예제 #1
0
/**
 * Initialize do setup work.
 */
void
MHD_TLS_init (void)
{
#if defined(_WIN32) && ! defined(__CYGWIN__)
  WSADATA wsd;
#endif /* _WIN32 && ! __CYGWIN__ */

#ifdef MHD_HTTPS_REQUIRE_GRYPT
#if GCRYPT_VERSION_NUMBER < 0x010600
#if defined(MHD_USE_POSIX_THREADS)
  if (0 != gcry_control (GCRYCTL_SET_THREAD_CBS,
                         &gcry_threads_pthread))
    MHD_PANIC (_("Failed to initialise multithreading in libgcrypt\n"));
#elif defined(MHD_W32_MUTEX_)
  if (0 != gcry_control (GCRYCTL_SET_THREAD_CBS,
                         &gcry_threads_w32))
    MHD_PANIC (_("Failed to initialise multithreading in libgcrypt\n"));
#endif /* defined(MHD_W32_MUTEX_) */
  gcry_check_version (NULL);
#else
  if (NULL == gcry_check_version ("1.6.0"))
    MHD_PANIC (_("libgcrypt is too old. MHD was compiled for libgcrypt 1.6.0 or newer\n"));
#endif
#endif /* MHD_HTTPS_REQUIRE_GRYPT */
  gnutls_global_init ();
}
예제 #2
0
crypt_plugin::crypt_plugin( )
{
   if( !gcry_check_version(GCRYPT_VERSION) ) {
      std::cerr << "LIBGCRYPT version " << GCRYPT_VERSION << " required, " << gcry_check_version(NULL) << " found" << std::endl;
   }
   
   init_algorithms();
};
예제 #3
0
int
main (int argc, char **argv)
{
  int debug = 0;
  int i;

  if (argc > 1 && !strcmp (argv[1], "--verbose"))
    verbose = 1;
  else if (argc > 1 && !strcmp (argv[1], "--debug"))
    {
      verbose = 2;
      debug = 1;
    }

  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
  if (!gcry_check_version (GCRYPT_VERSION))
    die ("version mismatch\n");
  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
  if (debug)
    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
  /* No valuable keys are create, so we can speed up our RNG. */
  gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);

  for (i=0; i < 2; i++)
    check_run ();

  for (i=0; i < 4; i++)
    check_x931_derived_key (i);

  check_ecc_sample_key ();
  check_ed25519ecdsa_sample_key ();

  return !!error_count;
}
예제 #4
0
int
main (int argc, char *argv[])
{
  struct GNUNET_CRYPTO_EccDlogContext *edc;

  if (! gcry_check_version ("1.6.0"))
  {
    FPRINTF (stderr,
             _
             ("libgcrypt has not the expected version (version %s is required).\n"),
             "1.6.0");
    return 0;
  }
  if (getenv ("GNUNET_GCRYPT_DEBUG"))
    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
  GNUNET_log_setup ("test-crypto-ecc-dlog", 
		    "WARNING", 
		    NULL);
  edc = GNUNET_CRYPTO_ecc_dlog_prepare (MAX_FACT,
					MAX_MEM);
  test_dlog (edc);
  test_math (edc);
  GNUNET_CRYPTO_ecc_dlog_release (edc);
  return 0;
}
int main()
{
    // Initialize cryptographic library

    gcry_check_version(GCRYPT_VERSION);

    // Create (somewhat) random encryption key and initialization vector

    srand(time(NULL));

    for(unsigned int i = 0; i < sizeof(enckey); ++i)
	enckey[i] = rand();

    for(unsigned int i = 0; i < sizeof(enciv); ++i)
	enciv[i] = rand();

