2005/06/18 02:26:27 $ diff --git a/libtomcrypt/parsenames.pl b/libtomcrypt/parsenames.pl index 761f03622..801b48983 100644 --- a/libtomcrypt/parsenames.pl +++ b/libtomcrypt/parsenames.pl @@ -1,8 +1,8 @@ #!/usr/bin/perl # -# Splits the list of files and outputs for makefile type files -# wrapped at 80 chars -# +# Splits the list of files and outputs for makefile type files +# wrapped at 80 chars +# # Tom St Denis @a = split(" ", $ARGV[1]); $b = "$ARGV[0]="; @@ -21,6 +21,6 @@ print "\n\n"; -# $Source: /cvs/libtom/libtomcrypt/parsenames.pl,v $ -# $Revision: 1.3 $ -# $Date: 2005/05/05 14:49:27 $ +# $Source: /cvs/libtom/libtomcrypt/parsenames.pl,v $ +# $Revision: 1.3 $ +# $Date: 2005/05/05 14:49:27 $ diff --git a/libtomcrypt/src/prngs/sober128tab.c b/libtomcrypt/src/prngs/sober128tab.c index a5754c727..674a35530 100644 --- a/libtomcrypt/src/prngs/sober128tab.c +++ b/libtomcrypt/src/prngs/sober128tab.c @@ -1,7 +1,7 @@ -/** +/** @file sober128tab.c SOBER-128 Tables -*/ +*/ /* $ID$ */ /* @(#)TuringMultab.h 1.3 (QUALCOMM) 02/09/03 */ /* Multiplication table for Turing using 0xD02B4367 */ @@ -82,7 +82,7 @@ static const ulong32 Multab[256] = { * "On the Design of 8*32 S-boxes". Unpublished report, by the * Information Systems Research Centre, * Queensland University of Technology, 1999. - * + * * The most significant 8 bits are the Skipjack "F table", which can be * found at http://csrc.nist.gov/CryptoToolkit/skipjack/skipjack.pdf . * In this optimised table, though, the intent is to XOR the word from diff --git a/libtomcrypt/testprof/base64_test.c b/libtomcrypt/testprof/base64_test.c index 5ce55dd5f..4e272c32a 100644 --- a/libtomcrypt/testprof/base64_test.c +++ b/libtomcrypt/testprof/base64_test.c @@ -4,7 +4,7 @@ int base64_test(void) { unsigned char in[64], out[256], tmp[64]; unsigned long x, l1, l2; - + for (x = 0; x < 64; x++) { yarrow_read(in, x, &yarrow_prng); l1 = sizeof(out); diff --git a/libtomcrypt/testprof/cipher_hash_test.c b/libtomcrypt/testprof/cipher_hash_test.c index 666d9139f..c2333b19e 100644 --- a/libtomcrypt/testprof/cipher_hash_test.c +++ b/libtomcrypt/testprof/cipher_hash_test.c @@ -8,17 +8,17 @@ int cipher_hash_test(void) unsigned char buf[4096]; unsigned long n; prng_state nprng; - + /* test ciphers */ for (x = 0; cipher_descriptor[x].name != NULL; x++) { DO(cipher_descriptor[x].test()); } - + /* test hashes */ for (x = 0; hash_descriptor[x].name != NULL; x++) { DO(hash_descriptor[x].test()); } - + /* test prngs (test, import/export */ for (x = 0; prng_descriptor[x].name != NULL; x++) { DO(prng_descriptor[x].test()); @@ -36,7 +36,7 @@ int cipher_hash_test(void) } prng_descriptor[x].done(&nprng); } - + return 0; } diff --git a/libtomcrypt/testprof/der_tests.c b/libtomcrypt/testprof/der_tests.c index 2778d508c..a99f7c0d5 100644 --- a/libtomcrypt/testprof/der_tests.c +++ b/libtomcrypt/testprof/der_tests.c @@ -23,46 +23,46 @@ static void der_set_test(void) unsigned char strs[10][10], outbuf[128]; unsigned long x, val, outlen; int err; - + /* make structure and encode it */ LTC_SET_ASN1(list, 0, LTC_ASN1_OCTET_STRING, oct_str, sizeof(oct_str)); LTC_SET_ASN1(list, 1, LTC_ASN1_BIT_STRING, bin_str, sizeof(bin_str)); LTC_SET_ASN1(list, 2, LTC_ASN1_SHORT_INTEGER, &int_val, 1); - + /* encode it */ outlen = sizeof(outbuf); if ((err = der_encode_set(list, 3, outbuf, &outlen)) != CRYPT_OK) { fprintf(stderr, "error encoding set: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } - - + + /* first let's test the set_decoder out of order to see what happens, we should get all the fields we expect even though they're in a diff order */ LTC_SET_ASN1(list, 0, LTC_ASN1_BIT_STRING, strs[1], sizeof(strs[1])); LTC_SET_ASN1(list, 1, LTC_ASN1_SHORT_INTEGER, &val, 1); LTC_SET_ASN1(list, 2, LTC_ASN1_OCTET_STRING, strs[0], sizeof(strs[0])); - + if ((err = der_decode_set(outbuf, outlen, list, 3)) != CRYPT_OK) { fprintf(stderr, "error decoding set using der_decode_set: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } - + /* now compare the items */ if (memcmp(strs[0], oct_str, sizeof(oct_str))) { fprintf(stderr, "error decoding set using der_decode_set (oct_str is wrong):\n"); exit(EXIT_FAILURE); } - + if (memcmp(strs[1], bin_str, sizeof(bin_str))) { fprintf(stderr, "error decoding set using der_decode_set (bin_str is wrong):\n"); exit(EXIT_FAILURE); } - + if (val != int_val) { fprintf(stderr, "error decoding set using der_decode_set (int_val is wrong):\n"); exit(EXIT_FAILURE); } - + strcpy((char*)strs[0], "one"); strcpy((char*)strs[1], "one2"); strcpy((char*)strs[2], "two"); @@ -73,39 +73,39 @@ static void der_set_test(void) strcpy((char*)strs[7], "bbb"); strcpy((char*)strs[8], "bbba"); strcpy((char*)strs[9], "bbbb"); - + for (x = 0; x < 10; x++) { LTC_SET_ASN1(list, x, LTC_ASN1_PRINTABLE_STRING, strs[x], strlen((char*)strs[x])); } - + outlen = sizeof(outbuf); - if ((err = der_encode_setof(list, 10, outbuf, &outlen)) != CRYPT_OK) { + if ((err = der_encode_setof(list, 10, outbuf, &outlen)) != CRYPT_OK) { fprintf(stderr, "error encoding SET OF: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } - + for (x = 0; x < 10; x++) { LTC_SET_ASN1(list, x, LTC_ASN1_PRINTABLE_STRING, strs[x], sizeof(strs[x]) - 1); } XMEMSET(strs, 0, sizeof(strs)); - + if ((err = der_decode_set(outbuf, outlen, list, 10)) != CRYPT_OK) { fprintf(stderr, "error decoding SET OF: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } - + /* now compare */ for (x = 1; x < 10; x++) { if (!(strlen((char*)strs[x-1]) <= strlen((char*)strs[x])) && strcmp((char*)strs[x-1], (char*)strs[x]) >= 0) { fprintf(stderr, "error SET OF order at %lu is wrong\n", x); exit(EXIT_FAILURE); } - } - + } + } -/* we are encoding +/* we are encoding SEQUENCE { PRINTABLE "printable" @@ -125,9 +125,9 @@ static void der_set_test(void) } } } - } + } -*/ +*/ static void der_flexi_test(void) { @@ -140,18 +140,18 @@ static void der_flexi_test(void) static const unsigned char oct_str[] = { 1, 2, 3, 4 }; static const unsigned char bit_str[] = { 1, 0, 0, 1 }; static const unsigned long oid_str[] = { 1, 2, 840, 113549 }; - + unsigned char encode_buf[192]; unsigned long encode_buf_len, decode_len; int err; - + ltc_asn1_list static_list[5][3], *decoded_list, *l; - + /* build list */ LTC_SET_ASN1(static_list[0], 0, LTC_ASN1_PRINTABLE_STRING, (void *)printable_str, strlen(printable_str)); LTC_SET_ASN1(static_list[0], 1, LTC_ASN1_IA5_STRING, (void *)ia5_str, strlen(ia5_str)); LTC_SET_ASN1(static_list[0], 2, LTC_ASN1_SEQUENCE, static_list[1], 3); - + LTC_SET_ASN1(static_list[1], 0, LTC_ASN1_SHORT_INTEGER, (void *)&int_val, 1); LTC_SET_ASN1(static_list[1], 1, LTC_ASN1_UTCTIME, (void *)&utctime, 1); LTC_SET_ASN1(static_list[1], 2, LTC_ASN1_SEQUENCE, static_list[2], 3); @@ -173,197 +173,197 @@ static void der_flexi_test(void) fprintf(stderr, "Encoding static_list: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } - + #if 0 { FILE *f; f = fopen("t.bin", "wb"); fwrite(encode_buf, 1, encode_buf_len, f); fclose(f); - } -#endif - + } +#endif + /* decode with flexi */ decode_len = encode_buf_len; if ((err = der_decode_sequence_flexi(encode_buf, &decode_len, &decoded_list)) != CRYPT_OK) { fprintf(stderr, "decoding static_list: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } - + if (decode_len != encode_buf_len) { fprintf(stderr, "Decode len of %lu does not match encode len of %lu \n", decode_len, encode_buf_len); exit(EXIT_FAILURE); } - + /* we expect l->next to be NULL and l->child to not be */ l = decoded_list; if (l->next != NULL || l->child == NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* we expect a SEQUENCE */ if (l->type != LTC_ASN1_SEQUENCE) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } l = l->child; - + /* PRINTABLE STRING */ /* we expect printable_str */ if (l->next == NULL || l->child != NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_PRINTABLE_STRING) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->size != strlen(printable_str) || memcmp(printable_str, l->data, l->size)) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; - - /* IA5 STRING */ + + /* IA5 STRING */ /* we expect ia5_str */ if (l->next == NULL || l->child != NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_IA5_STRING) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->size != strlen(ia5_str) || memcmp(ia5_str, l->data, l->size)) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; - + /* expect child anve move down */ - + if (l->next != NULL || l->child == NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_SEQUENCE) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } l = l->child; - + /* INTEGER */ - + if (l->next == NULL || l->child != NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_INTEGER) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (mp_cmp_d(l->data, 12345678UL) != LTC_MP_EQ) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; - + /* UTCTIME */ - + if (l->next == NULL || l->child != NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_UTCTIME) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (memcmp(l->data, &utctime, sizeof(utctime))) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; - + /* expect child anve move down */ - + if (l->next != NULL || l->child == NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_SEQUENCE) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } l = l->child; - - - /* OCTET STRING */ + + + /* OCTET STRING */ /* we expect oct_str */ if (l->next == NULL || l->child != NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_OCTET_STRING) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->size != sizeof(oct_str) || memcmp(oct_str, l->data, l->size)) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; - /* BIT STRING */ + /* BIT STRING */ /* we expect oct_str */ if (l->next == NULL || l->child != NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_BIT_STRING) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->size != sizeof(bit_str) || memcmp(bit_str, l->data, l->size)) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; /* expect child anve move down */ - + if (l->next != NULL || l->child == NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_SEQUENCE) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); @@ -371,65 +371,65 @@ static void der_flexi_test(void) l = l->child; - /* OID STRING */ + /* OID STRING */ /* we expect oid_str */ if (l->next == NULL || l->child != NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_OBJECT_IDENTIFIER) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->size != sizeof(oid_str)/sizeof(oid_str[0]) || memcmp(oid_str, l->data, l->size*sizeof(oid_str[0]))) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; - + /* NULL */ if (l->type != LTC_ASN1_NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; - + /* expect child anve move down */ if (l->next != NULL || l->child == NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_SET) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } l = l->child; - + /* PRINTABLE STRING */ /* we expect printable_str */ if (l->next == NULL || l->child != NULL) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->type != LTC_ASN1_PRINTABLE_STRING) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - -/* note we compare set2_str FIRST because the SET OF is sorted and "222" comes before "333" */ + +/* note we compare set2_str FIRST because the SET OF is sorted and "222" comes before "333" */ if (l->size != strlen(set2_str) || memcmp(set2_str, l->data, l->size)) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + /* move to next */ l = l->next; @@ -439,12 +439,12 @@ static void der_flexi_test(void) fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + if (l->size != strlen(set1_str) || memcmp(set1_str, l->data, l->size)) { fprintf(stderr, "(%d), %d, %lu, next=%p, prev=%p, parent=%p, child=%p\n", __LINE__, l->type, l->size, l->next, l->prev, l->parent, l->child); exit(EXIT_FAILURE); } - + der_sequence_free(l); @@ -483,7 +483,7 @@ static int der_choice_test(void) LTC_SET_ASN1(host, 0, LTC_ASN1_CHOICE, types, 7); - + /* encode */ outlen = sizeof(outbuf); DO(der_encode_sequence(&types[x>6?x-7:x], 1, outbuf, &outlen)); @@ -506,7 +506,7 @@ static int der_choice_test(void) mp_clear(mpinteger); return 0; } - + int der_tests(void) { @@ -522,7 +522,7 @@ int der_tests(void) 0x40, 0x72, 0x73, 0x61, 0x2e, 0x63, 0x6f, 0x6d }; static const unsigned char rsa_printable[] = "Test User 1"; - static const unsigned char rsa_printable_der[] = { 0x13, 0x0b, 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, + static const unsigned char rsa_printable_der[] = { 0x13, 0x0b, 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x65, 0x72, 0x20, 0x31 }; static const ltc_utctime rsa_time1 = { 91, 5, 6, 16, 45, 40, 1, 7, 0 }; @@ -600,10 +600,10 @@ int der_tests(void) return 1; } } - } + } mp_clear_multi(a, b, c, d, e, f, g, NULL); - + /* Test bit string */ for (zz = 1; zz < 1536; zz++) { yarrow_read(buf[0], zz, &yarrow_prng); @@ -613,7 +613,7 @@ int der_tests(void) x = sizeof(buf[1]); DO(der_encode_bit_string(buf[0], zz, buf[1], &x)); DO(der_length_bit_string(zz, &y)); - if (y != x) { + if (y != x) { fprintf(stderr, "\nDER BIT STRING length of encoded not match expected : %lu, %lu, %lu\n", z, x, y); return 1; } @@ -632,7 +632,7 @@ int der_tests(void) x = sizeof(buf[1]); DO(der_encode_octet_string(buf[0], zz, buf[1], &x)); DO(der_length_octet_string(zz, &y)); - if (y != x) { + if (y != x) { fprintf(stderr, "\nDER OCTET STRING length of encoded not match expected : %lu, %lu, %lu\n", z, x, y); return 1; } @@ -669,7 +669,7 @@ int der_tests(void) yarrow_read(buf[0], 4, &yarrow_prng); LOAD32L(z, buf[0]); z = 2 + (z % ((sizeof(oid[0])/sizeof(oid[0][0])) - 2)); - + /* fill them in */ oid[0][0] = buf[0][0] % 3; oid[0][1] = buf[0][1] % 40; @@ -688,7 +688,7 @@ int der_tests(void) for (x = 0; x < z; x++) fprintf(stderr, "%lu\n", oid[0][x]); return 1; } - + /* decode it */ y = sizeof(oid[0])/sizeof(oid[0][0]); DO(der_decode_object_identifier(buf[0], x, oid[1], &y)); @@ -760,7 +760,7 @@ for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]); printf("\n"); DO(der_decode_utctime(buf[0], &y, &tmp_time)); if (y != x || memcmp(&rsa_time1, &tmp_time, sizeof(ltc_utctime))) { fprintf(stderr, "UTCTIME decode failed for rsa_time1: %lu %lu\n", x, y); -fprintf(stderr, "\n\n%u %u %u %u %u %u %u %u %u\n\n", +fprintf(stderr, "\n\n%u %u %u %u %u %u %u %u %u\n\n", tmp_time.YY, tmp_time.MM, tmp_time.DD, @@ -790,7 +790,7 @@ for (y = 0; y < x; y++) fprintf(stderr, "%02x ", buf[0][y]); printf("\n"); DO(der_decode_utctime(buf[0], &y, &tmp_time)); if (y != x || memcmp(&rsa_time2, &tmp_time, sizeof(ltc_utctime))) { fprintf(stderr, "UTCTIME decode failed for rsa_time2: %lu %lu\n", x, y); -fprintf(stderr, "\n\n%u %u %u %u %u %u %u %u %u\n\n", +fprintf(stderr, "\n\n%u %u %u %u %u %u %u %u %u\n\n", tmp_time.YY, tmp_time.MM, tmp_time.DD, diff --git a/libtomcrypt/testprof/dsa_test.c b/libtomcrypt/testprof/dsa_test.c index 2398ba2d2..4878bb8fd 100644 --- a/libtomcrypt/testprof/dsa_test.c +++ b/libtomcrypt/testprof/dsa_test.c @@ -15,16 +15,16 @@ int dsa_test(void) /* verify it */ DO(dsa_verify_key(&key, &stat1)); if (stat1 == 0) { fprintf(stderr, "dsa_verify_key "); return 1; } - + /* encrypt a message */ for (x = 0; x < 16; x++) { msg[x] = x; } x = sizeof(out); DO(dsa_encrypt_key(msg, 16, out, &x, &yarrow_prng, find_prng("yarrow"), find_hash("sha1"), &key)); - + /* decrypt */ y = sizeof(out2); DO(dsa_decrypt_key(out, x, out2, &y, &key)); - + if (y != 16 || memcmp(out2, msg, 16)) { fprintf(stderr, "dsa_decrypt failed, y == %lu\n", y); return 1; diff --git a/libtomcrypt/testprof/ecc_test.c b/libtomcrypt/testprof/ecc_test.c index d623af3b8..e14419afe 100644 --- a/libtomcrypt/testprof/ecc_test.c +++ b/libtomcrypt/testprof/ecc_test.c @@ -68,7 +68,7 @@ int ecc_test_shamir(void) /* compute rA * G = A */ DO(ltc_mp.ecc_ptmul(rA, G, A, modulus, 1)); - + /* compute rB * G = B */ DO(ltc_mp.ecc_ptmul(rB, G, B, modulus, 1)); @@ -222,11 +222,11 @@ int ecc_tests (void) DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey)); buf[0][0] ^= 1; DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey)); - if (!(stat == 1 && stat2 == 0)) { + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "ecc_verify_hash failed %d, %d, ", stat, stat2); return 1; } - ecc_free (&usera); + ecc_free (&usera); ecc_free (&pubKey); ecc_free (&privKey); } diff --git a/libtomcrypt/testprof/katja_test.c b/libtomcrypt/testprof/katja_test.c index 86fe6b099..3b29dfe20 100644 --- a/libtomcrypt/testprof/katja_test.c +++ b/libtomcrypt/testprof/katja_test.c @@ -18,7 +18,7 @@ int katja_test(void) } for (size = 1024; size <= 2048; size += 256) { - + /* make 10 random key */ for (cnt = 0; cnt < 10; cnt++) { DO(katja_make_key(&yarrow_prng, prng_idx, size/8, &key)); @@ -65,7 +65,7 @@ for (cnt = 0; cnt < len; ) { len = sizeof(out); len2 = kat_msgsize; - + DO(katja_encrypt_key(in, kat_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, hash_idx, &key)); /* change a byte */ out[8] ^= 1; @@ -86,7 +86,7 @@ for (cnt = 0; cnt < len; ) { if (len2 != kat_msgsize || memcmp(tmp, in, kat_msgsize)) { unsigned long x; fprintf(stderr, "\nkatja_decrypt_key mismatch, len %lu (second decrypt)\n", len2); - fprintf(stderr, "Original contents: \n"); + fprintf(stderr, "Original contents: \n"); for (x = 0; x < kat_msgsize; ) { fprintf(stderr, "%02x ", in[x]); if (!(++x % 16)) { @@ -94,13 +94,13 @@ for (cnt = 0; cnt < len; ) { } } fprintf(stderr, "\n"); - fprintf(stderr, "Output contents: \n"); + fprintf(stderr, "Output contents: \n"); for (x = 0; x < kat_msgsize; ) { fprintf(stderr, "%02x ", out[x]); if (!