Package list libcryptx-perl / 448b761
libtomcrypt update Karel Miko 3 years ago
84 changed file(s) with 1226 addition(s) and 1111 deletion(s). Raw diff Collapse all Expand all
5555 ltc/misc/crypt/crypt_register_cipher.o ltc/misc/crypt/crypt_register_hash.o ltc/misc/crypt/crypt_register_prng.o \
5656 ltc/misc/crypt/crypt_sizes.o ltc/misc/crypt/crypt_unregister_cipher.o ltc/misc/crypt/crypt_unregister_hash.o \
5757 ltc/misc/crypt/crypt_unregister_prng.o ltc/misc/hkdf/hkdf.o ltc/misc/padding/padding_depad.o \
58 ltc/misc/padding/padding_pad.o ltc/misc/pkcs5/pkcs_5_1.o ltc/misc/pkcs5/pkcs_5_2.o \
59 ltc/modes/cbc/cbc_decrypt.o ltc/modes/cbc/cbc_done.o ltc/modes/cbc/cbc_encrypt.o \
60 ltc/modes/cbc/cbc_getiv.o ltc/modes/cbc/cbc_setiv.o ltc/modes/cbc/cbc_start.o ltc/modes/cfb/cfb_decrypt.o \
61 ltc/modes/cfb/cfb_done.o ltc/modes/cfb/cfb_encrypt.o ltc/modes/cfb/cfb_getiv.o ltc/modes/cfb/cfb_setiv.o \
62 ltc/modes/cfb/cfb_start.o ltc/modes/ctr/ctr_decrypt.o ltc/modes/ctr/ctr_done.o ltc/modes/ctr/ctr_encrypt.o \
63 ltc/modes/ctr/ctr_getiv.o ltc/modes/ctr/ctr_setiv.o ltc/modes/ctr/ctr_start.o ltc/modes/ecb/ecb_decrypt.o \
64 ltc/modes/ecb/ecb_done.o ltc/modes/ecb/ecb_encrypt.o ltc/modes/ecb/ecb_start.o ltc/modes/ofb/ofb_decrypt.o \
65 ltc/modes/ofb/ofb_done.o ltc/modes/ofb/ofb_encrypt.o ltc/modes/ofb/ofb_getiv.o ltc/modes/ofb/ofb_setiv.o \
66 ltc/modes/ofb/ofb_start.o ltc/pk/asn1/der/bit/der_decode_bit_string.o ltc/pk/asn1/der/bit/der_decode_raw_bit_string.o \
67 ltc/pk/asn1/der/bit/der_encode_bit_string.o ltc/pk/asn1/der/bit/der_encode_raw_bit_string.o \
68 ltc/pk/asn1/der/bit/der_length_bit_string.o ltc/pk/asn1/der/boolean/der_decode_boolean.o \
69 ltc/pk/asn1/der/boolean/der_encode_boolean.o ltc/pk/asn1/der/boolean/der_length_boolean.o \
70 ltc/pk/asn1/der/choice/der_decode_choice.o ltc/pk/asn1/der/custom_type/der_decode_custom_type.o \
71 ltc/pk/asn1/der/custom_type/der_encode_custom_type.o ltc/pk/asn1/der/custom_type/der_length_custom_type.o \
72 ltc/pk/asn1/der/general/der_asn1_maps.o ltc/pk/asn1/der/general/der_decode_asn1_identifier.o \
73 ltc/pk/asn1/der/general/der_decode_asn1_length.o ltc/pk/asn1/der/general/der_encode_asn1_identifier.o \
74 ltc/pk/asn1/der/general/der_encode_asn1_length.o ltc/pk/asn1/der/general/der_length_asn1_identifier.o \
75 ltc/pk/asn1/der/general/der_length_asn1_length.o ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.o \
76 ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.o ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.o \
77 ltc/pk/asn1/der/ia5/der_decode_ia5_string.o ltc/pk/asn1/der/ia5/der_encode_ia5_string.o \
78 ltc/pk/asn1/der/ia5/der_length_ia5_string.o ltc/pk/asn1/der/integer/der_decode_integer.o \
79 ltc/pk/asn1/der/integer/der_encode_integer.o ltc/pk/asn1/der/integer/der_length_integer.o \
80 ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.o ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
81 ltc/pk/asn1/der/object_identifier/der_length_object_identifier.o ltc/pk/asn1/der/octet/der_decode_octet_string.o \
82 ltc/pk/asn1/der/octet/der_encode_octet_string.o ltc/pk/asn1/der/octet/der_length_octet_string.o \
83 ltc/pk/asn1/der/printable_string/der_decode_printable_string.o ltc/pk/asn1/der/printable_string/der_encode_printable_string.o \
84 ltc/pk/asn1/der/printable_string/der_length_printable_string.o ltc/pk/asn1/der/sequence/der_decode_sequence_ex.o \
85 ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.o ltc/pk/asn1/der/sequence/der_decode_sequence_multi.o \
86 ltc/pk/asn1/der/sequence/der_encode_sequence_ex.o ltc/pk/asn1/der/sequence/der_encode_sequence_multi.o \
87 ltc/pk/asn1/der/sequence/der_length_sequence.o ltc/pk/asn1/der/sequence/der_sequence_free.o \
88 ltc/pk/asn1/der/sequence/der_sequence_shrink.o ltc/pk/asn1/der/set/der_encode_set.o \
89 ltc/pk/asn1/der/set/der_encode_setof.o ltc/pk/asn1/der/short_integer/der_decode_short_integer.o \
58 ltc/misc/padding/padding_pad.o ltc/misc/pkcs12/pkcs12_kdf.o ltc/misc/pkcs12/pkcs12_utf8_to_utf16.o \
59 ltc/misc/pkcs5/pkcs_5_1.o ltc/misc/pkcs5/pkcs_5_2.o ltc/modes/cbc/cbc_decrypt.o ltc/modes/cbc/cbc_done.o \
60 ltc/modes/cbc/cbc_encrypt.o ltc/modes/cbc/cbc_getiv.o ltc/modes/cbc/cbc_setiv.o ltc/modes/cbc/cbc_start.o \
61 ltc/modes/cfb/cfb_decrypt.o ltc/modes/cfb/cfb_done.o ltc/modes/cfb/cfb_encrypt.o \
62 ltc/modes/cfb/cfb_getiv.o ltc/modes/cfb/cfb_setiv.o ltc/modes/cfb/cfb_start.o ltc/modes/ctr/ctr_decrypt.o \
63 ltc/modes/ctr/ctr_done.o ltc/modes/ctr/ctr_encrypt.o ltc/modes/ctr/ctr_getiv.o ltc/modes/ctr/ctr_setiv.o \
64 ltc/modes/ctr/ctr_start.o ltc/modes/ecb/ecb_decrypt.o ltc/modes/ecb/ecb_done.o ltc/modes/ecb/ecb_encrypt.o \
65 ltc/modes/ecb/ecb_start.o ltc/modes/ofb/ofb_decrypt.o ltc/modes/ofb/ofb_done.o ltc/modes/ofb/ofb_encrypt.o \
66 ltc/modes/ofb/ofb_getiv.o ltc/modes/ofb/ofb_setiv.o ltc/modes/ofb/ofb_start.o ltc/pk/asn1/der/bit/der_decode_bit_string.o \
67 ltc/pk/asn1/der/bit/der_decode_raw_bit_string.o ltc/pk/asn1/der/bit/der_encode_bit_string.o \
68 ltc/pk/asn1/der/bit/der_encode_raw_bit_string.o ltc/pk/asn1/der/bit/der_length_bit_string.o \
69 ltc/pk/asn1/der/boolean/der_decode_boolean.o ltc/pk/asn1/der/boolean/der_encode_boolean.o \
70 ltc/pk/asn1/der/boolean/der_length_boolean.o ltc/pk/asn1/der/choice/der_decode_choice.o \
71 ltc/pk/asn1/der/custom_type/der_decode_custom_type.o ltc/pk/asn1/der/custom_type/der_encode_custom_type.o \
72 ltc/pk/asn1/der/custom_type/der_length_custom_type.o ltc/pk/asn1/der/general/der_asn1_maps.o \
73 ltc/pk/asn1/der/general/der_decode_asn1_identifier.o ltc/pk/asn1/der/general/der_decode_asn1_length.o \
74 ltc/pk/asn1/der/general/der_encode_asn1_identifier.o ltc/pk/asn1/der/general/der_encode_asn1_length.o \
75 ltc/pk/asn1/der/general/der_length_asn1_identifier.o ltc/pk/asn1/der/general/der_length_asn1_length.o \
76 ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.o ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.o \
77 ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.o ltc/pk/asn1/der/ia5/der_decode_ia5_string.o \
78 ltc/pk/asn1/der/ia5/der_encode_ia5_string.o ltc/pk/asn1/der/ia5/der_length_ia5_string.o \
79 ltc/pk/asn1/der/integer/der_decode_integer.o ltc/pk/asn1/der/integer/der_encode_integer.o \
80 ltc/pk/asn1/der/integer/der_length_integer.o ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
81 ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.o ltc/pk/asn1/der/object_identifier/der_length_object_identifier.o \
82 ltc/pk/asn1/der/octet/der_decode_octet_string.o ltc/pk/asn1/der/octet/der_encode_octet_string.o \
83 ltc/pk/asn1/der/octet/der_length_octet_string.o ltc/pk/asn1/der/printable_string/der_decode_printable_string.o \
84 ltc/pk/asn1/der/printable_string/der_encode_printable_string.o ltc/pk/asn1/der/printable_string/der_length_printable_string.o \
85 ltc/pk/asn1/der/sequence/der_decode_sequence_ex.o ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.o \
86 ltc/pk/asn1/der/sequence/der_decode_sequence_multi.o ltc/pk/asn1/der/sequence/der_encode_sequence_ex.o \
87 ltc/pk/asn1/der/sequence/der_encode_sequence_multi.o ltc/pk/asn1/der/sequence/der_length_sequence.o \
88 ltc/pk/asn1/der/sequence/der_sequence_free.o ltc/pk/asn1/der/sequence/der_sequence_shrink.o \
89 ltc/pk/asn1/der/set/der_encode_set.o ltc/pk/asn1/der/set/der_encode_setof.o ltc/pk/asn1/der/short_integer/der_decode_short_integer.o \
9090 ltc/pk/asn1/der/short_integer/der_encode_short_integer.o ltc/pk/asn1/der/short_integer/der_length_short_integer.o \
9191 ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.o ltc/pk/asn1/der/teletex_string/der_length_teletex_string.o \
9292 ltc/pk/asn1/der/utctime/der_decode_utctime.o ltc/pk/asn1/der/utctime/der_encode_utctime.o \
101101 ltc/pk/dsa/dsa_set_pqg_dsaparam.o ltc/pk/dsa/dsa_shared_secret.o ltc/pk/dsa/dsa_sign_hash.o \
102102 ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ecc/ecc.o ltc/pk/ecc/ecc_ansi_x963_export.o \
103103 ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o ltc/pk/ecc/ecc_encrypt_key.o \
104 ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_curve.o \
105 ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_oid_str.o ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o \
106 ltc/pk/ecc/ecc_import_openssl.o ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_x509.o \
107 ltc/pk/ecc/ecc_make_key.o ltc/pk/ecc/ecc_set_dp.o ltc/pk/ecc/ecc_set_dp_internal.o \
108 ltc/pk/ecc/ecc_set_key.o ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o \
109 ltc/pk/ecc/ecc_sizes.o ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ltc_ecc_export_point.o \
104 ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_find_curve.o \
105 ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_oid_str.o ltc/pk/ecc/ecc_get_size.o \
106 ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o ltc/pk/ecc/ecc_import_pkcs8.o \
107 ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o ltc/pk/ecc/ecc_set_curve.o \
108 ltc/pk/ecc/ecc_set_curve_internal.o ltc/pk/ecc/ecc_set_key.o ltc/pk/ecc/ecc_shared_secret.o \
109 ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ltc_ecc_export_point.o \
110110 ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o \
111111 ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o ltc/pk/ecc/ltc_ecc_mulmod.o \
112112 ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o ltc/pk/ecc/ltc_ecc_projective_add_point.o \
5959 ltc/misc/crypt/crypt_register_hash.obj ltc/misc/crypt/crypt_register_prng.obj ltc/misc/crypt/crypt_sizes.obj \
6060 ltc/misc/crypt/crypt_unregister_cipher.obj ltc/misc/crypt/crypt_unregister_hash.obj \
6161 ltc/misc/crypt/crypt_unregister_prng.obj ltc/misc/hkdf/hkdf.obj ltc/misc/padding/padding_depad.obj \
62 ltc/misc/padding/padding_pad.obj ltc/misc/pkcs5/pkcs_5_1.obj ltc/misc/pkcs5/pkcs_5_2.obj \
63 ltc/modes/cbc/cbc_decrypt.obj ltc/modes/cbc/cbc_done.obj ltc/modes/cbc/cbc_encrypt.obj \
64 ltc/modes/cbc/cbc_getiv.obj ltc/modes/cbc/cbc_setiv.obj ltc/modes/cbc/cbc_start.obj \
65 ltc/modes/cfb/cfb_decrypt.obj ltc/modes/cfb/cfb_done.obj ltc/modes/cfb/cfb_encrypt.obj \
66 ltc/modes/cfb/cfb_getiv.obj ltc/modes/cfb/cfb_setiv.obj ltc/modes/cfb/cfb_start.obj \
67 ltc/modes/ctr/ctr_decrypt.obj ltc/modes/ctr/ctr_done.obj ltc/modes/ctr/ctr_encrypt.obj \
68 ltc/modes/ctr/ctr_getiv.obj ltc/modes/ctr/ctr_setiv.obj ltc/modes/ctr/ctr_start.obj \
69 ltc/modes/ecb/ecb_decrypt.obj ltc/modes/ecb/ecb_done.obj ltc/modes/ecb/ecb_encrypt.obj \
70 ltc/modes/ecb/ecb_start.obj ltc/modes/ofb/ofb_decrypt.obj ltc/modes/ofb/ofb_done.obj \
71 ltc/modes/ofb/ofb_encrypt.obj ltc/modes/ofb/ofb_getiv.obj ltc/modes/ofb/ofb_setiv.obj \
72 ltc/modes/ofb/ofb_start.obj ltc/pk/asn1/der/bit/der_decode_bit_string.obj ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj \
62 ltc/misc/padding/padding_pad.obj ltc/misc/pkcs12/pkcs12_kdf.obj ltc/misc/pkcs12/pkcs12_utf8_to_utf16.obj \
63 ltc/misc/pkcs5/pkcs_5_1.obj ltc/misc/pkcs5/pkcs_5_2.obj ltc/modes/cbc/cbc_decrypt.obj \
64 ltc/modes/cbc/cbc_done.obj ltc/modes/cbc/cbc_encrypt.obj ltc/modes/cbc/cbc_getiv.obj \
65 ltc/modes/cbc/cbc_setiv.obj ltc/modes/cbc/cbc_start.obj ltc/modes/cfb/cfb_decrypt.obj \
66 ltc/modes/cfb/cfb_done.obj ltc/modes/cfb/cfb_encrypt.obj ltc/modes/cfb/cfb_getiv.obj \
67 ltc/modes/cfb/cfb_setiv.obj ltc/modes/cfb/cfb_start.obj ltc/modes/ctr/ctr_decrypt.obj \
68 ltc/modes/ctr/ctr_done.obj ltc/modes/ctr/ctr_encrypt.obj ltc/modes/ctr/ctr_getiv.obj \
69 ltc/modes/ctr/ctr_setiv.obj ltc/modes/ctr/ctr_start.obj ltc/modes/ecb/ecb_decrypt.obj \
70 ltc/modes/ecb/ecb_done.obj ltc/modes/ecb/ecb_encrypt.obj ltc/modes/ecb/ecb_start.obj \
71 ltc/modes/ofb/ofb_decrypt.obj ltc/modes/ofb/ofb_done.obj ltc/modes/ofb/ofb_encrypt.obj \
72 ltc/modes/ofb/ofb_getiv.obj ltc/modes/ofb/ofb_setiv.obj ltc/modes/ofb/ofb_start.obj \
73 ltc/pk/asn1/der/bit/der_decode_bit_string.obj ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj \
7374 ltc/pk/asn1/der/bit/der_encode_bit_string.obj ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj \
7475 ltc/pk/asn1/der/bit/der_length_bit_string.obj ltc/pk/asn1/der/boolean/der_decode_boolean.obj \
7576 ltc/pk/asn1/der/boolean/der_encode_boolean.obj ltc/pk/asn1/der/boolean/der_length_boolean.obj \
108109 ltc/pk/dsa/dsa_shared_secret.obj ltc/pk/dsa/dsa_sign_hash.obj ltc/pk/dsa/dsa_verify_hash.obj \
109110 ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \
110111 ltc/pk/ecc/ecc_ansi_x963_import.obj ltc/pk/ecc/ecc_decrypt_key.obj ltc/pk/ecc/ecc_encrypt_key.obj \
111 ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_openssl.obj ltc/pk/ecc/ecc_free.obj \
112 ltc/pk/ecc/ecc_get_curve.obj ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_oid_str.obj \
112 ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_openssl.obj ltc/pk/ecc/ecc_find_curve.obj \
113 ltc/pk/ecc/ecc_free.obj ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_oid_str.obj \
113114 ltc/pk/ecc/ecc_get_size.obj ltc/pk/ecc/ecc_import.obj ltc/pk/ecc/ecc_import_openssl.obj \
114115 ltc/pk/ecc/ecc_import_pkcs8.obj ltc/pk/ecc/ecc_import_x509.obj ltc/pk/ecc/ecc_make_key.obj \
115 ltc/pk/ecc/ecc_set_dp.obj ltc/pk/ecc/ecc_set_dp_internal.obj ltc/pk/ecc/ecc_set_key.obj \
