Remove katja

demos/timing.c

@@ -821,78 +821,6 @@ static void time_rsa(void)
 static void time_rsa(void) { fprintf(stderr, "NO RSA\n"); }
 #endif
 
-#if defined(LTC_MKAT)
-/* time various KAT operations */
-static void time_katja(void)
-{
-   katja_key key;
-   ulong64 t1, t2;
-   unsigned char buf[2][4096];
-   unsigned long x, y, z, zzz;
-   int           err, zz;
-
-   if (ltc_mp.name == NULL) return;
-
-   for (x = 1024; x <= 2048; x += 256) {
-       t2 = 0;
-       for (y = 0; y < 4; y++) {
-           t_start();
-           t1 = t_read();
-           if ((err = katja_make_key(&yarrow_prng, find_prng("yarrow"), x/8, &key)) != CRYPT_OK) {
-              fprintf(stderr, "\n\nkatja_make_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
-              exit(EXIT_FAILURE);
-           }
-           t1 = t_read() - t1;
-           t2 += t1;
-
-           if (y < 3) {
-              katja_free(&key);
-           }
-       }
-       t2 >>= 2;
-       fprintf(stderr, "Katja-%lu make_key    took %15"PRI64"u cycles\n", x, t2);
-
-       t2 = 0;
-       for (y = 0; y < 16; y++) {
-           t_start();
-           t1 = t_read();
-           z = sizeof(buf[1]);
-           if ((err = katja_encrypt_key(buf[0], 32, buf[1], &z, "testprog", 8, &yarrow_prng,
-                                      find_prng("yarrow"), find_hash("sha1"),
-                                      &key)) != CRYPT_OK) {
-              fprintf(stderr, "\n\nkatja_encrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
-              exit(EXIT_FAILURE);
-           }
-           t1 = t_read() - t1;
-           t2 += t1;
-       }
-       t2 >>= 4;
-       fprintf(stderr, "Katja-%lu encrypt_key took %15"PRI64"u cycles\n", x, t2);
-
-       t2 = 0;
-       for (y = 0; y < 2048; y++) {
-           t_start();
-           t1 = t_read();
-           zzz = sizeof(buf[0]);
-           if ((err = katja_decrypt_key(buf[1], z, buf[0], &zzz, "testprog", 8,  find_hash("sha1"),
-                                      &zz, &key)) != CRYPT_OK) {
-              fprintf(stderr, "\n\nkatja_decrypt_key says %s, wait...no it should say %s...damn you!\n", error_to_string(err), error_to_string(CRYPT_OK));
-              exit(EXIT_FAILURE);
-           }
-           t1 = t_read() - t1;
-           t2 += t1;
-       }
-       t2 >>= 11;
-       fprintf(stderr, "Katja-%lu decrypt_key took %15"PRI64"u cycles\n", x, t2);
-
-
-       katja_free(&key);
-  }
-}
-#else
-static void time_katja(void) { fprintf(stderr, "NO Katja\n"); }
-#endif
-
 #if defined(LTC_MDH)
 /* time various DH operations */
 static void time_dh(void)
@@ -1424,7 +1352,6 @@ const struct
    LTC_TEST_FN(time_dsa),
    LTC_TEST_FN(time_ecc),
    LTC_TEST_FN(time_dh),
-   LTC_TEST_FN(time_katja)
 };
 char *single_test = NULL;
 unsigned int i;

src/headers/tomcrypt_custom.h

@@ -425,9 +425,6 @@
 #define LTC_DH8192
 #endif
 
-/* Include Katja (a Rabin variant like RSA) */
-/* #define LTC_MKAT */
-
 /* Digital Signature Algorithm */
 #define LTC_MDSA
 
@@ -548,7 +545,7 @@
    #endif
 #endif
 
-#if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT)
+#if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA)
    /* Include the MPI functionality?  (required by the PK algorithms) */
    #define LTC_MPI
 
@@ -578,7 +575,7 @@
    #error ASN.1 DER requires MPI functionality
 #endif
 
-#if (defined(LTC_MDSA) || defined(LTC_MRSA) || defined(LTC_MECC) || defined(LTC_MKAT)) && !defined(LTC_DER)
+#if (defined(LTC_MDSA) || defined(LTC_MRSA) || defined(LTC_MECC)) && !defined(LTC_DER)
    #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled
 #endif
 

src/headers/tomcrypt_pk.h

@@ -126,61 +126,6 @@ int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen,
                        rsa_key *key);
 #endif
 