(++x % 16)) { fprintf(stderr, "\n"); } - } + } fprintf(stderr, "\n"); return 1; } @@ -142,8 +142,8 @@ for (cnt = 0; cnt < len; ) { /* export key and import as both private and public */ len2 = sizeof(tmp); - DO(katja_export(tmp, &len2, PK_PRIVATE, &key)); - DO(katja_import(tmp, len2, &privKey)); + DO(katja_export(tmp, &len2, PK_PRIVATE, &key)); + DO(katja_import(tmp, len2, &privKey)); len2 = sizeof(tmp); DO(katja_export(tmp, &len2, PK_PUBLIC, &key)); DO(katja_import(tmp, len2, &pubKey)); @@ -153,7 +153,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &key)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "katja_verify_hash (unsalted, origKey) failed, %d, %d", stat, stat2); katja_free(&key); @@ -169,7 +169,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &privKey)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "katja_verify_hash (unsalted, privKey) failed, %d, %d", stat, stat2); katja_free(&key); @@ -185,7 +185,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &pubKey)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "katja_verify_hash (unsalted, pubkey) failed, %d, %d", stat, stat2); katja_free(&key); @@ -201,7 +201,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(katja_verify_hash(out, len, in, 20, hash_idx, 8, &stat2, &pubKey)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "katja_verify_hash (salted) failed, %d, %d", stat, stat2); katja_free(&key); @@ -215,7 +215,7 @@ for (cnt = 0; cnt < len; ) { katja_free(&pubKey); katja_free(&privKey); } - + /* free the key and return */ return 0; } diff --git a/libtomcrypt/testprof/mac_test.c b/libtomcrypt/testprof/mac_test.c index c09bb1d5e..c6a149125 100644 --- a/libtomcrypt/testprof/mac_test.c +++ b/libtomcrypt/testprof/mac_test.c @@ -4,13 +4,13 @@ int mac_test(void) { #ifdef LTC_HMAC - DO(hmac_test()); + DO(hmac_test()); #endif #ifdef LTC_PMAC - DO(pmac_test()); + DO(pmac_test()); #endif #ifdef LTC_OMAC - DO(omac_test()); + DO(omac_test()); #endif #ifdef LTC_XCBC DO(xcbc_test()); @@ -19,10 +19,10 @@ int mac_test(void) DO(f9_test()); #endif #ifdef LTC_EAX_MODE - DO(eax_test()); + DO(eax_test()); #endif #ifdef LTC_OCB_MODE - DO(ocb_test()); + DO(ocb_test()); #endif #ifdef LTC_CCM_MODE DO(ccm_test()); diff --git a/libtomcrypt/testprof/makefile.icc b/libtomcrypt/testprof/makefile.icc index 60628ce19..5a1321d8e 100644 --- a/libtomcrypt/testprof/makefile.icc +++ b/libtomcrypt/testprof/makefile.icc @@ -1,4 +1,4 @@ -CFLAGS += -I../src/headers -I./ +CFLAGS += -I../src/headers -I./ CC=icc OBJECTS = base64_test.o cipher_hash_test.o der_tests.o \ diff --git a/libtomcrypt/testprof/modes_test.c b/libtomcrypt/testprof/modes_test.c index c1cd1c4d6..f410d304c 100644 --- a/libtomcrypt/testprof/modes_test.c +++ b/libtomcrypt/testprof/modes_test.c @@ -15,23 +15,23 @@ int modes_test(void) symmetric_OFB ofb; #endif unsigned long l; - + /* make a random pt, key and iv */ yarrow_read(pt, 64, &yarrow_prng); yarrow_read(key, 16, &yarrow_prng); yarrow_read(iv, 16, &yarrow_prng); - + /* get idx of AES handy */ cipher_idx = find_cipher("aes"); if (cipher_idx == -1) { fprintf(stderr, "test requires AES"); return 1; } - + #ifdef LTC_F8_MODE DO(f8_test_mode()); -#endif - +#endif + #ifdef LTC_LRW_MODE DO(lrw_test()); #endif @@ -47,7 +47,7 @@ int modes_test(void) return 1; } DO(cbc_encrypt(pt, ct, 64, &cbc)); - + /* decode the block */ DO(cbc_setiv(iv2, l, &cbc)); zeromem(tmp, sizeof(tmp)); @@ -70,7 +70,7 @@ int modes_test(void) return 1; } DO(cfb_encrypt(pt, ct, 64, &cfb)); - + /* decode the block */ DO(cfb_setiv(iv, l, &cfb)); zeromem(tmp, sizeof(tmp)); @@ -80,7 +80,7 @@ int modes_test(void) return 1; } #endif - + #ifdef LTC_OFB_MODE /* test OFB mode */ /* encode the block */ @@ -92,7 +92,7 @@ int modes_test(void) return 1; } DO(ofb_encrypt(pt, ct, 64, &ofb)); - + /* decode the block */ DO(ofb_setiv(iv2, l, &ofb)); zeromem(tmp, sizeof(tmp)); @@ -103,14 +103,14 @@ int modes_test(void) } #endif -#ifdef LTC_CTR_MODE +#ifdef LTC_CTR_MODE DO(ctr_test()); #endif #ifdef LTC_XTS_MODE DO(xts_test()); #endif - + return 0; } diff --git a/libtomcrypt/testprof/pkcs_1_test.c b/libtomcrypt/testprof/pkcs_1_test.c index 6f59ce9ab..fe24b9e7a 100644 --- a/libtomcrypt/testprof/pkcs_1_test.c +++ b/libtomcrypt/testprof/pkcs_1_test.c @@ -12,11 +12,11 @@ int pkcs_1_test(void) /* get hash/prng */ hash_idx = find_hash("sha1"); prng_idx = find_prng("yarrow"); - + if (hash_idx == -1 || prng_idx == -1) { fprintf(stderr, "pkcs_1 tests require sha1/yarrow"); return 1; - } + } srand(time(NULL)); /* do many tests */ @@ -62,7 +62,7 @@ int pkcs_1_test(void) l1 = sizeof(buf[1]); DO(pkcs_1_pss_encode(buf[0], l3, saltlen, &yarrow_prng, prng_idx, hash_idx, modlen, buf[1], &l1)); DO(pkcs_1_pss_decode(buf[0], l3, buf[1], l1, saltlen, hash_idx, modlen, &res1)); - + buf[0][i1 = abs(rand()) % l3] ^= 1; DO(pkcs_1_pss_decode(buf[0], l3, buf[1], l1, saltlen, hash_idx, modlen, &res2)); diff --git a/libtomcrypt/testprof/rsa_test.c b/libtomcrypt/testprof/rsa_test.c index 2d5c063e7..cac730991 100644 --- a/libtomcrypt/testprof/rsa_test.c +++ b/libtomcrypt/testprof/rsa_test.c @@ -1,49 +1,49 @@ #include -#ifdef LTC_MRSA +#ifdef LTC_MRSA #define RSA_MSGSIZE 78 /* These are test keys [see file test.key] that I use to test my import/export against */ static const unsigned char openssl_private_rsa[] = { - 0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xcf, 0x9a, 0xde, 0x64, 0x8a, - 0xda, 0xc8, 0x33, 0x20, 0xa9, 0xd7, 0x83, 0x31, 0x19, 0x54, 0xb2, 0x9a, 0x85, 0xa7, 0xa1, 0xb7, - 0x75, 0x33, 0xb6, 0xa9, 0xac, 0x84, 0x24, 0xb3, 0xde, 0xdb, 0x7d, 0x85, 0x2d, 0x96, 0x65, 0xe5, - 0x3f, 0x72, 0x95, 0x24, 0x9f, 0x28, 0x68, 0xca, 0x4f, 0xdb, 0x44, 0x1c, 0x3e, 0x60, 0x12, 0x8a, - 0xdd, 0x26, 0xa5, 0xeb, 0xff, 0x0b, 0x5e, 0xd4, 0x88, 0x38, 0x49, 0x2a, 0x6e, 0x5b, 0xbf, 0x12, - 0x37, 0x47, 0xbd, 0x05, 0x6b, 0xbc, 0xdb, 0xf3, 0xee, 0xe4, 0x11, 0x8e, 0x41, 0x68, 0x7c, 0x61, - 0x13, 0xd7, 0x42, 0xc8, 0x80, 0xbe, 0x36, 0x8f, 0xdc, 0x08, 0x8b, 0x4f, 0xac, 0xa4, 0xe2, 0x76, - 0x0c, 0xc9, 0x63, 0x6c, 0x49, 0x58, 0x93, 0xed, 0xcc, 0xaa, 0xdc, 0x25, 0x3b, 0x0a, 0x60, 0x3f, - 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01, 0x00, 0x01, - 0x02, 0x81, 0x81, 0x00, 0xc8, 0x62, 0xb9, 0xea, 0xde, 0x44, 0x53, 0x1d, 0x56, 0x97, 0xd9, 0x97, - 0x9e, 0x1a, 0xcf, 0x30, 0x1e, 0x0a, 0x88, 0x45, 0x86, 0x29, 0x30, 0xa3, 0x4d, 0x9f, 0x61, 0x65, - 0x73, 0xe0, 0xd6, 0x87, 0x8f, 0xb6, 0xf3, 0x06, 0xa3, 0x82, 0xdc, 0x7c, 0xac, 0xfe, 0x9b, 0x28, - 0x9a, 0xae, 0xfd, 0xfb, 0xfe, 0x2f, 0x0e, 0xd8, 0x97, 0x04, 0xe3, 0xbb, 0x1f, 0xd1, 0xec, 0x0d, - 0xba, 0xa3, 0x49, 0x7f, 0x47, 0xac, 0x8a, 0x44, 0x04, 0x7e, 0x86, 0xb7, 0x39, 0x42, 0x3f, 0xad, - 0x1e, 0xb7, 0x0e, 0xa5, 0x51, 0xf4, 0x40, 0x63, 0x1e, 0xfd, 0xbd, 0xea, 0x9f, 0x41, 0x9f, 0xa8, - 0x90, 0x1d, 0x6f, 0x0a, 0x5a, 0x95, 0x13, 0x11, 0x0d, 0x80, 0xaf, 0x5f, 0x64, 0x98, 0x8a, 0x2c, - 0x78, 0x68, 0x65, 0xb0, 0x2b, 0x8b, 0xa2, 0x53, 0x87, 0xca, 0xf1, 0x64, 0x04, 0xab, 0xf2, 0x7b, - 0xdb, 0x83, 0xc8, 0x81, 0x02, 0x41, 0x00, 0xf7, 0xbe, 0x5e, 0x23, 0xc3, 0x32, 0x3f, 0xbf, 0x8b, - 0x8e, 0x3a, 0xee, 0xfc, 0xfc, 0xcb, 0xe5, 0xf7, 0xf1, 0x0b, 0xbc, 0x42, 0x82, 0xae, 0xd5, 0x7a, - 0x3e, 0xca, 0xf7, 0xd5, 0x69, 0x3f, 0x64, 0x25, 0xa2, 0x1f, 0xb7, 0x75, 0x75, 0x05, 0x92, 0x42, - 0xeb, 0xb8, 0xf1, 0xf3, 0x0a, 0x05, 0xe3, 0x94, 0xd1, 0x55, 0x78, 0x35, 0xa0, 0x36, 0xa0, 0x9b, - 0x7c, 0x92, 0x84, 0x6c, 0xdd, 0xdc, 0x4d, 0x02, 0x41, 0x00, 0xd6, 0x86, 0x0e, 0x85, 0x42, 0x0b, - 0x04, 0x08, 0x84, 0x21, 0x60, 0xf0, 0x0e, 0x0d, 0x88, 0xfd, 0x1e, 0x36, 0x10, 0x65, 0x4f, 0x1e, - 0x53, 0xb4, 0x08, 0x72, 0x80, 0x5c, 0x3f, 0x59, 0x66, 0x17, 0xe6, 0x98, 0xf2, 0xe9, 0x6c, 0x7a, - 0x06, 0x4c, 0xac, 0x76, 0x3d, 0xed, 0x8c, 0xa1, 0xce, 0xad, 0x1b, 0xbd, 0xb4, 0x7d, 0x28, 0xbc, - 0xe3, 0x0e, 0x38, 0x8d, 0x99, 0xd8, 0x05, 0xb5, 0xa3, 0x71, 0x02, 0x40, 0x6d, 0xeb, 0xc3, 0x2d, - 0x2e, 0xf0, 0x5e, 0xa4, 0x88, 0x31, 0x05, 0x29, 0x00, 0x8a, 0xd1, 0x95, 0x29, 0x9b, 0x83, 0xcf, - 0x75, 0xdb, 0x31, 0xe3, 0x7a, 0x27, 0xde, 0x3a, 0x74, 0x30, 0x0c, 0x76, 0x4c, 0xd4, 0x50, 0x2a, - 0x40, 0x2d, 0x39, 0xd9, 0x99, 0x63, 0xa9, 0x5d, 0x80, 0xae, 0x53, 0xca, 0x94, 0x3f, 0x05, 0x23, - 0x1e, 0xf8, 0x05, 0x04, 0xe1, 0xb8, 0x35, 0xf2, 0x17, 0xb3, 0xa0, 0x89, 0x02, 0x41, 0x00, 0xab, - 0x90, 0x88, 0xfa, 0x60, 0x08, 0x29, 0x50, 0x9a, 0x43, 0x8b, 0xa0, 0x50, 0xcc, 0xd8, 0x5a, 0xfe, - 0x97, 0x64, 0x63, 0x71, 0x74, 0x22, 0xa3, 0x20, 0x02, 0x5a, 0xcf, 0xeb, 0xc6, 0x16, 0x95, 0x54, - 0xd1, 0xcb, 0xab, 0x8d, 0x1a, 0xc6, 0x00, 0xfa, 0x08, 0x92, 0x9c, 0x71, 0xd5, 0x52, 0x52, 0x35, - 0x96, 0x71, 0x4b, 0x8b, 0x92, 0x0c, 0xd0, 0xe9, 0xbf, 0xad, 0x63, 0x0b, 0xa5, 0xe9, 0xb1, 0x02, - 0x41, 0x00, 0xdc, 0xcc, 0x27, 0xc8, 0xe4, 0xdc, 0x62, 0x48, 0xd5, 0x9b, 0xaf, 0xf5, 0xab, 0x60, - 0xf6, 0x21, 0xfd, 0x53, 0xe2, 0xb7, 0x5d, 0x09, 0xc9, 0x1a, 0xa1, 0x04, 0xa9, 0xfc, 0x61, 0x2c, - 0x5d, 0x04, 0x58, 0x3a, 0x5a, 0x39, 0xf1, 0x4a, 0x21, 0x56, 0x67, 0xfd, 0xcc, 0x20, 0xa3, 0x8f, - 0x78, 0x18, 0x5a, 0x79, 0x3d, 0x2e, 0x8e, 0x7e, 0x86, 0x0a, 0xe6, 0xa8, 0x33, 0xc1, 0x04, 0x17, + 0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xcf, 0x9a, 0xde, 0x64, 0x8a, + 0xda, 0xc8, 0x33, 0x20, 0xa9, 0xd7, 0x83, 0x31, 0x19, 0x54, 0xb2, 0x9a, 0x85, 0xa7, 0xa1, 0xb7, + 0x75, 0x33, 0xb6, 0xa9, 0xac, 0x84, 0x24, 0xb3, 0xde, 0xdb, 0x7d, 0x85, 0x2d, 0x96, 0x65, 0xe5, + 0x3f, 0x72, 0x95, 0x24, 0x9f, 0x28, 0x68, 0xca, 0x4f, 0xdb, 0x44, 0x1c, 0x3e, 0x60, 0x12, 0x8a, + 0xdd, 0x26, 0xa5, 0xeb, 0xff, 0x0b, 0x5e, 0xd4, 0x88, 0x38, 0x49, 0x2a, 0x6e, 0x5b, 0xbf, 0x12, + 0x37, 0x47, 0xbd, 0x05, 0x6b, 0xbc, 0xdb, 0xf3, 0xee, 0xe4, 0x11, 0x8e, 0x41, 0x68, 0x7c, 0x61, + 0x13, 0xd7, 0x42, 0xc8, 0x80, 0xbe, 0x36, 0x8f, 0xdc, 0x08, 0x8b, 0x4f, 0xac, 0xa4, 0xe2, 0x76, + 0x0c, 0xc9, 0x63, 0x6c, 0x49, 0x58, 0x93, 0xed, 0xcc, 0xaa, 0xdc, 0x25, 0x3b, 0x0a, 0x60, 0x3f, + 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01, 0x00, 0x01, + 0x02, 0x81, 0x81, 0x00, 0xc8, 0x62, 0xb9, 0xea, 0xde, 0x44, 0x53, 0x1d, 0x56, 0x97, 0xd9, 0x97, + 0x9e, 0x1a, 0xcf, 0x30, 0x1e, 0x0a, 0x88, 0x45, 0x86, 0x29, 0x30, 0xa3, 0x4d, 0x9f, 0x61, 0x65, + 0x73, 0xe0, 0xd6, 0x87, 0x8f, 0xb6, 0xf3, 0x06, 0xa3, 0x82, 0xdc, 0x7c, 0xac, 0xfe, 0x9b, 0x28, + 0x9a, 0xae, 0xfd, 0xfb, 0xfe, 0x2f, 0x0e, 0xd8, 0x97, 0x04, 0xe3, 0xbb, 0x1f, 0xd1, 0xec, 0x0d, + 0xba, 0xa3, 0x49, 0x7f, 0x47, 0xac, 0x8a, 0x44, 0x04, 0x7e, 0x86, 0xb7, 0x39, 0x42, 0x3f, 0xad, + 0x1e, 0xb7, 0x0e, 0xa5, 0x51, 0xf4, 0x40, 0x63, 0x1e, 0xfd, 0xbd, 0xea, 0x9f, 0x41, 0x9f, 0xa8, + 0x90, 0x1d, 0x6f, 0x0a, 0x5a, 0x95, 0x13, 0x11, 0x0d, 0x80, 0xaf, 0x5f, 0x64, 0x98, 0x8a, 0x2c, + 0x78, 0x68, 0x65, 0xb0, 0x2b, 0x8b, 0xa2, 0x53, 0x87, 0xca, 0xf1, 0x64, 0x04, 0xab, 0xf2, 0x7b, + 0xdb, 0x83, 0xc8, 0x81, 0x02, 0x41, 0x00, 0xf7, 0xbe, 0x5e, 0x23, 0xc3, 0x32, 0x3f, 0xbf, 0x8b, + 0x8e, 0x3a, 0xee, 0xfc, 0xfc, 0xcb, 0xe5, 0xf7, 0xf1, 0x0b, 0xbc, 0x42, 0x82, 0xae, 0xd5, 0x7a, + 0x3e, 0xca, 0xf7, 0xd5, 0x69, 0x3f, 0x64, 0x25, 0xa2, 0x1f, 0xb7, 0x75, 0x75, 0x05, 0x92, 0x42, + 0xeb, 0xb8, 0xf1, 0xf3, 0x0a, 0x05, 0xe3, 0x94, 0xd1, 0x55, 0x78, 0x35, 0xa0, 0x36, 0xa0, 0x9b, + 0x7c, 0x92, 0x84, 0x6c, 0xdd, 0xdc, 0x4d, 0x02, 0x41, 0x00, 0xd6, 0x86, 0x0e, 0x85, 0x42, 0x0b, + 0x04, 0x08, 0x84, 0x21, 0x60, 0xf0, 0x0e, 0x0d, 0x88, 0xfd, 0x1e, 0x36, 0x10, 0x65, 0x4f, 0x1e, + 0x53, 0xb4, 0x08, 0x72, 0x80, 0x5c, 0x3f, 0x59, 0x66, 0x17, 0xe6, 0x98, 0xf2, 0xe9, 0x6c, 0x7a, + 0x06, 0x4c, 0xac, 0x76, 0x3d, 0xed, 0x8c, 0xa1, 0xce, 0xad, 0x1b, 0xbd, 0xb4, 0x7d, 0x28, 0xbc, + 0xe3, 0x0e, 0x38, 0x8d, 0x99, 0xd8, 0x05, 0xb5, 0xa3, 0x71, 0x02, 0x40, 0x6d, 0xeb, 0xc3, 0x2d, + 0x2e, 0xf0, 0x5e, 0xa4, 0x88, 0x31, 0x05, 0x29, 0x00, 0x8a, 0xd1, 0x95, 0x29, 0x9b, 0x83, 0xcf, + 0x75, 0xdb, 0x31, 0xe3, 0x7a, 0x27, 0xde, 0x3a, 0x74, 0x30, 0x0c, 0x76, 0x4c, 0xd4, 0x50, 0x2a, + 0x40, 0x2d, 0x39, 0xd9, 0x99, 0x63, 0xa9, 0x5d, 0x80, 0xae, 0x53, 0xca, 0x94, 0x3f, 0x05, 0x23, + 0x1e, 0xf8, 0x05, 0x04, 0xe1, 0xb8, 0x35, 0xf2, 0x17, 0xb3, 0xa0, 0x89, 0x02, 0x41, 0x00, 0xab, + 0x90, 0x88, 0xfa, 0x60, 0x08, 0x29, 0x50, 0x9a, 0x43, 0x8b, 0xa0, 0x50, 0xcc, 0xd8, 0x5a, 0xfe, + 0x97, 0x64, 0x63, 0x71, 0x74, 0x22, 0xa3, 0x20, 0x02, 0x5a, 0xcf, 0xeb, 0xc6, 0x16, 0x95, 0x54, + 0xd1, 0xcb, 0xab, 0x8d, 0x1a, 0xc6, 0x00, 0xfa, 0x08, 0x92, 0x9c, 0x71, 0xd5, 0x52, 0x52, 0x35, + 0x96, 0x71, 0x4b, 0x8b, 0x92, 0x0c, 0xd0, 0xe9, 0xbf, 0xad, 0x63, 0x0b, 0xa5, 0xe9, 0xb1, 0x02, + 0x41, 0x00, 0xdc, 0xcc, 0x27, 0xc8, 0xe4, 0xdc, 0x62, 0x48, 0xd5, 0x9b, 0xaf, 0xf5, 0xab, 0x60, + 0xf6, 0x21, 0xfd, 0x53, 0xe2, 0xb7, 0x5d, 0x09, 0xc9, 0x1a, 0xa1, 0x04, 0xa9, 0xfc, 0x61, 0x2c, + 0x5d, 0x04, 0x58, 0x3a, 0x5a, 0x39, 0xf1, 0x4a, 0x21, 0x56, 0x67, 0xfd, 0xcc, 0x20, 0xa3, 0x8f, + 0x78, 0x18, 0x5a, 0x79, 0x3d, 0x2e, 0x8e, 0x7e, 0x86, 0x0a, 0xe6, 0xa8, 0x33, 0xc1, 0x04, 0x17, 0x4a, 0x9f, }; @@ -63,15 +63,15 @@ static const unsigned char openssl_public_rsa[] = { /* same key but with extra headers stripped */ static const unsigned char openssl_public_rsa_stripped[] = { - 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xcf, 0x9a, 0xde, - 0x64, 0x8a, 0xda, 0xc8, 0x33, 0x20, 0xa9, 0xd7, 0x83, 0x31, 0x19, 0x54, 0xb2, 0x9a, 0x85, 0xa7, - 0xa1, 0xb7, 0x75, 0x33, 0xb6, 0xa9, 0xac, 0x84, 0x24, 0xb3, 0xde, 0xdb, 0x7d, 0x85, 0x2d, 0x96, - 0x65, 0xe5, 0x3f, 0x72, 0x95, 0x24, 0x9f, 0x28, 0x68, 0xca, 0x4f, 0xdb, 0x44, 0x1c, 0x3e, 0x60, - 0x12, 0x8a, 0xdd, 0x26, 0xa5, 0xeb, 0xff, 0x0b, 0x5e, 0xd4, 0x88, 0x38, 0x49, 0x2a, 0x6e, 0x5b, - 0xbf, 0x12, 0x37, 0x47, 0xbd, 0x05, 0x6b, 0xbc, 0xdb, 0xf3, 0xee, 0xe4, 0x11, 0x8e, 0x41, 0x68, - 0x7c, 0x61, 0x13, 0xd7, 0x42, 0xc8, 0x80, 0xbe, 0x36, 0x8f, 0xdc, 0x08, 0x8b, 0x4f, 0xac, 0xa4, - 0xe2, 0x76, 0x0c, 0xc9, 0x63, 0x6c, 0x49, 0x58, 0x93, 0xed, 0xcc, 0xaa, 0xdc, 0x25, 0x3b, 0x0a, - 0x60, 0x3f, 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01, + 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xcf, 0x9a, 0xde, + 0x64, 0x8a, 0xda, 0xc8, 0x33, 0x20, 0xa9, 0xd7, 0x83, 0x31, 0x19, 0x54, 0xb2, 0x9a, 0x85, 0xa7, + 0xa1, 0xb7, 0x75, 0x33, 0xb6, 0xa9, 0xac, 0x84, 0x24, 0xb3, 0xde, 0xdb, 0x7d, 0x85, 0x2d, 0x96, + 0x65, 0xe5, 0x3f, 0x72, 0x95, 0x24, 0x9f, 0x28, 0x68, 0xca, 0x4f, 0xdb, 0x44, 0x1c, 0x3e, 0x60, + 0x12, 0x8a, 0xdd, 0x26, 0xa5, 0xeb, 0xff, 0x0b, 0x5e, 0xd4, 0x88, 0x38, 0x49, 0x2a, 0x6e, 0x5b, + 0xbf, 0x12, 0x37, 0x47, 0xbd, 0x05, 0x6b, 0xbc, 0xdb, 0xf3, 0xee, 0xe4, 0x11, 0x8e, 0x41, 0x68, + 0x7c, 0x61, 0x13, 0xd7, 0x42, 0xc8, 0x80, 0xbe, 0x36, 0x8f, 0xdc, 0x08, 0x8b, 0x4f, 0xac, 0xa4, + 0xe2, 0x76, 0x0c, 0xc9, 0x63, 0x6c, 0x49, 0x58, 0x93, 0xed, 0xcc, 0xaa, 0xdc, 0x25, 0x3b, 0x0a, + 0x60, 0x3f, 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01, 0x00, 0x01, }; static int rsa_compat_test(void) @@ -120,7 +120,7 @@ static int rsa_compat_test(void) rsa_free(&key); return 0; -} +} int rsa_test(void) { @@ -133,14 +133,14 @@ int rsa_test(void) if (rsa_compat_test() != 0) { return 1; } - + hash_idx = find_hash("sha1"); prng_idx = find_prng("yarrow"); if (hash_idx == -1 || prng_idx == -1) { fprintf(stderr, "rsa_test requires LTC_SHA1 and yarrow"); return 1; } - + /* make 10 random key */ for (cnt = 0; cnt < 10; cnt++) { DO(rsa_make_key(&yarrow_prng, prng_idx, 1024/8, 65537, &key)); @@ -179,7 +179,7 @@ for (cnt = 0; cnt < len; ) { rsa_free(&key); } } - + /* encrypt the key (without lparam) */ for (cnt = 0; cnt < 4; cnt++) { for (rsa_msgsize = 1; rsa_msgsize <= 86; rsa_msgsize++) { @@ -188,7 +188,7 @@ for (cnt = 0; cnt < len; ) { len = sizeof(out); len2 = rsa_msgsize; - + DO(rsa_encrypt_key(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, hash_idx, &key)); /* change a byte */ out[8] ^= 1; @@ -209,7 +209,7 @@ for (cnt = 0; cnt < len; ) { if (len2 != rsa_msgsize || memcmp(tmp, in, rsa_msgsize)) { unsigned long x; fprintf(stderr, "\nrsa_decrypt_key mismatch, len %lu (second decrypt)\n", len2); - fprintf(stderr, "Original contents: \n"); + fprintf(stderr, "Original contents: \n"); for (x = 0; x < rsa_msgsize; ) { fprintf(stderr, "%02x ", in[x]); if (!(++x % 16)) { @@ -217,13 +217,13 @@ for (cnt = 0; cnt < len; ) { } } fprintf(stderr, "\n"); - fprintf(stderr, "Output contents: \n"); + fprintf(stderr, "Output contents: \n"); for (x = 0; x < rsa_msgsize; ) { fprintf(stderr, "%02x ", out[x]); if (!(++x % 16)) { fprintf(stderr, "\n"); } - } + } fprintf(stderr, "\n"); return 1; } @@ -281,8 +281,8 @@ for (cnt = 0; cnt < len; ) { /* export key and import as both private and public */ len2 = sizeof(tmp); - DO(rsa_export(tmp, &len2, PK_PRIVATE, &key)); - DO(rsa_import(tmp, len2, &privKey)); + DO(rsa_export(tmp, &len2, PK_PRIVATE, &key)); + DO(rsa_import(tmp, len2, &privKey)); len2 = sizeof(tmp); DO(rsa_export(tmp, &len2, PK_PUBLIC, &key)); DO(rsa_import(tmp, len2, &pubKey)); @@ -292,7 +292,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &key)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "rsa_verify_hash (unsalted, origKey) failed, %d, %d", stat, stat2); rsa_free(&key); @@ -308,7 +308,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &privKey)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "rsa_verify_hash (unsalted, privKey) failed, %d, %d", stat, stat2); rsa_free(&key); @@ -324,7 +324,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(rsa_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &pubKey)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "rsa_verify_hash (unsalted, pubkey) failed, %d, %d", stat, stat2); rsa_free(&key); @@ -340,7 +340,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(rsa_verify_hash(out, len, in, 20, hash_idx, 8, &stat2, &pubKey)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "rsa_verify_hash (salted) failed, %d, %d", stat, stat2); rsa_free(&key); @@ -348,7 +348,7 @@ for (cnt = 0; cnt < len; ) { rsa_free(&privKey); return 1; } - + /* sign a message with LTC_PKCS #1 v1.5 */ len = sizeof(out); DO(rsa_sign_hash_ex(in, 20, out, &len, LTC_LTC_PKCS_1_V1_5, &yarrow_prng, prng_idx, hash_idx, 8, &privKey)); @@ -356,7 +356,7 @@ for (cnt = 0; cnt < len; ) { /* change a byte */ in[0] ^= 1; DO(rsa_verify_hash_ex(out, len, in, 20, LTC_LTC_PKCS_1_V1_5, hash_idx, 8, &stat2, &pubKey)); - + if (!(stat == 1 && stat2 == 0)) { fprintf(stderr, "rsa_verify_hash_ex failed, %d, %d", stat, stat2); rsa_free(&key); diff --git a/libtomcrypt/testprof/x86_prof.c b/libtomcrypt/testprof/x86_prof.c index a9a898598..fe3989ae7 100644 --- a/libtomcrypt/testprof/x86_prof.c +++ b/libtomcrypt/testprof/x86_prof.c @@ -25,7 +25,7 @@ void tally_results(int type) if (type == 0) { for (x = 0; x < no_results; x++) { fprintf(stderr, "%-20s: Schedule at %6lu\n", cipher_descriptor[results[x].id].name, (unsigned long)results[x].spd1); - } + } } else if (type == 1) { for (x = 0; x < no_results; x++) { printf @@ -69,9 +69,9 @@ ulong64 rdtsc (void) #else register unsigned long x, y; __asm__ __volatile__ ("rd %%tick, %0; clruw %0, %1; srlx %0, 32, %0" : "=r" (x), "=r" (y) : "0" (x), "1" (y)); - return ((unsigned long long) x << 32) | y; + return ((unsigned long long) x << 32) | y; #endif - #else + #else return XCLOCK(); #endif @@ -234,7 +234,7 @@ void reg_algs(void) #endif -#ifndef LTC_YARROW +#ifndef LTC_YARROW #error This demo requires Yarrow. #endif register_prng(&yarrow_desc); @@ -252,7 +252,7 @@ register_prng(&sober128_desc); fprintf(stderr, "rng_make_prng failed: %s\n", error_to_string(err)); exit(EXIT_FAILURE); } - + } int time_keysched(void) @@ -265,7 +265,7 @@ int time_keysched(void) unsigned char key[MAXBLOCKSIZE]; fprintf(stderr, "\n\nKey Schedule Time Trials for the Symmetric Ciphers:\n(Times are cycles per key)\n"); - no_results = 0; + no_results = 0; for (x = 0; cipher_descriptor[x].name != NULL; x++) { #define DO1(k) func(k, kl, 0, &skey); @@ -346,14 +346,14 @@ int time_cipher(void) } a2 = c2 - c1 - skew; ecb_done(&ecb); - + results[no_results].id = x; results[no_results].spd1 = a1/(sizeof(pt)/cipher_descriptor[x].block_length); results[no_results].spd2 = a2/(sizeof(pt)/cipher_descriptor[x].block_length); results[no_results].avg = (results[no_results].spd1 + results[no_results].spd2+1)/2; ++no_results; fprintf(stderr, "."); fflush(stdout); - + #undef DO2 #undef DO1 } @@ -362,7 +362,7 @@ int time_cipher(void) return 0; } -#ifdef LTC_CBC_MODE +#ifdef LTC_CBC_MODE int time_cipher2(void) { unsigned long x, y1; @@ -418,14 +418,14 @@ int time_cipher2(void) } a2 = c2 - c1 - skew; cbc_done(&cbc); - + results[no_results].id = x; results[no_results].spd1 = a1/(sizeof(pt)/cipher_descriptor[x].block_length); results[no_results].spd2 = a2/(sizeof(pt)/cipher_descriptor[x].block_length); results[no_results].avg = (results[no_results].spd1 + results[no_results].spd2+1)/2; ++no_results; fprintf(stderr, "."); fflush(stdout); - + #undef DO2 #undef DO1 } @@ -493,14 +493,14 @@ int time_cipher3(void) } a2 = c2 - c1 - skew; ctr_done(&ctr); - + results[no_results].id = x; results[no_results].spd1 = a1/(sizeof(pt)/cipher_descriptor[x].block_length); results[no_results].spd2 = a2/(sizeof(pt)/cipher_descriptor[x].block_length); results[no_results].avg = (results[no_results].spd1 + results[no_results].spd2+1)/2; ++no_results; fprintf(stderr, "."); fflush(stdout); - + #undef DO2 #undef DO1 } @@ -570,14 +570,14 @@ int time_cipher4(void) a2 = c2 - c1 - skew; lrw_done(&lrw); - + results[no_results].id = x; results[no_results].spd1 = a1/(sizeof(pt)/cipher_descriptor[x].block_length); results[no_results].spd2 = a2/(sizeof(pt)/cipher_descriptor[x].block_length); results[no_results].avg = (results[no_results].spd1 + results[no_results].spd2+1)/2; ++no_results; fprintf(stderr, "."); fflush(stdout); - + #undef DO2 #undef DO1 } @@ -674,7 +674,7 @@ void time_mult(void) #undef DO1 #undef DO2 -} +} void time_sqr(void) { @@ -709,7 +709,7 @@ void time_sqr(void) void time_mult(void) { fprintf(stderr, "NO MULT\n"); } void time_sqr(void) { fprintf(stderr, "NO SQR\n"); } #endif - + void time_prng(void) { ulong64 t1, t2; @@ -773,7 +773,7 @@ void time_dsa(void) static const struct { int group, modulus; } groups[] = { -{ 20, 96 }, +{ 20, 96 }, { 20, 128 }, { 24, 192 }, { 28, 256 }, @@ -807,7 +807,7 @@ static const struct { #endif -#ifdef LTC_MRSA +#ifdef LTC_MRSA /* time various RSA operations */ void time_rsa(void) { @@ -867,7 +867,7 @@ void time_rsa(void) t_start(); t1 = t_read(); zzz = sizeof(buf[0]); - if ((err = rsa_decrypt_key(buf[1], z, buf[0], &zzz, (const unsigned char *)"testprog", 8, find_hash("sha1"), + if ((err = rsa_decrypt_key(buf[1], z, buf[0], &zzz, (const unsigned char *)"testprog", 8, find_hash("sha1"), &zz, &key)) != CRYPT_OK) { fprintf(stderr, "\n\nrsa_decrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); @@ -887,7 +887,7 @@ void time_rsa(void) t_start(); t1 = t_read(); z = sizeof(buf[1]); - if ((err = rsa_sign_hash(buf[0], 20, buf[1], &z, &yarrow_prng, + if ((err = rsa_sign_hash(buf[0], 20, buf[1], &z, &yarrow_prng, find_prng("yarrow"), find_hash("sha1"), 8, &key)) != CRYPT_OK) { fprintf(stderr, "\n\nrsa_sign_hash says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); @@ -931,7 +931,7 @@ void time_rsa(void) void time_rsa(void) { fprintf(stderr, "NO RSA\n"); } #endif -#ifdef MKAT +#ifdef MKAT /* time various KAT operations */ void time_katja(void) { @@ -982,7 +982,7 @@ void time_katja(void) t_start(); t1 = t_read(); zzz = sizeof(buf[0]); - if ((err = katja_decrypt_key(buf[1], z, buf[0], &zzz, "testprog", 8, find_hash("sha1"), + if ((err = katja_decrypt_key(buf[1], z, buf[0], &zzz, "testprog", 8, find_hash("sha1"), &zz, &key)) != CRYPT_OK) { fprintf(stderr, "\n\nkatja_decrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); @@ -1012,28 +1012,28 @@ void time_ecc(void) int err, stat; static unsigned long sizes[] = { #ifdef ECC112 -112/8, +112/8, #endif #ifdef ECC128 -128/8, +128/8, #endif #ifdef ECC160 -160/8, +160/8, #endif #ifdef ECC192 -192/8, +192/8, #endif #ifdef ECC224 224/8, #endif #ifdef ECC256 -256/8, +256/8, #endif #ifdef ECC384 -384/8, +384/8, #endif #ifdef ECC521 -521/8, +521/8, #endif 100000}; @@ -1105,7 +1105,7 @@ void time_ecc(void) t_start(); t1 = t_read(); z = sizeof(buf[1]); - if ((err = ecc_sign_hash(buf[0], 20, buf[1], &z, &yarrow_prng, + if ((err = ecc_sign_hash(buf[0], 20, buf[1], &z, &yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) { fprintf(stderr, "\n\necc_sign_hash says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK)); exit(EXIT_FAILURE); @@ -1167,7 +1167,7 @@ void time_macs_(unsigned long MAC_SIZE) cipher_idx = find_cipher("aes"); hash_idx = find_hash("sha1"); - + if (cipher_idx == -1 || hash_idx == -1) { fprintf(stderr, "Warning the MAC tests requires AES and LTC_SHA1 to operate... so sorry\n"); return; @@ -1350,7 +1350,7 @@ void time_encmacs_(unsigned long MAC_SIZE) if (t1 < t2) t2 = t1; } fprintf(stderr, "CCM (no-precomp) \t%9llu\n", t2/(ulong64)(MAC_SIZE*1024)); - + cipher_descriptor[cipher_idx].setup(key, 16, 0, &skey); t2 = -1; for (x = 0; x < 10000; x++) { @@ -1365,7 +1365,7 @@ void time_encmacs_(unsigned long MAC_SIZE) if (t1 < t2) t2 = t1; } fprintf(stderr, "CCM (precomp) \t\t%9llu\n", t2/(ulong64)(MAC_SIZE*1024)); - cipher_descriptor[cipher_idx].done(&skey); + cipher_descriptor[cipher_idx].done(&skey); #endif #ifdef LTC_GCM_MODE @@ -1412,7 +1412,7 @@ __attribute__ ((aligned (16))) fprintf(stderr, "\nGCM error[%d]... %s\n", __LINE__, error_to_string(err)); exit(EXIT_FAILURE); } - + if ((err = gcm_done(&gcm, tag, &z)) != CRYPT_OK) { fprintf(stderr, "\nGCM error[%d]... %s\n", __LINE__, error_to_string(err)); exit(EXIT_FAILURE); @@ -1425,7 +1425,7 @@ __attribute__ ((aligned (16))) #endif -} +} void time_encmacs(void) { diff --git a/src/agentfwd.h b/src/agentfwd.h index d913aea3f..9b0763e5f 100644 --- a/src/agentfwd.h +++ b/src/agentfwd.