Enhance mkfipsscr.pl to handle different testvector paths and perform

sanity checks. Make AES/TDES algorithm test programs quiet if VERBOSE is zero.
2007-07-15 12:01:54 +00:00 · 2007-07-15 12:01:54 +00:00 · 1b8b2d9300
commit 1b8b2d9300
parent 4e1778b0d8
4 changed files with 377 additions and 102 deletions
--- a/6
+++ b/6
@ -4,6 +4,12 @@

 Changes between 0.9.8e and 0.9.8f-fips  [xx XXX xxxx]

+  *) Enhance mkfipsscr.pl to cope with different directory layouts. It now
+     relies on the filename and makes no assumptions about the pathname.
+     In the case of PSS it scans the file to determine the salt length.
+     Paths can be filtered. Also reports duplicate and missing files.
+     [Steve Henson]
+
  *) Updates to WIN32 build system. Make use of AES assembly language routines.
     Use assembly language routines in FIPS compilation.
     [Steve Henson]
--- a/fips-1.0/aes/fips_aesavs.c
+++ b/fips-1.0/aes/fips_aesavs.c
@ -647,11 +647,13 @@ int proc_file(char *rqfile)
 			strncpy(amode, xp+1, n);
 			amode[n] = '\0';
 			/* amode[3] = '\0'; */
+			if (VERBOSE)
 				printf("Test = %s, Mode = %s\n", atest, amode);
 			}
 		    else if (strncasecmp(pp, "Key Length : ", 13) == 0)
 			{
 			akeysz = atoi(pp+13);
+			if (VERBOSE)
 				printf("Key size = %d\n", akeysz);
 			}
 		    }
@ -899,6 +901,7 @@ int main(int argc, char **argv)
 	    {
 	    strtok(fn, "\r\n");
 	    strcpy(rfn, fn);
+	    if (VERBOSE)
 		printf("Processing: %s\n", rfn);
 	    if (proc_file(rfn))
 		{
@ -910,6 +913,7 @@ int main(int argc, char **argv)
 	}
    else /* single file */
 	{
+	if (VERBOSE)
 	    printf("Processing: %s\n", fn);
 	if (proc_file(fn))
 	    {
--- a/fips-1.0/des/fips_desmovs.c
+++ b/fips-1.0/des/fips_desmovs.c
@ -379,6 +379,7 @@ int proc_file(char *rqfile)
 			strncpy(amode, xp+1, n);
 			amode[n] = '\0';
 			/* amode[3] = '\0'; */
+			if (VERBOSE)
 				printf("Test=%s, Mode=%s\n",atest,amode);
 			}
 		    }
@ -682,6 +683,7 @@ int main(int argc, char **argv)
 	}
    else /* single file */
 	{
+	if (VERBOSE)
 		printf("Processing: %s\n", fn);
 	if (proc_file(fn))
 	    {
--- a/fips-1.0/mkfipsscr.pl
+++ b/fips-1.0/mkfipsscr.pl
@ -1,75 +1,273 @@
 #!/usr/local/bin/perl -w

-my @fips_tests = (
+my %fips_tests = (

-# FIPS test descriptions
+# FIPS test definitions

 # DSA tests

-["dsa", "PQGGen", "fips_dssvs pqg"],
-["dsa", "KeyPair", "fips_dssvs keypair"],
-["dsa", "SigGen", "fips_dssvs siggen"],
-["dsa", "SigVer", "fips_dssvs sigver"],
+"PQGGen" => "fips_dssvs pqg",
+"KeyPair" => "fips_dssvs keypair",
+"SigGen" => "fips_dssvs siggen",
+"SigVer" => "fips_dssvs sigver",

