Update upstream source from tag 'upstream/0.060'
Update to upstream version '0.060'
with Debian dir 33e79befc0ce42fb7d2abe4d3c16367b1310f73c
gregor herrmann
5 years ago
0 | 0 | Changes for CryptX |
1 | ||
2 | 0.060 2018-05-01 | |
3 | - bundled libtomcrypt update | |
4 | - Math::BigInt::LTM - remove buggy tests failing with the latest Math::BigInt | |
5 | - basically no changes to the perl modules | |
1 | 6 | |
2 | 7 | 0.059 2018-03-25 |
3 | 8 | - new Crypt::Digest::Keccak(224|256|384|512) |
174 | 174 | } |
175 | 175 | |
176 | 176 | return MP_OKAY; |
177 | } | |
178 | ||
179 | int _base16_encode(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) | |
180 | { | |
181 | unsigned long i; | |
182 | const char alphabet[] = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'}; | |
183 | ||
184 | if (*outlen < inlen * 2) { | |
185 | *outlen = inlen * 2; | |
186 | return CRYPT_BUFFER_OVERFLOW; | |
187 | } | |
188 | ||
189 | for (i = 0; i < inlen; i++) { | |
190 | out[i*2] = (unsigned char)alphabet[in[i] >> 4]; | |
191 | out[i*2+1] = (unsigned char)alphabet[in[i] & 0xF]; | |
192 | } | |
193 | ||
194 | *outlen = inlen * 2; | |
195 | return CRYPT_OK; | |
196 | 177 | } |
197 | 178 | |
198 | 179 | size_t _find_start(const char *name, char *ltcname, size_t ltclen) |
259 | 240 | void _ecc_oid_lookup(ecc_key *key) |
260 | 241 | { |
261 | 242 | int err; |
262 | unsigned i; | |
243 | unsigned i, j; | |
263 | 244 | void *tmp; |
264 | const ltc_ecc_set_type *set; | |
245 | const ltc_ecc_curve *cu; | |
265 | 246 | |
266 | 247 | key->dp.oidlen = 0; |
267 | 248 | if ((err = ltc_mp.init(&tmp)) != CRYPT_OK) return; |
268 | for (set = ltc_ecc_sets; set->name != NULL; set++) { | |
269 | if ((err = mp_read_radix(tmp, set->prime, 16)) != CRYPT_OK) continue; | |
270 | if ((mp_cmp(tmp, key->dp.prime) != LTC_MP_EQ)) continue; | |
271 | if ((err = mp_read_radix(tmp, set->order, 16)) != CRYPT_OK) continue; | |
272 | if ((mp_cmp(tmp, key->dp.order) != LTC_MP_EQ)) continue; | |
273 | if ((err = mp_read_radix(tmp, set->A, 16)) != CRYPT_OK) continue; | |
274 | if ((mp_cmp(tmp, key->dp.A) != LTC_MP_EQ)) continue; | |
275 | if ((err = mp_read_radix(tmp, set->B, 16)) != CRYPT_OK) continue; | |
276 | if ((mp_cmp(tmp, key->dp.B) != LTC_MP_EQ)) continue; | |
277 | if ((err = mp_read_radix(tmp, set->Gx, 16)) != CRYPT_OK) continue; | |
278 | if ((mp_cmp(tmp, key->dp.base.x) != LTC_MP_EQ)) continue; | |
279 | if ((err = mp_read_radix(tmp, set->Gy, 16)) != CRYPT_OK) continue; | |
280 | if ((mp_cmp(tmp, key->dp.base.y) != LTC_MP_EQ)) continue; | |
281 | if (key->dp.cofactor != set->cofactor) continue; | |
249 | for (cu = ltc_ecc_curves; cu->prime != NULL; cu++) { | |
250 | if ((err = mp_read_radix(tmp, cu->prime, 16)) != CRYPT_OK) continue; | |
251 | if ((mp_cmp(tmp, key->dp.prime) != LTC_MP_EQ)) continue; | |
252 | if ((err = mp_read_radix(tmp, cu->order, 16)) != CRYPT_OK) continue; | |
253 | if ((mp_cmp(tmp, key->dp.order) != LTC_MP_EQ)) continue; | |
254 | if ((err = mp_read_radix(tmp, cu->A, 16)) != CRYPT_OK) continue; | |
255 | if ((mp_cmp(tmp, key->dp.A) != LTC_MP_EQ)) continue; | |
256 | if ((err = mp_read_radix(tmp, cu->B, 16)) != CRYPT_OK) continue; | |
257 | if ((mp_cmp(tmp, key->dp.B) != LTC_MP_EQ)) continue; | |
258 | if ((err = mp_read_radix(tmp, cu->Gx, 16)) != CRYPT_OK) continue; | |
259 | if ((mp_cmp(tmp, key->dp.base.x) != LTC_MP_EQ)) continue; | |
260 | if ((err = mp_read_radix(tmp, cu->Gy, 16)) != CRYPT_OK) continue; | |
261 | if ((mp_cmp(tmp, key->dp.base.y) != LTC_MP_EQ)) continue; | |
262 | if (key->dp.cofactor != cu->cofactor) continue; | |
282 | 263 | break; /* found */ |
283 | 264 | } |
284 | 265 | ltc_mp.deinit(tmp); |
285 | if (set->name != NULL) { | |
286 | key->dp.oidlen = set->oidlen; | |
287 | for(i = 0; i < set->oidlen; i++) key->dp.oid[i] = set->oid[i]; | |
266 | if (cu->prime && cu->OID) { | |
267 | for (i = 0; i < 16; i++) key->dp.oid[i] = 0; | |
268 | for (i = 0, j = 0; i < strlen(cu->OID); i++) { | |
269 | if (cu->OID[i] == '.') { | |
270 | if (++j >= 16) return; | |
271 | } | |
272 | else if(cu->OID[i] >= '0' && cu->OID[i] <= '9') { | |
273 | key->dp.oid[j] = key->dp.oid[j] * 10 + (cu->OID[i] - '0'); | |
274 | } | |
275 | else { | |
276 | return; | |
277 | } | |
278 | } | |
279 | key->dp.oidlen = j + 1; | |
288 | 280 | } |
289 | 281 | } |
290 | 282 | |
291 | 283 | int _ecc_set_dp_from_SV(ecc_key *key, SV *curve) |
292 | 284 | { |
293 | 285 | dTHX; /* fetch context */ |
294 | HV *hc, *hl, *h; | |
286 | HV *hc, *h; | |
295 | 287 | SV *sv_crv, **pref; |
296 | 288 | SV **sv_cofactor, **sv_prime, **sv_A, **sv_B, **sv_order, **sv_Gx, **sv_Gy, **sv_oid; |
297 | char *ch_name; | |
298 | STRLEN l_name, i, j; | |
289 | char *ptr_crv; | |
290 | STRLEN len_crv; | |
299 | 291 | int err; |
300 | 292 | |
301 | 293 | if (!SvOK(curve)) croak("FATAL: undefined curve"); |
302 | 294 | |
303 | 295 | if (SvPOK(curve)) { |
304 | 296 | /* string */ |
305 | ch_name = SvPV(curve, l_name); | |
306 | if ((hl = get_hv("Crypt::PK::ECC::curve2ltc", 0)) == NULL) croak("FATAL: no curve2ltc register"); | |
307 | pref = hv_fetch(hl, ch_name, (U32)l_name, 0); | |
297 | ptr_crv = SvPV(curve, len_crv); | |
298 | if ((hc = get_hv("Crypt::PK::ECC::curve", 0)) == NULL) croak("FATAL: no curve register"); | |
299 | pref = hv_fetch(hc, ptr_crv, (U32)len_crv, 0); | |
308 | 300 | if (pref && SvOK(*pref)) { |
309 | sv_crv = *pref; /* found in %cutve2ltc */ | |
301 | sv_crv = *pref; /* found in %curve */ | |
310 | 302 | } |
311 | 303 | else { |
312 | if ((hc = get_hv("Crypt::PK::ECC::curve", 0)) == NULL) croak("FATAL: no curve register"); | |
313 | pref = hv_fetch(hc, ch_name, (U32)l_name, 0); | |
314 | if (pref && SvOK(*pref)) { | |
315 | sv_crv = *pref; /* found in %curve */ | |
316 | } | |
317 | else { | |
318 | sv_crv = curve; | |
319 | } | |
304 | sv_crv = curve; | |
320 | 305 | } |
321 | 306 | } |
322 | 307 | else if (SvROK(curve)) { |
329 | 314 | |
330 | 315 | if (SvPOK(sv_crv)) { |
331 | 316 | /* string - curve name */ |
332 | const ltc_ecc_set_type *dp; | |
333 | ch_name = SvPV(sv_crv, l_name); | |
334 | if (ecc_get_set_by_name(ch_name, &dp) != CRYPT_OK) croak("FATAL: ecparams: unknown curve '%s'", ch_name); | |
335 | return ecc_set_dp(dp, key); | |
317 | const ltc_ecc_curve *cu; | |
318 | ptr_crv = SvPV(sv_crv, len_crv); | |
319 | if (ecc_get_curve(ptr_crv, &cu) != CRYPT_OK) croak("FATAL: ecparams: unknown curve '%s'", ptr_crv); | |
320 | return ecc_set_dp(cu, key); | |
336 | 321 | } |
337 | 322 | else { |
338 | 323 | /* hashref */ |
339 | ltc_ecc_set_type set = { 0 }; | |
324 | ltc_ecc_curve cu = { 0 }; | |
340 | 325 | |
341 | 326 | if ((h = (HV*)(SvRV(sv_crv))) == NULL) croak("FATAL: ecparams: param is not valid hashref"); |
342 | 327 | |
356 | 341 | if (!SvOK(*sv_Gy )) croak("FATAL: ecparams: undefined param Gy"); |
357 | 342 | if (!SvOK(*sv_cofactor)) croak("FATAL: ecparams: undefined param cofactor"); |
358 | 343 | |
359 | set.prime = SvPV_nolen(*sv_prime); | |
360 | set.A = SvPV_nolen(*sv_A); | |
361 | set.B = SvPV_nolen(*sv_B); | |
362 | set.order = SvPV_nolen(*sv_order); | |
363 | set.Gx = SvPV_nolen(*sv_Gx); | |
364 | set.Gy = SvPV_nolen(*sv_Gy); | |
365 | set.cofactor = (unsigned long)SvUV(*sv_cofactor), | |
366 | set.name = NULL; | |
367 | set.oidlen = 0; | |
368 | ||
369 | sv_oid = hv_fetchs(h, "oid", 0); | |
370 | if (sv_oid && SvPOK(*sv_oid)) { | |
371 | ch_name = SvPV(*sv_oid, l_name); | |
372 | for (i = 0, j = 0; i < l_name; i++) { | |
373 | if (ch_name[i] == '.') { | |
374 | if (++j >= 16) return CRYPT_ERROR; | |
375 | } | |
376 | else if(ch_name[i] >= '0' && ch_name[i] <= '9') { | |
377 | set.oid[j] = set.oid[j] * 10 + (ch_name[i] - '0'); | |
378 | } | |
379 | else { | |
380 | return CRYPT_ERROR; | |
381 | } | |
382 | } | |
383 | if (j == 0) return CRYPT_ERROR; | |
384 | set.oidlen = j + 1; | |
385 | } | |
386 | ||
387 | if ((err = ecc_set_dp(&set, key)) != CRYPT_OK) return err; | |
344 | sv_oid = hv_fetchs(h, "oid", 0); /* 'oid' is optional */ | |
345 | cu.OID = (sv_oid && SvOK(*sv_oid)) ? SvPV_nolen(*sv_oid) : NULL; | |
346 | ||
347 | cu.prime = SvPV_nolen(*sv_prime); | |
348 | cu.A = SvPV_nolen(*sv_A); | |
349 | cu.B = SvPV_nolen(*sv_B); | |
350 | cu.order = SvPV_nolen(*sv_order); | |
351 | cu.Gx = SvPV_nolen(*sv_Gx); | |
352 | cu.Gy = SvPV_nolen(*sv_Gy); | |
353 | cu.cofactor = (unsigned long)SvUV(*sv_cofactor); | |
354 | ||
355 | if ((err = ecc_set_dp(&cu, key)) != CRYPT_OK) return err; | |
388 | 356 | if (key->dp.oidlen == 0) _ecc_oid_lookup(key); |
389 | 357 | return CRYPT_OK; |
390 | 358 | } |
512 | 480 | int rv; |
513 | 481 | STRLEN in_len; |
514 | 482 | unsigned long out_len; |
515 | unsigned char *out_data, *in_data; | |
483 | unsigned char *in_data; | |
484 | char *out_data; | |
516 | 485 | |
517 | 486 | if (!SvPOK(in)) XSRETURN_UNDEF; |
518 | 487 | in_data = (unsigned char *) SvPVbyte(in, in_len); |
523 | 492 | out_len = (unsigned long)(4 * ((in_len + 2) / 3) + 1); |
524 | 493 | RETVAL = NEWSV(0, out_len); /* avoid zero! */ |
525 | 494 | SvPOK_only(RETVAL); |
526 | out_data = (unsigned char *)SvPVX(RETVAL); | |
495 | out_data = SvPVX(RETVAL); | |
527 | 496 | if (ix == 1) |
528 | 497 | rv = base64url_encode(in_data, (unsigned long)in_len, out_data, &out_len); |
529 | 498 | else |
547 | 516 | int rv; |
548 | 517 | STRLEN in_len; |
549 | 518 | unsigned long out_len; |
550 | unsigned char *out_data, *in_data; | |
519 | unsigned char *out_data; | |
520 | char *in_data; | |
551 | 521 | |
552 | 522 | if (!SvPOK(in)) XSRETURN_UNDEF; |
553 | in_data = (unsigned char *)SvPVbyte(in, in_len); | |
523 | in_data = SvPVbyte(in, in_len); | |
554 | 524 | if (in_len == 0) { |
555 | 525 | RETVAL = newSVpvn("", 0); |
556 | 526 | } |
560 | 530 | SvPOK_only(RETVAL); |
561 | 531 | out_data = (unsigned char *)SvPVX(RETVAL); |
562 | 532 | if (ix == 1) |
563 | rv = base64url_decode(in_data, (unsigned long)in_len, out_data, &out_len); | |
533 | rv = base64url_sane_decode(in_data, (unsigned long)in_len, out_data, &out_len); | |
564 | 534 | else |
565 | rv = base64_decode(in_data, (unsigned long)in_len, out_data, &out_len); | |
535 | rv = base64_sane_decode(in_data, (unsigned long)in_len, out_data, &out_len); | |
566 | 536 | if (rv != CRYPT_OK) { |
567 | 537 | SvREFCNT_dec(RETVAL); |
568 | 538 | XSRETURN_UNDEF; |
583 | 553 | { |
584 | 554 | STRLEN in_len; |
585 | 555 | unsigned long out_len; |
586 | unsigned char *out_data, *in_data; | |
587 | int id = -1; | |
556 | unsigned char *in_data; | |
557 | char *out_data; | |
558 | int id = -1, err; | |
588 | 559 | |
589 | 560 | if (!SvPOK(in)) XSRETURN_UNDEF; |
590 | 561 | if (ix == 0) id = BASE32_RFC4648; |
597 | 568 | RETVAL = newSVpvn("", 0); |
598 | 569 | } |
599 | 570 | else { |
600 | out_len = (unsigned long)((8 * in_len + 4) / 5); | |
571 | out_len = (unsigned long)((8 * in_len + 4) / 5 + 1); | |
601 | 572 | RETVAL = NEWSV(0, out_len); /* avoid zero! */ |
602 | 573 | SvPOK_only(RETVAL); |
603 | out_data = (unsigned char *)SvPVX(RETVAL); | |
604 | if (base32_encode(in_data, (unsigned long)in_len, out_data, &out_len, id) != CRYPT_OK) { | |
574 | out_data = SvPVX(RETVAL); | |
575 | err = base32_encode(in_data, (unsigned long)in_len, out_data, &out_len, id); | |
576 | if (err != CRYPT_OK) { | |
605 | 577 | SvREFCNT_dec(RETVAL); |
606 | 578 | XSRETURN_UNDEF; |
607 | 579 | } |
621 | 593 | { |
622 | 594 | STRLEN in_len; |
623 | 595 | unsigned long out_len; |
624 | unsigned char *out_data, *in_data; | |
625 | int id = -1; | |
596 | unsigned char *out_data; | |
597 | char *in_data; | |
598 | int id = -1, err; | |
626 | 599 | |
627 | 600 | if (!SvPOK(in)) XSRETURN_UNDEF; |
628 | 601 | if (ix == 0) id = BASE32_RFC4648; |
630 | 603 | if (ix == 2) id = BASE32_ZBASE32; |
631 | 604 | if (ix == 3) id = BASE32_CROCKFORD; |
632 | 605 | if (id == -1) XSRETURN_UNDEF; |
633 | in_data = (unsigned char *)SvPVbyte(in, in_len); | |
606 | in_data = SvPVbyte(in, in_len); | |
634 | 607 | if (in_len == 0) { |
635 | 608 | RETVAL = newSVpvn("", 0); |
636 | 609 | } |
639 | 612 | RETVAL = NEWSV(0, out_len); /* avoid zero! */ |
640 | 613 | SvPOK_only(RETVAL); |
641 | 614 | out_data = (unsigned char *)SvPVX(RETVAL); |
642 | if (base32_decode(in_data, (unsigned long)in_len, out_data, &out_len, id) != CRYPT_OK) { | |
615 | err = base32_decode(in_data, (unsigned long)in_len, out_data, &out_len, id); | |
616 | if (err != CRYPT_OK) { | |
643 | 617 | SvREFCNT_dec(RETVAL); |
644 | 618 | XSRETURN_UNDEF; |
645 | 619 | } |
309 | 309 | src/ltc/math/rand_prime.c |
310 | 310 | src/ltc/math/tfm_desc.c |
311 | 311 | src/ltc/misc/adler32.c |
312 | src/ltc/misc/base16/base16_decode.c | |
313 | src/ltc/misc/base16/base16_encode.c | |
312 | 314 | src/ltc/misc/base32/base32_decode.c |
313 | 315 | src/ltc/misc/base32/base32_encode.c |
314 | 316 | src/ltc/misc/base64/base64_decode.c |
351 | 353 | src/ltc/misc/error_to_string.c |
352 | 354 | src/ltc/misc/hkdf/hkdf.c |
353 | 355 | src/ltc/misc/mem_neq.c |
356 | src/ltc/misc/padding/padding_depad.c | |
357 | src/ltc/misc/padding/padding_pad.c | |
354 | 358 | src/ltc/misc/pk_get_oid.c |
359 | src/ltc/misc/pk_oid_str.c | |
355 | 360 | src/ltc/misc/pkcs5/pkcs_5_1.c |
356 | 361 | src/ltc/misc/pkcs5/pkcs_5_2.c |
357 | 362 | src/ltc/misc/zeromem.c |
475 | 480 | src/ltc/pk/ecc/ecc_export.c |
476 | 481 | src/ltc/pk/ecc/ecc_export_openssl.c |
477 | 482 | src/ltc/pk/ecc/ecc_free.c |
483 | src/ltc/pk/ecc/ecc_get_curve.c | |
478 | 484 | src/ltc/pk/ecc/ecc_get_key.c |
479 | src/ltc/pk/ecc/ecc_get_set.c | |
480 | 485 | src/ltc/pk/ecc/ecc_get_size.c |
481 | 486 | src/ltc/pk/ecc/ecc_import.c |
482 | 487 | src/ltc/pk/ecc/ecc_import_openssl.c |
44 | 44 | "url" : "https://github.com/DCIT/perl-CryptX" |
45 | 45 | } |
46 | 46 | }, |
47 | "version" : "0.059", | |
47 | "version" : "0.060", | |
48 | 48 | "x_serialization_backend" : "JSON::PP version 2.94" |
49 | 49 | } |
21 | 21 | resources: |
22 | 22 | bugtracker: https://github.com/DCIT/perl-CryptX/issues |
23 | 23 | repository: https://github.com/DCIT/perl-CryptX |
24 | version: '0.059' | |
24 | version: '0.060' | |
25 | 25 | x_serialization_backend: 'CPAN::Meta::YAML version 0.018' |
49 | 49 | my ($maj, $min) = $arver =~ /^GNU ar [^\d]*(\d)\.(\d+)\.\d+/s; |
50 | 50 | $myarflags = 'rcD' if ($maj && $min && $maj >= 2 && $min >= 20) || $arver=~ /^BSD ar /; |
51 | 51 | } |
52 | ||
53 | # turn on extra warnings in AUTHOR_MODE (it is gcc only!!) | |
54 | $mycflags = "$mycflags -Wall -Werror -Wextra" if $ENV{AUTHOR_MODE}; | |
55 | ||
52 | 56 | @EUMM_INC_LIB = ( |
53 | INC => '-DLTM_DESC -Isrc/ltc/headers -Isrc/ltm', | |
57 | INC => $ENV{AUTHOR_MODE} ? '-DLTM_DESC -Isrc/ltc/headers -Isrc/ltm -Wall -Werror -Wextra' #gcc only!! | |
58 | : '-DLTM_DESC -Isrc/ltc/headers -Isrc/ltm', | |
54 | 59 | MYEXTLIB => "src/liballinone$Config{lib_ext}", |
55 | 60 | clean => { 'FILES' => join(' ', @myobjs, "src/liballinone$Config{lib_ext}") }, |
56 | 61 | ); |
58 | 58 | CODE: |
59 | 59 | { |
60 | 60 | int rv; |
61 | unsigned char hash[4], out[8]; | |
62 | unsigned long outlen = 8; | |
61 | unsigned char hash[4]; | |
62 | char out[9]; | |
63 | unsigned long outlen = 9; | |
63 | 64 | unsigned int ui32; |
64 | 65 | |
65 | 66 | adler32_finish(self, hash, 4); /* returns void */ |
66 | 67 | if (ix == 1) { |
67 | rv = _base16_encode(hash, 4, out, &outlen); | |
68 | rv = base16_encode(hash, 4, out, &outlen, 0); | |
68 | 69 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
69 | RETVAL = newSVpvn((char *)out, outlen); | |
70 | RETVAL = newSVpvn(out, outlen); | |
70 | 71 | } |
71 | 72 | else if (ix == 2) { |
72 | 73 | LOAD32H(ui32, hash); |
88 | 89 | { |
89 | 90 | adler32_state st; |
90 | 91 | int rv, j; |
91 | unsigned char hash[4], out[8], *in; | |
92 | unsigned long outlen = 8; | |
92 | unsigned char hash[4], *in; | |
93 | char out[9]; | |
94 | unsigned long outlen = 9; | |
93 | 95 | unsigned int ui32; |
94 | 96 | STRLEN inlen; |
95 | 97 | |
102 | 104 | } |
103 | 105 | adler32_finish(&st, hash, 4); /* returns void */ |
104 | 106 | if (ix == 1) { |
105 | rv = _base16_encode(hash, 4, out, &outlen); | |
107 | rv = base16_encode(hash, 4, out, &outlen, 0); | |
106 | 108 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
107 | RETVAL = newSVpvn((char *)out, outlen); | |
109 | RETVAL = newSVpvn(out, outlen); | |
108 | 110 | } |
109 | 111 | else if (ix == 2) { |
110 | 112 | LOAD32H(ui32, hash); |
58 | 58 | CODE: |
59 | 59 | { |
60 | 60 | int rv; |
61 | unsigned char hash[4], out[8]; | |
62 | unsigned long outlen = 8; | |
61 | unsigned char hash[4]; | |
62 | char out[9]; | |
63 | unsigned long outlen = 9; | |
63 | 64 | unsigned int ui32; |
64 | 65 | |
65 | 66 | crc32_finish(self, hash, 4); /* returns void */ |
66 | 67 | if (ix == 1) { |
67 | rv = _base16_encode(hash, 4, out, &outlen); | |
68 | rv = base16_encode(hash, 4, out, &outlen, 0); | |
68 | 69 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
69 | RETVAL = newSVpvn((char *)out, outlen); | |
70 | RETVAL = newSVpvn(out, outlen); | |
70 | 71 | } |
71 | 72 | else if (ix == 2) { |
72 | 73 | LOAD32H(ui32, hash); |
88 | 89 | { |
89 | 90 | crc32_state st; |
90 | 91 | int rv, j; |
91 | unsigned char hash[4], out[8], *in; | |
92 | unsigned long outlen = 8; | |
92 | unsigned char hash[4], *in; | |
93 | char out[9]; | |
94 | unsigned long outlen = 9; | |
93 | 95 | unsigned int ui32; |
94 | 96 | STRLEN inlen; |
95 | 97 | |
102 | 104 | } |
103 | 105 | crc32_finish(&st, hash, 4); /* returns void */ |
104 | 106 | if (ix == 1) { |
105 | rv = _base16_encode(hash, 4, out, &outlen); | |
107 | rv = base16_encode(hash, 4, out, &outlen, 0); | |
106 | 108 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
107 | RETVAL = newSVpvn((char *)out, outlen); | |
109 | RETVAL = newSVpvn(out, outlen); | |
108 | 110 | } |
109 | 111 | else if (ix == 2) { |
110 | 112 | LOAD32H(ui32, hash); |
78 | 78 | int rv; |
79 | 79 | unsigned long outlen; |
80 | 80 | unsigned char hash[MAXBLOCKSIZE]; |
81 | char out[MAXBLOCKSIZE*2]; | |
81 | char out[MAXBLOCKSIZE*2+1]; | |
82 | 82 | |
83 | 83 | rv = self->desc->done(&self->state, hash); |
84 | 84 | if (rv != CRYPT_OK) croak("FATAL: digest done failed: %s", error_to_string(rv)); |
85 | 85 | |
86 | 86 | outlen = sizeof(out); |
87 | 87 | if (ix == 3) { |
88 | rv = base64url_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); | |
88 | rv = base64url_encode(hash, self->desc->hashsize, out, &outlen); | |
89 | 89 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
90 | 90 | RETVAL = newSVpvn(out, outlen); |
91 | 91 | } |
92 | 92 | else if (ix == 2) { |
93 | rv = base64_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); | |
93 | rv = base64_encode(hash, self->desc->hashsize, out, &outlen); | |
94 | 94 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
95 | 95 | RETVAL = newSVpvn(out, outlen); |
96 | 96 | } |
97 | 97 | else if (ix == 1) { |
98 | rv = _base16_encode(hash, self->desc->hashsize, (unsigned char *)out, &outlen); | |
98 | rv = base16_encode(hash, self->desc->hashsize, out, &outlen, 0); | |
99 | 99 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
100 | 100 | RETVAL = newSVpvn(out, outlen); |
101 | 101 | } |
118 | 118 | int rv, id, i; |
119 | 119 | unsigned char *in, hash[MAXBLOCKSIZE]; |
120 | 120 | unsigned long len = sizeof(hash), outlen; |
121 | char out[MAXBLOCKSIZE*2]; | |
121 | char out[MAXBLOCKSIZE*2+1]; | |
122 | 122 | hash_state md; |
123 | 123 | |
124 | 124 | id = _find_hash(digest_name); |
140 | 140 | |
141 | 141 | outlen = sizeof(out); |
142 | 142 | if (ix == 3) { |
143 | rv = base64url_encode(hash, len, (unsigned char *)out, &outlen); | |
143 | rv = base64url_encode(hash, len, out, &outlen); | |
144 | 144 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
145 | RETVAL = newSVpvn((char *) out, outlen); | |
145 | RETVAL = newSVpvn(out, outlen); | |
146 | 146 | } |
147 | 147 | else if (ix == 2) { |
148 | rv = base64_encode(hash, len, (unsigned char *)out, &outlen); | |
148 | rv = base64_encode(hash, len, out, &outlen); | |
149 | 149 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
150 | RETVAL = newSVpvn((char *) out, outlen); | |
150 | RETVAL = newSVpvn(out, outlen); | |
151 | 151 | } |
152 | 152 | else if (ix == 1) { |
153 | rv = _base16_encode(hash, len, (unsigned char *)out, &outlen); | |
153 | rv = base16_encode(hash, len, out, &outlen, 0); | |
154 | 154 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
155 | RETVAL = newSVpvn((char *) out, outlen); | |
155 | RETVAL = newSVpvn(out, outlen); | |
156 | 156 | } |
157 | 157 | else { |
158 | 158 | RETVAL = newSVpvn((char *) hash, len); |
69 | 69 | unsigned char mac[MAXBLOCKSIZE]; |
70 | 70 | unsigned long maclen, outlen; |
71 | 71 | int rv; |
72 | char out[MAXBLOCKSIZE*2]; | |
72 | char out[MAXBLOCKSIZE*2+1]; | |
73 | 73 | |
74 | 74 | maclen = sizeof(mac); |
75 | 75 | rv = blake2bmac_done(self, mac, &maclen); |
76 | 76 | if (rv != CRYPT_OK) croak("FATAL: blake2bmac_done failed: %s", error_to_string(rv)); |
77 | 77 | outlen = sizeof(out); |
78 | 78 | if (ix == 3) { |
79 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
79 | rv = base64url_encode(mac, maclen, out, &outlen); | |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
81 | 81 | RETVAL = newSVpvn(out, outlen); |
82 | 82 | } |
83 | 83 | if (ix == 2) { |
84 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
84 | rv = base64_encode(mac, maclen, out, &outlen); | |
85 | 85 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
86 | 86 | RETVAL = newSVpvn(out, outlen); |
87 | 87 | } |
88 | 88 | if (ix == 1) { |
89 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
89 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
90 | 90 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
91 | 91 | RETVAL = newSVpvn(out, outlen); |
92 | 92 | } |
129 | 129 | |
130 | 130 | outlen = sizeof(out); |
131 | 131 | if (ix == 3) { |
132 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
132 | rv = base64url_encode(mac, len, out, &outlen); | |
133 | 133 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
134 | 134 | RETVAL = newSVpvn((char *) out, outlen); |
135 | 135 | } |
136 | 136 | else if (ix == 2) { |
137 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
137 | rv = base64_encode(mac, len, out, &outlen); | |
138 | 138 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
139 | RETVAL = newSVpvn((char *) out, outlen); | |
139 | RETVAL = newSVpvn(out, outlen); | |
140 | 140 | } |
141 | 141 | else if (ix == 1) { |
142 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
142 | rv = base16_encode(mac, len, out, &outlen, 0); | |
143 | 143 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
144 | RETVAL = newSVpvn((char *) out, outlen); | |
144 | RETVAL = newSVpvn(out, outlen); | |
145 | 145 | } |
146 | 146 | else { |
147 | 147 | RETVAL = newSVpvn((char *) mac, len); |
69 | 69 | unsigned char mac[MAXBLOCKSIZE]; |
70 | 70 | unsigned long maclen, outlen; |
71 | 71 | int rv; |
72 | char out[MAXBLOCKSIZE*2]; | |
72 | char out[MAXBLOCKSIZE*2+1]; | |
73 | 73 | |
74 | 74 | maclen = sizeof(mac); |
75 | 75 | rv = blake2smac_done(self, mac, &maclen); |
76 | 76 | if (rv != CRYPT_OK) croak("FATAL: blake2smac_done failed: %s", error_to_string(rv)); |
77 | 77 | outlen = sizeof(out); |
78 | 78 | if (ix == 3) { |
79 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
79 | rv = base64url_encode(mac, maclen, out, &outlen); | |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
81 | 81 | RETVAL = newSVpvn(out, outlen); |
82 | 82 | } |
83 | 83 | if (ix == 2) { |
84 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
84 | rv = base64_encode(mac, maclen, out, &outlen); | |
85 | 85 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
86 | 86 | RETVAL = newSVpvn(out, outlen); |
87 | 87 | } |
88 | 88 | if (ix == 1) { |
89 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
89 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
90 | 90 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
91 | 91 | RETVAL = newSVpvn(out, outlen); |
92 | 92 | } |
129 | 129 | |
130 | 130 | outlen = sizeof(out); |
131 | 131 | if (ix == 3) { |
132 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
132 | rv = base64url_encode(mac, len, out, &outlen); | |
133 | 133 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
134 | 134 | RETVAL = newSVpvn((char *) out, outlen); |
135 | 135 | } |
136 | 136 | else if (ix == 2) { |
137 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
137 | rv = base64_encode(mac, len, out, &outlen); | |
138 | 138 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
139 | RETVAL = newSVpvn((char *) out, outlen); | |
139 | RETVAL = newSVpvn(out, outlen); | |
140 | 140 | } |
141 | 141 | else if (ix == 1) { |
142 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
142 | rv = base16_encode(mac, len, out, &outlen, 0); | |
143 | 143 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
144 | RETVAL = newSVpvn((char *) out, outlen); | |
144 | RETVAL = newSVpvn(out, outlen); | |
145 | 145 | } |
146 | 146 | else { |
147 | 147 | RETVAL = newSVpvn((char *) mac, len); |
73 | 73 | unsigned char mac[MAXBLOCKSIZE]; |
74 | 74 | unsigned long maclen, outlen; |
75 | 75 | int rv; |
76 | char out[MAXBLOCKSIZE*2]; | |
76 | char out[MAXBLOCKSIZE*2+1]; | |
77 | 77 | |
78 | 78 | maclen = sizeof(mac); |
79 | 79 | rv = f9_done(self, mac, &maclen); |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: f9_done failed: %s", error_to_string(rv)); |
81 | 81 | outlen = sizeof(out); |
82 | 82 | if (ix == 3) { |
83 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
83 | rv = base64url_encode(mac, maclen, out, &outlen); | |
84 | 84 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
85 | 85 | RETVAL = newSVpvn(out, outlen); |
86 | 86 | } |
87 | 87 | if (ix == 2) { |
88 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
88 | rv = base64_encode(mac, maclen, out, &outlen); | |
89 | 89 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
90 | 90 | RETVAL = newSVpvn(out, outlen); |
91 | 91 | } |
92 | 92 | if (ix == 1) { |
93 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
93 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
94 | 94 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
95 | 95 | RETVAL = newSVpvn(out, outlen); |
96 | 96 | } |
134 | 134 | |
135 | 135 | outlen = sizeof(out); |
136 | 136 | if (ix == 3) { |
137 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
137 | rv = base64url_encode(mac, len, out, &outlen); | |
138 | 138 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
139 | 139 | RETVAL = newSVpvn((char *) out, outlen); |
140 | 140 | } |
141 | 141 | else if (ix == 2) { |
142 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
142 | rv = base64_encode(mac, len, out, &outlen); | |
143 | 143 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
144 | RETVAL = newSVpvn((char *) out, outlen); | |
144 | RETVAL = newSVpvn(out, outlen); | |
145 | 145 | } |
146 | 146 | else if (ix == 1) { |
147 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
147 | rv = base16_encode(mac, len, out, &outlen, 0); | |
148 | 148 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
149 | RETVAL = newSVpvn((char *) out, outlen); | |
149 | RETVAL = newSVpvn(out, outlen); | |
150 | 150 | } |
151 | 151 | else { |
152 | 152 | RETVAL = newSVpvn((char *) mac, len); |
73 | 73 | unsigned char mac[MAXBLOCKSIZE]; |
74 | 74 | unsigned long maclen, outlen; |
75 | 75 | int rv; |
76 | char out[MAXBLOCKSIZE*2]; | |
76 | char out[MAXBLOCKSIZE*2+1]; | |
77 | 77 | |
78 | 78 | maclen = sizeof(mac); |
79 | 79 | rv = hmac_done(self, mac, &maclen); |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: hmac_done failed: %s", error_to_string(rv)); |
81 | 81 | outlen = sizeof(out); |
82 | 82 | if (ix == 3) { |
83 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
83 | rv = base64url_encode(mac, maclen, out, &outlen); | |
84 | 84 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
85 | 85 | RETVAL = newSVpvn(out, outlen); |
86 | 86 | } |
87 | 87 | if (ix == 2) { |
88 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
88 | rv = base64_encode(mac, maclen, out, &outlen); | |
89 | 89 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
90 | 90 | RETVAL = newSVpvn(out, outlen); |
91 | 91 | } |
92 | 92 | if (ix == 1) { |
93 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
93 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
94 | 94 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
95 | 95 | RETVAL = newSVpvn(out, outlen); |
96 | 96 | } |
134 | 134 | |
135 | 135 | outlen = sizeof(out); |
136 | 136 | if (ix == 3) { |
137 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
137 | rv = base64url_encode(mac, len, out, &outlen); | |
138 | 138 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
139 | 139 | RETVAL = newSVpvn((char *) out, outlen); |
140 | 140 | } |
141 | 141 | else if (ix == 2) { |
142 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
142 | rv = base64_encode(mac, len, out, &outlen); | |
143 | 143 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
144 | RETVAL = newSVpvn((char *) out, outlen); | |
144 | RETVAL = newSVpvn(out, outlen); | |
145 | 145 | } |
146 | 146 | else if (ix == 1) { |
147 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
147 | rv = base16_encode(mac, len, out, &outlen, 0); | |
148 | 148 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
149 | RETVAL = newSVpvn((char *) out, outlen); | |
149 | RETVAL = newSVpvn(out, outlen); | |
150 | 150 | } |
151 | 151 | else { |
152 | 152 | RETVAL = newSVpvn((char *) mac, len); |
73 | 73 | unsigned char mac[MAXBLOCKSIZE]; |
74 | 74 | unsigned long maclen, outlen; |
75 | 75 | int rv; |
76 | char out[MAXBLOCKSIZE*2]; | |
76 | char out[MAXBLOCKSIZE*2+1]; | |
77 | 77 | |
78 | 78 | maclen = sizeof(mac); |
79 | 79 | rv = omac_done(self, mac, &maclen); |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: omac_done failed: %s", error_to_string(rv)); |
81 | 81 | outlen = sizeof(out); |
82 | 82 | if (ix == 3) { |
83 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
83 | rv = base64url_encode(mac, maclen, out, &outlen); | |
84 | 84 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
85 | 85 | RETVAL = newSVpvn(out, outlen); |
86 | 86 | } |
87 | 87 | if (ix == 2) { |
88 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
88 | rv = base64_encode(mac, maclen, out, &outlen); | |
89 | 89 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
90 | 90 | RETVAL = newSVpvn(out, outlen); |
91 | 91 | } |
92 | 92 | if (ix == 1) { |
93 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
93 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
94 | 94 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
95 | 95 | RETVAL = newSVpvn(out, outlen); |
96 | 96 | } |
134 | 134 | |
135 | 135 | outlen = sizeof(out); |
136 | 136 | if (ix == 3) { |
137 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
137 | rv = base64url_encode(mac, len, out, &outlen); | |
138 | 138 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
139 | 139 | RETVAL = newSVpvn((char *) out, outlen); |
140 | 140 | } |
141 | 141 | else if (ix == 2) { |
142 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
142 | rv = base64_encode(mac, len, out, &outlen); | |
143 | 143 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
144 | RETVAL = newSVpvn((char *) out, outlen); | |
144 | RETVAL = newSVpvn(out, outlen); | |
145 | 145 | } |
146 | 146 | else if (ix == 1) { |
147 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
147 | rv = base16_encode(mac, len, out, &outlen, 0); | |
148 | 148 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
149 | RETVAL = newSVpvn((char *) out, outlen); | |
149 | RETVAL = newSVpvn(out, outlen); | |
150 | 150 | } |
151 | 151 | else { |
152 | 152 | RETVAL = newSVpvn((char *) mac, len); |
73 | 73 | unsigned char mac[MAXBLOCKSIZE]; |
74 | 74 | unsigned long maclen, outlen; |
75 | 75 | int rv; |
76 | char out[MAXBLOCKSIZE*2]; | |
76 | char out[MAXBLOCKSIZE*2+1]; | |
77 | 77 | |
78 | 78 | maclen = sizeof(mac); |
79 | 79 | rv = pmac_done(self, mac, &maclen); |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: pmac_done failed: %s", error_to_string(rv)); |
81 | 81 | outlen = sizeof(out); |
82 | 82 | if (ix == 3) { |
83 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
83 | rv = base64url_encode(mac, maclen, out, &outlen); | |
84 | 84 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
85 | 85 | RETVAL = newSVpvn(out, outlen); |
86 | 86 | } |
87 | 87 | if (ix == 2) { |
88 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
88 | rv = base64_encode(mac, maclen, out, &outlen); | |
89 | 89 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
90 | 90 | RETVAL = newSVpvn(out, outlen); |
91 | 91 | } |
92 | 92 | if (ix == 1) { |
93 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
93 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
94 | 94 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
95 | 95 | RETVAL = newSVpvn(out, outlen); |
96 | 96 | } |
134 | 134 | |
135 | 135 | outlen = sizeof(out); |
136 | 136 | if (ix == 3) { |
137 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
137 | rv = base64url_encode(mac, len, out, &outlen); | |
138 | 138 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
139 | 139 | RETVAL = newSVpvn((char *) out, outlen); |
140 | 140 | } |
141 | 141 | else if (ix == 2) { |
142 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
142 | rv = base64_encode(mac, len, out, &outlen); | |
143 | 143 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
144 | RETVAL = newSVpvn((char *) out, outlen); | |
144 | RETVAL = newSVpvn(out, outlen); | |
145 | 145 | } |
146 | 146 | else if (ix == 1) { |
147 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
147 | rv = base16_encode(mac, len, out, &outlen, 0); | |
148 | 148 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
149 | RETVAL = newSVpvn((char *) out, outlen); | |
149 | RETVAL = newSVpvn(out, outlen); | |
150 | 150 | } |
151 | 151 | else { |
152 | 152 | RETVAL = newSVpvn((char *) mac, len); |
69 | 69 | unsigned char mac[MAXBLOCKSIZE]; |
70 | 70 | unsigned long maclen, outlen; |
71 | 71 | int rv; |
72 | char out[MAXBLOCKSIZE*2]; | |
72 | char out[MAXBLOCKSIZE*2+1]; | |
73 | 73 | |
74 | 74 | maclen = 16; |
75 | 75 | rv = pelican_done(self, mac); |
76 | 76 | if (rv != CRYPT_OK) croak("FATAL: pelican_done failed: %s", error_to_string(rv)); |
77 | 77 | outlen = sizeof(out); |
78 | 78 | if (ix == 3) { |
79 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
79 | rv = base64url_encode(mac, maclen, out, &outlen); | |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
81 | 81 | RETVAL = newSVpvn(out, outlen); |
82 | 82 | } |
83 | 83 | if (ix == 2) { |
84 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
84 | rv = base64_encode(mac, maclen, out, &outlen); | |
85 | 85 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
86 | 86 | RETVAL = newSVpvn(out, outlen); |
87 | 87 | } |
88 | 88 | if (ix == 1) { |
89 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
89 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
90 | 90 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
91 | 91 | RETVAL = newSVpvn(out, outlen); |
92 | 92 | } |
129 | 129 | |
130 | 130 | outlen = sizeof(out); |
131 | 131 | if (ix == 3) { |
132 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
132 | rv = base64url_encode(mac, len, out, &outlen); | |
133 | 133 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
134 | 134 | RETVAL = newSVpvn((char *) out, outlen); |
135 | 135 | } |
136 | 136 | else if (ix == 2) { |
137 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
137 | rv = base64_encode(mac, len, out, &outlen); | |
138 | 138 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
139 | RETVAL = newSVpvn((char *) out, outlen); | |
139 | RETVAL = newSVpvn(out, outlen); | |
140 | 140 | } |
141 | 141 | else if (ix == 1) { |
142 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
142 | rv = base16_encode(mac, len, out, &outlen, 0); | |
143 | 143 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
144 | RETVAL = newSVpvn((char *) out, outlen); | |
144 | RETVAL = newSVpvn(out, outlen); | |
145 | 145 | } |
146 | 146 | else { |
147 | 147 | RETVAL = newSVpvn((char *) mac, len); |
69 | 69 | unsigned char mac[MAXBLOCKSIZE]; |
70 | 70 | unsigned long maclen, outlen; |
71 | 71 | int rv; |
72 | char out[MAXBLOCKSIZE*2]; | |
72 | char out[MAXBLOCKSIZE*2+1]; | |
73 | 73 | |
74 | 74 | maclen = sizeof(mac); |
75 | 75 | rv = poly1305_done(self, mac, &maclen); |
76 | 76 | if (rv != CRYPT_OK) croak("FATAL: poly1305_done failed: %s", error_to_string(rv)); |
77 | 77 | outlen = sizeof(out); |
78 | 78 | if (ix == 3) { |
79 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
79 | rv = base64url_encode(mac, maclen, out, &outlen); | |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
81 | 81 | RETVAL = newSVpvn(out, outlen); |
82 | 82 | } |
83 | 83 | if (ix == 2) { |
84 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
84 | rv = base64_encode(mac, maclen, out, &outlen); | |
85 | 85 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
86 | 86 | RETVAL = newSVpvn(out, outlen); |
87 | 87 | } |
88 | 88 | if (ix == 1) { |
89 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
89 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
90 | 90 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
91 | 91 | RETVAL = newSVpvn(out, outlen); |
92 | 92 | } |
128 | 128 | |
129 | 129 | outlen = sizeof(out); |
130 | 130 | if (ix == 3) { |
131 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
131 | rv = base64url_encode(mac, len, out, &outlen); | |
132 | 132 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
133 | 133 | RETVAL = newSVpvn((char *) out, outlen); |
134 | 134 | } |
135 | 135 | else if (ix == 2) { |
136 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
136 | rv = base64_encode(mac, len, out, &outlen); | |
137 | 137 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
138 | RETVAL = newSVpvn((char *) out, outlen); | |
138 | RETVAL = newSVpvn(out, outlen); | |
139 | 139 | } |
140 | 140 | else if (ix == 1) { |
141 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
141 | rv = base16_encode(mac, len, out, &outlen, 0); | |
142 | 142 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
143 | RETVAL = newSVpvn((char *) out, outlen); | |
143 | RETVAL = newSVpvn(out, outlen); | |
144 | 144 | } |
145 | 145 | else { |
146 | 146 | RETVAL = newSVpvn((char *) mac, len); |
73 | 73 | unsigned char mac[MAXBLOCKSIZE]; |
74 | 74 | unsigned long maclen, outlen; |
75 | 75 | int rv; |
76 | char out[MAXBLOCKSIZE*2]; | |
76 | char out[MAXBLOCKSIZE*2+1]; | |
77 | 77 | |
78 | 78 | maclen = sizeof(mac); |
79 | 79 | rv = xcbc_done(self, mac, &maclen); |
80 | 80 | if (rv != CRYPT_OK) croak("FATAL: xcbc_done failed: %s", error_to_string(rv)); |
81 | 81 | outlen = sizeof(out); |
82 | 82 | if (ix == 3) { |
83 | rv = base64url_encode(mac, maclen, (unsigned char*)out, &outlen); | |
83 | rv = base64url_encode(mac, maclen, out, &outlen); | |
84 | 84 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
85 | 85 | RETVAL = newSVpvn(out, outlen); |
86 | 86 | } |
87 | 87 | if (ix == 2) { |
88 | rv = base64_encode(mac, maclen, (unsigned char*)out, &outlen); | |
88 | rv = base64_encode(mac, maclen, out, &outlen); | |
89 | 89 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
90 | 90 | RETVAL = newSVpvn(out, outlen); |
91 | 91 | } |
92 | 92 | if (ix == 1) { |
93 | rv = _base16_encode(mac, maclen, (unsigned char *)out, &outlen); | |
93 | rv = base16_encode(mac, maclen, out, &outlen, 0); | |
94 | 94 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
95 | 95 | RETVAL = newSVpvn(out, outlen); |
96 | 96 | } |
134 | 134 | |
135 | 135 | outlen = sizeof(out); |
136 | 136 | if (ix == 3) { |
137 | rv = base64url_encode(mac, len, (unsigned char *)out, &outlen); | |
137 | rv = base64url_encode(mac, len, out, &outlen); | |
138 | 138 | if (rv != CRYPT_OK) croak("FATAL: base64url_encode failed: %s", error_to_string(rv)); |
139 | 139 | RETVAL = newSVpvn((char *) out, outlen); |
140 | 140 | } |
141 | 141 | else if (ix == 2) { |
142 | rv = base64_encode(mac, len, (unsigned char *)out, &outlen); | |
142 | rv = base64_encode(mac, len, out, &outlen); | |
143 | 143 | if (rv != CRYPT_OK) croak("FATAL: base64_encode failed: %s", error_to_string(rv)); |
144 | RETVAL = newSVpvn((char *) out, outlen); | |
144 | RETVAL = newSVpvn(out, outlen); | |
145 | 145 | } |
146 | 146 | else if (ix == 1) { |
147 | rv = _base16_encode(mac, len, (unsigned char *)out, &outlen); | |
147 | rv = base16_encode(mac, len, out, &outlen, 0); | |
148 | 148 | if (rv != CRYPT_OK) croak("FATAL: base16_encode failed: %s", error_to_string(rv)); |
149 | RETVAL = newSVpvn((char *) out, outlen); | |
149 | RETVAL = newSVpvn(out, outlen); | |
150 | 150 | } |
151 | 151 | else { |
152 | 152 | RETVAL = newSVpvn((char *) mac, len); |
201 | 201 | not_used = hv_store(rv_hash, "curve_oid", 9, oid, 0); |
202 | 202 | |
203 | 203 | /* curve name -> "curve_name" */ |
204 | if ((h = get_hv("Crypt::PK::ECC::curve2ltc", 0)) != NULL) { | |
204 | if ((h = get_hv("Crypt::PK::ECC::curve_oid2name", 0)) != NULL) { | |
205 | 205 | pref = hv_fetch(h, oid_ptr, (U32)strlen(oid_ptr), 0); |
206 | 206 | if (pref) { |
207 | 207 | cname_ptr = SvPV(*pref, cname_len); |
208 | 208 | cname = newSVpv(cname_ptr, cname_len); |
209 | 209 | cname_ptr = SvPVX(cname); |
210 | for (i=0; i<cname_len && cname_ptr[i]>0; i++) cname_ptr[i] = toLOWER(cname_ptr[i]); | |
211 | 210 | not_used = hv_store(rv_hash, "curve_name", 10, cname, 0); |
212 | 211 | } |
213 | 212 | } |
104 | 104 | IV curpid = (IV)PerlProc_getpid(); |
105 | 105 | int rv_len, rv; |
106 | 106 | unsigned long len; |
107 | unsigned char *rdata, *tmp; | |
107 | unsigned char *tmp; | |
108 | char *rdata; | |
108 | 109 | unsigned char entropy_buf[40]; |
109 | 110 | |
110 | 111 | if (output_len == 0) { |
123 | 124 | if (tmp == NULL) croak("FATAL: Newz failed"); |
124 | 125 | rv_len = (self->desc->read)(tmp, (unsigned long)output_len, &self->state); |
125 | 126 | if ((UV)rv_len != output_len) croak("FATAL: PRNG_read failed"); |
126 | RETVAL = NEWSV(0, output_len * 2); /* avoid zero! */ | |
127 | RETVAL = NEWSV(0, output_len * 2 + 1); /* avoid zero! */ | |
127 | 128 | SvPOK_only(RETVAL); |
128 | SvCUR_set(RETVAL, output_len * 2); | |
129 | rdata = (unsigned char *)SvPVX(RETVAL); | |
130 | len = output_len * 2; | |
131 | rv = _base16_encode(tmp, output_len, rdata, &len); | |
129 | SvCUR_set(RETVAL, output_len * 2 + 1); | |
130 | rdata = SvPVX(RETVAL); | |
131 | len = output_len * 2 + 1; | |
132 | rv = base16_encode(tmp, output_len, rdata, &len, 0); | |
