diff --git a/Changes b/Changes index 8f2fd32..24a9c14 100644 --- a/Changes +++ b/Changes @@ -1,4 +1,9 @@ Changes for CryptX + +0.060 2018-05-01 + - bundled libtomcrypt update + - Math::BigInt::LTM - remove buggy tests failing with the latest Math::BigInt + - basically no changes to the perl modules 0.059 2018-03-25 - new Crypt::Digest::Keccak(224|256|384|512) diff --git a/CryptX.xs b/CryptX.xs index 41f2135..53db25a 100644 --- a/CryptX.xs +++ b/CryptX.xs @@ -175,25 +175,6 @@ } return MP_OKAY; -} - -int _base16_encode(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) -{ - unsigned long i; - const char alphabet[] = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'}; - - if (*outlen < inlen * 2) { - *outlen = inlen * 2; - return CRYPT_BUFFER_OVERFLOW; - } - - for (i = 0; i < inlen; i++) { - out[i*2] = (unsigned char)alphabet[in[i] >> 4]; - out[i*2+1] = (unsigned char)alphabet[in[i] & 0xF]; - } - - *outlen = inlen * 2; - return CRYPT_OK; } size_t _find_start(const char *name, char *ltcname, size_t ltclen) @@ -260,64 +241,68 @@ void _ecc_oid_lookup(ecc_key *key) { int err; - unsigned i; + unsigned i, j; void *tmp; - const ltc_ecc_set_type *set; + const ltc_ecc_curve *cu; key->dp.oidlen = 0; if ((err = ltc_mp.init(&tmp)) != CRYPT_OK) return; - for (set = ltc_ecc_sets; set->name != NULL; set++) { - if ((err = mp_read_radix(tmp, set->prime, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.prime) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->order, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.order) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->A, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.A) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->B, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.B) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->Gx, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.base.x) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->Gy, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.base.y) != LTC_MP_EQ)) continue; - if (key->dp.cofactor != set->cofactor) continue; + for (cu = ltc_ecc_curves; cu->prime != NULL; cu++) { + if ((err = mp_read_radix(tmp, cu->prime, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.prime) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, cu->order, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.order) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, cu->A, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.A) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, cu->B, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.B) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, cu->Gx, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.base.x) != LTC_MP_EQ)) continue; + if ((err = mp_read_radix(tmp, cu->Gy, 16)) != CRYPT_OK) continue; + if ((mp_cmp(tmp, key->dp.base.y) != LTC_MP_EQ)) continue; + if (key->dp.cofactor != cu->cofactor) continue; break; /* found */ } ltc_mp.deinit(tmp); - if (set->name != NULL) { - key->dp.oidlen = set->oidlen; - for(i = 0; i < set->oidlen; i++) key->dp.oid[i] = set->oid[i]; + if (cu->prime && cu->OID) { + for (i = 0; i < 16; i++) key->dp.oid[i] = 0; + for (i = 0, j = 0; i < strlen(cu->OID); i++) { + if (cu->OID[i] == '.') { + if (++j >= 16) return; + } + else if(cu->OID[i] >= '0' && cu->OID[i] <= '9') { + key->dp.oid[j] = key->dp.oid[j] * 10 + (cu->OID[i] - '0'); + } + else { + return; + } + } + key->dp.oidlen = j + 1; } } int _ecc_set_dp_from_SV(ecc_key *key, SV *curve) { dTHX; /* fetch context */ - HV *hc, *hl, *h; + HV *hc, *h; SV *sv_crv, **pref; SV **sv_cofactor, **sv_prime, **sv_A, **sv_B, **sv_order, **sv_Gx, **sv_Gy, **sv_oid; - char *ch_name; - STRLEN l_name, i, j; + char *ptr_crv; + STRLEN len_crv; int err; if (!SvOK(curve)) croak("FATAL: undefined curve"); if (SvPOK(curve)) { /* string */ - ch_name = SvPV(curve, l_name); - if ((hl = get_hv("Crypt::PK::ECC::curve2ltc", 0)) == NULL) croak("FATAL: no curve2ltc register"); - pref = hv_fetch(hl, ch_name, (U32)l_name, 0); + ptr_crv = SvPV(curve, len_crv); + if ((hc = get_hv("Crypt::PK::ECC::curve", 0)) == NULL) croak("FATAL: no curve register"); + pref = hv_fetch(hc, ptr_crv, (U32)len_crv, 0); if (pref && SvOK(*pref)) { - sv_crv = *pref; /* found in %cutve2ltc */ + sv_crv = *pref; /* found in %curve */ } else { - if ((hc = get_hv("Crypt::PK::ECC::curve", 0)) == NULL) croak("FATAL: no curve register"); - pref = hv_fetch(hc, ch_name, (U32)l_name, 0); - if (pref && SvOK(*pref)) { - sv_crv = *pref; /* found in %curve */ - } - else { - sv_crv = curve; - } + sv_crv = curve; } } else if (SvROK(curve)) { @@ -330,14 +315,14 @@ if (SvPOK(sv_crv)) { /* string - curve name */ - const ltc_ecc_set_type *dp; - ch_name = SvPV(sv_crv, l_name); - if (ecc_get_set_by_name(ch_name, &dp) != CRYPT_OK) croak("FATAL: ecparams: unknown curve '%s'", ch_name); - return ecc_set_dp(dp, key); + const ltc_ecc_curve *cu; + ptr_crv = SvPV(sv_crv, len_crv); + if (ecc_get_curve(ptr_crv, &cu) != CRYPT_OK) croak("FATAL: ecparams: unknown curve '%s'", ptr_crv); + return ecc_set_dp(cu, key); } else { /* hashref */ - ltc_ecc_set_type set = { 0 }; + ltc_ecc_curve cu = { 0 }; if ((h = (HV*)(SvRV(sv_crv))) == NULL) croak("FATAL: ecparams: param is not valid hashref"); @@ -357,35 +342,18 @@ if (!SvOK(*sv_Gy )) croak("FATAL: ecparams: undefined param Gy"); if (!SvOK(*sv_cofactor)) croak("FATAL: ecparams: undefined param cofactor"); - set.prime = SvPV_nolen(*sv_prime); - set.A = SvPV_nolen(*sv_A); - set.B = SvPV_nolen(*sv_B); - set.order = SvPV_nolen(*sv_order); - set.Gx = SvPV_nolen(*sv_Gx); - set.Gy = SvPV_nolen(*sv_Gy); - set.cofactor = (unsigned long)SvUV(*sv_cofactor), - set.name = NULL; - set.oidlen = 0; - - sv_oid = hv_fetchs(h, "oid", 0); - if (sv_oid && SvPOK(*sv_oid)) { - ch_name = SvPV(*sv_oid, l_name); - for (i = 0, j = 0; i < l_name; i++) { - if (ch_name[i] == '.') { - if (++j >= 16) return CRYPT_ERROR; - } - else if(ch_name[i] >= '0' && ch_name[i] <= '9') { - set.oid[j] = set.oid[j] * 10 + (ch_name[i] - '0'); - } - else { - return CRYPT_ERROR; - } - } - if (j == 0) return CRYPT_ERROR; - set.oidlen = j + 1; - } - - if ((err = ecc_set_dp(&set, key)) != CRYPT_OK) return err; + sv_oid = hv_fetchs(h, "oid", 0); /* 'oid' is optional */ + cu.OID = (sv_oid && SvOK(*sv_oid)) ? SvPV_nolen(*sv_oid) : NULL; + + cu.prime = SvPV_nolen(*sv_prime); + cu.A = SvPV_nolen(*sv_A); + cu.B = SvPV_nolen(*sv_B); + cu.order = SvPV_nolen(*sv_order); + cu.Gx = SvPV_nolen(*sv_Gx); + cu.Gy = SvPV_nolen(*sv_Gy); + cu.cofactor = (unsigned long)SvUV(*sv_cofactor); + + if ((err = ecc_set_dp(&cu, key)) != CRYPT_OK) return err; if (key->dp.oidlen == 0) _ecc_oid_lookup(key); return CRYPT_OK; } @@ -513,7 +481,8 @@ int rv; STRLEN in_len; unsigned long out_len; - unsigned char *out_data, *in_data; + unsigned char *in_data; + char *out_data; if (!SvPOK(in)) XSRETURN_UNDEF; in_data = (unsigned char *) SvPVbyte(in, in_len); @@ -524,7 +493,7 @@ out_len = (unsigned long)(4 * ((in_len + 2) / 3) + 1); RETVAL = NEWSV(0, out_len); /* avoid zero! */ SvPOK_only(RETVAL); - out_data = (unsigned char *)SvPVX(RETVAL); + out_data = SvPVX(RETVAL); if (ix == 1) rv = base64url_encode(in_data, (unsigned long)in_len, out_data, &out_len); else @@ -548,10 +517,11 @@ int rv; STRLEN in_len; unsigned long out_len; - unsigned char *out_data, *in_data; + unsigned char *out_data; + char *in_data; if (!SvPOK(in)) XSRETURN_UNDEF; - in_data = (unsigned char *)SvPVbyte(in, in_len); + in_data = SvPVbyte(in, in_len); if (in_len == 0) { RETVAL = newSVpvn("", 0); } @@ -561,9 +531,9 @@ SvPOK_only(RETVAL); out_data = (unsigned char *)SvPVX(RETVAL); if (ix == 1) - rv = base64url_decode(in_data, (unsigned long)in_len, out_data, &out_len); + rv = base64url_sane_decode(in_data, (unsigned long)in_len, out_data, &out_len); else - rv = base64_decode(in_data, (unsigned long)in_len, out_data, &out_len); + rv = base64_sane_decode(in_data, (unsigned long)in_len, out_data, &out_len); if (rv != CRYPT_OK) { SvREFCNT_dec(RETVAL); XSRETURN_UNDEF; @@ -584,8 +554,9 @@ { STRLEN in_len; unsigned long out_len; - unsigned char *out_data, *in_data; - int id = -1; + unsigned char *in_data; + char *out_data; + int id = -1, err; if (!SvPOK(in)) XSRETURN_UNDEF; if (ix == 0) id = BASE32_RFC4648; @@ -598,11 +569,12 @@ RETVAL = newSVpvn("", 0); } else { - out_len = (unsigned long)((8 * in_len + 4) / 5); + out_len = (unsigned long)((8 * in_len + 4) / 5 + 1); RETVAL = NEWSV(0, out_len); /* avoid zero! */ SvPOK_only(RETVAL); - out_data = (unsigned char *)SvPVX(RETVAL); - if (base32_encode(in_data, (unsigned long)in_len, out_data, &out_len, id) != CRYPT_OK) { + out_data = SvPVX(RETVAL); + err = base32_encode(in_data, (unsigned long)in_len, out_data, &out_len, id); + if (err != CRYPT_OK) { SvREFCNT_dec(RETVAL); XSRETURN_UNDEF; } @@ -622,8 +594,9 @@ { STRLEN in_len; unsigned long out_len; - unsigned char *out_data, *in_data; - int id = -1; + unsigned char *out_data; + char *in_data; + int id = -1, err; if (!SvPOK(in)) XSRETURN_UNDEF; if (ix == 0) id = BASE32_RFC4648; @@ -631,7 +604,7 @@ if (ix == 2) id = BASE32_ZBASE32; if (ix == 3) id = BASE32_CROCKFORD; if (id == -1) XSRETURN_UNDEF; - in_data = (unsigned char *)SvPVbyte(in, in_len); + in_data = SvPVbyte(in, in_len); if (in_len == 0) { RETVAL = newSVpvn("", 0); } @@ -640,7 +613,8 @@ RETVAL = NEWSV(0, out_len); /* avoid zero! */ SvPOK_only(RETVAL); out_data = (unsigned char *)SvPVX(RETVAL); - if (base32_decode(in_data, (unsigned long)in_len, out_data, &out_len, id) != CRYPT_OK) { + err = base32_decode(in_data, (unsigned long)in_len, out_data, &out_len, id); + if (err != CRYPT_OK) { SvREFCNT_dec(RETVAL); XSRETURN_UNDEF; } diff --git a/MANIFEST b/MANIFEST index 86a49bb..b01ceb9 100644 --- a/MANIFEST +++ b/MANIFEST @@ -310,6 +310,8 @@ src/ltc/math/rand_prime.c src/ltc/math/tfm_desc.c src/ltc/misc/adler32.c +src/ltc/misc/base16/base16_decode.c +src/ltc/misc/base16/base16_encode.c src/ltc/misc/base32/base32_decode.c src/ltc/misc/base32/base32_encode.c src/ltc/misc/base64/base64_decode.c @@ -352,7 +354,10 @@ src/ltc/misc/error_to_string.c src/ltc/misc/hkdf/hkdf.c src/ltc/misc/mem_neq.c +src/ltc/misc/padding/padding_depad.c +src/ltc/misc/padding/padding_pad.c src/ltc/misc/pk_get_oid.c +src/ltc/misc/pk_oid_str.c src/ltc/misc/pkcs5/pkcs_5_1.c src/ltc/misc/pkcs5/pkcs_5_2.c src/ltc/misc/zeromem.c @@ -476,8 +481,8 @@ src/ltc/pk/ecc/ecc_export.c src/ltc/pk/ecc/ecc_export_openssl.c src/ltc/pk/ecc/ecc_free.c +src/ltc/pk/ecc/ecc_get_curve.c src/ltc/pk/ecc/ecc_get_key.c -src/ltc/pk/ecc/ecc_get_set.c src/ltc/pk/ecc/ecc_get_size.c src/ltc/pk/ecc/ecc_import.c src/ltc/pk/ecc/ecc_import_openssl.c diff --git a/META.json b/META.json index b106d9b..48fffd0 100644 --- a/META.json +++ b/META.json @@ -45,6 +45,6 @@ "url" : "https://github.com/DCIT/perl-CryptX" } }, - "version" : "0.059", + "version" : "0.060", "x_serialization_backend" : "JSON::PP version 2.94" } diff --git a/META.yml b/META.yml index 05e7e19..8a48d03 100644 --- a/META.yml +++ b/META.yml @@ -22,5 +22,5 @@ resources: bugtracker: https://github.com/DCIT/perl-CryptX/issues repository: https://github.com/DCIT/perl-CryptX -version: '0.059' +version: '0.060' x_serialization_backend: 'CPAN::Meta::YAML version 0.018' diff --git a/Makefile.PL b/Makefile.PL index 11f9956..891df7e 100644 --- a/Makefile.PL +++ b/Makefile.PL @@ -50,8 +50,13 @@ my ($maj, $min) = $arver =~ /^GNU ar [^\d]*(\d)\.(\d+)\.\d+/s; $myarflags = 'rcD' if ($maj && $min && $maj >= 2 && $min >= 20) || $arver=~ /^BSD ar /; } + + # turn on extra warnings in AUTHOR_MODE (it is gcc only!!) + $mycflags = "$mycflags -Wall -Werror -Wextra" if $ENV{AUTHOR_MODE}; + @EUMM_INC_LIB = ( - INC => '-DLTM_DESC -Isrc/ltc/headers -Isrc/ltm', + INC => $ENV{AUTHOR_MODE} ? '-DLTM_DESC -Isrc/ltc/headers -Isrc/ltm -Wall -Werror -Wextra' #gcc only!! + : '-DLTM_DESC -Isrc/ltc/headers -Isrc/ltm', MYEXTLIB => "src/liballinone$Config{lib_ext}", clean => { 'FILES' => join(' ', @myobjs, "src/liballinone$Config{lib_ext}") }, ); diff --git a/inc/CryptX_Checksum_Adler32.xs.inc b/inc/CryptX_Checksum_Adler32.xs.inc index eb30b81..7966f56 100644 --- a/inc/CryptX_Checksum_Adler32.xs.inc +++ b/inc/CryptX_Checksum_Adler32.xs.inc @@ -59,15 +59,16 @@ CODE: { int rv; - unsigned char hash[4], out[8]; - unsigned long outlen = 8; + unsigned char hash[4]; + char out[9]; + unsigned long outlen = 9; unsigned int ui32; adler32_finish(self, hash, 4); /* returns void */ if (ix == 1) { - rv = _base16_encode(hash, 4, out, &outlen); + rv = base16_encode(hash, 4, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *)out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 2) { LOAD32H(ui32, hash); @@ -89,8 +90,9 @@ { adler32_state st; int rv, j; - unsigned char hash[4], out[8], *in; - unsigned long outlen = 8; + unsigned char hash[4], *in; + char out[9]; + unsigned long outlen = 9; unsigned int ui32; STRLEN inlen; @@ -103,9 +105,9 @@ } adler32_finish(&st, hash, 4); /* returns void */ if (ix == 1) { - rv = _base16_encode(hash, 4, out, &outlen); + rv = base16_encode(hash, 4, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *)out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 2) { LOAD32H(ui32, hash); diff --git a/inc/CryptX_Checksum_CRC32.xs.inc b/inc/CryptX_Checksum_CRC32.xs.inc index 3c86e7c..486bf64 100644 --- a/inc/CryptX_Checksum_CRC32.xs.inc +++ b/inc/CryptX_Checksum_CRC32.xs.inc @@ -59,15 +59,16 @@ CODE: { int rv; - unsigned char hash[4], out[8]; - unsigned long outlen = 8; + unsigned char hash[4]; + char out[9]; + unsigned long outlen = 9; unsigned int ui32; crc32_finish(self, hash, 4); /* returns void */ if (ix == 1) { - rv = _base16_encode(hash, 4, out, &outlen); + rv = base16_encode(hash, 4, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *)out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 2) { LOAD32H(ui32, hash); @@ -89,8 +90,9 @@ { crc32_state st; int rv, j; - unsigned char hash[4], out[8], *in; - unsigned long outlen = 8; + unsigned char hash[4], *in; + char out[9]; + unsigned long outlen = 9; unsigned int ui32; STRLEN inlen; @@ -103,9 +105,9 @@ } crc32_finish(&st, hash, 4); /* returns void */ if (ix == 1) { - rv = _base16_encode(hash, 4, out, &outlen); + rv = base16_encode(hash, 4, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *)out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 2) { LOAD32H(ui32, hash); diff --git a/inc/CryptX_Digest.xs.inc b/inc/CryptX_Digest.xs.inc index 8a97c1a..96a3dbb 100644 --- a/inc/CryptX_Digest.xs.inc +++ b/inc/CryptX_Digest.xs.inc @@ -79,24 +79,24 @@ int rv; unsigned long outlen; unsigned char hash[MAXBLOCKSIZE]; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; rv = self->desc->done(&self->state, hash); if (rv != CRYPT_OK) croak("FATAL: digest done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); + rv = base64url_encode(hash, self->desc->hashsize, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } else if (ix == 2) { - rv = base64_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); + rv = base64_encode(hash, self->desc->hashsize, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); + rv = base16_encode(hash, self->desc->hashsize, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -119,7 +119,7 @@ int rv, id, i; unsigned char *in, hash[MAXBLOCKSIZE]; unsigned long len = sizeof(hash), outlen; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; hash_state md; id = _find_hash(digest_name); @@ -141,19 +141,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(hash, len, (unsigned char *)out, &outlen); + rv = base64url_encode(hash, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 2) { - rv = base64_encode(hash, len, (unsigned char *)out, &outlen); + rv = base64_encode(hash, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(hash, len, (unsigned char *)out, &outlen); + rv = base16_encode(hash, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) hash, len); diff --git a/inc/CryptX_Mac_BLAKE2b.xs.inc b/inc/CryptX_Mac_BLAKE2b.xs.inc index 6d27e3e..a8f5113 100644 --- a/inc/CryptX_Mac_BLAKE2b.xs.inc +++ b/inc/CryptX_Mac_BLAKE2b.xs.inc @@ -70,24 +70,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = sizeof(mac); rv = blake2bmac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: blake2bmac_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -130,19 +130,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_Mac_BLAKE2s.xs.inc b/inc/CryptX_Mac_BLAKE2s.xs.inc index 3ac3467..d1b4292 100644 --- a/inc/CryptX_Mac_BLAKE2s.xs.inc +++ b/inc/CryptX_Mac_BLAKE2s.xs.inc @@ -70,24 +70,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = sizeof(mac); rv = blake2smac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: blake2smac_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -130,19 +130,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_Mac_F9.xs.inc b/inc/CryptX_Mac_F9.xs.inc index e1782c6..f3ce96f 100644 --- a/inc/CryptX_Mac_F9.xs.inc +++ b/inc/CryptX_Mac_F9.xs.inc @@ -74,24 +74,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = sizeof(mac); rv = f9_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: f9_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -135,19 +135,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_Mac_HMAC.xs.inc b/inc/CryptX_Mac_HMAC.xs.inc index 8e4f73c..44aa085 100644 --- a/inc/CryptX_Mac_HMAC.xs.inc +++ b/inc/CryptX_Mac_HMAC.xs.inc @@ -74,24 +74,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = sizeof(mac); rv = hmac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: hmac_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -135,19 +135,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_Mac_OMAC.xs.inc b/inc/CryptX_Mac_OMAC.xs.inc index aa8699a..ed2ee8e 100644 --- a/inc/CryptX_Mac_OMAC.xs.inc +++ b/inc/CryptX_Mac_OMAC.xs.inc @@ -74,24 +74,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = sizeof(mac); rv = omac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: omac_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -135,19 +135,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_Mac_PMAC.xs.inc b/inc/CryptX_Mac_PMAC.xs.inc index 9ee709d..45cfe66 100644 --- a/inc/CryptX_Mac_PMAC.xs.inc +++ b/inc/CryptX_Mac_PMAC.xs.inc @@ -74,24 +74,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = sizeof(mac); rv = pmac_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: pmac_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -135,19 +135,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_Mac_Pelican.xs.inc b/inc/CryptX_Mac_Pelican.xs.inc index 3484019..b3e9f15 100644 --- a/inc/CryptX_Mac_Pelican.xs.inc +++ b/inc/CryptX_Mac_Pelican.xs.inc @@ -70,24 +70,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = 16; rv = pelican_done(self, mac); if (rv != CRYPT_OK) croak("FATAL: pelican_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -130,19 +130,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_Mac_Poly1305.xs.inc b/inc/CryptX_Mac_Poly1305.xs.inc index 6e50821..f816e48 100644 --- a/inc/CryptX_Mac_Poly1305.xs.inc +++ b/inc/CryptX_Mac_Poly1305.xs.inc @@ -70,24 +70,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = sizeof(mac); rv = poly1305_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: poly1305_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -129,19 +129,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_Mac_XCBC.xs.inc b/inc/CryptX_Mac_XCBC.xs.inc index 6563b67..a5a0205 100644 --- a/inc/CryptX_Mac_XCBC.xs.inc +++ b/inc/CryptX_Mac_XCBC.xs.inc @@ -74,24 +74,24 @@ unsigned char mac[MAXBLOCKSIZE]; unsigned long maclen, outlen; int rv; - char out[MAXBLOCKSIZE*2]; + char out[MAXBLOCKSIZE*2+1]; maclen = sizeof(mac); rv = xcbc_done(self, mac, &maclen); if (rv != CRYPT_OK) croak("FATAL: xcbc_done failed: %s", error_to_string(rv)); outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64url_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 2) { - rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); + rv = base64_encode(mac, maclen, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } if (ix == 1) { - rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); + rv = base16_encode(mac, maclen, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn(out, outlen); } @@ -135,19 +135,19 @@ outlen = sizeof(out); if (ix == 3) { - rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64url_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); RETVAL = newSVpvn((char *) out, outlen); } else if (ix == 2) { - rv = base64_encode(mac, len, (unsigned char *)out, &outlen); + rv = base64_encode(mac, len, out, &outlen); if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else if (ix == 1) { - rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); + rv = base16_encode(mac, len, out, &outlen, 0); if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); - RETVAL = newSVpvn((char *) out, outlen); + RETVAL = newSVpvn(out, outlen); } else { RETVAL = newSVpvn((char *) mac, len); diff --git a/inc/CryptX_PK_ECC.xs.inc b/inc/CryptX_PK_ECC.xs.inc index 751b7d8..ce6cb2e 100644 --- a/inc/CryptX_PK_ECC.xs.inc +++ b/inc/CryptX_PK_ECC.xs.inc @@ -202,13 +202,12 @@ not_used = hv_store(rv_hash, "curve_oid", 9, oid, 0); /* curve name -> "curve_name" */ - if ((h = get_hv("Crypt::PK::ECC::curve2ltc", 0)) != NULL) { + if ((h = get_hv("Crypt::PK::ECC::curve_oid2name", 0)) != NULL) { pref = hv_fetch(h, oid_ptr, (U32)strlen(oid_ptr), 0); if (pref) { cname_ptr = SvPV(*pref, cname_len); cname = newSVpv(cname_ptr, cname_len); cname_ptr = SvPVX(cname); - for (i=0; i0; i++) cname_ptr[i] = toLOWER(cname_ptr[i]); not_used = hv_store(rv_hash, "curve_name", 10, cname, 0); } } diff --git a/inc/CryptX_PRNG.xs.inc b/inc/CryptX_PRNG.xs.inc index 9345311..62ee07c 100644 --- a/inc/CryptX_PRNG.xs.inc +++ b/inc/CryptX_PRNG.xs.inc @@ -105,7 +105,8 @@ IV curpid = (IV)PerlProc_getpid(); int rv_len, rv; unsigned long len; - unsigned char *rdata, *tmp; + unsigned char *tmp; + char *rdata; unsigned char entropy_buf[40]; if (output_len == 0) { @@ -124,12 +125,13 @@ if (tmp == NULL) croak("FATAL: Newz failed"); rv_len = (self->desc->read)(tmp, (unsigned long)output_len, &self->state); if ((UV)rv_len != output_len) croak("FATAL: PRNG_read failed"); - RETVAL = NEWSV(0, output_len * 2); /* avoid zero! */ + RETVAL = NEWSV(0, output_len * 2 + 1); /* avoid zero! */ SvPOK_only(RETVAL); - SvCUR_set(RETVAL, output_len * 2); - rdata = (unsigned char *)SvPVX(RETVAL); - len = output_len * 2; - rv = _base16_encode(tmp, output_len, rdata, &len); + SvCUR_set(RETVAL, output_len * 2 + 1); + rdata = SvPVX(RETVAL); + len = output_len * 2 + 1; + rv = base16_encode(tmp, output_len, rdata, &len, 0); + SvCUR_set(RETVAL, len); Safefree(tmp); if (rv != CRYPT_OK) { SvREFCNT_dec(RETVAL); @@ -145,7 +147,7 @@ RETVAL = NEWSV(0, output_len * 2); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, output_len * 2); - rdata = (unsigned char *)SvPVX(RETVAL); + rdata = SvPVX(RETVAL); len = output_len * 2; rv = ix == 3 ? base64url_encode(tmp, output_len, rdata, &len) : base64_encode(tmp, output_len, rdata, &len); @@ -161,8 +163,8 @@ RETVAL = NEWSV(0, output_len); /* avoid zero! */ SvPOK_only(RETVAL); SvCUR_set(RETVAL, output_len); - rdata = (unsigned char *)SvPVX(RETVAL); - rv_len = (self->desc->read)(rdata, (unsigned long)output_len, &self->state); + rdata = SvPVX(RETVAL); + rv_len = (self->desc->read)((unsigned char*)rdata, (unsigned long)output_len, &self->state); if ((UV)rv_len != output_len) { SvREFCNT_dec(RETVAL); croak("FATAL: PRNG_read failed"); diff --git a/lib/Crypt/AuthEnc/CCM.pm b/lib/Crypt/AuthEnc/CCM.pm index 15673c5..4fd70e6 100644 --- a/lib/Crypt/AuthEnc/CCM.pm +++ b/lib/Crypt/AuthEnc/CCM.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( ccm_encrypt_authenticate ccm_decrypt_verify )] ); diff --git a/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm b/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm index 104e242..3a19400 100644 --- a/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm +++ b/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify )] ); diff --git a/lib/Crypt/AuthEnc/EAX.pm b/lib/Crypt/AuthEnc/EAX.pm index 6aad5b6..02f9329 100644 --- a/lib/Crypt/AuthEnc/EAX.pm +++ b/lib/Crypt/AuthEnc/EAX.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( eax_encrypt_authenticate eax_decrypt_verify )] ); diff --git a/lib/Crypt/AuthEnc/GCM.pm b/lib/Crypt/AuthEnc/GCM.pm index ba8ae8b..2b570b2 100644 --- a/lib/Crypt/AuthEnc/GCM.pm +++ b/lib/Crypt/AuthEnc/GCM.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( gcm_encrypt_authenticate gcm_decrypt_verify )] ); diff --git a/lib/Crypt/AuthEnc/OCB.pm b/lib/Crypt/AuthEnc/OCB.pm index 7f515c9..91f3dff 100644 --- a/lib/Crypt/AuthEnc/OCB.pm +++ b/lib/Crypt/AuthEnc/OCB.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( ocb_encrypt_authenticate ocb_decrypt_verify )] ); diff --git a/lib/Crypt/AuthEnc.pm b/lib/Crypt/AuthEnc.pm index 359f324..5f506e4 100644 --- a/lib/Crypt/AuthEnc.pm +++ b/lib/Crypt/AuthEnc.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; ### not used diff --git a/lib/Crypt/Checksum/Adler32.pm b/lib/Crypt/Checksum/Adler32.pm index 767d3e3..0452102 100644 --- a/lib/Crypt/Checksum/Adler32.pm +++ b/lib/Crypt/Checksum/Adler32.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Checksum Exporter); our %EXPORT_TAGS = ( all => [qw( adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int )] ); diff --git a/lib/Crypt/Checksum/CRC32.pm b/lib/Crypt/Checksum/CRC32.pm index 690ba6a..8d6cf42 100644 --- a/lib/Crypt/Checksum/CRC32.pm +++ b/lib/Crypt/Checksum/CRC32.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Checksum Exporter); our %EXPORT_TAGS = ( all => [qw( crc32_data crc32_data_hex crc32_data_int crc32_file crc32_file_hex crc32_file_int )] ); diff --git a/lib/Crypt/Checksum.pm b/lib/Crypt/Checksum.pm index 8d4d8c9..ae875a2 100644 --- a/lib/Crypt/Checksum.pm +++ b/lib/Crypt/Checksum.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw/ adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int diff --git a/lib/Crypt/Cipher/AES.pm b/lib/Crypt/Cipher/AES.pm index d5c894f..6ddfa41 100644 --- a/lib/Crypt/Cipher/AES.pm +++ b/lib/Crypt/Cipher/AES.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/Anubis.pm b/lib/Crypt/Cipher/Anubis.pm index 8156c69..e571bc5 100644 --- a/lib/Crypt/Cipher/Anubis.pm +++ b/lib/Crypt/Cipher/Anubis.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/Blowfish.pm b/lib/Crypt/Cipher/Blowfish.pm index a17dee4..dce34c5 100644 --- a/lib/Crypt/Cipher/Blowfish.pm +++ b/lib/Crypt/Cipher/Blowfish.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/CAST5.pm b/lib/Crypt/Cipher/CAST5.pm index b7f14fe..895e9af 100644 --- a/lib/Crypt/Cipher/CAST5.pm +++ b/lib/Crypt/Cipher/CAST5.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/Camellia.pm b/lib/Crypt/Cipher/Camellia.pm index 1dde541..5dce1bf 100644 --- a/lib/Crypt/Cipher/Camellia.pm +++ b/lib/Crypt/Cipher/Camellia.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/DES.pm b/lib/Crypt/Cipher/DES.pm index 1e28dfb..d20a736 100644 --- a/lib/Crypt/Cipher/DES.pm +++ b/lib/Crypt/Cipher/DES.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/DES_EDE.pm b/lib/Crypt/Cipher/DES_EDE.pm index d100e44..cd5b2d8 100644 --- a/lib/Crypt/Cipher/DES_EDE.pm +++ b/lib/Crypt/Cipher/DES_EDE.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/IDEA.pm b/lib/Crypt/Cipher/IDEA.pm index 2c1226f..fdf4a56 100644 --- a/lib/Crypt/Cipher/IDEA.pm +++ b/lib/Crypt/Cipher/IDEA.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/KASUMI.pm b/lib/Crypt/Cipher/KASUMI.pm index dd4c6db..573ce2b 100644 --- a/lib/Crypt/Cipher/KASUMI.pm +++ b/lib/Crypt/Cipher/KASUMI.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/Khazad.pm b/lib/Crypt/Cipher/Khazad.pm index 501235b..2af9ea9 100644 --- a/lib/Crypt/Cipher/Khazad.pm +++ b/lib/Crypt/Cipher/Khazad.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/MULTI2.pm b/lib/Crypt/Cipher/MULTI2.pm index 7b588aa..6231fc3 100644 --- a/lib/Crypt/Cipher/MULTI2.pm +++ b/lib/Crypt/Cipher/MULTI2.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/Noekeon.pm b/lib/Crypt/Cipher/Noekeon.pm index d1efa63..37369f8 100644 --- a/lib/Crypt/Cipher/Noekeon.pm +++ b/lib/Crypt/Cipher/Noekeon.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/RC2.pm b/lib/Crypt/Cipher/RC2.pm index da63d34..41d3719 100644 --- a/lib/Crypt/Cipher/RC2.pm +++ b/lib/Crypt/Cipher/RC2.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/RC5.pm b/lib/Crypt/Cipher/RC5.pm index 06f8186..6bc098d 100644 --- a/lib/Crypt/Cipher/RC5.pm +++ b/lib/Crypt/Cipher/RC5.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/RC6.pm b/lib/Crypt/Cipher/RC6.pm index e662a67..fbe36c3 100644 --- a/lib/Crypt/Cipher/RC6.pm +++ b/lib/Crypt/Cipher/RC6.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/SAFERP.pm b/lib/Crypt/Cipher/SAFERP.pm index 8c5b3f5..605f3fe 100644 --- a/lib/Crypt/Cipher/SAFERP.pm +++ b/lib/Crypt/Cipher/SAFERP.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/SAFER_K128.pm b/lib/Crypt/Cipher/SAFER_K128.pm index c1be436..0ae15e2 100644 --- a/lib/Crypt/Cipher/SAFER_K128.pm +++ b/lib/Crypt/Cipher/SAFER_K128.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/SAFER_K64.pm b/lib/Crypt/Cipher/SAFER_K64.pm index cda042e..95df9aa 100644 --- a/lib/Crypt/Cipher/SAFER_K64.pm +++ b/lib/Crypt/Cipher/SAFER_K64.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/SAFER_SK128.pm b/lib/Crypt/Cipher/SAFER_SK128.pm index 76bd22f..947c5a5 100644 --- a/lib/Crypt/Cipher/SAFER_SK128.pm +++ b/lib/Crypt/Cipher/SAFER_SK128.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/SAFER_SK64.pm b/lib/Crypt/Cipher/SAFER_SK64.pm index 582eb0f..bb450a8 100644 --- a/lib/Crypt/Cipher/SAFER_SK64.pm +++ b/lib/Crypt/Cipher/SAFER_SK64.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/SEED.pm b/lib/Crypt/Cipher/SEED.pm index bea2c9b..f3d83a0 100644 --- a/lib/Crypt/Cipher/SEED.pm +++ b/lib/Crypt/Cipher/SEED.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/Serpent.pm b/lib/Crypt/Cipher/Serpent.pm index 69e8e8b..52b88ab 100644 --- a/lib/Crypt/Cipher/Serpent.pm +++ b/lib/Crypt/Cipher/Serpent.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/Skipjack.pm b/lib/Crypt/Cipher/Skipjack.pm index 3e0db08..352e17c 100644 --- a/lib/Crypt/Cipher/Skipjack.pm +++ b/lib/Crypt/Cipher/Skipjack.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/Twofish.pm b/lib/Crypt/Cipher/Twofish.pm index 4da4011..80a9de6 100644 --- a/lib/Crypt/Cipher/Twofish.pm +++ b/lib/Crypt/Cipher/Twofish.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher/XTEA.pm b/lib/Crypt/Cipher/XTEA.pm index 1a630bc..a8f3153 100644 --- a/lib/Crypt/Cipher/XTEA.pm +++ b/lib/Crypt/Cipher/XTEA.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Cipher); diff --git a/lib/Crypt/Cipher.pm b/lib/Crypt/Cipher.pm index a217936..50260d0 100644 --- a/lib/Crypt/Cipher.pm +++ b/lib/Crypt/Cipher.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Carp; $Carp::Internal{(__PACKAGE__)}++; diff --git a/lib/Crypt/Digest/BLAKE2b_160.pm b/lib/Crypt/Digest/BLAKE2b_160.pm index 8c6730a..72fd823 100644 --- a/lib/Crypt/Digest/BLAKE2b_160.pm +++ b/lib/Crypt/Digest/BLAKE2b_160.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b_160 blake2b_160_hex blake2b_160_b64 blake2b_160_b64u blake2b_160_file blake2b_160_file_hex blake2b_160_file_b64 blake2b_160_file_b64u )] ); diff --git a/lib/Crypt/Digest/BLAKE2b_256.pm b/lib/Crypt/Digest/BLAKE2b_256.pm index fd9bc59..b5f3eac 100644 --- a/lib/Crypt/Digest/BLAKE2b_256.pm +++ b/lib/Crypt/Digest/BLAKE2b_256.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b_256 blake2b_256_hex blake2b_256_b64 blake2b_256_b64u blake2b_256_file blake2b_256_file_hex blake2b_256_file_b64 blake2b_256_file_b64u )] ); diff --git a/lib/Crypt/Digest/BLAKE2b_384.pm b/lib/Crypt/Digest/BLAKE2b_384.pm index 03d33b1..66d2859 100644 --- a/lib/Crypt/Digest/BLAKE2b_384.pm +++ b/lib/Crypt/Digest/BLAKE2b_384.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b_384 blake2b_384_hex blake2b_384_b64 blake2b_384_b64u blake2b_384_file blake2b_384_file_hex blake2b_384_file_b64 blake2b_384_file_b64u )] ); diff --git a/lib/Crypt/Digest/BLAKE2b_512.pm b/lib/Crypt/Digest/BLAKE2b_512.pm index e3b08e4..483468f 100644 --- a/lib/Crypt/Digest/BLAKE2b_512.pm +++ b/lib/Crypt/Digest/BLAKE2b_512.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b_512 blake2b_512_hex blake2b_512_b64 blake2b_512_b64u blake2b_512_file blake2b_512_file_hex blake2b_512_file_b64 blake2b_512_file_b64u )] ); diff --git a/lib/Crypt/Digest/BLAKE2s_128.pm b/lib/Crypt/Digest/BLAKE2s_128.pm index 5d8dbc9..ce2c944 100644 --- a/lib/Crypt/Digest/BLAKE2s_128.pm +++ b/lib/Crypt/Digest/BLAKE2s_128.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s_128 blake2s_128_hex blake2s_128_b64 blake2s_128_b64u blake2s_128_file blake2s_128_file_hex blake2s_128_file_b64 blake2s_128_file_b64u )] ); diff --git a/lib/Crypt/Digest/BLAKE2s_160.pm b/lib/Crypt/Digest/BLAKE2s_160.pm index 9c17f78..ba6a5de 100644 --- a/lib/Crypt/Digest/BLAKE2s_160.pm +++ b/lib/Crypt/Digest/BLAKE2s_160.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s_160 blake2s_160_hex blake2s_160_b64 blake2s_160_b64u blake2s_160_file blake2s_160_file_hex blake2s_160_file_b64 blake2s_160_file_b64u )] ); diff --git a/lib/Crypt/Digest/BLAKE2s_224.pm b/lib/Crypt/Digest/BLAKE2s_224.pm index c8abbf2..61c0aca 100644 --- a/lib/Crypt/Digest/BLAKE2s_224.pm +++ b/lib/Crypt/Digest/BLAKE2s_224.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s_224 blake2s_224_hex blake2s_224_b64 blake2s_224_b64u blake2s_224_file blake2s_224_file_hex blake2s_224_file_b64 blake2s_224_file_b64u )] ); diff --git a/lib/Crypt/Digest/BLAKE2s_256.pm b/lib/Crypt/Digest/BLAKE2s_256.pm index de55e6d..d1aec66 100644 --- a/lib/Crypt/Digest/BLAKE2s_256.pm +++ b/lib/Crypt/Digest/BLAKE2s_256.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s_256 blake2s_256_hex blake2s_256_b64 blake2s_256_b64u blake2s_256_file blake2s_256_file_hex blake2s_256_file_b64 blake2s_256_file_b64u )] ); diff --git a/lib/Crypt/Digest/CHAES.pm b/lib/Crypt/Digest/CHAES.pm index d445644..3d9912c 100644 --- a/lib/Crypt/Digest/CHAES.pm +++ b/lib/Crypt/Digest/CHAES.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( chaes chaes_hex chaes_b64 chaes_b64u chaes_file chaes_file_hex chaes_file_b64 chaes_file_b64u )] ); diff --git a/lib/Crypt/Digest/Keccak224.pm b/lib/Crypt/Digest/Keccak224.pm index 2b16329..d4fd28f 100644 --- a/lib/Crypt/Digest/Keccak224.pm +++ b/lib/Crypt/Digest/Keccak224.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( keccak224 keccak224_hex keccak224_b64 keccak224_b64u keccak224_file keccak224_file_hex keccak224_file_b64 keccak224_file_b64u )] ); diff --git a/lib/Crypt/Digest/Keccak256.pm b/lib/Crypt/Digest/Keccak256.pm index dfc7bad..d2c1f2c 100644 --- a/lib/Crypt/Digest/Keccak256.pm +++ b/lib/Crypt/Digest/Keccak256.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( keccak256 keccak256_hex keccak256_b64 keccak256_b64u keccak256_file keccak256_file_hex keccak256_file_b64 keccak256_file_b64u )] ); diff --git a/lib/Crypt/Digest/Keccak384.pm b/lib/Crypt/Digest/Keccak384.pm index 017c92d..0ede49b 100644 --- a/lib/Crypt/Digest/Keccak384.pm +++ b/lib/Crypt/Digest/Keccak384.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( keccak384 keccak384_hex keccak384_b64 keccak384_b64u keccak384_file keccak384_file_hex keccak384_file_b64 keccak384_file_b64u )] ); diff --git a/lib/Crypt/Digest/Keccak512.pm b/lib/Crypt/Digest/Keccak512.pm index 9a54bc1..b85873d 100644 --- a/lib/Crypt/Digest/Keccak512.pm +++ b/lib/Crypt/Digest/Keccak512.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( keccak512 keccak512_hex keccak512_b64 keccak512_b64u keccak512_file keccak512_file_hex keccak512_file_b64 keccak512_file_b64u )] ); diff --git a/lib/Crypt/Digest/MD2.pm b/lib/Crypt/Digest/MD2.pm index 4097df1..66625da 100644 --- a/lib/Crypt/Digest/MD2.pm +++ b/lib/Crypt/Digest/MD2.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( md2 md2_hex md2_b64 md2_b64u md2_file md2_file_hex md2_file_b64 md2_file_b64u )] ); diff --git a/lib/Crypt/Digest/MD4.pm b/lib/Crypt/Digest/MD4.pm index d8e6d44..2039681 100644 --- a/lib/Crypt/Digest/MD4.pm +++ b/lib/Crypt/Digest/MD4.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( md4 md4_hex md4_b64 md4_b64u md4_file md4_file_hex md4_file_b64 md4_file_b64u )] ); diff --git a/lib/Crypt/Digest/MD5.pm b/lib/Crypt/Digest/MD5.pm index 65d99ee..5562886 100644 --- a/lib/Crypt/Digest/MD5.pm +++ b/lib/Crypt/Digest/MD5.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( md5 md5_hex md5_b64 md5_b64u md5_file md5_file_hex md5_file_b64 md5_file_b64u )] ); diff --git a/lib/Crypt/Digest/RIPEMD128.pm b/lib/Crypt/Digest/RIPEMD128.pm index 1683b21..0e8f405 100644 --- a/lib/Crypt/Digest/RIPEMD128.pm +++ b/lib/Crypt/Digest/RIPEMD128.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( ripemd128 ripemd128_hex ripemd128_b64 ripemd128_b64u ripemd128_file ripemd128_file_hex ripemd128_file_b64 ripemd128_file_b64u )] ); diff --git a/lib/Crypt/Digest/RIPEMD160.pm b/lib/Crypt/Digest/RIPEMD160.pm index 7dcc785..993fab2 100644 --- a/lib/Crypt/Digest/RIPEMD160.pm +++ b/lib/Crypt/Digest/RIPEMD160.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( ripemd160 ripemd160_hex ripemd160_b64 ripemd160_b64u ripemd160_file ripemd160_file_hex ripemd160_file_b64 ripemd160_file_b64u )] ); diff --git a/lib/Crypt/Digest/RIPEMD256.pm b/lib/Crypt/Digest/RIPEMD256.pm index f7ff62a..16fea0f 100644 --- a/lib/Crypt/Digest/RIPEMD256.pm +++ b/lib/Crypt/Digest/RIPEMD256.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( ripemd256 ripemd256_hex ripemd256_b64 ripemd256_b64u ripemd256_file ripemd256_file_hex ripemd256_file_b64 ripemd256_file_b64u )] ); diff --git a/lib/Crypt/Digest/RIPEMD320.pm b/lib/Crypt/Digest/RIPEMD320.pm index c2e8e0d..1f7b03f 100644 --- a/lib/Crypt/Digest/RIPEMD320.pm +++ b/lib/Crypt/Digest/RIPEMD320.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( ripemd320 ripemd320_hex ripemd320_b64 ripemd320_b64u ripemd320_file ripemd320_file_hex ripemd320_file_b64 ripemd320_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA1.pm b/lib/Crypt/Digest/SHA1.pm index 9e994d0..6d849b9 100644 --- a/lib/Crypt/Digest/SHA1.pm +++ b/lib/Crypt/Digest/SHA1.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha1 sha1_hex sha1_b64 sha1_b64u sha1_file sha1_file_hex sha1_file_b64 sha1_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA224.pm b/lib/Crypt/Digest/SHA224.pm index 5afdac7..17b5003 100644 --- a/lib/Crypt/Digest/SHA224.pm +++ b/lib/Crypt/Digest/SHA224.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha224 sha224_hex sha224_b64 sha224_b64u sha224_file sha224_file_hex sha224_file_b64 sha224_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA256.pm b/lib/Crypt/Digest/SHA256.pm index d81ce7e..185f9d0 100644 --- a/lib/Crypt/Digest/SHA256.pm +++ b/lib/Crypt/Digest/SHA256.