-/* ---- Katja ---- */
-#ifdef LTC_MKAT
-
-/* Min and Max KAT key sizes (in bits) */
-#define MIN_KAT_SIZE 1024
-#define MAX_KAT_SIZE 4096
-
-/** Katja PKCS style key */
-typedef struct KAT_key {
-    /** Type of key, PK_PRIVATE or PK_PUBLIC */
-    int type;
-    /** The private exponent */
-    void *d;
-    /** The modulus */
-    void *N;
-    /** The p factor of N */
-    void *p;
-    /** The q factor of N */
-    void *q;
-    /** The 1/q mod p CRT param */
-    void *qP;
-    /** The d mod (p - 1) CRT param */
-    void *dP;
-    /** The d mod (q - 1) CRT param */
-    void *dQ;
-    /** The pq param */
-    void *pq;
-} katja_key;
-
-int katja_make_key(prng_state *prng, int wprng, int size, katja_key *key);
-
-int katja_exptmod(const unsigned char *in,   unsigned long inlen,
-                        unsigned char *out,  unsigned long *outlen, int which,
-                        katja_key *key);
-
-void katja_free(katja_key *key);
-
-/* These use PKCS #1 v2.0 padding */
-int katja_encrypt_key(const unsigned char *in,     unsigned long inlen,
-                            unsigned char *out,    unsigned long *outlen,
-                      const unsigned char *lparam, unsigned long lparamlen,
-                      prng_state *prng, int prng_idx, int hash_idx, katja_key *key);
-
-int katja_decrypt_key(const unsigned char *in,       unsigned long inlen,
-                            unsigned char *out,      unsigned long *outlen,
-                      const unsigned char *lparam,   unsigned long lparamlen,
-                            int            hash_idx, int *stat,
-                            katja_key       *key);
-
-/* PKCS #1 import/export */
-int katja_export(unsigned char *out, unsigned long *outlen, int type, katja_key *key);
-int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key);
-
-#endif
-
 /* ---- DH Routines ---- */
 #ifdef LTC_MDH
 

src/misc/crypt/crypt.c

@@ -353,9 +353,6 @@ const char *crypt_build_settings =
 #if defined(LTC_MDSA)
     "   DSA\n"
 #endif
-#if defined(LTC_MKAT)
-    "   Katja\n"
-#endif
 #if defined(LTC_PK_MAX_RETRIES)
     "   "NAME_VALUE(LTC_PK_MAX_RETRIES)"\n"
 #endif

src/misc/crypt/crypt_constants.c

@@ -96,14 +96,6 @@ static const crypt_constant _crypt_constants[] = {
     {"LTC_MRSA", 0},
 #endif
 
-#ifdef LTC_MKAT
-    {"LTC_MKAT", 1},
-    _C_STRINGIFY(MIN_KAT_SIZE),
-    _C_STRINGIFY(MAX_KAT_SIZE),
-#else
-    {"LTC_MKAT", 0},
-#endif
-
 #ifdef LTC_MECC
     {"LTC_MECC", 1},
     _C_STRINGIFY(ECC_BUF_SIZE),

src/misc/crypt/crypt_sizes.c

@@ -249,9 +249,6 @@ static const crypt_size _crypt_sizes[] = {
     _SZ_STRINGIFY_T(ecc_point),
     _SZ_STRINGIFY_T(ecc_key),
 #endif
-#ifdef LTC_MKAT
-    _SZ_STRINGIFY_T(katja_key),
-#endif
 