 # SHA tests

-["sha", "SHA1LongMsg", "fips_shatest"],
-["sha", "SHA1Monte", "fips_shatest"],
-["sha", "SHA1ShortMsg", "fips_shatest"],
-["sha", "SHA224LongMsg", "fips_shatest"],
-["sha", "SHA224Monte", "fips_shatest"],
-["sha", "SHA224ShortMsg", "fips_shatest"],
-["sha", "SHA256LongMsg", "fips_shatest"],
-["sha", "SHA256Monte", "fips_shatest"],
-["sha", "SHA256ShortMsg", "fips_shatest"],
-["sha", "SHA384LongMsg", "fips_shatest"],
-["sha", "SHA384Monte", "fips_shatest"],
-["sha", "SHA384ShortMsg", "fips_shatest"],
-["sha", "SHA512LongMsg", "fips_shatest"],
-["sha", "SHA512Monte", "fips_shatest"],
-["sha", "SHA512ShortMsg", "fips_shatest"],
-
-# AES tests, file search mode
-["aes", "\@dir", "fips_aesavs -f"],
-
-# DES tests, file search mode
-["tdes", "\@dir", "fips_desmovs -f"],
+"SHA1LongMsg" => "fips_shatest",
+"SHA1Monte" => "fips_shatest",
+"SHA1ShortMsg" => "fips_shatest",
+"SHA224LongMsg" => "fips_shatest",
+"SHA224Monte" => "fips_shatest",
+"SHA224ShortMsg" => "fips_shatest",
+"SHA256LongMsg" => "fips_shatest",
+"SHA256Monte" => "fips_shatest",
+"SHA256ShortMsg" => "fips_shatest",
+"SHA384LongMsg" => "fips_shatest",
+"SHA384Monte" => "fips_shatest",
+"SHA384ShortMsg" => "fips_shatest",
+"SHA512LongMsg" => "fips_shatest",
+"SHA512Monte" => "fips_shatest",
+"SHA512ShortMsg" => "fips_shatest",

 # HMAC

-["hmac", "HMAC", "fips_hmactest"],
+"HMAC" => "fips_hmactest",

 # RAND tests

-["rng", "ANSI931_AES128MCT", "fips_rngvs mct"],
-["rng", "ANSI931_AES192MCT", "fips_rngvs mct"],
-["rng", "ANSI931_AES256MCT", "fips_rngvs mct"],
-["rng", "ANSI931_AES128VST", "fips_rngvs vst"],
-["rng", "ANSI931_AES192VST", "fips_rngvs vst"],
-["rng", "ANSI931_AES256VST", "fips_rngvs vst"],
+"ANSI931_AES128MCT" => "fips_rngvs mct",
+"ANSI931_AES192MCT" => "fips_rngvs mct",
+"ANSI931_AES256MCT" => "fips_rngvs mct",
+"ANSI931_AES128VST" => "fips_rngvs vst",
+"ANSI931_AES192VST" => "fips_rngvs vst",
+"ANSI931_AES256VST" => "fips_rngvs vst",

