added libtomcrypt-0.88

aes.c

@@ -1,4 +1,4 @@
-/* AES implementation by Tom St Denis 
+/* AES implementation by Tom St Denis
  *
  * Derived from the Public Domain source code by
  
@@ -48,7 +48,7 @@ const struct _cipher_descriptor aes_desc =
 int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_key *skey)
 {
     int i = 0, j;
-    unsigned long temp, *rk, *rrk;
+    ulong32 temp, *rk, *rrk;
     
     _ARGCHK(key != NULL);
     _ARGCHK(skey != NULL);
@@ -235,7 +235,7 @@ int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_k
 
 void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 
 {
-    unsigned long s0, s1, s2, s3, t0, t1, t2, t3, *rk;
+    ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
     int Nr, r;
    
     _ARGCHK(pt != NULL);
@@ -261,13 +261,6 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
     for (;;) {
 
 /* Both of these blocks are equivalent except the top is more friendlier for x86 processors */
-#if defined(__GNUC__)
-        t0 = rk[4]; t1 = rk[5]; t2 = rk[6]; t3 = rk[7];
-        t1 ^= Te3[byte(s0, 0)]; t2 ^= Te2[byte(s0, 1)]; t3 ^= Te1[byte(s0, 2)]; t0 ^= Te0[byte(s0, 3)];
-        t2 ^= Te3[byte(s1, 0)]; t3 ^= Te2[byte(s1, 1)]; t0 ^= Te1[byte(s1, 2)]; t1 ^= Te0[byte(s1, 3)];
-        t3 ^= Te3[byte(s2, 0)]; t0 ^= Te2[byte(s2, 1)]; t1 ^= Te1[byte(s2, 2)]; t2 ^= Te0[byte(s2, 3)];
-        t0 ^= Te3[byte(s3, 0)]; t1 ^= Te2[byte(s3, 1)]; t2 ^= Te1[byte(s3, 2)]; t3 ^= Te0[byte(s3, 3)];
-#else
         t0 =
             Te0[byte(s0, 3)] ^
             Te1[byte(s1, 2)] ^
@@ -292,21 +285,12 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
             Te2[byte(s1, 1)] ^
             Te3[byte(s2, 0)] ^
             rk[7];
-#endif
-       
+
         rk += 8;
         if (--r == 0) {
             break;
         }
-        
-/* this second half optimization actually makes it slower on the Athlon, use with caution. */
-#if 0
-        s1 = rk[1]; s2 = rk[2]; s3 = rk[3]; s0 = rk[0]; 
-        s1 ^= Te3[byte(t0, 0)]; s2 ^= Te2[byte(t0, 1)]; s3 ^= Te1[byte(t0, 2)]; s0 ^= Te0[byte(t0, 3)];
-        s2 ^= Te3[byte(t1, 0)]; s3 ^= Te2[byte(t1, 1)]; s0 ^= Te1[byte(t1, 2)]; s1 ^= Te0[byte(t1, 3)];
-        s3 ^= Te3[byte(t2, 0)]; s0 ^= Te2[byte(t2, 1)]; s1 ^= Te1[byte(t2, 2)]; s2 ^= Te0[byte(t2, 3)];
-        s0 ^= Te3[byte(t3, 0)]; s1 ^= Te2[byte(t3, 1)]; s2 ^= Te1[byte(t3, 2)]; s3 ^= Te0[byte(t3, 3)];
-#else
+
         s0 =
             Te0[byte(t0, 3)] ^
             Te1[byte(t1, 2)] ^
@@ -331,7 +315,6 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
             Te2[byte(t1, 1)] ^
             Te3[byte(t2, 0)] ^
             rk[3];
-#endif            
     }
     /*
      * apply last round and
@@ -368,7 +351,7 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
 }
 
 void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) {
-    unsigned long s0, s1, s2, s3, t0, t1, t2, t3, *rk;
+    ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
     int Nr, r;
 
     _ARGCHK(pt != NULL);

aes_tab.c

@@ -13,7 +13,7 @@ Td3[x] = Si[x].[09, 0d, 0b, 0e];
 Td4[x] = Si[x].[01, 01, 01, 01];
 */
 
-static const unsigned long Te0[256] = {
+static const ulong32 Te0[256] = {
     0xc66363a5UL, 0xf87c7c84UL, 0xee777799UL, 0xf67b7b8dUL,
     0xfff2f20dUL, 0xd66b6bbdUL, 0xde6f6fb1UL, 0x91c5c554UL,
     0x60303050UL, 0x02010103UL, 0xce6767a9UL, 0x562b2b7dUL,
@@ -79,7 +79,7 @@ static const unsigned long Te0[256] = {
     0x824141c3UL, 0x299999b0UL, 0x5a2d2d77UL, 0x1e0f0f11UL,
     0x7bb0b0cbUL, 0xa85454fcUL, 0x6dbbbbd6UL, 0x2c16163aUL,
 };
-static const unsigned long Te1[256] = {
+static const ulong32 Te1[256] = {
     0xa5c66363UL, 0x84f87c7cUL, 0x99ee7777UL, 0x8df67b7bUL,
     0x0dfff2f2UL, 0xbdd66b6bUL, 0xb1de6f6fUL, 0x5491c5c5UL,
     0x50603030UL, 0x03020101UL, 0xa9ce6767UL, 0x7d562b2bUL,
@@ -145,7 +145,7 @@ static const unsigned long Te1[256] = {
     0xc3824141UL, 0xb0299999UL, 0x775a2d2dUL, 0x111e0f0fUL,
     0xcb7bb0b0UL, 0xfca85454UL, 0xd66dbbbbUL, 0x3a2c1616UL,
 };
-static const unsigned long Te2[256] = {
+static const ulong32 Te2[256] = {
     0x63a5c663UL, 0x7c84f87cUL, 0x7799ee77UL, 0x7b8df67bUL,
     0xf20dfff2UL, 0x6bbdd66bUL, 0x6fb1de6fUL, 0xc55491c5UL,
     0x30506030UL, 0x01030201UL, 0x67a9ce67UL, 0x2b7d562bUL,
@@ -211,7 +211,7 @@ static const unsigned long Te2[256] = {
     0x41c38241UL, 0x99b02999UL, 0x2d775a2dUL, 0x0f111e0fUL,
     0xb0cb7bb0UL, 0x54fca854UL, 0xbbd66dbbUL, 0x163a2c16UL,
 };
-static const unsigned long Te3[256] = {
+static const ulong32 Te3[256] = {
 
     0x6363a5c6UL, 0x7c7c84f8UL, 0x777799eeUL, 0x7b7b8df6UL,
     0xf2f20dffUL, 0x6b6bbdd6UL, 0x6f6fb1deUL, 0xc5c55491UL,
@@ -278,7 +278,7 @@ static const unsigned long Te3[256] = {
     0x4141c382UL, 0x9999b029UL, 0x2d2d775aUL, 0x0f0f111eUL,
     0xb0b0cb7bUL, 0x5454fca8UL, 0xbbbbd66dUL, 0x16163a2cUL,
 };
-static const unsigned long Te4[256] = {
+static const ulong32 Te4[256] = {
     0x63636363UL, 0x7c7c7c7cUL, 0x77777777UL, 0x7b7b7b7bUL,
     0xf2f2f2f2UL, 0x6b6b6b6bUL, 0x6f6f6f6fUL, 0xc5c5c5c5UL,
     0x30303030UL, 0x01010101UL, 0x67676767UL, 0x2b2b2b2bUL,
@@ -354,7 +354,7 @@ static const unsigned long Te4[256] = {
 
 #else
 
-static const unsigned long Te4_0[] = {
+static const ulong32 Te4_0[] = {
 0x00000063UL, 0x0000007cUL, 0x00000077UL, 0x0000007bUL, 0x000000f2UL, 0x0000006bUL, 0x0000006fUL, 0x000000c5UL, 
 0x00000030UL, 0x00000001UL, 0x00000067UL, 0x0000002bUL, 0x000000feUL, 0x000000d7UL, 0x000000abUL, 0x00000076UL, 
 0x000000caUL, 0x00000082UL, 0x000000c9UL, 0x0000007dUL, 0x000000faUL, 0x00000059UL, 0x00000047UL, 0x000000f0UL, 
@@ -389,7 +389,7 @@ static const unsigned long Te4_0[] = {
 0x00000041UL, 0x00000099UL, 0x0000002dUL, 0x0000000fUL, 0x000000b0UL, 0x00000054UL, 0x000000bbUL, 0x00000016UL
 };
 
-static const unsigned long Te4_1[] = {
+static const ulong32 Te4_1[] = {
 0x00006300UL, 0x00007c00UL, 0x00007700UL, 0x00007b00UL, 0x0000f200UL, 0x00006b00UL, 0x00006f00UL, 0x0000c500UL, 
 0x00003000UL, 0x00000100UL, 0x00006700UL, 0x00002b00UL, 0x0000fe00UL, 0x0000d700UL, 0x0000ab00UL, 0x00007600UL, 
 0x0000ca00UL, 0x00008200UL, 0x0000c900UL, 0x00007d00UL, 0x0000fa00UL, 0x00005900UL, 0x00004700UL, 0x0000f000UL, 
@@ -424,7 +424,7 @@ static const unsigned long Te4_1[] = {
 0x00004100UL, 0x00009900UL, 0x00002d00UL, 0x00000f00UL, 0x0000b000UL, 0x00005400UL, 0x0000bb00UL, 0x00001600UL
 };
 
-static const unsigned long Te4_2[] = {
+static const ulong32 Te4_2[] = {
 0x00630000UL, 0x007c0000UL, 0x00770000UL, 0x007b0000UL, 0x00f20000UL, 0x006b0000UL, 0x006f0000UL, 0x00c50000UL, 
 0x00300000UL, 0x00010000UL, 0x00670000UL, 0x002b0000UL, 0x00fe0000UL, 0x00d70000UL, 0x00ab0000UL, 0x00760000UL, 
 0x00ca0000UL, 0x00820000UL, 0x00c90000UL, 0x007d0000UL, 0x00fa0000UL, 0x00590000UL, 0x00470000UL, 0x00f00000UL, 
@@ -459,7 +459,7 @@ static const unsigned long Te4_2[] = {
 0x00410000UL, 0x00990000UL, 0x002d0000UL, 0x000f0000UL, 0x00b00000UL, 0x00540000UL, 0x00bb0000UL, 0x00160000UL
 };
 
-static const unsigned long Te4_3[] = {
+static const ulong32 Te4_3[] = {
 0x63000000UL, 0x7c000000UL, 0x77000000UL, 0x7b000000UL, 0xf2000000UL, 0x6b000000UL, 0x6f000000UL, 0xc5000000UL, 
 0x30000000UL, 0x01000000UL, 0x67000000UL, 0x2b000000UL, 0xfe000000UL, 0xd7000000UL, 0xab000000UL, 0x76000000UL, 
 0xca000000UL, 0x82000000UL, 0xc9000000UL, 0x7d000000UL, 0xfa000000UL, 0x59000000UL, 0x47000000UL, 0xf0000000UL, 
@@ -496,7 +496,7 @@ static const unsigned long Te4_3[] = {
 
 #endif
 
-static const unsigned long Td0[256] = {
+static const ulong32 Td0[256] = {
     0x51f4a750UL, 0x7e416553UL, 0x1a17a4c3UL, 0x3a275e96UL,
     0x3bab6bcbUL, 0x1f9d45f1UL, 0xacfa58abUL, 0x4be30393UL,
     0x2030fa55UL, 0xad766df6UL, 0x88cc7691UL, 0xf5024c25UL,
@@ -562,7 +562,7 @@ static const unsigned long Td0[256] = {
     0x39a80171UL, 0x080cb3deUL, 0xd8b4e49cUL, 0x6456c190UL,
     0x7bcb8461UL, 0xd532b670UL, 0x486c5c74UL, 0xd0b85742UL,
 };
-static const unsigned long Td1[256] = {
+static const ulong32 Td1[256] = {
     0x5051f4a7UL, 0x537e4165UL, 0xc31a17a4UL, 0x963a275eUL,
     0xcb3bab6bUL, 0xf11f9d45UL, 0xabacfa58UL, 0x934be303UL,
     0x552030faUL, 0xf6ad766dUL, 0x9188cc76UL, 0x25f5024cUL,
@@ -628,7 +628,7 @@ static const unsigned long Td1[256] = {
     0x7139a801UL, 0xde080cb3UL, 0x9cd8b4e4UL, 0x906456c1UL,
     0x617bcb84UL, 0x70d532b6UL, 0x74486c5cUL, 0x42d0b857UL,
 };
-static const unsigned long Td2[256] = {
+static const ulong32 Td2[256] = {
     0xa75051f4UL, 0x65537e41UL, 0xa4c31a17UL, 0x5e963a27UL,
     0x6bcb3babUL, 0x45f11f9dUL, 0x58abacfaUL, 0x03934be3UL,
     0xfa552030UL, 0x6df6ad76UL, 0x769188ccUL, 0x4c25f502UL,
@@ -695,7 +695,7 @@ static const unsigned long Td2[256] = {
     0x017139a8UL, 0xb3de080cUL, 0xe49cd8b4UL, 0xc1906456UL,
     0x84617bcbUL, 0xb670d532UL, 0x5c74486cUL, 0x5742d0b8UL,
 };
-static const unsigned long Td3[256] = {
+static const ulong32 Td3[256] = {
     0xf4a75051UL, 0x4165537eUL, 0x17a4c31aUL, 0x275e963aUL,
     0xab6bcb3bUL, 0x9d45f11fUL, 0xfa58abacUL, 0xe303934bUL,
     0x30fa5520UL, 0x766df6adUL, 0xcc769188UL, 0x024c25f5UL,
@@ -761,7 +761,7 @@ static const unsigned long Td3[256] = {
     0xa8017139UL, 0x0cb3de08UL, 0xb4e49cd8UL, 0x56c19064UL,
     0xcb84617bUL, 0x32b670d5UL, 0x6c5c7448UL, 0xb85742d0UL,
 };
-static const unsigned long Td4[256] = {
+static const ulong32 Td4[256] = {
     0x52525252UL, 0x09090909UL, 0x6a6a6a6aUL, 0xd5d5d5d5UL,
     0x30303030UL, 0x36363636UL, 0xa5a5a5a5UL, 0x38383838UL,
     0xbfbfbfbfUL, 0x40404040UL, 0xa3a3a3a3UL, 0x9e9e9e9eUL,
@@ -827,14 +827,14 @@ static const unsigned long Td4[256] = {
     0xe1e1e1e1UL, 0x69696969UL, 0x14141414UL, 0x63636363UL,
     0x55555555UL, 0x21212121UL, 0x0c0c0c0cUL, 0x7d7d7d7dUL,
 };
-static const unsigned long rcon[] = {
+static const ulong32 rcon[] = {
     0x01000000UL, 0x02000000UL, 0x04000000UL, 0x08000000UL,
     0x10000000UL, 0x20000000UL, 0x40000000UL, 0x80000000UL,
     0x1B000000UL, 0x36000000UL, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
 };
 
 #ifndef SMALL_CODE
-static const unsigned long Tks0[] = {
+static const ulong32 Tks0[] = {
 0x00000000UL, 0x0e090d0bUL, 0x1c121a16UL, 0x121b171dUL, 0x3824342cUL, 0x362d3927UL, 0x24362e3aUL, 0x2a3f2331UL, 
 0x70486858UL, 0x7e416553UL, 0x6c5a724eUL, 0x62537f45UL, 0x486c5c74UL, 0x4665517fUL, 0x547e4662UL, 0x5a774b69UL, 
 0xe090d0b0UL, 0xee99ddbbUL, 0xfc82caa6UL, 0xf28bc7adUL, 0xd8b4e49cUL, 0xd6bde997UL, 0xc4a6fe8aUL, 0xcaaff381UL, 
@@ -869,7 +869,7 @@ static const unsigned long Tks0[] = {
 0xa779b492UL, 0xa970b999UL, 0xbb6bae84UL, 0xb562a38fUL, 0x9f5d80beUL, 0x91548db5UL, 0x834f9aa8UL, 0x8d4697a3UL
 };
 
