changes

常用的64位密码加密算法

Jun 19th, 2003
v0.87  -- Many MSVC optimizations to the code base
       -- Improved the AES and Twofish key schedule [faster, more constant time]
       -- Tons of optimizations here and there.  
       
Jun 15th, 2003
v0.86  -- Fixed up AES to workaround MSVC optimizer bug
       -- Merged in fresh LTM base [based on v0.20] so there are no warnings with MSVC
       -- Wrote x86_prof which will time the hashes and ciphers downto cycles per byte.
       -- Fixed up demos/encrypt to remove serpent_desc from the list
       -- Re-enabled MSVC optimizations w00t w00t
       -- Replaced "errno" with "err" in all functions that had it so it wouldn't clash
          with the global "errno"
       -- Removed a set of unused variables from certain functions
       -- Removed {#line 0 "..."} stuff from mpi.c to comply with ISO C  :-)
       
Jun 11th, 2003
v0.85  -- Swapped in a new AES routine
       -- Removed Serpent
       -- Added TDCAL policy document
       
Jun 1st, 2003
v0.84  -- Removed a 4KB buffer from rsa_decrypt_key that wasn't being used no more
       -- Fixed another potential buffer problem.  Not an overflow but could cause the 
          PK import routines to read past the end of the buffer.
       -- Optimized the ECC mulmod more by removing a if condition that will always be false
       -- Optimized prime.c to not include a 2nd prime table, removed code from is_prime calls prime
          test from LibTomMath now
       -- Added LTC_TEST define which when defined will enable the test vector routines [see mycrypt_custom.h]
       -- Removed ampi.o from the depends cuz it ain't no not working in *nix with it [routines are in mpi.c now].
        

Mar 29th, 2003
v0.83  -- Optimized the ecc_mulmod, it's faster and takes less heap/stack space
       -- Fixed a free memory error in ecc_mulmod and del_point which would try to free NULL
       -- Fixed two serious bugs in rsa_decrypt_key and rsa_verify_hash that would allow a trivialy
          buffer overflow.
       -- Fixed a bug in the hmac testing code if you don't register all the hashes it won't return
          errors now.
       
Mar 15th, 2003
v0.82  -- Manual updated
       -- Added MSVC makefile [back, actually its written from scratch to work with NMAKE]
       -- Change to HMAC helper functions API to avoid buffer overflow [source changes]
       -- the rsa_encrypt_key was supposed to reject key sizes out of bounds ... 
          same fix to the rsa_sign_hash 
       -- Added code to ensure that that chaining mode code (cfb/ofb/ctr/cbc) have valid
          structures when being called.  E.g. the indexes to the pad/ivs are not out of bounds
       -- Cleaned up the DES code and simplified the core desfunc routine.
       -- Simplified one of the boolean functions in MD4
       
Jan 16th, 2003
v0.81  -- Merged in new makefile from Clay Culver and Mike Frysinger
       -- Sped up the ECC mulmod() routine by making the word size adapt to the input.  Saves a whopping 9 point
          operations on 521-bit keys now (translates to about 8ms on my Athlon XP).  I also now use barrett reduction
          as much as possible.  This sped the routine up quite a bit.
       -- Fixed a huge flaw in ecc_verify_hash() where it would return CRYPT_OK on error... Now fixed.
       -- Fixed up config.pl by fixing an invalid query and the file is saved in non-windows [e.g. not CR/LF] format
          (fix due to Mika Bostr鰉)
       -- Merged in LibTomMath for kicks
       -- Changed the build process so that by default "mycrypt_custom.h" is included and provided
          The makefile doesn't include any build options anymore
       -- Removed the PS2 and VC makefiles.
       