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -42,7 +42,7 @@ /* client functions */ void cli_load_agent_keys(m_list * ret_list); -void agent_buf_sign(buffer *sigblob, sign_key *key, +void agent_buf_sign(buffer *sigblob, sign_key *key, const buffer *data_buf, enum signature_type type); void cli_setup_agent(const struct Channel *channel); diff --git a/src/algo.h b/src/algo.h index 3572844c8..5d7d7879a 100644 --- a/src/algo.h +++ b/src/algo.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -65,12 +65,12 @@ struct dropbear_cipher { }; struct dropbear_cipher_mode { - int (*start)(int cipher, const unsigned char *IV, - const unsigned char *key, + int (*start)(int cipher, const unsigned char *IV, + const unsigned char *key, int keylen, int num_rounds, void *cipher_state); - int (*encrypt)(const unsigned char *pt, unsigned char *ct, + int (*encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long len, void *cipher_state); - int (*decrypt)(const unsigned char *ct, unsigned char *pt, + int (*decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long len, void *cipher_state); int (*aead_crypt)(unsigned int seq, const unsigned char *in, unsigned char *out, @@ -142,7 +142,7 @@ algo_type * buf_match_algo(buffer* buf, algo_type localalgos[], int kexguess2, int *goodguess); #if DROPBEAR_USER_ALGO_LIST -int check_user_algos(const char* user_algo_list, algo_type * algos, +int check_user_algos(const char* user_algo_list, algo_type * algos, const char *algo_desc); char * algolist_string(const algo_type algos[]); #endif diff --git a/src/atomicio.c b/src/atomicio.c index 2aacf5106..f9a5416b2 100644 --- a/src/atomicio.c +++ b/src/atomicio.c @@ -1,7 +1,7 @@ /* $OpenBSD: atomicio.c,v 1.17 2006/04/01 05:51:34 djm Exp $ */ /* * Copied from OpenSSH/OpenBSD. - * + * * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. * All rights reserved. diff --git a/src/auth.h b/src/auth.h index 0e854fbb8..7b5da658c 100644 --- a/src/auth.h +++ b/src/auth.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -107,19 +107,19 @@ void cli_auth_pubkey_cleanup(void); struct AuthState { char *username; /* This is the username the client presents to check. It is updated each run through, used for auth checking */ - unsigned char authtypes; /* Flags indicating which auth types are still + unsigned char authtypes; /* Flags indicating which auth types are still valid */ unsigned int failcount; /* Number of (failed) authentication attempts.*/ unsigned int authdone; /* 0 if we haven't authed, 1 if we have. Applies for - client and server (though has differing + client and server (though has differing meanings). */ - unsigned int perm_warn; /* Server only, set if bad permissions on + unsigned int perm_warn; /* Server only, set if bad permissions on ~/.ssh/authorized_keys have already been logged. */ unsigned int checkusername_failed; /* Server only, set if checkusername has already failed */ - struct timespec auth_starttime; /* Server only, time of receiving current + struct timespec auth_starttime; /* Server only, time of receiving current SSH_MSG_USERAUTH_REQUEST */ /* These are only used for the server */ diff --git a/src/bignum.c b/src/bignum.c index c2b39b1b5..90f9f2b45 100644 --- a/src/bignum.c +++ b/src/bignum.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -37,7 +37,7 @@ void m_mp_init(mp_int *mp) { /* simplified duplication of bn_mp_multi's mp_init_multi, but die fatally * on error */ -void m_mp_init_multi(mp_int *mp, ...) +void m_mp_init_multi(mp_int *mp, ...) { mp_int* cur_arg = mp; va_list args; @@ -52,7 +52,7 @@ void m_mp_init_multi(mp_int *mp, ...) va_end(args); } -void m_mp_alloc_init_multi(mp_int **mp, ...) +void m_mp_alloc_init_multi(mp_int **mp, ...) { mp_int** cur_arg = mp; va_list args; @@ -68,7 +68,7 @@ void m_mp_alloc_init_multi(mp_int **mp, ...) va_end(args); } -void m_mp_free_multi(mp_int **mp, ...) +void m_mp_free_multi(mp_int **mp, ...) { mp_int** cur_arg = mp; va_list args; @@ -92,11 +92,11 @@ void bytes_to_mp(mp_int *mp, const unsigned char* bytes, unsigned int len) { } /* hash the ssh representation of the mp_int mp */ -void hash_process_mp(const struct ltc_hash_descriptor *hash_desc, +void hash_process_mp(const struct ltc_hash_descriptor *hash_desc, hash_state *hs, const mp_int *mp) { buffer * buf; - buf = buf_new(512 + 20); /* max buffer is a 4096 bit key, + buf = buf_new(512 + 20); /* max buffer is a 4096 bit key, plus header + some leeway*/ buf_putmpint(buf, mp); hash_desc->process(hs, buf->data, buf->len); diff --git a/src/bignum.h b/src/bignum.h index 861acb0ca..b42d5ef91 100644 --- a/src/bignum.h +++ b/src/bignum.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -32,7 +32,7 @@ void m_mp_init_multi(mp_int *mp, ...) ATTRIB_SENTINEL; void m_mp_alloc_init_multi(mp_int **mp, ...) ATTRIB_SENTINEL; void m_mp_free_multi(mp_int **mp, ...) ATTRIB_SENTINEL; void bytes_to_mp(mp_int *mp, const unsigned char* bytes, unsigned int len); -void hash_process_mp(const struct ltc_hash_descriptor *hash_desc, +void hash_process_mp(const struct ltc_hash_descriptor *hash_desc, hash_state *hs, const mp_int *mp); #endif /* DROPBEAR_BIGNUM_H_ */ diff --git a/src/buffer.c b/src/buffer.c index 0222ffb84..b91e5912a 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -129,7 +129,7 @@ void buf_incrwritepos(buffer* buf, unsigned int incr) { /* increment the position by incr */ void buf_incrpos(buffer* buf, unsigned int incr) { - if (incr > BUF_MAX_INCR + if (incr > BUF_MAX_INCR || (buf->pos + incr) > buf->len) { dropbear_exit("Bad buf_incrpos"); } diff --git a/src/buffer.h b/src/buffer.h index 1b16d684c..4dd081733 100644 --- a/src/buffer.h +++ b/src/buffer.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/chachapoly.c b/src/chachapoly.c index c065fac4b..7280051fa 100644 --- a/src/chachapoly.c +++ b/src/chachapoly.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2020 by Vladislav Grishenko * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/chachapoly.h b/src/chachapoly.h index 5a7c5b26b..442dd2a61 100644 --- a/src/chachapoly.h +++ b/src/chachapoly.h @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2020 by Vladislav Grishenko * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/channel.h b/src/channel.h index fdb677745..e79def505 100644 --- a/src/channel.h +++ b/src/channel.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -124,7 +124,7 @@ void recv_msg_channel_window_adjust(void); void recv_msg_channel_close(void); void recv_msg_channel_eof(void); -void common_recv_msg_channel_data(struct Channel *channel, int fd, +void common_recv_msg_channel_data(struct Channel *channel, int fd, circbuffer * buf); #if DROPBEAR_CLIENT diff --git a/src/chansession.h b/src/chansession.h index cf4fba36e..551c82d4b 100644 --- a/src/chansession.h +++ b/src/chansession.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/circbuffer.c b/src/circbuffer.c index aabd9dc6c..451fd76f6 100644 --- a/src/circbuffer.c +++ b/src/circbuffer.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002-2004 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -87,7 +87,7 @@ unsigned int cbuf_writelen(const circbuffer *cbuf) { } void cbuf_readptrs(const circbuffer *cbuf, - unsigned char **p1, unsigned int *len1, + unsigned char **p1, unsigned int *len1, unsigned char **p2, unsigned int *len2) { *p1 = &cbuf->data[cbuf->readpos]; *len1 = MIN(cbuf->used, cbuf->size - cbuf->readpos); diff --git a/src/circbuffer.h b/src/circbuffer.h index 5aaa76233..fec6f1219 100644 --- a/src/circbuffer.h +++ b/src/circbuffer.h @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002-2004 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -44,7 +44,7 @@ unsigned int cbuf_writelen(const circbuffer *cbuf); /* max linear write len */ /* returns pointers to the two portions of the circular buffer that can be read */ void cbuf_readptrs(const circbuffer *cbuf, - unsigned char **p1, unsigned int *len1, + unsigned char **p1, unsigned int *len1, unsigned char **p2, unsigned int *len2); unsigned char* cbuf_writeptr(circbuffer *cbuf, unsigned int len); void cbuf_incrwrite(circbuffer *cbuf, unsigned int len); diff --git a/src/cli-agentfwd.c b/src/cli-agentfwd.c index 6fb5c4b70..10107e5fa 100644 --- a/src/cli-agentfwd.c +++ b/src/cli-agentfwd.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2005 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -254,7 +254,7 @@ void cli_load_agent_keys(m_list *ret_list) { agent_get_key_list(ret_list); } -void agent_buf_sign(buffer *sigblob, sign_key *key, +void agent_buf_sign(buffer *sigblob, sign_key *key, const buffer *data_buf, enum signature_type sigtype) { buffer *request_data = NULL; buffer *response = NULL; @@ -300,7 +300,7 @@ void agent_buf_sign(buffer *sigblob, sign_key *key, fail: /* XXX don't fail badly here. instead propagate a failure code back up to - the cli auth pubkey code, and just remove this key from the list of + the cli auth pubkey code, and just remove this key from the list of ones to try. */ dropbear_exit("Agent failed signing key"); diff --git a/src/cli-auth.c b/src/cli-auth.c index fc414f3ab..30f0e0679 100644 --- a/src/cli-auth.c +++ b/src/cli-auth.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -47,8 +47,8 @@ void cli_auth_getmethods() { #if DROPBEAR_CLI_IMMEDIATE_AUTH /* We can't haven't two auth requests in-flight with delayed zlib mode - since if the first one succeeds then the remote side will - expect the second one to be compressed. + since if the first one succeeds then the remote side will + expect the second one to be compressed. Race described at http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/zlib-openssh.html */ @@ -183,8 +183,8 @@ void recv_msg_userauth_failure() { } allow_pw_auth &= cli_opts.password_authentication; - /* When DROPBEAR_CLI_IMMEDIATE_AUTH is set there will be an initial response for - the "none" auth request, and then a response to the immediate auth request. + /* When DROPBEAR_CLI_IMMEDIATE_AUTH is set there will be an initial response for + the "none" auth request, and then a response to the immediate auth request. We need to be careful handling them. */ if (cli_ses.ignore_next_auth_response) { cli_ses.state = USERAUTH_REQ_SENT; @@ -193,7 +193,7 @@ void recv_msg_userauth_failure() { return; } else { #if DROPBEAR_CLI_PUBKEY_AUTH - /* If it was a pubkey auth request, we should cross that key + /* If it was a pubkey auth request, we should cross that key * off the list. */ if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) { cli_pubkeyfail(); @@ -277,7 +277,7 @@ void recv_msg_userauth_success() { if (cli_opts.disable_trivial_auth && cli_ses.is_trivial_auth) { dropbear_exit("trivial authentication not allowed"); } - /* Note: in delayed-zlib mode, setting authdone here + /* Note: in delayed-zlib mode, setting authdone here * will enable compression in the transport layer */ ses.authstate.authdone = 1; cli_ses.state = USERAUTH_SUCCESS_RCVD; diff --git a/src/cli-authinteract.c b/src/cli-authinteract.c index 6d2fad7a1..b5c8dfb78 100644 --- a/src/cli-authinteract.c +++ b/src/cli-authinteract.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2005 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/cli-authpasswd.c b/src/cli-authpasswd.c index 91790ce09..457aab2d6 100644 --- a/src/cli-authpasswd.c +++ b/src/cli-authpasswd.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -38,7 +38,7 @@ static int want_askpass() char* askpass_prog = NULL; askpass_prog = getenv("SSH_ASKPASS"); - return askpass_prog && + return askpass_prog && ((!isatty(STDIN_FILENO) && getenv("DISPLAY") ) || getenv("SSH_ASKPASS_ALWAYS")); } @@ -123,7 +123,7 @@ void cli_auth_password() { DEBUG1(("enter cli_auth_password")) CHECKCLEARTOWRITE(); - snprintf(prompt, sizeof(prompt), "%s@%s's password: ", + snprintf(prompt, sizeof(prompt), "%s@%s's password: ", cli_opts.username, cli_opts.remotehost); #if DROPBEAR_CLI_ASKPASS_HELPER if (want_askpass()) diff --git a/src/cli-authpubkey.c b/src/cli-authpubkey.c index 5d5cea19e..bf212a9b0 100644 --- a/src/cli-authpubkey.c +++ b/src/cli-authpubkey.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -137,7 +137,7 @@ static void cli_buf_put_sign(buffer* buf, sign_key *key, enum signature_type sig agent_buf_sign(sigblob, key, data_buf, sigtype); buf_putbufstring(buf, sigblob); buf_free(sigblob); - } else + } else #endif /* DROPBEAR_CLI_AGENTFWD */ { buf_put_sign(buf, key, sigtype, data_buf); @@ -208,7 +208,7 @@ int cli_auth_pubkey() { #if DROPBEAR_RSA if (key->type == DROPBEAR_SIGNKEY_RSA) { #if DROPBEAR_RSA_SHA256 - if (buf_has_algo(cli_ses.server_sig_algs, SSH_SIGNATURE_RSA_SHA256) + if (buf_has_algo(cli_ses.server_sig_algs, SSH_SIGNATURE_RSA_SHA256) == DROPBEAR_SUCCESS) { sigtype = DROPBEAR_SIGNATURE_RSA_SHA256; TRACE(("server-sig-algs allows rsa sha256")) @@ -240,10 +240,10 @@ int cli_auth_pubkey() { /* No match, skip this key */ TRACE(("server-sig-algs no match keytype %d, skipping", key->type)) key = list_remove(cli_opts.privkeys->first); - sign_key_free(key); + sign_key_free(key); continue; } else { - /* Server didn't provide a server-sig-algs list, we'll + /* Server didn't provide a server-sig-algs list, we'll assume all except rsa-sha256 are OK. */ #if DROPBEAR_RSA if (key->type == DROPBEAR_SIGNKEY_RSA) { @@ -255,7 +255,7 @@ int cli_auth_pubkey() { /* only support rsa-sha256, skip this key */ TRACE(("no server-sig-algs, skipping rsa sha256")) key = list_remove(cli_opts.privkeys->first); - sign_key_free(key); + sign_key_free(key); continue; #endif } /* key->type == DROPBEAR_SIGNKEY_RSA */ diff --git a/src/cli-channel.c b/src/cli-channel.c index b88e9139d..62e2eae99 100644 --- a/src/cli-channel.c +++ b/src/cli-channel.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002-2004 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/cli-chansession.c b/src/cli-chansession.c index 55fe6d13f..e80cbe3d6 100644 --- a/src/cli-chansession.c +++ b/src/cli-chansession.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -144,7 +144,7 @@ void cli_tty_cleanup() { if (tcsetattr(STDIN_FILENO, TCSADRAIN, &cli_ses.saved_tio) == -1) { dropbear_log(LOG_WARNING, "Failed restoring TTY"); } else { - cli_ses.tty_raw_mode = 0; + cli_ses.tty_raw_mode = 0; } TRACE(("leave cli_tty_cleanup")) @@ -395,7 +395,7 @@ void cli_send_netcat_request() { TRACE(("enter cli_send_netcat_request")) cli_opts.wantpty = 0; - if (send_msg_channel_open_init(STDIN_FILENO, &cli_chan_netcat) + if (send_msg_channel_open_init(STDIN_FILENO, &cli_chan_netcat) == DROPBEAR_FAILURE) { dropbear_exit("Couldn't open initial channel"); } @@ -417,7 +417,7 @@ void cli_send_chansess_request() { TRACE(("enter cli_send_chansess_request")) - if (send_msg_channel_open_init(STDIN_FILENO, &clichansess) + if (send_msg_channel_open_init(STDIN_FILENO, &clichansess) == DROPBEAR_FAILURE) { dropbear_exit("Couldn't open initial channel"); } @@ -458,7 +458,7 @@ void cli_escape_handler(const struct Channel* UNUSED(channel), const unsigned ch char c; int skip_char = 0; - /* only handle escape characters if they are read one at a time. simplifies + /* only handle escape characters if they are read one at a time. simplifies the code and avoids nasty people putting ~. at the start of a line to paste */ if (*len != 1) { cli_ses.last_char = 0x0; diff --git a/src/cli-kex.c b/src/cli-kex.c index 6881b360d..680dd3b84 100644 --- a/src/cli-kex.c +++ b/src/cli-kex.c @@ -1,20 +1,20 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002-2004 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -197,7 +197,7 @@ void recv_msg_kexdh_reply() { /* Clear the local parameter */ cli_kex_free_param(); - if (buf_verify(ses.payload, hostkey, ses.newkeys->algo_signature, + if (buf_verify(ses.payload, hostkey, ses.newkeys->algo_signature, ses.hash) != DROPBEAR_SUCCESS) { dropbear_exit("Bad hostkey signature"); } @@ -237,7 +237,7 @@ static void ask_to_confirm(const unsigned char* keyblob, unsigned int keybloblen } fprintf(stderr, "\nHost '%s' is not in the trusted hosts file.\n(%s fingerprint %s)\n", - cli_opts.remotehost, + cli_opts.remotehost, algoname, fp); m_free(fp); @@ -405,7 +405,7 @@ static void checkhostkey(const unsigned char* keyblob, unsigned int keybloblen) dropbear_exit("\n\n%s host key mismatch for %s !\n" "Fingerprint is %s\n" "Expected %s\n" - "If you know that the host key is correct you can\nremove the bad entry from ~/.ssh/known_hosts", + "If you know that the host key is correct you can\nremove the bad entry from ~/.ssh/known_hosts", algoname, cli_opts.remotehost, sign_key_fingerprint(keyblob, keybloblen), diff --git a/src/cli-main.c b/src/cli-main.c index 0a052a351..31629742e 100644 --- a/src/cli-main.c +++ b/src/cli-main.c @@ -1,21 +1,21 @@ /* * Dropbear - a SSH2 server * SSH client implementation - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/cli-session.c b/src/cli-session.c index 6cbbf5bfb..0c5ef65b8 100644 --- a/src/cli-session.c +++ b/src/cli-session.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -289,7 +289,7 @@ static void cli_sessionloop() { } dup2(devnull, STDIN_FILENO); if (daemon(0, 1) < 0) { - dropbear_exit("Backgrounding failed: %d %s", + dropbear_exit("Backgrounding failed: %d %s", errno, strerror(errno)); } } @@ -297,7 +297,7 @@ static void cli_sessionloop() { #if DROPBEAR_CLI_NETCAT if (cli_opts.netcat_host) { cli_send_netcat_request(); - } else + } else #endif if (!cli_opts.no_cmd) { cli_send_chansess_request(); @@ -395,7 +395,7 @@ static void cli_remoteclosed() { } /* Operates in-place turning dirty (untrusted potentially containing control - * characters) text into clean text. + * characters) text into clean text. * Note: this is safe only with ascii - other charsets could have problems. */ void cleantext(char* dirtytext) { @@ -444,9 +444,9 @@ void cli_dropbear_exit(int exitcode, const char* format, va_list param) { if (!ses.init_done) { snprintf(fullmsg, sizeof(fullmsg), "Exited: %s", exitmsg); } else { - snprintf(fullmsg, sizeof(fullmsg), - "Connection to %s@%s:%s exited: %s", - cli_opts.username, cli_opts.remotehost, + snprintf(fullmsg, sizeof(fullmsg), + "Connection to %s@%s:%s exited: %s", + cli_opts.username, cli_opts.remotehost, cli_opts.remoteport, exitmsg); } diff --git a/src/cli-tcpfwd.c b/src/cli-tcpfwd.c index 1b9561506..1205d602e 100644 --- a/src/cli-tcpfwd.c +++ b/src/cli-tcpfwd.