    // Run speed tests

    run_test<test_libgcrypt_rijndael_ecb>("gcrypt-rijndael-ecb.txt");
    run_test<test_libgcrypt_serpent_ecb>("gcrypt-serpent-ecb.txt");
    run_test<test_libgcrypt_twofish_ecb>("gcrypt-twofish-ecb.txt");
    run_test<test_libgcrypt_blowfish_ecb>("gcrypt-blowfish-ecb.txt");
    run_test<test_libgcrypt_cast5_ecb>("gcrypt-cast5-ecb.txt");
    run_test<test_libgcrypt_3des_ecb>("gcrypt-3des-ecb.txt");
}
예제 #6
0
파일: Crypto.cpp 프로젝트: GulBroz/keepassx
bool Crypto::init()
{
    if (m_initalized) {
        qWarning("Crypto::init: already initalized");
        return true;
    }

    // libgcrypt >= 1.6 doesn't allow custom thread callbacks anymore.
#if !defined(GCRYPT_VERSION_NUMBER) || (GCRYPT_VERSION_NUMBER < 0x010600)
    gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_qt);
#endif
    gcry_check_version(0);
    gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);

    if (!checkAlgorithms()) {
        return false;
    }

    // has to be set before testing Crypto classes
    m_initalized = true;

    if (!selfTest()) {
        m_initalized = false;
        return false;
    }

    return true;
}
예제 #7
0
int
main (int argc, char **argv)
{
  int debug = 0;
  int i;

  if (argc > 1 && !strcmp (argv[1], "--verbose"))
    verbose = 1;
  else if (argc > 1 && !strcmp (argv[1], "--debug"))
    verbose = debug = 1;

  if (!gcry_check_version (GCRYPT_VERSION))
    die ("version mismatch\n");

  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
  gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
  if (debug)
    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);

  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);

  one_bit_only (0);
  one_bit_only (1);
  for (i=0; i < 5; i++)
    test_rshift (i); /* Run several times due to random initializations. */

  for (i=0; i < 5; i++)
    test_lshift (i); /* Run several times due to random initializations. */
  
  show ("All tests completed. Errors: %d\n", error_count);
  return error_count ? 1 : 0;
}
예제 #8
0
void
recutl_init (char *util_name)
{
  set_program_name (xstrdup (util_name));

#if defined REC_CRYPT_SUPPORT
  /* Initialize libgcrypt */
  gcry_check_version (NULL);
  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
#endif

  /* Initialize librec */
  rec_init ();

  /* Even exiting has subtleties.  On exit, if any writes failed, change
     the exit status.  The /dev/full device on GNU/Linux can be used for
     testing; for instance, hello >/dev/full should exit unsuccessfully.
     This is implemented in the Gnulib module "closeout".  */
  atexit (close_stdout);

  /* i18n */
  setlocale (LC_ALL, "");
  bindtextdomain (PACKAGE, LOCALEDIR);
  textdomain (PACKAGE);

  /* Detect whether the tool has been invoked interactively.  */
  
  recutl_interactive_p = isatty (fileno(stdin));

  /* Initially there are no indexes.  */

  recutl_reset_indexes ();
}
예제 #9
0
int init_hash(void)
{
	/*
	 * Version check should be the very first call because it makes sure
	 * that important subsystems are intialized.
	 */
	if (!gcry_check_version(GCRYPT_VERSION))
		return 1;

	/* Disable secure memory.  */
	gcry_control(GCRYCTL_DISABLE_SECMEM, 0);

	/* Tell Libgcrypt that initialization has completed. */
	gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);

	if (gcry_md_test_algo(HASH_FUNC))
		return 1;

	digest_len = gcry_md_get_algo_dlen(HASH_FUNC);
	if (!digest_len)
		return 1;

	abort_on(digest_len == 0 || digest_len > DIGEST_LEN_MAX);

	return 0;
}
예제 #10
0
int
main (int argc, char **argv)
{

  if (argc > 1 && !strcmp (argv[1], "--verbose"))
    verbose = 1;
  else if (argc > 1 && !strcmp (argv[1], "--debug"))
    verbose = debug = 1;

  if (!gcry_check_version (GCRYPT_VERSION))
    die ("version mismatch\n");

  xgcry_control (GCRYCTL_DISABLE_SECMEM, 0);
  xgcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
  if (debug)
    xgcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
  xgcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);

  set_get_point ();
  context_alloc ();
  context_param ();
  basic_ec_math ();