116 ltc/pk/ecc/ecc_set_curve.obj ltc/pk/ecc/ecc_set_curve_internal.obj ltc/pk/ecc/ecc_set_key.obj \
116117 ltc/pk/ecc/ecc_shared_secret.obj ltc/pk/ecc/ecc_sign_hash.obj ltc/pk/ecc/ecc_sizes.obj \
117118 ltc/pk/ecc/ecc_verify_hash.obj ltc/pk/ecc/ltc_ecc_export_point.obj ltc/pk/ecc/ltc_ecc_import_point.obj \
118119 ltc/pk/ecc/ltc_ecc_is_point.obj ltc/pk/ecc/ltc_ecc_is_point_at_infinity.obj ltc/pk/ecc/ltc_ecc_map.obj \
722722 {
723723 LTC_ARGCHK(keysize != NULL);
724724
725 if (*keysize < 16)
725 if (*keysize < 16) {
726726 return CRYPT_INVALID_KEYSIZE;
727 }
727728 if (*keysize < 24) {
728729 *keysize = 16;
729730 return CRYPT_OK;
730 } else if (*keysize < 32) {
731 }
732 if (*keysize < 32) {
731733 *keysize = 24;
732734 return CRYPT_OK;
733 } else {
734 *keysize = 32;
735 return CRYPT_OK;
736735 }
736 *keysize = 32;
737 return CRYPT_OK;
737738 }
738739
739740 #endif
579579
580580 if (*keysize < 8) {
581581 return CRYPT_INVALID_KEYSIZE;
582 } else if (*keysize > 56) {
582 }
583 if (*keysize > 56) {
583584 *keysize = 56;
584585 }
585586 return CRYPT_OK;
706706 LTC_ARGCHK(keysize != NULL);
707707 if (*keysize < 5) {
708708 return CRYPT_INVALID_KEYSIZE;
709 } else if (*keysize > 16) {
709 }
710 if (*keysize > 16) {
710711 *keysize = 16;
711712 }
712713 return CRYPT_OK;
20672067 int des3_keysize(int *keysize)
20682068 {
20692069 LTC_ARGCHK(keysize != NULL);
2070 if (*keysize < 16)
2070 if (*keysize < 16) {
20712071 return CRYPT_INVALID_KEYSIZE;
2072 }
20722073 if (*keysize < 24) {
20732074 *keysize = 16;
20742075 return CRYPT_OK;
242242 if (*keysize >= 16) {
243243 *keysize = 16;
244244 return CRYPT_OK;
245 } else {
246 return CRYPT_INVALID_KEYSIZE;
247245 }
246 return CRYPT_INVALID_KEYSIZE;
248247 }
249248
250249 int kasumi_test(void)
842842 if (*keysize >= 16) {
843843 *keysize = 16;
844844 return CRYPT_OK;
845 } else {
846 return CRYPT_INVALID_KEYSIZE;
847845 }
846 return CRYPT_INVALID_KEYSIZE;
848847 }
849848
850849 #endif
313313 LTC_ARGCHK(keysize != NULL);
314314 if (*keysize < 16) {
315315 return CRYPT_INVALID_KEYSIZE;
316 } else {
317 *keysize = 16;
318 return CRYPT_OK;
319 }
316 }
317 *keysize = 16;
318 return CRYPT_OK;
320319 }
321320
322321 #endif
400400 LTC_ARGCHK(keysize != NULL);
401401 if (*keysize < 1) {
402402 return CRYPT_INVALID_KEYSIZE;
403 } else if (*keysize > 128) {
403 }
404 if (*keysize > 128) {
404405 *keysize = 128;
405406 }
406407 return CRYPT_OK;
307307 LTC_ARGCHK(keysize != NULL);
308308 if (*keysize < 8) {
309309 return CRYPT_INVALID_KEYSIZE;
310 } else if (*keysize > 128) {
310 }
311 if (*keysize > 128) {
311312 *keysize = 128;
312313 }
313314 return CRYPT_OK;
317317 LTC_ARGCHK(keysize != NULL);
318318 if (*keysize < 8) {
319319 return CRYPT_INVALID_KEYSIZE;
320 } else if (*keysize > 128) {
320 }
321 if (*keysize > 128) {
321322 *keysize = 128;
322323 }
323324 return CRYPT_OK;
112112 unsigned char ka[LTC_SAFER_BLOCK_LEN + 1];
113113 unsigned char kb[LTC_SAFER_BLOCK_LEN + 1];
114114
115 if (LTC_SAFER_MAX_NOF_ROUNDS < nof_rounds)
115 if (LTC_SAFER_MAX_NOF_ROUNDS < nof_rounds) {
116116 nof_rounds = LTC_SAFER_MAX_NOF_ROUNDS;
117 }
117118 *key++ = (unsigned char)nof_rounds;
118119 ka[LTC_SAFER_BLOCK_LEN] = (unsigned char)0;
119120 kb[LTC_SAFER_BLOCK_LEN] = (unsigned char)0;
175176 }
176177 #endif
177178
178 int safer_k64_setup(const unsigned char *key, int keylen, int numrounds, symmetric_key *skey)
179 int safer_k64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
179180 {
180181 LTC_ARGCHK(key != NULL);
181182 LTC_ARGCHK(skey != NULL);
182183
183 if (numrounds != 0 && (numrounds < 6 || numrounds > LTC_SAFER_MAX_NOF_ROUNDS)) {
184 if (num_rounds != 0 && (num_rounds < 6 || num_rounds > LTC_SAFER_MAX_NOF_ROUNDS)) {
184185 return CRYPT_INVALID_ROUNDS;
185186 }
186187
188189 return CRYPT_INVALID_KEYSIZE;
189190 }
190191
191 Safer_Expand_Userkey(key, key, (unsigned int)(numrounds != 0 ?numrounds:LTC_SAFER_K64_DEFAULT_NOF_ROUNDS), 0, skey->safer.key);
192 return CRYPT_OK;
193 }
194
195 int safer_sk64_setup(const unsigned char *key, int keylen, int numrounds, symmetric_key *skey)
192 Safer_Expand_Userkey(key, key, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_K64_DEFAULT_NOF_ROUNDS), 0, skey->safer.key);
193 return CRYPT_OK;
194 }
195
196 int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
196197 {
197198 LTC_ARGCHK(key != NULL);
198199 LTC_ARGCHK(skey != NULL);
199200
200 if (numrounds != 0 && (numrounds < 6 || numrounds > LTC_SAFER_MAX_NOF_ROUNDS)) {
201 if (num_rounds != 0 && (num_rounds < 6 || num_rounds > LTC_SAFER_MAX_NOF_ROUNDS)) {
201202 return CRYPT_INVALID_ROUNDS;
202203 }
203204
205206 return CRYPT_INVALID_KEYSIZE;
206207 }
207208
208 Safer_Expand_Userkey(key, key, (unsigned int)(numrounds != 0 ?numrounds:LTC_SAFER_SK64_DEFAULT_NOF_ROUNDS), 1, skey->safer.key);
209 return CRYPT_OK;
210 }
211
212 int safer_k128_setup(const unsigned char *key, int keylen, int numrounds, symmetric_key *skey)
209 Safer_Expand_Userkey(key, key, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_SK64_DEFAULT_NOF_ROUNDS), 1, skey->safer.key);
210 return CRYPT_OK;
211 }
212
213 int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
213214 {
214215 LTC_ARGCHK(key != NULL);
215216 LTC_ARGCHK(skey != NULL);
216217
217 if (numrounds != 0 && (numrounds < 6 || numrounds > LTC_SAFER_MAX_NOF_ROUNDS)) {
218 if (num_rounds != 0 && (num_rounds < 6 || num_rounds > LTC_SAFER_MAX_NOF_ROUNDS)) {
218219 return CRYPT_INVALID_ROUNDS;
219220 }
220221
222223 return CRYPT_INVALID_KEYSIZE;
223224 }
224225
225 Safer_Expand_Userkey(key, key+8, (unsigned int)(numrounds != 0 ?numrounds:LTC_SAFER_K128_DEFAULT_NOF_ROUNDS), 0, skey->safer.key);
226 return CRYPT_OK;
227 }
228
229 int safer_sk128_setup(const unsigned char *key, int keylen, int numrounds, symmetric_key *skey)
226 Safer_Expand_Userkey(key, key+8, (unsigned int)(num_rounds != 0 ?num_rounds:LTC_SAFER_K128_DEFAULT_NOF_ROUNDS), 0, skey->safer.key);
227 return CRYPT_OK;
228 }
229
230 int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
230231 {
231232 LTC_ARGCHK(key != NULL);
232233 LTC_ARGCHK(skey != NULL);
233234
234 if (numrounds != 0 && (numrounds < 6 || numrounds > LTC_SAFER_MAX_NOF_ROUNDS)) {
235 if (num_rounds != 0 && (num_rounds < 6 || num_rounds > LTC_SAFER_MAX_NOF_ROUNDS)) {
235236 return CRYPT_INVALID_ROUNDS;
236237 }
237238
239240 return CRYPT_INVALID_KEYSIZE;
240241 }
241242
242 Safer_Expand_Userkey(key, key+8, (unsigned int)(numrounds != 0?numrounds:LTC_SAFER_SK128_DEFAULT_NOF_ROUNDS), 1, skey->safer.key);
243 return CRYPT_OK;
244 }
245
246 #ifdef LTC_CLEAN_STACK
247 static int _safer_ecb_encrypt(const unsigned char *block_in,
248 unsigned char *block_out,
243 Safer_Expand_Userkey(key, key+8, (unsigned int)(num_rounds != 0?num_rounds:LTC_SAFER_SK128_DEFAULT_NOF_ROUNDS), 1, skey->safer.key);
244 return CRYPT_OK;
245 }
246
247 #ifdef LTC_CLEAN_STACK
248 static int _safer_ecb_encrypt(const unsigned char *pt,
249 unsigned char *ct,
249250 const symmetric_key *skey)
250251 #else
251 int safer_ecb_encrypt(const unsigned char *block_in,
252 unsigned char *block_out,
252 int safer_ecb_encrypt(const unsigned char *pt,
253 unsigned char *ct,
253254 const symmetric_key *skey)
254255 #endif
255256 { unsigned char a, b, c, d, e, f, g, h, t;
256257 unsigned int round;
257258 const unsigned char *key;
258259
259 LTC_ARGCHK(block_in != NULL);
260 LTC_ARGCHK(block_out != NULL);
260 LTC_ARGCHK(pt != NULL);
261 LTC_ARGCHK(ct != NULL);
261262 LTC_ARGCHK(skey != NULL);
262263
263264 key = skey->safer.key;
264 a = block_in[0]; b = block_in[1]; c = block_in[2]; d = block_in[3];
265 e = block_in[4]; f = block_in[5]; g = block_in[6]; h = block_in[7];
265 a = pt[0]; b = pt[1]; c = pt[2]; d = pt[3];
266 e = pt[4]; f = pt[5]; g = pt[6]; h = pt[7];
266267 if (LTC_SAFER_MAX_NOF_ROUNDS < (round = *key)) round = LTC_SAFER_MAX_NOF_ROUNDS;
267268 while(round-- > 0)
268269 {
279280 }
280281 a ^= *++key; b += *++key; c += *++key; d ^= *++key;
281282 e ^= *++key; f += *++key; g += *++key; h ^= *++key;
282 block_out[0] = a & 0xFF; block_out[1] = b & 0xFF;
283 block_out[2] = c & 0xFF; block_out[3] = d & 0xFF;
284 block_out[4] = e & 0xFF; block_out[5] = f & 0xFF;
285 block_out[6] = g & 0xFF; block_out[7] = h & 0xFF;
283 ct[0] = a & 0xFF; ct[1] = b & 0xFF;
284 ct[2] = c & 0xFF; ct[3] = d & 0xFF;
285 ct[4] = e & 0xFF; ct[5] = f & 0xFF;
286 ct[6] = g & 0xFF; ct[7] = h & 0xFF;
286287 return CRYPT_OK;
287288 }
288289
289290 #ifdef LTC_CLEAN_STACK
290 int safer_ecb_encrypt(const unsigned char *block_in,
291 unsigned char *block_out,
292 const symmetric_key *skey)
293 {
294 int err = _safer_ecb_encrypt(block_in, block_out, skey);
291 int safer_ecb_encrypt(const unsigned char *pt,
292 unsigned char *ct,
293 const symmetric_key *skey)
294 {
295 int err = _safer_ecb_encrypt(pt, ct, skey);
295296 burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *));
296297 return err;
297298 }
298299 #endif
299300
300301 #ifdef LTC_CLEAN_STACK
301 static int _safer_ecb_decrypt(const unsigned char *block_in,
302 unsigned char *block_out,
302 static int _safer_ecb_decrypt(const unsigned char *ct,
303 unsigned char *pt,
303304 const symmetric_key *skey)
304305 #else
305 int safer_ecb_decrypt(const unsigned char *block_in,
306 unsigned char *block_out,
306 int safer_ecb_decrypt(const unsigned char *ct,
307 unsigned char *pt,
307308 const symmetric_key *skey)
308309 #endif
309310 { unsigned char a, b, c, d, e, f, g, h, t;
310311 unsigned int round;
311312 const unsigned char *key;
312313
313 LTC_ARGCHK(block_in != NULL);
314 LTC_ARGCHK(block_out != NULL);
314 LTC_ARGCHK(ct != NULL);
315 LTC_ARGCHK(pt != NULL);
315316 LTC_ARGCHK(skey != NULL);
316317
317318 key = skey->safer.key;
318 a = block_in[0]; b = block_in[1]; c = block_in[2]; d = block_in[3];
319 e = block_in[4]; f = block_in[5]; g = block_in[6]; h = block_in[7];
319 a = ct[0]; b = ct[1]; c = ct[2]; d = ct[3];
320 e = ct[4]; f = ct[5]; g = ct[6]; h = ct[7];
320321 if (LTC_SAFER_MAX_NOF_ROUNDS < (round = *key)) round = LTC_SAFER_MAX_NOF_ROUNDS;
321322 key += LTC_SAFER_BLOCK_LEN * (1 + 2 * round);
322323 h ^= *key; g -= *--key; f -= *--key; e ^= *--key;
334335 d = LOG(d) ^ *--key; c = EXP(c) - *--key;
335336 b = EXP(b) - *--key; a = LOG(a) ^ *--key;
336337 }
337 block_out[0] = a & 0xFF; block_out[1] = b & 0xFF;
338 block_out[2] = c & 0xFF; block_out[3] = d & 0xFF;
339 block_out[4] = e & 0xFF; block_out[5] = f & 0xFF;
340 block_out[6] = g & 0xFF; block_out[7] = h & 0xFF;
338 pt[0] = a & 0xFF; pt[1] = b & 0xFF;
339 pt[2] = c & 0xFF; pt[3] = d & 0xFF;
340 pt[4] = e & 0xFF; pt[5] = f & 0xFF;
341 pt[6] = g & 0xFF; pt[7] = h & 0xFF;
341342 return CRYPT_OK;
342343 }
343344
344345 #ifdef LTC_CLEAN_STACK
345 int safer_ecb_decrypt(const unsigned char *block_in,
346 unsigned char *block_out,
347 const symmetric_key *skey)
348 {
349 int err = _safer_ecb_decrypt(block_in, block_out, skey);
346 int safer_ecb_decrypt(const unsigned char *ct,
347 unsigned char *pt,
348 const symmetric_key *skey)
349 {
350 int err = _safer_ecb_decrypt(ct, pt, skey);
350351 burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *));
351352 return err;
352353 }
357358 LTC_ARGCHK(keysize != NULL);
358359 if (*keysize < 8) {
359360 return CRYPT_INVALID_KEYSIZE;
360 } else {
361 *keysize = 8;
362 return CRYPT_OK;
363 }
361 }
362 *keysize = 8;
363 return CRYPT_OK;
364364 }
365365
366366 int safer_128_keysize(int *keysize)
368368 LTC_ARGCHK(keysize != NULL);
369369 if (*keysize < 16) {
370370 return CRYPT_INVALID_KEYSIZE;
371 } else {
372 *keysize = 16;
373 return CRYPT_OK;
374 }
371 }
372 *keysize = 16;
373 return CRYPT_OK;
375374 }
376375
377376 int safer_k64_test(void)
546546 {
547547 LTC_ARGCHK(keysize != NULL);
548548
549 if (*keysize < 16)
549 if (*keysize < 16) {
550550 return CRYPT_INVALID_KEYSIZE;
551 }
551552 if (*keysize < 24) {
552553 *keysize = 16;
553554 } else if (*keysize < 32) {
329329 LTC_ARGCHK(keysize != NULL);
330330 if (*keysize < 10) {
331331 return CRYPT_INVALID_KEYSIZE;
332 } else if (*keysize > 10) {
332 }
333 if (*keysize > 10) {
333334 *keysize = 10;
334335 }
335336 return CRYPT_OK;
688688 int twofish_keysize(int *keysize)
689689 {
690690 LTC_ARGCHK(keysize);
691 if (*keysize < 16)
691 if (*keysize < 16) {
692692 return CRYPT_INVALID_KEYSIZE;
693 }
693694 if (*keysize < 24) {
694695 *keysize = 16;
695696 return CRYPT_OK;
696 } else if (*keysize < 32) {
697 }
698 if (*keysize < 32) {
697699 *keysize = 24;
698700 return CRYPT_OK;
699 } else {
700 *keysize = 32;
701 return CRYPT_OK;
702 }
703 }
704
705 #endif
706
707
701 }
702 *keysize = 32;
703 return CRYPT_OK;
704 }
705
706 #endif
708707
709708
710709 /* ref: $Format:%D$ */
6565 /* Checksum_* = Checksum_m xor (P_* || 1 || zeros(127-bitlen(P_*))) */
6666 ocb3_int_xor_blocks(ocb->checksum, ocb->checksum, pt+full_blocks_len, last_block_len);
6767 for(x=last_block_len; x<ocb->block_len; x++) {
68 if (x == last_block_len)
68 if (x == last_block_len) {
6969 ocb->checksum[x] ^= 0x80;
70 else
70 } else {
7171 ocb->checksum[x] ^= 0x00;
72 }
7273 }
7374
7475 /* Tag = ENCIPHER(K, Checksum_* xor Offset_* xor L_$) xor HASH(K,A) */
