libtom
diff --git a/‎aes.c‎
Lines changed: 38 additions & 7 deletions b/‎aes.c‎
Lines changed: 38 additions & 7 deletions
diff --git a/‎blowfish.c‎
Lines changed: 18 additions & 24 deletions b/‎blowfish.c‎
Lines changed: 18 additions & 24 deletions
diff --git a/‎cast5.c‎
Lines changed: 49 additions & 11 deletions b/‎cast5.c‎
Lines changed: 49 additions & 11 deletions
@@ -47,7 +47,7 @@ const struct _cipher_descriptor aes_desc =
 
 int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_key *skey)
 {
-    int i = 0, j;
+    int i, j;
     ulong32 temp, *rk, *rrk;
 
     _ARGCHK(key != NULL);
@@ -64,6 +64,7 @@ int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_k
     skey->rijndael.Nr = 10 + ((keylen/8)-2)*2;
 
     /* setup the forward key */
+    i                 = 0;
     rk                = skey->rijndael.eK;
     LOAD32H(rk[0], key     );
     LOAD32H(rk[1], key +  4);
@@ -83,7 +84,7 @@ int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_k
             rk[6] = rk[2] ^ rk[5];
             rk[7] = rk[3] ^ rk[6];
             if (++i == 10) {
-                break;
+               break;
             }
             rk += 4;
         }
@@ -233,7 +234,11 @@ int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_k
     return CRYPT_OK;   
 }
 
-void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 
+#ifdef CLEAN_STACK
+static void _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 
+#else
+void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+#endif
 {
     ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
     int Nr, r;
@@ -259,8 +264,6 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
      */
     r = Nr >> 1;
     for (;;) {
-
-/* Both of these blocks are equivalent except the top is more friendlier for x86 processors */
         t0 =
             Te0[byte(s0, 3)] ^
             Te1[byte(s1, 2)] ^
@@ -350,7 +353,20 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
     STORE32H(s3, ct+12);
 }
 
-void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) {
+#ifdef CLEAN_STACK
+void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 
+{
+   _rijndael_ecb_encrypt(pt, ct, skey);
+   burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2);
+}
+#endif
+
+#ifdef CLEAN_STACK
+static void _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 
+#else
+void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+#endif
+{
     ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
     int Nr, r;
 
@@ -467,6 +483,15 @@ void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
     STORE32H(s3, pt+12);
 }
 
+
+#ifdef CLEAN_STACK
+void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 
+{
+   _rijndael_ecb_decrypt(ct, pt, skey);
+   burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2);
+}
+#endif
+
 int rijndael_test(void)
 {
  #ifndef LTC_TEST
@@ -508,7 +533,7 @@ int rijndael_test(void)
 
  symmetric_key key;
  unsigned char tmp[2][16];
- int i;
+ int i, y;
 
  for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
     zeromem(&key, sizeof(key));
@@ -537,6 +562,12 @@ int rijndael_test(void)
 #endif       
         return CRYPT_FAIL_TESTVECTOR;
     }
+
+      /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
+      for (y = 0; y < 16; y++) tmp[0][y] = 0;
+      for (y = 0; y < 1000; y++) rijndael_ecb_encrypt(tmp[0], tmp[0], &key);
+      for (y = 0; y < 1000; y++) rijndael_ecb_decrypt(tmp[0], tmp[0], &key);
+      for (y = 0; y < 16; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR;
  }       
  return CRYPT_OK;
  #endif
 
@@ -304,7 +304,10 @@ int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
    for (x = y = 0; x < 18; x++) {
        A = 0;
        for (z = 0; z < 4; z++) {
-           A = (A << 8) | ((ulong32)key[y++ % keylen]);
+           A = (A << 8) | ((ulong32)key[y++] & 255);
+           if (y == (ulong32)keylen) { 
+              y = 0; 
+           }
        }
        skey->blowfish.K[x] = ORIG_P[x] ^ A;
    }
@@ -347,13 +350,6 @@ int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
    return CRYPT_OK;
 }
 
-#if defined(__GNUC__)
-   #define S1 key->blowfish.S[0]
-   #define S2 key->blowfish.S[1]
-   #define S3 key->blowfish.S[2]
-   #define S4 key->blowfish.S[3]
-#endif   
-
 #define F(x) ((S1[byte(x,3)] + S2[byte(x,2)]) ^ S3[byte(x,1)]) + S4[byte(x,0)]
 