-static const unsigned long Tks1[] = {
+static const ulong32 Tks1[] = {
 0x00000000UL, 0x0b0e090dUL, 0x161c121aUL, 0x1d121b17UL, 0x2c382434UL, 0x27362d39UL, 0x3a24362eUL, 0x312a3f23UL, 
 0x58704868UL, 0x537e4165UL, 0x4e6c5a72UL, 0x4562537fUL, 0x74486c5cUL, 0x7f466551UL, 0x62547e46UL, 0x695a774bUL, 
 0xb0e090d0UL, 0xbbee99ddUL, 0xa6fc82caUL, 0xadf28bc7UL, 0x9cd8b4e4UL, 0x97d6bde9UL, 0x8ac4a6feUL, 0x81caaff3UL, 
@@ -904,7 +904,7 @@ static const unsigned long Tks1[] = {
 0x92a779b4UL, 0x99a970b9UL, 0x84bb6baeUL, 0x8fb562a3UL, 0xbe9f5d80UL, 0xb591548dUL, 0xa8834f9aUL, 0xa38d4697UL
 };
 
-static const unsigned long Tks2[] = {
+static const ulong32 Tks2[] = {
 0x00000000UL, 0x0d0b0e09UL, 0x1a161c12UL, 0x171d121bUL, 0x342c3824UL, 0x3927362dUL, 0x2e3a2436UL, 0x23312a3fUL, 
 0x68587048UL, 0x65537e41UL, 0x724e6c5aUL, 0x7f456253UL, 0x5c74486cUL, 0x517f4665UL, 0x4662547eUL, 0x4b695a77UL, 
 0xd0b0e090UL, 0xddbbee99UL, 0xcaa6fc82UL, 0xc7adf28bUL, 0xe49cd8b4UL, 0xe997d6bdUL, 0xfe8ac4a6UL, 0xf381caafUL, 
@@ -939,7 +939,7 @@ static const unsigned long Tks2[] = {
 0xb492a779UL, 0xb999a970UL, 0xae84bb6bUL, 0xa38fb562UL, 0x80be9f5dUL, 0x8db59154UL, 0x9aa8834fUL, 0x97a38d46UL
 };
 
-static const unsigned long Tks3[] = {
+static const ulong32 Tks3[] = {
 0x00000000UL, 0x090d0b0eUL, 0x121a161cUL, 0x1b171d12UL, 0x24342c38UL, 0x2d392736UL, 0x362e3a24UL, 0x3f23312aUL, 
 0x48685870UL, 0x4165537eUL, 0x5a724e6cUL, 0x537f4562UL, 0x6c5c7448UL, 0x65517f46UL, 0x7e466254UL, 0x774b695aUL, 
 0x90d0b0e0UL, 0x99ddbbeeUL, 0x82caa6fcUL, 0x8bc7adf2UL, 0xb4e49cd8UL, 0xbde997d6UL, 0xa6fe8ac4UL, 0xaff381caUL, 

bits.c

@@ -1,4 +1,6 @@
 /* portable way to get secure random bits to feed a PRNG */
+#include <fcntl.h>
+#include <unistd.h>
 #include "mycrypt.h"
 
 #ifdef DEVRANDOM
@@ -9,26 +11,20 @@ static unsigned long rng_nix(unsigned char *buf, unsigned long len,
 #ifdef NO_FILE
     return 0;
 #else
-    FILE *f;
+    int src;
     unsigned long x;
 #ifdef TRY_URANDOM_FIRST
-    f = fopen("/dev/urandom", "rb");
-    if (f == NULL)
+    src = open("/dev/urandom", O_RDONLY);
+    if (src == -1)
 #endif /* TRY_URANDOM_FIRST */
-       f = fopen("/dev/random", "rb");
+       src = open("/dev/random", O_RDONLY);
 
-    if (f == NULL) {
+    if (src == -1) {
        return 0;
     }
     
-    /* disable buffering */
-    if (setvbuf(f, NULL, _IONBF, 0) != 0) {
-       fclose(f);
-       return 0;
-    }   
- 
-    x = (unsigned long)fread(buf, 1, (size_t)len, f);
-    fclose(f);
+    x = (unsigned long)read(src, buf, (size_t)len);
+    close(src);
     return x;
 #endif /* NO_FILE */
 }

blowfish.c

@@ -14,7 +14,7 @@ const struct _cipher_descriptor blowfish_desc =
     &blowfish_keysize
 };
 
-static const unsigned long ORIG_P[16 + 2] = {
+static const ulong32 ORIG_P[16 + 2] = {
         0x243F6A88UL, 0x85A308D3UL, 0x13198A2EUL, 0x03707344UL,
         0xA4093822UL, 0x299F31D0UL, 0x082EFA98UL, 0xEC4E6C89UL,
         0x452821E6UL, 0x38D01377UL, 0xBE5466CFUL, 0x34E90C6CUL,
@@ -22,7 +22,7 @@ static const unsigned long ORIG_P[16 + 2] = {
         0x9216D5D9UL, 0x8979FB1BUL
 };
 
-static const unsigned long ORIG_S[4][256] = {
+static const ulong32 ORIG_S[4][256] = {
     {   0xD1310BA6UL, 0x98DFB5ACUL, 0x2FFD72DBUL, 0xD01ADFB7UL,
         0xB8E1AFEDUL, 0x6A267E96UL, 0xBA7C9045UL, 0xF12C7F99UL,
         0x24A19947UL, 0xB3916CF7UL, 0x0801F2E2UL, 0x858EFC16UL,
@@ -284,7 +284,7 @@ static const unsigned long ORIG_S[4][256] = {
 int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
                    symmetric_key *skey)
 {
-   unsigned long x, y, z, A;
+   ulong32 x, y, z, A;
    unsigned char B[8];
 
    _ARGCHK(key != NULL);
@@ -304,7 +304,7 @@ int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
    for (x = y = 0; x < 18; x++) {
        A = 0;
        for (z = 0; z < 4; z++) {
-           A = (A << 8) | ((unsigned long)key[y++ % keylen]);
+           A = (A << 8) | ((ulong32)key[y++ % keylen]);
        }
        skey->blowfish.K[x] = ORIG_P[x] ^ A;
    }
@@ -362,10 +362,10 @@ static void _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sy
 void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 #endif
 {
-   unsigned long L, R;
+   ulong32 L, R;
    int r;
 #if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
-    unsigned long *S1, *S2, *S3, *S4;
+    ulong32 *S1, *S2, *S3, *S4;
 #endif    
 
     _ARGCHK(pt != NULL);
@@ -404,7 +404,7 @@ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
 void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 {
     _blowfish_ecb_encrypt(pt, ct, key);
-    burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
+    burn_stack(sizeof(ulong32) * 2 + sizeof(int));
 }
 #endif
 
@@ -414,10 +414,10 @@ static void _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sy
 void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 #endif
 {
-   unsigned long L, R;
+   ulong32 L, R;
    int r;
 #if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
-    unsigned long *S1, *S2, *S3, *S4;
+    ulong32 *S1, *S2, *S3, *S4;
 #endif    
 
     _ARGCHK(pt != NULL);
@@ -456,7 +456,7 @@ void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
 void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 {
     _blowfish_ecb_decrypt(ct, pt, key);
-    burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
+    burn_stack(sizeof(ulong32) * 2 + sizeof(int));
 }
 #endif
 

cast5.c

@@ -14,7 +14,7 @@ const struct _cipher_descriptor cast5_desc = {
    &cast5_keysize
 };
 
-static const unsigned long S1[256] = {
+static const ulong32 S1[256] = {
 0x30fb40d4UL, 0x9fa0ff0bUL, 0x6beccd2fUL, 0x3f258c7aUL, 0x1e213f2fUL, 0x9c004dd3UL, 
 0x6003e540UL, 0xcf9fc949UL, 0xbfd4af27UL, 0x88bbbdb5UL, 0xe2034090UL, 0x98d09675UL, 
 0x6e63a0e0UL, 0x15c361d2UL, 0xc2e7661dUL, 0x22d4ff8eUL, 0x28683b6fUL, 0xc07fd059UL, 
@@ -59,7 +59,7 @@ static const unsigned long S1[256] = {
 0xb141ab08UL, 0x7cca89b9UL, 0x1a69e783UL, 0x02cc4843UL, 0xa2f7c579UL, 0x429ef47dUL, 
 0x427b169cUL, 0x5ac9f049UL, 0xdd8f0f00UL, 0x5c8165bfUL};
 
-static const unsigned long S2[256] = {
+static const ulong32 S2[256] = {
 0x1f201094UL, 0xef0ba75bUL, 0x69e3cf7eUL, 0x393f4380UL, 0xfe61cf7aUL, 0xeec5207aUL, 
 0x55889c94UL, 0x72fc0651UL, 0xada7ef79UL, 0x4e1d7235UL, 0xd55a63ceUL, 0xde0436baUL, 
 0x99c430efUL, 0x5f0c0794UL, 0x18dcdb7dUL, 0xa1d6eff3UL, 0xa0b52f7bUL, 0x59e83605UL, 
@@ -104,7 +104,7 @@ static const unsigned long S2[256] = {
 0x5c038323UL, 0x3e5d3bb9UL, 0x43d79572UL, 0x7e6dd07cUL, 0x06dfdf1eUL, 0x6c6cc4efUL, 
 0x7160a539UL, 0x73bfbe70UL, 0x83877605UL, 0x4523ecf1UL};
 
-static const unsigned long S3[256] = {
+static const ulong32 S3[256] = {
 0x8defc240UL, 0x25fa5d9fUL, 0xeb903dbfUL, 0xe810c907UL, 0x47607fffUL, 0x369fe44bUL, 
 0x8c1fc644UL, 0xaececa90UL, 0xbeb1f9bfUL, 0xeefbcaeaUL, 0xe8cf1950UL, 0x51df07aeUL, 
 0x920e8806UL, 0xf0ad0548UL, 0xe13c8d83UL, 0x927010d5UL, 0x11107d9fUL, 0x07647db9UL, 
@@ -149,7 +149,7 @@ static const unsigned long S3[256] = {
 0x52bce688UL, 0x1b03588aUL, 0xf7baefd5UL, 0x4142ed9cUL, 0xa4315c11UL, 0x83323ec5UL, 
 0xdfef4636UL, 0xa133c501UL, 0xe9d3531cUL, 0xee353783UL};
 
-static const unsigned long S4[256] = {
+static const ulong32 S4[256] = {
 0x9db30420UL, 0x1fb6e9deUL, 0xa7be7befUL, 0xd273a298UL, 0x4a4f7bdbUL, 0x64ad8c57UL, 
 0x85510443UL, 0xfa020ed1UL, 0x7e287affUL, 0xe60fb663UL, 0x095f35a1UL, 0x79ebf120UL, 
 0xfd059d43UL, 0x6497b7b1UL, 0xf3641f63UL, 0x241e4adfUL, 0x28147f5fUL, 0x4fa2b8cdUL, 
@@ -194,7 +194,7 @@ static const unsigned long S4[256] = {
 0xb657c34dUL, 0x4edfd282UL, 0x7ae5290cUL, 0x3cb9536bUL, 0x851e20feUL, 0x9833557eUL, 
 0x13ecf0b0UL, 0xd3ffb372UL, 0x3f85c5c1UL, 0x0aef7ed2UL};
 
-static const unsigned long S5[256] = {
+static const ulong32 S5[256] = {
 0x7ec90c04UL, 0x2c6e74b9UL, 0x9b0e66dfUL, 0xa6337911UL, 0xb86a7fffUL, 0x1dd358f5UL, 
 0x44dd9d44UL, 0x1731167fUL, 0x08fbf1faUL, 0xe7f511ccUL, 0xd2051b00UL, 0x735aba00UL, 
 0x2ab722d8UL, 0x386381cbUL, 0xacf6243aUL, 0x69befd7aUL, 0xe6a2e77fUL, 0xf0c720cdUL, 
@@ -239,7 +239,7 @@ static const unsigned long S5[256] = {
 0x34010718UL, 0xbb30cab8UL, 0xe822fe15UL, 0x88570983UL, 0x750e6249UL, 0xda627e55UL, 
 0x5e76ffa8UL, 0xb1534546UL, 0x6d47de08UL, 0xefe9e7d4UL};
 
-static const unsigned long S6[256] = {
+static const ulong32 S6[256] = {
 0xf6fa8f9dUL, 0x2cac6ce1UL, 0x4ca34867UL, 0xe2337f7cUL, 0x95db08e7UL, 0x016843b4UL, 
 0xeced5cbcUL, 0x325553acUL, 0xbf9f0960UL, 0xdfa1e2edUL, 0x83f0579dUL, 0x63ed86b9UL, 
 0x1ab6a6b8UL, 0xde5ebe39UL, 0xf38ff732UL, 0x8989b138UL, 0x33f14961UL, 0xc01937bdUL, 
@@ -284,7 +284,7 @@ static const unsigned long S6[256] = {
 0xb0e93524UL, 0xbebb8fbdUL, 0xa2d762cfUL, 0x49c92f54UL, 0x38b5f331UL, 0x7128a454UL, 
 0x48392905UL, 0xa65b1db8UL, 0x851c97bdUL, 0xd675cf2fUL};
 
-static const unsigned long S7[256] = {
+static const ulong32 S7[256] = {
 0x85e04019UL, 0x332bf567UL, 0x662dbfffUL, 0xcfc65693UL, 0x2a8d7f6fUL, 0xab9bc912UL, 
 0xde6008a1UL, 0x2028da1fUL, 0x0227bce7UL, 0x4d642916UL, 0x18fac300UL, 0x50f18b82UL, 
 0x2cb2cb11UL, 0xb232e75cUL, 0x4b3695f2UL, 0xb28707deUL, 0xa05fbcf6UL, 0xcd4181e9UL, 
@@ -329,7 +329,7 @@ static const unsigned long S7[256] = {
 0xc3c0bdaeUL, 0x4958c24cUL, 0x518f36b2UL, 0x84b1d370UL, 0x0fedce83UL, 0x878ddadaUL, 
 0xf2a279c7UL, 0x94e01be8UL, 0x90716f4bUL, 0x954b8aa3UL};
 
-static const unsigned long S8[256] = {
+static const ulong32 S8[256] = {
 0xe216300dUL, 0xbbddfffcUL, 0xa7ebdabdUL, 0x35648095UL, 0x7789f8b7UL, 0xe6c1121bUL, 
 0x0e241600UL, 0x052ce8b5UL, 0x11a9cfb0UL, 0xe5952f11UL, 0xece7990aUL, 0x9386d174UL, 
 0x2a42931cUL, 0x76e38111UL, 0xb12def3aUL, 0x37ddddfcUL, 0xde9adeb1UL, 0x0a0cc32cUL, 
@@ -375,11 +375,15 @@ static const unsigned long S8[256] = {
 0x50b2ad80UL, 0xeaee6801UL, 0x8db2a283UL, 0xea8bf59eUL};
 
 /* returns the i'th byte of a variable */
-#define GB(x, i) (((x[(15-i)>>2])>>(unsigned)(8*((15-i)&3)))&255)
+#ifdef _MSC_VER
+   #define GB(x, i) ((unsigned char)((x[(15-i)>>2])>>(unsigned)(8*((15-i)&3))))
+#else   
+   #define GB(x, i) (((x[(15-i)>>2])>>(unsigned)(8*((15-i)&3)))&255)
+#endif   
 
 int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
 {
-   unsigned long x[4], z[4];
+   ulong32 x[4], z[4];
    unsigned char buf[16];
    int y, i;
 
@@ -464,25 +468,25 @@ int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_
    #define INLINE 
 #endif   
    
-INLINE static unsigned long FI(unsigned long R, unsigned long Km, unsigned long Kr)
+INLINE static ulong32 FI(ulong32 R, ulong32 Km, ulong32 Kr)
 {
-   unsigned long I;
+   ulong32 I;
    I = (Km + R);
    I = ROL(I, Kr);
    return ((S1[byte(I, 3)] ^ S2[byte(I,2)]) - S3[byte(I,1)]) + S4[byte(I,0)];
 }
    
-INLINE static unsigned long FII(unsigned long R, unsigned long Km, unsigned long Kr)
+INLINE static ulong32 FII(ulong32 R, ulong32 Km, ulong32 Kr)
 {
-   unsigned long I;
+   ulong32 I;
    I = (Km ^ R);
    I = ROL(I, Kr);
    return ((S1[byte(I, 3)] - S2[byte(I,2)]) + S3[byte(I,1)]) ^ S4[byte(I,0)];
 }
 