  /* The tests are for P-192 and ed25519 which are not supported in
     FIPS mode.  */
  if (!gcry_fips_mode_active())
    {
      basic_ec_math_simplified ();
      twistededwards_math ();
    }

  info ("All tests completed. Errors: %d\n", error_count);
  return error_count ? 1 : 0;
}
예제 #11
0
파일: dh.c 프로젝트: mwgoldsmith/ssh
/*
 * This inits the values g and p which are used for DH key agreement
 * FIXME: Make the function thread safe by adding a semaphore or mutex.
 */
int ssh_crypto_init(void) {
  if (ssh_crypto_initialized == 0) {
#ifdef HAVE_LIBGCRYPT
    gcry_check_version(NULL);
    if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P,0)) {
      gcry_control(GCRYCTL_INIT_SECMEM, 4096);
      gcry_control(GCRYCTL_INITIALIZATION_FINISHED,0);
    }
#endif

    g = bignum_new();
    if (g == NULL) {
      return -1;
    }
    bignum_set_word(g,g_int);

#ifdef HAVE_LIBGCRYPT
    bignum_bin2bn(p_group1_value, P_GROUP1_LEN, &p_group1);
    if (p_group1 == NULL) {
      bignum_free(g);
      g = NULL;
      return -1;
    }
    bignum_bin2bn(p_group14_value, P_GROUP14_LEN, &p_group14);
    if (p_group14 == NULL) {
      bignum_free(g);
      bignum_free(p_group1);
      g = NULL;
      p_group1 = NULL;
      return -1;
    }

#elif defined HAVE_LIBCRYPTO
    p_group1 = bignum_new();
    if (p_group1 == NULL) {
      bignum_free(g);
      g = NULL;
      return -1;
    }
    bignum_bin2bn(p_group1_value, P_GROUP1_LEN, p_group1);

    p_group14 = bignum_new();
    if (p_group14 == NULL) {
      bignum_free(g);
      bignum_free(p_group1);
      g = NULL;
      p_group1 = NULL;
      return -1;
    }
    bignum_bin2bn(p_group14_value, P_GROUP14_LEN, p_group14);

    OpenSSL_add_all_algorithms();

#endif

    ssh_crypto_initialized = 1;
  }

  return 0;
}
예제 #12
0
void PasswordHasher::initialize()
{
	// These calls are required by libgcrypt before we use any of its functions.
	gcry_check_version(0);
	gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
	gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
}
예제 #13
0
GNUNET_CRYPTO_random_init ()
{
  gcry_error_t rc;

  if (! gcry_check_version (NEED_LIBGCRYPT_VERSION))
  {
    FPRINTF (stderr,
             _("libgcrypt has not the expected version (version %s is required).\n"),
             NEED_LIBGCRYPT_VERSION);
    GNUNET_assert (0);
  }
  if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0)))
    FPRINTF (stderr,
             "Failed to set libgcrypt option %s: %s\n",
             "DISABLE_SECMEM",
	     gcry_strerror (rc));
  /* Otherwise gnunet-ecc takes forever to complete, besides
     we are fine with "just" using GCRY_STRONG_RANDOM */
  if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0)))
    FPRINTF (stderr,
	     "Failed to set libgcrypt option %s: %s\n",
	     "ENABLE_QUICK_RANDOM",
	     gcry_strerror (rc));
  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
  gcry_fast_random_poll ();
  GNUNET_CRYPTO_seed_weak_random (time (NULL) ^
                                  GNUNET_CRYPTO_random_u32
                                  (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX));
}
예제 #14
0
int guac_common_ssh_init(guac_client* client) {

#ifdef LIBSSH2_USES_GCRYPT
    /* Init threadsafety in libgcrypt */
    gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
    if (!gcry_check_version(GCRYPT_VERSION)) {
        guac_client_log(client, GUAC_LOG_ERROR, "libgcrypt version mismatch.");
        return 1;
    }
#endif