     /* DER handling */
 #ifdef LTC_DER

src/pk/katja/katja_decrypt_key.c

@@ -1,103 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt_private.h"
-
-/**
-  @file katja_decrypt_key.c
-  Katja PKCS #1 OAEP Decryption, Tom St Denis
-*/
-
-#ifdef LTC_MKAT
-
-/**
-   (PKCS #1 v2.0) decrypt then OAEP depad
-   @param in          The ciphertext
-   @param inlen       The length of the ciphertext (octets)
-   @param out         [out] The plaintext
-   @param outlen      [in/out] The max size and resulting size of the plaintext (octets)
-   @param lparam      The system "lparam" value
-   @param lparamlen   The length of the lparam value (octets)
-   @param hash_idx    The index of the hash desired
-   @param stat        [out] Result of the decryption, 1==valid, 0==invalid
-   @param key         The corresponding private Katja key
-   @return CRYPT_OK if succcessul (even if invalid)
-*/
-int katja_decrypt_key(const unsigned char *in,       unsigned long  inlen,
-                          unsigned char *out,      unsigned long *outlen,
-                    const unsigned char *lparam,   unsigned long  lparamlen,
-                          int            hash_idx, int           *stat,
-                          katja_key       *key)
-{
-  unsigned long modulus_bitlen, modulus_bytelen, x;
-  int           err;
-  unsigned char *tmp;
-
-  LTC_ARGCHK(out    != NULL);
-  LTC_ARGCHK(outlen != NULL);
-  LTC_ARGCHK(key    != NULL);
-  LTC_ARGCHK(stat   != NULL);
-
-  /* default to invalid */
-  *stat = 0;
-
-  /* valid hash ? */
-  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
-     return err;
-  }
-
-  /* get modulus len in bits */
-  modulus_bitlen = mp_count_bits( (key->N));
-
-  /* payload is upto pq, so we know q is 1/3rd the size of N and therefore pq is 2/3th the size */
- modulus_bitlen = ((modulus_bitlen << 1) / 3);
-
-  /* round down to next byte */
-  modulus_bitlen -= (modulus_bitlen & 7) + 8;
-
-  /* outlen must be at least the size of the modulus */
-  modulus_bytelen = mp_unsigned_bin_size( (key->N));
-  if (modulus_bytelen != inlen) {
-     return CRYPT_INVALID_PACKET;
-  }
-
-  /* allocate ram */
-  tmp = XMALLOC(inlen);
-  if (tmp == NULL) {
-     return CRYPT_MEM;
-  }
-
-  /* rsa decode the packet */
-  x = inlen;
-  if ((err = katja_exptmod(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) {
-     XFREE(tmp);
-     return err;
-  }
-
-  /* shift right by modulus_bytelen - modulus_bitlen/8  bytes */
-  for (x = 0; x < (modulus_bitlen >> 3); x++) {
-     tmp[x] = tmp[x+(modulus_bytelen-(modulus_bitlen>>3))];
-  }
-
-  /* now OAEP decode the packet */
-  err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
-                           out, outlen, stat);
-
-  XFREE(tmp);
-  return err;
-}
-
-#endif /* LTC_MRSA */
-
-
-
-
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/katja/katja_encrypt_key.c

@@ -1,85 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt_private.h"
-
-/**
-  @file katja_encrypt_key.c
-  Katja PKCS-style OAEP encryption, Tom St Denis
-*/
-
-#ifdef LTC_MKAT
-
-/**
-    (PKCS #1 v2.0) OAEP pad then encrypt
-    @param in          The plaintext
-    @param inlen       The length of the plaintext (octets)
-    @param out         [out] The ciphertext
-    @param outlen      [in/out] The max size and resulting size of the ciphertext
-    @param lparam      The system "lparam" for the encryption
-    @param lparamlen   The length of lparam (octets)
-    @param prng        An active PRNG
-    @param prng_idx    The index of the desired prng
-    @param hash_idx    The index of the desired hash
-    @param key         The Katja key to encrypt to
-    @return CRYPT_OK if successful
-*/
-int katja_encrypt_key(const unsigned char *in,     unsigned long inlen,
-                          unsigned char *out,    unsigned long *outlen,
-                    const unsigned char *lparam, unsigned long lparamlen,
-                    prng_state *prng, int prng_idx, int hash_idx, katja_key *key)
-{
-  unsigned long modulus_bitlen, modulus_bytelen, x;
-  int           err;
-
-  LTC_ARGCHK(in     != NULL);
-  LTC_ARGCHK(out    != NULL);
-  LTC_ARGCHK(outlen != NULL);
-  LTC_ARGCHK(key    != NULL);
-
-  /* valid prng and hash ? */
-  if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
-     return err;
-  }
-  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
-     return err;
-  }
-
-  /* get modulus len in bits */
-  modulus_bitlen = mp_count_bits((key->N));
-
-  /* payload is upto pq, so we know q is 1/3rd the size of N and therefore pq is 2/3th the size */
-  modulus_bitlen = ((modulus_bitlen << 1) / 3);
-
-  /* round down to next byte */
-  modulus_bitlen -= (modulus_bitlen & 7) + 8;
-
-  /* outlen must be at least the size of the modulus */
-  modulus_bytelen = mp_unsigned_bin_size((key->N));
-  if (modulus_bytelen > *outlen) {
-     *outlen = modulus_bytelen;
-     return CRYPT_BUFFER_OVERFLOW;
-  }
-
-  /* OAEP pad the key */
-  x = *outlen;
-  if ((err = pkcs_1_oaep_encode(in, inlen, lparam,
-                                lparamlen, modulus_bitlen, prng, prng_idx, hash_idx,
-                                out, &x)) != CRYPT_OK) {
-     return err;
-  }
-
-  /* Katja exptmod the OAEP pad */
-  return katja_exptmod(out, x, out, outlen, PK_PUBLIC, key);
-}
-
-#endif /* LTC_MRSA */
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/katja/katja_export.c

