simon-git: putty (master): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Thu Jan 3 17:05:34 GMT 2019
TL;DR:
4eb1dedb Fix non-generality bug in ecc_weierstrass_point_valid.
992f98d5 Fix two misstatements of the Montgomery curve equation.
0cc9a2ad Remove a couple of outdated .gitignore entries.
f3295e0f Add more typedefs to structure names.
84f98c5b Make lots more algorithm structures globally visible.
ffa8dcc1 Remove unused function monty_copy.
4efb23de Rename the 'testdata' subdirectory to 'test'.
c3ae739e Move eccref.py into the test directory.
3d06adce eccref.py: add a couple more methods to ModP.
5b14abc3 New test system for mp_int and cryptography.
22a79fe7 mpint tuning: lower KARATSUBA_THRESHOLD to 24.
e1627db3 Test suite for mpint.c and ecc.c.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2019-01-03 17:05:34
commit 4eb1dedb6621a98045b6782377ff0c02b1590641
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4eb1dedb6621a98045b6782377ff0c02b1590641;hp=425a119ae83910367bdba7343c43ceb631289872
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 15:16:09 2019 +0000
Fix non-generality bug in ecc_weierstrass_point_valid.
It was computing the RHS of the curve equation affinely, without
taking account of the point's Z coordinate. In other words, it would
work OK for a point you'd _only just_ imported into ecc.c which was
still represented with a denominator of 1, but it would give the wrong
answer for points coming out of computation after that.
I've moved the simple version into ecc_weierstrass_point_new_from_x,
since the only reason it was in a separate function at all was so it
could be reused by point_valid, which I now realise it can't.
ecc.c | 57 ++++++++++++++++++++++++++++++++++++++++++---------------
1 file changed, 42 insertions(+), 15 deletions(-)
commit 992f98d5d76b6891e4ec4b96534a7bef055c3f80
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=992f98d5d76b6891e4ec4b96534a7bef055c3f80;hp=4eb1dedb6621a98045b6782377ff0c02b1590641
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 15:26:33 2019 +0000
Fix two misstatements of the Montgomery curve equation.
I got it right in all the serious code (or else my Curve25519 key
exchange wouldn't have worked), but I wrote it down wrongly in the
comment in ecc.h, putting the coefficient b on the RHS x term rather
than the LHS y^2. Then I repeated the same error in the point
decompression function in eccref.py.
contrib/eccref.py | 4 ++--
ecc.h | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
commit 0cc9a2adc03a1ae34d992f01ced7208ca63adfc6
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=0cc9a2adc03a1ae34d992f01ced7208ca63adfc6;hp=992f98d5d76b6891e4ec4b96534a7bef055c3f80
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 16:22:18 2019 +0000
Remove a couple of outdated .gitignore entries.
These should have gone out when the old bignums and their testing
system went away.
.gitignore | 2 --
1 file changed, 2 deletions(-)
commit f3295e0fb5db6fb5e2e9b2c99340bd19bb86db8a
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=f3295e0fb5db6fb5e2e9b2c99340bd19bb86db8a;hp=0cc9a2adc03a1ae34d992f01ced7208ca63adfc6
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 14:16:29 2019 +0000
Add more typedefs to structure names.
I'm getting tired of typing 'struct Foo' everywhere when I could just
type 'Foo', so here's a bunch of extra typedefs that allow me to leave
off the 'struct' in various places.
ssh.h | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
commit 84f98c5bf9f8ae1c65de23b419d2871971a18c9b
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=84f98c5bf9f8ae1c65de23b419d2871971a18c9b;hp=f3295e0fb5db6fb5e2e9b2c99340bd19bb86db8a
Author: Simon Tatham <anakin at pobox.com>
Date: Mon Dec 31 13:55:46 2018 +0000
Make lots more algorithm structures globally visible.
