Package list libcryptx-perl / 54385f9
update libtomcrypt to: e01e4c5c 2019-06-11 07:55:21 +0200 Karel Miko 2 years ago
27 changed file(s) with 1696 addition(s) and 90 deletion(s). Raw diff Collapse all Expand all
103103 ltc/pk/dsa/dsa_encrypt_key.o ltc/pk/dsa/dsa_export.o ltc/pk/dsa/dsa_free.o ltc/pk/dsa/dsa_generate_key.o \
104104 ltc/pk/dsa/dsa_generate_pqg.o ltc/pk/dsa/dsa_import.o ltc/pk/dsa/dsa_make_key.o ltc/pk/dsa/dsa_set.o \
105105 ltc/pk/dsa/dsa_set_pqg_dsaparam.o ltc/pk/dsa/dsa_shared_secret.o ltc/pk/dsa/dsa_sign_hash.o \
106 ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ecc/ecc.o ltc/pk/ecc/ecc_ansi_x963_export.o \
107 ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o ltc/pk/ecc/ecc_encrypt_key.o \
108 ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_find_curve.o \
109 ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_oid_str.o ltc/pk/ecc/ecc_get_size.o \
110 ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o ltc/pk/ecc/ecc_import_pkcs8.o \
111 ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o ltc/pk/ecc/ecc_recover_key.o \
112 ltc/pk/ecc/ecc_set_curve.o ltc/pk/ecc/ecc_set_curve_internal.o ltc/pk/ecc/ecc_set_key.o \
113 ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o \
114 ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.o ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ltc_ecc_export_point.o \
115 ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o \
116 ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o ltc/pk/ecc/ltc_ecc_mulmod.o \
117 ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o ltc/pk/ecc/ltc_ecc_projective_add_point.o \
118 ltc/pk/ecc/ltc_ecc_projective_dbl_point.o ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/pkcs1/pkcs_1_i2osp.o \
119 ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o ltc/pk/pkcs1/pkcs_1_oaep_encode.o \
120 ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o ltc/pk/pkcs1/pkcs_1_pss_encode.o \
121 ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o ltc/pk/rsa/rsa_decrypt_key.o \
122 ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o \
123 ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o \
124 ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \
125 ltc/pk/rsa/rsa_verify_hash.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \
126 ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o ltc/prngs/sober128.o ltc/prngs/sprng.o \
127 ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o ltc/stream/chacha/chacha_done.o \
128 ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o ltc/stream/chacha/chacha_keystream.o \
129 ltc/stream/chacha/chacha_memory.o ltc/stream/chacha/chacha_setup.o ltc/stream/rabbit/rabbit.o \
130 ltc/stream/rabbit/rabbit_memory.o ltc/stream/rc4/rc4_stream.o ltc/stream/rc4/rc4_stream_memory.o \
131 ltc/stream/salsa20/salsa20_crypt.o ltc/stream/salsa20/salsa20_done.o ltc/stream/salsa20/salsa20_ivctr64.o \
132 ltc/stream/salsa20/salsa20_keystream.o ltc/stream/salsa20/salsa20_memory.o ltc/stream/salsa20/salsa20_setup.o \
133 ltc/stream/salsa20/xsalsa20_memory.o ltc/stream/salsa20/xsalsa20_setup.o ltc/stream/sober128/sober128_stream.o \
134 ltc/stream/sober128/sober128_stream_memory.o ltc/stream/sosemanuk/sosemanuk.o ltc/stream/sosemanuk/sosemanuk_memory.o \
135 ltm/bncore.o ltm/bn_error.o ltm/bn_fast_mp_invmod.o ltm/bn_fast_mp_montgomery_reduce.o \
136 ltm/bn_fast_s_mp_mul_digs.o ltm/bn_fast_s_mp_mul_high_digs.o ltm/bn_fast_s_mp_sqr.o \
137 ltm/bn_mp_2expt.o ltm/bn_mp_abs.o ltm/bn_mp_add.o ltm/bn_mp_addmod.o ltm/bn_mp_add_d.o \
138 ltm/bn_mp_and.o ltm/bn_mp_clamp.o ltm/bn_mp_clear.o ltm/bn_mp_clear_multi.o ltm/bn_mp_cmp.o \
139 ltm/bn_mp_cmp_d.o ltm/bn_mp_cmp_mag.o ltm/bn_mp_cnt_lsb.o ltm/bn_mp_complement.o \
140 ltm/bn_mp_copy.o ltm/bn_mp_count_bits.o ltm/bn_mp_div.o ltm/bn_mp_div_2.o ltm/bn_mp_div_2d.o \
141 ltm/bn_mp_div_3.o ltm/bn_mp_div_d.o ltm/bn_mp_dr_is_modulus.o ltm/bn_mp_dr_reduce.o \
142 ltm/bn_mp_dr_setup.o ltm/bn_mp_exch.o ltm/bn_mp_export.o ltm/bn_mp_exptmod.o ltm/bn_mp_exptmod_fast.o \
143 ltm/bn_mp_expt_d.o ltm/bn_mp_expt_d_ex.o ltm/bn_mp_exteuclid.o ltm/bn_mp_fread.o \
144 ltm/bn_mp_fwrite.o ltm/bn_mp_gcd.o ltm/bn_mp_get_bit.o ltm/bn_mp_get_int.o ltm/bn_mp_get_long.o \
145 ltm/bn_mp_grow.o ltm/bn_mp_import.o ltm/bn_mp_init.o ltm/bn_mp_init_copy.o ltm/bn_mp_init_multi.o \
106 ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ec25519/ec25519_export.o \
107 ltc/pk/ec25519/ec25519_import_pkcs8.o ltc/pk/ec25519/tweetnacl.o ltc/pk/ecc/ecc.o \
108 ltc/pk/ecc/ecc_ansi_x963_export.o ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o \
109 ltc/pk/ecc/ecc_encrypt_key.o ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o \
110 ltc/pk/ecc/ecc_find_curve.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_oid_str.o \
111 ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o \
112 ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o \
113 ltc/pk/ecc/ecc_recover_key.o ltc/pk/ecc/ecc_set_curve.o ltc/pk/ecc/ecc_set_curve_internal.o \
114 ltc/pk/ecc/ecc_set_key.o ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o \
115 ltc/pk/ecc/ecc_sizes.o ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.o ltc/pk/ecc/ecc_verify_hash.o \
116 ltc/pk/ecc/ltc_ecc_export_point.o ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o \
117 ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o \
118 ltc/pk/ecc/ltc_ecc_mulmod.o ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o \
119 ltc/pk/ecc/ltc_ecc_projective_add_point.o ltc/pk/ecc/ltc_ecc_projective_dbl_point.o \
120 ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/ed25519/ed25519_export.o ltc/pk/ed25519/ed25519_import.o \
121 ltc/pk/ed25519/ed25519_import_pkcs8.o ltc/pk/ed25519/ed25519_import_x509.o ltc/pk/ed25519/ed25519_make_key.o \
122 ltc/pk/ed25519/ed25519_set_key.o ltc/pk/ed25519/ed25519_sign.o ltc/pk/ed25519/ed25519_verify.o \
123 ltc/pk/pkcs1/pkcs_1_i2osp.o ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o \
124 ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o \
125 ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o \
126 ltc/pk/rsa/rsa_decrypt_key.o ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o \
127 ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o \
128 ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o ltc/pk/rsa/rsa_make_key.o \
129 ltc/pk/rsa/rsa_set.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \
130 ltc/pk/rsa/rsa_verify_hash.o ltc/pk/x25519/x25519_export.o ltc/pk/x25519/x25519_import.o \
131 ltc/pk/x25519/x25519_import_pkcs8.o ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o \
132 ltc/pk/x25519/x25519_set_key.o ltc/pk/x25519/x25519_shared_secret.o ltc/prngs/chacha20.o \
133 ltc/prngs/fortuna.o ltc/prngs/rc4.o ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o \
