/* ========================================================================= */ int test_add16s_func(void) { INT16 ALIGN(src1[FUNC_TEST_SIZE+3]), ALIGN(src2[FUNC_TEST_SIZE+3]), ALIGN(d1[FUNC_TEST_SIZE+3]), ALIGN(d2[FUNC_TEST_SIZE+3]); int failed = 0; #if defined(WITH_SSE2) || defined(WITH_IPP) int i; #endif char testStr[256]; testStr[0] = '\0'; get_random_data(src1, sizeof(src1)); get_random_data(src2, sizeof(src2)); memset(d1, 0, sizeof(d1)); memset(d2, 0, sizeof(d2)); general_add_16s(src1+1, src2+1, d1+1, FUNC_TEST_SIZE); #ifdef WITH_SSE2 if(IsProcessorFeaturePresent(PF_SSE3_INSTRUCTIONS_AVAILABLE)) { strcat(testStr, " SSE3"); /* Aligned */ sse3_add_16s(src1+1, src2+1, d2+1, FUNC_TEST_SIZE); for (i=1; i<FUNC_TEST_SIZE; ++i) { if (d1[i] != d2[i]) { printf("ADD16S-SSE-aligned FAIL[%d] %d+%d=%d, got %d\n", i, src1[i], src2[i], d1[i], d2[i]); ++failed; } } /* Unaligned */ sse3_add_16s(src1+1, src2+1, d2+2, FUNC_TEST_SIZE); for (i=1; i<FUNC_TEST_SIZE; ++i) { if (d1[i] != d2[i+1]) { printf("ADD16S-SSE-unaligned FAIL[%d] %d+%d=%d, got %d\n", i, src1[i], src2[i], d1[i], d2[i+1]); ++failed; } } } #endif #ifdef WITH_IPP strcat(testStr, " IPP"); ippsAdd_16s(src1+1, src2+1, d2+1, FUNC_TEST_SIZE); for (i=1; i<FUNC_TEST_SIZE; ++i) { if (d1[i] != d2[i]) { printf("ADD16S-IPP FAIL[%d] %d+%d=%d, got %d\n", i, src1[i], src2[i], d1[i], d2[i]); ++failed; } } #endif /* WITH_IPP */ if (!failed) printf("All add16s tests passed (%s).\n", testStr); return (failed > 0) ? FAILURE : SUCCESS; }
int test_add16s_speed(void) { INT16 ALIGN(src1[MAX_TEST_SIZE+3]), ALIGN(src2[MAX_TEST_SIZE+3]), ALIGN(dst[MAX_TEST_SIZE+3]); get_random_data(src1, sizeof(src1)); get_random_data(src2, sizeof(src2)); add16s_speed_test("add16s", "aligned", src1, src2, 0, dst, test_sizes, NUM_TEST_SIZES, ADD16S_PRETEST_ITERATIONS, TEST_TIME); add16s_speed_test("add16s", "unaligned", src1+1, src2+2, 0, dst, test_sizes, NUM_TEST_SIZES, ADD16S_PRETEST_ITERATIONS, TEST_TIME); return SUCCESS; }
/* ------------------------------------------------------------------------- */ int test_sign16s_func(void) { INT16 ALIGN(src[65535]), ALIGN(d1[65535]); #ifdef WITH_SSE2 INT16 ALIGN(d2[65535]); int i; #endif int failed = 0; char testStr[256]; /* Test when we can reach 16-byte alignment */ testStr[0] = '\0'; get_random_data(src, sizeof(src)); general_sign_16s(src+1, d1+1, 65535); #ifdef WITH_SSE2 if (IsProcessorFeaturePresentEx(PF_EX_SSSE3)) { strcat(testStr, " SSSE3"); ssse3_sign_16s(src+1, d2+1, 65535); for (i=1; i<65535; ++i) { if (d1[i] != d2[i]) { printf("SIGN16s-SSE-aligned FAIL[%d] of %d: want %d, got %d\n", i, src[i], d1[i], d2[i]); ++failed; } } } #endif /* i386 */ /* Test when we cannot reach 16-byte alignment */ get_random_data(src, sizeof(src)); general_sign_16s(src+1, d1+2, 65535); #ifdef WITH_SSE2 if (IsProcessorFeaturePresentEx(PF_EX_SSSE3)) { ssse3_sign_16s(src+1, d2+2, 65535); for (i=2; i<65535; ++i) { if (d1[i] != d2[i]) { printf("SIGN16s-SSE-unaligned FAIL[%d] of %d: want %d, got %d\n", i, src[i-1], d1[i], d2[i]); ++failed; } } } #endif /* i386 */ if (!failed) printf("All sign16s tests passed (%s).\n", testStr); return (failed > 0) ? FAILURE : SUCCESS; }
/* ------------------------------------------------------------------------- */ int test_sign16s_func(void) { INT16 ALIGN(src[65535]), ALIGN(d1[65535]), ALIGN(d2[65535]); int failed = 0; int i; UINT32 pflags = primitives_get_flags(primitives_get()); char testStr[256]; /* Test when we can reach 16-byte alignment */ testStr[0] = '\0'; get_random_data(src, sizeof(src)); general_sign_16s(src+1, d1+1, 65535); #ifdef _M_IX86_AMD64 if (pflags & PRIM_X86_SSSE3_AVAILABLE) { strcat(testStr, " SSSE3"); ssse3_sign_16s(src+1, d2+1, 65535); for (i=1; i<65535; ++i) { if (d1[i] != d2[i]) { printf("SIGN16s-SSE-aligned FAIL[%d] of %d: want %d, got %d\n", i, src[i], d1[i], d2[i]); ++failed; } } } #endif /* i386 */ /* Test when we cannot reach 16-byte alignment */ get_random_data(src, sizeof(src)); general_sign_16s(src+1, d1+2, 65535); #ifdef _M_IX86_AMD64 if (pflags & PRIM_X86_SSSE3_AVAILABLE) { ssse3_sign_16s(src+1, d2+2, 65535); for (i=2; i<65535; ++i) { if (d1[i] != d2[i]) { printf("SIGN16s-SSE-unaligned FAIL[%d] of %d: want %d, got %d\n", i, src[i-1], d1[i], d2[i]); ++failed; } } } #endif /* i386 */ if (!failed) printf("All sign16s tests passed (%s).\n", testStr); return (failed > 0) ? FAILURE : SUCCESS; }