@@ -1,73 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt_private.h"
-
-/**
-  @file katja_export.c
-  Export Katja PKCS-style keys, Tom St Denis
-*/
-
-#ifdef LTC_MKAT
-
-/**
-    This will export either an KatjaPublicKey or KatjaPrivateKey
-    @param out       [out] Destination of the packet
-    @param outlen    [in/out] The max size and resulting size of the packet
-    @param type      The type of exported key (PK_PRIVATE or PK_PUBLIC)
-    @param key       The Katja key to export
-    @return CRYPT_OK if successful
-*/
-int katja_export(unsigned char *out, unsigned long *outlen, int type, katja_key *key)
-{
-   int           err;
-   unsigned long zero=0;
-
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
-
-   /* type valid? */
-   if (!(key->type == PK_PRIVATE) && (type == PK_PRIVATE)) {
-      return CRYPT_PK_INVALID_TYPE;
-   }
-
-   if (type == PK_PRIVATE) {
-      /* private key */
-      /* output is
-            Version, n, d, p, q, d mod (p-1), d mod (q - 1), 1/q mod p, pq
-       */
-      if ((err = der_encode_sequence_multi(out, outlen,
-                          LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
-                          LTC_ASN1_INTEGER, 1UL,  key->N,
-                          LTC_ASN1_INTEGER, 1UL,  key->d,
-                          LTC_ASN1_INTEGER, 1UL,  key->p,
-                          LTC_ASN1_INTEGER, 1UL,  key->q,
-                          LTC_ASN1_INTEGER, 1UL,  key->dP,
-                          LTC_ASN1_INTEGER, 1UL,  key->dQ,
-                          LTC_ASN1_INTEGER, 1UL,  key->qP,
-                          LTC_ASN1_INTEGER, 1UL,  key->pq,
-                          LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
-         return err;
-      }
-
-      /* clear zero and return */
-      return CRYPT_OK;
-   } else {
-      /* public key */
-      return der_encode_sequence_multi(out, outlen,
-                                 LTC_ASN1_INTEGER, 1UL, key->N,
-                                 LTC_ASN1_EOL,     0UL, NULL);
-   }
-}
-
-#endif /* LTC_MRSA */
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/katja/katja_exptmod.c

@@ -1,113 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt_private.h"
-
-/**
-  @file katja_exptmod.c
-  Katja PKCS-style exptmod, Tom St Denis
-*/
-
-#ifdef LTC_MKAT
-
-/**
-   Compute an RSA modular exponentiation
-   @param in         The input data to send into RSA
-   @param inlen      The length of the input (octets)
-   @param out        [out] The destination
-   @param outlen     [in/out] The max size and resulting size of the output
-   @param which      Which exponent to use, e.g. PK_PRIVATE or PK_PUBLIC
-   @param key        The RSA key to use
-   @return CRYPT_OK if successful
-*/
-int katja_exptmod(const unsigned char *in,   unsigned long inlen,
-                        unsigned char *out,  unsigned long *outlen, int which,
-                        katja_key *key)
-{
-   void         *tmp, *tmpa, *tmpb;
-   unsigned long x;
-   int           err;
-
-   LTC_ARGCHK(in     != NULL);
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
-
-   /* is the key of the right type for the operation? */
-   if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) {
-      return CRYPT_PK_NOT_PRIVATE;
-   }
-
-   /* must be a private or public operation */
-   if (which != PK_PRIVATE && which != PK_PUBLIC) {
-      return CRYPT_PK_INVALID_TYPE;
-   }
-
-   /* init and copy into tmp */
-   if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != CRYPT_OK)                                    { return err; }
-   if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK)                 { goto error; }
-
-   /* sanity check on the input */
-   if (mp_cmp(key->N, tmp) == LTC_MP_LT) {
-      err = CRYPT_PK_INVALID_SIZE;
-      goto done;
-   }
-
-   /* are we using the private exponent and is the key optimized? */
-   if (which == PK_PRIVATE) {
-      /* tmpa = tmp^dP mod p */
-      if ((err = mp_exptmod(tmp, key->dP, key->p, tmpa)) != CRYPT_OK)                               { goto error; }
-
-      /* tmpb = tmp^dQ mod q */
-      if ((err = mp_exptmod(tmp, key->dQ, key->q, tmpb)) != CRYPT_OK)                               { goto error; }
-
-      /* tmp = (tmpa - tmpb) * qInv (mod p) */
-      if ((err = mp_sub(tmpa, tmpb, tmp)) != CRYPT_OK)                                              { goto error; }
-      if ((err = mp_mulmod(tmp, key->qP, key->p, tmp)) != CRYPT_OK)                                 { goto error; }
-
-      /* tmp = tmpb + q * tmp */
-      if ((err = mp_mul(tmp, key->q, tmp)) != CRYPT_OK)                                             { goto error; }
-      if ((err = mp_add(tmp, tmpb, tmp)) != CRYPT_OK)                                               { goto error; }
-   } else {
-      /* exptmod it */
-      if ((err = mp_exptmod(tmp, key->N, key->N, tmp)) != CRYPT_OK)                                 { goto error; }
-   }
-
-   /* read it back */
-   x = (unsigned long)mp_unsigned_bin_size(key->N);
-   if (x > *outlen) {
-      *outlen = x;
-      err = CRYPT_BUFFER_OVERFLOW;
-      goto done;
-   }
-
-   /* this should never happen ... */
-   if (mp_unsigned_bin_size(tmp) > mp_unsigned_bin_size(key->N)) {
-      err = CRYPT_ERROR;
-      goto done;
-   }
-   *outlen = x;
-
-   /* convert it */
-   zeromem(out, x);
-   if ((err = mp_to_unsigned_bin(tmp, out+(x-mp_unsigned_bin_size(tmp)))) != CRYPT_OK)               { goto error; }
-
-   /* clean up and return */
-   err = CRYPT_OK;
-   goto done;
-error:
-done:
-   mp_clear_multi(tmp, tmpa, tmpb, NULL);
-   return err;
-}
-
-#endif
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/katja/katja_free.c

