Merge pull request #238 from libtom/proposal/ltc_pk_part

Re-factor X_import_radix() etc. API's

demos/timing.c

@@ -665,7 +665,11 @@ static const struct {
        for (y = 0; y < 4; y++) {
            t_start();
            t1 = t_read();
-           if ((err = dsa_make_key(&yarrow_prng, find_prng("yarrow"), groups[x].group, groups[x].modulus, &key)) != CRYPT_OK) {
+           if ((err = dsa_generate_pqg(&yarrow_prng, find_prng("yarrow"), groups[x].group, groups[x].modulus, &key)) != CRYPT_OK) {
+              fprintf(stderr, "\n\ndsa_generate_pqg says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
+              exit(EXIT_FAILURE);
+           }
+           if ((err = dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) {
               fprintf(stderr, "\n\ndsa_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
               exit(EXIT_FAILURE);
            }
@@ -898,9 +902,14 @@ static void time_dh(void)
    for (x = sizes[i=0]; x < 100000; x = sizes[++i]) {
        t2 = 0;
        for (y = 0; y < 16; y++) {
+           if((err = dh_set_pg_groupsize(x, &key)) != CRYPT_OK) {
+              fprintf(stderr, "\n\ndh_set_pg_groupsize says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
+              exit(EXIT_FAILURE);
+           }
+
            t_start();
            t1 = t_read();
-           if ((err = dh_make_key(&yarrow_prng, find_prng("yarrow"), x, &key)) != CRYPT_OK) {
+           if ((err = dh_generate_key(&yarrow_prng, find_prng("yarrow"), &key)) != CRYPT_OK) {
               fprintf(stderr, "\n\ndh_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
               exit(EXIT_FAILURE);
            }

libtomcrypt_VS2008.vcproj

@@ -1311,6 +1311,10 @@
 				RelativePath="src\math\multi.c"
 				>
 			</File>
+			<File
+				RelativePath="src\math\radix_to_bin.c"
+				>
+			</File>
 			<File
 				RelativePath="src\math\rand_bn.c"
 				>
@@ -2058,16 +2062,28 @@
 					RelativePath="src\pk\dh\dh_export.c"
 					>
 				</File>
+				<File
+					RelativePath="src\pk\dh\dh_export_key.c"
+					>
+				</File>
 				<File
 					RelativePath="src\pk\dh\dh_free.c"
 					>
 				</File>
+				<File
+					RelativePath="src\pk\dh\dh_generate_key.c"
+					>
+				</File>
 				<File
 					RelativePath="src\pk\dh\dh_import.c"
 					>
 				</File>
 				<File
-					RelativePath="src\pk\dh\dh_make_key.c"
+					RelativePath="src\pk\dh\dh_set.c"
+					>
+				</File>
+				<File
+					RelativePath="src\pk\dh\dh_set_pg_dhparam.c"
 					>
 				</File>
 				<File
@@ -2095,17 +2111,29 @@
 					>
 				</File>
 				<File
-					RelativePath="src\pk\dsa\dsa_import.c"
+					RelativePath="src\pk\dsa\dsa_generate_key.c"
 					>
 				</File>
 				<File
-					RelativePath="src\pk\dsa\dsa_import_radix.c"
+					RelativePath="src\pk\dsa\dsa_generate_pqg.c"
+					>
+				</File>
+				<File
+					RelativePath="src\pk\dsa\dsa_import.c"
 					>
 				</File>
 				<File
 					RelativePath="src\pk\dsa\dsa_make_key.c"
 					>
 				</File>
+				<File
+					RelativePath="src\pk\dsa\dsa_set.c"
+					>
+				</File>
+				<File
+					RelativePath="src\pk\dsa\dsa_set_pqg_dsaparam.c"
+					>
+				</File>
 				<File
 					RelativePath="src\pk\dsa\dsa_shared_secret.c"
 					>
@@ -2327,15 +2355,15 @@
 					>
 				</File>
 				<File
-					RelativePath="src\pk\rsa\rsa_import_radix.c"
+					RelativePath="src\pk\rsa\rsa_import_x509.c"
 					>
 				</File>
 				<File
-					RelativePath="src\pk\rsa\rsa_import_x509.c"
+					RelativePath="src\pk\rsa\rsa_make_key.c"
 					>
 				</File>
 				<File
-					RelativePath="src\pk\rsa\rsa_make_key.c"
+					RelativePath="src\pk\rsa\rsa_set.c"
 					>
 				</File>
 				<File

makefile.mingw

@@ -90,7 +90,7 @@ src/mac/poly1305/poly1305_memory_multi.o src/mac/poly1305/poly1305_test.o src/ma
 src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
 src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
 src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
-src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
+src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
 src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
 src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
 src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
@@ -160,15 +160,18 @@ src/pk/asn1/der/teletex_string/der_length_teletex_string.o \
 src/pk/asn1/der/utctime/der_decode_utctime.o src/pk/asn1/der/utctime/der_encode_utctime.o \
 src/pk/asn1/der/utctime/der_length_utctime.o src/pk/asn1/der/utf8/der_decode_utf8_string.o \
 src/pk/asn1/der/utf8/der_encode_utf8_string.o src/pk/asn1/der/utf8/der_length_utf8_string.o \
-src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_free.o \
-src/pk/dh/dh_import.o src/pk/dh/dh_make_key.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
-src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
-src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
-src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
-src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
-src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o \
-src/pk/ecc/ecc_import.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o \
-src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_export_key.o \
+src/pk/dh/dh_free.o src/pk/dh/dh_generate_key.o src/pk/dh/dh_import.o src/pk/dh/dh_set.o \
+src/pk/dh/dh_set_pg_dhparam.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
+src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
+src/pk/dsa/dsa_generate_key.o src/pk/dsa/dsa_generate_pqg.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o \
+src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
+src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
+src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
+src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
 src/pk/ecc/ltc_ecc_is_valid_idx.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
 src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
 src/pk/ecc/ltc_ecc_projective_add_point.o src/pk/ecc/ltc_ecc_projective_dbl_point.o \
@@ -179,8 +182,8 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
 src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
 src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_radix.o \
-src/pk/rsa/rsa_import_x509.o src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_x509.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_set.o src/pk/rsa/rsa_sign_hash.o \
 src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o src/prngs/chacha20.o src/prngs/fortuna.o \
 src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
 src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
@@ -192,9 +195,9 @@ src/stream/sober128/sober128_test.o
 #List of test objects to compile
 TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
 tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
-tests/modes_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \
-tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \
-tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
+tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
+tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
+tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
 
 #The following headers will be installed by "make install"
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \

makefile.msvc

@@ -83,7 +83,7 @@ src/mac/poly1305/poly1305_memory_multi.obj src/mac/poly1305/poly1305_test.obj sr
 src/mac/xcbc/xcbc_file.obj src/mac/xcbc/xcbc_init.obj src/mac/xcbc/xcbc_memory.obj \
 src/mac/xcbc/xcbc_memory_multi.obj src/mac/xcbc/xcbc_process.obj src/mac/xcbc/xcbc_test.obj \
 src/math/fp/ltc_ecc_fp_mulmod.obj src/math/gmp_desc.obj src/math/ltm_desc.obj src/math/multi.obj \
-src/math/rand_bn.obj src/math/rand_prime.obj src/math/tfm_desc.obj src/misc/adler32.obj \
+src/math/radix_to_bin.obj src/math/rand_bn.obj src/math/rand_prime.obj src/math/tfm_desc.obj src/misc/adler32.obj \
 src/misc/base64/base64_decode.obj src/misc/base64/base64_encode.obj src/misc/burn_stack.obj \
 src/misc/compare_testvector.obj src/misc/crc32.obj src/misc/crypt/crypt.obj src/misc/crypt/crypt_argchk.obj \
 src/misc/crypt/crypt_cipher_descriptor.obj src/misc/crypt/crypt_cipher_is_valid.obj \
@@ -153,15 +153,18 @@ src/pk/asn1/der/teletex_string/der_length_teletex_string.obj \
 src/pk/asn1/der/utctime/der_decode_utctime.obj src/pk/asn1/der/utctime/der_encode_utctime.obj \
 src/pk/asn1/der/utctime/der_length_utctime.obj src/pk/asn1/der/utf8/der_decode_utf8_string.obj \
 src/pk/asn1/der/utf8/der_encode_utf8_string.obj src/pk/asn1/der/utf8/der_length_utf8_string.obj \
-src/pk/dh/dh.obj src/pk/dh/dh_check_pubkey.obj src/pk/dh/dh_export.obj src/pk/dh/dh_free.obj \
-src/pk/dh/dh_import.obj src/pk/dh/dh_make_key.obj src/pk/dh/dh_shared_secret.obj src/pk/dsa/dsa_decrypt_key.obj \
-src/pk/dsa/dsa_encrypt_key.obj src/pk/dsa/dsa_export.obj src/pk/dsa/dsa_free.obj src/pk/dsa/dsa_import.obj \
-src/pk/dsa/dsa_import_radix.obj src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_shared_secret.obj \
-src/pk/dsa/dsa_sign_hash.obj src/pk/dsa/dsa_verify_hash.obj src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj \
-src/pk/ecc/ecc_ansi_x963_export.obj src/pk/ecc/ecc_ansi_x963_import.obj src/pk/ecc/ecc_decrypt_key.obj \
-src/pk/ecc/ecc_encrypt_key.obj src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_free.obj src/pk/ecc/ecc_get_size.obj \
-src/pk/ecc/ecc_import.obj src/pk/ecc/ecc_make_key.obj src/pk/ecc/ecc_shared_secret.obj \
-src/pk/ecc/ecc_sign_hash.obj src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj src/pk/ecc/ecc_verify_hash.obj \
+src/pk/dh/dh.obj src/pk/dh/dh_check_pubkey.obj src/pk/dh/dh_export.obj src/pk/dh/dh_export_key.obj \
+src/pk/dh/dh_free.obj src/pk/dh/dh_generate_key.obj src/pk/dh/dh_import.obj src/pk/dh/dh_set.obj \
+src/pk/dh/dh_set_pg_dhparam.obj src/pk/dh/dh_shared_secret.obj src/pk/dsa/dsa_decrypt_key.obj \
+src/pk/dsa/dsa_encrypt_key.obj src/pk/dsa/dsa_export.obj src/pk/dsa/dsa_free.obj \
+src/pk/dsa/dsa_generate_key.obj src/pk/dsa/dsa_generate_pqg.obj src/pk/dsa/dsa_import.obj \
+src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_set.obj src/pk/dsa/dsa_set_pqg_dsaparam.obj \
+src/pk/dsa/dsa_shared_secret.obj src/pk/dsa/dsa_sign_hash.obj src/pk/dsa/dsa_verify_hash.obj \
+src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj src/pk/ecc/ecc_ansi_x963_export.obj \
+src/pk/ecc/ecc_ansi_x963_import.obj src/pk/ecc/ecc_decrypt_key.obj src/pk/ecc/ecc_encrypt_key.obj \
+src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_free.obj src/pk/ecc/ecc_get_size.obj src/pk/ecc/ecc_import.obj \
+src/pk/ecc/ecc_make_key.obj src/pk/ecc/ecc_shared_secret.obj src/pk/ecc/ecc_sign_hash.obj \
+src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj src/pk/ecc/ecc_verify_hash.obj \
 src/pk/ecc/ltc_ecc_is_valid_idx.obj src/pk/ecc/ltc_ecc_map.obj src/pk/ecc/ltc_ecc_mul2add.obj \
 src/pk/ecc/ltc_ecc_mulmod.obj src/pk/ecc/ltc_ecc_mulmod_timing.obj src/pk/ecc/ltc_ecc_points.obj \
 src/pk/ecc/ltc_ecc_projective_add_point.obj src/pk/ecc/ltc_ecc_projective_dbl_point.obj \
@@ -172,8 +175,8 @@ src/pk/pkcs1/pkcs_1_oaep_decode.obj src/pk/pkcs1/pkcs_1_oaep_encode.obj src/pk/p
 src/pk/pkcs1/pkcs_1_pss_decode.obj src/pk/pkcs1/pkcs_1_pss_encode.obj src/pk/pkcs1/pkcs_1_v1_5_decode.obj \
 src/pk/pkcs1/pkcs_1_v1_5_encode.obj src/pk/rsa/rsa_decrypt_key.obj src/pk/rsa/rsa_encrypt_key.obj \
 src/pk/rsa/rsa_export.obj src/pk/rsa/rsa_exptmod.obj src/pk/rsa/rsa_free.obj src/pk/rsa/rsa_get_size.obj \
-src/pk/rsa/rsa_import.obj src/pk/rsa/rsa_import_pkcs8.obj src/pk/rsa/rsa_import_radix.obj \
-src/pk/rsa/rsa_import_x509.obj src/pk/rsa/rsa_make_key.obj src/pk/rsa/rsa_sign_hash.obj \
+src/pk/rsa/rsa_import.obj src/pk/rsa/rsa_import_pkcs8.obj src/pk/rsa/rsa_import_x509.obj \
+src/pk/rsa/rsa_make_key.obj src/pk/rsa/rsa_set.obj src/pk/rsa/rsa_sign_hash.obj \
 src/pk/rsa/rsa_sign_saltlen_get.obj src/pk/rsa/rsa_verify_hash.obj src/prngs/chacha20.obj src/prngs/fortuna.obj \
 src/prngs/rc4.obj src/prngs/rng_get_bytes.obj src/prngs/rng_make_prng.obj src/prngs/sober128.obj \
 src/prngs/sprng.obj src/prngs/yarrow.obj src/stream/chacha/chacha_crypt.obj src/stream/chacha/chacha_done.obj \
@@ -185,9 +188,9 @@ src/stream/sober128/sober128_test.obj
 #List of test objects to compile
 TOBJECTS=tests/base64_test.obj tests/cipher_hash_test.obj tests/common.obj tests/der_test.obj tests/dh_test.obj \
 tests/dsa_test.obj tests/ecc_test.obj tests/file_test.obj tests/katja_test.obj tests/mac_test.obj tests/misc_test.obj \
-tests/modes_test.obj tests/multi_test.obj tests/no_prng.obj tests/pkcs_1_eme_test.obj tests/pkcs_1_emsa_test.obj \
-tests/pkcs_1_oaep_test.obj tests/pkcs_1_pss_test.obj tests/pkcs_1_test.obj tests/prng_test.obj \
-tests/rotate_test.obj tests/rsa_test.obj tests/store_test.obj tests/test.obj
+tests/modes_test.obj tests/mpi_test.obj tests/multi_test.obj tests/no_prng.obj tests/pkcs_1_eme_test.obj \
+tests/pkcs_1_emsa_test.obj tests/pkcs_1_oaep_test.obj tests/pkcs_1_pss_test.obj tests/pkcs_1_test.obj \
+tests/prng_test.obj tests/rotate_test.obj tests/rsa_test.obj tests/store_test.obj tests/test.obj
 
 #The following headers will be installed by "make install"
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \

makefile.unix

@@ -100,7 +100,7 @@ src/mac/poly1305/poly1305_memory_multi.o src/mac/poly1305/poly1305_test.o src/ma
 src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
 src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
 src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
-src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
+src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
 src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
 src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
 src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
@@ -170,15 +170,18 @@ src/pk/asn1/der/teletex_string/der_length_teletex_string.o \
 src/pk/asn1/der/utctime/der_decode_utctime.o src/pk/asn1/der/utctime/der_encode_utctime.o \
 src/pk/asn1/der/utctime/der_length_utctime.o src/pk/asn1/der/utf8/der_decode_utf8_string.o \
 src/pk/asn1/der/utf8/der_encode_utf8_string.o src/pk/asn1/der/utf8/der_length_utf8_string.o \
-src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_free.o \
-src/pk/dh/dh_import.o src/pk/dh/dh_make_key.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
-src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
-src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
-src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
-src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
-src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o \
-src/pk/ecc/ecc_import.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o \
-src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_export_key.o \
+src/pk/dh/dh_free.o src/pk/dh/dh_generate_key.o src/pk/dh/dh_import.o src/pk/dh/dh_set.o \
+src/pk/dh/dh_set_pg_dhparam.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
+src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
+src/pk/dsa/dsa_generate_key.o src/pk/dsa/dsa_generate_pqg.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o \
+src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
+src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
+src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
+src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
 src/pk/ecc/ltc_ecc_is_valid_idx.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
 src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
 src/pk/ecc/ltc_ecc_projective_add_point.o src/pk/ecc/ltc_ecc_projective_dbl_point.o \
@@ -189,8 +192,8 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
 src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
 src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_radix.o \
-src/pk/rsa/rsa_import_x509.o src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_x509.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_set.o src/pk/rsa/rsa_sign_hash.o \
 src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o src/prngs/chacha20.o src/prngs/fortuna.o \
 src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
 src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
@@ -202,9 +205,9 @@ src/stream/sober128/sober128_test.o
 #List of test objects to compile (all goes to libtomcrypt_prof.a)
 TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
 tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
-tests/modes_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \
-tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \
-tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
+tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
+tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
+tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
 