/* Generate Rijndael and HMAC keys from /dev/random and base64 * encode them */ int fko_key_gen(char * const key_base64, const int key_len, char * const hmac_key_base64, const int hmac_key_len, const int hmac_type) { unsigned char key[RIJNDAEL_MAX_KEYSIZE]; unsigned char hmac_key[SHA512_BLOCK_LEN]; int klen = key_len; int hmac_klen = hmac_key_len; int b64_len = 0; if(key_len == FKO_DEFAULT_KEY_LEN) klen = RIJNDAEL_MAX_KEYSIZE; if(hmac_key_len == FKO_DEFAULT_KEY_LEN) { if(hmac_type == FKO_DEFAULT_HMAC_MODE || hmac_type == FKO_HMAC_SHA256) hmac_klen = SHA256_BLOCK_LEN; else if(hmac_type == FKO_HMAC_MD5) hmac_klen = MD5_DIGEST_LEN; else if(hmac_type == FKO_HMAC_SHA1) hmac_klen = SHA1_DIGEST_LEN; else if(hmac_type == FKO_HMAC_SHA384) hmac_klen = SHA384_BLOCK_LEN; else if(hmac_type == FKO_HMAC_SHA512) hmac_klen = SHA512_BLOCK_LEN; } if((klen < 1) || (klen > RIJNDAEL_MAX_KEYSIZE)) return(FKO_ERROR_INVALID_DATA_FUNCS_GEN_KEYLEN_VALIDFAIL); if((hmac_klen < 1) || (hmac_klen > SHA512_BLOCK_LEN)) return(FKO_ERROR_INVALID_DATA_FUNCS_GEN_HMACLEN_VALIDFAIL); get_random_data(key, klen); get_random_data(hmac_key, hmac_klen); b64_len = b64_encode(key, key_base64, klen); if(b64_len < klen) return(FKO_ERROR_INVALID_DATA_FUNCS_GEN_KEY_ENCODEFAIL); b64_len = b64_encode(hmac_key, hmac_key_base64, hmac_klen); if(b64_len < hmac_klen) return(FKO_ERROR_INVALID_DATA_FUNCS_GEN_HMAC_ENCODEFAIL); return(FKO_SUCCESS); }
int test_sign16s_speed(void) { INT16 ALIGN(src[MAX_TEST_SIZE+3]), ALIGN(dst[MAX_TEST_SIZE+3]); get_random_data(src, sizeof(src)); sign16s_speed_test("sign16s", "aligned", src, NULL, 0, dst, test_sizes, NUM_TEST_SIZES, SIGN_PRETEST_ITERATIONS, TEST_TIME); sign16s_speed_test("sign16s", "unaligned", src+1, NULL, 0, dst, test_sizes, NUM_TEST_SIZES, SIGN_PRETEST_ITERATIONS, TEST_TIME); return SUCCESS; }
/* ------------------------------------------------------------------------- */ int test_rShift_16u_speed(void) { UINT16 ALIGN(src[MAX_TEST_SIZE+1]), ALIGN(dst[MAX_TEST_SIZE+1]); get_random_data(src, sizeof(src)); speed_rShift_16u("rShift_16u", "aligned", src, NULL, 3, dst, test_sizes, NUM_TEST_SIZES, SHIFT_PRETEST_ITERATIONS, TEST_TIME); speed_rShift_16u("rShift_16u", "unaligned", src+1, NULL, 3, dst, test_sizes, NUM_TEST_SIZES, SHIFT_PRETEST_ITERATIONS, TEST_TIME); return SUCCESS; }
int test_or_32u_speed(void) { UINT32 ALIGN(src[MAX_TEST_SIZE+3]), ALIGN(dst[MAX_TEST_SIZE+3]); get_random_data(src, sizeof(src)); orC_32u_speed_test("or32u", "aligned", src, NULL, VALUE, dst, test_sizes, NUM_TEST_SIZES, ANDOR_PRETEST_ITERATIONS, TEST_TIME); orC_32u_speed_test("or32u", "unaligned", src+1, NULL, VALUE, dst, test_sizes, NUM_TEST_SIZES, ANDOR_PRETEST_ITERATIONS, TEST_TIME); return SUCCESS; }
/* ========================================================================= */ int test_and_32u_func(void) { UINT32 ALIGN(src[FUNC_TEST_SIZE+3]), ALIGN(dst[FUNC_TEST_SIZE+3]); int failed = 0; int i; char testStr[256]; testStr[0] = '\0'; get_random_data(src, sizeof(src)); general_andC_32u(src+1, VALUE, dst+1, FUNC_TEST_SIZE); strcat(testStr, " general"); for (i=1; i<=FUNC_TEST_SIZE; ++i) { if (dst[i] != (src[i] & VALUE)) { printf("AND-general FAIL[%d] 0x%08x&0x%08x=0x%08x, got 0x%08x\n", i, src[i], VALUE, src[i] & VALUE, dst[i]); ++failed; } } #ifdef WITH_SSE2 if (IsProcessorFeaturePresent(PF_SSE3_INSTRUCTIONS_AVAILABLE)) { strcat(testStr, " SSE3"); /* Aligned */ memset(dst, 0, sizeof(dst)); sse3_andC_32u(src+1, VALUE, dst+1, FUNC_TEST_SIZE); for (i=1; i<=FUNC_TEST_SIZE; ++i) { if (dst[i] != (src[i] & VALUE)) { printf("AND-SSE-aligned FAIL[%d] 0x%08x&0x%08x=0x%08x, got 0x%08x\n", i, src[i], VALUE, src[i] & VALUE, dst[i]); ++failed; } } /* Unaligned */ memset(dst, 0, sizeof(dst)); sse3_andC_32u(src+1, VALUE, dst+2, FUNC_TEST_SIZE); for (i=1; i<=FUNC_TEST_SIZE; ++i) { if (dst[i+1] != (src[i] & VALUE)) { printf("AND-SSE-unaligned FAIL[%d] 0x%08x&0x%08x=0x%08x, got 0x%08x\n", i, src[i], VALUE, src[i] & VALUE, dst[i+1]); ++failed; } } } #endif /* i386 */ if (!failed) printf("All and_32u tests passed (%s).\n", testStr); return (failed > 0) ? FAILURE : SUCCESS; }
int get_random_int_from_author(struct author *author) { int val = 0; union grifa tmp; if (author->rndidx + sizeof(int) >= RANDOM_SIZE) { //read from /dev/urandom get_random_data(author->randombuffer, RANDOM_SIZE); author->rndidx = 0; } memcpy(tmp.randombuffer, author->randombuffer + author->rndidx, sizeof(int)); val = tmp.val; //val = *(int *) (author->randombuffer + author->rndidx); author->rndidx += sizeof(int); return val; }
/** add a random item */ static void add_item(struct val_neg_cache* neg) { struct val_neg_zone* z; struct packed_rrset_data rd; struct ub_packed_rrset_key nsec; size_t rr_len; time_t rr_ttl; uint8_t* rr_data; char* zname = get_random_zone(); char* from, *to; lock_basic_lock(&neg->lock); if(negverbose) log_nametypeclass(0, "add to zone", (uint8_t*)zname, 0, 0); z = neg_find_zone(neg, (uint8_t*)zname, strlen(zname)+1, LDNS_RR_CLASS_IN); if(!z) { z = neg_create_zone(neg, (uint8_t*)zname, strlen(zname)+1, LDNS_RR_CLASS_IN); } unit_assert(z); val_neg_zone_take_inuse(z); /* construct random NSEC item */ get_random_data(&from, &to, zname); /* create nsec and insert it */ memset(&rd, 0, sizeof(rd)); memset(&nsec, 0, sizeof(nsec)); nsec.rk.dname = (uint8_t*)from; nsec.rk.dname_len = strlen(from)+1; nsec.rk.type = htons(LDNS_RR_TYPE_NSEC); nsec.rk.rrset_class = htons(LDNS_RR_CLASS_IN); nsec.entry.data = &rd; rd.security = sec_status_secure; rd.count = 1; rd.rr_len = &rr_len; rr_len = 19; rd.rr_ttl = &rr_ttl; rr_ttl = 0; rd.rr_data = &rr_data; rr_data = (uint8_t*)to; neg_insert_data(neg, z, &nsec); lock_basic_unlock(&neg->lock); }