Previously, lots of individual ssh2_cipheralg structures were declared
static, and only available to the rest of the code via a smaller
number of 'ssh2_ciphers' objects that wrapped them into lists. But I'm
going to want to access individual ciphers directly in the testing
system I'm currently working on, so I'm giving all those objects
external linkage and declaring them in ssh.h.
Also, I've made up an entirely new one, namely exposing MD5 as an
instance of the general ssh_hashalg abstraction, which it has no need
to be for the purposes of actually using it in SSH. But, again, this
will let me treat it the same as all the other hashes in the test
system.
No functional change, for the moment.
ssh.h | 21 +++++++++++++++++++++
sshaes.c | 14 ++++++++------
sshblowf.c | 4 ++--
sshccp.c | 4 ++--
sshdes.c | 8 ++++----
sshecc.c | 8 ++++----
sshmd5.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
7 files changed, 92 insertions(+), 18 deletions(-)
commit ffa8dcc13abc0266e46c9dd3fa4d38296c8b44aa
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=ffa8dcc13abc0266e46c9dd3fa4d38296c8b44aa;hp=84f98c5bf9f8ae1c65de23b419d2871971a18c9b
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 10:56:47 2019 +0000
Remove unused function monty_copy.
I wrote it for the sake of a test-system design I had in mind at the
time, but that design changed after I committed, and now I think
_even_ my upcoming test application won't need to copy MontyContexts.
So I'll remove the function now, so as not to have to pointlessly
write tests for it :-)
mpint.c | 15 ---------------
mpint.h | 1 -
2 files changed, 16 deletions(-)
commit 4efb23de917e4de1cb7999beef9c77c11cc1e325
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4efb23de917e4de1cb7999beef9c77c11cc1e325;hp=ffa8dcc13abc0266e46c9dd3fa4d38296c8b44aa
Author: Simon Tatham <anakin at pobox.com>
Date: Wed Jan 2 17:48:35 2019 +0000
Rename the 'testdata' subdirectory to 'test'.
I'm about to start putting programs in it too, so it would be a
misnomer left like that.
mksrcarc.sh | 4 ++--
{testdata => test}/colours.txt | 0
{testdata => test}/display.txt | 0
{testdata => test}/lattrs.txt | 0
{testdata => test}/scocols.txt | 0
{testdata => test}/utf8.txt | 0
{testdata => test}/vt100.txt | 0
7 files changed, 2 insertions(+), 2 deletions(-)
commit c3ae739e6d872d03edd990bb1f22a6257b1f2924
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=c3ae739e6d872d03edd990bb1f22a6257b1f2924;hp=4efb23de917e4de1cb7999beef9c77c11cc1e325
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 12:30:46 2019 +0000
Move eccref.py into the test directory.
The test suite I'm writing for ecc.c will live in that directory and
want to use it to check answers.
{contrib => test}/eccref.py | 0
1 file changed, 0 insertions(+), 0 deletions(-)
commit 3d06adce9f55b69252f0730618b176069c8ba837
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=3d06adce9f55b69252f0730618b176069c8ba837;hp=c3ae739e6d872d03edd990bb1f22a6257b1f2924
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 16:55:45 2019 +0000
eccref.py: add a couple more methods to ModP.
The __truediv__ pair makes the whole program work in Python 3 as well
as 2 (it was _so_ nearly there already!), and __int__ lets you easily
turn a ModP back into an ordinary Python integer representing its
least positive residue.
test/eccref.py | 4 ++++
1 file changed, 4 insertions(+)
commit 5b14abc30ea3b12b0c90520cf7d6d2394b978450
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5b14abc30ea3b12b0c90520cf7d6d2394b978450;hp=3d06adce9f55b69252f0730618b176069c8ba837
Author: Simon Tatham <anakin at pobox.com>
Date: Tue Jan 1 19:08:37 2019 +0000
New test system for mp_int and cryptography.
I've written a new standalone test program which incorporates all of
PuTTY's crypto code, including the mp_int and low-level elliptic curve
layers but also going all the way up to the implementations of the
MAC, hash, cipher, public key and kex abstractions.
