Streamlined DRBG and MGF1 debug output

author Andreas Steffen <andreas.steffen@strongswan.org>

Fri, 6 Dec 2013 23:21:28 +0000 (00:21 +0100)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Fri, 6 Dec 2013 23:21:28 +0000 (00:21 +0100)
author Andreas Steffen <andreas.steffen@strongswan.org>
Fri, 6 Dec 2013 23:21:28 +0000 (00:21 +0100)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Fri, 6 Dec 2013 23:21:28 +0000 (00:21 +0100)
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_mgftp1.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_mgftp1.c

index d042798..1d33626 100644 (file)
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_mgftp1.c
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_mgftp1.c
@@ -71,6 +71,7 @@ ntru_mgftp1(
         ntru_mgf1_t *mgf1;
  
         /* generate minimum MGF1 output */
+       DBG2(DBG_LIB, "MGF1 is seeded with %u octets", seed_len);
         mgf1 = ntru_mgf1_create(hash_algid, chunk_create(seed, seed_len), TRUE);
         if (!mgf1)
         {
@@ -80,7 +81,8 @@ ntru_mgftp1(
         octets = buf;
         octets_available = min_calls * md_len;
  
-       DBG2(DBG_LIB, "MGF1 generates %u octets", octets_available);
+       DBG2(DBG_LIB, "MGF1 generates %u octets to extract %d trits",
+                                  octets_available, num_trits_needed);
         if (!mgf1->get_mask(mgf1, octets_available, octets))
         {
                 mgf1->destroy(mgf1);
@@ -96,7 +98,8 @@ ntru_mgftp1(
                         octets = buf;
                         octets_available = md_len;
  
-                       DBG2(DBG_LIB, "MGF1 generates another %u octets", octets_available);
+                       DBG2(DBG_LIB, "MGF1 generates another %u octets for the remaining "
+                                                 "%u trits", octets_available, num_trits_needed);
                         if (!mgf1->get_mask(mgf1, octets_available, octets))
                         {
                                 mgf1->destroy(mgf1);
@@ -125,7 +128,8 @@ ntru_mgftp1(
                         octets = buf;
                         octets_available = md_len;
  
-                       DBG2(DBG_LIB, "MGF1 generates another %u octets", octets_available);
+                       DBG2(DBG_LIB, "MGF1 generates another %u octets for the remaining "
+                                                 "%u trits", octets_available, num_trits_needed);
                         if (!mgf1->get_mask(mgf1, octets_available, octets))
                         {
                                 mgf1->destroy(mgf1);
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c

index 955544f..e1f4f04 100644 (file)
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c
@@ -93,6 +93,7 @@ ntru_gen_poly(
         ntru_mgf1_t *mgf1;
  
      /* generate minimum MGF1 output */
+       DBG2(DBG_LIB, "MGF1 is seeded with %u octets", seed_len);
         mgf1 = ntru_mgf1_create(hash_algid, chunk_create(seed, seed_len), TRUE);
         if (!mgf1)
         {
@@ -102,13 +103,6 @@ ntru_gen_poly(
      octets = buf;
      octets_available = min_calls * md_len;
  
-       DBG2(DBG_LIB, "MGF1 generates %u octets", octets_available);
-       if (!mgf1->get_mask(mgf1, octets_available, octets))
-       {
-               mgf1->destroy(mgf1);
-               return NTRU_MGF1_FAIL;
-       }
-
      /* init indices counts for number of polynomials being generated */
      if (is_product_form) {
  
@@ -134,6 +128,13 @@ ntru_gen_poly(
      memset(used, 0, N);
  
      /* generate indices (IGF-2) for all polynomials */
+       DBG2(DBG_LIB, "MGF1 generates %u octets for %u indices",
+                                  octets_available, num_indices);
+       if (!mgf1->get_mask(mgf1, octets_available, octets))
+       {
+               mgf1->destroy(mgf1);
+               return NTRU_MGF1_FAIL;
+       }
  
      while (num_polys > 0) {
  
@@ -166,8 +167,9 @@ ntru_gen_poly(
                          octets = buf;
                          octets_available = md_len;
  
-                                               DBG2(DBG_LIB, "MGF1 generates another %u octets",
-                                                                          octets_available);
+                                               DBG2(DBG_LIB, "MGF1 generates another %u octets for the "
+                                                                         "remaining %u indices", octets_available,
+                                                                          num_indices - index_cnt);
                                                 if (!mgf1->get_mask(mgf1, octets_available, octets))
                                                 {
                                                         mgf1->destroy(mgf1);
diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.c b/src/libstrongswan/plugins/ntru/ntru_drbg.c

index bf8d7fd..0081223 100644 (file)
--- a/src/libstrongswan/plugins/ntru/ntru_drbg.c
+++ b/src/libstrongswan/plugins/ntru/ntru_drbg.c
@@ -119,7 +119,7 @@ METHOD(ntru_drbg_t, reseed, bool,
         chunk_t seed;
  
         seed = chunk_alloc(this->strength / BITS_PER_BYTE);
-       DBG2(DBG_LIB, "DBRG requesting %u bytes of entropy", seed.len);
+       DBG2(DBG_LIB, "DRG requests %u bytes of entropy", seed.len);
  
         if (!this->entropy->get_bytes(this->entropy, seed.len, seed.ptr))
         {
@@ -254,7 +254,7 @@ ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str,
  
         entropy_len = (strength + strength/2) / BITS_PER_BYTE;
         seed = chunk_alloc(entropy_len + pers_str.len);
-       DBG2(DBG_LIB, "DBRG requesting %u bytes of entropy", entropy_len);
+       DBG2(DBG_LIB, "DRBG requests %u bytes of entropy", entropy_len);
  
         if (!this->entropy->get_bytes(this->entropy, entropy_len, seed.ptr))
         {
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Fri, 6 Dec 2013 23:21:28 +0000 (00:21 +0100)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Fri, 6 Dec 2013 23:21:28 +0000 (00:21 +0100)
src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_mgftp1.c		patch \| blob \| history
src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c		patch \| blob \| history
src/libstrongswan/plugins/ntru/ntru_drbg.c		patch \| blob \| history