133 | SvCUR_set(RETVAL, len); | |
132 | 134 | Safefree(tmp); |
133 | 135 | if (rv != CRYPT_OK) { |
134 | 136 | SvREFCNT_dec(RETVAL); |
144 | 146 | RETVAL = NEWSV(0, output_len * 2); /* avoid zero! */ |
145 | 147 | SvPOK_only(RETVAL); |
146 | 148 | SvCUR_set(RETVAL, output_len * 2); |
147 | rdata = (unsigned char *)SvPVX(RETVAL); | |
149 | rdata = SvPVX(RETVAL); | |
148 | 150 | len = output_len * 2; |
149 | 151 | rv = ix == 3 ? base64url_encode(tmp, output_len, rdata, &len) : |
150 | 152 | base64_encode(tmp, output_len, rdata, &len); |
160 | 162 | RETVAL = NEWSV(0, output_len); /* avoid zero! */ |
161 | 163 | SvPOK_only(RETVAL); |
162 | 164 | SvCUR_set(RETVAL, output_len); |
163 | rdata = (unsigned char *)SvPVX(RETVAL); | |
164 | rv_len = (self->desc->read)(rdata, (unsigned long)output_len, &self->state); | |
165 | rdata = SvPVX(RETVAL); | |
166 | rv_len = (self->desc->read)((unsigned char*)rdata, (unsigned long)output_len, &self->state); | |
165 | 167 | if ((UV)rv_len != output_len) { |
166 | 168 | SvREFCNT_dec(RETVAL); |
167 | 169 | croak("FATAL: PRNG_read failed"); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( ccm_encrypt_authenticate ccm_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( eax_encrypt_authenticate eax_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( gcm_encrypt_authenticate gcm_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( ocb_encrypt_authenticate ocb_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | ### not used |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::Checksum Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::Checksum Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( crc32_data crc32_data_hex crc32_data_int crc32_file crc32_file_hex crc32_file_int )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw/ adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use Carp; |
7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_160 blake2b_160_hex blake2b_160_b64 blake2b_160_b64u blake2b_160_file blake2b_160_file_hex blake2b_160_file_b64 blake2b_160_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_256 blake2b_256_hex blake2b_256_b64 blake2b_256_b64u blake2b_256_file blake2b_256_file_hex blake2b_256_file_b64 blake2b_256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_384 blake2b_384_hex blake2b_384_b64 blake2b_384_b64u blake2b_384_file blake2b_384_file_hex blake2b_384_file_b64 blake2b_384_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_512 blake2b_512_hex blake2b_512_b64 blake2b_512_b64u blake2b_512_file blake2b_512_file_hex blake2b_512_file_b64 blake2b_512_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_128 blake2s_128_hex blake2s_128_b64 blake2s_128_b64u blake2s_128_file blake2s_128_file_hex blake2s_128_file_b64 blake2s_128_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_160 blake2s_160_hex blake2s_160_b64 blake2s_160_b64u blake2s_160_file blake2s_160_file_hex blake2s_160_file_b64 blake2s_160_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_224 blake2s_224_hex blake2s_224_b64 blake2s_224_b64u blake2s_224_file blake2s_224_file_hex blake2s_224_file_b64 blake2s_224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_256 blake2s_256_hex blake2s_256_b64 blake2s_256_b64u blake2s_256_file blake2s_256_file_hex blake2s_256_file_b64 blake2s_256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( chaes chaes_hex chaes_b64 chaes_b64u chaes_file chaes_file_hex chaes_file_b64 chaes_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak224 keccak224_hex keccak224_b64 keccak224_b64u keccak224_file keccak224_file_hex keccak224_file_b64 keccak224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak256 keccak256_hex keccak256_b64 keccak256_b64u keccak256_file keccak256_file_hex keccak256_file_b64 keccak256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak384 keccak384_hex keccak384_b64 keccak384_b64u keccak384_file keccak384_file_hex keccak384_file_b64 keccak384_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak512 keccak512_hex keccak512_b64 keccak512_b64u keccak512_file keccak512_file_hex keccak512_file_b64 keccak512_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( md2 md2_hex md2_b64 md2_b64u md2_file md2_file_hex md2_file_b64 md2_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( md4 md4_hex md4_b64 md4_b64u md4_file md4_file_hex md4_file_b64 md4_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( md5 md5_hex md5_b64 md5_b64u md5_file md5_file_hex md5_file_b64 md5_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd128 ripemd128_hex ripemd128_b64 ripemd128_b64u ripemd128_file ripemd128_file_hex ripemd128_file_b64 ripemd128_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd160 ripemd160_hex ripemd160_b64 ripemd160_b64u ripemd160_file ripemd160_file_hex ripemd160_file_b64 ripemd160_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd256 ripemd256_hex ripemd256_b64 ripemd256_b64u ripemd256_file ripemd256_file_hex ripemd256_file_b64 ripemd256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd320 ripemd320_hex ripemd320_b64 ripemd320_b64u ripemd320_file ripemd320_file_hex ripemd320_file_b64 ripemd320_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha1 sha1_hex sha1_b64 sha1_b64u sha1_file sha1_file_hex sha1_file_b64 sha1_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha224 sha224_hex sha224_b64 sha224_b64u sha224_file sha224_file_hex sha224_file_b64 sha224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha256 sha256_hex sha256_b64 sha256_b64u sha256_file sha256_file_hex sha256_file_b64 sha256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha384 sha384_hex sha384_b64 sha384_b64u sha384_file sha384_file_hex sha384_file_b64 sha384_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_224 sha3_224_hex sha3_224_b64 sha3_224_b64u sha3_224_file sha3_224_file_hex sha3_224_file_b64 sha3_224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_256 sha3_256_hex sha3_256_b64 sha3_256_b64u sha3_256_file sha3_256_file_hex sha3_256_file_b64 sha3_256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_384 sha3_384_hex sha3_384_b64 sha3_384_b64u sha3_384_file sha3_384_file_hex sha3_384_file_b64 sha3_384_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_512 sha3_512_hex sha3_512_b64 sha3_512_b64u sha3_512_file sha3_512_file_hex sha3_512_file_b64 sha3_512_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512 sha512_hex sha512_b64 sha512_b64u sha512_file sha512_file_hex sha512_file_b64 sha512_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512_224 sha512_224_hex sha512_224_b64 sha512_224_b64u sha512_224_file sha512_224_file_hex sha512_224_file_b64 sha512_224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512_256 sha512_256_hex sha512_256_b64 sha512_256_b64u sha512_256_file sha512_256_file_hex sha512_256_file_b64 sha512_256_file_b64u )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use Carp; |
7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( tiger192 tiger192_hex tiger192_b64 tiger192_b64u tiger192_file tiger192_file_hex tiger192_file_b64 tiger192_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( whirlpool whirlpool_hex whirlpool_b64 whirlpool_b64u whirlpool_file whirlpool_file_hex whirlpool_file_b64 whirlpool_file_b64u )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract)] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b blake2b_hex blake2b_b64 blake2b_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s blake2s_hex blake2s_b64 blake2s_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( f9 f9_hex f9_b64 f9_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( hmac hmac_hex hmac_b64 hmac_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( omac omac_hex omac_b64 omac_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( pmac pmac_hex pmac_b64 pmac_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( pelican pelican_hex pelican_b64 pelican_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( poly1305 poly1305_hex poly1305_b64 poly1305_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( xcbc xcbc_hex xcbc_b64 xcbc_b64u )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use Carp; |
7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import'; |
7 | 7 | use Carp 'croak'; |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.059'; | |
6 | our $VERSION = '0.060'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | ### not used |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( dh_shared_secret )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_message dsa_sign_hash dsa_verify_hash )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( ecc_encrypt ecc_decrypt ecc_sign_message ecc_verify_message ecc_sign_hash ecc_verify_hash ecc_shared_secret )] ); |
15 | 15 | use Crypt::Misc qw(read_rawfile encode_b64u decode_b64u encode_b64 decode_b64 pem_to_der der_to_pem); |
16 | 16 | use Crypt::PK; |
17 | 17 | |
18 | our %curve = ( | |
19 | # extra curves not recognized by libtomcrypt | |
20 | 'wap-wsg-idm-ecid-wtls8' => { | |
21 | prime => "FFFFFFFFFFFFFFFFFFFFFFFFFDE7", | |
22 | A => "0000000000000000000000000000", | |
23 | B => "0000000000000000000000000003", | |
24 | order => "0100000000000001ECEA551AD837E9", | |
25 | Gx => "0000000000000000000000000001", | |
26 | Gy => "0000000000000000000000000002", | |
27 | cofactor => 1, | |
28 | oid => '2.23.43.1.4.8', | |
29 | }, | |
30 | 'wap-wsg-idm-ecid-wtls9' => { | |
31 | prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F", | |
32 | A => "0000000000000000000000000000000000000000", | |
33 | B => "0000000000000000000000000000000000000003", | |
34 | order => "0100000000000000000001CDC98AE0E2DE574ABF33", | |
35 | Gx => "0000000000000000000000000000000000000001", | |
36 | Gy => "0000000000000000000000000000000000000002", | |
37 | cofactor => 1, | |
38 | oid => '2.23.43.1.4.9', | |
39 | }, | |
18 | our %curve = ( # must be "our" as we use it from XS code | |
19 | # extra curves not recognized by libtomcrypt | |
20 | 'wap-wsg-idm-ecid-wtls8' => { | |
21 | prime => "FFFFFFFFFFFFFFFFFFFFFFFFFDE7", | |
22 | A => "0000000000000000000000000000", | |
23 | B => "0000000000000000000000000003", | |
24 | order => "0100000000000001ECEA551AD837E9", | |
25 | Gx => "0000000000000000000000000001", | |
26 | Gy => "0000000000000000000000000002", | |
27 | cofactor => 1, | |
28 | oid => '2.23.43.1.4.8', | |
29 | }, | |
30 | 'wap-wsg-idm-ecid-wtls9' => { | |
31 | prime => "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F", | |
32 | A => "0000000000000000000000000000000000000000", | |
33 | B => "0000000000000000000000000000000000000003", | |
34 | order => "0100000000000000000001CDC98AE0E2DE574ABF33", | |
35 | Gx => "0000000000000000000000000000000000000001", | |
36 | Gy => "0000000000000000000000000000000000000002", | |
37 | cofactor => 1, | |
38 | oid => '2.23.43.1.4.9', | |
39 | }, | |
40 | # some unusual openssl names | |
41 | "wap-wsg-idm-ecid-wtls6" => 'secp112r1', | |
42 | "wap-wsg-idm-ecid-wtls7" => 'secp160r2', | |
43 | "wap-wsg-idm-ecid-wtls12" => 'secp224r1', | |
40 | 44 | ); |
41 | 45 | |
42 | my %jwk2curve = ( | |
43 | 'P-192' => 'secp192r1', | |
44 | 'P-224' => 'secp224r1', | |
45 | 'P-256' => 'secp256r1', | |
46 | 'P-384' => 'secp384r1', | |
47 | 'P-521' => 'secp521r1', | |
46 | our %curve_oid2name = ( # must be "our" as we use it from XS code | |
47 | # the following are used to derive curve_name from OID in key2hash() | |
48 | "1.2.840.10045.3.1.1" => "secp192r1", | |
49 | "1.2.840.10045.3.1.2" => "prime192v2", | |
50 | "1.2.840.10045.3.1.3" => "prime192v3", | |
51 | "1.2.840.10045.3.1.4" => "prime239v1", | |
52 | "1.2.840.10045.3.1.5" => "prime239v2", | |
53 | "1.2.840.10045.3.1.6" => "prime239v3", | |
54 | "1.2.840.10045.3.1.7" => "secp256r1", | |
55 | "1.3.132.0.6" => "secp112r1", | |
56 | "1.3.132.0.7" => "secp112r2", | |
57 | "1.3.132.0.8" => "secp160r1", | |
58 | "1.3.132.0.9" => "secp160k1", | |
59 | "1.3.132.0.10" => "secp256k1", | |
60 | "1.3.132.0.28" => "secp128r1", | |
61 | "1.3.132.0.29" => "secp128r2", | |
62 | "1.3.132.0.30" => "secp160r2", | |
63 | "1.3.132.0.31" => "secp192k1", | |
64 | "1.3.132.0.32" => "secp224k1", | |
65 | "1.3.132.0.33" => "secp224r1", | |
66 | "1.3.132.0.34" => "secp384r1", | |
67 | "1.3.132.0.35" => "secp521r1", | |
68 | "1.3.36.3.3.2.8.1.1.1" => "brainpoolp160r1", | |
69 | "1.3.36.3.3.2.8.1.1.2" => "brainpoolp160t1", | |
70 | "1.3.36.3.3.2.8.1.1.3" => "brainpoolp192r1", | |
71 | "1.3.36.3.3.2.8.1.1.4" => "brainpoolp192t1", | |
72 | "1.3.36.3.3.2.8.1.1.5" => "brainpoolp224r1", | |
73 | "1.3.36.3.3.2.8.1.1.6" => "brainpoolp224t1", | |
74 | "1.3.36.3.3.2.8.1.1.7" => "brainpoolp256r1", | |
75 | "1.3.36.3.3.2.8.1.1.8" => "brainpoolp256t1", | |
76 | "1.3.36.3.3.2.8.1.1.9" => "brainpoolp320r1", | |
77 | "1.3.36.3.3.2.8.1.1.10" => "brainpoolp320t1", | |
78 | "1.3.36.3.3.2.8.1.1.11" => "brainpoolp384r1", | |
79 | "1.3.36.3.3.2.8.1.1.12" => "brainpoolp384t1", | |
80 | "1.3.36.3.3.2.8.1.1.13" => "brainpoolp512r1", | |
81 | "1.3.36.3.3.2.8.1.1.14" => "brainpoolp512t1", | |
48 | 82 | ); |
49 | 83 | |
50 | 84 | my %curve2jwk = ( |
85 | # necessary for conversion of curve_name_or_OID >> P-NNN | |
51 | 86 | '1.2.840.10045.3.1.1' => 'P-192', # secp192r1 |
52 | 87 | '1.3.132.0.33' => 'P-224', # secp224r1 |
53 | 88 | '1.2.840.10045.3.1.7' => 'P-256', # secp256r1 |
65 | 100 | 'secp256r1' => 'P-256', |
66 | 101 | 'secp384r1' => 'P-384', |
67 | 102 | 'secp521r1' => 'P-521', |
68 | ); | |
69 | ||
70 | our %curve2ltc = ( # must be "our" as we use it from XS code | |
71 | # OIDs | |
72 | "1.2.840.10045.3.1.1" => "SECP192R1", | |
73 | "1.2.840.10045.3.1.2" => "PRIME192V2", | |
74 | "1.2.840.10045.3.1.3" => "PRIME192V3", | |
75 | "1.2.840.10045.3.1.4" => "PRIME239V1", | |
76 | "1.2.840.10045.3.1.5" => "PRIME239V2", | |
77 | "1.2.840.10045.3.1.6" => "PRIME239V3", | |
78 | "1.2.840.10045.3.1.7" => "SECP256R1", | |
79 | "1.3.132.0.10" => "SECP256K1", | |
80 | "1.3.132.0.28" => "SECP128R1", | |
81 | "1.3.132.0.29" => "SECP128R2", | |
82 | "1.3.132.0.30" => "SECP160R2", | |
83 | "1.3.132.0.31" => "SECP192K1", | |
84 | "1.3.132.0.32" => "SECP224K1", | |
85 | "1.3.132.0.33" => "SECP224R1", | |
86 | "1.3.132.0.34" => "SECP384R1", | |
87 | "1.3.132.0.35" => "SECP521R1", | |
88 | "1.3.132.0.6" => "SECP112R1", | |
89 | "1.3.132.0.7" => "SECP112R2", | |
90 | "1.3.132.0.8" => "SECP160R1", | |
91 | "1.3.132.0.9" => "SECP160K1", | |
92 | "1.3.36.3.3.2.8.1.1.1" => "BRAINPOOLP160R1", | |
93 | "1.3.36.3.3.2.8.1.1.11" => "BRAINPOOLP384R1", | |
94 | "1.3.36.3.3.2.8.1.1.13" => "BRAINPOOLP512R1", | |
95 | "1.3.36.3.3.2.8.1.1.3" => "BRAINPOOLP192R1", | |
96 | "1.3.36.3.3.2.8.1.1.5" => "BRAINPOOLP224R1", | |
97 | "1.3.36.3.3.2.8.1.1.7" => "BRAINPOOLP256R1", | |
98 | "1.3.36.3.3.2.8.1.1.9" => "BRAINPOOLP320R1", | |
99 | "1.3.36.3.3.2.8.1.1.10" => "BRAINPOOLP320T1", | |
100 | "1.3.36.3.3.2.8.1.1.12" => "BRAINPOOLP384T1", | |
101 | "1.3.36.3.3.2.8.1.1.14" => "BRAINPOOLP512T1", | |
102 | "1.3.36.3.3.2.8.1.1.2" => "BRAINPOOLP160T1", | |
103 | "1.3.36.3.3.2.8.1.1.4" => "BRAINPOOLP192T1", | |
104 | "1.3.36.3.3.2.8.1.1.6" => "BRAINPOOLP224T1", | |
105 | "1.3.36.3.3.2.8.1.1.8" => "BRAINPOOLP256T1", | |
106 | # JWT names | |
107 | "P-192" => "SECP192R1", | |
108 | "P-224" => "SECP224R1", | |
109 | "P-256" => "SECP256R1", | |
110 | "P-384" => "SECP384R1", | |
111 | "P-521" => "SECP521R1", | |
112 | # openssl names | |
113 | "brainpoolp160r1" => "BRAINPOOLP160R1", | |
114 | "brainpoolp192r1" => "BRAINPOOLP192R1", | |
115 | "brainpoolp224r1" => "BRAINPOOLP224R1", | |
116 | "brainpoolp256r1" => "BRAINPOOLP256R1", | |
117 | "brainpoolp320r1" => "BRAINPOOLP320R1", | |
118 | "brainpoolp384r1" => "BRAINPOOLP384R1", | |
119 | "brainpoolp512r1" => "BRAINPOOLP512R1", | |
120 | "brainpoolp160t1" => "BRAINPOOLP160T1", | |
121 | "brainpoolp192t1" => "BRAINPOOLP192T1", | |
122 | "brainpoolp224t1" => "BRAINPOOLP224T1", | |
123 | "brainpoolp256t1" => "BRAINPOOLP256T1", | |
124 | "brainpoolp320t1" => "BRAINPOOLP320T1", | |
125 | "brainpoolp384t1" => "BRAINPOOLP384T1", | |
126 | "brainpoolp512t1" => "BRAINPOOLP512T1", | |
127 | "nistp192" => "SECP192R1", | |
128 | "nistp224" => "SECP224R1", | |
129 | "nistp256" => "SECP256R1", | |
130 | "nistp384" => "SECP384R1", | |
131 | "nistp521" => "SECP521R1", | |
132 | "prime192v1" => "SECP192R1", | |
133 | "prime192v2" => "PRIME192V2", | |
134 | "prime192v3" => "PRIME192V3", | |
135 | "prime239v1" => "PRIME239V1", | |
136 | "prime239v2" => "PRIME239V2", | |
137 | "prime239v3" => "PRIME239V3", | |
138 | "prime256v1" => "SECP256R1", | |
139 | "secp112r1" => "SECP112R1", | |
140 | "secp112r2" => "SECP112R2", | |
141 | "secp128r1" => "SECP128R1", | |
142 | "secp128r2" => "SECP128R2", | |
143 | "secp160k1" => "SECP160K1", | |
144 | "secp160r1" => "SECP160R1", | |
145 | "secp160r2" => "SECP160R2", | |
146 | "secp192k1" => "SECP192K1", | |
147 | "secp192r1" => "SECP192R1", | |
148 | "secp224k1" => "SECP224K1", | |
149 | "secp224r1" => "SECP224R1", | |
150 | "secp256k1" => "SECP256K1", | |
151 | "secp256r1" => "SECP256R1", | |
152 | "secp384r1" => "SECP384R1", | |
153 | "secp521r1" => "SECP521R1", | |
154 | "wap-wsg-idm-ecid-wtls6" => 'SECP112R1', | |
155 | "wap-wsg-idm-ecid-wtls7" => 'SECP160R2', | |
156 | "wap-wsg-idm-ecid-wtls12" => 'SECP224R1', | |
157 | 103 | ); |
158 | 104 | |
159 | 105 | sub _import_hex { |
249 | 195 | for (qw/x y d/) { |
250 | 196 | $key->{$_} = eval { unpack("H*", decode_b64u($key->{$_})) } if exists $key->{$_}; |
251 | 197 | } |
252 | if (my $curve_name = $jwk2curve{$key->{crv}}) { | |
253 | return $self->_import_hex($key->{x}, $key->{y}, $key->{d}, $curve_name); | |
254 | } | |
255 | # curve is not JWK compliant e.g. P-192 P-224 P-256 P-384 P-521 (we'll try to import anyway) | |
198 | # names P-192 P-224 P-256 P-384 P-521 are recognized by libtomcrypt | |
256 | 199 | return $self->_import_hex($key->{x}, $key->{y}, $key->{d}, $key->{crv}); |
257 | 200 | } |
258 | 201 | croak "FATAL: unexpected ECC key hash"; |
290 | 233 | for (qw/x y d/) { |
291 | 234 | $h->{$_} = eval { unpack("H*", decode_b64u($h->{$_})) } if exists $h->{$_}; |
292 | 235 | } |
293 | if (my $curve_name = $jwk2curve{$h->{crv}}) { | |
294 | return $self->_import_hex($h->{x}, $h->{y}, $h->{d}, $curve_name); | |
295 | } | |
296 | # curve is not JWK compliant e.g. P-192 P-224 P-256 P-384 P-521 (we'll try to import anyway) | |
236 | # names P-192 P-224 P-256 P-384 P-521 are recognized by libtomcrypt | |
297 | 237 | return $self->_import_hex($h->{x}, $h->{y}, $h->{d}, $h->{crv}); |
298 | 238 | } |
299 | 239 | } |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_message rsa_sign_hash rsa_verify_hash)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use Carp; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings ; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | require XSLoader; |
7 | 7 | XSLoader::load('CryptX', $VERSION); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.059'; | |
4 | our $VERSION = '0.060'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
41 | 41 | ltc/math/rand_bn.o ltc/math/rand_prime.o ltc/math/tfm_desc.o ltc/math/fp/ltc_ecc_fp_mulmod.o \ |
42 | 42 | ltc/misc/adler32.o ltc/misc/burn_stack.o ltc/misc/compare_testvector.o ltc/misc/copy_or_zeromem.o \ |
43 | 43 | ltc/misc/crc32.o ltc/misc/error_to_string.o ltc/misc/mem_neq.o ltc/misc/pk_get_oid.o \ |
44 | ltc/misc/zeromem.o ltc/misc/base32/base32_decode.o ltc/misc/base32/base32_encode.o \ | |
45 | ltc/misc/base64/base64_decode.o ltc/misc/base64/base64_encode.o ltc/misc/crypt/crypt.o \ | |
46 | ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o ltc/misc/crypt/crypt_cipher_is_valid.o \ | |
47 | ltc/misc/crypt/crypt_constants.o ltc/misc/crypt/crypt_find_cipher.o ltc/misc/crypt/crypt_find_cipher_any.o \ | |
48 | ltc/misc/crypt/crypt_find_cipher_id.o ltc/misc/crypt/crypt_find_hash.o ltc/misc/crypt/crypt_find_hash_any.o \ | |
49 | ltc/misc/crypt/crypt_find_hash_id.o ltc/misc/crypt/crypt_find_hash_oid.o ltc/misc/crypt/crypt_find_prng.o \ | |
50 | ltc/misc/crypt/crypt_fsa.o ltc/misc/crypt/crypt_hash_descriptor.o ltc/misc/crypt/crypt_hash_is_valid.o \ | |
51 | ltc/misc/crypt/crypt_inits.o ltc/misc/crypt/crypt_ltc_mp_descriptor.o ltc/misc/crypt/crypt_prng_descriptor.o \ | |
52 | ltc/misc/crypt/crypt_prng_is_valid.o ltc/misc/crypt/crypt_prng_rng_descriptor.o ltc/misc/crypt/crypt_register_all_ciphers.o \ | |
44 | ltc/misc/pk_oid_str.o ltc/misc/zeromem.o ltc/misc/base16/base16_decode.o ltc/misc/base16/base16_encode.o \ | |
45 | ltc/misc/base32/base32_decode.o ltc/misc/base32/base32_encode.o ltc/misc/base64/base64_decode.o \ | |
46 | ltc/misc/base64/base64_encode.o ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o \ | |
47 | ltc/misc/crypt/crypt_cipher_descriptor.o ltc/misc/crypt/crypt_cipher_is_valid.o ltc/misc/crypt/crypt_constants.o \ | |
48 | ltc/misc/crypt/crypt_find_cipher.o ltc/misc/crypt/crypt_find_cipher_any.o ltc/misc/crypt/crypt_find_cipher_id.o \ | |
49 | ltc/misc/crypt/crypt_find_hash.o ltc/misc/crypt/crypt_find_hash_any.o ltc/misc/crypt/crypt_find_hash_id.o \ | |
50 | ltc/misc/crypt/crypt_find_hash_oid.o ltc/misc/crypt/crypt_find_prng.o ltc/misc/crypt/crypt_fsa.o \ | |
51 | ltc/misc/crypt/crypt_hash_descriptor.o ltc/misc/crypt/crypt_hash_is_valid.o ltc/misc/crypt/crypt_inits.o \ | |
52 | ltc/misc/crypt/crypt_ltc_mp_descriptor.o ltc/misc/crypt/crypt_prng_descriptor.o ltc/misc/crypt/crypt_prng_is_valid.o \ | |
53 | ltc/misc/crypt/crypt_prng_rng_descriptor.o ltc/misc/crypt/crypt_register_all_ciphers.o \ | |
53 | 54 | ltc/misc/crypt/crypt_register_all_hashes.o ltc/misc/crypt/crypt_register_all_prngs.o \ |
54 | 55 | ltc/misc/crypt/crypt_register_cipher.o ltc/misc/crypt/crypt_register_hash.o ltc/misc/crypt/crypt_register_prng.o \ |
55 | 56 | ltc/misc/crypt/crypt_sizes.o ltc/misc/crypt/crypt_unregister_cipher.o ltc/misc/crypt/crypt_unregister_hash.o \ |
56 | ltc/misc/crypt/crypt_unregister_prng.o ltc/misc/hkdf/hkdf.o ltc/misc/pkcs5/pkcs_5_1.o \ | |
57 | ltc/misc/pkcs5/pkcs_5_2.o ltc/modes/cbc/cbc_decrypt.o ltc/modes/cbc/cbc_done.o ltc/modes/cbc/cbc_encrypt.o \ | |
57 | ltc/misc/crypt/crypt_unregister_prng.o ltc/misc/hkdf/hkdf.o ltc/misc/padding/padding_depad.o \ | |
58 | ltc/misc/padding/padding_pad.o ltc/misc/pkcs5/pkcs_5_1.o ltc/misc/pkcs5/pkcs_5_2.o \ | |
59 | ltc/modes/cbc/cbc_decrypt.o ltc/modes/cbc/cbc_done.o ltc/modes/cbc/cbc_encrypt.o \ | |
58 | 60 | ltc/modes/cbc/cbc_getiv.o ltc/modes/cbc/cbc_setiv.o ltc/modes/cbc/cbc_start.o ltc/modes/cfb/cfb_decrypt.o \ |
59 | 61 | ltc/modes/cfb/cfb_done.o ltc/modes/cfb/cfb_encrypt.o ltc/modes/cfb/cfb_getiv.o ltc/modes/cfb/cfb_setiv.o \ |
60 | 62 | ltc/modes/cfb/cfb_start.o ltc/modes/ctr/ctr_decrypt.o ltc/modes/ctr/ctr_done.o ltc/modes/ctr/ctr_encrypt.o \ |
99 | 101 | ltc/pk/dsa/dsa_set_pqg_dsaparam.o ltc/pk/dsa/dsa_shared_secret.o ltc/pk/dsa/dsa_sign_hash.o \ |
100 | 102 | ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ecc/ecc.o ltc/pk/ecc/ecc_ansi_x963_export.o \ |
101 | 103 | ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o ltc/pk/ecc/ecc_encrypt_key.o \ |
102 | ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o \ | |
103 | ltc/pk/ecc/ecc_get_set.o ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o \ | |
104 | ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_curve.o \ | |
105 | ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o \ | |
104 | 106 | ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o \ |
105 | 107 | ltc/pk/ecc/ecc_set_dp.o ltc/pk/ecc/ecc_set_dp_internal.o ltc/pk/ecc/ecc_set_key.o \ |
106 | 108 | ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o \ |
44 | 44 | ltc/math/rand_bn.obj ltc/math/rand_prime.obj ltc/math/tfm_desc.obj ltc/math/fp/ltc_ecc_fp_mulmod.obj \ |
45 | 45 | ltc/misc/adler32.obj ltc/misc/burn_stack.obj ltc/misc/compare_testvector.obj ltc/misc/copy_or_zeromem.obj \ |
46 | 46 | ltc/misc/crc32.obj ltc/misc/error_to_string.obj ltc/misc/mem_neq.obj ltc/misc/pk_get_oid.obj \ |
47 | ltc/misc/zeromem.obj ltc/misc/base32/base32_decode.obj ltc/misc/base32/base32_encode.obj \ | |
48 | ltc/misc/base64/base64_decode.obj ltc/misc/base64/base64_encode.obj ltc/misc/crypt/crypt.obj \ | |
49 | ltc/misc/crypt/crypt_argchk.obj ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \ | |
47 | ltc/misc/pk_oid_str.obj ltc/misc/zeromem.obj ltc/misc/base16/base16_decode.obj ltc/misc/base16/base16_encode.obj \ | |
48 | ltc/misc/base32/base32_decode.obj ltc/misc/base32/base32_encode.obj ltc/misc/base64/base64_decode.obj \ | |
49 | ltc/misc/base64/base64_encode.obj ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj \ | |
50 | ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \ | |
50 | 51 | ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj ltc/misc/crypt/crypt_find_cipher_any.obj \ |
51 | 52 | ltc/misc/crypt/crypt_find_cipher_id.obj ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj \ |
52 | 53 | ltc/misc/crypt/crypt_find_hash_id.obj ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj \ |
57 | 58 | ltc/misc/crypt/crypt_register_all_prngs.obj ltc/misc/crypt/crypt_register_cipher.obj \ |
58 | 59 | ltc/misc/crypt/crypt_register_hash.obj ltc/misc/crypt/crypt_register_prng.obj ltc/misc/crypt/crypt_sizes.obj \ |
59 | 60 | ltc/misc/crypt/crypt_unregister_cipher.obj ltc/misc/crypt/crypt_unregister_hash.obj \ |
60 | ltc/misc/crypt/crypt_unregister_prng.obj ltc/misc/hkdf/hkdf.obj ltc/misc/pkcs5/pkcs_5_1.obj \ | |
61 | ltc/misc/pkcs5/pkcs_5_2.obj ltc/modes/cbc/cbc_decrypt.obj ltc/modes/cbc/cbc_done.obj \ | |
62 | ltc/modes/cbc/cbc_encrypt.obj ltc/modes/cbc/cbc_getiv.obj ltc/modes/cbc/cbc_setiv.obj \ | |
63 | ltc/modes/cbc/cbc_start.obj ltc/modes/cfb/cfb_decrypt.obj ltc/modes/cfb/cfb_done.obj \ | |
64 | ltc/modes/cfb/cfb_encrypt.obj ltc/modes/cfb/cfb_getiv.obj ltc/modes/cfb/cfb_setiv.obj \ | |
65 | ltc/modes/cfb/cfb_start.obj ltc/modes/ctr/ctr_decrypt.obj ltc/modes/ctr/ctr_done.obj \ | |
66 | ltc/modes/ctr/ctr_encrypt.obj ltc/modes/ctr/ctr_getiv.obj ltc/modes/ctr/ctr_setiv.obj \ | |
67 | ltc/modes/ctr/ctr_start.obj ltc/modes/ecb/ecb_decrypt.obj ltc/modes/ecb/ecb_done.obj \ | |
68 | ltc/modes/ecb/ecb_encrypt.obj ltc/modes/ecb/ecb_start.obj ltc/modes/ofb/ofb_decrypt.obj \ | |
69 | ltc/modes/ofb/ofb_done.obj ltc/modes/ofb/ofb_encrypt.obj ltc/modes/ofb/ofb_getiv.obj \ | |
70 | ltc/modes/ofb/ofb_setiv.obj ltc/modes/ofb/ofb_start.obj ltc/pk/asn1/der/bit/der_decode_bit_string.obj \ | |
71 | ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj ltc/pk/asn1/der/bit/der_encode_bit_string.obj \ | |
72 | ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj ltc/pk/asn1/der/bit/der_length_bit_string.obj \ | |
73 | ltc/pk/asn1/der/boolean/der_decode_boolean.obj ltc/pk/asn1/der/boolean/der_encode_boolean.obj \ | |
74 | ltc/pk/asn1/der/boolean/der_length_boolean.obj ltc/pk/asn1/der/choice/der_decode_choice.obj \ | |
75 | ltc/pk/asn1/der/custom_type/der_decode_custom_type.obj ltc/pk/asn1/der/custom_type/der_encode_custom_type.obj \ | |
76 | ltc/pk/asn1/der/custom_type/der_length_custom_type.obj ltc/pk/asn1/der/general/der_asn1_maps.obj \ | |
77 | ltc/pk/asn1/der/general/der_decode_asn1_identifier.obj ltc/pk/asn1/der/general/der_decode_asn1_length.obj \ | |
78 | ltc/pk/asn1/der/general/der_encode_asn1_identifier.obj ltc/pk/asn1/der/general/der_encode_asn1_length.obj \ | |
79 | ltc/pk/asn1/der/general/der_length_asn1_identifier.obj ltc/pk/asn1/der/general/der_length_asn1_length.obj \ | |
80 | ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.obj ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.obj \ | |
81 | ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.obj ltc/pk/asn1/der/ia5/der_decode_ia5_string.obj \ | |
82 | ltc/pk/asn1/der/ia5/der_encode_ia5_string.obj ltc/pk/asn1/der/ia5/der_length_ia5_string.obj \ | |
83 | ltc/pk/asn1/der/integer/der_decode_integer.obj ltc/pk/asn1/der/integer/der_encode_integer.obj \ | |
84 | ltc/pk/asn1/der/integer/der_length_integer.obj ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.obj \ | |
85 | ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.obj ltc/pk/asn1/der/object_identifier/der_length_object_identifier.obj \ | |
86 | ltc/pk/asn1/der/octet/der_decode_octet_string.obj ltc/pk/asn1/der/octet/der_encode_octet_string.obj \ | |
87 | ltc/pk/asn1/der/octet/der_length_octet_string.obj ltc/pk/asn1/der/printable_string/der_decode_printable_string.obj \ | |
88 | ltc/pk/asn1/der/printable_string/der_encode_printable_string.obj ltc/pk/asn1/der/printable_string/der_length_printable_string.obj \ | |
89 | ltc/pk/asn1/der/sequence/der_decode_sequence_ex.obj ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.obj \ | |
90 | ltc/pk/asn1/der/sequence/der_decode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_encode_sequence_ex.obj \ | |
91 | ltc/pk/asn1/der/sequence/der_encode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_length_sequence.obj \ | |
92 | ltc/pk/asn1/der/sequence/der_sequence_free.obj ltc/pk/asn1/der/sequence/der_sequence_shrink.obj \ | |
93 | ltc/pk/asn1/der/set/der_encode_set.obj ltc/pk/asn1/der/set/der_encode_setof.obj ltc/pk/asn1/der/short_integer/der_decode_short_integer.obj \ | |
61 | ltc/misc/crypt/crypt_unregister_prng.obj ltc/misc/hkdf/hkdf.obj ltc/misc/padding/padding_depad.obj \ | |
62 | ltc/misc/padding/padding_pad.obj ltc/misc/pkcs5/pkcs_5_1.obj ltc/misc/pkcs5/pkcs_5_2.obj \ | |
63 | ltc/modes/cbc/cbc_decrypt.obj ltc/modes/cbc/cbc_done.obj ltc/modes/cbc/cbc_encrypt.obj \ | |
64 | ltc/modes/cbc/cbc_getiv.obj ltc/modes/cbc/cbc_setiv.obj ltc/modes/cbc/cbc_start.obj \ | |
65 | ltc/modes/cfb/cfb_decrypt.obj ltc/modes/cfb/cfb_done.obj ltc/modes/cfb/cfb_encrypt.obj \ | |
66 | ltc/modes/cfb/cfb_getiv.obj ltc/modes/cfb/cfb_setiv.obj ltc/modes/cfb/cfb_start.obj \ | |
67 | ltc/modes/ctr/ctr_decrypt.obj ltc/modes/ctr/ctr_done.obj ltc/modes/ctr/ctr_encrypt.obj \ | |
68 | ltc/modes/ctr/ctr_getiv.obj ltc/modes/ctr/ctr_setiv.obj ltc/modes/ctr/ctr_start.obj \ | |
69 | ltc/modes/ecb/ecb_decrypt.obj ltc/modes/ecb/ecb_done.obj ltc/modes/ecb/ecb_encrypt.obj \ | |
70 | ltc/modes/ecb/ecb_start.obj ltc/modes/ofb/ofb_decrypt.obj ltc/modes/ofb/ofb_done.obj \ | |
71 | ltc/modes/ofb/ofb_encrypt.obj ltc/modes/ofb/ofb_getiv.obj ltc/modes/ofb/ofb_setiv.obj \ | |
72 | ltc/modes/ofb/ofb_start.obj ltc/pk/asn1/der/bit/der_decode_bit_string.obj ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj \ | |
73 | ltc/pk/asn1/der/bit/der_encode_bit_string.obj ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj \ | |
74 | ltc/pk/asn1/der/bit/der_length_bit_string.obj ltc/pk/asn1/der/boolean/der_decode_boolean.obj \ | |
75 | ltc/pk/asn1/der/boolean/der_encode_boolean.obj ltc/pk/asn1/der/boolean/der_length_boolean.obj \ | |
76 | ltc/pk/asn1/der/choice/der_decode_choice.obj ltc/pk/asn1/der/custom_type/der_decode_custom_type.obj \ | |
77 | ltc/pk/asn1/der/custom_type/der_encode_custom_type.obj ltc/pk/asn1/der/custom_type/der_length_custom_type.obj \ | |
78 | ltc/pk/asn1/der/general/der_asn1_maps.obj ltc/pk/asn1/der/general/der_decode_asn1_identifier.obj \ | |
79 | ltc/pk/asn1/der/general/der_decode_asn1_length.obj ltc/pk/asn1/der/general/der_encode_asn1_identifier.obj \ | |
80 | ltc/pk/asn1/der/general/der_encode_asn1_length.obj ltc/pk/asn1/der/general/der_length_asn1_identifier.obj \ | |
81 | ltc/pk/asn1/der/general/der_length_asn1_length.obj ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.obj \ | |
82 | ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.obj ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.obj \ | |
83 | ltc/pk/asn1/der/ia5/der_decode_ia5_string.obj ltc/pk/asn1/der/ia5/der_encode_ia5_string.obj \ | |
84 | ltc/pk/asn1/der/ia5/der_length_ia5_string.obj ltc/pk/asn1/der/integer/der_decode_integer.obj \ | |
85 | ltc/pk/asn1/der/integer/der_encode_integer.obj ltc/pk/asn1/der/integer/der_length_integer.obj \ | |
86 | ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.obj ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.obj \ | |
87 | ltc/pk/asn1/der/object_identifier/der_length_object_identifier.obj ltc/pk/asn1/der/octet/der_decode_octet_string.obj \ | |
88 | ltc/pk/asn1/der/octet/der_encode_octet_string.obj ltc/pk/asn1/der/octet/der_length_octet_string.obj \ | |
89 | ltc/pk/asn1/der/printable_string/der_decode_printable_string.obj ltc/pk/asn1/der/printable_string/der_encode_printable_string.obj \ | |
90 | ltc/pk/asn1/der/printable_string/der_length_printable_string.obj ltc/pk/asn1/der/sequence/der_decode_sequence_ex.obj \ | |
91 | ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.obj ltc/pk/asn1/der/sequence/der_decode_sequence_multi.obj \ | |
92 | ltc/pk/asn1/der/sequence/der_encode_sequence_ex.obj ltc/pk/asn1/der/sequence/der_encode_sequence_multi.obj \ | |
93 | ltc/pk/asn1/der/sequence/der_length_sequence.obj ltc/pk/asn1/der/sequence/der_sequence_free.obj \ | |
94 | ltc/pk/asn1/der/sequence/der_sequence_shrink.obj ltc/pk/asn1/der/set/der_encode_set.obj \ | |
95 | ltc/pk/asn1/der/set/der_encode_setof.obj ltc/pk/asn1/der/short_integer/der_decode_short_integer.obj \ | |
94 | 96 | ltc/pk/asn1/der/short_integer/der_encode_short_integer.obj ltc/pk/asn1/der/short_integer/der_length_short_integer.obj \ |
95 | 97 | ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.obj ltc/pk/asn1/der/teletex_string/der_length_teletex_string.obj \ |
96 | 98 | ltc/pk/asn1/der/utctime/der_decode_utctime.obj ltc/pk/asn1/der/utctime/der_encode_utctime.obj \ |
107 | 109 | ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \ |
108 | 110 | ltc/pk/ecc/ecc_ansi_x963_import.obj ltc/pk/ecc/ecc_decrypt_key.obj ltc/pk/ecc/ecc_encrypt_key.obj \ |
109 | 111 | ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_openssl.obj ltc/pk/ecc/ecc_free.obj \ |
110 | ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_set.obj ltc/pk/ecc/ecc_get_size.obj \ | |
112 | ltc/pk/ecc/ecc_get_curve.obj ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_size.obj \ | |
111 | 113 | ltc/pk/ecc/ecc_import.obj ltc/pk/ecc/ecc_import_openssl.obj ltc/pk/ecc/ecc_import_pkcs8.obj \ |
112 | 114 | ltc/pk/ecc/ecc_import_x509.obj ltc/pk/ecc/ecc_make_key.obj ltc/pk/ecc/ecc_set_dp.obj \ |
113 | 115 | ltc/pk/ecc/ecc_set_dp_internal.obj ltc/pk/ecc/ecc_set_key.obj ltc/pk/ecc/ecc_shared_secret.obj \ |
280 | 280 | @return CRYPT_OK if successful |
281 | 281 | */ |
282 | 282 | #ifdef LTC_CLEAN_STACK |
283 | static int _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
283 | static int _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
284 | 284 | #else |
285 | int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
286 | #endif | |
287 | { | |
288 | ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; | |
285 | int ECB_ENC(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
286 | #endif | |
287 | { | |
288 | ulong32 s0, s1, s2, s3, t0, t1, t2, t3; | |
289 | const ulong32 *rk; | |
289 | 290 | int Nr, r; |
290 | 291 | |
291 | 292 | LTC_ARGCHK(pt != NULL); |
441 | 442 | } |
442 | 443 | |
443 | 444 | #ifdef LTC_CLEAN_STACK |
444 | int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
445 | int ECB_ENC(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
445 | 446 | { |
446 | 447 | int err = _rijndael_ecb_encrypt(pt, ct, skey); |
447 | 448 | burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2); |
459 | 460 | @return CRYPT_OK if successful |
460 | 461 | */ |
461 | 462 | #ifdef LTC_CLEAN_STACK |
462 | static int _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
463 | static int _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
463 | 464 | #else |
464 | int ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
465 | #endif | |
466 | { | |
467 | ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; | |
465 | int ECB_DEC(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
466 | #endif | |
467 | { | |
468 | ulong32 s0, s1, s2, s3, t0, t1, t2, t3; | |
469 | const ulong32 *rk; | |
468 | 470 | int Nr, r; |
469 | 471 | |
470 | 472 | LTC_ARGCHK(pt != NULL); |
621 | 623 | |
622 | 624 | |
623 | 625 | #ifdef LTC_CLEAN_STACK |
624 | int ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
626 | int ECB_DEC(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
625 | 627 | { |
626 | 628 | int err = _rijndael_ecb_decrypt(ct, pt, skey); |
627 | 629 | burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2); |
93 | 93 | 0x7bb0b0cbUL, 0xa85454fcUL, 0x6dbbbbd6UL, 0x2c16163aUL, |
94 | 94 | }; |
95 | 95 | |
96 | #ifndef PELI_TAB | |
96 | #if !defined(PELI_TAB) && defined(LTC_SMALL_CODE) | |
97 | 97 | static const ulong32 Te4[256] = { |
98 | 98 | 0x63636363UL, 0x7c7c7c7cUL, 0x77777777UL, 0x7b7b7b7bUL, |
99 | 99 | 0xf2f2f2f2UL, 0x6b6b6b6bUL, 0x6f6f6f6fUL, 0xc5c5c5c5UL, |
1016 | 1016 | |
1017 | 1017 | #endif /* SMALL CODE */ |
1018 | 1018 | |
1019 | #ifndef PELI_TAB | |
1019 | 1020 | static const ulong32 rcon[] = { |
1020 | 1021 | 0x01000000UL, 0x02000000UL, 0x04000000UL, 0x08000000UL, |
1021 | 1022 | 0x10000000UL, 0x20000000UL, 0x40000000UL, 0x80000000UL, |
1022 | 1023 | 0x1B000000UL, 0x36000000UL, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ |
1023 | 1024 | }; |
1025 | #endif | |
1024 | 1026 | |
1025 | 1027 | #endif /* __LTC_AES_TAB_C__ */ |
1026 | 1028 |
1034 | 1034 | |
1035 | 1035 | |
1036 | 1036 | static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext, |
1037 | ulong32 roundKey[18 + 1][4], int R) { | |
1037 | const ulong32 roundKey[18 + 1][4], int R) { | |
1038 | 1038 | int i, pos, r; |
1039 | 1039 | ulong32 state[4]; |
1040 | 1040 | ulong32 inter[4]; |
1133 | 1133 | @param skey The key as scheduled |
1134 | 1134 | @return CRYPT_OK if successful |
1135 | 1135 | */ |
1136 | int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
1136 | int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
1137 | 1137 | { |
1138 | 1138 | LTC_ARGCHK(pt != NULL); |
1139 | 1139 | LTC_ARGCHK(ct != NULL); |
1149 | 1149 | @param skey The key as scheduled |
1150 | 1150 | @return CRYPT_OK if successful |
1151 | 1151 | */ |
1152 | int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
1152 | int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
1153 | 1153 | { |
1154 | 1154 | LTC_ARGCHK(pt != NULL); |
1155 | 1155 | LTC_ARGCHK(ct != NULL); |
385 | 385 | @return CRYPT_OK if successful |
386 | 386 | */ |
387 | 387 | #ifdef LTC_CLEAN_STACK |
388 | static int _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
388 | static int _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
389 | 389 | #else |
390 | int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
390 | int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
391 | 391 | #endif |
392 | 392 | { |
393 | 393 | ulong32 L, R; |
431 | 431 | } |
432 | 432 | |
433 | 433 | #ifdef LTC_CLEAN_STACK |
434 | int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
434 | int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
435 | 435 | { |
436 | 436 | int err = _blowfish_ecb_encrypt(pt, ct, skey); |
437 | 437 | burn_stack(sizeof(ulong32) * 2 + sizeof(int)); |
447 | 447 | @return CRYPT_OK if successful |
448 | 448 | */ |
449 | 449 | #ifdef LTC_CLEAN_STACK |
450 | static int _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
450 | static int _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
451 | 451 | #else |
452 | int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
452 | int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
453 | 453 | #endif |
454 | 454 | { |
455 | 455 | ulong32 L, R; |
492 | 492 | } |
493 | 493 | |
494 | 494 | #ifdef LTC_CLEAN_STACK |
495 | int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
495 | int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
496 | 496 | { |
497 | 497 | int err = _blowfish_ecb_decrypt(ct, pt, skey); |
498 | 498 | burn_stack(sizeof(ulong32) * 2 + sizeof(int)); |
192 | 192 | return ((ulong64)U) | (((ulong64)D) << CONST64(32)); |
193 | 193 | } |
194 | 194 | |
195 | static void rot_128(unsigned char *in, unsigned count, unsigned char *out) | |
195 | static void rot_128(const unsigned char *in, unsigned count, unsigned char *out) | |
196 | 196 | { |
197 | 197 | unsigned x, w, b; |
198 | 198 | |
435 | 435 | return CRYPT_OK; |
436 | 436 | } |
437 | 437 | |
438 | int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
438 | int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
439 | 439 | { |
440 | 440 | ulong64 L, R; |
441 | 441 | ulong32 a, b; |
529 | 529 | return CRYPT_OK; |
530 | 530 | } |
531 | 531 | |
532 | int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
532 | int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
533 | 533 | { |
534 | 534 | ulong64 L, R; |
535 | 535 | ulong32 a, b; |
533 | 533 | @param skey The key as scheduled |
534 | 534 | */ |
535 | 535 | #ifdef LTC_CLEAN_STACK |
536 | static int _cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
536 | static int _cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
537 | 537 | #else |
538 | int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
538 | int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
539 | 539 | #endif |
540 | 540 | { |
541 | 541 | ulong32 R, L; |
571 | 571 | |
572 | 572 | |
573 | 573 | #ifdef LTC_CLEAN_STACK |
574 | int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
574 | int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
575 | 575 | { |
576 | 576 | int err =_cast5_ecb_encrypt(pt,ct,skey); |
577 | 577 | burn_stack(sizeof(ulong32)*3); |
586 | 586 | @param skey The key as scheduled |
587 | 587 | */ |
588 | 588 | #ifdef LTC_CLEAN_STACK |
589 | static int _cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
589 | static int _cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
590 | 590 | #else |
591 | int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
591 | int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
592 | 592 | #endif |
593 | 593 | { |
594 | 594 | ulong32 R, L; |
624 | 624 | } |
625 | 625 | |
626 | 626 | #ifdef LTC_CLEAN_STACK |
627 | int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
627 | int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
628 | 628 | { |
629 | 629 | int err = _cast5_ecb_decrypt(ct,pt,skey); |
630 | 630 | burn_stack(sizeof(ulong32)*3); |
1591 | 1591 | @param skey The key as scheduled |
1592 | 1592 | @return CRYPT_OK if successful |
1593 | 1593 | */ |
1594 | int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
1594 | int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
1595 | 1595 | { |
1596 | 1596 | ulong32 work[2]; |
1597 | 1597 | LTC_ARGCHK(pt != NULL); |
1612 | 1612 | @param skey The key as scheduled |
1613 | 1613 | @return CRYPT_OK if successful |
1614 | 1614 | */ |
1615 | int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