@@ -1,33 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt_private.h"
-
-/**
-  @file katja_free.c
-  Free an Katja key, Tom St Denis
-*/
-
-#ifdef LTC_MKAT
-
-/**
-  Free an Katja key from memory
-  @param key   The RSA key to free
-*/
-void katja_free(katja_key *key)
-{
-   LTC_ARGCHK(key != NULL);
-   mp_clear_multi( key->d,  key->N,  key->dQ,  key->dP,
-                   key->qP,  key->p,  key->q, key->pq, NULL);
-}
-
-#endif
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/katja/katja_import.c

@@ -1,79 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt_private.h"
-
-/**
-  @file katja_import.c
-  Import a PKCS-style Katja key, Tom St Denis
-*/
-
-#ifdef LTC_MKAT
-
-/**
-  Import an KatjaPublicKey or KatjaPrivateKey [two-prime only, only support >= 1024-bit keys, defined in PKCS #1 v2.1]
-  @param in      The packet to import from
-  @param inlen   It's length (octets)
-  @param key     [out] Destination for newly imported key
-  @return CRYPT_OK if successful, upon error allocated memory is freed
-*/
-int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key)
-{
-   int           err;
-   void         *zero;
-
-   LTC_ARGCHK(in  != NULL);
-   LTC_ARGCHK(key != NULL);
-   LTC_ARGCHK(ltc_mp.name != NULL);
-
-   /* init key */
-   if ((err = mp_init_multi(&zero, &key->d, &key->N, &key->dQ,
-                            &key->dP, &key->qP, &key->p, &key->q, &key->pq, NULL)) != CRYPT_OK) {
-      return err;
-   }
-
-   if ((err = der_decode_sequence_multi(in, inlen,
-                                  LTC_ASN1_INTEGER, 1UL, key->N,
-                                  LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-
-   if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) {
-      /* it's a private key */
-      if ((err = der_decode_sequence_multi(in, inlen,
-                          LTC_ASN1_INTEGER, 1UL, zero,
-                          LTC_ASN1_INTEGER, 1UL, key->N,
-                          LTC_ASN1_INTEGER, 1UL, key->d,
-                          LTC_ASN1_INTEGER, 1UL, key->p,
-                          LTC_ASN1_INTEGER, 1UL, key->q,
-                          LTC_ASN1_INTEGER, 1UL, key->dP,
-                          LTC_ASN1_INTEGER, 1UL, key->dQ,
-                          LTC_ASN1_INTEGER, 1UL, key->qP,
-                          LTC_ASN1_INTEGER, 1UL, key->pq,
-                          LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
-         goto LBL_ERR;
-      }
-      key->type = PK_PRIVATE;
-   } else {
-      /* public we have N */
-      key->type = PK_PUBLIC;
-   }
-   mp_clear(zero);
-   return CRYPT_OK;
-LBL_ERR:
-   mp_clear_multi(zero,    key->d, key->N, key->dQ, key->dP,
-                  key->qP, key->p, key->q, key->pq, NULL);
-   return err;
-}
-
-#endif /* LTC_MRSA */
-
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

