示例#1
0
void test_hashset_remove_all()
{
    HashSet *hs = hashset_new();

    char *a = "foo";
    char *b = "bar";
    char *c = "baz";
    char *d = "foo";

    hashset_add(hs, a);
    hashset_add(hs, b);
    hashset_add(hs, c);
    hashset_add(hs, d);

    hashset_remove_all(hs);

    size_t size = hashset_size(hs);

    cc_assert(size == 0,
              cc_msg("hashset_add: Expected size was 0, but got %d",
                     size));

    cc_assert(!hashset_contains(hs, "bar") &&
              !hashset_contains(hs, c),
              cc_msg("hashset_add: HashSet not empty after removing"
                     " all elements"));

    hashset_destroy(hs);
}
示例#2
0
void test_hashset_iter_remove()
{
    HashSet *hs = hashset_new();

    char *a = "foo";
    char *b = "bar";
    char *c = "baz";

    hashset_add(hs, a);
    hashset_add(hs, b);
    hashset_add(hs, c);

    HashSetIter iter;
    hashset_iter_init(&iter, hs);

    while (hashset_iter_has_next(&iter)) {
        char const *e = hashset_iter_next(&iter);

        if (!strcmp(e, "bar"))
            hashset_iter_remove(&iter);
    }

    cc_assert(hashset_size(hs) == 2,
              cc_msg("hashset_iter: Expected size 2 but got %d ",
                     hashset_size(hs)));

    cc_assert(!hashset_contains(hs, "bar"),
              cc_msg("hashset_iter: Element (%s) still pressent "
                     "after removal", "bar"));

    hashset_destroy(hs);
}
void test_hashset_iter_remove()
{
    HashSet *hs;
    hashset_new(&hs);

    char *a = "foo";
    char *b = "bar";
    char *c = "baz";

    hashset_add(hs, a);
    hashset_add(hs, b);
    hashset_add(hs, c);

    HashSetIter iter;
    hashset_iter_init(&iter, hs);

    char *e;
    while (hashset_iter_next(&iter, (void*) &e) != CC_ITER_END) {
        if (!strcmp(e, "bar"))
            hashset_iter_remove(&iter, NULL);
    }

    cc_assert(hashset_size(hs) == 2,
              cc_msg("hashset_iter: Expected size 2 but got %d ",
                     hashset_size(hs)));

    cc_assert(!hashset_contains(hs, "bar"),
              cc_msg("hashset_iter: Element (%s) still pressent "
                     "after removal", "bar"));

    hashset_destroy(hs);
}
示例#4
0
void test_hashset_add()
{
    HashSet *hs = hashset_new();

    char *a = "foo";
    char *b = "bar";
    char *c = "baz";
    char *d = "foo";

    hashset_add(hs, a);
    hashset_add(hs, b);
    hashset_add(hs, c);
    hashset_add(hs, d);

    size_t size = hashset_size(hs);

    cc_assert(size == 3,
              cc_msg("hashset_add: Expected size was 3, but got %d",
                     size));

    cc_assert(hashset_contains(hs, a) &&
              hashset_contains(hs, d),
              cc_msg("hashset_add: HashSet expected to contain elemnts"
                     " %s and %s", a, d));

    hashset_destroy(hs);
}
示例#5
0
void test_stack_push()
{
    Stack *s = stack_new();

    int a = 1;
    int b = 2;
    int c = 3;

    stack_push(s, &a);

    cc_assert(stack_peek(s) == &a,
              cc_msg("stack_push: Top stack element not as expected"));

    stack_push(s, &b);

    cc_assert(stack_peek(s) == &b,
              cc_msg("stack_push: Top stack element not as expected"));

    stack_push(s, &c);

    cc_assert(stack_peek(s) == &c,
              cc_msg("stack_push: Top stack element not as expected"));

    stack_destroy(s);

}
示例#6
0
void test_hashset_remove()
{
    HashSet *hs = hashset_new();

    char *a = "foo";
    char *b = "bar";
    char *c = "baz";
    char *d = "foo";

    hashset_add(hs, a);
    hashset_add(hs, b);
    hashset_add(hs, c);
    hashset_add(hs, d);

    hashset_remove(hs, "bar");

    size_t size = hashset_size(hs);

    cc_assert(size == 2,
              cc_msg("hashset_add: Expected size was 2, but got %d",
                     size));

    cc_assert(!hashset_contains(hs, "bar"),
              cc_msg("hashset_add: HashSet not expected to contain "
                     "element %s", "foo"));

    hashset_destroy(hs);
}
示例#7
0
文件: decl.c 项目: JamesLinus/mcc
static void abstract_declarator(node_t ** ty)
{
    cc_assert(ty);

    if (token->id == '*' || token->id == '(' || token->id == '[') {
        if (token->id == '*') {
            node_t *pty = ptr_decl();
            prepend_type(ty, pty);
        }

        if (token->id == '(') {
            if (first_decl(lookahead())) {
                node_t *faty = func_or_array(true, NULL);
                prepend_type(ty, faty);
            } else {
                expect('(');
                abstract_declarator(ty);
                expect(')');
            }
        } else if (token->id == '[') {
            node_t *faty = func_or_array(true, NULL);
            prepend_type(ty, faty);
        }
    } else {
        error("expect '(' or '[' at '%s'", token->name);
    }
}
示例#8
0
文件: decl.c 项目: JamesLinus/mcc
static void param_declarator(node_t ** ty, struct token **id)
{
    if (token->id == '*') {
        node_t *pty = ptr_decl();
        prepend_type(ty, pty);
    }