1615 | int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
1616 | 1616 | { |
1617 | 1617 | ulong32 work[2]; |
1618 | 1618 | LTC_ARGCHK(pt != NULL); |
1633 | 1633 | @param skey The key as scheduled |
1634 | 1634 | @return CRYPT_OK if successful |
1635 | 1635 | */ |
1636 | int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
1636 | int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
1637 | 1637 | { |
1638 | 1638 | ulong32 work[2]; |
1639 | 1639 | |
1657 | 1657 | @param skey The key as scheduled |
1658 | 1658 | @return CRYPT_OK if successful |
1659 | 1659 | */ |
1660 | int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
1660 | int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
1661 | 1661 | { |
1662 | 1662 | ulong32 work[2]; |
1663 | 1663 | LTC_ARGCHK(pt != NULL); |
103 | 103 | return CRYPT_OK; |
104 | 104 | } |
105 | 105 | |
106 | static int _process_block(const unsigned char *in, unsigned char *out, ushort16 *m_key) | |
106 | static int _process_block(const unsigned char *in, unsigned char *out, const ushort16 *m_key) | |
107 | 107 | { |
108 | 108 | int i; |
109 | 109 | ushort16 x0, x1, x2, x3, t0, t1; |
154 | 154 | return _setup_key(key, skey); |
155 | 155 | } |
156 | 156 | |
157 | int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
157 | int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
158 | 158 | { |
159 | 159 | int err = _process_block(pt, ct, skey->idea.ek); |
160 | 160 | #ifdef LTC_CLEAN_STACK |
163 | 163 | return err; |
164 | 164 | } |
165 | 165 | |
166 | int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
166 | int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
167 | 167 | { |
168 | 168 | int err = _process_block(ct, pt, skey->idea.dk); |
169 | 169 | #ifdef LTC_CLEAN_STACK |
95 | 95 | return (u16)(seven<<9) + nine; |
96 | 96 | } |
97 | 97 | |
98 | static ulong32 FO( ulong32 in, int round_no, symmetric_key *key) | |
98 | static ulong32 FO( ulong32 in, int round_no, const symmetric_key *key) | |
99 | 99 | { |
100 | 100 | u16 left, right; |
101 | 101 | |
119 | 119 | return (((ulong32)right)<<16)+left; |
120 | 120 | } |
121 | 121 | |
122 | static ulong32 FL( ulong32 in, int round_no, symmetric_key *key ) | |
122 | static ulong32 FL( ulong32 in, int round_no, const symmetric_key *key ) | |
123 | 123 | { |
124 | 124 | u16 l, r, a, b; |
125 | 125 | /* split out the left and right halves */ |
135 | 135 | return (((ulong32)l)<<16) + r; |
136 | 136 | } |
137 | 137 | |
138 | int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
138 | int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
139 | 139 | { |
140 | 140 | ulong32 left, right, temp; |
141 | 141 | int n; |
162 | 162 | return CRYPT_OK; |
163 | 163 | } |
164 | 164 | |
165 | int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
165 | int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
166 | 166 | { |
167 | 167 | ulong32 left, right, temp; |
168 | 168 | int n; |
740 | 740 | @param skey The key as scheduled |
741 | 741 | @return CRYPT_OK if successful |
742 | 742 | */ |
743 | int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
743 | int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
744 | 744 | { |
745 | 745 | LTC_ARGCHK(pt != NULL); |
746 | 746 | LTC_ARGCHK(ct != NULL); |
756 | 756 | @param skey The key as scheduled |
757 | 757 | @return CRYPT_OK if successful |
758 | 758 | */ |
759 | int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
759 | int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
760 | 760 | { |
761 | 761 | LTC_ARGCHK(pt != NULL); |
762 | 762 | LTC_ARGCHK(ct != NULL); |
235 | 235 | return CRYPT_OK; |
236 | 236 | } |
237 | 237 | |
238 | static void rounds(ulong32 *P, ulong32 *K) | |
238 | static void rounds(ulong32 *P, const ulong32 *K) | |
239 | 239 | { |
240 | 240 | ulong32 T, T2; |
241 | 241 | int i; |
253 | 253 | @param skey The key as scheduled |
254 | 254 | @return CRYPT_OK if successful |
255 | 255 | */ |
256 | int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
256 | int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
257 | 257 | { |
258 | 258 | ulong32 P[4]; |
259 | 259 | LOAD32H(P[0], pt); |
275 | 275 | @param skey The key as scheduled |
276 | 276 | @return CRYPT_OK if successful |
277 | 277 | */ |
278 | int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
278 | int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
279 | 279 | { |
280 | 280 | ulong32 P[4]; |
281 | 281 | LOAD32H(P[0], ct); |
19 | 19 | p[1] ^= p[0]; |
20 | 20 | } |
21 | 21 | |
22 | static void pi2(ulong32 *p, ulong32 *k) | |
22 | static void pi2(ulong32 *p, const ulong32 *k) | |
23 | 23 | { |
24 | 24 | ulong32 t; |
25 | 25 | t = (p[1] + k[0]) & 0xFFFFFFFFUL; |
28 | 28 | p[0] ^= t; |
29 | 29 | } |
30 | 30 | |
31 | static void pi3(ulong32 *p, ulong32 *k) | |
31 | static void pi3(ulong32 *p, const ulong32 *k) | |
32 | 32 | { |
33 | 33 | ulong32 t; |
34 | 34 | t = p[0] + k[1]; |
40 | 40 | p[1] ^= t; |
41 | 41 | } |
42 | 42 | |
43 | static void pi4(ulong32 *p, ulong32 *k) | |
43 | static void pi4(ulong32 *p, const ulong32 *k) | |
44 | 44 | { |
45 | 45 | ulong32 t; |
46 | 46 | t = (p[1] + k[3]) & 0xFFFFFFFFUL; |
48 | 48 | p[0] ^= t; |
49 | 49 | } |
50 | 50 | |
51 | static void setup(ulong32 *dk, ulong32 *k, ulong32 *uk) | |
51 | static void setup(const ulong32 *dk, const ulong32 *k, ulong32 *uk) | |
52 | 52 | { |
53 | 53 | int n, t; |
54 | 54 | ulong32 p[2]; |
76 | 76 | uk[n++] = p[1]; |
77 | 77 | } |
78 | 78 | |
79 | static void encrypt(ulong32 *p, int N, ulong32 *uk) | |
79 | static void encrypt(ulong32 *p, int N, const ulong32 *uk) | |
80 | 80 | { |
81 | 81 | int n, t; |
82 | 82 | for (t = n = 0; ; ) { |
88 | 88 | } |
89 | 89 | } |
90 | 90 | |
91 | static void decrypt(ulong32 *p, int N, ulong32 *uk) | |
91 | static void decrypt(ulong32 *p, int N, const ulong32 *uk) | |
92 | 92 | { |
93 | 93 | int n, t; |
94 | 94 | for (t = 4*(((N-1)>>2)&1), n = N; ; ) { |
147 | 147 | @param skey The key as scheduled |
148 | 148 | @return CRYPT_OK if successful |
149 | 149 | */ |
150 | int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
150 | int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
151 | 151 | { |
152 | 152 | ulong32 p[2]; |
153 | 153 | LTC_ARGCHK(pt != NULL); |
168 | 168 | @param skey The key as scheduled |
169 | 169 | @return CRYPT_OK if successful |
170 | 170 | */ |
171 | int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
171 | int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
172 | 172 | { |
173 | 173 | ulong32 p[2]; |
174 | 174 | LTC_ARGCHK(pt != NULL); |
107 | 107 | @return CRYPT_OK if successful |
108 | 108 | */ |
109 | 109 | #ifdef LTC_CLEAN_STACK |
110 | static int _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
110 | static int _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
111 | 111 | #else |
112 | int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
112 | int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
113 | 113 | #endif |
114 | 114 | { |
115 | 115 | ulong32 a,b,c,d,temp; |
145 | 145 | } |
146 | 146 | |
147 | 147 | #ifdef LTC_CLEAN_STACK |
148 | int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
148 | int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
149 | 149 | { |
150 | 150 | int err = _noekeon_ecb_encrypt(pt, ct, skey); |
151 | 151 | burn_stack(sizeof(ulong32) * 5 + sizeof(int)); |
161 | 161 | @return CRYPT_OK if successful |
162 | 162 | */ |
163 | 163 | #ifdef LTC_CLEAN_STACK |
164 | static int _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
164 | static int _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
165 | 165 | #else |
166 | int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
166 | int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
167 | 167 | #endif |
168 | 168 | { |
169 | 169 | ulong32 a,b,c,d, temp; |
198 | 198 | } |
199 | 199 | |
200 | 200 | #ifdef LTC_CLEAN_STACK |
201 | int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
201 | int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
202 | 202 | { |
203 | 203 | int err = _noekeon_ecb_decrypt(ct, pt, skey); |
204 | 204 | burn_stack(sizeof(ulong32) * 5 + sizeof(int)); |
146 | 146 | #ifdef LTC_CLEAN_STACK |
147 | 147 | static int _rc2_ecb_encrypt( const unsigned char *pt, |
148 | 148 | unsigned char *ct, |
149 | symmetric_key *skey) | |
149 | const symmetric_key *skey) | |
150 | 150 | #else |
151 | 151 | int rc2_ecb_encrypt( const unsigned char *pt, |
152 | 152 | unsigned char *ct, |
153 | symmetric_key *skey) | |
154 | #endif | |
155 | { | |
156 | unsigned *xkey; | |
153 | const symmetric_key *skey) | |
154 | #endif | |
155 | { | |
156 | const unsigned *xkey; | |
157 | 157 | unsigned x76, x54, x32, x10, i; |
158 | 158 | |
159 | 159 | LTC_ARGCHK(pt != NULL); |
203 | 203 | #ifdef LTC_CLEAN_STACK |
204 | 204 | int rc2_ecb_encrypt( const unsigned char *pt, |
205 | 205 | unsigned char *ct, |
206 | symmetric_key *skey) | |
206 | const symmetric_key *skey) | |
207 | 207 | { |
208 | 208 | int err = _rc2_ecb_encrypt(pt, ct, skey); |
209 | 209 | burn_stack(sizeof(unsigned *) + sizeof(unsigned) * 5); |
224 | 224 | #ifdef LTC_CLEAN_STACK |
225 | 225 | static int _rc2_ecb_decrypt( const unsigned char *ct, |
226 | 226 | unsigned char *pt, |
227 | symmetric_key *skey) | |
227 | const symmetric_key *skey) | |
228 | 228 | #else |
229 | 229 | int rc2_ecb_decrypt( const unsigned char *ct, |
230 | 230 | unsigned char *pt, |
231 | symmetric_key *skey) | |
231 | const symmetric_key *skey) | |
232 | 232 | #endif |
233 | 233 | { |
234 | 234 | unsigned x76, x54, x32, x10; |
235 | unsigned *xkey; | |
235 | const unsigned *xkey; | |
236 | 236 | int i; |
237 | 237 | |
238 | 238 | LTC_ARGCHK(pt != NULL); |
282 | 282 | #ifdef LTC_CLEAN_STACK |
283 | 283 | int rc2_ecb_decrypt( const unsigned char *ct, |
284 | 284 | unsigned char *pt, |
285 | symmetric_key *skey) | |
285 | const symmetric_key *skey) | |
286 | 286 | { |
287 | 287 | int err = _rc2_ecb_decrypt(ct, pt, skey); |
288 | 288 | burn_stack(sizeof(unsigned *) + sizeof(unsigned) * 4 + sizeof(int)); |
123 | 123 | @return CRYPT_OK if successful |
124 | 124 | */ |
125 | 125 | #ifdef LTC_CLEAN_STACK |
126 | static int _rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
126 | static int _rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
127 | 127 | #else |
128 | int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
129 | #endif | |
130 | { | |
131 | ulong32 A, B, *K; | |
128 | int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
129 | #endif | |
130 | { | |
131 | ulong32 A, B; | |
132 | const ulong32 *K; | |
132 | 133 | int r; |
133 | 134 | LTC_ARGCHK(skey != NULL); |
134 | 135 | LTC_ARGCHK(pt != NULL); |
162 | 163 | } |
163 | 164 | |
164 | 165 | #ifdef LTC_CLEAN_STACK |
165 | int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
166 | int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
166 | 167 | { |
167 | 168 | int err = _rc5_ecb_encrypt(pt, ct, skey); |
168 | 169 | burn_stack(sizeof(ulong32) * 2 + sizeof(int)); |
178 | 179 | @return CRYPT_OK if successful |
179 | 180 | */ |
180 | 181 | #ifdef LTC_CLEAN_STACK |
181 | static int _rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
182 | static int _rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
182 | 183 | #else |
183 | int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
184 | #endif | |
185 | { | |
186 | ulong32 A, B, *K; | |
184 | int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
185 | #endif | |
186 | { | |
187 | ulong32 A, B; | |
188 | const ulong32 *K; | |
187 | 189 | int r; |
188 | 190 | LTC_ARGCHK(skey != NULL); |
189 | 191 | LTC_ARGCHK(pt != NULL); |
218 | 220 | } |
219 | 221 | |
220 | 222 | #ifdef LTC_CLEAN_STACK |
221 | int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
223 | int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
222 | 224 | { |
223 | 225 | int err = _rc5_ecb_decrypt(ct, pt, skey); |
224 | 226 | burn_stack(sizeof(ulong32) * 2 + sizeof(int)); |
117 | 117 | @param skey The key as scheduled |
118 | 118 | */ |
119 | 119 | #ifdef LTC_CLEAN_STACK |
120 | static int _rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
120 | static int _rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
121 | 121 | #else |
122 | int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
123 | #endif | |
124 | { | |
125 | ulong32 a,b,c,d,t,u, *K; | |
122 | int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
123 | #endif | |
124 | { | |
125 | ulong32 a,b,c,d,t,u; | |
126 | const ulong32 *K; | |
126 | 127 | int r; |
127 | 128 | |
128 | 129 | LTC_ARGCHK(skey != NULL); |
156 | 157 | } |
157 | 158 | |
158 | 159 | #ifdef LTC_CLEAN_STACK |
159 | int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
160 | int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
160 | 161 | { |
161 | 162 | int err = _rc6_ecb_encrypt(pt, ct, skey); |
162 | 163 | burn_stack(sizeof(ulong32) * 6 + sizeof(int)); |
171 | 172 | @param skey The key as scheduled |
172 | 173 | */ |
173 | 174 | #ifdef LTC_CLEAN_STACK |
174 | static int _rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
175 | static int _rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
175 | 176 | #else |
176 | int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
177 | #endif | |
178 | { | |
179 | ulong32 a,b,c,d,t,u, *K; | |
177 | int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
178 | #endif | |
179 | { | |
180 | ulong32 a,b,c,d,t,u; | |
181 | const ulong32 *K; | |
180 | 182 | int r; |
181 | 183 | |
182 | 184 | LTC_ARGCHK(skey != NULL); |
212 | 214 | } |
213 | 215 | |
214 | 216 | #ifdef LTC_CLEAN_STACK |
215 | int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
217 | int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
216 | 218 | { |
217 | 219 | int err = _rc6_ecb_decrypt(ct, pt, skey); |
218 | 220 | burn_stack(sizeof(ulong32) * 6 + sizeof(int)); |
246 | 246 | #ifdef LTC_CLEAN_STACK |
247 | 247 | static int _safer_ecb_encrypt(const unsigned char *block_in, |
248 | 248 | unsigned char *block_out, |
249 | symmetric_key *skey) | |
249 | const symmetric_key *skey) | |
250 | 250 | #else |
251 | 251 | int safer_ecb_encrypt(const unsigned char *block_in, |
252 | 252 | unsigned char *block_out, |
253 | symmetric_key *skey) | |
253 | const symmetric_key *skey) | |
254 | 254 | #endif |
255 | 255 | { unsigned char a, b, c, d, e, f, g, h, t; |
256 | 256 | unsigned int round; |
257 | unsigned char *key; | |
257 | const unsigned char *key; | |
258 | 258 | |
259 | 259 | LTC_ARGCHK(block_in != NULL); |
260 | 260 | LTC_ARGCHK(block_out != NULL); |
289 | 289 | #ifdef LTC_CLEAN_STACK |
290 | 290 | int safer_ecb_encrypt(const unsigned char *block_in, |
291 | 291 | unsigned char *block_out, |
292 | symmetric_key *skey) | |
292 | const symmetric_key *skey) | |
293 | 293 | { |
294 | 294 | int err = _safer_ecb_encrypt(block_in, block_out, skey); |
295 | 295 | burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *)); |
300 | 300 | #ifdef LTC_CLEAN_STACK |
301 | 301 | static int _safer_ecb_decrypt(const unsigned char *block_in, |
302 | 302 | unsigned char *block_out, |
303 | symmetric_key *skey) | |
303 | const symmetric_key *skey) | |
304 | 304 | #else |
305 | 305 | int safer_ecb_decrypt(const unsigned char *block_in, |
306 | 306 | unsigned char *block_out, |
307 | symmetric_key *skey) | |
307 | const symmetric_key *skey) | |
308 | 308 | #endif |
309 | 309 | { unsigned char a, b, c, d, e, f, g, h, t; |
310 | 310 | unsigned int round; |
311 | unsigned char *key; | |
311 | const unsigned char *key; | |
312 | 312 | |
313 | 313 | LTC_ARGCHK(block_in != NULL); |
314 | 314 | LTC_ARGCHK(block_out != NULL); |
344 | 344 | #ifdef LTC_CLEAN_STACK |
345 | 345 | int safer_ecb_decrypt(const unsigned char *block_in, |
346 | 346 | unsigned char *block_out, |
347 | symmetric_key *skey) | |
347 | const symmetric_key *skey) | |
348 | 348 | { |
349 | 349 | int err = _safer_ecb_decrypt(block_in, block_out, skey); |
350 | 350 | burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *)); |
142 | 142 | |
143 | 143 | #ifdef LTC_SMALL_CODE |
144 | 144 | |
145 | static void _round(unsigned char *b, int i, symmetric_key *skey) | |
145 | static void _round(unsigned char *b, int i, const symmetric_key *skey) | |
146 | 146 | { |
147 | 147 | ROUND(b, i); |
148 | 148 | } |
149 | 149 | |
150 | static void _iround(unsigned char *b, int i, symmetric_key *skey) | |
150 | static void _iround(unsigned char *b, int i, const symmetric_key *skey) | |
151 | 151 | { |
152 | 152 | iROUND(b, i); |
153 | 153 | } |
337 | 337 | @param skey The key as scheduled |
338 | 338 | @return CRYPT_OK if successful |
339 | 339 | */ |
340 | int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
340 | int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
341 | 341 | { |
342 | 342 | unsigned char b[16]; |
343 | 343 | int x; |
401 | 401 | @param skey The key as scheduled |
402 | 402 | @return CRYPT_OK if successful |
403 | 403 | */ |
404 | int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
404 | int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
405 | 405 | { |
406 | 406 | unsigned char b[16]; |
407 | 407 | int x; |
487 | 487 | return CRYPT_OK; |
488 | 488 | } |
489 | 489 | |
490 | static int _enc_block(const unsigned char *in, unsigned char *out, ulong32 *k) | |
490 | static int _enc_block(const unsigned char *in, unsigned char *out, const ulong32 *k) | |
491 | 491 | { |
492 | 492 | ulong32 a, b, c, d, e; |
493 | 493 | unsigned int i = 1; |
529 | 529 | return CRYPT_OK; |
530 | 530 | } |
531 | 531 | |
532 | static int _dec_block(const unsigned char *in, unsigned char *out, ulong32 *k) | |
532 | static int _dec_block(const unsigned char *in, unsigned char *out, const ulong32 *k) | |
533 | 533 | { |
534 | 534 | ulong32 a, b, c, d, e; |
535 | 535 | unsigned int i; |
587 | 587 | return err; |
588 | 588 | } |
589 | 589 | |
590 | int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
590 | int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
591 | 591 | { |
592 | 592 | int err = _enc_block(pt, ct, skey->serpent.k); |
593 | 593 | #ifdef LTC_CLEAN_STACK |
596 | 596 | return err; |
597 | 597 | } |
598 | 598 | |
599 | int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
599 | int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
600 | 600 | { |
601 | 601 | int err = _dec_block(ct, pt, skey->serpent.k); |
602 | 602 | #ifdef LTC_CLEAN_STACK |
106 | 106 | w2 = tmp ^ w3 ^ x; \ |
107 | 107 | w3 = w4; w4 = w1; w1 = tmp; |
108 | 108 | |
109 | static unsigned g_func(unsigned w, int *kp, unsigned char *key) | |
109 | static unsigned g_func(unsigned w, int *kp, const unsigned char *key) | |
110 | 110 | { |
111 | 111 | unsigned char g1,g2; |
112 | 112 | |
118 | 118 | return ((unsigned)g1<<8)|(unsigned)g2; |
119 | 119 | } |
120 | 120 | |
121 | static unsigned ig_func(unsigned w, int *kp, unsigned char *key) | |
121 | static unsigned ig_func(unsigned w, int *kp, const unsigned char *key) | |
122 | 122 | { |
123 | 123 | unsigned char g1,g2; |
124 | 124 | |
138 | 138 | @return CRYPT_OK if successful |
139 | 139 | */ |
140 | 140 | #ifdef LTC_CLEAN_STACK |
141 | static int _skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
141 | static int _skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
142 | 142 | #else |
143 | int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
143 | int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
144 | 144 | #endif |
145 | 145 | { |
146 | 146 | unsigned w1,w2,w3,w4,tmp,tmp1; |
186 | 186 | } |
187 | 187 | |
188 | 188 | #ifdef LTC_CLEAN_STACK |
189 | int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
189 | int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
190 | 190 | { |
191 | 191 | int err = _skipjack_ecb_encrypt(pt, ct, skey); |
192 | 192 | burn_stack(sizeof(unsigned) * 8 + sizeof(int) * 2); |
202 | 202 | @return CRYPT_OK if successful |
203 | 203 | */ |
204 | 204 | #ifdef LTC_CLEAN_STACK |
205 | static int _skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
205 | static int _skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
206 | 206 | #else |
207 | int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
207 | int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
208 | 208 | #endif |
209 | 209 | { |
210 | 210 | unsigned w1,w2,w3,w4,tmp; |
254 | 254 | } |
255 | 255 | |
256 | 256 | #ifdef LTC_CLEAN_STACK |
257 | int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
257 | int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
258 | 258 | { |
259 | 259 | int err = _skipjack_ecb_decrypt(ct, pt, skey); |
260 | 260 | burn_stack(sizeof(unsigned) * 7 + sizeof(int) * 2); |
236 | 236 | #endif |
237 | 237 | |
238 | 238 | /* computes h(x) */ |
239 | static void h_func(const unsigned char *in, unsigned char *out, unsigned char *M, int k, int offset) | |
239 | static void h_func(const unsigned char *in, unsigned char *out, const unsigned char *M, int k, int offset) | |
240 | 240 | { |
241 | 241 | int x; |
242 | 242 | unsigned char y[4]; |
283 | 283 | #else |
284 | 284 | |
285 | 285 | #ifdef LTC_CLEAN_STACK |
286 | static ulong32 _g_func(ulong32 x, symmetric_key *key) | |
287 | #else | |
288 | static ulong32 g_func(ulong32 x, symmetric_key *key) | |
286 | static ulong32 _g_func(ulong32 x, const symmetric_key *key) | |
287 | #else | |
288 | static ulong32 g_func(ulong32 x, const symmetric_key *key) | |
289 | 289 | #endif |
290 | 290 | { |
291 | 291 | unsigned char g, i, y, z; |
316 | 316 | #define g1_func(x, key) g_func(ROLc(x, 8), key) |
317 | 317 | |
318 | 318 | #ifdef LTC_CLEAN_STACK |
319 | static ulong32 g_func(ulong32 x, symmetric_key *key) | |
319 | static ulong32 g_func(ulong32 x, const symmetric_key *key) | |
320 | 320 | { |
321 | 321 | ulong32 y; |
322 | 322 | y = _g_func(x, key); |
463 | 463 | @return CRYPT_OK if successful |
464 | 464 | */ |
465 | 465 | #ifdef LTC_CLEAN_STACK |
466 | static int _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
467 | #else | |
468 | int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
469 | #endif | |
470 | { | |
471 | ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k; | |
466 | static int _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
467 | #else | |
468 | int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
469 | #endif | |
470 | { | |
471 | ulong32 a,b,c,d,ta,tb,tc,td,t1,t2; | |
472 | const ulong32 *k; | |
472 | 473 | int r; |
473 | 474 | #if !defined(LTC_TWOFISH_SMALL) && !defined(__GNUC__) |
474 | 475 | ulong32 *S1, *S2, *S3, *S4; |
520 | 521 | } |
521 | 522 | |
522 | 523 | #ifdef LTC_CLEAN_STACK |
523 | int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
524 | int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
524 | 525 | { |
525 | 526 | int err = _twofish_ecb_encrypt(pt, ct, skey); |
526 | 527 | burn_stack(sizeof(ulong32) * 10 + sizeof(int)); |
536 | 537 | @return CRYPT_OK if successful |
537 | 538 | */ |
538 | 539 | #ifdef LTC_CLEAN_STACK |
539 | static int _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
540 | #else | |
541 | int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
542 | #endif | |
543 | { | |
544 | ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k; | |
540 | static int _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
541 | #else | |
542 | int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
543 | #endif | |
544 | { | |
545 | ulong32 a,b,c,d,ta,tb,tc,td,t1,t2; | |
546 | const ulong32 *k; | |
545 | 547 | int r; |
546 | 548 | #if !defined(LTC_TWOFISH_SMALL) && !defined(__GNUC__) |
547 | 549 | ulong32 *S1, *S2, *S3, *S4; |
595 | 597 | } |
596 | 598 | |
597 | 599 | #ifdef LTC_CLEAN_STACK |
598 | int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
600 | int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
599 | 601 | { |
600 | 602 | int err =_twofish_ecb_decrypt(ct, pt, skey); |
601 | 603 | burn_stack(sizeof(ulong32) * 10 + sizeof(int)); |
70 | 70 | @param skey The key as scheduled |
71 | 71 | @return CRYPT_OK if successful |
72 | 72 | */ |
73 | int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | |
73 | int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
74 | 74 | { |
75 | 75 | ulong32 y, z; |
76 | 76 | int r; |
106 | 106 | @param skey The key as scheduled |
107 | 107 | @return CRYPT_OK if successful |
108 | 108 | */ |
109 | int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | |
109 | int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
110 | 110 | { |
111 | 111 | ulong32 y, z; |
112 | 112 | int r; |
37 | 37 | const unsigned char *header, unsigned long headerlen, |
38 | 38 | const unsigned char *ct, unsigned long ctlen, |
39 | 39 | unsigned char *pt, |
40 | unsigned char *tag, unsigned long taglen, | |
40 | const unsigned char *tag, unsigned long taglen, | |
41 | 41 | int *stat) |
42 | 42 | { |
43 | 43 | int err; |
18 | 18 | @param gcm The GCM state which holds the H value |
19 | 19 | @param I The value to multiply H by |
20 | 20 | */ |
21 | void gcm_mult_h(gcm_state *gcm, unsigned char *I) | |
21 | void gcm_mult_h(const gcm_state *gcm, unsigned char *I) | |
22 | 22 | { |
23 | 23 | unsigned char T[16]; |
24 | 24 | #ifdef LTC_GCM_TABLES |
126 | 126 | T0 <= encrypt T0 |
127 | 127 | state <= state xor T0 xor T1 |
128 | 128 | */ |
129 | static int chc_compress(hash_state *md, unsigned char *buf) | |
129 | static int chc_compress(hash_state *md, const unsigned char *buf) | |
130 | 130 | { |
131 | 131 | unsigned char T[2][MAXBLOCKSIZE]; |
132 | 132 | symmetric_key *key; |
70 | 70 | } |
71 | 71 | |
72 | 72 | #ifdef LTC_CLEAN_STACK |
73 | static int _md4_compress(hash_state *md, unsigned char *buf) | |
73 | static int _md4_compress(hash_state *md, const unsigned char *buf) | |
74 | 74 | #else |
75 | static int md4_compress(hash_state *md, unsigned char *buf) | |
75 | static int md4_compress(hash_state *md, const unsigned char *buf) | |
76 | 76 | #endif |
77 | 77 | { |
78 | 78 | ulong32 x[16], a, b, c, d; |
154 | 154 | } |
155 | 155 | |
156 | 156 | #ifdef LTC_CLEAN_STACK |
157 | static int md4_compress(hash_state *md, unsigned char *buf) | |
157 | static int md4_compress(hash_state *md, const unsigned char *buf) | |
158 | 158 | { |
159 | 159 | int err; |
160 | 160 | err = _md4_compress(md, buf); |
95 | 95 | #endif |
96 | 96 | |
97 | 97 | #ifdef LTC_CLEAN_STACK |
98 | static int _md5_compress(hash_state *md, unsigned char *buf) | |
98 | static int _md5_compress(hash_state *md, const unsigned char *buf) | |
99 | 99 | #else |
100 | static int md5_compress(hash_state *md, unsigned char *buf) | |
100 | static int md5_compress(hash_state *md, const unsigned char *buf) | |
101 | 101 | #endif |
102 | 102 | { |
103 | 103 | ulong32 i, W[16], a, b, c, d; |
213 | 213 | } |
214 | 214 | |
215 | 215 | #ifdef LTC_CLEAN_STACK |
216 | static int md5_compress(hash_state *md, unsigned char *buf) | |
216 | static int md5_compress(hash_state *md, const unsigned char *buf) | |
217 | 217 | { |
218 | 218 | int err; |
219 | 219 | err = _md5_compress(md, buf); |
78 | 78 | (a) = ROLc((a), (s)); |
79 | 79 | |
80 | 80 | #ifdef LTC_CLEAN_STACK |
81 | static int _rmd128_compress(hash_state *md, unsigned char *buf) | |
81 | static int _rmd128_compress(hash_state *md, const unsigned char *buf) | |
82 | 82 | #else |
83 | static int rmd128_compress(hash_state *md, unsigned char *buf) | |
83 | static int rmd128_compress(hash_state *md, const unsigned char *buf) | |
84 | 84 | #endif |
85 | 85 | { |
86 | 86 | ulong32 aa,bb,cc,dd,aaa,bbb,ccc,ddd,X[16]; |
252 | 252 | } |
253 | 253 | |
254 | 254 | #ifdef LTC_CLEAN_STACK |
255 | static int rmd128_compress(hash_state *md, unsigned char *buf) | |
255 | static int rmd128_compress(hash_state *md, const unsigned char *buf) | |
256 | 256 | { |
257 | 257 | int err; |
258 | 258 | err = _rmd128_compress(md, buf); |
98 | 98 | |
99 | 99 | |
100 | 100 | #ifdef LTC_CLEAN_STACK |
101 | static int _rmd160_compress(hash_state *md, unsigned char *buf) | |
101 | static int _rmd160_compress(hash_state *md, const unsigned char *buf) | |
102 | 102 | #else |
103 | static int rmd160_compress(hash_state *md, unsigned char *buf) | |
103 | static int rmd160_compress(hash_state *md, const unsigned char *buf) | |
104 | 104 | #endif |
105 | 105 | { |
106 | 106 | ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,X[16]; |
310 | 310 | } |
311 | 311 | |
312 | 312 | #ifdef LTC_CLEAN_STACK |
313 | static int rmd160_compress(hash_state *md, unsigned char *buf) | |
313 | static int rmd160_compress(hash_state *md, const unsigned char *buf) | |
314 | 314 | { |
315 | 315 | int err; |
316 | 316 | err = _rmd160_compress(md, buf); |
72 | 72 | (a) = ROLc((a), (s)); |
73 | 73 | |
74 | 74 | #ifdef LTC_CLEAN_STACK |
75 | static int _rmd256_compress(hash_state *md, unsigned char *buf) | |
75 | static int _rmd256_compress(hash_state *md, const unsigned char *buf) | |
76 | 76 | #else |
77 | static int rmd256_compress(hash_state *md, unsigned char *buf) | |
77 | static int rmd256_compress(hash_state *md, const unsigned char *buf) | |
78 | 78 | #endif |
79 | 79 | { |
80 | 80 | ulong32 aa,bb,cc,dd,aaa,bbb,ccc,ddd,tmp,X[16]; |
261 | 261 | } |
262 | 262 | |
263 | 263 | #ifdef LTC_CLEAN_STACK |
264 | static int rmd256_compress(hash_state *md, unsigned char *buf) | |
264 | static int rmd256_compress(hash_state *md, const unsigned char *buf) | |
265 | 265 | { |
266 | 266 | int err; |
267 | 267 | err = _rmd256_compress(md, buf); |
93 | 93 | |
94 | 94 | |
95 | 95 | #ifdef LTC_CLEAN_STACK |
96 | static int _rmd320_compress(hash_state *md, unsigned char *buf) | |
96 | static int _rmd320_compress(hash_state *md, const unsigned char *buf) | |
97 | 97 | #else |
98 | static int rmd320_compress(hash_state *md, unsigned char *buf) | |
98 | static int rmd320_compress(hash_state *md, const unsigned char *buf) | |
99 | 99 | #endif |
100 | 100 | { |
101 | 101 | ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,tmp,X[16]; |
324 | 324 | } |
325 | 325 | |
326 | 326 | #ifdef LTC_CLEAN_STACK |
327 | static int rmd320_compress(hash_state *md, unsigned char *buf) | |
327 | static int rmd320_compress(hash_state *md, const unsigned char *buf) | |
328 | 328 | { |
329 | 329 | int err; |
330 | 330 | err = _rmd320_compress(md, buf); |
39 | 39 | #define F3(x,y,z) (x ^ y ^ z) |
40 | 40 | |
41 | 41 | #ifdef LTC_CLEAN_STACK |
42 | static int _sha1_compress(hash_state *md, unsigned char *buf) | |
42 | static int _sha1_compress(hash_state *md, const unsigned char *buf) | |
43 | 43 | #else |
44 | static int sha1_compress(hash_state *md, unsigned char *buf) | |
44 | static int sha1_compress(hash_state *md, const unsigned char *buf) | |
45 | 45 | #endif |
46 | 46 | { |
47 | 47 | ulong32 a,b,c,d,e,W[80],i; |
145 | 145 | } |
146 | 146 | |
147 | 147 | #ifdef LTC_CLEAN_STACK |
148 | static int sha1_compress(hash_state *md, unsigned char *buf) | |
148 | static int sha1_compress(hash_state *md, const unsigned char *buf) | |
149 | 149 | { |
150 | 150 | int err; |
151 | 151 | err = _sha1_compress(md, buf); |
63 | 63 | |
64 | 64 | /* compress 512-bits */ |
65 | 65 | #ifdef LTC_CLEAN_STACK |
66 | static int _sha256_compress(hash_state * md, unsigned char *buf) | |
66 | static int _sha256_compress(hash_state * md, const unsigned char *buf) | |
67 | 67 | #else |
68 | static int sha256_compress(hash_state * md, unsigned char *buf) | |
68 | static int sha256_compress(hash_state * md, const unsigned char *buf) | |
69 | 69 | #endif |
70 | 70 | { |
71 | 71 | ulong32 S[8], W[64], t0, t1; |
186 | 186 | } |
187 | 187 | |
188 | 188 | #ifdef LTC_CLEAN_STACK |
189 | static int sha256_compress(hash_state * md, unsigned char *buf) | |
189 | static int sha256_compress(hash_state * md, const unsigned char *buf) | |
190 | 190 | { |
191 | 191 | int err; |
192 | 192 | err = _sha256_compress(md, buf); |
88 | 88 | |
89 | 89 | /* compress 1024-bits */ |
90 | 90 | #ifdef LTC_CLEAN_STACK |
91 | static int _sha512_compress(hash_state * md, unsigned char *buf) | |
91 | static int _sha512_compress(hash_state * md, const unsigned char *buf) | |
92 | 92 | #else |
93 | static int sha512_compress(hash_state * md, unsigned char *buf) | |
93 | static int sha512_compress(hash_state * md, const unsigned char *buf) | |
94 | 94 | #endif |
95 | 95 | { |
96 | 96 | ulong64 S[8], W[80], t0, t1; |
155 | 155 | |
156 | 156 | /* compress 1024-bits */ |
157 | 157 | #ifdef LTC_CLEAN_STACK |
158 | static int sha512_compress(hash_state * md, unsigned char *buf) | |
158 | static int sha512_compress(hash_state * md, const unsigned char *buf) | |
159 | 159 | { |
160 | 160 | int err; |
161 | 161 | err = _sha512_compress(md, buf); |
363 | 363 | return CRYPT_OK; |
364 | 364 | } |
365 | 365 | |
366 | int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen) | |
366 | int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, const unsigned long *outlen) | |
367 | 367 | { |
368 | 368 | hash_state md; |
369 | 369 | int err; |
573 | 573 | } |
574 | 574 | |
575 | 575 | /* one complete pass */ |
576 | static void pass(ulong64 *a, ulong64 *b, ulong64 *c, ulong64 *x, int mul) | |
576 | static void pass(ulong64 *a, ulong64 *b, ulong64 *c, const ulong64 *x, int mul) | |
577 | 577 | { |
578 | 578 | tiger_round(a,b,c,x[0],mul); |
579 | 579 | tiger_round(b,c,a,x[1],mul); |
607 | 607 | } |
608 | 608 | |
609 | 609 | #ifdef LTC_CLEAN_STACK |
610 | static int _tiger_compress(hash_state *md, unsigned char *buf) | |
610 | static int _tiger_compress(hash_state *md, const unsigned char *buf) | |
611 | 611 | #else |
612 | static int tiger_compress(hash_state *md, unsigned char *buf) | |
612 | static int tiger_compress(hash_state *md, const unsigned char *buf) | |
613 | 613 | #endif |
614 | 614 | { |
615 | 615 | ulong64 a, b, c, x[8]; |
638 | 638 | } |
639 | 639 | |
640 | 640 | #ifdef LTC_CLEAN_STACK |
641 | static int tiger_compress(hash_state *md, unsigned char *buf) | |
641 | static int tiger_compress(hash_state *md, const unsigned char *buf) | |
642 | 642 | { |
643 | 643 | int err; |
644 | 644 | err = _tiger_compress(md, buf); |
52 | 52 | SB7(GB(a, i-7, 0))) |
53 | 53 | |
54 | 54 | #ifdef LTC_CLEAN_STACK |
55 | static int _whirlpool_compress(hash_state *md, unsigned char *buf) | |
55 | static int _whirlpool_compress(hash_state *md, const unsigned char *buf) | |
56 | 56 | #else |
57 | static int whirlpool_compress(hash_state *md, unsigned char *buf) | |
57 | static int whirlpool_compress(hash_state *md, const unsigned char *buf) | |
58 | 58 | #endif |
59 | 59 | { |
60 | 60 | ulong64 K[2][8], T[3][8]; |
108 | 108 | |
109 | 109 | |
110 | 110 | #ifdef LTC_CLEAN_STACK |
111 | static int whirlpool_compress(hash_state *md, unsigned char *buf) | |
111 | static int whirlpool_compress(hash_state *md, const unsigned char *buf) | |
112 | 112 | { |
113 | 113 | int err; |
114 | 114 | err = _whirlpool_compress(md, buf); |
396 | 396 | @param skey The scheduled key |
397 | 397 | @return CRYPT_OK if successful |
398 | 398 | */ |
399 | int (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
399 | int (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
400 | 400 | /** Decrypt a block |
401 | 401 | @param ct The ciphertext |
402 | 402 | @param pt [out] The plaintext |
403 | 403 | @param skey The scheduled key |
404 | 404 | @return CRYPT_OK if successful |
405 | 405 | */ |
406 | int (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
406 | int (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
407 | 407 | /** Test the block cipher |
408 | 408 | @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled |
409 | 409 | */ |
597 | 597 | @return CRYPT_OK if successful |
598 | 598 | */ |
599 | 599 | int (*accel_xts_encrypt)(const unsigned char *pt, unsigned char *ct, |
600 | unsigned long blocks, unsigned char *tweak, symmetric_key *skey1, | |
601 | symmetric_key *skey2); | |
600 | unsigned long blocks, unsigned char *tweak, | |
601 | const symmetric_key *skey1, const symmetric_key *skey2); | |
602 | 602 | |
603 | 603 | /** Accelerated XTS decryption |
604 | 604 | @param ct Ciphertext |
612 | 612 | @return CRYPT_OK if successful |
613 | 613 | */ |
614 | 614 | int (*accel_xts_decrypt)(const unsigned char *ct, unsigned char *pt, |
615 | unsigned long blocks, unsigned char *tweak, symmetric_key *skey1, | |
616 | symmetric_key *skey2); | |
615 | unsigned long blocks, unsigned char *tweak, | |
616 | const symmetric_key *skey1, const symmetric_key *skey2); | |
617 | 617 | } cipher_descriptor[]; |
618 | 618 | |
619 | 619 | #ifdef LTC_BLOWFISH |
620 | 620 | int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
621 | int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
622 | int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
621 | int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
622 | int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
623 | 623 | int blowfish_test(void); |
624 | 624 | void blowfish_done(symmetric_key *skey); |
625 | 625 | int blowfish_keysize(int *keysize); |
628 | 628 | |
629 | 629 | #ifdef LTC_RC5 |
630 | 630 | int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
631 | int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
632 | int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
631 | int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
632 | int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
633 | 633 | int rc5_test(void); |
634 | 634 | void rc5_done(symmetric_key *skey); |
635 | 635 | int rc5_keysize(int *keysize); |
638 | 638 | |
639 | 639 | #ifdef LTC_RC6 |
640 | 640 | int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
641 | int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
642 | int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
641 | int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
642 | int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
643 | 643 | int rc6_test(void); |
644 | 644 | void rc6_done(symmetric_key *skey); |
645 | 645 | int rc6_keysize(int *keysize); |
649 | 649 | #ifdef LTC_RC2 |
650 | 650 | int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
651 | 651 | int rc2_setup_ex(const unsigned char *key, int keylen, int bits, int num_rounds, symmetric_key *skey); |
652 | int rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
653 | int rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
652 | int rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
653 | int rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
654 | 654 | int rc2_test(void); |
655 | 655 | void rc2_done(symmetric_key *skey); |
656 | 656 | int rc2_keysize(int *keysize); |
659 | 659 | |
660 | 660 | #ifdef LTC_SAFERP |
661 | 661 | int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
662 | int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
663 | int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
662 | int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
663 | int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
664 | 664 | int saferp_test(void); |
665 | 665 | void saferp_done(symmetric_key *skey); |
666 | 666 | int saferp_keysize(int *keysize); |
672 | 672 | int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
673 | 673 | int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
674 | 674 | int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
675 | int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key); | |
676 | int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key); | |
675 | int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *key); | |
676 | int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *key); | |
677 | 677 | int safer_k64_test(void); |
678 | 678 | int safer_sk64_test(void); |
679 | 679 | int safer_sk128_test(void); |
698 | 698 | #define aes_enc_keysize rijndael_enc_keysize |
699 | 699 | |
700 | 700 | int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
701 | int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
702 | int rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
701 | int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
702 | int rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
703 | 703 | int rijndael_test(void); |
704 | 704 | void rijndael_done(symmetric_key *skey); |
705 | 705 | int rijndael_keysize(int *keysize); |
706 | 706 | int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
707 | int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
707 | int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
708 | 708 | void rijndael_enc_done(symmetric_key *skey); |
709 | 709 | int rijndael_enc_keysize(int *keysize); |
710 | 710 | extern const struct ltc_cipher_descriptor rijndael_desc, aes_desc; |
713 | 713 | |
714 | 714 | #ifdef LTC_XTEA |
715 | 715 | int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
716 | int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
717 | int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
716 | int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
717 | int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
718 | 718 | int xtea_test(void); |
719 | 719 | void xtea_done(symmetric_key *skey); |
720 | 720 | int xtea_keysize(int *keysize); |
723 | 723 | |
724 | 724 | #ifdef LTC_TWOFISH |
725 | 725 | int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
726 | int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
727 | int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
726 | int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
727 | int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
728 | 728 | int twofish_test(void); |
729 | 729 | void twofish_done(symmetric_key *skey); |
730 | 730 | int twofish_keysize(int *keysize); |
733 | 733 | |
734 | 734 | #ifdef LTC_DES |
735 | 735 | int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
736 | int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
737 | int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
736 | int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
737 | int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
738 | 738 | int des_test(void); |
739 | 739 | void des_done(symmetric_key *skey); |
740 | 740 | int des_keysize(int *keysize); |
741 | 741 | int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
742 | int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
743 | int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
742 | int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
743 | int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
744 | 744 | int des3_test(void); |
745 | 745 | void des3_done(symmetric_key *skey); |
746 | 746 | int des3_keysize(int *keysize); |
749 | 749 | |
750 | 750 | #ifdef LTC_CAST5 |
751 | 751 | int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