-INLINE static unsigned long FIII(unsigned long R, unsigned long Km, unsigned long Kr)
+INLINE static ulong32 FIII(ulong32 R, ulong32 Km, ulong32 Kr)
 {
-   unsigned long I;
+   ulong32 I;
    I = (Km - R);
    I = ROL(I, Kr);
    return ((S1[byte(I, 3)] + S2[byte(I,2)]) ^ S3[byte(I,1)]) - S4[byte(I,0)];
@@ -490,7 +494,7 @@ INLINE static unsigned long FIII(unsigned long R, unsigned long Km, unsigned lon
 
 void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 {
-   unsigned long R, L;
+   ulong32 R, L;
 
    _ARGCHK(pt != NULL);
    _ARGCHK(ct != NULL);
@@ -523,7 +527,7 @@ void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
 
 void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 {
-   unsigned long R, L;
+   ulong32 R, L;
 
    _ARGCHK(pt != NULL);
    _ARGCHK(ct != NULL);

changes

@@ -1,3 +1,13 @@
+Jul 10th, 2003
+v0.88  -- Sped up CAST5 key schedule for MSVC
+       -- added "ulong32" which allows people on 64-bit platforms to force the 32-bit tables in
+          ciphers like blowfish and AES to be 32-bits.  E.g. when unsigned long is 64-bits.
+       -- Optimized the SAFER-SK64, SAFER-SK128, SAFER+, RC5 and RC6 key schedule [big time!]
+       -- Optimized SHA-1 and SHA-256 quite a bit too.
+       -- Fixed up the makefile to use -fomit-frame-pointer more liberally
+       -- Added tv_gen program which makes test vectors for ciphers/hashes
+       -- Merged in LibTomMath v0.22
+       
 Jun 19th, 2003
 v0.87  -- Many MSVC optimizations to the code base
        -- Improved the AES and Twofish key schedule [faster, more constant time]

crypt.out

@@ -1,76 +1,76 @@
-\BOOKMARK [0][-]{chapter.1}{Introduction}{}
-\BOOKMARK [1][-]{section.1.1}{What is the LibTomCrypt?}{chapter.1}
-\BOOKMARK [2][-]{subsection.1.1.1}{What the library IS for?}{section.1.1}
-\BOOKMARK [2][-]{subsection.1.1.2}{What the library IS NOT for?}{section.1.1}
-\BOOKMARK [1][-]{section.1.2}{Why did I write it?}{chapter.1}
-\BOOKMARK [2][-]{subsection.1.2.1}{Modular}{section.1.2}
-\BOOKMARK [1][-]{section.1.3}{License}{chapter.1}
-\BOOKMARK [1][-]{section.1.4}{Patent Disclosure}{chapter.1}
-\BOOKMARK [1][-]{section.1.5}{Building the library}{chapter.1}
-\BOOKMARK [1][-]{section.1.6}{Building against the library}{chapter.1}
-\BOOKMARK [1][-]{section.1.7}{Thanks}{chapter.1}
-\BOOKMARK [0][-]{chapter.2}{The Application Programming Interface \(API\)}{}
-\BOOKMARK [1][-]{section.2.1}{Introduction}{chapter.2}
-\BOOKMARK [1][-]{section.2.2}{Macros}{chapter.2}
-\BOOKMARK [1][-]{section.2.3}{Functions with Variable Length Output}{chapter.2}
-\BOOKMARK [1][-]{section.2.4}{Functions that need a PRNG}{chapter.2}
-\BOOKMARK [1][-]{section.2.5}{Functions that use Arrays of Octets}{chapter.2}
-\BOOKMARK [0][-]{chapter.3}{Symmetric Block Ciphers}{}
-\BOOKMARK [1][-]{section.3.1}{Core Functions}{chapter.3}
-\BOOKMARK [1][-]{section.3.2}{Key Sizes and Number of Rounds}{chapter.3}
-\BOOKMARK [1][-]{section.3.3}{The Cipher Descriptors}{chapter.3}
-\BOOKMARK [2][-]{subsection.3.3.1}{Notes}{section.3.3}
-\BOOKMARK [1][-]{section.3.4}{Symmetric Modes of Operations}{chapter.3}
-\BOOKMARK [2][-]{subsection.3.4.1}{Background}{section.3.4}
-\BOOKMARK [2][-]{subsection.3.4.2}{Choice of Mode}{section.3.4}
-\BOOKMARK [2][-]{subsection.3.4.3}{Implementation}{section.3.4}
-\BOOKMARK [0][-]{chapter.4}{One-Way Cryptographic Hash Functions}{}
-\BOOKMARK [1][-]{section.4.1}{Core Functions}{chapter.4}
-\BOOKMARK [1][-]{section.4.2}{Hash Descriptors}{chapter.4}
-\BOOKMARK [2][-]{subsection.4.2.1}{Notice}{section.4.2}
-\BOOKMARK [1][-]{section.4.3}{Hash based Message Authenication Codes}{chapter.4}
-\BOOKMARK [0][-]{chapter.5}{Pseudo-Random Number Generators}{}
-\BOOKMARK [1][-]{section.5.1}{Core Functions}{chapter.5}
-\BOOKMARK [2][-]{subsection.5.1.1}{Remarks}{section.5.1}
-\BOOKMARK [2][-]{subsection.5.1.2}{Example}{section.5.1}
-\BOOKMARK [1][-]{section.5.2}{PRNG Descriptors}{chapter.5}
-\BOOKMARK [1][-]{section.5.3}{The Secure RNG}{chapter.5}
-\BOOKMARK [2][-]{subsection.5.3.1}{The Secure PRNG Interface}{section.5.3}
-\BOOKMARK [0][-]{chapter.6}{RSA Routines}{}
-\BOOKMARK [1][-]{section.6.1}{Background}{chapter.6}
-\BOOKMARK [1][-]{section.6.2}{Core Functions}{chapter.6}
-\BOOKMARK [1][-]{section.6.3}{Packet Routines}{chapter.6}
-\BOOKMARK [1][-]{section.6.4}{Remarks}{chapter.6}
-\BOOKMARK [0][-]{chapter.7}{Diffie-Hellman Key Exchange}{}
-\BOOKMARK [1][-]{section.7.1}{Background}{chapter.7}
-\BOOKMARK [1][-]{section.7.2}{Core Functions}{chapter.7}
-\BOOKMARK [2][-]{subsection.7.2.1}{Remarks on Usage}{section.7.2}
-\BOOKMARK [2][-]{subsection.7.2.2}{Remarks on The Snippet}{section.7.2}
-\BOOKMARK [1][-]{section.7.3}{Other Diffie-Hellman Functions}{chapter.7}
-\BOOKMARK [1][-]{section.7.4}{DH Packet}{chapter.7}
-\BOOKMARK [0][-]{chapter.8}{Elliptic Curve Cryptography}{}
-\BOOKMARK [1][-]{section.8.1}{Background}{chapter.8}
-\BOOKMARK [1][-]{section.8.2}{Core Functions}{chapter.8}
-\BOOKMARK [1][-]{section.8.3}{ECC Packet}{chapter.8}
-\BOOKMARK [1][-]{section.8.4}{ECC Keysizes}{chapter.8}
-\BOOKMARK [0][-]{chapter.9}{Public Keyrings}{}
-\BOOKMARK [1][-]{section.9.1}{Introduction}{chapter.9}
-\BOOKMARK [1][-]{section.9.2}{The Keyring API}{chapter.9}
-\BOOKMARK [0][-]{chapter.10}{GF\(2w\) Math Routines}{}
-\BOOKMARK [0][-]{chapter.11}{Miscellaneous}{}
-\BOOKMARK [1][-]{section.11.1}{Base64 Encoding and Decoding}{chapter.11}
-\BOOKMARK [1][-]{section.11.2}{The Multiple Precision Integer Library \(MPI\)}{chapter.11}
-\BOOKMARK [2][-]{subsection.11.2.1}{Binary Forms of ``mp\137int'' Variables}{section.11.2}
-\BOOKMARK [2][-]{subsection.11.2.2}{Primality Testing}{section.11.2}
-\BOOKMARK [0][-]{chapter.12}{Programming Guidelines}{}
-\BOOKMARK [1][-]{section.12.1}{Secure Pseudo Random Number Generators}{chapter.12}
-\BOOKMARK [1][-]{section.12.2}{Preventing Trivial Errors}{chapter.12}
-\BOOKMARK [1][-]{section.12.3}{Registering Your Algorithms}{chapter.12}
-\BOOKMARK [1][-]{section.12.4}{Key Sizes}{chapter.12}
-\BOOKMARK [2][-]{subsection.12.4.1}{Symmetric Ciphers}{section.12.4}
-\BOOKMARK [2][-]{subsection.12.4.2}{Assymetric Ciphers}{section.12.4}
-\BOOKMARK [1][-]{section.12.5}{Thread Safety}{chapter.12}
-\BOOKMARK [0][-]{chapter.13}{Configuring the Library}{}
-\BOOKMARK [1][-]{section.13.1}{Introduction}{chapter.13}
-\BOOKMARK [1][-]{section.13.2}{mycrypt\137cfg.h}{chapter.13}
-\BOOKMARK [1][-]{section.13.3}{The Configure Script}{chapter.13}
+\BOOKMARK [0][-]{chapter.1}{Introduction}{}
+\BOOKMARK [1][-]{section.1.1}{What is the LibTomCrypt?}{chapter.1}
+\BOOKMARK [2][-]{subsection.1.1.1}{What the library IS for?}{section.1.1}
+\BOOKMARK [2][-]{subsection.1.1.2}{What the library IS NOT for?}{section.1.1}
+\BOOKMARK [1][-]{section.1.2}{Why did I write it?}{chapter.1}
+\BOOKMARK [2][-]{subsection.1.2.1}{Modular}{section.1.2}
+\BOOKMARK [1][-]{section.1.3}{License}{chapter.1}
+\BOOKMARK [1][-]{section.1.4}{Patent Disclosure}{chapter.1}
+\BOOKMARK [1][-]{section.1.5}{Building the library}{chapter.1}
+\BOOKMARK [1][-]{section.1.6}{Building against the library}{chapter.1}
+\BOOKMARK [1][-]{section.1.7}{Thanks}{chapter.1}
+\BOOKMARK [0][-]{chapter.2}{The Application Programming Interface \(API\)}{}
+\BOOKMARK [1][-]{section.2.1}{Introduction}{chapter.2}
+\BOOKMARK [1][-]{section.2.2}{Macros}{chapter.2}
+\BOOKMARK [1][-]{section.2.3}{Functions with Variable Length Output}{chapter.2}
+\BOOKMARK [1][-]{section.2.4}{Functions that need a PRNG}{chapter.2}
+\BOOKMARK [1][-]{section.2.5}{Functions that use Arrays of Octets}{chapter.2}
+\BOOKMARK [0][-]{chapter.3}{Symmetric Block Ciphers}{}
+\BOOKMARK [1][-]{section.3.1}{Core Functions}{chapter.3}
+\BOOKMARK [1][-]{section.3.2}{Key Sizes and Number of Rounds}{chapter.3}
+\BOOKMARK [1][-]{section.3.3}{The Cipher Descriptors}{chapter.3}
+\BOOKMARK [2][-]{subsection.3.3.1}{Notes}{section.3.3}
+\BOOKMARK [1][-]{section.3.4}{Symmetric Modes of Operations}{chapter.3}
+\BOOKMARK [2][-]{subsection.3.4.1}{Background}{section.3.4}
+\BOOKMARK [2][-]{subsection.3.4.2}{Choice of Mode}{section.3.4}
+\BOOKMARK [2][-]{subsection.3.4.3}{Implementation}{section.3.4}
+\BOOKMARK [0][-]{chapter.4}{One-Way Cryptographic Hash Functions}{}
+\BOOKMARK [1][-]{section.4.1}{Core Functions}{chapter.4}
+\BOOKMARK [1][-]{section.4.2}{Hash Descriptors}{chapter.4}
+\BOOKMARK [2][-]{subsection.4.2.1}{Notice}{section.4.2}
+\BOOKMARK [1][-]{section.4.3}{Hash based Message Authenication Codes}{chapter.4}
+\BOOKMARK [0][-]{chapter.5}{Pseudo-Random Number Generators}{}
+\BOOKMARK [1][-]{section.5.1}{Core Functions}{chapter.5}
+\BOOKMARK [2][-]{subsection.5.1.1}{Remarks}{section.5.1}
+\BOOKMARK [2][-]{subsection.5.1.2}{Example}{section.5.1}
+\BOOKMARK [1][-]{section.5.2}{PRNG Descriptors}{chapter.5}
+\BOOKMARK [1][-]{section.5.3}{The Secure RNG}{chapter.5}
+\BOOKMARK [2][-]{subsection.5.3.1}{The Secure PRNG Interface}{section.5.3}
+\BOOKMARK [0][-]{chapter.6}{RSA Routines}{}
+\BOOKMARK [1][-]{section.6.1}{Background}{chapter.6}
+\BOOKMARK [1][-]{section.6.2}{Core Functions}{chapter.6}
+\BOOKMARK [1][-]{section.6.3}{Packet Routines}{chapter.6}
+\BOOKMARK [1][-]{section.6.4}{Remarks}{chapter.6}
+\BOOKMARK [0][-]{chapter.7}{Diffie-Hellman Key Exchange}{}
+\BOOKMARK [1][-]{section.7.1}{Background}{chapter.7}
+\BOOKMARK [1][-]{section.7.2}{Core Functions}{chapter.7}
+\BOOKMARK [2][-]{subsection.7.2.1}{Remarks on Usage}{section.7.2}
+\BOOKMARK [2][-]{subsection.7.2.2}{Remarks on The Snippet}{section.7.2}
+\BOOKMARK [1][-]{section.7.3}{Other Diffie-Hellman Functions}{chapter.7}
+\BOOKMARK [1][-]{section.7.4}{DH Packet}{chapter.7}
+\BOOKMARK [0][-]{chapter.8}{Elliptic Curve Cryptography}{}
+\BOOKMARK [1][-]{section.8.1}{Background}{chapter.8}
+\BOOKMARK [1][-]{section.8.2}{Core Functions}{chapter.8}
+\BOOKMARK [1][-]{section.8.3}{ECC Packet}{chapter.8}
+\BOOKMARK [1][-]{section.8.4}{ECC Keysizes}{chapter.8}
+\BOOKMARK [0][-]{chapter.9}{Public Keyrings}{}
+\BOOKMARK [1][-]{section.9.1}{Introduction}{chapter.9}
+\BOOKMARK [1][-]{section.9.2}{The Keyring API}{chapter.9}
+\BOOKMARK [0][-]{chapter.10}{GF\(2w\) Math Routines}{}
+\BOOKMARK [0][-]{chapter.11}{Miscellaneous}{}
+\BOOKMARK [1][-]{section.11.1}{Base64 Encoding and Decoding}{chapter.11}
+\BOOKMARK [1][-]{section.11.2}{The Multiple Precision Integer Library \(MPI\)}{chapter.11}
+\BOOKMARK [2][-]{subsection.11.2.1}{Binary Forms of ``mp\137int'' Variables}{section.11.2}
+\BOOKMARK [2][-]{subsection.11.2.2}{Primality Testing}{section.11.2}
+\BOOKMARK [0][-]{chapter.12}{Programming Guidelines}{}
+\BOOKMARK [1][-]{section.12.1}{Secure Pseudo Random Number Generators}{chapter.12}
+\BOOKMARK [1][-]{section.12.2}{Preventing Trivial Errors}{chapter.12}
+\BOOKMARK [1][-]{section.12.3}{Registering Your Algorithms}{chapter.12}
+\BOOKMARK [1][-]{section.12.4}{Key Sizes}{chapter.12}
+\BOOKMARK [2][-]{subsection.12.4.1}{Symmetric Ciphers}{section.12.4}
+\BOOKMARK [2][-]{subsection.12.4.2}{Assymetric Ciphers}{section.12.4}
+\BOOKMARK [1][-]{section.12.5}{Thread Safety}{chapter.12}
+\BOOKMARK [0][-]{chapter.13}{Configuring the Library}{}
+\BOOKMARK [1][-]{section.13.1}{Introduction}{chapter.13}
+\BOOKMARK [1][-]{section.13.2}{mycrypt\137cfg.h}{chapter.13}
+\BOOKMARK [1][-]{section.13.3}{The Configure Script}{chapter.13}

crypt.tex

@@ -47,7 +47,7 @@
 \def\gap{\vspace{0.5ex}}
 \makeindex
 \begin{document}
-\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.87}
+\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.88}
 \author{Tom St Denis \\
 Algonquin College \\
 \\

demos/test.c

@@ -1261,7 +1261,7 @@ gf_tests (void)
 void
 test_prime (void)
 {
-  unsigned char buf[1024];
+  char buf[1024];
   mp_int  a;
   int     x;
 