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -45,8 +45,8 @@ const struct ChanType cli_chan_tcpremote = { #endif #if DROPBEAR_CLI_LOCALTCPFWD -static int cli_localtcp(const char* listenaddr, - unsigned int listenport, +static int cli_localtcp(const char* listenaddr, + unsigned int listenport, const char* remoteaddr, unsigned int remoteport); static const struct ChanType cli_chan_tcplocal = { @@ -102,8 +102,8 @@ void setup_localtcp() { } -static int cli_localtcp(const char* listenaddr, - unsigned int listenport, +static int cli_localtcp(const char* listenaddr, + unsigned int listenport, const char* remoteaddr, unsigned int remoteport) { @@ -182,7 +182,7 @@ void cli_recv_msg_request_success() { int allocport = buf_getint(ses.payload); if (allocport > 0) { fwd->listenport = allocport; - dropbear_log(LOG_INFO, "Allocated port %d for remote forward to %s:%d", + dropbear_log(LOG_INFO, "Allocated port %d for remote forward to %s:%d", allocport, fwd->connectaddr, fwd->connectport); } } @@ -252,7 +252,7 @@ static int newtcpforwarded(struct Channel * channel) { if (!iter) { - /* ... otherwise try to generically match the only forwarded port + /* ... otherwise try to generically match the only forwarded port without address (also handles ::1 vs 127.0.0.1 vs localhost case). rfc4254 is vague about the definition of "address that was connected" */ for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { @@ -267,7 +267,7 @@ static int newtcpforwarded(struct Channel * channel) { if (iter == NULL || fwd == NULL) { /* We didn't request forwarding on that port */ cleantext(origaddr); - dropbear_log(LOG_INFO, "Server sent unrequested forward from \"%s:%d\"", + dropbear_log(LOG_INFO, "Server sent unrequested forward from \"%s:%d\"", origaddr, origport); goto out; } diff --git a/src/common-algo.c b/src/common-algo.c index c68eafb88..af75406b1 100644 --- a/src/common-algo.c +++ b/src/common-algo.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -47,8 +47,8 @@ static int void_cipher(const unsigned char* in, unsigned char* out, return CRYPT_OK; } -static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV), - const unsigned char* UNUSED(key), +static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV), + const unsigned char* UNUSED(key), int UNUSED(keylen), int UNUSED(num_rounds), void* UNUSED(cipher_state)) { return CRYPT_OK; } @@ -59,21 +59,21 @@ static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV), /* Remember to add new ciphers/hashes to regciphers/reghashes too */ #if DROPBEAR_AES256 -static const struct dropbear_cipher dropbear_aes256 = +static const struct dropbear_cipher dropbear_aes256 = {&aes_desc, 32, 16}; #endif #if DROPBEAR_AES128 -static const struct dropbear_cipher dropbear_aes128 = +static const struct dropbear_cipher dropbear_aes128 = {&aes_desc, 16, 16}; #endif #if DROPBEAR_3DES -static const struct dropbear_cipher dropbear_3des = +static const struct dropbear_cipher dropbear_3des = {&des3_desc, 24, 8}; #endif /* used to indicate no encryption, as defined in rfc2410 */ const struct dropbear_cipher dropbear_nocipher = - {NULL, 16, 8}; + {NULL, 16, 8}; /* A few void* s are required to silence warnings * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */ @@ -87,9 +87,9 @@ const struct dropbear_cipher_mode dropbear_mode_none = #if DROPBEAR_ENABLE_CTR_MODE /* a wrapper to make ctr_start and cbc_start look the same */ -static int dropbear_big_endian_ctr_start(int cipher, - const unsigned char *IV, - const unsigned char *key, int keylen, +static int dropbear_big_endian_ctr_start(int cipher, + const unsigned char *IV, + const unsigned char *key, int keylen, int num_rounds, symmetric_CTR *ctr) { return ctr_start(cipher, IV, key, keylen, num_rounds, CTR_COUNTER_BIG_ENDIAN, ctr); } @@ -101,15 +101,15 @@ const struct dropbear_cipher_mode dropbear_mode_ctr = {&hash_desc, keysize, hashsize} */ #if DROPBEAR_SHA1_HMAC -static const struct dropbear_hash dropbear_sha1 = +static const struct dropbear_hash dropbear_sha1 = {&sha1_desc, 20, 20}; #endif #if DROPBEAR_SHA1_96_HMAC -static const struct dropbear_hash dropbear_sha1_96 = +static const struct dropbear_hash dropbear_sha1_96 = {&sha1_desc, 20, 12}; #endif #if DROPBEAR_SHA2_256_HMAC -static const struct dropbear_hash dropbear_sha2_256 = +static const struct dropbear_hash dropbear_sha2_256 = {&sha256_desc, 32, 32}; #endif #if DROPBEAR_SHA2_512_HMAC @@ -365,7 +365,7 @@ void buf_put_algolist_all(buffer * buf, const algo_type localalgos[], int useall startpos = buf->pos; /* Placeholder for length */ - buf_putint(buf, 0); + buf_putint(buf, 0); for (i = 0; localalgos[i].name != NULL; i++) { if (localalgos[i].usable || useall) { if (donefirst) { @@ -580,7 +580,7 @@ check_algo(const char* algo_name, algo_type *algos) * options. Any that are not acceptable are removed in-place. Returns the * number of valid algorithms. */ int -check_user_algos(const char* user_algo_list, algo_type * algos, +check_user_algos(const char* user_algo_list, algo_type * algos, const char *algo_desc) { algo_type new_algos[MAX_PROPOSED_ALGO+1]; diff --git a/src/common-channel.c b/src/common-channel.c index 9926972f3..6f14fa53c 100644 --- a/src/common-channel.c +++ b/src/common-channel.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002-2004 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -39,7 +39,7 @@ static void send_msg_channel_open_failure(unsigned int remotechan, int reason, const char *text, const char *lang); static void send_msg_channel_open_confirmation(const struct Channel* channel, - unsigned int recvwindow, + unsigned int recvwindow, unsigned int recvmaxpacket); static int writechannel(struct Channel* channel, int fd, circbuffer *cbuf, const unsigned char *moredata, unsigned int *morelen); @@ -103,8 +103,8 @@ void chancleanup() { /* If remotechan, transwindow and transmaxpacket are not know (for a new * outgoing connection, with them to be filled on confirmation), they should * all be set to 0 */ -static struct Channel* newchannel(unsigned int remotechan, - const struct ChanType *type, +static struct Channel* newchannel(unsigned int remotechan, + const struct ChanType *type, unsigned int transwindow, unsigned int transmaxpacket) { struct Channel * newchan; @@ -221,7 +221,7 @@ void channelio(const fd_set *readfds, const fd_set *writefds) { } /* read stderr data and send it over the wire */ - if (ERRFD_IS_READ(channel) && channel->errfd >= 0 + if (ERRFD_IS_READ(channel) && channel->errfd >= 0 && FD_ISSET(channel->errfd, readfds)) { TRACE(("send normal errfd")) send_msg_channel_data(channel, 1); @@ -264,7 +264,7 @@ static unsigned int write_pending(const struct Channel * channel) { if (channel->writefd >= 0 && cbuf_getused(channel->writebuf) > 0) { return 1; - } else if (channel->errfd >= 0 && channel->extrabuf && + } else if (channel->errfd >= 0 && channel->extrabuf && cbuf_getused(channel->extrabuf) > 0) { return 1; } @@ -324,7 +324,7 @@ static void check_close(struct Channel *channel) { /* If we're not going to send any more data, send EOF */ if (!channel->sent_eof - && channel->readfd == FD_CLOSED + && channel->readfd == FD_CLOSED && (ERRFD_IS_WRITE(channel) || channel->errfd == FD_CLOSED)) { send_msg_channel_eof(channel); } @@ -506,7 +506,7 @@ static int writechannel_writev(struct Channel* channel, int fd, circbuffer *cbuf } #endif /* HAVE_WRITEV */ -/* Called to write data out to the local side of the channel. +/* Called to write data out to the local side of the channel. Writes the circular buffer contents and also the "moredata" buffer if not null. Will ignore EAGAIN. Returns DROPBEAR_FAILURE if writing to fd had an error and the channel is being closed, DROPBEAR_SUCCESS otherwise */ @@ -551,10 +551,10 @@ void setchannelfds(fd_set *readfds, fd_set *writefds, int allow_reads) { continue; } - /* Stuff to put over the wire. - Avoid queueing data to send if we're in the middle of a - key re-exchange (!dataallowed), but still read from the - FD if there's the possibility of "~."" to kill an + /* Stuff to put over the wire. + Avoid queueing data to send if we're in the middle of a + key re-exchange (!dataallowed), but still read from the + FD if there's the possibility of "~."" to kill an interactive session (the read_mangler) */ if (channel->transwindow > 0 && ((ses.dataallowed && allow_reads) || channel->read_mangler)) { @@ -573,7 +573,7 @@ void setchannelfds(fd_set *readfds, fd_set *writefds, int allow_reads) { FD_SET(channel->writefd, writefds); } - if (ERRFD_IS_WRITE(channel) && channel->errfd >= 0 + if (ERRFD_IS_WRITE(channel) && channel->errfd >= 0 && cbuf_getused(channel->extrabuf) > 0) { FD_SET(channel->errfd, writefds); } @@ -714,9 +714,9 @@ static void send_msg_channel_data(struct Channel *channel, int isextended) { dropbear_assert(fd >= 0); maxlen = MIN(channel->transwindow, channel->transmaxpacket); - /* -(1+4+4) is SSH_MSG_CHANNEL_DATA, channel number, string length, and + /* -(1+4+4) is SSH_MSG_CHANNEL_DATA, channel number, string length, and * exttype if is extended */ - maxlen = MIN(maxlen, + maxlen = MIN(maxlen, ses.writepayload->size - 1 - 4 - 4 - (isextended ? 4 : 0)); TRACE(("maxlen %zd", maxlen)) if (maxlen == 0) { @@ -724,7 +724,7 @@ static void send_msg_channel_data(struct Channel *channel, int isextended) { return; } - buf_putbyte(ses.writepayload, + buf_putbyte(ses.writepayload, isextended ? SSH_MSG_CHANNEL_EXTENDED_DATA : SSH_MSG_CHANNEL_DATA); buf_putint(ses.writepayload, channel->remotechan); if (isextended) { @@ -746,7 +746,7 @@ static void send_msg_channel_data(struct Channel *channel, int isextended) { } buf_setpos(ses.writepayload, 0); buf_setlen(ses.writepayload, 0); - TRACE(("leave send_msg_channel_data: len %d read err %d or EOF for fd %d", + TRACE(("leave send_msg_channel_data: len %d read err %d or EOF for fd %d", len, errno, fd)) return; } @@ -784,7 +784,7 @@ void recv_msg_channel_data() { /* Shared for data and stderr data - when we receive data, put it in a buffer * for writing to the local file descriptor */ -void common_recv_msg_channel_data(struct Channel *channel, int fd, +void common_recv_msg_channel_data(struct Channel *channel, int fd, circbuffer * cbuf) { unsigned int datalen; @@ -841,7 +841,7 @@ void common_recv_msg_channel_data(struct Channel *channel, int fd, buflen = cbuf_writelen(cbuf); buflen = MIN(buflen, len); - memcpy(cbuf_writeptr(cbuf, buflen), + memcpy(cbuf_writeptr(cbuf, buflen), buf_getptr(ses.payload, buflen), buflen); cbuf_incrwrite(cbuf, buflen); buf_incrpos(ses.payload, buflen); @@ -918,7 +918,7 @@ void recv_msg_channel_open() { /* Get the channel type. Client and server style invokation will set up a * different list for ses.chantypes at startup. We just iterate through * this list and find the matching name */ - for (cp = &ses.chantypes[0], chantype = (*cp); + for (cp = &ses.chantypes[0], chantype = (*cp); chantype != NULL; cp++, chantype = (*cp)) { if (strcmp(type, chantype->name) == 0) { @@ -1010,7 +1010,7 @@ void send_msg_channel_success(const struct Channel *channel) { /* Send a channel open failure message, with a corresponding reason * code (usually resource shortage or unknown chan type) */ -static void send_msg_channel_open_failure(unsigned int remotechan, +static void send_msg_channel_open_failure(unsigned int remotechan, int reason, const char *text, const char *lang) { TRACE(("enter send_msg_channel_open_failure")) @@ -1029,7 +1029,7 @@ static void send_msg_channel_open_failure(unsigned int remotechan, /* Confirm a channel open, and let the remote end know what number we've * allocated and the receive parameters */ static void send_msg_channel_open_confirmation(const struct Channel* channel, - unsigned int recvwindow, + unsigned int recvwindow, unsigned int recvmaxpacket) { TRACE(("enter send_msg_channel_open_confirmation")) @@ -1078,9 +1078,9 @@ static void close_chan_fd(struct Channel *channel, int fd, int how) { channel->errfd = FD_CLOSED; } - /* if we called shutdown on it and all references are gone, then we + /* if we called shutdown on it and all references are gone, then we * need to close() it to stop it lingering */ - if (channel->bidir_fd && channel->readfd == FD_CLOSED + if (channel->bidir_fd && channel->readfd == FD_CLOSED && channel->writefd == FD_CLOSED && channel->errfd == FD_CLOSED) { TRACE(("CLOSE (finally) of %d", fd)) m_close(fd); @@ -1130,7 +1130,7 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type) { return DROPBEAR_SUCCESS; } -/* Confirmation that our channel open request was +/* Confirmation that our channel open request was * successful*/ void recv_msg_channel_open_confirmation() { @@ -1150,7 +1150,7 @@ void recv_msg_channel_open_confirmation() { channel->transwindow = buf_getint(ses.payload); channel->transmaxpacket = buf_getint(ses.payload); - TRACE(("new chan remote %d local %d", + TRACE(("new chan remote %d local %d", channel->remotechan, channel->index)) /* Run the inithandler callback */ diff --git a/src/common-chansession.c b/src/common-chansession.c index b350c6ce4..bb64f1baa 100644 --- a/src/common-chansession.c +++ b/src/common-chansession.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/common-kex.c b/src/common-kex.c index b8e04eb68..0b474f0bc 100644 --- a/src/common-kex.c +++ b/src/common-kex.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002-2004 Matt Johnston * Portions Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -43,7 +43,7 @@ static void gen_new_zstream_trans(void); #endif static void read_kex_algos(void); /* helper function for gen_new_keys */ -static void hashkeys(unsigned char *out, unsigned int outlen, +static void hashkeys(unsigned char *out, unsigned int outlen, const hash_state * hs, const unsigned char X); @@ -94,7 +94,7 @@ void send_msg_kexinit() { /* reserved unit32 */ buf_putint(ses.writepayload, 0); - /* set up transmitted kex packet buffer for hashing. + /* set up transmitted kex packet buffer for hashing. * This is freed after the end of the kex */ ses.transkexinit = buf_newcopy(ses.writepayload); @@ -264,7 +264,7 @@ static void kexinitialise() { * out must have at least min(hash_size, outlen) bytes allocated. * * See Section 7.2 of rfc4253 (ssh transport) for details */ -static void hashkeys(unsigned char *out, unsigned int outlen, +static void hashkeys(unsigned char *out, unsigned int outlen, const hash_state * hs, const unsigned char X) { const struct ltc_hash_descriptor *hash_desc = ses.newkeys->algo_kex->hash_desc; @@ -277,8 +277,8 @@ static void hashkeys(unsigned char *out, unsigned int outlen, hash_desc->process(&hs2, ses.session_id->data, ses.session_id->len); hash_desc->done(&hs2, tmpout); memcpy(out, tmpout, MIN(hash_desc->hashsize, outlen)); - for (offset = hash_desc->hashsize; - offset < outlen; + for (offset = hash_desc->hashsize; + offset < outlen; offset += hash_desc->hashsize) { /* need to extend */ @@ -357,9 +357,9 @@ static void gen_new_keys() { dropbear_exit("Crypto error"); } } - if (ses.newkeys->recv.crypt_mode->start(recv_cipher, - recv_IV, recv_key, - ses.newkeys->recv.algo_crypt->keysize, 0, + if (ses.newkeys->recv.crypt_mode->start(recv_cipher, + recv_IV, recv_key, + ses.newkeys->recv.algo_crypt->keysize, 0, &ses.newkeys->recv.cipher_state) != CRYPT_OK) { dropbear_exit("Crypto error"); } @@ -373,22 +373,22 @@ static void gen_new_keys() { dropbear_exit("Crypto error"); } } - if (ses.newkeys->trans.crypt_mode->start(trans_cipher, - trans_IV, trans_key, - ses.newkeys->trans.algo_crypt->keysize, 0, + if (ses.newkeys->trans.crypt_mode->start(trans_cipher, + trans_IV, trans_key, + ses.newkeys->trans.algo_crypt->keysize, 0, &ses.newkeys->trans.cipher_state) != CRYPT_OK) { dropbear_exit("Crypto error"); } } if (ses.newkeys->trans.algo_mac->hash_desc != NULL) { - hashkeys(ses.newkeys->trans.mackey, + hashkeys(ses.newkeys->trans.mackey, ses.newkeys->trans.algo_mac->keysize, &hs, mactransletter); ses.newkeys->trans.hash_index = find_hash(ses.newkeys->trans.algo_mac->hash_desc->name); } if (ses.newkeys->recv.algo_mac->hash_desc != NULL) { - hashkeys(ses.newkeys->recv.mackey, + hashkeys(ses.newkeys->recv.mackey, ses.newkeys->recv.algo_mac->keysize, &hs, macrecvletter); ses.newkeys->recv.hash_index = find_hash(ses.newkeys->recv.algo_mac->hash_desc->name); } @@ -464,7 +464,7 @@ static void gen_new_zstream_trans() { ses.newkeys->trans.zstream->zfree = dropbear_zfree; if (deflateInit2(ses.newkeys->trans.zstream, Z_DEFAULT_COMPRESSION, - Z_DEFLATED, DROPBEAR_ZLIB_WINDOW_BITS, + Z_DEFLATED, DROPBEAR_ZLIB_WINDOW_BITS, DROPBEAR_ZLIB_MEM_LEVEL, Z_DEFAULT_STRATEGY) != Z_OK) { dropbear_exit("zlib error"); @@ -552,7 +552,7 @@ void recv_msg_kexinit() { /* I_C, the payload of the client's SSH_MSG_KEXINIT */ buf_setpos(ses.payload, ses.payload_beginning); - buf_putstring(ses.kexhashbuf, + buf_putstring(ses.kexhashbuf, (const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos), ses.payload->len-ses.payload->pos); @@ -763,20 +763,20 @@ static void read_kex_algos() { /* Handle the asymmetry */ if (IS_DROPBEAR_CLIENT) { - ses.newkeys->recv.algo_crypt = + ses.newkeys->recv.algo_crypt = (struct dropbear_cipher*)s2c_cipher_algo->data; - ses.newkeys->trans.algo_crypt = + ses.newkeys->trans.algo_crypt = (struct dropbear_cipher*)c2s_cipher_algo->data; - ses.newkeys->recv.crypt_mode = + ses.newkeys->recv.crypt_mode = (struct dropbear_cipher_mode*)s2c_cipher_algo->mode; ses.newkeys->trans.crypt_mode = (struct dropbear_cipher_mode*)c2s_cipher_algo->mode; - ses.newkeys->recv.algo_mac = + ses.newkeys->recv.algo_mac = #if DROPBEAR_AEAD_MODE s2c_hash_algo == NULL ? ses.newkeys->recv.crypt_mode->aead_mac : #endif (struct dropbear_hash*)s2c_hash_algo->data; - ses.newkeys->trans.algo_mac = + ses.newkeys->trans.algo_mac = #if DROPBEAR_AEAD_MODE c2s_hash_algo == NULL ? ses.newkeys->trans.crypt_mode->aead_mac : #endif @@ -785,20 +785,20 @@ static void read_kex_algos() { ses.newkeys->trans.algo_comp = c2s_comp_algo->val; } else { /* SERVER */ - ses.newkeys->recv.algo_crypt = + ses.newkeys->recv.algo_crypt = (struct dropbear_cipher*)c2s_cipher_algo->data; - ses.newkeys->trans.algo_crypt = + ses.newkeys->trans.algo_crypt = (struct dropbear_cipher*)s2c_cipher_algo->data; ses.newkeys->recv.crypt_mode = (struct dropbear_cipher_mode*)c2s_cipher_algo->mode; ses.newkeys->trans.crypt_mode = (struct dropbear_cipher_mode*)s2c_cipher_algo->mode; - ses.newkeys->recv.algo_mac = + ses.newkeys->recv.algo_mac = #if DROPBEAR_AEAD_MODE c2s_hash_algo == NULL ? ses.newkeys->recv.crypt_mode->aead_mac : #endif (struct dropbear_hash*)c2s_hash_algo->data; - ses.newkeys->trans.algo_mac = + ses.newkeys->trans.algo_mac = #if DROPBEAR_AEAD_MODE s2c_hash_algo == NULL ? ses.newkeys->trans.crypt_mode->aead_mac : #endif diff --git a/src/common-session.c b/src/common-session.c index d420d6ffa..4dec534b4 100644 --- a/src/common-session.c +++ b/src/common-session.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -111,7 +111,7 @@ void common_session_init(int sock_in, int sock_out) { initqueue(&ses.writequeue); ses.requirenext = SSH_MSG_KEXINIT; - ses.dataallowed = 1; /* we can send data until we actually + ses.dataallowed = 1; /* we can send data until we actually send the SSH_MSG_KEXINIT */ ses.ignorenext = 0; ses.lastpacket = 0; @@ -177,7 +177,7 @@ void session_loop(void(*loophandler)(void)) { /* We get woken up when signal handlers write to this pipe. SIGCHLD in svr-chansession is the only one currently. */ #if DROPBEAR_FUZZ - if (!fuzz.fuzzing) + if (!fuzz.fuzzing) #endif { FD_SET(ses.signal_pipe[0], &readfd); @@ -190,13 +190,13 @@ void session_loop(void(*loophandler)(void)) { set_connect_fds(&writefd); /* We delay reading from the input socket during initial setup until - after we have written out our initial KEXINIT packet (empty writequeue). + after we have written out our initial KEXINIT packet (empty writequeue). This means our initial packet can be in-flight while we're doing a blocking read for the remote ident. We also avoid reading from the socket if the writequeue is full, that avoids replies backing up */ - if (ses.sock_in != -1 - && (ses.remoteident || isempty(&ses.writequeue)) + if (ses.sock_in != -1 + && (ses.remoteident || isempty(&ses.writequeue)) && writequeue_has_space) { FD_SET(ses.sock_in, &readfd); } @@ -220,7 +220,7 @@ void session_loop(void(*loophandler)(void)) { if (val <= 0) { /* If we were interrupted or the select timed out, we still * want to iterate over channels etc for reading, to handle - * server processes exiting etc. + * server processes exiting etc. * We don't want to read/write FDs. */ DROPBEAR_FD_ZERO(&writefd); DROPBEAR_FD_ZERO(&readfd); @@ -516,9 +516,9 @@ static void send_msg_keepalive() { start_send_channel_request(chan, DROPBEAR_KEEPALIVE_STRING); } else { TRACE(("keepalive global request")) - /* Some peers will reply with SSH_MSG_REQUEST_FAILURE, + /* Some peers will reply with SSH_MSG_REQUEST_FAILURE, some will reply with SSH_MSG_UNIMPLEMENTED, some will exit. */ - buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); + buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); buf_putstring(ses.writepayload, DROPBEAR_KEEPALIVE_STRING, strlen(DROPBEAR_KEEPALIVE_STRING)); } diff --git a/src/compat.c b/src/compat.c index 4d6f78a0f..c0b6aa209 100644 --- a/src/compat.c +++ b/src/compat.