 #The following headers will be installed by "make install"
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \

makefile_include.mk

@@ -206,7 +206,7 @@ src/mac/poly1305/poly1305_memory_multi.o src/mac/poly1305/poly1305_test.o src/ma
 src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
 src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
 src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
-src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
+src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
 src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
 src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
 src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
@@ -276,15 +276,18 @@ src/pk/asn1/der/teletex_string/der_length_teletex_string.o \
 src/pk/asn1/der/utctime/der_decode_utctime.o src/pk/asn1/der/utctime/der_encode_utctime.o \
 src/pk/asn1/der/utctime/der_length_utctime.o src/pk/asn1/der/utf8/der_decode_utf8_string.o \
 src/pk/asn1/der/utf8/der_encode_utf8_string.o src/pk/asn1/der/utf8/der_length_utf8_string.o \
-src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_free.o \
-src/pk/dh/dh_import.o src/pk/dh/dh_make_key.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
-src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
-src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
-src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
-src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
-src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o \
-src/pk/ecc/ecc_import.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o \
-src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/dh/dh.o src/pk/dh/dh_check_pubkey.o src/pk/dh/dh_export.o src/pk/dh/dh_export_key.o \
+src/pk/dh/dh_free.o src/pk/dh/dh_generate_key.o src/pk/dh/dh_import.o src/pk/dh/dh_set.o \
+src/pk/dh/dh_set_pg_dhparam.o src/pk/dh/dh_shared_secret.o src/pk/dsa/dsa_decrypt_key.o \
+src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
+src/pk/dsa/dsa_generate_key.o src/pk/dsa/dsa_generate_pqg.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o \
+src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
+src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
+src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
+src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
 src/pk/ecc/ltc_ecc_is_valid_idx.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
 src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
 src/pk/ecc/ltc_ecc_projective_add_point.o src/pk/ecc/ltc_ecc_projective_dbl_point.o \
@@ -295,8 +298,8 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
 src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
 src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_radix.o \
-src/pk/rsa/rsa_import_x509.o src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_pkcs8.o src/pk/rsa/rsa_import_x509.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_set.o src/pk/rsa/rsa_sign_hash.o \
 src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o src/prngs/chacha20.o src/prngs/fortuna.o \
 src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
 src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
@@ -308,9 +311,9 @@ src/stream/sober128/sober128_test.o
 # List of test objects to compile (all goes to libtomcrypt_prof.a)
 TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
 tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
-tests/modes_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o \
-tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o tests/prng_test.o \
-tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
+tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
+tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
+tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
 
 # The following headers will be installed by "make install"
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \

src/headers/tomcrypt_math.h

@@ -30,6 +30,8 @@
    #define LTC_MILLER_RABIN_REPS    35
 #endif
 
+int radix_to_bin(const void *in, int radix, void *out, size_t* len);
+
 /** math descriptor */
 typedef struct {
    /** Name of the math provider */
@@ -491,6 +493,7 @@ extern ltc_math_descriptor ltc_mp;
 
 int ltc_init_multi(void **a, ...);
 void ltc_deinit_multi(void *a, ...);
+void ltc_cleanup_multi(void **a, ...);
 
 #ifdef LTM_DESC
 extern const ltc_math_descriptor ltm_desc;
@@ -513,6 +516,7 @@ extern const ltc_math_descriptor gmp_desc;
 #define mp_init_multi                ltc_init_multi
 #define mp_clear(a)                  ltc_mp.deinit(a)
 #define mp_clear_multi               ltc_deinit_multi
+#define mp_cleanup_multi             ltc_cleanup_multi
 #define mp_init_copy(a, b)           ltc_mp.init_copy(a, b)
 
 #define mp_neg(a, b)                 ltc_mp.neg(a, b)

src/headers/tomcrypt_pk.h

@@ -25,7 +25,7 @@ int rand_prime(void *N, long len, prng_state *prng, int wprng);
 #ifdef LTC_SOURCE
 /* internal helper functions */
 int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng);
-int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng);
+int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng);
 
 enum public_key_algorithms {
    PKA_RSA,
@@ -126,7 +126,18 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key);
 int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key);
 int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen,
                      const void *passwd, unsigned long passwdlen, rsa_key *key);
-int rsa_import_radix(int radix, char *N, char *e, char *d, char *p, char *q, char *dP, char *dQ, char *qP, rsa_key *key);
+
+int rsa_set_key(const unsigned char *N,  unsigned long Nlen,
+                const unsigned char *e,  unsigned long elen,
+                const unsigned char *d,  unsigned long dlen,
+                rsa_key *key);
+int rsa_set_factors(const unsigned char *p,  unsigned long plen,
+                    const unsigned char *q,  unsigned long qlen,
+                    rsa_key *key);
+int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen,
+                       const unsigned char *dQ, unsigned long dQlen,
+                       const unsigned char *qP, unsigned long qPlen,
+                       rsa_key *key);
 #endif
 
 /* ---- Katja ---- */
@@ -204,16 +215,28 @@ typedef struct {
 
 int dh_get_groupsize(dh_key *key);
 
-int dh_make_key(prng_state *prng, int wprng, int groupsize, dh_key *key);
-int dh_make_key_dhparam(prng_state *prng, int wprng, unsigned char *dhparam, unsigned long dhparamlen, dh_key *key);
-void dh_free(dh_key *key);
-
 int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key);
 int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key);
 
+int dh_set_pg(const unsigned char *p, unsigned long plen,
+              const unsigned char *g, unsigned long glen,
+              dh_key *key);
+int dh_set_pg_dhparam(const unsigned char *dhparam, unsigned long dhparamlen, dh_key *key);
+int dh_set_pg_groupsize(int groupsize, dh_key *key);
+
+int dh_set_key(const unsigned char *pub, unsigned long publen,
+               const unsigned char *priv, unsigned long privlen,
+               dh_key *key);
+int dh_generate_key(prng_state *prng, int wprng, dh_key *key);
+
 int dh_shared_secret(dh_key        *private_key, dh_key        *public_key,
                      unsigned char *out,         unsigned long *outlen);
 
+void dh_free(dh_key *key);
+
+int dh_export_key(void *out, unsigned long *outlen,
+                  int type, dh_key *key);
+
 #ifdef LTC_SOURCE
 /* internal helper functions */
 int dh_check_pubkey(dh_key *key);
@@ -419,7 +442,17 @@ typedef struct {
 
 int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
 
-int dsa_make_key_ex(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key, char* p_hex, char* q_hex, char* g_hex);
+int dsa_set_pqg(const unsigned char *p,  unsigned long plen,
+                const unsigned char *q,  unsigned long qlen,
+                const unsigned char *g,  unsigned long glen,
+                dsa_key *key);
+int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen, dsa_key *key);
+int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
+
+int dsa_set_key(const unsigned char *pub, unsigned long publen,
+                const unsigned char *priv, unsigned long privlen,
+                dsa_key *key);
+int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key);
 
 void dsa_free(dsa_key *key);
 
@@ -448,7 +481,6 @@ int dsa_decrypt_key(const unsigned char *in,  unsigned long  inlen,
                           unsigned char *out, unsigned long *outlen,
                           dsa_key *key);
 
-int dsa_import_radix(int radix, char *p, char *q, char *g, char *x, char *y, dsa_key *key);
 int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key);
 int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key);
 int dsa_verify_key(dsa_key *key, int *stat);

src/math/multi.c

@@ -53,6 +53,23 @@ void ltc_deinit_multi(void *a, ...)
    va_end(args);
 }
 
+void ltc_cleanup_multi(void **a, ...)
+{
+   void **cur = a;
+   va_list args;
+
+   va_start(args, a);
+   while (cur != NULL) {
+      if (*cur != NULL) {
+         mp_clear(*cur);
+         *cur = NULL;
+      }
+      cur = va_arg(args, void**);
+   }
+   va_end(args);
+   return;
+}
+
 #endif
 
 /* ref:         $Format:%D$ */

src/math/radix_to_bin.c

@@ -0,0 +1,62 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+/**
+   @file radix_to_bin.c
+   Convert data from a specific radix to binary.
+   Steffen Jaeckel
+*/
+
+/**
+   Convert data from a specific radix to binary
+
+      The default MPI descriptors #ltm_desc, #tfm_desc and #gmp_desc
+      have the following restrictions on parameters:
+
+        \p in    - NUL-terminated char buffer
+
+        \p radix - 2..64
+
+   @param in    The input
+   @param radix The radix of the input
+   @param out   The output buffer
+   @param len   [in/out] The length of the output buffer
+
+   @return CRYPT_OK on success.
+*/
+int radix_to_bin(const void *in, int radix, void *out, size_t* len)
+{
+   size_t l;
+   void* mpi;
+   int err;
+
+   LTC_ARGCHK(in  != NULL);
+   LTC_ARGCHK(len != NULL);
+
+   if ((err = mp_init(&mpi)) != CRYPT_OK) return err;
+   if ((err = mp_read_radix(mpi, in, radix)) != CRYPT_OK) goto LBL_ERR;
+
+   if ((l = mp_unsigned_bin_size(mpi)) > *len) {
+      *len = l;
+      err = CRYPT_BUFFER_OVERFLOW;
+      goto LBL_ERR;
+   }
+   *len = l;
+
+   if ((err = mp_to_unsigned_bin(mpi, out)) != CRYPT_OK) goto LBL_ERR;
+
+LBL_ERR:
+   mp_clear(mpi);
+   return err;
+}
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/math/rand_bn.c

@@ -51,19 +51,20 @@ cleanup:
 }
 
 /**
-  Generate a random number N in a range: 0 <= N < limit
+  Generate a random number N in a range: 1 <= N < limit
 */
-int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng)
+int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng)
 {
-   int res;
+   int res, bits;
 
    LTC_ARGCHK(N != NULL);
    LTC_ARGCHK(limit != NULL);
 
+   bits = mp_count_bits(limit);
    do {
-     res = rand_bn_bits(N, mp_count_bits(limit), prng, wprng);
+     res = rand_bn_bits(N, bits, prng, wprng);
      if (res != CRYPT_OK) return res;
-   } while (mp_cmp(N, limit) != LTC_MP_LT);
+   } while (mp_cmp_d(N, 0) != LTC_MP_GT || mp_cmp(N, limit) != LTC_MP_LT);
 
    return CRYPT_OK;
 }

src/pk/dh/dh_check_pubkey.c

@@ -23,9 +23,6 @@ int dh_check_pubkey(dh_key *key)
    int i, digit_count, bits_set = 0, err;
 
    LTC_ARGCHK(key != NULL);
-   LTC_ARGCHK(key->y != NULL);
-   LTC_ARGCHK(key->base != NULL);
-   LTC_ARGCHK(key->prime != NULL);
 
    if ((err = mp_init(&p_minus1)) != CRYPT_OK) {
       return err;

src/pk/dh/dh_export_key.c

@@ -0,0 +1,47 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_MDH
+
+/**
+  Binary export a DH key to a buffer
+  @param out    [out] The destination for the key
+  @param outlen [in/out] The max size and resulting size of the DH key
+  @param type   Which type of key (PK_PRIVATE or PK_PUBLIC)
+  @param key    The key you wish to export
+  @return CRYPT_OK if successful
+*/
+int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key)
+{
+   unsigned long len;
+   void *k;
+
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(key    != NULL);
+
+   k = (type == PK_PRIVATE) ? key->x : key->y;
+   len = mp_unsigned_bin_size(k);
+
+   if (*outlen < len) {
+      *outlen = len;
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+   *outlen = len;
+
+   return mp_to_unsigned_bin(k, out);
+}
+
+#endif /* LTC_MDH */
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/dh/dh_free.c

@@ -18,22 +18,7 @@
 void dh_free(dh_key *key)
 {
    LTC_ARGCHKVD(key != NULL);
-   if ( key->base ) {
-      mp_clear( key->base );
-      key->base = NULL;
-   }
-   if ( key->prime ) {
-      mp_clear( key->prime );
-      key->prime = NULL;
-   }
-   if ( key->x ) {
-      mp_clear( key->x );
-      key->x = NULL;
-   }
-   if ( key->y ) {
-      mp_clear( key->y );
-      key->y = NULL;
-   }
+   mp_cleanup_multi(&key->base, &key->prime, &key->x, &key->y, NULL);
 }
 
 #endif /* LTC_MDH */

src/pk/dh/dh_generate_key.c

@@ -0,0 +1,102 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_MDH
+
+static int _dh_groupsize_to_keysize(int groupsize)
+{
+   /* The strength estimates from https://tools.ietf.org/html/rfc3526#section-8
+    * We use "Estimate 2" to get an appropriate private key (exponent) size.
+    */
+   if (groupsize <= 0) {
+      return 0;
+   }
+   else if (groupsize <= 192) {
+      return 30;     /* 1536-bit => key size 240-bit */
+   }
+   else if (groupsize <= 256) {
+      return 40;     /* 2048-bit => key size 320-bit */
+   }
+   else if (groupsize <= 384) {
+      return 52;     /* 3072-bit => key size 416-bit */
+   }
+   else if (groupsize <= 512) {
+      return 60;     /* 4096-bit => key size 480-bit */
+   }
+   else if (groupsize <= 768) {
+      return 67;     /* 6144-bit => key size 536-bit */
+   }
+   else if (groupsize <= 1024) {
+      return 77;     /* 8192-bit => key size 616-bit */
+   }
+   else {
+      return 0;
+   }
+}
+
+int dh_generate_key(prng_state *prng, int wprng, dh_key *key)
+{
+   unsigned char *buf;
+   unsigned long keysize;
+   int err, max_iterations = PK_MAX_RETRIES;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   /* good prng? */
+   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+      return err;
+   }
+
+   keysize = _dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime));
+   if (keysize == 0) {
+      err = CRYPT_INVALID_KEYSIZE;
+      goto freemp;
+   }
+
+   /* allocate buffer */
+   buf = XMALLOC(keysize);
+   if (buf == NULL) {
+      err = CRYPT_MEM;
+      goto freemp;
+   }
+
+   key->type = PK_PRIVATE;
+   do {
+      /* make up random buf */
+      if (prng_descriptor[wprng].read(buf, keysize, prng) != keysize) {
+         err = CRYPT_ERROR_READPRNG;
+         goto freebuf;
+      }
+      /* load the x value - private key */
+      if ((err = mp_read_unsigned_bin(key->x, buf, keysize)) != CRYPT_OK) {
+         goto freebuf;
+      }
+      /* compute the y value - public key */
+      if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) {
+         goto freebuf;
+      }
+      err = dh_check_pubkey(key);
+   } while (err != CRYPT_OK && max_iterations-- > 0);
+
+freebuf:
+   zeromem(buf, keysize);
+   XFREE(buf);
+freemp:
+   if (err != CRYPT_OK) mp_clear_multi(key->x, key->y, key->base, key->prime, NULL);
+   return err;
+}
+
+#endif /* LTC_MDH */
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/dh/dh_make_key.c

@@ -1,175 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-
-#include "tomcrypt.h"
-
-#ifdef LTC_MDH
-
-static int _dh_groupsize_to_keysize(int groupsize)
-{
-   /* The strength estimates from https://tools.ietf.org/html/rfc3526#section-8
-    * We use "Estimate 2" to get an appropriate private key (exponent) size.
-    */
-   if (groupsize <= 0) {
-      return 0;
-   }
-   else if (groupsize <= 192) {
-      return 30;     /* 1536-bit => key size 240-bit */
-   }
-   else if (groupsize <= 256) {
-      return 40;     /* 2048-bit => key size 320-bit */
-   }
-   else if (groupsize <= 384) {
-      return 52;     /* 3072-bit => key size 416-bit */
-   }
-   else if (groupsize <= 512) {
-      return 60;     /* 4096-bit => key size 480-bit */
-   }
-   else if (groupsize <= 768) {
-      return 67;     /* 6144-bit => key size 536-bit */
-   }
-   else if (groupsize <= 1024) {
-      return 77;     /* 8192-bit => key size 616-bit */
-   }
-   else {
-      return 0;
-   }
-}
-
-static int _dh_make_key(prng_state *prng, int wprng, void *prime, void *base, dh_key *key)
-{
-   unsigned char *buf;
-   unsigned long keysize;
-   int err, max_iterations = PK_MAX_RETRIES;
-
-   LTC_ARGCHK(key   != NULL);
-   LTC_ARGCHK(prng  != NULL);
-   LTC_ARGCHK(prime != NULL);
-   LTC_ARGCHK(base  != NULL);
-
-   /* good prng? */
-   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-      return err;
-   }
-
-   /* init big numbers */
-   if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) {
-      return err;
-   }
-
-   /* load the prime and the base */
-   if ((err = mp_copy(base, key->base)) != CRYPT_OK)   { goto freemp; }
-   if ((err = mp_copy(prime, key->prime)) != CRYPT_OK) { goto freemp; }
-
-   keysize = _dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime));
-   if (keysize == 0) {
-      err = CRYPT_INVALID_KEYSIZE;
-      goto freemp;
-   }
-
-   /* allocate buffer */
-   buf = XMALLOC(keysize);
-   if (buf == NULL) {
-      err = CRYPT_MEM;
-      goto freemp;
-   }
-
-   key->type = PK_PRIVATE;
-   do {
-      /* make up random buf */
-      if (prng_descriptor[wprng].read(buf, keysize, prng) != keysize) {
-         err = CRYPT_ERROR_READPRNG;
-         goto freebuf;
-      }
-      /* load the x value - private key */
-      if ((err = mp_read_unsigned_bin(key->x, buf, keysize)) != CRYPT_OK) {
-         goto freebuf;
-      }
-      /* compute the y value - public key */
-      if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) {
-         goto freebuf;
-      }
-      err = dh_check_pubkey(key);
-   } while (err != CRYPT_OK && max_iterations-- > 0);
-
-freebuf:
-   zeromem(buf, keysize);
-   XFREE(buf);
-freemp:
-   if (err != CRYPT_OK) mp_clear_multi(key->x, key->y, key->base, key->prime, NULL);
-   return err;
-}
-
-/**
-  Make a DH key (use built-in DH groups) [private key pair]
-  @param prng       An active PRNG state
-  @param wprng      The index for the PRNG you desire to use
-  @param groupsize  The size (octets) of used DH group
-  @param key        [out] Where the newly created DH key will be stored
-  @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
-*/
-int dh_make_key(prng_state *prng, int wprng, int groupsize, dh_key *key)
-{
-   void *p, *b;
-   int i, err;
-
-   LTC_ARGCHK(groupsize > 0);
-
-   for (i = 0; (groupsize > ltc_dh_sets[i].size) && (ltc_dh_sets[i].size != 0); i++);
-   if (ltc_dh_sets[i].size == 0) return CRYPT_INVALID_KEYSIZE;
-
-   if ((err = mp_init_multi(&p, &b, NULL)) != CRYPT_OK)                { return err; }
-   if ((err = mp_read_radix(b, ltc_dh_sets[i].base, 16)) != CRYPT_OK)  { goto error; }
-   if ((err = mp_read_radix(p, ltc_dh_sets[i].prime, 16)) != CRYPT_OK) { goto error; }
-   err = _dh_make_key(prng, wprng, p, b, key);
-
-error:
-   mp_clear_multi(p, b, NULL);
-   return err;
-}
-
-/**
-  Make a DH key (dhparam data: openssl dhparam -outform DER -out dhparam.der 2048)
-  @param prng       An active PRNG state
-  @param wprng      The index for the PRNG you desire to use
-  @param dhparam    The DH param DER encoded data
-  @param dhparamlen The length of dhparam data
-  @param key        [out] Where the newly created DH key will be stored
-  @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
-*/
-int dh_make_key_dhparam(prng_state *prng, int wprng, unsigned char *dhparam, unsigned long dhparamlen, dh_key *key)
-{
-   void *prime, *base;
-   int err;
-
-   LTC_ARGCHK(dhparam != NULL);
-   LTC_ARGCHK(dhparamlen > 0);
-
-   if ((err = mp_init_multi(&prime, &base, NULL)) != CRYPT_OK) {
-      return err;
-   }
-   if ((err = der_decode_sequence_multi(dhparam, dhparamlen,
-                                        LTC_ASN1_INTEGER, 1UL, prime,
-                                        LTC_ASN1_INTEGER, 1UL, base,
-                                        LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
-      goto error;
-   }
-   err = _dh_make_key(prng, wprng, prime, base, key);
-
-error:
-   mp_clear_multi(prime, base, NULL);
-   return err;
-}
-
-
-#endif /* LTC_MDH */
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/dh/dh_set.c