 # RSA tests

-["rsa", "SigGen15", "fips_rsastest"],
-["rsa", "SigVer15", "fips_rsavtest"],
-["rsa", "SigGenPSS", "fips_rsastest -saltlen 0"],
-["rsa", "SigVerPSS", "fips_rsavtest -saltlen 0"],
-["rsa", "SigGenRSA", "fips_rsastest -x931"],
-["rsa", "SigVerRSA", "fips_rsavtest -x931"],
-["rsa", "KeyGenRSA", "fips_rsagtest"],
-["rsa_salt_62", "SigGenPSS", "fips_rsastest -saltlen 62"],
-["rsa_salt_62", "SigVerPSS", "fips_rsavtest -saltlen 62"]
+"SigGen15" => "fips_rsastest",
+"SigVer15" => "fips_rsavtest",
+"SigGenPSS" => "fips_rsastest -saltlen SALT",
+"SigVerPSS" => "fips_rsavtest -saltlen SALT",
+"SigGenRSA" => "fips_rsastest -x931",
+"SigVerRSA" => "fips_rsavtest -x931",
+"KeyGenRSA" => "fips_rsagtest",
+
+# AES tests
+
+"CBCGFSbox128" => "fips_aesavs -f",
+"CBCGFSbox192" => "fips_aesavs -f",
+"CBCGFSbox256" => "fips_aesavs -f",
+"CBCKeySbox128" => "fips_aesavs -f",
+"CBCKeySbox192" => "fips_aesavs -f",
+"CBCKeySbox256" => "fips_aesavs -f",
+"CBCMCT128" => "fips_aesavs -f",
+"CBCMCT192" => "fips_aesavs -f",
+"CBCMCT256" => "fips_aesavs -f",
+"CBCMMT128" => "fips_aesavs -f",
+"CBCMMT192" => "fips_aesavs -f",
+"CBCMMT256" => "fips_aesavs -f",
+"CBCVarKey128" => "fips_aesavs -f",
+"CBCVarKey192" => "fips_aesavs -f",
+"CBCVarKey256" => "fips_aesavs -f",
+"CBCVarTxt128" => "fips_aesavs -f",
+"CBCVarTxt192" => "fips_aesavs -f",
+"CBCVarTxt256" => "fips_aesavs -f",
+"CFB128GFSbox128" => "fips_aesavs -f",
+"CFB128GFSbox192" => "fips_aesavs -f",
+"CFB128GFSbox256" => "fips_aesavs -f",
+"CFB128KeySbox128" => "fips_aesavs -f",
+"CFB128KeySbox192" => "fips_aesavs -f",
+"CFB128KeySbox256" => "fips_aesavs -f",
+"CFB128MCT128" => "fips_aesavs -f",
+"CFB128MCT192" => "fips_aesavs -f",
+"CFB128MCT256" => "fips_aesavs -f",
+"CFB128MMT128" => "fips_aesavs -f",
+"CFB128MMT192" => "fips_aesavs -f",
+"CFB128MMT256" => "fips_aesavs -f",
+"CFB128VarKey128" => "fips_aesavs -f",
+"CFB128VarKey192" => "fips_aesavs -f",
+"CFB128VarKey256" => "fips_aesavs -f",
+"CFB128VarTxt128" => "fips_aesavs -f",
+"CFB128VarTxt192" => "fips_aesavs -f",
+"CFB128VarTxt256" => "fips_aesavs -f",
+"CFB8GFSbox128" => "fips_aesavs -f",
+"CFB8GFSbox192" => "fips_aesavs -f",
+"CFB8GFSbox256" => "fips_aesavs -f",
+"CFB8KeySbox128" => "fips_aesavs -f",
+"CFB8KeySbox192" => "fips_aesavs -f",
+"CFB8KeySbox256" => "fips_aesavs -f",
+"CFB8MCT128" => "fips_aesavs -f",
+"CFB8MCT192" => "fips_aesavs -f",
+"CFB8MCT256" => "fips_aesavs -f",
+"CFB8MMT128" => "fips_aesavs -f",
+"CFB8MMT192" => "fips_aesavs -f",
+"CFB8MMT256" => "fips_aesavs -f",
+"CFB8VarKey128" => "fips_aesavs -f",
+"CFB8VarKey192" => "fips_aesavs -f",
+"CFB8VarKey256" => "fips_aesavs -f",
+"CFB8VarTxt128" => "fips_aesavs -f",