134 ltc/prngs/sober128.o ltc/prngs/sprng.o ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o \
135 ltc/stream/chacha/chacha_done.o ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o \
136 ltc/stream/chacha/chacha_keystream.o ltc/stream/chacha/chacha_memory.o ltc/stream/chacha/chacha_setup.o \
137 ltc/stream/rabbit/rabbit.o ltc/stream/rabbit/rabbit_memory.o ltc/stream/rc4/rc4_stream.o \
138 ltc/stream/rc4/rc4_stream_memory.o ltc/stream/salsa20/salsa20_crypt.o ltc/stream/salsa20/salsa20_done.o \
139 ltc/stream/salsa20/salsa20_ivctr64.o ltc/stream/salsa20/salsa20_keystream.o ltc/stream/salsa20/salsa20_memory.o \
140 ltc/stream/salsa20/salsa20_setup.o ltc/stream/salsa20/xsalsa20_memory.o ltc/stream/salsa20/xsalsa20_setup.o \
141 ltc/stream/sober128/sober128_stream.o ltc/stream/sober128/sober128_stream_memory.o \
142 ltc/stream/sosemanuk/sosemanuk.o ltc/stream/sosemanuk/sosemanuk_memory.o ltm/bncore.o \
143 ltm/bn_error.o ltm/bn_fast_mp_invmod.o ltm/bn_fast_mp_montgomery_reduce.o ltm/bn_fast_s_mp_mul_digs.o \
144 ltm/bn_fast_s_mp_mul_high_digs.o ltm/bn_fast_s_mp_sqr.o ltm/bn_mp_2expt.o ltm/bn_mp_abs.o \
145 ltm/bn_mp_add.o ltm/bn_mp_addmod.o ltm/bn_mp_add_d.o ltm/bn_mp_and.o ltm/bn_mp_clamp.o \
146 ltm/bn_mp_clear.o ltm/bn_mp_clear_multi.o ltm/bn_mp_cmp.o ltm/bn_mp_cmp_d.o ltm/bn_mp_cmp_mag.o \
147 ltm/bn_mp_cnt_lsb.o ltm/bn_mp_complement.o ltm/bn_mp_copy.o ltm/bn_mp_count_bits.o \
148 ltm/bn_mp_div.o ltm/bn_mp_div_2.o ltm/bn_mp_div_2d.o ltm/bn_mp_div_3.o ltm/bn_mp_div_d.o \
149 ltm/bn_mp_dr_is_modulus.o ltm/bn_mp_dr_reduce.o ltm/bn_mp_dr_setup.o ltm/bn_mp_exch.o \
150 ltm/bn_mp_export.o ltm/bn_mp_exptmod.o ltm/bn_mp_exptmod_fast.o ltm/bn_mp_expt_d.o \
151 ltm/bn_mp_expt_d_ex.o ltm/bn_mp_exteuclid.o ltm/bn_mp_fread.o ltm/bn_mp_fwrite.o \
152 ltm/bn_mp_gcd.o ltm/bn_mp_get_bit.o ltm/bn_mp_get_int.o ltm/bn_mp_get_long.o ltm/bn_mp_grow.o \
153 ltm/bn_mp_import.o ltm/bn_mp_init.o ltm/bn_mp_init_copy.o ltm/bn_mp_init_multi.o \
146154 ltm/bn_mp_init_set.o ltm/bn_mp_init_set_int.o ltm/bn_mp_init_size.o ltm/bn_mp_invmod.o \
147155 ltm/bn_mp_invmod_slow.o ltm/bn_mp_is_square.o ltm/bn_mp_jacobi.o ltm/bn_mp_karatsuba_mul.o \
148156 ltm/bn_mp_karatsuba_sqr.o ltm/bn_mp_kronecker.o ltm/bn_mp_lcm.o ltm/bn_mp_lshd.o \
110110 ltc/pk/dsa/dsa_generate_key.obj ltc/pk/dsa/dsa_generate_pqg.obj ltc/pk/dsa/dsa_import.obj \
111111 ltc/pk/dsa/dsa_make_key.obj ltc/pk/dsa/dsa_set.obj ltc/pk/dsa/dsa_set_pqg_dsaparam.obj \
112112 ltc/pk/dsa/dsa_shared_secret.obj ltc/pk/dsa/dsa_sign_hash.obj ltc/pk/dsa/dsa_verify_hash.obj \
113 ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \
113 ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ec25519/ec25519_export.obj ltc/pk/ec25519/ec25519_import_pkcs8.obj \
114 ltc/pk/ec25519/tweetnacl.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \
114115 ltc/pk/ecc/ecc_ansi_x963_import.obj ltc/pk/ecc/ecc_decrypt_key.obj ltc/pk/ecc/ecc_encrypt_key.obj \
115116 ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_openssl.obj ltc/pk/ecc/ecc_find_curve.obj \
116117 ltc/pk/ecc/ecc_free.obj ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_oid_str.obj \
123124 ltc/pk/ecc/ltc_ecc_is_point_at_infinity.obj ltc/pk/ecc/ltc_ecc_map.obj ltc/pk/ecc/ltc_ecc_mul2add.obj \
124125 ltc/pk/ecc/ltc_ecc_mulmod.obj ltc/pk/ecc/ltc_ecc_mulmod_timing.obj ltc/pk/ecc/ltc_ecc_points.obj \
125126 ltc/pk/ecc/ltc_ecc_projective_add_point.obj ltc/pk/ecc/ltc_ecc_projective_dbl_point.obj \
126 ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj \
127 ltc/pk/pkcs1/pkcs_1_oaep_decode.obj ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj \
128 ltc/pk/pkcs1/pkcs_1_pss_decode.obj ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj \
129 ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj \
130 ltc/pk/rsa/rsa_export.obj ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj \
131 ltc/pk/rsa/rsa_import.obj ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj \
132 ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \
133 ltc/pk/rsa/rsa_verify_hash.obj ltc/prngs/chacha20.obj ltc/prngs/fortuna.obj ltc/prngs/rc4.obj \
134 ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj ltc/prngs/sober128.obj ltc/prngs/sprng.obj \
135 ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj ltc/stream/chacha/chacha_done.obj \
136 ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj ltc/stream/chacha/chacha_keystream.obj \
137 ltc/stream/chacha/chacha_memory.obj ltc/stream/chacha/chacha_setup.obj ltc/stream/rabbit/rabbit.obj \
138 ltc/stream/rabbit/rabbit_memory.obj ltc/stream/rc4/rc4_stream.obj ltc/stream/rc4/rc4_stream_memory.obj \
139 ltc/stream/salsa20/salsa20_crypt.obj ltc/stream/salsa20/salsa20_done.obj ltc/stream/salsa20/salsa20_ivctr64.obj \
140 ltc/stream/salsa20/salsa20_keystream.obj ltc/stream/salsa20/salsa20_memory.obj ltc/stream/salsa20/salsa20_setup.obj \
141 ltc/stream/salsa20/xsalsa20_memory.obj ltc/stream/salsa20/xsalsa20_setup.obj ltc/stream/sober128/sober128_stream.obj \
142 ltc/stream/sober128/sober128_stream_memory.obj ltc/stream/sosemanuk/sosemanuk.obj \
143 ltc/stream/sosemanuk/sosemanuk_memory.obj ltm/bncore.obj ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj \
144 ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj ltm/bn_fast_s_mp_mul_high_digs.obj \
145 ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj ltm/bn_mp_add.obj \
146 ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj ltm/bn_mp_clear.obj \
147 ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj ltm/bn_mp_cmp_mag.obj \
148 ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_complement.obj ltm/bn_mp_copy.obj ltm/bn_mp_count_bits.obj \
149 ltm/bn_mp_div.obj ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj \
150 ltm/bn_mp_dr_is_modulus.obj ltm/bn_mp_dr_reduce.obj ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj \
151 ltm/bn_mp_export.obj ltm/bn_mp_exptmod.obj ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj \
152 ltm/bn_mp_expt_d_ex.obj ltm/bn_mp_exteuclid.obj ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj \
153 ltm/bn_mp_gcd.obj ltm/bn_mp_get_bit.obj ltm/bn_mp_get_int.obj ltm/bn_mp_get_long.obj \
154 ltm/bn_mp_grow.obj ltm/bn_mp_import.obj ltm/bn_mp_init.obj ltm/bn_mp_init_copy.obj \
155 ltm/bn_mp_init_multi.obj ltm/bn_mp_init_set.obj ltm/bn_mp_init_set_int.obj ltm/bn_mp_init_size.obj \
156 ltm/bn_mp_invmod.obj ltm/bn_mp_invmod_slow.obj ltm/bn_mp_is_square.obj ltm/bn_mp_jacobi.obj \
157 ltm/bn_mp_karatsuba_mul.obj ltm/bn_mp_karatsuba_sqr.obj ltm/bn_mp_kronecker.obj ltm/bn_mp_lcm.obj \
158 ltm/bn_mp_lshd.obj ltm/bn_mp_mod.obj ltm/bn_mp_mod_2d.obj ltm/bn_mp_mod_d.obj ltm/bn_mp_montgomery_calc_normalization.obj \
159 ltm/bn_mp_montgomery_reduce.obj ltm/bn_mp_montgomery_setup.obj ltm/bn_mp_mul.obj \