demos/tv_gen.c

@@ -0,0 +1,167 @@
+#include <mycrypt.h>
+
+void reg_algs(void)
+{
+#ifdef RIJNDAEL
+  register_cipher (&aes_desc);
+#endif
+#ifdef BLOWFISH
+  register_cipher (&blowfish_desc);
+#endif
+#ifdef XTEA
+  register_cipher (&xtea_desc);
+#endif
+#ifdef RC5
+  register_cipher (&rc5_desc);
+#endif
+#ifdef RC6
+  register_cipher (&rc6_desc);
+#endif
+#ifdef SAFERP
+  register_cipher (&saferp_desc);
+#endif
+#ifdef TWOFISH
+  register_cipher (&twofish_desc);
+#endif
+#ifdef SAFER
+  register_cipher (&safer_k64_desc);
+  register_cipher (&safer_sk64_desc);
+  register_cipher (&safer_k128_desc);
+  register_cipher (&safer_sk128_desc);
+#endif
+#ifdef RC2
+  register_cipher (&rc2_desc);
+#endif
+#ifdef DES
+  register_cipher (&des_desc);
+  register_cipher (&des3_desc);
+#endif
+#ifdef CAST5
+  register_cipher (&cast5_desc);
+#endif
+#ifdef NOEKEON
+  register_cipher (&noekeon_desc);
+#endif
+
+#ifdef TIGER
+  register_hash (&tiger_desc);
+#endif
+#ifdef MD2
+  register_hash (&md2_desc);
+#endif
+#ifdef MD4
+  register_hash (&md4_desc);
+#endif
+#ifdef MD5
+  register_hash (&md5_desc);
+#endif
+#ifdef SHA1
+  register_hash (&sha1_desc);
+#endif
+#ifdef SHA256
+  register_hash (&sha256_desc);
+#endif
+#ifdef SHA384
+  register_hash (&sha384_desc);
+#endif
+#ifdef SHA512
+  register_hash (&sha512_desc);
+#endif
+}
+
+void hash_gen(void)
+{
+   unsigned char md[MAXBLOCKSIZE], buf[MAXBLOCKSIZE*2+2];
+   unsigned long outlen, x, y, z;
+   FILE *out;
+   
+   out = fopen("hash_tv.txt", "w");
+   
+   fprintf(out, "Hash Test Vectors:\n\nThese are the hashes of nn bytes '00 01 02 03 .. (nn-1)'\n\n");
+   for (x = 0; hash_descriptor[x].name != NULL; x++) {
+      fprintf(out, "Hash: %s\n", hash_descriptor[x].name);
+      
+      for (y = 0; y <= (hash_descriptor[x].blocksize * 2); y++) {
+         for (z = 0; z < y; z++) {
+            buf[z] = (unsigned char)z;
+         }
+         outlen = sizeof(md);
+         hash_memory(x, buf, y, md, &outlen);
+         fprintf(out, "%3lu: ", y);
+         for (z = 0; z < outlen; z++) {
+            fprintf(out, "%02X", md[z]);
+         }
+         fprintf(out, "\n");
+      }
+      fprintf(out, "\n");
+   }
+   fclose(out);
+}
+
+void cipher_gen(void)
+{
+   unsigned char key[MAXBLOCKSIZE], pt[MAXBLOCKSIZE];
+   unsigned long x, y, z, w;
+   int kl, lastkl;
+   FILE *out;
+   symmetric_key skey;
+   
+   out = fopen("cipher_tv.txt", "w");
+   
+   fprintf(out, "Cipher Test Vectors\n\nThese are test encryptions with key of nn bytes '00 01 02 03 .. (nn-1)' and original PT of the same style.\n\n");
+   for (x = 0; cipher_descriptor[x].name != NULL; x++) {
+      fprintf(out, "Cipher: %s\n", cipher_descriptor[x].name);
+      
+      /* three modes, smallest, medium, large keys */
+      lastkl = 10000;
+      for (y = 0; y < 3; y++) {
+         switch (y) {
+            case 0: kl = cipher_descriptor[x].min_key_length; break;
+            case 1: kl = (cipher_descriptor[x].min_key_length + cipher_descriptor[x].max_key_length)/2; break;
+            case 2: kl = cipher_descriptor[x].max_key_length; break;
+         }
+         cipher_descriptor[x].keysize(&kl);
+         if (kl == lastkl) break;
+         lastkl = kl;
+         fprintf(out, "Key Size: %d bytes\n", kl);
+
+         for (z = 0; (int)z < kl; z++) {
+             key[z] = (unsigned char)z;
+         }
+         cipher_descriptor[x].setup(key, kl, 0, &skey);
+         
+         for (z = 0; (int)z < cipher_descriptor[x].block_length; z++) {
+            pt[z] = (unsigned char)z;
+         }
+         for (w = 0; w < 25; w++) {
+             cipher_descriptor[x].ecb_encrypt(pt, pt, &skey);
+             fprintf(out, "%2lu: ", w);
+             for (z = 0; (int)z < cipher_descriptor[x].block_length; z++) {
+                fprintf(out, "%02X", pt[z]);
+             }
+             fprintf(out, "\n");
+         }
+         fprintf(out, "\n");
+     }
+     fprintf(out, "\n");
+  }
+  fclose(out);
+}  
+   
+
+int main(void)
+{
+   reg_algs();
+   hash_gen();
+   cipher_gen();
+   
+   return 0;
+}
+
+
+         
+      
+      
+      
+    
+   

demos/x86_prof.c

@@ -1,291 +1,283 @@
-#include <mycrypt.h>
-
-#define KTIMES  25
-#define TIMES   10000
-
-/* RDTSC from Scott Duplichan */
-static ulong64 rdtsc (void)
-   {
-   #if defined __GNUC__
-      #ifdef i386
-         ulong64 a;
-         asm volatile("rdtsc ":"=A" (a));
-         return a;
-      #else /* gcc-IA64 version */
-         unsigned long result;
-         __asm__ __volatile__("mov %0=ar.itc" : "=r"(result) :: "memory");
-         while (__builtin_expect ((int) result == -1, 0))
-         __asm__ __volatile__("mov %0=ar.itc" : "=r"(result) :: "memory");
-         return result;
-      #endif
-
-   // Microsoft and Intel Windows compilers
-   #elif defined _M_IX86
-     __asm rdtsc
-   #elif defined _M_AMD64
-     return __rdtsc ();
-   #elif defined _M_IA64
-     #if defined __INTEL_COMPILER
-       #include <ia64intrin.h>
-     #endif
-      return __getReg (3116);
-   #else
-     #error need rdtsc function for this build
-   #endif
-   }
-
-ulong64 timer, skew = 0;
-
-void t_start(void)
-{
-   timer = rdtsc();
-}
-
-ulong64 t_read(void)
-{
-   return rdtsc() - timer;
-}
-
-void init_timer(void)
-{
-   ulong64 c1, c2, t1, t2, t3;
-   unsigned long y1;
-   
-   c1 = c2 = (ulong64)-1;
-   for (y1 = 0; y1 < TIMES*100; y1++) {
-      t_start();
-      t1 = t_read();
-      t3 = t_read();
-      t2 = t_read() - t1;
-      
-      c1 = (c1 > t1) ? t1 : c1;
-      c2 = (c2 > t2) ? t2 : c2;
-   }
-   skew = c2 - c1;
-   printf("Clock Skew: %lu\n", (unsigned long)skew);
-}  
-
-void reg_algs(void)
-{
-#ifdef RIJNDAEL
-  register_cipher (&aes_desc);
-#endif
-#ifdef BLOWFISH
-  register_cipher (&blowfish_desc);
-#endif
-#ifdef XTEA
-  register_cipher (&xtea_desc);
-#endif
-#ifdef RC5
-  register_cipher (&rc5_desc);
-#endif
-#ifdef RC6
-  register_cipher (&rc6_desc);
-#endif
-#ifdef SAFERP
-  register_cipher (&saferp_desc);
-#endif
-#ifdef TWOFISH
-  register_cipher (&twofish_desc);
-#endif
-#ifdef SAFER
-  register_cipher (&safer_k64_desc);
-  register_cipher (&safer_sk64_desc);
-  register_cipher (&safer_k128_desc);
-  register_cipher (&safer_sk128_desc);
-#endif
-#ifdef RC2
-  register_cipher (&rc2_desc);
-#endif
-#ifdef DES
-  register_cipher (&des_desc);
-  register_cipher (&des3_desc);
-#endif
-#ifdef CAST5
-  register_cipher (&cast5_desc);
-#endif
-#ifdef NOEKEON
-  register_cipher (&noekeon_desc);
-#endif
-
-#ifdef TIGER
-  register_hash (&tiger_desc);
-#endif
-#ifdef MD2
-  register_hash (&md2_desc);
-#endif
-#ifdef MD4
-  register_hash (&md4_desc);
-#endif
-#ifdef MD5
-  register_hash (&md5_desc);
-#endif
-#ifdef SHA1
-  register_hash (&sha1_desc);
-#endif
-#ifdef SHA256
-  register_hash (&sha256_desc);
-#endif
-#ifdef SHA384
-  register_hash (&sha384_desc);
-#endif
-#ifdef SHA512
-  register_hash (&sha512_desc);
-#endif
-
-}
-
-int time_keysched(void)
-{
-  unsigned long x, i, y1;
-  ulong64 t1, c1;
-  symmetric_key skey;
-  int kl;
-  int    (*func) (const unsigned char *, int , int , symmetric_key *);
-  unsigned char key[256][MAXBLOCKSIZE];
-
-
-  printf ("\n\nKey Schedule Time Trials for the Symmetric Ciphers:\n(Times are cycles per key)\n");
-  for (x = 0; cipher_descriptor[x].name != NULL; x++) {
-#define DO1(k)   func(k, kl, 0, &skey);
-
-    func = cipher_descriptor[x].setup;
-    kl   = cipher_descriptor[x].min_key_length;
-    c1 = (ulong64)-1;
-    for (y1 = 0; y1 < KTIMES; y1++) {
-       for (i = 0; i < 256; i++) {
-          rng_get_bytes(key[i], kl, NULL);    
-       }
-    
-       t_start();
-       for (i = 0; i < 256; i++) {
-          DO1(key[i]);
-       }
-       t1 = t_read() >> 8;
-       if (t1 < c1) { if (y1 > 0) --y1; }
-       c1 = (t1 > c1) ? c1 : t1;
-    }
-    t1 = c1 - skew;
-    printf
-      ("%-20s: Schedule at %6lu\n", cipher_descriptor[x].name, (unsigned long)t1);
-
-#undef DO1
-   }
-   
-   return 0;
-}
-
-int time_cipher(void)
-{
-  unsigned long x, y1;
-  ulong64  t1, t2, c1, c2, a1, a2;
-  symmetric_key skey;
-  void    (*func) (const unsigned char *, unsigned char *, symmetric_key *);
-  unsigned char key[MAXBLOCKSIZE], pt[MAXBLOCKSIZE];
-
-
-  printf ("\n\nECB Time Trials for the Symmetric Ciphers:\n");
-  for (x = 0; cipher_descriptor[x].name != NULL; x++) {
-    cipher_descriptor[x].setup (key, cipher_descriptor[x].min_key_length, 0,
-                &skey);
-
-#define DO1   func(pt,pt,&skey);
-#define DO2   DO1 DO1
-
-    func = cipher_descriptor[x].ecb_encrypt;
-    c1 = c2 = (ulong64)-1;
-    for (y1 = 0; y1 < TIMES; y1++) {
-        t_start();
-        DO1;
-        t1 = t_read();
-        DO2;
-        t2 = t_read();
-        t2 -= t1;
-        
-        c1 = (t1 > c1 ? c1 : t1);
-        c2 = (t2 > c2 ? c2 : t2);
-    }
-    a1 = c2 - c1 - skew;
-        
-        
-    func = cipher_descriptor[x].ecb_decrypt;
-    c1 = c2 = (ulong64)-1;
-    for (y1 = 0; y1 < TIMES; y1++) {
-        t_start();
-        DO1;
-        t1 = t_read();
-        DO2;
-        t2 = t_read();
-        t2 -= t1;
-        
-        c1 = (t1 > c1 ? c1 : t1);
-        c2 = (t2 > c2 ? c2 : t2);
-    }
-    a2 = c2 - c1 - skew;
-    
-    printf
-      ("%-20s: Encrypt at %7.3f, Decrypt at %7.3f\n", cipher_descriptor[x].name, a1/(double)cipher_descriptor[x].block_length, a2/(double)cipher_descriptor[x].block_length);
-
-#undef DO2
-#undef DO1
-   }
-   
-   return 0;
-}
-
-int time_hash(void)
-{
-  unsigned long x, y1, len;
-  ulong64 t1, t2, c1, c2;
-  hash_state md;
-  void    (*func)(hash_state *, const unsigned char *, unsigned long);
-  unsigned char pt[MAXBLOCKSIZE];
-
- 
-  printf ("\n\nHASH Time Trials for:\n");
-  for (x = 0; hash_descriptor[x].name != NULL; x++) {
-    hash_descriptor[x].init(&md);
-
-#define DO1   func(&md,pt,len);
-#define DO2   DO1 DO1
-
-    func = hash_descriptor[x].process;
-    len  = hash_descriptor[x].blocksize;
-    
-    c1 = c2 = (ulong64)-1;
-    for (y1 = 0; y1 < TIMES; y1++) {
-       t_start();
-       DO1;
-       t1 = t_read();
-       DO2;
-       t2 = t_read() - t1;
-       c1 = (t1 > c1) ? c1 : t1;
-       c2 = (t2 > c2) ? c2 : t2;
-    }
-    t1 = c2 - c1 - skew;   
-    t1 = ((t1 * CONST64(1000))) / ((ulong64)hash_descriptor[x].blocksize);
-    
-    printf
-      ("%-20s: Process at %9.3f\n", hash_descriptor[x].name, t1 / 1000.0);
-
-#undef DO2
-#undef DO1
-   }
-   
-   return 0;
-}
-
-int main(void)
-{
-  reg_algs();
-
-  printf("Timings for ciphers and hashes.  Times are listed as cycles per byte processed.\n\n");
-  
-//  init_timer();
-  time_keysched();
-  time_cipher();
-  time_hash();
-  
-  return EXIT_SUCCESS;
-}  
-
+#include <mycrypt.h>
+
+#define KTIMES  25
+#define TIMES   100000
+
+/* RDTSC from Scott Duplichan */
+static ulong64 rdtsc (void)
+   {
+   #if defined __GNUC__
+      #ifdef i386
+         ulong64 a;
+         asm volatile("rdtsc ":"=A" (a));
+         return a;
+      #else /* gcc-IA64 version */
+         unsigned long result;
+         __asm__ __volatile__("mov %0=ar.itc" : "=r"(result) :: "memory");
+         while (__builtin_expect ((int) result == -1, 0))
+         __asm__ __volatile__("mov %0=ar.itc" : "=r"(result) :: "memory");
+         return result;
+      #endif
+
+   // Microsoft and Intel Windows compilers
+   #elif defined _M_IX86
+     __asm rdtsc
+   #elif defined _M_AMD64
+     return __rdtsc ();
+   #elif defined _M_IA64
+     #if defined __INTEL_COMPILER
+       #include <ia64intrin.h>
+     #endif
+      return __getReg (3116);
+   #else
+     #error need rdtsc function for this build
+   #endif
+   }
+
+ulong64 timer, skew = 0;
+
+void t_start(void)
+{
+   timer = rdtsc();
+}
+
+ulong64 t_read(void)
+{
+   return rdtsc() - timer;
+}
+
+void init_timer(void)
+{
+   ulong64 c1, c2, t1, t2, t3;
+   unsigned long y1;
+   
+   c1 = c2 = (ulong64)-1;
+   for (y1 = 0; y1 < TIMES*100; y1++) {
+      t_start();
+      t1 = t_read();
+      t3 = t_read();
+      t2 = t_read() - t1;
+      
+      c1 = (c1 > t1) ? t1 : c1;
+      c2 = (c2 > t2) ? t2 : c2;
+   }
+   skew = c2 - c1;
+   printf("Clock Skew: %lu\n", (unsigned long)skew);
+}  
+
+void reg_algs(void)
+{
+#ifdef RIJNDAEL
+  register_cipher (&aes_desc);
+#endif
+#ifdef BLOWFISH
+  register_cipher (&blowfish_desc);
+#endif
+#ifdef XTEA
+  register_cipher (&xtea_desc);
+#endif
+#ifdef RC5
+  register_cipher (&rc5_desc);
+#endif
+#ifdef RC6
+  register_cipher (&rc6_desc);
+#endif
+#ifdef SAFERP
+  register_cipher (&saferp_desc);
+#endif
+#ifdef TWOFISH
+  register_cipher (&twofish_desc);
+#endif
+#ifdef SAFER
+  register_cipher (&safer_k64_desc);
+  register_cipher (&safer_sk64_desc);
+  register_cipher (&safer_k128_desc);
+  register_cipher (&safer_sk128_desc);
+#endif
+#ifdef RC2
+  register_cipher (&rc2_desc);
+#endif
+#ifdef DES
+  register_cipher (&des_desc);
+  register_cipher (&des3_desc);
+#endif
+#ifdef CAST5
+  register_cipher (&cast5_desc);
+#endif
+#ifdef NOEKEON
+  register_cipher (&noekeon_desc);
+#endif
+
+#ifdef TIGER
+  register_hash (&tiger_desc);
+#endif
+#ifdef MD2
+  register_hash (&md2_desc);
+#endif
+#ifdef MD4
+  register_hash (&md4_desc);
+#endif
+#ifdef MD5
+  register_hash (&md5_desc);
+#endif
+#ifdef SHA1
+  register_hash (&sha1_desc);
+#endif
+#ifdef SHA256
+  register_hash (&sha256_desc);
+#endif
+#ifdef SHA384
+  register_hash (&sha384_desc);
+#endif
+#ifdef SHA512
+  register_hash (&sha512_desc);
+#endif
+
+}
+
+int time_keysched(void)
+{
+  unsigned long x, i, y1;
+  ulong64 t1, c1;
+  symmetric_key skey;
+  int kl;
+  int    (*func) (const unsigned char *, int , int , symmetric_key *);
+  unsigned char key[MAXBLOCKSIZE];
+
+  printf ("\n\nKey Schedule Time Trials for the Symmetric Ciphers:\n(Times are cycles per key)\n");
+  for (x = 0; cipher_descriptor[x].name != NULL; x++) {
+#define DO1(k)   func(k, kl, 0, &skey);
+
+    func = cipher_descriptor[x].setup;
+    kl   = cipher_descriptor[x].min_key_length;
+    c1 = (ulong64)-1;
+    for (y1 = 0; y1 < KTIMES; y1++) {
+       rng_get_bytes(key, kl, NULL);
+       t_start();
+       DO1(key);
+       t1 = t_read();
+       c1 = (t1 > c1) ? c1 : t1;
+    }
+    t1 = c1 - skew;
+    printf("%-20s: Schedule at %6lu\n", cipher_descriptor[x].name, (unsigned long)t1);
+
+#undef DO1
+   }
+   
+   return 0;
+}
+
+int time_cipher(void)
+{
+  unsigned long x, y1;
+  ulong64  t1, t2, c1, c2, a1, a2;
+  symmetric_key skey;
+  void    (*func) (const unsigned char *, unsigned char *, symmetric_key *);
+  unsigned char key[MAXBLOCKSIZE], pt[MAXBLOCKSIZE];
+
+
+  printf ("\n\nECB Time Trials for the Symmetric Ciphers:\n");
+  for (x = 0; cipher_descriptor[x].name != NULL; x++) {
+    cipher_descriptor[x].setup (key, cipher_descriptor[x].min_key_length, 0,
+                &skey);
+
+#define DO1   func(pt,pt,&skey);
+#define DO2   DO1 DO1
+
+    func = cipher_descriptor[x].ecb_encrypt;
+    c1 = c2 = (ulong64)-1;
+    for (y1 = 0; y1 < TIMES; y1++) {
+        t_start();
+        DO1;
+        t1 = t_read();
+        DO2;
+        t2 = t_read();
+        t2 -= t1;
+        
+        c1 = (t1 > c1 ? c1 : t1);
+        c2 = (t2 > c2 ? c2 : t2);
+    }
+    a1 = c2 - c1 - skew;
+        
+        
+    func = cipher_descriptor[x].ecb_decrypt;
+    c1 = c2 = (ulong64)-1;
+    for (y1 = 0; y1 < TIMES; y1++) {
+        t_start();
+        DO1;
+        t1 = t_read();
+        DO2;
+        t2 = t_read();
+        t2 -= t1;
+        
+        c1 = (t1 > c1 ? c1 : t1);
+        c2 = (t2 > c2 ? c2 : t2);
+    }
+    a2 = c2 - c1 - skew;
+    
+    printf
+      ("%-20s: Encrypt at %7.3f, Decrypt at %7.3f\n", cipher_descriptor[x].name, a1/(double)cipher_descriptor[x].block_length, a2/(double)cipher_descriptor[x].block_length);
+
+#undef DO2
+#undef DO1
+   }
+   
+   return 0;
+}
+
+int time_hash(void)
+{
+  unsigned long x, y1, len;
+  ulong64 t1, t2, c1, c2;
+  hash_state md;
+  void    (*func)(hash_state *, const unsigned char *, unsigned long);
+  unsigned char pt[MAXBLOCKSIZE];
+
+ 
+  printf ("\n\nHASH Time Trials for:\n");
+  for (x = 0; hash_descriptor[x].name != NULL; x++) {
+    hash_descriptor[x].init(&md);
+
+#define DO1   func(&md,pt,len);
+#define DO2   DO1 DO1
+
+    func = hash_descriptor[x].process;
+    len  = hash_descriptor[x].blocksize;
+    
+    c1 = c2 = (ulong64)-1;
+    for (y1 = 0; y1 < TIMES; y1++) {
+       t_start();
+       DO1;
+       t1 = t_read();
+       DO2;
+       t2 = t_read() - t1;
+       c1 = (t1 > c1) ? c1 : t1;
+       c2 = (t2 > c2) ? c2 : t2;
+    }
+    t1 = c2 - c1 - skew;   
+    t1 = ((t1 * CONST64(1000))) / ((ulong64)hash_descriptor[x].blocksize);
+    
+    printf
+      ("%-20s: Process at %9.3f\n", hash_descriptor[x].name, t1 / 1000.0);
+
+#undef DO2
+#undef DO1
+   }
+   
+   return 0;
+}
+
+int main(void)
+{
+  reg_algs();
+
+  printf("Timings for ciphers and hashes.  Times are listed as cycles per byte processed.\n\n");
+  
+//  init_timer();
+  time_cipher();
+  time_keysched();
+  time_hash();
+  
+  return EXIT_SUCCESS;
+}  
+