Dec 16th, 2002
v0.80  -- Found a change I made to the MPI that is questionable.  Not quite a bug but definately not desired.  Had todo
          with the digit shifting.  In v0.79 I simply truncated without zeroing.  It didn't cause problems during my
          testing but I fixed it up none the less.
       -- Optimized s_mp_mul_dig() from MPI to do a minimal number of passes.
       -- Fixed in rsa_exptmod() where I was getting the size of the result.  Basically it accomplishes the same thing
          but the fixed code is more readable.
       -- Fixed slight bug in dh_sign_hash() where the random "k" value was 1 byte shorter than it should have been.  I've
          also made the #define FAST_PK speed up signatures as well.  Essentially FAST_PK tells the DH sub-system to 
          limit any private exponent to 256-bits.   Note that when FAST_PK is defined does not make the library
          binary or source incompatible with a copy of the library with it undefined.
       -- Removed the DSA code.  If you want fast diffie-hellman just define FAST_PK :-)
       -- Updated dh_sign_hash()/dh_verify_hash() to export "unsigned" bignums.  Saves two bytes but is not binary
          compatible with the previous release... sorry!  I've performed the same fix to the ecc code as well.
       -- Fixed up the PK code to remove all use of mp_toraw() and mp_read_raw() [get all the changes out of the way now]
       -- Fixed a bug in the DH code where it missed trapping a few errors if they occurred.
       -- Fixed a slight "its-not-a-bug-but-could-be-done-better" bug in the next_prime() function.  Essentially it was
          testing to ensure that in the loop that searches for the next candidate that the step never grows beyond
          65000.  Should have been testing for MP_DIGIT_MAX
       -- Spruced up the config.pl script.  It now makes a header file "mycrypt_custom.h" which can be included *before*
          you include mycrypt.h.  This allows you to add libtomcrypt to a project without completely changing your make
          system around.  Note that you should use the makefile it writes to at least build the library initially.
       -- Used splint to check alot of the code out.  Tons of minor fixes and explicit casts added.
       -- Also made all the internal functions of MPI are now static to avoid poluting the namespace
       -- **Notice**:  There are no planned future releases for at least a month from the this release date.
       
Dec 14th, 2002
v0.79  -- Change to PK code [binary and source].  I made it so you have to pass the buffer size to the *_decrypt_key and
          *_verify_hash functions.  This prevents malformed packets from performing buffer overflows.  I've also trimmed
          the packet header size [by 4 bytes].
       -- Made the test program halt on the first error it occurs.  Also made it trap more errors than before.
       -- Wrote the first chapter of my new book [DRAFT!], not in this package but check my website!
       -- Included a perl script "config.pl" that will make "makefile.out" according to the users needs.  
       -- Added shell script to look for latest release
       -- Merge DH and ECC key defines from mycrypt_cfg.h into the makefiles
       -- updated the makefile to use BSD friendly archiving invokations
       -- Changed the DH and ECC code to use base64 static key settings [e.g. the primes].  Dropped the code size by 3KB
          and is ever-so-slightly faster than before.
       -- added "mp_shrink" function to shrink the size of bignums.  Specially useful for PK code :-)
       -- Added new exptmod function that calculates a^b mod c with fewer multiplies then before [~20% for crypto
          sized numbers].  Also added a "low mem" variant that doesn't use more than 20KB [upto 4096 bit nums] of
          heap todo the calculation.  Both are #define'able controlled
       -- Added XREALLOC macro to provide realloc() functionality.
       -- Added fix where in rsa_import() if you imported a public key or a non-optimized key it would free the mp_int's
          not being used.
       -- Fixed potential bug in the ECC code.  Only would occur on platforms where char is not eight bits [which isn't
          often!]
       -- Fixed up the ECC point multiplication, its about 15% faster now
       -- While I was at it [since the lib isn't binary backwards compatible anyways] I've fixed the PK export routines
          so they export as "unsigned" types saving 1 byte per bignum outputted.  Not a lot but heck why not.
          
Nov 28th, 2002
v0.78  -- Made the default ARGCHK macro a function call instead which reduced the code size from 264KB to 239KB.
       -- Fixed a bug in the XTEA keysize function which called ARGCHK incorrectly.
       -- Added Noekeon block cipher at 2,800 bytes of object code and 345Mbit/sec it is a welcome addition.
       -- Made the KR code check if the other PK systems are included [provides error when building otherwise].
       -- Made "aes" an alias for Rijndael via a pre-processor macro.  Now you can use "aes_ecb_encrypt", etc... :-)
          Thanks to Jean-Luc Cooke for the "buzzword conformance" suggestion.
       -- Removed the old PK code entirely (e.g. rsa_sign, dh_encrypt).  The *_sign_hash and *_encrypt_key functions
          are all that is to remain.
       -- **NOTE** Changed the PK *_import (including the keyring) routine to accept a "inlen" parameter.  This fixes a
          bug where improperly made key packets could result in reading passed the end of the buffer.  This means
          the code is no longer source compatible but still binary compatible.
       -- Fixed a few other minor bugs in the PK import code while I was at it.
       