160 ltm/bn_mp_mulmod.obj ltm/bn_mp_mul_2.obj ltm/bn_mp_mul_2d.obj ltm/bn_mp_mul_d.obj \
161 ltm/bn_mp_neg.obj ltm/bn_mp_n_root.obj ltm/bn_mp_n_root_ex.obj ltm/bn_mp_or.obj ltm/bn_mp_prime_fermat.obj \
162 ltm/bn_mp_prime_frobenius_underwood.obj ltm/bn_mp_prime_is_divisible.obj ltm/bn_mp_prime_is_prime.obj \
163 ltm/bn_mp_prime_miller_rabin.obj ltm/bn_mp_prime_next_prime.obj ltm/bn_mp_prime_rabin_miller_trials.obj \
164 ltm/bn_mp_prime_random_ex.obj ltm/bn_mp_prime_strong_lucas_selfridge.obj ltm/bn_mp_radix_size.obj \
165 ltm/bn_mp_radix_smap.obj ltm/bn_mp_rand.obj ltm/bn_mp_read_radix.obj ltm/bn_mp_read_signed_bin.obj \
166 ltm/bn_mp_read_unsigned_bin.obj ltm/bn_mp_reduce.obj ltm/bn_mp_reduce_2k.obj ltm/bn_mp_reduce_2k_l.obj \
167 ltm/bn_mp_reduce_2k_setup.obj ltm/bn_mp_reduce_2k_setup_l.obj ltm/bn_mp_reduce_is_2k.obj \
168 ltm/bn_mp_reduce_is_2k_l.obj ltm/bn_mp_reduce_setup.obj ltm/bn_mp_rshd.obj ltm/bn_mp_set.obj \
169 ltm/bn_mp_set_int.obj ltm/bn_mp_set_long.obj ltm/bn_mp_shrink.obj ltm/bn_mp_signed_bin_size.obj \
170 ltm/bn_mp_sqr.obj ltm/bn_mp_sqrmod.obj ltm/bn_mp_sqrt.obj ltm/bn_mp_sqrtmod_prime.obj \
171 ltm/bn_mp_sub.obj ltm/bn_mp_submod.obj ltm/bn_mp_sub_d.obj ltm/bn_mp_tc_and.obj ltm/bn_mp_tc_div_2d.obj \
127 ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/ed25519/ed25519_export.obj ltc/pk/ed25519/ed25519_import.obj \
128 ltc/pk/ed25519/ed25519_import_pkcs8.obj ltc/pk/ed25519/ed25519_import_x509.obj ltc/pk/ed25519/ed25519_make_key.obj \
129 ltc/pk/ed25519/ed25519_set_key.obj ltc/pk/ed25519/ed25519_sign.obj ltc/pk/ed25519/ed25519_verify.obj \
130 ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj ltc/pk/pkcs1/pkcs_1_oaep_decode.obj \
131 ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj ltc/pk/pkcs1/pkcs_1_pss_decode.obj \
132 ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj \
133 ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj ltc/pk/rsa/rsa_export.obj \
134 ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj \
135 ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_make_key.obj \
136 ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \
137 ltc/pk/rsa/rsa_verify_hash.obj ltc/pk/x25519/x25519_export.obj ltc/pk/x25519/x25519_import.obj \
138 ltc/pk/x25519/x25519_import_pkcs8.obj ltc/pk/x25519/x25519_import_x509.obj ltc/pk/x25519/x25519_make_key.obj \
139 ltc/pk/x25519/x25519_set_key.obj ltc/pk/x25519/x25519_shared_secret.obj ltc/prngs/chacha20.obj \
140 ltc/prngs/fortuna.obj ltc/prngs/rc4.obj ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj \
141 ltc/prngs/sober128.obj ltc/prngs/sprng.obj ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj \
142 ltc/stream/chacha/chacha_done.obj ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj \
143 ltc/stream/chacha/chacha_keystream.obj ltc/stream/chacha/chacha_memory.obj ltc/stream/chacha/chacha_setup.obj \
144 ltc/stream/rabbit/rabbit.obj ltc/stream/rabbit/rabbit_memory.obj ltc/stream/rc4/rc4_stream.obj \
145 ltc/stream/rc4/rc4_stream_memory.obj ltc/stream/salsa20/salsa20_crypt.obj ltc/stream/salsa20/salsa20_done.obj \
146 ltc/stream/salsa20/salsa20_ivctr64.obj ltc/stream/salsa20/salsa20_keystream.obj ltc/stream/salsa20/salsa20_memory.obj \
147 ltc/stream/salsa20/salsa20_setup.obj ltc/stream/salsa20/xsalsa20_memory.obj ltc/stream/salsa20/xsalsa20_setup.obj \
148 ltc/stream/sober128/sober128_stream.obj ltc/stream/sober128/sober128_stream_memory.obj \
149 ltc/stream/sosemanuk/sosemanuk.obj ltc/stream/sosemanuk/sosemanuk_memory.obj ltm/bncore.obj \
150 ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj \
151 ltm/bn_fast_s_mp_mul_high_digs.obj ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj \
152 ltm/bn_mp_add.obj ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj \
153 ltm/bn_mp_clear.obj ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj \
154 ltm/bn_mp_cmp_mag.obj ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_complement.obj ltm/bn_mp_copy.obj \
155 ltm/bn_mp_count_bits.obj ltm/bn_mp_div.obj ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj \
156 ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj ltm/bn_mp_dr_is_modulus.obj ltm/bn_mp_dr_reduce.obj \
157 ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj ltm/bn_mp_export.obj ltm/bn_mp_exptmod.obj \
158 ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj ltm/bn_mp_expt_d_ex.obj ltm/bn_mp_exteuclid.obj \
159 ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj ltm/bn_mp_gcd.obj ltm/bn_mp_get_bit.obj \
160 ltm/bn_mp_get_int.obj ltm/bn_mp_get_long.obj ltm/bn_mp_grow.obj ltm/bn_mp_import.obj \
161 ltm/bn_mp_init.obj ltm/bn_mp_init_copy.obj ltm/bn_mp_init_multi.obj ltm/bn_mp_init_set.obj \
162 ltm/bn_mp_init_set_int.obj ltm/bn_mp_init_size.obj ltm/bn_mp_invmod.obj ltm/bn_mp_invmod_slow.obj \
163 ltm/bn_mp_is_square.obj ltm/bn_mp_jacobi.obj ltm/bn_mp_karatsuba_mul.obj ltm/bn_mp_karatsuba_sqr.obj \
164 ltm/bn_mp_kronecker.obj ltm/bn_mp_lcm.obj ltm/bn_mp_lshd.obj ltm/bn_mp_mod.obj ltm/bn_mp_mod_2d.obj \
165 ltm/bn_mp_mod_d.obj ltm/bn_mp_montgomery_calc_normalization.obj ltm/bn_mp_montgomery_reduce.obj \
166 ltm/bn_mp_montgomery_setup.obj ltm/bn_mp_mul.obj ltm/bn_mp_mulmod.obj ltm/bn_mp_mul_2.obj \
167 ltm/bn_mp_mul_2d.obj ltm/bn_mp_mul_d.obj ltm/bn_mp_neg.obj ltm/bn_mp_n_root.obj ltm/bn_mp_n_root_ex.obj \
168 ltm/bn_mp_or.obj ltm/bn_mp_prime_fermat.obj ltm/bn_mp_prime_frobenius_underwood.obj \
169 ltm/bn_mp_prime_is_divisible.obj ltm/bn_mp_prime_is_prime.obj ltm/bn_mp_prime_miller_rabin.obj \
170 ltm/bn_mp_prime_next_prime.obj ltm/bn_mp_prime_rabin_miller_trials.obj ltm/bn_mp_prime_random_ex.obj \
171 ltm/bn_mp_prime_strong_lucas_selfridge.obj ltm/bn_mp_radix_size.obj ltm/bn_mp_radix_smap.obj \
172 ltm/bn_mp_rand.obj ltm/bn_mp_read_radix.obj ltm/bn_mp_read_signed_bin.obj ltm/bn_mp_read_unsigned_bin.obj \
173 ltm/bn_mp_reduce.obj ltm/bn_mp_reduce_2k.obj ltm/bn_mp_reduce_2k_l.obj ltm/bn_mp_reduce_2k_setup.obj \
174 ltm/bn_mp_reduce_2k_setup_l.obj ltm/bn_mp_reduce_is_2k.obj ltm/bn_mp_reduce_is_2k_l.obj \
175 ltm/bn_mp_reduce_setup.obj ltm/bn_mp_rshd.obj ltm/bn_mp_set.obj ltm/bn_mp_set_int.obj \
176 ltm/bn_mp_set_long.obj ltm/bn_mp_shrink.obj ltm/bn_mp_signed_bin_size.obj ltm/bn_mp_sqr.obj \
177 ltm/bn_mp_sqrmod.obj ltm/bn_mp_sqrt.obj ltm/bn_mp_sqrtmod_prime.obj ltm/bn_mp_sub.obj \
178 ltm/bn_mp_submod.obj ltm/bn_mp_sub_d.obj ltm/bn_mp_tc_and.obj ltm/bn_mp_tc_div_2d.obj \
172179 ltm/bn_mp_tc_or.obj ltm/bn_mp_tc_xor.obj ltm/bn_mp_toom_mul.obj ltm/bn_mp_toom_sqr.obj \
173180 ltm/bn_mp_toradix.obj ltm/bn_mp_toradix_n.obj ltm/bn_mp_to_signed_bin.obj ltm/bn_mp_to_signed_bin_n.obj \
174181 ltm/bn_mp_to_unsigned_bin.obj ltm/bn_mp_to_unsigned_bin_n.obj ltm/bn_mp_unsigned_bin_size.obj \
205205 #ifdef _MSC_VER
206206 #define CONST64(n) n ## ui64
207207 typedef unsigned __int64 ulong64;