    if (token->id == '(') {
        if (first_decl(lookahead())) {
            abstract_declarator(ty);
        } else {
            node_t *type1 = *ty;
            node_t *rtype = NULL;
            expect('(');
            param_declarator(&rtype, id);
            expect(')');
            if (token->id == '(' || token->id == '[') {
                node_t *faty;
                cc_assert(id);
                if (*id) {
                    faty = func_or_array(false, NULL);
                } else {
                    faty = func_or_array(true, NULL);
                }
                attach_type(&faty, type1);
                attach_type(&rtype, faty);
            }
            *ty = rtype;
        }
    } else if (token->id == '[') {
        abstract_declarator(ty);
    } else if (token->id == ID) {
        declarator(ty, id, NULL);
    }
}
示例#9
0
static double perf_ccrng_system_oneshot(unsigned long loops, size_t nbytes)
{
    struct ccrng_system_state system_ctx;
    CC_UNUSED int status;
    uint8_t results[nbytes];
    double time;

    perf_start();
    do {
        status = ccrng_system_init(&system_ctx);
        cc_assert(status==0);
        status = ccrng_generate((struct ccrng_state *)&system_ctx, nbytes, results);
        cc_assert(status==0);
        ccrng_system_done(&system_ctx);
    } while (--loops != 0);
    time=perf_time();
    return time;
}
示例#10
0
static void ccn_mod_384(cczp_const_t zp, cc_unit *r, const cc_unit *a, CC_UNUSED cc_ws_t ws) {
    cc_assert(cczp_n(zp) == CCN384_N);
    cc_unit s1[CCN384_N] = { ccn384_32(  Anil,  Anil,  Anil,  Anil,  Anil, A(23), A(22), A(21),  Anil,  Anil,  Anil,  Anil) };
    //cc_unit s2[CCN384_N] = { ccn384_32( A(23), A(22), A(21), A(20), A(19), A(18), A(17), A(16), A(15), A(14), A(13), A(12)) };
    cc_unit s3[CCN384_N] = { ccn384_32( A(20), A(19), A(18), A(17), A(16), A(15), A(14), A(13), A(12), A(23), A(22), A(21)) };
    cc_unit s4[CCN384_N] = { ccn384_32( A(19), A(18), A(17), A(16), A(15), A(14), A(13), A(12), A(20),  Anil, A(23),  Anil) };
    cc_unit s5[CCN384_N] = { ccn384_32(  Anil,  Anil,  Anil,  Anil, A(23), A(22), A(21), A(20),  Anil,  Anil,  Anil,  Anil) };
    cc_unit s6[CCN384_N] = { ccn384_32(  Anil,  Anil,  Anil,  Anil,  Anil,  Anil, A(23), A(22), A(21),  Anil,  Anil, A(20)) };
    cc_unit d1[CCN384_N] = { ccn384_32( A(22), A(21), A(20), A(19), A(18), A(17), A(16), A(15), A(14), A(13), A(12), A(23)) };
    cc_unit d2[CCN384_N] = { ccn384_32(  Anil,  Anil,  Anil,  Anil,  Anil,  Anil,  Anil, A(23), A(22), A(21), A(20),  Anil) };
    cc_unit d3[CCN384_N] = { ccn384_32(  Anil,  Anil,  Anil,  Anil,  Anil,  Anil,  Anil, A(23), A(23),  Anil,  Anil,  Anil) };
    cc_unit *select[2] __attribute__((aligned(16))) ={s1,s3};

    cc_unit carry,carry_mask;
    ccn_add(ccn_nof(160)+1, d2, d2, d3);  // smaller size and no carry possible
    ccn_add(ccn_nof(224)+1, s1, s1, s1);  // smaller size and no carry possible, alternatively cc_shiftl(s1, 1) but add is currently faster.
    ccn_add(ccn_nof(256)+1, s5, s5, s1);  // smaller size and no carry possible
    ccn_add(ccn_nof(256)+1, s5, s5, s6);  // smaller size and no carry possible

    carry = ccn_add(CCN384_N, r, a, &a[CCN384_N]);
    carry += ccn_add(CCN384_N, r, r, s3);
    carry += ccn_add(CCN384_N, r, r, s4);
    carry += ccn_add(CCN384_N, r, r, s5);
    carry -= ccn_sub(CCN384_N, d1, cczp_prime(zp), d1);
    carry += ccn_add(CCN384_N, r, r, d1);
    carry -= ccn_sub(CCN384_N, s3, r, d2);

    /* Reduce r mod p384 by subtraction of up to four multiples of p384. */
    carry_mask=CC_CARRY_3BITS(carry);
    carry -= (carry_mask & ccn_sub(CCN384_N,select[carry_mask],s3,cczp_prime(zp)));
    carry_mask=CC_CARRY_2BITS(carry);
    carry -= (carry_mask & ccn_sub(CCN384_N,select[carry_mask],s3,cczp_prime(zp)));
    carry_mask=CC_CARRY_2BITS(carry);
    carry -= (carry_mask & ccn_sub(CCN384_N,select[carry_mask],s3,cczp_prime(zp)));
    carry ^= ccn_sub(CCN384_N,s1,s3,cczp_prime(zp));

    ccn_set(CCN384_N,r,select[carry]);

    /* Sanity for debug */
    cc_assert(ccn_cmp(CCN384_N, r, cczp_prime(zp)) < 0);

}
示例#11
0
void test_hashset_new()
{
    HashSetConf conf;
    hashset_conf_init(&conf);
    conf.initial_capacity = 7;

    HashSet *set = hashset_new_conf(&conf);

    cc_assert(hashset_size(set) == 0,
              cc_msg("hashset_new: Initial size not 0"));

    size_t capacity = hashset_capacity(set);