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/compat.h b/src/compat.h index ad1d25b80..be24afc64 100644 --- a/src/compat.h +++ b/src/compat.h @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/curve25519.c b/src/curve25519.c index aa16434db..b213df29b 100644 --- a/src/curve25519.c +++ b/src/curve25519.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -272,7 +272,7 @@ static int crypto_hash(u8 *out,const u8 *m,u64 n) sv add(gf p[4],gf q[4]) { gf a,b,c,d,t,e,f,g,h; - + Z(a, p[1], p[0]); Z(t, q[1], q[0]); M(a, a, t); @@ -304,7 +304,7 @@ sv cswap(gf p[4],gf q[4],u8 b) sv pack(u8 *r,gf p[4]) { gf tx, ty, zi; - inv25519(zi, p[2]); + inv25519(zi, p[2]); M(tx, p[0], zi); M(ty, p[1], zi); pack25519(r, ty); diff --git a/src/curve25519.h b/src/curve25519.h index 55ef0437a..9ea85b03c 100644 --- a/src/curve25519.h +++ b/src/curve25519.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/dbhelpers.h b/src/dbhelpers.h index 551bcb488..bd1d763a5 100644 --- a/src/dbhelpers.h +++ b/src/dbhelpers.h @@ -1,13 +1,13 @@ #ifndef DROPBEAR_DBHELPERS_H_ #define DROPBEAR_DBHELPERS_H_ -/* This header defines some things that are also used by libtomcrypt/math. - We avoid including normal include.h since that can result in conflicting +/* This header defines some things that are also used by libtomcrypt/math. + We avoid including normal include.h since that can result in conflicting definitions - only include config.h */ #include "config.h" #ifdef __GNUC__ -#define ATTRIB_PRINTF(fmt,args) __attribute__((format(printf, fmt, args))) +#define ATTRIB_PRINTF(fmt,args) __attribute__((format(printf, fmt, args))) #define ATTRIB_NORETURN __attribute__((noreturn)) #define ATTRIB_SENTINEL __attribute__((sentinel)) #else diff --git a/src/dbmulti.c b/src/dbmulti.c index 919ce3d3f..460547a16 100644 --- a/src/dbmulti.c +++ b/src/dbmulti.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/dbrandom.c b/src/dbrandom.c index 4e0a48104..b5612b9fa 100644 --- a/src/dbrandom.c +++ b/src/dbrandom.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -163,7 +163,7 @@ void fuzz_seed(const unsigned char* dat, unsigned int len) { #ifdef HAVE_GETRANDOM -/* Reads entropy seed with getrandom(). +/* Reads entropy seed with getrandom(). * May block if the kernel isn't ready. * Return DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ static int process_getrandom(hash_state *hs) { @@ -248,24 +248,24 @@ void seedrandom() { if (!urandom_seeded) { #if DROPBEAR_USE_PRNGD - if (process_file(&hs, DROPBEAR_PRNGD_SOCKET, INIT_SEED_SIZE, 1) + if (process_file(&hs, DROPBEAR_PRNGD_SOCKET, INIT_SEED_SIZE, 1) != DROPBEAR_SUCCESS) { - dropbear_exit("Failure reading random device %s", + dropbear_exit("Failure reading random device %s", DROPBEAR_PRNGD_SOCKET); urandom_seeded = 1; } #else /* non-blocking random source (probably /dev/urandom) */ - if (process_file(&hs, DROPBEAR_URANDOM_DEV, INIT_SEED_SIZE, 0) + if (process_file(&hs, DROPBEAR_URANDOM_DEV, INIT_SEED_SIZE, 0) != DROPBEAR_SUCCESS) { - dropbear_exit("Failure reading random device %s", + dropbear_exit("Failure reading random device %s", DROPBEAR_URANDOM_DEV); urandom_seeded = 1; } #endif } /* urandom_seeded */ - /* A few other sources to fall back on. + /* A few other sources to fall back on. * Add more here for other platforms */ #ifdef __linux__ /* Might help on systems with wireless */ @@ -287,7 +287,7 @@ void seedrandom() { pid = getpid(); sha256_process(&hs, (void*)&pid, sizeof(pid)); - /* gettimeofday() doesn't completely fill out struct timeval on + /* gettimeofday() doesn't completely fill out struct timeval on OS X (10.8.3), avoid valgrind warnings by clearing it first */ memset(&tv, 0x0, sizeof(tv)); gettimeofday(&tv, NULL); @@ -339,10 +339,10 @@ void genrandom(unsigned char* buf, unsigned int len) { m_burn(hash, sizeof(hash)); } -/* Generates a random mp_int. +/* Generates a random mp_int. * max is a *mp_int specifying an upper bound. * rand must be an initialised *mp_int for the result. - * the result rand satisfies: 0 < rand < max + * the result rand satisfies: 0 < rand < max * */ void gen_random_mpint(const mp_int *max, mp_int *rand) { diff --git a/src/dbrandom.h b/src/dbrandom.h index 1db2c2fad..601c0e1d0 100644 --- a/src/dbrandom.h +++ b/src/dbrandom.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/dbutil.c b/src/dbutil.c index a70025ea4..c19635e44 100644 --- a/src/dbutil.c +++ b/src/dbutil.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -69,9 +69,9 @@ #define MAX_FMT 100 -static void generic_dropbear_exit(int exitcode, const char* format, +static void generic_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN; -static void generic_dropbear_log(int priority, const char* format, +static void generic_dropbear_log(int priority, const char* format, va_list param); void (*_dropbear_exit)(int exitcode, const char* format, va_list param) ATTRIB_NORETURN @@ -111,7 +111,7 @@ void dropbear_exit(const char* format, ...) { va_end(param); } -static void generic_dropbear_exit(int exitcode, const char* format, +static void generic_dropbear_exit(int exitcode, const char* format, va_list param) { char fmtbuf[300]; @@ -133,7 +133,7 @@ void fail_assert(const char* expr, const char* file, int line) { dropbear_exit("Failed assertion (%s:%d): `%s'", file, line, expr); } -static void generic_dropbear_log(int UNUSED(priority), const char* format, +static void generic_dropbear_log(int UNUSED(priority), const char* format, va_list param) { char printbuf[1024]; @@ -155,7 +155,7 @@ void dropbear_log(int priority, const char* format, ...) { } -#if DEBUG_TRACE +#if DEBUG_TRACE static double debug_start_time = -1; @@ -707,7 +707,7 @@ void gettime_wrapper(struct timespec *now) { static int linux_monotonic_failed = 0; if (!linux_monotonic_failed) { /* CLOCK_MONOTONIC isn't in some headers */ - int clock_source_monotonic = 1; + int clock_source_monotonic = 1; if (syscall(SYS_clock_gettime, clock_source_monotonic, now) == 0) { return; } else { diff --git a/src/dbutil.h b/src/dbutil.h index bfbed7306..fb42ab138 100644 --- a/src/dbutil.h +++ b/src/dbutil.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/debug.h b/src/debug.h index ab32fbd6e..62ad1c2f7 100644 --- a/src/debug.h +++ b/src/debug.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -56,7 +56,7 @@ extern int debug_trace; #endif /* Enable debug trace levels. - We can't use __VA_ARGS_ here because Dropbear supports + We can't use __VA_ARGS_ here because Dropbear supports old ~C89 compilers */ /* Default is to discard output ... */ #define DEBUG1(X) diff --git a/src/dh_groups.c b/src/dh_groups.c index 920f3f634..f245d8c06 100644 --- a/src/dh_groups.c +++ b/src/dh_groups.c @@ -22,8 +22,8 @@ const unsigned char dh_p_1[DH_P_1_LEN] = { #if DROPBEAR_DH_GROUP14 /* diffie-hellman-group14-sha1 value for p */ const unsigned char dh_p_14[DH_P_14_LEN] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, + 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, diff --git a/src/dropbearconvert.c b/src/dropbearconvert.c index 950608bf3..9e4121ccc 100644 --- a/src/dropbearconvert.c +++ b/src/dropbearconvert.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -28,8 +28,8 @@ #include "buffer.h" #include "dbutil.h" #include "keyimport.h" -#include "crypto_desc.h" -#include "dbrandom.h" +#include "crypto_desc.h" +#include "dbrandom.h" static int do_convert(int intype, const char* infile, int outtype, @@ -56,7 +56,7 @@ static void printhelp(char * progname) { #if defined(DBMULTI_dropbearconvert) || !DROPBEAR_MULTI #if defined(DBMULTI_dropbearconvert) && DROPBEAR_MULTI int dropbearconvert_main(int argc, char ** argv) { -#else +#else int main(int argc, char ** argv) { #endif diff --git a/src/dropbearkey.c b/src/dropbearkey.c index 99e631fbe..4cfbee1b8 100644 --- a/src/dropbearkey.c +++ b/src/dropbearkey.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -33,7 +33,7 @@ * mp_int n * mp_int d * mp_int p (newer versions only) - * mp_int q (newer versions only) + * mp_int q (newer versions only) * * DSS: * string "ssh-dss" @@ -187,7 +187,7 @@ int main(int argc, char ** argv) { for (i = 1; i < argc; i++) { if (argv[i] == NULL) { continue; /* Whack */ - } + } if (next) { *next = argv[i]; next = NULL; diff --git a/src/dss.c b/src/dss.c index 012e72ef3..589e52d7e 100644 --- a/src/dss.c +++ b/src/dss.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -37,7 +37,7 @@ * See FIPS186 or the Handbook of Applied Cryptography for details of the * algorithm */ -#if DROPBEAR_DSS +#if DROPBEAR_DSS /* Load a dss key from a buffer, initialising the values. * The key will have the same format as buf_put_dss_key. @@ -160,7 +160,7 @@ void buf_put_dss_priv_key(buffer* buf, const dropbear_dss_key *key) { } #if DROPBEAR_SIGNKEY_VERIFY -/* Verify a DSS signature (in buf) made on data by the key given. +/* Verify a DSS signature (in buf) made on data by the key given. * returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ int buf_dss_verify(buffer* buf, const dropbear_dss_key *key, const buffer *data_buf) { unsigned char msghash[SHA1_HASH_SIZE]; diff --git a/src/dss.h b/src/dss.h index 40806e510..5c1883563 100644 --- a/src/dss.h +++ b/src/dss.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -28,7 +28,7 @@ #include "includes.h" #include "buffer.h" -#if DROPBEAR_DSS +#if DROPBEAR_DSS typedef struct dropbear_DSS_Key { diff --git a/src/ecc.c b/src/ecc.c index eaca65adf..13d3cbd68 100644 --- a/src/ecc.c +++ b/src/ecc.c @@ -74,7 +74,7 @@ struct dropbear_ecc_curve* curve_for_dp(const ltc_ecc_set_type *dp) { ecc_key * new_ecc_key(void) { ecc_key *key = m_malloc(sizeof(*key)); - m_mp_alloc_init_multi((mp_int**)&key->pubkey.x, (mp_int**)&key->pubkey.y, + m_mp_alloc_init_multi((mp_int**)&key->pubkey.x, (mp_int**)&key->pubkey.y, (mp_int**)&key->pubkey.z, (mp_int**)&key->k, NULL); return key; } @@ -236,10 +236,10 @@ mp_int * dropbear_ecc_shared_secret(ecc_key *public_key, const ecc_key *private_ prime = m_malloc(sizeof(*prime)); m_mp_init(prime); - if (mp_read_radix(prime, (char *)private_key->dp->prime, 16) != CRYPT_OK) { + if (mp_read_radix(prime, (char *)private_key->dp->prime, 16) != CRYPT_OK) { goto out; } - if (ltc_mp.ecc_ptmul(private_key->k, &public_key->pubkey, result, prime, 1) != CRYPT_OK) { + if (ltc_mp.ecc_ptmul(private_key->k, &public_key->pubkey, result, prime, 1) != CRYPT_OK) { goto out; } diff --git a/src/ecdsa.c b/src/ecdsa.c index 5ac4e7b15..cf212616b 100644 --- a/src/ecdsa.c +++ b/src/ecdsa.c @@ -173,7 +173,7 @@ void buf_put_ecdsa_sign(buffer *buf, const ecc_key *key, const buffer *data_buf) TRACE(("buf_put_ecdsa_sign")) curve = curve_for_dp(key->dp); - if (ltc_init_multi(&r, &s, &p, &e, NULL) != CRYPT_OK) { + if (ltc_init_multi(&r, &s, &p, &e, NULL) != CRYPT_OK) { goto out; } @@ -185,8 +185,8 @@ void buf_put_ecdsa_sign(buffer *buf, const ecc_key *key, const buffer *data_buf) goto out; } - if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) { - goto out; + if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) { + goto out; } for (;;) { @@ -285,14 +285,14 @@ int buf_ecdsa_verify(buffer *buf, const ecc_key *key, const buffer *data_buf) { struct dropbear_ecc_curve *curve = NULL; unsigned char hash[64]; ecc_point *mG = NULL, *mQ = NULL; - void *r = NULL, *s = NULL, *v = NULL, *w = NULL, *u1 = NULL, *u2 = NULL, + void *r = NULL, *s = NULL, *v = NULL, *w = NULL, *u1 = NULL, *u2 = NULL, *e = NULL, *p = NULL, *m = NULL; void *mp = NULL; - /* verify + /* verify * * w = s^-1 mod n - * u1 = xw + * u1 = xw * u2 = rw * X = u1*G + u2*Q * v = X_x1 mod n @@ -323,88 +323,88 @@ int buf_ecdsa_verify(buffer *buf, const ecc_key *key, const buffer *data_buf) { } /* get the order */ - if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) { - goto out; + if (ltc_mp.read_radix(p, (char *)key->dp->order, 16) != CRYPT_OK) { + goto out; } /* get the modulus */ - if (ltc_mp.read_radix(m, (char *)key->dp->prime, 16) != CRYPT_OK) { - goto out; + if (ltc_mp.read_radix(m, (char *)key->dp->prime, 16) != CRYPT_OK) { + goto out; } /* check for zero */ - if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ - || ltc_mp.compare_d(s, 0) == LTC_MP_EQ - || ltc_mp.compare(r, p) != LTC_MP_LT + if (ltc_mp.compare_d(r, 0) == LTC_MP_EQ + || ltc_mp.compare_d(s, 0) == LTC_MP_EQ + || ltc_mp.compare(r, p) != LTC_MP_LT || ltc_mp.compare(s, p) != LTC_MP_LT) { goto out; } /* w = s^-1 mod n */ - if (ltc_mp.invmod(s, p, w) != CRYPT_OK) { - goto out; + if (ltc_mp.invmod(s, p, w) != CRYPT_OK) { + goto out; } /* u1 = ew */ - if (ltc_mp.mulmod(e, w, p, u1) != CRYPT_OK) { - goto out; + if (ltc_mp.mulmod(e, w, p, u1) != CRYPT_OK) { + goto out; } /* u2 = rw */ - if (ltc_mp.mulmod(r, w, p, u2) != CRYPT_OK) { - goto out; + if (ltc_mp.mulmod(r, w, p, u2) != CRYPT_OK) { + goto out; } /* find mG and mQ */ - if (ltc_mp.read_radix(mG->x, (char *)key->dp->Gx, 16) != CRYPT_OK) { - goto out; + if (ltc_mp.read_radix(mG->x, (char *)key->dp->Gx, 16) != CRYPT_OK) { + goto out; } - if (ltc_mp.read_radix(mG->y, (char *)key->dp->Gy, 16) != CRYPT_OK) { - goto out; + if (ltc_mp.read_radix(mG->y, (char *)key->dp->Gy, 16) != CRYPT_OK) { + goto out; } - if (ltc_mp.set_int(mG->z, 1) != CRYPT_OK) { - goto out; + if (ltc_mp.set_int(mG->z, 1) != CRYPT_OK) { + goto out; } if (ltc_mp.copy(key->pubkey.x, mQ->x) != CRYPT_OK || ltc_mp.copy(key->pubkey.y, mQ->y) != CRYPT_OK - || ltc_mp.copy(key->pubkey.z, mQ->z) != CRYPT_OK) { - goto out; + || ltc_mp.copy(key->pubkey.z, mQ->z) != CRYPT_OK) { + goto out; } /* compute u1*mG + u2*mQ = mG */ if (ltc_mp.ecc_mul2add == NULL) { - if (ltc_mp.ecc_ptmul(u1, mG, mG, m, 0) != CRYPT_OK) { - goto out; + if (ltc_mp.ecc_ptmul(u1, mG, mG, m, 0) != CRYPT_OK) { + goto out; } if (ltc_mp.ecc_ptmul(u2, mQ, mQ, m, 0) != CRYPT_OK) { - goto out; + goto out; } /* find the montgomery mp */ - if (ltc_mp.montgomery_setup(m, &mp) != CRYPT_OK) { - goto out; + if (ltc_mp.montgomery_setup(m, &mp) != CRYPT_OK) { + goto out; } /* add them */ - if (ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp) != CRYPT_OK) { - goto out; + if (ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp) != CRYPT_OK) { + goto out; } /* reduce */ - if (ltc_mp.ecc_map(mG, m, mp) != CRYPT_OK) { - goto out; + if (ltc_mp.ecc_map(mG, m, mp) != CRYPT_OK) { + goto out; } } else { /* use Shamir's trick to compute u1*mG + u2*mQ using half of the doubles */ - if (ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m) != CRYPT_OK) { - goto out; + if (ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m) != CRYPT_OK) { + goto out; } } /* v = X_x1 mod n */ - if (ltc_mp.mpdiv(mG->x, p, NULL, v) != CRYPT_OK) { - goto out; + if (ltc_mp.mpdiv(mG->x, p, NULL, v) != CRYPT_OK) { + goto out; } /* does v == r */ @@ -416,7 +416,7 @@ int buf_ecdsa_verify(buffer *buf, const ecc_key *key, const buffer *data_buf) { ltc_ecc_del_point(mG); ltc_ecc_del_point(mQ); ltc_deinit_multi(r, s, v, w, u1, u2, p, e, m, NULL); - if (mp != NULL) { + if (mp != NULL) { ltc_mp.montgomery_deinit(mp); } return ret; diff --git a/src/ed25519.c b/src/ed25519.c index f200e13d4..e2666909d 100644 --- a/src/ed25519.c +++ b/src/ed25519.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/ed25519.h b/src/ed25519.h index 1da9fbdd3..a50b9aeee 100644 --- a/src/ed25519.h +++ b/src/ed25519.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -29,7 +29,7 @@ #include "buffer.h" #include "signkey.h" -#if DROPBEAR_ED25519 +#if DROPBEAR_ED25519 #define CURVE25519_LEN 32 diff --git a/src/fake-rfc2553.c b/src/fake-rfc2553.c index 395cfcc56..d8f78c570 100644 --- a/src/fake-rfc2553.c +++ b/src/fake-rfc2553.c @@ -3,7 +3,7 @@ /* * Copyright (C) 2000-2003 Damien Miller. All rights reserved. * Copyright (C) 1999 WIDE Project. All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -15,7 +15,7 @@ * 3. Neither the name of the project nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -46,7 +46,7 @@ #include #ifndef HAVE_GETNAMEINFO -int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, +int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, size_t hostlen, char *serv, size_t servlen, int flags) { struct sockaddr_in *sin = (struct sockaddr_in *)sa; @@ -69,7 +69,7 @@ int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, else return (0); } else { - hp = gethostbyaddr((char *)&sin->sin_addr, + hp = gethostbyaddr((char *)&sin->sin_addr, sizeof(struct in_addr), AF_INET); if (hp == NULL) return (EAI_NODATA); @@ -104,7 +104,7 @@ gai_strerror(int err) default: return ("unknown/invalid error."); } -} +} #endif /* !HAVE_GAI_STRERROR */ #ifndef HAVE_FREEADDRINFO @@ -154,7 +154,7 @@ addrinfo *malloc_ai(int port, u_long addr, const struct addrinfo *hints) } int -getaddrinfo(const char *hostname, const char *servname, +getaddrinfo(const char *hostname, const char *servname, const struct addrinfo *hints, struct addrinfo **res) { struct hostent *hp; @@ -185,21 +185,21 @@ getaddrinfo(const char *hostname, const char *servname, if (hostname && inet_aton(hostname, &in) != 0) addr = in.s_addr; *res = malloc_ai(port, addr, hints); - if (*res == NULL) + if (*res == NULL) return (EAI_MEMORY); return (0); } if (!hostname) { *res = malloc_ai(port, htonl(0x7f000001), hints); - if (*res == NULL) + if (*res == NULL) return (EAI_MEMORY); return (0); } if (inet_aton(hostname, &in)) { *res = malloc_ai(port, in.s_addr, hints); - if (*res == NULL) + if (*res == NULL) return (EAI_MEMORY); return (0); } diff --git a/src/fake-rfc2553.h b/src/fake-rfc2553.h index c64136c1b..025281d25 100644 --- a/src/fake-rfc2553.h +++ b/src/fake-rfc2553.h @@ -5,7 +5,7 @@ /* * Copyright (C) 2000-2003 Damien Miller. All rights reserved. * Copyright (C) 1999 WIDE Project. All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -17,7 +17,7 @@ * 3. Neither the name of the project nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ #endif /* - * First, socket and INET6 related definitions + * First, socket and INET6 related definitions */ #ifndef HAVE_STRUCT_SOCKADDR_STORAGE # define _SS_MAXSIZE 128 /* Implementation specific max size */ @@ -153,7 +153,7 @@ struct addrinfo { # undef getaddrinfo #endif #define getaddrinfo(a,b,c,d) (ssh_getaddrinfo(a,b,c,d)) -int getaddrinfo(const char *, const char *, +int getaddrinfo(const char *, const char *, const struct addrinfo *, struct addrinfo **); #endif /* !HAVE_GETADDRINFO */ @@ -169,7 +169,7 @@ void freeaddrinfo(struct addrinfo *); #ifndef HAVE_GETNAMEINFO #define getnameinfo(a,b,c,d,e,f,g) (ssh_getnameinfo(a,b,c,d,e,f,g)) -int getnameinfo(const struct sockaddr *, size_t, char *, size_t, +int getnameinfo(const struct sockaddr *, size_t, char *, size_t, char *, size_t, int); #endif /* !HAVE_GETNAMEINFO */ diff --git a/src/fuzz-wrapfd.h b/src/fuzz-wrapfd.h index d0dea8832..282b94b0f 100644 --- a/src/fuzz-wrapfd.h +++ b/src/fuzz-wrapfd.h @@ -19,7 +19,7 @@ int wrapfd_new_dummy(void); // called via #defines for read/write/select int wrapfd_read(int fd, void *out, size_t count); int wrapfd_write(int fd, const void* in, size_t count); -int wrapfd_select(int nfds, fd_set *readfds, fd_set *writefds, +int wrapfd_select(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout); int wrapfd_close(int fd); int fuzz_kill(pid_t pid, int sig); diff --git a/src/fuzz.h b/src/fuzz.h index 95cb4d82f..d4b06fa42 100644 --- a/src/fuzz.h +++ b/src/fuzz.h @@ -20,7 +20,7 @@ void fuzz_cli_setup(void); // in non-fuzzing mode. void fuzz_early_setup(void) __attribute__((constructor)); -// must be called once per fuzz iteration. +// must be called once per fuzz iteration. // returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE int fuzz_set_input(const uint8_t *Data, size_t Size); @@ -91,7 +91,7 @@ extern struct dropbear_fuzz_options fuzz; #ifndef FUZZ_NO_REPLACE_STDERR /* This is a bodge but seems to work. - glibc stdio.h has the comment + glibc stdio.h has the comment "C89/C99 say they're macros. Make them happy." */ /* OS X has it as a macro */ #ifdef stderr diff --git a/src/gcm.c b/src/gcm.c index 2ceced11b..745ca7450 100644 --- a/src/gcm.c +++ b/src/gcm.