208 typedef __int64 long64;
208209 #else
209210 #define CONST64(n) n ## ULL
210211 typedef unsigned long long ulong64;
212 typedef long long long64;
211213 #endif
212214
213215 /* ulong32: "32-bit at least" data type */
429429
430430 /* Digital Signature Algorithm */
431431 #define LTC_MDSA
432
433 /* Ed25519 & X25519 */
434 #define LTC_CURVE25519
432435
433436 /* ECC */
434437 #define LTC_MECC
323323 int recid, ecc_signature_type sigformat, ecc_key *key);
324324
325325 #endif
326
327 #ifdef LTC_CURVE25519
328
329 typedef struct {
330 /** The key type, PK_PRIVATE or PK_PUBLIC */
331 enum public_key_type type;
332
333 /** The PK-algorithm, PKA_ED25519 or PKA_X25519 */
334 /** This was supposed to be:
335 * enum public_key_algorithms algo;
336 * but that enum is now in tomcrypt_private.h
337 */
338 int algo;
339
340 /** The private key */
341 unsigned char priv[32];
342
343 /** The public key */
344 unsigned char pub[32];
345 } curve25519_key;
346
347
348 /** Ed25519 Signature API */
349 int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key);
350
351 int ed25519_set_key(const unsigned char *sk, unsigned long sklen,
352 const unsigned char *pk, unsigned long pklen,
353 curve25519_key *key);
354
355 int ed25519_export( unsigned char *out, unsigned long *outlen,
356 int which,
357 const curve25519_key *key);
358
359 int ed25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key);
360 int ed25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key);
361 int ed25519_import_pkcs8(const unsigned char *in, unsigned long inlen,
362 const void *pwd, unsigned long pwdlen,
363 curve25519_key *key);
364
365 int ed25519_sign(const unsigned char *msg, unsigned long msglen,
366 unsigned char *sig, unsigned long *siglen,
367 const curve25519_key *private_key);
368
369 int ed25519_verify(const unsigned char *msg, unsigned long msglen,
370 const unsigned char *sig, unsigned long siglen,
371 int *stat, const curve25519_key *public_key);
372
373 /** X25519 Key-Exchange API */
374 int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key);
375
376 int x25519_set_key(const unsigned char *k, unsigned long klen,
377 const unsigned char *u, unsigned long ulen,
378 curve25519_key *key);
379
380 int x25519_export( unsigned char *out, unsigned long *outlen,
381 int which,
382 const curve25519_key *key);
383
384 int x25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key);
385 int x25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key);
386 int x25519_import_pkcs8(const unsigned char *in, unsigned long inlen,
387 const void *pwd, unsigned long pwdlen,
388 curve25519_key *key);
389
390 int x25519_shared_secret(const curve25519_key *private_key,
391 const curve25519_key *public_key,
392 unsigned char *out, unsigned long *outlen);
393
394 #endif /* LTC_CURVE25519 */
326395
327396 #ifdef LTC_MDSA
328397
2222 PKA_RSA,
2323 PKA_DSA,
2424 PKA_EC,
25 PKA_EC_PRIMEF
25 PKA_EC_PRIMEF,
26 PKA_X25519,
27 PKA_ED25519,
2628 };
2729
2830 /*
296298 int dsa_int_validate_primes(const dsa_key *key, int *stat);
297299 #endif /* LTC_MDSA */
298300
301
302 #ifdef LTC_CURVE25519
303
304 int tweetnacl_crypto_sign(
305 unsigned char *sm,unsigned long long *smlen,
306 const unsigned char *m,unsigned long long mlen,
307 const unsigned char *sk, const unsigned char *pk);
308 int tweetnacl_crypto_sign_open(
309 int *stat,
310 unsigned char *m,unsigned long long *mlen,
311 const unsigned char *sm,unsigned long long smlen,
312 const unsigned char *pk);
313 int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, unsigned char *pk,unsigned char *sk);
314 int tweetnacl_crypto_sk_to_pk(unsigned char *pk, const unsigned char *sk);
315 int tweetnacl_crypto_scalarmult(unsigned char *q, const unsigned char *n, const unsigned char *p);
316 int tweetnacl_crypto_scalarmult_base(unsigned char *q,const unsigned char *n);
317
318 typedef int (*sk_to_pk)(unsigned char *pk ,const unsigned char *sk);
319 int ec25519_import_pkcs8(const unsigned char *in, unsigned long inlen,
320 const void *pwd, unsigned long pwdlen,
321 enum ltc_oid_id id, sk_to_pk fp,
322 curve25519_key *key);
323 int ec25519_export( unsigned char *out, unsigned long *outlen,
324 int which,
325 const curve25519_key *key);
326 #endif /* LTC_CURVE25519 */
327
299328 #ifdef LTC_DER
300329
301330 #define LTC_ASN1_IS_TYPE(e, t) (((e) != NULL) && ((e)->type == (t)))
352352 #if defined(LTC_MDSA)
353353 " DSA\n"
354354 #endif
355 #if defined(LTC_CURVE25519)
356 #if defined(LTC_CURVE25519)
357 " Ed25519\n"
358 #endif
359 #if defined(LTC_CURVE25519)
360 " X25519\n"
361 #endif
362 #endif
355363 #if defined(LTC_PK_MAX_RETRIES)
356364 " "NAME_VALUE(LTC_PK_MAX_RETRIES)"\n"
357365 #endif
1919 { PKA_DSA, "1.2.840.10040.4.1" },
2020 { PKA_EC, "1.2.840.10045.2.1" },
2121 { PKA_EC_PRIMEF, "1.2.840.10045.1.1" },
22 { PKA_X25519, "1.3.101.110" },
23 { PKA_ED25519, "1.3.101.112" },
2224 };
2325
2426 /*
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ec25519_export.c
12 Generic export of a Curve/Ed25519 key to a binary packet, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Generic export of a Curve/Ed25519 key to a binary packet
19 @param out [out] The destination for the key
20 @param outlen [in/out] The max size and resulting size of the Ed25519 key
21 @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC)
22 @param key The key you wish to export
23 @return CRYPT_OK if successful
24 */
25 int ec25519_export( unsigned char *out, unsigned long *outlen,
26 int which,
27 const curve25519_key *key)
28 {
29 int err, std;
30 const char* OID;
31 unsigned long oid[16], oidlen;
32 ltc_asn1_list alg_id[1];
33 unsigned char private_key[34];
34 unsigned long version, private_key_len = sizeof(private_key);
35
36 LTC_ARGCHK(out != NULL);
37 LTC_ARGCHK(outlen != NULL);
38 LTC_ARGCHK(key != NULL);
39
40 std = which & PK_STD;
41 which &= ~PK_STD;
42
43 if (which == PK_PRIVATE) {
44 if(key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE;
45
46 if (std == PK_STD) {
47 if ((err = pk_get_oid(key->algo, &OID)) != CRYPT_OK) {
48 return err;
49 }
50 oidlen = sizeof(oid)/sizeof(oid[0]);
51 if ((err = pk_oid_str_to_num(OID, oid, &oidlen)) != CRYPT_OK) {
52 return err;
53 }
54
55 LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, oidlen);
56
57 /* encode private key as PKCS#8 */
58 if ((err = der_encode_octet_string(key->priv, 32uL, private_key, &private_key_len)) != CRYPT_OK) {
59 return err;
60 }
61
62 version = 0;
63 err = der_encode_sequence_multi(out, outlen,
64 LTC_ASN1_SHORT_INTEGER, 1uL, &version,
65 LTC_ASN1_SEQUENCE, 1uL, alg_id,
66 LTC_ASN1_OCTET_STRING, private_key_len, private_key,
67 LTC_ASN1_EOL, 0uL, NULL);
68 } else {
69 if (*outlen < sizeof(key->priv)) {
70 err = CRYPT_BUFFER_OVERFLOW;
71 } else {
72 XMEMCPY(out, key->priv, sizeof(key->priv));