    /* power of 2 rounding */
    cc_assert(capacity == 8,
              cc_msg("hashset_new: Expected capactity was 8, but got %d",
                     capacity));

    hashset_destroy(set);
}
示例#12
0
/*
 * NIST SP 800-90 March 2007
 * 10.2.1.4.2 The Process Steps for Reseeding When a Derivation
 *            Function is Used
 */
static int
reseed(struct ccdrbg_state *rng,
    unsigned long entropyLength, const void *entropy,
    unsigned long additionalLength, const void *additional)
{
	int         err;
    uint32_t    count;
	const char	*input_string[2];
	uint32_t	length[2];
    struct ccdrbg_nistctr_state *drbg=(struct ccdrbg_nistctr_state *)rng;
	uint32_t	seed_material[CCADRBG_SEEDLEN_INTS(drbg)];

    
    err =validate_inputs(drbg, entropyLength, additionalLength, 0); if(err!=CCDRBG_STATUS_OK) return err;
    
    if(drbg->use_df) {
        /* [1] seed_material = entropy || additional */
        input_string[0] = entropy;
        /* typecast: guaranteed to fit by the above checks */
        length[0] = (uint32_t)entropyLength;
        count = 1;

        if (additional && additionalLength)
        {
            input_string[count] = additional;
            /* typecast: guaranteed to fit by above checks */
            length[count] = (uint32_t)additionalLength;
            ++count;
        }

        /* [2] seed_material = Block_Cipher_df(seed_material, seedlen) */
        err = df(drbg, input_string, length, count,
                (uint8_t *)seed_material, sizeof(seed_material));
        if (err)
            return err;
    } else {
        cc_clear(sizeof(seed_material),seed_material);
        cc_assert(additionalLength==0 || additionalLength==sizeof(seed_material)); //additionalLength is validated above
        CC_MEMCPY(seed_material, additional, additionalLength);
        cc_xor(CCADRBG_SEEDLEN(drbg), seed_material, seed_material, entropy);
    }

	/* [3] (Key, V) = Update(seed_material, Key, V) */
	if (drbg_update(drbg, seed_material))
	{
		return CCDRBG_STATUS_PARAM_ERROR;
	}

	/* [4] reseed_counter = 1 */
	drbg->reseed_counter = 1;

	return CCDRBG_STATUS_OK;
}
示例#13
0
文件: decl.c 项目: JamesLinus/mcc
static node_t *ptr_decl(void)
{
    node_t *ret = NULL;
    int con, vol, res, type;

    cc_assert(token->id == '*');

    for (;;) {
        int *p, t = token->id;
        switch (token->id) {
        case CONST:
            p = &con;
            break;

        case VOLATILE:
            p = &vol;
            break;

        case RESTRICT:
            p = &res;
            break;

        case '*':
        {
            node_t *pty = ptr_type(NULL);
            con = vol = res = type = 0;
            p = &type;
            prepend_type(&ret, pty);
        }
        break;

        default:
            p = NULL;
            break;
        }

        if (p == NULL)
            break;

        if (*p != 0)
            warning("duplicate type qulifier '%s'", token->name);

        *p = t;

        if (t == CONST || t == VOLATILE || t == RESTRICT)
            ret = qual(t, ret);

        gettok();
    }

    return ret;
}
int
ccec_generate_key_internal_fips(ccec_const_cp_t cp,  struct ccrng_state *rng, ccec_full_ctx_t key)
{
    int result=CCEC_GENERATE_KEY_DEFAULT_ERR;

    /* Get base point G in projected form. */
    ccec_point_decl_cp(cp, base);
    cczp_const_t zq = ccec_cp_zq(cp);
    cc_require((result=ccec_projectify(cp, base, ccec_cp_g(cp),rng))==0,errOut);

    /* Generate a random private key k. */
    ccec_ctx_init(cp, key);
    cc_unit *k = ccec_ctx_k(key);
    cc_unit *q_minus_2 = ccec_ctx_x(key); // used as temp buffer
    int cmp_result=1;

    /* Need to test candidate against q-2 */
    ccn_sub1(ccec_cp_n(cp), q_minus_2, cczp_prime(zq), 2);
    size_t i;

    /* Generate adequate random for private key */
    for (i = 0; i < MAX_RETRY && cmp_result>0; i++)
    {
        /* Random bits */
        cc_require(((result = ccn_random_bits(ccec_cp_order_bitlen(cp), k, rng)) == 0),errOut);

        /* If k <= q-2, the number is valid */
        cmp_result=ccn_cmp(ccec_cp_n(cp), k, q_minus_2);
    }
    if (i >= MAX_RETRY)
    {
        result=CCEC_GENERATE_KEY_TOO_MANY_TRIES;
    }
    else
    {
        cc_assert(cmp_result<=0);
        /* k is now in range [ 0, q-2 ] ==> +1 for range [ 1, q-1 ] */
        ccn_add1(ccec_cp_n(cp), k, k, 1);

        /* Calculate the public key for k. */
        cc_require_action(ccec_mult(cp, ccec_ctx_point(key), k, base,rng) == 0  ,errOut,
                            result=CCEC_GENERATE_KEY_MULT_FAIL);
        cc_require_action(ccec_is_point_projective(cp, ccec_ctx_point(key)),errOut,
                            result=CCEC_GENERATE_NOT_ON_CURVE);
        cc_require_action(ccec_affinify(cp, ccec_ctx_point(key), ccec_ctx_point(key)) == 0,errOut,
                            result=CCEC_GENERATE_KEY_AFF_FAIL);
        ccn_seti(ccec_cp_n(cp), ccec_ctx_z(key), 1);
        result=0;
    }
errOut:
    return result;
}
示例#15
0
static void XYCZdblJac(ccec_const_cp_t cp,
                   cc_unit *twoP,
                   cc_unit *P,
                   ccec_const_projective_point_t p,
                   cc_ws_t ws)
{
    cc_size n=ccec_cp_n(cp);
    cc_unit *t1=&twoP[0],*t2=&twoP[n],
        *t3=&P[0],*t4=&P[n];
    cc_unit *t5=ws->start;
    cc_unit *t6=ws->start+n;
    cc_unit *t7=ws->start+2*n;
    ws->start+=3*n;
    cc_assert((ws->start)<=ws->end); // Check that provided workspace is sufficient;
    /*
    Cost (a=-3)     : 6S + 2M + 12add/sub
    Cost (generic)  : 6S + 3M + 10add/sub
     */