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha256 sha256_hex sha256_b64 sha256_b64u sha256_file sha256_file_hex sha256_file_b64 sha256_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA384.pm b/lib/Crypt/Digest/SHA384.pm index 79fdd8c..c9b68f1 100644 --- a/lib/Crypt/Digest/SHA384.pm +++ b/lib/Crypt/Digest/SHA384.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha384 sha384_hex sha384_b64 sha384_b64u sha384_file sha384_file_hex sha384_file_b64 sha384_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA3_224.pm b/lib/Crypt/Digest/SHA3_224.pm index 8eb3a82..9ca6271 100644 --- a/lib/Crypt/Digest/SHA3_224.pm +++ b/lib/Crypt/Digest/SHA3_224.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha3_224 sha3_224_hex sha3_224_b64 sha3_224_b64u sha3_224_file sha3_224_file_hex sha3_224_file_b64 sha3_224_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA3_256.pm b/lib/Crypt/Digest/SHA3_256.pm index 75828ad..a08245c 100644 --- a/lib/Crypt/Digest/SHA3_256.pm +++ b/lib/Crypt/Digest/SHA3_256.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha3_256 sha3_256_hex sha3_256_b64 sha3_256_b64u sha3_256_file sha3_256_file_hex sha3_256_file_b64 sha3_256_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA3_384.pm b/lib/Crypt/Digest/SHA3_384.pm index 3d15489..cf65c4d 100644 --- a/lib/Crypt/Digest/SHA3_384.pm +++ b/lib/Crypt/Digest/SHA3_384.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha3_384 sha3_384_hex sha3_384_b64 sha3_384_b64u sha3_384_file sha3_384_file_hex sha3_384_file_b64 sha3_384_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA3_512.pm b/lib/Crypt/Digest/SHA3_512.pm index 27afec4..dbcd741 100644 --- a/lib/Crypt/Digest/SHA3_512.pm +++ b/lib/Crypt/Digest/SHA3_512.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha3_512 sha3_512_hex sha3_512_b64 sha3_512_b64u sha3_512_file sha3_512_file_hex sha3_512_file_b64 sha3_512_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA512.pm b/lib/Crypt/Digest/SHA512.pm index 7ba414a..2f78435 100644 --- a/lib/Crypt/Digest/SHA512.pm +++ b/lib/Crypt/Digest/SHA512.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha512 sha512_hex sha512_b64 sha512_b64u sha512_file sha512_file_hex sha512_file_b64 sha512_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA512_224.pm b/lib/Crypt/Digest/SHA512_224.pm index 1f83b53..7470b8f 100644 --- a/lib/Crypt/Digest/SHA512_224.pm +++ b/lib/Crypt/Digest/SHA512_224.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha512_224 sha512_224_hex sha512_224_b64 sha512_224_b64u sha512_224_file sha512_224_file_hex sha512_224_file_b64 sha512_224_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHA512_256.pm b/lib/Crypt/Digest/SHA512_256.pm index fb8d92d..31788a3 100644 --- a/lib/Crypt/Digest/SHA512_256.pm +++ b/lib/Crypt/Digest/SHA512_256.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( sha512_256 sha512_256_hex sha512_256_b64 sha512_256_b64u sha512_256_file sha512_256_file_hex sha512_256_file_b64 sha512_256_file_b64u )] ); diff --git a/lib/Crypt/Digest/SHAKE.pm b/lib/Crypt/Digest/SHAKE.pm index 90dd48f..df7fcb2 100644 --- a/lib/Crypt/Digest/SHAKE.pm +++ b/lib/Crypt/Digest/SHAKE.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Carp; $Carp::Internal{(__PACKAGE__)}++; diff --git a/lib/Crypt/Digest/Tiger192.pm b/lib/Crypt/Digest/Tiger192.pm index 8b248ac..a9f0b86 100644 --- a/lib/Crypt/Digest/Tiger192.pm +++ b/lib/Crypt/Digest/Tiger192.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( tiger192 tiger192_hex tiger192_b64 tiger192_b64u tiger192_file tiger192_file_hex tiger192_file_b64 tiger192_file_b64u )] ); diff --git a/lib/Crypt/Digest/Whirlpool.pm b/lib/Crypt/Digest/Whirlpool.pm index d86bbc4..acec84e 100644 --- a/lib/Crypt/Digest/Whirlpool.pm +++ b/lib/Crypt/Digest/Whirlpool.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Digest Exporter); our %EXPORT_TAGS = ( all => [qw( whirlpool whirlpool_hex whirlpool_b64 whirlpool_b64u whirlpool_file whirlpool_file_hex whirlpool_file_b64 whirlpool_file_b64u )] ); diff --git a/lib/Crypt/Digest.pm b/lib/Crypt/Digest.pm index cb3a32a..dbc56e8 100644 --- a/lib/Crypt/Digest.pm +++ b/lib/Crypt/Digest.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u )] ); diff --git a/lib/Crypt/KeyDerivation.pm b/lib/Crypt/KeyDerivation.pm index ea0b2d2..5d6d87a 100644 --- a/lib/Crypt/KeyDerivation.pm +++ b/lib/Crypt/KeyDerivation.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract)] ); diff --git a/lib/Crypt/Mac/BLAKE2b.pm b/lib/Crypt/Mac/BLAKE2b.pm index 26b12d0..f9b7860 100644 --- a/lib/Crypt/Mac/BLAKE2b.pm +++ b/lib/Crypt/Mac/BLAKE2b.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( blake2b blake2b_hex blake2b_b64 blake2b_b64u )] ); diff --git a/lib/Crypt/Mac/BLAKE2s.pm b/lib/Crypt/Mac/BLAKE2s.pm index 2faab14..9ad0f63 100644 --- a/lib/Crypt/Mac/BLAKE2s.pm +++ b/lib/Crypt/Mac/BLAKE2s.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( blake2s blake2s_hex blake2s_b64 blake2s_b64u )] ); diff --git a/lib/Crypt/Mac/F9.pm b/lib/Crypt/Mac/F9.pm index 9310ab5..880e751 100644 --- a/lib/Crypt/Mac/F9.pm +++ b/lib/Crypt/Mac/F9.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( f9 f9_hex f9_b64 f9_b64u )] ); diff --git a/lib/Crypt/Mac/HMAC.pm b/lib/Crypt/Mac/HMAC.pm index f381f74..c7279b4 100644 --- a/lib/Crypt/Mac/HMAC.pm +++ b/lib/Crypt/Mac/HMAC.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( hmac hmac_hex hmac_b64 hmac_b64u )] ); diff --git a/lib/Crypt/Mac/OMAC.pm b/lib/Crypt/Mac/OMAC.pm index d3ee44b..0e6e77b 100644 --- a/lib/Crypt/Mac/OMAC.pm +++ b/lib/Crypt/Mac/OMAC.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( omac omac_hex omac_b64 omac_b64u )] ); diff --git a/lib/Crypt/Mac/PMAC.pm b/lib/Crypt/Mac/PMAC.pm index f9c952f..7658ca5 100644 --- a/lib/Crypt/Mac/PMAC.pm +++ b/lib/Crypt/Mac/PMAC.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( pmac pmac_hex pmac_b64 pmac_b64u )] ); diff --git a/lib/Crypt/Mac/Pelican.pm b/lib/Crypt/Mac/Pelican.pm index 104c583..8d75848 100644 --- a/lib/Crypt/Mac/Pelican.pm +++ b/lib/Crypt/Mac/Pelican.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( pelican pelican_hex pelican_b64 pelican_b64u )] ); diff --git a/lib/Crypt/Mac/Poly1305.pm b/lib/Crypt/Mac/Poly1305.pm index 73e58b4..5cab4b8 100644 --- a/lib/Crypt/Mac/Poly1305.pm +++ b/lib/Crypt/Mac/Poly1305.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( poly1305 poly1305_hex poly1305_b64 poly1305_b64u )] ); diff --git a/lib/Crypt/Mac/XCBC.pm b/lib/Crypt/Mac/XCBC.pm index d17634d..97bfd6a 100644 --- a/lib/Crypt/Mac/XCBC.pm +++ b/lib/Crypt/Mac/XCBC.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::Mac Exporter); our %EXPORT_TAGS = ( all => [qw( xcbc xcbc_hex xcbc_b64 xcbc_b64u )] ); diff --git a/lib/Crypt/Mac.pm b/lib/Crypt/Mac.pm index 8d6f696..3f68be4 100644 --- a/lib/Crypt/Mac.pm +++ b/lib/Crypt/Mac.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Carp; $Carp::Internal{(__PACKAGE__)}++; diff --git a/lib/Crypt/Misc.pm b/lib/Crypt/Misc.pm index 72489ea..7356aa1 100644 --- a/lib/Crypt/Misc.pm +++ b/lib/Crypt/Misc.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import'; use Carp 'croak'; diff --git a/lib/Crypt/Mode/CBC.pm b/lib/Crypt/Mode/CBC.pm index be0a98c..4f3aac7 100644 --- a/lib/Crypt/Mode/CBC.pm +++ b/lib/Crypt/Mode/CBC.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Crypt::Cipher; diff --git a/lib/Crypt/Mode/CFB.pm b/lib/Crypt/Mode/CFB.pm index effa240..6421597 100644 --- a/lib/Crypt/Mode/CFB.pm +++ b/lib/Crypt/Mode/CFB.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Crypt::Cipher; diff --git a/lib/Crypt/Mode/CTR.pm b/lib/Crypt/Mode/CTR.pm index b8a6e64..0d49c1d 100644 --- a/lib/Crypt/Mode/CTR.pm +++ b/lib/Crypt/Mode/CTR.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Crypt::Cipher; diff --git a/lib/Crypt/Mode/ECB.pm b/lib/Crypt/Mode/ECB.pm index 73711ff..cc1e377 100644 --- a/lib/Crypt/Mode/ECB.pm +++ b/lib/Crypt/Mode/ECB.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Crypt::Cipher; diff --git a/lib/Crypt/Mode/OFB.pm b/lib/Crypt/Mode/OFB.pm index 7ef4543..b2a6c7a 100644 --- a/lib/Crypt/Mode/OFB.pm +++ b/lib/Crypt/Mode/OFB.pm @@ -4,7 +4,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Crypt::Cipher; diff --git a/lib/Crypt/Mode.pm b/lib/Crypt/Mode.pm index a847458..d072d47 100644 --- a/lib/Crypt/Mode.pm +++ b/lib/Crypt/Mode.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; ### not used diff --git a/lib/Crypt/PK/DH.pm b/lib/Crypt/PK/DH.pm index 1f9971d..d85ce21 100644 --- a/lib/Crypt/PK/DH.pm +++ b/lib/Crypt/PK/DH.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( dh_shared_secret )] ); diff --git a/lib/Crypt/PK/DSA.pm b/lib/Crypt/PK/DSA.pm index 3ce4299..97f4b68 100644 --- a/lib/Crypt/PK/DSA.pm +++ b/lib/Crypt/PK/DSA.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_message dsa_sign_hash dsa_verify_hash )] ); diff --git a/lib/Crypt/PK/ECC.pm b/lib/Crypt/PK/ECC.pm index 9e2d06a..9dc5996 100644 --- a/lib/Crypt/PK/ECC.pm +++ b/lib/Crypt/PK/ECC.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw( ecc_encrypt ecc_decrypt ecc_sign_message ecc_verify_message ecc_sign_hash ecc_verify_hash ecc_shared_secret )] ); @@ -16,39 +16,74 @@ use Crypt::Misc qw(read_rawfile encode_b64u decode_b64u encode_b64 decode_b64 pem_to_der der_to_pem); use Crypt::PK; -our %curve = ( - # extra curves not recognized by libtomcrypt - 'wap-wsg-idm-ecid-wtls8' => { - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFDE7", - A => "0000000000000000000000000000", - B => "0000000000000000000000000003", - order => "0100000000000001ECEA551AD837E9", - Gx => "0000000000000000000000000001", - Gy => "0000000000000000000000000002", - cofactor => 1, - oid => '2.23.43.1.4.8', - }, - 'wap-wsg-idm-ecid-wtls9' => { - prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F", - A => "0000000000000000000000000000000000000000", - B => "0000000000000000000000000000000000000003", - order => "0100000000000000000001CDC98AE0E2DE574ABF33", - Gx => "0000000000000000000000000000000000000001", - Gy => "0000000000000000000000000000000000000002", - cofactor => 1, - oid => '2.23.43.1.4.9', - }, +our %curve = ( # must be "our" as we use it from XS code + # extra curves not recognized by libtomcrypt + 'wap-wsg-idm-ecid-wtls8' => { + prime => "FFFFFFFFFFFFFFFFFFFFFFFFFDE7", + A => "0000000000000000000000000000", + B => "0000000000000000000000000003", + order => "0100000000000001ECEA551AD837E9", + Gx => "0000000000000000000000000001", + Gy => "0000000000000000000000000002", + cofactor => 1, + oid => '2.23.43.1.4.8', + }, + 'wap-wsg-idm-ecid-wtls9' => { + prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F", + A => "0000000000000000000000000000000000000000", + B => "0000000000000000000000000000000000000003", + order => "0100000000000000000001CDC98AE0E2DE574ABF33", + Gx => "0000000000000000000000000000000000000001", + Gy => "0000000000000000000000000000000000000002", + cofactor => 1, + oid => '2.23.43.1.4.9', + }, + # some unusual openssl names + "wap-wsg-idm-ecid-wtls6" => 'secp112r1', + "wap-wsg-idm-ecid-wtls7" => 'secp160r2', + "wap-wsg-idm-ecid-wtls12" => 'secp224r1', ); -my %jwk2curve = ( - 'P-192' => 'secp192r1', - 'P-224' => 'secp224r1', - 'P-256' => 'secp256r1', - 'P-384' => 'secp384r1', - 'P-521' => 'secp521r1', +our %curve_oid2name = ( # must be "our" as we use it from XS code + # the following are used to derive curve_name from OID in key2hash() + "1.2.840.10045.3.1.1" => "secp192r1", + "1.2.840.10045.3.1.2" => "prime192v2", + "1.2.840.10045.3.1.3" => "prime192v3", + "1.2.840.10045.3.1.4" => "prime239v1", + "1.2.840.10045.3.1.5" => "prime239v2", + "1.2.840.10045.3.1.6" => "prime239v3", + "1.2.840.10045.3.1.7" => "secp256r1", + "1.3.132.0.6" => "secp112r1", + "1.3.132.0.7" => "secp112r2", + "1.3.132.0.8" => "secp160r1", + "1.3.132.0.9" => "secp160k1", + "1.3.132.0.10" => "secp256k1", + "1.3.132.0.28" => "secp128r1", + "1.3.132.0.29" => "secp128r2", + "1.3.132.0.30" => "secp160r2", + "1.3.132.0.31" => "secp192k1", + "1.3.132.0.32" => "secp224k1", + "1.3.132.0.33" => "secp224r1", + "1.3.132.0.34" => "secp384r1", + "1.3.132.0.35" => "secp521r1", + "1.3.36.3.3.2.8.1.1.1" => "brainpoolp160r1", + "1.3.36.3.3.2.8.1.1.2" => "brainpoolp160t1", + "1.3.36.3.3.2.8.1.1.3" => "brainpoolp192r1", + "1.3.36.3.3.2.8.1.1.4" => "brainpoolp192t1", + "1.3.36.3.3.2.8.1.1.5" => "brainpoolp224r1", + "1.3.36.3.3.2.8.1.1.6" => "brainpoolp224t1", + "1.3.36.3.3.2.8.1.1.7" => "brainpoolp256r1", + "1.3.36.3.3.2.8.1.1.8" => "brainpoolp256t1", + "1.3.36.3.3.2.8.1.1.9" => "brainpoolp320r1", + "1.3.36.3.3.2.8.1.1.10" => "brainpoolp320t1", + "1.3.36.3.3.2.8.1.1.11" => "brainpoolp384r1", + "1.3.36.3.3.2.8.1.1.12" => "brainpoolp384t1", + "1.3.36.3.3.2.8.1.1.13" => "brainpoolp512r1", + "1.3.36.3.3.2.8.1.1.14" => "brainpoolp512t1", ); my %curve2jwk = ( + # necessary for conversion of curve_name_or_OID >> P-NNN '1.2.840.10045.3.1.1' => 'P-192', # secp192r1 '1.3.132.0.33' => 'P-224', # secp224r1 '1.2.840.10045.3.1.7' => 'P-256', # secp256r1 @@ -66,95 +101,6 @@ 'secp256r1' => 'P-256', 'secp384r1' => 'P-384', 'secp521r1' => 'P-521', -); - -our %curve2ltc = ( # must be "our" as we use it from XS code - # OIDs - "1.2.840.10045.3.1.1" => "SECP192R1", - "1.2.840.10045.3.1.2" => "PRIME192V2", - "1.2.840.10045.3.1.3" => "PRIME192V3", - "1.2.840.10045.3.1.4" => "PRIME239V1", - "1.2.840.10045.3.1.5" => "PRIME239V2", - "1.2.840.10045.3.1.6" => "PRIME239V3", - "1.2.840.10045.3.1.7" => "SECP256R1", - "1.3.132.0.10" => "SECP256K1", - "1.3.132.0.28" => "SECP128R1", - "1.3.132.0.29" => "SECP128R2", - "1.3.132.0.30" => "SECP160R2", - "1.3.132.0.31" => "SECP192K1", - "1.3.132.0.32" => "SECP224K1", - "1.3.132.0.33" => "SECP224R1", - "1.3.132.0.34" => "SECP384R1", - "1.3.132.0.35" => "SECP521R1", - "1.3.132.0.6" => "SECP112R1", - "1.3.132.0.7" => "SECP112R2", - "1.3.132.0.8" => "SECP160R1", - "1.3.132.0.9" => "SECP160K1", - "1.3.36.3.3.2.8.1.1.1" => "BRAINPOOLP160R1", - "1.3.36.3.3.2.8.1.1.11" => "BRAINPOOLP384R1", - "1.3.36.3.3.2.8.1.1.13" => "BRAINPOOLP512R1", - "1.3.36.3.3.2.8.1.1.3" => "BRAINPOOLP192R1", - "1.3.36.3.3.2.8.1.1.5" => "BRAINPOOLP224R1", - "1.3.36.3.3.2.8.1.1.7" => "BRAINPOOLP256R1", - "1.3.36.3.3.2.8.1.1.9" => "BRAINPOOLP320R1", - "1.3.36.3.3.2.8.1.1.10" => "BRAINPOOLP320T1", - "1.3.36.3.3.2.8.1.1.12" => "BRAINPOOLP384T1", - "1.3.36.3.3.2.8.1.1.14" => "BRAINPOOLP512T1", - "1.3.36.3.3.2.8.1.1.2" => "BRAINPOOLP160T1", - "1.3.36.3.3.2.8.1.1.4" => "BRAINPOOLP192T1", - "1.3.36.3.3.2.8.1.1.6" => "BRAINPOOLP224T1", - "1.3.36.3.3.2.8.1.1.8" => "BRAINPOOLP256T1", - # JWT names - "P-192" => "SECP192R1", - "P-224" => "SECP224R1", - "P-256" => "SECP256R1", - "P-384" => "SECP384R1", - "P-521" => "SECP521R1", - # openssl names - "brainpoolp160r1" => "BRAINPOOLP160R1", - "brainpoolp192r1" => "BRAINPOOLP192R1", - "brainpoolp224r1" => "BRAINPOOLP224R1", - "brainpoolp256r1" => "BRAINPOOLP256R1", - "brainpoolp320r1" => "BRAINPOOLP320R1", - "brainpoolp384r1" => "BRAINPOOLP384R1", - "brainpoolp512r1" => "BRAINPOOLP512R1", - "brainpoolp160t1" => "BRAINPOOLP160T1", - "brainpoolp192t1" => "BRAINPOOLP192T1", - "brainpoolp224t1" => "BRAINPOOLP224T1", - "brainpoolp256t1" => "BRAINPOOLP256T1", - "brainpoolp320t1" => "BRAINPOOLP320T1", - "brainpoolp384t1" => "BRAINPOOLP384T1", - "brainpoolp512t1" => "BRAINPOOLP512T1", - "nistp192" => "SECP192R1", - "nistp224" => "SECP224R1", - "nistp256" => "SECP256R1", - "nistp384" => "SECP384R1", - "nistp521" => "SECP521R1", - "prime192v1" => "SECP192R1", - "prime192v2" => "PRIME192V2", - "prime192v3" => "PRIME192V3", - "prime239v1" => "PRIME239V1", - "prime239v2" => "PRIME239V2", - "prime239v3" => "PRIME239V3", - "prime256v1" => "SECP256R1", - "secp112r1" => "SECP112R1", - "secp112r2" => "SECP112R2", - "secp128r1" => "SECP128R1", - "secp128r2" => "SECP128R2", - "secp160k1" => "SECP160K1", - "secp160r1" => "SECP160R1", - "secp160r2" => "SECP160R2", - "secp192k1" => "SECP192K1", - "secp192r1" => "SECP192R1", - "secp224k1" => "SECP224K1", - "secp224r1" => "SECP224R1", - "secp256k1" => "SECP256K1", - "secp256r1" => "SECP256R1", - "secp384r1" => "SECP384R1", - "secp521r1" => "SECP521R1", - "wap-wsg-idm-ecid-wtls6" => 'SECP112R1', - "wap-wsg-idm-ecid-wtls7" => 'SECP160R2', - "wap-wsg-idm-ecid-wtls12" => 'SECP224R1', ); sub _import_hex { @@ -250,10 +196,7 @@ for (qw/x y d/) { $key->{$_} = eval { unpack("H*", decode_b64u($key->{$_})) } if exists $key->{$_}; } - if (my $curve_name = $jwk2curve{$key->{crv}}) { - return $self->_import_hex($key->{x}, $key->{y}, $key->{d}, $curve_name); - } - # curve is not JWK compliant e.g. P-192 P-224 P-256 P-384 P-521 (we'll try to import anyway) + # names P-192 P-224 P-256 P-384 P-521 are recognized by libtomcrypt return $self->_import_hex($key->{x}, $key->{y}, $key->{d}, $key->{crv}); } croak "FATAL: unexpected ECC key hash"; @@ -291,10 +234,7 @@ for (qw/x y d/) { $h->{$_} = eval { unpack("H*", decode_b64u($h->{$_})) } if exists $h->{$_}; } - if (my $curve_name = $jwk2curve{$h->{crv}}) { - return $self->_import_hex($h->{x}, $h->{y}, $h->{d}, $curve_name); - } - # curve is not JWK compliant e.g. P-192 P-224 P-256 P-384 P-521 (we'll try to import anyway) + # names P-192 P-224 P-256 P-384 P-521 are recognized by libtomcrypt return $self->_import_hex($h->{x}, $h->{y}, $h->{d}, $h->{crv}); } } diff --git a/lib/Crypt/PK/RSA.pm b/lib/Crypt/PK/RSA.pm index 722b4ed..c748c80 100644 --- a/lib/Crypt/PK/RSA.pm +++ b/lib/Crypt/PK/RSA.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_message rsa_sign_hash rsa_verify_hash)] ); diff --git a/lib/Crypt/PK.pm b/lib/Crypt/PK.pm index 28d7bb6..86b7491 100644 --- a/lib/Crypt/PK.pm +++ b/lib/Crypt/PK.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use Carp; diff --git a/lib/Crypt/PRNG/ChaCha20.pm b/lib/Crypt/PRNG/ChaCha20.pm index b44441c..62d26fd 100644 --- a/lib/Crypt/PRNG/ChaCha20.pm +++ b/lib/Crypt/PRNG/ChaCha20.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); diff --git a/lib/Crypt/PRNG/Fortuna.pm b/lib/Crypt/PRNG/Fortuna.pm index 19a5709..6c4faa4 100644 --- a/lib/Crypt/PRNG/Fortuna.pm +++ b/lib/Crypt/PRNG/Fortuna.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); diff --git a/lib/Crypt/PRNG/RC4.pm b/lib/Crypt/PRNG/RC4.pm index 63af12f..2f6017a 100644 --- a/lib/Crypt/PRNG/RC4.pm +++ b/lib/Crypt/PRNG/RC4.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); diff --git a/lib/Crypt/PRNG/Sober128.pm b/lib/Crypt/PRNG/Sober128.pm index 1249ec8..3a07953 100644 --- a/lib/Crypt/PRNG/Sober128.pm +++ b/lib/Crypt/PRNG/Sober128.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); diff --git a/lib/Crypt/PRNG/Yarrow.pm b/lib/Crypt/PRNG/Yarrow.pm index 70052a1..b079972 100644 --- a/lib/Crypt/PRNG/Yarrow.pm +++ b/lib/Crypt/PRNG/Yarrow.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use base qw(Crypt::PRNG Exporter); our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); diff --git a/lib/Crypt/PRNG.pm b/lib/Crypt/PRNG.pm index 1285839..835b78b 100644 --- a/lib/Crypt/PRNG.pm +++ b/lib/Crypt/PRNG.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); diff --git a/lib/Crypt/Stream/ChaCha.pm b/lib/Crypt/Stream/ChaCha.pm index 2c9eb1a..b8efaaf 100644 --- a/lib/Crypt/Stream/ChaCha.pm +++ b/lib/Crypt/Stream/ChaCha.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use CryptX; diff --git a/lib/Crypt/Stream/RC4.pm b/lib/Crypt/Stream/RC4.pm index d1e6ed4..85eea86 100644 --- a/lib/Crypt/Stream/RC4.pm +++ b/lib/Crypt/Stream/RC4.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use CryptX; diff --git a/lib/Crypt/Stream/Rabbit.pm b/lib/Crypt/Stream/Rabbit.pm index 649e63d..8b8df8c 100644 --- a/lib/Crypt/Stream/Rabbit.pm +++ b/lib/Crypt/Stream/Rabbit.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use CryptX; diff --git a/lib/Crypt/Stream/Salsa20.pm b/lib/Crypt/Stream/Salsa20.pm index 26478b2..69014a2 100644 --- a/lib/Crypt/Stream/Salsa20.pm +++ b/lib/Crypt/Stream/Salsa20.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use CryptX; diff --git a/lib/Crypt/Stream/Sober128.pm b/lib/Crypt/Stream/Sober128.pm index cc2db1b..6181428 100644 --- a/lib/Crypt/Stream/Sober128.pm +++ b/lib/Crypt/Stream/Sober128.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use CryptX; diff --git a/lib/Crypt/Stream/Sosemanuk.pm b/lib/Crypt/Stream/Sosemanuk.pm index 790447d..a4c59f3 100644 --- a/lib/Crypt/Stream/Sosemanuk.pm +++ b/lib/Crypt/Stream/Sosemanuk.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use CryptX; diff --git a/lib/CryptX.pm b/lib/CryptX.pm index ead2f92..53e4ba3 100644 --- a/lib/CryptX.pm +++ b/lib/CryptX.pm @@ -2,7 +2,7 @@ use strict; use warnings ; -our $VERSION = '0.059'; +our $VERSION = '0.060'; require XSLoader; XSLoader::load('CryptX', $VERSION); diff --git a/lib/Math/BigInt/LTM.pm b/lib/Math/BigInt/LTM.pm index 9d09b43..cee48bc 100644 --- a/lib/Math/BigInt/LTM.pm +++ b/lib/Math/BigInt/LTM.pm @@ -2,7 +2,7 @@ use strict; use warnings; -our $VERSION = '0.059'; +our $VERSION = '0.060'; use CryptX; diff --git a/src/Makefile b/src/Makefile index 6775fa9..0e4cba5 100644 --- a/src/Makefile +++ b/src/Makefile @@ -42,20 +42,22 @@ ltc/math/rand_bn.o ltc/math/rand_prime.o ltc/math/tfm_desc.o ltc/math/fp/ltc_ecc_fp_mulmod.o \ ltc/misc/adler32.o ltc/misc/burn_stack.o ltc/misc/compare_testvector.o ltc/misc/copy_or_zeromem.o \ ltc/misc/crc32.o ltc/misc/error_to_string.o ltc/misc/mem_neq.o ltc/misc/pk_get_oid.o \ -ltc/misc/zeromem.o ltc/misc/base32/base32_decode.o ltc/misc/base32/base32_encode.o \ -ltc/misc/base64/base64_decode.o ltc/misc/base64/base64_encode.o ltc/misc/crypt/crypt.o \ -ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o ltc/misc/crypt/crypt_cipher_is_valid.o \ -ltc/misc/crypt/crypt_constants.o ltc/misc/crypt/crypt_find_cipher.o ltc/misc/crypt/crypt_find_cipher_any.o \ -ltc/misc/crypt/crypt_find_cipher_id.o ltc/misc/crypt/crypt_find_hash.o ltc/misc/crypt/crypt_find_hash_any.o \ -ltc/misc/crypt/crypt_find_hash_id.o ltc/misc/crypt/crypt_find_hash_oid.o ltc/misc/crypt/crypt_find_prng.o \ -ltc/misc/crypt/crypt_fsa.o ltc/misc/crypt/crypt_hash_descriptor.o ltc/misc/crypt/crypt_hash_is_valid.o \ -ltc/misc/crypt/crypt_inits.o ltc/misc/crypt/crypt_ltc_mp_descriptor.o ltc/misc/crypt/crypt_prng_descriptor.o \ -ltc/misc/crypt/crypt_prng_is_valid.o ltc/misc/crypt/crypt_prng_rng_descriptor.o ltc/misc/crypt/crypt_register_all_ciphers.o \ +ltc/misc/pk_oid_str.o ltc/misc/zeromem.o ltc/misc/base16/base16_decode.o ltc/misc/base16/base16_encode.o \ +ltc/misc/base32/base32_decode.o ltc/misc/base32/base32_encode.o ltc/misc/base64/base64_decode.o \ +ltc/misc/base64/base64_encode.o ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o \ +ltc/misc/crypt/crypt_cipher_descriptor.o ltc/misc/crypt/crypt_cipher_is_valid.o ltc/misc/crypt/crypt_constants.o \ +ltc/misc/crypt/crypt_find_cipher.o ltc/misc/crypt/crypt_find_cipher_any.o ltc/misc/crypt/crypt_find_cipher_id.o \ +ltc/misc/crypt/crypt_find_hash.o ltc/misc/crypt/crypt_find_hash_any.o ltc/misc/crypt/crypt_find_hash_id.o \ +ltc/misc/crypt/crypt_find_hash_oid.o ltc/misc/crypt/crypt_find_prng.o ltc/misc/crypt/crypt_fsa.o \ +ltc/misc/crypt/crypt_hash_descriptor.o ltc/misc/crypt/crypt_hash_is_valid.o ltc/misc/crypt/crypt_inits.o \ +ltc/misc/crypt/crypt_ltc_mp_descriptor.o ltc/misc/crypt/crypt_prng_descriptor.o ltc/misc/crypt/crypt_prng_is_valid.o \ +ltc/misc/crypt/crypt_prng_rng_descriptor.o ltc/misc/crypt/crypt_register_all_ciphers.o \ ltc/misc/crypt/crypt_register_all_hashes.o ltc/misc/crypt/crypt_register_all_prngs.o \ ltc/misc/crypt/crypt_register_cipher.o ltc/misc/crypt/crypt_register_hash.o ltc/misc/crypt/crypt_register_prng.o \ ltc/misc/crypt/crypt_sizes.o ltc/misc/crypt/crypt_unregister_cipher.o ltc/misc/crypt/crypt_unregister_hash.o \ -ltc/misc/crypt/crypt_unregister_prng.o ltc/misc/hkdf/hkdf.o ltc/misc/pkcs5/pkcs_5_1.o \ -ltc/misc/pkcs5/pkcs_5_2.o ltc/modes/cbc/cbc_decrypt.o ltc/modes/cbc/cbc_done.o ltc/modes/cbc/cbc_encrypt.o \ +ltc/misc/crypt/crypt_unregister_prng.o ltc/misc/hkdf/hkdf.o ltc/misc/padding/padding_depad.o \ +ltc/misc/padding/padding_pad.o ltc/misc/pkcs5/pkcs_5_1.o ltc/misc/pkcs5/pkcs_5_2.o \ +ltc/modes/cbc/cbc_decrypt.o ltc/modes/cbc/cbc_done.o ltc/modes/cbc/cbc_encrypt.o \ ltc/modes/cbc/cbc_getiv.o ltc/modes/cbc/cbc_setiv.o ltc/modes/cbc/cbc_start.o ltc/modes/cfb/cfb_decrypt.o \ ltc/modes/cfb/cfb_done.o ltc/modes/cfb/cfb_encrypt.o ltc/modes/cfb/cfb_getiv.o ltc/modes/cfb/cfb_setiv.o \ ltc/modes/cfb/cfb_start.o ltc/modes/ctr/ctr_decrypt.o ltc/modes/ctr/ctr_done.o ltc/modes/ctr/ctr_encrypt.o \ @@ -100,8 +102,8 @@ ltc/pk/dsa/dsa_set_pqg_dsaparam.o ltc/pk/dsa/dsa_shared_secret.o ltc/pk/dsa/dsa_sign_hash.o \ ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ecc/ecc.o ltc/pk/ecc/ecc_ansi_x963_export.o \ ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o ltc/pk/ecc/ecc_encrypt_key.o \ -ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o \ -ltc/pk/ecc/ecc_get_set.o ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o \ +ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_curve.o \ +ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o \ ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o \ ltc/pk/ecc/ecc_set_dp.o ltc/pk/ecc/ecc_set_dp_internal.o ltc/pk/ecc/ecc_set_key.o \ ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o \ diff --git a/src/Makefile.nmake b/src/Makefile.nmake index 3bef06e..3cbaadd 100644 --- a/src/Makefile.nmake +++ b/src/Makefile.nmake @@ -45,9 +45,10 @@ ltc/math/rand_bn.obj ltc/math/rand_prime.obj ltc/math/tfm_desc.obj ltc/math/fp/ltc_ecc_fp_mulmod.obj \ ltc/misc/adler32.obj ltc/misc/burn_stack.obj ltc/misc/compare_testvector.obj ltc/misc/copy_or_zeromem.obj \ ltc/misc/crc32.obj ltc/misc/error_to_string.obj ltc/misc/mem_neq.obj ltc/misc/pk_get_oid.obj \ -ltc/misc/zeromem.obj ltc/misc/base32/base32_decode.obj ltc/misc/base32/base32_encode.obj \ -ltc/misc/base64/base64_decode.obj ltc/misc/base64/base64_encode.obj ltc/misc/crypt/crypt.obj \ -ltc/misc/crypt/crypt_argchk.obj ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \ +ltc/misc/pk_oid_str.obj ltc/misc/zeromem.obj ltc/misc/base16/base16_decode.obj ltc/misc/base16/base16_encode.obj \ +ltc/misc/base32/base32_decode.obj ltc/misc/base32/base32_encode.obj ltc/misc/base64/base64_decode.obj \ +ltc/misc/base64/base64_encode.obj ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj \ +ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \ ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj ltc/misc/crypt/crypt_find_cipher_any.obj \ ltc/misc/crypt/crypt_find_cipher_id.obj ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj \ ltc/misc/crypt/crypt_find_hash_id.obj ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj \ @@ -58,40 +59,41 @@ ltc/misc/crypt/crypt_register_all_prngs.obj ltc/misc/crypt/crypt_register_cipher.obj \ ltc/misc/crypt/crypt_register_hash.obj ltc/misc/crypt/crypt_register_prng.obj ltc/misc/crypt/crypt_sizes.obj \ ltc/misc/crypt/crypt_unregister_cipher.obj ltc/misc/crypt/crypt_unregister_hash.obj \ -ltc/misc/crypt/crypt_unregister_prng.obj ltc/misc/hkdf/hkdf.obj ltc/misc/pkcs5/pkcs_5_1.obj \ -ltc/misc/pkcs5/pkcs_5_2.obj ltc/modes/cbc/cbc_decrypt.obj ltc/modes/cbc/cbc_done.obj \ -ltc/modes/cbc/cbc_encrypt.obj ltc/modes/cbc/cbc_getiv.obj ltc/modes/cbc/cbc_setiv.obj \ -ltc/modes/cbc/cbc_start.obj ltc/modes/cfb/cfb_decrypt.obj ltc/modes/cfb/cfb_done.obj \ -ltc/modes/cfb/cfb_encrypt.obj ltc/modes/cfb/cfb_getiv.obj ltc/modes/cfb/cfb_setiv.obj \ -ltc/modes/cfb/cfb_start.obj ltc/modes/ctr/ctr_decrypt.obj ltc/modes/ctr/ctr_done.obj \ -ltc/modes/ctr/ctr_encrypt.obj ltc/modes/ctr/ctr_getiv.obj ltc/modes/ctr/ctr_setiv.obj \ -ltc/modes/ctr/ctr_start.obj ltc/modes/ecb/ecb_decrypt.obj ltc/modes/ecb/ecb_done.obj \ -ltc/modes/ecb/ecb_encrypt.obj ltc/modes/ecb/ecb_start.obj ltc/modes/ofb/ofb_decrypt.obj \ -ltc/modes/ofb/ofb_done.obj ltc/modes/ofb/ofb_encrypt.obj ltc/modes/ofb/ofb_getiv.obj \ -ltc/modes/ofb/ofb_setiv.obj ltc/modes/ofb/ofb_start.obj ltc/pk/asn1/der/bit/der_decode_bit_string.obj \ -ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj ltc/pk/asn1/der/bit/der_encode_bit_string.obj \ -ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj ltc/pk/asn1/der/bit/der_length_bit_string.obj \ -ltc/pk/asn1/der/boolean/der_decode_boolean.obj ltc/pk/asn1/der/boolean/der_encode_boolean.obj \ -ltc/pk/asn1/der/boolean/der_length_boolean.obj ltc/pk/asn1/der/choice/der_decode_choice.obj \ -ltc/pk/asn1/der/custom_type/der_decode_custom_type.obj ltc/pk/asn1/der/custom_type/der_encode_custom_type.obj \ -ltc/pk/asn1/der/custom_type/der_length_custom_type.obj ltc/pk/asn1/der/general/der_asn1_maps.obj \ -ltc/pk/asn1/der/general/der_decode_asn1_identifier.obj ltc/pk/asn1/der/general/der_decode_asn1_length.obj \ -ltc/pk/asn1/der/general/der_encode_asn1_identifier.obj ltc/pk/asn1/der/general/der_encode_asn1_length.obj \ -ltc/pk/asn1/der/general/der_length_asn1_identifier.obj ltc/pk/asn1/der/general/der_length_asn1_length.obj \ -ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.obj ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.obj \ -ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.obj ltc/pk/asn1/der/ia5/der_decode_ia5_string.obj \ -ltc/pk/asn1/der/ia5/der_encode_ia5_string.obj ltc/pk/asn1/der/ia5/der_length_ia5_string.obj \ -ltc/pk/asn1/der/integer/der_decode_integer.obj ltc/pk/asn1/der/integer/der_encode_integer.obj \ -ltc/pk/asn1/der/integer/der_length_integer.obj ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.obj \ -ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.obj ltc/pk/asn1/der/object_identifier/der_length_object_identifier.obj \ -ltc/pk/asn1/der/octet/der_decode_octet_string.obj ltc/pk/asn1/der/octet/der_encode_octet_string.obj \ -ltc/pk/asn1/der/octet/der_length_octet_string.obj ltc/pk/asn1/der/printable_string/der_decode_printable_string.obj \ -ltc/pk/asn1/der/printable_string/der_encode_printable_string.obj ltc/pk/asn1/der/printable_string/der_length_printable_string.obj \ -ltc/pk/asn1/der/sequence/der_decode_sequence_ex.obj ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.obj \ -ltc/pk/asn1/der/sequence/der_decode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_encode_sequence_ex.obj \ -ltc/pk/asn1/der/sequence/der_encode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_length_sequence.obj \ -ltc/pk/asn1/der/sequence/der_sequence_free.obj ltc/pk/asn1/der/sequence/der_sequence_shrink.obj \ -ltc/pk/asn1/der/set/der_encode_set.obj ltc/pk/asn1/der/set/der_encode_setof.obj ltc/pk/asn1/der/short_integer/der_decode_short_integer.obj \ +ltc/misc/crypt/crypt_unregister_prng.obj ltc/misc/hkdf/hkdf.obj ltc/misc/padding/padding_depad.obj \ +ltc/misc/padding/padding_pad.obj ltc/misc/pkcs5/pkcs_5_1.obj ltc/misc/pkcs5/pkcs_5_2.obj \ +ltc/modes/cbc/cbc_decrypt.obj ltc/modes/cbc/cbc_done.obj ltc/modes/cbc/cbc_encrypt.obj \ +ltc/modes/cbc/cbc_getiv.obj ltc/modes/cbc/cbc_setiv.obj ltc/modes/cbc/cbc_start.obj \ +ltc/modes/cfb/cfb_decrypt.obj ltc/modes/cfb/cfb_done.obj ltc/modes/cfb/cfb_encrypt.obj \ +ltc/modes/cfb/cfb_getiv.obj ltc/modes/cfb/cfb_setiv.obj ltc/modes/cfb/cfb_start.obj \ +ltc/modes/ctr/ctr_decrypt.obj ltc/modes/ctr/ctr_done.obj ltc/modes/ctr/ctr_encrypt.obj \ +ltc/modes/ctr/ctr_getiv.obj ltc/modes/ctr/ctr_setiv.obj ltc/modes/ctr/ctr_start.obj \ +ltc/modes/ecb/ecb_decrypt.obj ltc/modes/ecb/ecb_done.obj ltc/modes/ecb/ecb_encrypt.obj \ +ltc/modes/ecb/ecb_start.obj ltc/modes/ofb/ofb_decrypt.obj ltc/modes/ofb/ofb_done.obj \ +ltc/modes/ofb/ofb_encrypt.obj ltc/modes/ofb/ofb_getiv.obj ltc/modes/ofb/ofb_setiv.obj \ +ltc/modes/ofb/ofb_start.obj ltc/pk/asn1/der/bit/der_decode_bit_string.obj ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj \ +ltc/pk/asn1/der/bit/der_encode_bit_string.obj ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj \ +ltc/pk/asn1/der/bit/der_length_bit_string.obj ltc/pk/asn1/der/boolean/der_decode_boolean.obj \ +ltc/pk/asn1/der/boolean/der_encode_boolean.obj ltc/pk/asn1/der/boolean/der_length_boolean.obj \ +ltc/pk/asn1/der/choice/der_decode_choice.obj ltc/pk/asn1/der/custom_type/der_decode_custom_type.obj \ +ltc/pk/asn1/der/custom_type/der_encode_custom_type.obj ltc/pk/asn1/der/custom_type/der_length_custom_type.obj \ +ltc/pk/asn1/der/general/der_asn1_maps.obj ltc/pk/asn1/der/general/der_decode_asn1_identifier.obj \ +ltc/pk/asn1/der/general/der_decode_asn1_length.obj ltc/pk/asn1/der/general/der_encode_asn1_identifier.obj \ +ltc/pk/asn1/der/general/der_encode_asn1_length.obj ltc/pk/asn1/der/general/der_length_asn1_identifier.obj \ +ltc/pk/asn1/der/general/der_length_asn1_length.obj ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.obj \ +ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.obj ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.obj \ +ltc/pk/asn1/der/ia5/der_decode_ia5_string.obj ltc/pk/asn1/der/ia5/der_encode_ia5_string.obj \ +ltc/pk/asn1/der/ia5/der_length_ia5_string.obj ltc/pk/asn1/der/integer/der_decode_integer.obj \ +ltc/pk/asn1/der/integer/der_encode_integer.obj ltc/pk/asn1/der/integer/der_length_integer.obj \ +ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.obj ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.obj \ +ltc/pk/asn1/der/object_identifier/der_length_object_identifier.obj ltc/pk/asn1/der/octet/der_decode_octet_string.obj \ +ltc/pk/asn1/der/octet/der_encode_octet_string.obj ltc/pk/asn1/der/octet/der_length_octet_string.obj \ +ltc/pk/asn1/der/printable_string/der_decode_printable_string.obj ltc/pk/asn1/der/printable_string/der_encode_printable_string.obj \ +ltc/pk/asn1/der/printable_string/der_length_printable_string.obj ltc/pk/asn1/der/sequence/der_decode_sequence_ex.obj \ +ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.obj ltc/pk/asn1/der/sequence/der_decode_sequence_multi.obj \ +ltc/pk/asn1/der/sequence/der_encode_sequence_ex.obj ltc/pk/asn1/der/sequence/der_encode_sequence_multi.obj \ +ltc/pk/asn1/der/sequence/der_length_sequence.obj ltc/pk/asn1/der/sequence/der_sequence_free.obj \ +ltc/pk/asn1/der/sequence/der_sequence_shrink.obj ltc/pk/asn1/der/set/der_encode_set.obj \ +ltc/pk/asn1/der/set/der_encode_setof.obj ltc/pk/asn1/der/short_integer/der_decode_short_integer.obj \ ltc/pk/asn1/der/short_integer/der_encode_short_integer.obj ltc/pk/asn1/der/short_integer/der_length_short_integer.obj \ ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.obj ltc/pk/asn1/der/teletex_string/der_length_teletex_string.obj \ ltc/pk/asn1/der/utctime/der_decode_utctime.obj ltc/pk/asn1/der/utctime/der_encode_utctime.obj \ @@ -108,7 +110,7 @@ ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \ ltc/pk/ecc/ecc_ansi_x963_import.obj ltc/pk/ecc/ecc_decrypt_key.obj ltc/pk/ecc/ecc_encrypt_key.obj \ ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_openssl.obj ltc/pk/ecc/ecc_free.obj \ -ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_set.obj ltc/pk/ecc/ecc_get_size.obj \ +ltc/pk/ecc/ecc_get_curve.obj ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_size.obj \ ltc/pk/ecc/ecc_import.obj ltc/pk/ecc/ecc_import_openssl.obj ltc/pk/ecc/ecc_import_pkcs8.obj \ ltc/pk/ecc/ecc_import_x509.obj ltc/pk/ecc/ecc_make_key.obj ltc/pk/ecc/ecc_set_dp.obj \ ltc/pk/ecc/ecc_set_dp_internal.obj ltc/pk/ecc/ecc_set_key.obj ltc/pk/ecc/ecc_shared_secret.obj \ diff --git a/src/ltc/ciphers/aes/aes.c b/src/ltc/ciphers/aes/aes.c index 5c1dcd1..2abff12 100644 --- a/src/ltc/ciphers/aes/aes.c +++ b/src/ltc/ciphers/aes/aes.c @@ -281,12 +281,13 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +static int _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #else -int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -#endif -{ - ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; +int ECB_ENC(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) +#endif +{ + ulong32 s0, s1, s2, s3, t0, t1, t2, t3; + const ulong32 *rk; int Nr, r; LTC_ARGCHK(pt != NULL); @@ -442,7 +443,7 @@ } #ifdef LTC_CLEAN_STACK -int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int ECB_ENC(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _rijndael_ecb_encrypt(pt, ct, skey); burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2); @@ -460,12 +461,13 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +static int _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #else -int ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -#endif -{ - ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; +int ECB_DEC(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) +#endif +{ + ulong32 s0, s1, s2, s3, t0, t1, t2, t3; + const ulong32 *rk; int Nr, r; LTC_ARGCHK(pt != NULL); @@ -622,7 +624,7 @@ #ifdef LTC_CLEAN_STACK -int ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int ECB_DEC(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _rijndael_ecb_decrypt(ct, pt, skey); burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2); diff --git a/src/ltc/ciphers/aes/aes_tab.c b/src/ltc/ciphers/aes/aes_tab.c index 463d05c..b15596e 100644 --- a/src/ltc/ciphers/aes/aes_tab.c +++ b/src/ltc/ciphers/aes/aes_tab.c @@ -94,7 +94,7 @@ 0x7bb0b0cbUL, 0xa85454fcUL, 0x6dbbbbd6UL, 0x2c16163aUL, }; -#ifndef PELI_TAB +#if !defined(PELI_TAB) && defined(LTC_SMALL_CODE) static const ulong32 Te4[256] = { 0x63636363UL, 0x7c7c7c7cUL, 0x77777777UL, 0x7b7b7b7bUL, 0xf2f2f2f2UL, 0x6b6b6b6bUL, 0x6f6f6f6fUL, 0xc5c5c5c5UL, @@ -1017,11 +1017,13 @@ #endif /* SMALL CODE */ +#ifndef PELI_TAB static const ulong32 rcon[] = { 0x01000000UL, 0x02000000UL, 0x04000000UL, 0x08000000UL, 0x10000000UL, 0x20000000UL, 0x40000000UL, 0x80000000UL, 0x1B000000UL, 0x36000000UL, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ }; +#endif #endif /* __LTC_AES_TAB_C__ */ diff --git a/src/ltc/ciphers/anubis.c b/src/ltc/ciphers/anubis.c index a28c7e1..07b22d4 100644 --- a/src/ltc/ciphers/anubis.c +++ b/src/ltc/ciphers/anubis.c @@ -1035,7 +1035,7 @@ static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext, - ulong32 roundKey[18 + 1][4], int R) { + const ulong32 roundKey[18 + 1][4], int R) { int i, pos, r; ulong32 state[4]; ulong32 inter[4]; @@ -1134,7 +1134,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { LTC_ARGCHK(pt != NULL); LTC_ARGCHK(ct != NULL); @@ -1150,7 +1150,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { LTC_ARGCHK(pt != NULL); LTC_ARGCHK(ct != NULL); diff --git a/src/ltc/ciphers/blowfish.c b/src/ltc/ciphers/blowfish.c index a1945ae..e0cd1d1 100644 --- a/src/ltc/ciphers/blowfish.c +++ b/src/ltc/ciphers/blowfish.c @@ -386,9 +386,9 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +static int _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #else -int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #endif { ulong32 L, R; @@ -432,7 +432,7 @@ } #ifdef LTC_CLEAN_STACK -int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _blowfish_ecb_encrypt(pt, ct, skey); burn_stack(sizeof(ulong32) * 2 + sizeof(int)); @@ -448,9 +448,9 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +static int _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #else -int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #endif { ulong32 L, R; @@ -493,7 +493,7 @@ } #ifdef LTC_CLEAN_STACK -int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _blowfish_ecb_decrypt(ct, pt, skey); burn_stack(sizeof(ulong32) * 2 + sizeof(int)); diff --git a/src/ltc/ciphers/camellia.c b/src/ltc/ciphers/camellia.c index 0a75087..a99647a 100644 --- a/src/ltc/ciphers/camellia.c +++ b/src/ltc/ciphers/camellia.c @@ -193,7 +193,7 @@ return ((ulong64)U) | (((ulong64)D) << CONST64(32)); } -static void rot_128(unsigned char *in, unsigned count, unsigned char *out) +static void rot_128(const unsigned char *in, unsigned count, unsigned char *out) { unsigned x, w, b; @@ -436,7 +436,7 @@ return CRYPT_OK; } -int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { ulong64 L, R; ulong32 a, b; @@ -530,7 +530,7 @@ return CRYPT_OK; } -int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { ulong64 L, R; ulong32 a, b; diff --git a/src/ltc/ciphers/cast5.c b/src/ltc/ciphers/cast5.c index 43ca580..95693d5 100644 --- a/src/ltc/ciphers/cast5.c +++ b/src/ltc/ciphers/cast5.c @@ -534,9 +534,9 @@ @param skey The key as scheduled */ #ifdef LTC_CLEAN_STACK -static int _cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +static int _cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #else -int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #endif { ulong32 R, L; @@ -572,7 +572,7 @@ #ifdef LTC_CLEAN_STACK -int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err =_cast5_ecb_encrypt(pt,ct,skey); burn_stack(sizeof(ulong32)*3); @@ -587,9 +587,9 @@ @param skey The key as scheduled */ #ifdef LTC_CLEAN_STACK -static int _cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +static int _cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #else -int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #endif { ulong32 R, L; @@ -625,7 +625,7 @@ } #ifdef LTC_CLEAN_STACK -int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _cast5_ecb_decrypt(ct,pt,skey); burn_stack(sizeof(ulong32)*3); diff --git a/src/ltc/ciphers/des.c b/src/ltc/ciphers/des.c index 2866054..3b1cb3a 100644 --- a/src/ltc/ciphers/des.c +++ b/src/ltc/ciphers/des.c @@ -1592,7 +1592,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { ulong32 work[2]; LTC_ARGCHK(pt != NULL); @@ -1613,7 +1613,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { ulong32 work[2]; LTC_ARGCHK(pt != NULL); @@ -1634,7 +1634,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { ulong32 work[2]; @@ -1658,7 +1658,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { ulong32 work[2]; LTC_ARGCHK(pt != NULL); diff --git a/src/ltc/ciphers/idea.c b/src/ltc/ciphers/idea.c index 5339fd3..ac3cac5 100644 --- a/src/ltc/ciphers/idea.c +++ b/src/ltc/ciphers/idea.c @@ -104,7 +104,7 @@ return CRYPT_OK; } -static int _process_block(const unsigned char *in, unsigned char *out, ushort16 *m_key) +static int _process_block(const unsigned char *in, unsigned char *out, const ushort16 *m_key) { int i; ushort16 x0, x1, x2, x3, t0, t1; @@ -155,7 +155,7 @@ return _setup_key(key, skey); } -int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _process_block(pt, ct, skey->idea.ek); #ifdef LTC_CLEAN_STACK @@ -164,7 +164,7 @@ return err; } -int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _process_block(ct, pt, skey->idea.dk); #ifdef LTC_CLEAN_STACK diff --git a/src/ltc/ciphers/kasumi.c b/src/ltc/ciphers/kasumi.c index 7c2add5..aba6cb2 100644 --- a/src/ltc/ciphers/kasumi.c +++ b/src/ltc/ciphers/kasumi.c @@ -96,7 +96,7 @@ return (u16)(seven<<9) + nine; } -static ulong32 FO( ulong32 in, int round_no, symmetric_key *key) +static ulong32 FO( ulong32 in, int round_no, const symmetric_key *key) { u16 left, right; @@ -120,7 +120,7 @@ return (((ulong32)right)<<16)+left; } -static ulong32 FL( ulong32 in, int round_no, symmetric_key *key ) +static ulong32 FL( ulong32 in, int round_no, const symmetric_key *key ) { u16 l, r, a, b; /* split out the left and right halves */ @@ -136,7 +136,7 @@ return (((ulong32)l)<<16) + r; } -int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { ulong32 left, right, temp; int n; @@ -163,7 +163,7 @@ return CRYPT_OK; } -int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { ulong32 left, right, temp; int n; diff --git a/src/ltc/ciphers/khazad.c b/src/ltc/ciphers/khazad.c index 4d1f2ce..54637d8 100644 --- a/src/ltc/ciphers/khazad.c +++ b/src/ltc/ciphers/khazad.c @@ -741,7 +741,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { LTC_ARGCHK(pt != NULL); LTC_ARGCHK(ct != NULL); @@ -757,7 +757,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { LTC_ARGCHK(pt != NULL); LTC_ARGCHK(ct != NULL); diff --git a/src/ltc/ciphers/kseed.c b/src/ltc/ciphers/kseed.c index e12fdc7..f4e1345 100644 --- a/src/ltc/ciphers/kseed.c +++ b/src/ltc/ciphers/kseed.c @@ -236,7 +236,7 @@ return CRYPT_OK; } -static void rounds(ulong32 *P, ulong32 *K) +static void rounds(ulong32 *P, const ulong32 *K) { ulong32 T, T2; int i; @@ -254,7 +254,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { ulong32 P[4]; LOAD32H(P[0], pt); @@ -276,7 +276,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { ulong32 P[4]; LOAD32H(P[0], ct); diff --git a/src/ltc/ciphers/multi2.c b/src/ltc/ciphers/multi2.c index 86c1812..5421cb2 100644 --- a/src/ltc/ciphers/multi2.c +++ b/src/ltc/ciphers/multi2.c @@ -20,7 +20,7 @@ p[1] ^= p[0]; } -static void pi2(ulong32 *p, ulong32 *k) +static void pi2(ulong32 *p, const ulong32 *k) { ulong32 t; t = (p[1] + k[0]) & 0xFFFFFFFFUL; @@ -29,7 +29,7 @@ p[0] ^= t; } -static void pi3(ulong32 *p, ulong32 *k) +static void pi3(ulong32 *p, const ulong32 *k) { ulong32 t; t = p[0] + k[1]; @@ -41,7 +41,7 @@ p[1] ^= t; } -static void pi4(ulong32 *p, ulong32 *k) +static void pi4(ulong32 *p, const ulong32 *k) { ulong32 t; t = (p[1] + k[3]) & 0xFFFFFFFFUL; @@ -49,7 +49,7 @@ p[0] ^= t; } -static void setup(ulong32 *dk, ulong32 *k, ulong32 *uk) +static void setup(const ulong32 *dk, const ulong32 *k, ulong32 *uk) { int n, t; ulong32 p[2]; @@ -77,7 +77,7 @@ uk[n++] = p[1]; } -static void encrypt(ulong32 *p, int N, ulong32 *uk) +static void encrypt(ulong32 *p, int N, const ulong32 *uk) { int n, t; for (t = n = 0; ; ) { @@ -89,7 +89,7 @@ } } -static void decrypt(ulong32 *p, int N, ulong32 *uk) +static void decrypt(ulong32 *p, int N, const ulong32 *uk) { int n, t; for (t = 4*(((N-1)>>2)&1), n = N; ; ) { @@ -148,7 +148,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { ulong32 p[2]; LTC_ARGCHK(pt != NULL); @@ -169,7 +169,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { ulong32 p[2]; LTC_ARGCHK(pt != NULL); diff --git a/src/ltc/ciphers/noekeon.c b/src/ltc/ciphers/noekeon.c index 13720d1..71f9430 100644 --- a/src/ltc/ciphers/noekeon.c +++ b/src/ltc/ciphers/noekeon.c @@ -108,9 +108,9 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +static int _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #else -int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #endif { ulong32 a,b,c,d,temp; @@ -146,7 +146,7 @@ } #ifdef LTC_CLEAN_STACK -int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _noekeon_ecb_encrypt(pt, ct, skey); burn_stack(sizeof(ulong32) * 5 + sizeof(int)); @@ -162,9 +162,9 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +static int _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #else -int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #endif { ulong32 a,b,c,d, temp; @@ -199,7 +199,7 @@ } #ifdef LTC_CLEAN_STACK -int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _noekeon_ecb_decrypt(ct, pt, skey); burn_stack(sizeof(ulong32) * 5 + sizeof(int)); diff --git a/src/ltc/ciphers/rc2.c b/src/ltc/ciphers/rc2.c index ebd8f88..fbb1690 100644 --- a/src/ltc/ciphers/rc2.c +++ b/src/ltc/ciphers/rc2.c @@ -147,14 +147,14 @@ #ifdef LTC_CLEAN_STACK static int _rc2_ecb_encrypt( const unsigned char *pt, unsigned char *ct, - symmetric_key *skey) + const symmetric_key *skey) #else int rc2_ecb_encrypt( const unsigned char *pt, unsigned char *ct, - symmetric_key *skey) -#endif -{ - unsigned *xkey; + const symmetric_key *skey) +#endif +{ + const unsigned *xkey; unsigned x76, x54, x32, x10, i; LTC_ARGCHK(pt != NULL); @@ -204,7 +204,7 @@ #ifdef LTC_CLEAN_STACK int rc2_ecb_encrypt( const unsigned char *pt, unsigned char *ct, - symmetric_key *skey) + const symmetric_key *skey) { int err = _rc2_ecb_encrypt(pt, ct, skey); burn_stack(sizeof(unsigned *) + sizeof(unsigned) * 5); @@ -225,15 +225,15 @@ #ifdef LTC_CLEAN_STACK static int _rc2_ecb_decrypt( const unsigned char *ct, unsigned char *pt, - symmetric_key *skey) + const symmetric_key *skey) #else int rc2_ecb_decrypt( const unsigned char *ct, unsigned char *pt, - symmetric_key *skey) + const symmetric_key *skey) #endif { unsigned x76, x54, x32, x10; - unsigned *xkey; + const unsigned *xkey; int i; LTC_ARGCHK(pt != NULL); @@ -283,7 +283,7 @@ #ifdef LTC_CLEAN_STACK int rc2_ecb_decrypt( const unsigned char *ct, unsigned char *pt, - symmetric_key *skey) + const symmetric_key *skey) { int err = _rc2_ecb_decrypt(ct, pt, skey); burn_stack(sizeof(unsigned *) + sizeof(unsigned) * 4 + sizeof(int)); diff --git a/src/ltc/ciphers/rc5.c b/src/ltc/ciphers/rc5.c index bda537f..5368fac 100644 --- a/src/ltc/ciphers/rc5.c +++ b/src/ltc/ciphers/rc5.c @@ -124,12 +124,13 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +static int _rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #else -int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -#endif -{ - ulong32 A, B, *K; +int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) +#endif +{ + ulong32 A, B; + const ulong32 *K; int r; LTC_ARGCHK(skey != NULL); LTC_ARGCHK(pt != NULL); @@ -163,7 +164,7 @@ } #ifdef LTC_CLEAN_STACK -int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _rc5_ecb_encrypt(pt, ct, skey); burn_stack(sizeof(ulong32) * 2 + sizeof(int)); @@ -179,12 +180,13 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +static int _rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #else -int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -#endif -{ - ulong32 A, B, *K; +int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) +#endif +{ + ulong32 A, B; + const ulong32 *K; int r; LTC_ARGCHK(skey != NULL); LTC_ARGCHK(pt != NULL); @@ -219,7 +221,7 @@ } #ifdef LTC_CLEAN_STACK -int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _rc5_ecb_decrypt(ct, pt, skey); burn_stack(sizeof(ulong32) * 2 + sizeof(int)); diff --git a/src/ltc/ciphers/rc6.c b/src/ltc/ciphers/rc6.c index 56ca705..5c8a8f9 100644 --- a/src/ltc/ciphers/rc6.c +++ b/src/ltc/ciphers/rc6.c @@ -118,12 +118,13 @@ @param skey The key as scheduled */ #ifdef LTC_CLEAN_STACK -static int _rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +static int _rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #else -int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -#endif -{ - ulong32 a,b,c,d,t,u, *K; +int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) +#endif +{ + ulong32 a,b,c,d,t,u; + const ulong32 *K; int r; LTC_ARGCHK(skey != NULL); @@ -157,7 +158,7 @@ } #ifdef LTC_CLEAN_STACK -int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _rc6_ecb_encrypt(pt, ct, skey); burn_stack(sizeof(ulong32) * 6 + sizeof(int)); @@ -172,12 +173,13 @@ @param skey The key as scheduled */ #ifdef LTC_CLEAN_STACK -static int _rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +static int _rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #else -int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -#endif -{ - ulong32 a,b,c,d,t,u, *K; +int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) +#endif +{ + ulong32 a,b,c,d,t,u; + const ulong32 *K; int r; LTC_ARGCHK(skey != NULL); @@ -213,7 +215,7 @@ } #ifdef LTC_CLEAN_STACK -int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _rc6_ecb_decrypt(ct, pt, skey); burn_stack(sizeof(ulong32) * 6 + sizeof(int)); diff --git a/src/ltc/ciphers/safer/safer.c b/src/ltc/ciphers/safer/safer.c index 9eefcfb..8e1368f 100644 --- a/src/ltc/ciphers/safer/safer.c +++ b/src/ltc/ciphers/safer/safer.c @@ -247,15 +247,15 @@ #ifdef LTC_CLEAN_STACK static int _safer_ecb_encrypt(const unsigned char *block_in, unsigned char *block_out, - symmetric_key *skey) + const symmetric_key *skey) #else int safer_ecb_encrypt(const unsigned char *block_in, unsigned char *block_out, - symmetric_key *skey) + const symmetric_key *skey) #endif { unsigned char a, b, c, d, e, f, g, h, t; unsigned int round; - unsigned char *key; + const unsigned char *key; LTC_ARGCHK(block_in != NULL); LTC_ARGCHK(block_out != NULL); @@ -290,7 +290,7 @@ #ifdef LTC_CLEAN_STACK int safer_ecb_encrypt(const unsigned char *block_in, unsigned char *block_out, - symmetric_key *skey) + const symmetric_key *skey) { int err = _safer_ecb_encrypt(block_in, block_out, skey); burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *)); @@ -301,15 +301,15 @@ #ifdef LTC_CLEAN_STACK static int _safer_ecb_decrypt(const unsigned char *block_in, unsigned char *block_out, - symmetric_key *skey) + const symmetric_key *skey) #else int safer_ecb_decrypt(const unsigned char *block_in, unsigned char *block_out, - symmetric_key *skey) + const symmetric_key *skey) #endif { unsigned char a, b, c, d, e, f, g, h, t; unsigned int round; - unsigned char *key; + const unsigned char *key; LTC_ARGCHK(block_in != NULL); LTC_ARGCHK(block_out != NULL); @@ -345,7 +345,7 @@ #ifdef LTC_CLEAN_STACK int safer_ecb_decrypt(const unsigned char *block_in, unsigned char *block_out, - symmetric_key *skey) + const symmetric_key *skey) { int err = _safer_ecb_decrypt(block_in, block_out, skey); burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *)); diff --git a/src/ltc/ciphers/safer/saferp.c b/src/ltc/ciphers/safer/saferp.c index 116590f..65dc921 100644 --- a/src/ltc/ciphers/safer/saferp.c +++ b/src/ltc/ciphers/safer/saferp.c @@ -143,12 +143,12 @@ #ifdef LTC_SMALL_CODE -static void _round(unsigned char *b, int i, symmetric_key *skey) +static void _round(unsigned char *b, int i, const symmetric_key *skey) { ROUND(b, i); } -static void _iround(unsigned char *b, int i, symmetric_key *skey) +static void _iround(unsigned char *b, int i, const symmetric_key *skey) { iROUND(b, i); } @@ -338,7 +338,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { unsigned char b[16]; int x; @@ -402,7 +402,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { unsigned char b[16]; int x; diff --git a/src/ltc/ciphers/serpent.c b/src/ltc/ciphers/serpent.c index cdd34fa..362ce26 100644 --- a/src/ltc/ciphers/serpent.c +++ b/src/ltc/ciphers/serpent.c @@ -488,7 +488,7 @@ return CRYPT_OK; } -static int _enc_block(const unsigned char *in, unsigned char *out, ulong32 *k) +static int _enc_block(const unsigned char *in, unsigned char *out, const ulong32 *k) { ulong32 a, b, c, d, e; unsigned int i = 1; @@ -530,7 +530,7 @@ return CRYPT_OK; } -static int _dec_block(const unsigned char *in, unsigned char *out, ulong32 *k) +static int _dec_block(const unsigned char *in, unsigned char *out, const ulong32 *k) { ulong32 a, b, c, d, e; unsigned int i; @@ -588,7 +588,7 @@ return err; } -int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _enc_block(pt, ct, skey->serpent.k); #ifdef LTC_CLEAN_STACK @@ -597,7 +597,7 @@ return err; } -int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _dec_block(ct, pt, skey->serpent.k); #ifdef LTC_CLEAN_STACK diff --git a/src/ltc/ciphers/skipjack.c b/src/ltc/ciphers/skipjack.c index d47f2d3..67be57f 100644 --- a/src/ltc/ciphers/skipjack.c +++ b/src/ltc/ciphers/skipjack.c @@ -107,7 +107,7 @@ w2 = tmp ^ w3 ^ x; \ w3 = w4; w4 = w1; w1 = tmp; -static unsigned g_func(unsigned w, int *kp, unsigned char *key) +static unsigned g_func(unsigned w, int *kp, const unsigned char *key) { unsigned char g1,g2; @@ -119,7 +119,7 @@ return ((unsigned)g1<<8)|(unsigned)g2; } -static unsigned ig_func(unsigned w, int *kp, unsigned char *key) +static unsigned ig_func(unsigned w, int *kp, const unsigned char *key) { unsigned char g1,g2; @@ -139,9 +139,9 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +static int _skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #else -int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) #endif { unsigned w1,w2,w3,w4,tmp,tmp1; @@ -187,7 +187,7 @@ } #ifdef LTC_CLEAN_STACK -int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _skipjack_ecb_encrypt(pt, ct, skey); burn_stack(sizeof(unsigned) * 8 + sizeof(int) * 2); @@ -203,9 +203,9 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +static int _skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #else -int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) #endif { unsigned w1,w2,w3,w4,tmp; @@ -255,7 +255,7 @@ } #ifdef LTC_CLEAN_STACK -int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err = _skipjack_ecb_decrypt(ct, pt, skey); burn_stack(sizeof(unsigned) * 7 + sizeof(int) * 2); diff --git a/src/ltc/ciphers/twofish/twofish.c b/src/ltc/ciphers/twofish/twofish.c index b1584d1..d444bb2 100644 --- a/src/ltc/ciphers/twofish/twofish.c +++ b/src/ltc/ciphers/twofish/twofish.c @@ -237,7 +237,7 @@ #endif /* computes h(x) */ -static void h_func(const unsigned char *in, unsigned char *out, unsigned char *M, int k, int offset) +static void h_func(const unsigned char *in, unsigned char *out, const unsigned char *M, int k, int offset) { int x; unsigned char y[4]; @@ -284,9 +284,9 @@ #else #ifdef LTC_CLEAN_STACK -static ulong32 _g_func(ulong32 x, symmetric_key *key) -#else -static ulong32 g_func(ulong32 x, symmetric_key *key) +static ulong32 _g_func(ulong32 x, const symmetric_key *key) +#else +static ulong32 g_func(ulong32 x, const symmetric_key *key) #endif { unsigned char g, i, y, z; @@ -317,7 +317,7 @@ #define g1_func(x, key) g_func(ROLc(x, 8), key) #ifdef LTC_CLEAN_STACK -static ulong32 g_func(ulong32 x, symmetric_key *key) +static ulong32 g_func(ulong32 x, const symmetric_key *key) { ulong32 y; y = _g_func(x, key); @@ -464,12 +464,13 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -#else -int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) -#endif -{ - ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k; +static int _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) +#else +int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) +#endif +{ + ulong32 a,b,c,d,ta,tb,tc,td,t1,t2; + const ulong32 *k; int r; #if !defined(LTC_TWOFISH_SMALL) && !defined(__GNUC__) ulong32 *S1, *S2, *S3, *S4; @@ -521,7 +522,7 @@ } #ifdef LTC_CLEAN_STACK -int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { int err = _twofish_ecb_encrypt(pt, ct, skey); burn_stack(sizeof(ulong32) * 10 + sizeof(int)); @@ -537,12 +538,13 @@ @return CRYPT_OK if successful */ #ifdef LTC_CLEAN_STACK -static int _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -#else -int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) -#endif -{ - ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k; +static int _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) +#else +int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) +#endif +{ + ulong32 a,b,c,d,ta,tb,tc,td,t1,t2; + const ulong32 *k; int r; #if !defined(LTC_TWOFISH_SMALL) && !defined(__GNUC__) ulong32 *S1, *S2, *S3, *S4; @@ -596,7 +598,7 @@ } #ifdef LTC_CLEAN_STACK -int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { int err =_twofish_ecb_decrypt(ct, pt, skey); burn_stack(sizeof(ulong32) * 10 + sizeof(int)); diff --git a/src/ltc/ciphers/xtea.c b/src/ltc/ciphers/xtea.c index fe26f98..3f91bf7 100644 --- a/src/ltc/ciphers/xtea.c +++ b/src/ltc/ciphers/xtea.c @@ -71,7 +71,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) +int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { ulong32 y, z; int r; @@ -107,7 +107,7 @@ @param skey The key as scheduled @return CRYPT_OK if successful */ -int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) +int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { ulong32 y, z; int r; diff --git a/src/ltc/encauth/eax/eax_decrypt_verify_memory.c b/src/ltc/encauth/eax/eax_decrypt_verify_memory.c index 8c6540f..058a6a9 100644 --- a/src/ltc/encauth/eax/eax_decrypt_verify_memory.c +++ b/src/ltc/encauth/eax/eax_decrypt_verify_memory.c @@ -38,7 +38,7 @@ const unsigned char *header, unsigned long headerlen, const unsigned char *ct, unsigned long ctlen, unsigned char *pt, - unsigned char *tag, unsigned long taglen, + const unsigned char *tag, unsigned long taglen, int *stat) { int err; diff --git a/src/ltc/encauth/gcm/gcm_mult_h.c b/src/ltc/encauth/gcm/gcm_mult_h.c index 181d1d1..4e374b4 100644 --- a/src/ltc/encauth/gcm/gcm_mult_h.c +++ b/src/ltc/encauth/gcm/gcm_mult_h.c @@ -19,7 +19,7 @@ @param gcm The GCM state which holds the H value @param I The value to multiply H by */ -void gcm_mult_h(gcm_state *gcm, unsigned char *I) +void gcm_mult_h(const gcm_state *gcm, unsigned char *I) { unsigned char T[16]; #ifdef LTC_GCM_TABLES diff --git a/src/ltc/hashes/chc/chc.c b/src/ltc/hashes/chc/chc.c index 0861a88..dc35052 100644 --- a/src/ltc/hashes/chc/chc.c +++ b/src/ltc/hashes/chc/chc.c @@ -127,7 +127,7 @@ T0 <= encrypt T0 state <= state xor T0 xor T1 */ -static int chc_compress(hash_state *md, unsigned char *buf) +static int chc_compress(hash_state *md, const unsigned char *buf) { unsigned char T[2][MAXBLOCKSIZE]; symmetric_key *key; diff --git a/src/ltc/hashes/md4.c b/src/ltc/hashes/md4.c index 09b6e31..e3bc0c5 100644 --- a/src/ltc/hashes/md4.c +++ b/src/ltc/hashes/md4.c @@ -71,9 +71,9 @@ } #ifdef LTC_CLEAN_STACK -static int _md4_compress(hash_state *md, unsigned char *buf) +static int _md4_compress(hash_state *md, const unsigned char *buf) #else -static int md4_compress(hash_state *md, unsigned char *buf) +static int md4_compress(hash_state *md, const unsigned char *buf) #endif { ulong32 x[16], a, b, c, d; @@ -155,7 +155,7 @@ } #ifdef LTC_CLEAN_STACK -static int md4_compress(hash_state *md, unsigned char *buf) +static int md4_compress(hash_state *md, const unsigned char *buf) { int err; err = _md4_compress(md, buf); diff --git a/src/ltc/hashes/md5.c b/src/ltc/hashes/md5.c index 511329a..a417970 100644 --- a/src/ltc/hashes/md5.c +++ b/src/ltc/hashes/md5.c @@ -96,9 +96,9 @@ #endif #ifdef LTC_CLEAN_STACK -static int _md5_compress(hash_state *md, unsigned char *buf) +static int _md5_compress(hash_state *md, const unsigned char *buf) #else -static int md5_compress(hash_state *md, unsigned char *buf) +static int md5_compress(hash_state *md, const unsigned char *buf) #endif { ulong32 i, W[16], a, b, c, d; @@ -214,7 +214,7 @@ } #ifdef LTC_CLEAN_STACK -static int md5_compress(hash_state *md, unsigned char *buf) +static int md5_compress(hash_state *md, const unsigned char *buf) { int err; err = _md5_compress(md, buf); diff --git a/src/ltc/hashes/rmd128.c b/src/ltc/hashes/rmd128.c index df1af1a..b60cb0a 100644 --- a/src/ltc/hashes/rmd128.c +++ b/src/ltc/hashes/rmd128.c @@ -79,9 +79,9 @@ (a) = ROLc((a), (s)); #ifdef LTC_CLEAN_STACK -static int _rmd128_compress(hash_state *md, unsigned char *buf) +static int _rmd128_compress(hash_state *md, const unsigned char *buf) #else -static int rmd128_compress(hash_state *md, unsigned char *buf) +static int rmd128_compress(hash_state *md, const unsigned char *buf) #endif { ulong32 aa,bb,cc,dd,aaa,bbb,ccc,ddd,X[16]; @@ -253,7 +253,7 @@ } #ifdef LTC_CLEAN_STACK -static int rmd128_compress(hash_state *md, unsigned char *buf) +static int rmd128_compress(hash_state *md, const unsigned char *buf) { int err; err = _rmd128_compress(md, buf); diff --git a/src/ltc/hashes/rmd160.c b/src/ltc/hashes/rmd160.c index 8add41e..d38d2be 100644 --- a/src/ltc/hashes/rmd160.c +++ b/src/ltc/hashes/rmd160.c @@ -99,9 +99,9 @@ #ifdef LTC_CLEAN_STACK -static int _rmd160_compress(hash_state *md, unsigned char *buf) +static int _rmd160_compress(hash_state *md, const unsigned char *buf) #else -static int rmd160_compress(hash_state *md, unsigned char *buf) +static int rmd160_compress(hash_state *md, const unsigned char *buf) #endif { ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,X[16]; @@ -311,7 +311,7 @@ } #ifdef LTC_CLEAN_STACK -static int rmd160_compress(hash_state *md, unsigned char *buf) +static int rmd160_compress(hash_state *md, const unsigned char *buf) { int err; err = _rmd160_compress(md, buf); diff --git a/src/ltc/hashes/rmd256.c b/src/ltc/hashes/rmd256.c index 5fade82..da51a1d 100644 --- a/src/ltc/hashes/rmd256.c +++ b/src/ltc/hashes/rmd256.c @@ -73,9 +73,9 @@ (a) = ROLc((a), (s)); #ifdef LTC_CLEAN_STACK -static int _rmd256_compress(hash_state *md, unsigned char *buf) +static int _rmd256_compress(hash_state *md, const unsigned char *buf) #else -static int rmd256_compress(hash_state *md, unsigned char *buf) +static int rmd256_compress(hash_state *md, const unsigned char *buf) #endif { ulong32 aa,bb,cc,dd,aaa,bbb,ccc,ddd,tmp,X[16]; @@ -262,7 +262,7 @@ } #ifdef LTC_CLEAN_STACK -static int rmd256_compress(hash_state *md, unsigned char *buf) +static int rmd256_compress(hash_state *md, const unsigned char *buf) { int err; err = _rmd256_compress(md, buf); diff --git a/src/ltc/hashes/rmd320.c b/src/ltc/hashes/rmd320.c index a4356c4..ba6ba9e 100644 --- a/src/ltc/hashes/rmd320.c +++ b/src/ltc/hashes/rmd320.c @@ -94,9 +94,9 @@ #ifdef LTC_CLEAN_STACK -static int _rmd320_compress(hash_state *md, unsigned char *buf) +static int _rmd320_compress(hash_state *md, const unsigned char *buf) #else -static int rmd320_compress(hash_state *md, unsigned char *buf) +static int rmd320_compress(hash_state *md, const unsigned char *buf) #endif { ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,tmp,X[16]; @@ -325,7 +325,7 @@ } #ifdef LTC_CLEAN_STACK -static int rmd320_compress(hash_state *md, unsigned char *buf) +static int rmd320_compress(hash_state *md, const unsigned char *buf) { int err; err = _rmd320_compress(md, buf); diff --git a/src/ltc/hashes/sha1.c b/src/ltc/hashes/sha1.c index 40f0175..f78ef75 100644 --- a/src/ltc/hashes/sha1.c +++ b/src/ltc/hashes/sha1.c @@ -40,9 +40,9 @@ #define F3(x,y,z) (x ^ y ^ z) #ifdef LTC_CLEAN_STACK -static int _sha1_compress(hash_state *md, unsigned char *buf) +static int _sha1_compress(hash_state *md, const unsigned char *buf) #else -static int sha1_compress(hash_state *md, unsigned char *buf) +static int sha1_compress(hash_state *md, const unsigned char *buf) #endif { ulong32 a,b,c,d,e,W[80],i; @@ -146,7 +146,7 @@ } #ifdef LTC_CLEAN_STACK -static int sha1_compress(hash_state *md, unsigned char *buf) +static int sha1_compress(hash_state *md, const unsigned char *buf) { int err; err = _sha1_compress(md, buf); diff --git a/src/ltc/hashes/sha2/sha256.c b/src/ltc/hashes/sha2/sha256.c index f1dc423..3b9c4e2 100644 --- a/src/ltc/hashes/sha2/sha256.c +++ b/src/ltc/hashes/sha2/sha256.c @@ -64,9 +64,9 @@ /* compress 512-bits */ #ifdef LTC_CLEAN_STACK -static int _sha256_compress(hash_state * md, unsigned char *buf) +static int _sha256_compress(hash_state * md, const unsigned char *buf) #else -static int sha256_compress(hash_state * md, unsigned char *buf) +static int sha256_compress(hash_state * md, const unsigned char *buf) #endif { ulong32 S[8], W[64], t0, t1; @@ -187,7 +187,7 @@ } #ifdef LTC_CLEAN_STACK -static int sha256_compress(hash_state * md, unsigned char *buf) +static int sha256_compress(hash_state * md, const unsigned char *buf) { int err; err = _sha256_compress(md, buf); diff --git a/src/ltc/hashes/sha2/sha512.c b/src/ltc/hashes/sha2/sha512.c index 110203a..c7bffd1 100644 --- a/src/ltc/hashes/sha2/sha512.c +++ b/src/ltc/hashes/sha2/sha512.c @@ -89,9 +89,9 @@ /* compress 1024-bits */ #ifdef LTC_CLEAN_STACK -static int _sha512_compress(hash_state * md, unsigned char *buf) +static int _sha512_compress(hash_state * md, const unsigned char *buf) #else -static int sha512_compress(hash_state * md, unsigned char *buf) +static int sha512_compress(hash_state * md, const unsigned char *buf) #endif { ulong64 S[8], W[80], t0, t1; @@ -156,7 +156,7 @@ /* compress 1024-bits */ #ifdef LTC_CLEAN_STACK -static int sha512_compress(hash_state * md, unsigned char *buf) +static int sha512_compress(hash_state * md, const unsigned char *buf) { int err; err = _sha512_compress(md, buf); diff --git a/src/ltc/hashes/sha3.c b/src/ltc/hashes/sha3.c index 1c01d6a..5e91538 100644 --- a/src/ltc/hashes/sha3.c +++ b/src/ltc/hashes/sha3.c @@ -364,7 +364,7 @@ return CRYPT_OK; } -int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) +int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, const unsigned long *outlen) { hash_state md; int err; diff --git a/src/ltc/hashes/tiger.c b/src/ltc/hashes/tiger.c index 863f7fa..c6dce7c 100644 --- a/src/ltc/hashes/tiger.c +++ b/src/ltc/hashes/tiger.c @@ -574,7 +574,7 @@ } /* one complete pass */ -static void pass(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 *x, int mul) +static void pass(ulong64 *a, ulong64 *b, ulong64 *c, const ulong64 *x, int mul) { tiger_round(a,b,c,x[0],mul); tiger_round(b,c,a,x[1],mul); @@ -608,9 +608,9 @@ } #ifdef LTC_CLEAN_STACK -static int _tiger_compress(hash_state *md, unsigned char *buf) +static int _tiger_compress(hash_state *md, const unsigned char *buf) #else -static int tiger_compress(hash_state *md, unsigned char *buf) +static int tiger_compress(hash_state *md, const unsigned char *buf) #endif { ulong64 a, b, c, x[8]; @@ -639,7 +639,7 @@ } #ifdef LTC_CLEAN_STACK -static int tiger_compress(hash_state *md, unsigned char *buf) +static int tiger_compress(hash_state *md, const unsigned char *buf) { int err; err = _tiger_compress(md, buf); diff --git a/src/ltc/hashes/whirl/whirl.c b/src/ltc/hashes/whirl/whirl.c index fe152cd..636f03a 100644 --- a/src/ltc/hashes/whirl/whirl.c +++ b/src/ltc/hashes/whirl/whirl.c @@ -53,9 +53,9 @@ SB7(GB(a, i-7, 0))) #ifdef LTC_CLEAN_STACK -static int _whirlpool_compress(hash_state *md, unsigned char *buf) +static int _whirlpool_compress(hash_state *md, const unsigned char *buf) #else -static int whirlpool_compress(hash_state *md, unsigned char *buf) +static int whirlpool_compress(hash_state *md, const unsigned char *buf) #endif { ulong64 K[2][8], T[3][8]; @@ -109,7 +109,7 @@ #ifdef LTC_CLEAN_STACK -static int whirlpool_compress(hash_state *md, unsigned char *buf) +static int whirlpool_compress(hash_state *md, const unsigned char *buf) { int err; err = _whirlpool_compress(md, buf); diff --git a/src/ltc/headers/tomcrypt_cipher.h b/src/ltc/headers/tomcrypt_cipher.h index 4cfa18a..a94055e 100644 --- a/src/ltc/headers/tomcrypt_cipher.h +++ b/src/ltc/headers/tomcrypt_cipher.h @@ -397,14 +397,14 @@ @param skey The scheduled key @return CRYPT_OK if successful */ - int (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); + int (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); /** Decrypt a block @param ct The ciphertext @param pt [out] The plaintext @param skey The scheduled key @return CRYPT_OK if successful */ - int (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); + int (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); /** Test the block cipher @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled */ @@ -598,8 +598,8 @@ @return CRYPT_OK if successful */ int (*accel_xts_encrypt)(const unsigned char *pt, unsigned char *ct, - unsigned long blocks, unsigned char *tweak, symmetric_key *skey1, - symmetric_key *skey2); + unsigned long blocks, unsigned char *tweak, + const symmetric_key *skey1, const symmetric_key *skey2); /** Accelerated XTS decryption @param ct Ciphertext @@ -613,14 +613,14 @@ @return CRYPT_OK if successful */ int (*accel_xts_decrypt)(const unsigned char *ct, unsigned char *pt, - unsigned long blocks, unsigned char *tweak, symmetric_key *skey1, - symmetric_key *skey2); + unsigned long blocks, unsigned char *tweak, + const symmetric_key *skey1, const symmetric_key *skey2); } cipher_descriptor[]; #ifdef LTC_BLOWFISH int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int blowfish_test(void); void blowfish_done(symmetric_key *skey); int blowfish_keysize(int *keysize); @@ -629,8 +629,8 @@ #ifdef LTC_RC5 int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int rc5_test(void); void rc5_done(symmetric_key *skey); int rc5_keysize(int *keysize); @@ -639,8 +639,8 @@ #ifdef LTC_RC6 int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int rc6_test(void); void rc6_done(symmetric_key *skey); int rc6_keysize(int *keysize); @@ -650,8 +650,8 @@ #ifdef LTC_RC2 int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); int rc2_setup_ex(const unsigned char *key, int keylen, int bits, int num_rounds, symmetric_key *skey); -int rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int rc2_test(void); void rc2_done(symmetric_key *skey); int rc2_keysize(int *keysize); @@ -660,8 +660,8 @@ #ifdef LTC_SAFERP int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int saferp_test(void); void saferp_done(symmetric_key *skey); int saferp_keysize(int *keysize); @@ -673,8 +673,8 @@ int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key); -int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key); +int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *key); +int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *key); int safer_k64_test(void); int safer_sk64_test(void); int safer_sk128_test(void); @@ -699,13 +699,13 @@ #define aes_enc_keysize rijndael_enc_keysize int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int rijndael_test(void); void rijndael_done(symmetric_key *skey); int rijndael_keysize(int *keysize); int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); +int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); void rijndael_enc_done(symmetric_key *skey); int rijndael_enc_keysize(int *keysize); extern const struct ltc_cipher_descriptor rijndael_desc, aes_desc; @@ -714,8 +714,8 @@ #ifdef LTC_XTEA int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int xtea_test(void); void xtea_done(symmetric_key *skey); int xtea_keysize(int *keysize); @@ -724,8 +724,8 @@ #ifdef LTC_TWOFISH int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int twofish_test(void); void twofish_done(symmetric_key *skey); int twofish_keysize(int *keysize); @@ -734,14 +734,14 @@ #ifdef LTC_DES int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int des_test(void); void des_done(symmetric_key *skey); int des_keysize(int *keysize); int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int des3_test(void); void des3_done(symmetric_key *skey); int des3_keysize(int *keysize); @@ -750,8 +750,8 @@ #ifdef LTC_CAST5 int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int cast5_test(void); void cast5_done(symmetric_key *skey); int cast5_keysize(int *keysize); @@ -760,8 +760,8 @@ #ifdef LTC_NOEKEON int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int noekeon_test(void); void noekeon_done(symmetric_key *skey); int noekeon_keysize(int *keysize); @@ -770,8 +770,8 @@ #ifdef LTC_SKIPJACK int skipjack_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int skipjack_test(void); void skipjack_done(symmetric_key *skey); int skipjack_keysize(int *keysize); @@ -780,8 +780,8 @@ #ifdef LTC_KHAZAD int khazad_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int khazad_test(void); void khazad_done(symmetric_key *skey); int khazad_keysize(int *keysize); @@ -790,8 +790,8 @@ #ifdef LTC_ANUBIS int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int anubis_test(void); void anubis_done(symmetric_key *skey); int anubis_keysize(int *keysize); @@ -800,8 +800,8 @@ #ifdef LTC_KSEED int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int kseed_test(void); void kseed_done(symmetric_key *skey); int kseed_keysize(int *keysize); @@ -810,8 +810,8 @@ #ifdef LTC_KASUMI int kasumi_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int kasumi_test(void); void kasumi_done(symmetric_key *skey); int kasumi_keysize(int *keysize); @@ -821,8 +821,8 @@ #ifdef LTC_MULTI2 int multi2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int multi2_test(void); void multi2_done(symmetric_key *skey); int multi2_keysize(int *keysize); @@ -831,8 +831,8 @@ #ifdef LTC_CAMELLIA int camellia_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int camellia_test(void); void camellia_done(symmetric_key *skey); int camellia_keysize(int *keysize); @@ -841,8 +841,8 @@ #ifdef LTC_IDEA int idea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int idea_test(void); void idea_done(symmetric_key *skey); int idea_keysize(int *keysize); @@ -851,8 +851,8 @@ #ifdef LTC_SERPENT int serpent_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); -int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); -int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); +int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); +int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); int serpent_test(void); void serpent_done(symmetric_key *skey); int serpent_keysize(int *keysize); @@ -872,7 +872,7 @@ int keylen, int num_rounds, symmetric_CFB *cfb); int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb); int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CFB *cfb); -int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb); +int cfb_getiv(unsigned char *IV, unsigned long *len, const symmetric_CFB *cfb); int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb); int cfb_done(symmetric_CFB *cfb); #endif @@ -882,7 +882,7 @@ int keylen, int num_rounds, symmetric_OFB *ofb); int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb); int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_OFB *ofb); -int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb); +int ofb_getiv(unsigned char *IV, unsigned long *len, const symmetric_OFB *ofb); int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb); int ofb_done(symmetric_OFB *ofb); #endif @@ -892,7 +892,7 @@ int keylen, int num_rounds, symmetric_CBC *cbc); int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CBC *cbc); int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CBC *cbc); -int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc); +int cbc_getiv(unsigned char *IV, unsigned long *len, const symmetric_CBC *cbc); int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc); int cbc_done(symmetric_CBC *cbc); #endif @@ -910,7 +910,7 @@ symmetric_CTR *ctr); int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr); int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CTR *ctr); -int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr); +int ctr_getiv(unsigned char *IV, unsigned long *len, const symmetric_CTR *ctr); int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr); int ctr_done(symmetric_CTR *ctr); int ctr_test(void); @@ -929,7 +929,7 @@ symmetric_LRW *lrw); int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw); int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw); -int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw); +int