    /* Init threadsafety in OpenSSL */
    guac_common_ssh_openssl_init_locks(CRYPTO_num_locks());
    CRYPTO_set_id_callback(guac_common_ssh_openssl_id_callback);
    CRYPTO_set_locking_callback(guac_common_ssh_openssl_locking_callback);

    /* Init OpenSSL */
    SSL_library_init();
    ERR_load_crypto_strings();

    /* Init libssh2 */
    libssh2_init(0);

    /* Success */
    return 0;

}
void libgcrypt_initialize (void) {
    // library initialization
    /* Version check should be the very first call because it
     makes sure that important subsystems are initialized. */
    if (!gcry_check_version (GCRYPT_VERSION))
    {
        fputs ("libgcrypt version mismatch\n", stderr);
        exit (2);
    }
    /* We don’t want to see any warnings, e.g. because we have not yet
     parsed program options which might be used to suppress such
     warnings. */
    gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
    /* ... If required, other initialization goes here.  Note that the
     process might still be running with increased privileges and that
     the secure memory has not been initialized.  */
    /* Allocate a pool of 64k secure memory.  This make the secure memory
     available and also drops privileges where needed.  */
    gcry_control (GCRYCTL_INIT_SECMEM, 65536, 0);
    /* It is now okay to let Libgcrypt complain when there was/is
     a problem with the secure memory. */
    //gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
    /* ... If required, other initialization goes here.  */
    /* Tell Libgcrypt that initialization has completed. */
    gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
    
    if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P))
    {
        fputs ("libgcrypt has not been initialized\n", stderr);
        abort ();
    }
    
}
예제 #16
0
int
main (int argc, char **argv)
{

  if (argc > 1 && !strcmp (argv[1], "--verbose"))
    verbose = 1;
  else if (argc > 1 && !strcmp (argv[1], "--debug"))
    verbose = debug = 1;

  if (!gcry_check_version (GCRYPT_VERSION))
    die ("version mismatch\n");

  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
  gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
  if (debug)
    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);

  set_get_point ();
  context_alloc ();
  context_param ();
  basic_ec_math ();
  basic_ec_math_simplified ();

  show ("All tests completed. Errors: %d\n", error_count);
  return error_count ? 1 : 0;
}
예제 #17
0
int main(int argc, char *argv[])
{
	int i, len, ret = 0;
	char *bin, *pw;
	
	gcry_check_version(NULL);
	
	for (i = 1; i < argc; i++) {
		ret = hex2bin(argv[i], &bin, &len);
		if (ret != 0) {
			perror("decoding input");
			continue;
		}
		ret = c_decrypt(bin, len, &pw, NULL);
		free(bin);
		if (ret != 0) {
			perror("decrypting input");
			continue;
		}
		printf("%s\n", pw);
		free(pw);
	}
	
	exit(ret != 0);
}
예제 #18
0
int
main (int argc, char **argv)
{
  int debug = 0;

  if ((argc > 1) && (! strcmp (argv[1], "--verbose")))
    verbose = 1;
  else if ((argc > 1) && (! strcmp (argv[1], "--debug")))
    verbose = debug = 1;

  signal (SIGPIPE, SIG_IGN);

  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
  if (!gcry_check_version (GCRYPT_VERSION))
    die ("version mismatch\n");

  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
  if (debug)
    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);

  check_forking ();
  check_nonce_forking ();

  return 0;
}
예제 #19
0
int
main (int argc, char* argv[])
{
  if (argc > 1 && !strcmp (argv[1], "--verbose"))
    verbose = 1;
  else if (argc > 1 && !strcmp (argv[1], "--debug"))
    verbose = debug = 1;

  if (!gcry_check_version (GCRYPT_VERSION))
    {
      fputs ("version mismatch\n", stderr);
      exit (1);
    }
  gcry_control(GCRYCTL_DISABLE_SECMEM);

  test_const_and_immutable ();
  test_opaque ();
  test_cmp ();
  test_add ();
  test_sub ();
  test_mul ();
  test_powm ();