6767 /* Checksum_* = Checksum_m xor (P_* || 1 || zeros(127-bitlen(P_*))) */
6868 ocb3_int_xor_blocks(ocb->checksum, ocb->checksum, pt+full_blocks_len, last_block_len);
6969 for(x=last_block_len; x<ocb->block_len; x++) {
70 if (x == last_block_len)
70 if (x == last_block_len) {
7171 ocb->checksum[x] ^= 0x80;
72 else
72 } else {
7373 ocb->checksum[x] ^= 0x00;
74 }
7475 }
7576
7677 /* Tag = ENCIPHER(K, Checksum_* xor Offset_* xor L_$) xor HASH(K,A) */
8182 if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(ocb->tag_part, ocb->tag_part, &ocb->key)) != CRYPT_OK) {
8283 goto LBL_ERR;
8384 }
84 }
85 else {
85 } else {
8686 /* Tag = ENCIPHER(K, Checksum_m xor Offset_m xor L_$) xor HASH(K,A) */
8787 /* at this point we calculate only: Tag_part = ENCIPHER(K, Checksum_m xor Offset_m xor L_$) */
8888 for(x=0; x<ocb->block_len; x++) {
159159
160160 static void blake2b_set_lastblock(hash_state *md)
161161 {
162 if (md->blake2b.last_node)
162 if (md->blake2b.last_node) {
163163 blake2b_set_lastnode(md);
164
164 }
165165 md->blake2b.f[0] = CONST64(0xffffffffffffffff);
166166 }
167167
176176 unsigned long i;
177177 XMEMSET(&md->blake2b, 0, sizeof(md->blake2b));
178178
179 for (i = 0; i < 8; ++i)
179 for (i = 0; i < 8; ++i) {
180180 md->blake2b.h[i] = blake2b_IV[i];
181 }
181182 }
182183
183184 /* init xors IV with input parameter block */
218219
219220 LTC_ARGCHK(md != NULL);
220221
221 if ((!outlen) || (outlen > BLAKE2B_OUTBYTES))
222 if ((!outlen) || (outlen > BLAKE2B_OUTBYTES)) {
222223 return CRYPT_INVALID_ARG;
223
224 if ((key && !keylen) || (keylen && !key) || (keylen > BLAKE2B_KEYBYTES))
224 }
225 if ((key && !keylen) || (keylen && !key) || (keylen > BLAKE2B_KEYBYTES)) {
225226 return CRYPT_INVALID_ARG;
227 }
226228
227229 XMEMSET(P, 0, sizeof(P));
228230
415417
416418 /* if(md->blakebs.outlen != outlen) return CRYPT_INVALID_ARG; */
417419
418 if (blake2b_is_lastblock(md))
420 if (blake2b_is_lastblock(md)) {
419421 return CRYPT_ERROR;
422 }
420423
421424 blake2b_increment_counter(md, md->blake2b.curlen);
422425 blake2b_set_lastblock(md);
423426 XMEMSET(md->blake2b.buf + md->blake2b.curlen, 0, BLAKE2B_BLOCKBYTES - md->blake2b.curlen); /* Padding */
424427 blake2b_compress(md, md->blake2b.buf);
425428
426 for (i = 0; i < 8; ++i) /* Output full hash to temp buffer */
429 for (i = 0; i < 8; ++i) { /* Output full hash to temp buffer */
427430 STORE64L(md->blake2b.h[i], buffer + i * 8);
431 }
428432
429433 XMEMCPY(out, buffer, md->blake2b.outlen);
430434 zeromem(md, sizeof(hash_state));
151151
152152 static void blake2s_set_lastblock(hash_state *md)
153153 {
154 if (md->blake2s.last_node)
154 if (md->blake2s.last_node) {
155155 blake2s_set_lastnode(md);
156
156 }
157157 md->blake2s.f[0] = 0xffffffffUL;
158158 }
159159
168168 int i;
169169 XMEMSET(&md->blake2s, 0, sizeof(struct blake2s_state));
170170
171 for (i = 0; i < 8; ++i)
171 for (i = 0; i < 8; ++i) {
172172 md->blake2s.h[i] = blake2s_IV[i];
173 }
173174
174175 return CRYPT_OK;
175176 }
212213
213214 LTC_ARGCHK(md != NULL);
214215
215 if ((!outlen) || (outlen > BLAKE2S_OUTBYTES))
216 if ((!outlen) || (outlen > BLAKE2S_OUTBYTES)) {
216217 return CRYPT_INVALID_ARG;
217
218 if ((key && !keylen) || (keylen && !key) || (keylen > BLAKE2S_KEYBYTES))
218 }
219 if ((key && !keylen) || (keylen && !key) || (keylen > BLAKE2S_KEYBYTES)) {
219220 return CRYPT_INVALID_ARG;
221 }
220222
221223 XMEMSET(P, 0, sizeof(P));
222224
307309 LOAD32L(m[i], buf + i * sizeof(m[i]));
308310 }
309311
310 for (i = 0; i < 8; ++i)
312 for (i = 0; i < 8; ++i) {
311313 v[i] = md->blake2s.h[i];
314 }
312315
313316 v[8] = blake2s_IV[0];
314317 v[9] = blake2s_IV[1];
330333 ROUND(8);
331334 ROUND(9);
332335
333 for (i = 0; i < 8; ++i)
336 for (i = 0; i < 8; ++i) {
334337 md->blake2s.h[i] = md->blake2s.h[i] ^ v[i] ^ v[i + 8];
335
338 }
336339 return CRYPT_OK;
337340 }
338341 #undef G
403406
404407 /* if(md->blake2s.outlen != outlen) return CRYPT_INVALID_ARG; */
405408
406 if (blake2s_is_lastblock(md))
409 if (blake2s_is_lastblock(md)) {
407410 return CRYPT_ERROR;
408
411 }
409412 blake2s_increment_counter(md, md->blake2s.curlen);
410413 blake2s_set_lastblock(md);
411414 XMEMSET(md->blake2s.buf + md->blake2s.curlen, 0, BLAKE2S_BLOCKBYTES - md->blake2s.curlen); /* Padding */
412415 blake2s_compress(md, md->blake2s.buf);
413416
414 for (i = 0; i < 8; ++i) /* Output full hash to temp buffer */
417 for (i = 0; i < 8; ++i) { /* Output full hash to temp buffer */
415418 STORE32L(md->blake2s.h[i], buffer + i * 4);
419 }
416420
417421 XMEMCPY(out, buffer, md->blake2s.outlen);
418422 zeromem(md, sizeof(hash_state));
159159 @param len The length of the data (octets)
160160 @return CRYPT_OK if successful
161161 */
162 static int _chc_process(hash_state * md, const unsigned char *buf, unsigned long len);
162 static int _chc_process(hash_state * md, const unsigned char *in, unsigned long inlen);
163163 static HASH_PROCESS(_chc_process, chc_compress, chc, (unsigned long)cipher_blocksize)
164164
165165 /**
166166
167167 for(round = 0; round < SHA3_KECCAK_ROUNDS; round++) {
168168 /* Theta */
169 for(i = 0; i < 5; i++)
169 for(i = 0; i < 5; i++) {
170170 bc[i] = s[i] ^ s[i + 5] ^ s[i + 10] ^ s[i + 15] ^ s[i + 20];
171
171 }
172172 for(i = 0; i < 5; i++) {
173173 t = bc[(i + 4) % 5] ^ ROL64(bc[(i + 1) % 5], 1);
174 for(j = 0; j < 25; j += 5)
174 for(j = 0; j < 25; j += 5) {
175175 s[j + i] ^= t;
176 }
176177 }
177178 /* Rho Pi */
178179 t = s[1];
184185 }
185186 /* Chi */
186187 for(j = 0; j < 25; j += 5) {
187 for(i = 0; i < 5; i++)
188 for(i = 0; i < 5; i++) {
188189 bc[i] = s[j + i];
189 for(i = 0; i < 5; i++)
190 }
191 for(i = 0; i < 5; i++) {
190192 s[j + i] ^= (~bc[(i + 1) % 5]) & bc[(i + 2) % 5];
193 }
191194 }
192195 /* Iota */
193196 s[0] ^= keccakf_rndc[round];
312315 }
313316
314317 #ifdef LTC_SHA3
315 int sha3_done(hash_state *md, unsigned char *hash)
316 {
317 return _done(md, hash, CONST64(0x06));
318 int sha3_done(hash_state *md, unsigned char *out)
319 {
320 return _done(md, out, CONST64(0x06));
318321 }
319322 #endif
320323
321324 #ifdef LTC_KECCAK
322 int keccak_done(hash_state *md, unsigned char *hash)
323 {
324 return _done(md, hash, CONST64(0x01));
325 int keccak_done(hash_state *md, unsigned char *out)
326 {
327 return _done(md, out, CONST64(0x01));
325328 }
326329 #endif
327330
2626
2727 /* version */
2828 #define CRYPT 0x0118
29 #define SCRYPT "1.18.1-develop"
29 #define SCRYPT "1.18.2-develop"
3030
3131 /* max size of either a cipher/hash block or symmetric key [largest of the two] */
3232 #define MAXBLOCKSIZE 144
3333
34 #ifndef TAB_SIZE
3435 /* descriptor table size */
3536 #define TAB_SIZE 34
37 #endif
3638
3739 /* error codes [will be expanded in future releases] */
3840 enum {
672672 int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
673673 int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
674674 int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
675 int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *key);
676 int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *key);
675 int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
676 int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey);
677677 int safer_k64_test(void);
678678 int safer_sk64_test(void);
679679 int safer_sk128_test(void);
10561056
10571057 int sosemanuk_setup(sosemanuk_state *ss, const unsigned char *key, unsigned long keylen);
10581058 int sosemanuk_setiv(sosemanuk_state *ss, const unsigned char *iv, unsigned long ivlen);
1059 int sosemanuk_crypt(sosemanuk_state *ss, const unsigned char *in, unsigned long datalen, unsigned char *out);
1059 int sosemanuk_crypt(sosemanuk_state *ss, const unsigned char *in, unsigned long inlen, unsigned char *out);
10601060 int sosemanuk_keystream(sosemanuk_state *ss, unsigned char *out, unsigned long outlen);
10611061 int sosemanuk_done(sosemanuk_state *ss);
10621062 int sosemanuk_test(void);
416416 #define LTC_DH1536
417417 #define LTC_DH2048
418418
419 #ifndef TFM_DESC
419 #if defined(LTM_DESC) || defined(GMP_DESC)
420420 /* tfm has a problem in fp_isprime for larger key sizes */
421421 #define LTC_DH3072
422422 #define LTC_DH4096
462462
463463 #define LTC_PKCS_1
464464 #define LTC_PKCS_5
465 #define LTC_PKCS_12
465466
466467 /* Include ASN.1 DER (required by DSA/RSA) */
467468 #define LTC_DER
249249 int chc_register(int cipher);
250250 int chc_init(hash_state * md);
251251 int chc_process(hash_state * md, const unsigned char *in, unsigned long inlen);
252 int chc_done(hash_state * md, unsigned char *hash);
252 int chc_done(hash_state * md, unsigned char *out);
253253 int chc_test(void);
254254 extern const struct ltc_hash_descriptor chc_desc;
255255 #endif
257257 #ifdef LTC_WHIRLPOOL
258258 int whirlpool_init(hash_state * md);
259259 int whirlpool_process(hash_state * md, const unsigned char *in, unsigned long inlen);
260 int whirlpool_done(hash_state * md, unsigned char *hash);
260 int whirlpool_done(hash_state * md, unsigned char *out);
261261 int whirlpool_test(void);
262262 extern const struct ltc_hash_descriptor whirlpool_desc;
263263 #endif
281281 extern const struct ltc_hash_descriptor sha3_256_desc;
282282 int sha3_224_test(void);
283283 extern const struct ltc_hash_descriptor sha3_224_desc;
284 int sha3_done(hash_state *md, unsigned char *hash);
284 int sha3_done(hash_state *md, unsigned char *out);
285285 /* SHAKE128 + SHAKE256 */
286286 int sha3_shake_init(hash_state *md, int num);
287287 #define sha3_shake_process(a,b,c) sha3_process(a,b,c)
304304 int keccak_256_test(void);
305305 extern const struct ltc_hash_descriptor keccak_224_desc;
306306 int keccak_224_test(void);
307 int keccak_done(hash_state *md, unsigned char *hash);
307 int keccak_done(hash_state *md, unsigned char *out);
308308 #endif
309309
310310 #ifdef LTC_SHA512
311311 int sha512_init(hash_state * md);
312312 int sha512_process(hash_state * md, const unsigned char *in, unsigned long inlen);
313 int sha512_done(hash_state * md, unsigned char *hash);
313 int sha512_done(hash_state * md, unsigned char *out);
314314 int sha512_test(void);
315315 extern const struct ltc_hash_descriptor sha512_desc;
316316 #endif
321321 #endif
322322 int sha384_init(hash_state * md);
323323 #define sha384_process sha512_process
324 int sha384_done(hash_state * md, unsigned char *hash);
324 int sha384_done(hash_state * md, unsigned char *out);
325325 int sha384_test(void);
326326 extern const struct ltc_hash_descriptor sha384_desc;
327327 #endif
332332 #endif
333333 int sha512_256_init(hash_state * md);
334334 #define sha512_256_process sha512_process
335 int sha512_256_done(hash_state * md, unsigned char *hash);
335 int sha512_256_done(hash_state * md, unsigned char *out);
336336 int sha512_256_test(void);
337337 extern const struct ltc_hash_descriptor sha512_256_desc;
338338 #endif
343343 #endif
344344 int sha512_224_init(hash_state * md);
345345 #define sha512_224_process sha512_process
346 int sha512_224_done(hash_state * md, unsigned char *hash);
346 int sha512_224_done(hash_state * md, unsigned char *out);
347347 int sha512_224_test(void);
348348 extern const struct ltc_hash_descriptor sha512_224_desc;
349349 #endif
351351 #ifdef LTC_SHA256
352352 int sha256_init(hash_state * md);
353353 int sha256_process(hash_state * md, const unsigned char *in, unsigned long inlen);
354 int sha256_done(hash_state * md, unsigned char *hash);
354 int sha256_done(hash_state * md, unsigned char *out);
355355 int sha256_test(void);
356356 extern const struct ltc_hash_descriptor sha256_desc;
357357
361361 #endif
362362 int sha224_init(hash_state * md);
363363 #define sha224_process sha256_process
364 int sha224_done(hash_state * md, unsigned char *hash);
364 int sha224_done(hash_state * md, unsigned char *out);
365365 int sha224_test(void);
366366 extern const struct ltc_hash_descriptor sha224_desc;
367367 #endif
370370 #ifdef LTC_SHA1
371371 int sha1_init(hash_state * md);
372372 int sha1_process(hash_state * md, const unsigned char *in, unsigned long inlen);
373 int sha1_done(hash_state * md, unsigned char *hash);
373 int sha1_done(hash_state * md, unsigned char *out);
374374 int sha1_test(void);
375375 extern const struct ltc_hash_descriptor sha1_desc;
376376 #endif
394394
395395 int blake2s_init(hash_state * md, unsigned long outlen, const unsigned char *key, unsigned long keylen);
396396 int blake2s_process(hash_state * md, const unsigned char *in, unsigned long inlen);
397 int blake2s_done(hash_state * md, unsigned char *hash);
397 int blake2s_done(hash_state * md, unsigned char *out);
398398 #endif
399399
400400 #ifdef LTC_BLAKE2B
416416
417417 int blake2b_init(hash_state * md, unsigned long outlen, const unsigned char *key, unsigned long keylen);
418418 int blake2b_process(hash_state * md, const unsigned char *in, unsigned long inlen);
419 int blake2b_done(hash_state * md, unsigned char *hash);
419 int blake2b_done(hash_state * md, unsigned char *out);
420420 #endif
421421
422422 #ifdef LTC_MD5
423423 int md5_init(hash_state * md);
424424 int md5_process(hash_state * md, const unsigned char *in, unsigned long inlen);