    cczp_sqr_ws(cp.zp,  t7, ccec_const_point_x(p,cp), ws);        //  X1^2 
    cczp_add_ws(cp.zp,  t4, t7, t7, ws);        //  2*X1^2
    cczp_add_ws(cp.zp,  t7, t7, t4, ws);        //  3*X1^2
    cczp_sqr_ws(cp.zp,  t3, ccec_const_point_z(p,cp), ws);        //  Z1^2 
    cczp_sqr_ws(cp.zp,  t3, t3, ws);        //  Z1^4 

#ifdef EC_CURVE_SUPPORT_ONLY_A_MINUS_3
    cczp_add_ws(cp.zp,  t5, t3, t3, ws);        //  2*Z1^4
    cczp_add_ws(cp.zp,  t5, t5, t3, ws);        //  3*Z1^4
    cczp_sub_ws(cp.zp,  t7, t7, t5, ws);        //  B = 3*X1^2 - 3.Z1^4
#else
    cczp_mul_ws(cp.zp,  t5, ccec_cp_a(cp), t3, ws); //  a.Z1^4 
    cczp_add_ws(cp.zp,  t7, t7, t5, ws);        //  B = 3*X1^2 + a.Z1^4
#endif
    cczp_sqr_ws(cp.zp,  t4, ccec_const_point_y(p,cp), ws);        //  Y1^2 
    cczp_add_ws(cp.zp,  t4, t4, t4, ws);        //  2Y1^2
    cczp_add_ws(cp.zp,  t5, t4, t4, ws);        //  4Y1^2
    cczp_mul_ws(cp.zp,  t3, t5, ccec_const_point_x(p,cp), ws);    //  A = 4Y1^2.X1 
    cczp_sqr_ws(cp.zp,  t6, t7, ws);        //  B^2 

    cczp_sub_ws(cp.zp,  t6, t6, t3, ws);        //  B^2 - A
    cczp_sub_ws(cp.zp,  t1, t6, t3, ws);        //  X2 = B^2 - 2.A
    cczp_sub_ws(cp.zp,  t6, t3, t1, ws);        //  A - X2

    cczp_mul_ws(cp.zp,  t6, t6, t7, ws);    //  (A - X2)*B 
    cczp_sqr_ws(cp.zp,  t4, t4, ws);        //  (2Y1^2)^2 
    cczp_add_ws(cp.zp,  t4, t4, t4, ws);        //  8.Y1^4 = Y1'
    cczp_sub_ws(cp.zp,  t2, t6, t4, ws);        //  Y2 = (A - X2)*B - 8.Y1^4

    ws->start=t5; // restore workspace starting point.
}
示例#16
0
// Convert point from affine to jacobian projective coordinates
int ccec_projectify(ccec_const_cp_t cp, ccec_projective_point_t r, ccec_const_affine_point_t s,
                     struct ccrng_state *masking_rng) {
    int status;
    cc_assert(r.hdr!=s.hdr); // Points must differ
#if CCEC_DEBUG
    ccec_alprint(cp, "ccec_projectify input", s);
#endif

    // Initialize z
#if CCEC_MASKING
    // Randomized z coordinate
    if (masking_rng) {
        cc_size bitlen=ccec_cp_prime_bitlen(cp);
        status=ccn_random_bits(bitlen-1, ccec_point_z(r, cp), masking_rng);
        ccn_set_bit(ccec_point_z(r, cp), bitlen-2, 1);
        cczp_sqr(cp.zp, ccec_point_x(r, cp), ccec_point_z(r, cp));                       // Z^2 (mtgR^-1)
        cczp_mul(cp.zp, ccec_point_y(r, cp), ccec_point_x(r, cp), ccec_point_z(r, cp));  // Z^3 (mtgR^-2)

        // Set point coordinate from Z, Z^2, Z^3
        cczp_mul(cp.zp, ccec_point_x(r, cp), ccec_point_x(r, cp), ccec_const_point_x(s, cp)); // x.Z^2.mtgR (mtgR^-3)
        cczp_mul(cp.zp, ccec_point_y(r, cp), ccec_point_y(r, cp), ccec_const_point_y(s, cp)); // y.Z^3.mtgR (mtgR^-4)
                                                                                              // Z.mtgR     (mtgR^-1)
        if (CCEC_ZP_IS_MONTGOMERY(cp)) {
            cczp_convert_to_montgomery(cp.zp, ccec_point_x(r, cp), ccec_point_x(r, cp));      // x.Z^2.mtgR (mtgR^-2)
            cczp_convert_to_montgomery(cp.zp, ccec_point_y(r, cp), ccec_point_y(r, cp));      // y.Z^3.mtgR (mtgR^-3)
        }                                                                                     // Z.mtgR     (mtgR^-1)
    } else
#endif
    // Fixed z coordinate
    {
        ccn_seti(ccec_cp_n(cp), ccec_point_z(r, cp),1);
        (void) masking_rng;