  return !!error_count;
}
예제 #20
0
void
egg_libgcrypt_initialize (void)
{
	static volatile gsize gcrypt_initialized = 0;
	unsigned seed;

	if (g_once_init_enter (&gcrypt_initialized)) {
		
		/* Only initialize libgcrypt if it hasn't already been initialized */
		if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) {
#if GCRYPT_VERSION_NUMBER < 0x010600
			gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
#endif
			gcry_check_version (LIBGCRYPT_VERSION);
			gcry_set_log_handler (log_handler, NULL);
			gcry_set_outofcore_handler (no_mem_handler, NULL);
			gcry_set_fatalerror_handler (fatal_handler, NULL);
			gcry_set_allocation_handler ((gcry_handler_alloc_t)g_malloc, 
			                             (gcry_handler_alloc_t)egg_secure_alloc, 
			                             egg_secure_check, 
			                             (gcry_handler_realloc_t)egg_secure_realloc, 
			                             egg_secure_free);
			gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
		}
		
		gcry_create_nonce (&seed, sizeof (seed));
		srand (seed);

		g_once_init_leave (&gcrypt_initialized, 1);
	}
}
예제 #21
0
int
main (int argc, char **argv)
{
  int debug = 0;

  if (argc > 1 && !strcmp (argv[1], "--verbose"))
    verbose = 1;
  else if (argc > 1 && !strcmp (argv[1], "--debug"))
    verbose = debug = 1;

  if (!gcry_check_version (GCRYPT_VERSION))
    die ("version mismatch\n");

  gcry_set_progress_handler (progress_handler, NULL);
  
  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
  if (debug)
    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
  gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);

  check_ciphers ();
  check_aes128_cbc_cts_cipher ();
  check_cbc_mac_cipher ();
  check_ctr_cipher ();
  check_digests ();
  check_pubkey ();

  return error_count ? 1 : 0;
}
예제 #22
0
int
main (int argc, char *argv[])
{
  struct GNUNET_CRYPTO_EcdhePrivateKey *priv1;
  struct GNUNET_CRYPTO_EcdhePrivateKey *priv2;
  struct GNUNET_CRYPTO_EcdhePublicKey pub1;
  struct GNUNET_CRYPTO_EcdhePublicKey pub2;
  struct GNUNET_HashCode ecdh1;
  struct GNUNET_HashCode ecdh2;

  if (! gcry_check_version ("1.6.0"))
  {
    FPRINTF (stderr,
             _
             ("libgcrypt has not the expected version (version %s is required).\n"),
             "1.6.0");
    return 0;
  }
  if (getenv ("GNUNET_GCRYPT_DEBUG"))
    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
  GNUNET_log_setup ("test-crypto-ecdhe", "WARNING", NULL);

  priv1 = GNUNET_CRYPTO_ecdhe_key_create ();
  priv2 = GNUNET_CRYPTO_ecdhe_key_create ();
  GNUNET_CRYPTO_ecdhe_key_get_public (priv1, &pub1);
  GNUNET_CRYPTO_ecdhe_key_get_public (priv2, &pub2);
  GNUNET_CRYPTO_ecc_ecdh (priv1, &pub2, &ecdh1);
  GNUNET_CRYPTO_ecc_ecdh (priv2, &pub1, &ecdh2);
  GNUNET_assert (0 == memcmp (&ecdh1, &ecdh2,
			      sizeof (struct GNUNET_HashCode)));
  GNUNET_free (priv1);
  GNUNET_free (priv2);
  return 0;
}
예제 #23
0
파일: init.c 프로젝트: 01org/qemu-lite
int qcrypto_init(Error **errp)
{
#ifdef CONFIG_GNUTLS
    int ret;
    ret = gnutls_global_init();
    if (ret < 0) {
        error_setg(errp,
                   "Unable to initialize GNUTLS library: %s",
                   gnutls_strerror(ret));
        return -1;
    }
#ifdef DEBUG_GNUTLS
    gnutls_global_set_log_level(10);
    gnutls_global_set_log_function(qcrypto_gnutls_log);
#endif
#endif