dh.c

@@ -155,8 +155,8 @@ int dh_test(void)
 #if 0
         printf("dh_test():testing size %d-bits\n", sets[x].size * 8);
 #endif
-        if (mp_read_radix(&g,(unsigned char *)sets[x].base, 64) != MP_OKAY)   { goto error; }
-        if (mp_read_radix(&p,(unsigned char *)sets[x].prime, 64) != MP_OKAY)  { goto error; }
+        if (mp_read_radix(&g,(char *)sets[x].base, 64) != MP_OKAY)   { goto error; }
+        if (mp_read_radix(&p,(char *)sets[x].prime, 64) != MP_OKAY)  { goto error; }
 
         /* ensure p is prime */
         if ((res = is_prime(&p, &primality)) != CRYPT_OK)             { goto done; }
@@ -464,7 +464,7 @@ int dh_shared_secret(dh_key *private_key, dh_key *public_key,
       return CRYPT_MEM;
    }
 
-   if (mp_read_radix(&p, (unsigned char *)sets[private_key->idx].prime, 64) != MP_OKAY)     { goto error; }
+   if (mp_read_radix(&p, (char *)sets[private_key->idx].prime, 64) != MP_OKAY)     { goto error; }
    if (mp_exptmod(&public_key->y, &private_key->x, &p, &tmp) != MP_OKAY)                    { goto error; }
 
    /* enough space for output? */

ecc.c

@@ -528,8 +528,8 @@ int ecc_test(void)
        #if 0
           printf("Testing %d\n", sets[i].size);
        #endif
-       if (mp_read_radix(&modulus, (unsigned char *)sets[i].prime, 64) != MP_OKAY)   { goto error; }
-       if (mp_read_radix(&order, (unsigned char *)sets[i].order, 64) != MP_OKAY)     { goto error; }
+       if (mp_read_radix(&modulus, (char *)sets[i].prime, 64) != MP_OKAY)   { goto error; }
+       if (mp_read_radix(&order, (char *)sets[i].order, 64) != MP_OKAY)     { goto error; }
 
        /* is prime actually prime? */
        if (is_prime(&modulus, &primality) != CRYPT_OK)           { goto error; }
@@ -545,8 +545,8 @@ int ecc_test(void)
           goto done1;
        }
 
-       if (mp_read_radix(&G->x, (unsigned char *)sets[i].Gx, 64) != MP_OKAY) { goto error; }
-       if (mp_read_radix(&G->y, (unsigned char *)sets[i].Gy, 64) != MP_OKAY) { goto error; }
+       if (mp_read_radix(&G->x, (char *)sets[i].Gx, 64) != MP_OKAY) { goto error; }
+       if (mp_read_radix(&G->y, (char *)sets[i].Gy, 64) != MP_OKAY) { goto error; }
 
        /* then we should have G == (order + 1)G */
        if (mp_add_d(&order, 1, &order) != MP_OKAY)                  { goto error; }
@@ -624,9 +624,9 @@ int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key)
    }
 
    /* read in the specs for this key */
-   if (mp_read_radix(&prime, (unsigned char *)sets[key->idx].prime, 64) != MP_OKAY)  { goto error; }
-   if (mp_read_radix(&base->x, (unsigned char *)sets[key->idx].Gx, 64) != MP_OKAY)   { goto error; }
-   if (mp_read_radix(&base->y, (unsigned char *)sets[key->idx].Gy, 64) != MP_OKAY)   { goto error; }
+   if (mp_read_radix(&prime, (char *)sets[key->idx].prime, 64) != MP_OKAY)  { goto error; }
+   if (mp_read_radix(&base->x, (char *)sets[key->idx].Gx, 64) != MP_OKAY)   { goto error; }
+   if (mp_read_radix(&base->y, (char *)sets[key->idx].Gy, 64) != MP_OKAY)   { goto error; }
    if (mp_read_unsigned_bin(&key->k, (unsigned char *)buf, keysize) != MP_OKAY)      { goto error; }
 
    /* make the public key */
@@ -671,12 +671,12 @@ static int compress_y_point(ecc_point *pt, int idx, int *result)
    }
 
    /* get x^3 - 3x + b */
-   if (mp_read_radix(&p, (unsigned char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */
+   if (mp_read_radix(&p, (char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */
    if (mp_expt_d(&pt->x, 3, &tmp) != MP_OKAY)              { goto error; } /* tmp = pX^3  */
    if (mp_mul_d(&pt->x, 3, &tmp2) != MP_OKAY)              { goto error; } /* tmp2 = 3*pX^3 */
    if (mp_sub(&tmp, &tmp2, &tmp) != MP_OKAY)               { goto error; } /* tmp = tmp - tmp2 */
    if (mp_add(&tmp, &p, &tmp) != MP_OKAY)                  { goto error; } /* tmp = tmp + p */
-   if (mp_read_radix(&p, (unsigned char *)sets[idx].prime, 64) != MP_OKAY)  { goto error; } /* p = prime */
+   if (mp_read_radix(&p, (char *)sets[idx].prime, 64) != MP_OKAY)  { goto error; } /* p = prime */
    if (mp_mod(&tmp, &p, &tmp) != MP_OKAY)                  { goto error; } /* tmp = tmp mod p */
 
    /* now find square root */
@@ -713,12 +713,12 @@ static int expand_y_point(ecc_point *pt, int idx, int result)
    }
 
    /* get x^3 - 3x + b */
-   if (mp_read_radix(&p, (unsigned char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */
+   if (mp_read_radix(&p, (char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */
    if (mp_expt_d(&pt->x, 3, &tmp) != MP_OKAY)              { goto error; } /* tmp = pX^3 */
    if (mp_mul_d(&pt->x, 3, &tmp2) != MP_OKAY)              { goto error; } /* tmp2 = 3*pX^3 */
    if (mp_sub(&tmp, &tmp2, &tmp) != MP_OKAY)               { goto error; } /* tmp = tmp - tmp2 */
    if (mp_add(&tmp, &p, &tmp) != MP_OKAY)                  { goto error; } /* tmp = tmp + p */
-   if (mp_read_radix(&p, (unsigned char *)sets[idx].prime, 64) != MP_OKAY)  { goto error; } /* p = prime */
+   if (mp_read_radix(&p, (char *)sets[idx].prime, 64) != MP_OKAY)  { goto error; } /* p = prime */
    if (mp_mod(&tmp, &p, &tmp) != MP_OKAY)                  { goto error; } /* tmp = tmp mod p */
 
    /* now find square root */
@@ -935,7 +935,7 @@ int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
       return CRYPT_MEM;
    }
 
-   if (mp_read_radix(&prime, (unsigned char *)sets[private_key->idx].prime, 64) != MP_OKAY)  { goto error; }
+   if (mp_read_radix(&prime, (char *)sets[private_key->idx].prime, 64) != MP_OKAY)  { goto error; }
    if ((res = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime)) != CRYPT_OK) { goto done1; }
 
    x = (unsigned long)mp_unsigned_bin_size(&result->x);

ecc_sys.c

@@ -238,7 +238,7 @@ int ecc_sign_hash(const unsigned char *in,  unsigned long inlen,
       ecc_free(&pubkey);
       return CRYPT_MEM;
    }
-   if (mp_read_radix(&p, (unsigned char *)sets[key->idx].order, 64) != MP_OKAY)     { goto error; }
+   if (mp_read_radix(&p, (char *)sets[key->idx].order, 64) != MP_OKAY)     { goto error; }
    if (mp_read_unsigned_bin(&b, (unsigned char *)in, (int)inlen) != MP_OKAY)        { goto error; }
 
    /* find b = (m - x)/k */
@@ -389,7 +389,7 @@ int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
    if (mp_read_unsigned_bin(&m, (unsigned char *)hash, (int)inlen) != MP_OKAY)     { goto error; }
    
    /* load prime */
-   if (mp_read_radix(&p, (unsigned char *)sets[key->idx].prime, 64) != MP_OKAY)    { goto error; }
+   if (mp_read_radix(&p, (char *)sets[key->idx].prime, 64) != MP_OKAY)    { goto error; }
    
    /* calculate barrett stuff */
    mp_set(&mu, 1); 
@@ -406,8 +406,8 @@ int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
    if (add_point(&pubkey.pubkey, &key->pubkey, &pubkey.pubkey, &p, &mu) != CRYPT_OK)    { goto error; }
 
    /* get mG */
-   if (mp_read_radix(&mG->x, (unsigned char *)sets[key->idx].Gx, 64) != MP_OKAY)   { goto error; }
-   if (mp_read_radix(&mG->y, (unsigned char *)sets[key->idx].Gy, 64) != MP_OKAY)   { goto error; }
+   if (mp_read_radix(&mG->x, (char *)sets[key->idx].Gx, 64) != MP_OKAY)   { goto error; }
+   if (mp_read_radix(&mG->y, (char *)sets[key->idx].Gy, 64) != MP_OKAY)   { goto error; }
    if (ecc_mulmod(&m, mG, mG, &p) != CRYPT_OK)                                     { goto error; }
 
    /* compare mG to bA + Y */

makefile

@@ -9,7 +9,7 @@
 # a build. This is easy to remedy though, for those that have problems.
 