/* ------------------------------------------------------------------------- */ int test_copy8u_func(void) { primitives_t *prims = primitives_get(); BYTE ALIGN(data[COPY_TESTSIZE+15]); int i, soff; int failed = 0; char testStr[256]; BYTE ALIGN(dest[COPY_TESTSIZE+15]); testStr[0] = '\0'; get_random_data(data, sizeof(data)); strcat(testStr, " ptr"); for (soff=0; soff<16; ++soff) { int doff; for (doff=0; doff<16; ++doff) { int length; for (length=1; length<=COPY_TESTSIZE-doff; ++length) { memset(dest, 0, sizeof(dest)); prims->copy_8u(data+soff, dest+doff, length); for (i=0; i<length; ++i) { if (dest[i+doff] != data[i+soff]) { printf("COPY8U FAIL: off=%d len=%d, dest[%d]=0x%02x" "data[%d]=0x%02x\n", doff, length, i+doff, dest[i+doff], i+soff, data[i+soff]); failed = 1; } } } } } if (!failed) printf("All copy8 tests passed (%s).\n", testStr); return (failed > 0) ? FAILURE : SUCCESS; }
/*------------------------------------------------------------------------ * int ttp_authenticate(ttp_session_t *session, const u_char *secret); * * Given an active Tsunami session, returns 0 if we are able to * negotiate authentication successfully and a non-zero value * otherwise. * * The negotiation process works like this: * * (1) The server [this process] sends 512 bits of random data * to the client. * * (2) The client XORs 512 bits of the shared secret onto this * random data and responds with the MD5 hash of the result. * * (3) The server does the same thing and compares the result. * If the authentication succeeds, the server transmits a * result byte of 0. Otherwise, it transmits a non-zero * result byte. *------------------------------------------------------------------------*/ int ttp_authenticate(ttp_session_t *session, const u_char *secret) { u_char random[64]; /* the buffer of random data */ u_char server_digest[16]; /* the MD5 message digest (for us) */ u_char client_digest[16]; /* the MD5 message digest (for the client) */ int i; int status; /* obtain the random data */ status = get_random_data(random, 64); if (status < 0) return warn("Access to random data is broken"); /* send the random data to the client */ status = full_write(session->client_fd, random, 64); if (status < 0) return warn("Could not send authentication challenge to client"); /* read the results back from the client */ status = full_read(session->client_fd, client_digest, 16); if (status < 0) return warn("Could not read authentication response from client"); /* compare the two digests */ prepare_proof(random, 64, secret, server_digest); for (i = 0; i < 16; ++i) if (client_digest[i] != server_digest[i]) { full_write(session->client_fd, "\001", 1); return warn("Authentication failed"); } /* try to tell the client it worked */ status = full_write(session->client_fd, "\000", 1); if (status < 0) return warn("Could not send authentication confirmation to client"); /* we succeeded */ return 0; }
/* Rijndael function to generate initial salt and initialization vector * (iv). This is is done to be compatible with the data produced via OpenSSL */ static void rij_salt_and_iv(RIJNDAEL_context *ctx, const char *key, const int key_len, const unsigned char *data, const int mode_flag) { char pw_buf[RIJNDAEL_MAX_KEYSIZE] = {0}; unsigned char tmp_buf[MD5_DIGEST_LEN+RIJNDAEL_MAX_KEYSIZE+RIJNDAEL_BLOCKSIZE] = {0}; unsigned char kiv_buf[RIJNDAEL_MAX_KEYSIZE+RIJNDAEL_BLOCKSIZE] = {0}; /* Key and IV buffer */ unsigned char md5_buf[MD5_DIGEST_LEN] = {0}; /* Buffer for computed md5 hash */ int final_key_len = 0; size_t kiv_len = 0; if(mode_flag == FKO_ENC_MODE_CBC_LEGACY_IV) { /* Pad the pw with '0' chars up to the minimum Rijndael key size. * * This maintains compatibility with the old perl code if absolutely * necessary in some scenarios, but is not recommended to use since it * breaks compatibility with how OpenSSL implements AES and introduces * other problems. This code will be removed altogether in a future * version of fwknop. */ if(key_len < RIJNDAEL_MIN_KEYSIZE) { memcpy(pw_buf, key, key_len); memset(pw_buf+key_len, '0', RIJNDAEL_MIN_KEYSIZE - key_len); final_key_len = RIJNDAEL_MIN_KEYSIZE; } else { memcpy(pw_buf, key, key_len); final_key_len = key_len; } } else { memcpy(pw_buf, key, key_len); final_key_len = key_len; } /* If we are decrypting, data will contain the salt. Otherwise, * for encryption, we generate a random salt. */ if(data != NULL) { /* Pull the salt from the data */ memcpy(ctx->salt, (data+SALT_LEN), SALT_LEN); } else { /* Generate a random 8-byte salt. */ get_random_data(ctx->salt, SALT_LEN); } /* Now generate the key and initialization vector. * (again it is the perl Crypt::CBC way, with a touch of * fwknop). */ memcpy(tmp_buf+MD5_DIGEST_LEN, pw_buf, final_key_len); memcpy(tmp_buf+MD5_DIGEST_LEN+final_key_len, ctx->salt, SALT_LEN); while(kiv_len < sizeof(kiv_buf)) { if(kiv_len == 0) md5(md5_buf, tmp_buf+MD5_DIGEST_LEN, final_key_len+SALT_LEN); else md5(md5_buf, tmp_buf, MD5_DIGEST_LEN+final_key_len+SALT_LEN); memcpy(tmp_buf, md5_buf, MD5_DIGEST_LEN); memcpy(kiv_buf + kiv_len, md5_buf, MD5_DIGEST_LEN); kiv_len += MD5_DIGEST_LEN; } memcpy(ctx->key, kiv_buf, RIJNDAEL_MAX_KEYSIZE); memcpy(ctx->iv, kiv_buf+RIJNDAEL_MAX_KEYSIZE, RIJNDAEL_BLOCKSIZE); }
void train_go(char *cfgfile, char *weightfile) { data_seed = time(0); srand(time(0)); float avg_loss = -1; char *base = basecfg(cfgfile); printf("%s\n", base); network net = parse_network_cfg(cfgfile); if(weightfile){ load_weights(&net, weightfile); } printf("Learning Rate: %g, Momentum: %g, Decay: %g\n", net.learning_rate, net.momentum, net.decay); char *backup_directory = "/home/pjreddie/backup/"; char buff[256]; sprintf(buff, "/home/pjreddie/go.train.%02d", rand()%10); data train = load_go(buff); int N = train.X.rows; int epoch = (*net.seen)/N; while(get_current_batch(net) < net.max_batches || net.max_batches == 0){ clock_t time=clock(); data batch = get_random_data(train, net.batch); int i; for(i = 0; i < batch.X.rows; ++i){ int flip = rand()%2; int rotate = rand()%4; image in = float_to_image(19, 19, 1, batch.X.vals[i]); image out = float_to_image(19, 19, 1, batch.y.vals[i]); //show_image_normalized(in, "in"); //show_image_normalized(out, "out"); if(flip){ flip_image(in); flip_image(out); } rotate_image_cw(in, rotate); rotate_image_cw(out, rotate); //show_image_normalized(in, "in2"); //show_image_normalized(out, "out2"); //cvWaitKey(0); } float loss = train_network(net, batch); free_data(batch); if(avg_loss == -1) avg_loss = loss; avg_loss = avg_loss*.95 + loss*.05; printf("%d, %.3f: %f, %f avg, %f rate, %lf seconds, %d images\n", get_current_batch(net), (float)(*net.seen)/N, loss, avg_loss, get_current_rate(net), sec(clock()-time), *net.seen); if(*net.seen/N > epoch){ epoch = *net.seen/N; char buff[256]; sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch); save_weights(net, buff); free_data(train); sprintf(buff, "/home/pjreddie/go.train.%02d", epoch%10); train = load_go(buff); } if(get_current_batch(net)%100 == 0){ char buff[256]; sprintf(buff, "%s/%s.backup",backup_directory,base); save_weights(net, buff); } } sprintf(buff, "%s/%s.weights", backup_directory, base); save_weights(net, buff); free_network(net); free(base); free_data(train); }
int main(int argc, char **argv) { char *infile = NULL; Filename *infilename = NULL, *outfilename = NULL; enum { NOKEYGEN, RSA1, RSA2, DSA, ECDSA, ED25519 } keytype = NOKEYGEN; char *outfile = NULL, *outfiletmp = NULL; enum { PRIVATE, PUBLIC, PUBLICO, FP, OPENSSH_AUTO, OPENSSH_NEW, SSHCOM } outtype = PRIVATE; int bits = -1; char *comment = NULL, *origcomment = NULL; int change_passphrase = FALSE; int errs = FALSE, nogo = FALSE; int intype = SSH_KEYTYPE_UNOPENABLE; int sshver = 0; struct ssh2_userkey *ssh2key = NULL; struct RSAKey *ssh1key = NULL; unsigned char *ssh2blob = NULL; char *ssh2alg = NULL; const struct ssh_signkey *ssh2algf = NULL; int ssh2bloblen; char *old_passphrase = NULL, *new_passphrase = NULL; int load_encrypted; progfn_t progressfn = is_interactive() ? progress_update : no_progress; const char *random_device = NULL; /* ------------------------------------------------------------------ * Parse the command line to figure out what we've been asked to do. */ /* * If run with no arguments at all, print the usage message and * return success. */ if (argc <= 1) { usage(TRUE); return 0; } /* * Parse command line arguments. */ while (--argc) { char *p = *++argv; if (*p == '-') { /* * An option. */ while (p && *++p) { char c = *p; switch (c) { case '-': /* * Long option. */ { char *opt, *val; opt = p++; /* opt will have _one_ leading - */ while (*p && *p != '=') p++; /* find end of option */ if (*p == '=') { *p++ = '\0'; val = p; } else val = NULL; if (!strcmp(opt, "-help")) { if (val) { errs = TRUE; fprintf(stderr, "puttygen: option `-%s'" " expects no argument\n", opt); } else { help(); nogo = TRUE; } } else if (!strcmp(opt, "-version")) { if (val) { errs = TRUE; fprintf(stderr, "puttygen: option `-%s'" " expects no argument\n", opt); } else { showversion(); nogo = TRUE; } } else if (!strcmp(opt, "-pgpfp")) { if (val) { errs = TRUE; fprintf(stderr, "puttygen: option `-%s'" " expects no argument\n", opt); } else { /* support --pgpfp for consistency */ pgp_fingerprints(); nogo = TRUE; } } else