752 | int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
753 | int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
752 | int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
753 | int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
754 | 754 | int cast5_test(void); |
755 | 755 | void cast5_done(symmetric_key *skey); |
756 | 756 | int cast5_keysize(int *keysize); |
759 | 759 | |
760 | 760 | #ifdef LTC_NOEKEON |
761 | 761 | int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
762 | int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
763 | int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
762 | int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
763 | int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
764 | 764 | int noekeon_test(void); |
765 | 765 | void noekeon_done(symmetric_key *skey); |
766 | 766 | int noekeon_keysize(int *keysize); |
769 | 769 | |
770 | 770 | #ifdef LTC_SKIPJACK |
771 | 771 | int skipjack_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
772 | int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
773 | int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
772 | int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
773 | int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
774 | 774 | int skipjack_test(void); |
775 | 775 | void skipjack_done(symmetric_key *skey); |
776 | 776 | int skipjack_keysize(int *keysize); |
779 | 779 | |
780 | 780 | #ifdef LTC_KHAZAD |
781 | 781 | int khazad_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
782 | int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
783 | int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
782 | int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
783 | int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
784 | 784 | int khazad_test(void); |
785 | 785 | void khazad_done(symmetric_key *skey); |
786 | 786 | int khazad_keysize(int *keysize); |
789 | 789 | |
790 | 790 | #ifdef LTC_ANUBIS |
791 | 791 | int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
792 | int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
793 | int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
792 | int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
793 | int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
794 | 794 | int anubis_test(void); |
795 | 795 | void anubis_done(symmetric_key *skey); |
796 | 796 | int anubis_keysize(int *keysize); |
799 | 799 | |
800 | 800 | #ifdef LTC_KSEED |
801 | 801 | int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
802 | int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
803 | int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
802 | int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
803 | int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
804 | 804 | int kseed_test(void); |
805 | 805 | void kseed_done(symmetric_key *skey); |
806 | 806 | int kseed_keysize(int *keysize); |
809 | 809 | |
810 | 810 | #ifdef LTC_KASUMI |
811 | 811 | int kasumi_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
812 | int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
813 | int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
812 | int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
813 | int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
814 | 814 | int kasumi_test(void); |
815 | 815 | void kasumi_done(symmetric_key *skey); |
816 | 816 | int kasumi_keysize(int *keysize); |
820 | 820 | |
821 | 821 | #ifdef LTC_MULTI2 |
822 | 822 | int multi2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
823 | int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
824 | int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
823 | int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
824 | int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
825 | 825 | int multi2_test(void); |
826 | 826 | void multi2_done(symmetric_key *skey); |
827 | 827 | int multi2_keysize(int *keysize); |
830 | 830 | |
831 | 831 | #ifdef LTC_CAMELLIA |
832 | 832 | int camellia_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
833 | int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
834 | int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
833 | int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
834 | int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
835 | 835 | int camellia_test(void); |
836 | 836 | void camellia_done(symmetric_key *skey); |
837 | 837 | int camellia_keysize(int *keysize); |
840 | 840 | |
841 | 841 | #ifdef LTC_IDEA |
842 | 842 | int idea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
843 | int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
844 | int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
843 | int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
844 | int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
845 | 845 | int idea_test(void); |
846 | 846 | void idea_done(symmetric_key *skey); |
847 | 847 | int idea_keysize(int *keysize); |
850 | 850 | |
851 | 851 | #ifdef LTC_SERPENT |
852 | 852 | int serpent_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); |
853 | int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | |
854 | int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | |
853 | int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
854 | int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
855 | 855 | int serpent_test(void); |
856 | 856 | void serpent_done(symmetric_key *skey); |
857 | 857 | int serpent_keysize(int *keysize); |
871 | 871 | int keylen, int num_rounds, symmetric_CFB *cfb); |
872 | 872 | int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb); |
873 | 873 | int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CFB *cfb); |
874 | int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb); | |
874 | int cfb_getiv(unsigned char *IV, unsigned long *len, const symmetric_CFB *cfb); | |
875 | 875 | int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb); |
876 | 876 | int cfb_done(symmetric_CFB *cfb); |
877 | 877 | #endif |
881 | 881 | int keylen, int num_rounds, symmetric_OFB *ofb); |
882 | 882 | int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb); |
883 | 883 | int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_OFB *ofb); |
884 | int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb); | |
884 | int ofb_getiv(unsigned char *IV, unsigned long *len, const symmetric_OFB *ofb); | |
885 | 885 | int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb); |
886 | 886 | int ofb_done(symmetric_OFB *ofb); |
887 | 887 | #endif |
891 | 891 | int keylen, int num_rounds, symmetric_CBC *cbc); |
892 | 892 | int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CBC *cbc); |
893 | 893 | int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CBC *cbc); |
894 | int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc); | |
894 | int cbc_getiv(unsigned char *IV, unsigned long *len, const symmetric_CBC *cbc); | |
895 | 895 | int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc); |
896 | 896 | int cbc_done(symmetric_CBC *cbc); |
897 | 897 | #endif |
909 | 909 | symmetric_CTR *ctr); |
910 | 910 | int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr); |
911 | 911 | int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CTR *ctr); |
912 | int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr); | |
912 | int ctr_getiv(unsigned char *IV, unsigned long *len, const symmetric_CTR *ctr); | |
913 | 913 | int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr); |
914 | 914 | int ctr_done(symmetric_CTR *ctr); |
915 | 915 | int ctr_test(void); |
928 | 928 | symmetric_LRW *lrw); |
929 | 929 | int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw); |
930 | 930 | int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw); |
931 | int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw); | |
931 | int lrw_getiv(unsigned char *IV, unsigned long *len, const symmetric_LRW *lrw); | |
932 | 932 | int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw); |
933 | 933 | int lrw_done(symmetric_LRW *lrw); |
934 | 934 | int lrw_test(void); |
944 | 944 | int num_rounds, symmetric_F8 *f8); |
945 | 945 | int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8); |
946 | 946 | int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8); |
947 | int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8); | |
947 | int f8_getiv(unsigned char *IV, unsigned long *len, const symmetric_F8 *f8); | |
948 | 948 | int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8); |
949 | 949 | int f8_done(symmetric_F8 *f8); |
950 | 950 | int f8_test_mode(void); |
967 | 967 | const unsigned char *pt, unsigned long ptlen, |
968 | 968 | unsigned char *ct, |
969 | 969 | unsigned char *tweak, |
970 | symmetric_xts *xts); | |
970 | const symmetric_xts *xts); | |
971 | 971 | int xts_decrypt( |
972 | 972 | const unsigned char *ct, unsigned long ptlen, |
973 | 973 | unsigned char *pt, |
974 | 974 | unsigned char *tweak, |
975 | symmetric_xts *xts); | |
975 | const symmetric_xts *xts); | |
976 | 976 | |
977 | 977 | void xts_done(symmetric_xts *xts); |
978 | 978 | int xts_test(void); |
1045 | 1045 | unsigned ptr; |
1046 | 1046 | } sosemanuk_state; |
1047 | 1047 | |
1048 | int sosemanuk_setup(sosemanuk_state *ss, unsigned char *key, unsigned long keylen); | |
1049 | int sosemanuk_setiv(sosemanuk_state *ss, unsigned char *iv, unsigned long ivlen); | |
1048 | int sosemanuk_setup(sosemanuk_state *ss, const unsigned char *key, unsigned long keylen); | |
1049 | int sosemanuk_setiv(sosemanuk_state *ss, const unsigned char *iv, unsigned long ivlen); | |
1050 | 1050 | int sosemanuk_crypt(sosemanuk_state *ss, const unsigned char *in, unsigned long datalen, unsigned char *out); |
1051 | 1051 | int sosemanuk_keystream(sosemanuk_state *ss, unsigned char *out, unsigned long outlen); |
1052 | 1052 | int sosemanuk_done(sosemanuk_state *ss); |
357 | 357 | |
358 | 358 | #ifdef LTC_FORTUNA |
359 | 359 | |
360 | #if !defined(LTC_FORTUNA_RESEED_RATELIMIT_STATIC) && \ | |
361 | ((defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || defined(_WIN32)) | |
362 | ||
363 | /* time-based rate limit of the reseeding */ | |
364 | #define LTC_FORTUNA_RESEED_RATELIMIT_TIMED | |
365 | ||
366 | #else | |
367 | ||
360 | 368 | #ifndef LTC_FORTUNA_WD |
361 | 369 | /* reseed every N calls to the read function */ |
362 | 370 | #define LTC_FORTUNA_WD 10 |
371 | #endif | |
372 | ||
373 | #ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED | |
374 | /* make sure only one of | |
375 | * LTC_FORTUNA_RESEED_RATELIMIT_STATIC | |
376 | * and | |
377 | * LTC_FORTUNA_RESEED_RATELIMIT_TIMED | |
378 | * is defined. | |
379 | */ | |
380 | #undef LTC_FORTUNA_RESEED_RATELIMIT_TIMED | |
381 | #warning "undef'ed LTC_FORTUNA_RESEED_RATELIMIT_TIMED, looks like your architecture doesn't support it" | |
382 | #endif | |
383 | ||
363 | 384 | #endif |
364 | 385 | |
365 | 386 | #ifndef LTC_FORTUNA_POOLS |
449 | 470 | #define LTC_BASE64_URL |
450 | 471 | /* Base32 encoding/decoding */ |
451 | 472 | #define LTC_BASE32 |
473 | /* Base16/hex encoding/decoding */ | |
474 | #define LTC_BASE16 | |
452 | 475 | |
453 | 476 | /* Keep LTC_NO_HKDF for compatibility reasons |
454 | 477 | * superseeded by LTC_NO_MISC*/ |
460 | 483 | #define LTC_ADLER32 |
461 | 484 | |
462 | 485 | #define LTC_CRC32 |
486 | ||
487 | #define LTC_PADDING | |
463 | 488 | |
464 | 489 | #endif /* LTC_NO_MISC */ |
465 | 490 | |
502 | 527 | #define LTC_ECC_SECP256R1 |
503 | 528 | #define LTC_ECC_SECP384R1 |
504 | 529 | #define LTC_ECC_SECP521R1 |
505 | /* OLD deprecated (but still working) defines */ | |
506 | #define LTC_ECC112 | |
507 | #define LTC_ECC128 | |
508 | #define LTC_ECC160 | |
509 | #define LTC_ECC192 | |
510 | #define LTC_ECC224 | |
511 | #define LTC_ECC256 | |
512 | #define LTC_ECC384 | |
513 | #define LTC_ECC521 | |
514 | #endif | |
530 | #endif | |
531 | #endif | |
532 | ||
533 | #if defined(LTC_DER) | |
534 | #ifndef LTC_DER_MAX_RECURSION | |
535 | /* Maximum recursion limit when processing nested ASN.1 types. */ | |
536 | #define LTC_DER_MAX_RECURSION 30 | |
537 | #endif | |
515 | 538 | #endif |
516 | 539 | |
517 | 540 | #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) |
620 | 643 | #endif |
621 | 644 | #endif |
622 | 645 | |
646 | /* ECC backwards compatibility */ | |
647 | #if !defined(LTC_ECC_SECP112R1) && defined(LTC_ECC112) | |
648 | #define LTC_ECC_SECP112R1 | |
649 | #undef LTC_ECC112 | |
650 | #endif | |
651 | #if !defined(LTC_ECC_SECP128R1) && defined(LTC_ECC128) | |
652 | #define LTC_ECC_SECP128R1 | |
653 | #undef LTC_ECC128 | |
654 | #endif | |
655 | #if !defined(LTC_ECC_SECP160R1) && defined(LTC_ECC160) | |
656 | #define LTC_ECC_SECP160R1 | |
657 | #undef LTC_ECC160 | |
658 | #endif | |
659 | #if !defined(LTC_ECC_SECP192R1) && defined(LTC_ECC192) | |
660 | #define LTC_ECC_SECP192R1 | |
661 | #undef LTC_ECC192 | |
662 | #endif | |
663 | #if !defined(LTC_ECC_SECP224R1) && defined(LTC_ECC224) | |
664 | #define LTC_ECC_SECP224R1 | |
665 | #undef LTC_ECC224 | |
666 | #endif | |
667 | #if !defined(LTC_ECC_SECP256R1) && defined(LTC_ECC256) | |
668 | #define LTC_ECC_SECP256R1 | |
669 | #undef LTC_ECC256 | |
670 | #endif | |
671 | #if !defined(LTC_ECC_SECP384R1) && defined(LTC_ECC384) | |
672 | #define LTC_ECC_SECP384R1 | |
673 | #undef LTC_ECC384 | |
674 | #endif | |
675 | #if !defined(LTC_ECC_SECP512R1) && defined(LTC_ECC521) | |
676 | #define LTC_ECC_SECP521R1 | |
677 | #undef LTC_ECC521 | |
678 | #endif | |
679 | ||
623 | 680 | /* ref: $Format:%D$ */ |
624 | 681 | /* git commit: $Format:%H$ */ |
625 | 682 | /* commit time: $Format:%ai$ */ |
287 | 287 | #define sha3_shake_process(a,b,c) sha3_process(a,b,c) |
288 | 288 | int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen); |
289 | 289 | int sha3_shake_test(void); |
290 | int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); | |
290 | int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, const unsigned long *outlen); | |
291 | 291 | #endif |
292 | 292 | |
293 | 293 | #ifdef LTC_KECCAK |
522 | 522 | } \ |
523 | 523 | while (inlen > 0) { \ |
524 | 524 | if (md-> state_var .curlen == 0 && inlen >= block_size) { \ |
525 | if ((err = compress_name (md, (unsigned char *)in)) != CRYPT_OK) { \ | |
525 | if ((err = compress_name (md, in)) != CRYPT_OK) { \ | |
526 | 526 | return err; \ |
527 | 527 | } \ |
528 | 528 | md-> state_var .length += block_size * 8; \ |
273 | 273 | const unsigned char *header, unsigned long headerlen, |
274 | 274 | const unsigned char *ct, unsigned long ctlen, |
275 | 275 | unsigned char *pt, |
276 | unsigned char *tag, unsigned long taglen, | |
276 | const unsigned char *tag, unsigned long taglen, | |
277 | 277 | int *stat); |
278 | 278 | |
279 | 279 | int eax_test(void); |
499 | 499 | #endif |
500 | 500 | } gcm_state; |
501 | 501 | |
502 | void gcm_mult_h(gcm_state *gcm, unsigned char *I); | |
502 | void gcm_mult_h(const gcm_state *gcm, unsigned char *I); | |
503 | 503 | |
504 | 504 | int gcm_init(gcm_state *gcm, int cipher, |
505 | 505 | const unsigned char *key, int keylen); |
473 | 473 | */ |
474 | 474 | int (*rsa_me)(const unsigned char *in, unsigned long inlen, |
475 | 475 | unsigned char *out, unsigned long *outlen, int which, |
476 | rsa_key *key); | |
476 | const rsa_key *key); | |
477 | 477 | |
478 | 478 | /* ---- basic math continued ---- */ |
479 | 479 |
9 | 9 | /* ---- LTC_BASE64 Routines ---- */ |
10 | 10 | #ifdef LTC_BASE64 |
11 | 11 | int base64_encode(const unsigned char *in, unsigned long len, |
12 | char *out, unsigned long *outlen); | |
13 | ||
14 | int base64_decode(const char *in, unsigned long len, | |
12 | 15 | unsigned char *out, unsigned long *outlen); |
13 | ||
14 | int base64_decode(const unsigned char *in, unsigned long len, | |
16 | int base64_strict_decode(const char *in, unsigned long len, | |
15 | 17 | unsigned char *out, unsigned long *outlen); |
16 | int base64_strict_decode(const unsigned char *in, unsigned long len, | |
18 | int base64_sane_decode(const char *in, unsigned long inlen, | |
17 | 19 | unsigned char *out, unsigned long *outlen); |
18 | 20 | #endif |
19 | 21 | |
20 | 22 | #ifdef LTC_BASE64_URL |
21 | 23 | int base64url_encode(const unsigned char *in, unsigned long len, |
24 | char *out, unsigned long *outlen); | |
25 | int base64url_strict_encode(const unsigned char *in, unsigned long inlen, | |
26 | char *out, unsigned long *outlen); | |
27 | ||
28 | int base64url_decode(const char *in, unsigned long len, | |
22 | 29 | unsigned char *out, unsigned long *outlen); |
23 | int base64url_strict_encode(const unsigned char *in, unsigned long inlen, | |
30 | int base64url_strict_decode(const char *in, unsigned long len, | |
24 | 31 | unsigned char *out, unsigned long *outlen); |
25 | ||
26 | int base64url_decode(const unsigned char *in, unsigned long len, | |
27 | unsigned char *out, unsigned long *outlen); | |
28 | int base64url_strict_decode(const unsigned char *in, unsigned long len, | |
32 | int base64url_sane_decode(const char *in, unsigned long inlen, | |
29 | 33 | unsigned char *out, unsigned long *outlen); |
30 | 34 | #endif |
31 | 35 | |
38 | 42 | BASE32_CROCKFORD = 3 |
39 | 43 | } base32_alphabet; |
40 | 44 | int base32_encode(const unsigned char *in, unsigned long inlen, |
45 | char *out, unsigned long *outlen, | |
46 | base32_alphabet id); | |
47 | int base32_decode(const char *in, unsigned long inlen, | |
41 | 48 | unsigned char *out, unsigned long *outlen, |
42 | 49 | base32_alphabet id); |
43 | int base32_decode(const unsigned char *in, unsigned long inlen, | |
44 | unsigned char *out, unsigned long *outlen, | |
45 | base32_alphabet id); | |
50 | #endif | |
51 | ||
52 | /* ---- BASE16 Routines ---- */ | |
53 | #ifdef LTC_BASE16 | |
54 | int base16_encode(const unsigned char *in, unsigned long inlen, | |
55 | char *out, unsigned long *outlen, | |
56 | int caps); | |
57 | int base16_decode(const char *in, unsigned long inlen, | |
58 | unsigned char *out, unsigned long *outlen); | |
46 | 59 | #endif |
47 | 60 | |
48 | 61 | /* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */ |
109 | 122 | |
110 | 123 | void adler32_init(adler32_state *ctx); |
111 | 124 | void adler32_update(adler32_state *ctx, const unsigned char *input, unsigned long length); |
112 | void adler32_finish(adler32_state *ctx, void *hash, unsigned long size); | |
125 | void adler32_finish(const adler32_state *ctx, void *hash, unsigned long size); | |
113 | 126 | int adler32_test(void); |
114 | 127 | #endif |
115 | 128 | |
121 | 134 | |
122 | 135 | void crc32_init(crc32_state *ctx); |
123 | 136 | void crc32_update(crc32_state *ctx, const unsigned char *input, unsigned long length); |
124 | void crc32_finish(crc32_state *ctx, void *hash, unsigned long size); | |
137 | void crc32_finish(const crc32_state *ctx, void *hash, unsigned long size); | |
125 | 138 | int crc32_test(void); |
126 | 139 | #endif |
140 | ||
141 | ||
142 | #ifdef LTC_PADDING | |
143 | ||
144 | enum padding_type { | |
145 | LTC_PAD_PKCS7 = 0x0000U, | |
146 | #ifdef LTC_RNG_GET_BYTES | |
147 | LTC_PAD_ISO_10126 = 0x1000U, | |
148 | #endif | |
149 | LTC_PAD_ANSI_X923 = 0x2000U, | |
150 | LTC_PAD_ONE_AND_ZERO = 0x8000U, | |
151 | LTC_PAD_ZERO = 0x9000U, | |
152 | LTC_PAD_ZERO_ALWAYS = 0xA000U, | |
153 | }; | |
154 | ||
155 | int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode); | |
156 | int padding_depad(const unsigned char *data, unsigned long *length, unsigned long mode); | |
157 | ||
158 | #ifdef LTC_SOURCE | |
159 | /* internal helper functions */ | |
160 | #define LTC_PAD_MASK (0xF000U) | |
161 | #endif | |
162 | #endif /* LTC_PADDING */ | |
127 | 163 | |
128 | 164 | int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which); |
129 | 165 |
8 | 8 | |
9 | 9 | /* ---- NUMBER THEORY ---- */ |
10 | 10 | |
11 | enum { | |
12 | PK_PUBLIC=0, | |
13 | PK_PRIVATE=1 | |
11 | enum public_key_type { | |
12 | /* Refers to the public key */ | |
13 | PK_PUBLIC = 0x0000, | |
14 | /* Refers to the private key */ | |
15 | PK_PRIVATE = 0x0001, | |
16 | ||
17 | /* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */ | |
18 | PK_STD = 0x1000, | |
19 | /* Indicates compressed public ECC key */ | |
20 | PK_COMPRESSED = 0x2000, | |
21 | /* Indicates ECC key with the curve specified by OID */ | |
22 | PK_CURVEOID = 0x4000 | |
14 | 23 | }; |
15 | ||
16 | /* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */ | |
17 | #define PK_STD 0x1000 | |
18 | /* Indicates compressed public ECC key */ | |
19 | #define PK_COMPRESSED 0x2000 | |
20 | /* Indicates ECC key with the curve specified by OID */ | |
21 | #define PK_CURVEOID 0x4000 | |
22 | 24 | |
23 | 25 | int rand_prime(void *N, long len, prng_state *prng, int wprng); |
24 | 26 | |
41 | 43 | } oid_st; |
42 | 44 | |
43 | 45 | int pk_get_oid(int pk, oid_st *st); |
46 | int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen); | |
47 | int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen); | |
44 | 48 | #endif /* LTC_SOURCE */ |
45 | 49 | |
46 | 50 | /* ---- RSA ---- */ |
70 | 74 | |
71 | 75 | int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key); |
72 | 76 | |
73 | int rsa_get_size(rsa_key *key); | |
77 | int rsa_get_size(const rsa_key *key); | |
74 | 78 | |
75 | 79 | int rsa_exptmod(const unsigned char *in, unsigned long inlen, |
76 | 80 | unsigned char *out, unsigned long *outlen, int which, |
77 | rsa_key *key); | |
81 | const rsa_key *key); | |
78 | 82 | |
79 | 83 | void rsa_free(rsa_key *key); |
80 | 84 | |
95 | 99 | rsa_sign_saltlen_get_max_ex(LTC_PKCS_1_PSS, _hash_idx, _key) |
96 | 100 | |
97 | 101 | /* These can be switched between PKCS #1 v2.x and PKCS #1 v1.5 paddings */ |
98 | int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, | |
99 | unsigned char *out, unsigned long *outlen, | |
100 | const unsigned char *lparam, unsigned long lparamlen, | |
101 | prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key); | |
102 | ||
103 | int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, | |
102 | int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, | |
104 | 103 | unsigned char *out, unsigned long *outlen, |
105 | 104 | const unsigned char *lparam, unsigned long lparamlen, |
105 | prng_state *prng, int prng_idx, | |
106 | 106 | int hash_idx, int padding, |
107 | int *stat, rsa_key *key); | |
107 | const rsa_key *key); | |
108 | ||
109 | int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, | |
110 | unsigned char *out, unsigned long *outlen, | |
111 | const unsigned char *lparam, unsigned long lparamlen, | |
112 | int hash_idx, int padding, | |
113 | int *stat, const rsa_key *key); | |
108 | 114 | |
109 | 115 | int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, |
110 | 116 | unsigned char *out, unsigned long *outlen, |
111 | 117 | int padding, |
112 | 118 | prng_state *prng, int prng_idx, |
113 | 119 | int hash_idx, unsigned long saltlen, |
114 | rsa_key *key); | |
115 | ||
116 | int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, | |
117 | const unsigned char *hash, unsigned long hashlen, | |
120 | const rsa_key *key); | |
121 | ||
122 | int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, | |
123 | const unsigned char *hash, unsigned long hashlen, | |
118 | 124 | int padding, |
119 | int hash_idx, unsigned long saltlen, | |
120 | int *stat, rsa_key *key); | |
121 | ||
122 | int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, rsa_key *key); | |
125 | int hash_idx, unsigned long saltlen, | |
126 | int *stat, const rsa_key *key); | |
127 | ||
128 | int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, const rsa_key *key); | |
123 | 129 | |
124 | 130 | /* PKCS #1 import/export */ |
125 | int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key); | |
131 | int rsa_export(unsigned char *out, unsigned long *outlen, int type, const rsa_key *key); | |
126 | 132 | int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key); |
127 | 133 | |
128 | 134 | int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key); |
208 | 214 | void *prime; |
209 | 215 | } dh_key; |
210 | 216 | |
211 | int dh_get_groupsize(dh_key *key); | |
212 | ||
213 | int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key); | |
217 | int dh_get_groupsize(const dh_key *key); | |
218 | ||
219 | int dh_export(unsigned char *out, unsigned long *outlen, int type, const dh_key *key); | |
214 | 220 | int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key); |
215 | 221 | |
216 | 222 | int dh_set_pg(const unsigned char *p, unsigned long plen, |
222 | 228 | int dh_set_key(const unsigned char *in, unsigned long inlen, int type, dh_key *key); |
223 | 229 | int dh_generate_key(prng_state *prng, int wprng, dh_key *key); |
224 | 230 | |
225 | int dh_shared_secret(dh_key *private_key, dh_key *public_key, | |
231 | int dh_shared_secret(const dh_key *private_key, const dh_key *public_key, | |
226 | 232 | unsigned char *out, unsigned long *outlen); |
227 | 233 | |
228 | 234 | void dh_free(dh_key *key); |
229 | 235 | |
230 | int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key); | |
236 | int dh_export_key(void *out, unsigned long *outlen, int type, const dh_key *key); | |
231 | 237 | |
232 | 238 | #ifdef LTC_SOURCE |
233 | 239 | typedef struct { |
238 | 244 | extern const ltc_dh_set_type ltc_dh_sets[]; |
239 | 245 | |
240 | 246 | /* internal helper functions */ |
241 | int dh_check_pubkey(dh_key *key); | |
247 | int dh_check_pubkey(const dh_key *key); | |
242 | 248 | #endif |
243 | 249 | |
244 | 250 | #endif /* LTC_MDH */ |
255 | 261 | |
256 | 262 | /** Structure defines a GF(p) curve */ |
257 | 263 | typedef struct { |
258 | /** name of curve */ | |
259 | const char *name; | |
260 | ||
261 | 264 | /** The prime that defines the field the curve is in (encoded in hex) */ |
262 | 265 | const char *prime; |
263 | 266 | |
280 | 283 | unsigned long cofactor; |
281 | 284 | |
282 | 285 | /** The OID */ |
283 | unsigned long oid[16]; | |
284 | unsigned long oidlen; | |
285 | } ltc_ecc_set_type; | |
286 | const char *OID; | |
287 | } ltc_ecc_curve; | |
286 | 288 | |
287 | 289 | /** A point on a ECC curve, stored in Jacbobian format such that (x,y,z) => (x/z^2, y/z^3, 1) when interpretted as affine */ |
288 | 290 | typedef struct { |
333 | 335 | } ecc_key; |
334 | 336 | |
335 | 337 | /** the ECC params provided */ |
336 | extern const ltc_ecc_set_type ltc_ecc_sets[]; | |
338 | extern const ltc_ecc_curve ltc_ecc_curves[]; | |
337 | 339 | |
338 | 340 | int ecc_test(void); |
339 | 341 | void ecc_sizes(int *low, int *high); |
340 | int ecc_get_size(ecc_key *key); | |
341 | ||
342 | int ecc_get_set_by_name(const char* name, const ltc_ecc_set_type** dp); | |
343 | int ecc_set_dp(const ltc_ecc_set_type *set, ecc_key *key); | |
342 | int ecc_get_size(const ecc_key *key); | |
343 | ||
344 | int ecc_get_curve(const char* name_or_oid, const ltc_ecc_curve** cu); | |
345 | int ecc_set_dp(const ltc_ecc_curve *cu, ecc_key *key); | |
344 | 346 | int ecc_generate_key(prng_state *prng, int wprng, ecc_key *key); |
345 | 347 | int ecc_set_key(const unsigned char *in, unsigned long inlen, int type, ecc_key *key); |
346 | int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); | |
348 | int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key); | |
347 | 349 | |
348 | 350 | int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key); |
349 | int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp); | |
351 | int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_curve *cu); | |
350 | 352 | void ecc_free(ecc_key *key); |
351 | 353 | |
352 | int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); | |
354 | int ecc_export(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key); | |
353 | 355 | int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key); |
354 | int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp); | |
355 | ||
356 | int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen); | |
356 | int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu); | |
357 | ||
358 | int ecc_ansi_x963_export(const ecc_key *key, unsigned char *out, unsigned long *outlen); | |
357 | 359 | int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key); |
358 | int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp); | |
359 | ||
360 | int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); | |
360 | int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu); | |
361 | ||
362 | int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key); | |
361 | 363 | int ecc_import_openssl(const unsigned char *in, unsigned long inlen, ecc_key *key); |
362 | 364 | int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, const void *pwd, unsigned long pwdlen, ecc_key *key); |
363 | 365 | int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key); |
364 | 366 | |
365 | int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, | |
367 | int ecc_shared_secret(const ecc_key *private_key, const ecc_key *public_key, | |
366 | 368 | unsigned char *out, unsigned long *outlen); |
367 | 369 | |
368 | 370 | int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, |
369 | 371 | unsigned char *out, unsigned long *outlen, |
370 | 372 | prng_state *prng, int wprng, int hash, |
371 | ecc_key *key); | |
373 | const ecc_key *key); | |
372 | 374 | |
373 | 375 | int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, |
374 | 376 | unsigned char *out, unsigned long *outlen, |
375 | ecc_key *key); | |
377 | const ecc_key *key); | |
376 | 378 | |
377 | 379 | int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen, |
378 | 380 | unsigned char *out, unsigned long *outlen, |
379 | prng_state *prng, int wprng, ecc_key *key); | |
381 | prng_state *prng, int wprng, const ecc_key *key); | |
380 | 382 | |
381 | 383 | int ecc_sign_hash(const unsigned char *in, unsigned long inlen, |
382 | 384 | unsigned char *out, unsigned long *outlen, |
383 | prng_state *prng, int wprng, ecc_key *key); | |
385 | prng_state *prng, int wprng, const ecc_key *key); | |
384 | 386 | |
385 | 387 | int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen, |
386 | 388 | const unsigned char *hash, unsigned long hashlen, |
387 | int *stat, ecc_key *key); | |
389 | int *stat, const ecc_key *key); | |
388 | 390 | |
389 | 391 | int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, |
390 | 392 | const unsigned char *hash, unsigned long hashlen, |
391 | int *stat, ecc_key *key); | |
393 | int *stat, const ecc_key *key); | |
392 | 394 | |
393 | 395 | |
394 | 396 | #ifdef LTC_SOURCE |
395 | 397 | /* INTERNAL ONLY - it should be later moved to src/headers/tomcrypt_internal.h */ |
396 | 398 | |
397 | int ecc_set_dp_bn(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key); | |
398 | int ecc_set_dp_oid(unsigned long *oid, unsigned long oidsize, ecc_key *key); | |
399 | int ecc_set_dp_copy(ecc_key *srckey, ecc_key *key); | |
400 | int ecc_set_dp_size(int size, ecc_key *key); | |
399 | int ecc_set_dp_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key); | |
400 | int ecc_copy_dp(const ecc_key *srckey, ecc_key *key); | |
401 | int ecc_set_dp_by_size(int size, ecc_key *key); | |
401 | 402 | |
402 | 403 | /* low level functions */ |
403 | 404 | ecc_point *ltc_ecc_new_point(void); |
404 | 405 | void ltc_ecc_del_point(ecc_point *p); |
406 | int ltc_ecc_set_point_xyz(ltc_mp_digit x, ltc_mp_digit y, ltc_mp_digit z, ecc_point *p); | |
407 | int ltc_ecc_copy_point(const ecc_point *src, ecc_point *dst); | |
405 | 408 | int ltc_ecc_is_point(const ltc_ecc_dp *dp, void *x, void *y); |
406 | int ltc_ecc_is_point_at_infinity(const ecc_point *p, void *modulus); | |
409 | int ltc_ecc_is_point_at_infinity(const ecc_point *P, void *modulus, int *retval); | |
407 | 410 | int ltc_ecc_import_point(const unsigned char *in, unsigned long inlen, void *prime, void *a, void *b, void *x, void *y); |
408 | 411 | int ltc_ecc_export_point(unsigned char *out, unsigned long *outlen, void *x, void *y, unsigned long size, int compressed); |
409 | int ltc_ecc_verify_key(ecc_key *key); | |
412 | int ltc_ecc_verify_key(const ecc_key *key); | |
410 | 413 | |
411 | 414 | /* point ops (mp == montgomery digit) */ |
412 | 415 | #if !defined(LTC_MECC_ACCEL) || defined(LTM_DESC) || defined(GMP_DESC) |
509 | 512 | |
510 | 513 | int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, |
511 | 514 | void *r, void *s, |
512 | prng_state *prng, int wprng, dsa_key *key); | |
515 | prng_state *prng, int wprng, const dsa_key *key); | |
513 | 516 | |
514 | 517 | int dsa_sign_hash(const unsigned char *in, unsigned long inlen, |
515 | 518 | unsigned char *out, unsigned long *outlen, |
516 | prng_state *prng, int wprng, dsa_key *key); | |
519 | prng_state *prng, int wprng, const dsa_key *key); | |
517 | 520 | |
518 | 521 | int dsa_verify_hash_raw( void *r, void *s, |
519 | 522 | const unsigned char *hash, unsigned long hashlen, |
520 | int *stat, dsa_key *key); | |
521 | ||
522 | int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, | |
523 | const unsigned char *hash, unsigned long hashlen, | |
524 | int *stat, dsa_key *key); | |
523 | int *stat, const dsa_key *key); | |
524 | ||
525 | int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, | |
526 | const unsigned char *hash, unsigned long hashlen, | |
527 | int *stat, const dsa_key *key); | |
525 | 528 | |
526 | 529 | int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, |
527 | 530 | unsigned char *out, unsigned long *outlen, |
528 | prng_state *prng, int wprng, int hash, | |
529 | dsa_key *key); | |
531 | prng_state *prng, int wprng, int hash, | |
532 | const dsa_key *key); | |
530 | 533 | |
531 | 534 | int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, |
532 | 535 | unsigned char *out, unsigned long *outlen, |
533 | dsa_key *key); | |
536 | const dsa_key *key); | |
534 | 537 | |
535 | 538 | int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key); |
536 | int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key); | |
537 | int dsa_verify_key(dsa_key *key, int *stat); | |
539 | int dsa_export(unsigned char *out, unsigned long *outlen, int type, const dsa_key *key); | |
540 | int dsa_verify_key(const dsa_key *key, int *stat); | |
538 | 541 | #ifdef LTC_SOURCE |
539 | 542 | /* internal helper functions */ |
540 | int dsa_int_validate_xy(dsa_key *key, int *stat); | |
541 | int dsa_int_validate_pqg(dsa_key *key, int *stat); | |
542 | int dsa_int_validate_primes(dsa_key *key, int *stat); | |
543 | int dsa_int_validate_xy(const dsa_key *key, int *stat); | |
544 | int dsa_int_validate_pqg(const dsa_key *key, int *stat); | |
545 | int dsa_int_validate_primes(const dsa_key *key, int *stat); | |
543 | 546 | #endif |
544 | 547 | int dsa_shared_secret(void *private_key, void *base, |
545 | dsa_key *public_key, | |
548 | const dsa_key *public_key, | |
546 | 549 | unsigned char *out, unsigned long *outlen); |
547 | 550 | #endif |
548 | 551 | |
604 | 607 | /** Flag used to indicate optional items in ASN.1 sequences */ |
605 | 608 | int optional; |
606 | 609 | /** ASN.1 identifier */ |
607 | ltc_asn1_class class; | |
610 | ltc_asn1_class klass; | |
608 | 611 | ltc_asn1_pc pc; |
609 | 612 | ulong64 tag; |
610 | 613 | /** prev/next entry in the list */ |
620 | 623 | LTC_MACRO_list[LTC_MACRO_temp].size = (Size); \ |
621 | 624 | LTC_MACRO_list[LTC_MACRO_temp].used = 0; \ |
622 | 625 | LTC_MACRO_list[LTC_MACRO_temp].optional = 0; \ |
623 | LTC_MACRO_list[LTC_MACRO_temp].class = 0; \ | |
626 | LTC_MACRO_list[LTC_MACRO_temp].klass = 0; \ | |
624 | 627 | LTC_MACRO_list[LTC_MACRO_temp].pc = 0; \ |
625 | 628 | LTC_MACRO_list[LTC_MACRO_temp].tag = 0; \ |
626 | 629 | } while (0) |
630 | 633 | int LTC_MACRO_temp = (index); \ |
631 | 634 | ltc_asn1_list *LTC_MACRO_list = (list); \ |
632 | 635 | LTC_MACRO_list[LTC_MACRO_temp].type = LTC_ASN1_CUSTOM_TYPE; \ |
633 | LTC_MACRO_list[LTC_MACRO_temp].class = (Class); \ | |
636 | LTC_MACRO_list[LTC_MACRO_temp].klass = (Class); \ | |
634 | 637 | LTC_MACRO_list[LTC_MACRO_temp].pc = (Pc); \ |
635 | 638 | LTC_MACRO_list[LTC_MACRO_temp].tag = (Tag); \ |
636 | 639 | } while (0) |
660 | 663 | extern const unsigned long der_asn1_tag_to_string_map_sz; |
661 | 664 | |
662 | 665 | /* SEQUENCE */ |
663 | int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, | |
664 | unsigned char *out, unsigned long *outlen, int type_of); | |
666 | int der_encode_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, | |
667 | unsigned char *out, unsigned long *outlen, int type_of); | |
665 | 668 | |
666 | 669 | #define der_encode_sequence(list, inlen, out, outlen) der_encode_sequence_ex(list, inlen, out, outlen, LTC_ASN1_SEQUENCE) |
667 | 670 | |
692 | 695 | #define der_decode_sequence(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SEQUENCE | LTC_DER_SEQ_RELAXED) |
693 | 696 | #define der_decode_sequence_strict(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SEQUENCE | LTC_DER_SEQ_STRICT) |
694 | 697 | |
695 | int der_length_sequence(ltc_asn1_list *list, unsigned long inlen, | |
698 | int der_length_sequence(const ltc_asn1_list *list, unsigned long inlen, | |
696 | 699 | unsigned long *outlen); |
697 | 700 | |
698 | 701 | |
721 | 724 | int der_decode_asn1_length(const unsigned char* len, unsigned long* lenlen, unsigned long* outlen); |
722 | 725 | int der_length_asn1_length(unsigned long len, unsigned long *outlen); |
723 | 726 | |
724 | int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, | |
727 | int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, | |
725 | 728 | unsigned long *outlen, unsigned long *payloadlen); |
726 | 729 | |
727 | 730 | extern const ltc_asn1_type der_asn1_tag_to_type_map[]; |
734 | 737 | /* SET */ |
735 | 738 | #define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, LTC_DER_SEQ_SET) |
736 | 739 | #define der_length_set der_length_sequence |
737 | int der_encode_set(ltc_asn1_list *list, unsigned long inlen, | |
738 | unsigned char *out, unsigned long *outlen); | |
739 | ||
740 | int der_encode_setof(ltc_asn1_list *list, unsigned long inlen, | |
741 | unsigned char *out, unsigned long *outlen); | |
740 | int der_encode_set(const ltc_asn1_list *list, unsigned long inlen, | |
741 | unsigned char *out, unsigned long *outlen); | |
742 | ||
743 | int der_encode_setof(const ltc_asn1_list *list, unsigned long inlen, | |
744 | unsigned char *out, unsigned long *outlen); | |
742 | 745 | |
743 | 746 | /* VA list handy helpers with triplets of <type, size, data> */ |
744 | 747 | int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...); |
789 | 792 | int der_length_octet_string(unsigned long noctets, unsigned long *outlen); |
790 | 793 | |
791 | 794 | /* OBJECT IDENTIFIER */ |
792 | int der_encode_object_identifier(unsigned long *words, unsigned long nwords, | |
793 | unsigned char *out, unsigned long *outlen); | |
795 | int der_encode_object_identifier(const unsigned long *words, unsigned long nwords, | |
796 | unsigned char *out, unsigned long *outlen); | |
794 | 797 | int der_decode_object_identifier(const unsigned char *in, unsigned long inlen, |
795 | 798 | unsigned long *words, unsigned long *outlen); |
796 | int der_length_object_identifier(unsigned long *words, unsigned long nwords, unsigned long *outlen); | |
799 | int der_length_object_identifier(const unsigned long *words, unsigned long nwords, unsigned long *outlen); | |
797 | 800 | unsigned long der_object_identifier_bits(unsigned long x); |
798 | 801 | |
799 | 802 | /* IA5 STRING */ |
872 | 875 | off_mm; /* timezone offset minutes */ |
873 | 876 | } ltc_utctime; |
874 | 877 | |
875 | int der_encode_utctime(ltc_utctime *utctime, | |
876 | unsigned char *out, unsigned long *outlen); | |
878 | int der_encode_utctime(const ltc_utctime *utctime, | |
879 | unsigned char *out, unsigned long *outlen); | |
877 | 880 | |
878 | 881 | int der_decode_utctime(const unsigned char *in, unsigned long *inlen, |
879 | 882 | ltc_utctime *out); |
880 | 883 | |
881 | int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen); | |
884 | int der_length_utctime(const ltc_utctime *utctime, unsigned long *outlen); | |
882 | 885 | |
883 | 886 | /* GeneralizedTime */ |
884 | 887 | typedef struct { |
894 | 897 | off_mm; /* timezone offset minutes */ |
895 | 898 | } ltc_generalizedtime; |
896 | 899 | |
897 | int der_encode_generalizedtime(ltc_generalizedtime *gtime, | |
898 | unsigned char *out, unsigned long *outlen); | |
900 | int der_encode_generalizedtime(const ltc_generalizedtime *gtime, | |
901 | unsigned char *out, unsigned long *outlen); | |
899 | 902 | |
900 | 903 | int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen, |
901 | 904 | ltc_generalizedtime *out); |
902 | 905 | |
903 | int der_length_generalizedtime(ltc_generalizedtime *gtime, unsigned long *outlen); | |
906 | int der_length_generalizedtime(const ltc_generalizedtime *gtime, unsigned long *outlen); | |
904 | 907 | |
905 | 908 | #ifdef LTC_SOURCE |
906 | 909 | /* internal helper functions */ |
907 | 910 | /* SUBJECT PUBLIC KEY INFO */ |
908 | 911 | int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, |
909 | unsigned int algorithm, void* public_key, unsigned long public_key_len, | |
910 | unsigned long parameters_type, void* parameters, unsigned long parameters_len); | |
912 | unsigned int algorithm, const void* public_key, unsigned long public_key_len, | |
913 | ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len); | |
911 | 914 | |
912 | 915 | int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, |
913 | 916 | unsigned int algorithm, void* public_key, unsigned long* public_key_len, |
914 | unsigned long parameters_type, void* parameters, unsigned long *parameters_len); | |
917 | ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len); | |
915 | 918 | #endif /* LTC_SOURCE */ |
916 | 919 | |
917 | 920 | #endif |
42 | 42 | pool0_len, /* length of 0'th pool */ |
43 | 43 | wd; |
44 | 44 | |
45 | ulong64 reset_cnt; /* number of times we have reset */ | |
45 | ulong64 reset_cnt; /* number of times we have reseeded */ | |
46 | 46 | }; |
47 | 47 | #endif |
48 | 48 | |
147 | 147 | #ifdef LTC_FORTUNA |
148 | 148 | int fortuna_start(prng_state *prng); |
149 | 149 | int fortuna_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng); |
150 | int fortuna_add_random_event(unsigned long source, unsigned long pool, const unsigned char *in, unsigned long inlen, prng_state *prng); | |
150 | 151 | int fortuna_ready(prng_state *prng); |
151 | 152 | unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state *prng); |
152 | 153 | int fortuna_done(prng_state *prng); |
153 | int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng); | |