 #ifdef CLEAN_STACK
@@ -364,20 +360,16 @@ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
 {
    ulong32 L, R;
    int r;
-#if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
-    ulong32 *S1, *S2, *S3, *S4;
-#endif    
+   ulong32 *S1, *S2, *S3, *S4;
 
     _ARGCHK(pt != NULL);
     _ARGCHK(ct != NULL);
     _ARGCHK(key != NULL);
-    
-#if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
+
     S1 = key->blowfish.S[0];
     S2 = key->blowfish.S[1];
     S3 = key->blowfish.S[2];
     S4 = key->blowfish.S[3];
-#endif    
 
    /* load it */
    LOAD32H(L, &pt[0]);
@@ -416,20 +408,16 @@ void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
 {
    ulong32 L, R;
    int r;
-#if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
-    ulong32 *S1, *S2, *S3, *S4;
-#endif    
+   ulong32 *S1, *S2, *S3, *S4;
 
     _ARGCHK(pt != NULL);
     _ARGCHK(ct != NULL);
     _ARGCHK(key != NULL);
 
-#if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
     S1 = key->blowfish.S[0];
     S2 = key->blowfish.S[1];
     S3 = key->blowfish.S[2];
     S4 = key->blowfish.S[3];
-#endif  
 
    /* load it */
    LOAD32H(R, &ct[0]);
@@ -487,8 +475,8 @@ int blowfish_test(void)
            { 0x7D, 0x85, 0x6F, 0x9A, 0x61, 0x30, 0x63, 0xF2}
        }
    };
-   unsigned char buf[2][8];
-   int x;
+   unsigned char tmp[2][8];
+   int x, y;
 
    for (x = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
       /* setup key */
@@ -497,13 +485,19 @@ int blowfish_test(void)
       }
 
       /* encrypt and decrypt */
-      blowfish_ecb_encrypt(tests[x].pt, buf[0], &key);
-      blowfish_ecb_decrypt(buf[0], buf[1], &key);
+      blowfish_ecb_encrypt(tests[x].pt, tmp[0], &key);
+      blowfish_ecb_decrypt(tmp[0], tmp[1], &key);
 
       /* compare */
-      if ((memcmp(buf[0], tests[x].ct, 8) != 0) || (memcmp(buf[1], tests[x].pt, 8) != 0)) {
+      if ((memcmp(tmp[0], tests[x].ct, 8) != 0) || (memcmp(tmp[1], tests[x].pt, 8) != 0)) {
          return CRYPT_FAIL_TESTVECTOR;
       }
+
+      /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
+      for (y = 0; y < 8; y++) tmp[0][y] = 0;
+      for (y = 0; y < 1000; y++) blowfish_ecb_encrypt(tmp[0], tmp[0], &key);
+      for (y = 0; y < 1000; y++) blowfish_ecb_decrypt(tmp[0], tmp[0], &key);
+      for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR;
    }
    return CRYPT_OK;
  #endif
 
@@ -381,7 +381,11 @@ static const ulong32 S8[256] = {
    #define GB(x, i) (((x[(15-i)>>2])>>(unsigned)(8*((15-i)&3)))&255)
 #endif   
 
+#ifdef CLEAN_STACK
+static int _cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
+#else
 int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
+#endif
 {
    ulong32 x[4], z[4];
    unsigned char buf[16];
@@ -431,7 +435,6 @@ int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_
         skey->cast5.K[i++] = S5[GB(x, 0x5)] ^ S6[GB(x, 0x4)] ^ S7[GB(x, 0xa)] ^ S8[GB(x, 0xb)] ^ S8[GB(x, 0x7)];
 
         /* second half */
-
         z[3] = x[3] ^ S5[GB(x, 0xD)] ^ S6[GB(x, 0xF)] ^ S7[GB(x, 0xC)] ^ S8[GB(x, 0xE)] ^ S7[GB(x, 0x8)];
         z[2] = x[1] ^ S5[GB(z, 0x0)] ^ S6[GB(z, 0x2)] ^ S7[GB(z, 0x1)] ^ S8[GB(z, 0x3)] ^ S8[GB(x, 0xA)];
         z[1] = x[0] ^ S5[GB(z, 0x7)] ^ S6[GB(z, 0x6)] ^ S7[GB(z, 0x5)] ^ S8[GB(z, 0x4)] ^ S5[GB(x, 0x9)];
@@ -462,6 +465,16 @@ int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_
    return CRYPT_OK;
 }
 