lrw_getiv(unsigned char *IV, unsigned long *len, const symmetric_LRW *lrw); int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw); int lrw_done(symmetric_LRW *lrw); int lrw_test(void); @@ -945,7 +945,7 @@ int num_rounds, symmetric_F8 *f8); int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8); int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8); -int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8); +int f8_getiv(unsigned char *IV, unsigned long *len, const symmetric_F8 *f8); int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8); int f8_done(symmetric_F8 *f8); int f8_test_mode(void); @@ -968,12 +968,12 @@ const unsigned char *pt, unsigned long ptlen, unsigned char *ct, unsigned char *tweak, - symmetric_xts *xts); + const symmetric_xts *xts); int xts_decrypt( const unsigned char *ct, unsigned long ptlen, unsigned char *pt, unsigned char *tweak, - symmetric_xts *xts); + const symmetric_xts *xts); void xts_done(symmetric_xts *xts); int xts_test(void); @@ -1046,8 +1046,8 @@ unsigned ptr; } sosemanuk_state; -int sosemanuk_setup(sosemanuk_state *ss, unsigned char *key, unsigned long keylen); -int sosemanuk_setiv(sosemanuk_state *ss, unsigned char *iv, unsigned long ivlen); +int sosemanuk_setup(sosemanuk_state *ss, const unsigned char *key, unsigned long keylen); +int sosemanuk_setiv(sosemanuk_state *ss, const unsigned char *iv, unsigned long ivlen); int sosemanuk_crypt(sosemanuk_state *ss, const unsigned char *in, unsigned long datalen, unsigned char *out); int sosemanuk_keystream(sosemanuk_state *ss, unsigned char *out, unsigned long outlen); int sosemanuk_done(sosemanuk_state *ss); diff --git a/src/ltc/headers/tomcrypt_custom.h b/src/ltc/headers/tomcrypt_custom.h index c4af216..ab45e76 100644 --- a/src/ltc/headers/tomcrypt_custom.h +++ b/src/ltc/headers/tomcrypt_custom.h @@ -358,9 +358,30 @@ #ifdef LTC_FORTUNA +#if !defined(LTC_FORTUNA_RESEED_RATELIMIT_STATIC) && \ + ((defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || defined(_WIN32)) + +/* time-based rate limit of the reseeding */ +#define LTC_FORTUNA_RESEED_RATELIMIT_TIMED + +#else + #ifndef LTC_FORTUNA_WD /* reseed every N calls to the read function */ #define LTC_FORTUNA_WD 10 +#endif + +#ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED +/* make sure only one of + * LTC_FORTUNA_RESEED_RATELIMIT_STATIC + * and + * LTC_FORTUNA_RESEED_RATELIMIT_TIMED + * is defined. + */ +#undef LTC_FORTUNA_RESEED_RATELIMIT_TIMED +#warning "undef'ed LTC_FORTUNA_RESEED_RATELIMIT_TIMED, looks like your architecture doesn't support it" +#endif + #endif #ifndef LTC_FORTUNA_POOLS @@ -450,6 +471,8 @@ #define LTC_BASE64_URL /* Base32 encoding/decoding */ #define LTC_BASE32 +/* Base16/hex encoding/decoding */ +#define LTC_BASE16 /* Keep LTC_NO_HKDF for compatibility reasons * superseeded by LTC_NO_MISC*/ @@ -461,6 +484,8 @@ #define LTC_ADLER32 #define LTC_CRC32 + +#define LTC_PADDING #endif /* LTC_NO_MISC */ @@ -503,16 +528,14 @@ #define LTC_ECC_SECP256R1 #define LTC_ECC_SECP384R1 #define LTC_ECC_SECP521R1 - /* OLD deprecated (but still working) defines */ - #define LTC_ECC112 - #define LTC_ECC128 - #define LTC_ECC160 - #define LTC_ECC192 - #define LTC_ECC224 - #define LTC_ECC256 - #define LTC_ECC384 - #define LTC_ECC521 -#endif +#endif +#endif + +#if defined(LTC_DER) + #ifndef LTC_DER_MAX_RECURSION + /* Maximum recursion limit when processing nested ASN.1 types. */ + #define LTC_DER_MAX_RECURSION 30 + #endif #endif #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) @@ -621,6 +644,40 @@ #endif #endif +/* ECC backwards compatibility */ +#if !defined(LTC_ECC_SECP112R1) && defined(LTC_ECC112) +#define LTC_ECC_SECP112R1 +#undef LTC_ECC112 +#endif +#if !defined(LTC_ECC_SECP128R1) && defined(LTC_ECC128) +#define LTC_ECC_SECP128R1 +#undef LTC_ECC128 +#endif +#if !defined(LTC_ECC_SECP160R1) && defined(LTC_ECC160) +#define LTC_ECC_SECP160R1 +#undef LTC_ECC160 +#endif +#if !defined(LTC_ECC_SECP192R1) && defined(LTC_ECC192) +#define LTC_ECC_SECP192R1 +#undef LTC_ECC192 +#endif +#if !defined(LTC_ECC_SECP224R1) && defined(LTC_ECC224) +#define LTC_ECC_SECP224R1 +#undef LTC_ECC224 +#endif +#if !defined(LTC_ECC_SECP256R1) && defined(LTC_ECC256) +#define LTC_ECC_SECP256R1 +#undef LTC_ECC256 +#endif +#if !defined(LTC_ECC_SECP384R1) && defined(LTC_ECC384) +#define LTC_ECC_SECP384R1 +#undef LTC_ECC384 +#endif +#if !defined(LTC_ECC_SECP512R1) && defined(LTC_ECC521) +#define LTC_ECC_SECP521R1 +#undef LTC_ECC521 +#endif + /* ref: $Format:%D$ */ /* git commit: $Format:%H$ */ /* commit time: $Format:%ai$ */ diff --git a/src/ltc/headers/tomcrypt_hash.h b/src/ltc/headers/tomcrypt_hash.h index 134085d..ea2077e 100644 --- a/src/ltc/headers/tomcrypt_hash.h +++ b/src/ltc/headers/tomcrypt_hash.h @@ -288,7 +288,7 @@ #define sha3_shake_process(a,b,c) sha3_process(a,b,c) int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen); int sha3_shake_test(void); -int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); +int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, const unsigned long *outlen); #endif #ifdef LTC_KECCAK @@ -523,7 +523,7 @@ } \ while (inlen > 0) { \ if (md-> state_var .curlen == 0 && inlen >= block_size) { \ - if ((err = compress_name (md, (unsigned char *)in)) != CRYPT_OK) { \ + if ((err = compress_name (md, in)) != CRYPT_OK) { \ return err; \ } \ md-> state_var .length += block_size * 8; \ diff --git a/src/ltc/headers/tomcrypt_mac.h b/src/ltc/headers/tomcrypt_mac.h index c4b2423..ebb8410 100644 --- a/src/ltc/headers/tomcrypt_mac.h +++ b/src/ltc/headers/tomcrypt_mac.h @@ -274,7 +274,7 @@ const unsigned char *header, unsigned long headerlen, const unsigned char *ct, unsigned long ctlen, unsigned char *pt, - unsigned char *tag, unsigned long taglen, + const unsigned char *tag, unsigned long taglen, int *stat); int eax_test(void); @@ -500,7 +500,7 @@ #endif } gcm_state; -void gcm_mult_h(gcm_state *gcm, unsigned char *I); +void gcm_mult_h(const gcm_state *gcm, unsigned char *I); int gcm_init(gcm_state *gcm, int cipher, const unsigned char *key, int keylen); diff --git a/src/ltc/headers/tomcrypt_math.h b/src/ltc/headers/tomcrypt_math.h index f0e9699..79f6d21 100644 --- a/src/ltc/headers/tomcrypt_math.h +++ b/src/ltc/headers/tomcrypt_math.h @@ -474,7 +474,7 @@ */ int (*rsa_me)(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int which, - rsa_key *key); + const rsa_key *key); /* ---- basic math continued ---- */ diff --git a/src/ltc/headers/tomcrypt_misc.h b/src/ltc/headers/tomcrypt_misc.h index 63fc3a8..a022b28 100644 --- a/src/ltc/headers/tomcrypt_misc.h +++ b/src/ltc/headers/tomcrypt_misc.h @@ -10,23 +10,27 @@ /* ---- LTC_BASE64 Routines ---- */ #ifdef LTC_BASE64 int base64_encode(const unsigned char *in, unsigned long len, + char *out, unsigned long *outlen); + +int base64_decode(const char *in, unsigned long len, unsigned char *out, unsigned long *outlen); - -int base64_decode(const unsigned char *in, unsigned long len, +int base64_strict_decode(const char *in, unsigned long len, unsigned char *out, unsigned long *outlen); -int base64_strict_decode(const unsigned char *in, unsigned long len, +int base64_sane_decode(const char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); #endif #ifdef LTC_BASE64_URL int base64url_encode(const unsigned char *in, unsigned long len, + char *out, unsigned long *outlen); +int base64url_strict_encode(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen); + +int base64url_decode(const char *in, unsigned long len, unsigned char *out, unsigned long *outlen); -int base64url_strict_encode(const unsigned char *in, unsigned long inlen, +int base64url_strict_decode(const char *in, unsigned long len, unsigned char *out, unsigned long *outlen); - -int base64url_decode(const unsigned char *in, unsigned long len, - unsigned char *out, unsigned long *outlen); -int base64url_strict_decode(const unsigned char *in, unsigned long len, +int base64url_sane_decode(const char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); #endif @@ -39,11 +43,20 @@ BASE32_CROCKFORD = 3 } base32_alphabet; int base32_encode(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen, + base32_alphabet id); +int base32_decode(const char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, base32_alphabet id); -int base32_decode(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - base32_alphabet id); +#endif + +/* ---- BASE16 Routines ---- */ +#ifdef LTC_BASE16 +int base16_encode(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen, + int caps); +int base16_decode(const char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen); #endif /* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */ @@ -110,7 +123,7 @@ void adler32_init(adler32_state *ctx); void adler32_update(adler32_state *ctx, const unsigned char *input, unsigned long length); -void adler32_finish(adler32_state *ctx, void *hash, unsigned long size); +void adler32_finish(const adler32_state *ctx, void *hash, unsigned long size); int adler32_test(void); #endif @@ -122,9 +135,32 @@ void crc32_init(crc32_state *ctx); void crc32_update(crc32_state *ctx, const unsigned char *input, unsigned long length); -void crc32_finish(crc32_state *ctx, void *hash, unsigned long size); +void crc32_finish(const crc32_state *ctx, void *hash, unsigned long size); int crc32_test(void); #endif + + +#ifdef LTC_PADDING + +enum padding_type { + LTC_PAD_PKCS7 = 0x0000U, +#ifdef LTC_RNG_GET_BYTES + LTC_PAD_ISO_10126 = 0x1000U, +#endif + LTC_PAD_ANSI_X923 = 0x2000U, + LTC_PAD_ONE_AND_ZERO = 0x8000U, + LTC_PAD_ZERO = 0x9000U, + LTC_PAD_ZERO_ALWAYS = 0xA000U, +}; + +int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode); +int padding_depad(const unsigned char *data, unsigned long *length, unsigned long mode); + +#ifdef LTC_SOURCE +/* internal helper functions */ +#define LTC_PAD_MASK (0xF000U) +#endif +#endif /* LTC_PADDING */ int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which); diff --git a/src/ltc/headers/tomcrypt_pk.h b/src/ltc/headers/tomcrypt_pk.h index ac4353c..c3d05da 100644 --- a/src/ltc/headers/tomcrypt_pk.h +++ b/src/ltc/headers/tomcrypt_pk.h @@ -9,17 +9,19 @@ /* ---- NUMBER THEORY ---- */ -enum { - PK_PUBLIC=0, - PK_PRIVATE=1 +enum public_key_type { + /* Refers to the public key */ + PK_PUBLIC = 0x0000, + /* Refers to the private key */ + PK_PRIVATE = 0x0001, + + /* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */ + PK_STD = 0x1000, + /* Indicates compressed public ECC key */ + PK_COMPRESSED = 0x2000, + /* Indicates ECC key with the curve specified by OID */ + PK_CURVEOID = 0x4000 }; - -/* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */ -#define PK_STD 0x1000 -/* Indicates compressed public ECC key */ -#define PK_COMPRESSED 0x2000 -/* Indicates ECC key with the curve specified by OID */ -#define PK_CURVEOID 0x4000 int rand_prime(void *N, long len, prng_state *prng, int wprng); @@ -42,6 +44,8 @@ } oid_st; int pk_get_oid(int pk, oid_st *st); +int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen); +int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen); #endif /* LTC_SOURCE */ /* ---- RSA ---- */ @@ -71,11 +75,11 @@ int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key); -int rsa_get_size(rsa_key *key); +int rsa_get_size(const rsa_key *key); int rsa_exptmod(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int which, - rsa_key *key); + const rsa_key *key); void rsa_free(rsa_key *key); @@ -96,34 +100,36 @@ rsa_sign_saltlen_get_max_ex(LTC_PKCS_1_PSS, _hash_idx, _key) /* These can be switched between PKCS #1 v2.x and PKCS #1 v1.5 paddings */ -int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - const unsigned char *lparam, unsigned long lparamlen, - prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key); - -int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, +int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, const unsigned char *lparam, unsigned long lparamlen, + prng_state *prng, int prng_idx, int hash_idx, int padding, - int *stat, rsa_key *key); + const rsa_key *key); + +int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + const unsigned char *lparam, unsigned long lparamlen, + int hash_idx, int padding, + int *stat, const rsa_key *key); int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int padding, prng_state *prng, int prng_idx, int hash_idx, unsigned long saltlen, - rsa_key *key); - -int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, + const rsa_key *key); + +int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, int padding, - int hash_idx, unsigned long saltlen, - int *stat, rsa_key *key); - -int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, rsa_key *key); + int hash_idx, unsigned long saltlen, + int *stat, const rsa_key *key); + +int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, const rsa_key *key); /* PKCS #1 import/export */ -int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key); +int rsa_export(unsigned char *out, unsigned long *outlen, int type, const rsa_key *key); int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key); int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key); @@ -209,9 +215,9 @@ void *prime; } dh_key; -int dh_get_groupsize(dh_key *key); - -int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key); +int dh_get_groupsize(const dh_key *key); + +int dh_export(unsigned char *out, unsigned long *outlen, int type, const dh_key *key); int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key); int dh_set_pg(const unsigned char *p, unsigned long plen, @@ -223,12 +229,12 @@ int dh_set_key(const unsigned char *in, unsigned long inlen, int type, dh_key *key); int dh_generate_key(prng_state *prng, int wprng, dh_key *key); -int dh_shared_secret(dh_key *private_key, dh_key *public_key, +int dh_shared_secret(const dh_key *private_key, const dh_key *public_key, unsigned char *out, unsigned long *outlen); void dh_free(dh_key *key); -int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key); +int dh_export_key(void *out, unsigned long *outlen, int type, const dh_key *key); #ifdef LTC_SOURCE typedef struct { @@ -239,7 +245,7 @@ extern const ltc_dh_set_type ltc_dh_sets[]; /* internal helper functions */ -int dh_check_pubkey(dh_key *key); +int dh_check_pubkey(const dh_key *key); #endif #endif /* LTC_MDH */ @@ -256,9 +262,6 @@ /** Structure defines a GF(p) curve */ typedef struct { - /** name of curve */ - const char *name; - /** The prime that defines the field the curve is in (encoded in hex) */ const char *prime; @@ -281,9 +284,8 @@ unsigned long cofactor; /** The OID */ - unsigned long oid[16]; - unsigned long oidlen; -} ltc_ecc_set_type; + const char *OID; +} ltc_ecc_curve; /** A point on a ECC curve, stored in Jacbobian format such that (x,y,z) => (x/z^2, y/z^3, 1) when interpretted as affine */ typedef struct { @@ -334,80 +336,81 @@ } ecc_key; /** the ECC params provided */ -extern const ltc_ecc_set_type ltc_ecc_sets[]; +extern const ltc_ecc_curve ltc_ecc_curves[]; int ecc_test(void); void ecc_sizes(int *low, int *high); -int ecc_get_size(ecc_key *key); - -int ecc_get_set_by_name(const char* name, const ltc_ecc_set_type** dp); -int ecc_set_dp(const ltc_ecc_set_type *set, ecc_key *key); +int ecc_get_size(const ecc_key *key); + +int ecc_get_curve(const char* name_or_oid, const ltc_ecc_curve** cu); +int ecc_set_dp(const ltc_ecc_curve *cu, ecc_key *key); int ecc_generate_key(prng_state *prng, int wprng, ecc_key *key); int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key *key); -int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); +int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key); int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key); -int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp); +int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_curve *cu); void ecc_free(ecc_key *key); -int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); +int ecc_export(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key); int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key); -int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp); - -int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen); +int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu); + +int ecc_ansi_x963_export(const ecc_key *key, unsigned char *out, unsigned long *outlen); int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key); -int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp); - -int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); +int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu); + +int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key); int ecc_import_openssl(const unsigned char *in, unsigned long inlen, ecc_key *key); int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, const void *pwd, unsigned long pwdlen, ecc_key *key); int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key); -int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, +int ecc_shared_secret(const ecc_key *private_key, const ecc_key *public_key, unsigned char *out, unsigned long *outlen); int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, prng_state *prng, int wprng, int hash, - ecc_key *key); + const ecc_key *key); int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - ecc_key *key); + const ecc_key *key); int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_key *key); + prng_state *prng, int wprng, const ecc_key *key); int ecc_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_key *key); + prng_state *prng, int wprng, const ecc_key *key); int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key); + int *stat, const ecc_key *key); int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key); + int *stat, const ecc_key *key); #ifdef LTC_SOURCE /* INTERNAL ONLY - it should be later moved to src/headers/tomcrypt_internal.h */ -int ecc_set_dp_bn(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key); -int ecc_set_dp_oid(unsigned long *oid, unsigned long oidsize, ecc_key *key); -int ecc_set_dp_copy(ecc_key *srckey, ecc_key *key); -int ecc_set_dp_size(int size, ecc_key *key); +int ecc_set_dp_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key); +int ecc_copy_dp(const ecc_key *srckey, ecc_key *key); +int ecc_set_dp_by_size(int size, ecc_key *key); /* low level functions */ ecc_point *ltc_ecc_new_point(void); void ltc_ecc_del_point(ecc_point *p); +int ltc_ecc_set_point_xyz(ltc_mp_digit x, ltc_mp_digit y, ltc_mp_digit z, ecc_point *p); +int ltc_ecc_copy_point(const ecc_point *src, ecc_point *dst); int ltc_ecc_is_point(const ltc_ecc_dp *dp, void *x, void *y); -int ltc_ecc_is_point_at_infinity(const ecc_point *p, void *modulus); +int ltc_ecc_is_point_at_infinity(const ecc_point *P, void *modulus, int *retval); int ltc_ecc_import_point(const unsigned char *in, unsigned long inlen, void *prime, void *a, void *b, void *x, void *y); int ltc_ecc_export_point(unsigned char *out, unsigned long *outlen, void *x, void *y, unsigned long size, int compressed); -int ltc_ecc_verify_key(ecc_key *key); +int ltc_ecc_verify_key(const ecc_key *key); /* point ops (mp == montgomery digit) */ #if !defined(LTC_MECC_ACCEL) || defined(LTM_DESC) || defined(GMP_DESC) @@ -510,40 +513,40 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, void *r, void *s, - prng_state *prng, int wprng, dsa_key *key); + prng_state *prng, int wprng, const dsa_key *key); int dsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, dsa_key *key); + prng_state *prng, int wprng, const dsa_key *key); int dsa_verify_hash_raw( void *r, void *s, const unsigned char *hash, unsigned long hashlen, - int *stat, dsa_key *key); - -int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, dsa_key *key); + int *stat, const dsa_key *key); + +int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, + int *stat, const dsa_key *key); int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, int hash, - dsa_key *key); + prng_state *prng, int wprng, int hash, + const dsa_key *key); int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - dsa_key *key); + const dsa_key *key); int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key); -int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key); -int dsa_verify_key(dsa_key *key, int *stat); +int dsa_export(unsigned char *out, unsigned long *outlen, int type, const dsa_key *key); +int dsa_verify_key(const dsa_key *key, int *stat); #ifdef LTC_SOURCE /* internal helper functions */ -int dsa_int_validate_xy(dsa_key *key, int *stat); -int dsa_int_validate_pqg(dsa_key *key, int *stat); -int dsa_int_validate_primes(dsa_key *key, int *stat); +int dsa_int_validate_xy(const dsa_key *key, int *stat); +int dsa_int_validate_pqg(const dsa_key *key, int *stat); +int dsa_int_validate_primes(const dsa_key *key, int *stat); #endif int dsa_shared_secret(void *private_key, void *base, - dsa_key *public_key, + const dsa_key *public_key, unsigned char *out, unsigned long *outlen); #endif @@ -605,7 +608,7 @@ /** Flag used to indicate optional items in ASN.1 sequences */ int optional; /** ASN.1 identifier */ - ltc_asn1_class class; + ltc_asn1_class klass; ltc_asn1_pc pc; ulong64 tag; /** prev/next entry in the list */ @@ -621,7 +624,7 @@ LTC_MACRO_list[LTC_MACRO_temp].size = (Size); \ LTC_MACRO_list[LTC_MACRO_temp].used = 0; \ LTC_MACRO_list[LTC_MACRO_temp].optional = 0; \ - LTC_MACRO_list[LTC_MACRO_temp].class = 0; \ + LTC_MACRO_list[LTC_MACRO_temp].klass = 0; \ LTC_MACRO_list[LTC_MACRO_temp].pc = 0; \ LTC_MACRO_list[LTC_MACRO_temp].tag = 0; \ } while (0) @@ -631,7 +634,7 @@ int LTC_MACRO_temp = (index); \ ltc_asn1_list *LTC_MACRO_list = (list); \ LTC_MACRO_list[LTC_MACRO_temp].type = LTC_ASN1_CUSTOM_TYPE; \ - LTC_MACRO_list[LTC_MACRO_temp].class = (Class); \ + LTC_MACRO_list[LTC_MACRO_temp].klass = (Class); \ LTC_MACRO_list[LTC_MACRO_temp].pc = (Pc); \ LTC_MACRO_list[LTC_MACRO_temp].tag = (Tag); \ } while (0) @@ -661,8 +664,8 @@ extern const unsigned long der_asn1_tag_to_string_map_sz; /* SEQUENCE */ -int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, - unsigned char *out, unsigned long *outlen, int type_of); +int der_encode_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, + unsigned char *out, unsigned long *outlen, int type_of); #define der_encode_sequence(list, inlen, out, outlen) der_encode_sequence_ex(list, inlen, out, outlen, LTC_ASN1_SEQUENCE) @@ -693,7 +696,7 @@ #define der_decode_sequence(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SEQUENCE | LTC_DER_SEQ_RELAXED) #define der_decode_sequence_strict(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SEQUENCE | LTC_DER_SEQ_STRICT) -int der_length_sequence(ltc_asn1_list *list, unsigned long inlen, +int der_length_sequence(const ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen); @@ -722,7 +725,7 @@ int der_decode_asn1_length(const unsigned char* len, unsigned long* lenlen, unsigned long* outlen); int der_length_asn1_length(unsigned long len, unsigned long *outlen); -int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, +int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen, unsigned long *payloadlen); extern const ltc_asn1_type der_asn1_tag_to_type_map[]; @@ -735,11 +738,11 @@ /* SET */ #define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SET) #define der_length_set der_length_sequence -int der_encode_set(ltc_asn1_list *list, unsigned long inlen, - unsigned char *out, unsigned long *outlen); - -int der_encode_setof(ltc_asn1_list *list, unsigned long inlen, - unsigned char *out, unsigned long *outlen); +int der_encode_set(const ltc_asn1_list *list, unsigned long inlen, + unsigned char *out, unsigned long *outlen); + +int der_encode_setof(const ltc_asn1_list *list, unsigned long inlen, + unsigned char *out, unsigned long *outlen); /* VA list handy helpers with triplets of */ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...); @@ -790,11 +793,11 @@ int der_length_octet_string(unsigned long noctets, unsigned long *outlen); /* OBJECT IDENTIFIER */ -int der_encode_object_identifier(unsigned long *words, unsigned long nwords, - unsigned char *out, unsigned long *outlen); +int der_encode_object_identifier(const unsigned long *words, unsigned long nwords, + unsigned char *out, unsigned long *outlen); int der_decode_object_identifier(const unsigned char *in, unsigned long inlen, unsigned long *words, unsigned long *outlen); -int der_length_object_identifier(unsigned long *words, unsigned long nwords, unsigned long *outlen); +int der_length_object_identifier(const unsigned long *words, unsigned long nwords, unsigned long *outlen); unsigned long der_object_identifier_bits(unsigned long x); /* IA5 STRING */ @@ -873,13 +876,13 @@ off_mm; /* timezone offset minutes */ } ltc_utctime; -int der_encode_utctime(ltc_utctime *utctime, - unsigned char *out, unsigned long *outlen); +int der_encode_utctime(const ltc_utctime *utctime, + unsigned char *out, unsigned long *outlen); int der_decode_utctime(const unsigned char *in, unsigned long *inlen, ltc_utctime *out); -int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen); +int der_length_utctime(const ltc_utctime *utctime, unsigned long *outlen); /* GeneralizedTime */ typedef struct { @@ -895,24 +898,24 @@ off_mm; /* timezone offset minutes */ } ltc_generalizedtime; -int der_encode_generalizedtime(ltc_generalizedtime *gtime, - unsigned char *out, unsigned long *outlen); +int der_encode_generalizedtime(const ltc_generalizedtime *gtime, + unsigned char *out, unsigned long *outlen); int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen, ltc_generalizedtime *out); -int der_length_generalizedtime(ltc_generalizedtime *gtime, unsigned long *outlen); +int der_length_generalizedtime(const ltc_generalizedtime *gtime, unsigned long *outlen); #ifdef LTC_SOURCE /* internal helper functions */ /* SUBJECT PUBLIC KEY INFO */ int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, - unsigned int algorithm, void* public_key, unsigned long public_key_len, - unsigned long parameters_type, void* parameters, unsigned long parameters_len); + unsigned int algorithm, const void* public_key, unsigned long public_key_len, + ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len); int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, unsigned int algorithm, void* public_key, unsigned long* public_key_len, - unsigned long parameters_type, void* parameters, unsigned long *parameters_len); + ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len); #endif /* LTC_SOURCE */ #endif diff --git a/src/ltc/headers/tomcrypt_prng.h b/src/ltc/headers/tomcrypt_prng.h index c516b8c..5d66aaa 100644 --- a/src/ltc/headers/tomcrypt_prng.h +++ b/src/ltc/headers/tomcrypt_prng.h @@ -43,7 +43,7 @@ pool0_len, /* length of 0'th pool */ wd; - ulong64 reset_cnt; /* number of times we have reset */ + ulong64 reset_cnt; /* number of times we have reseeded */ }; #endif @@ -148,12 +148,14 @@ #ifdef LTC_FORTUNA int fortuna_start(prng_state *prng); int fortuna_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng); +int fortuna_add_random_event(unsigned long source, unsigned long pool, const unsigned char *in, unsigned long inlen, prng_state *prng); int fortuna_ready(prng_state *prng); unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state *prng); int fortuna_done(prng_state *prng); -int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng); -int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng); -int fortuna_test(void); +int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng); +int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng); +int fortuna_update_seed(const unsigned char *in, unsigned long inlen, prng_state *prng); +int fortuna_test(void); extern const struct ltc_prng_descriptor fortuna_desc; #endif @@ -212,6 +214,31 @@ int prng_is_valid(int idx); LTC_MUTEX_PROTO(ltc_prng_mutex) +#ifdef LTC_SOURCE +/* internal helper functions */ +#define _LTC_PRNG_EXPORT(which) \ +int which ## _export(unsigned char *out, unsigned long *outlen, prng_state *prng) \ +{ \ + unsigned long len = which ## _desc.export_size; \ + \ + LTC_ARGCHK(prng != NULL); \ + LTC_ARGCHK(out != NULL); \ + LTC_ARGCHK(outlen != NULL); \ + \ + if (*outlen < len) { \ + *outlen = len; \ + return CRYPT_BUFFER_OVERFLOW; \ + } \ + \ + if (which ## _read(out, len, prng) != len) { \ + return CRYPT_ERROR_READPRNG; \ + } \ + \ + *outlen = len; \ + return CRYPT_OK; \ +} +#endif + /* Slow RNG you **might** be able to use to seed a PRNG with. Be careful as this * might not work on all platforms as planned */ diff --git a/src/ltc/math/multi.c b/src/ltc/math/multi.c index da5bb60..cfe1451 100644 --- a/src/ltc/math/multi.c +++ b/src/ltc/math/multi.c @@ -67,7 +67,6 @@ cur = va_arg(args, void**); } va_end(args); - return; } #endif diff --git a/src/ltc/math/tfm_desc.c b/src/ltc/math/tfm_desc.c index 9247db6..81f14b8 100644 --- a/src/ltc/math/tfm_desc.c +++ b/src/ltc/math/tfm_desc.c @@ -265,15 +265,7 @@ return CRYPT_OK; } -/* sqrtmod_prime */ -static int sqrtmod_prime(void *a, void *b, void *c) -{ - LTC_ARGCHK(a != NULL); - LTC_ARGCHK(b != NULL); - LTC_ARGCHK(c != NULL); - fprintf(stderr, "TFM does not support sqrtmod_prime\n"); /* XXX-FIXME */ - return CRYPT_ERROR; -} +/* sqrtmod_prime - NOT SUPPORTED */ /* div */ static int divide(void *a, void *b, void *c, void *d) @@ -438,6 +430,7 @@ { fp_int t1, t2; fp_digit mp; + int err, inf; LTC_ARGCHK(P != NULL); LTC_ARGCHK(R != NULL); @@ -455,7 +448,8 @@ fp_copy(P->z, R->z); } - if (ltc_ecc_is_point_at_infinity(P, modulus)) { + if ((err = ltc_ecc_is_point_at_infinity(P, modulus, &inf)) != CRYPT_OK) return err; + if (inf) { /* if P is point at infinity >> Result = point at infinity */ ltc_mp.set_int(R->x, 1); ltc_mp.set_int(R->y, 1); @@ -591,6 +585,7 @@ { fp_int t1, t2, x, y, z; fp_digit mp; + int err, inf; LTC_ARGCHK(P != NULL); LTC_ARGCHK(Q != NULL); @@ -606,7 +601,8 @@ fp_init(&y); fp_init(&z); - if (ltc_ecc_is_point_at_infinity(P, modulus)) { + if ((err = ltc_ecc_is_point_at_infinity(P, modulus, &inf)) != CRYPT_OK) return err; + if (inf) { /* P is point at infinity >> Result = Q */ ltc_mp.copy(Q->x, R->x); ltc_mp.copy(Q->y, R->y); @@ -614,7 +610,8 @@ return CRYPT_OK; } - if (ltc_ecc_is_point_at_infinity(Q, modulus)) { + if ((err = ltc_ecc_is_point_at_infinity(Q, modulus, &inf)) != CRYPT_OK) return err; + if (inf) { /* Q is point at infinity >> Result = P */ ltc_mp.copy(P->x, R->x); ltc_mp.copy(P->y, R->y); @@ -803,7 +800,7 @@ &mul, &muli, &sqr, - &sqrtmod_prime, + NULL, /* TODO: &sqrtmod_prime */ ÷, &div_2, &modi, diff --git a/src/ltc/misc/adler32.c b/src/ltc/misc/adler32.c index 8bbf2ac..49ce7d7 100644 --- a/src/ltc/misc/adler32.c +++ b/src/ltc/misc/adler32.c @@ -79,7 +79,7 @@ ctx->s[1] = (unsigned short)s2; } -void adler32_finish(adler32_state *ctx, void *hash, unsigned long size) +void adler32_finish(const adler32_state *ctx, void *hash, unsigned long size) { unsigned char* h; diff --git a/src/ltc/misc/base16/base16_decode.c b/src/ltc/misc/base16/base16_decode.c new file mode 100644 index 0000000..6738285 --- /dev/null +++ b/src/ltc/misc/base16/base16_decode.c @@ -0,0 +1,74 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +/** + @file base16_decode.c + Base16/Hex decode a string. + Based on https://stackoverflow.com/a/23898449 + Adapted for libtomcrypt by Steffen Jaeckel +*/ + +#ifdef LTC_BASE16 + +/** + Base16 decode a string + @param in The Base16 string to decode + @param out [out] The destination of the binary decoded data + @param outlen [in/out] The max size and resulting size of the decoded data + @return CRYPT_OK if successful +*/ +int base16_decode(const char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen) +{ + unsigned long pos, out_len; + unsigned char idx0, idx1; + char in0, in1; + + const unsigned char hashmap[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, /* 01234567 */ + 0x08, 0x09, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* 89:;<=>? */ + 0xff, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xff, /* @ABCDEFG */ + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* HIJKLMNO */ + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* PQRSTUVW */ + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* XYZ[\]^_ */ + 0xff, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xff, /* `abcdefg */ + }; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + + if ((inlen % 2) == 1) return CRYPT_INVALID_PACKET; + out_len = *outlen * 2; + for (pos = 0; ((pos + 1 < out_len) && (pos + 1 < inlen)); pos += 2) { + in0 = in[pos + 0]; + in1 = in[pos + 1]; + + if ((in0 < '0') || (in0 > 'g')) return CRYPT_INVALID_PACKET; + if ((in1 < '0') || (in1 > 'g')) return CRYPT_INVALID_PACKET; + + idx0 = (unsigned char) (in0 & 0x1F) ^ 0x10; + idx1 = (unsigned char) (in1 & 0x1F) ^ 0x10; + + if (hashmap[idx0] == 0xff) return CRYPT_INVALID_PACKET; + if (hashmap[idx1] == 0xff) return CRYPT_INVALID_PACKET; + + out[pos / 2] = (unsigned char) (hashmap[idx0] << 4) | hashmap[idx1]; + } + *outlen = pos / 2; + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/base16/base16_encode.c b/src/ltc/misc/base16/base16_encode.c new file mode 100644 index 0000000..428002a --- /dev/null +++ b/src/ltc/misc/base16/base16_encode.c @@ -0,0 +1,71 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +/** + @file base16_encode.c + Base16/Hex encode a string, Steffen Jaeckel +*/ + +#ifdef LTC_BASE16 + +/** + Base16 encode a buffer + @param in The input buffer to encode + @param inlen The length of the input buffer + @param out [out] The destination of the Base16 encoded data + @param outlen [in/out] The max size and resulting size of the encoded data + @param caps Output 'a-f' on 0 and 'A-F' otherwise. + @return CRYPT_OK if successful +*/ +int base16_encode(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen, + int caps) +{ + unsigned long i, x; + const char *alphabet; + const char *alphabets[2] = { + "0123456789abcdef", + "0123456789ABCDEF", + }; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + + /* check the sizes */ + x = inlen * 2 + 1; + + if (x < inlen) return CRYPT_OVERFLOW; + + if (*outlen < x) { + *outlen = x; + return CRYPT_BUFFER_OVERFLOW; + } + x--; + *outlen = x; /* returning the length without terminating NUL */ + + if (caps == 0) alphabet = alphabets[0]; + else alphabet = alphabets[1]; + + for (i = 0; i < x; i += 2) { + out[i] = alphabet[(in[i/2] >> 4) & 0x0f]; + out[i+1] = alphabet[in[i/2] & 0x0f]; + } + out[x] = '\0'; + + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/base32/base32_decode.c b/src/ltc/misc/base32/base32_decode.c index 8bbb19c..5809553 100644 --- a/src/ltc/misc/base32/base32_decode.c +++ b/src/ltc/misc/base32/base32_decode.c @@ -20,14 +20,14 @@ @param id Alphabet to use BASE32_RFC4648, BASE32_BASE32HEX, BASE32_ZBASE32 or BASE32_CROCKFORD @return CRYPT_OK if successful */ -int base32_decode(const unsigned char *in, unsigned long inlen, +int base32_decode(const char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, base32_alphabet id) { unsigned long x; int y = 0; ulong64 t = 0; - unsigned char c; + char c; const unsigned char *map; const unsigned char tables[4][43] = { { /* id = BASE32_RFC4648 : ABCDEFGHIJKLMNOPQRSTUVWXYZ234567 */ @@ -90,11 +90,10 @@ c = in[x]; /* convert to upper case */ if ((c >= 'a') && (c <= 'z')) c -= 32; - /* '0' = 48 .. 