Nov 26th, 2002
v0.77  -- Updated the XTEA code to use pre-computed keys.  With optimizations for speed it achieves 222Mbit/sec
          compared to the 121Mbit/sec before.  It is 288 bytes bigger than before.
       -- Cleaned up some of the ciphers and hashes (coding style, cosmetic changes)
       -- Optimized AES slightly for 256-bit keys [only one if statement now, still two for 192-bit keys]
       -- Removed most test cases from Blowfish, left three of them there.  Makes it smaller and faster to test.
       -- Changed the primality routines around.  I now use 8 rounds of Rabin-Miller, I use 256 primes in the sieve
          step and the "rand_prime" function uses a modified sieve that avoids alot of un-needed bignum work.
       -- Fixed a bug in the ECC/DH signatures where the keys "setting" value was not checked for validity.  This means
          that a invalid value could have caused segfaults, etc...
       -- **NOTE** Changed the way the ECC/DH export/import functions work.  They are source but not binary compatible
          with v0.76.  Essentially insteading of exporting the setting index like before I export the key size.  Now
          if you ever re-configure which key settings are supported the lib will still be able to make use of your 
          keys.
       -- Optimized Blowfish by inlining the round function, unrolling it for four rounds then using a for loop for the 
          rest.  It achieves a rate of 425Mbit/sec with the new code compared to 314Mbit/sec before.  The new blowfish 
          object file is 7,813 bytes compared to 8,663 before and is 850 bytes smaller.  So the code is both smaller and 
          faster!
       -- Optimized Twofish as well by inlining the round function.  Gets ~400Mbit/sec compared to 280Mbit/sec before
          and the code is only 78 bytes larger than the previous copy.
       -- Removed SMALL_PRIME_TAB build option.  I use the smaller table always.
       -- Fixed some mistakes concerning prime generation in the manual.
       -- [Note: sizes/speeds are for GCC 3.2 on an x86 Athlon XP @ 1.53Ghz]

Nov 25th, 2002
v0.76  -- Updated makefiles a bit more, use "-Os" instead of "-O2" to optimize for size.  Got the lib
          downto 265KB using GCC 3.2 on my x86 box.
       -- Updated the SAFER+, Twofish and Rijndael test vector routine to use the table driven design.
       -- Updated all other test vector routines to return as soon as an error is found
       -- fixed a bug in the test program where errors in the hash test routines would not be reported
          correctly.  I found this by temporarily changing one of the bytes of the test vectors.  All the
          hashes check out [the demos/test.c would still have reported an error, just the wrong one].
          

Nov 24th, 2002
v0.75  -- Fixed a flaw in hash_filehandle, it should ARGCHK that the filehandle is not NULL
       -- Fixed a bug where in hash_file if the call to hash_filehandle failed the open file would 
          not be closed.
       -- Added more strict rules to build process, starting to weed out "oh this works in GCC" style code
          In the next release "-Wconversion" will be enabled which will deal with all implicit casts.

Nov 22nd, 2002 [later in the day]
v0.74  -- Wrote a small variant of SAFER+ which shaved 50KB off the size of the library on x86 platforms
       -- Wrote a build option to remove the PK packet functions [keeps the encrypt_key/sign_hash functions]
       -- Wrote a small variant of Rijndael (trimmed 13KB)
       -- Trimmed the TIGER/192 hash function a bit
       -- Overall the entire lib compiled is 295KB [down from 400KB before]
       -- Fixed a few minor oversights in the MSVC makefile

Nov 22nd, 2002
v0.73  -- Fixed bug in RC4 code where it could only use 255 byte keys.
       -- Fixed bug in yarrow code where it would allow cast5 or md2 to be used with it...
       -- Removed the ecc compress/expand points from the global scope.  Reduces namespace polution
       -- Fixed bug where if you used the SPRNG you couldn't pass NULL as your prng_state which you should be
          able todo since the SPRNG has no state...
       -- Corrected some oversights in the manual and the examples...
       -- By default the GF(2^W) math library is excluded from the build.  The source is maintained because I wrote it
          and like it :-).  This way the built library is a tad smaller
       -- the MSVC makefile will now build for a SPACE optimized library rather than TIME optimized.

Nov 21th, 2002
v0.72  -- Fixed bug in the prime testing.  In the Miller-Rabin test I was raising the base to "N-1" not "r".
          The math still worked out fine because in effect it was performing a Fermat test.  Tested the new code and it 
          works properly
       -- Fixed some of the code where it was still using the old error syntax
       -- Sped up the RSA decrypt/sign routines
       -- Optimized the ecc_shared_secret routine to not use so much stack
       -- Fixed up the makefile to make releases where the version # is in the file name and directory it will unzip