73 err = CRYPT_OK;
74 }
75 *outlen = sizeof(key->priv);
76 }
77 } else {
78 if (std == PK_STD) {
79 /* encode public key as SubjectPublicKeyInfo */
80 err = x509_encode_subject_public_key_info(out, outlen, key->algo, key->pub, 32uL, LTC_ASN1_EOL, NULL, 0);
81 } else {
82 if (*outlen < sizeof(key->pub)) {
83 err = CRYPT_BUFFER_OVERFLOW;
84 } else {
85 XMEMCPY(out, key->pub, sizeof(key->pub));
86 err = CRYPT_OK;
87 }
88 *outlen = sizeof(key->pub);
89 }
90 }
91
92 return err;
93 }
94
95 #endif
96
97 /* ref: $Format:%D$ */
98 /* git commit: $Format:%H$ */
99 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ec25519_import_pkcs8.c
12 Generic import of a Curve/Ed25519 private key in PKCS#8 format, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Generic import of a Curve/Ed25519 private key in PKCS#8 format
19 @param in The DER-encoded PKCS#8-formatted private key
20 @param inlen The length of the input data
21 @param passwd The password to decrypt the private key
22 @param passwdlen Password's length (octets)
23 @param key [out] Where to import the key to
24 @return CRYPT_OK if successful, on error all allocated memory is freed automatically
25 */
26 int ec25519_import_pkcs8(const unsigned char *in, unsigned long inlen,
27 const void *pwd, unsigned long pwdlen,
28 enum ltc_oid_id id, sk_to_pk fp,
29 curve25519_key *key)
30 {
31 int err;
32 ltc_asn1_list *l = NULL;
33 const char *oid;
34 ltc_asn1_list alg_id[1];
35 unsigned char private_key[34];
36 unsigned long version, key_len;
37 unsigned long tmpoid[16];
38
39 LTC_ARGCHK(in != NULL);
40 LTC_ARGCHK(key != NULL);
41 LTC_ARGCHK(fp != NULL);
42
43 if ((err = pkcs8_decode_flexi(in, inlen, pwd, pwdlen, &l)) == CRYPT_OK) {
44
45 LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid) / sizeof(tmpoid[0]));
46
47 key_len = sizeof(private_key);
48 if ((err = der_decode_sequence_multi(l->data, l->size,
49 LTC_ASN1_SHORT_INTEGER, 1uL, &version,
50 LTC_ASN1_SEQUENCE, 1uL, alg_id,
51 LTC_ASN1_OCTET_STRING, key_len, private_key,
52 LTC_ASN1_EOL, 0uL, NULL))
53 != CRYPT_OK) {
54 /* If there are attributes added after the private_key it is tagged with version 1 and
55 * we get an 'input too long' error but the rest is already decoded and can be
56 * handled the same as for version 0
57 */
58 if ((err == CRYPT_INPUT_TOO_LONG) && (version == 1)) {
59 version = 0;
60 } else {
61 goto out;
62 }
63 }
64
65 if ((err = pk_get_oid(id, &oid)) != CRYPT_OK) {
66 goto out;
67 }
68 if ((err = pk_oid_cmp_with_asn1(oid, &alg_id[0])) != CRYPT_OK) {
69 goto out;
70 }
71
72 if (version == 0) {
73 key_len = sizeof(key->priv);
74 if ((err = der_decode_octet_string(private_key, sizeof(private_key), key->priv, &key_len)) == CRYPT_OK) {
75 fp(key->pub, key->priv);
76 key->type = PK_PRIVATE;
77 key->algo = id;
78 }
79 } else {
80 err = CRYPT_PK_INVALID_TYPE;
81 }
82 }
83 out:
84 if (l) der_free_sequence_flexi(l);
85 #ifdef LTC_CLEAN_STACK
86 zeromem(private_key, sizeof(private_key));
87 #endif
88
89 return err;
90 }
91
92 #endif
93
94 /* ref: $Format:%D$ */
95 /* git commit: $Format:%H$ */
96 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /* automatically generated file, do not edit */
11
12 #define FOR(i,n) for (i = 0;i < n;++i)
13 #define sv static void
14
15 typedef unsigned char u8;
16 typedef ulong32 u32;
17 typedef ulong64 u64;
18 typedef long64 i64;
19 typedef i64 gf[16];
20
21 static const u8
22 _9[32] = {9};
23 static const gf
24 gf0,
25 gf1 = {1},
26 _121665 = {0xDB41,1},
27 D = {0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203},
28 D2 = {0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406},
29 X = {0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169},
30 Y = {0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666},
31 I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83};
32
33 static int vn(const u8 *x,const u8 *y,int n)
34 {
35 int i;
36 u32 d = 0;
37 FOR(i,n) d |= x[i]^y[i];
38 return (1 & ((d - 1) >> 8)) - 1;
39 }
40
41 static int tweetnacl_crypto_verify_32(const u8 *x,const u8 *y)
42 {
43 return vn(x,y,32);
44 }
45
46 sv set25519(gf r, const gf a)
47 {
48 int i;
49 FOR(i,16) r[i]=a[i];
50 }
51
52 sv car25519(gf o)
53 {
54 int i;
55 i64 c;
56 FOR(i,16) {
57 o[i]+=(1LL<<16);
58 c=o[i]>>16;
59 o[(i+1)*(i<15)]+=c-1+37*(c-1)*(i==15);
60 o[i]-=c<<16;
61 }
62 }
63
64 sv sel25519(gf p,gf q,int b)
65 {
66 i64 t,i,c=~(b-1);
67 FOR(i,16) {
68 t= c&(p[i]^q[i]);
69 p[i]^=t;
70 q[i]^=t;
71 }
72 }
73
74 sv pack25519(u8 *o,const gf n)
75 {
76 int i,j,b;
77 gf m,t;
78 FOR(i,16) t[i]=n[i];
79 car25519(t);
80 car25519(t);
81 car25519(t);
82 FOR(j,2) {
83 m[0]=t[0]-0xffed;
84 for(i=1;i<15;i++) {
85 m[i]=t[i]-0xffff-((m[i-1]>>16)&1);
86 m[i-1]&=0xffff;
87 }
88 m[15]=t[15]-0x7fff-((m[14]>>16)&1);
89 b=(m[15]>>16)&1;
90 m[14]&=0xffff;
91 sel25519(t,m,1-b);
92 }
93 FOR(i,16) {
94 o[2*i]=t[i]&0xff;
95 o[2*i+1]=t[i]>>8;
96 }
97 }
98
99 static int neq25519(const gf a, const gf b)
100 {
101 u8 c[32],d[32];
102 pack25519(c,a);
103 pack25519(d,b);
104 return tweetnacl_crypto_verify_32(c,d);
105 }
106
107 static u8 par25519(const gf a)
108 {
109 u8 d[32];
110 pack25519(d,a);
111 return d[0]&1;
112 }
113
114 sv unpack25519(gf o, const u8 *n)
115 {
116 int i;
117 FOR(i,16) o[i]=n[2*i]+((i64)n[2*i+1]<<8);
118 o[15]&=0x7fff;
119 }
120
121 sv A(gf o,const gf a,const gf b)
122 {
123 int i;
124 FOR(i,16) o[i]=a[i]+b[i];
125 }
126
127 sv Z(gf o,const gf a,const gf b)
128 {
129 int i;
130 FOR(i,16) o[i]=a[i]-b[i];
131 }
132
133 sv M(gf o,const gf a,const gf b)
134 {
135 i64 i,j,t[31];
136 FOR(i,31) t[i]=0;
137 FOR(i,16) FOR(j,16) t[i+j]+=a[i]*b[j];
138 FOR(i,15) t[i]+=38*t[i+16];
139 FOR(i,16) o[i]=t[i];
140 car25519(o);
141 car25519(o);
142 }
143
144 sv S(gf o,const gf a)
145 {
146 M(o,a,a);
147 }
148
149 sv inv25519(gf o,const gf i)
150 {
151 gf c;
152 int a;
153 FOR(a,16) c[a]=i[a];
154 for(a=253;a>=0;a--) {
155 S(c,c);
156 if(a!=2&&a!=4) M(c,c,i);
157 }
158 FOR(a,16) o[a]=c[a];
159 }
160
161 sv pow2523(gf o,const gf i)
162 {
163 gf c;
164 int a;
165 FOR(a,16) c[a]=i[a];
166 for(a=250;a>=0;a--) {
167 S(c,c);
168 if(a!=1) M(c,c,i);
169 }
170 FOR(a,16) o[a]=c[a];
171 }
172
173 int tweetnacl_crypto_scalarmult(u8 *q,const u8 *n,const u8 *p)
174 {
175 u8 z[32];
176 i64 x[80],r,i;
177 gf a,b,c,d,e,f;
178 FOR(i,31) z[i]=n[i];
179 z[31]=(n[31]&127)|64;
180 z[0]&=248;
181 unpack25519(x,p);
182 FOR(i,16) {
183 b[i]=x[i];
184 d[i]=a[i]=c[i]=0;
185 }
186 a[0]=d[0]=1;
187 for(i=254;i>=0;--i) {
188 r=(z[i>>3]>>(i&7))&1;
189 sel25519(a,b,r);
190 sel25519(c,d,r);
191 A(e,a,c);
192 Z(a,a,c);
193 A(c,b,d);
194 Z(b,b,d);
195 S(d,e);
196 S(f,a);
197 M(a,c,a);
198 M(c,b,e);
199 A(e,a,c);
200 Z(a,a,c);
201 S(b,a);
202 Z(c,d,f);
203 M(a,c,_121665);
204 A(a,a,d);
205 M(c,c,a);
206 M(a,d,f);
207 M(d,b,x);
208 S(b,e);