The test program itself, 'testcrypt', speaks a simple line-oriented
protocol on standard I/O in which you write the name of a function
call followed by some inputs, and it gives you back a list of outputs
preceded by a line telling you how many there are. Dynamically
allocated objects are assigned string ids in the protocol, and there's
a 'free' function that tells testcrypt when it can dispose of one.
It's possible to speak that protocol by hand, but cumbersome. I've
also provided a Python module that wraps it, by running testcrypt as a
persistent subprocess and gatewaying all the function calls into
things that look reasonably natural to call from Python. The Python
module and testcrypt.c both read a carefully formatted header file
testcrypt.h which contains the name and signature of every exported
function, so it costs minimal effort to expose a given function
through this test API. In a few cases it's necessary to write a
wrapper in testcrypt.c that makes the function look more friendly, but
mostly you don't even need that. (Though that is one of the
motivations between a lot of API cleanups I've done recently!)
I considered doing Python integration in the more obvious way, by
linking parts of the PuTTY code directly into a native-code .so Python
module. I decided against it because this way is more flexible: I can
run the testcrypt program on its own, or compile it in a way that
Python wouldn't play nicely with (I bet compiling just that .so with
Leak Sanitiser wouldn't do what you wanted when Python loaded it!), or
attach a debugger to it. I can even recompile testcrypt for a
different CPU architecture (32- vs 64-bit, or even running it on a
different machine over ssh or under emulation) and still layer the
nice API on top of that via the local Python interpreter. All I need
is a bidirectional data channel.
.gitignore | 1 +
Recipe | 15 +-
defs.h | 2 +
test/testcrypt.py | 226 ++++++++++++++
testcrypt.c | 921 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
testcrypt.h | 226 ++++++++++++++
6 files changed, 1386 insertions(+), 5 deletions(-)
commit 22a79fe7336012dc1ad9aa218daf6bd3d8b4419c
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=22a79fe7336012dc1ad9aa218daf6bd3d8b4419c;hp=5b14abc30ea3b12b0c90520cf7d6d2394b978450
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 11:39:14 2019 +0000
mpint tuning: lower KARATSUBA_THRESHOLD to 24.
The new testcrypt system made it easy to write a tiny Python program
that does a lot of multiplications of various large sizes, run it
against versions of the testcrypt binary built with lots of different
threshold settings, and time the output by running the Python program
with PUTTY_TESTCRYPT="command time -f %U ./testcrypt".
When I tried that I found that lots of values in the 20-30 range
looked about as good as each other. 24 was an unusually low dip which
could well have just been a random outlier, but it's a nice round
number so I picked it anyway.
mpint.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit e1627db3e528a457102dc5a35c530edbad6f4ea4
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e1627db3e528a457102dc5a35c530edbad6f4ea4;hp=22a79fe7336012dc1ad9aa218daf6bd3d8b4419c
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Jan 3 16:04:58 2019 +0000
Test suite for mpint.c and ecc.c.
This is a reasonably comprehensive test that exercises basically all
the functions I rewrote at the end of last year, and it's how I found
a lot of the bugs in them that I fixed earlier today.
It's written in Python, using the unittest framework, which is
convenient because that way I can cross-check Python's own large
integers against PuTTY's.
While I'm here, I've also added a few tests of higher-level crypto
primitives such as Ed25519, AES and HMAC, when I could find official
test vectors for them. I hope to add to that collection at some point,
and also add unit tests of some of the other primitives like ECDH and
RSA KEX.
The test suite is run automatically by my top-level build script, so
that I won't be able to accidentally ship anything which regresses it.
When it's run at build time, the testcrypt binary is built using both
Address and Leak Sanitiser, so anything they don't like will also
cause a test failure.
Buildscr | 10 +
test/cryptsuite.py | 837 +++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 847 insertions(+)
More information about the tartarus-commits
mailing list