#ifdef CONFIG_GCRYPT
    if (!gcry_check_version(GCRYPT_VERSION)) {
        error_setg(errp, "Unable to initialize gcrypt");
        return -1;
    }
#ifdef QCRYPTO_INIT_GCRYPT_THREADS
    gcry_control(GCRYCTL_SET_THREAD_CBS, &qcrypto_gcrypt_thread_impl);
#endif /* QCRYPTO_INIT_GCRYPT_THREADS */
    gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
#endif

    return 0;
}
예제 #24
0
int
main (int argc, char **argv)
{
  int debug = 0;

  if (argc > 1 && !strcmp (argv[1], "--verbose"))
    verbose = 1;
  else if (argc > 1 && !strcmp (argv[1], "--debug"))
    {
      verbose = 2;
      debug = 1;
    }

  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
  if (!gcry_check_version ("1.4.4"))
    die ("version mismatch\n");
  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
  if (debug)
    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
  /* No valuable keys are create, so we can speed up our RNG. */
  gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);


  check_dsa_gen_186_2 ();


  return error_count ? 1 : 0;
}
예제 #25
0
/**
 * This function will generate a new pair of prime and generator for use in
 * the Diffie-Hellman key exchange.
 * The bits value should be one of 768, 1024, 2048, 3072 or 4096.
 **/
static int dh_params_generate (unsigned int bits) {

    int result, times = 0, qbits;
    gcry_mpi_t *factors = NULL;
    gcry_error_t err;

    /* Version check should be the very first call because it
       makes sure that important subsystems are intialized. */
    if (!gcry_check_version (GCRYPT_VERSION)) {
        LOG(log_error, logtype_uams, "PAM DHX2: libgcrypt versions mismatch. Need: %s", GCRYPT_VERSION);
        result = AFPERR_MISC;
        goto error;
    }

    if (bits < 256)
        qbits = bits / 2;
    else
        qbits = (bits / 40) + 105;

    if (qbits & 1) /* better have an even number */
        qbits++;

    /* find a prime number of size bits. */
    do {
        if (times) {
            gcry_mpi_release(p);
            gcry_prime_release_factors (factors);
        }
        err = gcry_prime_generate(&p, bits, qbits, &factors, NULL, NULL,
                                  GCRY_STRONG_RANDOM, GCRY_PRIME_FLAG_SPECIAL_FACTOR);
        if (err != 0) {
            result = AFPERR_MISC;
            goto error;
        }
        err = gcry_prime_check(p, 0);
        times++;
    } while (err != 0 && times < 10);

    if (err != 0) {
        result = AFPERR_MISC;
        goto error;
    }

    /* generate the group generator. */
    err = gcry_prime_group_generator(&g, p, factors, NULL);
    if (err != 0) {
        result = AFPERR_MISC;
        goto error;
    }

    gcry_prime_release_factors(factors);

    return 0;

error:
    gcry_prime_release_factors(factors);

    return result;
}
예제 #26
0
/** Tagcrypt initialization.
 *
 * This function can be called many times without harm.
 */
void tagcrypt_init() {
    gcry_set_outofcore_handler(tagcrypt_gcry_outofcore_handler, NULL);

    gcry_check_version (NULL);
    gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
    gcry_control (GCRYCTL_INIT_SECMEM, 4096);
    gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM); 
}
예제 #27
0
static void _mesa_libgcrypt_init(void)
{
    if (!gcry_check_version(NULL))
        return;

    gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
    gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
}
예제 #28
0
int
main( int argc, char **argv )
{
    if ( argc < 2 )
	printf("%s\n", gcry_check_version ( NULL ) );
    else if ( !strcmp ( argv[1], "version") )
	printf("%s\n", gcry_check_version ( argc > 2 ? argv[2] : NULL ) );
    else if ( !strcmp ( argv[1], "sexp" ) )
	test_sexp ( argc-2, argv+2 );
    else if ( !strcmp ( argv[1], "genkey" ) )
	test_genkey ( argc-2, argv+2 );
    else {
	fprintf (stderr, "usage: testapi mode-string [mode-args]\n");
	return 1;
    }