+"CFB8VarTxt192" => "fips_aesavs -f",
+"CFB8VarTxt256" => "fips_aesavs -f",
+"ECBGFSbox128" => "fips_aesavs -f",
+"ECBGFSbox192" => "fips_aesavs -f",
+"ECBGFSbox256" => "fips_aesavs -f",
+"ECBKeySbox128" => "fips_aesavs -f",
+"ECBKeySbox192" => "fips_aesavs -f",
+"ECBKeySbox256" => "fips_aesavs -f",
+"ECBMCT128" => "fips_aesavs -f",
+"ECBMCT192" => "fips_aesavs -f",
+"ECBMCT256" => "fips_aesavs -f",
+"ECBMMT128" => "fips_aesavs -f",
+"ECBMMT192" => "fips_aesavs -f",
+"ECBMMT256" => "fips_aesavs -f",
+"ECBVarKey128" => "fips_aesavs -f",
+"ECBVarKey192" => "fips_aesavs -f",
+"ECBVarKey256" => "fips_aesavs -f",
+"ECBVarTxt128" => "fips_aesavs -f",
+"ECBVarTxt192" => "fips_aesavs -f",
+"ECBVarTxt256" => "fips_aesavs -f",
+"OFBGFSbox128" => "fips_aesavs -f",
+"OFBGFSbox192" => "fips_aesavs -f",
+"OFBGFSbox256" => "fips_aesavs -f",
+"OFBKeySbox128" => "fips_aesavs -f",
+"OFBKeySbox192" => "fips_aesavs -f",
+"OFBKeySbox256" => "fips_aesavs -f",
+"OFBMCT128" => "fips_aesavs -f",
+"OFBMCT192" => "fips_aesavs -f",
+"OFBMCT256" => "fips_aesavs -f",
+"OFBMMT128" => "fips_aesavs -f",
+"OFBMMT192" => "fips_aesavs -f",
+"OFBMMT256" => "fips_aesavs -f",
+"OFBVarKey128" => "fips_aesavs -f",
+"OFBVarKey192" => "fips_aesavs -f",
+"OFBVarKey256" => "fips_aesavs -f",
+"OFBVarTxt128" => "fips_aesavs -f",
+"OFBVarTxt192" => "fips_aesavs -f",
+"OFBVarTxt256" => "fips_aesavs -f",
+
+# Triple DES tests
+
+"TCBCinvperm" => "fips_desmovs -f",
+"TCBCMMT1" => "fips_desmovs -f",
+"TCBCMMT2" => "fips_desmovs -f",
+"TCBCMMT3" => "fips_desmovs -f",
+"TCBCMonte1" => "fips_desmovs -f",
+"TCBCMonte2" => "fips_desmovs -f",
+"TCBCMonte3" => "fips_desmovs -f",
+"TCBCpermop" => "fips_desmovs -f",
+"TCBCsubtab" => "fips_desmovs -f",
+"TCBCvarkey" => "fips_desmovs -f",
+"TCBCvartext" => "fips_desmovs -f",
+"TCFB64invperm" => "fips_desmovs -f",
+"TCFB64MMT1" => "fips_desmovs -f",
+"TCFB64MMT2" => "fips_desmovs -f",
+"TCFB64MMT3" => "fips_desmovs -f",
+"TCFB64Monte1" => "fips_desmovs -f",
+"TCFB64Monte2" => "fips_desmovs -f",
+"TCFB64Monte3" => "fips_desmovs -f",
+"TCFB64permop" => "fips_desmovs -f",
+"TCFB64subtab" => "fips_desmovs -f",
+"TCFB64varkey" => "fips_desmovs -f",
+"TCFB64vartext" => "fips_desmovs -f",
+"TCFB8invperm" => "fips_desmovs -f",
+"TCFB8MMT1" => "fips_desmovs -f",
+"TCFB8MMT2" => "fips_desmovs -f",
+"TCFB8MMT3" => "fips_desmovs -f",
+"TCFB8Monte1" => "fips_desmovs -f",
+"TCFB8Monte2" => "fips_desmovs -f",
+"TCFB8Monte3" => "fips_desmovs -f",
+"TCFB8permop" => "fips_desmovs -f",
+"TCFB8subtab" => "fips_desmovs -f",
+"TCFB8varkey" => "fips_desmovs -f",
+"TCFB8vartext" => "fips_desmovs -f",
+"TECBinvperm" => "fips_desmovs -f",
+"TECBMMT1" => "fips_desmovs -f",