154 | int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng); | |
155 | int fortuna_test(void); | |
154 | int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng); | |
155 | int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng); | |
156 | int fortuna_update_seed(const unsigned char *in, unsigned long inlen, prng_state *prng); | |
157 | int fortuna_test(void); | |
156 | 158 | extern const struct ltc_prng_descriptor fortuna_desc; |
157 | 159 | #endif |
158 | 160 | |
211 | 213 | int prng_is_valid(int idx); |
212 | 214 | LTC_MUTEX_PROTO(ltc_prng_mutex) |
213 | 215 | |
216 | #ifdef LTC_SOURCE | |
217 | /* internal helper functions */ | |
218 | #define _LTC_PRNG_EXPORT(which) \ | |
219 | int which ## _export(unsigned char *out, unsigned long *outlen, prng_state *prng) \ | |
220 | { \ | |
221 | unsigned long len = which ## _desc.export_size; \ | |
222 | \ | |
223 | LTC_ARGCHK(prng != NULL); \ | |
224 | LTC_ARGCHK(out != NULL); \ | |
225 | LTC_ARGCHK(outlen != NULL); \ | |
226 | \ | |
227 | if (*outlen < len) { \ | |
228 | *outlen = len; \ | |
229 | return CRYPT_BUFFER_OVERFLOW; \ | |
230 | } \ | |
231 | \ | |
232 | if (which ## _read(out, len, prng) != len) { \ | |
233 | return CRYPT_ERROR_READPRNG; \ | |
234 | } \ | |
235 | \ | |
236 | *outlen = len; \ | |
237 | return CRYPT_OK; \ | |
238 | } | |
239 | #endif | |
240 | ||
214 | 241 | /* Slow RNG you **might** be able to use to seed a PRNG with. Be careful as this |
215 | 242 | * might not work on all platforms as planned |
216 | 243 | */ |
264 | 264 | return CRYPT_OK; |
265 | 265 | } |
266 | 266 | |
267 | /* sqrtmod_prime */ | |
268 | static int sqrtmod_prime(void *a, void *b, void *c) | |
269 | { | |
270 | LTC_ARGCHK(a != NULL); | |
271 | LTC_ARGCHK(b != NULL); | |
272 | LTC_ARGCHK(c != NULL); | |
273 | fprintf(stderr, "TFM does not support sqrtmod_prime\n"); /* XXX-FIXME */ | |
274 | return CRYPT_ERROR; | |
275 | } | |
267 | /* sqrtmod_prime - NOT SUPPORTED */ | |
276 | 268 | |
277 | 269 | /* div */ |
278 | 270 | static int divide(void *a, void *b, void *c, void *d) |
437 | 429 | { |
438 | 430 | fp_int t1, t2; |
439 | 431 | fp_digit mp; |
432 | int err, inf; | |
440 | 433 | |
441 | 434 | LTC_ARGCHK(P != NULL); |
442 | 435 | LTC_ARGCHK(R != NULL); |
454 | 447 | fp_copy(P->z, R->z); |
455 | 448 | } |
456 | 449 | |
457 | if (ltc_ecc_is_point_at_infinity(P, modulus)) { | |
450 | if ((err = ltc_ecc_is_point_at_infinity(P, modulus, &inf)) != CRYPT_OK) return err; | |
451 | if (inf) { | |
458 | 452 | /* if P is point at infinity >> Result = point at infinity */ |
459 | 453 | ltc_mp.set_int(R->x, 1); |
460 | 454 | ltc_mp.set_int(R->y, 1); |
590 | 584 | { |
591 | 585 | fp_int t1, t2, x, y, z; |
592 | 586 | fp_digit mp; |
587 | int err, inf; | |
593 | 588 | |
594 | 589 | LTC_ARGCHK(P != NULL); |
595 | 590 | LTC_ARGCHK(Q != NULL); |
605 | 600 | fp_init(&y); |
606 | 601 | fp_init(&z); |
607 | 602 | |
608 | if (ltc_ecc_is_point_at_infinity(P, modulus)) { | |
603 | if ((err = ltc_ecc_is_point_at_infinity(P, modulus, &inf)) != CRYPT_OK) return err; | |
604 | if (inf) { | |
609 | 605 | /* P is point at infinity >> Result = Q */ |
610 | 606 | ltc_mp.copy(Q->x, R->x); |
611 | 607 | ltc_mp.copy(Q->y, R->y); |
613 | 609 | return CRYPT_OK; |
614 | 610 | } |
615 | 611 | |
616 | if (ltc_ecc_is_point_at_infinity(Q, modulus)) { | |
612 | if ((err = ltc_ecc_is_point_at_infinity(Q, modulus, &inf)) != CRYPT_OK) return err; | |
613 | if (inf) { | |
617 | 614 | /* Q is point at infinity >> Result = P */ |
618 | 615 | ltc_mp.copy(P->x, R->x); |
619 | 616 | ltc_mp.copy(P->y, R->y); |
802 | 799 | &mul, |
803 | 800 | &muli, |
804 | 801 | &sqr, |
805 | &sqrtmod_prime, | |
802 | NULL, /* TODO: &sqrtmod_prime */ | |
806 | 803 | ÷, |
807 | 804 | &div_2, |
808 | 805 | &modi, |
78 | 78 | ctx->s[1] = (unsigned short)s2; |
79 | 79 | } |
80 | 80 | |
81 | void adler32_finish(adler32_state *ctx, void *hash, unsigned long size) | |
81 | void adler32_finish(const adler32_state *ctx, void *hash, unsigned long size) | |
82 | 82 | { |
83 | 83 | unsigned char* h; |
84 | 84 |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | ||
9 | #include "tomcrypt.h" | |
10 | ||
11 | /** | |
12 | @file base16_decode.c | |
13 | Base16/Hex decode a string. | |
14 | Based on https://stackoverflow.com/a/23898449 | |
15 | Adapted for libtomcrypt by Steffen Jaeckel | |
16 | */ | |
17 | ||
18 | #ifdef LTC_BASE16 | |
19 | ||
20 | /** | |
21 | Base16 decode a string | |
22 | @param in The Base16 string to decode | |
23 | @param out [out] The destination of the binary decoded data | |
24 | @param outlen [in/out] The max size and resulting size of the decoded data | |
25 | @return CRYPT_OK if successful | |
26 | */ | |
27 | int base16_decode(const char *in, unsigned long inlen, | |
28 | unsigned char *out, unsigned long *outlen) | |
29 | { | |
30 | unsigned long pos, out_len; | |
31 | unsigned char idx0, idx1; | |
32 | char in0, in1; | |
33 | ||
34 | const unsigned char hashmap[] = { | |
35 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, /* 01234567 */ | |
36 | 0x08, 0x09, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* 89:;<=>? */ | |
37 | 0xff, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xff, /* @ABCDEFG */ | |
38 | 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* HIJKLMNO */ | |
39 | 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* PQRSTUVW */ | |
40 | 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* XYZ[\]^_ */ | |
41 | 0xff, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0xff, /* `abcdefg */ | |
42 | }; | |
43 | ||
44 | LTC_ARGCHK(in != NULL); | |
45 | LTC_ARGCHK(out != NULL); | |
46 | LTC_ARGCHK(outlen != NULL); | |
47 | ||
48 | if ((inlen % 2) == 1) return CRYPT_INVALID_PACKET; | |
49 | out_len = *outlen * 2; | |
50 | for (pos = 0; ((pos + 1 < out_len) && (pos + 1 < inlen)); pos += 2) { | |
51 | in0 = in[pos + 0]; | |
52 | in1 = in[pos + 1]; | |
53 | ||
54 | if ((in0 < '0') || (in0 > 'g')) return CRYPT_INVALID_PACKET; | |
55 | if ((in1 < '0') || (in1 > 'g')) return CRYPT_INVALID_PACKET; | |
56 | ||
57 | idx0 = (unsigned char) (in0 & 0x1F) ^ 0x10; | |
58 | idx1 = (unsigned char) (in1 & 0x1F) ^ 0x10; | |
59 | ||
60 | if (hashmap[idx0] == 0xff) return CRYPT_INVALID_PACKET; | |
61 | if (hashmap[idx1] == 0xff) return CRYPT_INVALID_PACKET; | |
62 | ||
63 | out[pos / 2] = (unsigned char) (hashmap[idx0] << 4) | hashmap[idx1]; | |
64 | } | |
65 | *outlen = pos / 2; | |
66 | return CRYPT_OK; | |
67 | } | |
68 | ||
69 | #endif | |
70 | ||
71 | /* ref: $Format:%D$ */ | |
72 | /* git commit: $Format:%H$ */ | |
73 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | ||
9 | #include "tomcrypt.h" | |
10 | ||
11 | /** | |
12 | @file base16_encode.c | |
13 | Base16/Hex encode a string, Steffen Jaeckel | |
14 | */ | |
15 | ||
16 | #ifdef LTC_BASE16 | |
17 | ||
18 | /** | |
19 | Base16 encode a buffer | |
20 | @param in The input buffer to encode | |
21 | @param inlen The length of the input buffer | |
22 | @param out [out] The destination of the Base16 encoded data | |
23 | @param outlen [in/out] The max size and resulting size of the encoded data | |
24 | @param caps Output 'a-f' on 0 and 'A-F' otherwise. | |
25 | @return CRYPT_OK if successful | |
26 | */ | |
27 | int base16_encode(const unsigned char *in, unsigned long inlen, | |
28 | char *out, unsigned long *outlen, | |
29 | int caps) | |
30 | { | |
31 | unsigned long i, x; | |
32 | const char *alphabet; | |
33 | const char *alphabets[2] = { | |
34 | "0123456789abcdef", | |
35 | "0123456789ABCDEF", | |
36 | }; | |
37 | ||
38 | LTC_ARGCHK(in != NULL); | |
39 | LTC_ARGCHK(out != NULL); | |
40 | LTC_ARGCHK(outlen != NULL); | |
41 | ||
42 | /* check the sizes */ | |
43 | x = inlen * 2 + 1; | |
44 | ||
45 | if (x < inlen) return CRYPT_OVERFLOW; | |
46 | ||
47 | if (*outlen < x) { | |
48 | *outlen = x; | |
49 | return CRYPT_BUFFER_OVERFLOW; | |
50 | } | |
51 | x--; | |
52 | *outlen = x; /* returning the length without terminating NUL */ | |
53 | ||
54 | if (caps == 0) alphabet = alphabets[0]; | |
55 | else alphabet = alphabets[1]; | |
56 | ||
57 | for (i = 0; i < x; i += 2) { | |
58 | out[i] = alphabet[(in[i/2] >> 4) & 0x0f]; | |
59 | out[i+1] = alphabet[in[i/2] & 0x0f]; | |
60 | } | |
61 | out[x] = '\0'; | |
62 | ||
63 | return CRYPT_OK; | |
64 | } | |
65 | ||
66 | #endif | |
67 | ||
68 | /* ref: $Format:%D$ */ | |
69 | /* git commit: $Format:%H$ */ | |
70 | /* commit time: $Format:%ai$ */ |
19 | 19 | @param id Alphabet to use BASE32_RFC4648, BASE32_BASE32HEX, BASE32_ZBASE32 or BASE32_CROCKFORD |
20 | 20 | @return CRYPT_OK if successful |
21 | 21 | */ |
22 | int base32_decode(const unsigned char *in, unsigned long inlen, | |
22 | int base32_decode(const char *in, unsigned long inlen, | |
23 | 23 | unsigned char *out, unsigned long *outlen, |
24 | 24 | base32_alphabet id) |
25 | 25 | { |
26 | 26 | unsigned long x; |
27 | 27 | int y = 0; |
28 | 28 | ulong64 t = 0; |
29 | unsigned char c; | |
29 | char c; | |
30 | 30 | const unsigned char *map; |
31 | 31 | const unsigned char tables[4][43] = { |
32 | 32 | { /* id = BASE32_RFC4648 : ABCDEFGHIJKLMNOPQRSTUVWXYZ234567 */ |
89 | 89 | c = in[x]; |
90 | 90 | /* convert to upper case */ |
91 | 91 | if ((c >= 'a') && (c <= 'z')) c -= 32; |
92 | /* '0' = 48 .. 'Z' = 90 */ | |
93 | if (c < 48 || c > 90 || map[c-48] > 31) { | |
92 | if (c < '0' || c > 'Z' || map[c-'0'] > 31) { | |
94 | 93 | return CRYPT_INVALID_PACKET; |
95 | 94 | } |
96 | t = (t<<5)|map[c-48]; | |
95 | t = (t<<5) | map[c-'0']; | |
97 | 96 | if (++y == 8) { |
98 | 97 | *out++ = (unsigned char)((t>>32) & 255); |
99 | 98 | *out++ = (unsigned char)((t>>24) & 255); |
20 | 20 | @return CRYPT_OK if successful |
21 | 21 | */ |
22 | 22 | int base32_encode(const unsigned char *in, unsigned long inlen, |
23 | unsigned char *out, unsigned long *outlen, | |
23 | char *out, unsigned long *outlen, | |
24 | 24 | base32_alphabet id) |
25 | 25 | { |
26 | 26 | unsigned long i, x; |
27 | unsigned char *codes; | |
27 | const char *codes; | |
28 | 28 | const char *alphabet[4] = { |
29 | 29 | "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567", /* id = BASE32_RFC4648 */ |
30 | 30 | "0123456789ABCDEFGHIJKLMNOPQRSTUV", /* id = BASE32_BASE32HEX */ |
38 | 38 | LTC_ARGCHK(id >= BASE32_RFC4648); |
39 | 39 | LTC_ARGCHK(id <= BASE32_CROCKFORD); |
40 | 40 | |
41 | /* no input, nothing to do */ | |
42 | if (inlen == 0) { | |
43 | *outlen = 0; | |
44 | return CRYPT_OK; | |
45 | } | |
46 | ||
47 | /* check the size of output buffer */ | |
48 | x = (8 * inlen + 4) / 5; | |
41 | /* check the size of output buffer +1 byte for terminating NUL */ | |
42 | x = (8 * inlen + 4) / 5 + 1; | |
49 | 43 | if (*outlen < x) { |
50 | 44 | *outlen = x; |
51 | 45 | return CRYPT_BUFFER_OVERFLOW; |
52 | 46 | } |
53 | *outlen = x; | |
47 | *outlen = x - 1; /* returning the length without terminating NUL */ | |
54 | 48 | |
55 | codes = (unsigned char*)alphabet[id]; | |
49 | /* no input, nothing to do */ | |
50 | if (inlen == 0) { | |
51 | *out = '\0'; | |
52 | return CRYPT_OK; | |
53 | } | |
54 | ||
55 | codes = alphabet[id]; | |
56 | 56 | x = 5 * (inlen / 5); |
57 | 57 | for (i = 0; i < x; i += 5) { |
58 | 58 | *out++ = codes[(in[0] >> 3) & 0x1F]; |
78 | 78 | } |
79 | 79 | if (i+2 < inlen) { |
80 | 80 | *out++ = codes[(((c & 0xF) << 1) + (d >> 7)) & 0x1F]; |
81 | *out++ = codes[(d >> 2) & 0x1F]; | |
82 | 81 | } |
83 | 82 | if (i+3 < inlen) { |
83 | *out++ = codes[(d >> 2) & 0x1F]; | |
84 | 84 | *out++ = codes[((d & 0x3) << 3) & 0x1F]; |
85 | 85 | } |
86 | 86 | } |
87 | *out = '\0'; | |
87 | 88 | return CRYPT_OK; |
88 | 89 | } |
89 | 90 |
16 | 16 | |
17 | 17 | #if defined(LTC_BASE64) || defined (LTC_BASE64_URL) |
18 | 18 | |
19 | /* 253 - ignored in "relaxed" + "insane" mode: TAB(9), CR(13), LF(10), space(32) | |
20 | * 254 - padding character '=' (allowed only at the end) | |
21 | * 255 - ignored in "insane" mode, but not allowed in "relaxed" + "strict" mode | |
22 | */ | |
23 | ||
19 | 24 | #if defined(LTC_BASE64) |
20 | 25 | static const unsigned char map_base64[256] = { |
21 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, | |
22 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, | |
23 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, | |
26 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 253, 253, 255, | |
27 | 255, 253, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, | |
28 | 255, 255, 255, 255, 255, 255, 255, 255, 253, 255, 255, 255, | |
24 | 29 | 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, 255, 63, |
25 | 30 | 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, |
26 | 31 | 255, 254, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, |
44 | 49 | |
45 | 50 | static const unsigned char map_base64url[] = { |
46 | 51 | #if defined(LTC_BASE64_URL) |
47 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, | |
48 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, | |
49 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, | |
52 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 253, 253, 255, | |
53 | 255, 253, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, | |
54 | 255, 255, 255, 255, 255, 255, 255, 255, 253, 255, 255, 255, | |
50 | 55 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, |
51 | 56 | 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, |
52 | 57 | 255, 254, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, |
70 | 75 | }; |
71 | 76 | |
72 | 77 | enum { |
73 | relaxed = 0, | |
74 | strict = 1 | |
78 | insane = 0, | |
79 | strict = 1, | |
80 | relaxed = 2 | |
75 | 81 | }; |
76 | 82 | |
77 | static int _base64_decode_internal(const unsigned char *in, unsigned long inlen, | |
83 | static int _base64_decode_internal(const char *in, unsigned long inlen, | |
78 | 84 | unsigned char *out, unsigned long *outlen, |
79 | const unsigned char *map, int is_strict) | |
85 | const unsigned char *map, int mode) | |
80 | 86 | { |
81 | 87 | unsigned long t, x, y, z; |
82 | 88 | unsigned char c; |
88 | 94 | |
89 | 95 | g = 0; /* '=' counter */ |
90 | 96 | for (x = y = z = t = 0; x < inlen; x++) { |
91 | c = map[in[x]&0xFF]; | |
97 | if ((in[x] == 0) && (x == (inlen - 1)) && (mode != strict)) { | |
98 | continue; /* allow the last byte to be NUL (relaxed+insane) */ | |
99 | } | |
100 | c = map[(unsigned char)in[x]&0xFF]; | |
92 | 101 | if (c == 254) { |
93 | 102 | g++; |
94 | 103 | continue; |
95 | 104 | } |
96 | else if (is_strict && g > 0) { | |
97 | /* we only allow '=' to be at the end */ | |
98 | return CRYPT_INVALID_PACKET; | |
99 | } | |
100 | if (c == 255) { | |
101 | if (is_strict) | |
105 | if (c == 253) { | |
106 | if (mode == strict) | |
102 | 107 | return CRYPT_INVALID_PACKET; |
103 | 108 | else |
104 | continue; | |
109 | continue; /* allow to ignore white-spaces (relaxed+insane) */ | |
110 | } | |
111 | if (c == 255) { | |
112 | if (mode == insane) | |
113 | continue; /* allow to ignore invalid garbage (insane) */ | |
114 | else | |
115 | return CRYPT_INVALID_PACKET; | |
116 | } | |
117 | if ((g > 0) && (mode != insane)) { | |
118 | /* we only allow '=' to be at the end (strict+relaxed) */ | |
119 | return CRYPT_INVALID_PACKET; | |
105 | 120 | } |
106 | 121 | |
107 | 122 | t = (t<<6)|c; |
117 | 132 | |
118 | 133 | if (y != 0) { |
119 | 134 | if (y == 1) return CRYPT_INVALID_PACKET; |
120 | if ((y + g) != 4 && is_strict && map != map_base64url) return CRYPT_INVALID_PACKET; | |
135 | if (((y + g) != 4) && (mode == strict) && (map != map_base64url)) return CRYPT_INVALID_PACKET; | |
121 | 136 | t = t << (6 * (4 - y)); |
122 | 137 | if (z + y - 1 > *outlen) return CRYPT_BUFFER_OVERFLOW; |
123 | 138 | if (y >= 2) out[z++] = (unsigned char) ((t >> 16) & 255); |
129 | 144 | |
130 | 145 | #if defined(LTC_BASE64) |
131 | 146 | /** |
132 | Relaxed base64 decode a block of memory | |
133 | @param in The base64 data to decode | |
134 | @param inlen The length of the base64 data | |
135 | @param out [out] The destination of the binary decoded data | |
136 | @param outlen [in/out] The max size and resulting size of the decoded data | |
137 | @return CRYPT_OK if successful | |
138 | */ | |
139 | int base64_decode(const unsigned char *in, unsigned long inlen, | |
147 | Dangerously relaxed base64 decode a block of memory | |
148 | @param in The base64 data to decode | |
149 | @param inlen The length of the base64 data | |
150 | @param out [out] The destination of the binary decoded data | |
151 | @param outlen [in/out] The max size and resulting size of the decoded data | |
152 | @return CRYPT_OK if successful | |
153 | */ | |
154 | int base64_decode(const char *in, unsigned long inlen, | |
140 | 155 | unsigned char *out, unsigned long *outlen) |
141 | 156 | { |
142 | return _base64_decode_internal(in, inlen, out, outlen, map_base64, relaxed); | |
157 | return _base64_decode_internal(in, inlen, out, outlen, map_base64, insane); | |
143 | 158 | } |
144 | 159 | |
145 | 160 | /** |
150 | 165 | @param outlen [in/out] The max size and resulting size of the decoded data |
151 | 166 | @return CRYPT_OK if successful |
152 | 167 | */ |
153 | int base64_strict_decode(const unsigned char *in, unsigned long inlen, | |
168 | int base64_strict_decode(const char *in, unsigned long inlen, | |
154 | 169 | unsigned char *out, unsigned long *outlen) |
155 | 170 | { |
156 | 171 | return _base64_decode_internal(in, inlen, out, outlen, map_base64, strict); |
157 | 172 | } |
173 | ||
174 | /** | |
175 | Sane base64 decode a block of memory | |
176 | @param in The base64 data to decode | |
177 | @param inlen The length of the base64 data | |
178 | @param out [out] The destination of the binary decoded data | |
179 | @param outlen [in/out] The max size and resulting size of the decoded data | |
180 | @return CRYPT_OK if successful | |
181 | */ | |
182 | int base64_sane_decode(const char *in, unsigned long inlen, | |
183 | unsigned char *out, unsigned long *outlen) | |
184 | { | |
185 | return _base64_decode_internal(in, inlen, out, outlen, map_base64, relaxed); | |
186 | } | |
158 | 187 | #endif /* LTC_BASE64 */ |
159 | 188 | |
160 | 189 | #if defined(LTC_BASE64_URL) |
161 | 190 | /** |
162 | Relaxed base64 (URL Safe, RFC 4648 section 5) decode a block of memory | |
163 | @param in The base64 data to decode | |
164 | @param inlen The length of the base64 data | |
165 | @param out [out] The destination of the binary decoded data | |
166 | @param outlen [in/out] The max size and resulting size of the decoded data | |
167 | @return CRYPT_OK if successful | |
168 | */ | |
169 | int base64url_decode(const unsigned char *in, unsigned long inlen, | |
191 | Dangerously relaxed base64 (URL Safe, RFC 4648 section 5) decode a block of memory | |
192 | @param in The base64 data to decode | |
193 | @param inlen The length of the base64 data | |
194 | @param out [out] The destination of the binary decoded data | |
195 | @param outlen [in/out] The max size and resulting size of the decoded data | |
196 | @return CRYPT_OK if successful | |
197 | */ | |
198 | int base64url_decode(const char *in, unsigned long inlen, | |
170 | 199 | unsigned char *out, unsigned long *outlen) |
171 | 200 | { |
201 | return _base64_decode_internal(in, inlen, out, outlen, map_base64url, insane); | |
202 | } | |
203 | ||
204 | /** | |
205 | Strict base64 (URL Safe, RFC 4648 section 5) decode a block of memory | |
206 | @param in The base64 data to decode | |
207 | @param inlen The length of the base64 data | |
208 | @param out [out] The destination of the binary decoded data | |
209 | @param outlen [in/out] The max size and resulting size of the decoded data | |
210 | @return CRYPT_OK if successful | |
211 | */ | |
212 | int base64url_strict_decode(const char *in, unsigned long inlen, | |
213 | unsigned char *out, unsigned long *outlen) | |
214 | { | |
215 | return _base64_decode_internal(in, inlen, out, outlen, map_base64url, strict); | |
216 | } | |
217 | ||
218 | /** | |
219 | Sane base64 (URL Safe, RFC 4648 section 5) decode a block of memory | |
220 | @param in The base64 data to decode | |
221 | @param inlen The length of the base64 data | |
222 | @param out [out] The destination of the binary decoded data | |
223 | @param outlen [in/out] The max size and resulting size of the decoded data | |
224 | @return CRYPT_OK if successful | |
225 | */ | |
226 | int base64url_sane_decode(const char *in, unsigned long inlen, | |
227 | unsigned char *out, unsigned long *outlen) | |
228 | { | |
172 | 229 | return _base64_decode_internal(in, inlen, out, outlen, map_base64url, relaxed); |
173 | } | |
174 | ||
175 | /** | |
176 | Strict base64 (URL Safe, RFC 4648 section 5) decode a block of memory | |
177 | @param in The base64 data to decode | |
178 | @param inlen The length of the base64 data | |
179 | @param out [out] The destination of the binary decoded data | |
180 | @param outlen [in/out] The max size and resulting size of the decoded data | |
181 | @return CRYPT_OK if successful | |
182 | */ | |
183 | int base64url_strict_decode(const unsigned char *in, unsigned long inlen, | |
184 | unsigned char *out, unsigned long *outlen) | |
185 | { | |
186 | return _base64_decode_internal(in, inlen, out, outlen, map_base64url, strict); | |
187 | 230 | } |
188 | 231 | #endif /* LTC_BASE64_URL */ |
189 | 232 |
27 | 27 | #endif /* LTC_BASE64_URL */ |
28 | 28 | |
29 | 29 | static int _base64_encode_internal(const unsigned char *in, unsigned long inlen, |
30 | unsigned char *out, unsigned long *outlen, | |
30 | char *out, unsigned long *outlen, | |
31 | 31 | const char *codes, int pad) |
32 | 32 | { |
33 | 33 | unsigned long i, len2, leven; |
34 | unsigned char *p; | |
34 | char *p; | |
35 | 35 | |
36 | 36 | LTC_ARGCHK(in != NULL); |
37 | 37 | LTC_ARGCHK(out != NULL); |
72 | 72 | *p = '\0'; |
73 | 73 | |
74 | 74 | /* return ok */ |
75 | *outlen = (unsigned long)(p - out); | |
75 | *outlen = (unsigned long)(p - out); /* the length without terminating NUL */ | |
76 | 76 | return CRYPT_OK; |
77 | 77 | } |
78 | 78 | |
86 | 86 | @return CRYPT_OK if successful |
87 | 87 | */ |
88 | 88 | int base64_encode(const unsigned char *in, unsigned long inlen, |
89 | unsigned char *out, unsigned long *outlen) | |
89 | char *out, unsigned long *outlen) | |
90 | 90 | { |
91 | 91 | return _base64_encode_internal(in, inlen, out, outlen, codes_base64, 1); |
92 | 92 | } |
103 | 103 | @return CRYPT_OK if successful |
104 | 104 | */ |
105 | 105 | int base64url_encode(const unsigned char *in, unsigned long inlen, |
106 | unsigned char *out, unsigned long *outlen) | |
106 | char *out, unsigned long *outlen) | |
107 | 107 | { |
108 | 108 | return _base64_encode_internal(in, inlen, out, outlen, codes_base64url, 0); |
109 | 109 | } |
110 | 110 | |
111 | 111 | int base64url_strict_encode(const unsigned char *in, unsigned long inlen, |
112 | unsigned char *out, unsigned long *outlen) | |
112 | char *out, unsigned long *outlen) | |
113 | 113 | { |
114 | 114 | return _base64_encode_internal(in, inlen, out, outlen, codes_base64url, 1); |
115 | 115 | } |
24 | 24 | unsigned long y; |
25 | 25 | #ifdef LTC_FAST |
26 | 26 | unsigned long z; |
27 | LTC_FAST_TYPE fastMask = ~0; /* initialize fastMask at all ones */ | |
27 | LTC_FAST_TYPE fastMask = ~(LTC_FAST_TYPE)0; /* initialize fastMask at all ones */ | |
28 | 28 | #endif |
29 | 29 | unsigned char mask = 0xff; /* initialize mask at all ones */ |
30 | 30 |
158 | 158 | ctx->crc = crc; |
159 | 159 | } |
160 | 160 | |
161 | void crc32_finish(crc32_state *ctx, void *hash, unsigned long size) | |
161 | void crc32_finish(const crc32_state *ctx, void *hash, unsigned long size) | |
162 | 162 | { |
163 | 163 | unsigned long i; |
164 | 164 | unsigned char* h; |
312 | 312 | " ChaCha20\n" |
313 | 313 | #endif |
314 | 314 | #if defined(LTC_FORTUNA) |
315 | " Fortuna (" NAME_VALUE(LTC_FORTUNA_POOLS) ", " NAME_VALUE(LTC_FORTUNA_WD) ")\n" | |
315 | " Fortuna (" NAME_VALUE(LTC_FORTUNA_POOLS) ", " | |
316 | #if defined(LTC_FORTUNA_RESEED_RATELIMIT_TIMED) | |
317 | "LTC_FORTUNA_RESEED_RATELIMIT_TIMED, " | |
318 | #else | |
319 | "LTC_FORTUNA_RESEED_RATELIMIT_STATIC, " NAME_VALUE(LTC_FORTUNA_WD) | |
320 | #endif | |
321 | ")\n" | |
316 | 322 | #endif |
317 | 323 | #if defined(LTC_SOBER128) |
318 | 324 | " SOBER128\n" |
413 | 419 | #if defined(LTC_BASE32) |
414 | 420 | " BASE32 " |
415 | 421 | #endif |
422 | #if defined(LTC_BASE16) | |
423 | " BASE16 " | |
424 | #endif | |
416 | 425 | #if defined(LTC_CRC32) |
417 | 426 | " CRC32 " |
418 | 427 | #endif |
419 | 428 | #if defined(LTC_DER) |
420 | 429 | " DER " |
430 | " " NAME_VALUE(LTC_DER_MAX_RECURSION) " " | |
421 | 431 | #endif |
422 | 432 | #if defined(LTC_PKCS_1) |
423 | 433 | " PKCS#1 " |
424 | 434 | #endif |
425 | 435 | #if defined(LTC_PKCS_5) |
426 | 436 | " PKCS#5 " |
437 | #endif | |
438 | #if defined(LTC_PADDING) | |
439 | " PADDING " | |
427 | 440 | #endif |
428 | 441 | #if defined(LTC_HKDF) |
429 | 442 | " HKDF " |
74 | 74 | {"LTC_PKCS_1", 0}, |
75 | 75 | #endif |
76 | 76 | |
77 | #ifdef LTC_PADDING | |
78 | {"LTC_PADDING", 1}, | |
79 | ||
80 | _C_STRINGIFY(LTC_PAD_PKCS7), | |
81 | #ifdef LTC_RNG_GET_BYTES | |
82 | _C_STRINGIFY(LTC_PAD_ISO_10126), | |
83 | #endif | |
84 | _C_STRINGIFY(LTC_PAD_ANSI_X923), | |
85 | _C_STRINGIFY(LTC_PAD_ONE_AND_ZERO), | |
86 | _C_STRINGIFY(LTC_PAD_ZERO), | |
87 | _C_STRINGIFY(LTC_PAD_ZERO_ALWAYS), | |
88 | #else | |
89 | {"LTC_PADDING", 0}, | |
90 | #endif | |
91 | ||
77 | 92 | #ifdef LTC_MRSA |
78 | 93 | {"LTC_MRSA", 1}, |
79 | 94 | #else |
110 | 125 | |
111 | 126 | #ifdef LTC_DER |
112 | 127 | /* DER handling */ |
128 | {"LTC_DER", 1}, | |
113 | 129 | _C_STRINGIFY(LTC_ASN1_EOL), |
114 | 130 | _C_STRINGIFY(LTC_ASN1_BOOLEAN), |
115 | 131 | _C_STRINGIFY(LTC_ASN1_INTEGER), |
130 | 146 | _C_STRINGIFY(LTC_ASN1_TELETEX_STRING), |
131 | 147 | _C_STRINGIFY(LTC_ASN1_GENERALIZEDTIME), |
132 | 148 | _C_STRINGIFY(LTC_ASN1_CUSTOM_TYPE), |
149 | _C_STRINGIFY(LTC_DER_MAX_RECURSION), | |
150 | #else | |
151 | {"LTC_DER", 0}, | |
133 | 152 | #endif |
134 | 153 | |
135 | 154 | #ifdef LTC_CTR_MODE |
244 | 244 | _SZ_STRINGIFY_T(dh_key), |
245 | 245 | #endif |
246 | 246 | #ifdef LTC_MECC |
247 | _SZ_STRINGIFY_T(ltc_ecc_set_type), | |
247 | _SZ_STRINGIFY_T(ltc_ecc_curve), | |
248 | 248 | _SZ_STRINGIFY_T(ecc_point), |
249 | 249 | _SZ_STRINGIFY_T(ecc_key), |
250 | 250 | #endif |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt.h" | |
9 | ||
10 | #ifdef LTC_PADDING | |
11 | ||
12 | /** | |
13 | Remove padding from your data | |
14 | ||
15 | This depads your data. | |
16 | ||
17 | @param data The data to depad | |
18 | @param length [in/out] The size of the data before/after (removing padding) | |
19 | @param mode One of the LTC_PAD_xx flags | |
20 | @return CRYPT_OK on success | |
21 | */ | |
22 | int padding_depad(const unsigned char *data, unsigned long *length, unsigned long mode) | |
23 | { | |
24 | unsigned long padded_length, unpadded_length, n; | |
25 | unsigned char pad; | |
26 | enum padding_type type; | |
27 | ||
28 | LTC_ARGCHK(data != NULL); | |
29 | LTC_ARGCHK(length != NULL); | |
30 | ||
31 | padded_length = *length; | |
32 | ||
33 | type = mode & LTC_PAD_MASK; | |
34 | ||
35 | if (type < LTC_PAD_ONE_AND_ZERO) { | |
36 | pad = data[padded_length - 1]; | |
37 | ||
38 | if (pad > padded_length) return CRYPT_INVALID_ARG; | |
39 | ||
40 | unpadded_length = padded_length - pad; | |
41 | } else { | |
42 | /* init pad to calm old compilers */ | |
43 | pad = 0x0; | |
44 | unpadded_length = padded_length; | |
45 | } | |
46 | ||
47 | switch (type) { | |
48 | case LTC_PAD_ANSI_X923: | |
49 | pad = 0x0; | |
50 | /* FALLTHROUGH */ | |
51 | case LTC_PAD_PKCS7: | |
52 | for (n = unpadded_length; n < padded_length - 1; ++n) { | |
53 | if (data[n] != pad) return CRYPT_INVALID_PACKET; | |
54 | } | |
55 | break; | |
56 | #ifdef LTC_RNG_GET_BYTES | |
57 | case LTC_PAD_ISO_10126: | |
58 | /* nop */ | |
59 | break; | |
60 | #endif | |
61 | case LTC_PAD_ONE_AND_ZERO: | |
62 | while (unpadded_length > 0 && data[unpadded_length - 1] != 0x80) { | |
63 | if (data[unpadded_length - 1] != 0x0) return CRYPT_INVALID_PACKET; | |
64 | unpadded_length--; | |
65 | } | |
66 | if (unpadded_length == 0) return CRYPT_INVALID_PACKET; | |
67 | unpadded_length--; | |
68 | if (data[unpadded_length] != 0x80) return CRYPT_INVALID_PACKET; | |
69 | break; | |
70 | case LTC_PAD_ZERO: | |
71 | case LTC_PAD_ZERO_ALWAYS: | |
72 | while (unpadded_length > 0 && data[unpadded_length - 1] == 0x0) { | |
73 | unpadded_length--; | |
74 | } | |
75 | if (type == LTC_PAD_ZERO_ALWAYS) { | |
76 | if (unpadded_length == padded_length) return CRYPT_INVALID_PACKET; | |
77 | if (data[unpadded_length] != 0x0) return CRYPT_INVALID_PACKET; | |
78 | } | |
79 | break; | |
80 | default: | |
81 | return CRYPT_INVALID_ARG; | |
82 | } | |
83 | ||
84 | *length = unpadded_length; | |
85 | ||
86 | return CRYPT_OK; | |
87 | } | |
88 | ||
89 | #endif | |
90 | ||
91 | /* ref: $Format:%D$ */ | |
92 | /* git commit: $Format:%H$ */ | |
93 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt.h" | |
9 | ||
10 | #ifdef LTC_PADDING | |
11 | ||
12 | /** | |
13 | Determine the to-be-padded length. | |
14 | ||
15 | @param length [in/out] The size of the data before/after padding | |
16 | @param mode Mask of (LTC_PAD_xxx | block_length) | |
17 | @return CRYPT_OK on success | |
18 | */ | |
19 | static int _padding_padded_length(unsigned long *length, unsigned long mode) | |
20 | { | |
21 | enum padding_type padding; | |
22 | unsigned char pad, block_length, r, t; | |
23 | ||
24 | LTC_ARGCHK(length != NULL); | |
25 | ||
26 | block_length = mode & 0xff; | |
27 | padding = mode & LTC_PAD_MASK; | |
28 | r = *length % block_length; | |
29 | ||
30 | switch (padding) { | |
31 | case LTC_PAD_ZERO: | |
32 | if (r == 0) { | |
33 | t = 0; | |
34 | break; | |
35 | } | |
36 | /* FALLTHROUGH */ | |
37 | case LTC_PAD_PKCS7: | |
38 | case LTC_PAD_ONE_AND_ZERO: | |
39 | case LTC_PAD_ZERO_ALWAYS: | |
40 | t = 1; | |
41 | break; | |
42 | #ifdef LTC_RNG_GET_BYTES | |
43 | case LTC_PAD_ISO_10126: | |
44 | do { | |
45 | if (rng_get_bytes(&t, sizeof(t), NULL) != sizeof(t)) { | |
46 | return CRYPT_ERROR_READPRNG; | |
47 | } | |
48 | t %= (256 / block_length); | |
49 | } while (t == 0); | |
50 | break; | |
51 | #endif | |
52 | case LTC_PAD_ANSI_X923: | |
53 | if (block_length != 16) { | |
54 | return CRYPT_INVALID_ARG; | |
55 | } | |
56 | t = 1; | |
57 | break; | |
58 | default: | |
59 | return CRYPT_INVALID_ARG; | |
60 | } | |
61 | ||
62 | pad = (t * block_length) - r; | |
63 | ||
64 | if ((pad == 0) && (padding != LTC_PAD_ZERO)) { | |
65 | pad = block_length; | |
66 | } | |
67 | ||
68 | *length += pad; | |
69 | ||
70 | return CRYPT_OK; | |
71 | } | |
72 | ||
73 | /** | |
74 | Add padding to data. | |
75 | ||
76 | This pads your data. | |
77 | ||
78 | @param data The data to depad | |
79 | @param length The size of the data before padding | |
80 | @param padded_length [in/out] The size of the data available/after padding | |
81 | @param mode One of the LTC_PAD_xx flags | |
82 | @return CRYPT_OK on success | |
83 | */ | |
84 | int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode) | |
85 | { | |
86 | unsigned long diff, l; | |
87 | enum padding_type type; | |
88 | int err; | |
89 | ||
90 | LTC_ARGCHK(data != NULL); | |
91 | LTC_ARGCHK(padded_length != NULL); | |
92 | ||
93 | l = length; | |
94 | if ((err = _padding_padded_length(&l, mode)) != CRYPT_OK) { | |
95 | return err; | |
96 | } | |
97 | ||
98 | type = mode & LTC_PAD_MASK; | |
99 | ||
100 | if (*padded_length < l) { | |
101 | if (type != LTC_PAD_ISO_10126) *padded_length = l; | |
102 | else *padded_length = length + 256; | |
103 | return CRYPT_BUFFER_OVERFLOW; | |
104 | } | |
105 | ||
106 | diff = l - length; | |
107 | if (diff > 255) return CRYPT_INVALID_ARG; | |
108 | ||
109 | switch (type) { | |
110 | case LTC_PAD_PKCS7: | |
111 | XMEMSET(&data[length], diff, diff); | |
112 | break; | |
113 | #ifdef LTC_RNG_GET_BYTES | |
114 | case LTC_PAD_ISO_10126: | |
115 | if (rng_get_bytes(&data[length], diff-1, NULL) != diff-1) { | |
116 | return CRYPT_ERROR_READPRNG; | |
117 | } | |
118 | data[l-1] = diff; | |
119 | break; | |
120 | #endif | |
121 | case LTC_PAD_ANSI_X923: | |
122 | XMEMSET(&data[length], 0, diff-1); | |
123 | data[l-1] = diff; | |
124 | break; | |
125 | case LTC_PAD_ONE_AND_ZERO: | |
126 | XMEMSET(&data[length + 1], 0, diff); | |
127 | data[length] = 0x80; | |
128 | break; | |
129 | case LTC_PAD_ZERO: | |
130 | case LTC_PAD_ZERO_ALWAYS: | |
131 | XMEMSET(&data[length], 0, diff); | |
132 | break; | |
133 | default: | |
134 | return CRYPT_INVALID_ARG; | |
135 | } | |
136 | *padded_length = l; | |
137 | ||
138 | return CRYPT_OK; | |
139 | } | |
140 | ||
141 | #endif | |
142 | ||
143 | /* ref: $Format:%D$ */ | |
144 | /* git commit: $Format:%H$ */ | |
145 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | ||
9 | #include "tomcrypt.h" | |
10 | ||
11 | int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen) | |
12 | { | |
13 | unsigned long i, j, limit; | |
14 | ||
15 | LTC_ARGCHK(oid != NULL); | |
16 | LTC_ARGCHK(oidlen != NULL); | |
17 | ||
18 | limit = *oidlen; | |
19 | *oidlen = 0; /* make sure that we return zero oidlen on error */ | |
20 | for (i = 0; i < limit; i++) oid[i] = 0; | |
21 | ||
22 | if ((OID == NULL) || (strlen(OID) == 0)) return CRYPT_OK; | |
23 | ||
24 | for (i = 0, j = 0; i < strlen(OID); i++) { | |
25 | if (OID[i] == '.') { | |
26 | if (++j >= limit) return CRYPT_ERROR; | |
27 | } | |
28 | else if ((OID[i] >= '0') && (OID[i] <= '9')) { | |
29 | oid[j] = oid[j] * 10 + (OID[i] - '0'); | |
30 | } | |
31 | else { | |
32 | return CRYPT_ERROR; | |
33 | } | |
34 | } | |
35 | if (j == 0) return CRYPT_ERROR; | |
36 | *oidlen = j + 1; | |
37 | return CRYPT_OK; | |
38 | } | |
39 | ||
40 | int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen) | |
41 | { | |
42 | int i; | |
43 | unsigned long j, k; | |
44 | char tmp[256] = { 0 }; | |
45 | unsigned long tmpsz = sizeof(tmp); | |
46 | ||
47 | LTC_ARGCHK(oid != NULL); | |
48 | LTC_ARGCHK(OID != NULL); | |
49 | LTC_ARGCHK(outlen != NULL); | |
50 | ||
51 | for (i = oidlen - 1, k = 0; i >= 0; i--) { | |
52 | j = oid[i]; | |
53 | if (j == 0) { | |
54 | tmp[k] = '0'; | |
55 | if (++k >= tmpsz) return CRYPT_ERROR; | |
56 | } | |
57 | else { | |
58 | while (j > 0) { | |
59 | tmp[k] = '0' + (j % 10); | |
60 | if (++k >= tmpsz) return CRYPT_ERROR; | |
61 | j /= 10; | |
62 | } | |
63 | } | |
64 | if (i > 0) { | |
65 | tmp[k] = '.'; | |
66 | if (++k >= tmpsz) return CRYPT_ERROR; | |
67 | } | |
68 | } | |
69 | if (*outlen < k + 1) { | |
70 | *outlen = k + 1; | |
71 | return CRYPT_BUFFER_OVERFLOW; | |
72 | } | |
73 | for (j = 0; j < k; j++) OID[j] = tmp[k - j - 1]; | |
74 | OID[k] = '\0'; | |
75 | *outlen = k; /* the length without terminating NUL byte */ | |
76 | return CRYPT_OK; | |
77 | } | |
78 | ||
79 | /* ref: $Format:%D$ */ | |
80 | /* git commit: $Format:%H$ */ | |
81 | /* commit time: $Format:%ai$ */ |
21 | 21 | @param cbc The CBC state |
22 | 22 | @return CRYPT_OK if successful |
23 | 23 | */ |
24 | int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc) | |
24 | int cbc_getiv(unsigned char *IV, unsigned long *len, const symmetric_CBC *cbc) | |
25 | 25 | { |
26 | 26 | LTC_ARGCHK(IV != NULL); |
27 | 27 | LTC_ARGCHK(len != NULL); |
21 | 21 | @param cfb The CFB state |
22 | 22 | @return CRYPT_OK if successful |
23 | 23 | */ |
24 | int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb) | |
24 | int cfb_getiv(unsigned char *IV, unsigned long *len, const symmetric_CFB *cfb) | |
25 | 25 | { |
26 | 26 | LTC_ARGCHK(IV != NULL); |
27 | 27 | LTC_ARGCHK(len != NULL); |
16 | 16 | #ifdef LTC_CTR_MODE |
17 | 17 | |
18 | 18 | /** |
19 | CTR encrypt | |
19 | CTR encrypt software implementation | |
20 | 20 | @param pt Plaintext |
21 | 21 | @param ct [out] Ciphertext |
22 | 22 | @param len Length of plaintext (octets) |
23 | 23 | @param ctr CTR state |
24 | 24 | @return CRYPT_OK if successful |
25 | 25 | */ |
26 | int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) | |
26 | static int _ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) | |
27 | 27 | { |
28 | 28 | int x, err; |
29 | ||
30 | LTC_ARGCHK(pt != NULL); | |
31 | LTC_ARGCHK(ct != NULL); | |
32 | LTC_ARGCHK(ctr != NULL); | |
33 | ||
34 | if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) { | |
35 | return err; | |
36 | } | |
37 | ||
38 | /* is blocklen/padlen valid? */ | |
39 | if (ctr->blocklen < 1 || ctr->blocklen > (int)sizeof(ctr->ctr) || | |
40 | ctr->padlen < 0 || ctr->padlen > (int)sizeof(ctr->pad)) { | |
41 | return CRYPT_INVALID_ARG; | |
42 | } | |
43 | ||
44 | #ifdef LTC_FAST | |
45 | if (ctr->blocklen % sizeof(LTC_FAST_TYPE)) { | |
46 | return CRYPT_INVALID_ARG; | |
47 | } | |
48 | #endif | |
49 | ||
50 | /* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */ | |
51 | if ((ctr->padlen == ctr->blocklen) && cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL && (len >= (unsigned long)ctr->blocklen)) { | |
52 | if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) { | |
53 | return err; | |
54 | } | |
55 | pt += (len / ctr->blocklen) * ctr->blocklen; | |
56 | ct += (len / ctr->blocklen) * ctr->blocklen; | |
57 | len %= ctr->blocklen; | |
58 | } | |
59 | 29 | |
60 | 30 | while (len) { |
61 | 31 | /* is the pad empty? */ |
86 | 56 | ctr->padlen = 0; |
87 | 57 | } |
88 | 58 | #ifdef LTC_FAST |
89 | if (ctr->padlen == 0 && len >= (unsigned long)ctr->blocklen) { | |
59 | if ((ctr->padlen == 0) && (len >= (unsigned long)ctr->blocklen)) { | |
90 | 60 | for (x = 0; x < ctr->blocklen; x += sizeof(LTC_FAST_TYPE)) { |
91 | 61 | *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) ^ |
92 | 62 | *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ctr->pad + x)); |
104 | 74 | return CRYPT_OK; |
105 | 75 | } |
106 | 76 | |
77 | /** | |
78 | CTR encrypt | |
79 | @param pt Plaintext | |
80 | @param ct [out] Ciphertext | |
81 | @param len Length of plaintext (octets) | |
82 | @param ctr CTR state | |
83 | @return CRYPT_OK if successful | |
84 | */ | |
85 | int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr) | |
86 | { | |
87 | int err, fr; | |
88 | ||
89 | LTC_ARGCHK(pt != NULL); | |
90 | LTC_ARGCHK(ct != NULL); | |
91 | LTC_ARGCHK(ctr != NULL); | |
92 | ||
93 | if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) { | |
94 | return err; | |
95 | } | |
96 | ||
97 | /* is blocklen/padlen valid? */ | |
98 | if ((ctr->blocklen < 1) || (ctr->blocklen > (int)sizeof(ctr->ctr)) || | |
99 | (ctr->padlen < 0) || (ctr->padlen > (int)sizeof(ctr->pad))) { | |
100 | return CRYPT_INVALID_ARG; | |
101 | } | |
102 | ||
103 | #ifdef LTC_FAST | |
104 | if (ctr->blocklen % sizeof(LTC_FAST_TYPE)) { | |
105 | return CRYPT_INVALID_ARG; | |
106 | } | |
107 | #endif | |
108 | ||
109 | /* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */ | |
110 | if ((cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL) && (len >= (unsigned long)ctr->blocklen)) { | |
111 | if (ctr->padlen < ctr->blocklen) { | |
112 | fr = ctr->blocklen - ctr->padlen; | |
113 | if ((err = _ctr_encrypt(pt, ct, fr, ctr)) != CRYPT_OK) { | |
114 | return err; | |
115 | } | |
116 | pt += fr; | |
117 | ct += fr; | |
118 | len -= fr; | |
119 | } | |
120 | ||
121 | if (len >= (unsigned long)ctr->blocklen) { | |
122 | if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) { | |
123 | return err; | |
124 | } | |
125 | pt += (len / ctr->blocklen) * ctr->blocklen; | |
126 | ct += (len / ctr->blocklen) * ctr->blocklen; | |
127 | len %= ctr->blocklen; | |
128 | } | |
129 | } | |
130 | ||
131 | return _ctr_encrypt(pt, ct, len, ctr); | |
132 | } | |
133 | ||
107 | 134 | #endif |
108 | 135 | |
109 | 136 | /* ref: $Format:%D$ */ |
21 | 21 | @param ctr The CTR state |
22 | 22 | @return CRYPT_OK if successful |
23 | 23 | */ |
24 | int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr) | |
24 | int ctr_getiv(unsigned char *IV, unsigned long *len, const symmetric_CTR *ctr) | |
25 | 25 | { |
26 | 26 | LTC_ARGCHK(IV != NULL); |
27 | 27 | LTC_ARGCHK(len != NULL); |
21 | 21 | @param ofb The OFB state |
22 | 22 | @return CRYPT_OK if successful |
23 | 23 | */ |
24 | int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb) | |
24 | int ofb_getiv(unsigned char *IV, unsigned long *len, const symmetric_OFB *ofb) | |
25 | 25 | { |
26 | 26 | LTC_ARGCHK(IV != NULL); |
27 | 27 | LTC_ARGCHK(len != NULL); |
92 | 92 | goto LBL_ERR; |
93 | 93 | } |
94 | 94 | if ((ident.type != root->type) || |
95 | (ident.class != root->class) || | |
95 | (ident.klass != root->klass) || | |
96 | 96 | (ident.pc != root->pc) || |
97 | 97 | (ident.tag != root->tag)) { |
98 | 98 | err = CRYPT_INVALID_PACKET; |
76 | 76 | } |
77 | 77 | |
78 | 78 | tag_len = 1; |
79 | id->class = (in[0] >> 6) & 0x3; | |
79 | id->klass = (in[0] >> 6) & 0x3; | |
80 | 80 | id->pc = (in[0] >> 5) & 0x1; |
81 | 81 | id->tag = in[0] & 0x1f; |
82 | 82 | |
104 | 104 | |
105 | 105 | if (err != CRYPT_OK) { |
106 | 106 | id->pc = 0; |
107 | id->class = 0; | |
107 | id->klass = 0; | |
108 | 108 | id->tag = 0; |
109 | 109 | } else { |
110 | 110 | *inlen = tag_len; |
111 | if ((id->class == LTC_ASN1_CL_UNIVERSAL) && | |
111 | if ((id->klass == LTC_ASN1_CL_UNIVERSAL) && | |
112 | 112 | (id->tag < der_asn1_tag_to_type_map_sz) && |
113 | 113 | (id->tag < tag_constructed_map_sz) && |
114 | 114 | (id->pc == tag_constructed_map[id->tag])) { |
115 | 115 | id->type = der_asn1_tag_to_type_map[id->tag]; |
116 | 116 | } else { |
117 | if ((id->class == LTC_ASN1_CL_UNIVERSAL) && (id->tag == 0)) { | |
117 | if ((id->klass == LTC_ASN1_CL_UNIVERSAL) && (id->tag == 0)) { | |
118 | 118 | id->type = LTC_ASN1_EOL; |
119 | 119 | } else { |
120 | 120 | id->type = LTC_ASN1_CUSTOM_TYPE; |
41 | 41 | *outlen = 1; |
42 | 42 | return CRYPT_OK; |
43 | 43 | } else { |
44 | if (id->class < LTC_ASN1_CL_UNIVERSAL || id->class > LTC_ASN1_CL_PRIVATE) { | |
44 | if (id->klass < LTC_ASN1_CL_UNIVERSAL || id->klass > LTC_ASN1_CL_PRIVATE) { | |
45 | 45 | return CRYPT_INVALID_ARG; |
46 | 46 | } |
47 | 47 | if (id->pc < LTC_ASN1_PC_PRIMITIVE || id->pc > LTC_ASN1_PC_CONSTRUCTED) { |
57 | 57 | return CRYPT_BUFFER_OVERFLOW; |
58 | 58 | } |
59 | 59 | |
60 | out[0] = id->class << 6 | id->pc << 5; | |
60 | out[0] = id->klass << 6 | id->pc << 5; | |
61 | 61 | } |
62 | 62 | |
63 | 63 | if (id->tag < 0x1f) { |
36 | 36 | @param outlen [in/out] The length of the DER encoding |
37 | 37 | @return CRYPT_OK if successful |
38 | 38 | */ |
39 | int der_encode_generalizedtime(ltc_generalizedtime *gtime, | |
40 | unsigned char *out, unsigned long *outlen) | |