if (!strcmp(opt, "-old-passphrase")) { if (!val && argc > 1) --argc, val = *++argv; if (!val) { errs = TRUE; fprintf(stderr, "puttygen: option `-%s'" " expects an argument\n", opt); } else { old_passphrase = readpassphrase(val); if (!old_passphrase) errs = TRUE; } } else if (!strcmp(opt, "-new-passphrase")) { if (!val && argc > 1) --argc, val = *++argv; if (!val) { errs = TRUE; fprintf(stderr, "puttygen: option `-%s'" " expects an argument\n", opt); } else { new_passphrase = readpassphrase(val); if (!new_passphrase) errs = TRUE; } } else if (!strcmp(opt, "-random-device")) { if (!val && argc > 1) --argc, val = *++argv; if (!val) { errs = TRUE; fprintf(stderr, "puttygen: option `-%s'" " expects an argument\n", opt); } else { random_device = val; } } else { errs = TRUE; fprintf(stderr, "puttygen: no such option `-%s'\n", opt); } } p = NULL; break; case 'h': case 'V': case 'P': case 'l': case 'L': case 'p': case 'q': /* * Option requiring no parameter. */ switch (c) { case 'h': help(); nogo = TRUE; break; case 'V': showversion(); nogo = TRUE; break; case 'P': change_passphrase = TRUE; break; case 'l': outtype = FP; break; case 'L': outtype = PUBLICO; break; case 'p': outtype = PUBLIC; break; case 'q': progressfn = no_progress; break; } break; case 't': case 'b': case 'C': case 'O': case 'o': /* * Option requiring parameter. */ p++; if (!*p && argc > 1) --argc, p = *++argv; else if (!*p) { fprintf(stderr, "puttygen: option `-%c' expects a" " parameter\n", c); errs = TRUE; } /* * Now c is the option and p is the parameter. */ switch (c) { case 't': if (!strcmp(p, "rsa") || !strcmp(p, "rsa2")) keytype = RSA2, sshver = 2; else if (!strcmp(p, "rsa1")) keytype = RSA1, sshver = 1; else if (!strcmp(p, "dsa") || !strcmp(p, "dss")) keytype = DSA, sshver = 2; else if (!strcmp(p, "ecdsa")) keytype = ECDSA, sshver = 2; else if (!strcmp(p, "ed25519")) keytype = ED25519, sshver = 2; else { fprintf(stderr, "puttygen: unknown key type `%s'\n", p); errs = TRUE; } break; case 'b': bits = atoi(p); break; case 'C': comment = p; break; case 'O': if (!strcmp(p, "public")) outtype = PUBLIC; else if (!strcmp(p, "public-openssh")) outtype = PUBLICO; else if (!strcmp(p, "private")) outtype = PRIVATE; else if (!strcmp(p, "fingerprint")) outtype = FP; else if (!strcmp(p, "private-openssh")) outtype = OPENSSH_AUTO, sshver = 2; else if (!strcmp(p, "private-openssh-new")) outtype = OPENSSH_NEW, sshver = 2; else if (!strcmp(p, "private-sshcom")) outtype = SSHCOM, sshver = 2; else { fprintf(stderr, "puttygen: unknown output type `%s'\n", p); errs = TRUE; } break; case 'o': outfile = p; break; } p = NULL; /* prevent continued processing */ break; default: /* * Unrecognised option. */ errs = TRUE; fprintf(stderr, "puttygen: no such option `-%c'\n", c); break; } } } else { /* * A non-option argument. */ if (!infile) infile = p; else { errs = TRUE; fprintf(stderr, "puttygen: cannot handle more than one" " input file\n"); } } } if (bits == -1) { /* * No explicit key size was specified. Default varies * depending on key type. */ switch (keytype) { case ECDSA: bits = 384; break; case ED25519: bits = 256; break; default: bits = DEFAULT_RSADSA_BITS; break; } } if (keytype == ECDSA && (bits != 256 && bits != 384 && bits != 521)) { fprintf(stderr, "puttygen: invalid bits for ECDSA, choose 256, 384 or 521\n"); errs = TRUE; } if (keytype == ED25519 && (bits != 256)) { fprintf(stderr, "puttygen: invalid bits for ED25519, choose 256\n"); errs = TRUE; } if (keytype == RSA2 || keytype == RSA1 || keytype == DSA) { if (bits < 256) { fprintf(stderr, "puttygen: cannot generate %s keys shorter than" " 256 bits\n", (keytype == DSA ? "DSA" : "RSA")); errs = TRUE; } else if (bits < DEFAULT_RSADSA_BITS) { fprintf(stderr, "puttygen: warning: %s keys shorter than" " %d bits are probably not secure\n", (keytype == DSA ? "DSA" : "RSA"), DEFAULT_RSADSA_BITS); /* but this is just a warning, so proceed anyway */ } } if (errs) return 1; if (nogo) return 0; /* * If run with at least one argument _but_ not the required * ones, print the usage message and return failure. */ if (!infile && keytype == NOKEYGEN) { usage(TRUE); return 1; } /* ------------------------------------------------------------------ * Figure out further details of exactly what we're going to do. */ /* * Bomb out if we've been asked to both load and generate a * key. */ if (keytype != NOKEYGEN && infile) { fprintf(stderr, "puttygen: cannot both load and generate a key\n"); return 1; } /* * We must save the private part when generating a new key. */ if (keytype != NOKEYGEN && (outtype != PRIVATE && outtype != OPENSSH_AUTO && outtype != OPENSSH_NEW && outtype != SSHCOM)) { fprintf(stderr, "puttygen: this would generate a new key but " "discard the private part\n"); return 1; } /* * Analyse the type of the input file, in case