        // Set point in the arithmetic representation
        if (CCEC_ZP_IS_MONTGOMERY(cp)) {
            cczp_convert_to_montgomery(cp.zp, ccec_point_x(r, cp), ccec_const_point_x(s, cp));
            cczp_convert_to_montgomery(cp.zp, ccec_point_y(r, cp), ccec_const_point_y(s, cp));
            cczp_convert_to_montgomery(cp.zp, ccec_point_z(r, cp), ccec_point_z(r, cp));
        }
        else {
            ccn_set(ccec_cp_n(cp), ccec_point_x(r, cp), ccec_const_point_x(s, cp));
            ccn_set(ccec_cp_n(cp), ccec_point_y(r, cp), ccec_const_point_y(s, cp));
        }
        status=0;
    }
#if CCEC_DEBUG
    ccec_plprint(cp, "ccec_projectify output", r);
#endif
    return status;
}
示例#17
0
static double perf_ccrng_CommonCrypto_generate(unsigned long loops, size_t nbytes)
{
    uint8_t results[nbytes];
    CC_UNUSED int status;
    double time;

    perf_start();
    do {
        status = ccrng_generate((struct ccrng_state *)&nist_ctx, nbytes, results);
        cc_assert(status==0);
    } while (--loops != 0);
    time=perf_time();

    return time;
}
示例#18
0
// Constant time implementation when assembly is not available.
cc_size ccn_n(cc_size n, const cc_unit *s) {
    cc_unit s_tmp;
    cc_size ms_ix=0;
    for (cc_size ix=1;ix<=n;ix++) {
        s_tmp=s[ix-1];
        CC_HEAVISIDE_STEP(s_tmp);   // 1 iff (s[ix]!=0)
        s_tmp=(~0 + s_tmp);         // 0 iff (s[ix]!=0), ~0 otherwise
        // Keep the (index+1) of the most significant non zero cc_unit
        ms_ix = (~s_tmp & ix) | (s_tmp & ms_ix);
    }
#if CCN_N_DEBUG
    cc_assert(ms_ix == ccn_n_ref(n,s));
#endif
    return ms_ix;
}
示例#19
0
void ccmode_gcm_init(const struct ccmode_gcm *gcm, ccgcm_ctx *key,
                     size_t rawkey_len, const void *rawkey) {
    const struct ccmode_ecb *ecb = gcm->custom;
    cc_assert(((GCM_TABLE_SIZE % CCN_UNIT_SIZE) == 0));
    _CCMODE_GCM_ECB_MODE(key)->ecb = ecb;
    _CCMODE_GCM_ECB_MODE(key)->ecb_key = &_CCMODE_GCM_KEY(key)->u[0] + GCM_TABLE_SIZE;

    ecb->init(ecb, CCMODE_GCM_KEY_ECB_KEY(key), rawkey_len, rawkey);

    /* gmac init: X=0, PAD=0, H = E(0) */
    cc_zero(16, CCMODE_GCM_KEY_X(key));
    cc_zero(16, CCMODE_GCM_KEY_PAD(key));
    ecb->ecb(CCMODE_GCM_KEY_ECB_KEY(key), 1, CCMODE_GCM_KEY_X(key),
             CCMODE_GCM_KEY_H(key));

    CCMODE_GCM_KEY_PAD_LEN(key) = 0;
    _CCMODE_GCM_KEY(key)->mode = CCMODE_GCM_MODE_IV;
    _CCMODE_GCM_KEY(key)->ivmode = 0;
    _CCMODE_GCM_KEY(key)->totlen = 0;
    _CCMODE_GCM_KEY(key)->pttotlen = 0;

#ifdef CCMODE_GCM_TABLES
    /* setup tables */
    int x, y, z, t;
    unsigned char B[16] = {};

    /* generate the first table as it has no shifting (from which we make the other tables) */
    for (y = 0; y < 256; y++) {
        B[0] = y;
        ccmode_gcm_gf_mult(CCMODE_GCM_KEY_H(key), B, &_CCMODE_GCM_KEY(key)->PC[0][y][0]);
    }

    /* now generate the rest of the tables based the previous table */
    for (x = 1; x < 16; x++) {
        for (y = 0; y < 256; y++) {
            /* now shift it right by 8 bits */
            t = _CCMODE_GCM_KEY(key)->PC[x-1][y][15];
            for (z = 15; z > 0; z--) {
                _CCMODE_GCM_KEY(key)->PC[x][y][z] = _CCMODE_GCM_KEY(key)->PC[x-1][y][z-1];
            }
            _CCMODE_GCM_KEY(key)->PC[x][y][0] = gcm_shift_table[t<<1];
            _CCMODE_GCM_KEY(key)->PC[x][y][1] ^= gcm_shift_table[(t<<1)+1];
        }
    }
#endif /* !CCMODE_GCM_TABLES */
}
示例#20
0
struct ccperf_family *ccperf_family_ccrng(int argc, char *argv[])
{
    ccdrbg_factory_nistctr(&info, &DRBGcustom);
    struct ccdrbg_state *state = malloc(info.size);
    CC_UNUSED int status = ccrng_CommonCrypto_init(&nist_ctx, &info, state, 0);
    cc_assert(status==0);
    
    F_GET_ALL(family, ccrng);
    family.nsizes=5;
    family.sizes=malloc(family.nsizes*sizeof(unsigned long));
    family.sizes[0]=16;
    family.sizes[1]=128;
    family.sizes[2]=256;
    family.sizes[3]=1024;
    family.sizes[4]=32*1024;
    family.size_kind=ccperf_size_bytes;
    return &family;
}
示例#21
0
static void XYCZaddC(ccec_const_cp_t cp,
                   cc_unit *P,
                   cc_unit *Q,
                   cc_ws_t ws)
{
    cc_size n=ccec_cp_n(cp);
    cc_unit *t1=&P[0],*t2=&P[n],
        *t3=&Q[0],*t4=&Q[n];

    cc_unit *t5=ws->start;
    cc_unit *t6=ws->start+n;
    cc_unit *t7=ws->start+2*n;
    ws->start+=3*n;
    cc_assert((ws->start)<=ws->end); // Check that provided workspace is sufficient;