src/pk/katja/katja_make_key.c

@@ -1,99 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include "tomcrypt_private.h"
-
-/**
-  @file katja_make_key.c
-  Katja key generation, Tom St Denis
-*/
-
-#ifdef LTC_MKAT
-
-/**
-   Create a Katja key
-   @param prng     An active PRNG state
-   @param wprng    The index of the PRNG desired
-   @param size     The size of the modulus (key size) desired (octets)
-   @param key      [out] Destination of a newly created private key pair
-   @return CRYPT_OK if successful, upon error all allocated ram is freed
-*/
-int katja_make_key(prng_state *prng, int wprng, int size, katja_key *key)
-{
-   void *p, *q, *tmp1, *tmp2;
-   int    err;
-
-   LTC_ARGCHK(key != NULL);
-   LTC_ARGCHK(ltc_mp.name != NULL);
-
-   if ((size < (MIN_KAT_SIZE/8)) || (size > (MAX_KAT_SIZE/8))) {
-      return CRYPT_INVALID_KEYSIZE;
-   }
-
-   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-      return err;
-   }
-
-   if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, NULL)) != CRYPT_OK) {
-      return err;
-   }
-
-   /* divide size by three  */
-   size   = (((size << 3) / 3) + 7) >> 3;
-
-   /* make prime "q" (we negate size to make q == 3 mod 4) */
-   if ((err = rand_prime(q, -size, prng, wprng)) != CRYPT_OK)      { goto done; }
-   if ((err = mp_sub_d(q, 1, tmp1)) != CRYPT_OK)                   { goto done; }
-
-   /* make prime "p" */
-   do {
-      if ((err = rand_prime(p, size+1, prng, wprng)) != CRYPT_OK)  { goto done; }
-      if ((err = mp_gcd(p, tmp1, tmp2)) != CRYPT_OK)               { goto done; }
-   } while (mp_cmp_d(tmp2, 1) != LTC_MP_EQ);
-
-   /* make key */
-   if ((err = mp_init_multi(&key->d, &key->N, &key->dQ, &key->dP,
-                     &key->qP, &key->p, &key->q, &key->pq, NULL)) != CRYPT_OK) {
-      goto error;
-   }
-
-   /* n=p^2q and 1/n mod pq */
-   if ((err = mp_copy( p,  key->p)) != CRYPT_OK)                       { goto error2; }
-   if ((err = mp_copy( q,  key->q)) != CRYPT_OK)                       { goto error2; }
-   if ((err = mp_mul(key->p, key->q, key->pq)) != CRYPT_OK)            { goto error2; } /* tmp1 = pq  */
-   if ((err = mp_mul(key->pq, key->p, key->N)) != CRYPT_OK)            { goto error2; } /* N = p^2q   */
-   if ((err = mp_sub_d( p, 1,  tmp1)) != CRYPT_OK)                     { goto error2; } /* tmp1 = q-1 */
-   if ((err = mp_sub_d( q, 1,  tmp2)) != CRYPT_OK)                     { goto error2; } /* tmp2 = p-1 */
-   if ((err = mp_lcm(tmp1, tmp2, key->d)) != CRYPT_OK)                 { goto error2; } /* tmp1 = lcd(p-1,q-1) */
-   if ((err = mp_invmod( key->N,  key->d,  key->d)) != CRYPT_OK)       { goto error2; } /* key->d = 1/N mod pq */
-
-   /* optimize for CRT now */
-   /* find d mod q-1 and d mod p-1 */
-   if ((err = mp_mod( key->d,  tmp1,  key->dP)) != CRYPT_OK)           { goto error2; } /* dP = d mod p-1 */
-   if ((err = mp_mod( key->d,  tmp2,  key->dQ)) != CRYPT_OK)           { goto error2; } /* dQ = d mod q-1 */
-   if ((err = mp_invmod( q,  p,  key->qP)) != CRYPT_OK)                { goto error2; } /* qP = 1/q mod p */
-
-   /* set key type (in this case it's CRT optimized) */
-   key->type = PK_PRIVATE;
-
-   /* return ok and free temps */
-   err       = CRYPT_OK;
-   goto done;
-error2:
-   mp_clear_multi( key->d,  key->N,  key->dQ,  key->dP,  key->qP,  key->p,  key->q, key->pq, NULL);
-error:
-done:
-   mp_clear_multi( tmp2,  tmp1,  p,  q, NULL);
-   return err;
-}
-
-#endif
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