425 int md5_done(hash_state * md, unsigned char *hash);
425 int md5_done(hash_state * md, unsigned char *out);
426426 int md5_test(void);
427427 extern const struct ltc_hash_descriptor md5_desc;
428428 #endif
430430 #ifdef LTC_MD4
431431 int md4_init(hash_state * md);
432432 int md4_process(hash_state * md, const unsigned char *in, unsigned long inlen);
433 int md4_done(hash_state * md, unsigned char *hash);
433 int md4_done(hash_state * md, unsigned char *out);
434434 int md4_test(void);
435435 extern const struct ltc_hash_descriptor md4_desc;
436436 #endif
438438 #ifdef LTC_MD2
439439 int md2_init(hash_state * md);
440440 int md2_process(hash_state * md, const unsigned char *in, unsigned long inlen);
441 int md2_done(hash_state * md, unsigned char *hash);
441 int md2_done(hash_state * md, unsigned char *out);
442442 int md2_test(void);
443443 extern const struct ltc_hash_descriptor md2_desc;
444444 #endif
446446 #ifdef LTC_TIGER
447447 int tiger_init(hash_state * md);
448448 int tiger_process(hash_state * md, const unsigned char *in, unsigned long inlen);
449 int tiger_done(hash_state * md, unsigned char *hash);
449 int tiger_done(hash_state * md, unsigned char *out);
450450 int tiger_test(void);
451451 extern const struct ltc_hash_descriptor tiger_desc;
452452 #endif
454454 #ifdef LTC_RIPEMD128
455455 int rmd128_init(hash_state * md);
456456 int rmd128_process(hash_state * md, const unsigned char *in, unsigned long inlen);
457 int rmd128_done(hash_state * md, unsigned char *hash);
457 int rmd128_done(hash_state * md, unsigned char *out);
458458 int rmd128_test(void);
459459 extern const struct ltc_hash_descriptor rmd128_desc;
460460 #endif
462462 #ifdef LTC_RIPEMD160
463463 int rmd160_init(hash_state * md);
464464 int rmd160_process(hash_state * md, const unsigned char *in, unsigned long inlen);
465 int rmd160_done(hash_state * md, unsigned char *hash);
465 int rmd160_done(hash_state * md, unsigned char *out);
466466 int rmd160_test(void);
467467 extern const struct ltc_hash_descriptor rmd160_desc;
468468 #endif
470470 #ifdef LTC_RIPEMD256
471471 int rmd256_init(hash_state * md);
472472 int rmd256_process(hash_state * md, const unsigned char *in, unsigned long inlen);
473 int rmd256_done(hash_state * md, unsigned char *hash);
473 int rmd256_done(hash_state * md, unsigned char *out);
474474 int rmd256_test(void);
475475 extern const struct ltc_hash_descriptor rmd256_desc;
476476 #endif
478478 #ifdef LTC_RIPEMD320
479479 int rmd320_init(hash_state * md);
480480 int rmd320_process(hash_state * md, const unsigned char *in, unsigned long inlen);
481 int rmd320_done(hash_state * md, unsigned char *hash);
481 int rmd320_done(hash_state * md, unsigned char *out);
482482 int rmd320_test(void);
483483 extern const struct ltc_hash_descriptor rmd320_desc;
484484 #endif
2828 const unsigned char *in, unsigned long inlen, ...);
2929 int hmac_file(int hash, const char *fname, const unsigned char *key,
3030 unsigned long keylen,
31 unsigned char *dst, unsigned long *dstlen);
31 unsigned char *out, unsigned long *outlen);
3232 #endif
3333
3434 #ifdef LTC_OMAC
8383
8484 int pmac_memory(int cipher,
8585 const unsigned char *key, unsigned long keylen,
86 const unsigned char *msg, unsigned long msglen,
86 const unsigned char *in, unsigned long inlen,
8787 unsigned char *out, unsigned long *outlen);
8888
8989 int pmac_memory_multi(int cipher,
229229 const unsigned char *in, unsigned long inlen, ...);
230230 int f9_file(int cipher,
231231 const unsigned char *key, unsigned long keylen,
232 const char *filename,
232 const char *fname,
233233 unsigned char *out, unsigned long *outlen);
234234 int f9_test(void);
235235
418418 } ccm_state;
419419
420420 int ccm_init(ccm_state *ccm, int cipher,
421 const unsigned char *key, int keylen, int ptlen, int taglen, int aad_len);
421 const unsigned char *key, int keylen, int ptlen, int taglen, int aadlen);
422422
423423 int ccm_reset(ccm_state *ccm);
424424
88
99 /* ---- LTC_BASE64 Routines ---- */
1010 #ifdef LTC_BASE64
11 int base64_encode(const unsigned char *in, unsigned long len,
11 int base64_encode(const unsigned char *in, unsigned long inlen,
1212 char *out, unsigned long *outlen);
1313
14 int base64_decode(const char *in, unsigned long len,
14 int base64_decode(const char *in, unsigned long inlen,
1515 unsigned char *out, unsigned long *outlen);
16 int base64_strict_decode(const char *in, unsigned long len,
16 int base64_strict_decode(const char *in, unsigned long inlen,
1717 unsigned char *out, unsigned long *outlen);
1818 int base64_sane_decode(const char *in, unsigned long inlen,
1919 unsigned char *out, unsigned long *outlen);
2020 #endif
2121
2222 #ifdef LTC_BASE64_URL
23 int base64url_encode(const unsigned char *in, unsigned long len,
23 int base64url_encode(const unsigned char *in, unsigned long inlen,
2424 char *out, unsigned long *outlen);
2525 int base64url_strict_encode(const unsigned char *in, unsigned long inlen,
2626 char *out, unsigned long *outlen);
2727
28 int base64url_decode(const char *in, unsigned long len,
28 int base64url_decode(const char *in, unsigned long inlen,
2929 unsigned char *out, unsigned long *outlen);
30 int base64url_strict_decode(const char *in, unsigned long len,
30 int base64url_strict_decode(const char *in, unsigned long inlen,
3131 unsigned char *out, unsigned long *outlen);
3232 int base64url_sane_decode(const char *in, unsigned long inlen,
3333 unsigned char *out, unsigned long *outlen);
8383
8484 /* ---- MEM routines ---- */
8585 int mem_neq(const void *a, const void *b, size_t len);
86 void zeromem(volatile void *dst, size_t len);
86 void zeromem(volatile void *out, size_t outlen);
8787 void burn_stack(unsigned long len);
8888
8989 const char *error_to_string(int err);
250250 void ecc_sizes(int *low, int *high);
251251 int ecc_get_size(const ecc_key *key);
252252
253 int ecc_get_curve(const char* name_or_oid, const ltc_ecc_curve** cu);
254 int ecc_set_dp(const ltc_ecc_curve *cu, ecc_key *key);
253 int ecc_find_curve(const char* name_or_oid, const ltc_ecc_curve** cu);
254 int ecc_set_curve(const ltc_ecc_curve *cu, ecc_key *key);
255255 int ecc_generate_key(prng_state *prng, int wprng, ecc_key *key);
256256 int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key *key);
257257 int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key);
572572 /* INTEGER */
573573 int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen);
574574 int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num);
575 int der_length_integer(void *num, unsigned long *len);
575 int der_length_integer(void *num, unsigned long *outlen);
576576
577577 /* INTEGER -- handy for 0..2^32-1 values */
578578 int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsigned long *num);
102102 int pkcs_5_test (void);
103103 #endif /* LTC_PKCS_5 */
104104
105
105106 /* ref: $Format:%D$ */
106107 /* git commit: $Format:%H$ */
107108 /* commit time: $Format:%ai$ */
191191
192192 /* ---- ECC Routines ---- */
193193 #ifdef LTC_MECC
194 int ecc_set_dp_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key);
195 int ecc_copy_dp(const ecc_key *srckey, ecc_key *key);
196 int ecc_set_dp_by_size(int size, ecc_key *key);
194 int ecc_set_curve_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key);
195 int ecc_copy_curve(const ecc_key *srckey, ecc_key *key);
196 int ecc_set_curve_by_size(int size, ecc_key *key);
197197 int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long inlen, ecc_key *key);
198198
199199 /* low level functions */
274274 int der_length_asn1_identifier(const ltc_asn1_list *id, unsigned long *idlen);
275275
276276 int der_encode_asn1_length(unsigned long len, unsigned char* out, unsigned long* outlen);
277 int der_decode_asn1_length(const unsigned char* len, unsigned long* lenlen, unsigned long* outlen);
277 int der_decode_asn1_length(const unsigned char *in, unsigned long *inlen, unsigned long *outlen);
278278 int der_length_asn1_length(unsigned long len, unsigned long *outlen);
279279
280280 int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen,
303303 ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len);
304304
305305 #endif /* LTC_DER */
306
307 /* tomcrypt_pkcs.h */
308
309 #ifdef LTC_PKCS_12
310
311 int pkcs12_utf8_to_utf16(const unsigned char *in, unsigned long inlen,
312 unsigned char *out, unsigned long *outlen);
313
314 int pkcs12_kdf( int hash_id,
315 const unsigned char *pw, unsigned long pwlen,
316 const unsigned char *salt, unsigned long saltlen,
317 unsigned int iterations, unsigned char purpose,
318 unsigned char *out, unsigned long outlen);
319
320 #endif /* LTC_PKCS_12 */
306321
307322 /* tomcrypt_prng.h */
308323
1414
1515 #ifdef LTC_PMAC
1616
17 int pmac_done(pmac_state *state, unsigned char *out, unsigned long *outlen)
17 int pmac_done(pmac_state *pmac, unsigned char *out, unsigned long *outlen)
1818 {
1919 int err, x;
2020
21 LTC_ARGCHK(state != NULL);
22 LTC_ARGCHK(out != NULL);
23 if ((err = cipher_is_valid(state->cipher_idx)) != CRYPT_OK) {
21 LTC_ARGCHK(pmac != NULL);
22 LTC_ARGCHK(out != NULL);
23 if ((err = cipher_is_valid(pmac->cipher_idx)) != CRYPT_OK) {
2424 return err;
2525 }
2626
27 if ((state->buflen > (int)sizeof(state->block)) || (state->buflen < 0) ||
28 (state->block_len > (int)sizeof(state->block)) || (state->buflen > state->block_len)) {
27 if ((pmac->buflen > (int)sizeof(pmac->block)) || (pmac->buflen < 0) ||
28 (pmac->block_len > (int)sizeof(pmac->block)) || (pmac->buflen > pmac->block_len)) {
2929 return CRYPT_INVALID_ARG;
3030 }
3131
3232
3333 /* handle padding. If multiple xor in L/x */
3434
35 if (state->buflen == state->block_len) {
35 if (pmac->buflen == pmac->block_len) {
3636 /* xor Lr against the checksum */
37 for (x = 0; x < state->block_len; x++) {
38 state->checksum[x] ^= state->block[x] ^ state->Lr[x];
37 for (x = 0; x < pmac->block_len; x++) {
38 pmac->checksum[x] ^= pmac->block[x] ^ pmac->Lr[x];
3939 }
4040 } else {
4141 /* otherwise xor message bytes then the 0x80 byte */
42 for (x = 0; x < state->buflen; x++) {
43 state->checksum[x] ^= state->block[x];
42 for (x = 0; x < pmac->buflen; x++) {
43 pmac->checksum[x] ^= pmac->block[x];
4444 }
45 state->checksum[x] ^= 0x80;
45 pmac->checksum[x] ^= 0x80;
4646 }
4747
4848 /* encrypt it */
49 if ((err = cipher_descriptor[state->cipher_idx].ecb_encrypt(state->checksum, state->checksum, &state->key)) != CRYPT_OK) {
49 if ((err = cipher_descriptor[pmac->cipher_idx].ecb_encrypt(pmac->checksum, pmac->checksum, &pmac->key)) != CRYPT_OK) {
5050 return err;
5151 }
52 cipher_descriptor[state->cipher_idx].done(&state->key);
52 cipher_descriptor[pmac->cipher_idx].done(&pmac->key);
5353
5454 /* store it */
55 for (x = 0; x < state->block_len && x < (int)*outlen; x++) {
56 out[x] = state->checksum[x];
55 for (x = 0; x < pmac->block_len && x < (int)*outlen; x++) {
56 out[x] = pmac->checksum[x];
5757 }
5858 *outlen = x;
5959
6060 #ifdef LTC_CLEAN_STACK
61 zeromem(state, sizeof(*state));
61 zeromem(pmac, sizeof(*pmac));
6262 #endif
6363 return CRYPT_OK;
6464 }
4040 length--;
4141 } while (length % 8 != 0);
4242
43 if (s1 >= _adler32_base)
43 if (s1 >= _adler32_base) {
4444 s1 -= _adler32_base;
45 }
4546 s2 %= _adler32_base;
4647 }
4748
6667 length -= 8;
6768 input += 8;
6869
69 if (s1 >= _adler32_base)
70 if (s1 >= _adler32_base) {
7071 s1 -= _adler32_base;
72 }
7173 s2 %= _adler32_base;
7274 }
7375
5151 x--;
5252 *outlen = x; /* returning the length without terminating NUL */
5353
54 if (options == 0) alphabet = alphabets[0];
55 else alphabet = alphabets[1];
54 if (options == 0) {
55 alphabet = alphabets[0];
56 } else {
57 alphabet = alphabets[1];
58 }
5659
5760 for (i = 0; i < x; i += 2) {
5861 out[i] = alphabet[(in[i/2] >> 4) & 0x0f];
103103 continue;
104104 }
105105 if (c == 253) {
106 if (mode == strict)
106 if (mode == strict) {
107107 return CRYPT_INVALID_PACKET;
108 else
109 continue; /* allow to ignore white-spaces (relaxed+insane) */
108 }
109 continue; /* allow to ignore white-spaces (relaxed+insane) */
110110 }
111111 if (c == 255) {
112 if (mode == insane)
112 if (mode == insane) {
113113 continue; /* allow to ignore invalid garbage (insane) */
114 else
115 return CRYPT_INVALID_PACKET;
114 }
115 return CRYPT_INVALID_PACKET;
116116 }
117117 if ((g > 0) && (mode != insane)) {
118118 /* we only allow '=' to be at the end (strict+relaxed) */
2020 {
2121 unsigned char buf[32];
2222 zeromem(buf, sizeof(buf));
23 if (len > (unsigned long)sizeof(buf))
23 if (len > (unsigned long)sizeof(buf)) {
2424 burn_stack(len - sizeof(buf));
25 }
2526 }
2627
2728
6262 int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which)
6363 {
6464 int res = 0;
65 if(is_len != should_len)
65 if(is_len != should_len) {
6666 res = is_len > should_len ? -1 : 1;
67 else
67 } else {
6868 res = XMEMCMP(is, should, is_len);
69
69 }
7070 #if defined(LTC_TEST) && defined(LTC_TEST_DBG)
7171 if (res != 0) {
7272 fprintf(stderr, "Testvector #%i of %s failed:\n", which, what);
152152 LTC_ARGCHKVD(input != NULL);
153153 crc = ctx->crc;
154154
155 while (length--)
155 while (length--) {