    /*
     Algo 19
     Modified to have same input and output buffers
     Cost: 3S + 5M + 11add/sub
     */
    cczp_sub_ws(cp.zp,  t5, t3, t1, ws);        //  X2-X1
    cczp_sqr_ws(cp.zp,  t5, t5, ws);        // (X2-X1)^2=A
    cczp_mul_ws(cp.zp,  t6, t1, t5, ws);    // X1 * A = B
    cczp_mul_ws(cp.zp,  t1, t3, t5, ws);    // X2 * A = C
    cczp_add_ws(cp.zp,  t5, t4, t2, ws);        // Y2+Y1
    cczp_sub_ws(cp.zp,  t4, t4, t2, ws);        // Y2-Y1
    cczp_sub_ws(cp.zp,  t3, t1, t6, ws);        // C - B
    cczp_mul_ws(cp.zp,  t7, t2, t3, ws);    // Y1 * (C-B)
    cczp_add_ws(cp.zp,  t3, t1, t6, ws);        // C + B

    cczp_sqr_ws(cp.zp,  t1, t4, ws);        // (Y2-Y1)^2
    cczp_sub_ws(cp.zp,  t1, t1, t3, ws);        // X3 = (Y2-Y1)^2 - (C+B)
    cczp_sub_ws(cp.zp,  t2, t6, t1, ws);        // B - X3
    cczp_mul_ws(cp.zp,  t2, t4, t2, ws);    // (Y2-Y1) * (B-X3)

    cczp_sub_ws(cp.zp,  t2, t2, t7, ws);        // Y3 = (Y2-Y1)*(B-X3) - Y1*(C-B)
    cczp_sqr_ws(cp.zp,  t4, t5, ws);        // F = (Y2+Y1)^2
    cczp_sub_ws(cp.zp,  t3, t4, t3, ws);        // X3' = F - (C+B)
    cczp_sub_ws(cp.zp,  t4, t3, t6, ws);        // X3' - B
    cczp_mul_ws(cp.zp,  t4, t4, t5, ws);    // (X3'-B) * (Y2+Y1)
    cczp_sub_ws(cp.zp,  t4, t4, t7, ws);        // Y3' = (X3'-B)*(Y2+Y1) - Y1*(C-B)

    ws->start=t5; // restore workspace starting point.
}
示例#22
0
static void ccn_mod_521(cczp_const_t zp, cc_unit *r, const cc_unit *a, CC_UNUSED cc_ws_t ws) {
    cc_assert(cczp_n(zp) == CCN521_N);
    cc_unit t[CCN521_N];
    cc_unit t2[CCN521_N];
    cc_unit *select[2] __attribute__((aligned(16))) ={t,t2};
    cc_unit borrow;

#if CCN_UNIT_SIZE == 1
    ccn_shift_right(CCN521_N - 1, t2, &a[CCN521_N - 1], 1); // r = a521,...,a1041
    t2[CCN521_N - 1] += a[CCN521_N - 1] & CC_UNIT_C(1);
    t2[CCN521_N - 1] += ccn_add(CCN521_N - 1,t2,t2,a);
#else
    ccn_shift_right(CCN521_N, t2, &a[CCN512_N], 9);  // r = a521,...,a1041
    t2[CCN512_N] += a[CCN512_N] & CC_UNIT_C(0x1ff);  // r += (a512,...,a520)*2^512
    t2[CCN512_N] += ccn_add(CCN512_N,t2,t2,a);         // r += a0,...,a511
#endif
    borrow=ccn_sub(CCN521_N, t, t2, cczp_prime(zp));
    ccn_set(CCN521_N,r,select[borrow]);
}
示例#23
0
文件: decl.c 项目: JamesLinus/mcc
static void array_qualifiers(node_t * atype)
{
    int cons, vol, res;
    int *p;
    cons = vol = res = 0;
    while (token->kind == CONST) {
        int t = token->id;
        struct source src = source;
        switch (t) {
        case CONST:
            p = &cons;
            gettok();
            break;

        case VOLATILE:
            p = &vol;
            gettok();
            break;

        case RESTRICT:
            p = &res;
            gettok();
            break;

        default:
            cc_assert(0);
        }

        if (*p != 0)
            warningf(src, "duplicate type qualifier '%s'", id2s(*p));

        *p = t;
    }

    if (cons)
        TYPE_A_CONST(atype) = 1;
    if (vol)
        TYPE_A_VOLATILE(atype) = 1;
    if (res)
        TYPE_A_RESTRICT(atype) = 1;
}
示例#24
0
static int validate_gen_params(struct ccdrbg_nistctr_state *drbg,  unsigned long dataOutLength, unsigned long additionalLength)
{
    int rc=CCDRBG_STATUS_PARAM_ERROR;
    
    
    cc_require (dataOutLength >= 1, end); //Requested zero byte in one request
    cc_require (dataOutLength <= CCDRBG_MAX_REQUEST_SIZE, end); //Requested too many bytes in one request
    
    unsigned long max = drbg->use_df? CCDRBG_MAX_ADDITIONALINPUT_SIZE:CCADRBG_SEEDLEN(drbg);
    cc_require (additionalLength<=max, end); //Additional input too long
        