+#ifdef CLEAN_STACK
+int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
+{
+   int z;
+   z = _cast5_setup(key, keylen, num_rounds, skey);
+   burn_stack(sizeof(ulong32)*8 + 16 + sizeof(int)*2);
+   return z;
+}
+#endif
+
 #ifdef _MSC_VER
    #define INLINE __inline
 #else
@@ -492,7 +505,11 @@ INLINE static ulong32 FIII(ulong32 R, ulong32 Km, ulong32 Kr)
    return ((S1[byte(I, 3)] + S2[byte(I,2)]) ^ S3[byte(I,1)]) - S4[byte(I,0)];
 }
 
+#ifdef CLEAN_STACK
+static void _cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
+#else
 void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
+#endif
 {
    ulong32 R, L;
 
@@ -502,7 +519,6 @@ void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
 
    LOAD32H(L,&pt[0]); 
    LOAD32H(R,&pt[4]);
-
    L ^= FI(R, key->cast5.K[0], key->cast5.K[16]);
    R ^= FII(L, key->cast5.K[1], key->cast5.K[17]);
    L ^= FIII(R, key->cast5.K[2], key->cast5.K[18]);
@@ -525,7 +541,20 @@ void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
    STORE32H(L,&ct[4]);
 }
 
+
+#ifdef CLEAN_STACK
+void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
+{
+   _cast5_ecb_encrypt(pt,ct,key);
+   burn_stack(sizeof(ulong32)*3);
+}
+#endif
+
+#ifdef CLEAN_STACK
+static void _cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
+#else
 void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
+#endif
 {
    ulong32 R, L;
 
@@ -535,14 +564,12 @@ void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key
 
    LOAD32H(R,&ct[0]); 
    LOAD32H(L,&ct[4]);
-
    if (key->cast5.keylen > 10) {
       R ^= FI(L, key->cast5.K[15], key->cast5.K[31]);
       L ^= FIII(R, key->cast5.K[14], key->cast5.K[30]);
       R ^= FII(L, key->cast5.K[13], key->cast5.K[29]);
       L ^= FI(R, key->cast5.K[12], key->cast5.K[28]);
    }
-
    R ^= FIII(L, key->cast5.K[11], key->cast5.K[27]);
    L ^= FII(R, key->cast5.K[10], key->cast5.K[26]);
    R ^= FI(L, key->cast5.K[9], key->cast5.K[25]);
@@ -555,11 +582,18 @@ void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key
    L ^= FIII(R, key->cast5.K[2], key->cast5.K[18]);
    R ^= FII(L, key->cast5.K[1], key->cast5.K[17]);
    L ^= FI(R, key->cast5.K[0], key->cast5.K[16]);
-
    STORE32H(L,&pt[0]);
    STORE32H(R,&pt[4]);
 }
 
+#ifdef CLEAN_STACK
+void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
+{
+   _cast5_ecb_decrypt(ct,pt,key);
+   burn_stack(sizeof(ulong32)*3);
+}
+#endif
+
 int cast5_test(void)
 {
  #ifndef LTC_TEST
@@ -587,19 +621,24 @@ int cast5_test(void)
        {0x7A, 0xC8, 0x16, 0xD1, 0x6E, 0x9B, 0x30, 0x2E}
      }
    };
-   int i, err;
+   int i, y, err;
    symmetric_key key;
-   unsigned char buf[8], buf2[8];
+   unsigned char tmp[2][8];
 
    for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
        if ((err = cast5_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) {
           return err;
        }
-       cast5_ecb_encrypt(tests[i].pt, buf, &key);
-       cast5_ecb_decrypt(buf, buf2, &key);
-       if ((memcmp(buf, tests[i].ct, 8) != 0) || (memcmp(buf2, tests[i].pt, 8) != 0)) {
+       cast5_ecb_encrypt(tests[i].pt, tmp[0], &key);
+       cast5_ecb_decrypt(tmp[0], tmp[1], &key);
+       if ((memcmp(tmp[0], tests[i].ct, 8) != 0) || (memcmp(tmp[1], tests[i].pt, 8) != 0)) {
           return CRYPT_FAIL_TESTVECTOR;
        }
+      /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
+      for (y = 0; y < 8; y++) tmp[0][y] = 0;
+      for (y = 0; y < 1000; y++) cast5_ecb_encrypt(tmp[0], tmp[0], &key);
+      for (y = 0; y < 1000; y++) cast5_ecb_decrypt(tmp[0], tmp[0], &key);
+      for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR;
 
    }
    return CRYPT_OK;
@@ -618,4 +657,3 @@ int cast5_keysize(int *desired_keysize)
 } 
 
 #endif
-