209 sel25519(a,b,r);
210 sel25519(c,d,r);
211 }
212 FOR(i,16) {
213 x[i+16]=a[i];
214 x[i+32]=c[i];
215 x[i+48]=b[i];
216 x[i+64]=d[i];
217 }
218 inv25519(x+32,x+32);
219 M(x+16,x+16,x+32);
220 pack25519(q,x+16);
221 return 0;
222 }
223
224 int tweetnacl_crypto_scalarmult_base(u8 *q,const u8 *n)
225 {
226 return tweetnacl_crypto_scalarmult(q,n,_9);
227 }
228
229 static int tweetnacl_crypto_hash(u8 *out,const u8 *m,u64 n)
230 {
231 unsigned long len;
232 int err, hash_idx;
233
234 if (n > ULONG_MAX) return CRYPT_OVERFLOW;
235
236 hash_idx = find_hash("sha512");
237 len = 64;
238 if ((err = hash_memory(hash_idx, m, n, out, &len)) != CRYPT_OK) return err;
239
240 return 0;
241 }
242
243 sv add(gf p[4],gf q[4])
244 {
245 gf a,b,c,d,t,e,f,g,h;
246
247 Z(a, p[1], p[0]);
248 Z(t, q[1], q[0]);
249 M(a, a, t);
250 A(b, p[0], p[1]);
251 A(t, q[0], q[1]);
252 M(b, b, t);
253 M(c, p[3], q[3]);
254 M(c, c, D2);
255 M(d, p[2], q[2]);
256 A(d, d, d);
257 Z(e, b, a);
258 Z(f, d, c);
259 A(g, d, c);
260 A(h, b, a);
261
262 M(p[0], e, f);
263 M(p[1], h, g);
264 M(p[2], g, f);
265 M(p[3], e, h);
266 }
267
268 sv cswap(gf p[4],gf q[4],u8 b)
269 {
270 int i;
271 FOR(i,4)
272 sel25519(p[i],q[i],b);
273 }
274
275 sv pack(u8 *r,gf p[4])
276 {
277 gf tx, ty, zi;
278 inv25519(zi, p[2]);
279 M(tx, p[0], zi);
280 M(ty, p[1], zi);
281 pack25519(r, ty);
282 r[31] ^= par25519(tx) << 7;
283 }
284
285 sv scalarmult(gf p[4],gf q[4],const u8 *s)
286 {
287 int i;
288 set25519(p[0],gf0);
289 set25519(p[1],gf1);
290 set25519(p[2],gf1);
291 set25519(p[3],gf0);
292 for (i = 255;i >= 0;--i) {
293 u8 b = (s[i/8]>>(i&7))&1;
294 cswap(p,q,b);
295 add(q,p);
296 add(p,p);
297 cswap(p,q,b);
298 }
299 }
300
301 sv scalarbase(gf p[4],const u8 *s)
302 {
303 gf q[4];
304 set25519(q[0],X);
305 set25519(q[1],Y);
306 set25519(q[2],gf1);
307 M(q[3],X,Y);
308 scalarmult(p,q,s);
309 }
310
311 int tweetnacl_crypto_sk_to_pk(u8 *pk, const u8 *sk)
312 {
313 u8 d[64];
314 gf p[4];
315 tweetnacl_crypto_hash(d, sk, 32);
316 d[0] &= 248;
317 d[31] &= 127;
318 d[31] |= 64;
319
320 scalarbase(p,d);
321 pack(pk,p);
322
323 return 0;
324 }
325
326 int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, u8 *pk, u8 *sk)
327 {
328 int err;
329
330 /* randombytes(sk,32); */
331 if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
332 return err;
333 }
334
335 if (prng_descriptor[wprng].read(sk,32, prng) != 32) {
336 return CRYPT_ERROR_READPRNG;
337 }
338
339 if ((err = tweetnacl_crypto_sk_to_pk(pk, sk)) != CRYPT_OK) {
340 return err;
341 }
342
343 /* FOR(i,32) sk[32 + i] = pk[i];
344 * we don't copy the pk in the sk */
345 return CRYPT_OK;
346 }
347
348 static const u64 L[32] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10};
349
350 sv modL(u8 *r,i64 x[64])
351 {
352 i64 carry,i,j;
353 for (i = 63;i >= 32;--i) {
354 carry = 0;
355 for (j = i - 32;j < i - 12;++j) {
356 x[j] += carry - 16 * x[i] * L[j - (i - 32)];
357 carry = (x[j] + 128) >> 8;
358 x[j] -= carry << 8;
359 }
360 x[j] += carry;
361 x[i] = 0;
362 }
363 carry = 0;
364 FOR(j,32) {
365 x[j] += carry - (x[31] >> 4) * L[j];
366 carry = x[j] >> 8;
367 x[j] &= 255;
368 }
369 FOR(j,32) x[j] -= carry * L[j];
370 FOR(i,32) {
371 x[i+1] += x[i] >> 8;
372 r[i] = x[i] & 255;
373 }
374 }
375
376 sv reduce(u8 *r)
377 {
378 i64 x[64],i;
379 FOR(i,64) x[i] = (u64) r[i];
380 FOR(i,64) r[i] = 0;
381 modL(r,x);
382 }
383
384 int tweetnacl_crypto_sign(u8 *sm,u64 *smlen,const u8 *m,u64 mlen,const u8 *sk,const u8 *pk)
385 {
386 u8 d[64],h[64],r[64];
387 i64 i,j,x[64];
388 gf p[4];
389
390 tweetnacl_crypto_hash(d, sk, 32);
391 d[0] &= 248;
392 d[31] &= 127;
393 d[31] |= 64;
394
395 *smlen = mlen+64;
396 FOR(i,(i64)mlen) sm[64 + i] = m[i];
397 FOR(i,32) sm[32 + i] = d[32 + i];
398
399 tweetnacl_crypto_hash(r, sm+32, mlen+32);
400 reduce(r);
401 scalarbase(p,r);
402 pack(sm,p);
403
404 FOR(i,32) sm[i+32] = pk[i];
405 tweetnacl_crypto_hash(h,sm,mlen + 64);
406 reduce(h);
407
408 FOR(i,64) x[i] = 0;
409 FOR(i,32) x[i] = (u64) r[i];
410 FOR(i,32) FOR(j,32) x[i+j] += h[i] * (u64) d[j];
411 modL(sm + 32,x);
412
413 return 0;
414 }
415
416 static int unpackneg(gf r[4],const u8 p[32])
417 {
418 gf t, chk, num, den, den2, den4, den6;
419 set25519(r[2],gf1);
420 unpack25519(r[1],p);
421 S(num,r[1]);
422 M(den,num,D);
423 Z(num,num,r[2]);
424 A(den,r[2],den);
425
426 S(den2,den);
427 S(den4,den2);
428 M(den6,den4,den2);
429 M(t,den6,num);
430 M(t,t,den);
431
432 pow2523(t,t);
433 M(t,t,num);
434 M(t,t,den);
435 M(t,t,den);
436 M(r[0],t,den);
437
438 S(chk,r[0]);
439 M(chk,chk,den);
440 if (neq25519(chk, num)) M(r[0],r[0],I);
441
442 S(chk,r[0]);
443 M(chk,chk,den);
444 if (neq25519(chk, num)) return -1;
445
446 if (par25519(r[0]) == (p[31]>>7)) Z(r[0],gf0,r[0]);
447
448 M(r[3],r[0],r[1]);
449 return 0;
450 }
451
452 int tweetnacl_crypto_sign_open(int *stat, u8 *m,u64 *mlen,const u8 *sm,u64 smlen,const u8 *pk)
453 {
454 u64 i;
455 u8 s[32],t[32],h[64];
456 gf p[4],q[4];
457
458 *stat = 0;
459 if (*mlen < smlen) return CRYPT_BUFFER_OVERFLOW;
460 *mlen = -1;
461 if (smlen < 64) return CRYPT_INVALID_ARG;
462
463 if (unpackneg(q,pk)) return CRYPT_ERROR;
464
465 XMEMMOVE(m,sm,smlen);
466 XMEMMOVE(s,m + 32,32);
467 XMEMMOVE(m + 32,pk,32);
468 tweetnacl_crypto_hash(h,m,smlen);
469 reduce(h);
470 scalarmult(p,q,h);
471
472 scalarbase(q,s);
473 add(p,q);
474 pack(t,p);
475
476 smlen -= 64;
477 if (tweetnacl_crypto_verify_32(sm, t)) {
478 FOR(i,smlen) m[i] = 0;
479 zeromem(m, smlen);
480 return CRYPT_OK;
481 }
482
483 *stat = 1;
484 XMEMMOVE(m,m + 64,smlen);
485 *mlen = smlen;
486 return CRYPT_OK;
487 }
488
489 /* ref: $Format:%D$ */
490 /* git commit: $Format:%H$ */
491 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ed25519_export.c
12 Export an Ed25519 key to a binary packet, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Export an Ed25519 key to a binary packet
19 @param out [out] The destination for the key
20 @param outlen [in/out] The max size and resulting size of the Ed25519 key
21 @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC)
22 @param key The key you wish to export
23 @return CRYPT_OK if successful
24 */
25 int ed25519_export( unsigned char *out, unsigned long *outlen,
26 int which,
27 const curve25519_key *key)
28 {
29 LTC_ARGCHK(key != NULL);
30
31 if (key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE;
32
33 return ec25519_export(out, outlen, which, key);
34 }
35
36 #endif
37
38 /* ref: $Format:%D$ */
39 /* git commit: $Format:%H$ */
40 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ed25519_import.c
12 Import a Ed25519 key from a binary packet, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Import an Ed25519 public key
19 @param in The packet to read
20 @param inlen The length of the input packet