    
    // 1. If (reseed_counter > 2^^48), then Return (“Reseed required”, Null, V, Key, reseed_counter).
    cc_assert(sizeof(drbg->reseed_counter>=8)); //make sure it fits 2^48
    rc = CCDRBG_STATUS_NEED_RESEED;
    cc_require (drbg->reseed_counter <= CCDRBG_RESEED_INTERVAL || !drbg->strictFIPS, end); //Reseed required
   
    rc=CCDRBG_STATUS_OK;
end:
    return rc;
}
示例#25
0
// verify the signature in sig. The original (hash of the message) message is in digest
int ccrsa_verify_pss(ccrsa_pub_ctx_t key,
                      const struct ccdigest_info* di, const struct ccdigest_info* MgfDi,
                      size_t digestSize, const uint8_t *digest,
                      size_t sigSize, const uint8_t *sig,
                      size_t saltSize, bool *valid)
{
    const cc_size modBits =ccn_bitlen(ccrsa_ctx_n(key), ccrsa_ctx_m(key));
    const cc_size modBytes = cc_ceiling(modBits, 8);
    const cc_size emBits = modBits-1; //as defined in §8.1.1
    const cc_size emSize = cc_ceiling(emBits, 8);
    *valid = false;
    int rc=0;
    
    //1.
    if(modBytes!= sigSize)  return CCRSA_INVALID_INPUT;
    if(digestSize !=  di->output_size) return CCRSA_INVALID_INPUT;

    //2.
    const cc_size modWords=ccrsa_ctx_n(key);
    cc_unit EM[modWords];  //EM islarge enough to fit sig variable
    
    //2.a read sig to tmp array and make sure it fits
    cc_require_action(ccn_read_uint(modWords, EM, sigSize, sig)==0,errOut,rc=CCRSA_INVALID_INPUT);

    //2.b
    cc_require((rc=ccrsa_pub_crypt(key, EM, EM))==0,errOut);
    
    //2.c
    ccn_swap(modWords, EM);

    //3
    const size_t ofs = modWords*sizeof(cc_unit)-emSize;
    cc_assert(ofs<=sizeof(cc_unit)); //make sure sizes are consistent and we don't overrun buffers.
    rc|= ccrsa_emsa_pss_decode(di, MgfDi, saltSize, digestSize,  digest, emBits, (uint8_t *) EM+ofs);

    *valid = (rc==0)?true:false;
errOut:
    return rc;
}
示例#26
0
void test_hashset_iter_next()
{
    HashSet *hs = hashset_new();

    char *a = "foo";
    char *b = "bar";
    char *c = "baz";

    hashset_add(hs, a);
    hashset_add(hs, b);
    hashset_add(hs, c);

    size_t x = 0;
    size_t y = 0;
    size_t z = 0;

    HashSetIter iter;
    hashset_iter_init(&iter, hs);

    while (hashset_iter_has_next(&iter)) {
        char const *e = hashset_iter_next(&iter);

        if (!strcmp(e, "foo"))
            x++;

        if (!strcmp(e, "bar"))
            y++;

        if (!strcmp(e, "baz"))
            z++;
    }

    cc_assert((x == 1) && (y == 1) && (z == 1),
              cc_msg("hashset_iter: Unexpected number of "
                     "elements returned by the iterator"));

    hashset_destroy(hs);
}
示例#27
0
static void XYCZadd(ccec_const_cp_t cp,
                   cc_unit *P,
                   cc_unit *Q,
                   cc_ws_t ws)
{
    cc_size n=ccec_cp_n(cp);
    cc_unit *t1=&P[0],*t2=&P[n],
            *t3=&Q[0],*t4=&Q[n];
    cc_unit *t5=ws->start;
    cc_unit *t6=ws->start+n;
    ws->start+=2*n;
    cc_assert((ws->start)<=ws->end); // Check that provided workspace is sufficient;

 /*
    Algo 18
    modified to have input and output in same buffer
    use more RAM but less than XYCZaddC so that it does not matter
    Cost: 2S + 4M + 7sub
 */
    cczp_sub_ws(cp.zp,  t5, t3, t1, ws);        //  X2-X1
    cczp_sqr_ws(cp.zp,  t5, t5, ws);        // (X2-X1)^2=A
    cczp_mul_ws(cp.zp,  t6, t3, t5, ws);    // X2.A=C
    cczp_mul_ws(cp.zp,  t3, t1, t5, ws);    // X1.A=B
    cczp_sub_ws(cp.zp,  t5, t4, t2, ws);        // Y2-Y1
    cczp_sqr_ws(cp.zp,  t1, t5, ws);        // (Y2-Y1)^2 = D
    cczp_sub_ws(cp.zp,  t1, t1, t3, ws);        // D - B

    cczp_sub_ws(cp.zp,  t1, t1, t6, ws);        // X3
    cczp_sub_ws(cp.zp,  t6, t6, t3, ws);        // C - B
    cczp_mul_ws(cp.zp,  t4, t2, t6, ws);    // Y1 (C - B)
    cczp_sub_ws(cp.zp,  t2, t3, t1, ws);        // B - X3
    cczp_mul_ws(cp.zp,  t2, t5, t2, ws);    // (Y2-Y1) (B - X3)
    cczp_sub_ws(cp.zp,  t2, t2, t4, ws);        // (Y2-Y1)(B - X3) - Y1 (C - B)

    ws->start=t5; // restore workspace starting point. 
}
示例#28
0
文件: decl.c 项目: JamesLinus/mcc
static void declarator(node_t ** ty, struct token **id, int *params)
{
    int follow[] = { ',', '=', IF, 0 };

    cc_assert(ty && id);

    if (token->id == '*') {
        node_t *pty = ptr_decl();
        prepend_type(ty, pty);
    }