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2020 by Vladislav Grishenko * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/gcm.h b/src/gcm.h index 58c530ab9..15f35cfa6 100644 --- a/src/gcm.h +++ b/src/gcm.h @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2020 by Vladislav Grishenko * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/gendss.c b/src/gendss.c index 46d161edb..eff2b3892 100644 --- a/src/gendss.c +++ b/src/gendss.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/gendss.h b/src/gendss.h index 33858f24d..c56767ade 100644 --- a/src/gendss.h +++ b/src/gendss.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/gened25519.c b/src/gened25519.c index a02791411..7703c2baf 100644 --- a/src/gened25519.c +++ b/src/gened25519.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/gened25519.h b/src/gened25519.h index 80583102b..dcb9e2496 100644 --- a/src/gened25519.h +++ b/src/gened25519.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/genrsa.c b/src/genrsa.c index e249d6e76..b6451694f 100644 --- a/src/genrsa.c +++ b/src/genrsa.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -33,7 +33,7 @@ #if DROPBEAR_RSA -static void getrsaprime(mp_int* prime, mp_int *primeminus, +static void getrsaprime(mp_int* prime, mp_int *primeminus, const mp_int* rsa_e, unsigned int size_bytes); /* mostly taken from libtomcrypt's rsa key generation routine */ @@ -88,7 +88,7 @@ dropbear_rsa_key * gen_rsa_priv_key(unsigned int size) { } /* return a prime suitable for p or q */ -static void getrsaprime(mp_int* prime, mp_int *primeminus, +static void getrsaprime(mp_int* prime, mp_int *primeminus, const mp_int* rsa_e, unsigned int size_bytes) { unsigned char *buf; diff --git a/src/genrsa.h b/src/genrsa.h index 641d5a5fe..65d9f83f2 100644 --- a/src/genrsa.h +++ b/src/genrsa.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/gensignkey.c b/src/gensignkey.c index 295211db7..def4feec6 100644 --- a/src/gensignkey.c +++ b/src/gensignkey.c @@ -142,7 +142,7 @@ int signkey_generate(enum signkey_type keytype, int bits, const char* filename, seedrandom(); - buf = buf_new(MAX_PRIVKEY_SIZE); + buf = buf_new(MAX_PRIVKEY_SIZE); buf_put_priv_key(buf, key, keytype); sign_key_free(key); @@ -158,7 +158,7 @@ int signkey_generate(enum signkey_type keytype, int bits, const char* filename, } if (link(fn_temp, filename) < 0) { - /* If generating keys on connection (skipexist) it's OK to get EEXIST + /* If generating keys on connection (skipexist) it's OK to get EEXIST - we probably just lost a race with another connection to generate the key */ if (!(skip_exist && errno == EEXIST)) { if (errno == EPERM || errno == EACCES || errno == ENOSYS) { diff --git a/src/ifndef_wrapper.sh b/src/ifndef_wrapper.sh index 37a208d41..889766a76 100755 --- a/src/ifndef_wrapper.sh +++ b/src/ifndef_wrapper.sh @@ -4,4 +4,4 @@ sed 's/^\( *#define \([^ ][^ ]*\) .*\)/#ifndef \2\ \1\ -#endif/' +#endif/' diff --git a/src/includes.h b/src/includes.h index 9f386247b..c082e1033 100644 --- a/src/includes.h +++ b/src/includes.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -195,13 +195,13 @@ extern char** environ; #endif /* so we can avoid warnings about unused params (ie in signal handlers etc) */ -#ifdef UNUSED -#elif defined(__GNUC__) -# define UNUSED(x) UNUSED_ ## x __attribute__((unused)) -#elif defined(__LCLINT__) -# define UNUSED(x) /*@unused@*/ x -#else -# define UNUSED(x) x +#ifdef UNUSED +#elif defined(__GNUC__) +# define UNUSED(x) UNUSED_ ## x __attribute__((unused)) +#elif defined(__LCLINT__) +# define UNUSED(x) /*@unused@*/ x +#else +# define UNUSED(x) x #endif /* static_assert() is a keyword in c23, earlier libc often supports diff --git a/src/install-sh b/src/install-sh index e9de23842..f040bd3b6 100644 --- a/src/install-sh +++ b/src/install-sh @@ -125,7 +125,7 @@ if [ x"$dir_arg" != x ]; then else # Waiting for this to be detected by the "$instcmd $src $dsttmp" command -# might cause directories to be created, which would be especially bad +# might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if [ -f $src -o -d $src ] @@ -202,17 +202,17 @@ else # If we're going to rename the final executable, determine the name now. - if [ x"$transformarg" = x ] + if [ x"$transformarg" = x ] then dstfile=`basename $dst` else - dstfile=`basename $dst $transformbasename | + dstfile=`basename $dst $transformbasename | sed $transformarg`$transformbasename fi # don't allow the sed command to completely eliminate the filename - if [ x"$dstfile" = x ] + if [ x"$dstfile" = x ] then dstfile=`basename $dst` else @@ -243,7 +243,7 @@ else # Now rename the file to the real destination. $doit $rmcmd -f $dstdir/$dstfile && - $doit $mvcmd $dsttmp $dstdir/$dstfile + $doit $mvcmd $dsttmp $dstdir/$dstfile fi && diff --git a/src/kex-dh.c b/src/kex-dh.c index fa289a60b..f36924933 100644 --- a/src/kex-dh.c +++ b/src/kex-dh.c @@ -11,7 +11,7 @@ #if DROPBEAR_NORMAL_DH static void load_dh_p(mp_int * dh_p) { - bytes_to_mp(dh_p, ses.newkeys->algo_kex->dh_p_bytes, + bytes_to_mp(dh_p, ses.newkeys->algo_kex->dh_p_bytes, ses.newkeys->algo_kex->dh_p_len); } @@ -32,12 +32,12 @@ struct kex_dh_param *gen_kexdh_param() { /* read the prime and generator*/ load_dh_p(&dh_p); - + mp_set_ul(&dh_g, DH_G_VAL); /* calculate q = (p-1)/2 */ /* dh_priv is just a temp var here */ - if (mp_sub_d(&dh_p, 1, ¶m->priv) != MP_OKAY) { + if (mp_sub_d(&dh_p, 1, ¶m->priv) != MP_OKAY) { dropbear_exit("Diffie-Hellman error"); } if (mp_div_2(¶m->priv, &dh_q) != MP_OKAY) { @@ -63,7 +63,7 @@ void free_kexdh_param(struct kex_dh_param *param) /* This function is fairly common between client/server, with some substitution * of dh_e/dh_f etc. Hence these arguments: - * dh_pub_us is 'e' for the client, 'f' for the server. dh_pub_them is + * dh_pub_us is 'e' for the client, 'f' for the server. dh_pub_them is * vice-versa. dh_priv is the x/y value corresponding to dh_pub_us */ void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them, sign_key *hostkey) { @@ -75,16 +75,16 @@ void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them, m_mp_init_multi(&dh_p, &dh_p_min1, NULL); load_dh_p(&dh_p); - if (mp_sub_d(&dh_p, 1, &dh_p_min1) != MP_OKAY) { + if (mp_sub_d(&dh_p, 1, &dh_p_min1) != MP_OKAY) { dropbear_exit("Diffie-Hellman error"); } /* Check that dh_pub_them (dh_e or dh_f) is in the range [2, p-2] */ - if (mp_cmp(dh_pub_them, &dh_p_min1) != MP_LT + if (mp_cmp(dh_pub_them, &dh_p_min1) != MP_LT || mp_cmp_d(dh_pub_them, 1) != MP_GT) { dropbear_exit("Diffie-Hellman error"); } - + /* K = e^y mod p = f^x mod p */ m_mp_alloc_init_multi(&ses.dh_K, NULL); if (mp_exptmod(dh_pub_them, ¶m->priv, &dh_p, ses.dh_K) != MP_OKAY) { @@ -102,7 +102,7 @@ void kexdh_comb_key(struct kex_dh_param *param, mp_int *dh_pub_them, } else { dh_e = dh_pub_them; dh_f = ¶m->pub; - } + } /* Create the remainder of the hash buffer, to generate the exchange hash */ /* K_S, the host key */ diff --git a/src/kex-ecdh.c b/src/kex-ecdh.c index 262278877..535187f3e 100644 --- a/src/kex-ecdh.c +++ b/src/kex-ecdh.c @@ -11,7 +11,7 @@ struct kex_ecdh_param *gen_kexecdh_param() { struct kex_ecdh_param *param = m_malloc(sizeof(*param)); const struct dropbear_ecc_curve *curve = ses.newkeys->algo_kex->details; - if (ecc_make_key_ex(NULL, dropbear_ltc_prng, + if (ecc_make_key_ex(NULL, dropbear_ltc_prng, ¶m->key, curve->dp) != CRYPT_OK) { dropbear_exit("ECC error"); } @@ -45,7 +45,7 @@ void kexecdh_comb_key(struct kex_ecdh_param *param, buffer *pub_them, } else { Q_C = Q_them; Q_S = ¶m->key; - } + } /* K_S, the host key */ buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey); diff --git a/src/kex.h b/src/kex.h index 2b7ecd0bf..d759678df 100644 --- a/src/kex.h +++ b/src/kex.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/keyimport.c b/src/keyimport.c index e88ef466f..db36891d4 100644 --- a/src/keyimport.c +++ b/src/keyimport.c @@ -5,11 +5,11 @@ * Modifications copyright 2003-2022 Matt Johnston * * PuTTY is copyright 1997-2003 Simon Tatham. - * + * * Portions copyright Robert de Bath, Joris van Rantwijk, Delian * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry, * Justin Bradford, and CORE SDI S.A. - * + * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation files * (the "Software"), to deal in the Software without restriction, @@ -17,10 +17,10 @@ * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be * included in all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND @@ -229,9 +229,9 @@ static void base64_encode_fp(FILE * fp, const unsigned char *data, } /* * Read an ASN.1/BER identifier and length pair. - * + * * Flags are a combination of the #defines listed below. - * + * * Returns -1 if unsuccessful; otherwise returns the number of * bytes used out of the source data. */ @@ -683,7 +683,7 @@ static sign_key *openssh_read(const char *filename, const char * UNUSED(passphra if (key->type == OSSH_DSA) { buf_putstring(blobbuf, "ssh-dss", 7); retkey->type = DROPBEAR_SIGNKEY_DSS; - } + } #endif #if DROPBEAR_RSA if (key->type == OSSH_RSA) { @@ -793,25 +793,25 @@ static sign_key *openssh_read(const char *filename, const char * UNUSED(passphra if (0) {} #if DROPBEAR_ECC_256 - else if (len == sizeof(OID_SEC256R1_BLOB) + else if (len == sizeof(OID_SEC256R1_BLOB) && memcmp(p, OID_SEC256R1_BLOB, len) == 0) { retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP256; curve = &ecc_curve_nistp256; - } + } #endif #if DROPBEAR_ECC_384 else if (len == sizeof(OID_SEC384R1_BLOB) && memcmp(p, OID_SEC384R1_BLOB, len) == 0) { retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP384; curve = &ecc_curve_nistp384; - } + } #endif #if DROPBEAR_ECC_521 else if (len == sizeof(OID_SEC521R1_BLOB) && memcmp(p, OID_SEC521R1_BLOB, len) == 0) { retkey->type = DROPBEAR_SIGNKEY_ECDSA_NISTP521; curve = &ecc_curve_nistp521; - } + } #endif else { errmsg = "Unknown ECC key type"; @@ -1068,7 +1068,7 @@ static int openssh_write(const char *filename, sign_key *key, * 08 08 08 08 08 08 08 (assuming a 64-bit block cipher); a * plaintext one byte less than a multiple of the block size * will be padded with just 01. - * + * * This enables the OpenSSL key decryption function to strip * off the padding algorithmically and return the unpadded * plaintext to the next layer: it looks at the final byte, and diff --git a/src/keyimport.h b/src/keyimport.h index b566fc9a0..5e7f06994 100644 --- a/src/keyimport.h +++ b/src/keyimport.h @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/listener.c b/src/listener.c index 4c60589a6..c201ae236 100644 --- a/src/listener.c +++ b/src/listener.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -74,10 +74,10 @@ void handle_listeners(const fd_set * readfds) { } /* Woo brace matching */ -/* acceptor(int fd, void* typedata) is a function to accept connections, +/* acceptor(int fd, void* typedata) is a function to accept connections, * cleanup(void* typedata) happens when cleaning up */ struct Listener* new_listener(const int socks[], unsigned int nsocks, - int type, void* typedata, + int type, void* typedata, void (*acceptor)(const struct Listener* listener, int sock), void (*cleanup)(const struct Listener*)) { diff --git a/src/listener.h b/src/listener.h index 4a7f5ffde..c55517ba4 100644 --- a/src/listener.h +++ b/src/listener.h @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -38,7 +38,7 @@ struct Listener { void (*acceptor)(const struct Listener*, int sock); void (*cleanup)(const struct Listener*); - int type; /* CHANNEL_ID_X11, CHANNEL_ID_AGENT, + int type; /* CHANNEL_ID_X11, CHANNEL_ID_AGENT, CHANNEL_ID_TCPDIRECT (for clients), CHANNEL_ID_TCPFORWARDED (for servers) */ @@ -51,7 +51,7 @@ void handle_listeners(const fd_set * readfds); void set_listener_fds(fd_set * readfds); struct Listener* new_listener(const int socks[], unsigned int nsocks, - int type, void* typedata, + int type, void* typedata, void (*acceptor)(const struct Listener* listener, int sock), void (*cleanup)(const struct Listener*)); diff --git a/src/loginrec.c b/src/loginrec.c index b543bcb35..ff2e0aced 100644 --- a/src/loginrec.c +++ b/src/loginrec.c @@ -347,7 +347,7 @@ login_write (struct logininfo *li) int login_utmp_only(struct logininfo *li) { - li->type = LTYPE_LOGIN; + li->type = LTYPE_LOGIN; login_set_current_time(li); # ifdef USE_UTMP utmp_write_entry(li); diff --git a/src/ltc_prng.c b/src/ltc_prng.c index 4f2e9e120..dead6876b 100644 --- a/src/ltc_prng.c +++ b/src/ltc_prng.c @@ -19,7 +19,7 @@ @file sprng.c Secure PRNG, Tom St Denis */ - + /* A secure PRNG using the RNG functions. Basically this is a * wrapper that allows you to use a secure RNG as a PRNG * in the various other functions. @@ -31,10 +31,10 @@ Start the PRNG @param prng [out] The PRNG state to initialize @return CRYPT_OK if successful -*/ +*/ int dropbear_prng_start(prng_state* UNUSED(prng)) { - return CRYPT_OK; + return CRYPT_OK; } /** @@ -43,7 +43,7 @@ int dropbear_prng_start(prng_state* UNUSED(prng)) @param inlen Length of the data to add @param prng PRNG state to update @return CRYPT_OK if successful -*/ +*/ int dropbear_prng_add_entropy(const unsigned char* UNUSED(in), unsigned long UNUSED(inlen), prng_state* UNUSED(prng)) { return CRYPT_OK; @@ -53,7 +53,7 @@ int dropbear_prng_add_entropy(const unsigned char* UNUSED(in), unsigned long UNU Make the PRNG ready to read from @param prng The PRNG to make active @return CRYPT_OK if successful -*/ +*/ int dropbear_prng_ready(prng_state* UNUSED(prng)) { return CRYPT_OK; @@ -65,7 +65,7 @@ int dropbear_prng_ready(prng_state* UNUSED(prng)) @param outlen Length of output @param prng The active PRNG to read from @return Number of octets read -*/ +*/ unsigned long dropbear_prng_read(unsigned char* out, unsigned long outlen, prng_state* UNUSED(prng)) { LTC_ARGCHK(out != NULL); @@ -77,7 +77,7 @@ unsigned long dropbear_prng_read(unsigned char* out, unsigned long outlen, prng_ Terminate the PRNG @param prng The PRNG to terminate @return CRYPT_OK if successful -*/ +*/ int dropbear_prng_done(prng_state* UNUSED(prng)) { return CRYPT_OK; @@ -89,7 +89,7 @@ int dropbear_prng_done(prng_state* UNUSED(prng)) @param outlen [in/out] Max size and resulting size of the state @param prng The PRNG to export @return CRYPT_OK if successful -*/ +*/ int dropbear_prng_export(unsigned char* UNUSED(out), unsigned long* outlen, prng_state* UNUSED(prng)) { LTC_ARGCHK(outlen != NULL); @@ -97,14 +97,14 @@ int dropbear_prng_export(unsigned char* UNUSED(out), unsigned long* outlen, prng *outlen = 0; return CRYPT_OK; } - + /** Import a PRNG state @param in The PRNG state @param inlen Size of the state @param prng The PRNG to import @return CRYPT_OK if successful -*/ +*/ int dropbear_prng_import(const unsigned char* UNUSED(in), unsigned long UNUSED(inlen), prng_state* UNUSED(prng)) { return CRYPT_OK; @@ -113,7 +113,7 @@ int dropbear_prng_import(const unsigned char* UNUSED(in), unsigned long UNUSED(i /** PRNG self-test @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled -*/ +*/ int dropbear_prng_test(void) { return CRYPT_OK; diff --git a/src/netio.c b/src/netio.c index d5aa0c688..9a6b0d2d6 100644 --- a/src/netio.c +++ b/src/netio.c @@ -97,7 +97,7 @@ static void connect_try_next(struct dropbear_progress_connection *c) { int len = 100 + strlen(gai_strerror(err)); m_free(c->errstring); c->errstring = (char*)m_malloc(len); - snprintf(c->errstring, len, "Error resolving bind address '%s' (port %s). %s", + snprintf(c->errstring, len, "Error resolving bind address '%s' (port %s). %s", c->bind_address, c->bind_port, gai_strerror(err)); TRACE(("Error resolving bind: %s", gai_strerror(err))) close(c->sock); @@ -113,7 +113,7 @@ static void connect_try_next(struct dropbear_progress_connection *c) { int len = 300; m_free(c->errstring); c->errstring = m_malloc(len); - snprintf(c->errstring, len, "Error binding local address '%s' (port %s). %s", + snprintf(c->errstring, len, "Error binding local address '%s' (port %s). %s", c->bind_address, c->bind_port, strerror(keep_errno)); close(c->sock); c->sock = -1; @@ -145,7 +145,7 @@ static void connect_try_next(struct dropbear_progress_connection *c) { if (errno != EINPROGRESS) { m_free(c->errstring); c->errstring = m_strdup(strerror(errno)); - /* Not entirely sure which kind of errors are normal - 2.6.32 seems to + /* Not entirely sure which kind of errors are normal - 2.6.32 seems to return EPIPE for any (nonblocking?) sendmsg(). just fall back */ TRACE(("sendmsg tcp_fastopen failed, falling back. %s", strerror(errno))); /* No kernel MSG_FASTOPEN support. Fall back below */ @@ -219,7 +219,7 @@ struct dropbear_progress_connection *connect_remote(const char* remotehost, cons int len; len = 100 + strlen(gai_strerror(err)); c->errstring = (char*)m_malloc(len); - snprintf(c->errstring, len, "Error resolving '%s' port '%s'. %s", + snprintf(c->errstring, len, "Error resolving '%s' port '%s'. %s", remotehost, remoteport, gai_strerror(err)); TRACE(("Error resolving: %s", gai_strerror(err))) } else { @@ -282,7 +282,7 @@ struct dropbear_progress_connection *connect_streamlocal(const char* localpath, sunaddr->sun_family = AF_UNIX; strlcpy(sunaddr->sun_path, localpath, sizeof(sunaddr->sun_path)); - /* Copy to target iter */ + /* Copy to target iter */ c->res_iter = c->res; return c; @@ -352,7 +352,7 @@ void handle_connect_fds(const fd_set *writefd) { remove_connect(c, iter); TRACE(("leave handle_connect_fds - success")) /* Must return here - remove_connect() invalidates iter */ - return; + return; } } } @@ -371,8 +371,8 @@ void packet_queue_to_iovec(const struct Queue *queue, struct iovec *iov, unsigne #if (defined(__CYGWIN__) || defined(__GNU__)) && !defined(UIO_MAXIOV) #define IOV_MAX 1024 #elif defined(__sgi) - #define IOV_MAX 512 - #else + #define IOV_MAX 512 + #else #define IOV_MAX UIO_MAXIOV #endif #endif @@ -523,7 +523,7 @@ int get_sock_port(int sock) { return atoi(strport); } -/* Listen on address:port. +/* Listen on address:port. * Special cases are address of "" listening on everything, * and address of NULL listening on localhost only. * Returns the number of sockets bound on success, or -1 on failure. On @@ -628,7 +628,7 @@ int dropbear_listen(const char* address, const char* port, #if defined(IPPROTO_IPV6) && defined(IPV6_V6ONLY) if (res->ai_family == AF_INET6) { int on = 1; - if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, + if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) == -1) { dropbear_log(LOG_WARNING, "Couldn't set IPV6_V6ONLY"); } @@ -709,7 +709,7 @@ void get_socket_address(int fd, char **local_host, char **local_port, /* Return a string representation of the socket address passed. The return * value is allocated with malloc() */ -void getaddrstring(struct sockaddr_storage* addr, +void getaddrstring(struct sockaddr_storage* addr, char **ret_host, char **ret_port, int host_lookup) { @@ -743,7 +743,7 @@ void getaddrstring(struct sockaddr_storage* addr, #endif #endif - ret = getnameinfo((struct sockaddr*)addr, len, host, sizeof(host)-1, + ret = getnameinfo((struct sockaddr*)addr, len, host, sizeof(host)-1, serv, sizeof(serv)-1, flags); if (ret != 0) { diff --git a/src/netio.h b/src/netio.h index 11ff5024b..43e96e855 100644 --- a/src/netio.h +++ b/src/netio.h @@ -16,7 +16,7 @@ void set_sock_priority(int sock, enum dropbear_prio prio); int get_sock_port(int sock); void get_socket_address(int fd, char **local_host, char **local_port, char **remote_host, char **remote_port, int host_lookup); -void getaddrstring(struct sockaddr_storage* addr, +void getaddrstring(struct sockaddr_storage* addr, char **ret_host, char **ret_port, int host_lookup); int dropbear_listen(const char* address, const char* port, int *socks, unsigned int sockcount, char **errstring, int *maxfd, const char* interface); diff --git a/src/packet.c b/src/packet.c index 105558854..4eac346ca 100644 --- a/src/packet.c +++ b/src/packet.