'Z' = 90 */ - if (c < 48 || c > 90 || map[c-48] > 31) { + if (c < '0' || c > 'Z' || map[c-'0'] > 31) { return CRYPT_INVALID_PACKET; } - t = (t<<5)|map[c-48]; + t = (t<<5) | map[c-'0']; if (++y == 8) { *out++ = (unsigned char)((t>>32) & 255); *out++ = (unsigned char)((t>>24) & 255); diff --git a/src/ltc/misc/base32/base32_encode.c b/src/ltc/misc/base32/base32_encode.c index 60fbd8d..81fa97a 100644 --- a/src/ltc/misc/base32/base32_encode.c +++ b/src/ltc/misc/base32/base32_encode.c @@ -21,11 +21,11 @@ @return CRYPT_OK if successful */ int base32_encode(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, + char *out, unsigned long *outlen, base32_alphabet id) { unsigned long i, x; - unsigned char *codes; + const char *codes; const char *alphabet[4] = { "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567", /* id = BASE32_RFC4648 */ "0123456789ABCDEFGHIJKLMNOPQRSTUV", /* id = BASE32_BASE32HEX */ @@ -39,21 +39,21 @@ LTC_ARGCHK(id >= BASE32_RFC4648); LTC_ARGCHK(id <= BASE32_CROCKFORD); - /* no input, nothing to do */ - if (inlen == 0) { - *outlen = 0; - return CRYPT_OK; - } - - /* check the size of output buffer */ - x = (8 * inlen + 4) / 5; + /* check the size of output buffer +1 byte for terminating NUL */ + x = (8 * inlen + 4) / 5 + 1; if (*outlen < x) { *outlen = x; return CRYPT_BUFFER_OVERFLOW; } - *outlen = x; + *outlen = x - 1; /* returning the length without terminating NUL */ - codes = (unsigned char*)alphabet[id]; + /* no input, nothing to do */ + if (inlen == 0) { + *out = '\0'; + return CRYPT_OK; + } + + codes = alphabet[id]; x = 5 * (inlen / 5); for (i = 0; i < x; i += 5) { *out++ = codes[(in[0] >> 3) & 0x1F]; @@ -79,12 +79,13 @@ } if (i+2 < inlen) { *out++ = codes[(((c & 0xF) << 1) + (d >> 7)) & 0x1F]; - *out++ = codes[(d >> 2) & 0x1F]; } if (i+3 < inlen) { + *out++ = codes[(d >> 2) & 0x1F]; *out++ = codes[((d & 0x3) << 3) & 0x1F]; } } + *out = '\0'; return CRYPT_OK; } diff --git a/src/ltc/misc/base64/base64_decode.c b/src/ltc/misc/base64/base64_decode.c index 4c58c68..6af4eb5 100644 --- a/src/ltc/misc/base64/base64_decode.c +++ b/src/ltc/misc/base64/base64_decode.c @@ -17,11 +17,16 @@ #if defined(LTC_BASE64) || defined (LTC_BASE64_URL) +/* 253 - ignored in "relaxed" + "insane" mode: TAB(9), CR(13), LF(10), space(32) + * 254 - padding character '=' (allowed only at the end) + * 255 - ignored in "insane" mode, but not allowed in "relaxed" + "strict" mode + */ + #if defined(LTC_BASE64) static const unsigned char map_base64[256] = { -255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, -255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, -255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, +255, 255, 255, 255, 255, 255, 255, 255, 255, 253, 253, 255, +255, 253, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, +255, 255, 255, 255, 255, 255, 255, 255, 253, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, 255, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, 255, 254, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, @@ -45,9 +50,9 @@ static const unsigned char map_base64url[] = { #if defined(LTC_BASE64_URL) -255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, -255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, -255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, +255, 255, 255, 255, 255, 255, 255, 255, 255, 253, 253, 255, +255, 253, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, +255, 255, 255, 255, 255, 255, 255, 255, 253, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, 255, 254, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, @@ -71,13 +76,14 @@ }; enum { - relaxed = 0, - strict = 1 + insane = 0, + strict = 1, + relaxed = 2 }; -static int _base64_decode_internal(const unsigned char *in, unsigned long inlen, +static int _base64_decode_internal(const char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - const unsigned char *map, int is_strict) + const unsigned char *map, int mode) { unsigned long t, x, y, z; unsigned char c; @@ -89,20 +95,29 @@ g = 0; /* '=' counter */ for (x = y = z = t = 0; x < inlen; x++) { - c = map[in[x]&0xFF]; + if ((in[x] == 0) && (x == (inlen - 1)) && (mode != strict)) { + continue; /* allow the last byte to be NUL (relaxed+insane) */ + } + c = map[(unsigned char)in[x]&0xFF]; if (c == 254) { g++; continue; } - else if (is_strict && g > 0) { - /* we only allow '=' to be at the end */ - return CRYPT_INVALID_PACKET; - } - if (c == 255) { - if (is_strict) + if (c == 253) { + if (mode == strict) return CRYPT_INVALID_PACKET; else - continue; + continue; /* allow to ignore white-spaces (relaxed+insane) */ + } + if (c == 255) { + if (mode == insane) + continue; /* allow to ignore invalid garbage (insane) */ + else + return CRYPT_INVALID_PACKET; + } + if ((g > 0) && (mode != insane)) { + /* we only allow '=' to be at the end (strict+relaxed) */ + return CRYPT_INVALID_PACKET; } t = (t<<6)|c; @@ -118,7 +133,7 @@ if (y != 0) { if (y == 1) return CRYPT_INVALID_PACKET; - if ((y + g) != 4 && is_strict && map != map_base64url) return CRYPT_INVALID_PACKET; + if (((y + g) != 4) && (mode == strict) && (map != map_base64url)) return CRYPT_INVALID_PACKET; t = t << (6 * (4 - y)); if (z + y - 1 > *outlen) return CRYPT_BUFFER_OVERFLOW; if (y >= 2) out[z++] = (unsigned char) ((t >> 16) & 255); @@ -130,17 +145,17 @@ #if defined(LTC_BASE64) /** - Relaxed base64 decode a block of memory - @param in The base64 data to decode - @param inlen The length of the base64 data - @param out [out] The destination of the binary decoded data - @param outlen [in/out] The max size and resulting size of the decoded data - @return CRYPT_OK if successful -*/ -int base64_decode(const unsigned char *in, unsigned long inlen, + Dangerously relaxed base64 decode a block of memory + @param in The base64 data to decode + @param inlen The length of the base64 data + @param out [out] The destination of the binary decoded data + @param outlen [in/out] The max size and resulting size of the decoded data + @return CRYPT_OK if successful +*/ +int base64_decode(const char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { - return _base64_decode_internal(in, inlen, out, outlen, map_base64, relaxed); + return _base64_decode_internal(in, inlen, out, outlen, map_base64, insane); } /** @@ -151,40 +166,68 @@ @param outlen [in/out] The max size and resulting size of the decoded data @return CRYPT_OK if successful */ -int base64_strict_decode(const unsigned char *in, unsigned long inlen, +int base64_strict_decode(const char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { return _base64_decode_internal(in, inlen, out, outlen, map_base64, strict); } + +/** + Sane base64 decode a block of memory + @param in The base64 data to decode + @param inlen The length of the base64 data + @param out [out] The destination of the binary decoded data + @param outlen [in/out] The max size and resulting size of the decoded data + @return CRYPT_OK if successful +*/ +int base64_sane_decode(const char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen) +{ + return _base64_decode_internal(in, inlen, out, outlen, map_base64, relaxed); +} #endif /* LTC_BASE64 */ #if defined(LTC_BASE64_URL) /** - Relaxed base64 (URL Safe, RFC 4648 section 5) decode a block of memory - @param in The base64 data to decode - @param inlen The length of the base64 data - @param out [out] The destination of the binary decoded data - @param outlen [in/out] The max size and resulting size of the decoded data - @return CRYPT_OK if successful -*/ -int base64url_decode(const unsigned char *in, unsigned long inlen, + Dangerously relaxed base64 (URL Safe, RFC 4648 section 5) decode a block of memory + @param in The base64 data to decode + @param inlen The length of the base64 data + @param out [out] The destination of the binary decoded data + @param outlen [in/out] The max size and resulting size of the decoded data + @return CRYPT_OK if successful +*/ +int base64url_decode(const char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) { + return _base64_decode_internal(in, inlen, out, outlen, map_base64url, insane); +} + +/** + Strict base64 (URL Safe, RFC 4648 section 5) decode a block of memory + @param in The base64 data to decode + @param inlen The length of the base64 data + @param out [out] The destination of the binary decoded data + @param outlen [in/out] The max size and resulting size of the decoded data + @return CRYPT_OK if successful +*/ +int base64url_strict_decode(const char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen) +{ + return _base64_decode_internal(in, inlen, out, outlen, map_base64url, strict); +} + +/** + Sane base64 (URL Safe, RFC 4648 section 5) decode a block of memory + @param in The base64 data to decode + @param inlen The length of the base64 data + @param out [out] The destination of the binary decoded data + @param outlen [in/out] The max size and resulting size of the decoded data + @return CRYPT_OK if successful +*/ +int base64url_sane_decode(const char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen) +{ return _base64_decode_internal(in, inlen, out, outlen, map_base64url, relaxed); -} - -/** - Strict base64 (URL Safe, RFC 4648 section 5) decode a block of memory - @param in The base64 data to decode - @param inlen The length of the base64 data - @param out [out] The destination of the binary decoded data - @param outlen [in/out] The max size and resulting size of the decoded data - @return CRYPT_OK if successful -*/ -int base64url_strict_decode(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen) -{ - return _base64_decode_internal(in, inlen, out, outlen, map_base64url, strict); } #endif /* LTC_BASE64_URL */ diff --git a/src/ltc/misc/base64/base64_encode.c b/src/ltc/misc/base64/base64_encode.c index 5c26e60..788c9d5 100644 --- a/src/ltc/misc/base64/base64_encode.c +++ b/src/ltc/misc/base64/base64_encode.c @@ -28,11 +28,11 @@ #endif /* LTC_BASE64_URL */ static int _base64_encode_internal(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, + char *out, unsigned long *outlen, const char *codes, int pad) { unsigned long i, len2, leven; - unsigned char *p; + char *p; LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); @@ -73,7 +73,7 @@ *p = '\0'; /* return ok */ - *outlen = (unsigned long)(p - out); + *outlen = (unsigned long)(p - out); /* the length without terminating NUL */ return CRYPT_OK; } @@ -87,7 +87,7 @@ @return CRYPT_OK if successful */ int base64_encode(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen) + char *out, unsigned long *outlen) { return _base64_encode_internal(in, inlen, out, outlen, codes_base64, 1); } @@ -104,13 +104,13 @@ @return CRYPT_OK if successful */ int base64url_encode(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen) + char *out, unsigned long *outlen) { return _base64_encode_internal(in, inlen, out, outlen, codes_base64url, 0); } int base64url_strict_encode(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen) + char *out, unsigned long *outlen) { return _base64_encode_internal(in, inlen, out, outlen, codes_base64url, 1); } diff --git a/src/ltc/misc/copy_or_zeromem.c b/src/ltc/misc/copy_or_zeromem.c index ec78fed..237f712 100644 --- a/src/ltc/misc/copy_or_zeromem.c +++ b/src/ltc/misc/copy_or_zeromem.c @@ -25,7 +25,7 @@ unsigned long y; #ifdef LTC_FAST unsigned long z; - LTC_FAST_TYPE fastMask = ~0; /* initialize fastMask at all ones */ + LTC_FAST_TYPE fastMask = ~(LTC_FAST_TYPE)0; /* initialize fastMask at all ones */ #endif unsigned char mask = 0xff; /* initialize mask at all ones */ diff --git a/src/ltc/misc/crc32.c b/src/ltc/misc/crc32.c index beb54fc..a1bdc8e 100644 --- a/src/ltc/misc/crc32.c +++ b/src/ltc/misc/crc32.c @@ -159,7 +159,7 @@ ctx->crc = crc; } -void crc32_finish(crc32_state *ctx, void *hash, unsigned long size) +void crc32_finish(const crc32_state *ctx, void *hash, unsigned long size) { unsigned long i; unsigned char* h; diff --git a/src/ltc/misc/crypt/crypt.c b/src/ltc/misc/crypt/crypt.c index bd57a0a..d8eaa73 100644 --- a/src/ltc/misc/crypt/crypt.c +++ b/src/ltc/misc/crypt/crypt.c @@ -313,7 +313,13 @@ " ChaCha20\n" #endif #if defined(LTC_FORTUNA) - " Fortuna (" NAME_VALUE(LTC_FORTUNA_POOLS) ", " NAME_VALUE(LTC_FORTUNA_WD) ")\n" + " Fortuna (" NAME_VALUE(LTC_FORTUNA_POOLS) ", " +#if defined(LTC_FORTUNA_RESEED_RATELIMIT_TIMED) + "LTC_FORTUNA_RESEED_RATELIMIT_TIMED, " +#else + "LTC_FORTUNA_RESEED_RATELIMIT_STATIC, " NAME_VALUE(LTC_FORTUNA_WD) +#endif + ")\n" #endif #if defined(LTC_SOBER128) " SOBER128\n" @@ -414,17 +420,24 @@ #if defined(LTC_BASE32) " BASE32 " #endif +#if defined(LTC_BASE16) + " BASE16 " +#endif #if defined(LTC_CRC32) " CRC32 " #endif #if defined(LTC_DER) " DER " + " " NAME_VALUE(LTC_DER_MAX_RECURSION) " " #endif #if defined(LTC_PKCS_1) " PKCS#1 " #endif #if defined(LTC_PKCS_5) " PKCS#5 " +#endif +#if defined(LTC_PADDING) + " PADDING " #endif #if defined(LTC_HKDF) " HKDF " diff --git a/src/ltc/misc/crypt/crypt_constants.c b/src/ltc/misc/crypt/crypt_constants.c index 9e76322..902b774 100644 --- a/src/ltc/misc/crypt/crypt_constants.c +++ b/src/ltc/misc/crypt/crypt_constants.c @@ -75,6 +75,21 @@ {"LTC_PKCS_1", 0}, #endif +#ifdef LTC_PADDING + {"LTC_PADDING", 1}, + + _C_STRINGIFY(LTC_PAD_PKCS7), +#ifdef LTC_RNG_GET_BYTES + _C_STRINGIFY(LTC_PAD_ISO_10126), +#endif + _C_STRINGIFY(LTC_PAD_ANSI_X923), + _C_STRINGIFY(LTC_PAD_ONE_AND_ZERO), + _C_STRINGIFY(LTC_PAD_ZERO), + _C_STRINGIFY(LTC_PAD_ZERO_ALWAYS), +#else + {"LTC_PADDING", 0}, +#endif + #ifdef LTC_MRSA {"LTC_MRSA", 1}, #else @@ -111,6 +126,7 @@ #ifdef LTC_DER /* DER handling */ + {"LTC_DER", 1}, _C_STRINGIFY(LTC_ASN1_EOL), _C_STRINGIFY(LTC_ASN1_BOOLEAN), _C_STRINGIFY(LTC_ASN1_INTEGER), @@ -131,6 +147,9 @@ _C_STRINGIFY(LTC_ASN1_TELETEX_STRING), _C_STRINGIFY(LTC_ASN1_GENERALIZEDTIME), _C_STRINGIFY(LTC_ASN1_CUSTOM_TYPE), + _C_STRINGIFY(LTC_DER_MAX_RECURSION), +#else + {"LTC_DER", 0}, #endif #ifdef LTC_CTR_MODE diff --git a/src/ltc/misc/crypt/crypt_sizes.c b/src/ltc/misc/crypt/crypt_sizes.c index c4b16b5..af70061 100644 --- a/src/ltc/misc/crypt/crypt_sizes.c +++ b/src/ltc/misc/crypt/crypt_sizes.c @@ -245,7 +245,7 @@ _SZ_STRINGIFY_T(dh_key), #endif #ifdef LTC_MECC - _SZ_STRINGIFY_T(ltc_ecc_set_type), + _SZ_STRINGIFY_T(ltc_ecc_curve), _SZ_STRINGIFY_T(ecc_point), _SZ_STRINGIFY_T(ecc_key), #endif diff --git a/src/ltc/misc/padding/padding_depad.c b/src/ltc/misc/padding/padding_depad.c new file mode 100644 index 0000000..8060358 --- /dev/null +++ b/src/ltc/misc/padding/padding_depad.c @@ -0,0 +1,94 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +#ifdef LTC_PADDING + +/** + Remove padding from your data + + This depads your data. + + @param data The data to depad + @param length [in/out] The size of the data before/after (removing padding) + @param mode One of the LTC_PAD_xx flags + @return CRYPT_OK on success +*/ +int padding_depad(const unsigned char *data, unsigned long *length, unsigned long mode) +{ + unsigned long padded_length, unpadded_length, n; + unsigned char pad; + enum padding_type type; + + LTC_ARGCHK(data != NULL); + LTC_ARGCHK(length != NULL); + + padded_length = *length; + + type = mode & LTC_PAD_MASK; + + if (type < LTC_PAD_ONE_AND_ZERO) { + pad = data[padded_length - 1]; + + if (pad > padded_length) return CRYPT_INVALID_ARG; + + unpadded_length = padded_length - pad; + } else { + /* init pad to calm old compilers */ + pad = 0x0; + unpadded_length = padded_length; + } + + switch (type) { + case LTC_PAD_ANSI_X923: + pad = 0x0; + /* FALLTHROUGH */ + case LTC_PAD_PKCS7: + for (n = unpadded_length; n < padded_length - 1; ++n) { + if (data[n] != pad) return CRYPT_INVALID_PACKET; + } + break; +#ifdef LTC_RNG_GET_BYTES + case LTC_PAD_ISO_10126: + /* nop */ + break; +#endif + case LTC_PAD_ONE_AND_ZERO: + while (unpadded_length > 0 && data[unpadded_length - 1] != 0x80) { + if (data[unpadded_length - 1] != 0x0) return CRYPT_INVALID_PACKET; + unpadded_length--; + } + if (unpadded_length == 0) return CRYPT_INVALID_PACKET; + unpadded_length--; + if (data[unpadded_length] != 0x80) return CRYPT_INVALID_PACKET; + break; + case LTC_PAD_ZERO: + case LTC_PAD_ZERO_ALWAYS: + while (unpadded_length > 0 && data[unpadded_length - 1] == 0x0) { + unpadded_length--; + } + if (type == LTC_PAD_ZERO_ALWAYS) { + if (unpadded_length == padded_length) return CRYPT_INVALID_PACKET; + if (data[unpadded_length] != 0x0) return CRYPT_INVALID_PACKET; + } + break; + default: + return CRYPT_INVALID_ARG; + } + + *length = unpadded_length; + + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/padding/padding_pad.c b/src/ltc/misc/padding/padding_pad.c new file mode 100644 index 0000000..653e31d --- /dev/null +++ b/src/ltc/misc/padding/padding_pad.c @@ -0,0 +1,146 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ +#include "tomcrypt.h" + +#ifdef LTC_PADDING + +/** + Determine the to-be-padded length. + + @param length [in/out] The size of the data before/after padding + @param mode Mask of (LTC_PAD_xxx | block_length) + @return CRYPT_OK on success +*/ +static int _padding_padded_length(unsigned long *length, unsigned long mode) +{ + enum padding_type padding; + unsigned char pad, block_length, r, t; + + LTC_ARGCHK(length != NULL); + + block_length = mode & 0xff; + padding = mode & LTC_PAD_MASK; + r = *length % block_length; + + switch (padding) { + case LTC_PAD_ZERO: + if (r == 0) { + t = 0; + break; + } + /* FALLTHROUGH */ + case LTC_PAD_PKCS7: + case LTC_PAD_ONE_AND_ZERO: + case LTC_PAD_ZERO_ALWAYS: + t = 1; + break; +#ifdef LTC_RNG_GET_BYTES + case LTC_PAD_ISO_10126: + do { + if (rng_get_bytes(&t, sizeof(t), NULL) != sizeof(t)) { + return CRYPT_ERROR_READPRNG; + } + t %= (256 / block_length); + } while (t == 0); + break; +#endif + case LTC_PAD_ANSI_X923: + if (block_length != 16) { + return CRYPT_INVALID_ARG; + } + t = 1; + break; + default: + return CRYPT_INVALID_ARG; + } + + pad = (t * block_length) - r; + + if ((pad == 0) && (padding != LTC_PAD_ZERO)) { + pad = block_length; + } + + *length += pad; + + return CRYPT_OK; +} + +/** + Add padding to data. + + This pads your data. + + @param data The data to depad + @param length The size of the data before padding + @param padded_length [in/out] The size of the data available/after padding + @param mode One of the LTC_PAD_xx flags + @return CRYPT_OK on success +*/ +int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode) +{ + unsigned long diff, l; + enum padding_type type; + int err; + + LTC_ARGCHK(data != NULL); + LTC_ARGCHK(padded_length != NULL); + + l = length; + if ((err = _padding_padded_length(&l, mode)) != CRYPT_OK) { + return err; + } + + type = mode & LTC_PAD_MASK; + + if (*padded_length < l) { + if (type != LTC_PAD_ISO_10126) *padded_length = l; + else *padded_length = length + 256; + return CRYPT_BUFFER_OVERFLOW; + } + + diff = l - length; + if (diff > 255) return CRYPT_INVALID_ARG; + + switch (type) { + case LTC_PAD_PKCS7: + XMEMSET(&data[length], diff, diff); + break; +#ifdef LTC_RNG_GET_BYTES + case LTC_PAD_ISO_10126: + if (rng_get_bytes(&data[length], diff-1, NULL) != diff-1) { + return CRYPT_ERROR_READPRNG; + } + data[l-1] = diff; + break; +#endif + case LTC_PAD_ANSI_X923: + XMEMSET(&data[length], 0, diff-1); + data[l-1] = diff; + break; + case LTC_PAD_ONE_AND_ZERO: + XMEMSET(&data[length + 1], 0, diff); + data[length] = 0x80; + break; + case LTC_PAD_ZERO: + case LTC_PAD_ZERO_ALWAYS: + XMEMSET(&data[length], 0, diff); + break; + default: + return CRYPT_INVALID_ARG; + } + *padded_length = l; + + return CRYPT_OK; +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/misc/pk_oid_str.c b/src/ltc/misc/pk_oid_str.c new file mode 100644 index 0000000..84a47e1 --- /dev/null +++ b/src/ltc/misc/pk_oid_str.c @@ -0,0 +1,82 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen) +{ + unsigned long i, j, limit; + + LTC_ARGCHK(oid != NULL); + LTC_ARGCHK(oidlen != NULL); + + limit = *oidlen; + *oidlen = 0; /* make sure that we return zero oidlen on error */ + for (i = 0; i < limit; i++) oid[i] = 0; + + if ((OID == NULL) || (strlen(OID) == 0)) return CRYPT_OK; + + for (i = 0, j = 0; i < strlen(OID); i++) { + if (OID[i] == '.') { + if (++j >= limit) return CRYPT_ERROR; + } + else if ((OID[i] >= '0') && (OID[i] <= '9')) { + oid[j] = oid[j] * 10 + (OID[i] - '0'); + } + else { + return CRYPT_ERROR; + } + } + if (j == 0) return CRYPT_ERROR; + *oidlen = j + 1; + return CRYPT_OK; +} + +int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen) +{ + int i; + unsigned long j, k; + char tmp[256] = { 0 }; + unsigned long tmpsz = sizeof(tmp); + + LTC_ARGCHK(oid != NULL); + LTC_ARGCHK(OID != NULL); + LTC_ARGCHK(outlen != NULL); + + for (i = oidlen - 1, k = 0; i >= 0; i--) { + j = oid[i]; + if (j == 0) { + tmp[k] = '0'; + if (++k >= tmpsz) return CRYPT_ERROR; + } + else { + while (j > 0) { + tmp[k] = '0' + (j % 10); + if (++k >= tmpsz) return CRYPT_ERROR; + j /= 10; + } + } + if (i > 0) { + tmp[k] = '.'; + if (++k >= tmpsz) return CRYPT_ERROR; + } + } + if (*outlen < k + 1) { + *outlen = k + 1; + return CRYPT_BUFFER_OVERFLOW; + } + for (j = 0; j < k; j++) OID[j] = tmp[k - j - 1]; + OID[k] = '\0'; + *outlen = k; /* the length without terminating NUL byte */ + return CRYPT_OK; +} + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/modes/cbc/cbc_getiv.c b/src/ltc/modes/cbc/cbc_getiv.c index fbf6834..c3e3bd1 100644 --- a/src/ltc/modes/cbc/cbc_getiv.c +++ b/src/ltc/modes/cbc/cbc_getiv.c @@ -22,7 +22,7 @@ @param cbc The CBC state @return CRYPT_OK if successful */ -int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc) +int cbc_getiv(unsigned char *IV, unsigned long *len, const symmetric_CBC *cbc) { LTC_ARGCHK(IV != NULL); LTC_ARGCHK(len != NULL); diff --git a/src/ltc/modes/cfb/cfb_getiv.c b/src/ltc/modes/cfb/cfb_getiv.c index b972c72..8efc7c6 100644 --- a/src/ltc/modes/cfb/cfb_getiv.c +++ b/src/ltc/modes/cfb/cfb_getiv.c @@ -22,7 +22,7 @@ @param cfb The CFB state @return CRYPT_OK if successful */ -int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb) +int cfb_getiv(unsigned char *IV, unsigned long *len, const symmetric_CFB *cfb) { LTC_ARGCHK(IV != NULL); LTC_ARGCHK(len != NULL); diff --git a/src/ltc/modes/ctr/ctr_encrypt.c b/src/ltc/modes/ctr/ctr_encrypt.c index 7319cf5..eb7328c 100644 --- a/src/ltc/modes/ctr/ctr_encrypt.c +++ b/src/ltc/modes/ctr/ctr_encrypt.c @@ -17,46 +17,16 @@ #ifdef LTC_CTR_MODE /** - CTR encrypt + CTR encrypt software implementation @param pt Plaintext @param ct [out] Ciphertext @param len Length of plaintext (octets) @param ctr CTR state @return CRYPT_OK if successful */ -int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) +static int _ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) { int x, err; - - LTC_ARGCHK(pt != NULL); - LTC_ARGCHK(ct != NULL); - LTC_ARGCHK(ctr != NULL); - - if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) { - return err; - } - - /* is blocklen/padlen valid? */ - if (ctr->blocklen < 1 || ctr->blocklen > (int)sizeof(ctr->ctr) || - ctr->padlen < 0 || ctr->padlen > (int)sizeof(ctr->pad)) { - return CRYPT_INVALID_ARG; - } - -#ifdef LTC_FAST - if (ctr->blocklen % sizeof(LTC_FAST_TYPE)) { - return CRYPT_INVALID_ARG; - } -#endif - - /* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */ - if ((ctr->padlen == ctr->blocklen) && cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL && (len >= (unsigned long)ctr->blocklen)) { - if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) { - return err; - } - pt += (len / ctr->blocklen) * ctr->blocklen; - ct += (len / ctr->blocklen) * ctr->blocklen; - len %= ctr->blocklen; - } while (len) { /* is the pad empty? */ @@ -87,7 +57,7 @@ ctr->padlen = 0; } #ifdef LTC_FAST - if (ctr->padlen == 0 && len >= (unsigned long)ctr->blocklen) { + if ((ctr->padlen == 0) && (len >= (unsigned long)ctr->blocklen)) { for (x = 0; x < ctr->blocklen; x += sizeof(LTC_FAST_TYPE)) { *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) ^ *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ctr->pad + x)); @@ -105,6 +75,63 @@ return CRYPT_OK; } +/** + CTR encrypt + @param pt Plaintext + @param ct [out] Ciphertext + @param len Length of plaintext (octets) + @param ctr CTR state + @return CRYPT_OK if successful +*/ +int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) +{ + int err, fr; + + LTC_ARGCHK(pt != NULL); + LTC_ARGCHK(ct != NULL); + LTC_ARGCHK(ctr != NULL); + + if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) { + return err; + } + + /* is blocklen/padlen valid? */ + if ((ctr->blocklen < 1) || (ctr->blocklen > (int)sizeof(ctr->ctr)) || + (ctr->padlen < 0) || (ctr->padlen > (int)sizeof(ctr->pad))) { + return CRYPT_INVALID_ARG; + } + +#ifdef LTC_FAST + if (ctr->blocklen % sizeof(LTC_FAST_TYPE)) { + return CRYPT_INVALID_ARG; + } +#endif + + /* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */ + if ((cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL) && (len >= (unsigned long)ctr->blocklen)) { + if (ctr->padlen < ctr->blocklen) { + fr = ctr->blocklen - ctr->padlen; + if ((err = _ctr_encrypt(pt, ct, fr, ctr)) != CRYPT_OK) { + return err; + } + pt += fr; + ct += fr; + len -= fr; + } + + if (len >= (unsigned long)ctr->blocklen) { + if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) { + return err; + } + pt += (len / ctr->blocklen) * ctr->blocklen; + ct += (len / ctr->blocklen) * ctr->blocklen; + len %= ctr->blocklen; + } + } + + return _ctr_encrypt(pt, ct, len, ctr); +} + #endif /* ref: $Format:%D$ */ diff --git a/src/ltc/modes/ctr/ctr_getiv.c b/src/ltc/modes/ctr/ctr_getiv.c index cbf92db..1d950de 100644 --- a/src/ltc/modes/ctr/ctr_getiv.c +++ b/src/ltc/modes/ctr/ctr_getiv.c @@ -22,7 +22,7 @@ @param ctr The CTR state @return CRYPT_OK if successful */ -int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr) +int ctr_getiv(unsigned char *IV, unsigned long *len, const symmetric_CTR *ctr) { LTC_ARGCHK(IV != NULL); LTC_ARGCHK(len != NULL); diff --git a/src/ltc/modes/ofb/ofb_getiv.c b/src/ltc/modes/ofb/ofb_getiv.c index e6bc0ed..bfa4eb2 100644 --- a/src/ltc/modes/ofb/ofb_getiv.c +++ b/src/ltc/modes/ofb/ofb_getiv.c @@ -22,7 +22,7 @@ @param ofb The OFB state @return CRYPT_OK if successful */ -int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb) +int ofb_getiv(unsigned char *IV, unsigned long *len, const symmetric_OFB *ofb) { LTC_ARGCHK(IV != NULL); LTC_ARGCHK(len != NULL); diff --git a/src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c b/src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c index 9bc3431..8a0bc85 100644 --- a/src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c +++ b/src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c @@ -93,7 +93,7 @@ goto LBL_ERR; } if ((ident.type != root->type) || - (ident.class != root->class) || + (ident.klass != root->klass) || (ident.pc != root->pc) || (ident.tag != root->tag)) { err = CRYPT_INVALID_PACKET; diff --git a/src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c b/src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c index b4689f6..27296fc 100644 --- a/src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c +++ b/src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c @@ -77,7 +77,7 @@ } tag_len = 1; - id->class = (in[0] >> 6) & 0x3; + id->klass = (in[0] >> 6) & 0x3; id->pc = (in[0] >> 5) & 0x1; id->tag = in[0] & 0x1f; @@ -105,17 +105,17 @@ if (err != CRYPT_OK) { id->pc = 0; - id->class = 0; + id->klass = 0; id->tag = 0; } else { *inlen = tag_len; - if ((id->class == LTC_ASN1_CL_UNIVERSAL) && + if ((id->klass == LTC_ASN1_CL_UNIVERSAL) && (id->tag < der_asn1_tag_to_type_map_sz) && (id->tag < tag_constructed_map_sz) && (id->pc == tag_constructed_map[id->tag])) { id->type = der_asn1_tag_to_type_map[id->tag]; } else { - if ((id->class == LTC_ASN1_CL_UNIVERSAL) && (id->tag == 0)) { + if ((id->klass == LTC_ASN1_CL_UNIVERSAL) && (id->tag == 0)) { id->type = LTC_ASN1_EOL; } else { id->type = LTC_ASN1_CUSTOM_TYPE; diff --git a/src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c b/src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c index 367bb69..82145d5 100644 --- a/src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c +++ b/src/ltc/pk/asn1/der/general/der_encode_asn1_identifier.c @@ -42,7 +42,7 @@ *outlen = 1; return CRYPT_OK; } else { - if (id->class < LTC_ASN1_CL_UNIVERSAL || id->class > LTC_ASN1_CL_PRIVATE) { + if (id->klass < LTC_ASN1_CL_UNIVERSAL || id->klass > LTC_ASN1_CL_PRIVATE) { return CRYPT_INVALID_ARG; } if (id->pc < LTC_ASN1_PC_PRIMITIVE || id->pc > LTC_ASN1_PC_CONSTRUCTED) { @@ -58,7 +58,7 @@ return CRYPT_BUFFER_OVERFLOW; } - out[0] = id->class << 6 | id->pc << 5; + out[0] = id->klass << 6 | id->pc << 5; } if (id->tag < 0x1f) { diff --git a/src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c b/src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c index ddc472a..d7c8134 100644 --- a/src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c +++ b/src/ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c @@ -37,8 +37,8 @@ @param outlen [in/out] The length of the DER encoding @return CRYPT_OK if successful */ -int der_encode_generalizedtime(ltc_generalizedtime *gtime, - unsigned char *out, unsigned long *outlen) +int der_encode_generalizedtime(const ltc_generalizedtime *gtime, + unsigned char *out, unsigned long *outlen) { unsigned long x, tmplen; int err; diff --git a/src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c b/src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c index def6270..f3fbcc6 100644 --- a/src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c +++ b/src/ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.c @@ -22,7 +22,7 @@ @param outlen [out] The length of the DER encoding @return CRYPT_OK if successful */ -int der_length_generalizedtime(ltc_generalizedtime *gtime, unsigned long *outlen) +int der_length_generalizedtime(const ltc_generalizedtime *gtime, unsigned long *outlen) { LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(gtime != NULL); diff --git a/src/ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.c b/src/ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.c index 4b397b6..af2a8f7 100644 --- a/src/ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.c +++ b/src/ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.c @@ -22,8 +22,8 @@ @param outlen [in/out] The max and resulting size of the OID @return CRYPT_OK if successful */ -int der_encode_object_identifier(unsigned long *words, unsigned long nwords, - unsigned char *out, unsigned long *outlen) +int der_encode_object_identifier(const unsigned long *words, unsigned long nwords, + unsigned char *out, unsigned long *outlen) { unsigned long i, x, y, z, t, mask, wordbuf; int err; diff --git a/src/ltc/pk/asn1/der/object_identifier/der_length_object_identifier.c b/src/ltc/pk/asn1/der/object_identifier/der_length_object_identifier.c index ac08915..9db5fe1 100644 --- a/src/ltc/pk/asn1/der/object_identifier/der_length_object_identifier.c +++ b/src/ltc/pk/asn1/der/object_identifier/der_length_object_identifier.c @@ -35,7 +35,7 @@ @param outlen [out] The length of the DER encoding for the given string @return CRYPT_OK if successful */ -int der_length_object_identifier(unsigned long *words, unsigned long nwords, unsigned long *outlen) +int der_length_object_identifier(const unsigned long *words, unsigned long nwords, unsigned long *outlen) { unsigned long y, z, t, wordbuf; diff --git a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c index 44c9c47..a6c3cf7 100644 --- a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c @@ -43,7 +43,7 @@ */ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out) { - ltc_asn1_list *l; + ltc_asn1_list *l, *t; unsigned long err, identifier, len, totlen, data_offset, id_len, len_len; void *realloc_tmp; @@ -96,7 +96,7 @@ } data_offset = id_len + len_len; #if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 1 - if (l->type == LTC_ASN1_CUSTOM_TYPE && l->class == LTC_ASN1_CL_CONTEXT_SPECIFIC) { + if (l->type == LTC_ASN1_CUSTOM_TYPE && l->klass == LTC_ASN1_CL_CONTEXT_SPECIFIC) { fprintf(stderr, "OK %02lx: hl=%4lu l=%4lu - Context Specific[%s %llu]\n", identifier, data_offset, len, der_asn1_pc_to_string_map[l->pc], l->tag); } else { fprintf(stderr, "OK %02lx: hl=%4lu l=%4lu - %s\n", identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag]); @@ -463,6 +463,17 @@ l->child->parent = l; } + t = l; + len_len = 0; + while((t != NULL) && (t->child != NULL)) { + len_len++; + t = t->child; + } + if (len_len > LTC_DER_MAX_RECURSION) { + err = CRYPT_PK_ASN1_ERROR; + goto error; + } + break; case 0x80: /* Context-specific */ diff --git a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c index 1a5d968..a69db8f 100644 --- a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c +++ b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c @@ -25,8 +25,8 @@ @param type_of LTC_ASN1_SEQUENCE or LTC_ASN1_SET/LTC_ASN1_SETOF @return CRYPT_OK on success */ -int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, - unsigned char *out, unsigned long *outlen, int type_of) +int der_encode_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, + unsigned char *out, unsigned long *outlen, int type_of) { int err; ltc_asn1_type type; diff --git a/src/ltc/pk/asn1/der/sequence/der_length_sequence.c b/src/ltc/pk/asn1/der/sequence/der_length_sequence.c index a80f96b..7462854 100644 --- a/src/ltc/pk/asn1/der/sequence/der_length_sequence.c +++ b/src/ltc/pk/asn1/der/sequence/der_length_sequence.c @@ -22,13 +22,13 @@ @param outlen [out] The length required in octets to store it @return CRYPT_OK on success */ -int der_length_sequence(ltc_asn1_list *list, unsigned long inlen, +int der_length_sequence(const ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen) { return der_length_sequence_ex(list, inlen, outlen, NULL); } -int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, +int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, unsigned long *outlen, unsigned long *payloadlen) { int err; diff --git a/src/ltc/pk/asn1/der/set/der_encode_set.c b/src/ltc/pk/asn1/der/set/der_encode_set.c index a3485f2..eba5242 100644 --- a/src/ltc/pk/asn1/der/set/der_encode_set.c +++ b/src/ltc/pk/asn1/der/set/der_encode_set.c @@ -46,8 +46,8 @@ @param outlen [in/out] The size of the output @return CRYPT_OK on success */ -int der_encode_set(ltc_asn1_list *list, unsigned long inlen, - unsigned char *out, unsigned long *outlen) +int der_encode_set(const ltc_asn1_list *list, unsigned long inlen, + unsigned char *out, unsigned long *outlen) { ltc_asn1_list *copy; unsigned long x; diff --git a/src/ltc/pk/asn1/der/set/der_encode_setof.c b/src/ltc/pk/asn1/der/set/der_encode_setof.c index b837cdd..3bac345 100644 --- a/src/ltc/pk/asn1/der/set/der_encode_setof.c +++ b/src/ltc/pk/asn1/der/set/der_encode_setof.c @@ -56,8 +56,8 @@ @param outlen [in/out] The size of the output @return CRYPT_OK on success */ -int der_encode_setof(ltc_asn1_list *list, unsigned long inlen, - unsigned char *out, unsigned long *outlen) +int der_encode_setof(const ltc_asn1_list *list, unsigned long inlen, + unsigned char *out, unsigned long *outlen) { unsigned long x, y, z; ptrdiff_t hdrlen; diff --git a/src/ltc/pk/asn1/der/utctime/der_encode_utctime.c b/src/ltc/pk/asn1/der/utctime/der_encode_utctime.c index c6c8464..19aa9da 100644 --- a/src/ltc/pk/asn1/der/utctime/der_encode_utctime.c +++ b/src/ltc/pk/asn1/der/utctime/der_encode_utctime.c @@ -28,8 +28,8 @@ @param outlen [in/out] The length of the DER encoding @return CRYPT_OK if successful */ -int der_encode_utctime(ltc_utctime *utctime, - unsigned char *out, unsigned long *outlen) +int der_encode_utctime(const ltc_utctime *utctime, + unsigned char *out, unsigned long *outlen) { unsigned long x, tmplen; int err; diff --git a/src/ltc/pk/asn1/der/utctime/der_length_utctime.c b/src/ltc/pk/asn1/der/utctime/der_length_utctime.c index 4202083..c0d1b57 100644 --- a/src/ltc/pk/asn1/der/utctime/der_length_utctime.c +++ b/src/ltc/pk/asn1/der/utctime/der_length_utctime.c @@ -21,7 +21,7 @@ @param outlen [out] The length of the DER encoding @return CRYPT_OK if successful */ -int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen) +int der_length_utctime(const ltc_utctime *utctime, unsigned long *outlen) { LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(utctime != NULL); diff --git a/src/ltc/pk/asn1/x509/x509_decode_subject_public_key_info.c b/src/ltc/pk/asn1/x509/x509_decode_subject_public_key_info.c index c68b4a3..134eac2 100644 --- a/src/ltc/pk/asn1/x509/x509_decode_subject_public_key_info.c +++ b/src/ltc/pk/asn1/x509/x509_decode_subject_public_key_info.c @@ -39,10 +39,10 @@ */ int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, unsigned int algorithm, void* public_key, unsigned long* public_key_len, - unsigned long parameters_type, void* parameters, unsigned long *parameters_len) + ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len) { int err; - unsigned long len; + unsigned long len, alg_id_num; oid_st oid; unsigned char *tmpbuf; unsigned long tmpoid[16]; @@ -52,7 +52,9 @@ LTC_ARGCHK(in != NULL); LTC_ARGCHK(inlen != 0); LTC_ARGCHK(public_key_len != NULL); - LTC_ARGCHK(parameters_len != NULL); + if (parameters_type != LTC_ASN1_EOL) { + LTC_ARGCHK(parameters_len != NULL); + } err = pk_get_oid(algorithm, &oid); if (err != CRYPT_OK) { @@ -68,30 +70,37 @@ /* this includes the internal hash ID and optional params (NULL in this case) */ LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0])); - LTC_SET_ASN1(alg_id, 1, (ltc_asn1_type)parameters_type, parameters, *parameters_len); + if (parameters_type == LTC_ASN1_EOL) { + alg_id_num = 1; + } + else { + LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, *parameters_len); + alg_id_num = 2; + } /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey * in a **BIT** string ... so we have to extract it then proceed to convert bit to octet */ - LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, 2); + LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, alg_id_num); LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_RAW_BIT_STRING, tmpbuf, inlen*8U); err=der_decode_sequence(in, inlen, subject_pubkey, 2UL); if (err != CRYPT_OK) { goto LBL_ERR; } - - *parameters_len = alg_id[1].size; + if (parameters_type != LTC_ASN1_EOL) { + *parameters_len = alg_id[1].size; + } if ((alg_id[0].size != oid.OIDlen) || - XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) { + XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0])) != 0) { /* OID mismatch */ err = CRYPT_PK_INVALID_TYPE; goto LBL_ERR; } len = subject_pubkey[1].size/8; - if (*public_key_len > len) { + if (*public_key_len >= len) { XMEMCPY(public_key, subject_pubkey[1].data, len); *public_key_len = len; } else { diff --git a/src/ltc/pk/asn1/x509/x509_encode_subject_public_key_info.c b/src/ltc/pk/asn1/x509/x509_encode_subject_public_key_info.c index 8148a18..25c1195 100644 --- a/src/ltc/pk/asn1/x509/x509_encode_subject_public_key_info.c +++ b/src/ltc/pk/asn1/x509/x509_encode_subject_public_key_info.c @@ -38,8 +38,8 @@ @return CRYPT_OK on success */ int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, - unsigned int algorithm, void* public_key, unsigned long public_key_len, - unsigned long parameters_type, void* parameters, unsigned long parameters_len) + unsigned int algorithm, const void* public_key, unsigned long public_key_len, + ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len) { int err; ltc_asn1_list alg_id[2]; @@ -54,7 +54,7 @@ } LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid.OID, oid.OIDlen); - LTC_SET_ASN1(alg_id, 1, (ltc_asn1_type)parameters_type, parameters, parameters_len); + LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, parameters_len); return der_encode_sequence_multi(out, outlen, LTC_ASN1_SEQUENCE, (unsigned long)sizeof(alg_id)/sizeof(alg_id[0]), alg_id, diff --git a/src/ltc/pk/dh/dh.c b/src/ltc/pk/dh/dh.c index 763b007..199a83d 100644 --- a/src/ltc/pk/dh/dh.c +++ b/src/ltc/pk/dh/dh.c @@ -224,7 +224,7 @@ @param key The DH key to get the size of @return The group size in octets (0 on error) */ -int dh_get_groupsize(dh_key *key) +int dh_get_groupsize(const dh_key *key) { if (key == NULL) return 0; return mp_unsigned_bin_size(key->prime); diff --git a/src/ltc/pk/dh/dh_check_pubkey.c b/src/ltc/pk/dh/dh_check_pubkey.c index fb4f37b..5fee550 100644 --- a/src/ltc/pk/dh/dh_check_pubkey.c +++ b/src/ltc/pk/dh/dh_check_pubkey.c @@ -16,7 +16,7 @@ @param key The key you wish to test @return CRYPT_OK if successful */ -int dh_check_pubkey(dh_key *key) +int dh_check_pubkey(const dh_key *key) { void *p_minus1; ltc_mp_digit digit; diff --git a/src/ltc/pk/dh/dh_export.c b/src/ltc/pk/dh/dh_export.c index 6a02a89..f28ec10 100644 --- a/src/ltc/pk/dh/dh_export.c +++ b/src/ltc/pk/dh/dh_export.c @@ -19,7 +19,7 @@ @param key The key you wish to export @return CRYPT_OK if successful */ -int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key) +int dh_export(unsigned char *out, unsigned long *outlen, int type, const dh_key *key) { unsigned char flags[1]; int err; diff --git a/src/ltc/pk/dh/dh_export_key.c b/src/ltc/pk/dh/dh_export_key.c index d48c011..afcbce5 100644 --- a/src/ltc/pk/dh/dh_export_key.c +++ b/src/ltc/pk/dh/dh_export_key.c @@ -19,7 +19,7 @@ @param key The key you wish to export @return CRYPT_OK if successful */ -int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key) +int dh_export_key(void *out, unsigned long *outlen, int type, const dh_key *key) { unsigned long len; void *k; diff --git a/src/ltc/pk/dh/dh_shared_secret.c b/src/ltc/pk/dh/dh_shared_secret.c index 1eb69fb..da36408 100644 --- a/src/ltc/pk/dh/dh_shared_secret.c +++ b/src/ltc/pk/dh/dh_shared_secret.c @@ -19,7 +19,7 @@ @param outlen [in/out] The max size and resulting size of the shared data. @return CRYPT_OK if successful */ -int dh_shared_secret(dh_key *private_key, dh_key *public_key, +int dh_shared_secret(const dh_key *private_key, const dh_key *public_key, unsigned char *out, unsigned long *outlen) { void *tmp; diff --git a/src/ltc/pk/dsa/dsa_decrypt_key.c b/src/ltc/pk/dsa/dsa_decrypt_key.c index ef4e1dd..aa7ac67 100644 --- a/src/ltc/pk/dsa/dsa_decrypt_key.c +++ b/src/ltc/pk/dsa/dsa_decrypt_key.c @@ -26,7 +26,7 @@ */ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - dsa_key *key) + const dsa_key *key) { unsigned char *skey, *expt; void *g_pub; diff --git a/src/ltc/pk/dsa/dsa_encrypt_key.c b/src/ltc/pk/dsa/dsa_encrypt_key.c index c854367..61dfbbd 100644 --- a/src/ltc/pk/dsa/dsa_encrypt_key.c +++ b/src/ltc/pk/dsa/dsa_encrypt_key.c @@ -29,8 +29,8 @@ */ int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, int hash, - dsa_key *key) + prng_state *prng, int wprng, int hash, + const dsa_key *key) { unsigned char *expt, *skey; void *g_pub, *g_priv; diff --git a/src/ltc/pk/dsa/dsa_export.c b/src/ltc/pk/dsa/dsa_export.c index dde5458..e406cd8 100644 --- a/src/ltc/pk/dsa/dsa_export.c +++ b/src/ltc/pk/dsa/dsa_export.c @@ -23,7 +23,7 @@ @param key The key to export @return CRYPT_OK if successful */ -int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key) +int dsa_export(unsigned char *out, unsigned long *outlen, int type, const dsa_key *key) { unsigned long zero=0; int err, std; @@ -69,7 +69,7 @@ } } else { if (std) { - unsigned long tmplen = (mp_count_bits(key->y) / 8) + 8; + unsigned long tmplen = (unsigned long)(mp_count_bits(key->y) / 8) + 8; unsigned char* tmp = XMALLOC(tmplen); ltc_asn1_list int_list[3]; diff --git a/src/ltc/pk/dsa/dsa_generate_pqg.c b/src/ltc/pk/dsa/dsa_generate_pqg.c index 91c7ef7..8c5f558 100644 --- a/src/ltc/pk/dsa/dsa_generate_pqg.c +++ b/src/ltc/pk/dsa/dsa_generate_pqg.c @@ -72,8 +72,8 @@ */ seedbytes = group_size; - L = modulus_size * 8; - N = group_size * 8; + L = (unsigned long)modulus_size * 8; + N = (unsigned long)group_size * 8; /* XXX-TODO no Lucas test */ #ifdef LTC_MPI_HAS_LUCAS_TEST diff --git a/src/ltc/pk/dsa/dsa_shared_secret.c b/src/ltc/pk/dsa/dsa_shared_secret.c index 4c18261..0568834 100644 --- a/src/ltc/pk/dsa/dsa_shared_secret.c +++ b/src/ltc/pk/dsa/dsa_shared_secret.c @@ -25,7 +25,7 @@ @return CRYPT_OK if successful */ int dsa_shared_secret(void *private_key, void *base, - dsa_key *public_key, + const dsa_key *public_key, unsigned char *out, unsigned long *outlen) { unsigned long x; diff --git a/src/ltc/pk/dsa/dsa_sign_hash.c b/src/ltc/pk/dsa/dsa_sign_hash.c index fda2ca1..04ca330 100644 --- a/src/ltc/pk/dsa/dsa_sign_hash.c +++ b/src/ltc/pk/dsa/dsa_sign_hash.c @@ -28,7 +28,7 @@ */ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, void *r, void *s, - prng_state *prng, int wprng, dsa_key *key) + prng_state *prng, int wprng, const dsa_key *key) { void *k, *kinv, *tmp; unsigned char *buf; @@ -117,7 +117,7 @@ */ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, dsa_key *key) + prng_state *prng, int wprng, const dsa_key *key) { void *r, *s; int err; diff --git a/src/ltc/pk/dsa/dsa_verify_hash.c b/src/ltc/pk/dsa/dsa_verify_hash.c index eb642d5..ea7d5ad 100644 --- a/src/ltc/pk/dsa/dsa_verify_hash.c +++ b/src/ltc/pk/dsa/dsa_verify_hash.c @@ -28,7 +28,7 @@ */ int dsa_verify_hash_raw( void *r, void *s, const unsigned char *hash, unsigned long hashlen, - int *stat, dsa_key *key) + int *stat, const dsa_key *key) { void *w, *v, *u1, *u2; int err; @@ -92,9 +92,9 @@ @param key The corresponding public DSA key @return CRYPT_OK if successful (even if the signature is invalid) */ -int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, dsa_key *key) +int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, + int *stat, const dsa_key *key) { int err; void *r, *s; diff --git a/src/ltc/pk/dsa/dsa_verify_key.c b/src/ltc/pk/dsa/dsa_verify_key.c index 258e6cb..9061f45 100644 --- a/src/ltc/pk/dsa/dsa_verify_key.c +++ b/src/ltc/pk/dsa/dsa_verify_key.c @@ -26,7 +26,7 @@ @param stat [out] Result of test, 1==valid, 0==invalid @return CRYPT_OK if successful */ -int dsa_verify_key(dsa_key *key, int *stat) +int dsa_verify_key(const dsa_key *key, int *stat) { int err; @@ -47,7 +47,7 @@ @param stat [out] Result of test, 1==valid, 0==invalid @return CRYPT_OK if successful */ -int dsa_int_validate_pqg(dsa_key *key, int *stat) +int dsa_int_validate_pqg(const dsa_key *key, int *stat) { void *tmp1, *tmp2; int err; @@ -101,7 +101,7 @@ @param stat [out] Result of test, 1==valid, 0==invalid @return CRYPT_OK if successful */ -int dsa_int_validate_primes(dsa_key *key, int *stat) +int dsa_int_validate_primes(const dsa_key *key, int *stat) { int err, res; @@ -136,7 +136,7 @@ @param stat [out] Result of test, 1==valid, 0==invalid @return CRYPT_OK if successful */ -int dsa_int_validate_xy(dsa_key *key, int *stat) +int dsa_int_validate_xy(const dsa_key *key, int *stat) { void *tmp; int err; diff --git a/src/ltc/pk/ecc/ecc.c b/src/ltc/pk/ecc/ecc.c index b90afc7..802097f 100644 --- a/src/ltc/pk/ecc/ecc.c +++ b/src/ltc/pk/ecc/ecc.c @@ -23,453 +23,417 @@ * - ANS X9.62 (named: PRIMEP*) * - http://www.ecc-brainpool.org/download/Domain-parameters.pdf (named: BRAINPOOLP*) */ -const ltc_ecc_set_type ltc_ecc_sets[] = { -#if defined(LTC_ECC_SECP112R1) || defined(LTC_ECC112) -{ - /* curve name */ "SECP112R1", - /* prime */ "DB7C2ABF62E35E668076BEAD208B", - /* A */ "DB7C2ABF62E35E668076BEAD2088", - /* B */ "659EF8BA043916EEDE8911702B22", - /* order */ "DB7C2ABF62E35E7628DFAC6561C5", - /* Gx */ "09487239995A5EE76B55F9C2F098", - /* Gy */ "A89CE5AF8724C0A23E0E0FF77500", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,6 }, 5 +const ltc_ecc_curve ltc_ecc_curves[] = { +#ifdef LTC_ECC_SECP112R1 +{ + /* prime */ "DB7C2ABF62E35E668076BEAD208B", + /* A */ "DB7C2ABF62E35E668076BEAD2088", + /* B */ "659EF8BA043916EEDE8911702B22", + /* order */ "DB7C2ABF62E35E7628DFAC6561C5", + /* Gx */ "09487239995A5EE76B55F9C2F098", + /* Gy */ "A89CE5AF8724C0A23E0E0FF77500", + /* cofactor */ 1, + /* OID */ "1.3.132.0.6" }, #endif #ifdef LTC_ECC_SECP112R2 { - /* curve name */ "SECP112R2", - /* prime */ "DB7C2ABF62E35E668076BEAD208B", - /* A */ "6127C24C05F38A0AAAF65C0EF02C", - /* B */ "51DEF1815DB5ED74FCC34C85D709", - /* order */ "36DF0AAFD8B8D7597CA10520D04B", - /* Gx */ "4BA30AB5E892B4E1649DD0928643", - /* Gy */ "ADCD46F5882E3747DEF36E956E97", - /* cofactor */ 4, - /* OID */ { 1,3,132,0,7 }, 5 -}, -#endif -#if defined(LTC_ECC_SECP128R1) || defined(LTC_ECC128) -{ - /* curve name */ "SECP128R1", - /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", - /* A */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC", - /* B */ "E87579C11079F43DD824993C2CEE5ED3", - /* order */ "FFFFFFFE0000000075A30D1B9038A115", - /* Gx */ "161FF7528B899B2D0C28607CA52C5B86", - /* Gy */ "CF5AC8395BAFEB13C02DA292DDED7A83", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,28 }, 5 + /* prime */ "DB7C2ABF62E35E668076BEAD208B", + /* A */ "6127C24C05F38A0AAAF65C0EF02C", + /* B */ "51DEF1815DB5ED74FCC34C85D709", + /* order */ "36DF0AAFD8B8D7597CA10520D04B", + /* Gx */ "4BA30AB5E892B4E1649DD0928643", + /* Gy */ "ADCD46F5882E3747DEF36E956E97", + /* cofactor */ 4, + /* OID */ "1.3.132.0.7" +}, +#endif +#ifdef LTC_ECC_SECP128R1 +{ + /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", + /* A */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC", + /* B */ "E87579C11079F43DD824993C2CEE5ED3", + /* order */ "FFFFFFFE0000000075A30D1B9038A115", + /* Gx */ "161FF7528B899B2D0C28607CA52C5B86", + /* Gy */ "CF5AC8395BAFEB13C02DA292DDED7A83", + /* cofactor */ 1, + /* OID */ "1.3.132.0.28" }, #endif #ifdef LTC_ECC_SECP128R2 { - /* curve name */ "SECP128R2", - /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", - /* A */ "D6031998D1B3BBFEBF59CC9BBFF9AEE1", - /* B */ "5EEEFCA380D02919DC2C6558BB6D8A5D", - /* order */ "3FFFFFFF7FFFFFFFBE0024720613B5A3", - /* Gx */ "7B6AA5D85E572983E6FB32A7CDEBC140", - /* Gy */ "27B6916A894D3AEE7106FE805FC34B44", - /* cofactor */ 4, - /* OID */ { 1,3,132,0,29 }, 5 -}, -#endif -#if defined(LTC_ECC_SECP160R1) || defined(LTC_ECC160) -{ - /* curve name */ "SECP160R1", - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", - /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC", - /* B */ "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", - /* order */ "0100000000000000000001F4C8F927AED3CA752257", - /* Gx */ "4A96B5688EF573284664698968C38BB913CBFC82", - /* Gy */ "23A628553168947D59DCC912042351377AC5FB32", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,8 }, 5 + /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", + /* A */ "D6031998D1B3BBFEBF59CC9BBFF9AEE1", + /* B */ "5EEEFCA380D02919DC2C6558BB6D8A5D", + /* order */ "3FFFFFFF7FFFFFFFBE0024720613B5A3", + /* Gx */ "7B6AA5D85E572983E6FB32A7CDEBC140", + /* Gy */ "27B6916A894D3AEE7106FE805FC34B44", + /* cofactor */ 4, + /* OID */ "1.3.132.0.29" +}, +#endif +#ifdef LTC_ECC_SECP160R1 +{ + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", + /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC", + /* B */ "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", + /* order */ "0100000000000000000001F4C8F927AED3CA752257", + /* Gx */ "4A96B5688EF573284664698968C38BB913CBFC82", + /* Gy */ "23A628553168947D59DCC912042351377AC5FB32", + /* cofactor */ 1, + /* OID */ "1.3.132.0.8" }, #endif #ifdef LTC_ECC_SECP160R2 { - /* curve name */ "SECP160R2", - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", - /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70", - /* B */ "B4E134D3FB59EB8BAB57274904664D5AF50388BA", - /* order */ "0100000000000000000000351EE786A818F3A1A16B", - /* Gx */ "52DCB034293A117E1F4FF11B30F7199D3144CE6D", - /* Gy */ "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,30 }, 5 + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", + /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70", + /* B */ "B4E134D3FB59EB8BAB57274904664D5AF50388BA", + /* order */ "0100000000000000000000351EE786A818F3A1A16B", + /* Gx */ "52DCB034293A117E1F4FF11B30F7199D3144CE6D", + /* Gy */ "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E", + /* cofactor */ 1, + /* OID */ "1.3.132.0.30" }, #endif #ifdef LTC_ECC_SECP160K1 { - /* curve name */ "SECP160K1", - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", - /* A */ "0000000000000000000000000000000000000000", - /* B */ "0000000000000000000000000000000000000007", - /* order */ "0100000000000000000001B8FA16DFAB9ACA16B6B3", - /* Gx */ "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", - /* Gy */ "938CF935318FDCED6BC28286531733C3F03C4FEE", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,9 }, 5 -}, -#endif -#if defined(LTC_ECC_SECP192R1) || defined(LTC_ECC192) -{ - /* curve name */ "SECP192R1", /* same as: NISTP192 PRIME192V1, old libtomcrypt name: ECC-192 */ - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", - /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", - /* B */ "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", - /* order */ "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", - /* Gx */ "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", - /* Gy */ "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811", - /* cofactor */ 1, - /* OID */ { 1,2,840,10045,3,1,1 }, 7 + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", + /* A */ "0000000000000000000000000000000000000000", + /* B */ "0000000000000000000000000000000000000007", + /* order */ "0100000000000000000001B8FA16DFAB9ACA16B6B3", + /* Gx */ "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", + /* Gy */ "938CF935318FDCED6BC28286531733C3F03C4FEE", + /* cofactor */ 1, + /* OID */ "1.3.132.0.9" +}, +#endif +#ifdef LTC_ECC_SECP192R1 +{ + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", + /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", + /* B */ "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", + /* order */ "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", + /* Gx */ "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", + /* Gy */ "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811", + /* cofactor */ 1, + /* OID */ "1.2.840.10045.3.1.1" }, #endif #ifdef LTC_ECC_PRIME192V2 { - /* curve name */ "PRIME192V2", - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", - /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", - /* B */ "CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953", - /* order */ "FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31", - /* Gx */ "EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A", - /* Gy */ "6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15", - /* cofactor */ 1, - /* OID */ { 1,2,840,10045,3,1,2 }, 7 + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", + /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", + /* B */ "CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953", + /* order */ "FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31", + /* Gx */ "EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A", + /* Gy */ "6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15", + /* cofactor */ 1, + /* OID */ "1.2.840.10045.3.1.2" }, #endif #ifdef LTC_ECC_PRIME192V3 { - /* curve name */ "PRIME192V3", - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", - /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", - /* B */ "22123DC2395A05CAA7423DAECCC94760A7D462256BD56916", - /* order */ "FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13", - /* Gx */ "7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896", - /* Gy */ "38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0", - /* cofactor */ 1, - /* OID */ { 1,2,840,10045,3,1,3 }, 7 + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", + /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", + /* B */ "22123DC2395A05CAA7423DAECCC94760A7D462256BD56916", + /* order */ "FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13", + /* Gx */ "7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896", + /* Gy */ "38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0", + /* cofactor */ 1, + /* OID */ "1.2.840.10045.3.1.3" }, #endif #ifdef LTC_ECC_SECP192K1 { - /* curve name */ "SECP192K1", - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", - /* A */ "000000000000000000000000000000000000000000000000", - /* B */ "000000000000000000000000000000000000000000000003", - /* order */ "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", - /* Gx */ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", - /* Gy */ "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,31 }, 5 -}, -#endif -#if defined(LTC_ECC_SECP224R1) || defined(LTC_ECC224) -{ - /* curve name */ "SECP224R1", /* same as: NISTP224, old libtomcrypt name: ECC-224 */ - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", - /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", - /* B */ "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", - /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", - /* Gx */ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", - /* Gy */ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,33 }, 5 + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", + /* A */ "000000000000000000000000000000000000000000000000", + /* B */ "000000000000000000000000000000000000000000000003", + /* order */ "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", + /* Gx */ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", + /* Gy */ "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", + /* cofactor */ 1, + /* OID */ "1.3.132.0.31" +}, +#endif +#ifdef LTC_ECC_SECP224R1 +{ + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", + /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", + /* B */ "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", + /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", + /* Gx */ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", + /* Gy */ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", + /* cofactor */ 1, + /* OID */ "1.3.132.0.33" }, #endif #ifdef LTC_ECC_SECP224K1 { - /* curve name */ "SECP224K1", - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", - /* A */ "00000000000000000000000000000000000000000000000000000000", - /* B */ "00000000000000000000000000000000000000000000000000000005", - /* order */ "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", - /* Gx */ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", - /* Gy */ "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,32 }, 5 -}, -#endif -#if defined(LTC_ECC_SECP256R1) || defined(LTC_ECC256) -{ - /* curve name */ "SECP256R1", /* same as: NISTP256 PRIME256V1, old libtomcrypt name: ECC-256 */ - /* prime */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", - /* A */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", - /* B */ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", - /* order */ "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", - /* Gx */ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", - /* Gy */ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", - /* cofactor */ 1, - /* OID */ { 1,2,840,10045,3,1,7 }, 7 + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", + /* A */ "00000000000000000000000000000000000000000000000000000000", + /* B */ "00000000000000000000000000000000000000000000000000000005", + /* order */ "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", + /* Gx */ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", + /* Gy */ "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", + /* cofactor */ 1, + /* OID */ "1.3.132.0.32" +}, +#endif +#ifdef LTC_ECC_SECP256R1 +{ + /* prime */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", + /* A */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", + /* B */ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", + /* order */ "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", + /* Gx */ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", + /* Gy */ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", + /* cofactor */ 1, + /* OID */ "1.2.840.10045.3.1.7" }, #endif #ifdef LTC_ECC_SECP256K1 { - /* curve name */ "SECP256K1", - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", - /* A */ "0000000000000000000000000000000000000000000000000000000000000000", - /* B */ "0000000000000000000000000000000000000000000000000000000000000007", - /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", - /* Gx */ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", - /* Gy */ "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,10 }, 5 -}, -#endif -#if defined(LTC_ECC_SECP384R1) || defined(LTC_ECC384) -{ - /* curve name */ "SECP384R1", /* same as: NISTP384, old libtomcrypt name: ECC-384 */ - /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", - /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", - /* B */ "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", - /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", - /* Gx */ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", - /* Gy */ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,34 }, 5 -}, -#endif -#if defined(LTC_ECC_SECP521R1) || defined(LTC_ECC521) -{ - /* curve name */ "SECP521R1", /* same as: NISTP521, old libtomcrypt name: ECC-521 */ - /* prime */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", - /* A */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", - /* B */ "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", - /* order */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", - /* Gx */ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", - /* Gy */ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", - /* cofactor */ 1, - /* OID */ { 1,3,132,0,35 }, 5 + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", + /* A */ "0000000000000000000000000000000000000000000000000000000000000000", + /* B */ "0000000000000000000000000000000000000000000000000000000000000007", + /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", + /* Gx */ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", + /* Gy */ "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", + /* cofactor */ 1, + /* OID */ "1.3.132.0.10" +}, +#endif +#ifdef LTC_ECC_SECP384R1 +{ + /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", + /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", + /* B */ "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", + /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", + /* Gx */ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", + /* Gy */ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", + /* cofactor */ 1, + /* OID */ "1.3.132.0.34" +}, +#endif +#ifdef LTC_ECC_SECP521R1 +{ + /* prime */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + /* A */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", + /* B */ "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", + /* order */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", + /* Gx */ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", + /* Gy */ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", + /* cofactor */ 1, + /* OID */ "1.3.132.0.35" }, #endif #ifdef LTC_ECC_PRIME239V1 { - /* curve name */ "PRIME239V1", - /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", - /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", - /* B */ "6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A", - /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B", - /* Gx */ "0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF", - /* Gy */ "7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE", - /* cofactor */ 1, - /* OID */ { 1,2,840,10045,3,1,4 }, 7 + /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + /* B */ "6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A", + /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B", + /* Gx */ "0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF", + /* Gy */ "7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE", + /* cofactor */ 1, + /* OID */ "1.2.840.10045.3.1.4" }, #endif #ifdef LTC_ECC_PRIME239V2 { - /* curve name */ "PRIME239V2", - /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", - /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", - /* B */ "617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C", - /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063", - /* Gx */ "38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7", - /* Gy */ "5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA", - /* cofactor */ 1, - /* OID */ { 1,2,840,10045,3,1,5 }, 7 + /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + /* B */ "617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C", + /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063", + /* Gx */ "38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7", + /* Gy */ "5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA", + /* cofactor */ 1, + /* OID */ "1.2.840.10045.3.1.5" }, #endif #ifdef LTC_ECC_PRIME239V3 { - /* curve name */ "PRIME239V3", - /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", - /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", - /* B */ "255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E", - /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551", - /* Gx */ "6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A", - /* Gy */ "1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3", - /* cofactor */ 1, - /* OID */ { 1,2,840,10045,3,1,6 }, 7 + /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + /* B */ "255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E", + /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551", + /* Gx */ "6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A", + /* Gy */ "1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3", + /* cofactor */ 1, + /* OID */ "1.2.840.10045.3.1.6" }, #endif #ifdef LTC_ECC_BRAINPOOLP160R1 { - /* curve name */ "BRAINPOOLP160R1", - /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", - /* A */ "340E7BE2A280EB74E2BE61BADA745D97E8F7C300", - /* B */ "1E589A8595423412134FAA2DBDEC95C8D8675E58", - /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", - /* Gx */ "BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3", - /* Gy */ "1667CB477A1A8EC338F94741669C976316DA6321", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,1 }, 10 + /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", + /* A */ "340E7BE2A280EB74E2BE61BADA745D97E8F7C300", + /* B */ "1E589A8595423412134FAA2DBDEC95C8D8675E58", + /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", + /* Gx */ "BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3", + /* Gy */ "1667CB477A1A8EC338F94741669C976316DA6321", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.1" }, #endif #ifdef LTC_ECC_BRAINPOOLP192R1 { - /* curve name */ "BRAINPOOLP192R1", - /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", - /* A */ "6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", - /* B */ "469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", - /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", - /* Gx */ "C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6", - /* Gy */ "14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,3 }, 10 + /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", + /* A */ "6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", + /* B */ "469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", + /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", + /* Gx */ "C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6", + /* Gy */ "14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.3" }, #endif #ifdef LTC_ECC_BRAINPOOLP224R1 { - /* curve name */ "BRAINPOOLP224R1", - /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", - /* A */ "68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", - /* B */ "2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", - /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", - /* Gx */ "0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D", - /* Gy */ "58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,5 }, 10 + /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", + /* A */ "68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", + /* B */ "2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", + /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", + /* Gx */ "0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D", + /* Gy */ "58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.5" }, #endif #ifdef LTC_ECC_BRAINPOOLP256R1 { - /* curve name */ "BRAINPOOLP256R1", - /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", - /* A */ "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", - /* B */ "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", - /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", - /* Gx */ "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", - /* Gy */ "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,7 }, 10 + /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", + /* A */ "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", + /* B */ "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", + /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", + /* Gx */ "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", + /* Gy */ "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.7" }, #endif #ifdef LTC_ECC_BRAINPOOLP320R1 { - /* curve name */ "BRAINPOOLP320R1", - /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", - /* A */ "3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", - /* B */ "520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", - /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", - /* Gx */ "43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611", - /* Gy */ "14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,9 }, 10 + /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", + /* A */ "3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", + /* B */ "520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", + /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", + /* Gx */ "43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611", + /* Gy */ "14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.9" }, #endif #ifdef LTC_ECC_BRAINPOOLP384R1 { - /* curve name */ "BRAINPOOLP384R1", - /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", - /* A */ "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", - /* B */ "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", - /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", - /* Gx */ "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", - /* Gy */ "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,11 }, 10 + /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", + /* A */ "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", + /* B */ "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", + /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", + /* Gx */ "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", + /* Gy */ "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.11" }, #endif #ifdef LTC_ECC_BRAINPOOLP512R1 { - /* curve name */ "BRAINPOOLP512R1", - /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", - /* A */ "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", - /* B */ "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", - /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", - /* Gx */ "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", - /* Gy */ "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,13 }, 10 + /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", + /* A */ "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", + /* B */ "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", + /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", + /* Gx */ "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", + /* Gy */ "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.13" }, #endif #ifdef LTC_ECC_BRAINPOOLP160T1 { - /* curve name */ "BRAINPOOLP160T1", - /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", - /* A */ "E95E4A5F737059DC60DFC7AD95B3D8139515620C", - /* B */ "7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", - /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", - /* Gx */ "B199B13B9B34EFC1397E64BAEB05ACC265FF2378", - /* Gy */ "ADD6718B7C7C1961F0991B842443772152C9E0AD", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,2 }, 10 + /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", + /* A */ "E95E4A5F737059DC60DFC7AD95B3D8139515620C", + /* B */ "7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", + /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", + /* Gx */ "B199B13B9B34EFC1397E64BAEB05ACC265FF2378", + /* Gy */ "ADD6718B7C7C1961F0991B842443772152C9E0AD", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.2" }, #endif #ifdef LTC_ECC_BRAINPOOLP192T1 { - /* curve name */ "BRAINPOOLP192T1", - /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", - /* A */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", - /* B */ "13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", - /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", - /* Gx */ "3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129", - /* Gy */ "097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,4 }, 10 + /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", + /* A */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", + /* B */ "13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", + /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", + /* Gx */ "3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129", + /* Gy */ "097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.4" }, #endif #ifdef LTC_ECC_BRAINPOOLP224T1 { - /* curve name */ "BRAINPOOLP224T1", - /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", - /* A */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", - /* B */ "4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", - /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", - /* Gx */ "6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580", - /* Gy */ "0374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,6 }, 10 + /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", + /* A */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", + /* B */ "4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", + /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", + /* Gx */ "6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580", + /* Gy */ "0374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.6" }, #endif #ifdef LTC_ECC_BRAINPOOLP256T1 { - /* curve name */ "BRAINPOOLP256T1", - /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", - /* A */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", - /* B */ "662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", - /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", - /* Gx */ "A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4", - /* Gy */ "2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,8 }, 10 + /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", + /* A */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", + /* B */ "662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", + /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", + /* Gx */ "A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4", + /* Gy */ "2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.8" }, #endif #ifdef LTC_ECC_BRAINPOOLP320T1 { - /* curve name */ "BRAINPOOLP320T1", - /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", - /* A */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", - /* B */ "A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", - /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", - /* Gx */ "925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52", - /* Gy */ "63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,10 }, 10 + /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", + /* A */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", + /* B */ "A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", + /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", + /* Gx */ "925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52", + /* Gy */ "63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.10" }, #endif #ifdef LTC_ECC_BRAINPOOLP384T1 { - /* curve name */ "BRAINPOOLP384T1", - /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", - /* A */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", - /* B */ "7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", - /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", - /* Gx */ "18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC", - /* Gy */ "25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,12 }, 10 + /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", + /* A */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", + /* B */ "7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", + /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", + /* Gx */ "18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC", + /* Gy */ "25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.12" }, #endif #ifdef LTC_ECC_BRAINPOOLP512T1 { - /* curve name */ "BRAINPOOLP512T1", - /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", - /* A */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", - /* B */ "7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", - /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", - /* Gx */ "640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA", - /* Gy */ "5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332", - /* cofactor */ 1, - /* OID */ { 1,3,36,3,3,2,8,1,1,14 }, 10 -}, -#endif -{ - NULL, NULL, NULL, NULL, NULL, NULL, NULL, - 0, - { 0 }, 0 + /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", + /* A */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", + /* B */ "7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", + /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", + /* Gx */ "640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA", + /* Gy */ "5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332", + /* cofactor */ 1, + /* OID */ "1.3.36.3.3.2.8.1.1.14" +}, +#endif +{ + NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL } }; diff --git a/src/ltc/pk/ecc/ecc_ansi_x963_export.c b/src/ltc/pk/ecc/ecc_ansi_x963_export.c index 528dcd8..b752b6b 100644 --- a/src/ltc/pk/ecc/ecc_ansi_x963_export.c +++ b/src/ltc/pk/ecc/ecc_ansi_x963_export.c @@ -22,7 +22,7 @@ @param outlen [in/out] Length of destination and final output size Return CRYPT_OK on success */ -int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen) +int ecc_ansi_x963_export(const ecc_key *key, unsigned char *out, unsigned long *outlen) { unsigned char buf[ECC_BUF_SIZE]; unsigned long numlen, xlen, ylen; diff --git a/src/ltc/pk/ecc/ecc_ansi_x963_import.c b/src/ltc/pk/ecc/ecc_ansi_x963_import.c index bcc8575..12b034d 100644 --- a/src/ltc/pk/ecc/ecc_ansi_x963_import.c +++ b/src/ltc/pk/ecc/ecc_ansi_x963_import.c @@ -26,7 +26,7 @@ return ecc_ansi_x963_import_ex(in, inlen, key, NULL); } -int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp) +int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu) { int err; @@ -39,13 +39,13 @@ } /* initialize key->dp */ - if (dp == NULL) { + if (cu == NULL) { /* this case works only for uncompressed public keys */ - if ((err = ecc_set_dp_size((inlen-1)>>1, key)) != CRYPT_OK) { return err; } + if ((err = ecc_set_dp_by_size((inlen-1)>>1, key)) != CRYPT_OK) { return err; } } else { /* this one works for both compressed / uncompressed pubkeys */ - if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { return err; } + if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { return err; } } /* load public key */ diff --git a/src/ltc/pk/ecc/ecc_decrypt_key.c b/src/ltc/pk/ecc/ecc_decrypt_key.c index ebfa515..6ce93d5 100644 --- a/src/ltc/pk/ecc/ecc_decrypt_key.c +++ b/src/ltc/pk/ecc/ecc_decrypt_key.c @@ -27,7 +27,7 @@ */ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - ecc_key *key) + const ecc_key *key) { unsigned char *ecc_shared, *skey, *pub_expt; unsigned long x, y; @@ -85,7 +85,7 @@ } /* import ECC key from packet */ - if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = ecc_copy_dp(key, &pubkey)) != CRYPT_OK) { goto LBL_ERR; } if ((err = ecc_set_key(decode[1].data, decode[1].size, PK_PUBLIC, &pubkey)) != CRYPT_OK) { goto LBL_ERR; } /* make shared key */ diff --git a/src/ltc/pk/ecc/ecc_encrypt_key.c b/src/ltc/pk/ecc/ecc_encrypt_key.c index 530eadd..e0beb69 100644 --- a/src/ltc/pk/ecc/ecc_encrypt_key.c +++ b/src/ltc/pk/ecc/ecc_encrypt_key.c @@ -31,7 +31,7 @@ int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, prng_state *prng, int wprng, int hash, - ecc_key *key) + const ecc_key *key) { unsigned char *pub_expt, *ecc_shared, *skey; ecc_key pubkey; @@ -57,7 +57,7 @@ } /* make a random key and export the public copy */ - if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { return err; } + if ((err = ecc_copy_dp(key, &pubkey)) != CRYPT_OK) { return err; } if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { return err; } pub_expt = XMALLOC(ECC_BUF_SIZE); @@ -78,12 +78,14 @@ } pubkeysize = ECC_BUF_SIZE; -#ifdef USE_TFM - /* XXX-FIXME: TFM does not support sqrtmod_prime */ - if ((err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) { -#else - if ((err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC|PK_COMPRESSED, &pubkey)) != CRYPT_OK) { -#endif + if (ltc_mp.sqrtmod_prime != NULL) { + /* PK_COMPRESSED requires sqrtmod_prime */ + err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC|PK_COMPRESSED, &pubkey); + } + else { + err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey); + } + if (err != CRYPT_OK) { ecc_free(&pubkey); goto LBL_ERR; } diff --git a/src/ltc/pk/ecc/ecc_export.c b/src/ltc/pk/ecc/ecc_export.c index a095e9a..eab854a 100644 --- a/src/ltc/pk/ecc/ecc_export.c +++ b/src/ltc/pk/ecc/ecc_export.c @@ -24,7 +24,7 @@ @param key The key to export @return CRYPT_OK if successful */ -int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) +int ecc_export(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key) { int err; unsigned char flags[1]; diff --git a/src/ltc/pk/ecc/ecc_export_openssl.c b/src/ltc/pk/ecc/ecc_export_openssl.c index c918137..4f47dd3 100644 --- a/src/ltc/pk/ecc/ecc_export_openssl.c +++ b/src/ltc/pk/ecc/ecc_export_openssl.c @@ -20,89 +20,86 @@ @return CRYPT_OK if successful */ -int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) +int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key) { - int err; - void *prime, *order, *a, *b, *gx, *gy; - unsigned char bin_a[256], bin_b[256], bin_k[256], bin_g[512], bin_xy[512]; - unsigned long len_a, len_b, len_k, len_g, len_xy; - unsigned long cofactor, one = 1; - oid_st oid; - ltc_asn1_list seq_fieldid[2], seq_curve[2], seq_ecparams[6], seq_priv[4], pub_xy, ecparams; - int flag_oid = type & PK_CURVEOID ? 