tests/katja_test.c

@@ -1,244 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- */
-#include <tomcrypt_test.h>
-
-#if defined(LTC_MKAT)
-
-int katja_test(void)
-{
-   unsigned char in[1024], out[1024], tmp[1024];
-   katja_key     key, privKey, pubKey;
-   int           hash_idx, prng_idx, stat, stat2, size;
-   unsigned long kat_msgsize, len, len2, cnt;
-   static unsigned char lparam[] = { 0x01, 0x02, 0x03, 0x04 };
-
-   if (ltc_mp.name == NULL) return CRYPT_NOP;
-
-   hash_idx = find_hash("sha1");
-   prng_idx = find_prng("yarrow");
-   if (hash_idx == -1 || prng_idx == -1) {
-      fprintf(stderr, "katja_test requires LTC_SHA1 and yarrow");
-      return 1;
-   }
-
-for (size = 1024; size <= 2048; size += 256) {
-
-   /* make 10 random key */
-   for (cnt = 0; cnt < 10; cnt++) {
-      DO(katja_make_key(&yarrow_prng, prng_idx, size/8, &key));
-      if (mp_count_bits(key.N) < size - 7) {
-         fprintf(stderr, "katja_%d key modulus has %d bits\n", size, mp_count_bits(key.N));
-
-len = mp_unsigned_bin_size(key.N);
-mp_to_unsigned_bin(key.N, tmp);
- fprintf(stderr, "N == \n");
-for (cnt = 0; cnt < len; ) {
-   fprintf(stderr, "%02x ", tmp[cnt]);
-   if (!(++cnt & 15)) fprintf(stderr, "\n");
-}
-
-len = mp_unsigned_bin_size(key.p);
-mp_to_unsigned_bin(key.p, tmp);
- fprintf(stderr, "p == \n");
-for (cnt = 0; cnt < len; ) {
-   fprintf(stderr, "%02x ", tmp[cnt]);
-   if (!(++cnt & 15)) fprintf(stderr, "\n");
-}
-
-len = mp_unsigned_bin_size(key.q);
-mp_to_unsigned_bin(key.q, tmp);
- fprintf(stderr, "\nq == \n");
-for (cnt = 0; cnt < len; ) {
-   fprintf(stderr, "%02x ", tmp[cnt]);
-   if (!(++cnt & 15)) fprintf(stderr, "\n");
-}
- fprintf(stderr, "\n");
-
-
-         return 1;
-      }
-      if (cnt != 9) {
-         katja_free(&key);
-      }
-   }
-   /* encrypt the key (without lparam) */
-   for (cnt = 0; cnt < 4; cnt++) {
-   for (kat_msgsize = 1; kat_msgsize <= 42; kat_msgsize++) {
-      /* make a random key/msg */
-      yarrow_read(in, kat_msgsize, &yarrow_prng);
-
-      len  = sizeof(out);
-      len2 = kat_msgsize;
-
-      DO(katja_encrypt_key(in, kat_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, hash_idx, &key));
-      /* change a byte */
-      out[8] ^= 1;
-      DO(katja_decrypt_key(out, len, tmp, &len2, NULL, 0, hash_idx, &stat2, &key));
-      /* change a byte back */
-      out[8] ^= 1;
-      if (len2 != kat_msgsize) {
-         fprintf(stderr, "\nkatja_decrypt_key mismatch len %lu (first decrypt)", len2);
-         return 1;
-      }
-
-      len2 = kat_msgsize;
-      DO(katja_decrypt_key(out, len, tmp, &len2, NULL, 0, hash_idx, &stat, &key));
-      if (!(stat == 1 && stat2 == 0)) {
-         fprintf(stderr, "katja_decrypt_key failed");
-         return 1;
-      }
-      if (len2 != kat_msgsize || memcmp(tmp, in, kat_msgsize)) {
-         unsigned long x;
-         fprintf(stderr, "\nkatja_decrypt_key mismatch, len %lu (second decrypt)\n", len2);
-         fprintf(stderr, "Original contents: \n");
-         for (x = 0; x < kat_msgsize; ) {
-             fprintf(stderr, "%02x ", in[x]);
-             if (!(++x % 16)) {
-                fprintf(stderr, "\n");
-             }
-         }
-         fprintf(stderr, "\n");
-         fprintf(stderr, "Output contents: \n");
-         for (x = 0; x < kat_msgsize; ) {
-             fprintf(stderr, "%02x ", out[x]);
-             if (!(++x % 16)) {
-                fprintf(stderr, "\n");
-             }
-         }
-         fprintf(stderr, "\n");
-         return 1;
-      }
-   }
-   }
-
-   /* encrypt the key (with lparam) */
-   for (kat_msgsize = 1; kat_msgsize <= 42; kat_msgsize++) {
-      len  = sizeof(out);
-      len2 = kat_msgsize;
-      DO(katja_encrypt_key(in, kat_msgsize, out, &len, lparam, sizeof(lparam), &yarrow_prng, prng_idx, hash_idx, &key));
-      /* change a byte */
-      out[8] ^= 1;
-      DO(katja_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), hash_idx, &stat2, &key));
-      if (len2 != kat_msgsize) {