    return 0;
}
예제 #29
0
/*
 * init_gcrypt() -- Initialize libgcrypt
 *   return: Success, returns NO_ERROR.
 */
static int
init_gcrypt (void)
{
  /* if gcrypt init success, it doesn't return GPG_ERR_NO_ERROR. It's kind of weird! */
#define GCRYPT_INIT_SUCCESS gcry_error(GPG_ERR_GENERAL)

  gcry_error_t i_gcrypt_err;
  if (gcrypt_initialized == 0)
    {
#if defined(SERVER_MODE)
      pthread_mutex_lock (&gcrypt_init_mutex);

      if (gcrypt_initialized == 1)
	{
	  /* It means other concurrent thread has initialized gcrypt when the thread blocked by
	   * pthread_mutex_lock(&gcrypt_init_mutex). */
	  pthread_mutex_unlock (&gcrypt_init_mutex);
	  return NO_ERROR;
	}

      i_gcrypt_err = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
      if (i_gcrypt_err != GPG_ERR_NO_ERROR)
	{
	  pthread_mutex_unlock (&gcrypt_init_mutex);
	  er_set (ER_ERROR_SEVERITY, ARG_FILE_LINE, ER_ENCRYPTION_LIB_FAILED, 1,
		  crypt_lib_fail_info[CRYPT_LIB_INIT_ERR]);
	  return ER_ENCRYPTION_LIB_FAILED;
	}
#endif
      gcry_check_version (NULL);

      /* allocate secure memory */
      gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
      gcry_control (GCRYCTL_INIT_SECMEM, GCRYPT_SECURE_MEMORY_LEN, 0);
      gcry_control (GCRYCTL_RESUME_SECMEM_WARN);

      gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);

      i_gcrypt_err = gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P);
      if (i_gcrypt_err != GCRYPT_INIT_SUCCESS)
	{
#if defined(SERVER_MODE)
	  pthread_mutex_unlock (&gcrypt_init_mutex);
#endif
	  er_set (ER_ERROR_SEVERITY, ARG_FILE_LINE, ER_ENCRYPTION_LIB_FAILED, 1,
		  crypt_lib_fail_info[CRYPT_LIB_INIT_ERR]);
	  return ER_ENCRYPTION_LIB_FAILED;
	}
      gcrypt_initialized = (i_gcrypt_err == GCRYPT_INIT_SUCCESS) ? 1 : 0;
#if defined(SERVER_MODE)
      pthread_mutex_unlock (&gcrypt_init_mutex);
#endif
      return NO_ERROR;
    }
  return NO_ERROR;
}
예제 #30
0
int
main (int argc, char **argv)
{
  int last_argc = -1;

  if (argc)
    { argc--; argv++; }

  while (argc && last_argc != argc )
    {
      last_argc = argc;
      if (!strcmp (*argv, "--"))
        {
          argc--; argv++;
          break;
        }
      else if (!strcmp (*argv, "--help"))
        {
          fputs ("usage: " PGM " [options]\n"
                 "Options:\n"
                 "  --verbose       print timings etc.\n"
                 "  --debug         flyswatter\n",
                 stdout);
          exit (0);
        }
      else if (!strcmp (*argv, "--verbose"))
        {
          verbose++;
          argc--; argv++;
        }
      else if (!strcmp (*argv, "--debug"))
        {
          verbose += 2;
          debug++;
          argc--; argv++;
        }
      else if (!strncmp (*argv, "--", 2))
        die ("unknown option '%s'", *argv);
    }

  xgcry_control (GCRYCTL_DISABLE_SECMEM, 0);
  if (!gcry_check_version (GCRYPT_VERSION))
    die ("version mismatch\n");
  if (debug)
    xgcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
  xgcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
  xgcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);

  start_timer ();
  check_cv25519 ();
  stop_timer ();

  info ("All tests completed in %s.  Errors: %d\n",
        elapsed_time (1), error_count);
  return !!error_count;
}