    if (token->id == ID) {
        *id = token;
        expect(ID);
        if (token->id == '[' || token->id == '(') {
            node_t *faty = func_or_array(false, params);
            prepend_type(ty, faty);
        }
    } else if (token->id == '(') {
        node_t *type1 = *ty;
        node_t *rtype = NULL;
        expect('(');
        declarator(&rtype, id, params);
        match(')', follow);
        if (token->id == '[' || token->id == '(') {
            node_t *faty = func_or_array(false, params);
            attach_type(&faty, type1);
            attach_type(&rtype, faty);
        } else {
            attach_type(&rtype, type1);
        }
        *ty = rtype;
    } else {
        error("expect identifier or '('");
    }
}
示例#29
0
文件: decl.c 项目: JamesLinus/mcc
static void parse_assign(node_t *atype)
{
    node_t *assign = assign_expr();
    TYPE_A_ASSIGN(atype) =assign;

    if (!assign)
        return;

    if (isint(AST_TYPE(assign))) {
        // try evaluate the length
        node_t *ret = eval(assign, longtype);
        if (ret) {
            cc_assert(isiliteral(ret));
            TYPE_LEN(atype) = ILITERAL_VALUE(ret);
            if ((long)ILITERAL_VALUE(ret) < 0)
                error("array has negative size");
        } else {
            error("expect constant expression");
        }
    } else {
        error("size of array has non-integer type '%s'",
              type2s(AST_TYPE(assign)));
    }
}
示例#30
0
static int ccec_mult_ws(ccec_const_cp_t cp, ccec_projective_point_t r, const cc_unit *d, ccec_const_projective_point_t s, struct ccrng_state *rng, cc_ws_t ws) {
    cc_size n=ccec_cp_n(cp);
    size_t dbitlen=ccn_bitlen(n,d);

    cc_unit *R0=ws->start;          // R0 and R1 are full points:
    cc_unit *R1=ws->start+2*n;      // X in [0..n-1] and Y in [n..2n-1]
    ws->start+=4*n;
    cc_assert((ws->start)<=ws->end); // Check that provided workspace is sufficient;

    // Check edge cases

    // Scalar d must be <= q to
    // prevent intermediary results to be the point at infinity
    // corecrypto to take care to meet this requirement
    cc_assert(ccn_cmp(n,d,cczp_prime(ccec_cp_zq(cp)))<=0); // d <= q
    ccn_sub1(n,R0,cczp_prime(ccec_cp_zq(cp)),1); // q-1
    if (dbitlen < 1) {
        ccn_clear(n, ccec_point_x(r, cp));
        ccn_clear(n, ccec_point_y(r, cp));
        ccn_clear(n, ccec_point_z(r, cp));
    } else if (dbitlen == 1) {
        // If d=1 => r=s
        ccn_set(n, ccec_point_x(r, cp), ccec_const_point_x(s, cp));
        ccn_set(n, ccec_point_y(r, cp), ccec_const_point_y(s, cp));
        ccn_set(n, ccec_point_z(r, cp), ccec_const_point_z(s, cp));
    } else if (ccn_cmp(n,d,R0)==0) {
        // If d=(q-1) => r=-s
        // Case not handle by Montgomery Ladder because R1-R0 = s.
        // On the last iteration r=R0 => R1 is equal to infinity which is not supported
        ccn_set(n, ccec_point_x(r, cp), ccec_const_point_x(s, cp));
        ccn_sub(n, ccec_point_y(r, cp), cczp_prime(cp.zp), ccec_const_point_y(s, cp));
        ccn_set(n, ccec_point_z(r, cp), ccec_const_point_z(s, cp));
    }
    else {
        // Randomize buffer to harden against cache attacks
        // TODO: scalar randomization.
        cc_unit c=1;
        if (rng) ccn_random_bits(1,&c,rng);

        // Core of the EC scalar multiplication
        cc_unit dbit; // Bit of d at index i
        cc_unit *R[2] __attribute__((aligned(16)))={R0,R1};

        XYCZdblJac(cp,R[c^1],R[c^0],s,ws);

        // Main loop
        for (unsigned long i = dbitlen - 2; i>0; --i) {
            dbit=c^(ccn_bit(d, i));
            XYCZaddC(cp,R[dbit],R[1^dbit],ws);
            XYCZadd(cp,R[dbit],R[1^dbit],ws);
            // Per Montgomery Ladder:
            // Invariably, R1 - R0 = P at this point of the loop
        }

        // Last iteration
        dbit=c^(ccn_bit(d, 0));
        XYCZaddC(cp,R[dbit],R[1^dbit],ws);
        // If d0 =      0           1
        //          R1-R0=-P     R1-R0=P
        // Therefore we can reconstruct the Z coordinate
        // To save an inversion and keep the result in Jacobian projective coordinates,
        //  we compute coefficient for X and Y.
        XYCZrecoverCoeffJac(cp,
                            ccec_point_x(r, cp),
                            ccec_point_y(r, cp),
                            ccec_point_z(r, cp),
                            R[c^1],R[c^0],
                            (int)(dbit^c),
                            s,
                            ws);
        XYCZadd(cp,R[dbit],R[1^dbit],ws);

        // Apply coefficients
        cczp_mul_ws(cp.zp,  ccec_point_x(r, cp), ccec_point_x(r, cp), &(R[c][0]), ws); // X0 * lambdaX
        cczp_mul_ws(cp.zp,  ccec_point_y(r, cp), ccec_point_y(r, cp), &(R[c][n]), ws); // Y0 * lambdaY
    }
#if CCEC_MULT_DEBUG
    ccn_lprint(n, "Result X:", ccec_point_x(r, cp));
    ccn_lprint(n, "Result Y:", ccec_point_y(r, cp));
    ccn_lprint(n, "Result Z:", ccec_point_z(r, cp));
#endif
    ws->start-=4*n;

    return 0;
}