+"TECBMMT2" => "fips_desmovs -f",
+"TECBMMT3" => "fips_desmovs -f",
+"TECBMonte1" => "fips_desmovs -f",
+"TECBMonte2" => "fips_desmovs -f",
+"TECBMonte3" => "fips_desmovs -f",
+"TECBpermop" => "fips_desmovs -f",
+"TECBsubtab" => "fips_desmovs -f",
+"TECBvarkey" => "fips_desmovs -f",
+"TECBvartext" => "fips_desmovs -f",
+"TOFBinvperm" => "fips_desmovs -f",
+"TOFBMMT1" => "fips_desmovs -f",
+"TOFBMMT2" => "fips_desmovs -f",
+"TOFBMMT3" => "fips_desmovs -f",
+"TOFBMonte1" => "fips_desmovs -f",
+"TOFBMonte2" => "fips_desmovs -f",
+"TOFBMonte3" => "fips_desmovs -f",
+"TOFBpermop" => "fips_desmovs -f",
+"TOFBsubtab" => "fips_desmovs -f",
+"TOFBvarkey" => "fips_desmovs -f",
+"TOFBvartext" => "fips_desmovs -f",
+"TCBCinvperm" => "fips_desmovs -f",
+"TCBCMMT1" => "fips_desmovs -f",
+"TCBCMMT2" => "fips_desmovs -f",
+"TCBCMMT3" => "fips_desmovs -f",
+"TCBCMonte1" => "fips_desmovs -f",
+"TCBCMonte2" => "fips_desmovs -f",
+"TCBCMonte3" => "fips_desmovs -f",
+"TCBCpermop" => "fips_desmovs -f",
+"TCBCsubtab" => "fips_desmovs -f",
+"TCBCvarkey" => "fips_desmovs -f",
+"TCBCvartext" => "fips_desmovs -f",
+"TCFB64invperm" => "fips_desmovs -f",
+"TCFB64MMT1" => "fips_desmovs -f",
+"TCFB64MMT2" => "fips_desmovs -f",
+"TCFB64MMT3" => "fips_desmovs -f",
+"TCFB64Monte1" => "fips_desmovs -f",
+"TCFB64Monte2" => "fips_desmovs -f",
+"TCFB64Monte3" => "fips_desmovs -f",
+"TCFB64permop" => "fips_desmovs -f",
+"TCFB64subtab" => "fips_desmovs -f",
+"TCFB64varkey" => "fips_desmovs -f",
+"TCFB64vartext" => "fips_desmovs -f",
+"TCFB8invperm" => "fips_desmovs -f",
+"TCFB8MMT1" => "fips_desmovs -f",
+"TCFB8MMT2" => "fips_desmovs -f",
+"TCFB8MMT3" => "fips_desmovs -f",
+"TCFB8Monte1" => "fips_desmovs -f",
+"TCFB8Monte2" => "fips_desmovs -f",
+"TCFB8Monte3" => "fips_desmovs -f",
+"TCFB8permop" => "fips_desmovs -f",
+"TCFB8subtab" => "fips_desmovs -f",
+"TCFB8varkey" => "fips_desmovs -f",
+"TCFB8vartext" => "fips_desmovs -f",
+"TECBinvperm" => "fips_desmovs -f",
+"TECBMMT1" => "fips_desmovs -f",
+"TECBMMT2" => "fips_desmovs -f",
+"TECBMMT3" => "fips_desmovs -f",
+"TECBMonte1" => "fips_desmovs -f",
+"TECBMonte2" => "fips_desmovs -f",
+"TECBMonte3" => "fips_desmovs -f",
+"TECBpermop" => "fips_desmovs -f",
+"TECBsubtab" => "fips_desmovs -f",
+"TECBvarkey" => "fips_desmovs -f",
+"TECBvartext" => "fips_desmovs -f",
+"TOFBinvperm" => "fips_desmovs -f",
+"TOFBMMT1" => "fips_desmovs -f",
+"TOFBMMT2" => "fips_desmovs -f",
+"TOFBMMT3" => "fips_desmovs -f",
+"TOFBMonte1" => "fips_desmovs -f",
+"TOFBMonte2" => "fips_desmovs -f",
+"TOFBMonte3" => "fips_desmovs -f",
+"TOFBpermop" => "fips_desmovs -f",
+"TOFBsubtab" => "fips_desmovs -f",
+"TOFBvarkey" => "fips_desmovs -f",
+"TOFBvartext" => "fips_desmovs -f"

 );

-my $lnum = 0;
 my $win32 = 0;
 my $onedir = 0;
-my $ltdir = "";
+my $filter = "";
 my $tvdir;
-my $tvprefix;
 my $tprefix;
 my $shwrap_prefix;
+my $debug = 0;
+my $quiet = 0;

 foreach (@ARGV)
 	{
@ -81,40 +279,41 @@ foreach (@ARGV)
 		{
 		$onedir = 1;
 		}
+	elsif ($_ eq "--debug")
+		{
+		$debug = 1;
+		}
+	elsif ($_ eq "--quiet")
+		{
+		$quiet = 1;
+		}
 	elsif (/--dir=(.*)$/)
 		{
 		$tvdir = $1;
+		#	$tvdir .= "/" unless $tvdir =~ /\/$/;
 		}
 	elsif (/--tprefix=(.*)$/)
 		{
 		$tprefix = $1;
 		}
-	elsif (/--tvprefix=(.*)$/)
-		{
-		$tvprefix = $1;
-		}
 	elsif (/--shwrap_prefix=(.*)$/)
 		{
 		$shwrap_prefix = $1;
 		}
+	elsif (/--filter=(.*)$/)
+		{
+		$filter = $1;
+		}
 	elsif (/--outfile=(.*)$/)
 		{
 		$outfile = $1;
 		}
 	}

-$tvdir = "testvectors" unless defined $tvdir;
+$tvdir = "." unless defined $tvdir;

 if ($win32)
 	{
-	if ($onedir)
-		{
-		$tvprefix = "" unless defined $tvprefix;
-		}
-	else
-		{
-		$tvprefix = "..\\fips-1.0\\" unless defined $tvprefix;
-		}
 	$tprefix = ".\\" unless defined $tprefix;
 	$outfile = "fipstests.bat" unless defined $outfile;
 	open(OUT, ">$outfile");
@ -130,7 +329,6 @@ END
 	}
 else
 	{
-	$tvprefix = "" unless defined $tvprefix;
 	if ($onedir)
 		{
 		$tprefix = "./" unless defined $tprefix;
@ -154,40 +352,87 @@ else
 END

 	}
-
-foreach(@fips_tests)
+my %fips_found;
+foreach (keys %fips_tests)
 	{
-	my ($tdir, $fprefix, $tcmd) = @$_;
-	$lnum++;
-	if ($tdir ne $ltdir)
-		{
-		$ltdir = $tdir;
-		test_dir($win32, $ltdir);
+	$fips_found{$_} = 0;
 	}
-	test_line($win32, $tdir, $fprefix, $tcmd);
+
+recurse_test($win32, $tprefix, $filter, $tvdir);
+
+while (($key, $value) = each %fips_found)
+	{
+	if ($value == 0)
+		{
+		print STDERR "WARNING: test file $key not found\n" unless $quiet;
+		}
+	elsif ($value > 1)
+		{
+		print STDERR "WARNING: test file $key found $value times\n" unless $quiet;
+		}
+	else 
+		{
+		print STDERR "Found test file $key\n" if $debug;
+		}
+	}
+
+
+sub recurse_test
+	{
+	my ($win32, $tprefix, $filter, $dir) = @_;
+	my $dirh;
+	opendir($dirh, $dir);
+	while ($_ = readdir($dirh))
+		{
+		next if ($_ eq "." || $_ eq "..");
+		$_ = "$dir/$_";
+		if (-f "$_")
+			{
+			next unless /$filter.*\.req$/i;
+			if (/\/([^\/]*)\.req$/ && exists $fips_tests{$1})
+				{
+				$fips_found{$1}++;
+				test_line($win32, $_, $tprefix, $fips_tests{$1});
+				}
+			else
+				{
+				print STDERR "WARNING: unrecognized filename $_\n";
+				}
+			}	
+		elsif (-d "$_")
+			{
+			if (/$filter.*req$/i)
+				{
+				test_dir($win32, $_);
+				}
+			recurse_test($win32, $tprefix, $filter, $_);
+			}
+		}
+	closedir($dirh);
 	}