21 @param key [out] Where to import the key to
22 @return CRYPT_OK if successful, on error all allocated memory is freed automatically
23 */
24 int ed25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key)
25 {
26 int err;
27 unsigned long key_len;
28
29 LTC_ARGCHK(in != NULL);
30 LTC_ARGCHK(key != NULL);
31
32 key_len = sizeof(key->pub);
33 if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_ED25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) {
34 key->type = PK_PUBLIC;
35 key->algo = PKA_ED25519;
36 }
37 return err;
38 }
39
40 #endif
41
42 /* ref: $Format:%D$ */
43 /* git commit: $Format:%H$ */
44 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ed25519_import_pkcs8.c
12 Import an Ed25519 key in PKCS#8 format, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Import an Ed25519 private key in PKCS#8 format
19 @param in The DER-encoded PKCS#8-formatted private key
20 @param inlen The length of the input data
21 @param passwd The password to decrypt the private key
22 @param passwdlen Password's length (octets)
23 @param key [out] Where to import the key to
24 @return CRYPT_OK if successful, on error all allocated memory is freed automatically
25 */
26 int ed25519_import_pkcs8(const unsigned char *in, unsigned long inlen,
27 const void *pwd, unsigned long pwdlen,
28 curve25519_key *key)
29 {
30 return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, PKA_ED25519, tweetnacl_crypto_sk_to_pk, key);
31 }
32
33 #endif
34
35 /* ref: $Format:%D$ */
36 /* git commit: $Format:%H$ */
37 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ed25519_import_x509.c
12 Import an Ed25519 key from a X.509 certificate, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 static int _ed25519_decode(const unsigned char *in, unsigned long inlen, curve25519_key *key)
18 {
19 if (inlen != sizeof(key->pub)) return CRYPT_PK_INVALID_SIZE;
20 XMEMCPY(key->pub, in, sizeof(key->pub));
21 return CRYPT_OK;
22 }
23
24 /**
25 Import an Ed25519 public key from a X.509 certificate
26 @param in The DER encoded X.509 certificate
27 @param inlen The length of the certificate
28 @param key [out] Where to import the key to
29 @return CRYPT_OK if successful, on error all allocated memory is freed automatically
30 */
31 int ed25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key)
32 {
33 int err;
34
35 LTC_ARGCHK(in != NULL);
36 LTC_ARGCHK(key != NULL);
37
38 if ((err = x509_decode_public_key_from_certificate(in, inlen,
39 PKA_ED25519,
40 LTC_ASN1_EOL, NULL, NULL,
41 (public_key_decode_cb)_ed25519_decode, key)) != CRYPT_OK) {
42 return err;
43 }
44 key->type = PK_PUBLIC;
45 key->algo = PKA_ED25519;
46
47 return err;
48 }
49
50 #endif
51
52 /* ref: $Format:%D$ */
53 /* git commit: $Format:%H$ */
54 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ed25519_make_key.c
12 Create an Ed25519 key, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Create an Ed25519 key
19 @param prng An active PRNG state
20 @param wprng The index of the PRNG desired
21 @param key [out] Destination of a newly created private key pair
22 @return CRYPT_OK if successful
23 */
24 int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key)
25 {
26 int err;
27
28 LTC_ARGCHK(prng != NULL);
29 LTC_ARGCHK(key != NULL);
30
31 if ((err = tweetnacl_crypto_sign_keypair(prng, wprng, key->pub, key->priv)) != CRYPT_OK) {
32 return err;
33 }
34
35 key->type = PK_PRIVATE;
36 key->algo = PKA_ED25519;
37
38 return err;
39 }
40
41 #endif
42
43 /* ref: $Format:%D$ */
44 /* git commit: $Format:%H$ */
45 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ed25519_set_ku.c
12 Set the parameters of an Ed25519 key, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Set the parameters of an Ed25519 key
19
20 In case sk and pk are given it is validated that pk is really the
21 corresponding public part of the key pair.
22
23 @param sk The secret key
24 @param sklen The length of sk
25 @param pk The public key
26 @param pklen The length of pk
27 @param key [out] Destination of the key
28 @return CRYPT_OK if successful
29 */
30 int ed25519_set_key(const unsigned char *sk, unsigned long sklen,
31 const unsigned char *pk, unsigned long pklen,
32 curve25519_key *key)
33 {
34 LTC_ARGCHK(key != NULL);
35
36 if (sk != NULL) {
37 LTC_ARGCHK(sklen == 32uL);
38 XMEMCPY(key->priv, sk, sizeof(key->priv));
39 tweetnacl_crypto_sk_to_pk(key->pub, key->priv);
40 if (pk != NULL) {
41 LTC_ARGCHK(pklen == 32uL);
42 if (XMEM_NEQ(pk, key->pub, sizeof(key->pub)) != 0) {
43 zeromem(key, sizeof(*key));
44 return CRYPT_INVALID_ARG;
45 }
46 }
47 key->type = PK_PRIVATE;
48 } else if (pk != NULL) {
49 LTC_ARGCHK(pklen == 32uL);
50 XMEMCPY(key->pub, pk, sizeof(key->pub));
51 key->type = PK_PUBLIC;
52 } else {
53 return CRYPT_INVALID_ARG;
54 }
55 key->algo = PKA_ED25519;
56
57 return CRYPT_OK;
58 }
59
60 #endif
61
62 /* ref: $Format:%D$ */
63 /* git commit: $Format:%H$ */
64 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ed25519_shared_secret.c
12 Create an Ed25519 signature, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Create an Ed25519 signature.
19 @param private_key The private Ed25519 key in the pair
20 @param public_key The public Ed25519 key in the pair
21 @param out [out] The destination of the shared data
22 @param outlen [in/out] The max size and resulting size of the shared data.
23 @return CRYPT_OK if successful
24 */
25 int ed25519_sign(const unsigned char *msg, unsigned long msglen,
26 unsigned char *sig, unsigned long *siglen,
27 const curve25519_key *private_key)
28 {
29 unsigned char *s;
30 unsigned long long smlen;
31 int err;
32
33 LTC_ARGCHK(msg != NULL);
34 LTC_ARGCHK(sig != NULL);
35 LTC_ARGCHK(siglen != NULL);
36 LTC_ARGCHK(private_key != NULL);
37
38 if (private_key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE;
39 if (private_key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE;
40
41 if (*siglen < 64uL) {
42 *siglen = 64uL;
43 return CRYPT_BUFFER_OVERFLOW;
44 }
45
46 smlen = msglen + 64;
47 s = XMALLOC(smlen);
48 if (s == NULL) return CRYPT_MEM;
49
50 err = tweetnacl_crypto_sign(s, &smlen,
51 msg, msglen,
52 private_key->priv, private_key->pub);
53
54 XMEMCPY(sig, s, 64uL);
55 *siglen = 64uL;
56
57 #ifdef LTC_CLEAN_STACK
58 zeromem(s, smlen);
59 #endif
60 XFREE(s);
61
62 return err;
63 }
64
65 #endif
66
67 /* ref: $Format:%D$ */
68 /* git commit: $Format:%H$ */
69 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file ed25519_verify.c
12 Verify an Ed25519 signature, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Verify an Ed25519 signature.
19 @param private_key The private Ed25519 key in the pair
20 @param public_key The public Ed25519 key in the pair
21 @param out [out] The destination of the shared data
22 @param outlen [in/out] The max size and resulting size of the shared data.