this affects our * course of action. */ if (infile) { infilename = filename_from_str(infile); intype = key_type(infilename); switch (intype) { case SSH_KEYTYPE_UNOPENABLE: case SSH_KEYTYPE_UNKNOWN: fprintf(stderr, "puttygen: unable to load file `%s': %s\n", infile, key_type_to_str(intype)); return 1; case SSH_KEYTYPE_SSH1: case SSH_KEYTYPE_SSH1_PUBLIC: if (sshver == 2) { fprintf(stderr, "puttygen: conversion from SSH-1 to SSH-2 keys" " not supported\n"); return 1; } sshver = 1; break; case SSH_KEYTYPE_SSH2: case SSH_KEYTYPE_SSH2_PUBLIC_RFC4716: case SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH: case SSH_KEYTYPE_OPENSSH_PEM: case SSH_KEYTYPE_OPENSSH_NEW: case SSH_KEYTYPE_SSHCOM: if (sshver == 1) { fprintf(stderr, "puttygen: conversion from SSH-2 to SSH-1 keys" " not supported\n"); return 1; } sshver = 2; break; case SSH_KEYTYPE_OPENSSH_AUTO: default: assert(0 && "Should never see these types on an input file"); } } /* * Determine the default output file, if none is provided. * * This will usually be equal to stdout, except that if the * input and output file formats are the same then the default * output is to overwrite the input. * * Also in this code, we bomb out if the input and output file * formats are the same and no other action is performed. */ if ((intype == SSH_KEYTYPE_SSH1 && outtype == PRIVATE) || (intype == SSH_KEYTYPE_SSH2 && outtype == PRIVATE) || (intype == SSH_KEYTYPE_OPENSSH_PEM && outtype == OPENSSH_AUTO) || (intype == SSH_KEYTYPE_OPENSSH_NEW && outtype == OPENSSH_NEW) || (intype == SSH_KEYTYPE_SSHCOM && outtype == SSHCOM)) { if (!outfile) { outfile = infile; outfiletmp = dupcat(outfile, ".tmp", NULL); } if (!change_passphrase && !comment) { fprintf(stderr, "puttygen: this command would perform no useful" " action\n"); return 1; } } else { if (!outfile) { /* * Bomb out rather than automatically choosing to write * a private key file to stdout. */ if (outtype == PRIVATE || outtype == OPENSSH_AUTO || outtype == OPENSSH_NEW || outtype == SSHCOM) { fprintf(stderr, "puttygen: need to specify an output file\n"); return 1; } } } /* * Figure out whether we need to load the encrypted part of the * key. This will be the case if either (a) we need to write * out a private key format, or (b) the entire input key file * is encrypted. */ if (outtype == PRIVATE || outtype == OPENSSH_AUTO || outtype == OPENSSH_NEW || outtype == SSHCOM || intype == SSH_KEYTYPE_OPENSSH_PEM || intype == SSH_KEYTYPE_OPENSSH_NEW || intype == SSH_KEYTYPE_SSHCOM) load_encrypted = TRUE; else load_encrypted = FALSE; if (load_encrypted && (intype == SSH_KEYTYPE_SSH1_PUBLIC || intype == SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 || intype == SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH)) { fprintf(stderr, "puttygen: cannot perform this action on a " "public-key-only input file\n"); return 1; } /* ------------------------------------------------------------------ * Now we're ready to actually do some stuff. */ /* * Either load or generate a key. */ if (keytype != NOKEYGEN) { char *entropy; char default_comment[80]; struct tm tm; struct progress prog; prog.phase = -1; prog.current = -1; tm = ltime(); if (keytype == DSA) strftime(default_comment, 30, "dsa-key-%Y%m%d", &tm); else if (keytype == ECDSA) strftime(default_comment, 30, "ecdsa-key-%Y%m%d", &tm); else if (keytype == ED25519) strftime(default_comment, 30, "ed25519-key-%Y%m%d", &tm); else strftime(default_comment, 30, "rsa-key-%Y%m%d", &tm); random_ref(); entropy = get_random_data(bits / 8, random_device); if (!entropy) { fprintf(stderr, "puttygen: failed to collect entropy, " "could not generate key\n"); return 1; } random_add_heavynoise(entropy, bits / 8); smemclr(entropy, bits/8); sfree(entropy); if (keytype == DSA) { struct dss_key *dsskey = snew(struct dss_key); dsa_generate(dsskey, bits, progressfn, &prog); ssh2key = snew(struct ssh2_userkey); ssh2key->data = dsskey; ssh2key->alg = &ssh_dss; ssh1key = NULL; } else if (keytype == ECDSA) {
int main(int argc, char **argv) { char *infile = NULL; Filename infilename; enum { NOKEYGEN, RSA1, RSA2, DSA } keytype = NOKEYGEN; char *outfile = NULL, *outfiletmp = NULL; Filename outfilename; enum { PRIVATE, PUBLIC, PUBLICO, FP, OPENSSH, SSHCOM } outtype = PRIVATE; int bits = 1024; char *comment = NULL, *origcomment = NULL; int change_passphrase = FALSE; int errs = FALSE, nogo = FALSE; int intype = SSH_KEYTYPE_UNOPENABLE; int sshver = 0; struct ssh2_userkey *ssh2key = NULL; struct RSAKey *ssh1key = NULL; char *ssh2blob = NULL, *ssh2alg = NULL; const struct ssh_signkey *ssh2algf = NULL; int ssh2bloblen; char *passphrase = NULL; int load_encrypted; progfn_t progressfn = is_interactive() ? progress_update : no_progress; /* ------------------------------------------------------------------ * Parse the command line to figure