156156 crc = crc32_m_tab[CRC32_INDEX(crc) ^ *input++] ^ CRC32_SHIFTED(crc);
157 }
157158
158159 ctx->crc = crc;
159160 }
435435 #if defined(LTC_PKCS_5)
436436 " PKCS#5 "
437437 #endif
438 #if defined(LTC_PKCS_12)
439 " PKCS#12 "
440 #endif
438441 #if defined(LTC_PADDING)
439442 " PADDING "
440443 #endif
264264 /* calculate amount of memory required for the list */
265265 for (i=0; i<count; i++) {
266266 number_len = snprintf(NULL, 0, "%s,%d\n", _crypt_constants[i].name, _crypt_constants[i].value);
267 if (number_len < 0)
267 if (number_len < 0) {
268268 return -1;
269 }
269270 total_len += number_len;
270271 }
271272
325325 /* calculate amount of memory required for the list */
326326 for (i=0; i<count; i++) {
327327 number_len = snprintf(NULL, 0, "%s,%u\n", _crypt_sizes[i].name, _crypt_sizes[i].size);
328 if (number_len < 0)
328 if (number_len < 0) {
329329 return -1;
330 }
330331 total_len += number_len;
331332 /* this last +1 is for newlines (and ending NULL) */
332333 }
6767 {
6868 if (err < 0 || err >= (int)(sizeof(err_2_str)/sizeof(err_2_str[0]))) {
6969 return "Invalid error code.";
70 } else {
71 return err_2_str[err];
7270 }
71 return err_2_str[err];
7372 }
7473
7574
2929 valid results for HKDF. */
3030 if (salt == NULL || saltlen == 0) {
3131 return hmac_memory(hash_idx, (const unsigned char *)"", 1, in, inlen, out, outlen);
32 } else {
33 return hmac_memory(hash_idx, salt, saltlen, in, inlen, out, outlen);
3432 }
33 return hmac_memory(hash_idx, salt, saltlen, in, inlen, out, outlen);
3534 }
3635
3736 int hkdf_expand(int hash_idx, const unsigned char *info, unsigned long infolen,
5453 hashsize = hash_descriptor[hash_idx].hashsize;
5554
5655 /* RFC5869 parameter restrictions */
57 if (inlen < hashsize || outlen > hashsize * 255)
56 if (inlen < hashsize || outlen > hashsize * 255) {
5857 return CRYPT_INVALID_ARG;
59 if (info == NULL && infolen != 0)
58 }
59 if (info == NULL && infolen != 0) {
6060 return CRYPT_INVALID_ARG;
61 }
6162 LTC_ARGCHK(out != NULL);
6263
6364 Tlen = hashsize + infolen + 1;
8687 }
8788 outoff += Noutlen;
8889
89 if (outoff >= outlen) /* loop exit condition */
90 if (outoff >= outlen) { /* loop exit condition */
9091 break;
92 }
9193
9294 /* All subsequent HMAC data T(N) DOES include the previous hash value */
9395 XMEMCPY(T, out + hashsize * (N-1), hashsize);
9898 type = mode & LTC_PAD_MASK;
9999
100100 if (*padded_length < l) {
101 if (type != LTC_PAD_ISO_10126) *padded_length = l;
102 else *padded_length = length + 256;
101 if (type != LTC_PAD_ISO_10126) {
102 *padded_length = l;
103 } else {
104 *padded_length = length + 256;
105 }
103106 return CRYPT_BUFFER_OVERFLOW;
104107 }
105108
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8
9 #include "tomcrypt_private.h"
10
11 #ifdef LTC_PKCS_12
12
13 int pkcs12_kdf( int hash_id,
14 const unsigned char *pw, unsigned long pwlen,
15 const unsigned char *salt, unsigned long saltlen,
16 unsigned int iterations, unsigned char purpose,
17 unsigned char *out, unsigned long outlen)
18 {
19 unsigned long u = hash_descriptor[hash_id].hashsize;
20 unsigned long v = hash_descriptor[hash_id].blocksize;
21 unsigned long c = (outlen + u - 1) / u;
22 unsigned long Slen = ((saltlen + v - 1) / v) * v;
23 unsigned long Plen = ((pwlen + v - 1) / v) * v;
24 unsigned long k = (Plen + Slen) / v;
25 unsigned long Alen, keylen = 0;
26 unsigned int tmp, i, j, n;
27 unsigned char ch;
28 unsigned char D[MAXBLOCKSIZE], A[MAXBLOCKSIZE], B[MAXBLOCKSIZE];
29 unsigned char *I = NULL, *key = NULL;
30 int err = CRYPT_ERROR;
31
32 LTC_ARGCHK(pw != NULL);
33 LTC_ARGCHK(salt != NULL);
34 LTC_ARGCHK(out != NULL);
35
36 key = XMALLOC(u * c);
37 I = XMALLOC(Plen + Slen);
38 if (key == NULL || I == NULL) goto DONE;
39 zeromem(key, u * c);
40
41 for (i = 0; i < v; i++) D[i] = purpose; /* D - diversifier */
42 for (i = 0; i < Slen; i++) I[i] = salt[i % saltlen];
43 for (i = 0; i < Plen; i++) I[Slen + i] = pw[i % pwlen]; /* I = Salt || Pass */
44
45 for (i = 0; i < c; i++) {
46 Alen = sizeof(A);
47 err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, NULL); /* A = HASH(D || I) */
48 if (err != CRYPT_OK) goto DONE;
49 for (j = 1; j < iterations; j++) {
50 err = hash_memory(hash_id, A, Alen, A, &Alen); /* A = HASH(A) */
51 if (err != CRYPT_OK) goto DONE;
52 }
53 /* fill buffer B with A */
54 for (j = 0; j < v; j++) B[j] = A[j % Alen];
55 /* B += 1 */
56 for (j = v; j > 0; j--) {
57 if (++B[j - 1] != 0) break;
58 }
59 /* I_n += B */
60 for (n = 0; n < k; n++) {
61 ch = 0;
62 for (j = v; j > 0; j--) {
63 tmp = I[n * v + j - 1] + B[j - 1] + ch;
64 ch = (unsigned char)((tmp >> 8) & 0xFF);
65 I[n * v + j - 1] = (unsigned char)(tmp & 0xFF);
66 }
67 }
68 /* store derived key block */
69 XMEMCPY(&key[keylen], A, Alen);
70 keylen += Alen;
71 }
72
73 XMEMCPY(out, key, outlen);
74 err = CRYPT_OK;
75 DONE:
76 if (I) {
77 zeromem(I, Plen + Slen);
78 XFREE(I);
79 }
80 if (key) {
81 zeromem(key, u * c);
82 XFREE(key);
83 }
84 return err;
85 }
86
87 #endif
88
89 /* ref: $Format:%D$ */
90 /* git commit: $Format:%H$ */
91 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8
9 #include "tomcrypt_private.h"
10
11 #ifdef LTC_PKCS_12
12
13 int pkcs12_utf8_to_utf16(const unsigned char *in, unsigned long inlen,
14 unsigned char *out, unsigned long *outlen) {
15 unsigned long len = 0;
16 const unsigned char* in_end = in + inlen;
17 const ulong32 offset[6] = {
18 0x00000000UL, 0x00003080UL, 0x000E2080UL,
19 0x03C82080UL, 0xFA082080UL, 0x82082080UL
20 };
21 int err = CRYPT_ERROR;
22
23 LTC_ARGCHK(in != NULL);
24 LTC_ARGCHK(out != NULL);
25 LTC_ARGCHK(outlen != NULL);
26
27 while (in < in_end) {
28 ulong32 ch = 0;
29 unsigned short extra = 0; /* 0 */
30 if (*in >= 192) extra++; /* 1 */
31 if (*in >= 224) extra++; /* 2 */
32 if (*in >= 240) extra++; /* 3 */
33 if (*in >= 248) extra++; /* 4 */
34 if (*in >= 252) extra++; /* 5 */
35 if (in + extra >= in_end) goto ERROR;
36 switch (extra) {
37 case 5: ch += *in++; ch <<= 6;
38 /* FALLTHROUGH */
39 case 4: ch += *in++; ch <<= 6;
40 /* FALLTHROUGH */
41 case 3: ch += *in++; ch <<= 6;
42 /* FALLTHROUGH */
43 case 2: ch += *in++; ch <<= 6;
44 /* FALLTHROUGH */
45 case 1: ch += *in++; ch <<= 6;
46 /* FALLTHROUGH */
47 case 0: ch += *in++;
48 }
49 ch -= offset[extra];
50 if (ch > 0xFFFF) goto ERROR;
51 if (*outlen >= len + 2) {
52 out[len] = (unsigned short)((ch >> 8) & 0xFF);
53 out[len + 1] = (unsigned char)(ch & 0xFF);
54 }
55 len += 2;
56 }
57
58 err = len > *outlen ? CRYPT_BUFFER_OVERFLOW : CRYPT_OK;
59 *outlen = len;
60 ERROR:
61 return err;
62 }
63
64 #endif
65
66 /* ref: $Format:%D$ */
67 /* git commit: $Format:%H$ */
68 /* commit time: $Format:%ai$ */
108108 the output buffer (and how many bytes we have to copy) */
109109 outidx = block*hash_descriptor[hash_idx].hashsize;
110110 nb = hash_descriptor[hash_idx].hashsize;
111 if(outidx+nb > *outlen)
111 if(outidx+nb > *outlen) {
112112 nb = *outlen - outidx;
113 if(nb > 0)
113 }
114 if(nb > 0) {
114115 XMEMCPY(out+outidx, buf, nb);
116 }
115117
116118 block++;
117 if (!openssl_compat)
119 if (!openssl_compat) {
118120 break;
121 }
119122 }
120123 /* In strict mode, we always return the hashsize, in compat we filled it
121124 as much as was requested, so we leave it alone. */
122 if(!openssl_compat)
125 if(!openssl_compat) {
123126 *outlen = hash_descriptor[hash_idx].hashsize;
127 }
124128
125129 err = CRYPT_OK;
126130 LBL_ERR:
5757
5858 if (cipher_descriptor[cbc->cipher].accel_cbc_decrypt != NULL) {
5959 return cipher_descriptor[cbc->cipher].accel_cbc_decrypt(ct, pt, len / cbc->blocklen, cbc->IV, &cbc->key);
60 } else {
61 while (len) {
62 /* decrypt */
63 if ((err = cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key)) != CRYPT_OK) {
64 return err;
65 }
60 }
61 while (len) {
62 /* decrypt */
63 if ((err = cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key)) != CRYPT_OK) {
64 return err;
65 }
6666
67 /* xor IV against plaintext */
68 #if defined(LTC_FAST)
69 for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
70 tmpy = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^ *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)tmp + x));
71 *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x));
72 *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) = tmpy;
73 }
74 #else
75 for (x = 0; x < cbc->blocklen; x++) {
76 tmpy = tmp[x] ^ cbc->IV[x];
77 cbc->IV[x] = ct[x];
78 pt[x] = tmpy;
79 }
80 #endif
67 /* xor IV against plaintext */
68 #if defined(LTC_FAST)
69 for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
70 tmpy = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^ *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)tmp + x));
71 *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x));
72 *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) = tmpy;
73 }
74 #else
75 for (x = 0; x < cbc->blocklen; x++) {
76 tmpy = tmp[x] ^ cbc->IV[x];
77 cbc->IV[x] = ct[x];
78 pt[x] = tmpy;
79 }
80 #endif
8181
82 ct += cbc->blocklen;
83 pt += cbc->blocklen;
84 len -= cbc->blocklen;
85 }
82 ct += cbc->blocklen;
83 pt += cbc->blocklen;
84 len -= cbc->blocklen;
8685 }
8786 return CRYPT_OK;
8887 }
5151
5252 if (cipher_descriptor[cbc->cipher].accel_cbc_encrypt != NULL) {
5353 return cipher_descriptor[cbc->cipher].accel_cbc_encrypt(pt, ct, len / cbc->blocklen, cbc->IV, &cbc->key);
54 } else {
55 while (len) {
56 /* xor IV against plaintext */
57 #if defined(LTC_FAST)
58 for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
59 *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^= *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x));
60 }
61 #else
62 for (x = 0; x < cbc->blocklen; x++) {
63 cbc->IV[x] ^= pt[x];
64 }
65 #endif
54 }
55 while (len) {
56 /* xor IV against plaintext */
57 #if defined(LTC_FAST)
58 for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
59 *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^= *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x));
60 }
61 #else
62 for (x = 0; x < cbc->blocklen; x++) {
63 cbc->IV[x] ^= pt[x];
64 }
65 #endif
6666
67 /* encrypt */
68 if ((err = cipher_descriptor[cbc->cipher].ecb_encrypt(cbc->IV, ct, &cbc->key)) != CRYPT_OK) {
69 return err;
70 }
67 /* encrypt */
68 if ((err = cipher_descriptor[cbc->cipher].ecb_encrypt(cbc->IV, ct, &cbc->key)) != CRYPT_OK) {
69 return err;
70 }
7171
72 /* store IV [ciphertext] for a future block */
73 #if defined(LTC_FAST)
74 for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
75 *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x));
76 }
77 #else
78 for (x = 0; x < cbc->blocklen; x++) {
79 cbc->IV[x] = ct[x];
80 }
81 #endif
72 /* store IV [ciphertext] for a future block */
73 #if defined(LTC_FAST)
74 for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
75 *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x));
76 }
77 #else
78 for (x = 0; x < cbc->blocklen; x++) {
79 cbc->IV[x] = ct[x];
80 }
81 #endif
8282
83 ct += cbc->blocklen;
84 pt += cbc->blocklen;
85 len -= cbc->blocklen;
86 }
83 ct += cbc->blocklen;
84 pt += cbc->blocklen;
85 len -= cbc->blocklen;
8786 }
8887 return CRYPT_OK;
8988 }
4242 /* copy data */
4343 cfb->cipher = cipher;
4444 cfb->blocklen = cipher_descriptor[cipher].block_length;
45 for (x = 0; x < cfb->blocklen; x++)
45 for (x = 0; x < cfb->blocklen; x++) {
4646 cfb->IV[x] = IV[x];
47 }
4748
4849 /* init the cipher */
4950 if ((err = cipher_descriptor[cipher].setup(key, keylen, num_rounds, &cfb->key)) != CRYPT_OK) {
3838 /* check for accel */
3939 if (cipher_descriptor[ecb->cipher].accel_ecb_decrypt != NULL) {
4040 return cipher_descriptor[ecb->cipher].accel_ecb_decrypt(ct, pt, len / cipher_descriptor[ecb->cipher].block_length, &ecb->key);
41 } else {
42 while (len) {
43 if ((err = cipher_descriptor[ecb->cipher].ecb_decrypt(ct, pt, &ecb->key)) != CRYPT_OK) {
44 return err;
45 }
46 pt += cipher_descriptor[ecb->cipher].block_length;
47 ct += cipher_descriptor[ecb->cipher].block_length;
48 len -= cipher_descriptor[ecb->cipher].block_length;
41 }
42 while (len) {
43 if ((err = cipher_descriptor[ecb->cipher].ecb_decrypt(ct, pt, &ecb->key)) != CRYPT_OK) {
44 return err;
4945 }
46 pt += cipher_descriptor[ecb->cipher].block_length;
47 ct += cipher_descriptor[ecb->cipher].block_length;
48 len -= cipher_descriptor[ecb->cipher].block_length;
5049 }
5150 return CRYPT_OK;
5251 }
3838 /* check for accel */
3939 if (cipher_descriptor[ecb->cipher].accel_ecb_encrypt != NULL) {
4040 return cipher_descriptor[ecb->cipher].accel_ecb_encrypt(pt, ct, len / cipher_descriptor[ecb->cipher].block_length, &ecb->key);
41 } else {
42 while (len) {
43 if ((err = cipher_descriptor[ecb->cipher].ecb_encrypt(pt, ct, &ecb->key)) != CRYPT_OK) {
44 return err;
45 }
46 pt += cipher_descriptor[ecb->cipher].block_length;
47 ct += cipher_descriptor[ecb->cipher].block_length;
48 len -= cipher_descriptor[ecb->cipher].block_length;
41 }
42 while (len) {
43 if ((err = cipher_descriptor[ecb->cipher].ecb_encrypt(pt, ct, &ecb->key)) != CRYPT_OK) {
44 return err;
4945 }
46 pt += cipher_descriptor[ecb->cipher].block_length;
47 ct += cipher_descriptor[ecb->cipher].block_length;
48 len -= cipher_descriptor[ecb->cipher].block_length;
5049 }