23 @param stat [out] The result of the signature verification, 1==valid, 0==invalid
24 @return CRYPT_OK if successful
25 */
26 int ed25519_verify(const unsigned char *msg, unsigned long msglen,
27 const unsigned char *sig, unsigned long siglen,
28 int *stat, const curve25519_key *public_key)
29 {
30 unsigned char* m;
31 unsigned long long mlen;
32 int err;
33
34 LTC_ARGCHK(msg != NULL);
35 LTC_ARGCHK(sig != NULL);
36 LTC_ARGCHK(stat != NULL);
37 LTC_ARGCHK(public_key != NULL);
38
39 *stat = 0;
40
41 if (siglen != 64uL) return CRYPT_INVALID_ARG;
42 if (public_key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE;
43
44 mlen = msglen + siglen;
45 if ((mlen < msglen) || (mlen < siglen)) return CRYPT_OVERFLOW;
46
47 m = XMALLOC(mlen);
48 if (m == NULL) return CRYPT_MEM;
49
50 XMEMCPY(m, sig, siglen);
51 XMEMCPY(m + siglen, msg, msglen);
52
53 err = tweetnacl_crypto_sign_open(stat,
54 m, &mlen,
55 m, mlen,
56 public_key->pub);
57
58 #ifdef LTC_CLEAN_STACK
59 zeromem(m, mlen);
60 #endif
61 XFREE(m);
62
63 return err;
64 }
65
66 #endif
67
68 /* ref: $Format:%D$ */
69 /* git commit: $Format:%H$ */
70 /* commit time: $Format:%ai$ */
3838 */
3939
4040 /**
41 Import an RSAPublicKey or RSAPrivateKey in PKCS#8 format
41 Import an RSAPrivateKey in PKCS#8 format
4242 @param in The packet to import from
4343 @param inlen It's length (octets)
44 @param passwd The password for decrypting privkey (NOT SUPPORTED YET)
44 @param passwd The password for decrypting privkey
4545 @param passwdlen Password's length (octets)
4646 @param key [out] Destination for newly imported key
4747 @return CRYPT_OK if successful, upon error allocated memory is freed
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file x25519_export.c
12 Export a X25519 key to a binary packet, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Export a X25519 key to a binary packet
19 @param out [out] The destination for the key
20 @param outlen [in/out] The max size and resulting size of the X25519 key
21 @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC)
22 @param key The key you wish to export
23 @return CRYPT_OK if successful
24 */
25 int x25519_export( unsigned char *out, unsigned long *outlen,
26 int which,
27 const curve25519_key *key)
28 {
29 LTC_ARGCHK(key != NULL);
30
31 if (key->algo != PKA_X25519) return CRYPT_PK_INVALID_TYPE;
32
33 return ec25519_export(out, outlen, which, key);
34 }
35
36 #endif
37
38 /* ref: $Format:%D$ */
39 /* git commit: $Format:%H$ */
40 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file x25519_import.c
12 Import a X25519 key from a binary packet, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Import a X25519 key from a binary packet
19 @param in The packet to read
20 @param inlen The length of the input packet
21 @param key [out] Where to import the key to
22 @return CRYPT_OK if successful, on error all allocated memory is freed automatically
23 */
24 int x25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key)
25 {
26 int err;
27 unsigned long key_len;
28
29 LTC_ARGCHK(in != NULL);
30 LTC_ARGCHK(key != NULL);
31
32 /* There's only one case where the inlen is equal to the pubkey-size
33 * and that's a raw pubkey, so let's just do a raw import.
34 */
35 if (inlen == sizeof(key->pub)) {
36 XMEMCPY(key->pub, in, sizeof(key->pub));
37 key->type = PK_PUBLIC;
38 key->algo = PKA_X25519;
39 return CRYPT_OK;
40 }
41
42 key_len = sizeof(key->pub);
43 if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_X25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) {
44 key->type = PK_PUBLIC;
45 key->algo = PKA_X25519;
46 }
47 return err;
48 }
49
50 #endif
51
52 /* ref: $Format:%D$ */
53 /* git commit: $Format:%H$ */
54 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file x25519_import_pkcs8.c
12 Import a X25519 key in PKCS#8 format, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Import a X25519 private key in PKCS#8 format
19 @param in The DER-encoded PKCS#8-formatted private key
20 @param inlen The length of the input data
21 @param passwd The password to decrypt the private key
22 @param passwdlen Password's length (octets)
23 @param key [out] Where to import the key to
24 @return CRYPT_OK if successful, on error all allocated memory is freed automatically
25 */
26 int x25519_import_pkcs8(const unsigned char *in, unsigned long inlen,
27 const void *pwd, unsigned long pwdlen,
28 curve25519_key *key)
29 {
30 return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, PKA_X25519, tweetnacl_crypto_scalarmult_base, key);
31 }
32
33 #endif
34
35 /* ref: $Format:%D$ */
36 /* git commit: $Format:%H$ */
37 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file x25519_import_x509.c
12 Import a X25519 key from a X.509 certificate, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 static int _x25519_decode(const unsigned char *in, unsigned long inlen, curve25519_key *key)
18 {
19 if (inlen != sizeof(key->pub)) return CRYPT_PK_INVALID_SIZE;
20 XMEMCPY(key->pub, in, sizeof(key->pub));
21 return CRYPT_OK;
22 }
23
24 /**
25 Import a X25519 public key from a X.509 certificate
26 @param in The DER encoded X.509 certificate
27 @param inlen The length of the certificate
28 @param key [out] Where to import the key to
29 @return CRYPT_OK if successful, on error all allocated memory is freed automatically
30 */
31 int x25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key)
32 {
33 int err;
34
35 LTC_ARGCHK(in != NULL);
36 LTC_ARGCHK(key != NULL);
37
38 if ((err = x509_decode_public_key_from_certificate(in, inlen,
39 PKA_X25519,
40 LTC_ASN1_EOL, NULL, NULL,
41 (public_key_decode_cb)_x25519_decode, key)) != CRYPT_OK) {
42 return err;
43 }
44 key->type = PK_PUBLIC;
45 key->algo = PKA_X25519;
46
47 return err;
48 }
49
50 #endif
51
52 /* ref: $Format:%D$ */
53 /* git commit: $Format:%H$ */
54 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file x25519_make_key.c
12 Create a X25519 key, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Create a X25519 key
19 @param prng An active PRNG state
20 @param wprng The index of the PRNG desired
21 @param key [out] Destination of a newly created private key pair
22 @return CRYPT_OK if successful
23 */
24 int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key)
25 {
26 int err;
27
28 LTC_ARGCHK(prng != NULL);
29 LTC_ARGCHK(key != NULL);
30
31 if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
32 return err;
33 }
34
35 if (prng_descriptor[wprng].read(key->priv, sizeof(key->priv), prng) != sizeof(key->priv)) {
36 return CRYPT_ERROR_READPRNG;
37 }
38
39 tweetnacl_crypto_scalarmult_base(key->pub, key->priv);
40
41 key->type = PK_PRIVATE;
42 key->algo = PKA_X25519;
43
44 return err;
45 }
46
47 #endif
48
49 /* ref: $Format:%D$ */
50 /* git commit: $Format:%H$ */
51 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file x25519_set_ku.c
12 Set the parameters of a X25519 key, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Set the parameters of a X25519 key
19
20 In case k and u are given it is validated that u is really the
21 corresponding public part of the key pair
22
23 @param k The k value (a.k.a scalar or private part)
24 @param klen The length of k
25 @param u The u-coordinate (a.k.a public part)
26 @param ulen The length of u
27 @param key [out] Destination of the key
28 @return CRYPT_OK if successful
29 */
30 int x25519_set_key(const unsigned char *k, unsigned long klen,
31 const unsigned char *u, unsigned long ulen,
32 curve25519_key *key)
33 {
34 LTC_ARGCHK(key != NULL);
35
36 if (k != NULL) {
37 LTC_ARGCHK(klen == 32uL);
38 XMEMCPY(key->priv, k, sizeof(key->priv));
39 tweetnacl_crypto_scalarmult_base(key->pub, key->priv);
40 if (u != NULL) {
41 LTC_ARGCHK(ulen == 32uL);
42 if (XMEM_NEQ(u, key->pub, sizeof(key->pub)) != 0) {
43 zeromem(key, sizeof(*key));
44 return CRYPT_INVALID_ARG;
45 }
46 }
47 key->type = PK_PRIVATE;
48 } else if (u != NULL) {
49 LTC_ARGCHK(ulen == 32uL);
50 XMEMCPY(key->pub, u, sizeof(key->pub));
51 key->type = PK_PUBLIC;
52 } else {
53 return CRYPT_INVALID_ARG;
54 }
55 key->algo = PKA_X25519;
56
57 return CRYPT_OK;
58 }
59
60 #endif
61
62 /* ref: $Format:%D$ */
63 /* git commit: $Format:%H$ */
64 /* commit time: $Format:%ai$ */
0 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
1 *
2 * LibTomCrypt is a library that provides various cryptographic
3 * algorithms in a highly modular and flexible manner.
4 *
5 * The library is free for all purposes without any express
6 * guarantee it works.
7 */
8 #include "tomcrypt_private.h"
9
10 /**
11 @file x25519_shared_secret.c
12 Create a X25519 shared secret, Steffen Jaeckel
13 */
14
15 #ifdef LTC_CURVE25519
16
17 /**
18 Create a X25519 shared secret.
19 @param private_key The private X25519 key in the pair
20 @param public_key The public X25519 key in the pair
21 @param out [out] The destination of the shared data
22 @param outlen [in/out] The max size and resulting size of the shared data.
23 @return CRYPT_OK if successful
24 */
25 int x25519_shared_secret(const curve25519_key *private_key,
26 const curve25519_key *public_key,
27 unsigned char *out, unsigned long *outlen)
28 {
29 LTC_ARGCHK(private_key != NULL);
30 LTC_ARGCHK(public_key != NULL);
31 LTC_ARGCHK(out != NULL);
32 LTC_ARGCHK(outlen != NULL);
33
34 if(private_key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE;
35
36 if(*outlen < 32uL) {
37 *outlen = 32uL;
38 return CRYPT_BUFFER_OVERFLOW;
39 }
40
41 tweetnacl_crypto_scalarmult(out, private_key->priv, public_key->pub);
42 *outlen = 32uL;
43
44 return CRYPT_OK;
45 }
46
47 #endif
48
49 /* ref: $Format:%D$ */
50 /* git commit: $Format:%H$ */
51 /* commit time: $Format:%ai$ */