 # The version
-VERSION=0.87
+VERSION=0.88
 
 #ch1-01-1
 # Compiler and Linker Names
@@ -28,9 +28,8 @@ CFLAGS += -c -I./ -Wall -Wsign-compare -W -Wno-unused -Wshadow -Werror
 # optimize for SPEED
 #CFLAGS += -O3 -funroll-loops
 
-#add -fomit-frame-pointer.  v3.2 is buggy for certain platforms so this is used for files it is known to work for
-#default is off but you may enable this to get further performance [make sure you run the test suite!]
-#EXT_CFLAGS = -fomit-frame-pointer
+#add -fomit-frame-pointer.  v3.2 is buggy for certain platforms!
+#CFLAGS += -fomit-frame-pointer
 
 # optimize for SIZE
 CFLAGS += -Os
@@ -48,6 +47,8 @@ HASH=hashsum
 CRYPT=encrypt
 SMALL=small
 PROF=x86_prof
+TV=tv_gen
+
 
 #LIBPATH-The directory for libtomcrypt to be installed to.
 #INCPATH-The directory to install the header files for libtomcrypt.
@@ -58,17 +59,22 @@ INCPATH=/usr/include
 DATAPATH=/usr/share/doc/libtomcrypt/pdf
 
 #List of objects to compile.
+
+#Leave MPI built-in or force developer to link against libtommath?
+MPIOBJECT=mpi.o
+
 OBJECTS=keyring.o gf.o mem.o sprng.o ecc.o base64.o dh.o rsa.o \
 bits.o yarrow.o cfb.o ofb.o ecb.o ctr.o cbc.o hash.o tiger.o sha1.o \
 md5.o md4.o md2.o sha256.o sha512.o xtea.o aes.o des.o \
 safer_tab.o safer.o safer+.o rc4.o rc2.o rc6.o rc5.o cast5.o noekeon.o blowfish.o crypt.o \
-mpi.o prime.o twofish.o packet.o hmac.o strings.o 
+prime.o twofish.o packet.o hmac.o strings.o $(MPIOBJECT)
 
 TESTOBJECTS=demos/test.o
 HASHOBJECTS=demos/hashsum.o
 CRYPTOBJECTS=demos/encrypt.o
 SMALLOBJECTS=demos/small.o
 PROFS=demos/x86_prof.o
+TVS=demos/tv_gen.o
 
 #Files left over from making the crypt.pdf.
 LEFTOVERS=*.dvi *.log *.aux *.toc *.idx *.ilg *.ind
@@ -91,45 +97,8 @@ dh.o: dh.c dh_sys.c
 aes.o: aes.c aes_tab.c
 sha512.o: sha512.c sha384.c
 
-#These are objects that are known to build with -fomit-frame-pointer successfully [RISK!]
-aes.o: aes.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c aes.c
-
-blowfish.o: blowfish.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c blowfish.c
-	
-cast5.o: cast5.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c cast5.c
-	
-des.o: des.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c des.c
-	
-twofish.o: twofish.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c twofish.c
-	
-md2.o: md2.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c md2.c
-
-md4.o: md4.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c md4.c
-	
-md5.o: md5.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c md5.c
-
-sha1.o: sha1.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c sha1.c
-	
-sha256.o: sha256.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c sha256.c
-
-sha512.o: sha512.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c sha512.c
-	
-tiger.o: tiger.c
-	$(CC) $(CFLAGS) $(EXT_CFLAGS) -c tiger.c
-
 #This rule makes the libtomcrypt library.
-library: $(OBJECTS) 
+library: $(OBJECTS)
 	$(AR) $(ARFLAGS) $(LIBNAME) $(OBJECTS)
 	ranlib $(LIBNAME)
 
@@ -150,7 +119,10 @@ small: library $(SMALLOBJECTS)
 	$(CC) $(SMALLOBJECTS) $(LIBNAME) -o $(SMALL) $(WARN)
 	
 x86_prof: library $(PROFS)
-	$(CC) demos/x86_prof.o $(LIBNAME) -o $(PROF)
+	$(CC) $(PROFS) $(LIBNAME) -o $(PROF)
+
+tv_gen: library $(TVS)
+	$(CC) $(TVS) $(LIBNAME) -o $(TV)
 
 #This rule installs the library and the header files. This must be run
 #as root in order to have a high enough permission to write to the correct
@@ -167,8 +139,8 @@ install: library docs
 #documentation.
 clean:
 	rm -f $(OBJECTS) $(TESTOBJECTS) $(HASHOBJECTS) $(CRYPTOBJECTS) $(SMALLOBJECTS) $(LEFTOVERS) $(LIBNAME)
-	rm -f $(TEST) $(HASH) $(COMPRESSED)
-	rm -f *stackdump *.lib *.exe *.obj demos/*.obj demos/*.o *.bat
+	rm -f $(TEST) $(HASH) $(COMPRESSED) $(PROFS) $(PROF) $(TVS) $(TV)
+	rm -f *stackdump *.lib *.exe *.obj demos/*.obj demos/*.o *.bat hash_tv.txt cipher_tv.txt
 
 #This builds the crypt.pdf file. Note that the rm -f *.pdf has been removed
 #from the clean command! This is because most people would like to keep the
@@ -181,6 +153,12 @@ docs: crypt.tex
 	pdflatex crypt > /dev/null
 	rm -f $(LEFTOVERS)
        
+#beta
+beta: clean
+	cd .. ; rm -rf crypt* libtomcrypt-$(VERSION)-beta ; mkdir libtomcrypt-$(VERSION)-beta ; \
+	cp -R ./libtomcrypt/* ./libtomcrypt-$(VERSION)-beta/ ; tar -c libtomcrypt-$(VERSION)-beta/* > crypt-$(VERSION)-beta.tar ; \
+	bzip2 -9vv crypt-$(VERSION)-beta.tar ; zip -9 -r crypt-$(VERSION)-beta.zip libtomcrypt-$(VERSION)-beta/*
+
 #zipup the project (take that!)
 zipup: clean docs
 	cd .. ; rm -rf crypt* libtomcrypt-$(VERSION) ; mkdir libtomcrypt-$(VERSION) ; \

makefile.msvc

@@ -12,7 +12,7 @@ OBJECTS=keyring.obj gf.obj mem.obj sprng.obj ecc.obj base64.obj dh.obj rsa.obj \
 bits.obj yarrow.obj cfb.obj ofb.obj ecb.obj ctr.obj cbc.obj hash.obj tiger.obj sha1.obj \
 md5.obj md4.obj md2.obj sha256.obj sha512.obj xtea.obj aes.obj des.obj \
 safer_tab.obj safer.obj safer+.obj rc4.obj rc2.obj rc6.obj rc5.obj cast5.obj noekeon.obj \
-blowfish.obj crypt.obj mpi.obj prime.obj twofish.obj packet.obj hmac.obj strings.obj 
+blowfish.obj crypt.obj mpi.obj prime.obj twofish.obj packet.obj hmac.obj strings.obj
 
 library: $(OBJECTS)
 	lib /out:tomcrypt.lib $(OBJECTS)
@@ -24,4 +24,7 @@ test: library test.obj
 	cl test.obj tomcrypt.lib advapi32.lib	
 	
 x86_prof: demos/x86_prof.c library
-	cl $(CFLAGS) demos/x86_prof.c tomcrypt.lib advapi32.lib 
+	cl $(CFLAGS) demos/x86_prof.c tomcrypt.lib advapi32.lib 
+
+tv_gen: demos/tv_gen.c library
+	cl $(CFLAGS) demos/tv_gen.c tomcrypt.lib advapi32.lib 

md5.c

@@ -20,16 +20,16 @@ const struct _hash_descriptor md5_desc =
 #define I(x,y,z)  (y^(x|(~z)))
 
 #define FF(a,b,c,d,M,s,t) \
-    a = (a + F(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
+    a = (a + F(b,c,d) + M + t); a = ROL(a, s) + b;
 
 #define GG(a,b,c,d,M,s,t) \
-    a = (a + G(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
+    a = (a + G(b,c,d) + M + t); a = ROL(a, s) + b;
 
 #define HH(a,b,c,d,M,s,t) \
-    a = (a + H(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
+    a = (a + H(b,c,d) + M + t); a = ROL(a, s) + b;
 
 #define II(a,b,c,d,M,s,t) \
-    a = (a + I(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
+    a = (a + I(b,c,d) + M + t); a = ROL(a, s) + b;
 
 #ifdef CLEAN_STACK
 static void _md5_compress(hash_state *md)

mycrypt.h

@@ -16,8 +16,8 @@ extern "C" {
 #endif
 
 /* version */
-#define CRYPT   0x0086
-#define SCRYPT  "0.86"
+#define CRYPT   0x0088
+#define SCRYPT  "0.88"
 
 /* max size of either a cipher/hash block or symmetric key [largest of the two] */
 #define MAXBLOCKSIZE           128

mycrypt_cipher.h

@@ -5,21 +5,21 @@
  */
 #ifdef BLOWFISH
 struct blowfish_key {
-   unsigned long S[4][256];
-   unsigned long K[18];
+   ulong32 S[4][256];
+   ulong32 K[18];
 };
 #endif
 
 #ifdef RC5
 struct rc5_key {
    int rounds;
-   unsigned long K[50];
+   ulong32 K[50];
 };
 #endif
 
 #ifdef RC6
 struct rc6_key {
-   unsigned long K[44];
+   ulong32 K[44];
 };
 #endif
 
@@ -32,7 +32,7 @@ struct saferp_key {
 
 #ifdef RIJNDAEL
 struct rijndael_key {
-   unsigned long eK[64], dK[64];
+   ulong32 eK[64], dK[64];
    int Nr;
 };
 #endif
@@ -46,11 +46,11 @@ struct xtea_key {
 #ifdef TWOFISH
 #ifndef TWOFISH_SMALL
    struct twofish_key {
-      unsigned long S[4][256], K[40];
+      ulong32 S[4][256], K[40];
    };
 #else
    struct twofish_key {
-      unsigned long K[40];
+      ulong32 K[40];
       unsigned char S[32], start;
    };
 #endif
@@ -75,23 +75,23 @@ struct rc2_key { unsigned xkey[64]; };
 
 #ifdef DES
 struct des_key {
-    unsigned long ek[32], dk[32];
+    ulong32 ek[32], dk[32];
 };
 
 struct des3_key {
-    unsigned long ek[3][32], dk[3][32];
+    ulong32 ek[3][32], dk[3][32];
 };
 #endif
 
 #ifdef CAST5
 struct cast5_key {
-    unsigned long K[32], keylen;
+    ulong32 K[32], keylen;
 };
 #endif
 
 #ifdef NOEKEON
 struct noekeon_key {
-    unsigned long K[4], dK[4];
+    ulong32 K[4], dK[4];
 };
 #endif
 

mycrypt_custom.h

@@ -15,9 +15,8 @@
 #define XFREE free
 #define XCLOCK clock
 #define XCLOCKS_PER_SEC CLOCKS_PER_SEC
-#define TWOFISH_TABLES
-//#define SMALL_CODE
 #define LTC_TEST
+#define SMALL_CODE
 #define BLOWFISH
 #define RC2
 #define RC5
@@ -25,6 +24,7 @@
 #define SAFERP
 #define SAFER
 #define RIJNDAEL
+#define SERPENT
 #define XTEA
 #define TWOFISH
 #define DES

mycrypt_macros.h

@@ -7,6 +7,11 @@
    typedef unsigned long long ulong64;
 #endif
 
+/* this is the "32-bit at least" data type 
+ * Re-define it to suit your platform but it must be at least 32-bits 
+ */
+typedef unsigned long ulong32;
+
 extern char *crypt_error;
 
 /* ---- HELPER MACROS ---- */

noekeon.c

@@ -15,7 +15,7 @@ const struct _cipher_descriptor noekeon_desc =
     &noekeon_keysize
 };
 
-static const unsigned long RC[] = {
+static const ulong32 RC[] = {
    0x00000080UL, 0x0000001bUL, 0x00000036UL, 0x0000006cUL,
    0x000000d8UL, 0x000000abUL, 0x0000004dUL, 0x0000009aUL,
    0x0000002fUL, 0x0000005eUL, 0x000000bcUL, 0x00000063UL,
@@ -54,7 +54,7 @@ static const unsigned long RC[] = {
     
 int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
 {
-   unsigned long temp;
+   ulong32 temp;
    
    _ARGCHK(key != NULL);
    _ARGCHK(skey != NULL);
@@ -88,7 +88,7 @@ static void _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sym
 void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 #endif
 {
-   unsigned long a,b,c,d,temp;
+   ulong32 a,b,c,d,temp;
    int r;
 
    _ARGCHK(key != NULL);
@@ -105,11 +105,9 @@ void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
        GAMMA(a,b,c,d); \
        PI2(a,b,c,d);
 
-   for (r = 0; r < 16; r += 4) {
+   for (r = 0; r < 16; r += 2) {
        ROUND(0);
        ROUND(1);
-       ROUND(2);
-       ROUND(3);
    }
 
 #undef ROUND
@@ -125,7 +123,7 @@ void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
 void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 {
    _noekeon_ecb_encrypt(pt, ct, key);
-   burn_stack(sizeof(unsigned long) * 5 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 5 + sizeof(int));
 }
 #endif
 
@@ -135,7 +133,7 @@ static void _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sym
 void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 #endif
 {
-   unsigned long a,b,c,d, temp;
+   ulong32 a,b,c,d, temp;
    int r;
 
    _ARGCHK(key != NULL);
@@ -170,7 +168,7 @@ void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
 void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 {
    _noekeon_ecb_decrypt(ct, pt, key);
-   burn_stack(sizeof(unsigned long) * 5 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 5 + sizeof(int));
 }
 #endif
 

rc5.c

@@ -14,16 +14,27 @@ const struct _cipher_descriptor rc5_desc =
     &rc5_keysize
 };
 
+static const ulong32 stab[50] = {
+0xb7e15163UL, 0x5618cb1cUL, 0xf45044d5UL, 0x9287be8eUL, 0x30bf3847UL, 0xcef6b200UL, 0x6d2e2bb9UL, 0x0b65a572UL,
+0xa99d1f2bUL, 0x47d498e4UL, 0xe60c129dUL, 0x84438c56UL, 0x227b060fUL, 0xc0b27fc8UL, 0x5ee9f981UL, 0xfd21733aUL,
+0x9b58ecf3UL, 0x399066acUL, 0xd7c7e065UL, 0x75ff5a1eUL, 0x1436d3d7UL, 0xb26e4d90UL, 0x50a5c749UL, 0xeedd4102UL,
+0x8d14babbUL, 0x2b4c3474UL, 0xc983ae2dUL, 0x67bb27e6UL, 0x05f2a19fUL, 0xa42a1b58UL, 0x42619511UL, 0xe0990ecaUL,
+0x7ed08883UL, 0x1d08023cUL, 0xbb3f7bf5UL, 0x5976f5aeUL, 0xf7ae6f67UL, 0x95e5e920UL, 0x341d62d9UL, 0xd254dc92UL,
+0x708c564bUL, 0x0ec3d004UL, 0xacfb49bdUL, 0x4b32c376UL, 0xe96a3d2fUL, 0x87a1b6e8UL, 0x25d930a1UL, 0xc410aa5aUL,
+0x62482413UL, 0x007f9dccUL
+};
+
 #ifdef CLEAN_STACK
 static int _rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
 #else
 int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
 #endif
 {
-    unsigned long L[64], S[50], A, B, i, j, v, s, t, l;
+    ulong32 L[64], *S, A, B, i, j, v, s, t, l;
 
     _ARGCHK(skey != NULL);
     _ARGCHK(key != NULL);
+    
 
     /* test parameters */
     if (num_rounds == 0) { 
@@ -38,10 +49,13 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
     if (keylen < 8 || keylen > 128) {
        return CRYPT_INVALID_KEYSIZE;
     }
+    
+    skey->rc5.rounds = num_rounds;
+    S = skey->rc5.K;
 
     /* copy the key into the L array */
-    for (A = i = j = 0; i < (unsigned long)keylen; ) { 
-        A = (A << 8) | ((unsigned long)(key[i++] & 255));
+    for (A = i = j = 0; i < (ulong32)keylen; ) { 
+        A = (A << 8) | ((ulong32)(key[i++] & 255));
         if ((i & 3) == 0) {
            L[j++] = BSWAP(A);
            A = 0;
@@ -49,14 +63,13 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
     }
 
     if ((keylen & 3) != 0) { 
-       A <<= (unsigned long)((8 * (4 - (keylen&3)))); 
+       A <<= (ulong32)((8 * (4 - (keylen&3)))); 
        L[j++] = BSWAP(A);
     }
 
     /* setup the S array */
-    t = (unsigned long)(2 * (num_rounds + 1));
-    S[0] = 0xB7E15163UL;
-    for (i = 1; i < t; i++) S[i] = S[i - 1] + 0x9E3779B9UL;
+    t = (ulong32)(2 * (num_rounds + 1));
+    memcpy(S, stab, t * sizeof(stab[0]));
 