5150 return CRYPT_OK;
5251 }
4040 real_len &= 0x7F;
4141 if (real_len == 0) {
4242 return CRYPT_PK_ASN1_ERROR;
43 } else if (real_len > sizeof(decoded_len)) {
43 }
44 if (real_len > sizeof(decoded_len)) {
4445 return CRYPT_OVERFLOW;
45 } else if (real_len > (*inlen - 1)) {
46 }
47 if (real_len > (*inlen - 1)) {
4648 return CRYPT_BUFFER_OVERFLOW;
4749 }
4850 decoded_len = 0;
4040 }
4141 *outlen = 1;
4242 return CRYPT_OK;
43 } else {
44 if (id->klass < LTC_ASN1_CL_UNIVERSAL || id->klass > LTC_ASN1_CL_PRIVATE) {
45 return CRYPT_INVALID_ARG;
46 }
47 if (id->pc < LTC_ASN1_PC_PRIMITIVE || id->pc > LTC_ASN1_PC_CONSTRUCTED) {
48 return CRYPT_INVALID_ARG;
49 }
50 if (id->tag > (ULONG_MAX >> (8 + 7))) {
51 return CRYPT_INVALID_ARG;
52 }
43 }
44 if (id->klass < LTC_ASN1_CL_UNIVERSAL || id->klass > LTC_ASN1_CL_PRIVATE) {
45 return CRYPT_INVALID_ARG;
46 }
47 if (id->pc < LTC_ASN1_PC_PRIMITIVE || id->pc > LTC_ASN1_PC_CONSTRUCTED) {
48 return CRYPT_INVALID_ARG;
49 }
50 if (id->tag > (ULONG_MAX >> (8 + 7))) {
51 return CRYPT_INVALID_ARG;
5352 }
5453
5554 if (out != NULL) {
111111 /* now is it Z or . */
112112 if (buf[x] == 'Z') {
113113 return CRYPT_OK;
114 } else if (buf[x] == '.') {
114 }
115 if (buf[x] == '.') {
115116 x++;
116117 while (buf[x] >= '0' && buf[x] <= '9') {
117118 unsigned fs = out->fs;
126127 /* now is it Z, +, - */
127128 if (buf[x] == 'Z') {
128129 return CRYPT_OK;
129 } else if (buf[x] == '+' || buf[x] == '-') {
130 }
131 if (buf[x] == '+' || buf[x] == '-') {
130132 out->off_dir = (buf[x++] == '+') ? 0 : 1;
131133 DECODE_V(out->off_hh, 24);
132134 DECODE_V(out->off_mm, 60);
133135 return CRYPT_OK;
134 } else {
135 return CRYPT_INVALID_PACKET;
136136 }
137 return CRYPT_INVALID_PACKET;
137138 }
138139
139140 #endif
3232 if (r == 0) {
3333 /* their order in the original list now determines the position */
3434 return A->used - B->used;
35 } else {
36 return r;
3735 }
36 return r;
3837 }
3938
4039 /*
9494 /* now is it Z, +, - or 0-9 */
9595 if (buf[x] == 'Z') {
9696 return CRYPT_OK;
97 } else if (buf[x] == '+' || buf[x] == '-') {
97 }
98 if (buf[x] == '+' || buf[x] == '-') {
9899 out->off_dir = (buf[x++] == '+') ? 0 : 1;
99100 DECODE_V(out->off_hh, 24);
100101 DECODE_V(out->off_mm, 60);
107108 /* now is it Z, +, - */
108109 if (buf[x] == 'Z') {
109110 return CRYPT_OK;
110 } else if (buf[x] == '+' || buf[x] == '-') {
111 }
112 if (buf[x] == '+' || buf[x] == '-') {
111113 out->off_dir = (buf[x++] == '+') ? 0 : 1;
112114 DECODE_V(out->off_hh, 24);
113115 DECODE_V(out->off_mm, 60);
114116 return CRYPT_OK;
115 } else {
116 return CRYPT_INVALID_PACKET;
117117 }
118 return CRYPT_INVALID_PACKET;
118119 }
119120
120121 #endif
2222 {
2323 if (c <= 0x7F) {
2424 return 1;
25 } else if (c <= 0x7FF) {
25 }
26 if (c <= 0x7FF) {
2627 return 2;
28 }
2729 #if LTC_WCHAR_MAX == 0xFFFF
28 } else {
30 return 3;
31 #else
32 if (c <= 0xFFFF) {
2933 return 3;
3034 }
31 #else
32 } else if (c <= 0xFFFF) {
33 return 3;
34 } else {
35 return 4;
36 }
35 return 4;
3736 #endif
3837 }
3938
1818 if (groupsize <= 0) {
1919 return 0;
2020 }
21 else if (groupsize <= 192) {
21 if (groupsize <= 192) {
2222 return 30; /* 1536-bit => key size 240-bit */
2323 }
24 else if (groupsize <= 256) {
24 if (groupsize <= 256) {
2525 return 40; /* 2048-bit => key size 320-bit */
2626 }
27 else if (groupsize <= 384) {
27 if (groupsize <= 384) {
2828 return 52; /* 3072-bit => key size 416-bit */
2929 }
30 else if (groupsize <= 512) {
30 if (groupsize <= 512) {
3131 return 60; /* 4096-bit => key size 480-bit */
3232 }
33 else if (groupsize <= 768) {
33 if (groupsize <= 768) {
3434 return 67; /* 6144-bit => key size 536-bit */
3535 }
36 else if (groupsize <= 1024) {
36 if (groupsize <= 1024) {
3737 return 77; /* 8192-bit => key size 616-bit */
3838 }
39 else {
40 return 0;
41 }
39 return 0;
4240 }
4341
4442 int dh_generate_key(prng_state *prng, int wprng, dh_key *key)
2525 int dsa_export(unsigned char *out, unsigned long *outlen, int type, const dsa_key *key)
2626 {
2727 unsigned long zero=0;
28 unsigned char flags[1];
2829 int err, std;
2930
3031 LTC_ARGCHK(out != NULL);
3435 std = type & PK_STD;
3536 type &= ~PK_STD;
3637
37 /* can we store the static header? */
3838 if (type == PK_PRIVATE && key->type != PK_PRIVATE) {
3939 return CRYPT_PK_TYPE_MISMATCH;
40 }
41
42 if (type != PK_PUBLIC && type != PK_PRIVATE) {
43 return CRYPT_INVALID_ARG;
4440 }
4541
4642 if (type == PK_PRIVATE) {
5450 LTC_ASN1_INTEGER, 1UL, key->x,
5551 LTC_ASN1_EOL, 0UL, NULL);
5652 }
57 else {
58 unsigned char flags[1];
59 flags[0] = 1;
60 return der_encode_sequence_multi(out, outlen,
53 flags[0] = 1;
54 return der_encode_sequence_multi(out, outlen,
6155 LTC_ASN1_BIT_STRING, 1UL, flags,
6256 LTC_ASN1_INTEGER, 1UL, key->g,
6357 LTC_ASN1_INTEGER, 1UL, key->p,
6559 LTC_ASN1_INTEGER, 1UL, key->y,
6660 LTC_ASN1_INTEGER, 1UL, key->x,
6761 LTC_ASN1_EOL, 0UL, NULL);
68 }
69 } else {
62 }
63
64 if (type == PK_PUBLIC) {
7065 if (std) {
7166 unsigned long tmplen = (unsigned long)(mp_count_bits(key->y) / 8) + 8;
7267 unsigned char* tmp = XMALLOC(tmplen);
9388 XFREE(tmp);
9489 return err;
9590 }
96 else {
97 unsigned char flags[1];
98 flags[0] = 0;
99 return der_encode_sequence_multi(out, outlen,
91 flags[0] = 0;
92 return der_encode_sequence_multi(out, outlen,
10093 LTC_ASN1_BIT_STRING, 1UL, flags,
10194 LTC_ASN1_INTEGER, 1UL, key->g,
10295 LTC_ASN1_INTEGER, 1UL, key->p,
10396 LTC_ASN1_INTEGER, 1UL, key->q,
10497 LTC_ASN1_INTEGER, 1UL, key->y,
10598 LTC_ASN1_EOL, 0UL, NULL);
106 }
10799 }
100
101 return CRYPT_INVALID_ARG;
108102 }
109103
110104 #endif
4040 /* initialize key->dp */
4141 if (cu == NULL) {
4242 /* this case works only for uncompressed public keys */
43 if ((err = ecc_set_dp_by_size((inlen-1)>>1, key)) != CRYPT_OK) { return err; }
43 if ((err = ecc_set_curve_by_size((inlen-1)>>1, key)) != CRYPT_OK) { return err; }
4444 }
4545 else {
4646 /* this one works for both compressed / uncompressed pubkeys */
47 if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { return err; }
47 if ((err = ecc_set_curve(cu, key)) != CRYPT_OK) { return err; }
4848 }
4949
5050 /* load public key */
8484 }
8585
8686 /* import ECC key from packet */
87 if ((err = ecc_copy_dp(key, &pubkey)) != CRYPT_OK) { goto LBL_ERR; }
87 if ((err = ecc_copy_curve(key, &pubkey)) != CRYPT_OK) { goto LBL_ERR; }
8888 if ((err = ecc_set_key(decode[1].data, decode[1].size, PK_PUBLIC, &pubkey)) != CRYPT_OK) { goto LBL_ERR; }
8989
9090 /* make shared key */
5151 }
5252
5353 /* make a random key and export the public copy */
54 if ((err = ecc_copy_dp(key, &pubkey)) != CRYPT_OK) { return err; }
54 if ((err = ecc_copy_curve(key, &pubkey)) != CRYPT_OK) { return err; }
5555 if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { return err; }
5656
5757 pub_expt = XMALLOC(ECC_BUF_SIZE);
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8
9 #include "tomcrypt_private.h"
10
11 #ifdef LTC_MECC
12
13 static const struct {
14 const char *OID;
15 const char *names[6];
16 } _curve_names[] = {
17 #ifdef LTC_ECC_SECP112R1
18 {
19 "1.3.132.0.6", { "SECP112R1", "ECC-112", NULL }
20 },
21 #endif
22 #ifdef LTC_ECC_SECP112R2
23 {
24 "1.3.132.0.7", { "SECP112R2", NULL }
25 },
26 #endif
27 #ifdef LTC_ECC_SECP128R1
28 {
29 "1.3.132.0.28", { "SECP128R1", "ECC-128", NULL }
30 },
31 #endif
32 #ifdef LTC_ECC_SECP128R2
33 {
34 "1.3.132.0.29", { "SECP128R2", NULL }
35 },
36 #endif
37 #ifdef LTC_ECC_SECP160R1
38 {
39 "1.3.132.0.8", { "SECP160R1", "ECC-160", NULL }
40 },
41 #endif
42 #ifdef LTC_ECC_SECP160R2
43 {
44 "1.3.132.0.30", { "SECP160R2", NULL }
45 },
46 #endif
47 #ifdef LTC_ECC_SECP160K1
48 {
49 "1.3.132.0.9", { "SECP160K1", NULL }
50 },
51 #endif
52 #ifdef LTC_ECC_SECP192R1
53 {
54 "1.2.840.10045.3.1.1", { "SECP192R1", "NISTP192", "PRIME192V1", "ECC-192", "P-192", NULL }
55 },
56 #endif
57 #ifdef LTC_ECC_PRIME192V2
58 {
59 "1.2.840.10045.3.1.2", { "PRIME192V2", NULL }
60 },
61 #endif
62 #ifdef LTC_ECC_PRIME192V3
63 {
64 "1.2.840.10045.3.1.3", { "PRIME192V3", NULL }
65 },
66 #endif
67 #ifdef LTC_ECC_SECP192K1
68 {
69 "1.3.132.0.31", { "SECP192K1", NULL }
70 },
71 #endif
72 #ifdef LTC_ECC_SECP224R1
73 {
74 "1.3.132.0.33", { "SECP224R1", "NISTP224", "ECC-224", "P-224", NULL }
75 },
76 #endif
77 #ifdef LTC_ECC_SECP224K1
78 {
79 "1.3.132.0.32", { "SECP224K1", NULL }
80 },
81 #endif
82 #ifdef LTC_ECC_SECP256R1
83 {
84 "1.2.840.10045.3.1.7", { "SECP256R1", "NISTP256", "PRIME256V1", "ECC-256", "P-256", NULL }
85 },
86 #endif
87 #ifdef LTC_ECC_SECP256K1
88 {
89 "1.3.132.0.10", { "SECP256K1", NULL }
90 },
91 #endif
92 #ifdef LTC_ECC_SECP384R1
93 {
94 "1.3.132.0.34", { "SECP384R1", "NISTP384", "ECC-384", "P-384", NULL }
95 },
96 #endif
97 #ifdef LTC_ECC_SECP521R1
98 {
99 "1.3.132.0.35", { "SECP521R1", "NISTP521", "ECC-521", "P-521", NULL }
100 },
101 #endif
102 #ifdef LTC_ECC_PRIME239V1
103 {
104 "1.2.840.10045.3.1.4", { "PRIME239V1", NULL }
105 },
106 #endif
107 #ifdef LTC_ECC_PRIME239V2
108 {
109 "1.2.840.10045.3.1.5", { "PRIME239V2", NULL }
110 },
111 #endif
112 #ifdef LTC_ECC_PRIME239V3
113 {
114 "1.2.840.10045.3.1.6", { "PRIME239V3", NULL }
115 },
116 #endif
117 #ifdef LTC_ECC_BRAINPOOLP160R1
118 {
119 "1.3.36.3.3.2.8.1.1.1", { "BRAINPOOLP160R1", NULL }
120 },
121 #endif
122 #ifdef LTC_ECC_BRAINPOOLP192R1
123 {
124 "1.3.36.3.3.2.8.1.1.3", { "BRAINPOOLP192R1", NULL }
125 },
126 #endif
127 #ifdef LTC_ECC_BRAINPOOLP224R1
128 {
129 "1.3.36.3.3.2.8.1.1.5", { "BRAINPOOLP224R1", NULL }
130 },
131 #endif
132 #ifdef LTC_ECC_BRAINPOOLP256R1
133 {
134 "1.3.36.3.3.2.8.1.1.7", { "BRAINPOOLP256R1", NULL }
135 },
136 #endif
137 #ifdef LTC_ECC_BRAINPOOLP320R1
138 {
139 "1.3.36.3.3.2.8.1.1.9", { "BRAINPOOLP320R1", NULL }
140 },
141 #endif
142 #ifdef LTC_ECC_BRAINPOOLP384R1
143 {
144 "1.3.36.3.3.2.8.1.1.11", { "BRAINPOOLP384R1", NULL }
145 },
146 #endif
147 #ifdef LTC_ECC_BRAINPOOLP512R1
148 {
149 "1.3.36.3.3.2.8.1.1.13", { "BRAINPOOLP512R1", NULL }
150 },
151 #endif
152 #ifdef LTC_ECC_BRAINPOOLP160T1
153 {
154 "1.3.36.3.3.2.8.1.1.2", { "BRAINPOOLP160T1", NULL }
155 },
156 #endif
157 #ifdef LTC_ECC_BRAINPOOLP192T1
158 {
159 "1.3.36.3.3.2.8.1.1.4", { "BRAINPOOLP192T1", NULL }
160 },
161 #endif
162 #ifdef LTC_ECC_BRAINPOOLP224T1
163 {
164 "1.3.36.3.3.2.8.1.1.6", { "BRAINPOOLP224T1", NULL }
165 },
166 #endif
167 #ifdef LTC_ECC_BRAINPOOLP256T1
168 {
169 "1.3.36.3.3.2.8.1.1.8", { "BRAINPOOLP256T1", NULL }
170 },
171 #endif
172 #ifdef LTC_ECC_BRAINPOOLP320T1
173 {
174 "1.3.36.3.3.2.8.1.1.10", { "BRAINPOOLP320T1", NULL }
175 },
176 #endif
177 #ifdef LTC_ECC_BRAINPOOLP384T1
178 {
179 "1.3.36.3.3.2.8.1.1.12", { "BRAINPOOLP384T1", NULL }
180 },
181 #endif
182 #ifdef LTC_ECC_BRAINPOOLP512T1
183 {
184 "1.3.36.3.3.2.8.1.1.14", { "BRAINPOOLP512T1", NULL }
185 },
186 #endif
187 {
188 NULL, { NULL }
189 }
190 };
191
192 /* case-insensitive match + ignore '-', '_', ' ' */
193 static int _name_match(const char *left, const char *right)
194 {
195 char lc_r, lc_l;
196
197 while ((*left != '\0') && (*right != '\0')) {
198 while ((*left == ' ') || (*left == '-') || (*left == '_')) left++;
199 while ((*right == ' ') || (*right == '-') || (*right == '_')) right++;
200 if (*left == '\0' || *right == '\0') break;
201 lc_r = *right;
202 lc_l = *left;
203 if ((lc_r >= 'A') && (lc_r <= 'Z')) lc_r += 32;
204 if ((lc_l >= 'A') && (lc_l <= 'Z')) lc_l += 32;
205 if (lc_l != lc_r) return 0;
206 left++;
207 right++;
208 }
209
210 if ((*left == '\0') && (*right == '\0')) return 1;
211 return 0;
212 }
213
214 int ecc_find_curve(const char *name_or_oid, const ltc_ecc_curve **cu)
215 {
216 int i, j;
217 const char *OID = NULL;
218
219 LTC_ARGCHK(cu != NULL);
220 LTC_ARGCHK(name_or_oid != NULL);
221
222 *cu = NULL;
223
224 for (i = 0; _curve_names[i].OID != NULL && !OID; i++) {
225 if (XSTRCMP(_curve_names[i].OID, name_or_oid) == 0) {
226 OID = _curve_names[i].OID;
227 }
228 for (j = 0; _curve_names[i].names[j] != NULL && !OID; j++) {
229 if (_name_match(_curve_names[i].names[j], name_or_oid)) {
230 OID = _curve_names[i].OID;
231 }
232 }
233 }
234
235 if (OID != NULL) {
236 for (i = 0; ltc_ecc_curves[i].prime != NULL; i++) {
237 if (XSTRCMP(ltc_ecc_curves[i].OID, OID) == 0) {
238 *cu = &ltc_ecc_curves[i];
239 return CRYPT_OK;
240 }
241 }
242 }
243
244 return CRYPT_INVALID_ARG; /* not found */
245 }
246
247 #endif
248
249 /* ref: $Format:%D$ */
250 /* git commit: $Format:%H$ */
251 /* commit time: $Format:%ai$ */
+0
-254
src/ltc/pk/ecc/ecc_get_curve.c less more
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8
9 #include "tomcrypt_private.h"
10
11 #ifdef LTC_MECC
12
13 static const struct {
14 const char *OID;
15 const char *names[6];
16 } _curve_names[] = {
17 #ifdef LTC_ECC_SECP112R1
18 {
19 "1.3.132.0.6", { "SECP112R1", "ECC-112", NULL }
20 },
21 #endif
22 #ifdef LTC_ECC_SECP112R2
23 {
24 "1.3.132.0.7", { "SECP112R2", NULL }
25 },
26 #endif
27 #ifdef LTC_ECC_SECP128R1
28 {
29 "1.3.132.0.28", { "SECP128R1", "ECC-128", NULL }
30 },
31 #endif
32 #ifdef LTC_ECC_SECP128R2
33 {
34 "1.3.132.0.29", { "SECP128R2", NULL }
35 },
36 #endif
37 #ifdef LTC_ECC_SECP160R1
38 {
39 "1.3.132.0.8", { "SECP160R1", "ECC-160", NULL }
40 },
