Streamlined DRBG and MGF1 debug output
authorAndreas Steffen <andreas.steffen@strongswan.org>
Fri, 6 Dec 2013 23:21:28 +0000 (00:21 +0100)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Fri, 6 Dec 2013 23:21:28 +0000 (00:21 +0100)
src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_mgftp1.c
src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c
src/libstrongswan/plugins/ntru/ntru_drbg.c

index d042798..1d33626 100644 (file)
@@ -71,6 +71,7 @@ ntru_mgftp1(
        ntru_mgf1_t *mgf1;
 
        /* generate minimum MGF1 output */
+       DBG2(DBG_LIB, "MGF1 is seeded with %u octets", seed_len);
        mgf1 = ntru_mgf1_create(hash_algid, chunk_create(seed, seed_len), TRUE);
        if (!mgf1)
        {
@@ -80,7 +81,8 @@ ntru_mgftp1(
        octets = buf;
        octets_available = min_calls * md_len;
 
-       DBG2(DBG_LIB, "MGF1 generates %u octets", octets_available);
+       DBG2(DBG_LIB, "MGF1 generates %u octets to extract %d trits",
+                                  octets_available, num_trits_needed);
        if (!mgf1->get_mask(mgf1, octets_available, octets))
        {
                mgf1->destroy(mgf1);
@@ -96,7 +98,8 @@ ntru_mgftp1(
                        octets = buf;
                        octets_available = md_len;
 
-                       DBG2(DBG_LIB, "MGF1 generates another %u octets", octets_available);
+                       DBG2(DBG_LIB, "MGF1 generates another %u octets for the remaining "
+                                                 "%u trits", octets_available, num_trits_needed);
                        if (!mgf1->get_mask(mgf1, octets_available, octets))
                        {
                                mgf1->destroy(mgf1);
@@ -125,7 +128,8 @@ ntru_mgftp1(
                        octets = buf;
                        octets_available = md_len;
 
-                       DBG2(DBG_LIB, "MGF1 generates another %u octets", octets_available);
+                       DBG2(DBG_LIB, "MGF1 generates another %u octets for the remaining "
+                                                 "%u trits", octets_available, num_trits_needed);
                        if (!mgf1->get_mask(mgf1, octets_available, octets))
                        {
                                mgf1->destroy(mgf1);
index 955544f..e1f4f04 100644 (file)
@@ -93,6 +93,7 @@ ntru_gen_poly(
        ntru_mgf1_t *mgf1;
 
     /* generate minimum MGF1 output */
+       DBG2(DBG_LIB, "MGF1 is seeded with %u octets", seed_len);
        mgf1 = ntru_mgf1_create(hash_algid, chunk_create(seed, seed_len), TRUE);
        if (!mgf1)
        {
@@ -102,13 +103,6 @@ ntru_gen_poly(
     octets = buf;
     octets_available = min_calls * md_len;
 
-       DBG2(DBG_LIB, "MGF1 generates %u octets", octets_available);
-       if (!mgf1->get_mask(mgf1, octets_available, octets))
-       {
-               mgf1->destroy(mgf1);
-               return NTRU_MGF1_FAIL;
-       }
-
     /* init indices counts for number of polynomials being generated */
     if (is_product_form) {
 
@@ -134,6 +128,13 @@ ntru_gen_poly(
     memset(used, 0, N);
 
     /* generate indices (IGF-2) for all polynomials */
+       DBG2(DBG_LIB, "MGF1 generates %u octets for %u indices",
+                                  octets_available, num_indices);
+       if (!mgf1->get_mask(mgf1, octets_available, octets))
+       {
+               mgf1->destroy(mgf1);
+               return NTRU_MGF1_FAIL;
+       }
 
     while (num_polys > 0) {
 
@@ -166,8 +167,9 @@ ntru_gen_poly(
                         octets = buf;
                         octets_available = md_len;
 
-                                               DBG2(DBG_LIB, "MGF1 generates another %u octets",
-                                                                          octets_available);
+                                               DBG2(DBG_LIB, "MGF1 generates another %u octets for the "
+                                                                         "remaining %u indices", octets_available,
+                                                                          num_indices - index_cnt);
                                                if (!mgf1->get_mask(mgf1, octets_available, octets))
                                                {
                                                        mgf1->destroy(mgf1);
index bf8d7fd..0081223 100644 (file)
@@ -119,7 +119,7 @@ METHOD(ntru_drbg_t, reseed, bool,
        chunk_t seed;
 
        seed = chunk_alloc(this->strength / BITS_PER_BYTE);
-       DBG2(DBG_LIB, "DBRG requesting %u bytes of entropy", seed.len);
+       DBG2(DBG_LIB, "DRG requests %u bytes of entropy", seed.len);
 
        if (!this->entropy->get_bytes(this->entropy, seed.len, seed.ptr))
        {
@@ -254,7 +254,7 @@ ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str,
 
        entropy_len = (strength + strength/2) / BITS_PER_BYTE;
        seed = chunk_alloc(entropy_len + pers_str.len);
-       DBG2(DBG_LIB, "DBRG requesting %u bytes of entropy", entropy_len);
+       DBG2(DBG_LIB, "DRBG requests %u bytes of entropy", entropy_len);
 
        if (!this->entropy->get_bytes(this->entropy, entropy_len, seed.ptr))
        {