     /* mix buffer */
     s = 3 * MAX(t, j);
@@ -64,15 +77,9 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
     for (A = B = i = j = v = 0; v < s; v++) { 
         A = S[i] = ROL(S[i] + A + B, 3);
         B = L[j] = ROL(L[j] + A + B, (A+B));
-        i = (i + 1) % t;
-        j = (j + 1) % l;
-    }
-    
-    /* copy to key */
-    for (i = 0; i < t; i++) {
-        skey->rc5.K[i] = S[i];
+        if (++i == t) { i = 0; }
+        if (++j == l) { j = 0; }
     }
-    skey->rc5.rounds = num_rounds;
     return CRYPT_OK;
 }
 
@@ -81,7 +88,7 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
 {
    int x;
    x = _rc5_setup(key, keylen, num_rounds, skey);
-   burn_stack(sizeof(unsigned long) * 122 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 122 + sizeof(int));
    return x;
 }
 #endif
@@ -92,7 +99,7 @@ static void _rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetr
 void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 #endif
 {
-   unsigned long A, B, *K;
+   ulong32 A, B, *K;
    int r;
    _ARGCHK(key != NULL);
    _ARGCHK(pt != NULL);
@@ -127,7 +134,7 @@ void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
 void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 {
    _rc5_ecb_encrypt(pt, ct, key);
-   burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 2 + sizeof(int));
 }
 #endif
 
@@ -137,7 +144,7 @@ static void _rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetr
 void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 #endif
 {
-   unsigned long A, B, *K;
+   ulong32 A, B, *K;
    int r;
    _ARGCHK(key != NULL);
    _ARGCHK(pt != NULL);
@@ -173,7 +180,7 @@ void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
 void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 {
    _rc5_ecb_decrypt(ct, pt, key);
-   burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 2 + sizeof(int));
 }
 #endif
 

rc6.c

@@ -14,13 +14,21 @@ const struct _cipher_descriptor rc6_desc =
     &rc6_keysize
 };
 
+static const ulong32 stab[44] = {
+0xb7e15163UL, 0x5618cb1cUL, 0xf45044d5UL, 0x9287be8eUL, 0x30bf3847UL, 0xcef6b200UL, 0x6d2e2bb9UL, 0x0b65a572UL,
+0xa99d1f2bUL, 0x47d498e4UL, 0xe60c129dUL, 0x84438c56UL, 0x227b060fUL, 0xc0b27fc8UL, 0x5ee9f981UL, 0xfd21733aUL,
+0x9b58ecf3UL, 0x399066acUL, 0xd7c7e065UL, 0x75ff5a1eUL, 0x1436d3d7UL, 0xb26e4d90UL, 0x50a5c749UL, 0xeedd4102UL,
+0x8d14babbUL, 0x2b4c3474UL, 0xc983ae2dUL, 0x67bb27e6UL, 0x05f2a19fUL, 0xa42a1b58UL, 0x42619511UL, 0xe0990ecaUL,
+0x7ed08883UL, 0x1d08023cUL, 0xbb3f7bf5UL, 0x5976f5aeUL, 0xf7ae6f67UL, 0x95e5e920UL, 0x341d62d9UL, 0xd254dc92UL,
+0x708c564bUL, 0x0ec3d004UL, 0xacfb49bdUL, 0x4b32c376UL };
+
 #ifdef CLEAN_STACK
 static int _rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
 #else
 int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
 #endif
 {
-    unsigned long L[64], S[50], A, B, i, j, v, s, t, l;
+    ulong32 L[64], S[50], A, B, i, j, v, s, l;
 
     _ARGCHK(key != NULL);
     _ARGCHK(skey != NULL);
@@ -36,8 +44,8 @@ int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
     }
 
     /* copy the key into the L array */
-    for (A = i = j = 0; i < (unsigned long)keylen; ) { 
-        A = (A << 8) | ((unsigned long)(key[i++] & 255));
+    for (A = i = j = 0; i < (ulong32)keylen; ) { 
+        A = (A << 8) | ((ulong32)(key[i++] & 255));
         if (!(i & 3)) {
            L[j++] = BSWAP(A);
            A = 0;
@@ -51,23 +59,20 @@ int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
     }
 
     /* setup the S array */
-    t = 44;                                     /* fixed at 20 rounds */
-    S[0] = 0xB7E15163UL;
-    for (i = 1; i < t; i++) 
-        S[i] = S[i - 1] + 0x9E3779B9UL;
+    memcpy(S, stab, 44 * sizeof(stab[0]));
 
     /* mix buffer */
-    s = 3 * MAX(t, j);
+    s = 3 * MAX(44, j);
     l = j;
     for (A = B = i = j = v = 0; v < s; v++) { 
         A = S[i] = ROL(S[i] + A + B, 3);
         B = L[j] = ROL(L[j] + A + B, (A+B));
-        i = (i + 1) % t;
-        j = (j + 1) % l;
+        if (++i == 44) { i = 0; }
+        if (++j == l)  { j = 0; }
     }
     
     /* copy to key */
-    for (i = 0; i < t; i++) { 
+    for (i = 0; i < 44; i++) { 
         skey->rc6.K[i] = S[i];
     }
     return CRYPT_OK;
@@ -78,7 +83,7 @@ int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
 {
    int x;
    x = _rc6_setup(key, keylen, num_rounds, skey);
-   burn_stack(sizeof(unsigned long) * 122);
+   burn_stack(sizeof(ulong32) * 122);
    return x;
 }
 #endif
@@ -89,7 +94,7 @@ static void _rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetr
 void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 #endif
 {
-   unsigned long a,b,c,d,t,u, *K;
+   ulong32 a,b,c,d,t,u, *K;
    int r;
    
    _ARGCHK(key != NULL);
@@ -125,7 +130,7 @@ void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
 void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 {
    _rc6_ecb_encrypt(pt, ct, key);
-   burn_stack(sizeof(unsigned long) * 6 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 6 + sizeof(int));
 }
 #endif
 
@@ -135,7 +140,7 @@ static void _rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetr
 void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 #endif
 {
-   unsigned long a,b,c,d,t,u, *K;
+   ulong32 a,b,c,d,t,u, *K;
    int r;
 
    _ARGCHK(key != NULL);
@@ -172,7 +177,7 @@ void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
 void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 {
    _rc6_ecb_decrypt(ct, pt, key);
-   burn_stack(sizeof(unsigned long) * 6 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 6 + sizeof(int));
 }
 #endif
 

safer+.c

@@ -190,7 +190,7 @@ static const unsigned char safer_bias[33][16] = {
 
 int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
 {
-   unsigned x, y;
+   unsigned x, y, z;
    unsigned char t[33];
    static const int rounds[3] = { 8, 12, 16 };
 
@@ -231,8 +231,10 @@ int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric
            }
 
            /* select and add */
+           z = x;
            for (y = 0; y < 16; y++) {
-               skey->saferp.K[x][y] = (t[(x+y)%17] + safer_bias[x-1][y]) & 255;
+               skey->saferp.K[x][y] = (t[z] + safer_bias[x-1][y]) & 255;
+               if (++z == 17) { z = 0; }
            }
        }
        skey->saferp.rounds = 8;
@@ -256,8 +258,10 @@ int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric
            }
 
            /* select and add */
+           z = x;
            for (y = 0; y < 16; y++) { 
-               skey->saferp.K[x][y] = (t[(x+y)%25] + safer_bias[x-1][y]) & 255;
+               skey->saferp.K[x][y] = (t[z] + safer_bias[x-1][y]) & 255;
+               if (++z == 25) { z = 0; }
            }
        }
        skey->saferp.rounds = 12;
@@ -281,8 +285,10 @@ int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric
            }
            
            /* select and add */
+           z = x;
            for (y = 0; y < 16; y++) {
-               skey->saferp.K[x][y] = (t[(x+y)%33] + safer_bias[x-1][y]) & 255;
+               skey->saferp.K[x][y] = (t[z] + safer_bias[x-1][y]) & 255;
+               if (++z == 33) { z = 0; }
            }
        }
        skey->saferp.rounds = 16;

safer.c

@@ -91,7 +91,7 @@ static void Safer_Expand_Userkey(const unsigned char *userkey_1,
                                  int strengthened,
                                  safer_key_t key)
 #endif
-{   unsigned int i, j;
+{   unsigned int i, j, k;
     unsigned char ka[SAFER_BLOCK_LEN + 1];
     unsigned char kb[SAFER_BLOCK_LEN + 1];
 
@@ -100,6 +100,7 @@ static void Safer_Expand_Userkey(const unsigned char *userkey_1,
     *key++ = (unsigned char)nof_rounds;
     ka[SAFER_BLOCK_LEN] = (unsigned char)0;
     kb[SAFER_BLOCK_LEN] = (unsigned char)0;
+    k = 0;
     for (j = 0; j < SAFER_BLOCK_LEN; j++) {
         ka[j] = ROL8(userkey_1[j], 5);
         ka[SAFER_BLOCK_LEN] ^= ka[j];
@@ -111,18 +112,28 @@ static void Safer_Expand_Userkey(const unsigned char *userkey_1,
             ka[j] = ROL8(ka[j], 6);
             kb[j] = ROL8(kb[j], 6);
         }
+        if (strengthened) {
+           k = 2 * i - 1;
+           while (k >= (SAFER_BLOCK_LEN + 1)) { k -= SAFER_BLOCK_LEN + 1; }
+        }
         for (j = 0; j < SAFER_BLOCK_LEN; j++) {
             if (strengthened) {
-                *key++ = (ka[(j + 2 * i - 1) % (SAFER_BLOCK_LEN + 1)]
+                *key++ = (ka[k]
                                 + safer_ebox[(int)safer_ebox[(int)((18 * i + j + 1)&0xFF)]]) & 0xFF;
+                if (++k == (SAFER_BLOCK_LEN + 1)) { k = 0; }
             } else {
                 *key++ = (ka[j] + safer_ebox[(int)safer_ebox[(int)((18 * i + j + 1)&0xFF)]]) & 0xFF;
             }
         }
+        if (strengthened) {
+           k = 2 * i;
+           while (k >= (SAFER_BLOCK_LEN + 1)) { k -= SAFER_BLOCK_LEN + 1; }
+        }
         for (j = 0; j < SAFER_BLOCK_LEN; j++) {
             if (strengthened) {
-                *key++ = (kb[(j + 2 * i) % (SAFER_BLOCK_LEN + 1)]
+                *key++ = (kb[k]
                                 + safer_ebox[(int)safer_ebox[(int)((18 * i + j + 10)&0xFF)]]) & 0xFF;
+                if (++k == (SAFER_BLOCK_LEN + 1)) { k = 0; }
             } else {
                 *key++ = (kb[j] + safer_ebox[(int)safer_ebox[(int)((18 * i + j + 10)&0xFF)]]) & 0xFF;
             }

sha1.c

@@ -25,7 +25,7 @@ static void _sha1_compress(hash_state *md)
 static void sha1_compress(hash_state *md)
 #endif
 {
-    unsigned long a,b,c,d,e,W[80],i,j;
+    unsigned long a,b,c,d,e,W[80],i;
 
     _ARGCHK(md != NULL);
 
@@ -43,52 +43,57 @@ static void sha1_compress(hash_state *md)
 
     /* expand it */
     for (i = 16; i < 80; i++) {
-        j = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16]; 
-        W[i] = ROL(j, 1);
+        W[i] = ROL(W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16], 1); 
     }
 
 
     /* compress */
     /* round one */
-    for (i = 0;  i < 20; i++)  { 
-        j = (ROL(a, 5) + F0(b,c,d) + e + W[i] + 0x5a827999UL); 
-        e = d; 
-        d = c; 
-        c = ROL(b, 30); 
-        b = a; 
-        a = j; 
+    #define FF0(a,b,c,d,e,i) e = (ROL(a, 5) + F0(b,c,d) + e + W[i] + 0x5a827999UL); b = ROL(b, 30);
+    #define FF1(a,b,c,d,e,i) e = (ROL(a, 5) + F1(b,c,d) + e + W[i] + 0x6ed9eba1UL); b = ROL(b, 30);
+    #define FF2(a,b,c,d,e,i) e = (ROL(a, 5) + F2(b,c,d) + e + W[i] + 0x8f1bbcdcUL); b = ROL(b, 30);
+    #define FF3(a,b,c,d,e,i) e = (ROL(a, 5) + F3(b,c,d) + e + W[i] + 0xca62c1d6UL); b = ROL(b, 30);
+ 
+    for (i = 0; i < 20; ) {
+       FF0(a,b,c,d,e,i++);
+       FF0(e,a,b,c,d,i++);
+       FF0(d,e,a,b,c,i++);
+       FF0(c,d,e,a,b,i++);
+       FF0(b,c,d,e,a,i++);
     }
 
     /* round two */
-    for (i = 20; i < 40; i++)  { 
-        j = (ROL(a, 5) + F1(b,c,d) + e + W[i] + 0x6ed9eba1UL); 
-        e = d; 
-        d = c; 
-        c = ROL(b, 30); 
-        b = a; 
-        a = j; 
+    for (i = 20; i < 40; )  { 
+       FF1(a,b,c,d,e,i++);
+       FF1(e,a,b,c,d,i++);
+       FF1(d,e,a,b,c,i++);
+       FF1(c,d,e,a,b,i++);
+       FF1(b,c,d,e,a,i++);
     }
 
     /* round three */
-    for (i = 40; i < 60; i++)  { 
-        j = (ROL(a, 5) + F2(b,c,d) + e + W[i] + 0x8f1bbcdcUL); 
-        e = d; 
-        d = c; 
-        c = ROL(b, 30); 
-        b = a; 
-        a = j; 
+    for (i = 40; i < 60; )  { 
+       FF2(a,b,c,d,e,i++);
+       FF2(e,a,b,c,d,i++);
+       FF2(d,e,a,b,c,i++);
+       FF2(c,d,e,a,b,i++);
+       FF2(b,c,d,e,a,i++);
     }
 
     /* round four */
-    for (i = 60; i < 80; i++)  { 
-        j = (ROL(a, 5) + F3(b,c,d) + e + W[i] + 0xca62c1d6UL);
-        e = d;
-        d = c;
-        c = ROL(b, 30);
-        b = a;
-        a = j;
+    for (i = 60; i < 80; )  { 
+       FF3(a,b,c,d,e,i++);
+       FF3(e,a,b,c,d,i++);
+       FF3(d,e,a,b,c,i++);
+       FF3(c,d,e,a,b,i++);
+       FF3(b,c,d,e,a,i++);
     }
 
+    #undef FF0
+    #undef FF1
+    #undef FF2
+    #undef FF3
+
     /* store */
     md->sha1.state[0] = md->sha1.state[0] + a;
     md->sha1.state[1] = md->sha1.state[1] + b;

sha256.c

@@ -54,8 +54,9 @@ static void sha256_compress(hash_state * md)
     _ARGCHK(md != NULL);
 
     /* copy state into S */
-    for (i = 0; i < 8; i++)
+    for (i = 0; i < 8; i++) {
         S[i] = md->sha256.state[i];
+    }
 
     /* copy the state into 512-bits into W[0..15] */
     for (i = 0; i < 16; i++) {
@@ -68,6 +69,7 @@ static void sha256_compress(hash_state * md)
     }        
 