out what we've been asked to do. */ /* * If run with no arguments at all, print the usage message and * return success. */ if (argc <= 1) { usage(); return 0; } /* * Parse command line arguments. */ while (--argc) { char *p = *++argv; if (*p == '-') { /* * An option. */ while (p && *++p) { char c = *p; switch (c) { case '-': /* * Long option. */ { char *opt, *val; opt = p++; /* opt will have _one_ leading - */ while (*p && *p != '=') p++; /* find end of option */ if (*p == '=') { *p++ = '\0'; val = p; } else val = NULL; if (!strcmp(opt, "-help")) { help(); nogo = TRUE; } else if (!strcmp(opt, "-version")) { showversion(); nogo = TRUE; } /* * A sample option requiring an argument: * * else if (!strcmp(opt, "-output")) { * if (!val) * errs = TRUE, error(err_optnoarg, opt); * else * ofile = val; * } */ else { errs = TRUE; fprintf(stderr, "puttygen: no such option `--%s'\n", opt); } } p = NULL; break; case 'h': case 'V': case 'P': case 'l': case 'L': case 'p': case 'q': /* * Option requiring no parameter. */ switch (c) { case 'h': help(); nogo = TRUE; break; case 'V': showversion(); nogo = TRUE; break; case 'P': change_passphrase = TRUE; break; case 'l': outtype = FP; break; case 'L': outtype = PUBLICO; break; case 'p': outtype = PUBLIC; break; case 'q': progressfn = no_progress; break; } break; case 't': case 'b': case 'C': case 'O': case 'o': /* * Option requiring parameter. */ p++; if (!*p && argc > 1) --argc, p = *++argv; else if (!*p) { fprintf(stderr, "puttygen: option `-%c' expects a" " parameter\n", c); errs = TRUE; } /* * Now c is the option and p is the parameter. */ switch (c) { case 't': if (!strcmp(p, "rsa") || !strcmp(p, "rsa2")) keytype = RSA2, sshver = 2; else if (!strcmp(p, "rsa1")) keytype = RSA1, sshver = 1; else if (!strcmp(p, "dsa") || !strcmp(p, "dss")) keytype = DSA, sshver = 2; else { fprintf(stderr, "puttygen: unknown key type `%s'\n", p); errs = TRUE; } break; case 'b': bits = atoi(p); break; case 'C': comment = p; break; case 'O': if (!strcmp(p, "public")) outtype = PUBLIC; else if (!strcmp(p, "public-openssh")) outtype = PUBLICO; else if (!strcmp(p, "private")) outtype = PRIVATE; else if (!strcmp(p, "fingerprint")) outtype = FP; else if (!strcmp(p, "private-openssh")) outtype = OPENSSH, sshver = 2; else if (!strcmp(p, "private-sshcom")) outtype = SSHCOM, sshver = 2; else { fprintf(stderr, "puttygen: unknown output type `%s'\n", p); errs = TRUE; } break; case 'o': outfile = p; break; } p = NULL; /* prevent continued processing */ break; default: /* * Unrecognised option. */ errs = TRUE; fprintf(stderr, "puttygen: no such option `-%c'\n", c); break; } } } else { /* * A non-option argument. */ if (!infile) infile = p; else { errs = TRUE; fprintf(stderr, "puttygen: cannot handle more than one" " input file\n"); } } } if (errs) return 1; if (nogo) return 0; /* * If run with at least one argument _but_ not the required * ones, print the usage message and return failure. */ if (!infile && keytype == NOKEYGEN) { usage(); return 1; } /* ------------------------------------------------------------------ * Figure out further details of exactly what we're going to do. */ /* * Bomb out if we've been asked to both load and generate a * key. */ if (keytype != NOKEYGEN && intype) { fprintf(stderr, "puttygen: cannot both load and generate a key\n"); return 1; } /* * Analyse the type of the input file, in case this affects our * course of action. */ if (infile) { infilename = filename_from_str(infile); intype = key_type(&infilename); switch (intype) { /* * It would be nice here to be able to load _public_ * key files, in any of a number of forms, and (a) * convert them to other public key types, (b) print * out their fingerprints. Or, I suppose, for real * orthogonality, (c) change their comment! * * In fact this opens some interesting possibilities. * Suppose ssh2_userkey_loadpub() were able to load * public key files as well as extracting the public * key from private ones. And suppose I did the thing * I've been wanting to do, where specifying a * particular private key file for authentication * causes any _other_ key in the agent to be discarded. * Then, if you had an agent forwarded to the machine * you were running Unix PuTTY or Plink on, and you * needed to specify which of the keys in the agent it * should use, you could do that by supplying a * _public_ key file, thus not needing to trust even * your encrypted private key file to the network. Ooh! */ case SSH_KEYTYPE_UNOPENABLE: case SSH_KEYTYPE_UNKNOWN: fprintf(stderr, "puttygen: unable to load file `%s': %s\n", infile, key_type_to_str(intype)); return 1; case SSH_KEYTYPE_SSH1: if (sshver == 2) { fprintf(stderr, "puttygen: conversion from SSH1 to SSH2 keys" " not supported\n"); return 1; } sshver = 1; break; case SSH_KEYTYPE_SSH2: case SSH_KEYTYPE_OPENSSH: case SSH_KEYTYPE_SSHCOM: if (sshver == 1) { fprintf(stderr, "puttygen: conversion from SSH2 to SSH1 keys" " not supported\n"); return 1; } sshver = 2; break; } } /* * Determine the default output file, if none is provided. * * This will usually be equal to stdout, except that if the * input and output file formats are the same then the default * output is to overwrite the input. * * Also in this code, we bomb out if the input and output file * formats are the same and no other action is performed. */ if ((intype == SSH_KEYTYPE_SSH1 && outtype == PRIVATE) || (intype == SSH_KEYTYPE_SSH2 && outtype == PRIVATE) || (intype == SSH_KEYTYPE_OPENSSH && outtype == OPENSSH) || (intype == SSH_KEYTYPE_SSHCOM && outtype == SSHCOM)) { if (!outfile) { outfile = infile; outfiletmp = dupcat(outfile, ".tmp", NULL); } if (!change_passphrase && !comment) { fprintf(stderr, "puttygen: this command would perform no useful" " action\n"); return 1; } } else { if (!outfile) { /* * Bomb out rather than automatically choosing to write * a private key file to stdout. */ if (outtype==PRIVATE || outtype==OPENSSH || outtype==SSHCOM) { fprintf(stderr, "puttygen: need to specify an output file\n"); return 1; } } } /* * Figure out whether we need to load the encrypted part of the * key. This will be the case if either (a) we need to write * out a private key format, or (b) the entire input key file * is encrypted. */ if (outtype == PRIVATE || outtype == OPENSSH || outtype == SSHCOM || intype == SSH_KEYTYPE_OPENSSH || intype == SSH_KEYTYPE_SSHCOM) load_encrypted = TRUE; else load_encrypted = FALSE; /* ------------------------------------------------------------------ * Now we're ready to actually do some stuff. */ /* * Either load or generate a key. */ if (keytype != NOKEYGEN) { char *entropy; char default_comment[80]; time_t t; struct tm *tm; struct progress prog; prog.phase = -1; prog.current = -1; time(&t); tm = localtime(&t); if (keytype == DSA) strftime(default_comment, 30, "dsa-key-%Y%m%d", tm); else strftime(default_comment, 30, "rsa-key-%Y%m%d", tm); random_init(); entropy = get_random_data(bits / 8); random_add_heavynoise(entropy, bits / 8); memset(entropy, 0, bits/8); sfree(entropy); if (keytype == DSA) { struct dss_key *dsskey = snew(struct dss_key); dsa_generate(dsskey, bits, progressfn, &prog); ssh2key = snew(struct ssh2_userkey); ssh2key->data = dsskey; ssh2key->alg = &ssh_dss; ssh1key = NULL; } else {
int create_author(struct server *s, int n) { int i, j; struct author *authors = NULL; cpu_set_t cpuinfo; pthread_t apt[QUIZZER_NUM]; if (n < 1 || n > 50) dns_error(0, "quizzer bad range"); if ((authors = malloc(sizeof(struct author) * n)) == NULL) dns_error(0, "out of memory in quizzer"); memset(authors, 0, sizeof(struct author) * n); s->authors = authors; for (i = 0; i < n; i++) { authors[i].idx = i; authors[i].cudp = s->ludp; authors[i].audp = create_listen_ports(i * 1000 + 998, UDP, NULL); if (authors[i].audp < 0) dns_error(0, "auth fd error"); set_sock_buff(authors[i].audp, 1); authors[i].el = &s->eventlist; authors[i].s = s; get_random_data(authors[i].randombuffer, RANDOM_SIZE); authors[i].rndidx = 0; authors[i].dupbefore = 0; authors[i].limits = 10; authors[i].bdepfd = 0; authors[i].fwd = s->forward; authors[i].ds = s->datasets; authors[i].qnum = 0; authors[i].underattack = 0; authors[i].timex = 0; authors[i].response = 0; authors[i].tcpinuse = 0; authors[i].rdb = 0; authors[i].quizz = 0; authors[i].drop = 0; authors[i].timeout = 0; authors[i].qidx = 0; //start idx in qoutinfo list authors[i].start = QLIST_TABLE_SIZE / QUIZZER_NUM * i; if (i == (QUIZZER_NUM - 1)) authors[i].end = QLIST_TABLE_SIZE; else authors[i].end = QLIST_TABLE_SIZE / QUIZZER_NUM * (i + 1); memset(authors[i].ip, 0, IP_DATA_LEN); authors[i].loginfo = malloc(sizeof(struct log_info)); memset(authors[i].loginfo, 0, sizeof(struct log_info)); authors[i].loginfo->log_type = TYPE_QUIZZER; authors[i].loginfo->logfd = create_new_log(s->logpath, i, TYPE_QUIZZER); for (j = 0; j < AUTH_DB_NUM; j++) pthread_spin_init(&(authors[i].dblock[j]), 0); for (j = 0; j < LIST_SPACE; j++) authors[i].list[j] = NULL; for (j = 0; j < EP_TCP_FDS; j++) authors[i].eptcpfds[j].ret = -1; pthread_spin_init(&authors[i].lock, 0); authors[i].loginfo->lastlog = global_now; if (authors[i].cudp < 0 || authors[i].audp < 0) dns_error(0, "create quizzer2"); if (pthread_create(apt + i, NULL, run_quizzer, (void *) &(authors[i])) != 0) dns_error(0, "create quizzer"); } global_out_info->thread_num += i; for(i = 0;i < QUIZZER_NUM ;i ++) { CPU_ZERO(&cpuinfo); CPU_SET_S(i + FETCHER_NUM + 1, sizeof(cpuinfo), &cpuinfo); if(0 != pthread_setaffinity_np(apt[i], sizeof(cpu_set_t), &cpuinfo)) { printf("set affinity quizzer failed, may be the cpu cores num less than (FETCHER_NUM + QUIZZER_NUM + 1)\n"); // exit(0); } } return 0; }