39 | int der_encode_generalizedtime(const ltc_generalizedtime *gtime, | |
40 | unsigned char *out, unsigned long *outlen) | |
41 | 41 | { |
42 | 42 | unsigned long x, tmplen; |
43 | 43 | int err; |
21 | 21 | @param outlen [out] The length of the DER encoding |
22 | 22 | @return CRYPT_OK if successful |
23 | 23 | */ |
24 | int der_length_generalizedtime(ltc_generalizedtime *gtime, unsigned long *outlen) | |
24 | int der_length_generalizedtime(const ltc_generalizedtime *gtime, unsigned long *outlen) | |
25 | 25 | { |
26 | 26 | LTC_ARGCHK(outlen != NULL); |
27 | 27 | LTC_ARGCHK(gtime != NULL); |
21 | 21 | @param outlen [in/out] The max and resulting size of the OID |
22 | 22 | @return CRYPT_OK if successful |
23 | 23 | */ |
24 | int der_encode_object_identifier(unsigned long *words, unsigned long nwords, | |
25 | unsigned char *out, unsigned long *outlen) | |
24 | int der_encode_object_identifier(const unsigned long *words, unsigned long nwords, | |
25 | unsigned char *out, unsigned long *outlen) | |
26 | 26 | { |
27 | 27 | unsigned long i, x, y, z, t, mask, wordbuf; |
28 | 28 | int err; |
34 | 34 | @param outlen [out] The length of the DER encoding for the given string |
35 | 35 | @return CRYPT_OK if successful |
36 | 36 | */ |
37 | int der_length_object_identifier(unsigned long *words, unsigned long nwords, unsigned long *outlen) | |
37 | int der_length_object_identifier(const unsigned long *words, unsigned long nwords, unsigned long *outlen) | |
38 | 38 | { |
39 | 39 | unsigned long y, z, t, wordbuf; |
40 | 40 |
42 | 42 | */ |
43 | 43 | int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out) |
44 | 44 | { |
45 | ltc_asn1_list *l; | |
45 | ltc_asn1_list *l, *t; | |
46 | 46 | unsigned long err, identifier, len, totlen, data_offset, id_len, len_len; |
47 | 47 | void *realloc_tmp; |
48 | 48 | |
95 | 95 | } |
96 | 96 | data_offset = id_len + len_len; |
97 | 97 | #if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 1 |
98 | if (l->type == LTC_ASN1_CUSTOM_TYPE && l->class == LTC_ASN1_CL_CONTEXT_SPECIFIC) { | |
98 | if (l->type == LTC_ASN1_CUSTOM_TYPE && l->klass == LTC_ASN1_CL_CONTEXT_SPECIFIC) { | |
99 | 99 | fprintf(stderr, "OK %02lx: hl=%4lu l=%4lu - Context Specific[%s %llu]\n", identifier, data_offset, len, der_asn1_pc_to_string_map[l->pc], l->tag); |
100 | 100 | } else { |
101 | 101 | fprintf(stderr, "OK %02lx: hl=%4lu l=%4lu - %s\n", identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag]); |
462 | 462 | l->child->parent = l; |
463 | 463 | } |
464 | 464 | |
465 | t = l; | |
466 | len_len = 0; | |
467 | while((t != NULL) && (t->child != NULL)) { | |
468 | len_len++; | |
469 | t = t->child; | |
470 | } | |
471 | if (len_len > LTC_DER_MAX_RECURSION) { | |
472 | err = CRYPT_PK_ASN1_ERROR; | |
473 | goto error; | |
474 | } | |
475 | ||
465 | 476 | break; |
466 | 477 | |
467 | 478 | case 0x80: /* Context-specific */ |
24 | 24 | @param type_of LTC_ASN1_SEQUENCE or LTC_ASN1_SET/LTC_ASN1_SETOF |
25 | 25 | @return CRYPT_OK on success |
26 | 26 | */ |
27 | int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, | |
28 | unsigned char *out, unsigned long *outlen, int type_of) | |
27 | int der_encode_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, | |
28 | unsigned char *out, unsigned long *outlen, int type_of) | |
29 | 29 | { |
30 | 30 | int err; |
31 | 31 | ltc_asn1_type type; |
21 | 21 | @param outlen [out] The length required in octets to store it |
22 | 22 | @return CRYPT_OK on success |
23 | 23 | */ |
24 | int der_length_sequence(ltc_asn1_list *list, unsigned long inlen, | |
24 | int der_length_sequence(const ltc_asn1_list *list, unsigned long inlen, | |
25 | 25 | unsigned long *outlen) |
26 | 26 | { |
27 | 27 | return der_length_sequence_ex(list, inlen, outlen, NULL); |
28 | 28 | } |
29 | 29 | |
30 | int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, | |
30 | int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, | |
31 | 31 | unsigned long *outlen, unsigned long *payloadlen) |
32 | 32 | { |
33 | 33 | int err; |
45 | 45 | @param outlen [in/out] The size of the output |
46 | 46 | @return CRYPT_OK on success |
47 | 47 | */ |
48 | int der_encode_set(ltc_asn1_list *list, unsigned long inlen, | |
49 | unsigned char *out, unsigned long *outlen) | |
48 | int der_encode_set(const ltc_asn1_list *list, unsigned long inlen, | |
49 | unsigned char *out, unsigned long *outlen) | |
50 | 50 | { |
51 | 51 | ltc_asn1_list *copy; |
52 | 52 | unsigned long x; |
55 | 55 | @param outlen [in/out] The size of the output |
56 | 56 | @return CRYPT_OK on success |
57 | 57 | */ |
58 | int der_encode_setof(ltc_asn1_list *list, unsigned long inlen, | |
59 | unsigned char *out, unsigned long *outlen) | |
58 | int der_encode_setof(const ltc_asn1_list *list, unsigned long inlen, | |
59 | unsigned char *out, unsigned long *outlen) | |
60 | 60 | { |
61 | 61 | unsigned long x, y, z; |
62 | 62 | ptrdiff_t hdrlen; |
27 | 27 | @param outlen [in/out] The length of the DER encoding |
28 | 28 | @return CRYPT_OK if successful |
29 | 29 | */ |
30 | int der_encode_utctime(ltc_utctime *utctime, | |
31 | unsigned char *out, unsigned long *outlen) | |
30 | int der_encode_utctime(const ltc_utctime *utctime, | |
31 | unsigned char *out, unsigned long *outlen) | |
32 | 32 | { |
33 | 33 | unsigned long x, tmplen; |
34 | 34 | int err; |
20 | 20 | @param outlen [out] The length of the DER encoding |
21 | 21 | @return CRYPT_OK if successful |
22 | 22 | */ |
23 | int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen) | |
23 | int der_length_utctime(const ltc_utctime *utctime, unsigned long *outlen) | |
24 | 24 | { |
25 | 25 | LTC_ARGCHK(outlen != NULL); |
26 | 26 | LTC_ARGCHK(utctime != NULL); |
38 | 38 | */ |
39 | 39 | int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, |
40 | 40 | unsigned int algorithm, void* public_key, unsigned long* public_key_len, |
41 | unsigned long parameters_type, void* parameters, unsigned long *parameters_len) | |
41 | ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len) | |
42 | 42 | { |
43 | 43 | int err; |
44 | unsigned long len; | |
44 | unsigned long len, alg_id_num; | |
45 | 45 | oid_st oid; |
46 | 46 | unsigned char *tmpbuf; |
47 | 47 | unsigned long tmpoid[16]; |
51 | 51 | LTC_ARGCHK(in != NULL); |
52 | 52 | LTC_ARGCHK(inlen != 0); |
53 | 53 | LTC_ARGCHK(public_key_len != NULL); |
54 | LTC_ARGCHK(parameters_len != NULL); | |
54 | if (parameters_type != LTC_ASN1_EOL) { | |
55 | LTC_ARGCHK(parameters_len != NULL); | |
56 | } | |
55 | 57 | |
56 | 58 | err = pk_get_oid(algorithm, &oid); |
57 | 59 | if (err != CRYPT_OK) { |
67 | 69 | |
68 | 70 | /* this includes the internal hash ID and optional params (NULL in this case) */ |
69 | 71 | LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0])); |
70 | LTC_SET_ASN1(alg_id, 1, (ltc_asn1_type)parameters_type, parameters, *parameters_len); | |
72 | if (parameters_type == LTC_ASN1_EOL) { | |
73 | alg_id_num = 1; | |
74 | } | |
75 | else { | |
76 | LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, *parameters_len); | |
77 | alg_id_num = 2; | |
78 | } | |
71 | 79 | |
72 | 80 | /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey |
73 | 81 | * in a **BIT** string ... so we have to extract it then proceed to convert bit to octet |
74 | 82 | */ |
75 | LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, 2); | |
83 | LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, alg_id_num); | |
76 | 84 | LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_RAW_BIT_STRING, tmpbuf, inlen*8U); |
77 | 85 | |
78 | 86 | err=der_decode_sequence(in, inlen, subject_pubkey, 2UL); |
79 | 87 | if (err != CRYPT_OK) { |
80 | 88 | goto LBL_ERR; |
81 | 89 | } |
82 | ||
83 | *parameters_len = alg_id[1].size; | |
90 | if (parameters_type != LTC_ASN1_EOL) { | |
91 | *parameters_len = alg_id[1].size; | |
92 | } | |
84 | 93 | |
85 | 94 | if ((alg_id[0].size != oid.OIDlen) || |
86 | XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) { | |
95 | XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0])) != 0) { | |
87 | 96 | /* OID mismatch */ |
88 | 97 | err = CRYPT_PK_INVALID_TYPE; |
89 | 98 | goto LBL_ERR; |
90 | 99 | } |
91 | 100 | |
92 | 101 | len = subject_pubkey[1].size/8; |
93 | if (*public_key_len > len) { | |
102 | if (*public_key_len >= len) { | |
94 | 103 | XMEMCPY(public_key, subject_pubkey[1].data, len); |
95 | 104 | *public_key_len = len; |
96 | 105 | } else { |
37 | 37 | @return CRYPT_OK on success |
38 | 38 | */ |
39 | 39 | int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, |
40 | unsigned int algorithm, void* public_key, unsigned long public_key_len, | |
41 | unsigned long parameters_type, void* parameters, unsigned long parameters_len) | |
40 | unsigned int algorithm, const void* public_key, unsigned long public_key_len, | |
41 | ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len) | |
42 | 42 | { |
43 | 43 | int err; |
44 | 44 | ltc_asn1_list alg_id[2]; |
53 | 53 | } |
54 | 54 | |
55 | 55 | LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid.OID, oid.OIDlen); |
56 | LTC_SET_ASN1(alg_id, 1, (ltc_asn1_type)parameters_type, parameters, parameters_len); | |
56 | LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, parameters_len); | |
57 | 57 | |
58 | 58 | return der_encode_sequence_multi(out, outlen, |
59 | 59 | LTC_ASN1_SEQUENCE, (unsigned long)sizeof(alg_id)/sizeof(alg_id[0]), alg_id, |
223 | 223 | @param key The DH key to get the size of |
224 | 224 | @return The group size in octets (0 on error) |
225 | 225 | */ |
226 | int dh_get_groupsize(dh_key *key) | |
226 | int dh_get_groupsize(const dh_key *key) | |
227 | 227 | { |
228 | 228 | if (key == NULL) return 0; |
229 | 229 | return mp_unsigned_bin_size(key->prime); |
15 | 15 | @param key The key you wish to test |
16 | 16 | @return CRYPT_OK if successful |
17 | 17 | */ |
18 | int dh_check_pubkey(dh_key *key) | |
18 | int dh_check_pubkey(const dh_key *key) | |
19 | 19 | { |
20 | 20 | void *p_minus1; |
21 | 21 | ltc_mp_digit digit; |
18 | 18 | @param key The key you wish to export |
19 | 19 | @return CRYPT_OK if successful |
20 | 20 | */ |
21 | int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key) | |
21 | int dh_export(unsigned char *out, unsigned long *outlen, int type, const dh_key *key) | |
22 | 22 | { |
23 | 23 | unsigned char flags[1]; |
24 | 24 | int err; |
18 | 18 | @param key The key you wish to export |
19 | 19 | @return CRYPT_OK if successful |
20 | 20 | */ |
21 | int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key) | |
21 | int dh_export_key(void *out, unsigned long *outlen, int type, const dh_key *key) | |
22 | 22 | { |
23 | 23 | unsigned long len; |
24 | 24 | void *k; |
18 | 18 | @param outlen [in/out] The max size and resulting size of the shared data. |
19 | 19 | @return CRYPT_OK if successful |
20 | 20 | */ |
21 | int dh_shared_secret(dh_key *private_key, dh_key *public_key, | |
21 | int dh_shared_secret(const dh_key *private_key, const dh_key *public_key, | |
22 | 22 | unsigned char *out, unsigned long *outlen) |
23 | 23 | { |
24 | 24 | void *tmp; |
25 | 25 | */ |
26 | 26 | int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, |
27 | 27 | unsigned char *out, unsigned long *outlen, |
28 | dsa_key *key) | |
28 | const dsa_key *key) | |
29 | 29 | { |
30 | 30 | unsigned char *skey, *expt; |
31 | 31 | void *g_pub; |
28 | 28 | */ |
29 | 29 | int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, |
30 | 30 | unsigned char *out, unsigned long *outlen, |
31 | prng_state *prng, int wprng, int hash, | |
32 | dsa_key *key) | |
31 | prng_state *prng, int wprng, int hash, | |
32 | const dsa_key *key) | |
33 | 33 | { |
34 | 34 | unsigned char *expt, *skey; |
35 | 35 | void *g_pub, *g_priv; |
22 | 22 | @param key The key to export |
23 | 23 | @return CRYPT_OK if successful |
24 | 24 | */ |
25 | int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key) | |
25 | int dsa_export(unsigned char *out, unsigned long *outlen, int type, const dsa_key *key) | |
26 | 26 | { |
27 | 27 | unsigned long zero=0; |
28 | 28 | int err, std; |
68 | 68 | } |
69 | 69 | } else { |
70 | 70 | if (std) { |
71 | unsigned long tmplen = (mp_count_bits(key->y) / 8) + 8; | |
71 | unsigned long tmplen = (unsigned long)(mp_count_bits(key->y) / 8) + 8; | |
72 | 72 | unsigned char* tmp = XMALLOC(tmplen); |
73 | 73 | ltc_asn1_list int_list[3]; |
74 | 74 |
71 | 71 | */ |
72 | 72 | |
73 | 73 | seedbytes = group_size; |
74 | L = modulus_size * 8; | |
75 | N = group_size * 8; | |
74 | L = (unsigned long)modulus_size * 8; | |
75 | N = (unsigned long)group_size * 8; | |
76 | 76 | |
77 | 77 | /* XXX-TODO no Lucas test */ |
78 | 78 | #ifdef LTC_MPI_HAS_LUCAS_TEST |
24 | 24 | @return CRYPT_OK if successful |
25 | 25 | */ |
26 | 26 | int dsa_shared_secret(void *private_key, void *base, |
27 | dsa_key *public_key, | |
27 | const dsa_key *public_key, | |
28 | 28 | unsigned char *out, unsigned long *outlen) |
29 | 29 | { |
30 | 30 | unsigned long x; |
27 | 27 | */ |
28 | 28 | int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, |
29 | 29 | void *r, void *s, |
30 | prng_state *prng, int wprng, dsa_key *key) | |
30 | prng_state *prng, int wprng, const dsa_key *key) | |
31 | 31 | { |
32 | 32 | void *k, *kinv, *tmp; |
33 | 33 | unsigned char *buf; |
116 | 116 | */ |
117 | 117 | int dsa_sign_hash(const unsigned char *in, unsigned long inlen, |
118 | 118 | unsigned char *out, unsigned long *outlen, |
119 | prng_state *prng, int wprng, dsa_key *key) | |
119 | prng_state *prng, int wprng, const dsa_key *key) | |
120 | 120 | { |
121 | 121 | void *r, *s; |
122 | 122 | int err; |
27 | 27 | */ |
28 | 28 | int dsa_verify_hash_raw( void *r, void *s, |
29 | 29 | const unsigned char *hash, unsigned long hashlen, |
30 | int *stat, dsa_key *key) | |
30 | int *stat, const dsa_key *key) | |
31 | 31 | { |
32 | 32 | void *w, *v, *u1, *u2; |
33 | 33 | int err; |
91 | 91 | @param key The corresponding public DSA key |
92 | 92 | @return CRYPT_OK if successful (even if the signature is invalid) |
93 | 93 | */ |
94 | int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, | |
95 | const unsigned char *hash, unsigned long hashlen, | |
96 | int *stat, dsa_key *key) | |
94 | int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, | |
95 | const unsigned char *hash, unsigned long hashlen, | |
96 | int *stat, const dsa_key *key) | |
97 | 97 | { |
98 | 98 | int err; |
99 | 99 | void *r, *s; |
25 | 25 | @param stat [out] Result of test, 1==valid, 0==invalid |
26 | 26 | @return CRYPT_OK if successful |
27 | 27 | */ |
28 | int dsa_verify_key(dsa_key *key, int *stat) | |
28 | int dsa_verify_key(const dsa_key *key, int *stat) | |
29 | 29 | { |
30 | 30 | int err; |
31 | 31 | |
46 | 46 | @param stat [out] Result of test, 1==valid, 0==invalid |
47 | 47 | @return CRYPT_OK if successful |
48 | 48 | */ |
49 | int dsa_int_validate_pqg(dsa_key *key, int *stat) | |
49 | int dsa_int_validate_pqg(const dsa_key *key, int *stat) | |
50 | 50 | { |
51 | 51 | void *tmp1, *tmp2; |
52 | 52 | int err; |
100 | 100 | @param stat [out] Result of test, 1==valid, 0==invalid |
101 | 101 | @return CRYPT_OK if successful |
102 | 102 | */ |
103 | int dsa_int_validate_primes(dsa_key *key, int *stat) | |
103 | int dsa_int_validate_primes(const dsa_key *key, int *stat) | |
104 | 104 | { |
105 | 105 | int err, res; |
106 | 106 | |
135 | 135 | @param stat [out] Result of test, 1==valid, 0==invalid |
136 | 136 | @return CRYPT_OK if successful |
137 | 137 | */ |
138 | int dsa_int_validate_xy(dsa_key *key, int *stat) | |
138 | int dsa_int_validate_xy(const dsa_key *key, int *stat) | |
139 | 139 | { |
140 | 140 | void *tmp; |
141 | 141 | int err; |
22 | 22 | * - ANS X9.62 (named: PRIMEP*) |
23 | 23 | * - http://www.ecc-brainpool.org/download/Domain-parameters.pdf (named: BRAINPOOLP*) |
24 | 24 | */ |
25 | const ltc_ecc_set_type ltc_ecc_sets[] = { | |
26 | #if defined(LTC_ECC_SECP112R1) || defined(LTC_ECC112) | |
27 | { | |
28 | /* curve name */ "SECP112R1", | |
29 | /* prime */ "DB7C2ABF62E35E668076BEAD208B", | |
30 | /* A */ "DB7C2ABF62E35E668076BEAD2088", | |
31 | /* B */ "659EF8BA043916EEDE8911702B22", | |
32 | /* order */ "DB7C2ABF62E35E7628DFAC6561C5", | |
33 | /* Gx */ "09487239995A5EE76B55F9C2F098", | |
34 | /* Gy */ "A89CE5AF8724C0A23E0E0FF77500", | |
35 | /* cofactor */ 1, | |
36 | /* OID */ { 1,3,132,0,6 }, 5 | |
25 | const ltc_ecc_curve ltc_ecc_curves[] = { | |
26 | #ifdef LTC_ECC_SECP112R1 | |
27 | { | |
28 | /* prime */ "DB7C2ABF62E35E668076BEAD208B", | |
29 | /* A */ "DB7C2ABF62E35E668076BEAD2088", | |
30 | /* B */ "659EF8BA043916EEDE8911702B22", | |
31 | /* order */ "DB7C2ABF62E35E7628DFAC6561C5", | |
32 | /* Gx */ "09487239995A5EE76B55F9C2F098", | |
33 | /* Gy */ "A89CE5AF8724C0A23E0E0FF77500", | |
34 | /* cofactor */ 1, | |
35 | /* OID */ "1.3.132.0.6" | |
37 | 36 | }, |
38 | 37 | #endif |
39 | 38 | #ifdef LTC_ECC_SECP112R2 |
40 | 39 | { |
41 | /* curve name */ "SECP112R2", | |
42 | /* prime */ "DB7C2ABF62E35E668076BEAD208B", | |
43 | /* A */ "6127C24C05F38A0AAAF65C0EF02C", | |
44 | /* B */ "51DEF1815DB5ED74FCC34C85D709", | |
45 | /* order */ "36DF0AAFD8B8D7597CA10520D04B", | |
46 | /* Gx */ "4BA30AB5E892B4E1649DD0928643", | |
47 | /* Gy */ "ADCD46F5882E3747DEF36E956E97", | |
48 | /* cofactor */ 4, | |
49 | /* OID */ { 1,3,132,0,7 }, 5 | |
50 | }, | |
51 | #endif | |
52 | #if defined(LTC_ECC_SECP128R1) || defined(LTC_ECC128) | |
53 | { | |
54 | /* curve name */ "SECP128R1", | |
55 | /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", | |
56 | /* A */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC", | |
57 | /* B */ "E87579C11079F43DD824993C2CEE5ED3", | |
58 | /* order */ "FFFFFFFE0000000075A30D1B9038A115", | |
59 | /* Gx */ "161FF7528B899B2D0C28607CA52C5B86", | |
60 | /* Gy */ "CF5AC8395BAFEB13C02DA292DDED7A83", | |
61 | /* cofactor */ 1, | |
62 | /* OID */ { 1,3,132,0,28 }, 5 | |
40 | /* prime */ "DB7C2ABF62E35E668076BEAD208B", | |
41 | /* A */ "6127C24C05F38A0AAAF65C0EF02C", | |
42 | /* B */ "51DEF1815DB5ED74FCC34C85D709", | |
43 | /* order */ "36DF0AAFD8B8D7597CA10520D04B", | |
44 | /* Gx */ "4BA30AB5E892B4E1649DD0928643", | |
45 | /* Gy */ "ADCD46F5882E3747DEF36E956E97", | |
46 | /* cofactor */ 4, | |
47 | /* OID */ "1.3.132.0.7" | |
48 | }, | |
49 | #endif | |
50 | #ifdef LTC_ECC_SECP128R1 | |
51 | { | |
52 | /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", | |
53 | /* A */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC", | |
54 | /* B */ "E87579C11079F43DD824993C2CEE5ED3", | |
55 | /* order */ "FFFFFFFE0000000075A30D1B9038A115", | |
56 | /* Gx */ "161FF7528B899B2D0C28607CA52C5B86", | |
57 | /* Gy */ "CF5AC8395BAFEB13C02DA292DDED7A83", | |
58 | /* cofactor */ 1, | |
59 | /* OID */ "1.3.132.0.28" | |
63 | 60 | }, |
64 | 61 | #endif |
65 | 62 | #ifdef LTC_ECC_SECP128R2 |
66 | 63 | { |
67 | /* curve name */ "SECP128R2", | |
68 | /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", | |
69 | /* A */ "D6031998D1B3BBFEBF59CC9BBFF9AEE1", | |
70 | /* B */ "5EEEFCA380D02919DC2C6558BB6D8A5D", | |
71 | /* order */ "3FFFFFFF7FFFFFFFBE0024720613B5A3", | |
72 | /* Gx */ "7B6AA5D85E572983E6FB32A7CDEBC140", | |
73 | /* Gy */ "27B6916A894D3AEE7106FE805FC34B44", | |
74 | /* cofactor */ 4, | |
75 | /* OID */ { 1,3,132,0,29 }, 5 | |
76 | }, | |
77 | #endif | |
78 | #if defined(LTC_ECC_SECP160R1) || defined(LTC_ECC160) | |
79 | { | |
80 | /* curve name */ "SECP160R1", | |
81 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", | |
82 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC", | |
83 | /* B */ "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", | |
84 | /* order */ "0100000000000000000001F4C8F927AED3CA752257", | |
85 | /* Gx */ "4A96B5688EF573284664698968C38BB913CBFC82", | |
86 | /* Gy */ "23A628553168947D59DCC912042351377AC5FB32", | |
87 | /* cofactor */ 1, | |
88 | /* OID */ { 1,3,132,0,8 }, 5 | |
64 | /* prime */ "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", | |
65 | /* A */ "D6031998D1B3BBFEBF59CC9BBFF9AEE1", | |
66 | /* B */ "5EEEFCA380D02919DC2C6558BB6D8A5D", | |
67 | /* order */ "3FFFFFFF7FFFFFFFBE0024720613B5A3", | |
68 | /* Gx */ "7B6AA5D85E572983E6FB32A7CDEBC140", | |
69 | /* Gy */ "27B6916A894D3AEE7106FE805FC34B44", | |
70 | /* cofactor */ 4, | |
71 | /* OID */ "1.3.132.0.29" | |
72 | }, | |
73 | #endif | |
74 | #ifdef LTC_ECC_SECP160R1 | |
75 | { | |
76 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", | |
77 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC", | |
78 | /* B */ "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", | |
79 | /* order */ "0100000000000000000001F4C8F927AED3CA752257", | |
80 | /* Gx */ "4A96B5688EF573284664698968C38BB913CBFC82", | |
81 | /* Gy */ "23A628553168947D59DCC912042351377AC5FB32", | |
82 | /* cofactor */ 1, | |
83 | /* OID */ "1.3.132.0.8" | |
89 | 84 | }, |
90 | 85 | #endif |
91 | 86 | #ifdef LTC_ECC_SECP160R2 |
92 | 87 | { |
93 | /* curve name */ "SECP160R2", | |
94 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", | |
95 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70", | |
96 | /* B */ "B4E134D3FB59EB8BAB57274904664D5AF50388BA", | |
97 | /* order */ "0100000000000000000000351EE786A818F3A1A16B", | |
98 | /* Gx */ "52DCB034293A117E1F4FF11B30F7199D3144CE6D", | |
99 | /* Gy */ "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E", | |
100 | /* cofactor */ 1, | |
101 | /* OID */ { 1,3,132,0,30 }, 5 | |
88 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", | |
89 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70", | |
90 | /* B */ "B4E134D3FB59EB8BAB57274904664D5AF50388BA", | |
91 | /* order */ "0100000000000000000000351EE786A818F3A1A16B", | |
92 | /* Gx */ "52DCB034293A117E1F4FF11B30F7199D3144CE6D", | |
93 | /* Gy */ "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E", | |
94 | /* cofactor */ 1, | |
95 | /* OID */ "1.3.132.0.30" | |
102 | 96 | }, |
103 | 97 | #endif |
104 | 98 | #ifdef LTC_ECC_SECP160K1 |
105 | 99 | { |
106 | /* curve name */ "SECP160K1", | |
107 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", | |
108 | /* A */ "0000000000000000000000000000000000000000", | |
109 | /* B */ "0000000000000000000000000000000000000007", | |
110 | /* order */ "0100000000000000000001B8FA16DFAB9ACA16B6B3", | |
111 | /* Gx */ "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", | |
112 | /* Gy */ "938CF935318FDCED6BC28286531733C3F03C4FEE", | |
113 | /* cofactor */ 1, | |
114 | /* OID */ { 1,3,132,0,9 }, 5 | |
115 | }, | |
116 | #endif | |
117 | #if defined(LTC_ECC_SECP192R1) || defined(LTC_ECC192) | |
118 | { | |
119 | /* curve name */ "SECP192R1", /* same as: NISTP192 PRIME192V1, old libtomcrypt name: ECC-192 */ | |
120 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", | |
121 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", | |
122 | /* B */ "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", | |
123 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", | |
124 | /* Gx */ "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", | |
125 | /* Gy */ "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811", | |
126 | /* cofactor */ 1, | |
127 | /* OID */ { 1,2,840,10045,3,1,1 }, 7 | |
100 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", | |
101 | /* A */ "0000000000000000000000000000000000000000", | |
102 | /* B */ "0000000000000000000000000000000000000007", | |
103 | /* order */ "0100000000000000000001B8FA16DFAB9ACA16B6B3", | |
104 | /* Gx */ "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", | |
105 | /* Gy */ "938CF935318FDCED6BC28286531733C3F03C4FEE", | |
106 | /* cofactor */ 1, | |
107 | /* OID */ "1.3.132.0.9" | |
108 | }, | |
109 | #endif | |
110 | #ifdef LTC_ECC_SECP192R1 | |
111 | { | |
112 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", | |
113 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", | |
114 | /* B */ "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", | |
115 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", | |
116 | /* Gx */ "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", | |
117 | /* Gy */ "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811", | |
118 | /* cofactor */ 1, | |
119 | /* OID */ "1.2.840.10045.3.1.1" | |
128 | 120 | }, |
129 | 121 | #endif |
130 | 122 | #ifdef LTC_ECC_PRIME192V2 |
131 | 123 | { |
132 | /* curve name */ "PRIME192V2", | |
133 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", | |
134 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", | |
135 | /* B */ "CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953", | |
136 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31", | |
137 | /* Gx */ "EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A", | |
138 | /* Gy */ "6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15", | |
139 | /* cofactor */ 1, | |
140 | /* OID */ { 1,2,840,10045,3,1,2 }, 7 | |
124 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", | |
125 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", | |
126 | /* B */ "CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953", | |
127 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31", | |
128 | /* Gx */ "EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A", | |
129 | /* Gy */ "6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15", | |
130 | /* cofactor */ 1, | |
131 | /* OID */ "1.2.840.10045.3.1.2" | |
141 | 132 | }, |
142 | 133 | #endif |
143 | 134 | #ifdef LTC_ECC_PRIME192V3 |
144 | 135 | { |
145 | /* curve name */ "PRIME192V3", | |
146 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", | |
147 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", | |
148 | /* B */ "22123DC2395A05CAA7423DAECCC94760A7D462256BD56916", | |
149 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13", | |
150 | /* Gx */ "7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896", | |
151 | /* Gy */ "38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0", | |
152 | /* cofactor */ 1, | |
153 | /* OID */ { 1,2,840,10045,3,1,3 }, 7 | |
136 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", | |
137 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", | |
138 | /* B */ "22123DC2395A05CAA7423DAECCC94760A7D462256BD56916", | |
139 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13", | |
140 | /* Gx */ "7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896", | |
141 | /* Gy */ "38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0", | |
142 | /* cofactor */ 1, | |
143 | /* OID */ "1.2.840.10045.3.1.3" | |
154 | 144 | }, |
155 | 145 | #endif |
156 | 146 | #ifdef LTC_ECC_SECP192K1 |
157 | 147 | { |
158 | /* curve name */ "SECP192K1", | |
159 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", | |
160 | /* A */ "000000000000000000000000000000000000000000000000", | |
161 | /* B */ "000000000000000000000000000000000000000000000003", | |
162 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", | |
163 | /* Gx */ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", | |
164 | /* Gy */ "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", | |
165 | /* cofactor */ 1, | |
166 | /* OID */ { 1,3,132,0,31 }, 5 | |
167 | }, | |
168 | #endif | |
169 | #if defined(LTC_ECC_SECP224R1) || defined(LTC_ECC224) | |
170 | { | |
171 | /* curve name */ "SECP224R1", /* same as: NISTP224, old libtomcrypt name: ECC-224 */ | |
172 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", | |
173 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", | |
174 | /* B */ "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", | |
175 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", | |
176 | /* Gx */ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", | |
177 | /* Gy */ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", | |
178 | /* cofactor */ 1, | |
179 | /* OID */ { 1,3,132,0,33 }, 5 | |
148 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", | |
149 | /* A */ "000000000000000000000000000000000000000000000000", | |
150 | /* B */ "000000000000000000000000000000000000000000000003", | |
151 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", | |
152 | /* Gx */ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", | |
153 | /* Gy */ "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", | |
154 | /* cofactor */ 1, | |
155 | /* OID */ "1.3.132.0.31" | |
156 | }, | |
157 | #endif | |
158 | #ifdef LTC_ECC_SECP224R1 | |
159 | { | |
160 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", | |
161 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", | |
162 | /* B */ "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", | |
163 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", | |
164 | /* Gx */ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", | |
165 | /* Gy */ "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", | |
166 | /* cofactor */ 1, | |
167 | /* OID */ "1.3.132.0.33" | |
180 | 168 | }, |
181 | 169 | #endif |
182 | 170 | #ifdef LTC_ECC_SECP224K1 |
183 | 171 | { |
184 | /* curve name */ "SECP224K1", | |
185 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", | |
186 | /* A */ "00000000000000000000000000000000000000000000000000000000", | |
187 | /* B */ "00000000000000000000000000000000000000000000000000000005", | |
188 | /* order */ "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", | |
189 | /* Gx */ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", | |
190 | /* Gy */ "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", | |
191 | /* cofactor */ 1, | |
192 | /* OID */ { 1,3,132,0,32 }, 5 | |
193 | }, | |
194 | #endif | |
195 | #if defined(LTC_ECC_SECP256R1) || defined(LTC_ECC256) | |
196 | { | |
197 | /* curve name */ "SECP256R1", /* same as: NISTP256 PRIME256V1, old libtomcrypt name: ECC-256 */ | |
198 | /* prime */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", | |
199 | /* A */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", | |
200 | /* B */ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", | |
201 | /* order */ "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", | |
202 | /* Gx */ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", | |
203 | /* Gy */ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", | |
204 | /* cofactor */ 1, | |
205 | /* OID */ { 1,2,840,10045,3,1,7 }, 7 | |
172 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", | |
173 | /* A */ "00000000000000000000000000000000000000000000000000000000", | |
174 | /* B */ "00000000000000000000000000000000000000000000000000000005", | |
175 | /* order */ "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", | |
176 | /* Gx */ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", | |
177 | /* Gy */ "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", | |
178 | /* cofactor */ 1, | |
179 | /* OID */ "1.3.132.0.32" | |
180 | }, | |
181 | #endif | |
182 | #ifdef LTC_ECC_SECP256R1 | |
183 | { | |
184 | /* prime */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", | |
185 | /* A */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", | |
186 | /* B */ "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", | |
187 | /* order */ "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", | |
188 | /* Gx */ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", | |
189 | /* Gy */ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", | |
190 | /* cofactor */ 1, | |
191 | /* OID */ "1.2.840.10045.3.1.7" | |
206 | 192 | }, |
207 | 193 | #endif |
208 | 194 | #ifdef LTC_ECC_SECP256K1 |
209 | 195 | { |
210 | /* curve name */ "SECP256K1", | |
211 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", | |
212 | /* A */ "0000000000000000000000000000000000000000000000000000000000000000", | |
213 | /* B */ "0000000000000000000000000000000000000000000000000000000000000007", | |
214 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", | |
215 | /* Gx */ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", | |
216 | /* Gy */ "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", | |
217 | /* cofactor */ 1, | |
218 | /* OID */ { 1,3,132,0,10 }, 5 | |
219 | }, | |
220 | #endif | |
221 | #if defined(LTC_ECC_SECP384R1) || defined(LTC_ECC384) | |
222 | { | |
223 | /* curve name */ "SECP384R1", /* same as: NISTP384, old libtomcrypt name: ECC-384 */ | |
224 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", | |
225 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", | |
226 | /* B */ "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", | |
227 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", | |
228 | /* Gx */ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", | |
229 | /* Gy */ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", | |
230 | /* cofactor */ 1, | |
231 | /* OID */ { 1,3,132,0,34 }, 5 | |
232 | }, | |
233 | #endif | |
234 | #if defined(LTC_ECC_SECP521R1) || defined(LTC_ECC521) | |
235 | { | |
236 | /* curve name */ "SECP521R1", /* same as: NISTP521, old libtomcrypt name: ECC-521 */ | |
237 | /* prime */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", | |
238 | /* A */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", | |
239 | /* B */ "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", | |
240 | /* order */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", | |
241 | /* Gx */ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", | |
242 | /* Gy */ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", | |
243 | /* cofactor */ 1, | |
244 | /* OID */ { 1,3,132,0,35 }, 5 | |
196 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", | |
197 | /* A */ "0000000000000000000000000000000000000000000000000000000000000000", | |
198 | /* B */ "0000000000000000000000000000000000000000000000000000000000000007", | |
199 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", | |
200 | /* Gx */ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", | |
201 | /* Gy */ "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", | |
202 | /* cofactor */ 1, | |
203 | /* OID */ "1.3.132.0.10" | |
204 | }, | |
205 | #endif | |
206 | #ifdef LTC_ECC_SECP384R1 | |
207 | { | |
208 | /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", | |
209 | /* A */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", | |
210 | /* B */ "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", | |
211 | /* order */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", | |
212 | /* Gx */ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", | |
213 | /* Gy */ "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", | |
214 | /* cofactor */ 1, | |
215 | /* OID */ "1.3.132.0.34" | |
216 | }, | |
217 | #endif | |
218 | #ifdef LTC_ECC_SECP521R1 | |
219 | { | |
220 | /* prime */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", | |
221 | /* A */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", | |
222 | /* B */ "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", | |
223 | /* order */ "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", | |
224 | /* Gx */ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", | |
225 | /* Gy */ "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", | |
226 | /* cofactor */ 1, | |
227 | /* OID */ "1.3.132.0.35" | |
245 | 228 | }, |
246 | 229 | #endif |
247 | 230 | #ifdef LTC_ECC_PRIME239V1 |
248 | 231 | { |
249 | /* curve name */ "PRIME239V1", | |
250 | /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", | |
251 | /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", | |
252 | /* B */ "6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A", | |
253 | /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B", | |
254 | /* Gx */ "0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF", | |
255 | /* Gy */ "7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE", | |
256 | /* cofactor */ 1, | |
257 | /* OID */ { 1,2,840,10045,3,1,4 }, 7 | |
232 | /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", | |
233 | /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", | |
234 | /* B */ "6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A", | |
235 | /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B", | |
236 | /* Gx */ "0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF", | |
237 | /* Gy */ "7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE", | |
238 | /* cofactor */ 1, | |
239 | /* OID */ "1.2.840.10045.3.1.4" | |
258 | 240 | }, |
259 | 241 | #endif |
260 | 242 | #ifdef LTC_ECC_PRIME239V2 |
261 | 243 | { |
262 | /* curve name */ "PRIME239V2", | |
263 | /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", | |
264 | /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", | |
265 | /* B */ "617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C", | |
266 | /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063", | |
267 | /* Gx */ "38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7", | |
268 | /* Gy */ "5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA", | |
269 | /* cofactor */ 1, | |
270 | /* OID */ { 1,2,840,10045,3,1,5 }, 7 | |
244 | /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", | |
245 | /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", | |
246 | /* B */ "617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C", | |
247 | /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063", | |
248 | /* Gx */ "38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7", | |
249 | /* Gy */ "5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA", | |
250 | /* cofactor */ 1, | |
251 | /* OID */ "1.2.840.10045.3.1.5" | |
271 | 252 | }, |
272 | 253 | #endif |
273 | 254 | #ifdef LTC_ECC_PRIME239V3 |
274 | 255 | { |
275 | /* curve name */ "PRIME239V3", | |
276 | /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", | |
277 | /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", | |
278 | /* B */ "255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E", | |
279 | /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551", | |
280 | /* Gx */ "6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A", | |
281 | /* Gy */ "1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3", | |
282 | /* cofactor */ 1, | |
283 | /* OID */ { 1,2,840,10045,3,1,6 }, 7 | |
256 | /* prime */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", | |
257 | /* A */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", | |
258 | /* B */ "255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E", | |
259 | /* order */ "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551", | |
260 | /* Gx */ "6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A", | |
261 | /* Gy */ "1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3", | |
262 | /* cofactor */ 1, | |
263 | /* OID */ "1.2.840.10045.3.1.6" | |
284 | 264 | }, |
285 | 265 | #endif |
286 | 266 | #ifdef LTC_ECC_BRAINPOOLP160R1 |
287 | 267 | { |
288 | /* curve name */ "BRAINPOOLP160R1", | |
289 | /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", | |
290 | /* A */ "340E7BE2A280EB74E2BE61BADA745D97E8F7C300", | |
291 | /* B */ "1E589A8595423412134FAA2DBDEC95C8D8675E58", | |
292 | /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", | |
293 | /* Gx */ "BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3", | |
294 | /* Gy */ "1667CB477A1A8EC338F94741669C976316DA6321", | |
295 | /* cofactor */ 1, | |
296 | /* OID */ { 1,3,36,3,3,2,8,1,1,1 }, 10 | |
268 | /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", | |
269 | /* A */ "340E7BE2A280EB74E2BE61BADA745D97E8F7C300", | |
270 | /* B */ "1E589A8595423412134FAA2DBDEC95C8D8675E58", | |
271 | /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", | |
272 | /* Gx */ "BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3", | |
273 | /* Gy */ "1667CB477A1A8EC338F94741669C976316DA6321", | |
274 | /* cofactor */ 1, | |
275 | /* OID */ "1.3.36.3.3.2.8.1.1.1" | |
297 | 276 | }, |
298 | 277 | #endif |
299 | 278 | #ifdef LTC_ECC_BRAINPOOLP192R1 |
300 | 279 | { |
301 | /* curve name */ "BRAINPOOLP192R1", | |
302 | /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", | |
303 | /* A */ "6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", | |
304 | /* B */ "469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", | |
305 | /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", | |
306 | /* Gx */ "C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6", | |
307 | /* Gy */ "14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F", | |
308 | /* cofactor */ 1, | |
309 | /* OID */ { 1,3,36,3,3,2,8,1,1,3 }, 10 | |
280 | /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", | |
281 | /* A */ "6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", | |
282 | /* B */ "469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", | |
283 | /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", | |
284 | /* Gx */ "C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6", | |
285 | /* Gy */ "14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F", | |
286 | /* cofactor */ 1, | |
287 | /* OID */ "1.3.36.3.3.2.8.1.1.3" | |
310 | 288 | }, |
311 | 289 | #endif |
312 | 290 | #ifdef LTC_ECC_BRAINPOOLP224R1 |
313 | 291 | { |
314 | /* curve name */ "BRAINPOOLP224R1", | |
315 | /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", | |
316 | /* A */ "68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", | |
317 | /* B */ "2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", | |
318 | /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", | |
319 | /* Gx */ "0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D", | |
320 | /* Gy */ "58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD", | |
321 | /* cofactor */ 1, | |
322 | /* OID */ { 1,3,36,3,3,2,8,1,1,5 }, 10 | |
292 | /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", | |
293 | /* A */ "68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", | |
294 | /* B */ "2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", | |
295 | /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", | |
296 | /* Gx */ "0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D", | |
297 | /* Gy */ "58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD", | |
298 | /* cofactor */ 1, | |
299 | /* OID */ "1.3.36.3.3.2.8.1.1.5" | |
323 | 300 | }, |
324 | 301 | #endif |
325 | 302 | #ifdef LTC_ECC_BRAINPOOLP256R1 |
326 | 303 | { |
327 | /* curve name */ "BRAINPOOLP256R1", | |
328 | /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", | |
329 | /* A */ "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", | |
330 | /* B */ "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", | |
331 | /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", | |
332 | /* Gx */ "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", | |
333 | /* Gy */ "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", | |