     /* Compress */
+#ifdef SMALL_CODE   
     for (i = 0; i < 64; i++) {
         t0 = S[7] + Sigma1(S[4]) + Ch(S[4], S[5], S[6]) + K[i] + W[i];
         t1 = Sigma0(S[0]) + Maj(S[0], S[1], S[2]);
@@ -80,6 +82,81 @@ static void sha256_compress(hash_state * md)
         S[1] = S[0];
         S[0] = t0 + t1;
     }
+#else 
+#define RND(a,b,c,d,e,f,g,h,i,ki)                    \
+     t0 = h + Sigma1(e) + Ch(e, f, g) + ki + W[i];   \
+     t1 = Sigma0(a) + Maj(a, b, c);                  \
+     d += t0;                                        \
+     h  = t0 + t1;
+
+    RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],0,0x428a2f98);
+    RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],1,0x71374491);
+    RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],2,0xb5c0fbcf);
+    RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],3,0xe9b5dba5);
+    RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],4,0x3956c25b);
+    RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],5,0x59f111f1);
+    RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],6,0x923f82a4);
+    RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],7,0xab1c5ed5);
+    RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],8,0xd807aa98);
+    RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],9,0x12835b01);
+    RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],10,0x243185be);
+    RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],11,0x550c7dc3);
+    RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],12,0x72be5d74);
+    RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],13,0x80deb1fe);
+    RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],14,0x9bdc06a7);
+    RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],15,0xc19bf174);
+    RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],16,0xe49b69c1);
+    RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],17,0xefbe4786);
+    RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],18,0x0fc19dc6);
+    RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],19,0x240ca1cc);
+    RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],20,0x2de92c6f);
+    RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],21,0x4a7484aa);
+    RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],22,0x5cb0a9dc);
+    RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],23,0x76f988da);
+    RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],24,0x983e5152);
+    RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],25,0xa831c66d);
+    RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],26,0xb00327c8);
+    RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],27,0xbf597fc7);
+    RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],28,0xc6e00bf3);
+    RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],29,0xd5a79147);
+    RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],30,0x06ca6351);
+    RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],31,0x14292967);
+    RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],32,0x27b70a85);
+    RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],33,0x2e1b2138);
+    RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],34,0x4d2c6dfc);
+    RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],35,0x53380d13);
+    RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],36,0x650a7354);
+    RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],37,0x766a0abb);
+    RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],38,0x81c2c92e);
+    RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],39,0x92722c85);
+    RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],40,0xa2bfe8a1);
+    RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],41,0xa81a664b);
+    RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],42,0xc24b8b70);
+    RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],43,0xc76c51a3);
+    RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],44,0xd192e819);
+    RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],45,0xd6990624);
+    RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],46,0xf40e3585);
+    RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],47,0x106aa070);
+    RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],48,0x19a4c116);
+    RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],49,0x1e376c08);
+    RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],50,0x2748774c);
+    RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],51,0x34b0bcb5);
+    RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],52,0x391c0cb3);
+    RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],53,0x4ed8aa4a);
+    RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],54,0x5b9cca4f);
+    RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],55,0x682e6ff3);
+    RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],56,0x748f82ee);
+    RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],57,0x78a5636f);
+    RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],58,0x84c87814);
+    RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],59,0x8cc70208);
+    RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],60,0x90befffa);
+    RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],61,0xa4506ceb);
+    RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],62,0xbef9a3f7);
+    RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],63,0xc67178f2);
+
+#undef RND     
+    
+#endif     
 
     /* feedback */
     for (i = 0; i < 8; i++) {

sha512.c

@@ -95,6 +95,7 @@ static void sha512_compress(hash_state * md)
     }        
 
     /* Compress */
+#ifdef SMALL_CODE
     for (i = 0; i < 80; i++) {
         t0 = S[7] + Sigma1(S[4]) + Ch(S[4], S[5], S[6]) + K[i] + W[i];
         t1 = Sigma0(S[0]) + Maj(S[0], S[1], S[2]);
@@ -107,6 +108,25 @@ static void sha512_compress(hash_state * md)
         S[1] = S[0];
         S[0] = t0 + t1;
     }
+#else
+#define RND(a,b,c,d,e,f,g,h,i)                    \
+     t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i];   \
+     t1 = Sigma0(a) + Maj(a, b, c);                  \
+     d += t0;                                        \
+     h  = t0 + t1;
+
+     for (i = 0; i < 80; i += 8) {
+         RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],i+0);
+         RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],i+1);
+         RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],i+2);
+         RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],i+3);
+         RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],i+4);
+         RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],i+5);
+         RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],i+6);
+         RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],i+7);
+     }
+#endif     
+
 
     /* feedback */
     for (i = 0; i < 8; i++) {

tommath.h

@@ -85,6 +85,7 @@ extern "C" {
    #define DIGIT_BIT          31
 #else
    #define DIGIT_BIT          28
+   #define MP_28BIT
 #endif   
 #endif
 
@@ -120,11 +121,21 @@ extern int KARATSUBA_MUL_CUTOFF,
            TOOM_SQR_CUTOFF;
 
 /* various build options */
-#define MP_PREC                 64      /* default digits of precision (must be power of two) */
+#define MP_PREC                 64     /* default digits of precision (must be power of two) */
 
 /* define this to use lower memory usage routines (exptmods mostly) */
 /* #define MP_LOW_MEM */
 
+/* have no cpu based mult?  */
+/* #define SLOW_MULT */
+
+#ifdef SLOW_MULT
+   #define MULT(x, y) s_mp_mult((x), (y))
+   mp_word s_mp_mult(mp_digit, mp_digit);
+#else
+   #define MULT(x, y) (((mp_word)(x)) * ((mp_word)(y)))
+#endif
+
 /* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */
 #define MP_WARRAY               (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
 
@@ -166,7 +177,7 @@ int mp_init_size(mp_int *a, int size);
 /* ---> Basic Manipulations <--- */
 
 #define mp_iszero(a) (((a)->used == 0) ? 1 : 0)
-#define mp_iseven(a) (((a)->used == 0 || (((a)->dp[0] & 1) == 0)) ? 1 : 0)
+#define mp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? 1 : 0)
 #define mp_isodd(a)  (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? 1 : 0)
 
 /* set to zero */
@@ -213,6 +224,9 @@ int mp_mod_2d(mp_int *a, int b, mp_int *c);
 /* computes a = 2**b */
 int mp_2expt(mp_int *a, int b);
 
+/* Counts the number of lsbs which are zero before the first zero bit */
+int mp_cnt_lsb(mp_int *a);
+
 /* makes a pseudo-random int of a given size */
 int mp_rand(mp_int *a, int digits);
 
@@ -451,6 +465,8 @@ int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int mode);
 int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
 void bn_reverse(unsigned char *s, int len);
 
+extern const char *mp_s_rmap;
+
 #ifdef __cplusplus
    }
 #endif

twofish.c

@@ -101,7 +101,7 @@ static const unsigned char SBOX[2][256] = {
  0x86, 0x56, 0x55, 0x09, 0xbe, 0x91}
 };
 
-static const unsigned long mds_tab[4][256] = {
+static const ulong32 mds_tab[4][256] = {
 {
 0x00000000UL, 0xefef5b01UL, 0xb7b7b602UL, 0x5858ed03UL, 0x07070504UL, 0xe8e85e05UL, 0xb0b0b306UL, 0x5f5fe807UL, 
 0x0e0e0a08UL, 0xe1e15109UL, 0xb9b9bc0aUL, 0x5656e70bUL, 0x09090f0cUL, 0xe6e6540dUL, 0xbebeb90eUL, 0x5151e20fUL, 
@@ -239,7 +239,7 @@ static const unsigned long mds_tab[4][256] = {
 0xc6baf8c6UL, 0x9d55f99dUL, 0x700dfa70UL, 0x2be2fb2bUL, 0xc3bdfcc3UL, 0x9852fd98UL, 0x750afe75UL, 0x2ee5ff2eUL
 }};
 
-#define sbox(i, x) ((unsigned long)SBOX[i][(x)&255])
+#define sbox(i, x) ((ulong32)SBOX[i][(x)&255])
 
 #else
 
@@ -261,9 +261,9 @@ static const unsigned char qbox[2][4][16] = {
 
 /* computes S_i[x] */
 #ifdef CLEAN_STACK
-static unsigned long _sbox(int i, unsigned long x)
+static ulong32 _sbox(int i, ulong32 x)
 #else
-static unsigned long sbox(int i, unsigned long x)
+static ulong32 sbox(int i, ulong32 x)
 #endif
 {
    unsigned char a0,b0,a1,b1,a2,b2,a3,b3,a4,b4,y;
@@ -296,13 +296,13 @@ static unsigned long sbox(int i, unsigned long x)
    y = (b4 << 4) + a4;
 
    /* return result */
-   return (unsigned long)y;
+   return (ulong32)y;
 }
 
 #ifdef CLEAN_STACK
-static unsigned long sbox(int i, unsigned long x)
+static ulong32 sbox(int i, ulong32 x)
 {
-   unsigned long y;
+   ulong32 y;
    y = _sbox(i, x);
    burn_stack(sizeof(unsigned char) * 11);
    return y;
@@ -312,22 +312,22 @@ static unsigned long sbox(int i, unsigned long x)
 #endif /* TWOFISH_TABLES */
 
 /* computes ab mod p */
-static unsigned long gf_mult(unsigned long a, unsigned long b, unsigned long p)
+static ulong32 gf_mult(ulong32 a, ulong32 b, ulong32 p)
 {
-   unsigned long result = 0, B[2], P[2];
+   ulong32 result = 0, B[2], P[2];
    
    P[1] = p;
    B[1] = b;
    P[0] = B[0] = 0;  
    
    /* unrolled branchless GF multiplier */
-   result ^= B[a&1]; a >>= 1;  B[1] <<= 1; B[1] ^= P[B[1]>>8];
-   result ^= B[a&1]; a >>= 1;  B[1] <<= 1; B[1] ^= P[B[1]>>8];
-   result ^= B[a&1]; a >>= 1;  B[1] <<= 1; B[1] ^= P[B[1]>>8];
-   result ^= B[a&1]; a >>= 1;  B[1] <<= 1; B[1] ^= P[B[1]>>8];
-   result ^= B[a&1]; a >>= 1;  B[1] <<= 1; B[1] ^= P[B[1]>>8];
-   result ^= B[a&1]; a >>= 1;  B[1] <<= 1; B[1] ^= P[B[1]>>8];
-   result ^= B[a&1]; a >>= 1;  B[1] <<= 1; B[1] ^= P[B[1]>>8];
+   result ^= B[a&1]; a >>= 1;  B[1] = P[B[1]>>7] ^ (B[1] << 1); 
+   result ^= B[a&1]; a >>= 1;  B[1] = P[B[1]>>7] ^ (B[1] << 1); 
+   result ^= B[a&1]; a >>= 1;  B[1] = P[B[1]>>7] ^ (B[1] << 1); 
+   result ^= B[a&1]; a >>= 1;  B[1] = P[B[1]>>7] ^ (B[1] << 1); 
+   result ^= B[a&1]; a >>= 1;  B[1] = P[B[1]>>7] ^ (B[1] << 1); 
+   result ^= B[a&1]; a >>= 1;  B[1] = P[B[1]>>7] ^ (B[1] << 1); 
+   result ^= B[a&1]; a >>= 1;  B[1] = P[B[1]>>7] ^ (B[1] << 1); 
    result ^= B[a&1]; 
 
    return result;
@@ -335,9 +335,9 @@ static unsigned long gf_mult(unsigned long a, unsigned long b, unsigned long p)
 
 /* computes [y0 y1 y2 y3] = MDS . [x0] */
 #ifndef TWOFISH_TABLES
-static unsigned long mds_column_mult(unsigned char in, int col)
+static ulong32 mds_column_mult(unsigned char in, int col)
 {
-   unsigned long x01, x5B, xEF;
+   ulong32 x01, x5B, xEF;
 
    x01 = in;
    x5B = gf_mult(in, 0x5B, MDS_POLY);
@@ -379,7 +379,7 @@ static unsigned long mds_column_mult(unsigned char in, int col)
 static void mds_mult(const unsigned char *in, unsigned char *out)
 {
   int x;
-  unsigned long tmp;
+  ulong32 tmp;
   for (tmp = x = 0; x < 4; x++) {
       tmp ^= mds_column_mult(in[x], x);
   }
@@ -407,20 +407,20 @@ static void h_func(const unsigned char *in, unsigned char *out, unsigned char *M
 
   switch (k) {
      case 4:
-            y[0] = (unsigned char)(sbox(1, (unsigned long)y[0]) ^ M[4 * (6 + offset) + 0]);
-            y[1] = (unsigned char)(sbox(0, (unsigned long)y[1]) ^ M[4 * (6 + offset) + 1]);
-            y[2] = (unsigned char)(sbox(0, (unsigned long)y[2]) ^ M[4 * (6 + offset) + 2]);
-            y[3] = (unsigned char)(sbox(1, (unsigned long)y[3]) ^ M[4 * (6 + offset) + 3]);
+            y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (6 + offset) + 0]);
+            y[1] = (unsigned char)(sbox(0, (ulong32)y[1]) ^ M[4 * (6 + offset) + 1]);
+            y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (6 + offset) + 2]);
+            y[3] = (unsigned char)(sbox(1, (ulong32)y[3]) ^ M[4 * (6 + offset) + 3]);
      case 3:
-            y[0] = (unsigned char)(sbox(1, (unsigned long)y[0]) ^ M[4 * (4 + offset) + 0]);
-            y[1] = (unsigned char)(sbox(1, (unsigned long)y[1]) ^ M[4 * (4 + offset) + 1]);
-            y[2] = (unsigned char)(sbox(0, (unsigned long)y[2]) ^ M[4 * (4 + offset) + 2]);
-            y[3] = (unsigned char)(sbox(0, (unsigned long)y[3]) ^ M[4 * (4 + offset) + 3]);
+            y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (4 + offset) + 0]);
+            y[1] = (unsigned char)(sbox(1, (ulong32)y[1]) ^ M[4 * (4 + offset) + 1]);
+            y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (4 + offset) + 2]);
+            y[3] = (unsigned char)(sbox(0, (ulong32)y[3]) ^ M[4 * (4 + offset) + 3]);
      case 2:
-            y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, (unsigned long)y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0]));
-            y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, (unsigned long)y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1]));
-            y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, (unsigned long)y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2]));
-            y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, (unsigned long)y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3]));
+            y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, (ulong32)y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0]));
+            y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, (ulong32)y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1]));
+            y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, (ulong32)y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2]));
+            y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, (ulong32)y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3]));
   }
   mds_mult(y, out);
 }
@@ -442,13 +442,13 @@ static void h_func(const unsigned char *in, unsigned char *out, unsigned char *M
 #else
 
 #ifdef CLEAN_STACK
-static unsigned long _g_func(unsigned long x, symmetric_key *key)
+static ulong32 _g_func(ulong32 x, symmetric_key *key)
 #else
-static unsigned long g_func(unsigned long x, symmetric_key *key)
+static ulong32 g_func(ulong32 x, symmetric_key *key)
 #endif
 {
    unsigned char g, i, y, z;
-   unsigned long res;
+   ulong32 res;
 
    res = 0;
    for (y = 0; y < 4; y++) {
@@ -475,11 +475,11 @@ static unsigned long g_func(unsigned long x, symmetric_key *key)
 #define g1_func(x, key) g_func(ROL(x, 8), key)
 
 #ifdef CLEAN_STACK
-static unsigned long g_func(unsigned long x, symmetric_key *key)
+static ulong32 g_func(ulong32 x, symmetric_key *key)
 {
-    unsigned long y;
+    ulong32 y;
     y = _g_func(x, key);
-    burn_stack(sizeof(unsigned char) * 4 + sizeof(unsigned long));
+    burn_stack(sizeof(unsigned char) * 4 + sizeof(ulong32));
     return y;
 }
 #endif /* CLEAN_STACK */
@@ -493,13 +493,13 @@ int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
 #endif
 {
 #ifndef TWOFISH_SMALL
-   unsigned long g;
+   ulong32 g;
    int z, i;
    unsigned char S[4*4];
 #endif
    int k, x, y, start;
    unsigned char tmp[4], tmp2[4], M[8*4];
-   unsigned long A, B;
+   ulong32 A, B;
 
    _ARGCHK(key != NULL);
    _ARGCHK(skey != NULL);
@@ -591,7 +591,7 @@ int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
 {
    int x;
    x = _twofish_setup(key, keylen, num_rounds, skey);
-   burn_stack(sizeof(int) * 7 + sizeof(unsigned char) * 56 + sizeof(unsigned long) * 2);
+   burn_stack(sizeof(int) * 7 + sizeof(unsigned char) * 56 + sizeof(ulong32) * 2);
    return x;
 }
 #endif
@@ -602,10 +602,10 @@ static void _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sym
 void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 #endif
 {
-    unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k;
+    ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k;
     int r;
 #if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
-    unsigned long *S1, *S2, *S3, *S4;
+    ulong32 *S1, *S2, *S3, *S4;
 #endif    
 
     _ARGCHK(pt != NULL);
@@ -656,7 +656,7 @@ void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
 void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
 {
    _twofish_ecb_encrypt(pt, ct, key);
-   burn_stack(sizeof(unsigned long) * 10 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 10 + sizeof(int));
 }
 #endif
 
@@ -666,10 +666,10 @@ static void _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sym
 void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 #endif
 {
-    unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k;
+    ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k;
     int r;
 #if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
-    unsigned long *S1, *S2, *S3, *S4;
+    ulong32 *S1, *S2, *S3, *S4;
 #endif    
 
     _ARGCHK(pt != NULL);
@@ -723,7 +723,7 @@ void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
 void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
 {
    _twofish_ecb_decrypt(ct, pt, key);
-   burn_stack(sizeof(unsigned long) * 10 + sizeof(int));
+   burn_stack(sizeof(ulong32) * 10 + sizeof(int));
 }
 #endif