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -39,7 +39,7 @@ static int read_packet_init(void); static void make_mac(unsigned int seqno, const struct key_context_directional * key_state, - buffer * clear_buf, unsigned int clear_len, + buffer * clear_buf, unsigned int clear_len, unsigned char *output_mac); static int checkmac(void); @@ -122,7 +122,7 @@ void write_packet() { } else { dropbear_exit("Error writing: %s", strerror(errno)); } - } + } if (written == 0) { ses.remoteclosed(); @@ -209,7 +209,7 @@ void read_packet() { /* Function used to read the initial portion of a packet, and determine the * length. Only called during the first BLOCKSIZE of a packet. */ -/* Returns DROPBEAR_SUCCESS if the length is determined, +/* Returns DROPBEAR_SUCCESS if the length is determined, * DROPBEAR_FAILURE otherwise */ static int read_packet_init() { @@ -266,7 +266,7 @@ static int read_packet_init() { } else #endif { - if (ses.keys->recv.crypt_mode->decrypt(buf_getptr(ses.readbuf, blocksize), + if (ses.keys->recv.crypt_mode->decrypt(buf_getptr(ses.readbuf, blocksize), buf_getwriteptr(ses.readbuf, blocksize), blocksize, &ses.keys->recv.cipher_state) != CRYPT_OK) { @@ -332,7 +332,7 @@ void decrypt_packet() { /* decrypt it in-place */ len = ses.readbuf->len - macsize - ses.readbuf->pos; if (ses.keys->recv.crypt_mode->decrypt( - buf_getptr(ses.readbuf, len), + buf_getptr(ses.readbuf, len), buf_getwriteptr(ses.readbuf, len), len, &ses.keys->recv.cipher_state) != CRYPT_OK) { @@ -371,7 +371,7 @@ void decrypt_packet() { buf_setpos(ses.payload, 0); ses.payload_beginning = 0; buf_free(ses.readbuf); - } else + } else #endif { ses.payload = ses.readbuf; @@ -520,7 +520,7 @@ void encrypt_packet() { unsigned char padlen; unsigned char blocksize, mac_size; - buffer * writebuf; /* the packet which will go on the wire. This is + buffer * writebuf; /* the packet which will go on the wire. This is encrypted in-place. */ unsigned char packet_type; unsigned int len, encrypt_buf_size; @@ -538,7 +538,7 @@ void encrypt_packet() { if ((!ses.dataallowed && !packet_is_okay_kex(packet_type))) { /* During key exchange only particular packets are allowed. - Since this packet_type isn't OK we just enqueue it to send + Since this packet_type isn't OK we just enqueue it to send after the KEX, see maybe_flush_reply_queue */ enqueue_reply_packet(); return; @@ -548,9 +548,9 @@ void encrypt_packet() { mac_size = ses.keys->trans.algo_mac->hashsize; /* Encrypted packet len is payload+5. We need to then make sure - * there is enough space for padding or MIN_PACKET_LEN. + * there is enough space for padding or MIN_PACKET_LEN. * Add extra 3 since we need at least 4 bytes of padding */ - encrypt_buf_size = (ses.writepayload->len+4+1) + encrypt_buf_size = (ses.writepayload->len+4+1) + MAX(MIN_PACKET_LEN, blocksize) + 3 /* add space for the MAC at the end */ + mac_size @@ -660,7 +660,7 @@ void encrypt_packet() { now = monotonic_now(); ses.last_packet_time_any_sent = now; /* idle timeout shouldn't be affected by responses to keepalives. - send_msg_keepalive() itself also does tricks with + send_msg_keepalive() itself also does tricks with ses.last_packet_idle_time - read that if modifying this code */ if (packet_type != SSH_MSG_REQUEST_FAILURE && packet_type != SSH_MSG_UNIMPLEMENTED @@ -683,7 +683,7 @@ void writebuf_enqueue(buffer * writebuf) { /* Create the packet mac, and append H(seqno|clearbuf) to the output */ /* output_mac must have ses.keys->trans.algo_mac->hashsize bytes. */ static void make_mac(unsigned int seqno, const struct key_context_directional * key_state, - buffer * clear_buf, unsigned int clear_len, + buffer * clear_buf, unsigned int clear_len, unsigned char *output_mac) { unsigned char seqbuf[4]; unsigned long bufsize; @@ -691,7 +691,7 @@ static void make_mac(unsigned int seqno, const struct key_context_directional * if (key_state->algo_mac->hashsize > 0) { /* calculate the mac */ - if (hmac_init(&hmac, + if (hmac_init(&hmac, key_state->hash_index, key_state->mackey, key_state->algo_mac->keysize) != CRYPT_OK) { @@ -706,7 +706,7 @@ static void make_mac(unsigned int seqno, const struct key_context_directional * /* the actual contents */ buf_setpos(clear_buf, 0); - if (hmac_process(&hmac, + if (hmac_process(&hmac, buf_getptr(clear_buf, clear_len), clear_len) != CRYPT_OK) { dropbear_exit("HMAC error"); @@ -734,7 +734,7 @@ static void buf_compress(buffer * dest, buffer * src, unsigned int len) { dropbear_assert(dest->size - dest->pos >= len+ZLIB_COMPRESS_EXPANSION); ses.keys->trans.zstream->avail_in = endpos - src->pos; - ses.keys->trans.zstream->next_in = + ses.keys->trans.zstream->next_in = buf_getptr(src, ses.keys->trans.zstream->avail_in); ses.keys->trans.zstream->avail_out = dest->size - dest->pos; diff --git a/src/packet.h b/src/packet.h index e3ab808be..158fa99ed 100644 --- a/src/packet.h +++ b/src/packet.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/process-packet.c b/src/process-packet.c index d3a2a9473..9efde8aa4 100644 --- a/src/process-packet.c +++ b/src/process-packet.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002-2004 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -79,7 +79,7 @@ void process_packet() { idle detection. This is slightly incorrect since a tcp forwarded global request with failure won't trigger the idle timeout, but that's probably acceptable */ - if (!(type == SSH_MSG_GLOBAL_REQUEST + if (!(type == SSH_MSG_GLOBAL_REQUEST || type == SSH_MSG_REQUEST_FAILURE || type == SSH_MSG_CHANNEL_FAILURE)) { ses.last_packet_time_idle = now; @@ -134,7 +134,7 @@ void process_packet() { /* Kindly the protocol authors gave all the preauth packets type values * less-than-or-equal-to 60 ( == MAX_UNAUTH_PACKET_TYPE ). - * NOTE: if the protocol changes and new types are added, revisit this + * NOTE: if the protocol changes and new types are added, revisit this * assumption */ if ( !ses.authstate.authdone && type > MAX_UNAUTH_PACKET_TYPE ) { dropbear_exit("Received message %d before userauth", type); diff --git a/src/pubkeyapi.h b/src/pubkeyapi.h index 21b1f24aa..39a664f20 100644 --- a/src/pubkeyapi.h +++ b/src/pubkeyapi.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -36,12 +36,12 @@ struct PluginInstance; struct PluginSession; -/* API VERSION INFORMATION - +/* API VERSION INFORMATION - * Dropbear will: * - Reject any plugin with a major version mismatch * - Load and print a warning if the plugin's minor version is HIGHER than * dropbear's minor version (assumes properties are added at the end of - * PluginInstance or PluginSession). This is a case of plugin newer than dropbear. + * PluginInstance or PluginSession). This is a case of plugin newer than dropbear. * - Reject if the plugin minor version is SMALLER than dropbear one (case * of plugin older than dropbear). * - Load (with no warnings) if version match. @@ -57,7 +57,7 @@ struct PluginSession; * returned in the api_version to match the version it understands and reject * any plugin for which API major version does not match. * - * If the version MINOR is different, dropbear will allow the plugin to run + * If the version MINOR is different, dropbear will allow the plugin to run * only if: plugin_MINOR > dropbear_MINOR * * If plugin_MINOR < dropbear_MINOR or if the MAJOR version is different @@ -68,7 +68,7 @@ struct PluginSession; * Returns NULL in case of failure, otherwise a void * of the instance that need * to be passed to all the subsequent call to the plugin */ -typedef struct PluginInstance *(* PubkeyExtPlugin_newFn)(int verbose, +typedef struct PluginInstance *(* PubkeyExtPlugin_newFn)(int verbose, const char *options, const char *addrstring); #define DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW "plugin_new" @@ -76,7 +76,7 @@ typedef struct PluginInstance *(* PubkeyExtPlugin_newFn)(int verbose, /* Validate a client through public key authentication * - * If session has not been already created, creates it and store it + * If session has not been already created, creates it and store it * in *sessionInOut. * If session is a non-NULL, it will reuse it. * @@ -85,9 +85,9 @@ typedef struct PluginInstance *(* PubkeyExtPlugin_newFn)(int verbose, */ typedef int (* PubkeyExtPlugin_checkPubKeyFn)(struct PluginInstance *PluginInstance, struct PluginSession **sessionInOut, - const char* algo, + const char* algo, unsigned int algolen, - const unsigned char* keyblob, + const unsigned char* keyblob, unsigned int keybloblen, const char *username); @@ -109,7 +109,7 @@ typedef void (* PubkeyExtPlugin_deleteFn)(struct PluginInstance *PluginInstance) * * A plug-in can extend it to add its own properties * - * The instance is created from the call to the plugin_new() function of the + * The instance is created from the call to the plugin_new() function of the * shared library. * The delete_plugin function should delete the object. */ @@ -125,7 +125,7 @@ struct PluginInstance { /***************************************************************************** * SESSION ****************************************************************************/ -/* Returns the options from the session. +/* Returns the options from the session. * The returned buffer will be destroyed when the session is deleted. * Option buffer string NULL-terminated */ @@ -133,7 +133,7 @@ typedef char * (* PubkeyExtPlugin_getOptionsFn)(struct PluginSession *session); /* An SSH Session. Created during pre-auth and reused during the authentication. - * The plug-in should delete this object (or any object extending it) from + * The plug-in should delete this object (or any object extending it) from * the delete_session() function. * * Extend it to cache user and authentication information that can be diff --git a/src/queue.c b/src/queue.c index f3ece7fd7..fdc8a0dad 100644 --- a/src/queue.c +++ b/src/queue.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/queue.h b/src/queue.h index ee8ea43f2..f7ebd4f5d 100644 --- a/src/queue.h +++ b/src/queue.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/rsa.c b/src/rsa.c index 6152e1cfd..54e01a5a8 100644 --- a/src/rsa.c +++ b/src/rsa.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -37,7 +37,7 @@ #include "dbrandom.h" #include "signkey.h" -#if DROPBEAR_RSA +#if DROPBEAR_RSA #if !(DROPBEAR_RSA_SHA1 || DROPBEAR_RSA_SHA256) #error Somehow RSA was enabled with neither DROPBEAR_RSA_SHA1 nor DROPBEAR_RSA_SHA256 @@ -196,7 +196,7 @@ void buf_put_rsa_priv_key(buffer* buf, const dropbear_rsa_key *key) { #if DROPBEAR_SIGNKEY_VERIFY /* Verify a signature in buf, made on data by the key given. * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ -int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key, +int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key, enum signature_type sigtype, const buffer *data_buf) { unsigned int slen; DEF_MP_INT(rsa_s); @@ -252,7 +252,7 @@ int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key, /* Sign the data presented with key, writing the signature contents * to the buffer */ -void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key, +void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key, enum signature_type sigtype, const buffer *data_buf) { const char *name = NULL; unsigned int nsize, ssize, namelen = 0; @@ -350,11 +350,11 @@ void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key, TRACE(("leave buf_put_rsa_sign")) } -/* Creates the message value as expected by PKCS, +/* Creates the message value as expected by PKCS, see rfc8017 section 9.2 */ static void rsa_pad_em(const dropbear_rsa_key * key, const buffer *data_buf, mp_int * rsa_em, enum signature_type sigtype) { - /* EM = 0x00 || 0x01 || PS || 0x00 || T + /* EM = 0x00 || 0x01 || PS || 0x00 || T PS is padding of 0xff to make EM the size of key->n T is the DER encoding of the hash alg (sha1 or sha256) diff --git a/src/rsa.h b/src/rsa.h index a8bbf4156..0f5d35d0f 100644 --- a/src/rsa.h +++ b/src/rsa.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -29,7 +29,7 @@ #include "signkey.h" #include "buffer.h" -#if DROPBEAR_RSA +#if DROPBEAR_RSA typedef struct dropbear_RSA_Key { @@ -42,10 +42,10 @@ typedef struct dropbear_RSA_Key { } dropbear_rsa_key; -void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key, +void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key, enum signature_type sigtype, const buffer *data_buf); #if DROPBEAR_SIGNKEY_VERIFY -int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key, +int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key, enum signature_type sigtype, const buffer *data_buf); #endif int buf_get_rsa_pub_key(buffer* buf, dropbear_rsa_key *key); diff --git a/src/scp.c b/src/scp.c index 384f2cb85..a6fc312a8 100644 --- a/src/scp.c +++ b/src/scp.c @@ -1,4 +1,4 @@ -/* Dropbear Note: This file is based on OpenSSH 4.3p2. Avoid unnecessary +/* Dropbear Note: This file is based on OpenSSH 4.3p2. Avoid unnecessary changes to simplify future updates */ /* diff --git a/src/scpmisc.c b/src/scpmisc.c index c2f053e1e..dd4016b85 100644 --- a/src/scpmisc.c +++ b/src/scpmisc.c @@ -1,4 +1,4 @@ -/* Dropbear Note: This file is based on OpenSSH 4.3p2. Avoid unnecessary +/* Dropbear Note: This file is based on OpenSSH 4.3p2. Avoid unnecessary changes to simplify future updates */ /* diff --git a/src/service.h b/src/service.h index eaa7ff6ff..14fd70716 100644 --- a/src/service.h +++ b/src/service.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/session.h b/src/session.h index f37e7ff42..6f9ebba5e 100644 --- a/src/session.h +++ b/src/session.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -107,7 +107,7 @@ struct key_context { enum signkey_type algo_hostkey; /* server key type */ enum signature_type algo_signature; /* server signature type */ - int allow_compress; /* whether compression has started (useful in + int allow_compress; /* whether compression has started (useful in zlib@openssh.com delayed compression case) */ }; @@ -145,7 +145,7 @@ struct sshsession { struct Queue writequeue; /* A queue of encrypted packets to send */ unsigned int writequeue_len; /* Number of bytes pending to send in writequeue */ buffer *readbuf; /* From the wire, decrypted in-place */ - buffer *payload; /* Post-decompression, the actual SSH packet. + buffer *payload; /* Post-decompression, the actual SSH packet. May have extra data at the beginning, will be passed to packet processing functions positioned past that, see payload_beginning */ @@ -159,7 +159,7 @@ struct sshsession { unsigned dataallowed : 1; /* whether we can send data packets or we are in the middle of a KEX or something */ - unsigned char requirenext; /* byte indicating what packets we require next, + unsigned char requirenext; /* byte indicating what packets we require next, or 0x00 for any. */ unsigned char ignorenext; /* whether to ignore the next packet, @@ -325,7 +325,7 @@ struct clientsession { #if DROPBEAR_CLI_INTERACT_AUTH int auth_interact_failed; /* flag whether interactive auth can still be used */ - int interact_request_received; /* flag whether we've received an + int interact_request_received; /* flag whether we've received an info request from the server for interactive auth.*/ #endif diff --git a/src/signkey.c b/src/signkey.c index 162752bc4..2ebd4c2ae 100644 --- a/src/signkey.c +++ b/src/signkey.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -117,7 +117,7 @@ enum signkey_type signkey_type_from_name(const char* name, unsigned int namelen) return DROPBEAR_SIGNKEY_NONE; } -/* Special case for rsa-sha2-256. This could be generalised if more +/* Special case for rsa-sha2-256. This could be generalised if more signature names are added that aren't 1-1 with public key names */ const char* signature_name_from_type(enum signature_type type, unsigned int *namelen) { #if DROPBEAR_RSA @@ -145,13 +145,13 @@ const char* signature_name_from_type(enum signature_type type, unsigned int *nam enum signature_type signature_type_from_name(const char* name, unsigned int namelen) { #if DROPBEAR_RSA #if DROPBEAR_RSA_SHA256 - if (namelen == strlen(SSH_SIGNATURE_RSA_SHA256) + if (namelen == strlen(SSH_SIGNATURE_RSA_SHA256) && memcmp(name, SSH_SIGNATURE_RSA_SHA256, namelen) == 0) { return DROPBEAR_SIGNATURE_RSA_SHA256; } #endif #if DROPBEAR_RSA_SHA1 - if (namelen == strlen(SSH_SIGNKEY_RSA) + if (namelen == strlen(SSH_SIGNKEY_RSA) && memcmp(name, SSH_SIGNKEY_RSA, namelen) == 0) { return DROPBEAR_SIGNATURE_RSA_SHA1; } @@ -592,7 +592,7 @@ char * sign_key_fingerprint(const unsigned char* keyblob, unsigned int keybloble return sign_key_sha256_fingerprint(keyblob, keybloblen); } -void buf_put_sign(buffer* buf, sign_key *key, enum signature_type sigtype, +void buf_put_sign(buffer* buf, sign_key *key, enum signature_type sigtype, const buffer *data_buf) { buffer *sigblob = buf_new(MAX_PUBKEY_SIZE); enum signkey_type keytype = signkey_type_from_signature(sigtype); @@ -723,8 +723,8 @@ int buf_verify(buffer * buf, sign_key *key, enum signature_type expect_sigtype, * base64 data, and contains no trailing data */ /* If fingerprint is non-NULL, it will be set to a malloc()ed fingerprint of the key if it is successfully decoded */ -int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, - const unsigned char* algoname, unsigned int algolen, +int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, + const unsigned char* algoname, unsigned int algolen, const buffer * line, char ** fingerprint) { buffer * decodekey = NULL; @@ -769,7 +769,7 @@ int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, filealgolen = buf_getint(decodekey); filealgo = buf_getptr(decodekey, filealgolen); if (filealgolen != algolen || memcmp(filealgo, algoname, algolen) != 0) { - TRACE(("checkpubkey: algo match failed")) + TRACE(("checkpubkey: algo match failed")) goto out; } diff --git a/src/signkey.h b/src/signkey.h index c6829f252..3ea3dbce5 100644 --- a/src/signkey.h +++ b/src/signkey.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -154,8 +154,8 @@ int buf_verify(buffer * buf, sign_key *key, enum signature_type expect_sigtype, int sk_buf_verify(buffer * buf, sign_key *key, enum signature_type expect_sigtype, const buffer *data_buf, char* app, unsigned int applen); char * sign_key_fingerprint(const unsigned char* keyblob, unsigned int keybloblen); #endif -int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, - const unsigned char* algoname, unsigned int algolen, +int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, + const unsigned char* algoname, unsigned int algolen, const buffer * line, char ** fingerprint); void** signkey_key_ptr(sign_key *key, enum signkey_type type); diff --git a/src/ssh.h b/src/ssh.h index ef3efdca0..1ff5d0f21 100644 --- a/src/ssh.h +++ b/src/ssh.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -64,7 +64,7 @@ #define SSH_MSG_REQUEST_SUCCESS 81 #define SSH_MSG_REQUEST_FAILURE 82 #define SSH_MSG_CHANNEL_OPEN 90 -#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION 91 +#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION 91 #define SSH_MSG_CHANNEL_OPEN_FAILURE 92 #define SSH_MSG_CHANNEL_WINDOW_ADJUST 93 #define SSH_MSG_CHANNEL_DATA 94 diff --git a/src/sshpty.c b/src/sshpty.c index 9f12d6770..24d1b480a 100644 --- a/src/sshpty.c +++ b/src/sshpty.c @@ -2,7 +2,7 @@ * Dropbear - a SSH2 server * * Copied from OpenSSH-3.5p1 source, modified by Matt Johnston 2003 - * + * * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -55,7 +55,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) i = openpty(ptyfd, ttyfd, NULL, NULL, NULL); if (i < 0) { - dropbear_log(LOG_WARNING, + dropbear_log(LOG_WARNING, "pty_allocate: openpty: %.100s", strerror(errno)); return 0; } diff --git a/src/svr-agentfwd.c b/src/svr-agentfwd.c index a8941ea64..7bd849589 100644 --- a/src/svr-agentfwd.c +++ b/src/svr-agentfwd.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -80,7 +80,7 @@ int svr_agentreq(struct ChanSess * chansess) { setnonblocking(fd); /* pass if off to listener */ - chansess->agentlistener = new_listener( &fd, 1, 0, chansess, + chansess->agentlistener = new_listener( &fd, 1, 0, chansess, agentaccept, NULL); if (chansess->agentlistener == NULL) { diff --git a/src/svr-auth.c b/src/svr-auth.c index 895aff682..3790afb0d 100644 --- a/src/svr-auth.c +++ b/src/svr-auth.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -110,7 +110,7 @@ void recv_msg_userauth_request() { dropbear_exit("unknown service in auth"); } - /* check username is good before continuing. + /* check username is good before continuing. * the 'incrfail' varies depending on the auth method to * avoid giving away which users exist on the system through * the time delay. */ @@ -126,10 +126,10 @@ void recv_msg_userauth_request() { if (valid_user && svr_opts.allowblankpass && !svr_opts.noauthpass - && !(svr_opts.norootpass && ses.authstate.pw_uid == 0) - && ses.authstate.pw_passwd[0] == '\0') + && !