-         fprintf(stderr, "\nkatja_decrypt_key mismatch len %lu (first decrypt)", len2);
-         return 1;
-      }
-      /* change a byte back */
-      out[8] ^= 1;
-
-      len2 = kat_msgsize;
-      DO(katja_decrypt_key(out, len, tmp, &len2, lparam, sizeof(lparam), hash_idx, &stat, &key));
-      if (!(stat == 1 && stat2 == 0)) {
-         fprintf(stderr, "katja_decrypt_key failed");
-         return 1;
-      }
-      if (len2 != kat_msgsize || memcmp(tmp, in, kat_msgsize)) {
-         fprintf(stderr, "katja_decrypt_key mismatch len %lu", len2);
-         return 1;
-      }
-   }
-
-#if 0
-
-   /* sign a message (unsalted, lower cholestorol and Atkins approved) now */
-   len = sizeof(out);
-   DO(katja_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 0, &key));
-
-/* export key and import as both private and public */
-   len2 = sizeof(tmp);
-   DO(katja_export(tmp, &len2, PK_PRIVATE, &key));
-   DO(katja_import(tmp, len2, &privKey));
-   len2 = sizeof(tmp);
-   DO(katja_export(tmp, &len2, PK_PUBLIC, &key));
-   DO(katja_import(tmp, len2, &pubKey));
-
-   /* verify with original */
-   DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &key));
-   /* change a byte */
-   in[0] ^= 1;
-   DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &key));
-
-   if (!(stat == 1 && stat2 == 0)) {
-      fprintf(stderr, "katja_verify_hash (unsalted, origKey) failed, %d, %d", stat, stat2);
-      katja_free(&key);
-      katja_free(&pubKey);
-      katja_free(&privKey);
-      return 1;
-   }
-
-   /* verify with privKey */
-   /* change a byte */
-   in[0] ^= 1;
-   DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &privKey));
-   /* change a byte */
-   in[0] ^= 1;
-   DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &privKey));
-
-   if (!(stat == 1 && stat2 == 0)) {
-      fprintf(stderr, "katja_verify_hash (unsalted, privKey) failed, %d, %d", stat, stat2);
-      katja_free(&key);
-      katja_free(&pubKey);
-      katja_free(&privKey);
-      return 1;
-   }
-
-   /* verify with pubKey */
-   /* change a byte */
-   in[0] ^= 1;
-   DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat, &pubKey));
-   /* change a byte */
-   in[0] ^= 1;
-   DO(katja_verify_hash(out, len, in, 20, hash_idx, 0, &stat2, &pubKey));
-
-   if (!(stat == 1 && stat2 == 0)) {
-      fprintf(stderr, "katja_verify_hash (unsalted, pubkey) failed, %d, %d", stat, stat2);
-      katja_free(&key);
-      katja_free(&pubKey);
-      katja_free(&privKey);
-      return 1;
-   }
-
-   /* sign a message (salted) now (use privKey to make, pubKey to verify) */
-   len = sizeof(out);
-   DO(katja_sign_hash(in, 20, out, &len, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
-   DO(katja_verify_hash(out, len, in, 20, hash_idx, 8, &stat, &pubKey));
-   /* change a byte */
-   in[0] ^= 1;
-   DO(katja_verify_hash(out, len, in, 20, hash_idx, 8, &stat2, &pubKey));
-
-   if (!(stat == 1 && stat2 == 0)) {
-      fprintf(stderr, "katja_verify_hash (salted) failed, %d, %d", stat, stat2);
-      katja_free(&key);
-      katja_free(&pubKey);
-      katja_free(&privKey);
-      return 1;
-   }
-#endif
-
-   katja_free(&key);
-   katja_free(&pubKey);
-   katja_free(&privKey);
-}
-
-   /* free the key and return */
-   return 0;
-}
-
-#else
-
-int katja_test(void)
-{
-   return CRYPT_NOP;
-}
-
-#endif
-
-/* ref:         $Format:%D$ */
-/* git commit:  $Format:%H$ */
-/* commit time: $Format:%ai$ */

tests/test.c

@@ -38,7 +38,6 @@ static const test_function test_functions[] =
       LTC_TEST_FN(dh_test),
       LTC_TEST_FN(ecc_tests),
       LTC_TEST_FN(dsa_test),
-      LTC_TEST_FN(katja_test),
       LTC_TEST_FN(file_test),
       LTC_TEST_FN(multi_test),
       /* keep the prng_test always at the end as

tests/tomcrypt_test.h

@@ -32,7 +32,6 @@ int store_test(void);
 int rotate_test(void);
 int rsa_test(void);
 int dh_test(void);
-int katja_test(void);
 int ecc_tests(void);
 int dsa_test(void);
 int der_test(void);