@@ -0,0 +1,133 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_MDH
+
+/**
+  Import DH key parts p and g from raw numbers
+
+  @param p       DH's p (prime)
+  @param plen    DH's p's length
+  @param g       DH's g (group)
+  @param glen    DH's g's length
+  @param key     [out] the destination for the imported key
+  @return CRYPT_OK if successful
+*/
+int dh_set_pg(const unsigned char *p, unsigned long plen,
+              const unsigned char *g, unsigned long glen,
+              dh_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(p           != NULL);
+   LTC_ARGCHK(g           != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) {
+      return err;
+   }
+
+   if ((err = mp_read_unsigned_bin(key->base, (unsigned char*)g, glen)) != CRYPT_OK)     { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->prime, (unsigned char*)p, plen)) != CRYPT_OK)  { goto LBL_ERR; }
+
+   return CRYPT_OK;
+
+LBL_ERR:
+   dh_free(key);
+   return err;
+}
+
+/**
+  Import DH key parts p and g from built-in DH groups
+
+  @param groupsize  The size of the DH group to use
+  @param key        [out] Where the newly created DH key will be stored
+  @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
+*/
+int dh_set_pg_groupsize(int groupsize, dh_key *key)
+{
+   int err, i;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+   LTC_ARGCHK(groupsize   > 0);
+
+   for (i = 0; (groupsize > ltc_dh_sets[i].size) && (ltc_dh_sets[i].size != 0); i++);
+   if (ltc_dh_sets[i].size == 0) return CRYPT_INVALID_KEYSIZE;
+
+   if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) {
+      return err;
+   }
+   if ((err = mp_read_radix(key->base, ltc_dh_sets[i].base, 16)) != CRYPT_OK)  { goto LBL_ERR; }
+   if ((err = mp_read_radix(key->prime, ltc_dh_sets[i].prime, 16)) != CRYPT_OK) { goto LBL_ERR; }
+
+   return CRYPT_OK;
+
+LBL_ERR:
+   dh_free(key);
+   return err;
+}
+
+/**
+  Import DH key parts pub and priv from raw numbers
+
+  @param pub     DH's pub (public key) (can be NULL if priv is valid)
+  @param publen  DH's pub's length
+  @param priv    DH's priv (private key) (can be NULL if pub is valid)
+  @param privlen DH's priv's length
+  @param key     [out] the destination for the imported key
+  @return CRYPT_OK if successful
+*/
+int dh_set_key(const unsigned char *pub, unsigned long publen,
+               const unsigned char *priv, unsigned long privlen,
+               dh_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   if(priv == NULL) {
+      if ((err = mp_read_unsigned_bin(key->y, (unsigned char*)pub, publen)) != CRYPT_OK)         { goto LBL_ERR; }
+      key->type = PK_PUBLIC;
+      mp_clear(key->x);
+      key->x = NULL;
+   }
+   else {
+      if ((err = mp_read_unsigned_bin(key->x, (unsigned char*)priv, privlen)) != CRYPT_OK)         { goto LBL_ERR; }
+      if (pub != NULL) {
+         if ((err = mp_read_unsigned_bin(key->y, (unsigned char*)pub, publen)) != CRYPT_OK)         { goto LBL_ERR; }
+      }
+      else {
+         /* compute y value */
+         if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK)  { goto LBL_ERR; }
+      }
+      key->type = PK_PRIVATE;
+   }
+
+   /* check public key */
+   if ((err = dh_check_pubkey(key)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   return CRYPT_OK;
+
+LBL_ERR:
+   dh_free(key);
+   return err;
+}
+
+#endif /* LTC_MDH */
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/dh/dh_set_pg_dhparam.c

@@ -0,0 +1,54 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_MDH
+
+/**
+  Import DH key parts p and g from dhparam
+
+      dhparam data: openssl dhparam -outform DER -out dhparam.der 2048
+
+  @param dhparam    The DH param DER encoded data
+  @param dhparamlen The length of dhparam data
+  @param key        [out] Where the newly created DH key will be stored
+  @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
+*/
+int dh_set_pg_dhparam(const unsigned char *dhparam, unsigned long dhparamlen, dh_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+   LTC_ARGCHK(dhparam     != NULL);
+   LTC_ARGCHK(dhparamlen  > 0);
+
+   if ((err = mp_init_multi(&key->x, &key->y, &key->base, &key->prime, NULL)) != CRYPT_OK) {
+      return err;
+   }
+   if ((err = der_decode_sequence_multi(dhparam, dhparamlen,
+                                        LTC_ASN1_INTEGER, 1UL, key->prime,
+                                        LTC_ASN1_INTEGER, 1UL, key->base,
+                                        LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   return CRYPT_OK;
+
+LBL_ERR:
+   dh_free(key);
+   return err;
+}
+
+#endif /* LTC_MDH */
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/dsa/dsa_encrypt_key.c

@@ -35,7 +35,7 @@ int dsa_encrypt_key(const unsigned char *in,   unsigned long inlen,
     unsigned char *expt, *skey;
     void          *g_pub, *g_priv;
     unsigned long  x, y;
-    int            err, qbits;
+    int            err;
 
     LTC_ARGCHK(in      != NULL);
     LTC_ARGCHK(out     != NULL);
@@ -73,14 +73,12 @@ int dsa_encrypt_key(const unsigned char *in,   unsigned long inlen,
        return CRYPT_MEM;
     }
 
-    /* make a random g_priv, g_pub = g^x pair */
-    qbits = mp_count_bits(key->q);
-    do {
-      if ((err = rand_bn_bits(g_priv, qbits, prng, wprng)) != CRYPT_OK) {
-        goto LBL_ERR;
-      }
-      /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */
-    } while (mp_cmp_d(g_priv, 0) != LTC_MP_GT || mp_cmp(g_priv, key->q) != LTC_MP_LT);
+    /* make a random g_priv, g_pub = g^x pair
+       private key x should be in range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2)
+     */
+    if ((err = rand_bn_upto(g_priv, key->q, prng, wprng)) != CRYPT_OK) {
+      goto LBL_ERR;
+    }
 
     /* compute y */
     if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) {

src/pk/dsa/dsa_free.c

@@ -22,7 +22,8 @@
 void dsa_free(dsa_key *key)
 {
    LTC_ARGCHKVD(key != NULL);
-   mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL);
+   mp_cleanup_multi(&key->y, &key->x, &key->q, &key->g, &key->p, NULL);
+   key->type = key->qord = 0;
 }
 
 #endif

src/pk/dsa/dsa_generate_key.c

@@ -0,0 +1,47 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+/**
+   @file dsa_make_key.c
+   DSA implementation, generate a DSA key
+*/
+
+#ifdef LTC_MDSA
+
+/**
+  Create a DSA key
+  @param prng          An active PRNG state
+  @param wprng         The index of the PRNG desired
+  @param key           [in/out] Where to store the created key
+  @return CRYPT_OK if successful.
+*/
+int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key)
+{
+  int err;
+
+  LTC_ARGCHK(key         != NULL);
+  LTC_ARGCHK(ltc_mp.name != NULL);
+
+  /* so now we have our DH structure, generator g, order q, modulus p
+     Now we need a random exponent [mod q] and it's power g^x mod p
+   */
+  /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */
+  if ((err = rand_bn_upto(key->x, key->q, prng, wprng)) != CRYPT_OK)          { return err; }
+  if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK)            { return err; }
+  key->type = PK_PRIVATE;
+
+  return CRYPT_OK;
+}
+
+#endif
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/dsa/dsa_generate_pqg.c

@@ -0,0 +1,244 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+/**
+   @file dsa_generate_pqg.c
+   DSA implementation - generate DSA parameters p, q & g
+*/
+
+#ifdef LTC_MDSA
+
+/**
+  Create DSA parameters (INTERNAL ONLY, not part of public API)
+  @param prng          An active PRNG state
+  @param wprng         The index of the PRNG desired
+  @param group_size    Size of the multiplicative group (octets)
+  @param modulus_size  Size of the modulus (octets)
+  @param p             [out] bignum where generated 'p' is stored (must be initialized by caller)
+  @param q             [out] bignum where generated 'q' is stored (must be initialized by caller)
+  @param g             [out] bignum where generated 'g' is stored (must be initialized by caller)
+  @return CRYPT_OK if successful, upon error this function will free all allocated memory
+*/
+static int _dsa_make_params(prng_state *prng, int wprng, int group_size, int modulus_size, void *p, void *q, void *g)
+{
+  unsigned long L, N, n, outbytes, seedbytes, counter, j, i;
+  int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash;
+  unsigned char *wbuf, *sbuf, digest[MAXBLOCKSIZE];
+  void *t2L1, *t2N1, *t2q, *t2seedlen, *U, *W, *X, *c, *h, *e, *seedinc;
+
+  /* check size */
+  if (group_size >= LTC_MDSA_MAX_GROUP || group_size < 1 || group_size >= modulus_size) {
+    return CRYPT_INVALID_ARG;
+  }
+
+ /* FIPS-186-4 A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function
+  *
+  * L = The desired length of the prime p (in bits e.g. L = 1024)
+  * N = The desired length of the prime q (in bits e.g. N = 160)
+  * seedlen = The desired bit length of the domain parameter seed; seedlen shallbe equal to or greater than N
+  * outlen  = The bit length of Hash function
+  *
+  * 1.  Check that the (L, N)
+  * 2.  If (seedlen <N), then return INVALID.
+  * 3.  n = ceil(L / outlen) - 1
+  * 4.  b = L- 1 - (n * outlen)
+  * 5.  domain_parameter_seed = an arbitrary sequence of seedlen bits
+  * 6.  U = Hash (domain_parameter_seed) mod 2^(N-1)
+  * 7.  q = 2^(N-1) + U + 1 - (U mod 2)
+  * 8.  Test whether or not q is prime as specified in Appendix C.3
+  * 9.  If qis not a prime, then go to step 5.
+  * 10. offset = 1
+  * 11. For counter = 0 to (4L- 1) do {
+  *       For j=0 to n do {
+  *         Vj = Hash ((domain_parameter_seed+ offset + j) mod 2^seedlen
+  *       }
+  *       W = V0 + (V1 *2^outlen) + ... + (Vn-1 * 2^((n-1) * outlen)) + ((Vn mod 2^b) * 2^(n * outlen))
+  *       X = W + 2^(L-1)           Comment: 0 <= W < 2^(L-1); hence 2^(L-1) <= X < 2^L
+  *       c = X mod 2*q
+  *       p = X - (c - 1)           Comment: p ~ 1 (mod 2*q)
+  *       If (p >= 2^(L-1)) {
+  *         Test whether or not p is prime as specified in Appendix C.3.
+  *         If p is determined to be prime, then return VALID and the values of p, qand (optionally) the values of domain_parameter_seed and counter
+  *       }
+  *       offset = offset + n + 1   Comment: Increment offset
+  *     }
+  */
+
+  seedbytes = group_size;
+  L = modulus_size * 8;
+  N = group_size * 8;
+
+  /* XXX-TODO no Lucas test */
+#ifdef LTC_MPI_HAS_LUCAS_TEST
+  /* M-R tests (when followed by one Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */
+  mr_tests_p = (L <= 2048) ? 3 : 2;
+  if      (N <= 160)  { mr_tests_q = 19; }
+  else if (N <= 224)  { mr_tests_q = 24; }
+  else                { mr_tests_q = 27; }
+#else
+  /* M-R tests (without Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */
+  if      (L <= 1024) { mr_tests_p = 40; }
+  else if (L <= 2048) { mr_tests_p = 56; }
+  else                { mr_tests_p = 64; }
+
+  if      (N <= 160)  { mr_tests_q = 40; }
+  else if (N <= 224)  { mr_tests_q = 56; }
+  else                { mr_tests_q = 64; }
+#endif
+
+  if (N <= 256) {
+    hash = register_hash(&sha256_desc);
+  }
+  else if (N <= 384) {
+    hash = register_hash(&sha384_desc);
+  }
+  else if (N <= 512) {
+    hash = register_hash(&sha512_desc);
+  }
+  else {
+    return CRYPT_INVALID_ARG; /* group_size too big */
+  }
+
+  if ((err = hash_is_valid(hash)) != CRYPT_OK)                                   { return err; }
+  outbytes = hash_descriptor[hash].hashsize;
+
+  n = ((L + outbytes*8 - 1) / (outbytes*8)) - 1;
+
+  if ((wbuf = XMALLOC((n+1)*outbytes)) == NULL)                                  { err = CRYPT_MEM; goto cleanup3; }
+  if ((sbuf = XMALLOC(seedbytes)) == NULL)                                       { err = CRYPT_MEM; goto cleanup2; }
+
+  err = mp_init_multi(&t2L1, &t2N1, &t2q, &t2seedlen, &U, &W, &X, &c, &h, &e, &seedinc, NULL);
+  if (err != CRYPT_OK)                                                           { goto cleanup1; }
+
+  if ((err = mp_2expt(t2L1, L-1)) != CRYPT_OK)                                   { goto cleanup; }
+  /* t2L1 = 2^(L-1) */
+  if ((err = mp_2expt(t2N1, N-1)) != CRYPT_OK)                                   { goto cleanup; }
+  /* t2N1 = 2^(N-1) */
+  if ((err = mp_2expt(t2seedlen, seedbytes*8)) != CRYPT_OK)                      { goto cleanup; }
+  /* t2seedlen = 2^seedlen */
+
+  for(found_p=0; !found_p;) {
+    /* q */
+    for(found_q=0; !found_q;) {
+      if (prng_descriptor[wprng].read(sbuf, seedbytes, prng) != seedbytes)       { err = CRYPT_ERROR_READPRNG; goto cleanup; }
+      i = outbytes;
+      if ((err = hash_memory(hash, sbuf, seedbytes, digest, &i)) != CRYPT_OK)    { goto cleanup; }
+      if ((err = mp_read_unsigned_bin(U, digest, outbytes)) != CRYPT_OK)         { goto cleanup; }
+      if ((err = mp_mod(U, t2N1, U)) != CRYPT_OK)                                { goto cleanup; }
+      if ((err = mp_add(t2N1, U, q)) != CRYPT_OK)                                { goto cleanup; }
+      if (!mp_isodd(q)) mp_add_d(q, 1, q);
+      if ((err = mp_prime_is_prime(q, mr_tests_q, &res)) != CRYPT_OK)            { goto cleanup; }
+      if (res == LTC_MP_YES) found_q = 1;
+    }
+
+    /* p */
+    if ((err = mp_read_unsigned_bin(seedinc, sbuf, seedbytes)) != CRYPT_OK)      { goto cleanup; }
+    if ((err = mp_add(q, q, t2q)) != CRYPT_OK)                                   { goto cleanup; }
+    for(counter=0; counter < 4*L && !found_p; counter++) {
+      for(j=0; j<=n; j++) {
+        if ((err = mp_add_d(seedinc, 1, seedinc)) != CRYPT_OK)                   { goto cleanup; }
+        if ((err = mp_mod(seedinc, t2seedlen, seedinc)) != CRYPT_OK)             { goto cleanup; }
+        /* seedinc = (seedinc+1) % 2^seed_bitlen */
+        if ((i = mp_unsigned_bin_size(seedinc)) > seedbytes)                     { err = CRYPT_INVALID_ARG; goto cleanup; }
+        zeromem(sbuf, seedbytes);
+        if ((err = mp_to_unsigned_bin(seedinc, sbuf + seedbytes-i)) != CRYPT_OK) { goto cleanup; }
+        i = outbytes;
+        err = hash_memory(hash, sbuf, seedbytes, wbuf+(n-j)*outbytes, &i);
+        if (err != CRYPT_OK)                                                     { goto cleanup; }
+      }
+      if ((err = mp_read_unsigned_bin(W, wbuf, (n+1)*outbytes)) != CRYPT_OK)     { goto cleanup; }
+      if ((err = mp_mod(W, t2L1, W)) != CRYPT_OK)                                { goto cleanup; }
+      if ((err = mp_add(W, t2L1, X)) != CRYPT_OK)                                { goto cleanup; }
+      if ((err = mp_mod(X, t2q, c))  != CRYPT_OK)                                { goto cleanup; }
+      if ((err = mp_sub_d(c, 1, p))  != CRYPT_OK)                                { goto cleanup; }
+      if ((err = mp_sub(X, p, p))    != CRYPT_OK)                                { goto cleanup; }
+      if (mp_cmp(p, t2L1) != LTC_MP_LT) {
+        /* p >= 2^(L-1) */
+        if ((err = mp_prime_is_prime(p, mr_tests_p, &res)) != CRYPT_OK)          { goto cleanup; }
+        if (res == LTC_MP_YES) {
+          found_p = 1;
+        }
+      }
+    }
+  }
+
+ /* FIPS-186-4 A.2.1 Unverifiable Generation of the Generator g
+  * 1. e = (p - 1)/q
+  * 2. h = any integer satisfying: 1 < h < (p - 1)
+  *    h could be obtained from a random number generator or from a counter that changes after each use
+  * 3. g = h^e mod p
+  * 4. if (g == 1), then go to step 2.
+  *
+  */
+
+  if ((err = mp_sub_d(p, 1, e)) != CRYPT_OK)                                     { goto cleanup; }
+  if ((err = mp_div(e, q, e, c)) != CRYPT_OK)                                    { goto cleanup; }
+  /* e = (p - 1)/q */
+  i = mp_count_bits(p);
+  do {
+    do {
+      if ((err = rand_bn_bits(h, i, prng, wprng)) != CRYPT_OK)                   { goto cleanup; }
+    } while (mp_cmp(h, p) != LTC_MP_LT || mp_cmp_d(h, 2) != LTC_MP_GT);
+    if ((err = mp_sub_d(h, 1, h)) != CRYPT_OK)                                   { goto cleanup; }
+    /* h is randon and 1 < h < (p-1) */
+    if ((err = mp_exptmod(h, e, p, g)) != CRYPT_OK)                              { goto cleanup; }
+  } while (mp_cmp_d(g, 1) == LTC_MP_EQ);
+
+  err = CRYPT_OK;
+cleanup:
+  mp_clear_multi(t2L1, t2N1, t2q, t2seedlen, U, W, X, c, h, e, seedinc, NULL);
+cleanup1:
+  XFREE(sbuf);
+cleanup2:
+  XFREE(wbuf);
+cleanup3:
+  return err;
+}
+
+/**
+  Generate DSA parameters p, q & g
+  @param prng          An active PRNG state
+  @param wprng         The index of the PRNG desired
+  @param group_size    Size of the multiplicative group (octets)
+  @param modulus_size  Size of the modulus (octets)
+  @param key           [out] Where to store the created key
+  @return CRYPT_OK if successful.
+*/
+int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   /* init mp_ints */
+   if ((err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL)) != CRYPT_OK) {
+      return err;
+   }
+   /* generate params */
+   err = _dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g);
+   if (err != CRYPT_OK) {
+      goto cleanup;
+   }
+
+   key->qord = group_size;
+
+   return CRYPT_OK;
+
+cleanup:
+   dsa_free(key);
+   return err;
+}
+
+#endif
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/dsa/dsa_import.c

@@ -125,7 +125,7 @@ LBL_OK:
 
   return CRYPT_OK;
 LBL_ERR:
-   mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL);
+   dsa_free(key);
    return err;
 }
 

src/pk/dsa/dsa_import_radix.c

@@ -1,69 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt.h"
-
-/**
-  Import DSA public or private key from raw numbers
-  @param radix   the radix the numbers are represented in (2-64, 16 = hexadecimal)
-  @param p       DSA's p  in radix representation
-  @param q       DSA's q  in radix representation
-  @param g       DSA's g  in radix representation
-  @param x       DSA's x  in radix representation (only private key, NULL for public key)
-  @param y       DSA's y  in radix representation
-  @param key     [out] the destination for the imported key
-  @return CRYPT_OK if successful, upon error allocated memory is freed
-*/
-
-#ifdef LTC_MDSA
-
-int dsa_import_radix(int radix, char *p, char *q, char *g, char *x, char *y, dsa_key *key)
-{
-   int err;
-
-   LTC_ARGCHK(p != NULL);
-   LTC_ARGCHK(q != NULL);
-   LTC_ARGCHK(g != NULL);
-   LTC_ARGCHK(y != NULL);
-   LTC_ARGCHK(ltc_mp.name != NULL);
-
-   /* init key */
-   err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
-   if (err != CRYPT_OK) return err;
-
-   if ((err = mp_read_radix(key->p , p , radix)) != CRYPT_OK) { goto LBL_ERR; }
-   if ((err = mp_read_radix(key->q , q , radix)) != CRYPT_OK) { goto LBL_ERR; }
-   if ((err = mp_read_radix(key->g , g , radix)) != CRYPT_OK) { goto LBL_ERR; }
-   if ((err = mp_read_radix(key->y , y , radix)) != CRYPT_OK) { goto LBL_ERR; }
-   if (x && strlen(x) > 0) {
-      key->type = PK_PRIVATE;
-      if ((err = mp_read_radix(key->x , x , radix)) != CRYPT_OK) { goto LBL_ERR; }
-   }
-   else {
-      key->type = PK_PUBLIC;
-   }
-
-   key->qord = mp_unsigned_bin_size(key->q);
-
-   if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
-      (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
-      err = CRYPT_INVALID_PACKET;
-      goto LBL_ERR;
-   }
-   return CRYPT_OK;
-
-LBL_ERR:
-   mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL);
-   return err;
-}
-
-#endif
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/dsa/dsa_make_key.c

@@ -10,265 +10,28 @@
 
 /**
    @file dsa_make_key.c
-   DSA implementation, generate a DSA key, Tom St Denis
+   DSA implementation, generate a DSA key
 */
 
 #ifdef LTC_MDSA
 
 /**
-  Create DSA parameters (INTERNAL ONLY, not part of public API)
-  @param prng          An active PRNG state
-  @param wprng         The index of the PRNG desired
-  @param group_size    Size of the multiplicative group (octets)
-  @param modulus_size  Size of the modulus (octets)
-  @param p             [out] bignum where generated 'p' is stored (must be initialized by caller)
-  @param q             [out] bignum where generated 'q' is stored (must be initialized by caller)
-  @param g             [out] bignum where generated 'g' is stored (must be initialized by caller)
-  @return CRYPT_OK if successful, upon error this function will free all allocated memory
-*/
-static int _dsa_make_params(prng_state *prng, int wprng, int group_size, int modulus_size, void *p, void *q, void *g)
-{
-  unsigned long L, N, n, outbytes, seedbytes, counter, j, i;
-  int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash;
-  unsigned char *wbuf, *sbuf, digest[MAXBLOCKSIZE];
-  void *t2L1, *t2N1, *t2q, *t2seedlen, *U, *W, *X, *c, *h, *e, *seedinc;
-
-  /* check size */
-  if (group_size >= LTC_MDSA_MAX_GROUP || group_size < 1 || group_size >= modulus_size) {
-    return CRYPT_INVALID_ARG;
-  }
-
- /* FIPS-186-4 A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function
-  *
-  * L = The desired length of the prime p (in bits e.g. L = 1024)
-  * N = The desired length of the prime q (in bits e.g. N = 160)
-  * seedlen = The desired bit length of the domain parameter seed; seedlen shallbe equal to or greater than N
-  * outlen  = The bit length of Hash function
-  *
-  * 1.  Check that the (L, N)
-  * 2.  If (seedlen <N), then return INVALID.
-  * 3.  n = ceil(L / outlen) - 1
-  * 4.  b = L- 1 - (n * outlen)
-  * 5.  domain_parameter_seed = an arbitrary sequence of seedlen bits
-  * 6.  U = Hash (domain_parameter_seed) mod 2^(N-1)
-  * 7.  q = 2^(N-1) + U + 1 - (U mod 2)
-  * 8.  Test whether or not q is prime as specified in Appendix C.3
-  * 9.  If qis not a prime, then go to step 5.
-  * 10. offset = 1
-  * 11. For counter = 0 to (4L- 1) do {
-  *       For j=0 to n do {
-  *         Vj = Hash ((domain_parameter_seed+ offset + j) mod 2^seedlen
-  *       }
-  *       W = V0 + (V1 *2^outlen) + ... + (Vn-1 * 2^((n-1) * outlen)) + ((Vn mod 2^b) * 2^(n * outlen))
-  *       X = W + 2^(L-1)           Comment: 0 <= W < 2^(L-1); hence 2^(L-1) <= X < 2^L
-  *       c = X mod 2*q
-  *       p = X - (c - 1)           Comment: p ~ 1 (mod 2*q)
-  *       If (p >= 2^(L-1)) {
-  *         Test whether or not p is prime as specified in Appendix C.3.
-  *         If p is determined to be prime, then return VALID and the values of p, qand (optionally) the values of domain_parameter_seed and counter
-  *       }
-  *       offset = offset + n + 1   Comment: Increment offset
-  *     }
-  */
-
-  seedbytes = group_size;
-  L = modulus_size * 8;
-  N = group_size * 8;
-
-  /* XXX-TODO no Lucas test */
-#ifdef LTC_MPI_HAS_LUCAS_TEST
-  /* M-R tests (when followed by one Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */
-  mr_tests_p = (L <= 2048) ? 3 : 2;
-  if      (N <= 160)  { mr_tests_q = 19; }
-  else if (N <= 224)  { mr_tests_q = 24; }
-  else                { mr_tests_q = 27; }
-#else
-  /* M-R tests (without Lucas test) according FIPS-186-4 - Appendix C.3 - table C.1 */
-  if      (L <= 1024) { mr_tests_p = 40; }
-  else if (L <= 2048) { mr_tests_p = 56; }
-  else                { mr_tests_p = 64; }
-
-  if      (N <= 160)  { mr_tests_q = 40; }
-  else if (N <= 224)  { mr_tests_q = 56; }
-  else                { mr_tests_q = 64; }
-#endif
-
-  if (N <= 256) {
-    hash = register_hash(&sha256_desc);
-  }
-  else if (N <= 384) {
-    hash = register_hash(&sha384_desc);
-  }
-  else if (N <= 512) {
-    hash = register_hash(&sha512_desc);
-  }
-  else {
-    return CRYPT_INVALID_ARG; /* group_size too big */
-  }
-
-  if ((err = hash_is_valid(hash)) != CRYPT_OK)                                   { return err; }
-  outbytes = hash_descriptor[hash].hashsize;
-
-  n = ((L + outbytes*8 - 1) / (outbytes*8)) - 1;
-
-  if ((wbuf = XMALLOC((n+1)*outbytes)) == NULL)                                  { err = CRYPT_MEM; goto cleanup3; }
-  if ((sbuf = XMALLOC(seedbytes)) == NULL)                                       { err = CRYPT_MEM; goto cleanup2; }
-
-  err = mp_init_multi(&t2L1, &t2N1, &t2q, &t2seedlen, &U, &W, &X, &c, &h, &e, &seedinc, NULL);
-  if (err != CRYPT_OK)                                                           { goto cleanup1; }
-
-  if ((err = mp_2expt(t2L1, L-1)) != CRYPT_OK)                                   { goto cleanup; }
-  /* t2L1 = 2^(L-1) */
-  if ((err = mp_2expt(t2N1, N-1)) != CRYPT_OK)                                   { goto cleanup; }
-  /* t2N1 = 2^(N-1) */
-  if ((err = mp_2expt(t2seedlen, seedbytes*8)) != CRYPT_OK)                      { goto cleanup; }
-  /* t2seedlen = 2^seedlen */
-
-  for(found_p=0; !found_p;) {
-    /* q */
-    for(found_q=0; !found_q;) {
-      if (prng_descriptor[wprng].read(sbuf, seedbytes, prng) != seedbytes)       { err = CRYPT_ERROR_READPRNG; goto cleanup; }
-      i = outbytes;
-      if ((err = hash_memory(hash, sbuf, seedbytes, digest, &i)) != CRYPT_OK)    { goto cleanup; }
-      if ((err = mp_read_unsigned_bin(U, digest, outbytes)) != CRYPT_OK)         { goto cleanup; }
-      if ((err = mp_mod(U, t2N1, U)) != CRYPT_OK)                                { goto cleanup; }
-      if ((err = mp_add(t2N1, U, q)) != CRYPT_OK)                                { goto cleanup; }
-      if (!mp_isodd(q)) mp_add_d(q, 1, q);
-      if ((err = mp_prime_is_prime(q, mr_tests_q, &res)) != CRYPT_OK)            { goto cleanup; }
-      if (res == LTC_MP_YES) found_q = 1;
-    }
-
-    /* p */
-    if ((err = mp_read_unsigned_bin(seedinc, sbuf, seedbytes)) != CRYPT_OK)      { goto cleanup; }
-    if ((err = mp_add(q, q, t2q)) != CRYPT_OK)                                   { goto cleanup; }
-    for(counter=0; counter < 4*L && !found_p; counter++) {
-      for(j=0; j<=n; j++) {
-        if ((err = mp_add_d(seedinc, 1, seedinc)) != CRYPT_OK)                   { goto cleanup; }
-        if ((err = mp_mod(seedinc, t2seedlen, seedinc)) != CRYPT_OK)             { goto cleanup; }
-        /* seedinc = (seedinc+1) % 2^seed_bitlen */
-        if ((i = mp_unsigned_bin_size(seedinc)) > seedbytes)                     { err = CRYPT_INVALID_ARG; goto cleanup; }
-        zeromem(sbuf, seedbytes);
-        if ((err = mp_to_unsigned_bin(seedinc, sbuf + seedbytes-i)) != CRYPT_OK) { goto cleanup; }
-        i = outbytes;
-        err = hash_memory(hash, sbuf, seedbytes, wbuf+(n-j)*outbytes, &i);
-        if (err != CRYPT_OK)                                                     { goto cleanup; }
-      }
-      if ((err = mp_read_unsigned_bin(W, wbuf, (n+1)*outbytes)) != CRYPT_OK)     { goto cleanup; }
-      if ((err = mp_mod(W, t2L1, W)) != CRYPT_OK)                                { goto cleanup; }
-      if ((err = mp_add(W, t2L1, X)) != CRYPT_OK)                                { goto cleanup; }
-      if ((err = mp_mod(X, t2q, c))  != CRYPT_OK)                                { goto cleanup; }
-      if ((err = mp_sub_d(c, 1, p))  != CRYPT_OK)                                { goto cleanup; }
-      if ((err = mp_sub(X, p, p))    != CRYPT_OK)                                { goto cleanup; }
-      if (mp_cmp(p, t2L1) != LTC_MP_LT) {
-        /* p >= 2^(L-1) */
-        if ((err = mp_prime_is_prime(p, mr_tests_p, &res)) != CRYPT_OK)          { goto cleanup; }
-        if (res == LTC_MP_YES) {
-          found_p = 1;
-        }
-      }
-    }
-  }
-
- /* FIPS-186-4 A.2.1 Unverifiable Generation of the Generator g
-  * 1. e = (p - 1)/q
-  * 2. h = any integer satisfying: 1 < h < (p - 1)
-  *    h could be obtained from a random number generator or from a counter that changes after each use
-  * 3. g = h^e mod p
-  * 4. if (g == 1), then go to step 2.
-  *
-  */
-
-  if ((err = mp_sub_d(p, 1, e)) != CRYPT_OK)                                     { goto cleanup; }
-  if ((err = mp_div(e, q, e, c)) != CRYPT_OK)                                    { goto cleanup; }
-  /* e = (p - 1)/q */
-  i = mp_count_bits(p);
-  do {
-    do {
-      if ((err = rand_bn_bits(h, i, prng, wprng)) != CRYPT_OK)                   { goto cleanup; }
-    } while (mp_cmp(h, p) != LTC_MP_LT || mp_cmp_d(h, 2) != LTC_MP_GT);
-    if ((err = mp_sub_d(h, 1, h)) != CRYPT_OK)                                   { goto cleanup; }
-    /* h is randon and 1 < h < (p-1) */
-    if ((err = mp_exptmod(h, e, p, g)) != CRYPT_OK)                              { goto cleanup; }
-  } while (mp_cmp_d(g, 1) == LTC_MP_EQ);
-
-  err = CRYPT_OK;
-cleanup:
-  mp_clear_multi(t2L1, t2N1, t2q, t2seedlen, U, W, X, c, h, e, seedinc, NULL);
-cleanup1:
-  XFREE(sbuf);
-cleanup2:
-  XFREE(wbuf);
-cleanup3:
-  return err;
-}
-
-/**
-  Create a DSA key (with given params)
+  Old-style creation of a DSA key
   @param prng          An active PRNG state
   @param wprng         The index of the PRNG desired
   @param group_size    Size of the multiplicative group (octets)
   @param modulus_size  Size of the modulus (octets)
   @param key           [out] Where to store the created key
-  @param p_hex         Hexadecimal string 'p'
-  @param q_hex         Hexadecimal string 'q'
-  @param g_hex         Hexadecimal string 'g'
-  @return CRYPT_OK if successful, upon error this function will free all allocated memory
+  @return CRYPT_OK if successful.
 */
-int dsa_make_key_ex(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key, char* p_hex, char* q_hex, char* g_hex)
+int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key)
 {
-  int err, qbits;
+  int err;
 
-  LTC_ARGCHK(key  != NULL);
-
-  /* init mp_ints */
-  if ((err = mp_init_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != CRYPT_OK) {
-    return err;
-  }
-
-  if (p_hex == NULL || q_hex == NULL || g_hex == NULL) {
-    /* generate params */
-    err = _dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g);
-    if (err != CRYPT_OK)                                                         { goto cleanup; }
-  }
-  else {
-    /* read params */
-    if ((err = mp_read_radix(key->p, p_hex, 16)) != CRYPT_OK)                    { goto cleanup; }
-    if ((err = mp_read_radix(key->q, q_hex, 16)) != CRYPT_OK)                    { goto cleanup; }
-    if ((err = mp_read_radix(key->g, g_hex, 16)) != CRYPT_OK)                    { goto cleanup; }
-    /* XXX-TODO maybe do some validity check for p, q, g */
-  }
-
-  /* so now we have our DH structure, generator g, order q, modulus p
-     Now we need a random exponent [mod q] and it's power g^x mod p
-   */
-  qbits = mp_count_bits(key->q);
-  do {
-     if ((err = rand_bn_bits(key->x, qbits, prng, wprng)) != CRYPT_OK)                  { goto cleanup; }
-     /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */
-  } while (mp_cmp_d(key->x, 0) != LTC_MP_GT || mp_cmp(key->x, key->q) != LTC_MP_LT);
-  if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK)                   { goto cleanup; }
-  key->type = PK_PRIVATE;
-  key->qord = group_size;
+  if ((err = dsa_generate_pqg(prng, wprng, group_size, modulus_size, key)) != CRYPT_OK) { return err; }
+  if ((err = dsa_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; }
 
   return CRYPT_OK;
-
-cleanup:
-  mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL);
-  return err;
-}
-
-/**
-  Create a DSA key
-  @param prng          An active PRNG state
-  @param wprng         The index of the PRNG desired
-  @param group_size    Size of the multiplicative group (octets)
-  @param modulus_size  Size of the modulus (octets)
-  @param key           [out] Where to store the created key
-  @return CRYPT_OK if successful, upon error this function will free all allocated memory
-*/
-int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key)
-{
-  return dsa_make_key_ex(prng, wprng, group_size, modulus_size, key, NULL, NULL, NULL);
 }
 
 #endif

src/pk/dsa/dsa_set.c

@@ -0,0 +1,103 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+
+#ifdef LTC_MDSA
+
+/**
+  Import DSA's p, q & g from raw numbers
+  @param p       DSA's p  in binary representation
+  @param plen    The length of p
+  @param q       DSA's q  in binary representation
+  @param qlen    The length of q
+  @param g       DSA's g  in binary representation
+  @param glen    The length of g
+  @param key     [out] the destination for the imported key
+  @return CRYPT_OK if successful.
+*/
+int dsa_set_pqg(const unsigned char *p,  unsigned long plen,
+                const unsigned char *q,  unsigned long qlen,
+                const unsigned char *g,  unsigned long glen,
+                dsa_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(p           != NULL);
+   LTC_ARGCHK(q           != NULL);
+   LTC_ARGCHK(g           != NULL);
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   /* init key */
+   err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
+   if (err != CRYPT_OK) return err;
+
+   if ((err = mp_read_unsigned_bin(key->p, (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->g, (unsigned char *)g , glen)) != CRYPT_OK) { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->q, (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; }
+
+   key->qord = mp_unsigned_bin_size(key->q);
+
+   if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
+      (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
+      err = CRYPT_INVALID_PACKET;
+      goto LBL_ERR;
+   }
+   return CRYPT_OK;
+
+LBL_ERR:
+   dsa_free(key);
+   return err;
+}
+
+/**
+  Import DSA public or private key from raw numbers
+  @param pub     DSA's y (public key) in binary representation
+  @param publen  The length of pub
+  @param priv    DSA's x (private key) in binary representation (can be NULL when importing public key)
+  @param privlen The length of priv
+  @param key     [out] the destination for the imported key
+  @return CRYPT_OK if successful.
+*/
+int dsa_set_key(const unsigned char *pub, unsigned long publen,
+                const unsigned char *priv, unsigned long privlen,
+                dsa_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(key->x      != NULL);
+   LTC_ARGCHK(key->y      != NULL);
+   LTC_ARGCHK(key->p      != NULL);
+   LTC_ARGCHK(key->g      != NULL);
+   LTC_ARGCHK(key->q      != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   if ((err = mp_read_unsigned_bin(key->y, (unsigned char *)pub , publen)) != CRYPT_OK) { goto LBL_ERR; }
+   if (priv != NULL) {
+      key->type = PK_PRIVATE;
+      if ((err = mp_read_unsigned_bin(key->x, (unsigned char *)priv , privlen)) != CRYPT_OK) { goto LBL_ERR; }
+   }
+   else {
+      key->type = PK_PUBLIC;
+   }
+
+   return CRYPT_OK;
+
+LBL_ERR:
+   dsa_free(key);
+   return err;
+}
+
+#endif
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/dsa/dsa_set_pqg_dsaparam.c

@@ -0,0 +1,63 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+
+#ifdef LTC_MDSA
+
+/**
+  Import DSA's p, q & g from dsaparam
+
+      dsaparam data: openssl dsaparam -outform DER -out dsaparam.der 2048
+
+  @param dsaparam    The DSA param DER encoded data
+  @param dsaparamlen The length of dhparam data
+  @param key         [out] the destination for the imported key
+  @return CRYPT_OK if successful.
+*/
+int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen,
+                         dsa_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(dsaparam    != NULL);
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   /* init key */
+   err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
+   if (err != CRYPT_OK) return err;
+
+   if ((err = der_decode_sequence_multi(dsaparam, dsaparamlen,
+                                        LTC_ASN1_INTEGER, 1UL, key->p,
+                                        LTC_ASN1_INTEGER, 1UL, key->q,
+                                        LTC_ASN1_INTEGER, 1UL, key->g,
+                                        LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   key->qord = mp_unsigned_bin_size(key->q);
+
+   if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
+      (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
+      err = CRYPT_INVALID_PACKET;
+      goto LBL_ERR;
+   }
+   return CRYPT_OK;
+
+LBL_ERR:
+   dsa_free(key);
+   return err;
+}
+
+#endif
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/rsa/rsa_free.c

@@ -22,7 +22,7 @@
 void rsa_free(rsa_key *key)
 {
    LTC_ARGCHKVD(key != NULL);
-   mp_clear_multi(key->q, key->p, key->qP, key->dP, key->dQ, key->N, key->d, key->e, NULL);
+   mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL);
 }
 
 #endif

src/pk/rsa/rsa_import_radix.c

@@ -1,66 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt.h"
-
-/**
-  Import RSA public or private key from raw numbers
-  @param radix   the radix the numbers are represented in (2-64, 16 = hexadecimal)
-  @param N       RSA's N  in radix representation
-  @param e       RSA's e  in radix representation
-  @param d       RSA's d  in radix representation (only private key, NULL for public key)
-  @param p       RSA's p  in radix representation (only private key, NULL for public key)
-  @param q       RSA's q  in radix representation (only private key, NULL for public key)
-  @param dP      RSA's dP in radix representation (only private key, NULL for public key)
-  @param dQ      RSA's dQ in radix representation (only private key, NULL for public key)
-  @param qP      RSA's qP in radix representation (only private key, NULL for public key)
-  @param key     [out] the destination for the imported key
-  @return CRYPT_OK if successful, upon error allocated memory is freed
-*/
-
-#ifdef LTC_MRSA
-
-int rsa_import_radix(int radix, char *N, char *e, char *d, char *p, char *q, char *dP, char *dQ, char *qP, rsa_key *key)
-{
-   int err;
-
-   LTC_ARGCHK(key         != NULL);
-   LTC_ARGCHK(N           != NULL);
-   LTC_ARGCHK(e           != NULL);
-   LTC_ARGCHK(ltc_mp.name != NULL);
-
-   err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
-   if (err != CRYPT_OK) return err;
-
-   if ((err = mp_read_radix(key->N , N , radix)) != CRYPT_OK)    { goto LBL_ERR; }
-   if ((err = mp_read_radix(key->e , e , radix)) != CRYPT_OK)    { goto LBL_ERR; }
-   if (d && p && q && dP && dQ && qP && strlen(d)>0 && strlen(p)>0 &&
-       strlen(q)>0 && strlen(dP)>0 && strlen(dQ)>0 && strlen(qP)>0) {
-      if ((err = mp_read_radix(key->d , d , radix)) != CRYPT_OK) { goto LBL_ERR; }
-      if ((err = mp_read_radix(key->p , p , radix)) != CRYPT_OK) { goto LBL_ERR; }
-      if ((err = mp_read_radix(key->q , q , radix)) != CRYPT_OK) { goto LBL_ERR; }
-      if ((err = mp_read_radix(key->dP, dP, radix)) != CRYPT_OK) { goto LBL_ERR; }
-      if ((err = mp_read_radix(key->dQ, dQ, radix)) != CRYPT_OK) { goto LBL_ERR; }
-      if ((err = mp_read_radix(key->qP, qP, radix)) != CRYPT_OK) { goto LBL_ERR; }
-      key->type = PK_PRIVATE;
-   }
-   else {
-      key->type = PK_PUBLIC;
-   }
-   return CRYPT_OK;
-
-LBL_ERR:
-   mp_clear_multi(key->d,  key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
-   return err;
-}
-
-#endif /* LTC_MRSA */
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/rsa/rsa_set.c

@@ -0,0 +1,134 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+
+#ifdef LTC_MRSA
+
+/**
+  Import RSA key from raw numbers
+
+  @param N       RSA's N
+  @param Nlen    RSA's N's length
+  @param e       RSA's e
+  @param elen    RSA's e's length
+  @param d       RSA's d  (only private key, NULL for public key)
+  @param dlen    RSA's d's length
+  @param key     [out] the destination for the imported key
+  @return CRYPT_OK if successful
+*/
+int rsa_set_key(const unsigned char *N,  unsigned long Nlen,
+                const unsigned char *e,  unsigned long elen,
+                const unsigned char *d,  unsigned long dlen,
+                rsa_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(N           != NULL);
+   LTC_ARGCHK(e           != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
+   if (err != CRYPT_OK) return err;
+
+   if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK)    { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK)    { goto LBL_ERR; }
+   if (d && dlen) {
+      if ((err = mp_read_unsigned_bin(key->d , (unsigned char *)d , dlen)) != CRYPT_OK) { goto LBL_ERR; }
+      key->type = PK_PRIVATE;
+   }
+   else {
+      key->type = PK_PUBLIC;
+   }
+   return CRYPT_OK;
+
+LBL_ERR:
+   rsa_free(key);
+   return err;
+}
+
+/**
+  Import factors of an RSA key from raw numbers
+
+  Only for private keys.
+
+  @param p       RSA's p
+  @param plen    RSA's p's length
+  @param q       RSA's q
+  @param qlen    RSA's q's length
+  @param key     [out] the destination for the imported key
+  @return CRYPT_OK if successful
+*/
+int rsa_set_factors(const unsigned char *p,  unsigned long plen,
+                    const unsigned char *q,  unsigned long qlen,
+                    rsa_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(p           != NULL);
+   LTC_ARGCHK(q           != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH;
+
+   if ((err = mp_read_unsigned_bin(key->p , (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->q , (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; }
+   return CRYPT_OK;
+
+LBL_ERR:
+   rsa_free(key);
+   return err;
+}
+
+/**
+  Import CRT parameters of an RSA key from raw numbers
+
+  Only for private keys.
+
+  @param dP      RSA's dP
+  @param dPlen   RSA's dP's length
+  @param dQ      RSA's dQ
+  @param dQlen   RSA's dQ's length
+  @param qP      RSA's qP
+  @param qPlen   RSA's qP's length
+  @param key     [out] the destination for the imported key
+  @return CRYPT_OK if successful
+*/
+int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen,
+                       const unsigned char *dQ, unsigned long dQlen,
+                       const unsigned char *qP, unsigned long qPlen,
+                       rsa_key *key)
+{
+   int err;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(dP          != NULL);
+   LTC_ARGCHK(dQ          != NULL);
+   LTC_ARGCHK(qP          != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   if (key->type != PK_PRIVATE) return CRYPT_PK_TYPE_MISMATCH;
+
+   if ((err = mp_read_unsigned_bin(key->dP, (unsigned char *)dP, dPlen)) != CRYPT_OK) { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->dQ, (unsigned char *)dQ, dQlen)) != CRYPT_OK) { goto LBL_ERR; }
+   if ((err = mp_read_unsigned_bin(key->qP, (unsigned char *)qP, qPlen)) != CRYPT_OK) { goto LBL_ERR; }
+   return CRYPT_OK;
+
+LBL_ERR:
+   rsa_free(key);
+   return err;
+}
+
+#endif /* LTC_MRSA */
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

tests/dh_test.c

@@ -10,7 +10,7 @@
 
 #ifdef LTC_MDH
 
-#ifdef DH4096
+#ifdef LTC_DH4096
 #define KEYSIZE 4096
 #else
 #define KEYSIZE 2048
@@ -126,7 +126,8 @@ static int _dhparam_test(void)
       0x98, 0xcb
    };
 
-   DO(dh_make_key_dhparam(&yarrow_prng, find_prng ("yarrow"), dhparam_der, sizeof(dhparam_der), &k));
+   DO(dh_set_pg_dhparam(dhparam_der, sizeof(dhparam_der), &k));
+   DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &k));
    if (mp_unsigned_bin_size(k.prime) > sizeof(buf)) {
       printf("dhparam_test: short buf\n");
       dh_free(&k);
@@ -147,6 +148,219 @@ static int _dhparam_test(void)
    return CRYPT_OK;
 }
 
+static int _set_test(void)
+{
+   dh_key k1, k2, k3;
+   unsigned char buf[4096];
+   unsigned long len;
+   int i;
+   unsigned char gbin[] = { 0x02 };
+   unsigned char pbin[] = {
+      0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+      0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+      0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+      0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+      0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+      0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+      0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+      0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+      0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+      0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+      0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+      0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+      0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+      0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+      0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+      0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+   };
+   unsigned char xbin[] = {
+      0xA6, 0x68, 0x1A, 0xDC, 0x38, 0x6C, 0xE9, 0x44, 0xC3, 0xDE, 0xD9, 0xA7, 0x30, 0x1D, 0xCC, 0x9C,
+      0x51, 0x82, 0x50, 0xE3, 0xED, 0xB6, 0x2F, 0x95, 0x91, 0x98, 0xF8, 0xDC, 0x00, 0x57, 0xDD, 0x6F,
+      0xB5, 0x7A, 0xBA, 0xFD, 0x78, 0x81, 0x98, 0xB1
+   };
+   unsigned char ybin[] = {
+      0x39, 0x04, 0x66, 0x32, 0xC8, 0x34, 0x41, 0x8D, 0xFA, 0x07, 0xB3, 0x09, 0x15, 0x38, 0xB6, 0x14,
+      0xD1, 0xFB, 0x5D, 0xBB, 0x78, 0x5C, 0x0F, 0xBE, 0xA3, 0xB9, 0x8B, 0x29, 0x5B, 0xC0, 0xCD, 0x07,
+      0x6A, 0x88, 0xD9, 0x45, 0x21, 0x41, 0xA2, 0x69, 0xE8, 0xBA, 0xEB, 0x1D, 0xD6, 0x54, 0xEB, 0xA0,
+      0x3A, 0x57, 0x05, 0x31, 0x8D, 0x12, 0x97, 0x54, 0xCD, 0xF4, 0x00, 0x3A, 0x8C, 0x39, 0x92, 0x40,
+      0xFB, 0xB8, 0xF1, 0x62, 0x49, 0x0F, 0x6F, 0x0D, 0xC7, 0x0E, 0x41, 0x4B, 0x6F, 0xEE, 0x88, 0x08,
+      0x6A, 0xFA, 0xA4, 0x8E, 0x9F, 0x3A, 0x24, 0x8E, 0xDC, 0x09, 0x34, 0x52, 0x66, 0x3D, 0x34, 0xE0,
+      0xE8, 0x09, 0xD4, 0xF6, 0xBA, 0xDB, 0xB3, 0x6F, 0x80, 0xB6, 0x81, 0x3E, 0xBF, 0x7C, 0x32, 0x81,
+      0xB8, 0x62, 0x20, 0x9E, 0x56, 0x04, 0xBD, 0xEA, 0x8B, 0x8F, 0x5F, 0x7B, 0xFD, 0xC3, 0xEE, 0xB7,
+      0xAD, 0xB7, 0x30, 0x48, 0x28, 0x9B, 0xCE, 0xA0, 0xF5, 0xA5, 0xCD, 0xEE, 0x7D, 0xF9, 0x1C, 0xD1,
+      0xF0, 0xBA, 0x63, 0x2F, 0x06, 0xDB, 0xE9, 0xBA, 0x7E, 0xF0, 0x14, 0xB8, 0x4B, 0x02, 0xD4, 0x97,
+      0xCA, 0x7D, 0x0C, 0x60, 0xF7, 0x34, 0x75, 0x2A, 0x64, 0x9D, 0xA4, 0x96, 0x94, 0x6B, 0x4E, 0x53,
+      0x1B, 0x30, 0xD9, 0xF8, 0x2E, 0xDD, 0x85, 0x56, 0x36, 0xC0, 0xB0, 0xF2, 0xAE, 0x23, 0x2E, 0x41,
+      0x86, 0x45, 0x4E, 0x88, 0x87, 0xBB, 0x42, 0x3E, 0x32, 0xA5, 0xA2, 0x49, 0x5E, 0xAC, 0xBA, 0x99,
+      0x62, 0x0A, 0xCD, 0x03, 0xA3, 0x83, 0x45, 0xEB, 0xB6, 0x73, 0x5E, 0x62, 0x33, 0x0A, 0x8E, 0xE9,
+      0xAA, 0x6C, 0x83, 0x70, 0x41, 0x0F, 0x5C, 0xD4, 0x5A, 0xF3, 0x7E, 0xE9, 0x0A, 0x0D, 0xA9, 0x5B,
+      0xE9, 0x6F, 0xC9, 0x39, 0xE8, 0x8F, 0xE0, 0xBD, 0x2C, 0xD0, 0x9F, 0xC8, 0xF5, 0x24, 0x20, 0x8C
+   };
+
+   struct {
+     int radix;
+     void* g; int glen;
+     void* p; int plen;
+     void* x; int xlen;
+     void* y; int ylen;
+   } test[1] = {
+      { 256, gbin, sizeof(gbin),   pbin, sizeof(pbin),   xbin, sizeof(xbin),   ybin, sizeof(ybin)   }
+   };
+
+   unsigned char export_private[] = {
+      0x30, 0x82, 0x01, 0x3A, 0x02, 0x01, 0x00, 0x03, 0x02, 0x07, 0x80, 0x02, 0x82, 0x01, 0x01, 0x00,
+      0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+      0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+      0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+      0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+      0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+      0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+      0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+      0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+      0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+      0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+      0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+      0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+      0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+      0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+      0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+      0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+      0x02, 0x01, 0x02, 0x02, 0x29, 0x00, 0xA6, 0x68, 0x1A, 0xDC, 0x38, 0x6C, 0xE9, 0x44, 0xC3, 0xDE,
+      0xD9, 0xA7, 0x30, 0x1D, 0xCC, 0x9C, 0x51, 0x82, 0x50, 0xE3, 0xED, 0xB6, 0x2F, 0x95, 0x91, 0x98,
+      0xF8, 0xDC, 0x00, 0x57, 0xDD, 0x6F, 0xB5, 0x7A, 0xBA, 0xFD, 0x78, 0x81, 0x98, 0xB1
+   };
+   unsigned char export_public[] = {
+      0x30, 0x82, 0x02, 0x13, 0x02, 0x01, 0x00, 0x03, 0x02, 0x07, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
+      0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+      0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+      0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+      0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+      0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+      0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+      0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+      0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+      0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+      0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+      0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+      0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+      0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+      0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+      0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+      0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+      0x02, 0x01, 0x02, 0x02, 0x82, 0x01, 0x00, 0x39, 0x04, 0x66, 0x32, 0xC8, 0x34, 0x41, 0x8D, 0xFA,
+      0x07, 0xB3, 0x09, 0x15, 0x38, 0xB6, 0x14, 0xD1, 0xFB, 0x5D, 0xBB, 0x78, 0x5C, 0x0F, 0xBE, 0xA3,
+      0xB9, 0x8B, 0x29, 0x5B, 0xC0, 0xCD, 0x07, 0x6A, 0x88, 0xD9, 0x45, 0x21, 0x41, 0xA2, 0x69, 0xE8,
+      0xBA, 0xEB, 0x1D, 0xD6, 0x54, 0xEB, 0xA0, 0x3A, 0x57, 0x05, 0x31, 0x8D, 0x12, 0x97, 0x54, 0xCD,
+      0xF4, 0x00, 0x3A, 0x8C, 0x39, 0x92, 0x40, 0xFB, 0xB8, 0xF1, 0x62, 0x49, 0x0F, 0x6F, 0x0D, 0xC7,
+      0x0E, 0x41, 0x4B, 0x6F, 0xEE, 0x88, 0x08, 0x6A, 0xFA, 0xA4, 0x8E, 0x9F, 0x3A, 0x24, 0x8E, 0xDC,
+      0x09, 0x34, 0x52, 0x66, 0x3D, 0x34, 0xE0, 0xE8, 0x09, 0xD4, 0xF6, 0xBA, 0xDB, 0xB3, 0x6F, 0x80,
+      0xB6, 0x81, 0x3E, 0xBF, 0x7C, 0x32, 0x81, 0xB8, 0x62, 0x20, 0x9E, 0x56, 0x04, 0xBD, 0xEA, 0x8B,
+      0x8F, 0x5F, 0x7B, 0xFD, 0xC3, 0xEE, 0xB7, 0xAD, 0xB7, 0x30, 0x48, 0x28, 0x9B, 0xCE, 0xA0, 0xF5,
+      0xA5, 0xCD, 0xEE, 0x7D, 0xF9, 0x1C, 0xD1, 0xF0, 0xBA, 0x63, 0x2F, 0x06, 0xDB, 0xE9, 0xBA, 0x7E,
+      0xF0, 0x14, 0xB8, 0x4B, 0x02, 0xD4, 0x97, 0xCA, 0x7D, 0x0C, 0x60, 0xF7, 0x34, 0x75, 0x2A, 0x64,
+      0x9D, 0xA4, 0x96, 0x94, 0x6B, 0x4E, 0x53, 0x1B, 0x30, 0xD9, 0xF8, 0x2E, 0xDD, 0x85, 0x56, 0x36,
+      0xC0, 0xB0, 0xF2, 0xAE, 0x23, 0x2E, 0x41, 0x86, 0x45, 0x4E, 0x88, 0x87, 0xBB, 0x42, 0x3E, 0x32,
+      0xA5, 0xA2, 0x49, 0x5E, 0xAC, 0xBA, 0x99, 0x62, 0x0A, 0xCD, 0x03, 0xA3, 0x83, 0x45, 0xEB, 0xB6,
+      0x73, 0x5E, 0x62, 0x33, 0x0A, 0x8E, 0xE9, 0xAA, 0x6C, 0x83, 0x70, 0x41, 0x0F, 0x5C, 0xD4, 0x5A,
+      0xF3, 0x7E, 0xE9, 0x0A, 0x0D, 0xA9, 0x5B, 0xE9, 0x6F, 0xC9, 0x39, 0xE8, 0x8F, 0xE0, 0xBD, 0x2C,
+      0xD0, 0x9F, 0xC8, 0xF5, 0x24, 0x20, 0x8C
+   };
+
+   for (i = 0; i < 1; i++) {
+      DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k1));
+      DO(dh_set_key(NULL, 0, test[i].x, test[i].xlen, &k1));
+
+      len = sizeof(buf);
+      DO(dh_export(buf, &len, PK_PRIVATE, &k1));
+      if (compare_testvector(buf, len, export_private, sizeof(export_private), "radix_test", i*10 + 0)) {
+         printf("radix_test: dh_export+PK_PRIVATE mismatch\n");
+         dh_free(&k1);
+         return CRYPT_ERROR;
+      }
+      len = sizeof(buf);
+      DO(dh_export(buf, &len, PK_PUBLIC, &k1));
+      if (compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test", i*10 + 1)) {
+         printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+         dh_free(&k1);
+         return CRYPT_ERROR;
+      }
+      len = sizeof(buf);
+      DO(dh_export_key(buf, &len, PK_PRIVATE, &k1));
+      if (compare_testvector(buf, len, xbin, sizeof(xbin), "radix_test", i*10 + 2)) {
+         printf("radix_test: dh_export+PK_PRIVATE mismatch\n");
+         dh_free(&k1);
+         return CRYPT_ERROR;
+      }
+      len = sizeof(buf);
+      DO(dh_export_key(buf, &len, PK_PUBLIC, &k1));
+      if (compare_testvector(buf, len, ybin, sizeof(ybin), "radix_test", i*10 + 3)) {
+         printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+         dh_free(&k1);
+         return CRYPT_ERROR;
+      }
+      dh_free(&k1);
+
+      DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k1));
+      DO(dh_set_key(test[i].y, test[i].ylen, test[i].x, test[i].xlen, &k1));
+
+      len = sizeof(buf);
+      DO(dh_export(buf, &len, PK_PRIVATE, &k1));
+      if (compare_testvector(buf, len, export_private, sizeof(export_private), "radix_test", i*10 + 4)) {
+         printf("radix_test: dh_export+PK_PRIVATE mismatch\n");
+         dh_free(&k1);
+         return CRYPT_ERROR;
+      }
+      len = sizeof(buf);
+      DO(dh_export(buf, &len, PK_PUBLIC, &k1));
+      if (compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test", i*10 + 5)) {
+         printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+         dh_free(&k1);
+         return CRYPT_ERROR;
+      }
+      dh_free(&k1);
+
+      DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k2));
+      DO(dh_set_key(test[i].y, test[i].ylen, NULL, 0, &k2));
+
+      len = sizeof(buf);
+      DO(dh_export(buf, &len, PK_PUBLIC, &k2));
+      if (compare_testvector(buf, len, export_public, sizeof(export_public), "radix_test", i*10 + 6)) {
+         printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+         dh_free(&k2);
+         return CRYPT_ERROR;
+      }
+      len = sizeof(buf);
+      DO(dh_export_key(buf, &len, PK_PUBLIC, &k2));
+      if (compare_testvector(buf, len, ybin, sizeof(ybin), "radix_test", i*10 + 7)) {
+         printf("radix_test: dh_export+PK_PUBLIC mismatch\n");
+         dh_free(&k2);
+         return CRYPT_ERROR;
+      }
+      dh_free(&k2);
+
+      DO(dh_set_pg(test[i].p, test[i].plen, test[i].g, test[i].glen, &k3));
+      DO(dh_generate_key(&yarrow_prng, find_prng("yarrow"), &k3));
+
+      len = mp_unsigned_bin_size(k3.prime);
+      DO(mp_to_unsigned_bin(k3.prime, buf));
+      if (compare_testvector(buf, len, pbin, sizeof(pbin), "radix_test", i*10 + 8)) {
+         printf("radix_test: dh_make_key_ex prime mismatch\n");
+         dh_free(&k3);
+         return CRYPT_ERROR;
+      }
+      len = mp_unsigned_bin_size(k3.base);
+      DO(mp_to_unsigned_bin(k3.base, buf));
+      if (compare_testvector(buf, len, gbin, sizeof(gbin), "radix_test", i*10 + 9)) {
+         printf("radix_test: dh_make_key_ex base mismatch\n");
+         dh_free(&k3);
+         return CRYPT_ERROR;
+      }
+      dh_free(&k3);
+   }
+
+   return CRYPT_OK;
+}
+
 static int _basic_test(void)
 {
    unsigned char buf[3][4096];
@@ -154,18 +368,11 @@ static int _basic_test(void)
    int           size;
    dh_key        usera, userb;
 
-   if (register_prng(&yarrow_desc) == -1) {
-      printf("Error registering yarrow PRNG\n");
-      return CRYPT_ERROR;
-   }
-   if (register_hash(&md5_desc) == -1) {
-      printf("Error registering md5 hash\n");
-      return CRYPT_ERROR;
-   }
-
    /* make up two keys */
-   DO(dh_make_key (&yarrow_prng, find_prng ("yarrow"), KEYSIZE/8, &usera));
-   DO(dh_make_key (&yarrow_prng, find_prng ("yarrow"), KEYSIZE/8, &userb));
+   DO(dh_set_pg_groupsize(KEYSIZE/8, &usera));
+   DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &usera));
+   DO(dh_set_pg_groupsize(KEYSIZE/8, &userb));
+   DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &userb));
 
    /* make the shared secret */
    x = KEYSIZE;
@@ -209,13 +416,15 @@ static int _basic_test(void)
    }
 
    for (x = 0; ltc_dh_sets[x].size != 0; x++) {
-      DO(dh_make_key(&yarrow_prng, find_prng ("yarrow"), ltc_dh_sets[x].size, &usera));
+      DO(dh_set_pg_groupsize(ltc_dh_sets[x].size, &usera));
+      DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &usera));
       size = dh_get_groupsize(&usera);
       dh_free(&usera);
       if (size != ltc_dh_sets[x].size) {
          fprintf(stderr, "dh_groupsize mismatch %d %d\n", size, ltc_dh_sets[x].size);
          return CRYPT_ERROR;
       }
+      dh_free(&usera);
    }
 
    return CRYPT_OK;
@@ -227,6 +436,7 @@ int dh_test(void)
    if (_prime_test() != CRYPT_OK) fails++;
    if (_basic_test() != CRYPT_OK) fails++;
    if (_dhparam_test() != CRYPT_OK) fails++;
+   if (_set_test() != CRYPT_OK) fails++;
    return fails > 0 ? CRYPT_FAIL_TESTVECTOR : CRYPT_OK;
 }
 

tests/dsa_test.c

@@ -59,13 +59,6 @@ static char *hex_q = "AA5BD7F4E5062413E58835CA00C7A635716194C5";
 static char *hex_x = "9936E5E4E9FB28BE91F5065FE8C935B3F5D81FC5";
 static char *hex_y = "5316B0FBBF598A5E5595C14FAC43B80853E6CF0D9223FAB184595239BFCBF22D383ADD935205497E2B12C46173E36F54BD96E5A7AAA95A58A4B767D2C0BDC81EB13A124F98C005EF395D6ABAB70B3BD8B795DD796EA2D28473470388B464D9B9B84FF1C934BBF97366F57C2E11FEC331E60838596781EB6D4127D70D74AFA035";
 
-/* private key - raw decimal numbers */
-static char *dec_g = "41834149751984197912953436480983170533071735026506895442815002322147255782590882063707309354781506433716654796985480894012184326029507913813728323760888731712844346877576824916725534905000120412305763983626878322597033839508975868744887842375259196379140567488975525420966465471602331600963525846901216912348";
-static char *dec_p = "138366127874251453574215823372867983172559870428080754538874699342292548213873551009389476481395012375639515165022292709776266658812209612126692196557051247870332681145778007636026326219557730049370214260237710845864302921876857532769906463917243319959886290876544710558897185626634470575981605420411381006287";
-static char *dec_q = "972576611327916959546542817054443329226761409733";
-static char *dec_x = "874699854785640347852049895863914110365034094533";
-static char *dec_y = "58346825863862115220306694056113472976936045407556113559931032566376300411053620606958863235131122432665794570437845128216268156672161823000705623178942581094085367656740608001229642983928728905397237964247962716781137229394844332774819193277135681825866994604976120931444766148118918668354923664000689348661";
-
 /* The public part of test_dsa.key in SubjectPublicKeyInfo format */
 static const unsigned char openssl_pub_dsa[] = {
   0x30, 0x82, 0x01, 0xb6, 0x30, 0x82, 0x01, 0x2b, 0x06, 0x07, 0x2a, 0x86,
@@ -107,74 +100,150 @@ static const unsigned char openssl_pub_dsa[] = {
   0xeb, 0x6d, 0x41, 0x27, 0xd7, 0x0d, 0x74, 0xaf, 0xa0, 0x35
 };
 
-static int dsa_compat_test(void)
+static unsigned char dsaparam_der[] = {
+   0x30, 0x82, 0x01, 0x1e, 0x02, 0x81, 0x81, 0x00, 0xc5, 0x0a, 0x37, 0x51,
+   0x5c, 0xab, 0xd6, 0x18, 0xd5, 0xa2, 0x70, 0xbd, 0x4a, 0x6f, 0x6b, 0x4a,
+   0xf9, 0xe1, 0x39, 0x95, 0x0f, 0x2b, 0x99, 0x38, 0x7d, 0x9a, 0x64, 0xd6,
+   0x4c, 0xb5, 0x96, 0x7a, 0xdc, 0xed, 0xac, 0xa8, 0xac, 0xc6, 0x1b, 0x65,
+   0x5a, 0xde, 0xdb, 0x00, 0x61, 0x25, 0x1a, 0x18, 0x2c, 0xee, 0xa1, 0x07,
+   0x90, 0x62, 0x5e, 0x4d, 0x12, 0x31, 0x90, 0xc7, 0x03, 0x21, 0xfa, 0x09,
+   0xe7, 0xb1, 0x73, 0xd7, 0x8e, 0xaf, 0xdb, 0xfd, 0xbf, 0xb3, 0xef, 0xad,
+   0xd1, 0xa1, 0x2a, 0x03, 0x6d, 0xe7, 0x06, 0x92, 0x4a, 0x85, 0x2a, 0xff,
+   0x7a, 0x01, 0x66, 0x53, 0x1f, 0xea, 0xc6, 0x67, 0x41, 0x84, 0x5a, 0xc0,
+   0x6c, 0xed, 0x62, 0xf9, 0xc2, 0x62, 0x62, 0x05, 0xa4, 0xfa, 0x48, 0xa0,
+   0x66, 0xec, 0x35, 0xc9, 0xa8, 0x11, 0xfe, 0xb9, 0x81, 0xab, 0xee, 0xbe,
+   0x31, 0xb6, 0xbf, 0xcf, 0x02, 0x15, 0x00, 0xaa, 0x5b, 0xd7, 0xf4, 0xe5,
+   0x06, 0x24, 0x13, 0xe5, 0x88, 0x35, 0xca, 0x00, 0xc7, 0xa6, 0x35, 0x71,
+   0x61, 0x94, 0xc5, 0x02, 0x81, 0x80, 0x3b, 0x92, 0xe4, 0xff, 0x59, 0x29,
+   0x15, 0x0b, 0x08, 0x99, 0x5a, 0x7b, 0xf2, 0xad, 0x14, 0x40, 0x55, 0x6f,
+   0xa0, 0x47, 0xff, 0x90, 0x99, 0xb3, 0x44, 0xb3, 0xd4, 0xfc, 0x45, 0x15,
+   0x05, 0xae, 0x67, 0x22, 0x43, 0x9c, 0xba, 0x37, 0x10, 0xa5, 0x89, 0x47,
+   0x37, 0xec, 0xcc, 0xf5, 0xae, 0xad, 0xa8, 0xb4, 0x7a, 0x35, 0xcb, 0x9d,
+   0x93, 0x5c, 0xed, 0xe6, 0xb0, 0x7e, 0x96, 0x94, 0xc4, 0xa6, 0x0c, 0x7d,
+   0xd6, 0x70, 0x8a, 0x09, 0x4f, 0x81, 0x4a, 0x0e, 0xc2, 0x13, 0xfb, 0xeb,
+   0x16, 0xbf, 0xea, 0xa4, 0xf4, 0x56, 0xff, 0x72, 0x30, 0x05, 0xde, 0x8a,
+   0x44, 0x3f, 0xbe, 0xc6, 0x85, 0x26, 0x55, 0xd6, 0x2d, 0x1d, 0x1e, 0xdb,
+   0x15, 0xda, 0xa4, 0x45, 0x83, 0x3c, 0x17, 0x97, 0x98, 0x0b, 0x8d, 0x87,
+   0xf3, 0x49, 0x0d, 0x90, 0xbd, 0xa9, 0xab, 0x67, 0x6e, 0x87, 0x68, 0x72,
+   0x23, 0xdc
+ };
+
+
+static int _dsa_compat_test(void)
 {
   dsa_key key;
   unsigned char tmp[1024], buf[1024];
   unsigned long x, len;
+  unsigned char key_parts[5][256];
+  unsigned long key_lens[5];
+  int stat;
 
   DO(dsa_import(openssl_priv_dsa, sizeof(openssl_priv_dsa), &key));
 
   x = sizeof(tmp);
   DO(dsa_export(tmp, &x, PK_PRIVATE | PK_STD, &key));
-  DO((x == sizeof(openssl_priv_dsa))?CRYPT_OK:CRYPT_ERROR);
-  DO((memcmp(tmp, openssl_priv_dsa, sizeof(openssl_priv_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
+  if (compare_testvector(tmp, x, openssl_priv_dsa, sizeof(openssl_priv_dsa),
+                         "DSA private export failed from dsa_import(priv_key)\n", 0)) {
+     return CRYPT_FAIL_TESTVECTOR;
+  }
 
   x = sizeof(tmp);
   DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key));
-  DO((x == sizeof(openssl_pub_dsa))?CRYPT_OK:CRYPT_ERROR);
-  DO((memcmp(tmp, openssl_pub_dsa, sizeof(openssl_pub_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
+  if (compare_testvector(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa),
+                         "DSA public export failed from dsa_import(priv_key)\n", 0)) {
+     return CRYPT_FAIL_TESTVECTOR;
+  }
   dsa_free(&key);
 
   DO(dsa_import(openssl_pub_dsa, sizeof(openssl_pub_dsa), &key));
 
   x = sizeof(tmp);
   DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key));
-  DO((x == sizeof(openssl_pub_dsa))?CRYPT_OK:CRYPT_ERROR);
-  DO((memcmp(tmp, openssl_pub_dsa, sizeof(openssl_pub_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
+  if (compare_testvector(tmp, x, openssl_pub_dsa, sizeof(openssl_pub_dsa),
+                         "DSA public export failed from dsa_import(pub_key)\n", 0)) {
+     return CRYPT_FAIL_TESTVECTOR;
+  }
   dsa_free(&key);
 
   /* try import private key from raw hexadecimal numbers */
-  DO(dsa_import_radix(16, hex_p, hex_q, hex_g, hex_x, hex_y, &key));
+  for (x = 0; x < 5; ++x) {
+     key_lens[x] = sizeof(key_parts[x]);
+  }
+  DO(radix_to_bin(hex_p, 16, key_parts[0], &key_lens[0]));
+  DO(radix_to_bin(hex_q, 16, key_parts[1], &key_lens[1]));
+  DO(radix_to_bin(hex_g, 16, key_parts[2], &key_lens[2]));
+  DO(radix_to_bin(hex_y, 16, key_parts[3], &key_lens[3]));
+  DO(radix_to_bin(hex_x, 16, key_parts[4], &key_lens[4]));
+
+  DO(dsa_set_pqg(key_parts[0], key_lens[0],
+                 key_parts[1], key_lens[1],
+                 key_parts[2], key_lens[2],
+                 &key));
+  DO(dsa_set_key(key_parts[3], key_lens[3],
+                 key_parts[4], key_lens[4],
+                 &key));
   len = sizeof(buf);
   DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key));
-  if (len != sizeof(openssl_priv_dsa) || memcmp(buf, openssl_priv_dsa, len)) {
-     fprintf(stderr, "DSA private export failed to match dsa_import_radix(16, ..)\n");
-     return 1;
+  if (compare_testvector(buf, len, openssl_priv_dsa, sizeof(openssl_priv_dsa),
+                         "DSA private export failed from dsa_set_pqg() & dsa_set_key()\n", 0)) {
+     return CRYPT_FAIL_TESTVECTOR;
   }
   dsa_free(&key);
 
-  /* try import private key from raw decimal numbers */
-  DO(dsa_import_radix(10, dec_p, dec_q, dec_g, dec_x, dec_y, &key));
+  /* try import public key from raw hexadecimal numbers */
+  DO(dsa_set_pqg(key_parts[0], key_lens[0],
+                 key_parts[1], key_lens[1],
+                 key_parts[2], key_lens[2],
+                 &key));
+  DO(dsa_set_key(key_parts[3], key_lens[3],
+                 NULL, 0,
+                 &key));
   len = sizeof(buf);
-  DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key));
-  if (len != sizeof(openssl_priv_dsa) || memcmp(buf, openssl_priv_dsa, len)) {
-     fprintf(stderr, "DSA private export failed to match dsa_import_radix(10, ..)\n");
-     return 1;
+  DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
+  if (compare_testvector(buf, len, openssl_pub_dsa, sizeof(openssl_pub_dsa),
+                         "DSA public export failed from dsa_set_pqg() & dsa_set_key()\n", 0)) {
+     return CRYPT_FAIL_TESTVECTOR;
   }
   dsa_free(&key);
 
-  /* try import public key from raw hexadecimal numbers */
-  DO(dsa_import_radix(16, hex_p, hex_q, hex_g, NULL, hex_y, &key));
+  /* try import dsaparam */
+  DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
+  DO(dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key));
+  /* verify it */
+  DO(dsa_verify_key(&key, &stat));
+  if (stat == 0) {
+     fprintf(stderr, "dsa_verify_key after dsa_set_pqg_dsaparam()");
+     return CRYPT_FAIL_TESTVECTOR;
+  }
+  dsa_free(&key);
+
+  /* try import dsaparam - our public key */
+  DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
+  DO(dsa_set_key(key_parts[3], key_lens[3],
+                 NULL, 0,
+                 &key));
   len = sizeof(buf);
   DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
-  if (len != sizeof(openssl_pub_dsa) || memcmp(buf, openssl_pub_dsa, len)) {
-     fprintf(stderr, "DSA public export failed to match dsa_import_radix(16, ..)\n");
-     return 1;
+  if (compare_testvector(buf, len, openssl_pub_dsa, sizeof(openssl_pub_dsa),
+                         "DSA public export failed from dsa_set_pqg_dsaparam()\n", 0)) {
+     return CRYPT_FAIL_TESTVECTOR;
   }
   dsa_free(&key);
 
-  /* try import public key from raw decimal numbers */
-  DO(dsa_import_radix(10, dec_p, dec_q, dec_g, NULL, dec_y, &key));
+  /* try import dsaparam - our private key */
+  DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
+  DO(dsa_set_key(key_parts[3], key_lens[3],
+                 key_parts[4], key_lens[4],
+                 &key));
   len = sizeof(buf);
-  DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
-  if (len != sizeof(openssl_pub_dsa) || memcmp(buf, openssl_pub_dsa, len)) {
-     fprintf(stderr, "DSA public export failed to match dsa_import_radix(10, ..)\n");
-     return 1;
+  DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key));
+  if (compare_testvector(buf, len, openssl_priv_dsa, sizeof(openssl_priv_dsa),
+                         "DSA private export failed from dsa_set_pqg_dsaparam()\n", 0)) {
+     return CRYPT_FAIL_TESTVECTOR;
   }
   dsa_free(&key);
 
-  return 0;
+  return CRYPT_OK;
 }
 
 int dsa_test(void)
@@ -184,10 +253,11 @@ int dsa_test(void)
    int stat1, stat2;
    dsa_key key, key2;
 
-   dsa_compat_test();
+   DO(_dsa_compat_test());
 
    /* make a random key */
-   DO(dsa_make_key(&yarrow_prng, find_prng("yarrow"), 20, 128, &key));
+   DO(dsa_generate_pqg(&yarrow_prng, find_prng("yarrow"), 20, 128, &key));
+   DO(dsa_generate_key(&yarrow_prng, find_prng("yarrow"), &key));
 
    /* verify it */
    DO(dsa_verify_key(&key, &stat1));

tests/mpi_test.c

@@ -0,0 +1,147 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include  <tomcrypt_test.h>
+
+#ifdef LTC_MPI
+static int _radix_to_bin_test(void)
+{
+   /* RADIX 16 */
+   char *ghex = "2";
+   char *phex = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22"
+                "514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6"
+                "F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
+                "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB"
+                "9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E8603"
+                "9B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
+                "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
+   char *xhex = "A6681ADC386CE944C3DED9A7301DCC9C518250E3EDB62F959198F8DC0057DD6FB57ABAFD788198B1";
+   char *yhex = "39046632C834418DFA07B3091538B614D1FB5DBB785C0FBEA3B98B295BC0CD076A88D9452141A269"
+                "E8BAEB1DD654EBA03A5705318D129754CDF4003A8C399240FBB8F162490F6F0DC70E414B6FEE8808"
+                "6AFAA48E9F3A248EDC093452663D34E0E809D4F6BADBB36F80B6813EBF7C3281B862209E5604BDEA"
+                "8B8F5F7BFDC3EEB7ADB73048289BCEA0F5A5CDEE7DF91CD1F0BA632F06DBE9BA7EF014B84B02D497"
+                "CA7D0C60F734752A649DA496946B4E531B30D9F82EDD855636C0B0F2AE232E4186454E8887BB423E"
+                "32A5A2495EACBA99620ACD03A38345EBB6735E62330A8EE9AA6C8370410F5CD45AF37EE90A0DA95B"
+                "E96FC939E88FE0BD2CD09FC8F524208C";
+   /* RADIX 47 */
+   char *gr47 = "2";
+   char *pr47 = "F27Mg1SadOFIRbDOJ5dHgHiVF02Z1LHHQ6G5SLG2U8aTdfH1ETk4GARRE7WW99dBUBLb9e2OHFIaSM1A"
+                "ag2LNNjgYa9I9CjQGJihL3J7A2SGQe8j5Ch8EHMj5jVbAYDiQKhhPhM6Hc56fKS40GUfJkGO7KJ6EXZQ"
+                "VgbSa2AkPC65F91g0PaYie8AGNVaFKaV9HOQf3ia1iW4i6eCOB9CcBbH7TbQij8AEgjZ0VRBcLKc6UYO"
+                "1Zc3I2Jc0h1H2HBEH8ONI3OYBbaPV6XhAd8WCc60D0RDBU3H9U7cWL28a0c90XNO0dh5RXEFBbUCE2ZG"
+                "gh9XQSVIHkVbFIS5F5IGVOkiWAVc9i8BHB2V0UbGW6UdRTZVV";
+   char *xr47 = "6bhO7O9NWFRgEMjdU0Y5POj3c1JP15MYEdIg3FO1PEjUY2aGYNSXcaF01R";
+   char *yr47 = "3GNPNWEYfKML1cIbI7Cc1Z0O7aQLJgB734dO2i56LLYDdI4gHYk2GAbQH2WI97hNeC7dj3fPEH8I9gV9"
+                "U323AXj1AJXbFPFIHGOTdC29QUUeH2SSc6NWhfQDDXd5Q5iXCKEAUGX3SKcNFIfVOYJgZCLjfHYQdgOQ"
+                "GCjKNgbEV7Hj34MU3b79iANX2DbMYfb9iGi78BWH2HYAd7IAhk7U0OYGHKJX1bIUUj1KBLhAUg46GaER"
+                "G9W3ARMfBCj6kSdDF9TdkWAjWTDj722IeVJERC4bKU2VDFG20kDhCMF985efD1SS8DfXcdCHF1kDUkSA"
+                "884FHYiFEPkaagQOBQaN9BNaEHNbbd002DCIIX5eMP4HgPJPF";
+   /* RADIX 64 */
+   char *gr64 = "2";
+   char *pr64 = "3//////////yaFsg8XQC8qnCPYYu3S7D4f0au8YcVCT08BlgOx4viYKKe8UOuq1DtlbHcppJf36p0h2c"
+                "toNnGtJ+4rRMrHmaNaXRLsObv+nlHCGkccD+rh2/zSjlG6j+tkE6lxMecVfQwV915yIn/cIIXcKUpaMp"
+                "t207oueME/1PZQI3OSLTEQQHO/gFqapr+3PLqZtAEjbXnYyrOWXLAxdjKf1t2Mbcrd33LEIhoO1F5qR0"
+                "ZA625yCf1UHYuspZlZddSi60w60vidWwBi1wAFjSLTy6zCKidUAylsbLWN63cLINpgbMhb5T8c69Zw1H"
+                "0LSevQYgogQF//////////";
+   char *xr64 = "2cQ1hSE6pfHCFUsQSm7SoSKO9Gu+ssBvMHcFZS05VTRxLwklruWPYn";
+   char *yr64 = "v16Ooo3H1ZVe7imaLEBOKqVjTktXS3xwZkOifMy3D1sg8sKKXGQ9fwBhh7TPKww0wLmKnZHANLCtq03g"
+                "CEP90+xZnOaaFRmt73a5BR+w826hwf8wVEYIEt0aqKcOzDE3e2TJskjkpRu2sWJw/V3A1k68WdbO4lUg"
+                "BZrzx/SFkjwstC4WecywWzQNDxdtv7D7mkcCl1jlfkdxm5BXB0jINodqCOFSqTIfadQIMb6jEKnimsVW"
+                "ktOLMDi2myguZBa66HKw8Xxj2FZAbeabUhBgPOWhD0wE3HUksSrvYCmgEwQfiWt113rpKMlD+wGeDgLl"
+                "fRyavw8/WlIpGdyZr922C";
+   /* RADIX 256 */
+   unsigned char gbin[] = { 0x02 };
+   unsigned char pbin[] = {
+      0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+      0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+      0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+      0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+      0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+      0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+      0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+      0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+      0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+      0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+      0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+      0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+      0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+      0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+      0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+      0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+   };
+   unsigned char xbin[] = {
+      0xA6, 0x68, 0x1A, 0xDC, 0x38, 0x6C, 0xE9, 0x44, 0xC3, 0xDE, 0xD9, 0xA7, 0x30, 0x1D, 0xCC, 0x9C,
+      0x51, 0x82, 0x50, 0xE3, 0xED, 0xB6, 0x2F, 0x95, 0x91, 0x98, 0xF8, 0xDC, 0x00, 0x57, 0xDD, 0x6F,
+      0xB5, 0x7A, 0xBA, 0xFD, 0x78, 0x81, 0x98, 0xB1
+   };
+   unsigned char ybin[] = {
+      0x39, 0x04, 0x66, 0x32, 0xC8, 0x34, 0x41, 0x8D, 0xFA, 0x07, 0xB3, 0x09, 0x15, 0x38, 0xB6, 0x14,
+      0xD1, 0xFB, 0x5D, 0xBB, 0x78, 0x5C, 0x0F, 0xBE, 0xA3, 0xB9, 0x8B, 0x29, 0x5B, 0xC0, 0xCD, 0x07,
+      0x6A, 0x88, 0xD9, 0x45, 0x21, 0x41, 0xA2, 0x69, 0xE8, 0xBA, 0xEB, 0x1D, 0xD6, 0x54, 0xEB, 0xA0,
+      0x3A, 0x57, 0x05, 0x31, 0x8D, 0x12, 0x97, 0x54, 0xCD, 0xF4, 0x00, 0x3A, 0x8C, 0x39, 0x92, 0x40,
+      0xFB, 0xB8, 0xF1, 0x62, 0x49, 0x0F, 0x6F, 0x0D, 0xC7, 0x0E, 0x41, 0x4B, 0x6F, 0xEE, 0x88, 0x08,
+      0x6A, 0xFA, 0xA4, 0x8E, 0x9F, 0x3A, 0x24, 0x8E, 0xDC, 0x09, 0x34, 0x52, 0x66, 0x3D, 0x34, 0xE0,
+      0xE8, 0x09, 0xD4, 0xF6, 0xBA, 0xDB, 0xB3, 0x6F, 0x80, 0xB6, 0x81, 0x3E, 0xBF, 0x7C, 0x32, 0x81,
+      0xB8, 0x62, 0x20, 0x9E, 0x56, 0x04, 0xBD, 0xEA, 0x8B, 0x8F, 0x5F, 0x7B, 0xFD, 0xC3, 0xEE, 0xB7,
+      0xAD, 0xB7, 0x30, 0x48, 0x28, 0x9B, 0xCE, 0xA0, 0xF5, 0xA5, 0xCD, 0xEE, 0x7D, 0xF9, 0x1C, 0xD1,
+      0xF0, 0xBA, 0x63, 0x2F, 0x06, 0xDB, 0xE9, 0xBA, 0x7E, 0xF0, 0x14, 0xB8, 0x4B, 0x02, 0xD4, 0x97,
+      0xCA, 0x7D, 0x0C, 0x60, 0xF7, 0x34, 0x75, 0x2A, 0x64, 0x9D, 0xA4, 0x96, 0x94, 0x6B, 0x4E, 0x53,
+      0x1B, 0x30, 0xD9, 0xF8, 0x2E, 0xDD, 0x85, 0x56, 0x36, 0xC0, 0xB0, 0xF2, 0xAE, 0x23, 0x2E, 0x41,
+      0x86, 0x45, 0x4E, 0x88, 0x87, 0xBB, 0x42, 0x3E, 0x32, 0xA5, 0xA2, 0x49, 0x5E, 0xAC, 0xBA, 0x99,
+      0x62, 0x0A, 0xCD, 0x03, 0xA3, 0x83, 0x45, 0xEB, 0xB6, 0x73, 0x5E, 0x62, 0x33, 0x0A, 0x8E, 0xE9,
+      0xAA, 0x6C, 0x83, 0x70, 0x41, 0x0F, 0x5C, 0xD4, 0x5A, 0xF3, 0x7E, 0xE9, 0x0A, 0x0D, 0xA9, 0x5B,
+      0xE9, 0x6F, 0xC9, 0x39, 0xE8, 0x8F, 0xE0, 0xBD, 0x2C, 0xD0, 0x9F, 0xC8, 0xF5, 0x24, 0x20, 0x8C
+   };
+
+   struct {
+     int radix;
+     void* g; int glen;
+     void* p; int plen;
+     void* x; int xlen;
+     void* y; int ylen;
+   } test[4] = {
+      { 256, gbin, sizeof(gbin),   pbin, sizeof(pbin),   xbin, sizeof(xbin),   ybin, sizeof(ybin)   },
+      { 16,  ghex, strlen(ghex)+1, phex, strlen(phex)+1, xhex, strlen(xhex)+1, yhex, strlen(yhex)+1 },
+      { 47,  gr47, strlen(gr47)+1, pr47, strlen(pr47)+1, xr47, strlen(xr47)+1, yr47, strlen(yr47)+1 },
+      { 64,  gr64, strlen(gr64)+1, pr64, strlen(pr64)+1, xr64, strlen(xr64)+1, yr64, strlen(yr64)+1 },
+   };
+   int i, j;
+   unsigned char key_parts[4][256];
+   unsigned long key_lens[4];
+
+   for (i = 1; i < 4; i++) {
+      for (j = 0; j < 4; ++j) {
+         key_lens[j] = sizeof(key_parts[j]);
+      }
+      DO(radix_to_bin(test[i].x, test[i].radix, key_parts[0], &key_lens[0]));
+      DO(radix_to_bin(test[i].y, test[i].radix, key_parts[1], &key_lens[1]));
+      DO(radix_to_bin(test[i].p, test[i].radix, key_parts[2], &key_lens[2]));
+      DO(radix_to_bin(test[i].g, test[i].radix, key_parts[3], &key_lens[3]));
+
+      if (compare_testvector(key_parts[0], key_lens[0], test[0].x, test[0].xlen, "radix_to_bin(x)", i)) return CRYPT_FAIL_TESTVECTOR;
+      if (compare_testvector(key_parts[1], key_lens[1], test[0].y, test[0].ylen, "radix_to_bin(y)", i)) return CRYPT_FAIL_TESTVECTOR;
+      if (compare_testvector(key_parts[2], key_lens[2], test[0].p, test[0].plen, "radix_to_bin(p)", i)) return CRYPT_FAIL_TESTVECTOR;
+      if (compare_testvector(key_parts[3], key_lens[3], test[0].g, test[0].glen, "radix_to_bin(g)", i)) return CRYPT_FAIL_TESTVECTOR;
+   }
+   return CRYPT_OK;
+}
+
+int mpi_test(void)
+{
+   return _radix_to_bin_test();
+}
+#else
+int mpi_test(void)
+{
+   return CRYPT_NOP;
+}
+#endif
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

tests/rsa_test.c

@@ -112,25 +112,26 @@ static const unsigned char pkcs8_private_rsa[] = {
    0xf1, 0x4a, 0x21, 0x56, 0x67, 0xfd, 0xcc, 0x20, 0xa3, 0x8f, 0x78, 0x18, 0x5a, 0x79, 0x3d, 0x2e,
    0x8e, 0x7e, 0x86, 0x0a, 0xe6, 0xa8, 0x33, 0xc1, 0x04, 0x17, 0x4a, 0x9f };
 
-/* private keay - hexadecimal */
-static char *hex_d = "C862B9EADE44531D5697D9979E1ACF301E0A8845862930A34D9F616573E0D6878FB6F306A382DC7CACFE9B289AAEFDFBFE2F0ED89704E3BB1FD1EC0DBAA3497F47AC8A44047E86B739423FAD1EB70EA551F440631EFDBDEA9F419FA8901D6F0A5A9513110D80AF5F64988A2C786865B02B8BA25387CAF16404ABF27BDB83C881";
-static char *hex_dP = "6DEBC32D2EF05EA488310529008AD195299B83CF75DB31E37A27DE3A74300C764CD4502A402D39D99963A95D80AE53CA943F05231EF80504E1B835F217B3A089";
-static char *hex_dQ = "AB9088FA600829509A438BA050CCD85AFE976463717422A320025ACFEBC6169554D1CBAB8D1AC600FA08929C71D552523596714B8B920CD0E9BFAD630BA5E9B1";
-static char *hex_e  = "010001";
-static char *hex_N  = "CF9ADE648ADAC83320A9D783311954B29A85A7A1B77533B6A9AC8424B3DEDB7D852D9665E53F7295249F2868CA4FDB441C3E60128ADD26A5EBFF0B5ED48838492A6E5BBF123747BD056BBCDBF3EEE4118E41687C6113D742C880BE368FDC088B4FACA4E2760CC9636C495893EDCCAADC253B0A603F8B543AC34D31E794A444FD";
-static char *hex_p  = "F7BE5E23C3323FBF8B8E3AEEFCFCCBE5F7F10BBC4282AED57A3ECAF7D5693F6425A21FB77575059242EBB8F1F30A05E394D1557835A036A09B7C92846CDDDC4D";
-static char *hex_q  = "D6860E85420B0408842160F00E0D88FD1E3610654F1E53B40872805C3F596617E698F2E96C7A064CAC763DED8CA1CEAD1BBDB47D28BCE30E388D99D805B5A371";
-static char *hex_qP = "DCCC27C8E4DC6248D59BAFF5AB60F621FD53E2B75D09C91AA104A9FC612C5D04583A5A39F14A215667FDCC20A38F78185A793D2E8E7E860AE6A833C104174A9F";
-
-/* private keay - decimal */
-static char *dec_d  = "140715588362011445903700789698620706303856890313846506579552319155852306603445626455616876267358538338151320072087950597426668358843246116141391746806252390039505422193715556188330352166601762210959618868365359433828069868584168017348772565936127608284367789455480066115411950431014508224203325089671253575809";
-static char *dec_dP = "5757027123463051531073361217943880203685183318942602176865989327630429772398553254013771630974725523559703665512845231173916766336576994271809362147385481";
-static char *dec_dQ = "8985566687080619280443708121716583572314829758991088624433980393739288226842152842353421251125477168722728289150354056572727675764519591179919295246625201";
-static char *dec_e  = "65537";
-static char *dec_N  = "145785157837445763858971808379627955816432214431353481009581718367907499729204464589803079767521523397316119124291441688063985017444589154155338311524887989148444674974298105211582428885045820631376256167593861203305479546421254276833052913791538765775697977909548553897629170045372476652935456198173974086909";
-static char *dec_p  = "12975386429272921390465467849934248466500992474501042673679976015025637113752114471707151502138750486193421113099777767227628554763059580218432153760685133";
-static char *dec_q  = "11235515692122231999359687466333538198133993435121038200055897831921312127192760781281669977582095991578071163376390471936482431583372835883432943212143473";
-static char *dec_qP = "11564102464723136702427739477324729528451027211272900753079601723449664482225846595388433622640284454614991112736446376964904474099700895632145077333609119";
+/* private key - hexadecimal */
+enum {
+   pk_d ,
+   pk_dP,
+   pk_dQ,
+   pk_e ,
+   pk_N ,
+   pk_p ,
+   pk_q ,
+   pk_qP,
+};
+static const char *hex_key[] = {
+     "C862B9EADE44531D5697D9979E1ACF301E0A8845862930A34D9F616573E0D6878FB6F306A382DC7CACFE9B289AAEFDFBFE2F0ED89704E3BB1FD1EC0DBAA3497F47AC8A44047E86B739423FAD1EB70EA551F440631EFDBDEA9F419FA8901D6F0A5A9513110D80AF5F64988A2C786865B02B8BA25387CAF16404ABF27BDB83C881",
+     "6DEBC32D2EF05EA488310529008AD195299B83CF75DB31E37A27DE3A74300C764CD4502A402D39D99963A95D80AE53CA943F05231EF80504E1B835F217B3A089",
+     "AB9088FA600829509A438BA050CCD85AFE976463717422A320025ACFEBC6169554D1CBAB8D1AC600FA08929C71D552523596714B8B920CD0E9BFAD630BA5E9B1",
+     "010001",
+     "CF9ADE648ADAC83320A9D783311954B29A85A7A1B77533B6A9AC8424B3DEDB7D852D9665E53F7295249F2868CA4FDB441C3E60128ADD26A5EBFF0B5ED48838492A6E5BBF123747BD056BBCDBF3EEE4118E41687C6113D742C880BE368FDC088B4FACA4E2760CC9636C495893EDCCAADC253B0A603F8B543AC34D31E794A444FD",
+     "F7BE5E23C3323FBF8B8E3AEEFCFCCBE5F7F10BBC4282AED57A3ECAF7D5693F6425A21FB77575059242EBB8F1F30A05E394D1557835A036A09B7C92846CDDDC4D",
+     "D6860E85420B0408842160F00E0D88FD1E3610654F1E53B40872805C3F596617E698F2E96C7A064CAC763DED8CA1CEAD1BBDB47D28BCE30E388D99D805B5A371",
+     "DCCC27C8E4DC6248D59BAFF5AB60F621FD53E2B75D09C91AA104A9FC612C5D04583A5A39F14A215667FDCC20A38F78185A793D2E8E7E860AE6A833C104174A9F" };
 
 /*** openssl public RSA key in DER format */
 static const unsigned char openssl_public_rsa[] = {
@@ -180,9 +181,9 @@ extern const unsigned long _der_tests_cacert_root_cert_size;
 static int rsa_compat_test(void)
 {
    rsa_key key, pubkey;
-   int stat;
-   unsigned char buf[1024];
-   unsigned long len;
+   int stat, i;
+   unsigned char buf[1024], key_parts[8][128];
+   unsigned long len, key_lens[8];
 
    /* try reading the key */
    DO(rsa_import(openssl_private_rsa, sizeof(openssl_private_rsa), &key));
@@ -206,15 +207,13 @@ static int rsa_compat_test(void)
    /* now try to export private/public and compare */
    len = sizeof(buf);
    DO(rsa_export(buf, &len, PK_PRIVATE, &key));
-   if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
-      fprintf(stderr, "RSA private export failed to match OpenSSL output, %lu, %lu\n", len, (unsigned long)sizeof(openssl_private_rsa));
+   if (compare_testvector(buf, len, openssl_private_rsa, sizeof(openssl_private_rsa), "RSA private export (from OpenSSL)", 0)) {
       return 1;
    }
 
    len = sizeof(buf);
    DO(rsa_export(buf, &len, PK_PUBLIC, &key));
-   if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
-      fprintf(stderr, "RSA(private) public export failed to match OpenSSL output\n");
+   if (compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from OpenSSL private key)", 0)) {
       return 1;
    }
    rsa_free(&key);
@@ -223,8 +222,7 @@ static int rsa_compat_test(void)
    DO(rsa_import(openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), &key));
    len = sizeof(buf);
    DO(rsa_export(buf, &len, PK_PUBLIC, &key));
-   if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
-      fprintf(stderr, "RSA(public) stripped public import failed to match OpenSSL output\n");
+   if (compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from stripped OpenSSL)", 0)) {
       return 1;
    }
    rsa_free(&key);
@@ -233,8 +231,7 @@ static int rsa_compat_test(void)
    DO(rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &key));
    len = sizeof(buf);
    DO(rsa_export(buf, &len, PK_PUBLIC, &key));
-   if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
-      fprintf(stderr, "RSA(public) SSL public import failed to match OpenSSL output\n");
+   if (compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from OpenSSL)", 0)) {
       return 1;
    }
    rsa_free(&key);
@@ -243,48 +240,32 @@ static int rsa_compat_test(void)
    DO(rsa_import_pkcs8(pkcs8_private_rsa, sizeof(pkcs8_private_rsa), NULL, 0, &key));
    len = sizeof(buf);
    DO(rsa_export(buf, &len, PK_PRIVATE, &key));
-   if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
-      fprintf(stderr, "RSA private export failed to match rsa_import_pkcs8\n");
+   if (compare_testvector(buf, len, openssl_private_rsa, sizeof(openssl_private_rsa), "RSA private export (from PKCS#8)", 0)) {
       return 1;
    }
    rsa_free(&key);
 
-   /* try import private key from raw hexadecimal numbers */
-   DO(rsa_import_radix(16, hex_N, hex_e, hex_d, hex_p, hex_q, hex_dP, hex_dQ, hex_qP, &key));
-   len = sizeof(buf);
-   DO(rsa_export(buf, &len, PK_PRIVATE, &key));
-   if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
-      fprintf(stderr, "RSA private export failed to match rsa_import_radix(16, ..)\n");
-      return 1;
+   /* convert raw hexadecimal numbers to binary */
+   for (i = 0; i < 8; ++i) {
+      key_lens[i] = sizeof(key_parts[i]);
+      DO(radix_to_bin(hex_key[i], 16, key_parts[i], &key_lens[i]));
    }
-   rsa_free(&key);
-
-   /* try import private key from raw decimal numbers */
-   DO(rsa_import_radix(10, dec_N, dec_e, dec_d, dec_p, dec_q, dec_dP, dec_dQ, dec_qP, &key));
+   /* try import private key from converted raw hexadecimal numbers */
+   DO(rsa_set_key(key_parts[pk_N], key_lens[pk_N], key_parts[pk_e], key_lens[pk_e], key_parts[pk_d], key_lens[pk_d], &key));
+   DO(rsa_set_factors(key_parts[pk_p], key_lens[pk_p], key_parts[pk_q], key_lens[pk_q], &key));
+   DO(rsa_set_crt_params(key_parts[pk_dP], key_lens[pk_dP], key_parts[pk_dQ], key_lens[pk_dQ], key_parts[pk_qP], key_lens[pk_qP], &key));
    len = sizeof(buf);
    DO(rsa_export(buf, &len, PK_PRIVATE, &key));
-   if (len != sizeof(openssl_private_rsa) || memcmp(buf, openssl_private_rsa, len)) {
-      fprintf(stderr, "RSA private export failed to match rsa_import_radix(10, ..)\n");
-      return 1;
-   }
-   rsa_free(&key);
-
-   /* try import public key from raw hexadecimal numbers */
-   DO(rsa_import_radix(16, hex_N, hex_e, NULL, NULL, NULL, NULL, NULL, NULL, &key));
-   len = sizeof(buf);
-   DO(rsa_export(buf, &len, PK_PUBLIC, &key));
-   if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
-      fprintf(stderr, "RSA public export failed to match rsa_import_radix(16, ..)\n");
+   if (compare_testvector(buf, len, openssl_private_rsa, sizeof(openssl_private_rsa), "RSA private export (from hex)", 0)) {
       return 1;
    }
    rsa_free(&key);
 
-   /* try import public key from raw decimal numbers */
-   DO(rsa_import_radix(10, dec_N, dec_e, NULL, NULL, NULL, NULL, NULL, NULL, &key));
+   /* try import public key from converted raw hexadecimal numbers */
+   DO(rsa_set_key(key_parts[pk_N], key_lens[pk_N], key_parts[pk_e], key_lens[pk_e], NULL, 0, &key));
    len = sizeof(buf);
    DO(rsa_export(buf, &len, PK_PUBLIC, &key));
-   if (len != sizeof(openssl_public_rsa_stripped) || memcmp(buf, openssl_public_rsa_stripped, len)) {
-      fprintf(stderr, "RSA public export failed to match rsa_import_radix(10, ..)\n");
+   if (compare_testvector(buf, len, openssl_public_rsa_stripped, sizeof(openssl_public_rsa_stripped), "RSA public export (from hex)", 0)) {
       return 1;
    }
    rsa_free(&key);

tests/test.c

@@ -24,6 +24,7 @@ static const test_function test_functions[] =
       LTC_TEST_FN(store_test),
       LTC_TEST_FN(rotate_test),
       LTC_TEST_FN(misc_test),
+      LTC_TEST_FN(mpi_test),
       LTC_TEST_FN(cipher_hash_test),
       LTC_TEST_FN(mac_test),
       LTC_TEST_FN(modes_test),

tests/tomcrypt_test.h

@@ -60,6 +60,7 @@ int base64_test(void);
 int file_test(void);
 int multi_test(void);
 int prng_test(void);
+int mpi_test(void);
 
 #ifdef LTC_PKCS_1
 struct ltc_prng_descriptor* no_prng_desc_get(void);