334 | /* cofactor */ 1, | |
335 | /* OID */ { 1,3,36,3,3,2,8,1,1,7 }, 10 | |
304 | /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", | |
305 | /* A */ "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", | |
306 | /* B */ "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", | |
307 | /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", | |
308 | /* Gx */ "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", | |
309 | /* Gy */ "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", | |
310 | /* cofactor */ 1, | |
311 | /* OID */ "1.3.36.3.3.2.8.1.1.7" | |
336 | 312 | }, |
337 | 313 | #endif |
338 | 314 | #ifdef LTC_ECC_BRAINPOOLP320R1 |
339 | 315 | { |
340 | /* curve name */ "BRAINPOOLP320R1", | |
341 | /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", | |
342 | /* A */ "3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", | |
343 | /* B */ "520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", | |
344 | /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", | |
345 | /* Gx */ "43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611", | |
346 | /* Gy */ "14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1", | |
347 | /* cofactor */ 1, | |
348 | /* OID */ { 1,3,36,3,3,2,8,1,1,9 }, 10 | |
316 | /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", | |
317 | /* A */ "3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", | |
318 | /* B */ "520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", | |
319 | /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", | |
320 | /* Gx */ "43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611", | |
321 | /* Gy */ "14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1", | |
322 | /* cofactor */ 1, | |
323 | /* OID */ "1.3.36.3.3.2.8.1.1.9" | |
349 | 324 | }, |
350 | 325 | #endif |
351 | 326 | #ifdef LTC_ECC_BRAINPOOLP384R1 |
352 | 327 | { |
353 | /* curve name */ "BRAINPOOLP384R1", | |
354 | /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", | |
355 | /* A */ "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", | |
356 | /* B */ "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", | |
357 | /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", | |
358 | /* Gx */ "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", | |
359 | /* Gy */ "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", | |
360 | /* cofactor */ 1, | |
361 | /* OID */ { 1,3,36,3,3,2,8,1,1,11 }, 10 | |
328 | /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", | |
329 | /* A */ "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", | |
330 | /* B */ "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", | |
331 | /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", | |
332 | /* Gx */ "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", | |
333 | /* Gy */ "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", | |
334 | /* cofactor */ 1, | |
335 | /* OID */ "1.3.36.3.3.2.8.1.1.11" | |
362 | 336 | }, |
363 | 337 | #endif |
364 | 338 | #ifdef LTC_ECC_BRAINPOOLP512R1 |
365 | 339 | { |
366 | /* curve name */ "BRAINPOOLP512R1", | |
367 | /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", | |
368 | /* A */ "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", | |
369 | /* B */ "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", | |
370 | /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", | |
371 | /* Gx */ "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", | |
372 | /* Gy */ "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", | |
373 | /* cofactor */ 1, | |
374 | /* OID */ { 1,3,36,3,3,2,8,1,1,13 }, 10 | |
340 | /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", | |
341 | /* A */ "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", | |
342 | /* B */ "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", | |
343 | /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", | |
344 | /* Gx */ "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", | |
345 | /* Gy */ "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", | |
346 | /* cofactor */ 1, | |
347 | /* OID */ "1.3.36.3.3.2.8.1.1.13" | |
375 | 348 | }, |
376 | 349 | #endif |
377 | 350 | #ifdef LTC_ECC_BRAINPOOLP160T1 |
378 | 351 | { |
379 | /* curve name */ "BRAINPOOLP160T1", | |
380 | /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", | |
381 | /* A */ "E95E4A5F737059DC60DFC7AD95B3D8139515620C", | |
382 | /* B */ "7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", | |
383 | /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", | |
384 | /* Gx */ "B199B13B9B34EFC1397E64BAEB05ACC265FF2378", | |
385 | /* Gy */ "ADD6718B7C7C1961F0991B842443772152C9E0AD", | |
386 | /* cofactor */ 1, | |
387 | /* OID */ { 1,3,36,3,3,2,8,1,1,2 }, 10 | |
352 | /* prime */ "E95E4A5F737059DC60DFC7AD95B3D8139515620F", | |
353 | /* A */ "E95E4A5F737059DC60DFC7AD95B3D8139515620C", | |
354 | /* B */ "7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", | |
355 | /* order */ "E95E4A5F737059DC60DF5991D45029409E60FC09", | |
356 | /* Gx */ "B199B13B9B34EFC1397E64BAEB05ACC265FF2378", | |
357 | /* Gy */ "ADD6718B7C7C1961F0991B842443772152C9E0AD", | |
358 | /* cofactor */ 1, | |
359 | /* OID */ "1.3.36.3.3.2.8.1.1.2" | |
388 | 360 | }, |
389 | 361 | #endif |
390 | 362 | #ifdef LTC_ECC_BRAINPOOLP192T1 |
391 | 363 | { |
392 | /* curve name */ "BRAINPOOLP192T1", | |
393 | /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", | |
394 | /* A */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", | |
395 | /* B */ "13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", | |
396 | /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", | |
397 | /* Gx */ "3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129", | |
398 | /* Gy */ "097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9", | |
399 | /* cofactor */ 1, | |
400 | /* OID */ { 1,3,36,3,3,2,8,1,1,4 }, 10 | |
364 | /* prime */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", | |
365 | /* A */ "C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", | |
366 | /* B */ "13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", | |
367 | /* order */ "C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", | |
368 | /* Gx */ "3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129", | |
369 | /* Gy */ "097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9", | |
370 | /* cofactor */ 1, | |
371 | /* OID */ "1.3.36.3.3.2.8.1.1.4" | |
401 | 372 | }, |
402 | 373 | #endif |
403 | 374 | #ifdef LTC_ECC_BRAINPOOLP224T1 |
404 | 375 | { |
405 | /* curve name */ "BRAINPOOLP224T1", | |
406 | /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", | |
407 | /* A */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", | |
408 | /* B */ "4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", | |
409 | /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", | |
410 | /* Gx */ "6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580", | |
411 | /* Gy */ "0374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C", | |
412 | /* cofactor */ 1, | |
413 | /* OID */ { 1,3,36,3,3,2,8,1,1,6 }, 10 | |
376 | /* prime */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", | |
377 | /* A */ "D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", | |
378 | /* B */ "4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", | |
379 | /* order */ "D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", | |
380 | /* Gx */ "6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580", | |
381 | /* Gy */ "0374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C", | |
382 | /* cofactor */ 1, | |
383 | /* OID */ "1.3.36.3.3.2.8.1.1.6" | |
414 | 384 | }, |
415 | 385 | #endif |
416 | 386 | #ifdef LTC_ECC_BRAINPOOLP256T1 |
417 | 387 | { |
418 | /* curve name */ "BRAINPOOLP256T1", | |
419 | /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", | |
420 | /* A */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", | |
421 | /* B */ "662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", | |
422 | /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", | |
423 | /* Gx */ "A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4", | |
424 | /* Gy */ "2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE", | |
425 | /* cofactor */ 1, | |
426 | /* OID */ { 1,3,36,3,3,2,8,1,1,8 }, 10 | |
388 | /* prime */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", | |
389 | /* A */ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", | |
390 | /* B */ "662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", | |
391 | /* order */ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", | |
392 | /* Gx */ "A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4", | |
393 | /* Gy */ "2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE", | |
394 | /* cofactor */ 1, | |
395 | /* OID */ "1.3.36.3.3.2.8.1.1.8" | |
427 | 396 | }, |
428 | 397 | #endif |
429 | 398 | #ifdef LTC_ECC_BRAINPOOLP320T1 |
430 | 399 | { |
431 | /* curve name */ "BRAINPOOLP320T1", | |
432 | /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", | |
433 | /* A */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", | |
434 | /* B */ "A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", | |
435 | /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", | |
436 | /* Gx */ "925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52", | |
437 | /* Gy */ "63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3", | |
438 | /* cofactor */ 1, | |
439 | /* OID */ { 1,3,36,3,3,2,8,1,1,10 }, 10 | |
400 | /* prime */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", | |
401 | /* A */ "D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", | |
402 | /* B */ "A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", | |
403 | /* order */ "D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", | |
404 | /* Gx */ "925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52", | |
405 | /* Gy */ "63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3", | |
406 | /* cofactor */ 1, | |
407 | /* OID */ "1.3.36.3.3.2.8.1.1.10" | |
440 | 408 | }, |
441 | 409 | #endif |
442 | 410 | #ifdef LTC_ECC_BRAINPOOLP384T1 |
443 | 411 | { |
444 | /* curve name */ "BRAINPOOLP384T1", | |
445 | /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", | |
446 | /* A */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", | |
447 | /* B */ "7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", | |
448 | /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", | |
449 | /* Gx */ "18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC", | |
450 | /* Gy */ "25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928", | |
451 | /* cofactor */ 1, | |
452 | /* OID */ { 1,3,36,3,3,2,8,1,1,12 }, 10 | |
412 | /* prime */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", | |
413 | /* A */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", | |
414 | /* B */ "7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", | |
415 | /* order */ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", | |
416 | /* Gx */ "18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC", | |
417 | /* Gy */ "25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928", | |
418 | /* cofactor */ 1, | |
419 | /* OID */ "1.3.36.3.3.2.8.1.1.12" | |
453 | 420 | }, |
454 | 421 | #endif |
455 | 422 | #ifdef LTC_ECC_BRAINPOOLP512T1 |
456 | 423 | { |
457 | /* curve name */ "BRAINPOOLP512T1", | |
458 | /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", | |
459 | /* A */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", | |
460 | /* B */ "7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", | |
461 | /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", | |
462 | /* Gx */ "640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA", | |
463 | /* Gy */ "5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332", | |
464 | /* cofactor */ 1, | |
465 | /* OID */ { 1,3,36,3,3,2,8,1,1,14 }, 10 | |
466 | }, | |
467 | #endif | |
468 | { | |
469 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, | |
470 | 0, | |
471 | { 0 }, 0 | |
424 | /* prime */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", | |
425 | /* A */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", | |
426 | /* B */ "7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", | |
427 | /* order */ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", | |
428 | /* Gx */ "640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA", | |
429 | /* Gy */ "5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332", | |
430 | /* cofactor */ 1, | |
431 | /* OID */ "1.3.36.3.3.2.8.1.1.14" | |
432 | }, | |
433 | #endif | |
434 | { | |
435 | NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL | |
472 | 436 | } |
473 | 437 | }; |
474 | 438 |
21 | 21 | @param outlen [in/out] Length of destination and final output size |
22 | 22 | Return CRYPT_OK on success |
23 | 23 | */ |
24 | int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen) | |
24 | int ecc_ansi_x963_export(const ecc_key *key, unsigned char *out, unsigned long *outlen) | |
25 | 25 | { |
26 | 26 | unsigned char buf[ECC_BUF_SIZE]; |
27 | 27 | unsigned long numlen, xlen, ylen; |
25 | 25 | return ecc_ansi_x963_import_ex(in, inlen, key, NULL); |
26 | 26 | } |
27 | 27 | |
28 | int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp) | |
28 | int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu) | |
29 | 29 | { |
30 | 30 | int err; |
31 | 31 | |
38 | 38 | } |
39 | 39 | |
40 | 40 | /* initialize key->dp */ |
41 | if (dp == NULL) { | |
41 | if (cu == NULL) { | |
42 | 42 | /* this case works only for uncompressed public keys */ |
43 | if ((err = ecc_set_dp_size((inlen-1)>>1, key)) != CRYPT_OK) { return err; } | |
43 | if ((err = ecc_set_dp_by_size((inlen-1)>>1, key)) != CRYPT_OK) { return err; } | |
44 | 44 | } |
45 | 45 | else { |
46 | 46 | /* this one works for both compressed / uncompressed pubkeys */ |
47 | if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { return err; } | |
47 | if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { return err; } | |
48 | 48 | } |
49 | 49 | |
50 | 50 | /* load public key */ |
26 | 26 | */ |
27 | 27 | int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, |
28 | 28 | unsigned char *out, unsigned long *outlen, |
29 | ecc_key *key) | |
29 | const ecc_key *key) | |
30 | 30 | { |
31 | 31 | unsigned char *ecc_shared, *skey, *pub_expt; |
32 | 32 | unsigned long x, y; |
84 | 84 | } |
85 | 85 | |
86 | 86 | /* import ECC key from packet */ |
87 | if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { goto LBL_ERR; } | |
87 | if ((err = ecc_copy_dp(key, &pubkey)) != CRYPT_OK) { goto LBL_ERR; } | |
88 | 88 | if ((err = ecc_set_key(decode[1].data, decode[1].size, PK_PUBLIC, &pubkey)) != CRYPT_OK) { goto LBL_ERR; } |
89 | 89 | |
90 | 90 | /* make shared key */ |
30 | 30 | int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, |
31 | 31 | unsigned char *out, unsigned long *outlen, |
32 | 32 | prng_state *prng, int wprng, int hash, |
33 | ecc_key *key) | |
33 | const ecc_key *key) | |
34 | 34 | { |
35 | 35 | unsigned char *pub_expt, *ecc_shared, *skey; |
36 | 36 | ecc_key pubkey; |
56 | 56 | } |
57 | 57 | |
58 | 58 | /* make a random key and export the public copy */ |
59 | if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { return err; } | |
59 | if ((err = ecc_copy_dp(key, &pubkey)) != CRYPT_OK) { return err; } | |
60 | 60 | if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { return err; } |
61 | 61 | |
62 | 62 | pub_expt = XMALLOC(ECC_BUF_SIZE); |
77 | 77 | } |
78 | 78 | |
79 | 79 | pubkeysize = ECC_BUF_SIZE; |
80 | #ifdef USE_TFM | |
81 | /* XXX-FIXME: TFM does not support sqrtmod_prime */ | |
82 | if ((err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) { | |
83 | #else | |
84 | if ((err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC|PK_COMPRESSED, &pubkey)) != CRYPT_OK) { | |
85 | #endif | |
80 | if (ltc_mp.sqrtmod_prime != NULL) { | |
81 | /* PK_COMPRESSED requires sqrtmod_prime */ | |
82 | err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC|PK_COMPRESSED, &pubkey); | |
83 | } | |
84 | else { | |
85 | err = ecc_get_key(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey); | |
86 | } | |
87 | if (err != CRYPT_OK) { | |
86 | 88 | ecc_free(&pubkey); |
87 | 89 | goto LBL_ERR; |
88 | 90 | } |
23 | 23 | @param key The key to export |
24 | 24 | @return CRYPT_OK if successful |
25 | 25 | */ |
26 | int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) | |
26 | int ecc_export(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key) | |
27 | 27 | { |
28 | 28 | int err; |
29 | 29 | unsigned char flags[1]; |
19 | 19 | @return CRYPT_OK if successful |
20 | 20 | */ |
21 | 21 | |
22 | int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) | |
22 | int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key) | |
23 | 23 | { |
24 | int err; | |
25 | void *prime, *order, *a, *b, *gx, *gy; | |
26 | unsigned char bin_a[256], bin_b[256], bin_k[256], bin_g[512], bin_xy[512]; | |
27 | unsigned long len_a, len_b, len_k, len_g, len_xy; | |
28 | unsigned long cofactor, one = 1; | |
29 | oid_st oid; | |
30 | ltc_asn1_list seq_fieldid[2], seq_curve[2], seq_ecparams[6], seq_priv[4], pub_xy, ecparams; | |
31 | int flag_oid = type & PK_CURVEOID ? 1 : 0; | |
32 | int flag_com = type & PK_COMPRESSED ? 1 : 0; | |
33 | int flag_pri = type & PK_PRIVATE ? 1 : 0; | |
24 | int err; | |
25 | void *prime, *order, *a, *b, *gx, *gy; | |
26 | unsigned char bin_a[256], bin_b[256], bin_k[256], bin_g[512], bin_xy[512]; | |
27 | unsigned long len_a, len_b, len_k, len_g, len_xy; | |
28 | unsigned long cofactor, one = 1; | |
29 | oid_st oid; | |
30 | ltc_asn1_list seq_fieldid[2], seq_curve[2], seq_ecparams[6], seq_priv[4], pub_xy, ecparams; | |
31 | int flag_oid = type & PK_CURVEOID ? 1 : 0; | |
32 | int flag_com = type & PK_COMPRESSED ? 1 : 0; | |
33 | int flag_pri = type & PK_PRIVATE ? 1 : 0; | |
34 | 34 | |
35 | LTC_ARGCHK(out != NULL); | |
36 | LTC_ARGCHK(outlen != NULL); | |
37 | LTC_ARGCHK(key != NULL); | |
35 | LTC_ARGCHK(out != NULL); | |
36 | LTC_ARGCHK(outlen != NULL); | |
37 | LTC_ARGCHK(key != NULL); | |
38 | 38 | |
39 | if (key->type != PK_PRIVATE && flag_pri) return CRYPT_PK_TYPE_MISMATCH; | |
39 | if (key->type != PK_PRIVATE && flag_pri) return CRYPT_PK_TYPE_MISMATCH; | |
40 | 40 | |
41 | prime = key->dp.prime; | |
42 | order = key->dp.order; | |
43 | b = key->dp.B; | |
44 | a = key->dp.A; | |
45 | gx = key->dp.base.x; | |
46 | gy = key->dp.base.y; | |
41 | prime = key->dp.prime; | |
42 | order = key->dp.order; | |
43 | b = key->dp.B; | |
44 | a = key->dp.A; | |
45 | gx = key->dp.base.x; | |
46 | gy = key->dp.base.y; | |
47 | 47 | |
48 | /* curve param a */ | |
49 | len_a = mp_unsigned_bin_size(a); | |
50 | if (len_a > sizeof(bin_a)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } | |
51 | if ((err = mp_to_unsigned_bin(a, bin_a)) != CRYPT_OK) goto error; | |
52 | if (len_a == 0) { len_a = 1; bin_a[0] = 0; } /* XXX-TODO hack to handle case a == 0 */ | |
48 | /* curve param a */ | |
49 | len_a = mp_unsigned_bin_size(a); | |
50 | if (len_a > sizeof(bin_a)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } | |
51 | if ((err = mp_to_unsigned_bin(a, bin_a)) != CRYPT_OK) { goto error; } | |
52 | if (len_a == 0) { len_a = 1; bin_a[0] = 0; } /* handle case a == 0 */ | |
53 | 53 | |
54 | /* curve param b */ | |
55 | len_b = mp_unsigned_bin_size(b); | |
56 | if (len_b > sizeof(bin_b)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } | |
57 | if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK) goto error; | |
58 | if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* XXX-TODO hack to handle case b == 0 */ | |
54 | /* curve param b */ | |
55 | len_b = mp_unsigned_bin_size(b); | |
56 | if (len_b > sizeof(bin_b)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } | |
57 | if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK) { goto error; } | |
58 | if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* handle case b == 0 */ | |
59 | 59 | |
60 | /* base point - (un)compressed based on flag_com */ | |
61 | len_g = sizeof(bin_g); | |
62 | if ((err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com)) != CRYPT_OK) goto error; | |
60 | /* base point - (un)compressed based on flag_com */ | |
61 | len_g = sizeof(bin_g); | |
62 | err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com); | |
63 | if (err != CRYPT_OK) { goto error; } | |
63 | 64 | |
64 | /* public key - (un)compressed based on flag_com */ | |
65 | len_xy = sizeof(bin_xy); | |
66 | if ((err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com)) != CRYPT_OK) goto error; | |
65 | /* public key - (un)compressed based on flag_com */ | |
66 | len_xy = sizeof(bin_xy); | |
67 | err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com); | |
68 | if (err != CRYPT_OK) { goto error; } | |
67 | 69 | |
68 | /* co-factor */ | |
69 | cofactor = key->dp.cofactor; | |
70 | /* co-factor */ | |
71 | cofactor = key->dp.cofactor; | |
70 | 72 | |
71 | /* we support only prime-field EC */ | |
72 | if ((err = pk_get_oid(PKA_EC_PRIMEF, &oid)) != CRYPT_OK) goto error; | |
73 | /* we support only prime-field EC */ | |
74 | if ((err = pk_get_oid(PKA_EC_PRIMEF, &oid)) != CRYPT_OK) { goto error; } | |
73 | 75 | |
74 | if (flag_oid) { | |
75 | /* from http://tools.ietf.org/html/rfc5912 | |
76 | ||
77 | ECParameters ::= CHOICE { | |
78 | namedCurve CURVE.&id({NamedCurve}) # OBJECT | |
79 | } | |
76 | if (flag_oid) { | |
77 | /* http://tools.ietf.org/html/rfc5912 | |
78 | ECParameters ::= CHOICE { | |
79 | namedCurve CURVE.&id({NamedCurve}) # OBJECT | |
80 | } | |
80 | 81 | */ |
81 | if (key->dp.oidlen == 0) { | |
82 | err = CRYPT_INVALID_ARG; | |
83 | goto error; | |
84 | } | |
82 | if (key->dp.oidlen == 0) { err = CRYPT_INVALID_ARG; goto error; } | |
85 | 83 | LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_OBJECT_IDENTIFIER, key->dp.oid, key->dp.oidlen); |
86 | } | |
87 | else { | |
88 | /* from http://tools.ietf.org/html/rfc3279 | |
89 | ||
90 | ECParameters ::= SEQUENCE { # SEQUENCE | |
91 | version INTEGER { ecpVer1(1) } (ecpVer1), # INTEGER :01 | |
92 | FieldID ::= SEQUENCE { # SEQUENCE | |
93 | fieldType FIELD-ID.&id({IOSet}), # OBJECT :prime-field | |
94 | parameters FIELD-ID.&Type({IOSet}{@fieldType}) # INTEGER | |
95 | } | |
96 | Curve ::= SEQUENCE { # SEQUENCE | |
97 | a FieldElement ::= OCTET STRING # OCTET STRING | |
98 | b FieldElement ::= OCTET STRING # OCTET STRING | |
99 | seed BIT STRING OPTIONAL | |
100 | } | |
101 | base ECPoint ::= OCTET STRING # OCTET STRING | |
102 | order INTEGER, # INTEGER | |
103 | cofactor INTEGER OPTIONAL # INTEGER | |
104 | } | |
84 | } | |
85 | else { | |
86 | /* http://tools.ietf.org/html/rfc3279 | |
87 | ECParameters ::= SEQUENCE { # SEQUENCE | |
88 | version INTEGER { ecpVer1(1) } (ecpVer1) # INTEGER :01 | |
89 | FieldID ::= SEQUENCE { # SEQUENCE | |
90 | fieldType FIELD-ID.&id({IOSet}), # OBJECT :prime-field | |
91 | parameters FIELD-ID.&Type({IOSet}{@fieldType}) # INTEGER | |
92 | } | |
93 | Curve ::= SEQUENCE { # SEQUENCE | |
94 | a FieldElement ::= OCTET STRING # OCTET STRING | |
95 | b FieldElement ::= OCTET STRING # OCTET STRING | |
96 | seed BIT STRING OPTIONAL | |
97 | } | |
98 | base ECPoint ::= OCTET STRING # OCTET STRING | |
99 | order INTEGER, # INTEGER | |
100 | cofactor INTEGER OPTIONAL # INTEGER | |
101 | } | |
105 | 102 | */ |
106 | 103 | |
107 | 104 | /* FieldID SEQUENCE */ |
122 | 119 | |
123 | 120 | /* ECParameters used by ECPrivateKey or SubjectPublicKeyInfo below */ |
124 | 121 | LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL); |
125 | } | |
122 | } | |
126 | 123 | |
127 | if (flag_pri) { | |
128 | /* private key format: http://tools.ietf.org/html/rfc5915 | |
129 | ||
130 | ECPrivateKey ::= SEQUENCE { # SEQUENCE | |
131 | version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), # INTEGER :01 | |
132 | privateKey OCTET STRING, # OCTET STRING | |
133 | [0] ECParameters # see above | |
134 | [1] publicKey # BIT STRING | |
135 | } | |
124 | if (flag_pri) { | |
125 | /* http://tools.ietf.org/html/rfc5915 | |
126 | ECPrivateKey ::= SEQUENCE { # SEQUENCE | |
127 | version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1) # INTEGER :01 | |
128 | privateKey OCTET STRING, # OCTET STRING | |
129 | [0] ECParameters # see above | |
130 | [1] publicKey # BIT STRING | |
131 | } | |
136 | 132 | */ |
137 | 133 | |
138 | 134 | /* private key */ |
139 | 135 | len_k = mp_unsigned_bin_size(key->k); |
140 | if (len_k > sizeof(bin_k)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } | |
141 | if ((err = mp_to_unsigned_bin(key->k, bin_k)) != CRYPT_OK) goto error; | |
136 | if (len_k > sizeof(bin_k)) { err = CRYPT_BUFFER_OVERFLOW; goto error; } | |
137 | if ((err = mp_to_unsigned_bin(key->k, bin_k)) != CRYPT_OK) { goto error; } | |
142 | 138 | |
143 | LTC_SET_ASN1(&pub_xy, 0, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8*len_xy); | |
144 | LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &one, 1); | |
145 | LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, len_k); | |
139 | LTC_SET_ASN1(&pub_xy, 0, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8*len_xy); | |
140 | LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &one, 1); | |
141 | LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, len_k); | |
146 | 142 | LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, &ecparams); /* context specific 0 */ |
147 | 143 | LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, &pub_xy); /* context specific 1 */ |
148 | 144 | |
149 | 145 | err = der_encode_sequence(seq_priv, 4, out, outlen); |
150 | } | |
151 | else { | |
152 | /* public key format: http://tools.ietf.org/html/rfc5480 | |
153 | ||
154 | SubjectPublicKeyInfo ::= SEQUENCE { # SEQUENCE | |
155 | AlgorithmIdentifier ::= SEQUENCE { # SEQUENCE | |
156 | algorithm OBJECT IDENTIFIER # OBJECT :id-ecPublicKey | |
157 | ECParameters # see above | |
158 | } | |
159 | subjectPublicKey BIT STRING # BIT STRING | |
160 | } | |
146 | } | |
147 | else { | |
148 | /* http://tools.ietf.org/html/rfc5480 | |
149 | SubjectPublicKeyInfo ::= SEQUENCE { # SEQUENCE | |
150 | AlgorithmIdentifier ::= SEQUENCE { # SEQUENCE | |
151 | algorithm OBJECT IDENTIFIER # OBJECT :id-ecPublicKey | |
152 | ECParameters # see above | |
153 | } | |
154 | subjectPublicKey BIT STRING # BIT STRING | |
155 | } | |
161 | 156 | */ |
162 | err = x509_encode_subject_public_key_info( out, outlen, | |
163 | PKA_EC, bin_xy, len_xy, | |
164 | ecparams.type, ecparams.data, ecparams.size ); | |
165 | } | |
157 | err = x509_encode_subject_public_key_info( out, outlen, PKA_EC, bin_xy, len_xy, | |
158 | ecparams.type, ecparams.data, ecparams.size ); | |
159 | } | |
166 | 160 | |
167 | 161 | error: |
168 | return err; | |
162 | return err; | |
169 | 163 | } |
170 | 164 | |
171 | 165 | #endif |
22 | 22 | void ecc_free(ecc_key *key) |
23 | 23 | { |
24 | 24 | LTC_ARGCHKVD(key != NULL); |
25 | /* clean dp */ | |
25 | ||
26 | 26 | mp_cleanup_multi(&key->dp.prime, &key->dp.order, |
27 | 27 | &key->dp.A, &key->dp.B, |
28 | 28 | &key->dp.base.x, &key->dp.base.y, &key->dp.base.z, |
29 | NULL); | |
30 | ||
31 | /* clean key */ | |
32 | mp_cleanup_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL); | |
29 | &key->pubkey.x, &key->pubkey.y, &key->pubkey.z, | |
30 | &key->k, NULL); | |
33 | 31 | } |
34 | 32 | |
35 | 33 | #endif |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | ||
9 | #include "tomcrypt.h" | |
10 | ||
11 | #ifdef LTC_MECC | |
12 | ||
13 | static const struct { | |
14 | const char *OID; | |
15 | const char *names[6]; | |
16 | } _curve_names[] = { | |
17 | #ifdef LTC_ECC_SECP112R1 | |
18 | { | |
19 | "1.3.132.0.6", { "SECP112R1", "ECC-112", NULL } | |
20 | }, | |
21 | #endif | |
22 | #ifdef LTC_ECC_SECP112R2 | |
23 | { | |
24 | "1.3.132.0.7", { "SECP112R2", NULL } | |
25 | }, | |
26 | #endif | |
27 | #ifdef LTC_ECC_SECP128R1 | |
28 | { | |
29 | "1.3.132.0.28", { "SECP128R1", "ECC-128", NULL } | |
30 | }, | |
31 | #endif | |
32 | #ifdef LTC_ECC_SECP128R2 | |
33 | { | |
34 | "1.3.132.0.29", { "SECP128R2", NULL } | |
35 | }, | |
36 | #endif | |
37 | #ifdef LTC_ECC_SECP160R1 | |
38 | { | |
39 | "1.3.132.0.8", { "SECP160R1", "ECC-160", NULL } | |
40 | }, | |
41 | #endif | |
42 | #ifdef LTC_ECC_SECP160R2 | |
43 | { | |
44 | "1.3.132.0.30", { "SECP160R2", NULL } | |
45 | }, | |
46 | #endif | |
47 | #ifdef LTC_ECC_SECP160K1 | |
48 | { | |
49 | "1.3.132.0.9", { "SECP160K1", NULL } | |
50 | }, | |
51 | #endif | |
52 | #ifdef LTC_ECC_SECP192R1 | |
53 | { | |
54 | "1.2.840.10045.3.1.1", { "SECP192R1", "NISTP192", "PRIME192V1", "ECC-192", "P-192", NULL } | |
55 | }, | |
56 | #endif | |
57 | #ifdef LTC_ECC_PRIME192V2 | |
58 | { | |
59 | "1.2.840.10045.3.1.2", { "PRIME192V2", NULL } | |
60 | }, | |
61 | #endif | |
62 | #ifdef LTC_ECC_PRIME192V3 | |
63 | { | |
64 | "1.2.840.10045.3.1.3", { "PRIME192V3", NULL } | |
65 | }, | |
66 | #endif | |
67 | #ifdef LTC_ECC_SECP192K1 | |
68 | { | |
69 | "1.3.132.0.31", { "SECP192K1", NULL } | |
70 | }, | |
71 | #endif | |
72 | #ifdef LTC_ECC_SECP224R1 | |
73 | { | |
74 | "1.3.132.0.33", { "SECP224R1", "NISTP224", "ECC-224", "P-224", NULL } | |
75 | }, | |
76 | #endif | |
77 | #ifdef LTC_ECC_SECP224K1 | |
78 | { | |
79 | "1.3.132.0.32", { "SECP224K1", NULL } | |
80 | }, | |
81 | #endif | |
82 | #ifdef LTC_ECC_SECP256R1 | |
83 | { | |
84 | "1.2.840.10045.3.1.7", { "SECP256R1", "NISTP256", "PRIME256V1", "ECC-256", "P-256", NULL } | |
85 | }, | |
86 | #endif | |
87 | #ifdef LTC_ECC_SECP256K1 | |
88 | { | |
89 | "1.3.132.0.10", { "SECP256K1", NULL } | |
90 | }, | |
91 | #endif | |
92 | #ifdef LTC_ECC_SECP384R1 | |
93 | { | |
94 | "1.3.132.0.34", { "SECP384R1", "NISTP384", "ECC-384", "P-384", NULL } | |
95 | }, | |
96 | #endif | |
97 | #ifdef LTC_ECC_SECP521R1 | |
98 | { | |
99 | "1.3.132.0.35", { "SECP521R1", "NISTP521", "ECC-521", "P-521", NULL } | |
100 | }, | |
101 | #endif | |
102 | #ifdef LTC_ECC_PRIME239V1 | |
103 | { | |
104 | "1.2.840.10045.3.1.4", { "PRIME239V1", NULL } | |
105 | }, | |
106 | #endif | |
107 | #ifdef LTC_ECC_PRIME239V2 | |
108 | { | |
109 | "1.2.840.10045.3.1.5", { "PRIME239V2", NULL } | |
110 | }, | |
111 | #endif | |
112 | #ifdef LTC_ECC_PRIME239V3 | |
113 | { | |
114 | "1.2.840.10045.3.1.6", { "PRIME239V3", NULL } | |
115 | }, | |
116 | #endif | |
117 | #ifdef LTC_ECC_BRAINPOOLP160R1 | |
118 | { | |
119 | "1.3.36.3.3.2.8.1.1.1", { "BRAINPOOLP160R1", NULL } | |
120 | }, | |
121 | #endif | |
122 | #ifdef LTC_ECC_BRAINPOOLP192R1 | |
123 | { | |
124 | "1.3.36.3.3.2.8.1.1.3", { "BRAINPOOLP192R1", NULL } | |
125 | }, | |
126 | #endif | |
127 | #ifdef LTC_ECC_BRAINPOOLP224R1 | |
128 | { | |
129 | "1.3.36.3.3.2.8.1.1.5", { "BRAINPOOLP224R1", NULL } | |
130 | }, | |
131 | #endif | |
132 | #ifdef LTC_ECC_BRAINPOOLP256R1 | |
133 | { | |
134 | "1.3.36.3.3.2.8.1.1.7", { "BRAINPOOLP256R1", NULL } | |
135 | }, | |
136 | #endif | |
137 | #ifdef LTC_ECC_BRAINPOOLP320R1 | |
138 | { | |
139 | "1.3.36.3.3.2.8.1.1.9", { "BRAINPOOLP320R1", NULL } | |
140 | }, | |
141 | #endif | |
142 | #ifdef LTC_ECC_BRAINPOOLP384R1 | |
143 | { | |
144 | "1.3.36.3.3.2.8.1.1.11", { "BRAINPOOLP384R1", NULL } | |
145 | }, | |
146 | #endif | |
147 | #ifdef LTC_ECC_BRAINPOOLP512R1 | |
148 | { | |
149 | "1.3.36.3.3.2.8.1.1.13", { "BRAINPOOLP512R1", NULL } | |
150 | }, | |
151 | #endif | |
152 | #ifdef LTC_ECC_BRAINPOOLP160T1 | |
153 | { | |
154 | "1.3.36.3.3.2.8.1.1.2", { "BRAINPOOLP160T1", NULL } | |
155 | }, | |
156 | #endif | |
157 | #ifdef LTC_ECC_BRAINPOOLP192T1 | |
158 | { | |
159 | "1.3.36.3.3.2.8.1.1.4", { "BRAINPOOLP192T1", NULL } | |
160 | }, | |
161 | #endif | |
162 | #ifdef LTC_ECC_BRAINPOOLP224T1 | |
163 | { | |
164 | "1.3.36.3.3.2.8.1.1.6", { "BRAINPOOLP224T1", NULL } | |
165 | }, | |
166 | #endif | |
167 | #ifdef LTC_ECC_BRAINPOOLP256T1 | |
168 | { | |
169 | "1.3.36.3.3.2.8.1.1.8", { "BRAINPOOLP256T1", NULL } | |
170 | }, | |
171 | #endif | |
172 | #ifdef LTC_ECC_BRAINPOOLP320T1 | |
173 | { | |
174 | "1.3.36.3.3.2.8.1.1.10", { "BRAINPOOLP320T1", NULL } | |
175 | }, | |
176 | #endif | |
177 | #ifdef LTC_ECC_BRAINPOOLP384T1 | |
178 | { | |
179 | "1.3.36.3.3.2.8.1.1.12", { "BRAINPOOLP384T1", NULL } | |
180 | }, | |
181 | #endif | |
182 | #ifdef LTC_ECC_BRAINPOOLP512T1 | |
183 | { | |
184 | "1.3.36.3.3.2.8.1.1.14", { "BRAINPOOLP512T1", NULL } | |
185 | }, | |
186 | #endif | |
187 | { | |
188 | NULL, { NULL } | |
189 | } | |
190 | }; | |
191 | ||
192 | /* case-insensitive match + ignore '-', '_', ' ' */ | |
193 | static int _name_match(const char *left, const char *right) | |
194 | { | |
195 | char lc_r, lc_l; | |
196 | ||
197 | while ((*left != '\0') && (*right != '\0')) { | |
198 | while ((*left == ' ') || (*left == '-') || (*left == '_')) left++; | |
199 | while ((*right == ' ') || (*right == '-') || (*right == '_')) right++; | |
200 | if (*left == '\0' || *right == '\0') break; | |
201 | lc_r = *right; | |
202 | lc_l = *left; | |
203 | if ((lc_r >= 'A') && (lc_r <= 'Z')) lc_r += 32; | |
204 | if ((lc_l >= 'A') && (lc_l <= 'Z')) lc_l += 32; | |
205 | if (lc_l != lc_r) return 0; | |
206 | left++; | |
207 | right++; | |
208 | } | |
209 | ||
210 | if ((*left == '\0') && (*right == '\0')) | |
211 | return 1; | |
212 | else | |
213 | return 0; | |
214 | } | |
215 | ||
216 | int ecc_get_curve(const char *name_or_oid, const ltc_ecc_curve **cu) | |
217 | { | |
218 | int i, j; | |
219 | const char *OID = NULL; | |
220 | ||
221 | LTC_ARGCHK(cu != NULL); | |
222 | LTC_ARGCHK(name_or_oid != NULL); | |
223 | ||
224 | *cu = NULL; | |
225 | ||
226 | for (i = 0; _curve_names[i].OID != NULL && !OID; i++) { | |
227 | if (XSTRCMP(_curve_names[i].OID, name_or_oid) == 0) { | |
228 | OID = _curve_names[i].OID; | |
229 | } | |
230 | for (j = 0; _curve_names[i].names[j] != NULL && !OID; j++) { | |
231 | if (_name_match(_curve_names[i].names[j], name_or_oid)) { | |
232 | OID = _curve_names[i].OID; | |
233 | } | |
234 | } | |
235 | } | |
236 | ||
237 | if (OID != NULL) { | |
238 | for (i = 0; ltc_ecc_curves[i].prime != NULL; i++) { | |
239 | if (XSTRCMP(ltc_ecc_curves[i].OID, OID) == 0) { | |
240 | *cu = <c_ecc_curves[i]; | |
241 | return CRYPT_OK; | |
242 | } | |
243 | } | |
244 | } | |
245 | ||
246 | return CRYPT_INVALID_ARG; /* not found */ | |
247 | } | |
248 | ||
249 | #endif | |
250 | ||
251 | /* ref: $Format:%D$ */ | |
252 | /* git commit: $Format:%H$ */ | |
253 | /* commit time: $Format:%ai$ */ |
18 | 18 | Return CRYPT_OK on success |
19 | 19 | */ |
20 | 20 | |
21 | int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) | |
21 | int ecc_get_key(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key) | |
22 | 22 | { |
23 | 23 | unsigned long size, ksize; |
24 | 24 | int err, compressed; |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | ||
9 | #include "tomcrypt.h" | |
10 | ||
11 | #ifdef LTC_MECC | |
12 | ||
13 | int ecc_get_set_by_name(const char* name, const ltc_ecc_set_type** dp) | |
14 | { | |
15 | int i; | |
16 | ||
17 | LTC_ARGCHK(dp != NULL); | |
18 | LTC_ARGCHK(name != NULL); | |
19 | ||
20 | *dp = NULL; | |
21 | ||
22 | for (i = 0; ltc_ecc_sets[i].name != NULL; i++) { | |
23 | if (XSTRCMP(ltc_ecc_sets[i].name, name) == 0) break; | |
24 | } | |
25 | ||
26 | if (ltc_ecc_sets[i].name == NULL) { | |
27 | /* not found */ | |
28 | return CRYPT_INVALID_ARG; | |
29 | } | |
30 | ||
31 | *dp = <c_ecc_sets[i]; | |
32 | return CRYPT_OK; | |
33 | } | |
34 | ||
35 | #endif | |
36 | ||
37 | /* ref: $Format:%D$ */ | |
38 | /* git commit: $Format:%H$ */ | |
39 | /* commit time: $Format:%ai$ */ |
20 | 20 | @param key The key to get the size of |
21 | 21 | @return The size (octets) of the key or INT_MAX on error |
22 | 22 | */ |
23 | int ecc_get_size(ecc_key *key) | |
23 | int ecc_get_size(const ecc_key *key) | |
24 | 24 | { |
25 | 25 | if (key == NULL) { |
26 | 26 | return INT_MAX; |
32 | 32 | @param in The packet to import |
33 | 33 | @param inlen The length of the packet |
34 | 34 | @param key [out] The destination of the import |
35 | @param dp pointer to user supplied params; must be the same as the params used when exporting | |
35 | @param cu pointer to user supplied params; must be the same as the params used when exporting | |
36 | 36 | @return CRYPT_OK if successful, upon error all allocated memory will be freed |
37 | 37 | */ |
38 | int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp) | |
38 | int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu) | |
39 | 39 | { |
40 | 40 | unsigned long key_size; |
41 | 41 | unsigned char flags[1]; |
54 | 54 | } |
55 | 55 | |
56 | 56 | /* allocate & initialize the key */ |
57 | if (dp == NULL) { | |
58 | if ((err = ecc_set_dp_size(key_size, key)) != CRYPT_OK) { goto done; } | |
57 | if (cu == NULL) { | |
58 | if ((err = ecc_set_dp_by_size(key_size, key)) != CRYPT_OK) { goto done; } | |
59 | 59 | } else { |
60 | if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { goto done; } | |
60 | if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { goto done; } | |
61 | 61 | } |
62 | 62 | |
63 | 63 | if (flags[0] == 1) { |
14 | 14 | { |
15 | 15 | void *prime, *order, *a, *b, *gx, *gy; |
16 | 16 | ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6], seq_priv[4], custom[2]; |
17 | unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE], bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128]; | |
17 | unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE]; | |
18 | unsigned char bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128]; | |
18 | 19 | unsigned long len_a, len_b, len_k, len_g, len_xy, len_oid, len; |
19 | 20 | unsigned long cofactor = 0, ecver = 0, pkver = 0, tmpoid[16], curveoid[16]; |
21 | char OID[256]; | |
22 | const ltc_ecc_curve *curve; | |
20 | 23 | int err; |
21 | 24 | |
22 | 25 | if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) { |
27 | 30 | |
28 | 31 | len_xy = sizeof(bin_xy); |
29 | 32 | len_oid = 16; |
30 | err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, &len_oid); | |
33 | err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, | |
34 | LTC_ASN1_OBJECT_IDENTIFIER, (void *)curveoid, &len_oid); | |
31 | 35 | if (err == CRYPT_OK) { |
32 | 36 | /* load curve parameters for given curve OID */ |
33 | if ((err = ecc_set_dp_oid(curveoid, len_oid, key)) != CRYPT_OK) { goto error; } | |
37 | len = sizeof(OID); | |
38 | if ((err = pk_oid_num_to_str(curveoid, len_oid, OID, &len)) != CRYPT_OK) { goto error; } | |
39 | if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto error; } | |
40 | if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto error; } | |
34 | 41 | /* load public key */ |
35 | if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } | |
42 | if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } | |
36 | 43 | goto success; |
37 | 44 | } |
38 | 45 | |
39 | 46 | /* ### 2. try to load public key - curve parameters included */ |
40 | 47 | |
41 | 48 | /* ECParameters SEQUENCE */ |
42 | LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); | |
43 | LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); | |
44 | LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); | |
45 | LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); | |
46 | LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); | |
47 | LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); | |
49 | LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL); | |
50 | LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL); | |
51 | LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL); | |
52 | LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, (unsigned long)2*ECC_MAXSIZE+1); | |
53 | LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL); | |
54 | LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); | |
48 | 55 | seq_ecparams[5].optional = 1; |
49 | 56 | /* FieldID SEQUENCE */ |
50 | LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); | |
51 | LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); | |
57 | LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); | |
58 | LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); | |
52 | 59 | /* Curve SEQUENCE */ |
53 | LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); | |
54 | LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); | |
55 | LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); | |
60 | LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); | |
61 | LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); | |
62 | LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); | |
56 | 63 | seq_curve[2].optional = 1; |
57 | 64 | /* try to load public key */ |
58 | 65 | len_xy = sizeof(bin_xy); |
64 | 71 | len_b = seq_curve[1].size; |
65 | 72 | len_g = seq_ecparams[3].size; |
66 | 73 | /* create bignums */ |
67 | if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } | |
68 | if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } | |
69 | if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } | |
74 | if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } | |
75 | if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } | |
76 | if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } | |
70 | 77 | /* load curve parameters */ |
71 | if ((err = ecc_set_dp_bn(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } | |
78 | if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } | |
72 | 79 | /* load public key */ |
73 | if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } | |
80 | if ((err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key)) != CRYPT_OK) { goto error; } | |
74 | 81 | goto success; |
75 | 82 | } |
76 | 83 | |
77 | 84 | /* ### 3. try to load private key - no curve parameters just curve OID */ |
78 | 85 | |
79 | 86 | /* ECPrivateKey SEQUENCE */ |
80 | LTC_SET_ASN1(custom, 0, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL); | |
81 | LTC_SET_ASN1(custom, 1, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); | |
82 | LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL); | |
83 | LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); | |
87 | LTC_SET_ASN1(custom, 0, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL); | |
88 | LTC_SET_ASN1(custom, 1, LTC_ASN1_RAW_BIT_STRING, bin_xy, (unsigned long)8*(2*ECC_MAXSIZE+2)); | |
89 | LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL); | |
90 | LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, (unsigned long)ECC_MAXSIZE); | |
84 | 91 | LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom); /* context specific 0 */ |