41 #endif
42 #ifdef LTC_ECC_SECP160R2
43 {
44 "1.3.132.0.30", { "SECP160R2", NULL }
45 },
46 #endif
47 #ifdef LTC_ECC_SECP160K1
48 {
49 "1.3.132.0.9", { "SECP160K1", NULL }
50 },
51 #endif
52 #ifdef LTC_ECC_SECP192R1
53 {
54 "1.2.840.10045.3.1.1", { "SECP192R1", "NISTP192", "PRIME192V1", "ECC-192", "P-192", NULL }
55 },
56 #endif
57 #ifdef LTC_ECC_PRIME192V2
58 {
59 "1.2.840.10045.3.1.2", { "PRIME192V2", NULL }
60 },
61 #endif
62 #ifdef LTC_ECC_PRIME192V3
63 {
64 "1.2.840.10045.3.1.3", { "PRIME192V3", NULL }
65 },
66 #endif
67 #ifdef LTC_ECC_SECP192K1
68 {
69 "1.3.132.0.31", { "SECP192K1", NULL }
70 },
71 #endif
72 #ifdef LTC_ECC_SECP224R1
73 {
74 "1.3.132.0.33", { "SECP224R1", "NISTP224", "ECC-224", "P-224", NULL }
75 },
76 #endif
77 #ifdef LTC_ECC_SECP224K1
78 {
79 "1.3.132.0.32", { "SECP224K1", NULL }
80 },
81 #endif
82 #ifdef LTC_ECC_SECP256R1
83 {
84 "1.2.840.10045.3.1.7", { "SECP256R1", "NISTP256", "PRIME256V1", "ECC-256", "P-256", NULL }
85 },
86 #endif
87 #ifdef LTC_ECC_SECP256K1
88 {
89 "1.3.132.0.10", { "SECP256K1", NULL }
90 },
91 #endif
92 #ifdef LTC_ECC_SECP384R1
93 {
94 "1.3.132.0.34", { "SECP384R1", "NISTP384", "ECC-384", "P-384", NULL }
95 },
96 #endif
97 #ifdef LTC_ECC_SECP521R1
98 {
99 "1.3.132.0.35", { "SECP521R1", "NISTP521", "ECC-521", "P-521", NULL }
100 },
101 #endif
102 #ifdef LTC_ECC_PRIME239V1
103 {
104 "1.2.840.10045.3.1.4", { "PRIME239V1", NULL }
105 },
106 #endif
107 #ifdef LTC_ECC_PRIME239V2
108 {
109 "1.2.840.10045.3.1.5", { "PRIME239V2", NULL }
110 },
111 #endif
112 #ifdef LTC_ECC_PRIME239V3
113 {
114 "1.2.840.10045.3.1.6", { "PRIME239V3", NULL }
115 },
116 #endif
117 #ifdef LTC_ECC_BRAINPOOLP160R1
118 {
119 "1.3.36.3.3.2.8.1.1.1", { "BRAINPOOLP160R1", NULL }
120 },
121 #endif
122 #ifdef LTC_ECC_BRAINPOOLP192R1
123 {
124 "1.3.36.3.3.2.8.1.1.3", { "BRAINPOOLP192R1", NULL }
125 },
126 #endif
127 #ifdef LTC_ECC_BRAINPOOLP224R1
128 {
129 "1.3.36.3.3.2.8.1.1.5", { "BRAINPOOLP224R1", NULL }
130 },
131 #endif
132 #ifdef LTC_ECC_BRAINPOOLP256R1
133 {
134 "1.3.36.3.3.2.8.1.1.7", { "BRAINPOOLP256R1", NULL }
135 },
136 #endif
137 #ifdef LTC_ECC_BRAINPOOLP320R1
138 {
139 "1.3.36.3.3.2.8.1.1.9", { "BRAINPOOLP320R1", NULL }
140 },
141 #endif
142 #ifdef LTC_ECC_BRAINPOOLP384R1
143 {
144 "1.3.36.3.3.2.8.1.1.11", { "BRAINPOOLP384R1", NULL }
145 },
146 #endif
147 #ifdef LTC_ECC_BRAINPOOLP512R1
148 {
149 "1.3.36.3.3.2.8.1.1.13", { "BRAINPOOLP512R1", NULL }
150 },
151 #endif
152 #ifdef LTC_ECC_BRAINPOOLP160T1
153 {
154 "1.3.36.3.3.2.8.1.1.2", { "BRAINPOOLP160T1", NULL }
155 },
156 #endif
157 #ifdef LTC_ECC_BRAINPOOLP192T1
158 {
159 "1.3.36.3.3.2.8.1.1.4", { "BRAINPOOLP192T1", NULL }
160 },
161 #endif
162 #ifdef LTC_ECC_BRAINPOOLP224T1
163 {
164 "1.3.36.3.3.2.8.1.1.6", { "BRAINPOOLP224T1", NULL }
165 },
166 #endif
167 #ifdef LTC_ECC_BRAINPOOLP256T1
168 {
169 "1.3.36.3.3.2.8.1.1.8", { "BRAINPOOLP256T1", NULL }
170 },
171 #endif
172 #ifdef LTC_ECC_BRAINPOOLP320T1
173 {
174 "1.3.36.3.3.2.8.1.1.10", { "BRAINPOOLP320T1", NULL }
175 },
176 #endif
177 #ifdef LTC_ECC_BRAINPOOLP384T1
178 {
179 "1.3.36.3.3.2.8.1.1.12", { "BRAINPOOLP384T1", NULL }
180 },
181 #endif
182 #ifdef LTC_ECC_BRAINPOOLP512T1
183 {
184 "1.3.36.3.3.2.8.1.1.14", { "BRAINPOOLP512T1", NULL }
185 },
186 #endif
187 {
188 NULL, { NULL }
189 }
190 };
191
192 /* case-insensitive match + ignore '-', '_', ' ' */
193 static int _name_match(const char *left, const char *right)
194 {
195 char lc_r, lc_l;
196
197 while ((*left != '\0') && (*right != '\0')) {
198 while ((*left == ' ') || (*left == '-') || (*left == '_')) left++;
199 while ((*right == ' ') || (*right == '-') || (*right == '_')) right++;
200 if (*left == '\0' || *right == '\0') break;
201 lc_r = *right;
202 lc_l = *left;
203 if ((lc_r >= 'A') && (lc_r <= 'Z')) lc_r += 32;
204 if ((lc_l >= 'A') && (lc_l <= 'Z')) lc_l += 32;
205 if (lc_l != lc_r) return 0;
206 left++;
207 right++;
208 }
209
210 if ((*left == '\0') && (*right == '\0'))
211 return 1;
212 else
213 return 0;
214 }
215
216 int ecc_get_curve(const char *name_or_oid, const ltc_ecc_curve **cu)
217 {
218 int i, j;
219 const char *OID = NULL;
220
221 LTC_ARGCHK(cu != NULL);
222 LTC_ARGCHK(name_or_oid != NULL);
223
224 *cu = NULL;
225
226 for (i = 0; _curve_names[i].OID != NULL && !OID; i++) {
227 if (XSTRCMP(_curve_names[i].OID, name_or_oid) == 0) {
228 OID = _curve_names[i].OID;
229 }
230 for (j = 0; _curve_names[i].names[j] != NULL && !OID; j++) {
231 if (_name_match(_curve_names[i].names[j], name_or_oid)) {
232 OID = _curve_names[i].OID;
233 }
234 }
235 }
236
237 if (OID != NULL) {
238 for (i = 0; ltc_ecc_curves[i].prime != NULL; i++) {
239 if (XSTRCMP(ltc_ecc_curves[i].OID, OID) == 0) {
240 *cu = &ltc_ecc_curves[i];
241 return CRYPT_OK;
242 }
243 }
244 }
245
246 return CRYPT_INVALID_ARG; /* not found */
247 }
248
249 #endif
250
251 /* ref: $Format:%D$ */
252 /* git commit: $Format:%H$ */
253 /* commit time: $Format:%ai$ */
5555
5656 /* allocate & initialize the key */
5757 if (cu == NULL) {
58 if ((err = ecc_set_dp_by_size(key_size, key)) != CRYPT_OK) { goto done; }
58 if ((err = ecc_set_curve_by_size(key_size, key)) != CRYPT_OK) { goto done; }
5959 } else {
60 if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { goto done; }
60 if ((err = ecc_set_curve(cu, key)) != CRYPT_OK) { goto done; }
6161 }
6262
6363 if (flags[0] == 1) {
3535 /* load curve parameters for given curve OID */
3636 len = sizeof(OID);
3737 if ((err = pk_oid_num_to_str(curveoid, custom[0].size, OID, &len)) != CRYPT_OK) { goto error; }
38 if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto error; }
39 if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto error; }
38 if ((err = ecc_find_curve(OID, &curve)) != CRYPT_OK) { goto error; }
39 if ((err = ecc_set_curve(curve, key)) != CRYPT_OK) { goto error; }
4040 /* load private+public key */
4141 err = ecc_set_key(bin_k, seq_priv[1].size, PK_PRIVATE, key);
4242 }
9595 if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; }
9696 if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; }
9797 /* load curve parameters */
98 if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; }
98 if ((err = ecc_set_curve_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; }
9999 /* load private+public key */
100100 err = ecc_set_key(bin_k, len_k, PK_PRIVATE, key);
101101 }
5353 { { 0 }, 0 },
5454 };
5555
56 static int _simple_utf8_to_utf16(const unsigned char *in, unsigned long inlen,
57 unsigned char *out, unsigned long *outlen) {
58 unsigned long len = 0;
59 const unsigned char* in_end = in + inlen;
60 const ulong32 offset[6] = {
61 0x00000000UL, 0x00003080UL, 0x000E2080UL,
62 0x03C82080UL, 0xFA082080UL, 0x82082080UL
63 };
64 int err = CRYPT_ERROR;
65
66 while (in < in_end) {
67 ulong32 ch = 0;
68 unsigned short extra = 0; /* 0 */
69 if (*in >= 192) extra++; /* 1 */
70 if (*in >= 224) extra++; /* 2 */
71 if (*in >= 240) extra++; /* 3 */
72 if (*in >= 248) extra++; /* 4 */
73 if (*in >= 252) extra++; /* 5 */
74 if (in + extra >= in_end) goto ERROR;
75 switch (extra) {
76 case 5: ch += *in++; ch <<= 6;
77 /* FALLTHROUGH */
78 case 4: ch += *in++; ch <<= 6;
79 /* FALLTHROUGH */
80 case 3: ch += *in++; ch <<= 6;
81 /* FALLTHROUGH */
82 case 2: ch += *in++; ch <<= 6;
83 /* FALLTHROUGH */
84 case 1: ch += *in++; ch <<= 6;
85 /* FALLTHROUGH */
86 case 0: ch += *in++;
87 }
88 ch -= offset[extra];
89 if (ch > 0xFFFF) goto ERROR;
90 if (*outlen >= len + 2) {
91 out[len] = (unsigned short)((ch >> 8) & 0xFF);
92 out[len + 1] = (unsigned char)(ch & 0xFF);
93 }
94 len += 2;
95 }
96
97 err = len > *outlen ? CRYPT_BUFFER_OVERFLOW : CRYPT_OK;
98 *outlen = len;
99 ERROR:
100 return err;
101 }
102
103 static int _kdf_pkcs12(int hash_id, const unsigned char *pw, unsigned long pwlen,
104 const unsigned char *salt, unsigned long saltlen,
105 unsigned int iterations, unsigned char purpose,
106 unsigned char *out, unsigned long outlen)
107 {
108 unsigned long u = hash_descriptor[hash_id].hashsize;
109 unsigned long v = hash_descriptor[hash_id].blocksize;
110 unsigned long c = (outlen + u - 1) / u;
111 unsigned long Slen = ((saltlen + v - 1) / v) * v;
112 unsigned long Plen = ((pwlen + v - 1) / v) * v;
113 unsigned long k = (Plen + Slen) / v;
114 unsigned long Alen, keylen = 0;
115 unsigned int tmp, i, j, n;
116 unsigned char ch;
117 unsigned char D[MAXBLOCKSIZE], A[MAXBLOCKSIZE], B[MAXBLOCKSIZE];
118 unsigned char *I = NULL, *key = NULL;
119 int err = CRYPT_ERROR;
120
121 key = XMALLOC(u * c);
122 I = XMALLOC(Plen + Slen);
123 if (key == NULL || I == NULL) goto DONE;
124 zeromem(key, u * c);
125
126 for (i = 0; i < v; i++) D[i] = purpose; /* D - diversifier */
127 for (i = 0; i < Slen; i++) I[i] = salt[i % saltlen];
128 for (i = 0; i < Plen; i++) I[Slen + i] = pw[i % pwlen]; /* I = Salt || Pass */
129
130 for (i = 0; i < c; i++) {
131 Alen = u; /* hash size */
132 err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, NULL); /* A = HASH(D || I) */
133 if (err != CRYPT_OK) goto DONE;
134 for (j = 1; j < iterations; j++) {
135 err = hash_memory(hash_id, A, Alen, A, &Alen); /* A = HASH(A) */
136 if (err != CRYPT_OK) goto DONE;
137 }
138 /* fill buffer B with A */
139 for (j = 0; j < v; j++) B[j] = A[j % Alen];
140 /* B += 1 */
141 for (j = v; j > 0; j--) {
142 if (++B[j - 1] != 0) break;
143 }
144 /* I_n += B */
145 for (n = 0; n < k; n++) {
146 ch = 0;
147 for (j = v; j > 0; j--) {
148 tmp = I[n * v + j - 1] + B[j - 1] + ch;
149 ch = (unsigned char)((tmp >> 8) & 0xFF);
150 I[n * v + j - 1] = (unsigned char)(tmp & 0xFF);
151 }
152 }
153 /* store derived key block */
154 for (j = 0; j < Alen; j++) key[keylen++] = A[j];
155 }
156
157 for (i = 0; i < outlen; i++) out[i] = key[i];
158 err = CRYPT_OK;
159 DONE:
160 if (I) XFREE(I);
161 if (key) XFREE(key);
162 return err;
163 }
164
16556 static int _oid_to_id(const unsigned long *oid, unsigned long oid_size)
16657 {
16758 int i, j;
215106 pwlen = pass_size * 2;
216107 pw = XMALLOC(pwlen + 2);
217108 if (pw == NULL) goto LBL_ERROR;
218 if ((err = _simple_utf8_to_utf16(pass, pass_size, pw, &pwlen) != CRYPT_OK)) goto LBL_ERROR;
109 if ((err = pkcs12_utf8_to_utf16(pass, pass_size, pw, &pwlen) != CRYPT_OK)) goto LBL_ERROR;
219110 pw[pwlen++] = 0;
220111 pw[pwlen++] = 0;
221112 /* derive KEY */
222 if ((err = _kdf_pkcs12(hid, pw, pwlen, salt, salt_size, iterations, 1, key_iv, keylen)) != CRYPT_OK) goto LBL_ERROR;
113 if ((err = pkcs12_kdf(hid, pw, pwlen, salt, salt_size, iterations, 1, key_iv, keylen)) != CRYPT_OK) goto LBL_ERROR;
223114 /* derive IV */
224 if ((err = _kdf_pkcs12(hid, pw, pwlen, salt, salt_size, iterations, 2, key_iv+24, blklen)) != CRYPT_OK) goto LBL_ERROR;
115 if ((err = pkcs12_kdf(hid, pw, pwlen, salt, salt_size, iterations, 2, key_iv+24, blklen)) != CRYPT_OK) goto LBL_ERROR;
225116 }
226117 else {
227118 if ((err = pkcs_5_alg1(pass, pass_size, salt, iterations, hid, key_iv, &len)) != CRYPT_OK) goto LBL_ERROR;
514405 ltc_asn1_list *loid = lseq->child->next;
515406 len = sizeof(OID);
516407 if ((err = pk_oid_num_to_str(loid->data, loid->size, OID, &len)) != CRYPT_OK) { goto LBL_DONE; }
517 if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto LBL_DONE; }
518 if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto LBL_DONE; }
408 if ((err = ecc_find_curve(OID, &curve)) != CRYPT_OK) { goto LBL_DONE; }
409 if ((err = ecc_set_curve(curve, key)) != CRYPT_OK) { goto LBL_DONE; }
519410 }
520411 else if (LTC_ASN1_IS_TYPE(lseq->child->next, LTC_ASN1_SEQUENCE)) {
521412 /* CASE 2: explicit curve parameters (AKA long variant):
566457 if ((err = ltc_ecc_import_point(lg->data, lg->size, lprime->data, a, b, gx, gy)) != CRYPT_OK) {
567458 goto LBL_DONE;
568459 }
569 if ((err = ecc_set_dp_from_mpis(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) {
460 if ((err = ecc_set_curve_from_mpis(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) {
570461 goto LBL_DONE;
571462 }
572463 }
2626 /* load curve parameters for given curve OID */
2727 len = sizeof(OID);
2828 if ((err = pk_oid_num_to_str(curveoid, len_oid, OID, &len)) != CRYPT_OK) { goto error; }
29 if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto error; }
30 if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto error; }
29 if ((err = ecc_find_curve(OID, &curve)) != CRYPT_OK) { goto error; }
30 if ((err = ecc_set_curve(curve, key)) != CRYPT_OK) { goto error; }
3131 /* load public key */
3232 err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key);
3333 }
7979 if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; }
8080 if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; }
8181 /* load curve parameters */
82 if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; }
82 if ((err = ecc_set_curve_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; }
8383 /* load public key */
8484 err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key);
8585 }
2727 {
2828 int err;
2929
30 if ((err = ecc_set_dp_by_size(keysize, key)) != CRYPT_OK) { return err; }
31 if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; }
30 if ((err = ecc_set_curve_by_size(keysize, key)) != CRYPT_OK) { return err; }