(svr_opts.norootpass && ses.authstate.pw_uid == 0) + && ses.authstate.pw_passwd[0] == '\0') { - dropbear_log(LOG_NOTICE, + dropbear_log(LOG_NOTICE, "Auth succeeded with blank password for '%s' from %s", ses.authstate.pw_name, svr_ses.addrstring); @@ -454,7 +454,7 @@ void send_msg_userauth_success() { buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_SUCCESS); encrypt_packet(); - /* authdone must be set after encrypt_packet() for + /* authdone must be set after encrypt_packet() for * delayed-zlib mode */ ses.authstate.authdone = 1; ses.connect_time = 0; diff --git a/src/svr-authpam.c b/src/svr-authpam.c index ec14632f7..fca5107bf 100644 --- a/src/svr-authpam.c +++ b/src/svr-authpam.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2004 Martin Carlsson * Portions (c) 2004 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -46,10 +46,10 @@ struct UserDataS { }; /* PAM conversation function - for now we only handle one message */ -int -pamConvFunc(int num_msg, +int +pamConvFunc(int num_msg, const struct pam_message **msg, - struct pam_response **respp, + struct pam_response **respp, void *appdata_ptr) { int rc = PAM_SUCCESS; @@ -78,10 +78,10 @@ pamConvFunc(int num_msg, compare_message[i] = tolower(compare_message[i]); } - /* If the string ends with ": ", remove the space. + /* If the string ends with ": ", remove the space. ie "login: " vs "login:" */ - if (msg_len > 2 - && compare_message[msg_len-2] == ':' + if (msg_len > 2 + && compare_message[msg_len-2] == ':' && compare_message[msg_len-1] == ' ') { compare_message[msg_len-1] = '\0'; } @@ -117,7 +117,7 @@ pamConvFunc(int num_msg, case PAM_PROMPT_ECHO_ON: if (!( - (strcmp(compare_message, "login:" ) == 0) + (strcmp(compare_message, "login:" ) == 0) || (strcmp(compare_message, "please enter username:") == 0) || (strcmp(compare_message, "username:") == 0) )) { @@ -162,7 +162,7 @@ pamConvFunc(int num_msg, default: TRACE(("Unknown message type")) rc = PAM_CONV_ERR; - break; + break; } m_free(compare_message); @@ -184,7 +184,7 @@ void svr_auth_pam(int valid_user) { struct UserDataS userData = {NULL, NULL}; struct pam_conv pamConv = { pamConvFunc, - &userData /* submitted to pamvConvFunc as appdata_ptr */ + &userData /* submitted to pamvConvFunc as appdata_ptr */ }; const char* printable_user = NULL; @@ -225,7 +225,7 @@ void svr_auth_pam(int valid_user) { /* Init pam */ if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) { - dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s", + dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s", rc, pam_strerror(pamHandlep, rc)); goto cleanup; } @@ -251,7 +251,7 @@ void svr_auth_pam(int valid_user) { /* (void) pam_set_item(pamHandlep, PAM_FAIL_DELAY, (void*) pamDelayFunc); */ if ((rc = pam_authenticate(pamHandlep, 0)) != PAM_SUCCESS) { - dropbear_log(LOG_WARNING, "pam_authenticate() failed, rc=%d, %s", + dropbear_log(LOG_WARNING, "pam_authenticate() failed, rc=%d, %s", rc, pam_strerror(pamHandlep, rc)); dropbear_log(LOG_WARNING, "Bad PAM password attempt for '%s' from %s", @@ -262,7 +262,7 @@ void svr_auth_pam(int valid_user) { } if ((rc = pam_acct_mgmt(pamHandlep, 0)) != PAM_SUCCESS) { - dropbear_log(LOG_WARNING, "pam_acct_mgmt() failed, rc=%d, %s", + dropbear_log(LOG_WARNING, "pam_acct_mgmt() failed, rc=%d, %s", rc, pam_strerror(pamHandlep, rc)); dropbear_log(LOG_WARNING, "Bad PAM password attempt for '%s' from %s", diff --git a/src/svr-authpasswd.c b/src/svr-authpasswd.c index 899a8abb9..964dff558 100644 --- a/src/svr-authpasswd.c +++ b/src/svr-authpasswd.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -33,7 +33,7 @@ #if DROPBEAR_SVR_PASSWORD_AUTH -/* not constant time when strings are differing lengths. +/* not constant time when strings are differing lengths. string content isn't leaked, and crypt hashes are predictable length. */ static int constant_time_strcmp(const char* a, const char* b) { size_t la = strlen(a); @@ -116,7 +116,7 @@ void svr_auth_password(int valid_user) { send_msg_userauth_failure(1, 0); /* Send partial success */ } else { /* successful authentication */ - dropbear_log(LOG_NOTICE, + dropbear_log(LOG_NOTICE, "Password auth succeeded for '%s' from %s", ses.authstate.pw_name, svr_ses.addrstring); diff --git a/src/svr-authpubkeyoptions.c b/src/svr-authpubkeyoptions.c index df9a7dfc7..4a86aec44 100644 --- a/src/svr-authpubkeyoptions.c +++ b/src/svr-authpubkeyoptions.c @@ -1,28 +1,28 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2008 Frederic Moulins * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. + * SOFTWARE. * - * This file incorporates work covered by the following copyright and + * This file incorporates work covered by the following copyright and * permission notice: * * Author: Tatu Ylonen @@ -35,7 +35,7 @@ * called by a name other than "ssh" or "Secure Shell". * * This copyright and permission notice applies to the code parsing public keys - * options string which can also be found in OpenSSH auth-options.c file + * options string which can also be found in OpenSSH auth-options.c file * (auth_parse_options). * */ @@ -53,7 +53,7 @@ /* Returns 1 if pubkey allows agent forwarding, * 0 otherwise */ int svr_pubkey_allows_agentfwd() { - if (ses.authstate.pubkey_options + if (ses.authstate.pubkey_options && ses.authstate.pubkey_options->no_agent_forwarding_flag) { return 0; } @@ -63,7 +63,7 @@ int svr_pubkey_allows_agentfwd() { /* Returns 1 if pubkey allows tcp forwarding, * 0 otherwise */ int svr_pubkey_allows_tcpfwd() { - if (ses.authstate.pubkey_options + if (ses.authstate.pubkey_options && ses.authstate.pubkey_options->no_port_forwarding_flag) { return 0; } @@ -73,7 +73,7 @@ int svr_pubkey_allows_tcpfwd() { /* Returns 1 if pubkey allows x11 forwarding, * 0 otherwise */ int svr_pubkey_allows_x11fwd() { - if (ses.authstate.pubkey_options + if (ses.authstate.pubkey_options && ses.authstate.pubkey_options->no_x11_forwarding_flag) { return 0; } @@ -82,7 +82,7 @@ int svr_pubkey_allows_x11fwd() { /* Returns 1 if pubkey allows pty, 0 otherwise */ int svr_pubkey_allows_pty() { - if (ses.authstate.pubkey_options + if (ses.authstate.pubkey_options && ses.authstate.pubkey_options->no_pty_flag) { return 0; } @@ -112,7 +112,7 @@ int svr_pubkey_allows_local_tcpfwd(const char *host, unsigned int port) { return 1; } -/* Set chansession command to the one forced +/* Set chansession command to the one forced * by any 'command' public key option. */ void svr_pubkey_set_forced_command(struct ChanSess *chansess) { if (ses.authstate.pubkey_options && ses.authstate.pubkey_options->forced_command) { @@ -308,7 +308,7 @@ int svr_add_pubkey_options(buffer *options_buf, int line_num, const char* filena * Skip the comma, and move to the next option * (or break out if there are no more). */ - if (options_buf->pos < options_buf->len + if (options_buf->pos < options_buf->len && buf_getbyte(options_buf) != ',') { goto bad_option; } diff --git a/src/svr-chansession.c b/src/svr-chansession.c index 2ca6fc141..787b6616a 100644 --- a/src/svr-chansession.c +++ b/src/svr-chansession.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -278,7 +278,7 @@ static int newchansess(struct Channel *channel) { } -static struct logininfo* +static struct logininfo* chansess_login_alloc(const struct ChanSess *chansess) { struct logininfo * li; li = login_alloc_entry(chansess->pid, ses.authstate.username, @@ -454,7 +454,7 @@ static int sessionsignal(const struct ChanSess *chansess) { if (kill(chansess->pid, sig) < 0) { TRACE(("sessionsignal: kill() errored")) return DROPBEAR_FAILURE; - } + } return DROPBEAR_SUCCESS; } @@ -498,7 +498,7 @@ static void get_termmodes(const struct ChanSess *chansess) { } len = buf_getint(ses.payload); - TRACE(("term mode str %d p->l %d p->p %d", + TRACE(("term mode str %d p->l %d p->p %d", len, ses.payload->len , ses.payload->pos)); if (len != ses.payload->len - ses.payload->pos) { dropbear_exit("Bad term mode string"); @@ -634,7 +634,7 @@ static void make_connection_string(struct ChanSess *chansess) { chansess->connection_string = m_malloc(len); snprintf(chansess->connection_string, len, "%s %s %s %s", remote_ip, remote_port, local_ip, local_port); - /* deprecated but bash only loads .bashrc if SSH_CLIENT is set */ + /* deprecated but bash only loads .bashrc if SSH_CLIENT is set */ /* "remoteip remoteport localport" */ len = strlen(remote_ip) + 20; chansess->client_string = m_malloc(len); @@ -686,7 +686,7 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, m_free(chansess->cmd); chansess->cmd = m_strdup(expand_path); m_free(expand_path); - } else + } else #endif { m_free(chansess->cmd); @@ -713,15 +713,15 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, #if LOG_COMMANDS if (chansess->cmd) { - dropbear_log(LOG_INFO, "User %s executing '%s'", + dropbear_log(LOG_INFO, "User %s executing '%s'", ses.authstate.pw_name, chansess->cmd); } else { - dropbear_log(LOG_INFO, "User %s executing login shell", + dropbear_log(LOG_INFO, "User %s executing login shell", ses.authstate.pw_name); } #endif - /* uClinux will vfork(), so there'll be a race as + /* uClinux will vfork(), so there'll be a race as connection_string is freed below. */ #if !DROPBEAR_VFORK make_connection_string(chansess); @@ -758,7 +758,7 @@ static int noptycommand(struct Channel *channel, struct ChanSess *chansess) { int ret; TRACE(("enter noptycommand")) - ret = spawn_command(execchild, chansess, + ret = spawn_command(execchild, chansess, &channel->writefd, &channel->readfd, &channel->errfd, &chansess->pid); @@ -864,7 +864,7 @@ static int ptycommand(struct Channel *channel, struct ChanSess *chansess) { /* don't show the motd if ~/.hushlogin exists */ /* 12 == strlen("/.hushlogin\0") */ - len = strlen(ses.authstate.pw_dir) + 12; + len = strlen(ses.authstate.pw_dir) + 12; hushpath = m_malloc(len); snprintf(hushpath, len, "%s/.hushlogin", ses.authstate.pw_dir); @@ -880,7 +880,7 @@ static int ptycommand(struct Channel *channel, struct ChanSess *chansess) { buf_setpos(motdbuf, 0); while (motdbuf->pos != motdbuf->len) { len = motdbuf->len - motdbuf->pos; - len = write(STDOUT_FILENO, + len = write(STDOUT_FILENO, buf_getptr(motdbuf, len), len); buf_incrpos(motdbuf, len); } @@ -985,7 +985,7 @@ static void execchild(const void *user_data) { if (getuid() == 0) { if ((setgid(ses.authstate.pw_gid) < 0) || - (initgroups(ses.authstate.pw_name, + (initgroups(ses.authstate.pw_name, ses.authstate.pw_gid) < 0)) { dropbear_exit("Error changing user group"); } diff --git a/src/svr-kex.c b/src/svr-kex.c index 14df08a1a..d35eb67a0 100644 --- a/src/svr-kex.c +++ b/src/svr-kex.c @@ -1,20 +1,20 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -185,7 +185,7 @@ static void svr_ensure_hostkey() { /* Generate our side of the diffie-hellman key exchange value (dh_f), and * calculate the session key using the diffie-hellman algorithm. Following * that, the session hash is calculated, and signed with RSA or DSS. The - * result is sent to the client. + * result is sent to the client. * * See the transport RFC4253 section 8 for details * or RFC5656 section 4 for elliptic curve variant. */ @@ -262,7 +262,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *q_c) { } /* calc the signature */ - buf_put_sign(ses.writepayload, svr_opts.hostkey, + buf_put_sign(ses.writepayload, svr_opts.hostkey, ses.newkeys->algo_signature, ses.hash); /* the SSH_MSG_KEXDH_REPLY is done */ diff --git a/src/svr-main.c b/src/svr-main.c index 6373e59de..3c9c0053b 100644 --- a/src/svr-main.c +++ b/src/svr-main.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002-2006 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -261,11 +261,11 @@ static void main_noinetd(int argc, char ** argv, const char* multipath) { struct sockaddr_storage remoteaddr; socklen_t remoteaddrlen; - if (!FD_ISSET(listensocks[i], &fds)) + if (!FD_ISSET(listensocks[i], &fds)) continue; remoteaddrlen = sizeof(remoteaddr); - childsock = accept(listensocks[i], + childsock = accept(listensocks[i], (struct sockaddr*)&remoteaddr, &remoteaddrlen); if (childsock < 0) { @@ -446,7 +446,7 @@ static void commonsetup() { #endif /* set up cleanup handler */ - if (signal(SIGINT, sigintterm_handler) == SIG_ERR || + if (signal(SIGINT, sigintterm_handler) == SIG_ERR || #ifndef DEBUG_VALGRIND signal(SIGTERM, sigintterm_handler) == SIG_ERR || #endif @@ -486,12 +486,12 @@ static size_t listensockets(int *socks, size_t sockcount, int *maxfd) { TRACE(("listening on '%s:%s'", svr_opts.addresses[i], svr_opts.ports[i])) - nsock = dropbear_listen(svr_opts.addresses[i], svr_opts.ports[i], &socks[sockpos], + nsock = dropbear_listen(svr_opts.addresses[i], svr_opts.ports[i], &socks[sockpos], sockcount - sockpos, &errstring, maxfd, svr_opts.interface); if (nsock < 0) { - dropbear_log(LOG_WARNING, "Failed listening on '%s': %s", + dropbear_log(LOG_WARNING, "Failed listening on '%s': %s", svr_opts.ports[i], errstring); m_free(errstring); continue; diff --git a/src/svr-runopts.c b/src/svr-runopts.c index 709dc5764..4c4751ae2 100644 --- a/src/svr-runopts.c +++ b/src/svr-runopts.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -65,7 +65,7 @@ static void printhelp(const char * progname) { "-D Directory containing authorized_keys file\n" #endif #if DROPBEAR_DELAY_HOSTKEY - "-R Create hostkeys as required\n" + "-R Create hostkeys as required\n" #endif "-F Don't fork into background\n" "-e Pass on server process environment to child process\n" @@ -192,7 +192,7 @@ void svr_getopts(int argc, char ** argv) { #ifndef DISABLE_ZLIB opts.allow_compress = 1; -#endif +#endif /* not yet opts.ipv4 = 1; @@ -413,7 +413,7 @@ void svr_getopts(int argc, char ** argv) { if (maxauthtries_arg) { unsigned int val = 0; - if (m_str_to_uint(maxauthtries_arg, &val) == DROPBEAR_FAILURE + if (m_str_to_uint(maxauthtries_arg, &val) == DROPBEAR_FAILURE || val == 0) { dropbear_exit("Bad maxauthtries '%s'", maxauthtries_arg); } @@ -649,7 +649,7 @@ void load_all_hostkeys() { - Otherwise no ecdsa keys will be advertised */ /* check if any keys were loaded at startup */ - loaded_any_ecdsa = + loaded_any_ecdsa = 0 #if DROPBEAR_ECC_256 || svr_opts.hostkey->ecckey256 @@ -696,7 +696,7 @@ void load_all_hostkeys() { #endif #if DROPBEAR_SK_ECDSA disablekey(DROPBEAR_SIGNATURE_SK_ECDSA_NISTP256); -#endif +#endif #if DROPBEAR_SK_ED25519 disablekey(DROPBEAR_SIGNATURE_SK_ED25519); #endif diff --git a/src/svr-service.c b/src/svr-service.c index 0aa487cfc..257678416 100644 --- a/src/svr-service.c +++ b/src/svr-service.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -44,7 +44,7 @@ void recv_msg_service_request() { name = buf_getstring(ses.payload, &len); /* ssh-userauth */ - if (len == SSH_SERVICE_USERAUTH_LEN && + if (len == SSH_SERVICE_USERAUTH_LEN && strncmp(SSH_SERVICE_USERAUTH, name, len) == 0) { send_msg_service_accept(name, len); diff --git a/src/svr-session.c b/src/svr-session.c index a838cf5c6..ad9730d1e 100644 --- a/src/svr-session.c +++ b/src/svr-session.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -175,7 +175,7 @@ void svr_session(int sock, int childpipe) { svr_chansessinitialise(); svr_algos_initialise(); - get_socket_address(ses.sock_in, NULL, NULL, + get_socket_address(ses.sock_in, NULL, NULL, &svr_ses.remotehost, NULL, 1); /* set up messages etc */ @@ -245,11 +245,11 @@ void svr_dropbear_exit(int exitcode, const char* format, va_list param) { } else if (ses.authstate.authdone) { /* user has authenticated */ snprintf(fullmsg, sizeof(fullmsg), - "Exit (%s)%s: %s", + "Exit (%s)%s: %s", ses.authstate.pw_name, fromaddr, exitmsg); } else if (ses.authstate.pw_name) { /* we have a potential user */ - snprintf(fullmsg, sizeof(fullmsg), + snprintf(fullmsg, sizeof(fullmsg), "Exit before auth%s: (user '%s', %u fails): %s", fromaddr, ses.authstate.pw_name, ses.authstate.failcount, exitmsg); add_delay = 1; @@ -305,7 +305,7 @@ void svr_dropbear_exit(int exitcode, const char* format, va_list param) { m_free(svr_opts.ports[i]); } - + exit(exitcode); } @@ -337,7 +337,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) { timesec = time(NULL); local_tm = localtime(×ec); if (local_tm == NULL - || strftime(datestr, sizeof(datestr), "%b %d %H:%M:%S", + || strftime(datestr, sizeof(datestr), "%b %d %H:%M:%S", local_tm) == 0) { /* upon failure, just print the epoch-seconds time. */ diff --git a/src/svr-tcpfwd.c b/src/svr-tcpfwd.c index e6902ea99..1519439bd 100644 --- a/src/svr-tcpfwd.c +++ b/src/svr-tcpfwd.c @@ -1,20 +1,20 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * Copyright (c) 2004 by Mihnea Stoenescu * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/svr-x11fwd.c b/src/svr-x11fwd.c index 5d9e6a96f..ab179ab78 100644 --- a/src/svr-x11fwd.c +++ b/src/svr-x11fwd.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -251,7 +251,7 @@ static int bindport(int fd) { /* if we can't find one in 2000 ports free, something's wrong */ for (port = X11BINDBASE; port < X11BINDBASE + 2000; port++) { addr.sin_port = htons(port); - if (bind(fd, (struct sockaddr*)&addr, + if (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr_in)) == 0) { /* success */ return port; diff --git a/src/sysoptions.h b/src/sysoptions.h index 2f3e64e4b..330da9962 100644 --- a/src/sysoptions.h +++ b/src/sysoptions.h @@ -297,7 +297,7 @@ #define DROPBEAR_MAX_CLI_PASS 1024 -#define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 /* The number of prompts we'll +#define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 /* The number of prompts we'll accept for keyb-interactive auth */ @@ -322,7 +322,7 @@ #define ENABLE_CONNECT_UNIX ((DROPBEAR_CLI_AGENTFWD) || (DROPBEAR_USE_PRNGD)) -/* if we're using authorized_keys or known_hosts */ +/* if we're using authorized_keys or known_hosts */ #define DROPBEAR_KEY_LINES ((DROPBEAR_CLIENT) || (DROPBEAR_SVR_PUBKEY_AUTH)) /* Changing this is inadvisable, it appears to have problems @@ -431,7 +431,7 @@ # define DROPBEAR_MSAN 1 # endif #endif -#ifndef DROPBEAR_MSAN +#ifndef DROPBEAR_MSAN #define DROPBEAR_MSAN 0 #endif diff --git a/src/tcp-accept.c b/src/tcp-accept.c index 5998236b9..d26905d53 100644 --- a/src/tcp-accept.c +++ b/src/tcp-accept.c @@ -1,19 +1,19 @@ /* * Dropbear SSH - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -61,7 +61,7 @@ static void tcp_acceptor(const struct Listener *listener, int sock) { } if (getnameinfo((struct sockaddr*)&sa, len, ipstring, sizeof(ipstring), - portstring, sizeof(portstring), + portstring, sizeof(portstring), NI_NUMERICHOST | NI_NUMERICSERV) != 0) { m_close(fd); return; @@ -116,7 +116,7 @@ int listen_tcpfwd(struct TCPListener* tcpinfo, struct Listener **ret_listener) { /* first we try to bind, so don't need to do so much cleanup on failure */ snprintf(portstring, sizeof(portstring), "%u", tcpinfo->listenport); - nsocks = dropbear_listen(tcpinfo->listenaddr, portstring, socks, + nsocks = dropbear_listen(tcpinfo->listenaddr, portstring, socks, DROPBEAR_MAX_SOCKS, &errstring, &ses.maxfd, tcpinfo->interface); if (nsocks < 0) { dropbear_log(LOG_INFO, "TCP forward failed: %s", errstring); @@ -127,7 +127,7 @@ int listen_tcpfwd(struct TCPListener* tcpinfo, struct Listener **ret_listener) { m_free(errstring); /* new_listener will close the socks if it fails */ - listener = new_listener(socks, nsocks, CHANNEL_ID_TCPFORWARDED, tcpinfo, + listener = new_listener(socks, nsocks, CHANNEL_ID_TCPFORWARDED, tcpinfo, tcp_acceptor, cleanup_tcp); if (listener == NULL) { diff --git a/src/tcpfwd.h b/src/tcpfwd.h index f4b44f639..fa4452f6e 100644 --- a/src/tcpfwd.h +++ b/src/tcpfwd.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -36,7 +36,7 @@ struct TCPListener { unsigned int sendport; /* This is the address/port that we listen on. The address has special - * meanings as per the rfc, "" for all interfaces, "localhost" for + * meanings as per the rfc, "" for all interfaces, "localhost" for * localhost, or a normal interface name. */ char *listenaddr; unsigned int listenport; diff --git a/src/termcodes.c b/src/termcodes.c index c5819c153..10d8d2d41 100644 --- a/src/termcodes.c +++ b/src/termcodes.c @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/termcodes.h b/src/termcodes.h index cd76b7fd4..8500a3aeb 100644 --- a/src/termcodes.h +++ b/src/termcodes.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/src/x11fwd.h b/src/x11fwd.h index 96f51b138..e7893156f 100644 --- a/src/x11fwd.h +++ b/src/x11fwd.h @@ -1,19 +1,19 @@ /* * Dropbear - a SSH2 server - * + * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. - * + * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE