Commit 1644699159cf0fe410407393a9a7407102e4a60d - libcryptx-perl

+1

-0

Changes less more

2	2	0.070 2020-12-XX
3	3	- fix #66 remove -flto=auto (Makefile.PL)
4	4	- fix #65 typo in docs (lib/Crypt/Cipher.pm)
	5	- bundled libtomcrypt update branch:develop (commit:cfbd7f8d 2020-08-29)
5	6
6	7	0.069 2020-08-25
7	8	- fix #64 ECC: segfault on invalid input

+5

-5

src/ltc/ciphers/aes/aes.c less more

79	79
80	80	#endif
81	81
82		#define __LTC_AES_TAB_C__
	82	#define LTC_AES_TAB_C
83	83	#include "aes_tab.c"
84	84
85	85	static ulong32 setup_mix(ulong32 temp)

274	274	@return CRYPT_OK if successful
275	275	*/
276	276	#ifdef LTC_CLEAN_STACK
277		static int _rijndael_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	277	static int s_rijndael_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
278	278	#else
279	279	int ECB_ENC(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
280	280	#endif

442	442	#ifdef LTC_CLEAN_STACK
443	443	int ECB_ENC(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
444	444	{
445		int err = _rijndael_ecb_encrypt(pt, ct, skey);
	445	int err = s_rijndael_ecb_encrypt(pt, ct, skey);
446	446	burn_stack(sizeof(unsigned long)8 + sizeof(unsigned long) + sizeof(int)*2);
447	447	return err;
448	448	}

458	458	@return CRYPT_OK if successful
459	459	*/
460	460	#ifdef LTC_CLEAN_STACK
461		static int _rijndael_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	461	static int s_rijndael_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
462	462	#else
463	463	int ECB_DEC(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
464	464	#endif

627	627	#ifdef LTC_CLEAN_STACK
628	628	int ECB_DEC(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
629	629	{
630		int err = _rijndael_ecb_decrypt(ct, pt, skey);
	630	int err = s_rijndael_ecb_decrypt(ct, pt, skey);
631	631	burn_stack(sizeof(unsigned long)8 + sizeof(unsigned long) + sizeof(int)*2);
632	632	return err;
633	633	}

+2

-2

src/ltc/ciphers/aes/aes_tab.c less more

14	14	Td4[x] = Si[x].[01, 01, 01, 01];
15	15	*/
16	16
17		#ifdef __LTC_AES_TAB_C__
	17	#ifdef LTC_AES_TAB_C
18	18
19	19	/**
20	20	@file aes_tab.c

1018	1018	};
1019	1019	#endif
1020	1020
1021		#endif /* __LTC_AES_TAB_C__ */
	1021	#endif /* LTC_AES_TAB_C */

+2

-2

src/ltc/ciphers/anubis.c less more

875	875	@return CRYPT_OK if successful
876	876	*/
877	877	#ifdef LTC_CLEAN_STACK
878		static int _anubis_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
	878	static int s_anubis_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
879	879	#else
880	880	int anubis_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
881	881	#endif

1012	1012	int anubis_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
1013	1013	{
1014	1014	int err;
1015		err = _anubis_setup(key, keylen, num_rounds, skey);
	1015	err = s_anubis_setup(key, keylen, num_rounds, skey);
1016	1016	burn_stack(sizeof(int) * 5 + sizeof(ulong32) * (MAX_N + MAX_N + 5));
1017	1017	return err;
1018	1018	}

+4

-4

src/ltc/ciphers/blowfish.c less more

471	471	@return CRYPT_OK if successful
472	472	*/
473	473	#ifdef LTC_CLEAN_STACK
474		static int _blowfish_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	474	static int s_blowfish_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
475	475	#else
476	476	int blowfish_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
477	477	#endif

498	498	#ifdef LTC_CLEAN_STACK
499	499	int blowfish_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
500	500	{
501		int err = _blowfish_ecb_encrypt(pt, ct, skey);
	501	int err = s_blowfish_ecb_encrypt(pt, ct, skey);
502	502	burn_stack(sizeof(ulong32) * 2 + sizeof(int));
503	503	return err;
504	504	}

512	512	@return CRYPT_OK if successful
513	513	*/
514	514	#ifdef LTC_CLEAN_STACK
515		static int _blowfish_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	515	static int s_blowfish_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
516	516	#else
517	517	int blowfish_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
518	518	#endif

559	559	#ifdef LTC_CLEAN_STACK
560	560	int blowfish_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
561	561	{
562		int err = _blowfish_ecb_decrypt(ct, pt, skey);
	562	int err = s_blowfish_ecb_decrypt(ct, pt, skey);
563	563	burn_stack(sizeof(ulong32) * 2 + sizeof(int));
564	564	return err;
565	565	}

+9

-15

src/ltc/ciphers/cast5.c less more

397	397	@return CRYPT_OK if successful
398	398	*/
399	399	#ifdef LTC_CLEAN_STACK
400		static int _cast5_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
	400	static int s_cast5_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
401	401	#else
402	402	int cast5_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
403	403	#endif

484	484	int cast5_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
485	485	{
486	486	int z;
487		z = _cast5_setup(key, keylen, num_rounds, skey);
	487	z = s_cast5_setup(key, keylen, num_rounds, skey);
488	488	burn_stack(sizeof(ulong32)8 + 16 + sizeof(int)2);
489	489	return z;
490	490	}
491	491	#endif
492	492
493		#ifdef _MSC_VER
494		#define INLINE __inline
495		#else
496		#define INLINE
497		#endif
498
499		INLINE static ulong32 FI(ulong32 R, ulong32 Km, ulong32 Kr)
	493	LTC_INLINE static ulong32 FI(ulong32 R, ulong32 Km, ulong32 Kr)
500	494	{
501	495	ulong32 I;
502	496	I = (Km + R);

504	498	return ((S1[LTC_BYTE(I, 3)] ^ S2[LTC_BYTE(I,2)]) - S3[LTC_BYTE(I,1)]) + S4[LTC_BYTE(I,0)];
505	499	}
506	500
507		INLINE static ulong32 FII(ulong32 R, ulong32 Km, ulong32 Kr)
	501	LTC_INLINE static ulong32 FII(ulong32 R, ulong32 Km, ulong32 Kr)
508	502	{
509	503	ulong32 I;
510	504	I = (Km ^ R);

512	506	return ((S1[LTC_BYTE(I, 3)] - S2[LTC_BYTE(I,2)]) + S3[LTC_BYTE(I,1)]) ^ S4[LTC_BYTE(I,0)];
513	507	}
514	508
515		INLINE static ulong32 FIII(ulong32 R, ulong32 Km, ulong32 Kr)
	509	LTC_INLINE static ulong32 FIII(ulong32 R, ulong32 Km, ulong32 Kr)
516	510	{
517	511	ulong32 I;
518	512	I = (Km - R);

527	521	@param skey The key as scheduled
528	522	*/
529	523	#ifdef LTC_CLEAN_STACK
530		static int _cast5_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	524	static int s_cast5_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
531	525	#else
532	526	int cast5_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
533	527	#endif

567	561	#ifdef LTC_CLEAN_STACK
568	562	int cast5_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
569	563	{
570		int err =_cast5_ecb_encrypt(pt,ct,skey);
	564	int err = s_cast5_ecb_encrypt(pt,ct,skey);
571	565	burn_stack(sizeof(ulong32)*3);
572	566	return err;
573	567	}

580	574	@param skey The key as scheduled
581	575	*/
582	576	#ifdef LTC_CLEAN_STACK
583		static int _cast5_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	577	static int s_cast5_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
584	578	#else
585	579	int cast5_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
586	580	#endif

620	614	#ifdef LTC_CLEAN_STACK
621	615	int cast5_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
622	616	{
623		int err = _cast5_ecb_decrypt(ct,pt,skey);
	617	int err = s_cast5_ecb_decrypt(ct,pt,skey);
624	618	burn_stack(sizeof(ulong32)*3);
625	619	return err;
626	620	}

+6

-6

src/ltc/ciphers/des.c less more

1292	1292	static void cookey(const ulong32 raw1, ulong32 keyout);
1293	1293
1294	1294	#ifdef LTC_CLEAN_STACK
1295		static void _deskey(const unsigned char key, short edf, ulong32 keyout)
	1295	static void s_deskey(const unsigned char key, short edf, ulong32 keyout)
1296	1296	#else
1297	1297	static void deskey(const unsigned char key, short edf, ulong32 keyout)
1298	1298	#endif

1346	1346	#ifdef LTC_CLEAN_STACK
1347	1347	static void deskey(const unsigned char key, short edf, ulong32 keyout)
1348	1348	{
1349		_deskey(key, edf, keyout);
	1349	s_deskey(key, edf, keyout);
1350	1350	burn_stack(sizeof(int)5 + sizeof(ulong32)32 + sizeof(unsigned char)*112);
1351	1351	}
1352	1352	#endif
1353	1353
1354	1354	#ifdef LTC_CLEAN_STACK
1355		static void _cookey(const ulong32 raw1, ulong32 keyout)
	1355	static void s_cookey(const ulong32 raw1, ulong32 keyout)
1356	1356	#else
1357	1357	static void cookey(const ulong32 raw1, ulong32 keyout)
1358	1358	#endif

1382	1382	#ifdef LTC_CLEAN_STACK
1383	1383	static void cookey(const ulong32 raw1, ulong32 keyout)
1384	1384	{
1385		_cookey(raw1, keyout);
	1385	s_cookey(raw1, keyout);
1386	1386	burn_stack(sizeof(ulong32 ) 2 + sizeof(ulong32)*32 + sizeof(int));
1387	1387	}
1388	1388	#endif

1390	1390	#ifndef LTC_CLEAN_STACK
1391	1391	static void desfunc(ulong32 block, const ulong32 keys)
1392	1392	#else
1393		static void _desfunc(ulong32 block, const ulong32 keys)
	1393	static void s_desfunc(ulong32 block, const ulong32 keys)
1394	1394	#endif
1395	1395	{
1396	1396	ulong32 work, right, leftt;

1504	1504	#ifdef LTC_CLEAN_STACK
1505	1505	static void desfunc(ulong32 block, const ulong32 keys)
1506	1506	{
1507		_desfunc(block, keys);
	1507	s_desfunc(block, keys);
1508	1508	burn_stack(sizeof(ulong32) * 4 + sizeof(int));
1509	1509	}
1510	1510	#endif

+58

-58

src/ltc/ciphers/idea.c less more

34	34
35	35	typedef unsigned short int ushort16;
36	36
37		#define _LOW16(x) ((x)&0xffff) /* compiler should be able to optimize this away if x is 16 bits */
38		#define _HIGH16(x) ((x)>>16)
39		#define _MUL(a,b) { \
40		ulong32 p = (ulong32)_LOW16(a) * b; \
	37	#define LOW16(x) ((x)&0xffff) /* compiler should be able to optimize this away if x is 16 bits */
	38	#define HIGH16(x) ((x)>>16)
	39	#define MUL(a,b) { \
	40	ulong32 p = (ulong32)LOW16(a) * b; \
41	41	if (p) { \
42		p = _LOW16(p) - _HIGH16(p); \
43		a = (ushort16)p - (ushort16)_HIGH16(p); \
	42	p = LOW16(p) - HIGH16(p); \
	43	a = (ushort16)p - (ushort16)HIGH16(p); \
44	44	} \
45	45	else \
46	46	a = 1 - a - b; \
47	47	}
48		#define _STORE16(x,y) { (y)[0] = (unsigned char)(((x)>>8)&255); (y)[1] = (unsigned char)((x)&255); }
49		#define _LOAD16(x,y) { x = ((ushort16)((y)[0] & 255)<<8) \| ((ushort16)((y)[1] & 255)); }
50
51		static ushort16 _mul_inv(ushort16 x)
	48	#define STORE16(x,y) { (y)[0] = (unsigned char)(((x)>>8)&255); (y)[1] = (unsigned char)((x)&255); }
	49	#define LOAD16(x,y) { x = ((ushort16)((y)[0] & 255)<<8) \| ((ushort16)((y)[1] & 255)); }
	50
	51	static ushort16 s_mul_inv(ushort16 x)
52	52	{
53	53	ushort16 y = x;
54	54	unsigned i;
55	55
56	56	for (i = 0; i < 15; i++) {
57		_MUL(y, _LOW16(y));
58		_MUL(y, x);
59		}
60		return _LOW16(y);
61		}
62
63		static ushort16 _add_inv(ushort16 x)
64		{
65		return _LOW16(0 - x);
66		}
67
68		static int _setup_key(const unsigned char key, symmetric_key skey)
	57	MUL(y, LOW16(y));
	58	MUL(y, x);
	59	}
	60	return LOW16(y);
	61	}
	62
	63	static ushort16 s_add_inv(ushort16 x)
	64	{
	65	return LOW16(0 - x);
	66	}
	67
	68	static int s_setup_key(const unsigned char key, symmetric_key skey)
69	69	{
70	70	int i, j;
71	71	ushort16 *e_key = skey->idea.ek;

73	73
74	74	/* prepare enc key */
75	75	for (i = 0; i < 8; i++) {
76		_LOAD16(e_key[i], key + 2 * i);
	76	LOAD16(e_key[i], key + 2 * i);
77	77	}
78	78	for (; i < LTC_IDEA_KEYLEN; i++) {
79	79	j = (i - i % 8) - 8;
80		e_key[i] = _LOW16((e_key[j+(i+1)%8] << 9) \| (e_key[j+(i+2)%8] >> 7));
	80	e_key[i] = LOW16((e_key[j+(i+1)%8] << 9) \| (e_key[j+(i+2)%8] >> 7));
81	81	}
82	82
83	83	/* prepare dec key */
84	84	for (i = 0; i < LTC_IDEA_ROUNDS; i++) {
85		d_key[i6+0] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)6+0]);
86		d_key[i6+1] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)6+1+(i>0 ? 1 : 0)]);
87		d_key[i6+2] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)6+2-(i>0 ? 1 : 0)]);
88		d_key[i6+3] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)6+3]);
89		d_key[i6+4] = e_key[(LTC_IDEA_ROUNDS-1-i)6+4];
90		d_key[i6+5] = e_key[(LTC_IDEA_ROUNDS-1-i)6+5];
91		}
92		d_key[i6+0] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)6+0]);
93		d_key[i6+1] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)6+1]);
94		d_key[i6+2] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)6+2]);
95		d_key[i6+3] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)6+3]);
96
97		return CRYPT_OK;
98		}
99
100		static int _process_block(const unsigned char in, unsigned char out, const ushort16 *m_key)
	85	d_key[i6+0] = s_mul_inv(e_key[(LTC_IDEA_ROUNDS-i)6+0]);
	86	d_key[i6+1] = s_add_inv(e_key[(LTC_IDEA_ROUNDS-i)6+1+(i>0 ? 1 : 0)]);
	87	d_key[i6+2] = s_add_inv(e_key[(LTC_IDEA_ROUNDS-i)6+2-(i>0 ? 1 : 0)]);
	88	d_key[i6+3] = s_mul_inv(e_key[(LTC_IDEA_ROUNDS-i)6+3]);
	89	d_key[i6+4] = e_key[(LTC_IDEA_ROUNDS-1-i)6+4];
	90	d_key[i6+5] = e_key[(LTC_IDEA_ROUNDS-1-i)6+5];
	91	}
	92	d_key[i6+0] = s_mul_inv(e_key[(LTC_IDEA_ROUNDS-i)6+0]);
	93	d_key[i6+1] = s_add_inv(e_key[(LTC_IDEA_ROUNDS-i)6+1]);
	94	d_key[i6+2] = s_add_inv(e_key[(LTC_IDEA_ROUNDS-i)6+2]);
	95	d_key[i6+3] = s_mul_inv(e_key[(LTC_IDEA_ROUNDS-i)6+3]);
	96
	97	return CRYPT_OK;
	98	}
	99
	100	static int s_process_block(const unsigned char in, unsigned char out, const ushort16 *m_key)
101	101	{
102	102	int i;
103	103	ushort16 x0, x1, x2, x3, t0, t1;
104	104
105		_LOAD16(x0, in + 0);
106		_LOAD16(x1, in + 2);
107		_LOAD16(x2, in + 4);
108		_LOAD16(x3, in + 6);
	105	LOAD16(x0, in + 0);
	106	LOAD16(x1, in + 2);
	107	LOAD16(x2, in + 4);
	108	LOAD16(x3, in + 6);
109	109
110	110	for (i = 0; i < LTC_IDEA_ROUNDS; i++) {
111		_MUL(x0, m_key[i*6+0]);
	111	MUL(x0, m_key[i*6+0]);
112	112	x1 += m_key[i*6+1];
113	113	x2 += m_key[i*6+2];
114		_MUL(x3, m_key[i*6+3]);
	114	MUL(x3, m_key[i*6+3]);
115	115	t0 = x0^x2;
116		_MUL(t0, m_key[i*6+4]);
	116	MUL(t0, m_key[i*6+4]);
117	117	t1 = t0 + (x1^x3);
118		_MUL(t1, m_key[i*6+5]);
	118	MUL(t1, m_key[i*6+5]);
119	119	t0 += t1;
120	120	x0 ^= t1;
121	121	x3 ^= t0;

124	124	x2 = t0;
125	125	}
126	126
127		_MUL(x0, m_key[LTC_IDEA_ROUNDS*6+0]);
	127	MUL(x0, m_key[LTC_IDEA_ROUNDS*6+0]);
128	128	x2 += m_key[LTC_IDEA_ROUNDS*6+1];
129	129	x1 += m_key[LTC_IDEA_ROUNDS*6+2];
130		_MUL(x3, m_key[LTC_IDEA_ROUNDS*6+3]);
131
132		_STORE16(x0, out + 0);
133		_STORE16(x2, out + 2);
134		_STORE16(x1, out + 4);
135		_STORE16(x3, out + 6);
	130	MUL(x3, m_key[LTC_IDEA_ROUNDS*6+3]);
	131
	132	STORE16(x0, out + 0);
	133	STORE16(x2, out + 2);
	134	STORE16(x1, out + 4);
	135	STORE16(x3, out + 6);
136	136
137	137	return CRYPT_OK;
138	138	}

145	145	if (num_rounds != 0 && num_rounds != 8) return CRYPT_INVALID_ROUNDS;
146	146	if (keylen != 16) return CRYPT_INVALID_KEYSIZE;
147	147
148		return _setup_key(key, skey);
	148	return s_setup_key(key, skey);
149	149	}
150	150
151	151	int idea_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
152	152	{
153		int err = _process_block(pt, ct, skey->idea.ek);
	153	int err = s_process_block(pt, ct, skey->idea.ek);
154	154	#ifdef LTC_CLEAN_STACK
155	155	burn_stack(sizeof(ushort16) * 6 + sizeof(int));
156	156	#endif

159	159
160	160	int idea_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
161	161	{
162		int err = _process_block(ct, pt, skey->idea.dk);
	162	int err = s_process_block(ct, pt, skey->idea.dk);
163	163	#ifdef LTC_CLEAN_STACK
164	164	burn_stack(sizeof(ushort16) * 6 + sizeof(int));
165	165	#endif

+27

-27

src/ltc/ciphers/multi2.c less more

8	8
9	9	#ifdef LTC_MULTI2
10	10
11		static void pi1(ulong32 *p)
	11	static void s_pi1(ulong32 *p)
12	12	{
13	13	p[1] ^= p[0];
14	14	}
15	15
16		static void pi2(ulong32 p, const ulong32 k)
	16	static void s_pi2(ulong32 p, const ulong32 k)
17	17	{
18	18	ulong32 t;
19	19	t = (p[1] + k[0]) & 0xFFFFFFFFUL;

22	22	p[0] ^= t;
23	23	}
24	24
25		static void pi3(ulong32 p, const ulong32 k)
	25	static void s_pi3(ulong32 p, const ulong32 k)
26	26	{
27	27	ulong32 t;
28	28	t = p[0] + k[1];

34	34	p[1] ^= t;
35	35	}
36	36
37		static void pi4(ulong32 p, const ulong32 k)
	37	static void s_pi4(ulong32 p, const ulong32 k)
38	38	{
39	39	ulong32 t;
40	40	t = (p[1] + k[3]) & 0xFFFFFFFFUL;

42	42	p[0] ^= t;
43	43	}
44	44
45		static void setup(const ulong32 dk, const ulong32 k, ulong32 *uk)
	45	static void s_setup(const ulong32 dk, const ulong32 k, ulong32 *uk)
46	46	{
47	47	int n, t;
48	48	ulong32 p[2];

51	51
52	52	t = 4;
53	53	n = 0;
54		pi1(p);
55		pi2(p, k);
	54	s_pi1(p);
	55	s_pi2(p, k);
56	56	uk[n++] = p[0];
57		pi3(p, k);
	57	s_pi3(p, k);
58	58	uk[n++] = p[1];
59		pi4(p, k);
	59	s_pi4(p, k);
60	60	uk[n++] = p[0];
61		pi1(p);
	61	s_pi1(p);
62	62	uk[n++] = p[1];
63		pi2(p, k+t);
	63	s_pi2(p, k+t);
64	64	uk[n++] = p[0];
65		pi3(p, k+t);
	65	s_pi3(p, k+t);
66	66	uk[n++] = p[1];
67		pi4(p, k+t);
	67	s_pi4(p, k+t);
68	68	uk[n++] = p[0];
69		pi1(p);
	69	s_pi1(p);
70	70	uk[n++] = p[1];
71	71	}
72	72
73		static void encrypt(ulong32 p, int N, const ulong32 uk)
	73	static void s_encrypt(ulong32 p, int N, const ulong32 uk)
74	74	{
75	75	int n, t;
76	76	for (t = n = 0; ; ) {
77		pi1(p); if (++n == N) break;
78		pi2(p, uk+t); if (++n == N) break;
79		pi3(p, uk+t); if (++n == N) break;
80		pi4(p, uk+t); if (++n == N) break;
	77	s_pi1(p); if (++n == N) break;
	78	s_pi2(p, uk+t); if (++n == N) break;
	79	s_pi3(p, uk+t); if (++n == N) break;
	80	s_pi4(p, uk+t); if (++n == N) break;
81	81	t ^= 4;
82	82	}
83	83	}
84	84
85		static void decrypt(ulong32 p, int N, const ulong32 uk)
	85	static void s_decrypt(ulong32 p, int N, const ulong32 uk)
86	86	{
87	87	int n, t;
88	88	for (t = 4*(((N-1)>>2)&1), n = N; ; ) {
89	89	switch (n<=4 ? n : ((n-1)%4)+1) {
90		case 4: pi4(p, uk+t); --n; /* FALLTHROUGH */
91		case 3: pi3(p, uk+t); --n; /* FALLTHROUGH */
92		case 2: pi2(p, uk+t); --n; /* FALLTHROUGH */
93		case 1: pi1(p); --n; break;
	90	case 4: s_pi4(p, uk+t); --n; /* FALLTHROUGH */
	91	case 3: s_pi3(p, uk+t); --n; /* FALLTHROUGH */
	92	case 2: s_pi2(p, uk+t); --n; /* FALLTHROUGH */
	93	case 1: s_pi1(p); --n; break;
94	94	case 0: return;
95	95	}
96	96	t ^= 4;

127	127	}
128	128	LOAD32H(dk[0], key + 32);
129	129	LOAD32H(dk[1], key + 36);
130		setup(dk, sk, skey->multi2.uk);
	130	s_setup(dk, sk, skey->multi2.uk);
131	131
132	132	zeromem(sk, sizeof(sk));
133	133	zeromem(dk, sizeof(dk));

149	149	LTC_ARGCHK(skey != NULL);
150	150	LOAD32H(p[0], pt);
151	151	LOAD32H(p[1], pt+4);
152		encrypt(p, skey->multi2.N, skey->multi2.uk);
	152	s_encrypt(p, skey->multi2.N, skey->multi2.uk);
153	153	STORE32H(p[0], ct);
154	154	STORE32H(p[1], ct+4);
155	155	return CRYPT_OK;

170	170	LTC_ARGCHK(skey != NULL);
171	171	LOAD32H(p[0], ct);
172	172	LOAD32H(p[1], ct+4);
173		decrypt(p, skey->multi2.N, skey->multi2.uk);
	173	s_decrypt(p, skey->multi2.N, skey->multi2.uk);
174	174	STORE32H(p[0], pt);
175	175	STORE32H(p[1], pt+4);
176	176	return CRYPT_OK;

+4

-4

src/ltc/ciphers/noekeon.c less more

101	101	@return CRYPT_OK if successful
102	102	*/
103	103	#ifdef LTC_CLEAN_STACK
104		static int _noekeon_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	104	static int s_noekeon_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
105	105	#else
106	106	int noekeon_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
107	107	#endif

141	141	#ifdef LTC_CLEAN_STACK
142	142	int noekeon_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
143	143	{
144		int err = _noekeon_ecb_encrypt(pt, ct, skey);
	144	int err = s_noekeon_ecb_encrypt(pt, ct, skey);
145	145	burn_stack(sizeof(ulong32) * 5 + sizeof(int));
146	146	return err;
147	147	}

155	155	@return CRYPT_OK if successful
156	156	*/
157	157	#ifdef LTC_CLEAN_STACK
158		static int _noekeon_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	158	static int s_noekeon_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
159	159	#else
160	160	int noekeon_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
161	161	#endif

194	194	#ifdef LTC_CLEAN_STACK
195	195	int noekeon_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
196	196	{
197		int err = _noekeon_ecb_decrypt(ct, pt, skey);
	197	int err = s_noekeon_ecb_decrypt(ct, pt, skey);
198	198	burn_stack(sizeof(ulong32) * 5 + sizeof(int));
199	199	return err;
200	200	}

+4

-4

src/ltc/ciphers/rc2.c less more

138	138	@return CRYPT_OK if successful
139	139	*/
140	140	#ifdef LTC_CLEAN_STACK
141		static int _rc2_ecb_encrypt( const unsigned char *pt,
	141	static int s_rc2_ecb_encrypt( const unsigned char *pt,
142	142	unsigned char *ct,
143	143	const symmetric_key *skey)
144	144	#else

199	199	unsigned char *ct,
200	200	const symmetric_key *skey)
201	201	{
202		int err = _rc2_ecb_encrypt(pt, ct, skey);
	202	int err = s_rc2_ecb_encrypt(pt, ct, skey);
203	203	burn_stack(sizeof(unsigned ) + sizeof(unsigned) 5);
204	204	return err;
205	205	}

216	216	@return CRYPT_OK if successful
217	217	*/
218	218	#ifdef LTC_CLEAN_STACK
219		static int _rc2_ecb_decrypt( const unsigned char *ct,
	219	static int s_rc2_ecb_decrypt( const unsigned char *ct,
220	220	unsigned char *pt,
221	221	const symmetric_key *skey)
222	222	#else

278	278	unsigned char *pt,
279	279	const symmetric_key *skey)
280	280	{
281		int err = _rc2_ecb_decrypt(ct, pt, skey);
	281	int err = s_rc2_ecb_decrypt(ct, pt, skey);
282	282	burn_stack(sizeof(unsigned ) + sizeof(unsigned) 4 + sizeof(int));
283	283	return err;
284	284	}

+6

-6

src/ltc/ciphers/rc5.c less more

42	42	@return CRYPT_OK if successful
43	43	*/
44	44	#ifdef LTC_CLEAN_STACK
45		static int _rc5_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
	45	static int s_rc5_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
46	46	#else
47	47	int rc5_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
48	48	#endif

103	103	int rc5_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
104	104	{
105	105	int x;
106		x = _rc5_setup(key, keylen, num_rounds, skey);
	106	x = s_rc5_setup(key, keylen, num_rounds, skey);
107	107	burn_stack(sizeof(ulong32) * 122 + sizeof(int));
108	108	return x;
109	109	}

117	117	@return CRYPT_OK if successful
118	118	*/
119	119	#ifdef LTC_CLEAN_STACK
120		static int _rc5_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	120	static int s_rc5_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
121	121	#else
122	122	int rc5_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
123	123	#endif

163	163	#ifdef LTC_CLEAN_STACK
164	164	int rc5_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
165	165	{
166		int err = _rc5_ecb_encrypt(pt, ct, skey);
	166	int err = s_rc5_ecb_encrypt(pt, ct, skey);
167	167	burn_stack(sizeof(ulong32) * 2 + sizeof(int));
168	168	return err;
169	169	}

177	177	@return CRYPT_OK if successful
178	178	*/
179	179	#ifdef LTC_CLEAN_STACK
180		static int _rc5_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	180	static int s_rc5_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
181	181	#else
182	182	int rc5_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
183	183	#endif

224	224	#ifdef LTC_CLEAN_STACK
225	225	int rc5_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
226	226	{
227		int err = _rc5_ecb_decrypt(ct, pt, skey);
	227	int err = s_rc5_ecb_decrypt(ct, pt, skey);
228	228	burn_stack(sizeof(ulong32) * 2 + sizeof(int));
229	229	return err;
230	230	}

+6

-6

src/ltc/ciphers/rc6.c less more

39	39	@return CRYPT_OK if successful
40	40	*/
41	41	#ifdef LTC_CLEAN_STACK
42		static int _rc6_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
	42	static int s_rc6_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
43	43	#else
44	44	int rc6_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
45	45	#endif

98	98	int rc6_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
99	99	{
100	100	int x;
101		x = _rc6_setup(key, keylen, num_rounds, skey);
	101	x = s_rc6_setup(key, keylen, num_rounds, skey);
102	102	burn_stack(sizeof(ulong32) * 122);
103	103	return x;
104	104	}

111	111	@param skey The key as scheduled
112	112	*/
113	113	#ifdef LTC_CLEAN_STACK
114		static int _rc6_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	114	static int s_rc6_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
115	115	#else
116	116	int rc6_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
117	117	#endif

153	153	#ifdef LTC_CLEAN_STACK
154	154	int rc6_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
155	155	{
156		int err = _rc6_ecb_encrypt(pt, ct, skey);
	156	int err = s_rc6_ecb_encrypt(pt, ct, skey);
157	157	burn_stack(sizeof(ulong32) * 6 + sizeof(int));
158	158	return err;
159	159	}

166	166	@param skey The key as scheduled
167	167	*/
168	168	#ifdef LTC_CLEAN_STACK
169		static int _rc6_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	169	static int s_rc6_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
170	170	#else
171	171	int rc6_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
172	172	#endif

210	210	#ifdef LTC_CLEAN_STACK
211	211	int rc6_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
212	212	{
213		int err = _rc6_ecb_decrypt(ct, pt, skey);
	213	int err = s_rc6_ecb_decrypt(ct, pt, skey);
214	214	burn_stack(sizeof(ulong32) * 6 + sizeof(int));
215	215	return err;
216	216	}

+17

-17

src/ltc/ciphers/safer/safer.c less more

23	23
24	24	#ifdef LTC_SAFER
25	25
26		#define __LTC_SAFER_TAB_C__
	26	#define LTC_SAFER_TAB_C
27	27	#include "safer_tab.c"
28	28
29	29	const struct ltc_cipher_descriptor safer_k64_desc = {

90	90	/***************** Types **************************************************/
91	91
92	92	#ifdef LTC_CLEAN_STACK
93		static void _Safer_Expand_Userkey(const unsigned char *userkey_1,
	93	static void s_safer_expand_userkey(const unsigned char *userkey_1,
94	94	const unsigned char *userkey_2,
95	95	unsigned int nof_rounds,
96	96	int strengthened,
97	97	safer_key_t key)
98	98	#else
99		static void Safer_Expand_Userkey(const unsigned char *userkey_1,
	99	static void safer_expand_userkey(const unsigned char *userkey_1,
100	100	const unsigned char *userkey_2,
101	101	unsigned int nof_rounds,
102	102	int strengthened,

159	159	}
160	160
161	161	#ifdef LTC_CLEAN_STACK
162		static void Safer_Expand_Userkey(const unsigned char *userkey_1,
	162	static void safer_expand_userkey(const unsigned char *userkey_1,
163	163	const unsigned char *userkey_2,
164	164	unsigned int nof_rounds,
165	165	int strengthened,
166	166	safer_key_t key)
167	167	{
168		_Safer_Expand_Userkey(userkey_1, userkey_2, nof_rounds, strengthened, key);
	168	s_safer_expand_userkey(userkey_1, userkey_2, nof_rounds, strengthened, key);
169	169	burn_stack(sizeof(unsigned char) * (2 * (LTC_SAFER_BLOCK_LEN + 1)) + sizeof(unsigned int)*2);
170	170	}
171	171	#endif

183	183	return CRYPT_INVALID_KEYSIZE;
184	184	}
185	185
186		Safer_Expand_Userkey(key, key, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_K64_DEFAULT_NOF_ROUNDS), 0, skey->safer.key);
	186	safer_expand_userkey(key, key, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_K64_DEFAULT_NOF_ROUNDS), 0, skey->safer.key);
187	187	return CRYPT_OK;
188	188	}
189	189

200	200	return CRYPT_INVALID_KEYSIZE;
201	201	}
202	202
203		Safer_Expand_Userkey(key, key, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_SK64_DEFAULT_NOF_ROUNDS), 1, skey->safer.key);
	203	safer_expand_userkey(key, key, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_SK64_DEFAULT_NOF_ROUNDS), 1, skey->safer.key);
204	204	return CRYPT_OK;
205	205	}
206	206

217	217	return CRYPT_INVALID_KEYSIZE;
218	218	}
219	219
220		Safer_Expand_Userkey(key, key+8, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_K128_DEFAULT_NOF_ROUNDS), 0, skey->safer.key);
	220	safer_expand_userkey(key, key+8, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_K128_DEFAULT_NOF_ROUNDS), 0, skey->safer.key);
221	221	return CRYPT_OK;
222	222	}
223	223

234	234	return CRYPT_INVALID_KEYSIZE;
235	235	}
236	236
237		Safer_Expand_Userkey(key, key+8, (unsigned int)(num_rounds != 0?num_rounds:LTC_SAFER_SK128_DEFAULT_NOF_ROUNDS), 1, skey->safer.key);
238		return CRYPT_OK;
239		}
240
241		#ifdef LTC_CLEAN_STACK
242		static int _safer_ecb_encrypt(const unsigned char *pt,
	237	safer_expand_userkey(key, key+8, (unsigned int)(num_rounds != 0?num_rounds:LTC_SAFER_SK128_DEFAULT_NOF_ROUNDS), 1, skey->safer.key);
	238	return CRYPT_OK;
	239	}
	240
	241	#ifdef LTC_CLEAN_STACK
	242	static int s_safer_ecb_encrypt(const unsigned char *pt,
243	243	unsigned char *ct,
244	244	const symmetric_key *skey)
245	245	#else

286	286	unsigned char *ct,
287	287	const symmetric_key *skey)
288	288	{
289		int err = _safer_ecb_encrypt(pt, ct, skey);
	289	int err = s_safer_ecb_encrypt(pt, ct, skey);
290	290	burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *));
291	291	return err;
292	292	}
293	293	#endif
294	294
295	295	#ifdef LTC_CLEAN_STACK
296		static int _safer_ecb_decrypt(const unsigned char *ct,
	296	static int s_safer_ecb_decrypt(const unsigned char *ct,
297	297	unsigned char *pt,
298	298	const symmetric_key *skey)
299	299	#else

341	341	unsigned char *pt,
342	342	const symmetric_key *skey)
343	343	{
344		int err = _safer_ecb_decrypt(ct, pt, skey);
	344	int err = s_safer_ecb_decrypt(ct, pt, skey);
345	345	burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *));
346	346	return err;
347	347	}

+2

-2

src/ltc/ciphers/safer/safer_tab.c less more

5	5	Tables for LTC_SAFER block ciphers
6	6	*/
7	7
8		#ifdef __LTC_SAFER_TAB_C__
	8	#ifdef LTC_SAFER_TAB_C
9	9
10	10	/* This is the box defined by ebox[x] = 45^x mod 257.
11	11	* Its assumed that the value "256" corresponds to zero. */

48	48	184, 64, 120, 45, 58, 233, 100, 31, 146, 144, 125, 57, 111, 224, 137, 48
49	49	};
50	50
51		#endif /* __LTC_SAFER_TAB_C__ */
	51	#endif /* LTC_SAFER_TAB_C */
52	52
53	53

+9

-9

src/ltc/ciphers/safer/saferp.c less more

8	8
9	9	#ifdef LTC_SAFERP
10	10
11		#define __LTC_SAFER_TAB_C__
	11	#define LTC_SAFER_TAB_C
12	12	#include "safer_tab.c"
13	13
14	14	const struct ltc_cipher_descriptor saferp_desc =

136	136
137	137	#ifdef LTC_SMALL_CODE
138	138
139		static void _round(unsigned char b, int i, const symmetric_key skey)
	139	static void s_round(unsigned char b, int i, const symmetric_key skey)
140	140	{
141	141	ROUND(b, i);
142	142	}
143	143
144		static void _iround(unsigned char b, int i, const symmetric_key skey)
	144	static void s_iround(unsigned char b, int i, const symmetric_key skey)
145	145	{
146	146	iROUND(b, i);
147	147	}
148	148
149		static void _lt(unsigned char b, unsigned char b2)
	149	static void s_lt(unsigned char b, unsigned char b2)
150	150	{
151	151	LT(b, b2);
152	152	}
153	153
154		static void _ilt(unsigned char b, unsigned char b2)
	154	static void s_ilt(unsigned char b, unsigned char b2)
155	155	{
156	156	iLT(b, b2);
157	157	}
158	158
159	159	#undef ROUND
160		#define ROUND(b, i) _round(b, i, skey)
	160	#define ROUND(b, i) s_round(b, i, skey)
161	161
162	162	#undef iROUND
163		#define iROUND(b, i) _iround(b, i, skey)
	163	#define iROUND(b, i) s_iround(b, i, skey)
164	164
165	165	#undef LT
166		#define LT(b, b2) _lt(b, b2)
	166	#define LT(b, b2) s_lt(b, b2)
167	167
168	168	#undef iLT
169		#define iLT(b, b2) _ilt(b, b2)
	169	#define iLT(b, b2) s_ilt(b, b2)
170	170
171	171	#endif
172	172

+74

-74

src/ltc/ciphers/serpent.c less more

26	26	};
27	27
28	28	/* linear transformation */
29		#define _LT(i,a,b,c,d,e) { \
	29	#define s_lt(i,a,b,c,d,e) { \
30	30	a = ROLc(a, 13); \
31	31	c = ROLc(c, 3); \
32	32	d = ROLc(d ^ c ^ (a << 3), 7); \

36	36	}
37	37
38	38	/* inverse linear transformation */
39		#define _ILT(i,a,b,c,d,e) { \
	39	#define s_ilt(i,a,b,c,d,e) { \
40	40	c = RORc(c, 22); \
41	41	a = RORc(a, 5); \
42	42	c ^= d ^ (b << 7); \

49	49	}
50	50
51	51	/* order of output from S-box functions */
52		#define _beforeS0(f) f(0,a,b,c,d,e)
53		#define _afterS0(f) f(1,b,e,c,a,d)
54		#define _afterS1(f) f(2,c,b,a,e,d)
55		#define _afterS2(f) f(3,a,e,b,d,c)
56		#define _afterS3(f) f(4,e,b,d,c,a)
57		#define _afterS4(f) f(5,b,a,e,c,d)
58		#define _afterS5(f) f(6,a,c,b,e,d)
59		#define _afterS6(f) f(7,a,c,d,b,e)
60		#define _afterS7(f) f(8,d,e,b,a,c)
	52	#define s_beforeS0(f) f(0,a,b,c,d,e)
	53	#define s_afterS0(f) f(1,b,e,c,a,d)
	54	#define s_afterS1(f) f(2,c,b,a,e,d)
	55	#define s_afterS2(f) f(3,a,e,b,d,c)
	56	#define s_afterS3(f) f(4,e,b,d,c,a)
	57	#define s_afterS4(f) f(5,b,a,e,c,d)
	58	#define s_afterS5(f) f(6,a,c,b,e,d)
	59	#define s_afterS6(f) f(7,a,c,d,b,e)
	60	#define s_afterS7(f) f(8,d,e,b,a,c)
61	61
62	62	/* order of output from inverse S-box functions */
63		#define _beforeI7(f) f(8,a,b,c,d,e)
64		#define _afterI7(f) f(7,d,a,b,e,c)
65		#define _afterI6(f) f(6,a,b,c,e,d)
66		#define _afterI5(f) f(5,b,d,e,c,a)
67		#define _afterI4(f) f(4,b,c,e,a,d)
68		#define _afterI3(f) f(3,a,b,e,c,d)
69		#define _afterI2(f) f(2,b,d,e,c,a)
70		#define _afterI1(f) f(1,a,b,c,e,d)
71		#define _afterI0(f) f(0,a,d,b,e,c)
	63	#define s_beforeI7(f) f(8,a,b,c,d,e)
	64	#define s_afterI7(f) f(7,d,a,b,e,c)
	65	#define s_afterI6(f) f(6,a,b,c,e,d)
	66	#define s_afterI5(f) f(5,b,d,e,c,a)
	67	#define s_afterI4(f) f(4,b,c,e,a,d)
	68	#define s_afterI3(f) f(3,a,b,e,c,d)
	69	#define s_afterI2(f) f(2,b,d,e,c,a)
	70	#define s_afterI1(f) f(1,a,b,c,e,d)
	71	#define s_afterI0(f) f(0,a,d,b,e,c)
72	72
73	73	/* The instruction sequences for the S-box functions
74	74	* come from Dag Arne Osvik's paper "Speeding up Serpent".
75	75	*/
76	76
77		#define _S0(i, r0, r1, r2, r3, r4) { \
	77	#define s_s0(i, r0, r1, r2, r3, r4) { \
78	78	r3 ^= r0; \
79	79	r4 = r1; \
80	80	r1 &= r3; \

95	95	r4 ^= r3; \
96	96	}
97	97
98		#define _I0(i, r0, r1, r2, r3, r4) { \
	98	#define s_i0(i, r0, r1, r2, r3, r4) { \
99	99	r2 = ~r2; \
100	100	r4 = r1; \
101	101	r1 \|= r0; \

117	117	r4 ^= r2; \
118	118	}
119	119
120		#define _S1(i, r0, r1, r2, r3, r4) { \
	120	#define s_s1(i, r0, r1, r2, r3, r4) { \
121	121	r0 = ~r0; \
122	122	r2 = ~r2; \
123	123	r4 = r0; \

138	138	r0 ^= r4; \
139	139	}
140	140
141		#define _I1(i, r0, r1, r2, r3, r4) { \
	141	#define s_i1(i, r0, r1, r2, r3, r4) { \
142	142	r4 = r1; \
143	143	r1 ^= r3; \
144	144	r3 &= r1; \

160	160	r3 ^= r1; \
161	161	}
162	162
163		#define _S2(i, r0, r1, r2, r3, r4) { \
	163	#define s_s2(i, r0, r1, r2, r3, r4) { \
164	164	r4 = r0; \
165	165	r0 &= r2; \
166	166	r0 ^= r3; \

179	179	r4 = ~r4; \
180	180	}
181	181
182		#define _I2(i, r0, r1, r2, r3, r4) { \
	182	#define s_i2(i, r0, r1, r2, r3, r4) { \
183	183	r2 ^= r3; \
184	184	r3 ^= r0; \
185	185	r4 = r3; \

201	201	r3 ^= r0; \
202	202	}
203	203
204		#define _S3(i, r0, r1, r2, r3, r4) { \
	204	#define s_s3(i, r0, r1, r2, r3, r4) { \
205	205	r4 = r0; \
206	206	r0 \|= r3; \
207	207	r3 ^= r1; \

223	223	r1 ^= r0; \
224	224	}
225	225
226		#define _I3(i, r0, r1, r2, r3, r4) { \
	226	#define s_i3(i, r0, r1, r2, r3, r4) { \
227	227	r4 = r2; \
228	228	r2 ^= r1; \
229	229	r1 &= r2; \

244	244	r2 ^= r4; \
245	245	}
246	246
247		#define _S4(i, r0, r1, r2, r3, r4) { \
	247	#define s_s4(i, r0, r1, r2, r3, r4) { \
248	248	r1 ^= r3; \
249	249	r3 = ~r3; \
250	250	r2 ^= r3; \

267	267	r4 ^= r2; \
268	268	}
269	269
270		#define _I4(i, r0, r1, r2, r3, r4) { \
	270	#define s_i4(i, r0, r1, r2, r3, r4) { \
271	271	r4 = r2; \
272	272	r2 &= r3; \
273	273	r2 ^= r1; \

290	290	r2 ^= r1; \
291	291	}
292	292
293		#define _S5(i, r0, r1, r2, r3, r4) { \
	293	#define s_s5(i, r0, r1, r2, r3, r4) { \
294	294	r0 ^= r1; \
295	295	r1 ^= r3; \
296	296	r3 = ~r3; \

312	312	r2 ^= r4; \
313	313	}
314	314
315		#define _I5(i, r0, r1, r2, r3, r4) { \
	315	#define s_i5(i, r0, r1, r2, r3, r4) { \
316	316	r1 = ~r1; \
317	317	r4 = r3; \
318	318	r2 ^= r1; \

334	334	r4 = ~r4; \
335	335	}
336	336
337		#define _S6(i, r0, r1, r2, r3, r4) { \
	337	#define s_s6(i, r0, r1, r2, r3, r4) { \
338	338	r2 = ~r2; \
339	339	r4 = r3; \
340	340	r3 &= r0; \

355	355	r2 ^= r3; \
356	356	}
357	357
358		#define _I6(i, r0, r1, r2, r3, r4) { \
	358	#define s_i6(i, r0, r1, r2, r3, r4) { \
359	359	r0 ^= r2; \
360	360	r4 = r2; \
361	361	r2 &= r0; \

375	375	r4 ^= r0; \
376	376	}
377	377
378		#define _S7(i, r0, r1, r2, r3, r4) { \
	378	#define s_s7(i, r0, r1, r2, r3, r4) { \
379	379	r4 = r2; \
380	380	r2 &= r1; \
381	381	r2 ^= r3; \

398	398	r4 ^= r1; \
399	399	}
400	400
401		#define _I7(i, r0, r1, r2, r3, r4) { \
	401	#define s_i7(i, r0, r1, r2, r3, r4) { \
402	402	r4 = r2; \
403	403	r2 ^= r0; \
404	404	r0 &= r3; \

421	421	}
422	422
423	423	/* key xor */
424		#define _KX(r, a, b, c, d, e) { \
	424	#define s_kx(r, a, b, c, d, e) { \
425	425	a ^= k[4 * r + 0]; \
426	426	b ^= k[4 * r + 1]; \
427	427	c ^= k[4 * r + 2]; \
428	428	d ^= k[4 * r + 3]; \
429	429	}
430	430
431		#define _LK(r, a, b, c, d, e) { \
	431	#define s_lk(r, a, b, c, d, e) { \
432	432	a = k[(8-r)*4 + 0]; \
433	433	b = k[(8-r)*4 + 1]; \
434	434	c = k[(8-r)*4 + 2]; \
435	435	d = k[(8-r)*4 + 3]; \
436	436	}
437	437
438		#define _SK(r, a, b, c, d, e) { \
	438	#define s_sk(r, a, b, c, d, e) { \
439	439	k[(8-r)*4 + 4] = a; \
440	440	k[(8-r)*4 + 5] = b; \
441	441	k[(8-r)*4 + 6] = c; \
442	442	k[(8-r)*4 + 7] = d; \
443	443	}
444	444
445		static int _setup_key(const unsigned char key, int keylen, int rounds, ulong32 k)
	445	static int s_setup_key(const unsigned char key, int keylen, int rounds, ulong32 k)
446	446	{
447	447	int i;
448	448	ulong32 t;

466	466	k -= 20;
467	467
468	468	for (i = 0; i < rounds/8; i++) {
469		_afterS2(_LK); _afterS2(_S3); _afterS3(_SK);
470		_afterS1(_LK); _afterS1(_S2); _afterS2(_SK);
471		_afterS0(_LK); _afterS0(_S1); _afterS1(_SK);
472		_beforeS0(_LK); _beforeS0(_S0); _afterS0(_SK);
	469	s_afterS2(s_lk); s_afterS2(s_s3); s_afterS3(s_sk);
	470	s_afterS1(s_lk); s_afterS1(s_s2); s_afterS2(s_sk);
	471	s_afterS0(s_lk); s_afterS0(s_s1); s_afterS1(s_sk);
	472	s_beforeS0(s_lk); s_beforeS0(s_s0); s_afterS0(s_sk);
473	473	k += 8*4;
474		_afterS6(_LK); _afterS6(_S7); _afterS7(_SK);
475		_afterS5(_LK); _afterS5(_S6); _afterS6(_SK);
476		_afterS4(_LK); _afterS4(_S5); _afterS5(_SK);
477		_afterS3(_LK); _afterS3(_S4); _afterS4(_SK);
	474	s_afterS6(s_lk); s_afterS6(s_s7); s_afterS7(s_sk);
	475	s_afterS5(s_lk); s_afterS5(s_s6); s_afterS6(s_sk);
	476	s_afterS4(s_lk); s_afterS4(s_s5); s_afterS5(s_sk);
	477	s_afterS3(s_lk); s_afterS3(s_s4); s_afterS4(s_sk);
478	478	}
479		_afterS2(_LK); _afterS2(_S3); _afterS3(_SK);
	479	s_afterS2(s_lk); s_afterS2(s_s3); s_afterS3(s_sk);
480	480
481	481	return CRYPT_OK;
482	482	}
483	483
484		static int _enc_block(const unsigned char in, unsigned char out, const ulong32 *k)
	484	static int s_enc_block(const unsigned char in, unsigned char out, const ulong32 *k)
485	485	{
486	486	ulong32 a, b, c, d, e;
487	487	unsigned int i = 1;

492	492	LOAD32L(d, in + 12);
493	493
494	494	do {
495		_beforeS0(_KX); _beforeS0(_S0); _afterS0(_LT);
496		_afterS0(_KX); _afterS0(_S1); _afterS1(_LT);
497		_afterS1(_KX); _afterS1(_S2); _afterS2(_LT);
498		_afterS2(_KX); _afterS2(_S3); _afterS3(_LT);
499		_afterS3(_KX); _afterS3(_S4); _afterS4(_LT);
500		_afterS4(_KX); _afterS4(_S5); _afterS5(_LT);
501		_afterS5(_KX); _afterS5(_S6); _afterS6(_LT);
502		_afterS6(_KX); _afterS6(_S7);
	495	s_beforeS0(s_kx); s_beforeS0(s_s0); s_afterS0(s_lt);
	496	s_afterS0(s_kx); s_afterS0(s_s1); s_afterS1(s_lt);
	497	s_afterS1(s_kx); s_afterS1(s_s2); s_afterS2(s_lt);
	498	s_afterS2(s_kx); s_afterS2(s_s3); s_afterS3(s_lt);
	499	s_afterS3(s_kx); s_afterS3(s_s4); s_afterS4(s_lt);
	500	s_afterS4(s_kx); s_afterS4(s_s5); s_afterS5(s_lt);
	501	s_afterS5(s_kx); s_afterS5(s_s6); s_afterS6(s_lt);
	502	s_afterS6(s_kx); s_afterS6(s_s7);
503	503
504	504	if (i == 4) break;
505	505

510	510	d = a;
511	511	a = e;
512	512	k += 32;
513		_beforeS0(_LT);
	513	s_beforeS0(s_lt);
514	514	} while (1);
515	515
516		_afterS7(_KX);
	516	s_afterS7(s_kx);
517	517
518	518	STORE32L(d, out + 0);
519	519	STORE32L(e, out + 4);

523	523	return CRYPT_OK;
524	524	}
525	525
526		static int _dec_block(const unsigned char in, unsigned char out, const ulong32 *k)
	526	static int s_dec_block(const unsigned char in, unsigned char out, const ulong32 *k)
527	527	{
528	528	ulong32 a, b, c, d, e;
529	529	unsigned int i;

536	536	i = 4;
537	537	k += 96;
538	538
539		_beforeI7(_KX);
	539	s_beforeI7(s_kx);
540	540	goto start;
541	541
542	542	do {

544	544	b = d;
545	545	d = e;
546	546	k -= 32;
547		_beforeI7(_ILT);
	547	s_beforeI7(s_ilt);
548	548	start:
549		_beforeI7(_I7); _afterI7(_KX);
550		_afterI7(_ILT); _afterI7(_I6); _afterI6(_KX);
551		_afterI6(_ILT); _afterI6(_I5); _afterI5(_KX);
552		_afterI5(_ILT); _afterI5(_I4); _afterI4(_KX);
553		_afterI4(_ILT); _afterI4(_I3); _afterI3(_KX);
554		_afterI3(_ILT); _afterI3(_I2); _afterI2(_KX);
555		_afterI2(_ILT); _afterI2(_I1); _afterI1(_KX);
556		_afterI1(_ILT); _afterI1(_I0); _afterI0(_KX);
	549	s_beforeI7(s_i7); s_afterI7(s_kx);
	550	s_afterI7(s_ilt); s_afterI7(s_i6); s_afterI6(s_kx);
	551	s_afterI6(s_ilt); s_afterI6(s_i5); s_afterI5(s_kx);
	552	s_afterI5(s_ilt); s_afterI5(s_i4); s_afterI4(s_kx);
	553	s_afterI4(s_ilt); s_afterI4(s_i3); s_afterI3(s_kx);
	554	s_afterI3(s_ilt); s_afterI3(s_i2); s_afterI2(s_kx);
	555	s_afterI2(s_ilt); s_afterI2(s_i1); s_afterI1(s_kx);
	556	s_afterI1(s_ilt); s_afterI1(s_i0); s_afterI0(s_kx);
557	557	} while (--i != 0);
558	558
559	559	STORE32L(a, out + 0);

574	574	if (num_rounds != 0 && num_rounds != 32) return CRYPT_INVALID_ROUNDS;
575	575	if (keylen != 16 && keylen != 24 && keylen != 32) return CRYPT_INVALID_KEYSIZE;
576	576
577		err = _setup_key(key, keylen, 32, skey->serpent.k);
	577	err = s_setup_key(key, keylen, 32, skey->serpent.k);
578	578	#ifdef LTC_CLEAN_STACK
579	579	burn_stack(sizeof(ulong32) * 14 + sizeof(int));
580	580	#endif

583	583
584	584	int serpent_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
585	585	{
586		int err = _enc_block(pt, ct, skey->serpent.k);
	586	int err = s_enc_block(pt, ct, skey->serpent.k);
587	587	#ifdef LTC_CLEAN_STACK
588	588	burn_stack(sizeof(ulong32) * 5 + sizeof(int));
589	589	#endif

592	592
593	593	int serpent_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
594	594	{
595		int err = _dec_block(ct, pt, skey->serpent.k);
	595	int err = s_dec_block(ct, pt, skey->serpent.k);
596	596	#ifdef LTC_CLEAN_STACK
597	597	burn_stack(sizeof(ulong32) * 5 + sizeof(int));
598	598	#endif

+4

-4

src/ltc/ciphers/skipjack.c less more

132	132	@return CRYPT_OK if successful
133	133	*/
134	134	#ifdef LTC_CLEAN_STACK
135		static int _skipjack_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	135	static int s_skipjack_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
136	136	#else
137	137	int skipjack_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
138	138	#endif

182	182	#ifdef LTC_CLEAN_STACK
183	183	int skipjack_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
184	184	{
185		int err = _skipjack_ecb_encrypt(pt, ct, skey);
	185	int err = s_skipjack_ecb_encrypt(pt, ct, skey);
186	186	burn_stack(sizeof(unsigned) * 8 + sizeof(int) * 2);
187	187	return err;
188	188	}

196	196	@return CRYPT_OK if successful
197	197	*/
198	198	#ifdef LTC_CLEAN_STACK
199		static int _skipjack_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	199	static int s_skipjack_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
200	200	#else
201	201	int skipjack_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
202	202	#endif

250	250	#ifdef LTC_CLEAN_STACK
251	251	int skipjack_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
252	252	{
253		int err = _skipjack_ecb_decrypt(ct, pt, skey);
	253	int err = s_skipjack_ecb_decrypt(ct, pt, skey);
254	254	burn_stack(sizeof(unsigned) * 7 + sizeof(int) * 2);
255	255	return err;
256	256	}

+11

-11

src/ltc/ciphers/twofish/twofish.c less more

57	57
58	58	#ifdef LTC_TWOFISH_TABLES
59	59
60		#define __LTC_TWOFISH_TAB_C__
	60	#define LTC_TWOFISH_TAB_C
61	61	#include "twofish_tab.c"
62	62
63	63	#define sbox(i, x) ((ulong32)SBOX[i][(x)&255])

82	82
83	83	/* computes S_i[x] */
84	84	#ifdef LTC_CLEAN_STACK
85		static ulong32 _sbox(int i, ulong32 x)
	85	static ulong32 s_sbox(int i, ulong32 x)
86	86	#else
87	87	static ulong32 sbox(int i, ulong32 x)
88	88	#endif

124	124	static ulong32 sbox(int i, ulong32 x)
125	125	{
126	126	ulong32 y;
127		y = _sbox(i, x);
	127	y = s_sbox(i, x);
128	128	burn_stack(sizeof(unsigned char) * 11);
129	129	return y;
130	130	}

281	281	#else
282	282
283	283	#ifdef LTC_CLEAN_STACK
284		static ulong32 _g_func(ulong32 x, const symmetric_key *key)
	284	static ulong32 s_g_func(ulong32 x, const symmetric_key *key)
285	285	#else
286	286	static ulong32 g_func(ulong32 x, const symmetric_key *key)
287	287	#endif

317	317	static ulong32 g_func(ulong32 x, const symmetric_key *key)
318	318	{
319	319	ulong32 y;
320		y = _g_func(x, key);
	320	y = s_g_func(x, key);
321	321	burn_stack(sizeof(unsigned char) * 4 + sizeof(ulong32));
322	322	return y;
323	323	}

334	334	@return CRYPT_OK if successful
335	335	*/
336	336	#ifdef LTC_CLEAN_STACK
337		static int _twofish_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
	337	static int s_twofish_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
338	338	#else
339	339	int twofish_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
340	340	#endif

447	447	int twofish_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
448	448	{
449	449	int x;
450		x = _twofish_setup(key, keylen, num_rounds, skey);
	450	x = s_twofish_setup(key, keylen, num_rounds, skey);
451	451	burn_stack(sizeof(int) * 7 + sizeof(unsigned char) * 56 + sizeof(ulong32) * 2);
452	452	return x;
453	453	}

461	461	@return CRYPT_OK if successful
462	462	*/
463	463	#ifdef LTC_CLEAN_STACK
464		static int _twofish_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	464	static int s_twofish_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
465	465	#else
466	466	int twofish_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
467	467	#endif

521	521	#ifdef LTC_CLEAN_STACK
522	522	int twofish_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
523	523	{
524		int err = _twofish_ecb_encrypt(pt, ct, skey);
	524	int err = s_twofish_ecb_encrypt(pt, ct, skey);
525	525	burn_stack(sizeof(ulong32) * 10 + sizeof(int));
526	526	return err;
527	527	}

535	535	@return CRYPT_OK if successful
536	536	*/
537	537	#ifdef LTC_CLEAN_STACK
538		static int _twofish_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	538	static int s_twofish_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
539	539	#else
540	540	int twofish_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
541	541	#endif

597	597	#ifdef LTC_CLEAN_STACK
598	598	int twofish_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
599	599	{
600		int err =_twofish_ecb_decrypt(ct, pt, skey);
	600	int err = s_twofish_ecb_decrypt(ct, pt, skey);
601	601	burn_stack(sizeof(ulong32) * 10 + sizeof(int));
602	602	return err;
603	603	}

+2

-2

src/ltc/ciphers/twofish/twofish_tab.c less more

5	5	Twofish tables, Tom St Denis
6	6	*/
7	7	#ifdef LTC_TWOFISH_TABLES
8		#ifdef __LTC_TWOFISH_TAB_C__
	8	#ifdef LTC_TWOFISH_TAB_C
9	9
10	10	/* pre generated 8x8 tables from the four 4x4s */
11	11	static const unsigned char SBOX[2][256] = {

481	481
482	482	#endif /* LTC_TWOFISH_ALL_TABLES */
483	483
484		#endif /* __LTC_TWOFISH_TAB_C__ */
	484	#endif /* LTC_TWOFISH_TAB_C */
485	485	#endif

+2

-2

src/ltc/encauth/gcm/gcm_gf_mult.c less more

51	51
52	52	#ifndef LTC_FAST
53	53	/* right shift */
54		static void _gcm_rightshift(unsigned char *a)
	54	static void s_gcm_rightshift(unsigned char *a)
55	55	{
56	56	int x;
57	57	for (x = 15; x > 0; x--) {

85	85	}
86	86	}
87	87	z = V[15] & 0x01;
88		_gcm_rightshift(V);
	88	s_gcm_rightshift(V);
89	89	V[0] ^= poly[z];
90	90	}
91	91	XMEMCPY(c, Z, 16);

+3

-3

src/ltc/encauth/ocb3/ocb3_add_aad.c less more

14	14	@param aad_block [in] AAD data (block_len size)
15	15	@return CRYPT_OK if successful
16	16	*/
17		static int _ocb3_int_aad_add_block(ocb3_state ocb, const unsigned char aad_block)
	17	static int s_ocb3_int_aad_add_block(ocb3_state ocb, const unsigned char aad_block)
18	18	{
19	19	unsigned char tmp[MAXBLOCKSIZE];
20	20	int err;

58	58	ocb->adata_buffer_bytes += l;
59	59
60	60	if (ocb->adata_buffer_bytes == ocb->block_len) {
61		if ((err = _ocb3_int_aad_add_block(ocb, ocb->adata_buffer)) != CRYPT_OK) {
	61	if ((err = s_ocb3_int_aad_add_block(ocb, ocb->adata_buffer)) != CRYPT_OK) {
62	62	return err;
63	63	}
64	64	ocb->adata_buffer_bytes = 0;

79	79	last_block_len = datalen - full_blocks_len;
80	80
81	81	for (x=0; x<full_blocks; x++) {
82		if ((err = _ocb3_int_aad_add_block(ocb, data+x*ocb->block_len)) != CRYPT_OK) {
	82	if ((err = s_ocb3_int_aad_add_block(ocb, data+x*ocb->block_len)) != CRYPT_OK) {
83	83	return err;
84	84	}
85	85	}

+2

-2

src/ltc/encauth/ocb3/ocb3_init.c less more

8	8
9	9	#ifdef LTC_OCB3_MODE
10	10
11		static void _ocb3_int_calc_offset_zero(ocb3_state ocb, const unsigned char nonce, unsigned long noncelen, unsigned long taglen)
	11	static void s_ocb3_int_calc_offset_zero(ocb3_state ocb, const unsigned char nonce, unsigned long noncelen, unsigned long taglen)
12	12	{
13	13	int x, y, bottom;
14	14	int idx, shift;

165	165	}
166	166
167	167	/* initialize ocb->Offset_current = Offset_0 */
168		_ocb3_int_calc_offset_zero(ocb, nonce, noncelen, taglen);
	168	s_ocb3_int_calc_offset_zero(ocb, nonce, noncelen, taglen);
169	169
170	170	/* initialize checksum to all zeros */
171	171	zeromem(ocb->checksum, ocb->block_len);

+22

-22

src/ltc/hashes/blake2b.c less more

146	146	{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
147	147	};
148	148
149		static void blake2b_set_lastnode(hash_state *md) { md->blake2b.f[1] = CONST64(0xffffffffffffffff); }
	149	static void s_blake2b_set_lastnode(hash_state *md) { md->blake2b.f[1] = CONST64(0xffffffffffffffff); }
150	150
151	151	/* Some helper functions, not necessarily useful */
152		static int blake2b_is_lastblock(const hash_state *md) { return md->blake2b.f[0] != 0; }
153
154		static void blake2b_set_lastblock(hash_state *md)
	152	static int s_blake2b_is_lastblock(const hash_state *md) { return md->blake2b.f[0] != 0; }
	153
	154	static void s_blake2b_set_lastblock(hash_state *md)
155	155	{
156	156	if (md->blake2b.last_node) {
157		blake2b_set_lastnode(md);
	157	s_blake2b_set_lastnode(md);
158	158	}
159	159	md->blake2b.f[0] = CONST64(0xffffffffffffffff);
160	160	}
161	161
162		static void blake2b_increment_counter(hash_state *md, ulong64 inc)
	162	static void s_blake2b_increment_counter(hash_state *md, ulong64 inc)
163	163	{
164	164	md->blake2b.t[0] += inc;
165	165	if (md->blake2b.t[0] < inc) md->blake2b.t[1]++;
166	166	}
167	167
168		static void blake2b_init0(hash_state *md)
	168	static void s_blake2b_init0(hash_state *md)
169	169	{
170	170	unsigned long i;
171	171	XMEMSET(&md->blake2b, 0, sizeof(md->blake2b));

176	176	}
177	177
178	178	/* init xors IV with input parameter block */
179		static int blake2b_init_param(hash_state md, const unsigned char P)
	179	static int s_blake2b_init_param(hash_state md, const unsigned char P)
180	180	{
181	181	unsigned long i;
182	182
183		blake2b_init0(md);
	183	s_blake2b_init0(md);
184	184
185	185	/* IV XOR ParamBlock */
186	186	for (i = 0; i < 8; ++i) {

227	227	P[O_FANOUT] = 1;
228	228	P[O_DEPTH] = 1;
229	229
230		err = blake2b_init_param(md, P);
	230	err = s_blake2b_init_param(md, P);
231	231	if (err != CRYPT_OK) return err;
232	232
233	233	if (key) {

298	298	} while (0)
299	299
300	300	#ifdef LTC_CLEAN_STACK
301		static int _blake2b_compress(hash_state md, const unsigned char buf)
	301	static int ss_blake2b_compress(hash_state md, const unsigned char buf)
302	302	#else
303		static int blake2b_compress(hash_state md, const unsigned char buf)
	303	static int s_blake2b_compress(hash_state md, const unsigned char buf)
304	304	#endif
305	305	{
306	306	ulong64 m[16];

347	347	#undef ROUND
348	348
349	349	#ifdef LTC_CLEAN_STACK
350		static int blake2b_compress(hash_state md, const unsigned char buf)
	350	static int s_blake2b_compress(hash_state md, const unsigned char buf)
351	351	{
352	352	int err;
353		err = _blake2b_compress(md, buf);
	353	err = ss_blake2b_compress(md, buf);
354	354	burn_stack(sizeof(ulong64) * 32 + sizeof(unsigned long));
355	355	return err;
356	356	}

378	378	if (inlen > fill) {
379	379	md->blake2b.curlen = 0;
380	380	XMEMCPY(md->blake2b.buf + (left % sizeof(md->blake2b.buf)), in, fill); /* Fill buffer */
381		blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES);
382		blake2b_compress(md, md->blake2b.buf); /* Compress */
	381	s_blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES);
	382	s_blake2b_compress(md, md->blake2b.buf); /* Compress */
383	383	in += fill;
384	384	inlen -= fill;
385	385	while (inlen > BLAKE2B_BLOCKBYTES) {
386		blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES);
387		blake2b_compress(md, in);
	386	s_blake2b_increment_counter(md, BLAKE2B_BLOCKBYTES);
	387	s_blake2b_compress(md, in);
388	388	in += BLAKE2B_BLOCKBYTES;
389	389	inlen -= BLAKE2B_BLOCKBYTES;
390	390	}

411	411
412	412	/* if(md->blakebs.outlen != outlen) return CRYPT_INVALID_ARG; */
413	413
414		if (blake2b_is_lastblock(md)) {
	414	if (s_blake2b_is_lastblock(md)) {
415	415	return CRYPT_ERROR;
416	416	}
417	417
418		blake2b_increment_counter(md, md->blake2b.curlen);
419		blake2b_set_lastblock(md);
	418	s_blake2b_increment_counter(md, md->blake2b.curlen);
	419	s_blake2b_set_lastblock(md);
420	420	XMEMSET(md->blake2b.buf + md->blake2b.curlen, 0, BLAKE2B_BLOCKBYTES - md->blake2b.curlen); /* Padding */
421		blake2b_compress(md, md->blake2b.buf);
	421	s_blake2b_compress(md, md->blake2b.buf);
422	422
423	423	for (i = 0; i < 8; ++i) { /* Output full hash to temp buffer */
424	424	STORE64L(md->blake2b.h[i], buffer + i * 8);

+22

-22

src/ltc/hashes/blake2s.c less more

138	138	{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 },
139	139	};
140	140
141		static void blake2s_set_lastnode(hash_state *md) { md->blake2s.f[1] = 0xffffffffUL; }
	141	static void s_blake2s_set_lastnode(hash_state *md) { md->blake2s.f[1] = 0xffffffffUL; }
142	142
143	143	/* Some helper functions, not necessarily useful */
144		static int blake2s_is_lastblock(const hash_state *md) { return md->blake2s.f[0] != 0; }
145
146		static void blake2s_set_lastblock(hash_state *md)
	144	static int s_blake2s_is_lastblock(const hash_state *md) { return md->blake2s.f[0] != 0; }
	145
	146	static void s_blake2s_set_lastblock(hash_state *md)
147	147	{
148	148	if (md->blake2s.last_node) {
149		blake2s_set_lastnode(md);
	149	s_blake2s_set_lastnode(md);
150	150	}
151	151	md->blake2s.f[0] = 0xffffffffUL;
152	152	}
153	153
154		static void blake2s_increment_counter(hash_state *md, const ulong32 inc)
	154	static void s_blake2s_increment_counter(hash_state *md, const ulong32 inc)
155	155	{
156	156	md->blake2s.t[0] += inc;
157	157	if (md->blake2s.t[0] < inc) md->blake2s.t[1]++;
158	158	}
159	159
160		static int blake2s_init0(hash_state *md)
	160	static int s_blake2s_init0(hash_state *md)
161	161	{
162	162	int i;
163	163	XMEMSET(&md->blake2s, 0, sizeof(struct blake2s_state));

170	170	}
171	171
172	172	/* init2 xors IV with input parameter block */
173		static int blake2s_init_param(hash_state md, const unsigned char P)
	173	static int s_blake2s_init_param(hash_state md, const unsigned char P)
174	174	{
175	175	unsigned long i;
176	176
177		blake2s_init0(md);
	177	s_blake2s_init0(md);
178	178
179	179	/* IV XOR ParamBlock */
180	180	for (i = 0; i < 8; ++i) {

221	221	P[O_FANOUT] = 1;
222	222	P[O_DEPTH] = 1;
223	223
224		err = blake2s_init_param(md, P);
	224	err = s_blake2s_init_param(md, P);
225	225	if (err != CRYPT_OK) return err;
226	226
227	227	if (key) {

290	290	} while (0)
291	291
292	292	#ifdef LTC_CLEAN_STACK
293		static int _blake2s_compress(hash_state md, const unsigned char buf)
	293	static int ss_blake2s_compress(hash_state md, const unsigned char buf)
294	294	#else
295		static int blake2s_compress(hash_state md, const unsigned char buf)
	295	static int s_blake2s_compress(hash_state md, const unsigned char buf)
296	296	#endif
297	297	{
298	298	unsigned long i;

336	336	#undef ROUND
337	337
338	338	#ifdef LTC_CLEAN_STACK
339		static int blake2s_compress(hash_state md, const unsigned char buf)
	339	static int s_blake2s_compress(hash_state md, const unsigned char buf)
340	340	{
341	341	int err;
342		err = _blake2s_compress(md, buf);
	342	err = ss_blake2s_compress(md, buf);
343	343	burn_stack(sizeof(ulong32) * (32) + sizeof(unsigned long));
344	344	return err;
345	345	}

367	367	if (inlen > fill) {
368	368	md->blake2s.curlen = 0;
369	369	XMEMCPY(md->blake2s.buf + (left % sizeof(md->blake2s.buf)), in, fill); /* Fill buffer */
370		blake2s_increment_counter(md, BLAKE2S_BLOCKBYTES);
371		blake2s_compress(md, md->blake2s.buf); /* Compress */
	370	s_blake2s_increment_counter(md, BLAKE2S_BLOCKBYTES);
	371	s_blake2s_compress(md, md->blake2s.buf); /* Compress */
372	372	in += fill;
373	373	inlen -= fill;
374	374	while (inlen > BLAKE2S_BLOCKBYTES) {
375		blake2s_increment_counter(md, BLAKE2S_BLOCKBYTES);
376		blake2s_compress(md, in);
	375	s_blake2s_increment_counter(md, BLAKE2S_BLOCKBYTES);
	376	s_blake2s_compress(md, in);
377	377	in += BLAKE2S_BLOCKBYTES;
378	378	inlen -= BLAKE2S_BLOCKBYTES;
379	379	}

400	400
401	401	/* if(md->blake2s.outlen != outlen) return CRYPT_INVALID_ARG; */
402	402
403		if (blake2s_is_lastblock(md)) {
	403	if (s_blake2s_is_lastblock(md)) {
404	404	return CRYPT_ERROR;
405	405	}
406		blake2s_increment_counter(md, md->blake2s.curlen);
407		blake2s_set_lastblock(md);
	406	s_blake2s_increment_counter(md, md->blake2s.curlen);
	407	s_blake2s_set_lastblock(md);
408	408	XMEMSET(md->blake2s.buf + md->blake2s.curlen, 0, BLAKE2S_BLOCKBYTES - md->blake2s.curlen); /* Padding */
409		blake2s_compress(md, md->blake2s.buf);
	409	s_blake2s_compress(md, md->blake2s.buf);
410	410
411	411	for (i = 0; i < 8; ++i) { /* Output full hash to temp buffer */
412	412	STORE32L(md->blake2s.h[i], buffer + i * 4);

+6

-6

src/ltc/hashes/chc/chc.c less more

120	120	T0 <= encrypt T0
121	121	state <= state xor T0 xor T1
122	122	*/
123		static int chc_compress(hash_state md, const unsigned char buf)
	123	static int s_chc_compress(hash_state md, const unsigned char buf)
124	124	{
125	125	unsigned char T[2][MAXBLOCKSIZE];
126	126	symmetric_key *key;

153	153	@param len The length of the data (octets)
154	154	@return CRYPT_OK if successful
155	155	*/
156		static int _chc_process(hash_state * md, const unsigned char *in, unsigned long inlen);
157		static HASH_PROCESS(_chc_process, chc_compress, chc, (unsigned long)cipher_blocksize)
	156	static int ss_chc_process(hash_state * md, const unsigned char *in, unsigned long inlen);
	157	static HASH_PROCESS(ss_chc_process, s_chc_compress, chc, (unsigned long)cipher_blocksize)
158	158
159	159	/**
160	160	Process a block of memory though the hash

178	178	return CRYPT_INVALID_CIPHER;
179	179	}
180	180
181		return _chc_process(md, in, inlen);
	181	return ss_chc_process(md, in, inlen);
182	182	}
183	183
184	184	/**

220	220	while (md->chc.curlen < (unsigned long)cipher_blocksize) {
221	221	md->chc.buf[md->chc.curlen++] = (unsigned char)0;
222	222	}
223		chc_compress(md, md->chc.buf);
	223	s_chc_compress(md, md->chc.buf);
224	224	md->chc.curlen = 0;
225	225	}
226	226

231	231
232	232	/* store length */
233	233	STORE64L(md->chc.length, md->chc.buf+(cipher_blocksize-8));
234		chc_compress(md, md->chc.buf);
	234	s_chc_compress(md, md->chc.buf);
235	235
236	236	/* copy output */
237	237	XMEMCPY(out, md->chc.state, cipher_blocksize);

+7

-7

src/ltc/hashes/md2.c less more

48	48	};
49	49
50	50	/* adds 16 bytes to the checksum */
51		static void md2_update_chksum(hash_state *md)
	51	static void s_md2_update_chksum(hash_state *md)
52	52	{
53	53	int j;
54	54	unsigned char L;

62	62	}
63	63	}
64	64
65		static void md2_compress(hash_state *md)
	65	static void s_md2_compress(hash_state *md)
66	66	{
67	67	int j, k;
68	68	unsigned char t;

125	125
126	126	/* is 16 bytes full? */
127	127	if (md->md2.curlen == 16) {
128		md2_compress(md);
129		md2_update_chksum(md);
	128	s_md2_compress(md);
	129	s_md2_update_chksum(md);
130	130	md->md2.curlen = 0;
131	131	}
132	132	}

158	158	}
159	159
160	160	/* hash and update */
161		md2_compress(md);
162		md2_update_chksum(md);
	161	s_md2_compress(md);
	162	s_md2_update_chksum(md);
163	163
164	164	/* hash checksum */
165	165	XMEMCPY(md->md2.buf, md->md2.chksum, 16);
166		md2_compress(md);
	166	s_md2_compress(md);
167	167
168	168	/* output is lower 16 bytes of X */
169	169	XMEMCPY(out, md->md2.X, 16);

+7

-7

src/ltc/hashes/md4.c less more

64	64	}
65	65
66	66	#ifdef LTC_CLEAN_STACK
67		static int _md4_compress(hash_state md, const unsigned char buf)
	67	static int ss_md4_compress(hash_state md, const unsigned char buf)
68	68	#else
69		static int md4_compress(hash_state md, const unsigned char buf)
	69	static int s_md4_compress(hash_state md, const unsigned char buf)
70	70	#endif
71	71	{
72	72	ulong32 x[16], a, b, c, d;

148	148	}
149	149
150	150	#ifdef LTC_CLEAN_STACK
151		static int md4_compress(hash_state md, const unsigned char buf)
	151	static int s_md4_compress(hash_state md, const unsigned char buf)
152	152	{
153	153	int err;
154		err = _md4_compress(md, buf);
	154	err = ss_md4_compress(md, buf);
155	155	burn_stack(sizeof(ulong32) * 20 + sizeof(int));
156	156	return err;
157	157	}

181	181	@param inlen The length of the data (octets)
182	182	@return CRYPT_OK if successful
183	183	*/
184		HASH_PROCESS(md4_process, md4_compress, md4, 64)
	184	HASH_PROCESS(md4_process, s_md4_compress, md4, 64)
185	185
186	186	/**
187	187	Terminate the hash to get the digest

214	214	while (md->md4.curlen < 64) {
215	215	md->md4.buf[md->md4.curlen++] = (unsigned char)0;
216	216	}
217		md4_compress(md, md->md4.buf);
	217	s_md4_compress(md, md->md4.buf);
218	218	md->md4.curlen = 0;
219	219	}
220	220

225	225
226	226	/* store length */
227	227	STORE64L(md->md4.length, md->md4.buf+56);
228		md4_compress(md, md->md4.buf);
	228	s_md4_compress(md, md->md4.buf);
229	229
230	230	/* copy output */
231	231	for (i = 0; i < 4; i++) {

+7

-7

src/ltc/hashes/md5.c less more

89	89	#endif
90	90
91	91	#ifdef LTC_CLEAN_STACK
92		static int _md5_compress(hash_state md, const unsigned char buf)
	92	static int ss_md5_compress(hash_state md, const unsigned char buf)
93	93	#else
94		static int md5_compress(hash_state md, const unsigned char buf)
	94	static int s_md5_compress(hash_state md, const unsigned char buf)
95	95	#endif
96	96	{
97	97	ulong32 i, W[16], a, b, c, d;

207	207	}
208	208
209	209	#ifdef LTC_CLEAN_STACK
210		static int md5_compress(hash_state md, const unsigned char buf)
	210	static int s_md5_compress(hash_state md, const unsigned char buf)
211	211	{
212	212	int err;
213		err = _md5_compress(md, buf);
	213	err = ss_md5_compress(md, buf);
214	214	burn_stack(sizeof(ulong32) * 21);
215	215	return err;
216	216	}

240	240	@param inlen The length of the data (octets)
241	241	@return CRYPT_OK if successful
242	242	*/
243		HASH_PROCESS(md5_process, md5_compress, md5, 64)
	243	HASH_PROCESS(md5_process, s_md5_compress, md5, 64)
244	244
245	245	/**
246	246	Terminate the hash to get the digest

274	274	while (md->md5.curlen < 64) {
275	275	md->md5.buf[md->md5.curlen++] = (unsigned char)0;
276	276	}
277		md5_compress(md, md->md5.buf);
	277	s_md5_compress(md, md->md5.buf);
278	278	md->md5.curlen = 0;
279	279	}
280	280

285	285
286	286	/* store length */
287	287	STORE64L(md->md5.length, md->md5.buf+56);
288		md5_compress(md, md->md5.buf);
	288	s_md5_compress(md, md->md5.buf);
289	289
290	290	/* copy output */
291	291	for (i = 0; i < 4; i++) {

+7

-7

src/ltc/hashes/rmd128.c less more

72	72	(a) = ROLc((a), (s));
73	73
74	74	#ifdef LTC_CLEAN_STACK
75		static int _rmd128_compress(hash_state md, const unsigned char buf)
	75	static int ss_rmd128_compress(hash_state md, const unsigned char buf)
76	76	#else
77		static int rmd128_compress(hash_state md, const unsigned char buf)
	77	static int s_rmd128_compress(hash_state md, const unsigned char buf)
78	78	#endif
79	79	{
80	80	ulong32 aa,bb,cc,dd,aaa,bbb,ccc,ddd,X[16];

246	246	}
247	247
248	248	#ifdef LTC_CLEAN_STACK
249		static int rmd128_compress(hash_state md, const unsigned char buf)
	249	static int s_rmd128_compress(hash_state md, const unsigned char buf)
250	250	{
251	251	int err;
252		err = _rmd128_compress(md, buf);
	252	err = ss_rmd128_compress(md, buf);
253	253	burn_stack(sizeof(ulong32) * 24 + sizeof(int));
254	254	return err;
255	255	}

279	279	@param inlen The length of the data (octets)
280	280	@return CRYPT_OK if successful
281	281	*/
282		HASH_PROCESS(rmd128_process, rmd128_compress, rmd128, 64)
	282	HASH_PROCESS(rmd128_process, s_rmd128_compress, rmd128, 64)
283	283
284	284	/**
285	285	Terminate the hash to get the digest

313	313	while (md->rmd128.curlen < 64) {
314	314	md->rmd128.buf[md->rmd128.curlen++] = (unsigned char)0;
315	315	}
316		rmd128_compress(md, md->rmd128.buf);
	316	s_rmd128_compress(md, md->rmd128.buf);
317	317	md->rmd128.curlen = 0;
318	318	}
319	319

324	324
325	325	/* store length */
326	326	STORE64L(md->rmd128.length, md->rmd128.buf+56);
327		rmd128_compress(md, md->rmd128.buf);
	327	s_rmd128_compress(md, md->rmd128.buf);
328	328
329	329	/* copy output */
330	330	for (i = 0; i < 4; i++) {

+7

-7

src/ltc/hashes/rmd160.c less more

92	92
93	93
94	94	#ifdef LTC_CLEAN_STACK
95		static int _rmd160_compress(hash_state md, const unsigned char buf)
	95	static int ss_rmd160_compress(hash_state md, const unsigned char buf)
96	96	#else
97		static int rmd160_compress(hash_state md, const unsigned char buf)
	97	static int s_rmd160_compress(hash_state md, const unsigned char buf)
98	98	#endif
99	99	{
100	100	ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,X[16];

304	304	}
305	305
306	306	#ifdef LTC_CLEAN_STACK
307		static int rmd160_compress(hash_state md, const unsigned char buf)
	307	static int s_rmd160_compress(hash_state md, const unsigned char buf)
308	308	{
309	309	int err;
310		err = _rmd160_compress(md, buf);
	310	err = ss_rmd160_compress(md, buf);
311	311	burn_stack(sizeof(ulong32) * 26 + sizeof(int));
312	312	return err;
313	313	}

338	338	@param inlen The length of the data (octets)
339	339	@return CRYPT_OK if successful
340	340	*/
341		HASH_PROCESS(rmd160_process, rmd160_compress, rmd160, 64)
	341	HASH_PROCESS(rmd160_process, s_rmd160_compress, rmd160, 64)
342	342
343	343	/**
344	344	Terminate the hash to get the digest

372	372	while (md->rmd160.curlen < 64) {
373	373	md->rmd160.buf[md->rmd160.curlen++] = (unsigned char)0;
374	374	}
375		rmd160_compress(md, md->rmd160.buf);
	375	s_rmd160_compress(md, md->rmd160.buf);
376	376	md->rmd160.curlen = 0;
377	377	}
378	378

383	383
384	384	/* store length */
385	385	STORE64L(md->rmd160.length, md->rmd160.buf+56);
386		rmd160_compress(md, md->rmd160.buf);
	386	s_rmd160_compress(md, md->rmd160.buf);
387	387
388	388	/* copy output */
389	389	for (i = 0; i < 5; i++) {

+7

-7

src/ltc/hashes/rmd256.c less more

66	66	(a) = ROLc((a), (s));
67	67
68	68	#ifdef LTC_CLEAN_STACK
69		static int _rmd256_compress(hash_state md, const unsigned char buf)
	69	static int ss_rmd256_compress(hash_state md, const unsigned char buf)
70	70	#else
71		static int rmd256_compress(hash_state md, const unsigned char buf)
	71	static int s_rmd256_compress(hash_state md, const unsigned char buf)
72	72	#endif
73	73	{
74	74	ulong32 aa,bb,cc,dd,aaa,bbb,ccc,ddd,tmp,X[16];

255	255	}
256	256
257	257	#ifdef LTC_CLEAN_STACK
258		static int rmd256_compress(hash_state md, const unsigned char buf)
	258	static int s_rmd256_compress(hash_state md, const unsigned char buf)
259	259	{
260	260	int err;
261		err = _rmd256_compress(md, buf);
	261	err = ss_rmd256_compress(md, buf);
262	262	burn_stack(sizeof(ulong32) * 25 + sizeof(int));
263	263	return err;
264	264	}

292	292	@param inlen The length of the data (octets)
293	293	@return CRYPT_OK if successful
294	294	*/
295		HASH_PROCESS(rmd256_process, rmd256_compress, rmd256, 64)
	295	HASH_PROCESS(rmd256_process, s_rmd256_compress, rmd256, 64)
296	296
297	297	/**
298	298	Terminate the hash to get the digest

326	326	while (md->rmd256.curlen < 64) {
327	327	md->rmd256.buf[md->rmd256.curlen++] = (unsigned char)0;
328	328	}
329		rmd256_compress(md, md->rmd256.buf);
	329	s_rmd256_compress(md, md->rmd256.buf);
330	330	md->rmd256.curlen = 0;
331	331	}
332	332

337	337
338	338	/* store length */
339	339	STORE64L(md->rmd256.length, md->rmd256.buf+56);
340		rmd256_compress(md, md->rmd256.buf);
	340	s_rmd256_compress(md, md->rmd256.buf);
341	341
342	342	/* copy output */
343	343	for (i = 0; i < 8; i++) {

+7

-7

src/ltc/hashes/rmd320.c less more

87	87
88	88
89	89	#ifdef LTC_CLEAN_STACK
90		static int _rmd320_compress(hash_state md, const unsigned char buf)
	90	static int ss_rmd320_compress(hash_state md, const unsigned char buf)
91	91	#else
92		static int rmd320_compress(hash_state md, const unsigned char buf)
	92	static int s_rmd320_compress(hash_state md, const unsigned char buf)
93	93	#endif
94	94	{
95	95	ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,tmp,X[16];

318	318	}
319	319
320	320	#ifdef LTC_CLEAN_STACK
321		static int rmd320_compress(hash_state md, const unsigned char buf)
	321	static int s_rmd320_compress(hash_state md, const unsigned char buf)
322	322	{
323	323	int err;
324		err = _rmd320_compress(md, buf);
	324	err = ss_rmd320_compress(md, buf);
325	325	burn_stack(sizeof(ulong32) * 27 + sizeof(int));
326	326	return err;
327	327	}

357	357	@param inlen The length of the data (octets)
358	358	@return CRYPT_OK if successful
359	359	*/
360		HASH_PROCESS(rmd320_process, rmd320_compress, rmd320, 64)
	360	HASH_PROCESS(rmd320_process, s_rmd320_compress, rmd320, 64)
361	361
362	362	/**
363	363	Terminate the hash to get the digest

391	391	while (md->rmd320.curlen < 64) {
392	392	md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0;
393	393	}
394		rmd320_compress(md, md->rmd320.buf);
	394	s_rmd320_compress(md, md->rmd320.buf);
395	395	md->rmd320.curlen = 0;
396	396	}
397	397

402	402
403	403	/* store length */
404	404	STORE64L(md->rmd320.length, md->rmd320.buf+56);
405		rmd320_compress(md, md->rmd320.buf);
	405	s_rmd320_compress(md, md->rmd320.buf);
406	406
407	407	/* copy output */
408	408	for (i = 0; i < 10; i++) {

+7

-7

src/ltc/hashes/sha1.c less more

33	33	#define F3(x,y,z) (x ^ y ^ z)
34	34
35	35	#ifdef LTC_CLEAN_STACK
36		static int _sha1_compress(hash_state md, const unsigned char buf)
	36	static int ss_sha1_compress(hash_state md, const unsigned char buf)
37	37	#else
38		static int sha1_compress(hash_state md, const unsigned char buf)
	38	static int s_sha1_compress(hash_state md, const unsigned char buf)
39	39	#endif
40	40	{
41	41	ulong32 a,b,c,d,e,W[80],i;

139	139	}
140	140
141	141	#ifdef LTC_CLEAN_STACK
142		static int sha1_compress(hash_state md, const unsigned char buf)
	142	static int s_sha1_compress(hash_state md, const unsigned char buf)
143	143	{
144	144	int err;
145		err = _sha1_compress(md, buf);
	145	err = ss_sha1_compress(md, buf);
146	146	burn_stack(sizeof(ulong32) * 87);
147	147	return err;
148	148	}

173	173	@param inlen The length of the data (octets)
174	174	@return CRYPT_OK if successful
175	175	*/
176		HASH_PROCESS(sha1_process, sha1_compress, sha1, 64)
	176	HASH_PROCESS(sha1_process, s_sha1_compress, sha1, 64)
177	177
178	178	/**
179	179	Terminate the hash to get the digest

206	206	while (md->sha1.curlen < 64) {
207	207	md->sha1.buf[md->sha1.curlen++] = (unsigned char)0;
208	208	}
209		sha1_compress(md, md->sha1.buf);
	209	s_sha1_compress(md, md->sha1.buf);
210	210	md->sha1.curlen = 0;
211	211	}
212	212

217	217
218	218	/* store length */
219	219	STORE64H(md->sha1.length, md->sha1.buf+56);
220		sha1_compress(md, md->sha1.buf);
	220	s_sha1_compress(md, md->sha1.buf);
221	221
222	222	/* copy output */
223	223	for (i = 0; i < 5; i++) {

+8

-10

src/ltc/hashes/sha2/sha256.c less more

57	57
58	58	/* compress 512-bits */
59	59	#ifdef LTC_CLEAN_STACK
60		static int _sha256_compress(hash_state * md, const unsigned char *buf)
	60	static int ss_sha256_compress(hash_state * md, const unsigned char *buf)
61	61	#else
62		static int sha256_compress(hash_state * md, const unsigned char *buf)
	62	static int s_sha256_compress(hash_state * md, const unsigned char *buf)
63	63	#endif
64	64	{
65	65	ulong32 S[8], W[64], t0, t1;

167	167	RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],61,0xa4506ceb);
168	168	RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],62,0xbef9a3f7);
169	169	RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],63,0xc67178f2);
170
	170	#endif
171	171	#undef RND
172
173		#endif
174	172
175	173	/* feedback */
176	174	for (i = 0; i < 8; i++) {

180	178	}
181	179
182	180	#ifdef LTC_CLEAN_STACK
183		static int sha256_compress(hash_state * md, const unsigned char *buf)
	181	static int s_sha256_compress(hash_state * md, const unsigned char *buf)
184	182	{
185	183	int err;
186		err = _sha256_compress(md, buf);
	184	err = ss_sha256_compress(md, buf);
187	185	burn_stack(sizeof(ulong32) * 74);
188	186	return err;
189	187	}

218	216	@param inlen The length of the data (octets)
219	217	@return CRYPT_OK if successful
220	218	*/
221		HASH_PROCESS(sha256_process, sha256_compress, sha256, 64)
	219	HASH_PROCESS(sha256_process,s_sha256_compress, sha256, 64)
222	220
223	221	/**
224	222	Terminate the hash to get the digest

252	250	while (md->sha256.curlen < 64) {
253	251	md->sha256.buf[md->sha256.curlen++] = (unsigned char)0;
254	252	}
255		sha256_compress(md, md->sha256.buf);
	253	s_sha256_compress(md, md->sha256.buf);
256	254	md->sha256.curlen = 0;
257	255	}
258	256

263	261
264	262	/* store length */
265	263	STORE64H(md->sha256.length, md->sha256.buf+56);
266		sha256_compress(md, md->sha256.buf);
	264	s_sha256_compress(md, md->sha256.buf);
267	265
268	266	/* copy output */
269	267	for (i = 0; i < 8; i++) {

+7

-7

src/ltc/hashes/sha2/sha512.c less more

82	82
83	83	/* compress 1024-bits */
84	84	#ifdef LTC_CLEAN_STACK
85		static int _sha512_compress(hash_state * md, const unsigned char *buf)
	85	static int ss_sha512_compress(hash_state * md, const unsigned char *buf)
86	86	#else
87		static int sha512_compress(hash_state * md, const unsigned char *buf)
	87	static int s_sha512_compress(hash_state * md, const unsigned char *buf)
88	88	#endif
89	89	{
90	90	ulong64 S[8], W[80], t0, t1;

149	149
150	150	/* compress 1024-bits */
151	151	#ifdef LTC_CLEAN_STACK
152		static int sha512_compress(hash_state * md, const unsigned char *buf)
	152	static int s_sha512_compress(hash_state * md, const unsigned char *buf)
153	153	{
154	154	int err;
155		err = _sha512_compress(md, buf);
	155	err = ss_sha512_compress(md, buf);
156	156	burn_stack(sizeof(ulong64) * 90 + sizeof(int));
157	157	return err;
158	158	}

186	186	@param inlen The length of the data (octets)
187	187	@return CRYPT_OK if successful
188	188	*/
189		HASH_PROCESS(sha512_process, sha512_compress, sha512, 128)
	189	HASH_PROCESS(sha512_process, s_sha512_compress, sha512, 128)
190	190
191	191	/**
192	192	Terminate the hash to get the digest

219	219	while (md->sha512.curlen < 128) {
220	220	md->sha512.buf[md->sha512.curlen++] = (unsigned char)0;
221	221	}
222		sha512_compress(md, md->sha512.buf);
	222	s_sha512_compress(md, md->sha512.buf);
223	223	md->sha512.curlen = 0;
224	224	}
225	225

233	233
234	234	/* store length */
235	235	STORE64H(md->sha512.length, md->sha512.buf+120);
236		sha512_compress(md, md->sha512.buf);
	236	s_sha512_compress(md, md->sha512.buf);
237	237
238	238	/* copy output */
239	239	for (i = 0; i < 8; i++) {

+18

-18

src/ltc/hashes/sha3.c less more

130	130	#define SHA3_KECCAK_SPONGE_WORDS 25 /* 1600 bits > 200 bytes > 25 x ulong64 */
131	131	#define SHA3_KECCAK_ROUNDS 24
132	132
133		static const ulong64 keccakf_rndc[24] = {
	133	static const ulong64 s_keccakf_rndc[24] = {
134	134	CONST64(0x0000000000000001), CONST64(0x0000000000008082),
135	135	CONST64(0x800000000000808a), CONST64(0x8000000080008000),
136	136	CONST64(0x000000000000808b), CONST64(0x0000000080000001),

145	145	CONST64(0x0000000080000001), CONST64(0x8000000080008008)
146	146	};
147	147
148		static const unsigned keccakf_rotc[24] = {
	148	static const unsigned s_keccakf_rotc[24] = {
149	149	1, 3, 6, 10, 15, 21, 28, 36, 45, 55, 2, 14, 27, 41, 56, 8, 25, 43, 62, 18, 39, 61, 20, 44
150	150	};
151	151
152		static const unsigned keccakf_piln[24] = {
	152	static const unsigned s_keccakf_piln[24] = {
153	153	10, 7, 11, 17, 18, 3, 5, 16, 8, 21, 24, 4, 15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1
154	154	};
155	155
156		static void keccakf(ulong64 s[25])
	156	static void s_keccakf(ulong64 s[25])
157	157	{
158	158	int i, j, round;
159	159	ulong64 t, bc[5];

172	172	/* Rho Pi */
173	173	t = s[1];
174	174	for(i = 0; i < 24; i++) {
175		j = keccakf_piln[i];
	175	j = s_keccakf_piln[i];
176	176	bc[0] = s[j];
177		s[j] = ROL64(t, keccakf_rotc[i]);
	177	s[j] = ROL64(t, s_keccakf_rotc[i]);
178	178	t = bc[0];
179	179	}
180	180	/* Chi */

187	187	}
188	188	}
189	189	/* Iota */
190		s[0] ^= keccakf_rndc[round];
191		}
192		}
193
194		static LTC_INLINE int _done(hash_state md, unsigned char hash, ulong64 pad)
	190	s[0] ^= s_keccakf_rndc[round];
	191	}
	192	}
	193
	194	static LTC_INLINE int ss_done(hash_state md, unsigned char hash, ulong64 pad)
195	195	{
196	196	unsigned i;
197	197

200	200
201	201	md->sha3.s[md->sha3.word_index] ^= (md->sha3.saved ^ (pad << (md->sha3.byte_index * 8)));
202	202	md->sha3.s[SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words - 1] ^= CONST64(0x8000000000000000);
203		keccakf(md->sha3.s);
	203	s_keccakf(md->sha3.s);
204	204
205	205	/* store sha3.s[] as little-endian bytes into sha3.sb */
206	206	for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) {

282	282	md->sha3.byte_index = 0;
283	283	md->sha3.saved = 0;
284	284	if(++md->sha3.word_index == (SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words)) {
285		keccakf(md->sha3.s);
	285	s_keccakf(md->sha3.s);
286	286	md->sha3.word_index = 0;
287	287	}
288	288	}

296	296	LOAD64L(t, in);
297	297	md->sha3.s[md->sha3.word_index] ^= t;
298	298	if(++md->sha3.word_index == (SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words)) {
299		keccakf(md->sha3.s);
	299	s_keccakf(md->sha3.s);
300	300	md->sha3.word_index = 0;
301	301	}
302	302	}

311	311	#ifdef LTC_SHA3
312	312	int sha3_done(hash_state md, unsigned char out)
313	313	{
314		return _done(md, out, CONST64(0x06));
	314	return ss_done(md, out, CONST64(0x06));
315	315	}
316	316	#endif
317	317
318	318	#ifdef LTC_KECCAK
319	319	int keccak_done(hash_state md, unsigned char out)
320	320	{
321		return _done(md, out, CONST64(0x01));
	321	return ss_done(md, out, CONST64(0x01));
322	322	}
323	323	#endif
324	324

337	337	/* shake_xof operation must be done only once */
338	338	md->sha3.s[md->sha3.word_index] ^= (md->sha3.saved ^ (CONST64(0x1F) << (md->sha3.byte_index * 8)));
339	339	md->sha3.s[SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words - 1] ^= CONST64(0x8000000000000000);
340		keccakf(md->sha3.s);
	340	s_keccakf(md->sha3.s);
341	341	/* store sha3.s[] as little-endian bytes into sha3.sb */
342	342	for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) {
343	343	STORE64L(md->sha3.s[i], md->sha3.sb + i * 8);

348	348
349	349	for (idx = 0; idx < outlen; idx++) {
350	350	if(md->sha3.byte_index >= (SHA3_KECCAK_SPONGE_WORDS - md->sha3.capacity_words) * 8) {
351		keccakf(md->sha3.s);
	351	s_keccakf(md->sha3.s);
352	352	/* store sha3.s[] as little-endian bytes into sha3.sb */
353	353	for(i = 0; i < SHA3_KECCAK_SPONGE_WORDS; i++) {
354	354	STORE64L(md->sha3.s[i], md->sha3.sb + i * 8);

+15

-21

src/ltc/hashes/tiger.c less more

546	546	CONST64(0xCD56D9430EA8280E) /* 1020 /, CONST64(0xC12591D7535F5065) / 1021 */,
547	547	CONST64(0xC83223F1720AEF96) /* 1022 /, CONST64(0xC3A0396F7363A51F) / 1023 */};
548	548
549		#ifdef _MSC_VER
550		#define INLINE __inline
551		#else
552		#define INLINE
553		#endif
554
555	549	/* one round of the hash function */
556		INLINE static void tiger_round(ulong64 a, ulong64 b, ulong64 *c, ulong64 x, int mul)
	550	LTC_INLINE static void tiger_round(ulong64 a, ulong64 b, ulong64 *c, ulong64 x, int mul)
557	551	{
558	552	ulong64 tmp;
559	553	tmp = (*c ^= x);

567	561	}
568	562
569	563	/* one complete pass */
570		static void pass(ulong64 a, ulong64 b, ulong64 c, const ulong64 x, int mul)
	564	static void s_pass(ulong64 a, ulong64 b, ulong64 c, const ulong64 x, int mul)
571	565	{
572	566	tiger_round(a,b,c,x[0],mul);
573	567	tiger_round(b,c,a,x[1],mul);

580	574	}
581	575
582	576	/* The key mixing schedule */
583		static void key_schedule(ulong64 *x)
	577	static void s_key_schedule(ulong64 *x)
584	578	{
585	579	x[0] -= x[7] ^ CONST64(0xA5A5A5A5A5A5A5A5);
586	580	x[1] ^= x[0];

601	595	}
602	596
603	597	#ifdef LTC_CLEAN_STACK
604		static int _tiger_compress(hash_state md, const unsigned char buf)
	598	static int ss_tiger_compress(hash_state md, const unsigned char buf)
605	599	#else
606		static int tiger_compress(hash_state md, const unsigned char buf)
	600	static int s_tiger_compress(hash_state md, const unsigned char buf)
607	601	#endif
608	602	{
609	603	ulong64 a, b, c, x[8];

617	611	b = md->tiger.state[1];
618	612	c = md->tiger.state[2];
619	613
620		pass(&a,&b,&c,x,5);
621		key_schedule(x);
622		pass(&c,&a,&b,x,7);
623		key_schedule(x);
624		pass(&b,&c,&a,x,9);
	614	s_pass(&a,&b,&c,x,5);
	615	s_key_schedule(x);
	616	s_pass(&c,&a,&b,x,7);
	617	s_key_schedule(x);
	618	s_pass(&b,&c,&a,x,9);
625	619
626	620	/* store state */
627	621	md->tiger.state[0] = a ^ md->tiger.state[0];

632	626	}
633	627
634	628	#ifdef LTC_CLEAN_STACK
635		static int tiger_compress(hash_state md, const unsigned char buf)
	629	static int s_tiger_compress(hash_state md, const unsigned char buf)
636	630	{
637	631	int err;
638		err = _tiger_compress(md, buf);
	632	err = ss_tiger_compress(md, buf);
639	633	burn_stack(sizeof(ulong64) * 11 + sizeof(unsigned long));
640	634	return err;
641	635	}

664	658	@param inlen The length of the data (octets)
665	659	@return CRYPT_OK if successful
666	660	*/
667		HASH_PROCESS(tiger_process, tiger_compress, tiger, 64)
	661	HASH_PROCESS(tiger_process, s_tiger_compress, tiger, 64)
668	662
669	663	/**
670	664	Terminate the hash to get the digest

694	688	while (md->tiger.curlen < 64) {
695	689	md->tiger.buf[md->tiger.curlen++] = (unsigned char)0;
696	690	}
697		tiger_compress(md, md->tiger.buf);
	691	s_tiger_compress(md, md->tiger.buf);
698	692	md->tiger.curlen = 0;
699	693	}
700	694

705	699
706	700	/* store length */
707	701	STORE64L(md->tiger.length, md->tiger.buf+56);
708		tiger_compress(md, md->tiger.buf);
	702	s_tiger_compress(md, md->tiger.buf);
709	703
710	704	/* copy output */
711	705	STORE64L(md->tiger.state[0], &out[0]);

+8

-8

src/ltc/hashes/whirl/whirl.c less more

28	28	};
29	29
30	30	/* the sboxes */
31		#define __LTC_WHIRLTAB_C__
	31	#define LTC_WHIRLTAB_C
32	32	#include "whirltab.c"
33	33
34	34	/* get a_{i,j} */

46	46	SB7(GB(a, i-7, 0)))
47	47
48	48	#ifdef LTC_CLEAN_STACK
49		static int _whirlpool_compress(hash_state md, const unsigned char buf)
	49	static int ss_whirlpool_compress(hash_state md, const unsigned char buf)
50	50	#else
51		static int whirlpool_compress(hash_state md, const unsigned char buf)
	51	static int s_whirlpool_compress(hash_state md, const unsigned char buf)
52	52	#endif
53	53	{
54	54	ulong64 K[2][8], T[3][8];

102	102
103	103
104	104	#ifdef LTC_CLEAN_STACK
105		static int whirlpool_compress(hash_state md, const unsigned char buf)
	105	static int s_whirlpool_compress(hash_state md, const unsigned char buf)
106	106	{
107	107	int err;
108		err = _whirlpool_compress(md, buf);
	108	err = ss_whirlpool_compress(md, buf);
109	109	burn_stack((5 * 8 * sizeof(ulong64)) + (2 * sizeof(int)));
110	110	return err;
111	111	}

131	131	@param inlen The length of the data (octets)
132	132	@return CRYPT_OK if successful
133	133	*/
134		HASH_PROCESS(whirlpool_process, whirlpool_compress, whirlpool, 64)
	134	HASH_PROCESS(whirlpool_process, s_whirlpool_compress, whirlpool, 64)
135	135
136	136	/**
137	137	Terminate the hash to get the digest

164	164	while (md->whirlpool.curlen < 64) {
165	165	md->whirlpool.buf[md->whirlpool.curlen++] = (unsigned char)0;
166	166	}
167		whirlpool_compress(md, md->whirlpool.buf);
	167	s_whirlpool_compress(md, md->whirlpool.buf);
168	168	md->whirlpool.curlen = 0;
169	169	}
170	170

175	175
176	176	/* store length */
177	177	STORE64H(md->whirlpool.length, md->whirlpool.buf+56);
178		whirlpool_compress(md, md->whirlpool.buf);
	178	s_whirlpool_compress(md, md->whirlpool.buf);
179	179
180	180	/* copy output */
181	181	for (i = 0; i < 8; i++) {

+2

-2

src/ltc/hashes/whirl/whirltab.c less more

5	5	LTC_WHIRLPOOL tables, Tom St Denis
6	6	*/
7	7
8		#ifdef __LTC_WHIRLTAB_C__
	8	#ifdef LTC_WHIRLTAB_C
9	9
10	10	static const ulong64 sbox0[] = {
11	11	CONST64(0x18186018c07830d8), CONST64(0x23238c2305af4626), CONST64(0xc6c63fc67ef991b8), CONST64(0xe8e887e8136fcdfb),

582	582	CONST64(0x6302aa71c81949d9),
583	583	};
584	584
585		#endif /* __LTC_WHIRLTAB_C__ */
	585	#endif /* LTC_WHIRLTAB_C */

+16

-0

src/ltc/headers/tomcrypt_custom.h less more

584	584	#define LTC_PBES
585	585	#endif
586	586
	587	#if defined(LTC_PBES) && !defined(LTC_PKCS_5)
	588	#error LTC_PBES requires LTC_PKCS_5
	589	#endif
	590
	591	#if defined(LTC_PBES) && !defined(LTC_PKCS_12)
	592	#error LTC_PBES requires LTC_PKCS_12
	593	#endif
	594
	595	#if defined(LTC_PKCS_5) && !defined(LTC_HMAC)
	596	#error LTC_PKCS_5 requires LTC_HMAC
	597	#endif
	598
	599	#if defined(LTC_PKCS_5) && !defined(LTC_HASH_HELPERS)
	600	#error LTC_PKCS_5 requires LTC_HASH_HELPERS
	601	#endif
	602
587	603	#if defined(LTC_PELICAN) && !defined(LTC_RIJNDAEL)
588	604	#error Pelican-MAC requires LTC_RIJNDAEL
589	605	#endif

+26

-26

src/ltc/headers/tomcrypt_macros.h less more

53	53	#ifdef LTC_HAVE_BSWAP_BUILTIN
54	54
55	55	#define STORE32H(x, y) \
56		do { ulong32 __t = __builtin_bswap32 ((x)); \
57		XMEMCPY ((y), &__t, 4); } while(0)
	56	do { ulong32 ttt = __builtin_bswap32 ((x)); \
	57	XMEMCPY ((y), &ttt, 4); } while(0)
58	58
59	59	#define LOAD32H(x, y) \
60	60	do { XMEMCPY (&(x), (y), 4); \

92	92	#ifdef LTC_HAVE_BSWAP_BUILTIN
93	93
94	94	#define STORE64H(x, y) \
95		do { ulong64 __t = __builtin_bswap64 ((x)); \
96		XMEMCPY ((y), &__t, 8); } while(0)
	95	do { ulong64 ttt = __builtin_bswap64 ((x)); \
	96	XMEMCPY ((y), &ttt, 8); } while(0)
97	97
98	98	#define LOAD64H(x, y) \
99	99	do { XMEMCPY (&(x), (y), 8); \

134	134	#ifdef ENDIAN_32BITWORD
135	135
136	136	#define STORE32L(x, y) \
137		do { ulong32 __t = (x); XMEMCPY(y, &__t, 4); } while(0)
	137	do { ulong32 ttt = (x); XMEMCPY(y, &ttt, 4); } while(0)
138	138
139	139	#define LOAD32L(x, y) \
140	140	do { XMEMCPY(&(x), y, 4); } while(0)

154	154	#else /* 64-bit words then */
155	155
156	156	#define STORE32L(x, y) \
157		do { ulong32 __t = (x); XMEMCPY(y, &__t, 4); } while(0)
	157	do { ulong32 ttt = (x); XMEMCPY(y, &ttt, 4); } while(0)
158	158
159	159	#define LOAD32L(x, y) \
160	160	do { XMEMCPY(&(x), y, 4); x &= 0xFFFFFFFF; } while(0)
161	161
162	162	#define STORE64L(x, y) \
163		do { ulong64 __t = (x); XMEMCPY(y, &__t, 8); } while(0)
	163	do { ulong64 ttt = (x); XMEMCPY(y, &ttt, 8); } while(0)
164	164
165	165	#define LOAD64L(x, y) \
166	166	do { XMEMCPY(&(x), y, 8); } while(0)

194	194	#ifdef ENDIAN_32BITWORD
195	195
196	196	#define STORE32H(x, y) \
197		do { ulong32 __t = (x); XMEMCPY(y, &__t, 4); } while(0)
	197	do { ulong32 ttt = (x); XMEMCPY(y, &ttt, 4); } while(0)
198	198
199	199	#define LOAD32H(x, y) \
200	200	do { XMEMCPY(&(x), y, 4); } while(0)

214	214	#else /* 64-bit words then */
215	215
216	216	#define STORE32H(x, y) \
217		do { ulong32 __t = (x); XMEMCPY(y, &__t, 4); } while(0)
	217	do { ulong32 ttt = (x); XMEMCPY(y, &ttt, 4); } while(0)
218	218
219	219	#define LOAD32H(x, y) \
220	220	do { XMEMCPY(&(x), y, 4); x &= 0xFFFFFFFF; } while(0)
221	221
222	222	#define STORE64H(x, y) \
223		do { ulong64 __t = (x); XMEMCPY(y, &__t, 8); } while(0)
	223	do { ulong64 ttt = (x); XMEMCPY(y, &ttt, 8); } while(0)
224	224
225	225	#define LOAD64H(x, y) \
226	226	do { XMEMCPY(&(x), y, 8); } while(0)

274	274	#ifndef LTC_NO_ROLC
275	275
276	276	#define ROLc(word,i) ({ \
277		ulong32 __ROLc_tmp = (word); \
	277	ulong32 ROLc_tmp = (word); \
278	278	__asm__ ("roll %2, %0" : \
279		"=r" (__ROLc_tmp) : \
280		"0" (__ROLc_tmp), \
	279	"=r" (ROLc_tmp) : \
	280	"0" (ROLc_tmp), \
281	281	"I" (i)); \
282		__ROLc_tmp; \
	282	ROLc_tmp; \
283	283	})
284	284	#define RORc(word,i) ({ \
285		ulong32 __RORc_tmp = (word); \
	285	ulong32 RORc_tmp = (word); \
286	286	__asm__ ("rorl %2, %0" : \
287		"=r" (__RORc_tmp) : \
288		"0" (__RORc_tmp), \
	287	"=r" (RORc_tmp) : \
	288	"0" (RORc_tmp), \
289	289	"I" (i)); \
290		__RORc_tmp; \
	290	RORc_tmp; \
291	291	})
292	292
293	293	#else

392	392	#ifndef LTC_NO_ROLC
393	393
394	394	#define ROL64c(word,i) ({ \
395		ulong64 __ROL64c_tmp = word; \
	395	ulong64 ROL64c_tmp = word; \
396	396	__asm__ ("rolq %2, %0" : \
397		"=r" (__ROL64c_tmp) : \
398		"0" (__ROL64c_tmp), \
	397	"=r" (ROL64c_tmp) : \
	398	"0" (ROL64c_tmp), \
399	399	"J" (i)); \
400		__ROL64c_tmp; \
	400	ROL64c_tmp; \
401	401	})
402	402	#define ROR64c(word,i) ({ \
403		ulong64 __ROR64c_tmp = word; \
	403	ulong64 ROR64c_tmp = word; \
404	404	__asm__ ("rorq %2, %0" : \
405		"=r" (__ROR64c_tmp) : \
406		"0" (__ROR64c_tmp), \
	405	"=r" (ROR64c_tmp) : \
	406	"0" (ROR64c_tmp), \
407	407	"J" (i)); \
408		__ROR64c_tmp; \
	408	ROR64c_tmp; \
409	409	})
410	410
411	411	#else /* LTC_NO_ROLC */

+17

-17

src/ltc/headers/tomcrypt_pk.h less more

54	54	void rsa_free(rsa_key *key);
55	55
56	56	/* These use PKCS #1 v2.0 padding */
57		#define rsa_encrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, _key) \
58		rsa_encrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, LTC_PKCS_1_OAEP, _key)
59
60		#define rsa_decrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, _stat, _key) \
61		rsa_decrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, LTC_PKCS_1_OAEP, _stat, _key)
62
63		#define rsa_sign_hash(_in, _inlen, _out, _outlen, _prng, _prng_idx, _hash_idx, _saltlen, _key) \
64		rsa_sign_hash_ex(_in, _inlen, _out, _outlen, LTC_PKCS_1_PSS, _prng, _prng_idx, _hash_idx, _saltlen, _key)
65
66		#define rsa_verify_hash(_sig, _siglen, _hash, _hashlen, _hash_idx, _saltlen, _stat, _key) \
67		rsa_verify_hash_ex(_sig, _siglen, _hash, _hashlen, LTC_PKCS_1_PSS, _hash_idx, _saltlen, _stat, _key)
68
69		#define rsa_sign_saltlen_get_max(_hash_idx, _key) \
70		rsa_sign_saltlen_get_max_ex(LTC_PKCS_1_PSS, _hash_idx, _key)
	57	#define rsa_encrypt_key(in, inlen, out, outlen, lparam, lparamlen, prng, prng_idx, hash_idx, key) \
	58	rsa_encrypt_key_ex(in, inlen, out, outlen, lparam, lparamlen, prng, prng_idx, hash_idx, LTC_PKCS_1_OAEP, key)
	59
	60	#define rsa_decrypt_key(in, inlen, out, outlen, lparam, lparamlen, hash_idx, stat, key) \
	61	rsa_decrypt_key_ex(in, inlen, out, outlen, lparam, lparamlen, hash_idx, LTC_PKCS_1_OAEP, stat, key)
	62
	63	#define rsa_sign_hash(in, inlen, out, outlen, prng, prng_idx, hash_idx, saltlen, key) \
	64	rsa_sign_hash_ex(in, inlen, out, outlen, LTC_PKCS_1_PSS, prng, prng_idx, hash_idx, saltlen, key)
	65
	66	#define rsa_verify_hash(sig, siglen, hash, hashlen, hash_idx, saltlen, stat, key) \
	67	rsa_verify_hash_ex(sig, siglen, hash, hashlen, LTC_PKCS_1_PSS, hash_idx, saltlen, stat, key)
	68
	69	#define rsa_sign_saltlen_get_max(hash_idx, key) \
	70	rsa_sign_saltlen_get_max_ex(LTC_PKCS_1_PSS, hash_idx, key)
71	71
72	72	/* These can be switched between PKCS #1 v2.x and PKCS #1 v1.5 paddings */
73	73	int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen,

539	539	LTC_MACRO_list[LTC_MACRO_temp].tag = 0; \
540	540	} while (0)
541	541
542		#define __LTC_SET_ASN1_IDENTIFIER(list, index, Class, Pc, Tag) \
	542	#define LTC_SET_ASN1_IDENTIFIER(list, index, Class, Pc, Tag) \
543	543	do { \
544	544	int LTC_MACRO_temp = (index); \
545	545	ltc_asn1_list *LTC_MACRO_list = (list); \

553	553	do { \
554	554	int LTC_MACRO_temp##__LINE__ = (index); \
555	555	LTC_SET_ASN1(list, LTC_MACRO_temp##__LINE__, LTC_ASN1_CUSTOM_TYPE, Data, 1); \
556		__LTC_SET_ASN1_IDENTIFIER(list, LTC_MACRO_temp##__LINE__, Class, LTC_ASN1_PC_CONSTRUCTED, Tag); \
	556	LTC_SET_ASN1_IDENTIFIER(list, LTC_MACRO_temp##__LINE__, Class, LTC_ASN1_PC_CONSTRUCTED, Tag); \
557	557	} while (0)
558	558
559	559	#define LTC_SET_ASN1_CUSTOM_PRIMITIVE(list, index, Class, Tag, Type, Data, Size) \
560	560	do { \
561	561	int LTC_MACRO_temp##__LINE__ = (index); \
562	562	LTC_SET_ASN1(list, LTC_MACRO_temp##__LINE__, LTC_ASN1_CUSTOM_TYPE, Data, Size); \
563		__LTC_SET_ASN1_IDENTIFIER(list, LTC_MACRO_temp##__LINE__, Class, LTC_ASN1_PC_PRIMITIVE, Tag); \
	563	LTC_SET_ASN1_IDENTIFIER(list, LTC_MACRO_temp##__LINE__, Class, LTC_ASN1_PC_PRIMITIVE, Tag); \
564	564	list[LTC_MACRO_temp##__LINE__].used = (int)(Type); \
565	565	} while (0)
566	566

+2

-2

src/ltc/headers/tomcrypt_private.h less more

89	89	if (md-> state_var .curlen > sizeof(md-> state_var .buf)) { \
90	90	return CRYPT_INVALID_ARG; \
91	91	} \
92		if ((md-> state_var .length + inlen) < md-> state_var .length) { \
	92	if ((md-> state_var .length + inlen * 8) < md-> state_var .length) { \
93	93	return CRYPT_HASH_OVERFLOW; \
94	94	} \
95	95	while (inlen > 0) { \

416	416
417	417	/* tomcrypt_prng.h */
418	418
419		#define _LTC_PRNG_EXPORT(which) \
	419	#define LTC_PRNG_EXPORT(which) \
420	420	int which ## _export(unsigned char out, unsigned long outlen, prng_state *prng) \
421	421	{ \
422	422	unsigned long len = which ## _desc.export_size; \

+5

-5

src/ltc/mac/pelican/pelican.c less more

8	8
9	9	#ifdef LTC_PELICAN
10	10
11		#define __LTC_AES_TAB_C__
	11	#define LTC_AES_TAB_C
12	12	#define ENCRYPT_ONLY
13	13	#define PELI_TAB
14	14	#include "../../ciphers/aes/aes_tab.c"

44	44	return CRYPT_OK;
45	45	}
46	46
47		static void _four_rounds(pelican_state *pelmac)
	47	static void s_four_rounds(pelican_state *pelmac)
48	48	{
49	49	ulong32 s0, s1, s2, s3, t0, t1, t2, t3;
50	50	int r;

107	107	for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) {
108	108	(LTC_FAST_TYPE_PTR_CAST((unsigned char )pelmac->state + x)) ^= (LTC_FAST_TYPE_PTR_CAST((unsigned char )in + x));
109	109	}
110		_four_rounds(pelmac);
	110	s_four_rounds(pelmac);
111	111	in += 16;
112	112	inlen -= 16;
113	113	}

117	117	while (inlen--) {
118	118	pelmac->state[pelmac->buflen++] ^= *in++;
119	119	if (pelmac->buflen == 16) {
120		_four_rounds(pelmac);
	120	s_four_rounds(pelmac);
121	121	pelmac->buflen = 0;
122	122	}
123	123	}

141	141	}
142	142
143	143	if (pelmac->buflen == 16) {
144		_four_rounds(pelmac);
	144	s_four_rounds(pelmac);
145	145	pelmac->buflen = 0;
146	146	}
147	147	pelmac->state[pelmac->buflen++] ^= 0x80;

+4

-4

src/ltc/mac/poly1305/poly1305.c less more

10	10	#ifdef LTC_POLY1305
11	11
12	12	/* internal only */
13		static void _poly1305_block(poly1305_state st, const unsigned char in, unsigned long inlen)
	13	static void s_poly1305_block(poly1305_state st, const unsigned char in, unsigned long inlen)
14	14	{
15	15	const unsigned long hibit = (st->final) ? 0 : (1UL << 24); /* 1 << 128 */
16	16	ulong32 r0,r1,r2,r3,r4;

134	134	in += want;
135	135	st->leftover += want;
136	136	if (st->leftover < 16) return CRYPT_OK;
137		_poly1305_block(st, st->buffer, 16);
	137	s_poly1305_block(st, st->buffer, 16);
138	138	st->leftover = 0;
139	139	}
140	140
141	141	/* process full blocks */
142	142	if (inlen >= 16) {
143	143	unsigned long want = (inlen & ~(16 - 1));
144		_poly1305_block(st, in, want);
	144	s_poly1305_block(st, in, want);
145	145	in += want;
146	146	inlen -= want;
147	147	}

179	179	st->buffer[i++] = 1;
180	180	for (; i < 16; i++) st->buffer[i] = 0;
181	181	st->final = 1;
182		_poly1305_block(st, st->buffer, 16);
	182	s_poly1305_block(st, st->buffer, 16);
183	183	}
184	184
185	185	/* fully carry h */

+28

-28

src/ltc/math/fp/ltc_ecc_fp_mulmod.c less more

565	565	};
566	566
567	567	/* find a hole and free as required, return -1 if no hole found */
568		static int _find_hole(void)
	568	static int s_find_hole(void)
569	569	{
570	570	unsigned x;
571	571	int y, z;

601	601	}
602	602
603	603	/* determine if a base is already in the cache and if so, where */
604		static int _find_base(ecc_point *g)
	604	static int s_find_base(ecc_point *g)
605	605	{
606	606	int x;
607	607	for (x = 0; x < FP_ENTRIES; x++) {

619	619	}
620	620
621	621	/* add a new base to the cache */
622		static int _add_entry(int idx, ecc_point *g)
	622	static int s_add_entry(int idx, ecc_point *g)
623	623	{
624	624	unsigned x, y;
625	625

661	661	* The algorithm builds patterns in increasing bit order by first making all
662	662	* single bit input patterns, then all two bit input patterns and so on
663	663	*/
664		static int _build_lut(int idx, void a, void modulus, void mp, void mu)
	664	static int s_build_lut(int idx, void a, void modulus, void mp, void mu)
665	665	{
666	666	unsigned x, y, err, bitlen, lut_gap;
667	667	void *tmp;

768	768	}
769	769
770	770	/* perform a fixed point ECC mulmod */
771		static int _accel_fp_mul(int idx, void k, ecc_point R, void a, void modulus, void *mp, int map)
	771	static int s_accel_fp_mul(int idx, void k, ecc_point R, void a, void modulus, void *mp, int map)
772	772	{
773	773	unsigned char kb[128];
774	774	int x;

891	891
892	892	#ifdef LTC_ECC_SHAMIR
893	893	/* perform a fixed point ECC mulmod */
894		static int _accel_fp_mul2add(int idx1, int idx2,
	894	static int ss_accel_fp_mul2add(int idx1, int idx2,
895	895	void kA, void kB,
896	896	ecc_point R, void a, void modulus, void mp)
897	897	{

1114	1114	mu = NULL;
1115	1115	LTC_MUTEX_LOCK(&ltc_ecc_fp_lock);
1116	1116	/* find point */
1117		idx1 = _find_base(A);
	1117	idx1 = s_find_base(A);
1118	1118
1119	1119	/* no entry? */
1120	1120	if (idx1 == -1) {
1121	1121	/* find hole and add it */
1122		if ((idx1 = _find_hole()) >= 0) {
1123		if ((err = _add_entry(idx1, A)) != CRYPT_OK) {
	1122	if ((idx1 = s_find_hole()) >= 0) {
	1123	if ((err = s_add_entry(idx1, A)) != CRYPT_OK) {
1124	1124	goto LBL_ERR;
1125	1125	}
1126	1126	}

1131	1131	}
1132	1132
1133	1133	/* find point */
1134		idx2 = _find_base(B);
	1134	idx2 = s_find_base(B);
1135	1135
1136	1136	/* no entry? */
1137	1137	if (idx2 == -1) {
1138	1138	/* find hole and add it */
1139		if ((idx2 = _find_hole()) >= 0) {
1140		if ((err = _add_entry(idx2, B)) != CRYPT_OK) {
	1139	if ((idx2 = s_find_hole()) >= 0) {
	1140	if ((err = s_add_entry(idx2, B)) != CRYPT_OK) {
1141	1141	goto LBL_ERR;
1142	1142	}
1143	1143	}

1161	1161	}
1162	1162
1163	1163	/* build the LUT */
1164		if ((err = _build_lut(idx1, a, modulus, mp, mu)) != CRYPT_OK) {
	1164	if ((err = s_build_lut(idx1, a, modulus, mp, mu)) != CRYPT_OK) {
1165	1165	goto LBL_ERR;;
1166	1166	}
1167	1167	}

1182	1182	}
1183	1183
1184	1184	/* build the LUT */
1185		if ((err = _build_lut(idx2, a, modulus, mp, mu)) != CRYPT_OK) {
	1185	if ((err = s_build_lut(idx2, a, modulus, mp, mu)) != CRYPT_OK) {
1186	1186	goto LBL_ERR;;
1187	1187	}
1188	1188	}

1193	1193	/* compute mp */
1194	1194	if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; }
1195	1195	}
1196		err = _accel_fp_mul2add(idx1, idx2, kA, kB, C, a, modulus, mp);
	1196	err = ss_accel_fp_mul2add(idx1, idx2, kA, kB, C, a, modulus, mp);
1197	1197	} else {
1198	1198	err = ltc_ecc_mul2add(A, kA, B, kB, C, a, modulus);
1199	1199	}

1227	1227	mu = NULL;
1228	1228	LTC_MUTEX_LOCK(&ltc_ecc_fp_lock);
1229	1229	/* find point */
1230		idx = _find_base(G);
	1230	idx = s_find_base(G);
1231	1231
1232	1232	/* no entry? */
1233	1233	if (idx == -1) {
1234	1234	/* find hole and add it */
1235		idx = _find_hole();
	1235	idx = s_find_hole();
1236	1236
1237	1237	if (idx >= 0) {
1238		if ((err = _add_entry(idx, G)) != CRYPT_OK) {
	1238	if ((err = s_add_entry(idx, G)) != CRYPT_OK) {
1239	1239	goto LBL_ERR;
1240	1240	}
1241	1241	}

1260	1260	}
1261	1261
1262	1262	/* build the LUT */
1263		if ((err = _build_lut(idx, a, modulus, mp, mu)) != CRYPT_OK) {
	1263	if ((err = s_build_lut(idx, a, modulus, mp, mu)) != CRYPT_OK) {
1264	1264	goto LBL_ERR;;
1265	1265	}
1266	1266	}

1270	1270	/* compute mp */
1271	1271	if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; }
1272	1272	}
1273		err = _accel_fp_mul(idx, k, R, a, modulus, mp, map);
	1273	err = s_accel_fp_mul(idx, k, R, a, modulus, mp, map);
1274	1274	} else {
1275	1275	err = ltc_ecc_mulmod(k, G, R, a, modulus, map);
1276	1276	}

1286	1286	}
1287	1287
1288	1288	/* helper function for freeing the cache ... must be called with the cache mutex locked */
1289		static void _ltc_ecc_fp_free_cache(void)
	1289	static void s_ltc_ecc_fp_free_cache(void)
1290	1290	{
1291	1291	unsigned x, y;
1292	1292	for (x = 0; x < FP_ENTRIES; x++) {

1311	1311	void ltc_ecc_fp_free(void)
1312	1312	{
1313	1313	LTC_MUTEX_LOCK(&ltc_ecc_fp_lock);
1314		_ltc_ecc_fp_free_cache();
	1314	s_ltc_ecc_fp_free_cache();
1315	1315	LTC_MUTEX_UNLOCK(&ltc_ecc_fp_lock);
1316	1316	}
1317	1317

1330	1330	void *mu = NULL;
1331	1331
1332	1332	LTC_MUTEX_LOCK(&ltc_ecc_fp_lock);
1333		if ((idx = _find_base(g)) >= 0) {
	1333	if ((idx = s_find_base(g)) >= 0) {
1334	1334	/* it is already in the cache ... just check that the LUT is initialized */
1335	1335	if(fp_cache[idx].lru_count >= 2) {
1336	1336	LTC_MUTEX_UNLOCK(&ltc_ecc_fp_lock);

1338	1338	}
1339	1339	}
1340	1340
1341		if(idx == -1 && (idx = _find_hole()) == -1) {
	1341	if(idx == -1 && (idx = s_find_hole()) == -1) {
1342	1342	err = CRYPT_BUFFER_OVERFLOW;
1343	1343	goto LBL_ERR;
1344	1344	}
1345		if ((err = _add_entry(idx, g)) != CRYPT_OK) {
	1345	if ((err = s_add_entry(idx, g)) != CRYPT_OK) {
1346	1346	goto LBL_ERR;
1347	1347	}
1348	1348	/* compute mp */

1359	1359	}
1360	1360
1361	1361	/* build the LUT */
1362		if ((err = _build_lut(idx, a, modulus, mp, mu)) != CRYPT_OK) {
	1362	if ((err = s_build_lut(idx, a, modulus, mp, mu)) != CRYPT_OK) {
1363	1363	goto LBL_ERR;
1364	1364	}
1365	1365	fp_cache[idx].lru_count = 2;

1497	1497	/*
1498	1498	* start with an empty cache
1499	1499	*/
1500		_ltc_ecc_fp_free_cache();
	1500	s_ltc_ecc_fp_free_cache();
1501	1501
1502	1502	/*
1503	1503	* decode the input packet: It consists of a sequence with a few

1567	1567	ERR_OUT:
1568	1568	if(asn1_list)
1569	1569	XFREE(asn1_list);
1570		_ltc_ecc_fp_free_cache();
	1570	s_ltc_ecc_fp_free_cache();
1571	1571	LTC_MUTEX_UNLOCK(&ltc_ecc_fp_lock);
1572	1572	return err;
1573	1573	}

+9

-9

src/ltc/misc/adler32.c less more

9	9	*/
10	10	#ifdef LTC_ADLER32
11	11
12		static const unsigned long _adler32_base = 65521;
	12	static const unsigned long s_adler32_base = 65521;
13	13
14	14	void adler32_init(adler32_state *ctx)
15	15	{

34	34	length--;
35	35	} while (length % 8 != 0);
36	36
37		if (s1 >= _adler32_base) {
38		s1 -= _adler32_base;
	37	if (s1 >= s_adler32_base) {
	38	s1 -= s_adler32_base;
39	39	}
40		s2 %= _adler32_base;
	40	s2 %= s_adler32_base;
41	41	}
42	42
43	43	while (length > 0) {

61	61	length -= 8;
62	62	input += 8;
63	63
64		if (s1 >= _adler32_base) {
65		s1 -= _adler32_base;
	64	if (s1 >= s_adler32_base) {
	65	s1 -= s_adler32_base;
66	66	}
67		s2 %= _adler32_base;
	67	s2 %= s_adler32_base;
68	68	}
69	69
70		LTC_ARGCHKVD(s1 < _adler32_base);
71		LTC_ARGCHKVD(s2 < _adler32_base);
	70	LTC_ARGCHKVD(s1 < s_adler32_base);
	71	LTC_ARGCHKVD(s2 < s_adler32_base);
72	72
73	73	ctx->s[0] = (unsigned short)s1;
74	74	ctx->s[1] = (unsigned short)s2;

+7

-7

src/ltc/misc/base64/base64_decode.c less more

74	74	relaxed = 2
75	75	};
76	76
77		static int _base64_decode_internal(const char *in, unsigned long inlen,
	77	static int s_base64_decode_internal(const char *in, unsigned long inlen,
78	78	unsigned char out, unsigned long outlen,
79	79	const unsigned char *map, int mode)
80	80	{

148	148	int base64_decode(const char *in, unsigned long inlen,
149	149	unsigned char out, unsigned long outlen)
150	150	{
151		return _base64_decode_internal(in, inlen, out, outlen, map_base64, insane);
	151	return s_base64_decode_internal(in, inlen, out, outlen, map_base64, insane);
152	152	}
153	153
154	154	/**

162	162	int base64_strict_decode(const char *in, unsigned long inlen,
163	163	unsigned char out, unsigned long outlen)
164	164	{
165		return _base64_decode_internal(in, inlen, out, outlen, map_base64, strict);
	165	return s_base64_decode_internal(in, inlen, out, outlen, map_base64, strict);
166	166	}
167	167
168	168	/**

176	176	int base64_sane_decode(const char *in, unsigned long inlen,
177	177	unsigned char out, unsigned long outlen)
178	178	{
179		return _base64_decode_internal(in, inlen, out, outlen, map_base64, relaxed);
	179	return s_base64_decode_internal(in, inlen, out, outlen, map_base64, relaxed);
180	180	}
181	181	#endif /* LTC_BASE64 */
182	182

192	192	int base64url_decode(const char *in, unsigned long inlen,
193	193	unsigned char out, unsigned long outlen)
194	194	{
195		return _base64_decode_internal(in, inlen, out, outlen, map_base64url, insane);
	195	return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, insane);
196	196	}
197	197
198	198	/**

206	206	int base64url_strict_decode(const char *in, unsigned long inlen,
207	207	unsigned char out, unsigned long outlen)
208	208	{
209		return _base64_decode_internal(in, inlen, out, outlen, map_base64url, strict);
	209	return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, strict);
210	210	}
211	211
212	212	/**

220	220	int base64url_sane_decode(const char *in, unsigned long inlen,
221	221	unsigned char out, unsigned long outlen)
222	222	{
223		return _base64_decode_internal(in, inlen, out, outlen, map_base64url, relaxed);
	223	return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, relaxed);
224	224	}
225	225	#endif /* LTC_BASE64_URL */
226	226

+4

-4

src/ltc/misc/base64/base64_encode.c less more

20	20	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
21	21	#endif /* LTC_BASE64_URL */
22	22
23		static int _base64_encode_internal(const unsigned char *in, unsigned long inlen,
	23	static int s_base64_encode_internal(const unsigned char *in, unsigned long inlen,
24	24	char out, unsigned long outlen,
25	25	const char *codes, int pad)
26	26	{

82	82	int base64_encode(const unsigned char *in, unsigned long inlen,
83	83	char out, unsigned long outlen)
84	84	{
85		return _base64_encode_internal(in, inlen, out, outlen, codes_base64, 1);
	85	return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, 1);
86	86	}
87	87	#endif /* LTC_BASE64 */
88	88

99	99	int base64url_encode(const unsigned char *in, unsigned long inlen,
100	100	char out, unsigned long outlen)
101	101	{
102		return _base64_encode_internal(in, inlen, out, outlen, codes_base64url, 0);
	102	return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, 0);
103	103	}
104	104
105	105	int base64url_strict_encode(const unsigned char *in, unsigned long inlen,
106	106	char out, unsigned long outlen)
107	107	{
108		return _base64_encode_internal(in, inlen, out, outlen, codes_base64url, 1);
	108	return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, 1);
109	109	}
110	110	#endif /* LTC_BASE64_URL */
111	111

+5

-5

src/ltc/misc/bcrypt/bcrypt.c less more

10	10	#define BCRYPT_WORDS 8
11	11	#define BCRYPT_HASHSIZE (BCRYPT_WORDS * 4)
12	12
13		static int _bcrypt_hash(const unsigned char *pt,
	13	static int s_bcrypt_hash(const unsigned char *pt,
14	14	const unsigned char *pass, unsigned long passlen,
15	15	const unsigned char *salt, unsigned long saltlen,
16	16	unsigned char out, unsigned long outlen)

51	51	return CRYPT_OK;
52	52	}
53	53
54		static int _bcrypt_pbkdf_hash(const unsigned char *pass, unsigned long passlen,
	54	static int s_bcrypt_pbkdf_hash(const unsigned char *pass, unsigned long passlen,
55	55	const unsigned char *salt, unsigned long saltlen,
56	56	unsigned char out, unsigned long outlen)
57	57	{
58	58	const unsigned char pt[] = "OxychromaticBlowfishSwatDynamite";
59		return _bcrypt_hash(pt, pass, passlen, salt, saltlen, out, outlen);
	59	return s_bcrypt_hash(pt, pass, passlen, salt, saltlen, out, outlen);
60	60	}
61	61
62	62	/**

142	142	goto LBL_ERR;
143	143	}
144	144	y = MAXBLOCKSIZE;
145		if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) {
	145	if ((err = s_bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) {
146	146	goto LBL_ERR;
147	147	}
148	148	XMEMCPY(buf[2], buf[1], y);

154	154	goto LBL_ERR;
155	155	}
156	156	y = MAXBLOCKSIZE;
157		if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) {
	157	if ((err = s_bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) {
158	158	goto LBL_ERR;
159	159	}
160	160	for (x = 0; x < y; x++) {

+3

-3

src/ltc/misc/compare_testvector.c less more

8	8	*/
9	9
10	10	#if defined(LTC_TEST) && defined(LTC_TEST_DBG)
11		static void _print_hex(const char* what, const void* v, const unsigned long l)
	11	static void s_print_hex(const char* what, const void* v, const unsigned long l)
12	12	{
13	13	const unsigned char* p = v;
14	14	unsigned long x, y = 0, z;

64	64	#if defined(LTC_TEST) && defined(LTC_TEST_DBG)
65	65	if (res != 0) {
66	66	fprintf(stderr, "Testvector #%i of %s failed:\n", which, what);
67		_print_hex("SHOULD", should, should_len);
68		_print_hex("IS ", is, is_len);
	67	s_print_hex("SHOULD", should, should_len);
	68	s_print_hex("IS ", is, is_len);
69	69	#if LTC_TEST_DBG > 1
70	70	} else {
71	71	fprintf(stderr, "Testvector #%i of %s passed!\n", which, what);

+3

-3

src/ltc/misc/crc32.c less more

9	9	*/
10	10	#ifdef LTC_CRC32
11	11
12		static const ulong32 _CRC32_NEGL = 0xffffffffUL;
	12	static const ulong32 CRC32_NEGL = 0xffffffffUL;
13	13
14	14	#if defined(ENDIAN_LITTLE)
15	15	#define CRC32_INDEX(c) (c & 0xff)

136	136	void crc32_init(crc32_state *ctx)
137	137	{
138	138	LTC_ARGCHKVD(ctx != NULL);
139		ctx->crc = _CRC32_NEGL;
	139	ctx->crc = CRC32_NEGL;
140	140	}
141	141
142	142	void crc32_update(crc32_state ctx, const unsigned char input, unsigned long length)

163	163
164	164	h = hash;
165	165	crc = ctx->crc;
166		crc ^= _CRC32_NEGL;
	166	crc ^= CRC32_NEGL;
167	167
168	168	if (size > 4) size = 4;
169	169	for (i = 0; i < size; i++) {

+100

-100

src/ltc/misc/crypt/crypt_constants.c less more

16	16	const int value;
17	17	} crypt_constant;
18	18
19		#define _C_STRINGIFY(s) { #s, s }
20
21		static const crypt_constant _crypt_constants[] = {
22
23		_C_STRINGIFY(CRYPT_OK),
24		_C_STRINGIFY(CRYPT_ERROR),
25		_C_STRINGIFY(CRYPT_NOP),
26		_C_STRINGIFY(CRYPT_INVALID_KEYSIZE),
27		_C_STRINGIFY(CRYPT_INVALID_ROUNDS),
28		_C_STRINGIFY(CRYPT_FAIL_TESTVECTOR),
29		_C_STRINGIFY(CRYPT_BUFFER_OVERFLOW),
30		_C_STRINGIFY(CRYPT_INVALID_PACKET),
31		_C_STRINGIFY(CRYPT_INVALID_PRNGSIZE),
32		_C_STRINGIFY(CRYPT_ERROR_READPRNG),
33		_C_STRINGIFY(CRYPT_INVALID_CIPHER),
34		_C_STRINGIFY(CRYPT_INVALID_HASH),
35		_C_STRINGIFY(CRYPT_INVALID_PRNG),
36		_C_STRINGIFY(CRYPT_MEM),
37		_C_STRINGIFY(CRYPT_PK_TYPE_MISMATCH),
38		_C_STRINGIFY(CRYPT_PK_NOT_PRIVATE),
39		_C_STRINGIFY(CRYPT_INVALID_ARG),
40		_C_STRINGIFY(CRYPT_FILE_NOTFOUND),
41		_C_STRINGIFY(CRYPT_PK_INVALID_TYPE),
42		_C_STRINGIFY(CRYPT_OVERFLOW),
43		_C_STRINGIFY(CRYPT_PK_ASN1_ERROR),
44		_C_STRINGIFY(CRYPT_INPUT_TOO_LONG),
45		_C_STRINGIFY(CRYPT_PK_INVALID_SIZE),
46		_C_STRINGIFY(CRYPT_INVALID_PRIME_SIZE),
47		_C_STRINGIFY(CRYPT_PK_INVALID_PADDING),
48		_C_STRINGIFY(CRYPT_HASH_OVERFLOW),
49
50		_C_STRINGIFY(PK_PUBLIC),
51		_C_STRINGIFY(PK_PRIVATE),
52
53		_C_STRINGIFY(LTC_ENCRYPT),
54		_C_STRINGIFY(LTC_DECRYPT),
	19	#define C_STRINGIFY(s) { #s, s }
	20
	21	static const crypt_constant s_crypt_constants[] = {
	22
	23	C_STRINGIFY(CRYPT_OK),
	24	C_STRINGIFY(CRYPT_ERROR),
	25	C_STRINGIFY(CRYPT_NOP),
	26	C_STRINGIFY(CRYPT_INVALID_KEYSIZE),
	27	C_STRINGIFY(CRYPT_INVALID_ROUNDS),
	28	C_STRINGIFY(CRYPT_FAIL_TESTVECTOR),
	29	C_STRINGIFY(CRYPT_BUFFER_OVERFLOW),
	30	C_STRINGIFY(CRYPT_INVALID_PACKET),
	31	C_STRINGIFY(CRYPT_INVALID_PRNGSIZE),
	32	C_STRINGIFY(CRYPT_ERROR_READPRNG),
	33	C_STRINGIFY(CRYPT_INVALID_CIPHER),
	34	C_STRINGIFY(CRYPT_INVALID_HASH),
	35	C_STRINGIFY(CRYPT_INVALID_PRNG),
	36	C_STRINGIFY(CRYPT_MEM),
	37	C_STRINGIFY(CRYPT_PK_TYPE_MISMATCH),
	38	C_STRINGIFY(CRYPT_PK_NOT_PRIVATE),
	39	C_STRINGIFY(CRYPT_INVALID_ARG),
	40	C_STRINGIFY(CRYPT_FILE_NOTFOUND),
	41	C_STRINGIFY(CRYPT_PK_INVALID_TYPE),
	42	C_STRINGIFY(CRYPT_OVERFLOW),
	43	C_STRINGIFY(CRYPT_PK_ASN1_ERROR),
	44	C_STRINGIFY(CRYPT_INPUT_TOO_LONG),
	45	C_STRINGIFY(CRYPT_PK_INVALID_SIZE),
	46	C_STRINGIFY(CRYPT_INVALID_PRIME_SIZE),
	47	C_STRINGIFY(CRYPT_PK_INVALID_PADDING),
	48	C_STRINGIFY(CRYPT_HASH_OVERFLOW),
	49
	50	C_STRINGIFY(PK_PUBLIC),
	51	C_STRINGIFY(PK_PRIVATE),
	52
	53	C_STRINGIFY(LTC_ENCRYPT),
	54	C_STRINGIFY(LTC_DECRYPT),
55	55
56	56	#ifdef LTC_PKCS_1
57	57	{"LTC_PKCS_1", 1},
58	58	/* Block types */
59		_C_STRINGIFY(LTC_PKCS_1_EMSA),
60		_C_STRINGIFY(LTC_PKCS_1_EME),
	59	C_STRINGIFY(LTC_PKCS_1_EMSA),
	60	C_STRINGIFY(LTC_PKCS_1_EME),
61	61
62	62	/* Padding types */
63		_C_STRINGIFY(LTC_PKCS_1_V1_5),
64		_C_STRINGIFY(LTC_PKCS_1_OAEP),
65		_C_STRINGIFY(LTC_PKCS_1_PSS),
66		_C_STRINGIFY(LTC_PKCS_1_V1_5_NA1),
	63	C_STRINGIFY(LTC_PKCS_1_V1_5),
	64	C_STRINGIFY(LTC_PKCS_1_OAEP),
	65	C_STRINGIFY(LTC_PKCS_1_PSS),
	66	C_STRINGIFY(LTC_PKCS_1_V1_5_NA1),
67	67	#else
68	68	{"LTC_PKCS_1", 0},
69	69	#endif

71	71	#ifdef LTC_PADDING
72	72	{"LTC_PADDING", 1},
73	73
74		_C_STRINGIFY(LTC_PAD_PKCS7),
	74	C_STRINGIFY(LTC_PAD_PKCS7),
75	75	#ifdef LTC_RNG_GET_BYTES
76		_C_STRINGIFY(LTC_PAD_ISO_10126),
77		#endif
78		_C_STRINGIFY(LTC_PAD_ANSI_X923),
79		_C_STRINGIFY(LTC_PAD_ONE_AND_ZERO),
80		_C_STRINGIFY(LTC_PAD_ZERO),
81		_C_STRINGIFY(LTC_PAD_ZERO_ALWAYS),
	76	C_STRINGIFY(LTC_PAD_ISO_10126),
	77	#endif
	78	C_STRINGIFY(LTC_PAD_ANSI_X923),
	79	C_STRINGIFY(LTC_PAD_ONE_AND_ZERO),
	80	C_STRINGIFY(LTC_PAD_ZERO),
	81	C_STRINGIFY(LTC_PAD_ZERO_ALWAYS),
82	82	#else
83	83	{"LTC_PADDING", 0},
84	84	#endif

91	91
92	92	#ifdef LTC_MECC
93	93	{"LTC_MECC", 1},
94		_C_STRINGIFY(ECC_BUF_SIZE),
95		_C_STRINGIFY(ECC_MAXSIZE),
	94	C_STRINGIFY(ECC_BUF_SIZE),
	95	C_STRINGIFY(ECC_MAXSIZE),
96	96	#else
97	97	{"LTC_MECC", 0},
98	98	#endif
99	99
100	100	#ifdef LTC_MDSA
101	101	{"LTC_MDSA", 1},
102		_C_STRINGIFY(LTC_MDSA_DELTA),
103		_C_STRINGIFY(LTC_MDSA_MAX_GROUP),
	102	C_STRINGIFY(LTC_MDSA_DELTA),
	103	C_STRINGIFY(LTC_MDSA_MAX_GROUP),
104	104	#else
105	105	{"LTC_MDSA", 0},
106	106	#endif
107	107
108	108	#ifdef LTC_MILLER_RABIN_REPS
109		_C_STRINGIFY(LTC_MILLER_RABIN_REPS),
	109	C_STRINGIFY(LTC_MILLER_RABIN_REPS),
110	110	#endif
111	111
112	112	#ifdef LTC_DER
113	113	/* DER handling */
114	114	{"LTC_DER", 1},
115		_C_STRINGIFY(LTC_ASN1_EOL),
116		_C_STRINGIFY(LTC_ASN1_BOOLEAN),
117		_C_STRINGIFY(LTC_ASN1_INTEGER),
118		_C_STRINGIFY(LTC_ASN1_SHORT_INTEGER),
119		_C_STRINGIFY(LTC_ASN1_BIT_STRING),
120		_C_STRINGIFY(LTC_ASN1_OCTET_STRING),
121		_C_STRINGIFY(LTC_ASN1_NULL),
122		_C_STRINGIFY(LTC_ASN1_OBJECT_IDENTIFIER),
123		_C_STRINGIFY(LTC_ASN1_IA5_STRING),
124		_C_STRINGIFY(LTC_ASN1_PRINTABLE_STRING),
125		_C_STRINGIFY(LTC_ASN1_UTF8_STRING),
126		_C_STRINGIFY(LTC_ASN1_UTCTIME),
127		_C_STRINGIFY(LTC_ASN1_CHOICE),
128		_C_STRINGIFY(LTC_ASN1_SEQUENCE),
129		_C_STRINGIFY(LTC_ASN1_SET),
130		_C_STRINGIFY(LTC_ASN1_SETOF),
131		_C_STRINGIFY(LTC_ASN1_RAW_BIT_STRING),
132		_C_STRINGIFY(LTC_ASN1_TELETEX_STRING),
133		_C_STRINGIFY(LTC_ASN1_GENERALIZEDTIME),
134		_C_STRINGIFY(LTC_ASN1_CUSTOM_TYPE),
135		_C_STRINGIFY(LTC_DER_MAX_RECURSION),
	115	C_STRINGIFY(LTC_ASN1_EOL),
	116	C_STRINGIFY(LTC_ASN1_BOOLEAN),
	117	C_STRINGIFY(LTC_ASN1_INTEGER),
	118	C_STRINGIFY(LTC_ASN1_SHORT_INTEGER),
	119	C_STRINGIFY(LTC_ASN1_BIT_STRING),
	120	C_STRINGIFY(LTC_ASN1_OCTET_STRING),
	121	C_STRINGIFY(LTC_ASN1_NULL),
	122	C_STRINGIFY(LTC_ASN1_OBJECT_IDENTIFIER),
	123	C_STRINGIFY(LTC_ASN1_IA5_STRING),
	124	C_STRINGIFY(LTC_ASN1_PRINTABLE_STRING),
	125	C_STRINGIFY(LTC_ASN1_UTF8_STRING),
	126	C_STRINGIFY(LTC_ASN1_UTCTIME),
	127	C_STRINGIFY(LTC_ASN1_CHOICE),
	128	C_STRINGIFY(LTC_ASN1_SEQUENCE),
	129	C_STRINGIFY(LTC_ASN1_SET),
	130	C_STRINGIFY(LTC_ASN1_SETOF),
	131	C_STRINGIFY(LTC_ASN1_RAW_BIT_STRING),
	132	C_STRINGIFY(LTC_ASN1_TELETEX_STRING),
	133	C_STRINGIFY(LTC_ASN1_GENERALIZEDTIME),
	134	C_STRINGIFY(LTC_ASN1_CUSTOM_TYPE),
	135	C_STRINGIFY(LTC_DER_MAX_RECURSION),
136	136	#else
137	137	{"LTC_DER", 0},
138	138	#endif
139	139
140	140	#ifdef LTC_CTR_MODE
141	141	{"LTC_CTR_MODE", 1},
142		_C_STRINGIFY(CTR_COUNTER_LITTLE_ENDIAN),
143		_C_STRINGIFY(CTR_COUNTER_BIG_ENDIAN),
144		_C_STRINGIFY(LTC_CTR_RFC3686),
	142	C_STRINGIFY(CTR_COUNTER_LITTLE_ENDIAN),
	143	C_STRINGIFY(CTR_COUNTER_BIG_ENDIAN),
	144	C_STRINGIFY(LTC_CTR_RFC3686),
145	145	#else
146	146	{"LTC_CTR_MODE", 0},
147	147	#endif
148	148	#ifdef LTC_GCM_MODE
149		_C_STRINGIFY(LTC_GCM_MODE_IV),
150		_C_STRINGIFY(LTC_GCM_MODE_AAD),
151		_C_STRINGIFY(LTC_GCM_MODE_TEXT),
152		#endif
153
154		_C_STRINGIFY(LTC_MP_LT),
155		_C_STRINGIFY(LTC_MP_EQ),
156		_C_STRINGIFY(LTC_MP_GT),
157
158		_C_STRINGIFY(LTC_MP_NO),
159		_C_STRINGIFY(LTC_MP_YES),
160
161		_C_STRINGIFY(MAXBLOCKSIZE),
162		_C_STRINGIFY(TAB_SIZE),
163		_C_STRINGIFY(ARGTYPE),
	149	C_STRINGIFY(LTC_GCM_MODE_IV),
	150	C_STRINGIFY(LTC_GCM_MODE_AAD),
	151	C_STRINGIFY(LTC_GCM_MODE_TEXT),
	152	#endif
	153
	154	C_STRINGIFY(LTC_MP_LT),
	155	C_STRINGIFY(LTC_MP_EQ),
	156	C_STRINGIFY(LTC_MP_GT),
	157
	158	C_STRINGIFY(LTC_MP_NO),
	159	C_STRINGIFY(LTC_MP_YES),
	160
	161	C_STRINGIFY(MAXBLOCKSIZE),
	162	C_STRINGIFY(TAB_SIZE),
	163	C_STRINGIFY(ARGTYPE),
164	164
165	165	#ifdef LTM_DESC
166	166	{"LTM_DESC", 1},

228	228	*/
229	229	int crypt_get_constant(const char* namein, int *valueout) {
230	230	int i;
231		int _crypt_constants_len = sizeof(_crypt_constants) / sizeof(_crypt_constants[0]);
232		for (i=0; i<_crypt_constants_len; i++) {
233		if (XSTRCMP(_crypt_constants[i].name, namein) == 0) {
234		*valueout = _crypt_constants[i].value;
	231	int count = sizeof(s_crypt_constants) / sizeof(s_crypt_constants[0]);
	232	for (i=0; i<count; i++) {
	233	if (XSTRCMP(s_crypt_constants[i].name, namein) == 0) {
	234	*valueout = s_crypt_constants[i].value;
235	235	return 0;
236	236	}
237	237	}

253	253	unsigned int total_len = 0;
254	254	char *ptr;
255	255	int number_len;
256		int count = sizeof(_crypt_constants) / sizeof(_crypt_constants[0]);
	256	int count = sizeof(s_crypt_constants) / sizeof(s_crypt_constants[0]);
257	257
258	258	/* calculate amount of memory required for the list */
259	259	for (i=0; i<count; i++) {
260		number_len = snprintf(NULL, 0, "%s,%d\n", _crypt_constants[i].name, _crypt_constants[i].value);
	260	number_len = snprintf(NULL, 0, "%s,%d\n", s_crypt_constants[i].name, s_crypt_constants[i].value);
261	261	if (number_len < 0) {
262	262	return -1;
263	263	}

273	273	/* build the names list */
274	274	ptr = names_list;
275	275	for (i=0; i<count; i++) {
276		number_len = snprintf(ptr, total_len, "%s,%d\n", _crypt_constants[i].name, _crypt_constants[i].value);
	276	number_len = snprintf(ptr, total_len, "%s,%d\n", s_crypt_constants[i].name, s_crypt_constants[i].value);
277	277	if (number_len < 0) return -1;
278	278	if ((unsigned int)number_len > total_len) return -1;
279	279	total_len -= number_len;

+101

-101

src/ltc/misc/crypt/crypt_sizes.c less more

16	16	const unsigned int size;
17	17	} crypt_size;
18	18
19		#define _SZ_STRINGIFY_S(s) { #s, sizeof(struct s) }
20		#define _SZ_STRINGIFY_T(s) { #s, sizeof(s) }
21
22		static const crypt_size _crypt_sizes[] = {
	19	#define SZ_STRINGIFY_S(s) { #s, sizeof(struct s) }
	20	#define SZ_STRINGIFY_T(s) { #s, sizeof(s) }
	21
	22	static const crypt_size s_crypt_sizes[] = {
23	23	/* hash state sizes */
24		_SZ_STRINGIFY_S(ltc_hash_descriptor),
25		_SZ_STRINGIFY_T(hash_state),
	24	SZ_STRINGIFY_S(ltc_hash_descriptor),
	25	SZ_STRINGIFY_T(hash_state),
26	26	#ifdef LTC_CHC_HASH
27		_SZ_STRINGIFY_S(chc_state),
	27	SZ_STRINGIFY_S(chc_state),
28	28	#endif
29	29	#ifdef LTC_WHIRLPOOL
30		_SZ_STRINGIFY_S(whirlpool_state),
	30	SZ_STRINGIFY_S(whirlpool_state),
31	31	#endif
32	32	#ifdef LTC_SHA3
33		_SZ_STRINGIFY_S(sha3_state),
	33	SZ_STRINGIFY_S(sha3_state),
34	34	#endif
35	35	#ifdef LTC_SHA512
36		_SZ_STRINGIFY_S(sha512_state),
	36	SZ_STRINGIFY_S(sha512_state),
37	37	#endif
38	38	#ifdef LTC_SHA256
39		_SZ_STRINGIFY_S(sha256_state),
	39	SZ_STRINGIFY_S(sha256_state),
40	40	#endif
41	41	#ifdef LTC_SHA1
42		_SZ_STRINGIFY_S(sha1_state),
	42	SZ_STRINGIFY_S(sha1_state),
43	43	#endif
44	44	#ifdef LTC_MD5
45		_SZ_STRINGIFY_S(md5_state),
	45	SZ_STRINGIFY_S(md5_state),
46	46	#endif
47	47	#ifdef LTC_MD4
48		_SZ_STRINGIFY_S(md4_state),
	48	SZ_STRINGIFY_S(md4_state),
49	49	#endif
50	50	#ifdef LTC_MD2
51		_SZ_STRINGIFY_S(md2_state),
	51	SZ_STRINGIFY_S(md2_state),
52	52	#endif
53	53	#ifdef LTC_TIGER
54		_SZ_STRINGIFY_S(tiger_state),
	54	SZ_STRINGIFY_S(tiger_state),
55	55	#endif
56	56	#ifdef LTC_RIPEMD128
57		_SZ_STRINGIFY_S(rmd128_state),
	57	SZ_STRINGIFY_S(rmd128_state),
58	58	#endif
59	59	#ifdef LTC_RIPEMD160
60		_SZ_STRINGIFY_S(rmd160_state),
	60	SZ_STRINGIFY_S(rmd160_state),
61	61	#endif
62	62	#ifdef LTC_RIPEMD256
63		_SZ_STRINGIFY_S(rmd256_state),
	63	SZ_STRINGIFY_S(rmd256_state),
64	64	#endif
65	65	#ifdef LTC_RIPEMD320
66		_SZ_STRINGIFY_S(rmd320_state),
	66	SZ_STRINGIFY_S(rmd320_state),
67	67	#endif
68	68	#ifdef LTC_BLAKE2S
69		_SZ_STRINGIFY_S(blake2s_state),
	69	SZ_STRINGIFY_S(blake2s_state),
70	70	#endif
71	71	#ifdef LTC_BLAKE2B
72		_SZ_STRINGIFY_S(blake2b_state),
	72	SZ_STRINGIFY_S(blake2b_state),
73	73	#endif
74	74
75	75	/* block cipher key sizes */
76		_SZ_STRINGIFY_S(ltc_cipher_descriptor),
77		_SZ_STRINGIFY_T(symmetric_key),
	76	SZ_STRINGIFY_S(ltc_cipher_descriptor),
	77	SZ_STRINGIFY_T(symmetric_key),
78	78	#ifdef LTC_ANUBIS
79		_SZ_STRINGIFY_S(anubis_key),
	79	SZ_STRINGIFY_S(anubis_key),
80	80	#endif
81	81	#ifdef LTC_CAMELLIA
82		_SZ_STRINGIFY_S(camellia_key),
	82	SZ_STRINGIFY_S(camellia_key),
83	83	#endif
84	84	#ifdef LTC_BLOWFISH
85		_SZ_STRINGIFY_S(blowfish_key),
	85	SZ_STRINGIFY_S(blowfish_key),
86	86	#endif
87	87	#ifdef LTC_CAST5
88		_SZ_STRINGIFY_S(cast5_key),
	88	SZ_STRINGIFY_S(cast5_key),
89	89	#endif
90	90	#ifdef LTC_DES
91		_SZ_STRINGIFY_S(des_key),
92		_SZ_STRINGIFY_S(des3_key),
	91	SZ_STRINGIFY_S(des_key),
	92	SZ_STRINGIFY_S(des3_key),
93	93	#endif
94	94	#ifdef LTC_IDEA
95		_SZ_STRINGIFY_S(idea_key),
	95	SZ_STRINGIFY_S(idea_key),
96	96	#endif
97	97	#ifdef LTC_KASUMI
98		_SZ_STRINGIFY_S(kasumi_key),
	98	SZ_STRINGIFY_S(kasumi_key),
99	99	#endif
100	100	#ifdef LTC_KHAZAD
101		_SZ_STRINGIFY_S(khazad_key),
	101	SZ_STRINGIFY_S(khazad_key),
102	102	#endif
103	103	#ifdef LTC_KSEED
104		_SZ_STRINGIFY_S(kseed_key),
	104	SZ_STRINGIFY_S(kseed_key),
105	105	#endif
106	106	#ifdef LTC_MULTI2
107		_SZ_STRINGIFY_S(multi2_key),
	107	SZ_STRINGIFY_S(multi2_key),
108	108	#endif
109	109	#ifdef LTC_NOEKEON
110		_SZ_STRINGIFY_S(noekeon_key),
	110	SZ_STRINGIFY_S(noekeon_key),
111	111	#endif
112	112	#ifdef LTC_RC2
113		_SZ_STRINGIFY_S(rc2_key),
	113	SZ_STRINGIFY_S(rc2_key),
114	114	#endif
115	115	#ifdef LTC_RC5
116		_SZ_STRINGIFY_S(rc5_key),
	116	SZ_STRINGIFY_S(rc5_key),
117	117	#endif
118	118	#ifdef LTC_RC6
119		_SZ_STRINGIFY_S(rc6_key),
	119	SZ_STRINGIFY_S(rc6_key),
120	120	#endif
121	121	#ifdef LTC_SERPENT
122		_SZ_STRINGIFY_S(serpent_key),
	122	SZ_STRINGIFY_S(serpent_key),
123	123	#endif
124	124	#ifdef LTC_SKIPJACK
125		_SZ_STRINGIFY_S(skipjack_key),
	125	SZ_STRINGIFY_S(skipjack_key),
126	126	#endif
127	127	#ifdef LTC_XTEA
128		_SZ_STRINGIFY_S(xtea_key),
	128	SZ_STRINGIFY_S(xtea_key),
129	129	#endif
130	130	#ifdef LTC_RIJNDAEL
131		_SZ_STRINGIFY_S(rijndael_key),
	131	SZ_STRINGIFY_S(rijndael_key),
132	132	#endif
133	133	#ifdef LTC_SAFER
134		_SZ_STRINGIFY_S(safer_key),
	134	SZ_STRINGIFY_S(safer_key),
135	135	#endif
136	136	#ifdef LTC_SAFERP
137		_SZ_STRINGIFY_S(saferp_key),
	137	SZ_STRINGIFY_S(saferp_key),
138	138	#endif
139	139	#ifdef LTC_TWOFISH
140		_SZ_STRINGIFY_S(twofish_key),
	140	SZ_STRINGIFY_S(twofish_key),
141	141	#endif
142	142
143	143	/* mode sizes */
144	144	#ifdef LTC_ECB_MODE
145		_SZ_STRINGIFY_T(symmetric_ECB),
	145	SZ_STRINGIFY_T(symmetric_ECB),
146	146	#endif
147	147	#ifdef LTC_CFB_MODE
148		_SZ_STRINGIFY_T(symmetric_CFB),
	148	SZ_STRINGIFY_T(symmetric_CFB),
149	149	#endif
150	150	#ifdef LTC_OFB_MODE
151		_SZ_STRINGIFY_T(symmetric_OFB),
	151	SZ_STRINGIFY_T(symmetric_OFB),
152	152	#endif
153	153	#ifdef LTC_CBC_MODE
154		_SZ_STRINGIFY_T(symmetric_CBC),
	154	SZ_STRINGIFY_T(symmetric_CBC),
155	155	#endif
156	156	#ifdef LTC_CTR_MODE
157		_SZ_STRINGIFY_T(symmetric_CTR),
	157	SZ_STRINGIFY_T(symmetric_CTR),
158	158	#endif
159	159	#ifdef LTC_LRW_MODE
160		_SZ_STRINGIFY_T(symmetric_LRW),
	160	SZ_STRINGIFY_T(symmetric_LRW),
161	161	#endif
162	162	#ifdef LTC_F8_MODE
163		_SZ_STRINGIFY_T(symmetric_F8),
	163	SZ_STRINGIFY_T(symmetric_F8),
164	164	#endif
165	165	#ifdef LTC_XTS_MODE
166		_SZ_STRINGIFY_T(symmetric_xts),
	166	SZ_STRINGIFY_T(symmetric_xts),
167	167	#endif
168	168
169	169	/* stream cipher sizes */
170	170	#ifdef LTC_CHACHA
171		_SZ_STRINGIFY_T(chacha_state),
	171	SZ_STRINGIFY_T(chacha_state),
172	172	#endif
173	173	#ifdef LTC_SALSA20
174		_SZ_STRINGIFY_T(salsa20_state),
	174	SZ_STRINGIFY_T(salsa20_state),
175	175	#endif
176	176	#ifdef LTC_SOSEMANUK
177		_SZ_STRINGIFY_T(sosemanuk_state),
	177	SZ_STRINGIFY_T(sosemanuk_state),
178	178	#endif
179	179	#ifdef LTC_RABBIT
180		_SZ_STRINGIFY_T(rabbit_state),
	180	SZ_STRINGIFY_T(rabbit_state),
181	181	#endif
182	182	#ifdef LTC_RC4_STREAM
183		_SZ_STRINGIFY_T(rc4_state),
	183	SZ_STRINGIFY_T(rc4_state),
184	184	#endif
185	185	#ifdef LTC_SOBER128_STREAM
186		_SZ_STRINGIFY_T(sober128_state),
	186	SZ_STRINGIFY_T(sober128_state),
187	187	#endif
188	188
189	189	/* MAC sizes -- no states for ccm, lrw */
190	190	#ifdef LTC_HMAC
191		_SZ_STRINGIFY_T(hmac_state),
	191	SZ_STRINGIFY_T(hmac_state),
192	192	#endif
193	193	#ifdef LTC_OMAC
194		_SZ_STRINGIFY_T(omac_state),
	194	SZ_STRINGIFY_T(omac_state),
195	195	#endif
196	196	#ifdef LTC_PMAC
197		_SZ_STRINGIFY_T(pmac_state),
	197	SZ_STRINGIFY_T(pmac_state),
198	198	#endif
199	199	#ifdef LTC_POLY1305
200		_SZ_STRINGIFY_T(poly1305_state),
	200	SZ_STRINGIFY_T(poly1305_state),
201	201	#endif
202	202	#ifdef LTC_EAX_MODE
203		_SZ_STRINGIFY_T(eax_state),
	203	SZ_STRINGIFY_T(eax_state),
204	204	#endif
205	205	#ifdef LTC_OCB_MODE
206		_SZ_STRINGIFY_T(ocb_state),
	206	SZ_STRINGIFY_T(ocb_state),
207	207	#endif
208	208	#ifdef LTC_OCB3_MODE
209		_SZ_STRINGIFY_T(ocb3_state),
	209	SZ_STRINGIFY_T(ocb3_state),
210	210	#endif
211	211	#ifdef LTC_CCM_MODE
212		_SZ_STRINGIFY_T(ccm_state),
	212	SZ_STRINGIFY_T(ccm_state),
213	213	#endif
214	214	#ifdef LTC_GCM_MODE
215		_SZ_STRINGIFY_T(gcm_state),
	215	SZ_STRINGIFY_T(gcm_state),
216	216	#endif
217	217	#ifdef LTC_PELICAN
218		_SZ_STRINGIFY_T(pelican_state),
	218	SZ_STRINGIFY_T(pelican_state),
219	219	#endif
220	220	#ifdef LTC_XCBC
221		_SZ_STRINGIFY_T(xcbc_state),
	221	SZ_STRINGIFY_T(xcbc_state),
222	222	#endif
223	223	#ifdef LTC_F9_MODE
224		_SZ_STRINGIFY_T(f9_state),
	224	SZ_STRINGIFY_T(f9_state),
225	225	#endif
226	226	#ifdef LTC_CHACHA20POLY1305_MODE
227		_SZ_STRINGIFY_T(chacha20poly1305_state),
	227	SZ_STRINGIFY_T(chacha20poly1305_state),
228	228	#endif
229	229
230	230	/* asymmetric keys */
231	231	#ifdef LTC_MRSA
232		_SZ_STRINGIFY_T(rsa_key),
	232	SZ_STRINGIFY_T(rsa_key),
233	233	#endif
234	234	#ifdef LTC_MDSA
235		_SZ_STRINGIFY_T(dsa_key),
	235	SZ_STRINGIFY_T(dsa_key),
236	236	#endif
237	237	#ifdef LTC_MDH
238		_SZ_STRINGIFY_T(dh_key),
	238	SZ_STRINGIFY_T(dh_key),
239	239	#endif
240	240	#ifdef LTC_MECC
241		_SZ_STRINGIFY_T(ltc_ecc_curve),
242		_SZ_STRINGIFY_T(ecc_point),
243		_SZ_STRINGIFY_T(ecc_key),
	241	SZ_STRINGIFY_T(ltc_ecc_curve),
	242	SZ_STRINGIFY_T(ecc_point),
	243	SZ_STRINGIFY_T(ecc_key),
244	244	#endif
245	245
246	246	/* DER handling */
247	247	#ifdef LTC_DER
248		_SZ_STRINGIFY_T(ltc_asn1_list), /* a list entry */
249		_SZ_STRINGIFY_T(ltc_utctime),
250		_SZ_STRINGIFY_T(ltc_generalizedtime),
	248	SZ_STRINGIFY_T(ltc_asn1_list), /* a list entry */
	249	SZ_STRINGIFY_T(ltc_utctime),
	250	SZ_STRINGIFY_T(ltc_generalizedtime),
251	251	#endif
252	252
253	253	/* prng state sizes */
254		_SZ_STRINGIFY_S(ltc_prng_descriptor),
255		_SZ_STRINGIFY_T(prng_state),
	254	SZ_STRINGIFY_S(ltc_prng_descriptor),
	255	SZ_STRINGIFY_T(prng_state),
256	256	#ifdef LTC_FORTUNA
257		_SZ_STRINGIFY_S(fortuna_prng),
	257	SZ_STRINGIFY_S(fortuna_prng),
258	258	#endif
259	259	#ifdef LTC_CHACHA20_PRNG
260		_SZ_STRINGIFY_S(chacha20_prng),
	260	SZ_STRINGIFY_S(chacha20_prng),
261	261	#endif
262	262	#ifdef LTC_RC4
263		_SZ_STRINGIFY_S(rc4_prng),
	263	SZ_STRINGIFY_S(rc4_prng),
264	264	#endif
265	265	#ifdef LTC_SOBER128
266		_SZ_STRINGIFY_S(sober128_prng),
	266	SZ_STRINGIFY_S(sober128_prng),
267	267	#endif
268	268	#ifdef LTC_YARROW
269		_SZ_STRINGIFY_S(yarrow_prng),
	269	SZ_STRINGIFY_S(yarrow_prng),
270	270	#endif
271	271	/* sprng has no state as it uses other potentially available sources */
272	272	/* like /dev/random. See Developers Guide for more info. */
273	273
274	274	#ifdef LTC_ADLER32
275		_SZ_STRINGIFY_T(adler32_state),
	275	SZ_STRINGIFY_T(adler32_state),
276	276	#endif
277	277	#ifdef LTC_CRC32
278		_SZ_STRINGIFY_T(crc32_state),
279		#endif
280
281		_SZ_STRINGIFY_T(ltc_mp_digit),
282		_SZ_STRINGIFY_T(ltc_math_descriptor)
	278	SZ_STRINGIFY_T(crc32_state),
	279	#endif
	280
	281	SZ_STRINGIFY_T(ltc_mp_digit),
	282	SZ_STRINGIFY_T(ltc_math_descriptor)
283	283
284	284	};
285	285

289	289	*/
290	290	int crypt_get_size(const char* namein, unsigned int *sizeout) {
291	291	int i;
292		int count = sizeof(_crypt_sizes) / sizeof(_crypt_sizes[0]);
	292	int count = sizeof(s_crypt_sizes) / sizeof(s_crypt_sizes[0]);
293	293	for (i=0; i<count; i++) {
294		if (XSTRCMP(_crypt_sizes[i].name, namein) == 0) {
295		*sizeout = _crypt_sizes[i].size;
	294	if (XSTRCMP(s_crypt_sizes[i].name, namein) == 0) {
	295	*sizeout = s_crypt_sizes[i].size;
296	296	return 0;
297	297	}
298	298	}

314	314	unsigned int total_len = 0;
315	315	char *ptr;
316	316	int number_len;
317		int count = sizeof(_crypt_sizes) / sizeof(_crypt_sizes[0]);
	317	int count = sizeof(s_crypt_sizes) / sizeof(s_crypt_sizes[0]);
318	318
319	319	/* calculate amount of memory required for the list */
320	320	for (i=0; i<count; i++) {
321		number_len = snprintf(NULL, 0, "%s,%u\n", _crypt_sizes[i].name, _crypt_sizes[i].size);
	321	number_len = snprintf(NULL, 0, "%s,%u\n", s_crypt_sizes[i].name, s_crypt_sizes[i].size);
322	322	if (number_len < 0) {
323	323	return -1;
324	324	}

335	335	/* build the names list */
336	336	ptr = names_list;
337	337	for (i=0; i<count; i++) {
338		number_len = snprintf(ptr, total_len, "%s,%u\n", _crypt_sizes[i].name, _crypt_sizes[i].size);
	338	number_len = snprintf(ptr, total_len, "%s,%u\n", s_crypt_sizes[i].name, s_crypt_sizes[i].size);
339	339	if (number_len < 0) return -1;
340	340	if ((unsigned int)number_len > total_len) return -1;
341	341	total_len -= number_len;

+2

-2

src/ltc/misc/padding/padding_pad.c less more

10	10	@param mode Mask of (LTC_PAD_xxx \| block_length)
11	11	@return CRYPT_OK on success
12	12	*/
13		static int _padding_padded_length(unsigned long *length, unsigned long mode)
	13	static int s_padding_padded_length(unsigned long *length, unsigned long mode)
14	14	{
15	15	enum padding_type padding;
16	16	unsigned char pad, block_length, r, t;

86	86	LTC_ARGCHK(padded_length != NULL);
87	87
88	88	l = length;
89		if ((err = _padding_padded_length(&l, mode)) != CRYPT_OK) {
	89	if ((err = s_padding_padded_length(&l, mode)) != CRYPT_OK) {
90	90	return err;
91	91	}
92	92

+23

-23

src/ltc/misc/pbes/pbes1.c less more

3	3
4	4	#ifdef LTC_PBES
5	5
6		static int _pkcs_5_alg1_wrap(const unsigned char *password, unsigned long password_len,
	6	static int s_pkcs_5_alg1_wrap(const unsigned char *password, unsigned long password_len,
7	7	const unsigned char *salt, unsigned long salt_len,
8	8	int iteration_count, int hash_idx,
9	9	unsigned char out, unsigned long outlen)

12	12	return pkcs_5_alg1(password, password_len, salt, iteration_count, hash_idx, out, outlen);
13	13	}
14	14
15		static int _pkcs_12_wrap(const unsigned char *password, unsigned long password_len,
	15	static int s_pkcs_12_wrap(const unsigned char *password, unsigned long password_len,
16	16	const unsigned char *salt, unsigned long salt_len,
17	17	int iteration_count, int hash_idx,
18	18	unsigned char out, unsigned long outlen)

39	39	return err;
40	40	}
41	41
42		static const pbes_properties _pbes1_types[] = {
43		{ _pkcs_5_alg1_wrap, "md2", "des", 8, 8 },
44		{ _pkcs_5_alg1_wrap, "md2", "rc2", 8, 8 },
45		{ _pkcs_5_alg1_wrap, "md5", "des", 8, 8 },
46		{ _pkcs_5_alg1_wrap, "md5", "rc2", 8, 8 },
47		{ _pkcs_5_alg1_wrap, "sha1", "des", 8, 8 },
48		{ _pkcs_5_alg1_wrap, "sha1", "rc2", 8, 8 },
49		{ _pkcs_12_wrap, "sha1", "3des", 24, 8 },
	42	static const pbes_properties s_pbes1_types[] = {
	43	{ s_pkcs_5_alg1_wrap, "md2", "des", 8, 8 },
	44	{ s_pkcs_5_alg1_wrap, "md2", "rc2", 8, 8 },
	45	{ s_pkcs_5_alg1_wrap, "md5", "des", 8, 8 },
	46	{ s_pkcs_5_alg1_wrap, "md5", "rc2", 8, 8 },
	47	{ s_pkcs_5_alg1_wrap, "sha1", "des", 8, 8 },
	48	{ s_pkcs_5_alg1_wrap, "sha1", "rc2", 8, 8 },
	49	{ s_pkcs_12_wrap, "sha1", "3des", 24, 8 },
50	50	};
51	51
52	52	typedef struct {

54	54	const char *oid;
55	55	} oid_to_pbes;
56	56
57		static const oid_to_pbes _pbes1_list[] = {
58		{ &_pbes1_types[0], "1.2.840.113549.1.5.1" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.1 pbeWithMD2AndDES-CBC */
59		{ &_pbes1_types[1], "1.2.840.113549.1.5.4" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.4 pbeWithMD2AndRC2-CBC */
60		{ &_pbes1_types[2], "1.2.840.113549.1.5.3" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.3 pbeWithMD5AndDES-CBC */
61		{ &_pbes1_types[3], "1.2.840.113549.1.5.6" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.6 pbeWithMD5AndRC2-CBC */
62		{ &_pbes1_types[4], "1.2.840.113549.1.5.10" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.10 pbeWithSHA1AndDES-CBC */
63		{ &_pbes1_types[5], "1.2.840.113549.1.5.11" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.11 pbeWithSHA1AndRC2-CBC */
64		{ &_pbes1_types[6], "1.2.840.113549.1.12.1.3" }, /* http://www.oid-info.com/get/1.2.840.113549.1.12.1.3 pbeWithSHAAnd3-KeyTripleDES-CBC */
	57	static const oid_to_pbes s_pbes1_list[] = {
	58	{ &s_pbes1_types[0], "1.2.840.113549.1.5.1" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.1 pbeWithMD2AndDES-CBC */
	59	{ &s_pbes1_types[1], "1.2.840.113549.1.5.4" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.4 pbeWithMD2AndRC2-CBC */
	60	{ &s_pbes1_types[2], "1.2.840.113549.1.5.3" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.3 pbeWithMD5AndDES-CBC */
	61	{ &s_pbes1_types[3], "1.2.840.113549.1.5.6" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.6 pbeWithMD5AndRC2-CBC */
	62	{ &s_pbes1_types[4], "1.2.840.113549.1.5.10" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.10 pbeWithSHA1AndDES-CBC */
	63	{ &s_pbes1_types[5], "1.2.840.113549.1.5.11" }, /* http://www.oid-info.com/get/1.2.840.113549.1.5.11 pbeWithSHA1AndRC2-CBC */
	64	{ &s_pbes1_types[6], "1.2.840.113549.1.12.1.3" }, /* http://www.oid-info.com/get/1.2.840.113549.1.12.1.3 pbeWithSHAAnd3-KeyTripleDES-CBC */
65	65	{ 0 },
66	66	};
67	67
68		static int _pbes1_from_oid(const ltc_asn1_list oid, pbes_properties res)
	68	static int s_pbes1_from_oid(const ltc_asn1_list oid, pbes_properties res)
69	69	{
70	70	unsigned int i;
71		for (i = 0; _pbes1_list[i].data != NULL; ++i) {
72		if (pk_oid_cmp_with_asn1(_pbes1_list[i].oid, oid) == CRYPT_OK) {
73		if (res != NULL) res = _pbes1_list[i].data;
	71	for (i = 0; s_pbes1_list[i].data != NULL; ++i) {
	72	if (pk_oid_cmp_with_asn1(s_pbes1_list[i].oid, oid) == CRYPT_OK) {
	73	if (res != NULL) res = s_pbes1_list[i].data;
74	74	return CRYPT_OK;
75	75	}
76	76	}

91	91	LTC_ARGCHK(s != NULL);
92	92	LTC_ARGCHK(res != NULL);
93	93
94		if ((err = _pbes1_from_oid(s, &res->type)) != CRYPT_OK) return err;
	94	if ((err = s_pbes1_from_oid(s, &res->type)) != CRYPT_OK) return err;
95	95
96	96	if (!LTC_ASN1_IS_TYPE(s->next, LTC_ASN1_SEQUENCE) \|\|
97	97	!LTC_ASN1_IS_TYPE(s->next->child, LTC_ASN1_OCTET_STRING) \|\|

+21

-21

src/ltc/misc/pbes/pbes2.c less more

3	3
4	4	#ifdef LTC_PBES
5	5
6		static const char * const _oid_pbes2 = "1.2.840.113549.1.5.13";
7		static const char * const _oid_pbkdf2 = "1.2.840.113549.1.5.12";
	6	static const char * const s_oid_pbes2 = "1.2.840.113549.1.5.13";
	7	static const char * const s_oid_pbkdf2 = "1.2.840.113549.1.5.12";
8	8
9	9	typedef struct {
10	10	const char *oid;
11	11	const char *id;
12	12	} oid_id_st;
13	13
14		static const oid_id_st _hmac_oid_names[] = {
	14	static const oid_id_st s_hmac_oid_names[] = {
15	15	{ "1.2.840.113549.2.7", "sha1" },
16	16	{ "1.2.840.113549.2.8", "sha224" },
17	17	{ "1.2.840.113549.2.9", "sha256" },

21	21	{ "1.2.840.113549.2.13", "sha512-256" },
22	22	};
23	23
24		static const pbes_properties _pbes2_default_types[] = {
	24	static const pbes_properties s_pbes2_default_types[] = {
25	25	{ pkcs_5_alg2, "sha1", "des", 8, 0 },
26	26	{ pkcs_5_alg2, "sha1", "rc2", 4, 0 },
27	27	{ pkcs_5_alg2, "sha1", "3des", 24, 0 },

35	35	const char* oid;
36	36	} oid_to_pbes;
37	37
38		static const oid_to_pbes _pbes2_list[] = {
39		{ &_pbes2_default_types[0], "1.3.14.3.2.7" }, /* http://www.oid-info.com/get/1.3.14.3.2.7 desCBC */
40		{ &_pbes2_default_types[1], "1.2.840.113549.3.2" }, /* http://www.oid-info.com/get/1.2.840.113549.3.2 rc2CBC */
41		{ &_pbes2_default_types[2], "1.2.840.113549.3.7" }, /* http://www.oid-info.com/get/1.2.840.113549.3.7 des-EDE3-CBC */
42		{ &_pbes2_default_types[3], "2.16.840.1.101.3.4.1.2" }, /* http://www.oid-info.com/get/2.16.840.1.101.3.4.1.2 aes128-CBC */
43		{ &_pbes2_default_types[4], "2.16.840.1.101.3.4.1.22" }, /* http://www.oid-info.com/get/2.16.840.1.101.3.4.1.22 aes192-CBC */
44		{ &_pbes2_default_types[5], "2.16.840.1.101.3.4.1.42" }, /* http://www.oid-info.com/get/2.16.840.1.101.3.4.1.42 aes256-CBC */
	38	static const oid_to_pbes s_pbes2_list[] = {
	39	{ &s_pbes2_default_types[0], "1.3.14.3.2.7" }, /* http://www.oid-info.com/get/1.3.14.3.2.7 desCBC */
	40	{ &s_pbes2_default_types[1], "1.2.840.113549.3.2" }, /* http://www.oid-info.com/get/1.2.840.113549.3.2 rc2CBC */
	41	{ &s_pbes2_default_types[2], "1.2.840.113549.3.7" }, /* http://www.oid-info.com/get/1.2.840.113549.3.7 des-EDE3-CBC */
	42	{ &s_pbes2_default_types[3], "2.16.840.1.101.3.4.1.2" }, /* http://www.oid-info.com/get/2.16.840.1.101.3.4.1.2 aes128-CBC */
	43	{ &s_pbes2_default_types[4], "2.16.840.1.101.3.4.1.22" }, /* http://www.oid-info.com/get/2.16.840.1.101.3.4.1.22 aes192-CBC */
	44	{ &s_pbes2_default_types[5], "2.16.840.1.101.3.4.1.42" }, /* http://www.oid-info.com/get/2.16.840.1.101.3.4.1.42 aes256-CBC */
45	45	};
46	46
47		static int _pbes2_from_oid(const ltc_asn1_list cipher_oid, const ltc_asn1_list hmac_oid, pbes_properties *res)
	47	static int s_pbes2_from_oid(const ltc_asn1_list cipher_oid, const ltc_asn1_list hmac_oid, pbes_properties *res)
48	48	{
49	49	unsigned int i;
50		for (i = 0; i < sizeof(_pbes2_list)/sizeof(_pbes2_list[0]); ++i) {
51		if (pk_oid_cmp_with_asn1(_pbes2_list[i].oid, cipher_oid) == CRYPT_OK) {
52		res = _pbes2_list[i].data;
	50	for (i = 0; i < sizeof(s_pbes2_list)/sizeof(s_pbes2_list[0]); ++i) {
	51	if (pk_oid_cmp_with_asn1(s_pbes2_list[i].oid, cipher_oid) == CRYPT_OK) {
	52	res = s_pbes2_list[i].data;
53	53	break;
54	54	}
55	55	}
56	56	if (res->c == NULL) return CRYPT_INVALID_CIPHER;
57	57	if (hmac_oid != NULL) {
58		for (i = 0; i < sizeof(_hmac_oid_names)/sizeof(_hmac_oid_names[0]); ++i) {
59		if (pk_oid_cmp_with_asn1(_hmac_oid_names[i].oid, hmac_oid) == CRYPT_OK) {
60		res->h = _hmac_oid_names[i].id;
	58	for (i = 0; i < sizeof(s_hmac_oid_names)/sizeof(s_hmac_oid_names[0]); ++i) {
	59	if (pk_oid_cmp_with_asn1(s_hmac_oid_names[i].oid, hmac_oid) == CRYPT_OK) {
	60	res->h = s_hmac_oid_names[i].id;
61	61	return CRYPT_OK;
62	62	}
63	63	}

83	83	LTC_ARGCHK(s != NULL);
84	84	LTC_ARGCHK(res != NULL);
85	85
86		if ((err = pk_oid_cmp_with_asn1(_oid_pbes2, s)) != CRYPT_OK) return err;
	86	if ((err = pk_oid_cmp_with_asn1(s_oid_pbes2, s)) != CRYPT_OK) return err;
87	87
88	88	if (!LTC_ASN1_IS_TYPE(s->next, LTC_ASN1_SEQUENCE) \|\|
89	89	!LTC_ASN1_IS_TYPE(s->next->child, LTC_ASN1_SEQUENCE) \|\|

114	114	lkdf = s->next->child->child;
115	115	lenc = s->next->child->next->child;
116	116
117		if ((err = pk_oid_cmp_with_asn1(_oid_pbkdf2, lkdf)) != CRYPT_OK) return err;
	117	if ((err = pk_oid_cmp_with_asn1(s_oid_pbkdf2, lkdf)) != CRYPT_OK) return err;
118	118
119	119	if (!LTC_ASN1_IS_TYPE(lkdf->next, LTC_ASN1_SEQUENCE) \|\|
120	120	!LTC_ASN1_IS_TYPE(lkdf->next->child, LTC_ASN1_OCTET_STRING) \|\|

139	139	LTC_ASN1_IS_TYPE(loptseq->child, LTC_ASN1_OBJECT_IDENTIFIER)) {
140	140	lhmac = loptseq->child;
141	141	}
142		if ((err = _pbes2_from_oid(lenc, lhmac, &res->type)) != CRYPT_OK) return err;
	142	if ((err = s_pbes2_from_oid(lenc, lhmac, &res->type)) != CRYPT_OK) return err;
143	143
144	144	if (LTC_ASN1_IS_TYPE(lenc->next, LTC_ASN1_OCTET_STRING)) {
145	145	/* 'NON-RC2'-CBC */

+3

-3

src/ltc/misc/pkcs5/pkcs_5_1.c less more

28	28	@param openssl_compat [in] Whether or not to grow the key to the buffer size ala OpenSSL
29	29	@return CRYPT_OK if successful
30	30	*/
31		static int _pkcs_5_alg1_common(const unsigned char *password,
	31	static int s_pkcs_5_alg1_common(const unsigned char *password,
32	32	unsigned long password_len,
33	33	const unsigned char *salt,
34	34	int iteration_count, int hash_idx,

149	149	int iteration_count, int hash_idx,
150	150	unsigned char out, unsigned long outlen)
151	151	{
152		return _pkcs_5_alg1_common(password, password_len, salt, iteration_count,
	152	return s_pkcs_5_alg1_common(password, password_len, salt, iteration_count,
153	153	hash_idx, out, outlen, 0);
154	154	}
155	155

173	173	int iteration_count, int hash_idx,
174	174	unsigned char out, unsigned long outlen)
175	175	{
176		return _pkcs_5_alg1_common(password, password_len, salt, iteration_count,
	176	return s_pkcs_5_alg1_common(password, password_len, salt, iteration_count,
177	177	hash_idx, out, outlen, 1);
178	178	}
179	179

+3

-3

src/ltc/modes/ctr/ctr_encrypt.c less more

17	17	@param ctr CTR state
18	18	@return CRYPT_OK if successful
19	19	*/
20		static int _ctr_encrypt(const unsigned char pt, unsigned char ct, unsigned long len, symmetric_CTR *ctr)
	20	static int s_ctr_encrypt(const unsigned char pt, unsigned char ct, unsigned long len, symmetric_CTR *ctr)
21	21	{
22	22	int x, err;
23	23

104	104	if ((cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL) && (len >= (unsigned long)ctr->blocklen)) {
105	105	if (ctr->padlen < ctr->blocklen) {
106	106	fr = ctr->blocklen - ctr->padlen;
107		if ((err = _ctr_encrypt(pt, ct, fr, ctr)) != CRYPT_OK) {
	107	if ((err = s_ctr_encrypt(pt, ct, fr, ctr)) != CRYPT_OK) {
108	108	return err;
109	109	}
110	110	pt += fr;

122	122	}
123	123	}
124	124
125		return _ctr_encrypt(pt, ct, len, ctr);
	125	return s_ctr_encrypt(pt, ct, len, ctr);
126	126	}
127	127
128	128	#endif

+4

-4

src/ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c less more

9	9
10	10	#ifdef LTC_DER
11	11
12		static int _char_to_int(unsigned char x)
	12	static int s_char_to_int(unsigned char x)
13	13	{
14	14	switch (x) {
15	15	case '0': return 0;

27	27	}
28	28
29	29	#define DECODE_V(y, max) do {\
30		y = _char_to_int(buf[x])*10 + _char_to_int(buf[x+1]); \
	30	y = s_char_to_int(buf[x])*10 + s_char_to_int(buf[x+1]); \
31	31	if (y >= max) return CRYPT_INVALID_PACKET; \
32	32	x += 2; \
33	33	} while(0)
34	34
35	35	#define DECODE_V4(y, max) do {\
36		y = _char_to_int(buf[x])1000 + _char_to_int(buf[x+1])100 + _char_to_int(buf[x+2])*10 + _char_to_int(buf[x+3]); \
	36	y = s_char_to_int(buf[x])1000 + s_char_to_int(buf[x+1])100 + s_char_to_int(buf[x+2])*10 + s_char_to_int(buf[x+3]); \
37	37	if (y >= max) return CRYPT_INVALID_PACKET; \
38	38	x += 4; \
39	39	} while(0)

112	112	unsigned fs = out->fs;
113	113	if (x >= sizeof(buf)) return CRYPT_INVALID_PACKET;
114	114	out->fs *= 10;
115		out->fs += _char_to_int(buf[x]);
	115	out->fs += s_char_to_int(buf[x]);
116	116	if (fs > out->fs) return CRYPT_OVERFLOW;
117	117	x++;
118	118	}

+6

-6

src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c less more

8	8
9	9	#ifdef LTC_DER
10	10
11		static int _new_element(ltc_asn1_list **l)
	11	static int s_new_element(ltc_asn1_list **l)
12	12	{
13	13	/* alloc new link */
14	14	if (*l == NULL) {

35	35	@param depth The depth/level of decoding recursion we've already reached
36	36	@return CRYPT_OK on success.
37	37	*/
38		static int _der_decode_sequence_flexi(const unsigned char in, unsigned long inlen, ltc_asn1_list **out, unsigned long depth)
	38	static int s_der_decode_sequence_flexi(const unsigned char in, unsigned long inlen, ltc_asn1_list **out, unsigned long depth)
39	39	{
40	40	ltc_asn1_list *l;
41	41	unsigned long err, identifier, len, totlen, data_offset, id_len, len_len;

50	50
51	51	if (*inlen == 0) {
52	52	/* alloc new link */
53		if ((err = _new_element(&l)) != CRYPT_OK) {
	53	if ((err = s_new_element(&l)) != CRYPT_OK) {
54	54	goto error;
55	55	}
56	56	}

58	58	/* scan the input and and get lengths and what not */
59	59	while (*inlen) {
60	60	/* alloc new link */
61		if ((err = _new_element(&l)) != CRYPT_OK) {
	61	if ((err = s_new_element(&l)) != CRYPT_OK) {
62	62	goto error;
63	63	}
64	64

446	446	len_len = len;
447	447
448	448	/* Sequence elements go as child */
449		if ((err = _der_decode_sequence_flexi(in, &len, &(l->child), depth+1)) != CRYPT_OK) {
	449	if ((err = s_der_decode_sequence_flexi(in, &len, &(l->child), depth+1)) != CRYPT_OK) {
450	450	goto error;
451	451	}
452	452	if (len_len != len) {

533	533	*/
534	534	int der_decode_sequence_flexi(const unsigned char in, unsigned long inlen, ltc_asn1_list **out)
535	535	{
536		return _der_decode_sequence_flexi(in, inlen, out, 0);
	536	return s_der_decode_sequence_flexi(in, inlen, out, 0);
537	537	}
538	538
539	539	#endif

+3

-3

src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c less more

19	19	@param flags c.f. enum ltc_der_seq
20	20	@return CRYPT_OK on success
21	21	*/
22		static int _der_decode_sequence_va(const unsigned char *in, unsigned long inlen, va_list a1, va_list a2, unsigned int flags)
	22	static int s_der_decode_sequence_va(const unsigned char *in, unsigned long inlen, va_list a1, va_list a2, unsigned int flags)
23	23	{
24	24	int err;
25	25	ltc_asn1_type type;

141	141	va_start(a1, inlen);
142	142	va_start(a2, inlen);
143	143
144		err = _der_decode_sequence_va(in, inlen, a1, a2, LTC_DER_SEQ_SEQUENCE \| LTC_DER_SEQ_RELAXED);
	144	err = s_der_decode_sequence_va(in, inlen, a1, a2, LTC_DER_SEQ_SEQUENCE \| LTC_DER_SEQ_RELAXED);
145	145
146	146	va_end(a2);
147	147	va_end(a1);

167	167	va_start(a1, flags);
168	168	va_start(a2, flags);
169	169
170		err = _der_decode_sequence_va(in, inlen, a1, a2, flags);
	170	err = s_der_decode_sequence_va(in, inlen, a1, a2, flags);
171	171
172	172	va_end(a2);
173	173	va_end(a1);

+4

-4

src/ltc/pk/asn1/der/set/der_encode_set.c less more

9	9	#ifdef LTC_DER
10	10
11	11	/* LTC define to ASN.1 TAG */
12		static int _ltc_to_asn1(ltc_asn1_type v)
	12	static int s_ltc_to_asn1(ltc_asn1_type v)
13	13	{
14	14	return der_asn1_type_to_identifier_map[v];
15	15	}
16	16
17	17
18		static int _qsort_helper(const void a, const void b)
	18	static int s_qsort_helper(const void a, const void b)
19	19	{
20	20	ltc_asn1_list A = (ltc_asn1_list )a, B = (ltc_asn1_list )b;
21	21	int r;
22	22
23		r = _ltc_to_asn1(A->type) - _ltc_to_asn1(B->type);
	23	r = s_ltc_to_asn1(A->type) - s_ltc_to_asn1(B->type);
24	24
25	25	/* for QSORT the order is UNDEFINED if they are "equal" which means it is NOT DETERMINISTIC. So we force it to be :-) */
26	26	if (r == 0) {

58	58	}
59	59
60	60	/* sort it by the "type" field */
61		XQSORT(copy, inlen, sizeof(*copy), &_qsort_helper);
	61	XQSORT(copy, inlen, sizeof(*copy), &s_qsort_helper);
62	62
63	63	/* call der_encode_sequence_ex() */
64	64	err = der_encode_sequence_ex(copy, inlen, out, outlen, LTC_ASN1_SET);

+2

-2

src/ltc/pk/asn1/der/set/der_encode_setof.c less more

13	13	unsigned long size;
14	14	};
15	15
16		static int _qsort_helper(const void a, const void b)
	16	static int s_qsort_helper(const void a, const void b)
17	17	{
18	18	struct edge A = (struct edge )a, B = (struct edge )b;
19	19	int r;

125	125	}
126	126
127	127	/* sort based on contents (using edges) */
128		XQSORT(edges, inlen, sizeof(*edges), &_qsort_helper);
	128	XQSORT(edges, inlen, sizeof(*edges), &s_qsort_helper);
129	129
130	130	/* copy static header */
131	131	XMEMCPY(out, buf, hdrlen);

+2

-2

src/ltc/pk/asn1/der/utctime/der_decode_utctime.c less more

8	8
9	9	#ifdef LTC_DER
10	10
11		static int _char_to_int(unsigned char x)
	11	static int s_char_to_int(unsigned char x)
12	12	{
13	13	switch (x) {
14	14	case '0': return 0;

26	26	}
27	27
28	28	#define DECODE_V(y, max) \
29		y = _char_to_int(buf[x])*10 + _char_to_int(buf[x+1]); \
	29	y = s_char_to_int(buf[x])*10 + s_char_to_int(buf[x+1]); \
30	30	if (y >= max) return CRYPT_INVALID_PACKET; \
31	31	x += 2;
32	32

+4

-3

src/ltc/pk/asn1/x509/x509_decode_public_key_from_certificate.c less more

38	38	unsigned long tmpbuf_len, tmp_inlen;
39	39	ltc_asn1_list decoded_list = NULL, l;
40	40
41		LTC_ARGCHK(in != NULL);
42		LTC_ARGCHK(inlen != 0);
	41	LTC_ARGCHK(in != NULL);
	42	LTC_ARGCHK(inlen != 0);
	43	LTC_ARGCHK(callback != NULL);
43	44
44	45	tmpbuf_len = inlen;
45	46	tmpbuf = XCALLOC(1, tmpbuf_len);

80	81	&& (l->data != NULL)
81	82	&& LOOKS_LIKE_SPKI(l->child)) {
82	83	if (algorithm == PKA_EC) {
83		err = ecc_import_subject_public_key_info(l->data, l->size, ctx);
	84	err = callback(l->data, l->size, ctx);
84	85	} else {
85	86	err = x509_decode_subject_public_key_info(l->data, l->size,
86	87	algorithm, tmpbuf, &tmpbuf_len,

+2

-2

src/ltc/pk/dh/dh_generate_key.c less more

4	4
5	5	#ifdef LTC_MDH
6	6
7		static int _dh_groupsize_to_keysize(int groupsize)
	7	static int s_dh_groupsize_to_keysize(int groupsize)
8	8	{
9	9	/* The strength estimates from https://tools.ietf.org/html/rfc3526#section-8
10	10	* We use "Estimate 2" to get an appropriate private key (exponent) size.

47	47	return err;
48	48	}
49	49
50		keysize = _dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime));
	50	keysize = s_dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime));
51	51	if (keysize == 0) {
52	52	err = CRYPT_INVALID_KEYSIZE;
53	53	goto freemp;

+2

-2

src/ltc/pk/dsa/dsa_generate_pqg.c less more

19	19	@param g [out] bignum where generated 'g' is stored (must be initialized by caller)
20	20	@return CRYPT_OK if successful, upon error this function will free all allocated memory
21	21	*/
22		static int _dsa_make_params(prng_state prng, int wprng, int group_size, int modulus_size, void p, void q, void g)
	22	static int s_dsa_make_params(prng_state prng, int wprng, int group_size, int modulus_size, void p, void q, void g)
23	23	{
24	24	unsigned long L, N, n, outbytes, seedbytes, counter, j, i;
25	25	int err, res, mr_tests_q, mr_tests_p, found_p, found_q, hash;

216	216	return err;
217	217	}
218	218	/* generate params */
219		err = _dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g);
	219	err = s_dsa_make_params(prng, wprng, group_size, modulus_size, key->p, key->q, key->g);
220	220	if (err != CRYPT_OK) {
221	221	goto cleanup;
222	222	}

+4

-4

src/ltc/pk/ec25519/tweetnacl.c less more

13	13	typedef i64 gf[16];
14	14
15	15	static const u8
16		_9[32] = {9};
	16	nine[32] = {9};
17	17	static const gf
18	18	gf0,
19	19	gf1 = {1},
20		_121665 = {0xDB41,1},
	20	gf121665 = {0xDB41,1},
21	21	D = {0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203},
22	22	D2 = {0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406},
23	23	X = {0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169},

194	194	Z(a,a,c);
195	195	S(b,a);
196	196	Z(c,d,f);
197		M(a,c,_121665);
	197	M(a,c,gf121665);
198	198	A(a,a,d);
199	199	M(c,c,a);
200	200	M(a,d,f);

217	217
218	218	int tweetnacl_crypto_scalarmult_base(u8 q,const u8 n)
219	219	{
220		return tweetnacl_crypto_scalarmult(q,n,_9);
	220	return tweetnacl_crypto_scalarmult(q,n,nine);
221	221	}
222	222
223	223	static int tweetnacl_crypto_hash(u8 out,const u8 m,u64 n)

+8

-8

src/ltc/pk/ecc/ecc_find_curve.c less more

7	7	static const struct {
8	8	const char *OID;
9	9	const char *names[6];
10		} _curve_names[] = {
	10	} s_curve_names[] = {
11	11	#ifdef LTC_ECC_SECP112R1
12	12	{
13	13	"1.3.132.0.6", { "SECP112R1", "ECC-112", NULL }

184	184	};
185	185
186	186	/* case-insensitive match + ignore '-', '_', ' ' */
187		static int _name_match(const char left, const char right)
	187	static int s_name_match(const char left, const char right)
188	188	{
189	189	char lc_r, lc_l;
190	190

215	215
216	216	*cu = NULL;
217	217
218		for (i = 0; _curve_names[i].OID != NULL && !OID; i++) {
219		if (XSTRCMP(_curve_names[i].OID, name_or_oid) == 0) {
220		OID = _curve_names[i].OID;
	218	for (i = 0; s_curve_names[i].OID != NULL && !OID; i++) {
	219	if (XSTRCMP(s_curve_names[i].OID, name_or_oid) == 0) {
	220	OID = s_curve_names[i].OID;
221	221	}
222		for (j = 0; _curve_names[i].names[j] != NULL && !OID; j++) {
223		if (_name_match(_curve_names[i].names[j], name_or_oid)) {
224		OID = _curve_names[i].OID;
	222	for (j = 0; s_curve_names[i].names[j] != NULL && !OID; j++) {
	223	if (s_name_match(s_curve_names[i].names[j], name_or_oid)) {
	224	OID = s_curve_names[i].OID;
225	225	}
226	226	}
227	227	}

+4

-4

src/ltc/pk/ecc/ecc_import_openssl.c less more

4	4
5	5	#ifdef LTC_MECC
6	6
7		static int _ecc_import_private_with_oid(const unsigned char in, unsigned long inlen, ecc_key key)
	7	static int s_ecc_import_private_with_oid(const unsigned char in, unsigned long inlen, ecc_key key)
8	8	{
9	9	ltc_asn1_list seq_priv[4], custom[2];
10	10	unsigned char bin_xy[2*ECC_MAXSIZE+2], bin_k[ECC_MAXSIZE];

38	38	return err;
39	39	}
40	40
41		static int _ecc_import_private_with_curve(const unsigned char in, unsigned long inlen, ecc_key key)
	41	static int s_ecc_import_private_with_curve(const unsigned char in, unsigned long inlen, ecc_key key)
42	42	{
43	43	void prime, order, a, b, gx, gy;
44	44	ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6], seq_priv[4], custom[2];

106	106	goto success;
107	107	}
108	108
109		if ((err = _ecc_import_private_with_oid(in, inlen, key)) == CRYPT_OK) {
	109	if ((err = s_ecc_import_private_with_oid(in, inlen, key)) == CRYPT_OK) {
110	110	goto success;
111	111	}
112	112
113		err = _ecc_import_private_with_curve(in, inlen, key);
	113	err = s_ecc_import_private_with_curve(in, inlen, key);
114	114
115	115	success:
116	116	return err;

+4

-4

src/ltc/pk/ecc/ecc_import_pkcs8.c less more

16	16	list[LTC_SDFC_temp##__LINE__].pp = P; \
17	17	} while (0)
18	18
19		static int _der_flexi_sequence_cmp(const ltc_asn1_list flexi, der_flexi_check check)
	19	static int s_der_flexi_sequence_cmp(const ltc_asn1_list flexi, der_flexi_check check)
20	20	{
21	21	const ltc_asn1_list *cur;
22	22	if (flexi->type != LTC_ASN1_SEQUENCE) {

34	34	return CRYPT_OK;
35	35	}
36	36
37		/* NOTE: _der_decode_pkcs8_flexi & related stuff can be shared with rsa_import_pkcs8() */
	37	/* NOTE: s_der_decode_pkcs8_flexi & related stuff can be shared with rsa_import_pkcs8() */
38	38
39	39	int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen,
40	40	const void *pwd, unsigned long pwdlen,

72	72	LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_OCTET_STRING, &priv_key);
73	73	LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL);
74	74
75		if (((err = _der_flexi_sequence_cmp(l, flexi_should)) == CRYPT_OK) &&
	75	if (((err = s_der_flexi_sequence_cmp(l, flexi_should)) == CRYPT_OK) &&
76	76	(pk_oid_cmp_with_asn1(pka_ec_oid, seq->child) == CRYPT_OK)) {
77	77	ltc_asn1_list version, field, point, point_g, order, p_cofactor;
78	78

101	101	if ((err = ecc_find_curve(OID, &curve)) != CRYPT_OK) { goto LBL_DONE; }
102	102	if ((err = ecc_set_curve(curve, key)) != CRYPT_OK) { goto LBL_DONE; }
103	103	}
104		else if ((err = _der_flexi_sequence_cmp(seq->child->next, flexi_should)) == CRYPT_OK) {
	104	else if ((err = s_der_flexi_sequence_cmp(seq->child->next, flexi_should)) == CRYPT_OK) {
105	105	/* CASE 2: explicit curve parameters (AKA long variant):
106	106	* 0:d=0 hl=3 l= 227 cons: SEQUENCE
107	107	* 3:d=1 hl=2 l= 1 prim: INTEGER :00

+8

-5

src/ltc/pk/ecc/ecc_import_x509.c less more

3	3
4	4	#ifdef LTC_MECC
5	5
6		static int _ecc_import_x509_with_oid(const unsigned char in, unsigned long inlen, ecc_key key)
	6	static int s_ecc_import_x509_with_oid(const unsigned char in, unsigned long inlen, ecc_key key)
7	7	{
8	8	unsigned char bin_xy[2*ECC_MAXSIZE+2];
9	9	unsigned long curveoid[16];

29	29	return err;
30	30	}
31	31
32		static int _ecc_import_x509_with_curve(const unsigned char in, unsigned long inlen, ecc_key key)
	32	static int s_ecc_import_x509_with_curve(const unsigned char in, unsigned long inlen, ecc_key key)
33	33	{
34	34	void prime, order, a, b, gx, gy;
35	35	ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6];

86	86	{
87	87	int err;
88	88
89		if ((err = _ecc_import_x509_with_oid(in, inlen, key)) == CRYPT_OK) {
	89	if ((err = s_ecc_import_x509_with_oid(in, inlen, key)) == CRYPT_OK) {
90	90	goto success;
91	91	}
92	92
93		err = _ecc_import_x509_with_curve(in, inlen, key);
	93	err = s_ecc_import_x509_with_curve(in, inlen, key);
94	94
95	95	success:
96	96	return err;

105	105	*/
106	106	int ecc_import_x509(const unsigned char in, unsigned long inlen, ecc_key key)
107	107	{
108		return x509_decode_public_key_from_certificate(in, inlen, PKA_EC, LTC_ASN1_EOL, NULL, NULL, NULL, key);
	108	return x509_decode_public_key_from_certificate(in, inlen,
	109	PKA_EC,
	110	LTC_ASN1_EOL, NULL, NULL,
	111	(public_key_decode_cb)ecc_import_subject_public_key_info, key);
109	112	}
110	113
111	114	#endif /* LTC_MECC */

+10

-10

src/ltc/pk/ecc/ecc_set_curve_internal.c less more

4	4
5	5	#ifdef LTC_MECC
6	6
7		static int _ecc_cmp_hex_bn(const char left_hex, void right_bn, void *tmp_bn)
	7	static int s_ecc_cmp_hex_bn(const char left_hex, void right_bn, void *tmp_bn)
8	8	{
9	9	if (mp_read_radix(tmp_bn, left_hex, 16) != CRYPT_OK) return 0;
10	10	if (mp_cmp(tmp_bn, right_bn) != LTC_MP_EQ) return 0;
11	11	return 1;
12	12	}
13	13
14		static void _ecc_oid_lookup(ecc_key *key)
	14	static void s_ecc_oid_lookup(ecc_key *key)
15	15	{
16	16	void *bn;
17	17	const ltc_ecc_curve *curve;

19	19	key->dp.oidlen = 0;
20	20	if (mp_init(&bn) != CRYPT_OK) return;
21	21	for (curve = ltc_ecc_curves; curve->prime != NULL; curve++) {
22		if (_ecc_cmp_hex_bn(curve->prime, key->dp.prime, bn) != 1) continue;
23		if (_ecc_cmp_hex_bn(curve->order, key->dp.order, bn) != 1) continue;
24		if (_ecc_cmp_hex_bn(curve->A, key->dp.A, bn) != 1) continue;
25		if (_ecc_cmp_hex_bn(curve->B, key->dp.B, bn) != 1) continue;
26		if (_ecc_cmp_hex_bn(curve->Gx, key->dp.base.x, bn) != 1) continue;
27		if (_ecc_cmp_hex_bn(curve->Gy, key->dp.base.y, bn) != 1) continue;
	22	if (s_ecc_cmp_hex_bn(curve->prime, key->dp.prime, bn) != 1) continue;
	23	if (s_ecc_cmp_hex_bn(curve->order, key->dp.order, bn) != 1) continue;
	24	if (s_ecc_cmp_hex_bn(curve->A, key->dp.A, bn) != 1) continue;
	25	if (s_ecc_cmp_hex_bn(curve->B, key->dp.B, bn) != 1) continue;
	26	if (s_ecc_cmp_hex_bn(curve->Gx, key->dp.base.x, bn) != 1) continue;
	27	if (s_ecc_cmp_hex_bn(curve->Gy, key->dp.base.y, bn) != 1) continue;
28	28	if (key->dp.cofactor != curve->cofactor) continue;
29	29	break; /* found */
30	30	}

65	65	for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = srckey->dp.oid[i];
66	66	}
67	67	else {
68		_ecc_oid_lookup(key); /* try to find OID in ltc_ecc_curves */
	68	s_ecc_oid_lookup(key); /* try to find OID in ltc_ecc_curves */
69	69	}
70	70	/* success */
71	71	return CRYPT_OK;

106	106	key->dp.cofactor = cofactor;
107	107	key->dp.size = mp_unsigned_bin_size(prime);
108	108	/* try to find OID in ltc_ecc_curves */
109		_ecc_oid_lookup(key);
	109	s_ecc_oid_lookup(key);
110	110	/* success */
111	111	return CRYPT_OK;
112	112

+3

-0

src/ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.c less more

6	6	Curve/OID to SSH+ECDSA name string mapping per RFC5656
7	7	Russ Williams
8	8	*/
	9
	10	#ifdef LTC_SSH
9	11
10	12	/**
11	13	Curve/OID to SSH+ECDSA name string mapping

59	61	return err;
60	62	}
61	63
	64	#endif

+2

-2

src/ltc/pk/ed25519/ed25519_import_x509.c less more

8	8
9	9	#ifdef LTC_CURVE25519
10	10
11		static int _ed25519_decode(const unsigned char in, unsigned long inlen, curve25519_key key)
	11	static int s_ed25519_decode(const unsigned char in, unsigned long inlen, curve25519_key key)
12	12	{
13	13	if (inlen != sizeof(key->pub)) return CRYPT_PK_INVALID_SIZE;
14	14	XMEMCPY(key->pub, in, sizeof(key->pub));

32	32	if ((err = x509_decode_public_key_from_certificate(in, inlen,
33	33	PKA_ED25519,
34	34	LTC_ASN1_EOL, NULL, NULL,
35		(public_key_decode_cb)_ed25519_decode, key)) != CRYPT_OK) {
	35	(public_key_decode_cb)s_ed25519_decode, key)) != CRYPT_OK) {
36	36	return err;
37	37	}
38	38	key->type = PK_PUBLIC;

+2

-2

src/ltc/pk/rsa/rsa_import_x509.c less more

8	8
9	9	#ifdef LTC_MRSA
10	10
11		static int _rsa_decode(const unsigned char in, unsigned long inlen, rsa_key key)
	11	static int s_rsa_decode(const unsigned char in, unsigned long inlen, rsa_key key)
12	12	{
13	13	/* now it should be SEQUENCE { INTEGER, INTEGER } */
14	14	return der_decode_sequence_multi(in, inlen,

40	40	if ((err = x509_decode_public_key_from_certificate(in, inlen,
41	41	PKA_RSA, LTC_ASN1_NULL,
42	42	NULL, NULL,
43		(public_key_decode_cb)_rsa_decode, key)) != CRYPT_OK) {
	43	(public_key_decode_cb)s_rsa_decode, key)) != CRYPT_OK) {
44	44	rsa_free(key);
45	45	} else {
46	46	key->type = PK_PUBLIC;

+2

-2

src/ltc/pk/rsa/rsa_key.c less more

10	10	#ifdef LTC_MRSA
11	11	#include <stdarg.h>
12	12
13		static void _mpi_shrink_multi(void **a, ...)
	13	static void s_mpi_shrink_multi(void **a, ...)
14	14	{
15	15	void **cur;
16	16	unsigned n;

75	75	void rsa_shrink_key(rsa_key *key)
76	76	{
77	77	LTC_ARGCHKVD(key != NULL);
78		_mpi_shrink_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
	78	s_mpi_shrink_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
79	79	}
80	80
81	81	/**

+2

-2

src/ltc/pk/x25519/x25519_import_x509.c less more

8	8
9	9	#ifdef LTC_CURVE25519
10	10
11		static int _x25519_decode(const unsigned char in, unsigned long inlen, curve25519_key key)
	11	static int s_x25519_decode(const unsigned char in, unsigned long inlen, curve25519_key key)
12	12	{
13	13	if (inlen != sizeof(key->pub)) return CRYPT_PK_INVALID_SIZE;
14	14	XMEMCPY(key->pub, in, sizeof(key->pub));

32	32	if ((err = x509_decode_public_key_from_certificate(in, inlen,
33	33	PKA_X25519,
34	34	LTC_ASN1_EOL, NULL, NULL,
35		(public_key_decode_cb)_x25519_decode, key)) != CRYPT_OK) {
	35	(public_key_decode_cb)s_x25519_decode, key)) != CRYPT_OK) {
36	36	return err;
37	37	}
38	38	key->type = PK_PUBLIC;

+1

-1

src/ltc/prngs/chacha20.c less more

143	143	@param prng The PRNG to export
144	144	@return CRYPT_OK if successful
145	145	*/
146		_LTC_PRNG_EXPORT(chacha20_prng)
	146	LTC_PRNG_EXPORT(chacha20_prng)
147	147
148	148	/**
149	149	Import a PRNG state

+17

-17

src/ltc/prngs/fortuna.c less more

52	52	};
53	53
54	54	/* update the IV */
55		static void _fortuna_update_iv(prng_state *prng)
	55	static void s_fortuna_update_iv(prng_state *prng)
56	56	{
57	57	int x;
58	58	unsigned char *IV;

66	66
67	67	#ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED
68	68	/* get the current time in 100ms steps */
69		static ulong64 _fortuna_current_time(void)
	69	static ulong64 s_fortuna_current_time(void)
70	70	{
71	71	ulong64 cur_time;
72	72	#if defined(_WIN32)

92	92	#endif
93	93
94	94	/* reseed the PRNG */
95		static int _fortuna_reseed(prng_state *prng)
	95	static int s_fortuna_reseed(prng_state *prng)
96	96	{
97	97	unsigned char tmp[MAXBLOCKSIZE];
98	98	hash_state md;

100	100	int err, x;
101	101
102	102	#ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED
103		ulong64 now = _fortuna_current_time();
	103	ulong64 now = s_fortuna_current_time();
104	104	if (now == prng->u.fortuna.wd) {
105	105	return CRYPT_OK;
106	106	}

148	148	if ((err = rijndael_setup(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey)) != CRYPT_OK) {
149	149	return err;
150	150	}
151		_fortuna_update_iv(prng);
	151	s_fortuna_update_iv(prng);
152	152
153	153	/* reset/update internals */
154	154	prng->u.fortuna.pool0_len = 0;

197	197	if ((err = sha256_done(&md, prng->u.fortuna.K)) != CRYPT_OK) {
198	198	goto LBL_UNLOCK;
199	199	}
200		_fortuna_update_iv(prng);
	200	s_fortuna_update_iv(prng);
201	201
202	202	LBL_UNLOCK:
203	203	LTC_MUTEX_UNLOCK(&prng->lock);

248	248	return CRYPT_OK;
249	249	}
250	250
251		static int _fortuna_add(unsigned long source, unsigned long pool, const unsigned char in, unsigned long inlen, prng_state prng)
	251	static int s_fortuna_add(unsigned long source, unsigned long pool, const unsigned char in, unsigned long inlen, prng_state prng)
252	252	{
253	253	unsigned char tmp[2];
254	254	int err;

295	295
296	296	LTC_MUTEX_LOCK(&prng->lock);
297	297
298		err = _fortuna_add(source, pool, in, inlen, prng);
	298	err = s_fortuna_add(source, pool, in, inlen, prng);
299	299
300	300	LTC_MUTEX_UNLOCK(&prng->lock);
301	301

319	319
320	320	LTC_MUTEX_LOCK(&prng->lock);
321	321
322		err = _fortuna_add(0, prng->u.fortuna.pool_idx, in, inlen, prng);
	322	err = s_fortuna_add(0, prng->u.fortuna.pool_idx, in, inlen, prng);
323	323
324	324	if (err == CRYPT_OK) {
325	325	++(prng->u.fortuna.pool_idx);

345	345	/* make sure the reseed doesn't fail because
346	346	* of the chosen rate limit */
347	347	#ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED
348		prng->u.fortuna.wd = _fortuna_current_time() - 1;
	348	prng->u.fortuna.wd = s_fortuna_current_time() - 1;
349	349	#else
350	350	prng->u.fortuna.wd = LTC_FORTUNA_WD;
351	351	#endif
352		err = _fortuna_reseed(prng);
	352	err = s_fortuna_reseed(prng);
353	353	prng->ready = (err == CRYPT_OK) ? 1 : 0;
354	354
355	355	LTC_MUTEX_UNLOCK(&prng->lock);

378	378
379	379	/* do we have to reseed? */
380	380	if (prng->u.fortuna.pool0_len >= 64) {
381		if (_fortuna_reseed(prng) != CRYPT_OK) {
	381	if (s_fortuna_reseed(prng) != CRYPT_OK) {
382	382	goto LBL_UNLOCK;
383	383	}
384	384	}

397	397	rijndael_ecb_encrypt(prng->u.fortuna.IV, out, &prng->u.fortuna.skey);
398	398	out += 16;
399	399	outlen -= 16;
400		_fortuna_update_iv(prng);
	400	s_fortuna_update_iv(prng);
401	401	}
402	402
403	403	/* left over bytes? */
404	404	if (outlen > 0) {
405	405	rijndael_ecb_encrypt(prng->u.fortuna.IV, tmp, &prng->u.fortuna.skey);
406	406	XMEMCPY(out, tmp, outlen);
407		_fortuna_update_iv(prng);
	407	s_fortuna_update_iv(prng);
408	408	}
409	409
410	410	/* generate new key */
411	411	rijndael_ecb_encrypt(prng->u.fortuna.IV, prng->u.fortuna.K , &prng->u.fortuna.skey);
412		_fortuna_update_iv(prng);
	412	s_fortuna_update_iv(prng);
413	413
414	414	rijndael_ecb_encrypt(prng->u.fortuna.IV, prng->u.fortuna.K+16, &prng->u.fortuna.skey);
415		_fortuna_update_iv(prng);
	415	s_fortuna_update_iv(prng);
416	416
417	417	if (rijndael_setup(prng->u.fortuna.K, 32, 0, &prng->u.fortuna.skey) != CRYPT_OK) {
418	418	tlen = 0;

466	466	@param prng The PRNG to export
467	467	@return CRYPT_OK if successful
468	468	*/
469		_LTC_PRNG_EXPORT(fortuna)
	469	LTC_PRNG_EXPORT(fortuna)
470	470
471	471	/**
472	472	Import a PRNG state

+1

-1

src/ltc/prngs/rc4.c less more

146	146	@param prng The PRNG to export
147	147	@return CRYPT_OK if successful
148	148	*/
149		_LTC_PRNG_EXPORT(rc4)
	149	LTC_PRNG_EXPORT(rc4)
150	150
151	151	/**
152	152	Import a PRNG state

+6

-6

src/ltc/prngs/rng_get_bytes.c less more

9	9
10	10	#if defined(LTC_DEVRANDOM) && !defined(_WIN32)
11	11	/* on NIX read /dev/random /
12		static unsigned long _rng_nix(unsigned char *buf, unsigned long len,
	12	static unsigned long s_rng_nix(unsigned char *buf, unsigned long len,
13	13	void (*callback)(void))
14	14	{
15	15	#ifdef LTC_NO_FILE

52	52
53	53	#define ANSI_RNG
54	54
55		static unsigned long _rng_ansic(unsigned char *buf, unsigned long len,
	55	static unsigned long s_rng_ansic(unsigned char *buf, unsigned long len,
56	56	void (*callback)(void))
57	57	{
58	58	clock_t t1;

93	93	#include <windows.h>
94	94	#include <wincrypt.h>
95	95
96		static unsigned long _rng_win32(unsigned char *buf, unsigned long len,
	96	static unsigned long s_rng_win32(unsigned char *buf, unsigned long len,
97	97	void (*callback)(void))
98	98	{
99	99	HCRYPTPROV hProv = 0;

139	139	#endif
140	140
141	141	#if defined(_WIN32) \|\| defined(_WIN32_WCE)
142		x = _rng_win32(out, outlen, callback); if (x != 0) { return x; }
	142	x = s_rng_win32(out, outlen, callback); if (x != 0) { return x; }
143	143	#elif defined(LTC_DEVRANDOM)
144		x = _rng_nix(out, outlen, callback); if (x != 0) { return x; }
	144	x = s_rng_nix(out, outlen, callback); if (x != 0) { return x; }
145	145	#endif
146	146	#ifdef ANSI_RNG
147		x = _rng_ansic(out, outlen, callback); if (x != 0) { return x; }
	147	x = s_rng_ansic(out, outlen, callback); if (x != 0) { return x; }
148	148	#endif
149	149	return 0;
150	150	}

+1

-1

src/ltc/prngs/sober128.c less more

145	145	@param prng The PRNG to export
146	146	@return CRYPT_OK if successful
147	147	*/
148		_LTC_PRNG_EXPORT(sober128)
	148	LTC_PRNG_EXPORT(sober128)
149	149
150	150	/**
151	151	Import a PRNG state

+1

-1

src/ltc/prngs/yarrow.c less more

266	266	@param prng The PRNG to export
267	267	@return CRYPT_OK if successful
268	268	*/
269		_LTC_PRNG_EXPORT(yarrow)
	269	LTC_PRNG_EXPORT(yarrow)
270	270
271	271	/**
272	272	Import a PRNG state

+2

-2

src/ltc/stream/chacha/chacha_crypt.c less more

15	15	x[a] += x[b]; x[d] = ROL(x[d] ^ x[a], 8); \
16	16	x[c] += x[d]; x[b] = ROL(x[b] ^ x[c], 7);
17	17
18		static void _chacha_block(unsigned char output, const ulong32 input, int rounds)
	18	static void s_chacha_block(unsigned char output, const ulong32 input, int rounds)
19	19	{
20	20	ulong32 x[16];
21	21	int i;

65	65	in += j;
66	66	}
67	67	for (;;) {
68		_chacha_block(buf, st->input, st->rounds);
	68	s_chacha_block(buf, st->input, st->rounds);
69	69	if (st->ivlen == 8) {
70	70	/* IV-64bit, increment 64bit counter */
71	71	if (0 == ++st->input[12] && 0 == ++st->input[13]) return CRYPT_OVERFLOW;

+11

-11

src/ltc/stream/rabbit/rabbit.c less more

60	60	#ifdef LTC_RABBIT
61	61
62	62	/* local/private prototypes (NB: rabbit_ctx and rabbit_state are different) */
63		static LTC_INLINE ulong32 _rabbit_g_func(ulong32 x);
64		static LTC_INLINE void _rabbit_next_state(rabbit_ctx *p_instance);
65		static LTC_INLINE void _rabbit_gen_1_block(rabbit_state* st, unsigned char *out);
	63	static LTC_INLINE ulong32 ss_rabbit_g_func(ulong32 x);
	64	static LTC_INLINE void ss_rabbit_next_state(rabbit_ctx *p_instance);
	65	static LTC_INLINE void ss_rabbit_gen_1_block(rabbit_state* st, unsigned char *out);
66	66
67	67	/* -------------------------------------------------------------------------- */
68	68
69	69	/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */
70	70	/* the upper 32 bits XOR the lower 32 bits */
71		static LTC_INLINE ulong32 _rabbit_g_func(ulong32 x)
	71	static LTC_INLINE ulong32 ss_rabbit_g_func(ulong32 x)
72	72	{
73	73	ulong32 a, b, h, l;
74	74

87	87	/* -------------------------------------------------------------------------- */
88	88
89	89	/* Calculate the next internal state */
90		static LTC_INLINE void _rabbit_next_state(rabbit_ctx *p_instance)
	90	static LTC_INLINE void ss_rabbit_next_state(rabbit_ctx *p_instance)
91	91	{
92	92	ulong32 g[8], c_old[8], i;
93	93

109	109
110	110	/* Calculate the g-values */
111	111	for (i=0;i<8;i++) {
112		g[i] = _rabbit_g_func((ulong32)(p_instance->x[i] + p_instance->c[i]));
	112	g[i] = ss_rabbit_g_func((ulong32)(p_instance->x[i] + p_instance->c[i]));
113	113	}
114	114
115	115	/* Calculate new state values */

125	125
126	126	/* ------------------------------------------------------------------------- */
127	127
128		static LTC_INLINE void _rabbit_gen_1_block(rabbit_state* st, unsigned char *out)
	128	static LTC_INLINE void ss_rabbit_gen_1_block(rabbit_state* st, unsigned char *out)
129	129	{
130	130	ulong32 *ptr;
131	131
132	132	/* Iterate the work context once */
133		_rabbit_next_state(&(st->work_ctx));
	133	ss_rabbit_next_state(&(st->work_ctx));
134	134
135	135	/* Generate 16 bytes of pseudo-random data */
136	136	ptr = (ulong32*)&(st->work_ctx.x);

194	194
195	195	/* Iterate the master context four times */
196	196	for (i=0; i<4; i++) {
197		_rabbit_next_state(&(st->master_ctx));
	197	ss_rabbit_next_state(&(st->master_ctx));
198	198	}
199	199
200	200	/* Modify the counters */

254	254
255	255	/* Iterate the work context four times */
256	256	for (i=0; i<4; i++) {
257		_rabbit_next_state(&(st->work_ctx));
	257	ss_rabbit_next_state(&(st->work_ctx));
258	258	}
259	259
260	260	/* reset keystream buffer and unused count */

288	288	}
289	289	for (;;) {
290	290	/* gen a block for buf */
291		_rabbit_gen_1_block(st, buf);
	291	ss_rabbit_gen_1_block(st, buf);
292	292	if (inlen <= 16) {
293	293	/* XOR and send to out */
294	294	for (i = 0; i < inlen; ++i) out[i] = in[i] ^ buf[i];

+2

-2

src/ltc/stream/salsa20/salsa20_crypt.c less more

16	16	x[d] ^= (ROL((x[c] + x[b]), 13)); \
17	17	x[a] ^= (ROL((x[d] + x[c]), 18));
18	18
19		static void _salsa20_block(unsigned char output, const ulong32 input, int rounds)
	19	static void s_salsa20_block(unsigned char output, const ulong32 input, int rounds)
20	20	{
21	21	ulong32 x[16];
22	22	int i;

66	66	in += j;
67	67	}
68	68	for (;;) {
69		_salsa20_block(buf, st->input, st->rounds);
	69	s_salsa20_block(buf, st->input, st->rounds);
70	70	/* Salsa20: 64-bit IV, increment 64-bit counter */
71	71	if (0 == ++st->input[8] && 0 == ++st->input[9]) return CRYPT_OVERFLOW;
72	72	if (inlen <= 64) {

+2

-2

src/ltc/stream/salsa20/xsalsa20_setup.c less more

20	20	x[a] ^= (ROL((x[d] + x[c]), 18));
21	21
22	22	/* use modified salsa20 doubleround (no final addition as in salsa20) */
23		static void _xsalsa20_doubleround(ulong32 *x, int rounds)
	23	static void s_xsalsa20_doubleround(ulong32 *x, int rounds)
24	24	{
25	25	int i;
26	26

86	86	LOAD32L(x[ 9], nonce + 12);
87	87
88	88	/* use modified salsa20 doubleround (no final addition) */
89		_xsalsa20_doubleround(x, rounds);
	89	s_xsalsa20_doubleround(x, rounds);
90	90
91	91	/* extract the subkey */
92	92	for (i = 0; i < 8; ++i) {

+1

-1

src/ltc/stream/sober128/sober128_stream.c less more

9	9
10	10	#ifdef LTC_SOBER128
11	11
12		#define __LTC_SOBER128TAB_C__
	12	#define LTC_SOBER128TAB_C
13	13	#include "sober128tab.c"
14	14
15	15	/* don't change these... */

+2

-2

src/ltc/stream/sober128/sober128tab.c less more

5	5	SOBER-128 Tables
6	6	*/
7	7
8		#ifdef __LTC_SOBER128TAB_C__
	8	#ifdef LTC_SOBER128TAB_C
9	9
10	10	/* $ID$ */
11	11	/* @(#)TuringMultab.h 1.3 (QUALCOMM) 02/09/03 */

162	162	0xf9e6053f, 0xa4b0d300, 0xd499cbcc, 0xb95e3d40,
163	163	};
164	164
165		#endif /* __LTC_SOBER128TAB_C__ */
	165	#endif /* LTC_SOBER128TAB_C */

+6

-6

src/ltc/stream/sosemanuk/sosemanuk.c less more

578	578	* Compute the next block of bits of output stream. This is equivalent
579	579	* to one full rotation of the shift register.
580	580	*/
581		static LTC_INLINE void _sosemanuk_internal(sosemanuk_state *st)
	581	static LTC_INLINE void s_sosemanuk_internal(sosemanuk_state *st)
582	582	{
583	583	/*
584	584	* MUL_A(x) computes alpha * x (in F_{2^32}).

716	716	* or in2[] is not allowed. Total overlap (out == in1 and/or out == in2)
717	717	* is allowed.
718	718	*/
719		static LTC_INLINE void _xorbuf(const unsigned char in1, const unsigned char in2,
	719	static LTC_INLINE void s_xorbuf(const unsigned char in1, const unsigned char in2,
720	720	unsigned char *out, unsigned long datalen)
721	721	{
722	722	while (datalen -- > 0) {

749	749	if (rlen > inlen) {
750	750	rlen = inlen;
751	751	}
752		_xorbuf(st->buf + st->ptr, in, out, rlen);
	752	s_xorbuf(st->buf + st->ptr, in, out, rlen);
753	753	in += rlen;
754	754	out += rlen;
755	755	inlen -= rlen;
756	756	st->ptr += rlen;
757	757	}
758	758	while (inlen > 0) {
759		_sosemanuk_internal(st);
	759	s_sosemanuk_internal(st);
760	760	if (inlen >= sizeof(st->buf)) {
761		_xorbuf(st->buf, in, out, sizeof(st->buf));
	761	s_xorbuf(st->buf, in, out, sizeof(st->buf));
762	762	in += sizeof(st->buf);
763	763	out += sizeof(st->buf);
764	764	inlen -= sizeof(st->buf);
765	765	} else {
766		_xorbuf(st->buf, in, out, inlen);
	766	s_xorbuf(st->buf, in, out, inlen);
767	767	st->ptr = inlen;
768	768	inlen = 0;
769	769	}