31 if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; }
3232 return CRYPT_OK;
3333 }
3434
3535 int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_curve *cu)
3636 {
3737 int err;
38 if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { return err; }
38 if ((err = ecc_set_curve(cu, key)) != CRYPT_OK) { return err; }
3939 if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; }
4040 return CRYPT_OK;
4141 }
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8
9 #include "tomcrypt_private.h"
10
11 #ifdef LTC_MECC
12
13 int ecc_set_curve(const ltc_ecc_curve *cu, ecc_key *key)
14 {
15 int err;
16
17 LTC_ARGCHK(key != NULL);
18 LTC_ARGCHK(cu != NULL);
19
20 if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B,
21 &key->dp.base.x, &key->dp.base.y, &key->dp.base.z,
22 &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k,
23 NULL)) != CRYPT_OK) {
24 return err;
25 }
26
27 /* A, B, order, prime, Gx, Gy */
28 if ((err = mp_read_radix(key->dp.prime, cu->prime, 16)) != CRYPT_OK) { goto error; }
29 if ((err = mp_read_radix(key->dp.order, cu->order, 16)) != CRYPT_OK) { goto error; }
30 if ((err = mp_read_radix(key->dp.A, cu->A, 16)) != CRYPT_OK) { goto error; }
31 if ((err = mp_read_radix(key->dp.B, cu->B, 16)) != CRYPT_OK) { goto error; }
32 if ((err = mp_read_radix(key->dp.base.x, cu->Gx, 16)) != CRYPT_OK) { goto error; }
33 if ((err = mp_read_radix(key->dp.base.y, cu->Gy, 16)) != CRYPT_OK) { goto error; }
34 if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; }
35 /* cofactor & size */
36 key->dp.cofactor = cu->cofactor;
37 key->dp.size = mp_unsigned_bin_size(key->dp.prime);
38 /* OID string >> unsigned long oid[16] + oidlen */
39 key->dp.oidlen = 16;
40 if ((err = pk_oid_str_to_num(cu->OID, key->dp.oid, &key->dp.oidlen)) != CRYPT_OK) { goto error; }
41 /* success */
42 return CRYPT_OK;
43
44 error:
45 ecc_free(key);
46 return err;
47 }
48
49 int ecc_set_curve_by_size(int size, ecc_key *key)
50 {
51 const ltc_ecc_curve *cu = NULL;
52 int err = CRYPT_ERROR;
53
54 /* for compatibility with libtomcrypt-1.17 the sizes below must match the specific curves */
55 if (size <= 14) {
56 err = ecc_find_curve("SECP112R1", &cu);
57 }
58 else if (size <= 16) {
59 err = ecc_find_curve("SECP128R1", &cu);
60 }
61 else if (size <= 20) {
62 err = ecc_find_curve("SECP160R1", &cu);
63 }
64 else if (size <= 24) {
65 err = ecc_find_curve("SECP192R1", &cu);
66 }
67 else if (size <= 28) {
68 err = ecc_find_curve("SECP224R1", &cu);
69 }
70 else if (size <= 32) {
71 err = ecc_find_curve("SECP256R1", &cu);
72 }
73 else if (size <= 48) {
74 err = ecc_find_curve("SECP384R1", &cu);
75 }
76 else if (size <= 66) {
77 err = ecc_find_curve("SECP521R1", &cu);
78 }
79
80 if (err == CRYPT_OK && cu != NULL) return ecc_set_curve(cu, key);
81
82 return CRYPT_INVALID_ARG;
83 }
84
85 #endif
86
87 /* ref: $Format:%D$ */
88 /* git commit: $Format:%H$ */
89 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8
9 #include "tomcrypt_private.h"
10
11 #ifdef LTC_MECC
12
13 static int _ecc_cmp_hex_bn(const char *left_hex, void *right_bn, void *tmp_bn)
14 {
15 if (mp_read_radix(tmp_bn, left_hex, 16) != CRYPT_OK) return 0;
16 if (mp_cmp(tmp_bn, right_bn) != LTC_MP_EQ) return 0;
17 return 1;
18 }
19
20 static void _ecc_oid_lookup(ecc_key *key)
21 {
22 void *bn;
23 const ltc_ecc_curve *curve;
24
25 key->dp.oidlen = 0;
26 if (mp_init(&bn) != CRYPT_OK) return;
27 for (curve = ltc_ecc_curves; curve->prime != NULL; curve++) {
28 if (_ecc_cmp_hex_bn(curve->prime, key->dp.prime, bn) != 1) continue;
29 if (_ecc_cmp_hex_bn(curve->order, key->dp.order, bn) != 1) continue;
30 if (_ecc_cmp_hex_bn(curve->A, key->dp.A, bn) != 1) continue;
31 if (_ecc_cmp_hex_bn(curve->B, key->dp.B, bn) != 1) continue;
32 if (_ecc_cmp_hex_bn(curve->Gx, key->dp.base.x, bn) != 1) continue;
33 if (_ecc_cmp_hex_bn(curve->Gy, key->dp.base.y, bn) != 1) continue;
34 if (key->dp.cofactor != curve->cofactor) continue;
35 break; /* found */
36 }
37 mp_clear(bn);
38 if (curve->prime && curve->OID) {
39 key->dp.oidlen = 16; /* size of key->dp.oid */
40 pk_oid_str_to_num(curve->OID, key->dp.oid, &key->dp.oidlen);
41 }
42 }
43
44 int ecc_copy_curve(const ecc_key *srckey, ecc_key *key)
45 {
46 unsigned long i;
47 int err;
48
49 LTC_ARGCHK(key != NULL);
50 LTC_ARGCHK(srckey != NULL);
51
52 if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B,
53 &key->dp.base.x, &key->dp.base.y, &key->dp.base.z,
54 &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k,
55 NULL)) != CRYPT_OK) {
56 return err;
57 }
58
59 /* A, B, order, prime, Gx, Gy */
60 if ((err = mp_copy(srckey->dp.prime, key->dp.prime )) != CRYPT_OK) { goto error; }
61 if ((err = mp_copy(srckey->dp.order, key->dp.order )) != CRYPT_OK) { goto error; }
62 if ((err = mp_copy(srckey->dp.A, key->dp.A )) != CRYPT_OK) { goto error; }
63 if ((err = mp_copy(srckey->dp.B, key->dp.B )) != CRYPT_OK) { goto error; }
64 if ((err = ltc_ecc_copy_point(&srckey->dp.base, &key->dp.base)) != CRYPT_OK) { goto error; }
65 /* cofactor & size */
66 key->dp.cofactor = srckey->dp.cofactor;
67 key->dp.size = srckey->dp.size;
68 /* OID */
69 if (srckey->dp.oidlen > 0) {
70 key->dp.oidlen = srckey->dp.oidlen;
71 for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = srckey->dp.oid[i];
72 }
73 else {
74 _ecc_oid_lookup(key); /* try to find OID in ltc_ecc_curves */
75 }
76 /* success */
77 return CRYPT_OK;
78
79 error:
80 ecc_free(key);
81 return err;
82 }
83
84 int ecc_set_curve_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key)
85 {
86 int err;
87
88 LTC_ARGCHK(key != NULL);
89 LTC_ARGCHK(a != NULL);
90 LTC_ARGCHK(b != NULL);
91 LTC_ARGCHK(prime != NULL);
92 LTC_ARGCHK(order != NULL);
93 LTC_ARGCHK(gx != NULL);
94 LTC_ARGCHK(gy != NULL);
95
96 if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B,
97 &key->dp.base.x, &key->dp.base.y, &key->dp.base.z,
98 &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k,
99 NULL)) != CRYPT_OK) {
100 return err;
101 }
102
103 /* A, B, order, prime, Gx, Gy */
104 if ((err = mp_copy(prime, key->dp.prime )) != CRYPT_OK) { goto error; }
105 if ((err = mp_copy(order, key->dp.order )) != CRYPT_OK) { goto error; }
106 if ((err = mp_copy(a, key->dp.A )) != CRYPT_OK) { goto error; }
107 if ((err = mp_copy(b, key->dp.B )) != CRYPT_OK) { goto error; }
108 if ((err = mp_copy(gx, key->dp.base.x)) != CRYPT_OK) { goto error; }
109 if ((err = mp_copy(gy, key->dp.base.y)) != CRYPT_OK) { goto error; }
110 if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; }
111 /* cofactor & size */
112 key->dp.cofactor = cofactor;
113 key->dp.size = mp_unsigned_bin_size(prime);
114 /* try to find OID in ltc_ecc_curves */
115 _ecc_oid_lookup(key);
116 /* success */
117 return CRYPT_OK;
118
119 error:
120 ecc_free(key);
121 return err;
122 }
123
124 #endif
125
126 /* ref: $Format:%D$ */
127 /* git commit: $Format:%H$ */
128 /* commit time: $Format:%ai$ */
+0
-90
src/ltc/pk/ecc/ecc_set_dp.c less more
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8
9 #include "tomcrypt_private.h"
10
11 #ifdef LTC_MECC
12
13 int ecc_set_dp(const ltc_ecc_curve *curve, ecc_key *key)
14 {
15 int err;
16
17 LTC_ARGCHK(key != NULL);
18 LTC_ARGCHK(curve != NULL);
19
20 if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B,
21 &key->dp.base.x, &key->dp.base.y, &key->dp.base.z,
22 &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k,
23 NULL)) != CRYPT_OK) {
24 return err;
25 }
26
27 /* A, B, order, prime, Gx, Gy */
28 if ((err = mp_read_radix(key->dp.prime, curve->prime, 16)) != CRYPT_OK) { goto error; }
29 if ((err = mp_read_radix(key->dp.order, curve->order, 16)) != CRYPT_OK) { goto error; }
30 if ((err = mp_read_radix(key->dp.A, curve->A, 16)) != CRYPT_OK) { goto error; }
31 if ((err = mp_read_radix(key->dp.B, curve->B, 16)) != CRYPT_OK) { goto error; }
32 if ((err = mp_read_radix(key->dp.base.x, curve->Gx, 16)) != CRYPT_OK) { goto error; }
33 if ((err = mp_read_radix(key->dp.base.y, curve->Gy, 16)) != CRYPT_OK) { goto error; }
34 if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; }
35 /* cofactor & size */
36 key->dp.cofactor = curve->cofactor;
37 key->dp.size = mp_unsigned_bin_size(key->dp.prime);
38 /* OID string >> unsigned long oid[16] + oidlen */
39 key->dp.oidlen = 16;
40 if ((err = pk_oid_str_to_num(curve->OID, key->dp.oid, &key->dp.oidlen)) != CRYPT_OK) { goto error; }
41 /* success */
42 return CRYPT_OK;
43
44 error:
45 ecc_free(key);
46 return err;
47 }
48
49 int ecc_set_dp_by_size(int size, ecc_key *key)
50 {
51 const ltc_ecc_curve *cu = NULL;
52 int err = CRYPT_ERROR;
53
54 /* for compatibility with libtomcrypt-1.17 the sizes below must match the specific curves */
55 if (size <= 14) {
56 err = ecc_get_curve("SECP112R1", &cu);
57 }
58 else if (size <= 16) {
59 err = ecc_get_curve("SECP128R1", &cu);
60 }
61 else if (size <= 20) {
62 err = ecc_get_curve("SECP160R1", &cu);
63 }
64 else if (size <= 24) {
65 err = ecc_get_curve("SECP192R1", &cu);
66 }
67 else if (size <= 28) {
68 err = ecc_get_curve("SECP224R1", &cu);
69 }
70 else if (size <= 32) {
71 err = ecc_get_curve("SECP256R1", &cu);
72 }
73 else if (size <= 48) {
74 err = ecc_get_curve("SECP384R1", &cu);
75 }
76 else if (size <= 66) {
77 err = ecc_get_curve("SECP521R1", &cu);
78 }
79
80 if (err == CRYPT_OK && cu != NULL) return ecc_set_dp(cu, key);
81
82 return CRYPT_INVALID_ARG;
83 }
84
85 #endif
86
87 /* ref: $Format:%D$ */
88 /* git commit: $Format:%H$ */
89 /* commit time: $Format:%ai$ */
+0
-129
src/ltc/pk/ecc/ecc_set_dp_internal.c less more
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8
9 #include "tomcrypt_private.h"
10
11 #ifdef LTC_MECC
12
13 static int _ecc_cmp_hex_bn(const char *left_hex, void *right_bn, void *tmp_bn)
14 {
15 if (mp_read_radix(tmp_bn, left_hex, 16) != CRYPT_OK) return 0;
16 if (mp_cmp(tmp_bn, right_bn) != LTC_MP_EQ) return 0;
17 return 1;
18 }
19
20 static void _ecc_oid_lookup(ecc_key *key)
21 {
22 void *bn;
23 const ltc_ecc_curve *curve;
24
25 key->dp.oidlen = 0;
26 if (mp_init(&bn) != CRYPT_OK) return;
27 for (curve = ltc_ecc_curves; curve->prime != NULL; curve++) {
28 if (_ecc_cmp_hex_bn(curve->prime, key->dp.prime, bn) != 1) continue;
29 if (_ecc_cmp_hex_bn(curve->order, key->dp.order, bn) != 1) continue;
30 if (_ecc_cmp_hex_bn(curve->A, key->dp.A, bn) != 1) continue;
31 if (_ecc_cmp_hex_bn(curve->B, key->dp.B, bn) != 1) continue;
32 if (_ecc_cmp_hex_bn(curve->Gx, key->dp.base.x, bn) != 1) continue;
33 if (_ecc_cmp_hex_bn(curve->Gy, key->dp.base.y, bn) != 1) continue;
34 if (key->dp.cofactor != curve->cofactor) continue;
35 break; /* found */
36 }
37 mp_clear(bn);
38 if (curve->prime && curve->OID) {
39 key->dp.oidlen = 16; /* size of key->dp.oid */
40 pk_oid_str_to_num(curve->OID, key->dp.oid, &key->dp.oidlen);
41 }
42 }
43
44 int ecc_copy_dp(const ecc_key *srckey, ecc_key *key)
45 {
46 unsigned long i;
47 int err;
48
49 LTC_ARGCHK(key != NULL);
50 LTC_ARGCHK(srckey != NULL);
51
52 if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B,
53 &key->dp.base.x, &key->dp.base.y, &key->dp.base.z,
54 &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k,
55 NULL)) != CRYPT_OK) {
56 return err;
57 }
58
59 /* A, B, order, prime, Gx, Gy */
60 if ((err = mp_copy(srckey->dp.prime, key->dp.prime )) != CRYPT_OK) { goto error; }
61 if ((err = mp_copy(srckey->dp.order, key->dp.order )) != CRYPT_OK) { goto error; }
62 if ((err = mp_copy(srckey->dp.A, key->dp.A )) != CRYPT_OK) { goto error; }
63 if ((err = mp_copy(srckey->dp.B, key->dp.B )) != CRYPT_OK) { goto error; }
64 if ((err = ltc_ecc_copy_point(&srckey->dp.base, &key->dp.base)) != CRYPT_OK) { goto error; }
65 /* cofactor & size */
66 key->dp.cofactor = srckey->dp.cofactor;
67 key->dp.size = srckey->dp.size;
68 /* OID */
69 if (srckey->dp.oidlen > 0) {
70 key->dp.oidlen = srckey->dp.oidlen;
71 for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = srckey->dp.oid[i];
72 }
73 else {
74 _ecc_oid_lookup(key); /* try to find OID in ltc_ecc_curves */
75 }
76 /* success */
77 return CRYPT_OK;
78
79 error:
80 ecc_free(key);
81 return err;
82 }
83
84 int ecc_set_dp_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key)
85 {
86 int err;
87
88 LTC_ARGCHK(key != NULL);
89 LTC_ARGCHK(a != NULL);
90 LTC_ARGCHK(b != NULL);
91 LTC_ARGCHK(prime != NULL);
92 LTC_ARGCHK(order != NULL);
93 LTC_ARGCHK(gx != NULL);
94 LTC_ARGCHK(gy != NULL);
95
96 if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B,
97 &key->dp.base.x, &key->dp.base.y, &key->dp.base.z,
98 &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k,
99 NULL)) != CRYPT_OK) {
100 return err;
101 }
102
103 /* A, B, order, prime, Gx, Gy */
104 if ((err = mp_copy(prime, key->dp.prime )) != CRYPT_OK) { goto error; }
105 if ((err = mp_copy(order, key->dp.order )) != CRYPT_OK) { goto error; }
106 if ((err = mp_copy(a, key->dp.A )) != CRYPT_OK) { goto error; }
107 if ((err = mp_copy(b, key->dp.B )) != CRYPT_OK) { goto error; }
108 if ((err = mp_copy(gx, key->dp.base.x)) != CRYPT_OK) { goto error; }
109 if ((err = mp_copy(gy, key->dp.base.y)) != CRYPT_OK) { goto error; }
110 if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; }
111 /* cofactor & size */
112 key->dp.cofactor = cofactor;
113