1 : 0; - int flag_com = type & PK_COMPRESSED ? 1 : 0; - int flag_pri = type & PK_PRIVATE ? 1 : 0; + int err; + void *prime, *order, *a, *b, *gx, *gy; + unsigned char bin_a[256], bin_b[256], bin_k[256], bin_g[512], bin_xy[512]; + unsigned long len_a, len_b, len_k, len_g, len_xy; + unsigned long cofactor, one = 1; + oid_st oid; + ltc_asn1_list seq_fieldid[2], seq_curve[2], seq_ecparams[6], seq_priv[4], pub_xy, ecparams; + int flag_oid = type & PK_CURVEOID ? 1 : 0; + int flag_com = type & PK_COMPRESSED ? 1 : 0; + int flag_pri = type & PK_PRIVATE ? 1 : 0; - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + LTC_ARGCHK(key != NULL); - if (key->type != PK_PRIVATE && flag_pri) return CRYPT_PK_TYPE_MISMATCH; + if (key->type != PK_PRIVATE && flag_pri) return CRYPT_PK_TYPE_MISMATCH; - prime = key->dp.prime; - order = key->dp.order; - b = key->dp.B; - a = key->dp.A; - gx = key->dp.base.x; - gy = key->dp.base.y; + prime = key->dp.prime; + order = key->dp.order; + b = key->dp.B; + a = key->dp.A; + gx = key->dp.base.x; + gy = key->dp.base.y; - /* curve param a */ - len_a = mp_unsigned_bin_size(a); - if (len_a > sizeof(bin_a)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } - if ((err = mp_to_unsigned_bin(a, bin_a)) != CRYPT_OK) goto error; - if (len_a == 0) { len_a = 1; bin_a[0] = 0; } /* XXX-TODO hack to handle case a == 0 */ + /* curve param a */ + len_a = mp_unsigned_bin_size(a); + if (len_a > sizeof(bin_a)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } + if ((err = mp_to_unsigned_bin(a, bin_a)) != CRYPT_OK) { goto error; } + if (len_a == 0) { len_a = 1; bin_a[0] = 0; } /* handle case a == 0 */ - /* curve param b */ - len_b = mp_unsigned_bin_size(b); - if (len_b > sizeof(bin_b)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } - if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK) goto error; - if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* XXX-TODO hack to handle case b == 0 */ + /* curve param b */ + len_b = mp_unsigned_bin_size(b); + if (len_b > sizeof(bin_b)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } + if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK) { goto error; } + if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* handle case b == 0 */ - /* base point - (un)compressed based on flag_com */ - len_g = sizeof(bin_g); - if ((err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com)) != CRYPT_OK) goto error; + /* base point - (un)compressed based on flag_com */ + len_g = sizeof(bin_g); + err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com); + if (err != CRYPT_OK) { goto error; } - /* public key - (un)compressed based on flag_com */ - len_xy = sizeof(bin_xy); - if ((err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com)) != CRYPT_OK) goto error; + /* public key - (un)compressed based on flag_com */ + len_xy = sizeof(bin_xy); + err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com); + if (err != CRYPT_OK) { goto error; } - /* co-factor */ - cofactor = key->dp.cofactor; + /* co-factor */ + cofactor = key->dp.cofactor; - /* we support only prime-field EC */ - if ((err = pk_get_oid(PKA_EC_PRIMEF, &oid)) != CRYPT_OK) goto error; + /* we support only prime-field EC */ + if ((err = pk_get_oid(PKA_EC_PRIMEF, &oid)) != CRYPT_OK) { goto error; } - if (flag_oid) { - /* from http://tools.ietf.org/html/rfc5912 - - ECParameters ::= CHOICE { - namedCurve CURVE.&id({NamedCurve}) # OBJECT - } + if (flag_oid) { + /* http://tools.ietf.org/html/rfc5912 + ECParameters ::= CHOICE { + namedCurve CURVE.&id({NamedCurve}) # OBJECT + } */ - if (key->dp.oidlen == 0) { - err = CRYPT_INVALID_ARG; - goto error; - } + if (key->dp.oidlen == 0) { err = CRYPT_INVALID_ARG; goto error; } LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_OBJECT_IDENTIFIER, key->dp.oid, key->dp.oidlen); - } - else { - /* from http://tools.ietf.org/html/rfc3279 - - ECParameters ::= SEQUENCE { # SEQUENCE - version INTEGER { ecpVer1(1) } (ecpVer1), # INTEGER :01 - FieldID ::= SEQUENCE { # SEQUENCE - fieldType FIELD-ID.&id({IOSet}), # OBJECT :prime-field - parameters FIELD-ID.&Type({IOSet}{@fieldType}) # INTEGER - } - Curve ::= SEQUENCE { # SEQUENCE - a FieldElement ::= OCTET STRING # OCTET STRING - b FieldElement ::= OCTET STRING # OCTET STRING - seed BIT STRING OPTIONAL - } - base ECPoint ::= OCTET STRING # OCTET STRING - order INTEGER, # INTEGER - cofactor INTEGER OPTIONAL # INTEGER - } + } + else { + /* http://tools.ietf.org/html/rfc3279 + ECParameters ::= SEQUENCE { # SEQUENCE + version INTEGER { ecpVer1(1) } (ecpVer1) # INTEGER :01 + FieldID ::= SEQUENCE { # SEQUENCE + fieldType FIELD-ID.&id({IOSet}), # OBJECT :prime-field + parameters FIELD-ID.&Type({IOSet}{@fieldType}) # INTEGER + } + Curve ::= SEQUENCE { # SEQUENCE + a FieldElement ::= OCTET STRING # OCTET STRING + b FieldElement ::= OCTET STRING # OCTET STRING + seed BIT STRING OPTIONAL + } + base ECPoint ::= OCTET STRING # OCTET STRING + order INTEGER, # INTEGER + cofactor INTEGER OPTIONAL # INTEGER + } */ /* FieldID SEQUENCE */ @@ -123,50 +120,47 @@ /* ECParameters used by ECPrivateKey or SubjectPublicKeyInfo below */ LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL); - } + } - if (flag_pri) { - /* private key format: http://tools.ietf.org/html/rfc5915 - - ECPrivateKey ::= SEQUENCE { # SEQUENCE - version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), # INTEGER :01 - privateKey OCTET STRING, # OCTET STRING - [0] ECParameters # see above - [1] publicKey # BIT STRING - } + if (flag_pri) { + /* http://tools.ietf.org/html/rfc5915 + ECPrivateKey ::= SEQUENCE { # SEQUENCE + version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1) # INTEGER :01 + privateKey OCTET STRING, # OCTET STRING + [0] ECParameters # see above + [1] publicKey # BIT STRING + } */ /* private key */ len_k = mp_unsigned_bin_size(key->k); - if (len_k > sizeof(bin_k)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } - if ((err = mp_to_unsigned_bin(key->k, bin_k)) != CRYPT_OK) goto error; + if (len_k > sizeof(bin_k)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } + if ((err = mp_to_unsigned_bin(key->k, bin_k)) != CRYPT_OK) { goto error; } - LTC_SET_ASN1(&pub_xy, 0, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8*len_xy); - LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &one, 1); - LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, len_k); + LTC_SET_ASN1(&pub_xy, 0, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8*len_xy); + LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &one, 1); + LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, len_k); LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, &ecparams); /* context specific 0 */ LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, &pub_xy); /* context specific 1 */ err = der_encode_sequence(seq_priv, 4, out, outlen); - } - else { - /* public key format: http://tools.ietf.org/html/rfc5480 - - SubjectPublicKeyInfo ::= SEQUENCE { # SEQUENCE - AlgorithmIdentifier ::= SEQUENCE { # SEQUENCE - algorithm OBJECT IDENTIFIER # OBJECT :id-ecPublicKey - ECParameters # see above - } - subjectPublicKey BIT STRING # BIT STRING - } + } + else { + /* http://tools.ietf.org/html/rfc5480 + SubjectPublicKeyInfo ::= SEQUENCE { # SEQUENCE + AlgorithmIdentifier ::= SEQUENCE { # SEQUENCE + algorithm OBJECT IDENTIFIER # OBJECT :id-ecPublicKey + ECParameters # see above + } + subjectPublicKey BIT STRING # BIT STRING + } */ - err = x509_encode_subject_public_key_info( out, outlen, - PKA_EC, bin_xy, len_xy, - ecparams.type, ecparams.data, ecparams.size ); - } + err = x509_encode_subject_public_key_info( out, outlen, PKA_EC, bin_xy, len_xy, + ecparams.type, ecparams.data, ecparams.size ); + } error: - return err; + return err; } #endif diff --git a/src/ltc/pk/ecc/ecc_free.c b/src/ltc/pk/ecc/ecc_free.c index c8033b3..47d3129 100644 --- a/src/ltc/pk/ecc/ecc_free.c +++ b/src/ltc/pk/ecc/ecc_free.c @@ -23,14 +23,12 @@ void ecc_free(ecc_key *key) { LTC_ARGCHKVD(key != NULL); - /* clean dp */ + mp_cleanup_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B, &key->dp.base.x, &key->dp.base.y, &key->dp.base.z, - NULL); - - /* clean key */ - mp_cleanup_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL); + &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, + &key->k, NULL); } #endif diff --git a/src/ltc/pk/ecc/ecc_get_curve.c b/src/ltc/pk/ecc/ecc_get_curve.c new file mode 100644 index 0000000..7f03862 --- /dev/null +++ b/src/ltc/pk/ecc/ecc_get_curve.c @@ -0,0 +1,254 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + */ + +#include "tomcrypt.h" + +#ifdef LTC_MECC + +static const struct { + const char *OID; + const char *names[6]; +} _curve_names[] = { +#ifdef LTC_ECC_SECP112R1 + { + "1.3.132.0.6", { "SECP112R1", "ECC-112", NULL } + }, +#endif +#ifdef LTC_ECC_SECP112R2 + { + "1.3.132.0.7", { "SECP112R2", NULL } + }, +#endif +#ifdef LTC_ECC_SECP128R1 + { + "1.3.132.0.28", { "SECP128R1", "ECC-128", NULL } + }, +#endif +#ifdef LTC_ECC_SECP128R2 + { + "1.3.132.0.29", { "SECP128R2", NULL } + }, +#endif +#ifdef LTC_ECC_SECP160R1 + { + "1.3.132.0.8", { "SECP160R1", "ECC-160", NULL } + }, +#endif +#ifdef LTC_ECC_SECP160R2 + { + "1.3.132.0.30", { "SECP160R2", NULL } + }, +#endif +#ifdef LTC_ECC_SECP160K1 + { + "1.3.132.0.9", { "SECP160K1", NULL } + }, +#endif +#ifdef LTC_ECC_SECP192R1 + { + "1.2.840.10045.3.1.1", { "SECP192R1", "NISTP192", "PRIME192V1", "ECC-192", "P-192", NULL } + }, +#endif +#ifdef LTC_ECC_PRIME192V2 + { + "1.2.840.10045.3.1.2", { "PRIME192V2", NULL } + }, +#endif +#ifdef LTC_ECC_PRIME192V3 + { + "1.2.840.10045.3.1.3", { "PRIME192V3", NULL } + }, +#endif +#ifdef LTC_ECC_SECP192K1 + { + "1.3.132.0.31", { "SECP192K1", NULL } + }, +#endif +#ifdef LTC_ECC_SECP224R1 + { + "1.3.132.0.33", { "SECP224R1", "NISTP224", "ECC-224", "P-224", NULL } + }, +#endif +#ifdef LTC_ECC_SECP224K1 + { + "1.3.132.0.32", { "SECP224K1", NULL } + }, +#endif +#ifdef LTC_ECC_SECP256R1 + { + "1.2.840.10045.3.1.7", { "SECP256R1", "NISTP256", "PRIME256V1", "ECC-256", "P-256", NULL } + }, +#endif +#ifdef LTC_ECC_SECP256K1 + { + "1.3.132.0.10", { "SECP256K1", NULL } + }, +#endif +#ifdef LTC_ECC_SECP384R1 + { + "1.3.132.0.34", { "SECP384R1", "NISTP384", "ECC-384", "P-384", NULL } + }, +#endif +#ifdef LTC_ECC_SECP521R1 + { + "1.3.132.0.35", { "SECP521R1", "NISTP521", "ECC-521", "P-521", NULL } + }, +#endif +#ifdef LTC_ECC_PRIME239V1 + { + "1.2.840.10045.3.1.4", { "PRIME239V1", NULL } + }, +#endif +#ifdef LTC_ECC_PRIME239V2 + { + "1.2.840.10045.3.1.5", { "PRIME239V2", NULL } + }, +#endif +#ifdef LTC_ECC_PRIME239V3 + { + "1.2.840.10045.3.1.6", { "PRIME239V3", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP160R1 + { + "1.3.36.3.3.2.8.1.1.1", { "BRAINPOOLP160R1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP192R1 + { + "1.3.36.3.3.2.8.1.1.3", { "BRAINPOOLP192R1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP224R1 + { + "1.3.36.3.3.2.8.1.1.5", { "BRAINPOOLP224R1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP256R1 + { + "1.3.36.3.3.2.8.1.1.7", { "BRAINPOOLP256R1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP320R1 + { + "1.3.36.3.3.2.8.1.1.9", { "BRAINPOOLP320R1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP384R1 + { + "1.3.36.3.3.2.8.1.1.11", { "BRAINPOOLP384R1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP512R1 + { + "1.3.36.3.3.2.8.1.1.13", { "BRAINPOOLP512R1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP160T1 + { + "1.3.36.3.3.2.8.1.1.2", { "BRAINPOOLP160T1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP192T1 + { + "1.3.36.3.3.2.8.1.1.4", { "BRAINPOOLP192T1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP224T1 + { + "1.3.36.3.3.2.8.1.1.6", { "BRAINPOOLP224T1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP256T1 + { + "1.3.36.3.3.2.8.1.1.8", { "BRAINPOOLP256T1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP320T1 + { + "1.3.36.3.3.2.8.1.1.10", { "BRAINPOOLP320T1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP384T1 + { + "1.3.36.3.3.2.8.1.1.12", { "BRAINPOOLP384T1", NULL } + }, +#endif +#ifdef LTC_ECC_BRAINPOOLP512T1 + { + "1.3.36.3.3.2.8.1.1.14", { "BRAINPOOLP512T1", NULL } + }, +#endif + { + NULL, { NULL } + } +}; + +/* case-insensitive match + ignore '-', '_', ' ' */ +static int _name_match(const char *left, const char *right) +{ + char lc_r, lc_l; + + while ((*left != '\0') && (*right != '\0')) { + while ((*left == ' ') || (*left == '-') || (*left == '_')) left++; + while ((*right == ' ') || (*right == '-') || (*right == '_')) right++; + if (*left == '\0' || *right == '\0') break; + lc_r = *right; + lc_l = *left; + if ((lc_r >= 'A') && (lc_r <= 'Z')) lc_r += 32; + if ((lc_l >= 'A') && (lc_l <= 'Z')) lc_l += 32; + if (lc_l != lc_r) return 0; + left++; + right++; + } + + if ((*left == '\0') && (*right == '\0')) + return 1; + else + return 0; +} + +int ecc_get_curve(const char *name_or_oid, const ltc_ecc_curve **cu) +{ + int i, j; + const char *OID = NULL; + + LTC_ARGCHK(cu != NULL); + LTC_ARGCHK(name_or_oid != NULL); + + *cu = NULL; + + for (i = 0; _curve_names[i].OID != NULL && !OID; i++) { + if (XSTRCMP(_curve_names[i].OID, name_or_oid) == 0) { + OID = _curve_names[i].OID; + } + for (j = 0; _curve_names[i].names[j] != NULL && !OID; j++) { + if (_name_match(_curve_names[i].names[j], name_or_oid)) { + OID = _curve_names[i].OID; + } + } + } + + if (OID != NULL) { + for (i = 0; ltc_ecc_curves[i].prime != NULL; i++) { + if (XSTRCMP(ltc_ecc_curves[i].OID, OID) == 0) { + *cu = <c_ecc_curves[i]; + return CRYPT_OK; + } + } + } + + return CRYPT_INVALID_ARG; /* not found */ +} + +#endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_get_key.c b/src/ltc/pk/ecc/ecc_get_key.c index 2b4e857..2154e7f 100644 --- a/src/ltc/pk/ecc/ecc_get_key.c +++ b/src/ltc/pk/ecc/ecc_get_key.c @@ -19,7 +19,7 @@ Return CRYPT_OK on success */ -int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) +int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key) { unsigned long size, ksize; int err, compressed; diff --git a/src/ltc/pk/ecc/ecc_get_set.c b/src/ltc/pk/ecc/ecc_get_set.c deleted file mode 100644 index f00cf45..0000000 --- a/src/ltc/pk/ecc/ecc_get_set.c +++ /dev/null @@ -1,40 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - */ - -#include "tomcrypt.h" - -#ifdef LTC_MECC - -int ecc_get_set_by_name(const char* name, const ltc_ecc_set_type** dp) -{ - int i; - - LTC_ARGCHK(dp != NULL); - LTC_ARGCHK(name != NULL); - - *dp = NULL; - - for (i = 0; ltc_ecc_sets[i].name != NULL; i++) { - if (XSTRCMP(ltc_ecc_sets[i].name, name) == 0) break; - } - - if (ltc_ecc_sets[i].name == NULL) { - /* not found */ - return CRYPT_INVALID_ARG; - } - - *dp = <c_ecc_sets[i]; - return CRYPT_OK; -} - -#endif - -/* ref: $Format:%D$ */ -/* git commit: $Format:%H$ */ -/* commit time: $Format:%ai$ */ diff --git a/src/ltc/pk/ecc/ecc_get_size.c b/src/ltc/pk/ecc/ecc_get_size.c index 8d1c936..3f5810c 100644 --- a/src/ltc/pk/ecc/ecc_get_size.c +++ b/src/ltc/pk/ecc/ecc_get_size.c @@ -21,7 +21,7 @@ @param key The key to get the size of @return The size (octets) of the key or INT_MAX on error */ -int ecc_get_size(ecc_key *key) +int ecc_get_size(const ecc_key *key) { if (key == NULL) { return INT_MAX; diff --git a/src/ltc/pk/ecc/ecc_import.c b/src/ltc/pk/ecc/ecc_import.c index 3a1dcc5..6deea28 100644 --- a/src/ltc/pk/ecc/ecc_import.c +++ b/src/ltc/pk/ecc/ecc_import.c @@ -33,10 +33,10 @@ @param in The packet to import @param inlen The length of the packet @param key [out] The destination of the import - @param dp pointer to user supplied params; must be the same as the params used when exporting + @param cu pointer to user supplied params; must be the same as the params used when exporting @return CRYPT_OK if successful, upon error all allocated memory will be freed */ -int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp) +int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu) { unsigned long key_size; unsigned char flags[1]; @@ -55,10 +55,10 @@ } /* allocate & initialize the key */ - if (dp == NULL) { - if ((err = ecc_set_dp_size(key_size, key)) != CRYPT_OK) { goto done; } + if (cu == NULL) { + if ((err = ecc_set_dp_by_size(key_size, key)) != CRYPT_OK) { goto done; } } else { - if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { goto done; } + if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { goto done; } } if (flags[0] == 1) { diff --git a/src/ltc/pk/ecc/ecc_import_openssl.c b/src/ltc/pk/ecc/ecc_import_openssl.c index abbf505..a9e25a6 100644 --- a/src/ltc/pk/ecc/ecc_import_openssl.c +++ b/src/ltc/pk/ecc/ecc_import_openssl.c @@ -15,9 +15,12 @@ { void *prime, *order, *a, *b, *gx, *gy; ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6], seq_priv[4], custom[2]; - unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE], bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128]; + unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE]; + unsigned char bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128]; unsigned long len_a, len_b, len_k, len_g, len_xy, len_oid, len; unsigned long cofactor = 0, ecver = 0, pkver = 0, tmpoid[16], curveoid[16]; + char OID[256]; + const ltc_ecc_curve *curve; int err; if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) { @@ -28,32 +31,36 @@ len_xy = sizeof(bin_xy); len_oid = 16; - err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, &len_oid); + err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, + LTC_ASN1_OBJECT_IDENTIFIER, (void *)curveoid, &len_oid); if (err == CRYPT_OK) { /* load curve parameters for given curve OID */ - if ((err = ecc_set_dp_oid(curveoid, len_oid, key)) != CRYPT_OK) { goto error; } + len = sizeof(OID); + if ((err = pk_oid_num_to_str(curveoid, len_oid, OID, &len)) != CRYPT_OK) { goto error; } + if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto error; } + if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto error; } /* load public key */ - if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } + if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } goto success; } /* ### 2. try to load public key - curve parameters included */ /* ECParameters SEQUENCE */ - LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); - LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); - LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); - LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); - LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); - LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); + LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); + LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); + LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); + LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); + LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); + LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); seq_ecparams[5].optional = 1; /* FieldID SEQUENCE */ - LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); - LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); + LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); + LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); /* Curve SEQUENCE */ - LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); + LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); seq_curve[2].optional = 1; /* try to load public key */ len_xy = sizeof(bin_xy); @@ -65,23 +72,23 @@ len_b = seq_curve[1].size; len_g = seq_ecparams[3].size; /* create bignums */ - if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } - if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } - if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } + if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } /* load curve parameters */ - if ((err = ecc_set_dp_bn(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } + if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } /* load public key */ - if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } + if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } goto success; } /* ### 3. try to load private key - no curve parameters just curve OID */ /* ECPrivateKey SEQUENCE */ - LTC_SET_ASN1(custom, 0, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL); - LTC_SET_ASN1(custom, 1, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); - LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL); - LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(custom, 0, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL); + LTC_SET_ASN1(custom, 1, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); + LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL); + LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom); /* context specific 0 */ LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, custom + 1); /* context specific 1 */ @@ -89,9 +96,12 @@ err = der_decode_sequence(in, inlen, seq_priv, 4); if (err == CRYPT_OK) { /* load curve parameters for given curve OID */ - if ((err = ecc_set_dp_oid(curveoid, custom[0].size, key)) != CRYPT_OK) { goto error; } + len = sizeof(OID); + if ((err = pk_oid_num_to_str(curveoid, custom[0].size, OID, &len)) != CRYPT_OK) { goto error; } + if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto error; } + if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto error; } /* load private+public key */ - if ((err = ecc_set_key(bin_k, seq_priv[1].size, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } + if ((err = ecc_set_key(bin_k, seq_priv[1].size, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } goto success; } @@ -113,12 +123,12 @@ LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); seq_ecparams[5].optional = 1; /* FieldID SEQUENCE */ - LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); - LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); + LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); + LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); /* Curve SEQUENCE */ - LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); - LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); + LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); + LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); seq_curve[2].optional = 1; /* try to load private key */ err = der_decode_sequence(in, inlen, seq_priv, 4); @@ -129,19 +139,19 @@ len_b = seq_curve[1].size; len_g = seq_ecparams[3].size; /* create bignums */ - if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } - if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } - if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } + if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } /* load curve parameters */ - if ((err = ecc_set_dp_bn(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } + if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } /* load private+public key */ - if ((err = ecc_set_key(bin_k, len_k, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } + if ((err = ecc_set_key(bin_k, len_k, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } goto success; } /* ### 5. backward compatibility - try to load old-DER format */ - if ((err = ecc_import(in, inlen, key)) != CRYPT_OK) { goto error; } + if ((err = ecc_import(in, inlen, key)) != CRYPT_OK) { goto error; } success: err = CRYPT_OK; diff --git a/src/ltc/pk/ecc/ecc_import_pkcs8.c b/src/ltc/pk/ecc/ecc_import_pkcs8.c index 6b5b0c7..8097eab 100644 --- a/src/ltc/pk/ecc/ecc_import_pkcs8.c +++ b/src/ltc/pk/ecc/ecc_import_pkcs8.c @@ -460,6 +460,8 @@ unsigned long len, cofactor; oid_st ecoid; int err; + char OID[256]; + const ltc_ecc_curve *curve; ltc_asn1_list *p = NULL, *l = NULL; LTC_ARGCHK(in != NULL); @@ -500,9 +502,10 @@ * 23:d=1 hl=2 l= 77 prim: OCTET STRING :bytes (== privatekey) */ ltc_asn1_list *loid = lseq->child->next; - if ((err = ecc_set_dp_oid(loid->data, loid->size, key)) != CRYPT_OK) { - goto LBL_DONE; - } + len = sizeof(OID); + if ((err = pk_oid_num_to_str(loid->data, loid->size, OID, &len)) != CRYPT_OK) { goto LBL_DONE; } + if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto LBL_DONE; } + if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto LBL_DONE; } } else if (lseq->child->next && lseq->child->next->type == LTC_ASN1_SEQUENCE) { /* CASE 2: explicit curve parameters (AKA long variant): @@ -553,7 +556,7 @@ if ((err = ltc_ecc_import_point(lg->data, lg->size, lprime->data, a, b, gx, gy)) != CRYPT_OK) { goto LBL_DONE; } - if ((err = ecc_set_dp_bn(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) { + if ((err = ecc_set_dp_from_mpis(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) { goto LBL_DONE; } } diff --git a/src/ltc/pk/ecc/ecc_make_key.c b/src/ltc/pk/ecc/ecc_make_key.c index 4617bef..1666017 100644 --- a/src/ltc/pk/ecc/ecc_make_key.c +++ b/src/ltc/pk/ecc/ecc_make_key.c @@ -28,15 +28,15 @@ { int err; - if ((err = ecc_set_dp_size(keysize, key)) != CRYPT_OK) { return err; } + if ((err = ecc_set_dp_by_size(keysize, key)) != CRYPT_OK) { return err; } if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } return CRYPT_OK; } -int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp) +int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_curve *cu) { int err; - if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { return err; } + if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { return err; } if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } return CRYPT_OK; } diff --git a/src/ltc/pk/ecc/ecc_set_dp.c b/src/ltc/pk/ecc/ecc_set_dp.c index 17a0d2a..cecca68 100644 --- a/src/ltc/pk/ecc/ecc_set_dp.c +++ b/src/ltc/pk/ecc/ecc_set_dp.c @@ -11,13 +11,12 @@ #ifdef LTC_MECC -int ecc_set_dp(const ltc_ecc_set_type *set, ecc_key *key) +int ecc_set_dp(const ltc_ecc_curve *curve, ecc_key *key) { - unsigned long i; int err; LTC_ARGCHK(key != NULL); - LTC_ARGCHK(set != NULL); + LTC_ARGCHK(curve != NULL); if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B, &key->dp.base.x, &key->dp.base.y, &key->dp.base.z, @@ -27,19 +26,19 @@ } /* A, B, order, prime, Gx, Gy */ - if ((err = mp_read_radix(key->dp.prime, set->prime, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->dp.order, set->order, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->dp.A, set->A, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->dp.B, set->B, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->dp.base.x, set->Gx, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(key->dp.base.y, set->Gy, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.prime, curve->prime, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.order, curve->order, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.A, curve->A, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.B, curve->B, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.base.x, curve->Gx, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_read_radix(key->dp.base.y, curve->Gy, 16)) != CRYPT_OK) { goto error; } + if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; } /* cofactor & size */ - key->dp.cofactor = set->cofactor; + key->dp.cofactor = curve->cofactor; key->dp.size = mp_unsigned_bin_size(key->dp.prime); - /* OID */ - key->dp.oidlen = set->oidlen; - for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = set->oid[i]; + /* OID string >> unsigned long oid[16] + oidlen */ + key->dp.oidlen = 16; + if ((err = pk_oid_str_to_num(curve->OID, key->dp.oid, &key->dp.oidlen)) != CRYPT_OK) { goto error; } /* success */ return CRYPT_OK; @@ -48,44 +47,38 @@ return err; } -int ecc_set_dp_size(int size, ecc_key *key) +int ecc_set_dp_by_size(int size, ecc_key *key) { - const ltc_ecc_set_type *dp = NULL; - int err; + const ltc_ecc_curve *cu = NULL; + int err = CRYPT_ERROR; /* for compatibility with libtomcrypt-1.17 the sizes below must match the specific curves */ if (size <= 14) { - if ((err = ecc_get_set_by_name("SECP112R1", &dp)) != CRYPT_OK) return err; - return ecc_set_dp(dp, key); + err = ecc_get_curve("SECP112R1", &cu); } else if (size <= 16) { - if ((err = ecc_get_set_by_name("SECP128R1", &dp)) != CRYPT_OK) return err; - return ecc_set_dp(dp, key); + err = ecc_get_curve("SECP128R1", &cu); } else if (size <= 20) { - if ((err = ecc_get_set_by_name("SECP160R1", &dp)) != CRYPT_OK) return err; - return ecc_set_dp(dp, key); + err = ecc_get_curve("SECP160R1", &cu); } else if (size <= 24) { - if ((err = ecc_get_set_by_name("SECP192R1", &dp)) != CRYPT_OK) return err; - return ecc_set_dp(dp, key); + err = ecc_get_curve("SECP192R1", &cu); } else if (size <= 28) { - if ((err = ecc_get_set_by_name("SECP224R1", &dp)) != CRYPT_OK) return err; - return ecc_set_dp(dp, key); + err = ecc_get_curve("SECP224R1", &cu); } else if (size <= 32) { - if ((err = ecc_get_set_by_name("SECP256R1", &dp)) != CRYPT_OK) return err; - return ecc_set_dp(dp, key); + err = ecc_get_curve("SECP256R1", &cu); } else if (size <= 48) { - if ((err = ecc_get_set_by_name("SECP384R1", &dp)) != CRYPT_OK) return err; - return ecc_set_dp(dp, key); + err = ecc_get_curve("SECP384R1", &cu); } else if (size <= 66) { - if ((err = ecc_get_set_by_name("SECP521R1", &dp)) != CRYPT_OK) return err; - return ecc_set_dp(dp, key); + err = ecc_get_curve("SECP521R1", &cu); } + + if (err == CRYPT_OK && cu != NULL) return ecc_set_dp(cu, key); return CRYPT_INVALID_ARG; } diff --git a/src/ltc/pk/ecc/ecc_set_dp_internal.c b/src/ltc/pk/ecc/ecc_set_dp_internal.c index bd7c040..eca7031 100644 --- a/src/ltc/pk/ecc/ecc_set_dp_internal.c +++ b/src/ltc/pk/ecc/ecc_set_dp_internal.c @@ -11,57 +11,38 @@ #ifdef LTC_MECC +static int _ecc_cmp_hex_bn(const char *left_hex, void *right_bn, void *tmp_bn) +{ + if (mp_read_radix(tmp_bn, left_hex, 16) != CRYPT_OK) return 0; + if (mp_cmp(tmp_bn, right_bn) != LTC_MP_EQ) return 0; + return 1; +} + static void _ecc_oid_lookup(ecc_key *key) { - int err; - unsigned i; - void *tmp; - const ltc_ecc_set_type *set; + void *bn; + const ltc_ecc_curve *curve; key->dp.oidlen = 0; - if ((err = mp_init(&tmp)) != CRYPT_OK) return; - for (set = ltc_ecc_sets; set->name != NULL; set++) { - if ((err = mp_read_radix(tmp, set->prime, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.prime) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->order, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.order) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->A, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.A) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->B, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.B) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->Gx, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.base.x) != LTC_MP_EQ)) continue; - if ((err = mp_read_radix(tmp, set->Gy, 16)) != CRYPT_OK) continue; - if ((mp_cmp(tmp, key->dp.base.y) != LTC_MP_EQ)) continue; - if (key->dp.cofactor != set->cofactor) continue; + if (mp_init(&bn) != CRYPT_OK) return; + for (curve = ltc_ecc_curves; curve->prime != NULL; curve++) { + if (_ecc_cmp_hex_bn(curve->prime, key->dp.prime, bn) != 1) continue; + if (_ecc_cmp_hex_bn(curve->order, key->dp.order, bn) != 1) continue; + if (_ecc_cmp_hex_bn(curve->A, key->dp.A, bn) != 1) continue; + if (_ecc_cmp_hex_bn(curve->B, key->dp.B, bn) != 1) continue; + if (_ecc_cmp_hex_bn(curve->Gx, key->dp.base.x, bn) != 1) continue; + if (_ecc_cmp_hex_bn(curve->Gy, key->dp.base.y, bn) != 1) continue; + if (key->dp.cofactor != curve->cofactor) continue; break; /* found */ } - mp_clear(tmp); - if (set->name != NULL) { - /* OID found */ - key->dp.oidlen = set->oidlen; - for(i = 0; i < set->oidlen; i++) key->dp.oid[i] = set->oid[i]; + mp_clear(bn); + if (curve->prime && curve->OID) { + key->dp.oidlen = 16; /* size of key->dp.oid */ + pk_oid_str_to_num(curve->OID, key->dp.oid, &key->dp.oidlen); } } -int ecc_set_dp_oid(unsigned long *oid, unsigned long oidsize, ecc_key *key) -{ - int i; - - LTC_ARGCHK(oid != NULL); - LTC_ARGCHK(oidsize > 0); - - for(i = 0; ltc_ecc_sets[i].name != NULL; i++) { - if ((oidsize == ltc_ecc_sets[i].oidlen) && - (XMEM_NEQ(oid, ltc_ecc_sets[i].oid, sizeof(unsigned long) * ltc_ecc_sets[i].oidlen) == 0)) { - break; - } - } - if (ltc_ecc_sets[i].name == NULL) return CRYPT_ERROR; /* not found */ - return ecc_set_dp(<c_ecc_sets[i], key); -} - -int ecc_set_dp_copy(ecc_key *srckey, ecc_key *key) +int ecc_copy_dp(const ecc_key *srckey, ecc_key *key) { unsigned long i; int err; @@ -81,9 +62,7 @@ if ((err = mp_copy(srckey->dp.order, key->dp.order )) != CRYPT_OK) { goto error; } if ((err = mp_copy(srckey->dp.A, key->dp.A )) != CRYPT_OK) { goto error; } if ((err = mp_copy(srckey->dp.B, key->dp.B )) != CRYPT_OK) { goto error; } - if ((err = mp_copy(srckey->dp.base.x, key->dp.base.x)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(srckey->dp.base.y, key->dp.base.y)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(srckey->dp.base.z, key->dp.base.z)) != CRYPT_OK) { goto error; } + if ((err = ltc_ecc_copy_point(&srckey->dp.base, &key->dp.base)) != CRYPT_OK) { goto error; } /* cofactor & size */ key->dp.cofactor = srckey->dp.cofactor; key->dp.size = srckey->dp.size; @@ -93,7 +72,7 @@ for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = srckey->dp.oid[i]; } else { - _ecc_oid_lookup(key); /* try to find OID in ltc_ecc_sets */ + _ecc_oid_lookup(key); /* try to find OID in ltc_ecc_curves */ } /* success */ return CRYPT_OK; @@ -103,7 +82,7 @@ return err; } -int ecc_set_dp_bn(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key) +int ecc_set_dp_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key) { int err; @@ -133,7 +112,7 @@ /* cofactor & size */ key->dp.cofactor = cofactor; key->dp.size = mp_unsigned_bin_size(prime); - /* try to find OID in ltc_ecc_sets */ + /* try to find OID in ltc_ecc_curves */ _ecc_oid_lookup(key); /* success */ return CRYPT_OK; diff --git a/src/ltc/pk/ecc/ecc_shared_secret.c b/src/ltc/pk/ecc/ecc_shared_secret.c index 92917cc..afb8691 100644 --- a/src/ltc/pk/ecc/ecc_shared_secret.c +++ b/src/ltc/pk/ecc/ecc_shared_secret.c @@ -24,7 +24,7 @@ @param outlen [in/out] The max size and resulting size of the shared secret @return CRYPT_OK if successful */ -int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, +int ecc_shared_secret(const ecc_key *private_key, const ecc_key *public_key, unsigned char *out, unsigned long *outlen) { unsigned long x; diff --git a/src/ltc/pk/ecc/ecc_sign_hash.c b/src/ltc/pk/ecc/ecc_sign_hash.c index 87e9506..027ad7a 100644 --- a/src/ltc/pk/ecc/ecc_sign_hash.c +++ b/src/ltc/pk/ecc/ecc_sign_hash.c @@ -18,7 +18,7 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_key *key, int sigformat) + prng_state *prng, int wprng, const ecc_key *key, int sigformat) { ecc_key pubkey; void *r, *s, *e, *p; @@ -67,7 +67,7 @@ /* make up a key and export the public copy */ do { - if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { goto errnokey; } + if ((err = ecc_copy_dp(key, &pubkey)) != CRYPT_OK) { goto errnokey; } if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { goto errnokey; } /* find r = x1 mod n */ @@ -132,7 +132,7 @@ */ int ecc_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_key *key) + prng_state *prng, int wprng, const ecc_key *key) { return _ecc_sign_hash(in, inlen, out, outlen, prng, wprng, key, 0); } @@ -150,7 +150,7 @@ */ int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, - prng_state *prng, int wprng, ecc_key *key) + prng_state *prng, int wprng, const ecc_key *key) { return _ecc_sign_hash(in, inlen, out, outlen, prng, wprng, key, 1); } diff --git a/src/ltc/pk/ecc/ecc_sizes.c b/src/ltc/pk/ecc/ecc_sizes.c index dcd310c..165c849 100644 --- a/src/ltc/pk/ecc/ecc_sizes.c +++ b/src/ltc/pk/ecc/ecc_sizes.c @@ -28,8 +28,8 @@ *high = 0; if (mp_init(&prime) == CRYPT_OK) { - for (i = 0; ltc_ecc_sets[i].name != NULL; i++) { - if (mp_read_radix(prime, ltc_ecc_sets[i].prime, 16) == CRYPT_OK) { + for (i = 0; ltc_ecc_curves[i].prime != NULL; i++) { + if (mp_read_radix(prime, ltc_ecc_curves[i].prime, 16) == CRYPT_OK) { size = mp_unsigned_bin_size(prime); if (size < *low) *low = size; if (size > *high) *high = size; diff --git a/src/ltc/pk/ecc/ecc_verify_hash.c b/src/ltc/pk/ecc/ecc_verify_hash.c index 34a4904..5127953 100644 --- a/src/ltc/pk/ecc/ecc_verify_hash.c +++ b/src/ltc/pk/ecc/ecc_verify_hash.c @@ -18,7 +18,7 @@ static int _ecc_verify_hash(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key, int sigformat) + int *stat, const ecc_key *key, int sigformat) { ecc_point *mG = NULL, *mQ = NULL; void *r, *s, *v, *w, *u1, *u2, *e, *p, *m, *a, *a_plus3 = NULL, *mu = NULL, *ma = NULL; @@ -37,7 +37,7 @@ /* allocate ints */ if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &e, &a_plus3, NULL)) != CRYPT_OK) { - return CRYPT_MEM; + return err; } p = key->dp.order; @@ -109,12 +109,8 @@ if ((err = mp_mulmod(r, w, p, u2)) != CRYPT_OK) { goto error; } /* find mG and mQ */ - if ((err = mp_copy(key->dp.base.x, mG->x)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->dp.base.y, mG->y)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->dp.base.z, mG->z)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->pubkey.x, mQ->x)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->pubkey.y, mQ->y)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->pubkey.z, mQ->z)) != CRYPT_OK) { goto error; } + if ((err = ltc_ecc_copy_point(&key->dp.base, mG)) != CRYPT_OK) { goto error; } + if ((err = ltc_ecc_copy_point(&key->pubkey, mQ)) != CRYPT_OK) { goto error; } /* find the montgomery mp */ if ((err = mp_montgomery_setup(m, &mp)) != CRYPT_OK) { goto error; } @@ -175,7 +171,7 @@ */ int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key) + int *stat, const ecc_key *key) { return _ecc_verify_hash(sig, siglen, hash, hashlen, stat, key, 0); } @@ -192,7 +188,7 @@ */ int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key) + int *stat, const ecc_key *key) { return _ecc_verify_hash(sig, siglen, hash, hashlen, stat, key, 1); } diff --git a/src/ltc/pk/ecc/ltc_ecc_import_point.c b/src/ltc/pk/ecc/ltc_ecc_import_point.c index 6c8107c..7e103f4 100644 --- a/src/ltc/pk/ecc/ltc_ecc_import_point.c +++ b/src/ltc/pk/ecc/ltc_ecc_import_point.c @@ -31,8 +31,8 @@ /* load y */ if ((err = mp_read_unsigned_bin(y, (unsigned char *)in+1+size, size)) != CRYPT_OK) { goto cleanup; } } - else if ((in[0] == 0x02 || in[0] == 0x03) && (inlen-1) == size) { - /* read compressed point */ + else if ((in[0] == 0x02 || in[0] == 0x03) && (inlen-1) == size && ltc_mp.sqrtmod_prime != NULL) { + /* read compressed point - BEWARE: requires sqrtmod_prime */ /* load x */ if ((err = mp_read_unsigned_bin(x, (unsigned char *)in+1, size)) != CRYPT_OK) { goto cleanup; } /* compute x^3 */ diff --git a/src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c b/src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c index 87f3b0c..faf7631 100644 --- a/src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c +++ b/src/ltc/pk/ecc/ltc_ecc_is_point_at_infinity.c @@ -15,16 +15,22 @@ * a point at infinity is any point (x,y,0) such that y^2 == x^3, except (0,0,0) */ -int ltc_ecc_is_point_at_infinity(const ecc_point *P, void *modulus) +int ltc_ecc_is_point_at_infinity(const ecc_point *P, void *modulus, int *retval) { - int err, retval = 0; + int err; void *x3, *y2; /* trivial case */ - if (!mp_iszero(P->z)) goto done; + if (!mp_iszero(P->z)) { + *retval = 0; + return CRYPT_OK; + } /* point (0,0,0) is not at infinity */ - if (mp_iszero(P->x) && mp_iszero(P->y)) goto done; + if (mp_iszero(P->x) && mp_iszero(P->y)) { + *retval = 0; + return CRYPT_OK; + } /* initialize */ if ((err = mp_init_multi(&x3, &y2, NULL)) != CRYPT_OK) goto done; @@ -37,12 +43,16 @@ if ((err = mp_mulmod(P->x, x3, modulus, x3)) != CRYPT_OK) goto cleanup; /* test y^2 == x^3 */ - if ((mp_cmp(x3, y2) == LTC_MP_EQ) && !mp_iszero(y2)) retval = 1; + err = CRYPT_OK; + if ((mp_cmp(x3, y2) == LTC_MP_EQ) && !mp_iszero(y2)) + *retval = 1; + else + *retval = 0; cleanup: mp_clear_multi(x3, y2, NULL); done: - return retval; + return err; } #endif diff --git a/src/ltc/pk/ecc/ltc_ecc_map.c b/src/ltc/pk/ecc/ltc_ecc_map.c index 92d059d..3c57019 100644 --- a/src/ltc/pk/ecc/ltc_ecc_map.c +++ b/src/ltc/pk/ecc/ltc_ecc_map.c @@ -33,10 +33,7 @@ LTC_ARGCHK(mp != NULL); if (mp_iszero(P->z)) { - if ((err = mp_set(P->x, 0)) != CRYPT_OK) { return err; } - if ((err = mp_set(P->y, 0)) != CRYPT_OK) { return err; } - if ((err = mp_set(P->z, 1)) != CRYPT_OK) { return err; } - return CRYPT_OK; + return ltc_ecc_set_point_xyz(0, 0, 1, P); } if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) { diff --git a/src/ltc/pk/ecc/ltc_ecc_mul2add.c b/src/ltc/pk/ecc/ltc_ecc_mul2add.c index 80ceb86..a2dcf5f 100644 --- a/src/ltc/pk/ecc/ltc_ecc_mul2add.c +++ b/src/ltc/pk/ecc/ltc_ecc_mul2add.c @@ -163,9 +163,7 @@ if (first == 1) { /* if first, copy from table */ first = 0; - if ((err = mp_copy(precomp[nA + (nB<<2)]->x, C->x)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_copy(precomp[nA + (nB<<2)]->y, C->y)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_copy(precomp[nA + (nB<<2)]->z, C->z)) != CRYPT_OK) { goto ERR_MU; } + if ((err = ltc_ecc_copy_point(precomp[nA + (nB<<2)], C)) != CRYPT_OK) { goto ERR_MU; } } else { /* if not first, add from table */ if ((err = ltc_mp.ecc_ptadd(C, precomp[nA + (nB<<2)], C, ma, modulus, mp)) != CRYPT_OK) { goto ERR_MU; } diff --git a/src/ltc/pk/ecc/ltc_ecc_mulmod.c b/src/ltc/pk/ecc/ltc_ecc_mulmod.c index 50dedc1..ec8ba9c 100644 --- a/src/ltc/pk/ecc/ltc_ecc_mulmod.c +++ b/src/ltc/pk/ecc/ltc_ecc_mulmod.c @@ -32,7 +32,7 @@ int ltc_ecc_mulmod(void *k, const ecc_point *G, ecc_point *R, void *a, void *modulus, int map) { ecc_point *tG, *M[8]; - int i, j, err; + int i, j, err, inf; void *mp = NULL, *mu = NULL, *ma = NULL, *a_plus3 = NULL; ltc_mp_digit buf; int first, bitbuf, bitcpy, bitcnt, mode, digidx; @@ -42,12 +42,10 @@ LTC_ARGCHK(R != NULL); LTC_ARGCHK(modulus != NULL); - if (ltc_ecc_is_point_at_infinity(G, modulus)) { + if ((err = ltc_ecc_is_point_at_infinity(G, modulus, &inf)) != CRYPT_OK) return err; + if (inf) { /* return the point at infinity */ - if ((err = mp_set(R->x, 1)) != CRYPT_OK) { return err; } - if ((err = mp_set(R->y, 1)) != CRYPT_OK) { return err; } - if ((err = mp_set(R->z, 0)) != CRYPT_OK) { return err; } - return CRYPT_OK; + return ltc_ecc_set_point_xyz(1, 1, 0, R); } /* init montgomery reduction */ @@ -81,9 +79,7 @@ /* tG = G and convert to montgomery */ if (mp_cmp_d(mu, 1) == LTC_MP_EQ) { - if ((err = mp_copy(G->x, tG->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(G->y, tG->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(G->z, tG->z)) != CRYPT_OK) { goto done; } + if ((err = ltc_ecc_copy_point(G, tG)) != CRYPT_OK) { goto done; } } else { if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK) { goto done; } if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK) { goto done; } @@ -146,9 +142,7 @@ /* if this is the first window we do a simple copy */ if (first == 1) { /* R = kG [k = first window] */ - if ((err = mp_copy(M[bitbuf-8]->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[bitbuf-8]->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[bitbuf-8]->z, R->z)) != CRYPT_OK) { goto done; } + if ((err = ltc_ecc_copy_point(M[bitbuf-8], R)) != CRYPT_OK) { goto done; } first = 0; } else { /* normal window */ @@ -180,9 +174,7 @@ if ((bitbuf & (1 << WINSIZE)) != 0) { if (first == 1){ /* first add, so copy */ - if ((err = mp_copy(tG->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->z, R->z)) != CRYPT_OK) { goto done; } + if ((err = ltc_ecc_copy_point(tG, R)) != CRYPT_OK) { goto done; } first = 0; } else { /* then add */ diff --git a/src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c b/src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c index 068240a..9ff37d8 100644 --- a/src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c +++ b/src/ltc/pk/ecc/ltc_ecc_mulmod_timing.c @@ -31,7 +31,7 @@ int ltc_ecc_mulmod(void *k, const ecc_point *G, ecc_point *R, void *a, void *modulus, int map) { ecc_point *tG, *M[3]; - int i, j, err; + int i, j, err, inf; void *mp = NULL, *mu = NULL, *ma = NULL, *a_plus3 = NULL; ltc_mp_digit buf; int bitcnt, mode, digidx; @@ -41,12 +41,10 @@ LTC_ARGCHK(R != NULL); LTC_ARGCHK(modulus != NULL); - if (ltc_ecc_is_point_at_infinity(G, modulus)) { + if ((err = ltc_ecc_is_point_at_infinity(G, modulus, &inf)) != CRYPT_OK) return err; + if (inf) { /* return the point at infinity */ - if ((err = mp_set(R->x, 1)) != CRYPT_OK) { return err; } - if ((err = mp_set(R->y, 1)) != CRYPT_OK) { return err; } - if ((err = mp_set(R->z, 0)) != CRYPT_OK) { return err; } - return CRYPT_OK; + return ltc_ecc_set_point_xyz(1, 1, 0, R); } /* init montgomery reduction */ @@ -88,9 +86,7 @@ /* calc the M tab */ /* M[0] == G */ - if ((err = mp_copy(tG->x, M[0]->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->y, M[0]->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->z, M[0]->z)) != CRYPT_OK) { goto done; } + if ((err = ltc_ecc_copy_point(tG, M[0])) != CRYPT_OK) { goto done; } /* M[1] == 2G */ if ((err = ltc_mp.ecc_ptdbl(tG, M[1], ma, modulus, mp)) != CRYPT_OK) { goto done; } @@ -136,9 +132,7 @@ } /* copy result out */ - if ((err = mp_copy(M[0]->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[0]->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[0]->z, R->z)) != CRYPT_OK) { goto done; } + if ((err = ltc_ecc_copy_point(M[0], R)) != CRYPT_OK) { goto done; } /* map R back from projective space */ if (map) { diff --git a/src/ltc/pk/ecc/ltc_ecc_points.c b/src/ltc/pk/ecc/ltc_ecc_points.c index 772e8ef..4a890fd 100644 --- a/src/ltc/pk/ecc/ltc_ecc_points.c +++ b/src/ltc/pk/ecc/ltc_ecc_points.c @@ -46,6 +46,24 @@ } } +int ltc_ecc_set_point_xyz(ltc_mp_digit x, ltc_mp_digit y, ltc_mp_digit z, ecc_point *p) +{ + int err; + if ((err = ltc_mp.set_int(p->x, x)) != CRYPT_OK) return err; + if ((err = ltc_mp.set_int(p->y, y)) != CRYPT_OK) return err; + if ((err = ltc_mp.set_int(p->z, z)) != CRYPT_OK) return err; + return CRYPT_OK; +} + +int ltc_ecc_copy_point(const ecc_point *src, ecc_point *dst) +{ + int err; + if ((err = ltc_mp.copy(src->x, dst->x)) != CRYPT_OK) return err; + if ((err = ltc_mp.copy(src->y, dst->y)) != CRYPT_OK) return err; + if ((err = ltc_mp.copy(src->z, dst->z)) != CRYPT_OK) return err; + return CRYPT_OK; +} + #endif /* ref: $Format:%D$ */ /* git commit: $Format:%H$ */ diff --git a/src/ltc/pk/ecc/ltc_ecc_projective_add_point.c b/src/ltc/pk/ecc/ltc_ecc_projective_add_point.c index 0182d0a..eff35c9 100644 --- a/src/ltc/pk/ecc/ltc_ecc_projective_add_point.c +++ b/src/ltc/pk/ecc/ltc_ecc_projective_add_point.c @@ -29,7 +29,7 @@ int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_point *R, void *ma, void *modulus, void *mp) { void *t1, *t2, *x, *y, *z; - int err; + int err, inf; LTC_ARGCHK(P != NULL); LTC_ARGCHK(Q != NULL); @@ -41,20 +41,18 @@ return err; } - if (ltc_ecc_is_point_at_infinity(P, modulus)) { + if ((err = ltc_ecc_is_point_at_infinity(P, modulus, &inf)) != CRYPT_OK) return err; + if (inf) { /* P is point at infinity >> Result = Q */ - if ((err = ltc_mp.copy(Q->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.copy(Q->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.copy(Q->z, R->z)) != CRYPT_OK) { goto done; } - goto done; /* CRYPT_OK */ - } - - if (ltc_ecc_is_point_at_infinity(Q, modulus)) { + err = ltc_ecc_copy_point(Q, R); + goto done; + } + + if ((err = ltc_ecc_is_point_at_infinity(Q, modulus, &inf)) != CRYPT_OK) return err; + if (inf) { /* Q is point at infinity >> Result = P */ - if ((err = ltc_mp.copy(P->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.copy(P->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.copy(P->z, R->z)) != CRYPT_OK) { goto done; } - goto done; /* CRYPT_OK */ + err = ltc_ecc_copy_point(P, R); + goto done; } if ((mp_cmp(P->x, Q->x) == LTC_MP_EQ) && (mp_cmp(P->z, Q->z) == LTC_MP_EQ)) { @@ -66,10 +64,8 @@ if ((err = mp_sub(modulus, Q->y, t1)) != CRYPT_OK) { goto done; } if (mp_cmp(P->y, t1) == LTC_MP_EQ) { /* here Q = -P >>> Result = the point at infinity */ - if ((err = ltc_mp.set_int(R->x, 1)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.set_int(R->y, 1)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.set_int(R->z, 0)) != CRYPT_OK) { goto done; } - goto done; /* CRYPT_OK */ + err = ltc_ecc_set_point_xyz(1, 1, 0, R); + goto done; } } diff --git a/src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c b/src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c index 57cfd6f..1b46457 100644 --- a/src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c +++ b/src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c @@ -46,7 +46,7 @@ int ltc_ecc_projective_dbl_point(const ecc_point *P, ecc_point *R, void *ma, void *modulus, void *mp) { void *t1, *t2; - int err; + int err, inf; LTC_ARGCHK(P != NULL); LTC_ARGCHK(R != NULL); @@ -58,17 +58,14 @@ } if (P != R) { - if ((err = mp_copy(P->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->z, R->z)) != CRYPT_OK) { goto done; } + if ((err = ltc_ecc_copy_point(P, R)) != CRYPT_OK) { goto done; } } - if (ltc_ecc_is_point_at_infinity(P, modulus)) { + if ((err = ltc_ecc_is_point_at_infinity(P, modulus, &inf)) != CRYPT_OK) return err; + if (inf) { /* if P is point at infinity >> Result = point at infinity */ - if ((err = ltc_mp.set_int(R->x, 1)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.set_int(R->y, 1)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.set_int(R->z, 0)) != CRYPT_OK) { goto done; } - goto done; /* CRYPT_OK */ + err = ltc_ecc_set_point_xyz(1, 1, 0, R); + goto done; } /* t1 = Z * Z */ diff --git a/src/ltc/pk/ecc/ltc_ecc_verify_key.c b/src/ltc/pk/ecc/ltc_ecc_verify_key.c index b417465..3d76341 100644 --- a/src/ltc/pk/ecc/ltc_ecc_verify_key.c +++ b/src/ltc/pk/ecc/ltc_ecc_verify_key.c @@ -19,17 +19,13 @@ @return CRYPT_OK if successful */ -int ltc_ecc_verify_key(ecc_key *key) +int ltc_ecc_verify_key(const ecc_key *key) { - int err; - void *prime = NULL; - void *order = NULL; - void *a = NULL; + int err, inf; ecc_point *point; - - prime = key->dp.prime; - order = key->dp.order; - a = key->dp.A; + void *prime = key->dp.prime; + void *order = key->dp.order; + void *a = key->dp.A; /* Test 1: Are the x and y points of the public key in the field? */ if (ltc_mp.compare_d(key->pubkey.z, 1) == LTC_MP_EQ) { @@ -52,7 +48,8 @@ point = ltc_ecc_new_point(); if ((err = ltc_ecc_mulmod(order, &(key->pubkey), point, a, prime, 1)) != CRYPT_OK) { goto done1; } - if (ltc_ecc_is_point_at_infinity(point, prime)) { + err = ltc_ecc_is_point_at_infinity(point, prime, &inf); + if (err != CRYPT_OK || inf) { err = CRYPT_ERROR; } else { diff --git a/src/ltc/pk/rsa/rsa_decrypt_key.c b/src/ltc/pk/rsa/rsa_decrypt_key.c index 9e1bced..0b54dc8 100644 --- a/src/ltc/pk/rsa/rsa_decrypt_key.c +++ b/src/ltc/pk/rsa/rsa_decrypt_key.c @@ -29,11 +29,11 @@ @param key The corresponding private RSA key @return CRYPT_OK if succcessul (even if invalid) */ -int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - const unsigned char *lparam, unsigned long lparamlen, - int hash_idx, int padding, - int *stat, rsa_key *key) +int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + const unsigned char *lparam, unsigned long lparamlen, + int hash_idx, int padding, + int *stat, const rsa_key *key) { unsigned long modulus_bitlen, modulus_bytelen, x; int err; diff --git a/src/ltc/pk/rsa/rsa_encrypt_key.c b/src/ltc/pk/rsa/rsa_encrypt_key.c index ef066d2..cfe80ac 100644 --- a/src/ltc/pk/rsa/rsa_encrypt_key.c +++ b/src/ltc/pk/rsa/rsa_encrypt_key.c @@ -30,10 +30,12 @@ @param key The RSA key to encrypt to @return CRYPT_OK if successful */ -int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - const unsigned char *lparam, unsigned long lparamlen, - prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key) +int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + const unsigned char *lparam, unsigned long lparamlen, + prng_state *prng, int prng_idx, + int hash_idx, int padding, + const rsa_key *key) { unsigned long modulus_bitlen, modulus_bytelen, x; int err; diff --git a/src/ltc/pk/rsa/rsa_export.c b/src/ltc/pk/rsa/rsa_export.c index b156a83..e185540 100644 --- a/src/ltc/pk/rsa/rsa_export.c +++ b/src/ltc/pk/rsa/rsa_export.c @@ -23,7 +23,7 @@ @param key The RSA key to export @return CRYPT_OK if successful */ -int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key) +int rsa_export(unsigned char *out, unsigned long *outlen, int type, const rsa_key *key) { unsigned long zero=0; int err; @@ -58,7 +58,7 @@ unsigned char* tmp = NULL; if (type & PK_STD) { - tmplen = (mp_count_bits(key->N)/8)*2+8; + tmplen = (unsigned long)(mp_count_bits(key->N) / 8) * 2 + 8; tmp = XMALLOC(tmplen); ptmplen = &tmplen; if (tmp == NULL) { diff --git a/src/ltc/pk/rsa/rsa_exptmod.c b/src/ltc/pk/rsa/rsa_exptmod.c index 37f62d1..1a79dfe 100644 --- a/src/ltc/pk/rsa/rsa_exptmod.c +++ b/src/ltc/pk/rsa/rsa_exptmod.c @@ -28,7 +28,7 @@ */ int rsa_exptmod(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int which, - rsa_key *key) + const rsa_key *key) { void *tmp, *tmpa, *tmpb; #ifdef LTC_RSA_BLINDING diff --git a/src/ltc/pk/rsa/rsa_get_size.c b/src/ltc/pk/rsa/rsa_get_size.c index 8c90194..f58f256 100644 --- a/src/ltc/pk/rsa/rsa_get_size.c +++ b/src/ltc/pk/rsa/rsa_get_size.c @@ -20,7 +20,7 @@ @param key The RSA key @return The size in bytes of the RSA key or INT_MAX on error. */ -int rsa_get_size(rsa_key *key) +int rsa_get_size(const rsa_key *key) { int ret = INT_MAX; LTC_ARGCHK(key != NULL); diff --git a/src/ltc/pk/rsa/rsa_import_pkcs8.c b/src/ltc/pk/rsa/rsa_import_pkcs8.c index 8e15e06..0546eb0 100644 --- a/src/ltc/pk/rsa/rsa_import_pkcs8.c +++ b/src/ltc/pk/rsa/rsa_import_pkcs8.c @@ -114,7 +114,7 @@ /* check alg oid */ if ((alg_seq[0].size != rsaoid.OIDlen) || - XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0]))) { + XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0])) != 0) { err = CRYPT_PK_INVALID_TYPE; goto LBL_ERR; } diff --git a/src/ltc/pk/rsa/rsa_sign_hash.c b/src/ltc/pk/rsa/rsa_sign_hash.c index 05c7155..ef9fd44 100644 --- a/src/ltc/pk/rsa/rsa_sign_hash.c +++ b/src/ltc/pk/rsa/rsa_sign_hash.c @@ -34,7 +34,7 @@ int padding, prng_state *prng, int prng_idx, int hash_idx, unsigned long saltlen, - rsa_key *key) + const rsa_key *key) { unsigned long modulus_bitlen, modulus_bytelen, x, y; int err; diff --git a/src/ltc/pk/rsa/rsa_sign_saltlen_get.c b/src/ltc/pk/rsa/rsa_sign_saltlen_get.c index b217f94..c8f796f 100644 --- a/src/ltc/pk/rsa/rsa_sign_saltlen_get.c +++ b/src/ltc/pk/rsa/rsa_sign_saltlen_get.c @@ -22,7 +22,7 @@ @param key The RSA key @return The maximum salt length in bytes or INT_MAX on error. */ -int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, rsa_key *key) +int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, const rsa_key *key) { int ret = INT_MAX; LTC_ARGCHK(key != NULL); diff --git a/src/ltc/pk/rsa/rsa_verify_hash.c b/src/ltc/pk/rsa/rsa_verify_hash.c index 361f237..a454ab2 100644 --- a/src/ltc/pk/rsa/rsa_verify_hash.c +++ b/src/ltc/pk/rsa/rsa_verify_hash.c @@ -28,11 +28,11 @@ @param key The public RSA key corresponding to the key that performed the signature @return CRYPT_OK on success (even if the signature is invalid) */ -int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, +int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, + const unsigned char *hash, unsigned long hashlen, int padding, - int hash_idx, unsigned long saltlen, - int *stat, rsa_key *key) + int hash_idx, unsigned long saltlen, + int *stat, const rsa_key *key) { unsigned long modulus_bitlen, modulus_bytelen, x; int err; diff --git a/src/ltc/prngs/chacha20.c b/src/ltc/prngs/chacha20.c index 72a6d63..59b2322 100644 --- a/src/ltc/prngs/chacha20.c +++ b/src/ltc/prngs/chacha20.c @@ -150,26 +150,7 @@ @param prng The PRNG to export @return CRYPT_OK if successful */ -int chacha20_prng_export(unsigned char *out, unsigned long *outlen, prng_state *prng) -{ - unsigned long len = chacha20_prng_desc.export_size; - - LTC_ARGCHK(prng != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - if (*outlen < len) { - *outlen = len; - return CRYPT_BUFFER_OVERFLOW; - } - - if (chacha20_prng_read(out, len, prng) != len) { - return CRYPT_ERROR_READPRNG; - } - - *outlen = len; - return CRYPT_OK; -} +_LTC_PRNG_EXPORT(chacha20_prng) /** Import a PRNG state diff --git a/src/ltc/prngs/fortuna.c b/src/ltc/prngs/fortuna.c index 7b1ecb6..400c732 100644 --- a/src/ltc/prngs/fortuna.c +++ b/src/ltc/prngs/fortuna.c @@ -8,6 +8,12 @@ */ #include "tomcrypt.h" +#if defined(_WIN32) + #include +#else + #include +#endif + /** @file fortuna.c Fortuna PRNG, Tom St Denis @@ -37,7 +43,7 @@ const struct ltc_prng_descriptor fortuna_desc = { "fortuna", - (32 * LTC_FORTUNA_POOLS), /* default: 1024 */ + 64, &fortuna_start, &fortuna_add_entropy, &fortuna_ready, @@ -61,14 +67,49 @@ } } +#ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED +/* get the current time in 100ms steps */ +static ulong64 _fortuna_current_time(void) +{ + ulong64 cur_time; +#if defined(_WIN32) + FILETIME CurrentTime; + ULARGE_INTEGER ul; + GetSystemTimeAsFileTime(&CurrentTime); + ul.LowPart = CurrentTime.dwLowDateTime; + ul.HighPart = CurrentTime.dwHighDateTime; + cur_time = ul.QuadPart; /* now we have 100ns intervals since 1 January 1601 */ + cur_time -= CONST64(116444736000000000); /* subtract 100ns intervals between 1601-1970 */ + cur_time /= 10; /* 100ns intervals > microseconds */ +#elif defined(LTC_CLOCK_GETTIME) + struct timespec ts; + clock_gettime(CLOCK_MONOTONIC, &ts); + cur_time = (ulong64)(ts.tv_sec) * 1000000 + (ulong64)(ts.tv_nsec) / 1000; /* get microseconds */ +#else + struct timeval tv; + gettimeofday(&tv, NULL); + cur_time = (ulong64)(tv.tv_sec) * 1000000 + (ulong64)(tv.tv_usec); /* get microseconds */ +#endif + return cur_time / 100; +} +#endif + /* reseed the PRNG */ static int _fortuna_reseed(prng_state *prng) { unsigned char tmp[MAXBLOCKSIZE]; hash_state md; + ulong64 reset_cnt; int err, x; - ++prng->fortuna.reset_cnt; +#ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED + unsigned long now = _fortuna_current_time(); + if (now == prng->fortuna.wd) + return CRYPT_OK; +#else + if (++prng->fortuna.wd < LTC_FORTUNA_WD) + return CRYPT_OK; +#endif /* new K == LTC_SHA256(K || s) where s == LTC_SHA256(P0) || LTC_SHA256(P1) ... */ sha256_init(&md); @@ -77,8 +118,10 @@ return err; } + reset_cnt = prng->fortuna.reset_cnt + 1; + for (x = 0; x < LTC_FORTUNA_POOLS; x++) { - if (x == 0 || ((prng->fortuna.reset_cnt >> (x-1)) & 1) == 0) { + if (x == 0 || ((reset_cnt >> (x-1)) & 1) == 0) { /* terminate this hash */ if ((err = sha256_done(&prng->fortuna.pool[x], tmp)) != CRYPT_OK) { sha256_done(&md, tmp); @@ -108,9 +151,14 @@ } _fortuna_update_iv(prng); - /* reset pool len */ + /* reset/update internals */ prng->fortuna.pool0_len = 0; +#ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED + prng->fortuna.wd = now; +#else prng->fortuna.wd = 0; +#endif + prng->fortuna.reset_cnt = reset_cnt; #ifdef LTC_CLEAN_STACK @@ -119,6 +167,46 @@ #endif return CRYPT_OK; +} + +/** + "Update Seed File"-compliant update of K + + @param in The PRNG state + @param inlen Size of the state + @param prng The PRNG to import + @return CRYPT_OK if successful +*/ +int fortuna_update_seed(const unsigned char *in, unsigned long inlen, prng_state *prng) +{ + int err; + unsigned char tmp[MAXBLOCKSIZE]; + hash_state md; + + LTC_MUTEX_LOCK(&prng->lock); + /* new K = LTC_SHA256(K || in) */ + sha256_init(&md); + if ((err = sha256_process(&md, prng->fortuna.K, 32)) != CRYPT_OK) { + sha256_done(&md, tmp); + goto LBL_UNLOCK; + } + if ((err = sha256_process(&md, in, inlen)) != CRYPT_OK) { + sha256_done(&md, tmp); + goto LBL_UNLOCK; + } + /* finish key */ + if ((err = sha256_done(&md, prng->fortuna.K)) != CRYPT_OK) { + goto LBL_UNLOCK; + } + _fortuna_update_iv(prng); + +LBL_UNLOCK: + LTC_MUTEX_UNLOCK(&prng->lock); +#ifdef LTC_CLEAN_STACK + zeromem(&md, sizeof(md)); +#endif + + return err; } /** @@ -161,6 +249,60 @@ return CRYPT_OK; } +static int _fortuna_add(unsigned long source, unsigned long pool, const unsigned char *in, unsigned long inlen, prng_state *prng) +{ + unsigned char tmp[2]; + int err; + + /* ensure inlen <= 32 */ + if (inlen > 32) { + inlen = 32; + } + + /* add s || length(in) || in to pool[pool_idx] */ + tmp[0] = (unsigned char)source; + tmp[1] = (unsigned char)inlen; + + if ((err = sha256_process(&prng->fortuna.pool[pool], tmp, 2)) != CRYPT_OK) { + return err; + } + if ((err = sha256_process(&prng->fortuna.pool[pool], in, inlen)) != CRYPT_OK) { + return err; + } + if (pool == 0) { + prng->fortuna.pool0_len += inlen; + } + return CRYPT_OK; /* success */ +} + +/** + Add random event to the PRNG state as proposed by the original paper. + @param source The source this random event comes from (0 .. 255) + @param pool The pool where to add the data to (0 .. LTC_FORTUNA_POOLS) + @param in The data to add + @param inlen Length of the data to add + @param prng PRNG state to update + @return CRYPT_OK if successful +*/ +int fortuna_add_random_event(unsigned long source, unsigned long pool, const unsigned char *in, unsigned long inlen, prng_state *prng) +{ + int err; + + LTC_ARGCHK(prng != NULL); + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(inlen > 0); + LTC_ARGCHK(source <= 255); + LTC_ARGCHK(pool < LTC_FORTUNA_POOLS); + + LTC_MUTEX_LOCK(&prng->lock); + + err = _fortuna_add(source, pool, in, inlen, prng); + + LTC_MUTEX_UNLOCK(&prng->lock); + + return err; +} + /** Add entropy to the PRNG state @param in The data to add @@ -170,39 +312,23 @@ */ int fortuna_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng) { - unsigned char tmp[2]; - int err; + int err; LTC_ARGCHK(prng != NULL); LTC_ARGCHK(in != NULL); LTC_ARGCHK(inlen > 0); - /* ensure inlen <= 32 */ - if (inlen > 32) { - inlen = 32; - } - - /* add s || length(in) || in to pool[pool_idx] */ - tmp[0] = 0; - tmp[1] = (unsigned char)inlen; - LTC_MUTEX_LOCK(&prng->lock); - if ((err = sha256_process(&prng->fortuna.pool[prng->fortuna.pool_idx], tmp, 2)) != CRYPT_OK) { - goto LBL_UNLOCK; - } - if ((err = sha256_process(&prng->fortuna.pool[prng->fortuna.pool_idx], in, inlen)) != CRYPT_OK) { - goto LBL_UNLOCK; - } - if (prng->fortuna.pool_idx == 0) { - prng->fortuna.pool0_len += inlen; - } - if (++(prng->fortuna.pool_idx) == LTC_FORTUNA_POOLS) { - prng->fortuna.pool_idx = 0; - } - err = CRYPT_OK; /* success */ - -LBL_UNLOCK: + + err = _fortuna_add(0, prng->fortuna.pool_idx, in, inlen, prng); + + if (err == CRYPT_OK) { + ++(prng->fortuna.pool_idx); + prng->fortuna.pool_idx %= LTC_FORTUNA_POOLS; + } + LTC_MUTEX_UNLOCK(&prng->lock); + return err; } @@ -217,6 +343,13 @@ LTC_ARGCHK(prng != NULL); LTC_MUTEX_LOCK(&prng->lock); + /* make sure the reseed doesn't fail because + * of the chosen rate limit */ +#ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED + prng->fortuna.wd = _fortuna_current_time() - 1; +#else + prng->fortuna.wd = LTC_FORTUNA_WD; +#endif err = _fortuna_reseed(prng); prng->ready = (err == CRYPT_OK) ? 1 : 0; @@ -245,10 +378,15 @@ } /* do we have to reseed? */ - if (++prng->fortuna.wd == LTC_FORTUNA_WD || prng->fortuna.pool0_len >= 64) { + if (prng->fortuna.pool0_len >= 64) { if (_fortuna_reseed(prng) != CRYPT_OK) { goto LBL_UNLOCK; } + } + + /* ensure that one reseed happened before allowing to read */ + if (prng->fortuna.reset_cnt == 0) { + goto LBL_UNLOCK; } /* now generate the blocks required */ @@ -329,71 +467,7 @@ @param prng The PRNG to export @return CRYPT_OK if successful */ -int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng) -{ - int x, err; - hash_state *md; - unsigned long len = fortuna_desc.export_size; - - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(prng != NULL); - - LTC_MUTEX_LOCK(&prng->lock); - - if (!prng->ready) { - err = CRYPT_ERROR; - goto LBL_UNLOCK; - } - - /* we'll write bytes for s&g's */ - if (*outlen < len) { - *outlen = len; - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_UNLOCK; - } - - md = XMALLOC(sizeof(hash_state)); - if (md == NULL) { - err = CRYPT_MEM; - goto LBL_UNLOCK; - } - - /* to emit the state we copy each pool, terminate it then hash it again so - * an attacker who sees the state can't determine the current state of the PRNG - */ - for (x = 0; x < LTC_FORTUNA_POOLS; x++) { - /* copy the PRNG */ - XMEMCPY(md, &(prng->fortuna.pool[x]), sizeof(*md)); - - /* terminate it */ - if ((err = sha256_done(md, out+x*32)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* now hash it */ - if ((err = sha256_init(md)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = sha256_process(md, out+x*32, 32)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = sha256_done(md, out+x*32)) != CRYPT_OK) { - goto LBL_ERR; - } - } - *outlen = len; - err = CRYPT_OK; - -LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(md, sizeof(*md)); -#endif - XFREE(md); -LBL_UNLOCK: - LTC_MUTEX_UNLOCK(&prng->lock); - return err; -} +_LTC_PRNG_EXPORT(fortuna) /** Import a PRNG state @@ -404,10 +478,10 @@ */ int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng) { - int err, x; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(prng != NULL); + int err; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(prng != NULL); if (inlen < (unsigned long)fortuna_desc.export_size) { return CRYPT_INVALID_ARG; @@ -416,12 +490,12 @@ if ((err = fortuna_start(prng)) != CRYPT_OK) { return err; } - for (x = 0; x < LTC_FORTUNA_POOLS; x++) { - if ((err = fortuna_add_entropy(in+x*32, 32, prng)) != CRYPT_OK) { - return err; - } - } - return CRYPT_OK; + + if ((err = fortuna_update_seed(in, inlen, prng)) != CRYPT_OK) { + return err; + } + + return err; } /** diff --git a/src/ltc/prngs/rc4.c b/src/ltc/prngs/rc4.c index e2aa921..7611151 100644 --- a/src/ltc/prngs/rc4.c +++ b/src/ltc/prngs/rc4.c @@ -153,26 +153,7 @@ @param prng The PRNG to export @return CRYPT_OK if successful */ -int rc4_export(unsigned char *out, unsigned long *outlen, prng_state *prng) -{ - unsigned long len = rc4_desc.export_size; - - LTC_ARGCHK(prng != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - if (*outlen < len) { - *outlen = len; - return CRYPT_BUFFER_OVERFLOW; - } - - if (rc4_read(out, len, prng) != len) { - return CRYPT_ERROR_READPRNG; - } - - *outlen = len; - return CRYPT_OK; -} +_LTC_PRNG_EXPORT(rc4) /** Import a PRNG state diff --git a/src/ltc/prngs/rng_make_prng.c b/src/ltc/prngs/rng_make_prng.c index 2bde291..19ac1ee 100644 --- a/src/ltc/prngs/rng_make_prng.c +++ b/src/ltc/prngs/rng_make_prng.c @@ -16,7 +16,12 @@ /** Create a PRNG from a RNG - @param bits Number of bits of entropy desired (64 ... 1024) + + In case you pass bits as '-1' the PRNG will be setup + as if the export/import functionality has been used, + but the imported data comes directly from the RNG. + + @param bits Number of bits of entropy desired (-1 or 64 ... 1024) @param wprng Index of which PRNG to setup @param prng [out] PRNG state to initialize @param callback A pointer to a void function for when the RNG is slow, this can be NULL @@ -25,7 +30,8 @@ int rng_make_prng(int bits, int wprng, prng_state *prng, void (*callback)(void)) { - unsigned char buf[256]; + unsigned char* buf; + unsigned long bytes; int err; LTC_ARGCHK(prng != NULL); @@ -35,31 +41,47 @@ return err; } - if (bits < 64 || bits > 1024) { + if (bits == -1) { + bytes = prng_descriptor[wprng].export_size; + } else if (bits < 64 || bits > 1024) { return CRYPT_INVALID_PRNGSIZE; + } else { + bytes = (unsigned long)((bits+7)/8) * 2; } if ((err = prng_descriptor[wprng].start(prng)) != CRYPT_OK) { return err; } - bits = ((bits+7)/8) * 2; - if (rng_get_bytes(buf, (unsigned long)bits, callback) != (unsigned long)bits) { - return CRYPT_ERROR_READPRNG; + buf = XMALLOC(bytes); + if (buf == NULL) { + return CRYPT_MEM; } - if ((err = prng_descriptor[wprng].add_entropy(buf, (unsigned long)bits, prng)) != CRYPT_OK) { - return err; + if (rng_get_bytes(buf, bytes, callback) != bytes) { + err = CRYPT_ERROR_READPRNG; + goto LBL_ERR; } + if (bits == -1) { + if ((err = prng_descriptor[wprng].pimport(buf, bytes, prng)) != CRYPT_OK) { + goto LBL_ERR; + } + } else { + if ((err = prng_descriptor[wprng].add_entropy(buf, bytes, prng)) != CRYPT_OK) { + goto LBL_ERR; + } + } if ((err = prng_descriptor[wprng].ready(prng)) != CRYPT_OK) { - return err; + goto LBL_ERR; } +LBL_ERR: #ifdef LTC_CLEAN_STACK - zeromem(buf, sizeof(buf)); + zeromem(buf, bytes); #endif - return CRYPT_OK; + XFREE(buf); + return err; } #endif /* #ifdef LTC_RNG_MAKE_PRNG */ diff --git a/src/ltc/prngs/sober128.c b/src/ltc/prngs/sober128.c index 8d95491..9513659 100644 --- a/src/ltc/prngs/sober128.c +++ b/src/ltc/prngs/sober128.c @@ -152,26 +152,7 @@ @param prng The PRNG to export @return CRYPT_OK if successful */ -int sober128_export(unsigned char *out, unsigned long *outlen, prng_state *prng) -{ - unsigned long len = sober128_desc.export_size; - - LTC_ARGCHK(prng != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - if (*outlen < len) { - *outlen = len; - return CRYPT_BUFFER_OVERFLOW; - } - - if (sober128_read(out, len, prng) != len) { - return CRYPT_ERROR_READPRNG; - } - - *outlen = len; - return CRYPT_OK; -} +_LTC_PRNG_EXPORT(sober128) /** Import a PRNG state @@ -189,7 +170,7 @@ if (inlen < (unsigned long)sober128_desc.export_size) return CRYPT_INVALID_ARG; if ((err = sober128_start(prng)) != CRYPT_OK) return err; - if ((err = sober128_add_entropy(in, sober128_desc.export_size, prng)) != CRYPT_OK) return err; + if ((err = sober128_add_entropy(in, inlen, prng)) != CRYPT_OK) return err; return CRYPT_OK; } diff --git a/src/ltc/prngs/yarrow.c b/src/ltc/prngs/yarrow.c index e598834..6b5057f 100644 --- a/src/ltc/prngs/yarrow.c +++ b/src/ltc/prngs/yarrow.c @@ -273,26 +273,7 @@ @param prng The PRNG to export @return CRYPT_OK if successful */ -int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng) -{ - unsigned long len = yarrow_desc.export_size; - - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(prng != NULL); - - if (*outlen < len) { - *outlen = len; - return CRYPT_BUFFER_OVERFLOW; - } - - if (yarrow_read(out, len, prng) != len) { - return CRYPT_ERROR_READPRNG; - } - - *outlen = len; - return CRYPT_OK; -} +_LTC_PRNG_EXPORT(yarrow) /** Import a PRNG state diff --git a/src/ltc/stream/sober128/sober128_stream.c b/src/ltc/stream/sober128/sober128_stream.c index 5c35eda..7b21edf 100644 --- a/src/ltc/stream/sober128/sober128_stream.c +++ b/src/ltc/stream/sober128/sober128_stream.c @@ -28,7 +28,7 @@ #define B(x,i) ((unsigned char)(((x) >> (8*i)) & 0xFF)) -static ulong32 BYTE2WORD(unsigned char *b) +static ulong32 BYTE2WORD(const unsigned char *b) { ulong32 t; LOAD32L(t, b); @@ -78,7 +78,7 @@ t = t + c->R[OFF(z,13)]; \ } -static ulong32 nltap(sober128_state *c) +static ulong32 nltap(const sober128_state *c) { ulong32 t; NLFUNC(c, 0); diff --git a/src/ltc/stream/sosemanuk/sosemanuk.c b/src/ltc/stream/sosemanuk/sosemanuk.c index c445027..60ce30a 100644 --- a/src/ltc/stream/sosemanuk/sosemanuk.c +++ b/src/ltc/stream/sosemanuk/sosemanuk.c @@ -201,7 +201,7 @@ * @param keylen Length of key in bytes * @return CRYPT_OK on success */ -int sosemanuk_setup(sosemanuk_state *ss, unsigned char *key, unsigned long keylen) +int sosemanuk_setup(sosemanuk_state *ss, const unsigned char *key, unsigned long keylen) { /* * This key schedule is actually a truncated Serpent key schedule. @@ -341,7 +341,7 @@ * @param ivlen Length of iv in bytes * @return CRYPT_OK on success */ -int sosemanuk_setiv(sosemanuk_state *ss, unsigned char *iv, unsigned long ivlen) +int sosemanuk_setiv(sosemanuk_state *ss, const unsigned char *iv, unsigned long ivlen) { /* diff --git a/t/002_all_pm.t b/t/002_all_pm.t index 3daceed..d1ea17f 100644 --- a/t/002_all_pm.t +++ b/t/002_all_pm.t @@ -3,7 +3,7 @@ use Test::More; -plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; +plan skip_all => "set AUTHOR_MODE to enable this test (developer only!)" unless $ENV{AUTHOR_MODE}; plan skip_all => "File::Find not installed" unless eval { require File::Find }; plan tests => 1; diff --git a/t/003_all_pm_pod.t b/t/003_all_pm_pod.t index 47c3ccc..85771b5 100644 --- a/t/003_all_pm_pod.t +++ b/t/003_all_pm_pod.t @@ -3,7 +3,7 @@ use Test::More; -plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; +plan skip_all => "set AUTHOR_MODE to enable this test (developer only!)" unless $ENV{AUTHOR_MODE}; plan skip_all => "File::Find not installed" unless eval { require File::Find }; plan skip_all => "Test::Pod not installed" unless eval { require Test::Pod }; plan tests => 107; diff --git a/t/004_all_pm_pod_spelling.t b/t/004_all_pm_pod_spelling.t index 5e6de67..b692782 100644 --- a/t/004_all_pm_pod_spelling.t +++ b/t/004_all_pm_pod_spelling.t @@ -3,7 +3,7 @@ use Test::More; -plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; +plan skip_all => "set AUTHOR_MODE to enable this test (developer only!)" unless $ENV{AUTHOR_MODE}; plan skip_all => "File::Find not installed" unless eval { require File::Find }; plan skip_all => "Test::Pod::Spelling or Text::Aspell not installed" unless eval { require Test::Pod::Spelling; require Text::Aspell; }; diff --git a/t/005_all_pm_pod_coverage.t b/t/005_all_pm_pod_coverage.t index ce06bc4..f922b23 100644 --- a/t/005_all_pm_pod_coverage.t +++ b/t/005_all_pm_pod_coverage.t @@ -3,7 +3,7 @@ use Test::More; -plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; +plan skip_all => "set AUTHOR_MODE to enable this test (developer only!)" unless $ENV{AUTHOR_MODE}; plan skip_all => "Pod::Coverage not installed" unless eval { require Pod::Coverage }; plan skip_all => "File::Find not installed" unless eval { require File::Find }; plan tests => 107; diff --git a/t/mbi_ltm/bigfltpm.inc b/t/mbi_ltm/bigfltpm.inc index 10d0513..97e7cdc 100644 --- a/t/mbi_ltm/bigfltpm.inc +++ b/t/mbi_ltm/bigfltpm.inc @@ -950,9 +950,6 @@ abc:123.456:NaN 123.456:abc:NaN +inf:123.45:inf --inf:123.45:-inf -+inf:-123.45:inf --inf:-123.45:-inf -2:2:4 -2:3:-8 -2:4:16 diff --git a/t/mbi_ltm/bigintpm.inc b/t/mbi_ltm/bigintpm.inc index 0798e54..35efeca 100644 --- a/t/mbi_ltm/bigintpm.inc +++ b/t/mbi_ltm/bigintpm.inc @@ -2651,26 +2651,21 @@ +inf:1234500012:inf -inf:1234500012:inf -inf:1234500013:-inf -+inf:-12345000123:inf --inf:-12345000123:-inf # -inf * -inf = inf -inf:2:inf -inf:0:NaN -inf:-1:0 --inf:inf:NaN 2:inf:inf 2:-inf:0 0:inf:0 0:-inf:inf -1:-inf:NaN -1:inf:NaN --2:inf:NaN -2:-inf:0 NaN:inf:NaN NaN:-inf:NaN -inf:NaN:NaN inf:NaN:NaN -inf:-inf:NaN 1:inf:1 1:-inf:1 # 1 ** -x => 1 / (1 ** x) diff --git a/t/mbi_ltm_bigfltpm.t b/t/mbi_ltm_bigfltpm.t index 3540868..8173e27 100644 --- a/t/mbi_ltm_bigfltpm.t +++ b/t/mbi_ltm_bigfltpm.t @@ -7,7 +7,7 @@ BEGIN { plan skip_all => "requires Math::BigFloat 1.999715+" unless eval { require Math::BigFloat && eval($Math::BigFloat::VERSION) >= 1.999715 }; - plan tests => 2409 # tests in require'd file + plan tests => 2403 # tests in require'd file + 5; # tests in this file } diff --git a/t/mbi_ltm_bigintpm.t b/t/mbi_ltm_bigintpm.t index ebb7582..976e7b1 100644 --- a/t/mbi_ltm_bigintpm.t +++ b/t/mbi_ltm_bigintpm.t @@ -7,7 +7,7 @@ BEGIN { plan skip_all => "requires Math::BigInt 1.999712+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999712 }; - plan tests => 3722 # tests in require'd file + plan tests => 3712 # tests in require'd file + 6; # tests in this file } diff --git a/t/mbi_ltm_bugs.t b/t/mbi_ltm_bugs.t index ebb7582..976e7b1 100644 --- a/t/mbi_ltm_bugs.t +++ b/t/mbi_ltm_bugs.t @@ -7,7 +7,7 @@ BEGIN { plan skip_all => "requires Math::BigInt 1.999712+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999712 }; - plan tests => 3722 # tests in require'd file + plan tests => 3712 # tests in require'd file + 6; # tests in this file }