 sub test_dir
 	{
-	my ($win32, $tdir) = @_;
+	my ($win32, $req) = @_;
+	my $rsp = $req;
+	$rsp =~ s/req$/rsp/;
 	if ($win32)
 		{
-		my $rsp = "$tvprefix$tvdir\\$tdir\\rsp";
+		$rsp =~ tr|/|\\|;
 		print OUT <<END;

-echo $tdir tests
-if exist $rsp rd /s /q $rsp
+echo Running tests in $req
+if exist "$rsp" rd /s /q "$rsp"
 md $rsp
 END
 		}
 	else
 		{
-		my $rsp = "$tvdir/$tdir/rsp";
 		print OUT <<END;

-# $tdir tests
-rm -rf $rsp
-mkdir $rsp
+echo Running tests in "$req"
+rm -rf "$rsp"
+mkdir "$rsp"

 END
 		}
@ -195,38 +440,56 @@ END

 sub test_line
 	{
-	my ($win32, $tdir, $fprefix, $tcmd) = @_;
-	if ($fprefix =~ /\@/)
-		{
-		foreach(<$tvprefix$tvdir/$tdir/req/*.req>)
+	my ($win32, $req, $tprefix, $tcmd) = @_;
+	if ($tcmd =~ /-f$/)
 		{
 		if ($win32)
 			{
-				$_ =~ tr|/|\\|;
-				print OUT "$tprefix$tcmd $_\n";
+			$req =~ tr|/|\\|;
+			print OUT "$tprefix$tcmd \"$req\"\n";
 			}
 		else
 			{
 			print OUT <<END;
-${shwrap_prefix}shlib_wrap.sh $tprefix$tcmd $_ || { echo $tcmd failure ; exit 1 
+${shwrap_prefix}shlib_wrap.sh $tprefix$tcmd "$req" || { echo "$req failure" ; exit 1 
 }
 END
 			}
-			}
 		return;
 		}
+	if ($tcmd =~ /SALT$/)
+		{
+		open (IN, $req) || die "Can't Open File $req";
+		my $saltlen;
+		while (<IN>)
+			{
+			if (/^\s*#\s*salt\s+len:\s+(\d+)\s+$/i)
+				{
+				my $sl = $1;
+				print STDERR "$req salt length $sl\n" if $debug;
+				$tcmd =~ s/SALT$/$sl/;
+				last;
+				}
+			}
+		close IN;
+		if ($tcmd =~ /SALT$/)
+			{
+			die "Can't detect salt length for $req";
+			}
+		}
+		
+	my $rsp = $req;
+	$rsp =~ s/req\/([^\/]*).req$/rsp\/$1.rsp/;
 	if ($win32)
 		{
-		my $req = "$tvprefix$tvdir\\$tdir\\req\\$fprefix.req";
-		my $rsp = "$tvprefix$tvdir\\$tdir\\rsp\\$fprefix.rsp";
-	print OUT "$tprefix$tcmd < $req > $rsp\n";
+		$req =~ tr|/|\\|;
+		$rsp =~ tr|/|\\|;
+	print OUT "$tprefix$tcmd < \"$req\" > \"$rsp\"\n";
 		}
 	else
 		{
-		my $req = "$tvdir/$tdir/req/$fprefix.req";
-		my $rsp = "$tvdir/$tdir/rsp/$fprefix.rsp";
 		print OUT <<END;
-if [ -f $req ] ; then ${shwrap_prefix}shlib_wrap.sh $tprefix$tcmd < $req > $rsp || { echo $tcmd failure ; exit 1; } ; fi
+${shwrap_prefix}shlib_wrap.sh $tprefix$tcmd < "$req" > "$rsp" || { echo "$req failure" ; exit 1; }
 END
 		}
 	}