85 | 92 | LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, custom + 1); /* context specific 1 */ |
86 | 93 | |
88 | 95 | err = der_decode_sequence(in, inlen, seq_priv, 4); |
89 | 96 | if (err == CRYPT_OK) { |
90 | 97 | /* load curve parameters for given curve OID */ |
91 | if ((err = ecc_set_dp_oid(curveoid, custom[0].size, key)) != CRYPT_OK) { goto error; } | |
98 | len = sizeof(OID); | |
99 | if ((err = pk_oid_num_to_str(curveoid, custom[0].size, OID, &len)) != CRYPT_OK) { goto error; } | |
100 | if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto error; } | |
101 | if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto error; } | |
92 | 102 | /* load private+public key */ |
93 | if ((err = ecc_set_key(bin_k, seq_priv[1].size, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } | |
103 | if ((err = ecc_set_key(bin_k, seq_priv[1].size, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } | |
94 | 104 | goto success; |
95 | 105 | } |
96 | 106 | |
112 | 122 | LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL); |
113 | 123 | seq_ecparams[5].optional = 1; |
114 | 124 | /* FieldID SEQUENCE */ |
115 | LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); | |
116 | LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); | |
125 | LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL); | |
126 | LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL); | |
117 | 127 | /* Curve SEQUENCE */ |
118 | LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); | |
119 | LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); | |
120 | LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); | |
128 | LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, (unsigned long)ECC_MAXSIZE); | |
129 | LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, (unsigned long)ECC_MAXSIZE); | |
130 | LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, (unsigned long)8*128); | |
121 | 131 | seq_curve[2].optional = 1; |
122 | 132 | /* try to load private key */ |
123 | 133 | err = der_decode_sequence(in, inlen, seq_priv, 4); |
128 | 138 | len_b = seq_curve[1].size; |
129 | 139 | len_g = seq_ecparams[3].size; |
130 | 140 | /* create bignums */ |
131 | if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } | |
132 | if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } | |
133 | if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } | |
141 | if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; } | |
142 | if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; } | |
143 | if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; } | |
134 | 144 | /* load curve parameters */ |
135 | if ((err = ecc_set_dp_bn(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } | |
145 | if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; } | |
136 | 146 | /* load private+public key */ |
137 | if ((err = ecc_set_key(bin_k, len_k, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } | |
147 | if ((err = ecc_set_key(bin_k, len_k, PK_PRIVATE, key)) != CRYPT_OK) { goto error; } | |
138 | 148 | goto success; |
139 | 149 | } |
140 | 150 | |
141 | 151 | /* ### 5. backward compatibility - try to load old-DER format */ |
142 | 152 | |
143 | if ((err = ecc_import(in, inlen, key)) != CRYPT_OK) { goto error; } | |
153 | if ((err = ecc_import(in, inlen, key)) != CRYPT_OK) { goto error; } | |
144 | 154 | |
145 | 155 | success: |
146 | 156 | err = CRYPT_OK; |
459 | 459 | unsigned long len, cofactor; |
460 | 460 | oid_st ecoid; |
461 | 461 | int err; |
462 | char OID[256]; | |
463 | const ltc_ecc_curve *curve; | |
462 | 464 | ltc_asn1_list *p = NULL, *l = NULL; |
463 | 465 | |
464 | 466 | LTC_ARGCHK(in != NULL); |
499 | 501 | * 23:d=1 hl=2 l= 77 prim: OCTET STRING :bytes (== privatekey) |
500 | 502 | */ |
501 | 503 | ltc_asn1_list *loid = lseq->child->next; |
502 | if ((err = ecc_set_dp_oid(loid->data, loid->size, key)) != CRYPT_OK) { | |
503 | goto LBL_DONE; | |
504 | } | |
504 | len = sizeof(OID); | |
505 | if ((err = pk_oid_num_to_str(loid->data, loid->size, OID, &len)) != CRYPT_OK) { goto LBL_DONE; } | |
506 | if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto LBL_DONE; } | |
507 | if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto LBL_DONE; } | |
505 | 508 | } |
506 | 509 | else if (lseq->child->next && lseq->child->next->type == LTC_ASN1_SEQUENCE) { |
507 | 510 | /* CASE 2: explicit curve parameters (AKA long variant): |
552 | 555 | if ((err = ltc_ecc_import_point(lg->data, lg->size, lprime->data, a, b, gx, gy)) != CRYPT_OK) { |
553 | 556 | goto LBL_DONE; |
554 | 557 | } |
555 | if ((err = ecc_set_dp_bn(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) { | |
558 | if ((err = ecc_set_dp_from_mpis(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) { | |
556 | 559 | goto LBL_DONE; |
557 | 560 | } |
558 | 561 | } |
27 | 27 | { |
28 | 28 | int err; |
29 | 29 | |
30 | if ((err = ecc_set_dp_size(keysize, key)) != CRYPT_OK) { return err; } | |
30 | if ((err = ecc_set_dp_by_size(keysize, key)) != CRYPT_OK) { return err; } | |
31 | 31 | if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } |
32 | 32 | return CRYPT_OK; |
33 | 33 | } |
34 | 34 | |
35 | int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp) | |
35 | int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_curve *cu) | |
36 | 36 | { |
37 | 37 | int err; |
38 | if ((err = ecc_set_dp(dp, key)) != CRYPT_OK) { return err; } | |
38 | if ((err = ecc_set_dp(cu, key)) != CRYPT_OK) { return err; } | |
39 | 39 | if ((err = ecc_generate_key(prng, wprng, key)) != CRYPT_OK) { return err; } |
40 | 40 | return CRYPT_OK; |
41 | 41 | } |
10 | 10 | |
11 | 11 | #ifdef LTC_MECC |
12 | 12 | |
13 | int ecc_set_dp(const ltc_ecc_set_type *set, ecc_key *key) | |
13 | int ecc_set_dp(const ltc_ecc_curve *curve, ecc_key *key) | |
14 | 14 | { |
15 | unsigned long i; | |
16 | 15 | int err; |
17 | 16 | |
18 | 17 | LTC_ARGCHK(key != NULL); |
19 | LTC_ARGCHK(set != NULL); | |
18 | LTC_ARGCHK(curve != NULL); | |
20 | 19 | |
21 | 20 | if ((err = mp_init_multi(&key->dp.prime, &key->dp.order, &key->dp.A, &key->dp.B, |
22 | 21 | &key->dp.base.x, &key->dp.base.y, &key->dp.base.z, |
26 | 25 | } |
27 | 26 | |
28 | 27 | /* A, B, order, prime, Gx, Gy */ |
29 | if ((err = mp_read_radix(key->dp.prime, set->prime, 16)) != CRYPT_OK) { goto error; } | |
30 | if ((err = mp_read_radix(key->dp.order, set->order, 16)) != CRYPT_OK) { goto error; } | |
31 | if ((err = mp_read_radix(key->dp.A, set->A, 16)) != CRYPT_OK) { goto error; } | |
32 | if ((err = mp_read_radix(key->dp.B, set->B, 16)) != CRYPT_OK) { goto error; } | |
33 | if ((err = mp_read_radix(key->dp.base.x, set->Gx, 16)) != CRYPT_OK) { goto error; } | |
34 | if ((err = mp_read_radix(key->dp.base.y, set->Gy, 16)) != CRYPT_OK) { goto error; } | |
35 | if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; } | |
28 | if ((err = mp_read_radix(key->dp.prime, curve->prime, 16)) != CRYPT_OK) { goto error; } | |
29 | if ((err = mp_read_radix(key->dp.order, curve->order, 16)) != CRYPT_OK) { goto error; } | |
30 | if ((err = mp_read_radix(key->dp.A, curve->A, 16)) != CRYPT_OK) { goto error; } | |
31 | if ((err = mp_read_radix(key->dp.B, curve->B, 16)) != CRYPT_OK) { goto error; } | |
32 | if ((err = mp_read_radix(key->dp.base.x, curve->Gx, 16)) != CRYPT_OK) { goto error; } | |
33 | if ((err = mp_read_radix(key->dp.base.y, curve->Gy, 16)) != CRYPT_OK) { goto error; } | |
34 | if ((err = mp_set(key->dp.base.z, 1)) != CRYPT_OK) { goto error; } | |
36 | 35 | /* cofactor & size */ |
37 | key->dp.cofactor = set->cofactor; | |
36 | key->dp.cofactor = curve->cofactor; | |
38 | 37 | key->dp.size = mp_unsigned_bin_size(key->dp.prime); |
39 | /* OID */ | |
40 | key->dp.oidlen = set->oidlen; | |
41 | for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = set->oid[i]; | |
38 | /* OID string >> unsigned long oid[16] + oidlen */ | |
39 | key->dp.oidlen = 16; | |
40 | if ((err = pk_oid_str_to_num(curve->OID, key->dp.oid, &key->dp.oidlen)) != CRYPT_OK) { goto error; } | |
42 | 41 | /* success */ |
43 | 42 | return CRYPT_OK; |
44 | 43 | |
47 | 46 | return err; |
48 | 47 | } |
49 | 48 | |
50 | int ecc_set_dp_size(int size, ecc_key *key) | |
49 | int ecc_set_dp_by_size(int size, ecc_key *key) | |
51 | 50 | { |
52 | const ltc_ecc_set_type *dp = NULL; | |
53 | int err; | |
51 | const ltc_ecc_curve *cu = NULL; | |
52 | int err = CRYPT_ERROR; | |
54 | 53 | |
55 | 54 | /* for compatibility with libtomcrypt-1.17 the sizes below must match the specific curves */ |
56 | 55 | if (size <= 14) { |
57 | if ((err = ecc_get_set_by_name("SECP112R1", &dp)) != CRYPT_OK) return err; | |
58 | return ecc_set_dp(dp, key); | |
56 | err = ecc_get_curve("SECP112R1", &cu); | |
59 | 57 | } |
60 | 58 | else if (size <= 16) { |
61 | if ((err = ecc_get_set_by_name("SECP128R1", &dp)) != CRYPT_OK) return err; | |
62 | return ecc_set_dp(dp, key); | |
59 | err = ecc_get_curve("SECP128R1", &cu); | |
63 | 60 | } |
64 | 61 | else if (size <= 20) { |
65 | if ((err = ecc_get_set_by_name("SECP160R1", &dp)) != CRYPT_OK) return err; | |
66 | return ecc_set_dp(dp, key); | |
62 | err = ecc_get_curve("SECP160R1", &cu); | |
67 | 63 | } |
68 | 64 | else if (size <= 24) { |
69 | if ((err = ecc_get_set_by_name("SECP192R1", &dp)) != CRYPT_OK) return err; | |
70 | return ecc_set_dp(dp, key); | |
65 | err = ecc_get_curve("SECP192R1", &cu); | |
71 | 66 | } |
72 | 67 | else if (size <= 28) { |
73 | if ((err = ecc_get_set_by_name("SECP224R1", &dp)) != CRYPT_OK) return err; | |
74 | return ecc_set_dp(dp, key); | |
68 | err = ecc_get_curve("SECP224R1", &cu); | |
75 | 69 | } |
76 | 70 | else if (size <= 32) { |
77 | if ((err = ecc_get_set_by_name("SECP256R1", &dp)) != CRYPT_OK) return err; | |
78 | return ecc_set_dp(dp, key); | |
71 | err = ecc_get_curve("SECP256R1", &cu); | |
79 | 72 | } |
80 | 73 | else if (size <= 48) { |
81 | if ((err = ecc_get_set_by_name("SECP384R1", &dp)) != CRYPT_OK) return err; | |
82 | return ecc_set_dp(dp, key); | |
74 | err = ecc_get_curve("SECP384R1", &cu); | |
83 | 75 | } |
84 | 76 | else if (size <= 66) { |
85 | if ((err = ecc_get_set_by_name("SECP521R1", &dp)) != CRYPT_OK) return err; | |
86 | return ecc_set_dp(dp, key); | |
77 | err = ecc_get_curve("SECP521R1", &cu); | |
87 | 78 | } |
79 | ||
80 | if (err == CRYPT_OK && cu != NULL) return ecc_set_dp(cu, key); | |
88 | 81 | |
89 | 82 | return CRYPT_INVALID_ARG; |
90 | 83 | } |
10 | 10 | |
11 | 11 | #ifdef LTC_MECC |
12 | 12 | |
13 | static int _ecc_cmp_hex_bn(const char *left_hex, void *right_bn, void *tmp_bn) | |
14 | { | |
15 | if (mp_read_radix(tmp_bn, left_hex, 16) != CRYPT_OK) return 0; | |
16 | if (mp_cmp(tmp_bn, right_bn) != LTC_MP_EQ) return 0; | |
17 | return 1; | |
18 | } | |
19 | ||
13 | 20 | static void _ecc_oid_lookup(ecc_key *key) |
14 | 21 | { |
15 | int err; | |
16 | unsigned i; | |
17 | void *tmp; | |
18 | const ltc_ecc_set_type *set; | |
22 | void *bn; | |
23 | const ltc_ecc_curve *curve; | |
19 | 24 | |
20 | 25 | key->dp.oidlen = 0; |
21 | if ((err = mp_init(&tmp)) != CRYPT_OK) return; | |
22 | for (set = ltc_ecc_sets; set->name != NULL; set++) { | |
23 | if ((err = mp_read_radix(tmp, set->prime, 16)) != CRYPT_OK) continue; | |
24 | if ((mp_cmp(tmp, key->dp.prime) != LTC_MP_EQ)) continue; | |
25 | if ((err = mp_read_radix(tmp, set->order, 16)) != CRYPT_OK) continue; | |
26 | if ((mp_cmp(tmp, key->dp.order) != LTC_MP_EQ)) continue; | |
27 | if ((err = mp_read_radix(tmp, set->A, 16)) != CRYPT_OK) continue; | |
28 | if ((mp_cmp(tmp, key->dp.A) != LTC_MP_EQ)) continue; | |
29 | if ((err = mp_read_radix(tmp, set->B, 16)) != CRYPT_OK) continue; | |
30 | if ((mp_cmp(tmp, key->dp.B) != LTC_MP_EQ)) continue; | |
31 | if ((err = mp_read_radix(tmp, set->Gx, 16)) != CRYPT_OK) continue; | |
32 | if ((mp_cmp(tmp, key->dp.base.x) != LTC_MP_EQ)) continue; | |
33 | if ((err = mp_read_radix(tmp, set->Gy, 16)) != CRYPT_OK) continue; | |
34 | if ((mp_cmp(tmp, key->dp.base.y) != LTC_MP_EQ)) continue; | |
35 | if (key->dp.cofactor != set->cofactor) continue; | |
26 | if (mp_init(&bn) != CRYPT_OK) return; | |
27 | for (curve = ltc_ecc_curves; curve->prime != NULL; curve++) { | |
28 | if (_ecc_cmp_hex_bn(curve->prime, key->dp.prime, bn) != 1) continue; | |
29 | if (_ecc_cmp_hex_bn(curve->order, key->dp.order, bn) != 1) continue; | |
30 | if (_ecc_cmp_hex_bn(curve->A, key->dp.A, bn) != 1) continue; | |
31 | if (_ecc_cmp_hex_bn(curve->B, key->dp.B, bn) != 1) continue; | |
32 | if (_ecc_cmp_hex_bn(curve->Gx, key->dp.base.x, bn) != 1) continue; | |
33 | if (_ecc_cmp_hex_bn(curve->Gy, key->dp.base.y, bn) != 1) continue; | |
34 | if (key->dp.cofactor != curve->cofactor) continue; | |
36 | 35 | break; /* found */ |
37 | 36 | } |
38 | mp_clear(tmp); | |
39 | if (set->name != NULL) { | |
40 | /* OID found */ | |
41 | key->dp.oidlen = set->oidlen; | |
42 | for(i = 0; i < set->oidlen; i++) key->dp.oid[i] = set->oid[i]; | |
37 | mp_clear(bn); | |
38 | if (curve->prime && curve->OID) { | |
39 | key->dp.oidlen = 16; /* size of key->dp.oid */ | |
40 | pk_oid_str_to_num(curve->OID, key->dp.oid, &key->dp.oidlen); | |
43 | 41 | } |
44 | 42 | } |
45 | 43 | |
46 | int ecc_set_dp_oid(unsigned long *oid, unsigned long oidsize, ecc_key *key) | |
47 | { | |
48 | int i; | |
49 | ||
50 | LTC_ARGCHK(oid != NULL); | |
51 | LTC_ARGCHK(oidsize > 0); | |
52 | ||
53 | for(i = 0; ltc_ecc_sets[i].name != NULL; i++) { | |
54 | if ((oidsize == ltc_ecc_sets[i].oidlen) && | |
55 | (XMEM_NEQ(oid, ltc_ecc_sets[i].oid, sizeof(unsigned long) * ltc_ecc_sets[i].oidlen) == 0)) { | |
56 | break; | |
57 | } | |
58 | } | |
59 | if (ltc_ecc_sets[i].name == NULL) return CRYPT_ERROR; /* not found */ | |
60 | return ecc_set_dp(<c_ecc_sets[i], key); | |
61 | } | |
62 | ||
63 | int ecc_set_dp_copy(ecc_key *srckey, ecc_key *key) | |
44 | int ecc_copy_dp(const ecc_key *srckey, ecc_key *key) | |
64 | 45 | { |
65 | 46 | unsigned long i; |
66 | 47 | int err; |
80 | 61 | if ((err = mp_copy(srckey->dp.order, key->dp.order )) != CRYPT_OK) { goto error; } |
81 | 62 | if ((err = mp_copy(srckey->dp.A, key->dp.A )) != CRYPT_OK) { goto error; } |
82 | 63 | if ((err = mp_copy(srckey->dp.B, key->dp.B )) != CRYPT_OK) { goto error; } |
83 | if ((err = mp_copy(srckey->dp.base.x, key->dp.base.x)) != CRYPT_OK) { goto error; } | |
84 | if ((err = mp_copy(srckey->dp.base.y, key->dp.base.y)) != CRYPT_OK) { goto error; } | |
85 | if ((err = mp_copy(srckey->dp.base.z, key->dp.base.z)) != CRYPT_OK) { goto error; } | |
64 | if ((err = ltc_ecc_copy_point(&srckey->dp.base, &key->dp.base)) != CRYPT_OK) { goto error; } | |
86 | 65 | /* cofactor & size */ |
87 | 66 | key->dp.cofactor = srckey->dp.cofactor; |
88 | 67 | key->dp.size = srckey->dp.size; |
92 | 71 | for (i = 0; i < key->dp.oidlen; i++) key->dp.oid[i] = srckey->dp.oid[i]; |
93 | 72 | } |
94 | 73 | else { |
95 | _ecc_oid_lookup(key); /* try to find OID in ltc_ecc_sets */ | |
74 | _ecc_oid_lookup(key); /* try to find OID in ltc_ecc_curves */ | |
96 | 75 | } |
97 | 76 | /* success */ |
98 | 77 | return CRYPT_OK; |
102 | 81 | return err; |
103 | 82 | } |
104 | 83 | |
105 | int ecc_set_dp_bn(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key) | |
84 | int ecc_set_dp_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key) | |
106 | 85 | { |
107 | 86 | int err; |
108 | 87 | |
132 | 111 | /* cofactor & size */ |
133 | 112 | key->dp.cofactor = cofactor; |
134 | 113 | key->dp.size = mp_unsigned_bin_size(prime); |
135 | /* try to find OID in ltc_ecc_sets */ | |
114 | /* try to find OID in ltc_ecc_curves */ | |
136 | 115 | _ecc_oid_lookup(key); |
137 | 116 | /* success */ |
138 | 117 | return CRYPT_OK; |
23 | 23 | @param outlen [in/out] The max size and resulting size of the shared secret |
24 | 24 | @return CRYPT_OK if successful |
25 | 25 | */ |
26 | int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, | |
26 | int ecc_shared_secret(const ecc_key *private_key, const ecc_key *public_key, | |
27 | 27 | unsigned char *out, unsigned long *outlen) |
28 | 28 | { |
29 | 29 | unsigned long x; |
17 | 17 | |
18 | 18 | static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen, |
19 | 19 | unsigned char *out, unsigned long *outlen, |
20 | prng_state *prng, int wprng, ecc_key *key, int sigformat) | |
20 | prng_state *prng, int wprng, const ecc_key *key, int sigformat) | |
21 | 21 | { |
22 | 22 | ecc_key pubkey; |
23 | 23 | void *r, *s, *e, *p; |
66 | 66 | |
67 | 67 | /* make up a key and export the public copy */ |
68 | 68 | do { |
69 | if ((err = ecc_set_dp_copy(key, &pubkey)) != CRYPT_OK) { goto errnokey; } | |
69 | if ((err = ecc_copy_dp(key, &pubkey)) != CRYPT_OK) { goto errnokey; } | |
70 | 70 | if ((err = ecc_generate_key(prng, wprng, &pubkey)) != CRYPT_OK) { goto errnokey; } |
71 | 71 | |
72 | 72 | /* find r = x1 mod n */ |
131 | 131 | */ |
132 | 132 | int ecc_sign_hash(const unsigned char *in, unsigned long inlen, |
133 | 133 | unsigned char *out, unsigned long *outlen, |
134 | prng_state *prng, int wprng, ecc_key *key) | |
134 | prng_state *prng, int wprng, const ecc_key *key) | |
135 | 135 | { |
136 | 136 | return _ecc_sign_hash(in, inlen, out, outlen, prng, wprng, key, 0); |
137 | 137 | } |
149 | 149 | */ |
150 | 150 | int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen, |
151 | 151 | unsigned char *out, unsigned long *outlen, |
152 | prng_state *prng, int wprng, ecc_key *key) | |
152 | prng_state *prng, int wprng, const ecc_key *key) | |
153 | 153 | { |
154 | 154 | return _ecc_sign_hash(in, inlen, out, outlen, prng, wprng, key, 1); |
155 | 155 | } |
27 | 27 | *high = 0; |
28 | 28 | |
29 | 29 | if (mp_init(&prime) == CRYPT_OK) { |
30 | for (i = 0; ltc_ecc_sets[i].name != NULL; i++) { | |
31 | if (mp_read_radix(prime, ltc_ecc_sets[i].prime, 16) == CRYPT_OK) { | |
30 | for (i = 0; ltc_ecc_curves[i].prime != NULL; i++) { | |
31 | if (mp_read_radix(prime, ltc_ecc_curves[i].prime, 16) == CRYPT_OK) { | |
32 | 32 | size = mp_unsigned_bin_size(prime); |
33 | 33 | if (size < *low) *low = size; |
34 | 34 | if (size > *high) *high = size; |
17 | 17 | |
18 | 18 | static int _ecc_verify_hash(const unsigned char *sig, unsigned long siglen, |
19 | 19 | const unsigned char *hash, unsigned long hashlen, |
20 | int *stat, ecc_key *key, int sigformat) | |
20 | int *stat, const ecc_key *key, int sigformat) | |
21 | 21 | { |
22 | 22 | ecc_point *mG = NULL, *mQ = NULL; |
23 | 23 | void *r, *s, *v, *w, *u1, *u2, *e, *p, *m, *a, *a_plus3 = NULL, *mu = NULL, *ma = NULL; |
36 | 36 | |
37 | 37 | /* allocate ints */ |
38 | 38 | if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &e, &a_plus3, NULL)) != CRYPT_OK) { |
39 | return CRYPT_MEM; | |
39 | return err; | |
40 | 40 | } |
41 | 41 | |
42 | 42 | p = key->dp.order; |
108 | 108 | if ((err = mp_mulmod(r, w, p, u2)) != CRYPT_OK) { goto error; } |
109 | 109 | |
110 | 110 | /* find mG and mQ */ |
111 | if ((err = mp_copy(key->dp.base.x, mG->x)) != CRYPT_OK) { goto error; } | |
112 | if ((err = mp_copy(key->dp.base.y, mG->y)) != CRYPT_OK) { goto error; } | |
113 | if ((err = mp_copy(key->dp.base.z, mG->z)) != CRYPT_OK) { goto error; } | |
114 | if ((err = mp_copy(key->pubkey.x, mQ->x)) != CRYPT_OK) { goto error; } | |
115 | if ((err = mp_copy(key->pubkey.y, mQ->y)) != CRYPT_OK) { goto error; } | |
116 | if ((err = mp_copy(key->pubkey.z, mQ->z)) != CRYPT_OK) { goto error; } | |
111 | if ((err = ltc_ecc_copy_point(&key->dp.base, mG)) != CRYPT_OK) { goto error; } | |
112 | if ((err = ltc_ecc_copy_point(&key->pubkey, mQ)) != CRYPT_OK) { goto error; } | |
117 | 113 | |
118 | 114 | /* find the montgomery mp */ |
119 | 115 | if ((err = mp_montgomery_setup(m, &mp)) != CRYPT_OK) { goto error; } |
174 | 170 | */ |
175 | 171 | int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, |
176 | 172 | const unsigned char *hash, unsigned long hashlen, |
177 | int *stat, ecc_key *key) | |
173 | int *stat, const ecc_key *key) | |
178 | 174 | { |
179 | 175 | return _ecc_verify_hash(sig, siglen, hash, hashlen, stat, key, 0); |
180 | 176 | } |
191 | 187 | */ |
192 | 188 | int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen, |
193 | 189 | const unsigned char *hash, unsigned long hashlen, |
194 | int *stat, ecc_key *key) | |
190 | int *stat, const ecc_key *key) | |
195 | 191 | { |
196 | 192 | return _ecc_verify_hash(sig, siglen, hash, hashlen, stat, key, 1); |
197 | 193 | } |
30 | 30 | /* load y */ |
31 | 31 | if ((err = mp_read_unsigned_bin(y, (unsigned char *)in+1+size, size)) != CRYPT_OK) { goto cleanup; } |
32 | 32 | } |
33 | else if ((in[0] == 0x02 || in[0] == 0x03) && (inlen-1) == size) { | |
34 | /* read compressed point */ | |
33 | else if ((in[0] == 0x02 || in[0] == 0x03) && (inlen-1) == size && ltc_mp.sqrtmod_prime != NULL) { | |
34 | /* read compressed point - BEWARE: requires sqrtmod_prime */ | |
35 | 35 | /* load x */ |
36 | 36 | if ((err = mp_read_unsigned_bin(x, (unsigned char *)in+1, size)) != CRYPT_OK) { goto cleanup; } |
37 | 37 | /* compute x^3 */ |
14 | 14 | * a point at infinity is any point (x,y,0) such that y^2 == x^3, except (0,0,0) |
15 | 15 | */ |
16 | 16 | |
17 | int ltc_ecc_is_point_at_infinity(const ecc_point *P, void *modulus) | |
17 | int ltc_ecc_is_point_at_infinity(const ecc_point *P, void *modulus, int *retval) | |
18 | 18 | { |
19 | int err, retval = 0; | |
19 | int err; | |
20 | 20 | void *x3, *y2; |
21 | 21 | |
22 | 22 | /* trivial case */ |
23 | if (!mp_iszero(P->z)) goto done; | |
23 | if (!mp_iszero(P->z)) { | |
24 | *retval = 0; | |
25 | return CRYPT_OK; | |
26 | } | |
24 | 27 | |
25 | 28 | /* point (0,0,0) is not at infinity */ |
26 | if (mp_iszero(P->x) && mp_iszero(P->y)) goto done; | |
29 | if (mp_iszero(P->x) && mp_iszero(P->y)) { | |
30 | *retval = 0; | |
31 | return CRYPT_OK; | |
32 | } | |
27 | 33 | |
28 | 34 | /* initialize */ |
29 | 35 | if ((err = mp_init_multi(&x3, &y2, NULL)) != CRYPT_OK) goto done; |
36 | 42 | if ((err = mp_mulmod(P->x, x3, modulus, x3)) != CRYPT_OK) goto cleanup; |
37 | 43 | |
38 | 44 | /* test y^2 == x^3 */ |
39 | if ((mp_cmp(x3, y2) == LTC_MP_EQ) && !mp_iszero(y2)) retval = 1; | |
45 | err = CRYPT_OK; | |
46 | if ((mp_cmp(x3, y2) == LTC_MP_EQ) && !mp_iszero(y2)) | |
47 | *retval = 1; | |
48 | else | |
49 | *retval = 0; | |
40 | 50 | |
41 | 51 | cleanup: |
42 | 52 | mp_clear_multi(x3, y2, NULL); |
43 | 53 | done: |
44 | return retval; | |
54 | return err; | |
45 | 55 | } |
46 | 56 | |
47 | 57 | #endif |
32 | 32 | LTC_ARGCHK(mp != NULL); |
33 | 33 | |
34 | 34 | if (mp_iszero(P->z)) { |
35 | if ((err = mp_set(P->x, 0)) != CRYPT_OK) { return err; } | |
36 | if ((err = mp_set(P->y, 0)) != CRYPT_OK) { return err; } | |
37 | if ((err = mp_set(P->z, 1)) != CRYPT_OK) { return err; } | |
38 | return CRYPT_OK; | |
35 | return ltc_ecc_set_point_xyz(0, 0, 1, P); | |
39 | 36 | } |
40 | 37 | |
41 | 38 | if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) { |
162 | 162 | if (first == 1) { |
163 | 163 | /* if first, copy from table */ |
164 | 164 | first = 0; |
165 | if ((err = mp_copy(precomp[nA + (nB<<2)]->x, C->x)) != CRYPT_OK) { goto ERR_MU; } | |
166 | if ((err = mp_copy(precomp[nA + (nB<<2)]->y, C->y)) != CRYPT_OK) { goto ERR_MU; } | |
167 | if ((err = mp_copy(precomp[nA + (nB<<2)]->z, C->z)) != CRYPT_OK) { goto ERR_MU; } | |
165 | if ((err = ltc_ecc_copy_point(precomp[nA + (nB<<2)], C)) != CRYPT_OK) { goto ERR_MU; } | |
168 | 166 | } else { |
169 | 167 | /* if not first, add from table */ |
170 | 168 | if ((err = ltc_mp.ecc_ptadd(C, precomp[nA + (nB<<2)], C, ma, modulus, mp)) != CRYPT_OK) { goto ERR_MU; } |
31 | 31 | int ltc_ecc_mulmod(void *k, const ecc_point *G, ecc_point *R, void *a, void *modulus, int map) |
32 | 32 | { |
33 | 33 | ecc_point *tG, *M[8]; |
34 | int i, j, err; | |
34 | int i, j, err, inf; | |
35 | 35 | void *mp = NULL, *mu = NULL, *ma = NULL, *a_plus3 = NULL; |
36 | 36 | ltc_mp_digit buf; |
37 | 37 | int first, bitbuf, bitcpy, bitcnt, mode, digidx; |
41 | 41 | LTC_ARGCHK(R != NULL); |
42 | 42 | LTC_ARGCHK(modulus != NULL); |
43 | 43 | |
44 | if (ltc_ecc_is_point_at_infinity(G, modulus)) { | |
44 | if ((err = ltc_ecc_is_point_at_infinity(G, modulus, &inf)) != CRYPT_OK) return err; | |
45 | if (inf) { | |
45 | 46 | /* return the point at infinity */ |
46 | if ((err = mp_set(R->x, 1)) != CRYPT_OK) { return err; } | |
47 | if ((err = mp_set(R->y, 1)) != CRYPT_OK) { return err; } | |
48 | if ((err = mp_set(R->z, 0)) != CRYPT_OK) { return err; } | |
49 | return CRYPT_OK; | |
47 | return ltc_ecc_set_point_xyz(1, 1, 0, R); | |
50 | 48 | } |
51 | 49 | |
52 | 50 | /* init montgomery reduction */ |
80 | 78 | |
81 | 79 | /* tG = G and convert to montgomery */ |
82 | 80 | if (mp_cmp_d(mu, 1) == LTC_MP_EQ) { |
83 | if ((err = mp_copy(G->x, tG->x)) != CRYPT_OK) { goto done; } | |
84 | if ((err = mp_copy(G->y, tG->y)) != CRYPT_OK) { goto done; } | |
85 | if ((err = mp_copy(G->z, tG->z)) != CRYPT_OK) { goto done; } | |
81 | if ((err = ltc_ecc_copy_point(G, tG)) != CRYPT_OK) { goto done; } | |
86 | 82 | } else { |
87 | 83 | if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK) { goto done; } |
88 | 84 | if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK) { goto done; } |
145 | 141 | /* if this is the first window we do a simple copy */ |
146 | 142 | if (first == 1) { |
147 | 143 | /* R = kG [k = first window] */ |
148 | if ((err = mp_copy(M[bitbuf-8]->x, R->x)) != CRYPT_OK) { goto done; } | |
149 | if ((err = mp_copy(M[bitbuf-8]->y, R->y)) != CRYPT_OK) { goto done; } | |
150 | if ((err = mp_copy(M[bitbuf-8]->z, R->z)) != CRYPT_OK) { goto done; } | |
144 | if ((err = ltc_ecc_copy_point(M[bitbuf-8], R)) != CRYPT_OK) { goto done; } | |
151 | 145 | first = 0; |
152 | 146 | } else { |
153 | 147 | /* normal window */ |
179 | 173 | if ((bitbuf & (1 << WINSIZE)) != 0) { |
180 | 174 | if (first == 1){ |
181 | 175 | /* first add, so copy */ |
182 | if ((err = mp_copy(tG->x, R->x)) != CRYPT_OK) { goto done; } | |
183 | if ((err = mp_copy(tG->y, R->y)) != CRYPT_OK) { goto done; } | |
184 | if ((err = mp_copy(tG->z, R->z)) != CRYPT_OK) { goto done; } | |
176 | if ((err = ltc_ecc_copy_point(tG, R)) != CRYPT_OK) { goto done; } | |
185 | 177 | first = 0; |
186 | 178 | } else { |
187 | 179 | /* then add */ |
30 | 30 | int ltc_ecc_mulmod(void *k, const ecc_point *G, ecc_point *R, void *a, void *modulus, int map) |
31 | 31 | { |
32 | 32 | ecc_point *tG, *M[3]; |
33 | int i, j, err; | |
33 | int i, j, err, inf; | |
34 | 34 | void *mp = NULL, *mu = NULL, *ma = NULL, *a_plus3 = NULL; |
35 | 35 | ltc_mp_digit buf; |
36 | 36 | int bitcnt, mode, digidx; |
40 | 40 | LTC_ARGCHK(R != NULL); |
41 | 41 | LTC_ARGCHK(modulus != NULL); |
42 | 42 | |
43 | if (ltc_ecc_is_point_at_infinity(G, modulus)) { | |
43 | if ((err = ltc_ecc_is_point_at_infinity(G, modulus, &inf)) != CRYPT_OK) return err; | |
44 | if (inf) { | |
44 | 45 | /* return the point at infinity */ |
45 | if ((err = mp_set(R->x, 1)) != CRYPT_OK) { return err; } | |
46 | if ((err = mp_set(R->y, 1)) != CRYPT_OK) { return err; } | |
47 | if ((err = mp_set(R->z, 0)) != CRYPT_OK) { return err; } | |
48 | return CRYPT_OK; | |
46 | return ltc_ecc_set_point_xyz(1, 1, 0, R); | |
49 | 47 | } |
50 | 48 | |
51 | 49 | /* init montgomery reduction */ |
87 | 85 | |
88 | 86 | /* calc the M tab */ |
89 | 87 | /* M[0] == G */ |
90 | if ((err = mp_copy(tG->x, M[0]->x)) != CRYPT_OK) { goto done; } | |
91 | if ((err = mp_copy(tG->y, M[0]->y)) != CRYPT_OK) { goto done; } | |
92 | if ((err = mp_copy(tG->z, M[0]->z)) != CRYPT_OK) { goto done; } | |
88 | if ((err = ltc_ecc_copy_point(tG, M[0])) != CRYPT_OK) { goto done; } | |
93 | 89 | /* M[1] == 2G */ |
94 | 90 | if ((err = ltc_mp.ecc_ptdbl(tG, M[1], ma, modulus, mp)) != CRYPT_OK) { goto done; } |
95 | 91 | |
135 | 131 | } |
136 | 132 | |
137 | 133 | /* copy result out */ |
138 | if ((err = mp_copy(M[0]->x, R->x)) != CRYPT_OK) { goto done; } | |
139 | if ((err = mp_copy(M[0]->y, R->y)) != CRYPT_OK) { goto done; } | |
140 | if ((err = mp_copy(M[0]->z, R->z)) != CRYPT_OK) { goto done; } | |
134 | if ((err = ltc_ecc_copy_point(M[0], R)) != CRYPT_OK) { goto done; } | |
141 | 135 | |
142 | 136 | /* map R back from projective space */ |
143 | 137 | if (map) { |
45 | 45 | } |
46 | 46 | } |
47 | 47 | |
48 | int ltc_ecc_set_point_xyz(ltc_mp_digit x, ltc_mp_digit y, ltc_mp_digit z, ecc_point *p) | |
49 | { | |
50 | int err; | |
51 | if ((err = ltc_mp.set_int(p->x, x)) != CRYPT_OK) return err; | |
52 | if ((err = ltc_mp.set_int(p->y, y)) != CRYPT_OK) return err; | |
53 | if ((err = ltc_mp.set_int(p->z, z)) != CRYPT_OK) return err; | |
54 | return CRYPT_OK; | |
55 | } | |
56 | ||
57 | int ltc_ecc_copy_point(const ecc_point *src, ecc_point *dst) | |
58 | { | |
59 | int err; | |
60 | if ((err = ltc_mp.copy(src->x, dst->x)) != CRYPT_OK) return err; | |
61 | if ((err = ltc_mp.copy(src->y, dst->y)) != CRYPT_OK) return err; | |
62 | if ((err = ltc_mp.copy(src->z, dst->z)) != CRYPT_OK) return err; | |
63 | return CRYPT_OK; | |
64 | } | |
65 | ||
48 | 66 | #endif |
49 | 67 | /* ref: $Format:%D$ */ |
50 | 68 | /* git commit: $Format:%H$ */ |
28 | 28 | int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_point *R, void *ma, void *modulus, void *mp) |
29 | 29 | { |
30 | 30 | void *t1, *t2, *x, *y, *z; |
31 | int err; | |
31 | int err, inf; | |
32 | 32 | |
33 | 33 | LTC_ARGCHK(P != NULL); |
34 | 34 | LTC_ARGCHK(Q != NULL); |
40 | 40 | return err; |
41 | 41 | } |
42 | 42 | |
43 | if (ltc_ecc_is_point_at_infinity(P, modulus)) { | |
43 | if ((err = ltc_ecc_is_point_at_infinity(P, modulus, &inf)) != CRYPT_OK) return err; | |
44 | if (inf) { | |
44 | 45 | /* P is point at infinity >> Result = Q */ |
45 | if ((err = ltc_mp.copy(Q->x, R->x)) != CRYPT_OK) { goto done; } | |
46 | if ((err = ltc_mp.copy(Q->y, R->y)) != CRYPT_OK) { goto done; } | |
47 | if ((err = ltc_mp.copy(Q->z, R->z)) != CRYPT_OK) { goto done; } | |
48 | goto done; /* CRYPT_OK */ | |
49 | } | |
50 | ||
51 | if (ltc_ecc_is_point_at_infinity(Q, modulus)) { | |
46 | err = ltc_ecc_copy_point(Q, R); | |
47 | goto done; | |
48 | } | |
49 | ||
50 | if ((err = ltc_ecc_is_point_at_infinity(Q, modulus, &inf)) != CRYPT_OK) return err; | |
51 | if (inf) { | |
52 | 52 | /* Q is point at infinity >> Result = P */ |
53 | if ((err = ltc_mp.copy(P->x, R->x)) != CRYPT_OK) { goto done; } | |
54 | if ((err = ltc_mp.copy(P->y, R->y)) != CRYPT_OK) { goto done; } | |
55 | if ((err = ltc_mp.copy(P->z, R->z)) != CRYPT_OK) { goto done; } | |
56 | goto done; /* CRYPT_OK */ | |
53 | err = ltc_ecc_copy_point(P, R); | |
54 | goto done; | |
57 | 55 | } |
58 | 56 | |
59 | 57 | if ((mp_cmp(P->x, Q->x) == LTC_MP_EQ) && (mp_cmp(P->z, Q->z) == LTC_MP_EQ)) { |
65 | 63 | if ((err = mp_sub(modulus, Q->y, t1)) != CRYPT_OK) { goto done; } |
66 | 64 | if (mp_cmp(P->y, t1) == LTC_MP_EQ) { |
67 | 65 | /* here Q = -P >>> Result = the point at infinity */ |
68 | if ((err = ltc_mp.set_int(R->x, 1)) != CRYPT_OK) { goto done; } | |
69 | if ((err = ltc_mp.set_int(R->y, 1)) != CRYPT_OK) { goto done; } | |
70 | if ((err = ltc_mp.set_int(R->z, 0)) != CRYPT_OK) { goto done; } | |
71 | goto done; /* CRYPT_OK */ | |
66 | err = ltc_ecc_set_point_xyz(1, 1, 0, R); | |
67 | goto done; | |
72 | 68 | } |
73 | 69 | } |
74 | 70 |
45 | 45 | int ltc_ecc_projective_dbl_point(const ecc_point *P, ecc_point *R, void *ma, void *modulus, void *mp) |
46 | 46 | { |
47 | 47 | void *t1, *t2; |
48 | int err; | |
48 | int err, inf; | |
49 | 49 | |
50 | 50 | LTC_ARGCHK(P != NULL); |
51 | 51 | LTC_ARGCHK(R != NULL); |
57 | 57 | } |
58 | 58 | |
59 | 59 | if (P != R) { |
60 | if ((err = mp_copy(P->x, R->x)) != CRYPT_OK) { goto done; } | |
61 | if ((err = mp_copy(P->y, R->y)) != CRYPT_OK) { goto done; } | |
62 | if ((err = mp_copy(P->z, R->z)) != CRYPT_OK) { goto done; } | |
60 | if ((err = ltc_ecc_copy_point(P, R)) != CRYPT_OK) { goto done; } | |
63 | 61 | } |
64 | 62 | |
65 | if (ltc_ecc_is_point_at_infinity(P, modulus)) { | |
63 | if ((err = ltc_ecc_is_point_at_infinity(P, modulus, &inf)) != CRYPT_OK) return err; | |
64 | if (inf) { | |
66 | 65 | /* if P is point at infinity >> Result = point at infinity */ |
67 | if ((err = ltc_mp.set_int(R->x, 1)) != CRYPT_OK) { goto done; } | |
68 | if ((err = ltc_mp.set_int(R->y, 1)) != CRYPT_OK) { goto done; } | |
69 | if ((err = ltc_mp.set_int(R->z, 0)) != CRYPT_OK) { goto done; } | |
70 | goto done; /* CRYPT_OK */ | |
66 | err = ltc_ecc_set_point_xyz(1, 1, 0, R); | |
67 | goto done; | |
71 | 68 | } |
72 | 69 | |
73 | 70 | /* t1 = Z * Z */ |
18 | 18 | @return CRYPT_OK if successful |
19 | 19 | */ |
20 | 20 | |
21 | int ltc_ecc_verify_key(ecc_key *key) | |
21 | int ltc_ecc_verify_key(const ecc_key *key) | |
22 | 22 | { |
23 | int err; | |
24 | void *prime = NULL; | |
25 | void *order = NULL; | |
26 | void *a = NULL; | |
23 | int err, inf; | |
27 | 24 | ecc_point *point; |
28 | ||
29 | prime = key->dp.prime; | |
30 | order = key->dp.order; | |
31 | a = key->dp.A; | |
25 | void *prime = key->dp.prime; | |
26 | void *order = key->dp.order; | |
27 | void *a = key->dp.A; | |
32 | 28 | |
33 | 29 | /* Test 1: Are the x and y points of the public key in the field? */ |
34 | 30 | if (ltc_mp.compare_d(key->pubkey.z, 1) == LTC_MP_EQ) { |
51 | 47 | point = ltc_ecc_new_point(); |
52 | 48 | if ((err = ltc_ecc_mulmod(order, &(key->pubkey), point, a, prime, 1)) != CRYPT_OK) { goto done1; } |
53 | 49 | |
54 | if (ltc_ecc_is_point_at_infinity(point, prime)) { | |
50 | err = ltc_ecc_is_point_at_infinity(point, prime, &inf); | |
51 | if (err != CRYPT_OK || inf) { | |
55 | 52 | err = CRYPT_ERROR; |
56 | 53 | } |
57 | 54 | else { |
28 | 28 | @param key The corresponding private RSA key |
29 | 29 | @return CRYPT_OK if succcessul (even if invalid) |
30 | 30 | */ |
31 | int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, | |
32 | unsigned char *out, unsigned long *outlen, | |
33 | const unsigned char *lparam, unsigned long lparamlen, | |
34 | int hash_idx, int padding, | |
35 | int *stat, rsa_key *key) | |
31 | int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, | |
32 | unsigned char *out, unsigned long *outlen, | |
33 | const unsigned char *lparam, unsigned long lparamlen, | |
34 | int hash_idx, int padding, | |
35 | int *stat, const rsa_key *key) | |
36 | 36 | { |
37 | 37 | unsigned long modulus_bitlen, modulus_bytelen, x; |
38 | 38 | int err; |
29 | 29 | @param key The RSA key to encrypt to |
30 | 30 | @return CRYPT_OK if successful |
31 | 31 | */ |
32 | int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, | |
33 | unsigned char *out, unsigned long *outlen, | |
34 | const unsigned char *lparam, unsigned long lparamlen, | |
35 | prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key) | |
32 | int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, | |
33 | unsigned char *out, unsigned long *outlen, | |
34 | const unsigned char *lparam, unsigned long lparamlen, | |
35 | prng_state *prng, int prng_idx, | |
36 | int hash_idx, int padding, | |
37 | const rsa_key *key) | |
36 | 38 | { |
37 | 39 | unsigned long modulus_bitlen, modulus_bytelen, x; |
38 | 40 | int err; |
22 | 22 | @param key The RSA key to export |
23 | 23 | @return CRYPT_OK if successful |
24 | 24 | */ |
25 | int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key) | |
25 | int rsa_export(unsigned char *out, unsigned long *outlen, int type, const rsa_key *key) | |
26 | 26 | { |
27 | 27 | unsigned long zero=0; |
28 | 28 | int err; |
57 | 57 | unsigned char* tmp = NULL; |
58 | 58 | |
59 | 59 | if (type & PK_STD) { |
60 | tmplen = (mp_count_bits(key->N)/8)*2+8; | |
60 | tmplen = (unsigned long)(mp_count_bits(key->N) / 8) * 2 + 8; | |
61 | 61 | tmp = XMALLOC(tmplen); |
62 | 62 | ptmplen = &tmplen; |
63 | 63 | if (tmp == NULL) { |
27 | 27 | */ |
28 | 28 | int rsa_exptmod(const unsigned char *in, unsigned long inlen, |
29 | 29 | unsigned char *out, unsigned long *outlen, int which, |
30 | rsa_key *key) | |
30 | const rsa_key *key) | |
31 | 31 | { |
32 | 32 | void *tmp, *tmpa, *tmpb; |
33 | 33 | #ifdef LTC_RSA_BLINDING |
19 | 19 | @param key The RSA key |
20 | 20 | @return The size in bytes of the RSA key or INT_MAX on error. |
21 | 21 | */ |
22 | int rsa_get_size(rsa_key *key) | |
22 | int rsa_get_size(const rsa_key *key) | |
23 | 23 | { |
24 | 24 | int ret = INT_MAX; |
25 | 25 | LTC_ARGCHK(key != NULL); |
113 | 113 | |
114 | 114 | /* check alg oid */ |
115 | 115 | if ((alg_seq[0].size != rsaoid.OIDlen) || |
116 | XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0]))) { | |
116 | XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0])) != 0) { | |
117 | 117 | err = CRYPT_PK_INVALID_TYPE; |
118 | 118 | goto LBL_ERR; |
119 | 119 | } |
33 | 33 | int padding, |
34 | 34 | prng_state *prng, int prng_idx, |
35 | 35 | int hash_idx, unsigned long saltlen, |
36 | rsa_key *key) | |
36 | const rsa_key *key) | |
37 | 37 | { |
38 | 38 | unsigned long modulus_bitlen, modulus_bytelen, x, y; |
39 | 39 | int err; |
21 | 21 | @param key The RSA key |
22 | 22 | @return The maximum salt length in bytes or INT_MAX on error. |
23 | 23 | */ |
24 | int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, rsa_key *key) | |
24 | int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, const rsa_key *key) | |
25 | 25 | { |
26 | 26 | int ret = INT_MAX; |
27 | 27 | LTC_ARGCHK(key != NULL); |
27 | 27 | @param key The public RSA key corresponding to the key that performed the signature |
28 | 28 | @return CRYPT_OK on success (even if the signature is invalid) |
29 | 29 | */ |
30 | int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, | |
31 | const unsigned char *hash, unsigned long hashlen, | |
30 | int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, | |
31 | const unsigned char *hash, unsigned long hashlen, | |
32 | 32 | int padding, |
33 | int hash_idx, unsigned long saltlen, | |
34 | int *stat, rsa_key *key) | |
33 | int hash_idx, unsigned long saltlen, | |
34 | int *stat, const rsa_key *key) | |
35 | 35 | { |
36 | 36 | unsigned long modulus_bitlen, modulus_bytelen, x; |
37 | 37 | int err; |
149 | 149 | @param prng The PRNG to export |
150 | 150 | @return CRYPT_OK if successful |
151 | 151 | */ |
152 | int chacha20_prng_export(unsigned char *out, unsigned long *outlen, prng_state *prng) | |
153 | { | |
154 | unsigned long len = chacha20_prng_desc.export_size; | |
155 | ||
156 | LTC_ARGCHK(prng != NULL); | |
157 | LTC_ARGCHK(out != NULL); | |
158 | LTC_ARGCHK(outlen != NULL); | |
159 | ||
160 | if (*outlen < len) { | |
161 | *outlen = len; | |
162 | return CRYPT_BUFFER_OVERFLOW; | |
163 | } | |
164 | ||
165 | if (chacha20_prng_read(out, len, prng) != len) { | |
166 | return CRYPT_ERROR_READPRNG; | |
167 | } | |
168 | ||
169 | *outlen = len; | |
170 | return CRYPT_OK; | |
171 | } | |
152 | _LTC_PRNG_EXPORT(chacha20_prng) | |
172 | 153 | |
173 | 154 | /** |
174 | 155 | Import a PRNG state |
7 | 7 | */ |
8 | 8 | #include "tomcrypt.h" |
9 | 9 | |
10 | #if defined(_WIN32) | |
11 | #include <windows.h> | |
12 | #else | |
13 | #include <sys/time.h> | |
14 | #endif | |
15 | ||
10 | 16 | /** |
11 | 17 | @file fortuna.c |
12 | 18 | Fortuna PRNG, Tom St Denis |
36 | 42 | |
37 | 43 | const struct ltc_prng_descriptor fortuna_desc = { |
38 | 44 | "fortuna", |
39 | (32 * LTC_FORTUNA_POOLS), /* default: 1024 */ | |
45 | 64, | |
40 | 46 | &fortuna_start, |
41 | 47 | &fortuna_add_entropy, |
42 | 48 | &fortuna_ready, |
60 | 66 | } |
61 | 67 | } |
62 | 68 | |
69 | #ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED | |
70 | /* get the current time in 100ms steps */ | |
71 | static ulong64 _fortuna_current_time(void) | |
72 | { | |
73 | ulong64 cur_time; | |
74 | #if defined(_WIN32) | |
75 | FILETIME CurrentTime; | |
76 | ULARGE_INTEGER ul; | |
77 | GetSystemTimeAsFileTime(&CurrentTime); | |
78 | ul.LowPart = CurrentTime.dwLowDateTime; | |
79 | ul.HighPart = CurrentTime.dwHighDateTime; | |
80 | cur_time = ul.QuadPart; /* now we have 100ns intervals since 1 January 1601 */ | |
81 | cur_time -= CONST64(116444736000000000); /* subtract 100ns intervals between 1601-1970 */ | |
82 | cur_time /= 10; /* 100ns intervals > microseconds */ | |
83 | #elif defined(LTC_CLOCK_GETTIME) | |
84 | struct timespec ts; | |
85 | clock_gettime(CLOCK_MONOTONIC, &ts); | |
86 | cur_time = (ulong64)(ts.tv_sec) * 1000000 + (ulong64)(ts.tv_nsec) / 1000; /* get microseconds */ | |
87 | #else | |
88 | struct timeval tv; | |
89 | gettimeofday(&tv, NULL); | |
90 | cur_time = (ulong64)(tv.tv_sec) * 1000000 + (ulong64)(tv.tv_usec); /* get microseconds */ | |
91 | #endif | |
92 | return cur_time / 100; | |
93 | } | |
94 | #endif | |
95 | ||
63 | 96 | /* reseed the PRNG */ |
64 | 97 | static int _fortuna_reseed(prng_state *prng) |
65 | 98 | { |
66 | 99 | unsigned char tmp[MAXBLOCKSIZE]; |
67 | 100 | hash_state md; |
101 | ulong64 reset_cnt; | |
68 | 102 | int err, x; |
69 | 103 | |
70 | ++prng->fortuna.reset_cnt; | |
104 | #ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED | |
105 | unsigned long now = _fortuna_current_time(); | |
106 | if (now == prng->fortuna.wd) | |
107 | return CRYPT_OK; | |
108 | #else | |
109 | if (++prng->fortuna.wd < LTC_FORTUNA_WD) | |
110 | return CRYPT_OK; | |
111 | #endif | |
71 | 112 | |
72 | 113 | /* new K == LTC_SHA256(K || s) where s == LTC_SHA256(P0) || LTC_SHA256(P1) ... */ |
73 | 114 | sha256_init(&md); |
76 | 117 | return err; |
77 | 118 | } |
78 | 119 | |
120 | reset_cnt = prng->fortuna.reset_cnt + 1; | |
121 | ||
79 | 122 | for (x = 0; x < LTC_FORTUNA_POOLS; x++) { |
80 | if (x == 0 || ((prng->fortuna.reset_cnt >> (x-1)) & 1) == 0) { | |
123 | if (x == 0 || ((reset_cnt >> (x-1)) & 1) == 0) { | |
81 | 124 | /* terminate this hash */ |
82 | 125 | if ((err = sha256_done(&prng->fortuna.pool[x], tmp)) != CRYPT_OK) { |
83 | 126 | sha256_done(&md, tmp); |
107 | 150 | } |
108 | 151 | _fortuna_update_iv(prng); |
109 | 152 | |
110 | /* reset pool len */ | |
153 | /* reset/update internals */ | |
111 | 154 | prng->fortuna.pool0_len = 0; |
155 | #ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED | |
156 | prng->fortuna.wd = now; | |
157 | #else | |
112 | 158 | prng->fortuna.wd = 0; |
159 | #endif | |
160 | prng->fortuna.reset_cnt = reset_cnt; | |
113 | 161 | |
114 | 162 | |
115 | 163 | #ifdef LTC_CLEAN_STACK |
118 | 166 | #endif |
119 | 167 | |
120 | 168 | return CRYPT_OK; |
169 | } | |
170 | ||
171 | /** | |
172 | "Update Seed File"-compliant update of K | |
173 | ||
174 | @param in The PRNG state | |
175 | @param inlen Size of the state | |
176 | @param prng The PRNG to import | |
177 | @return CRYPT_OK if successful | |
178 | */ | |
179 | int fortuna_update_seed(const unsigned char *in, unsigned long inlen, prng_state *prng) | |
180 | { | |
181 | int err; | |
182 | unsigned char tmp[MAXBLOCKSIZE]; | |
183 | hash_state md; | |
184 | ||
185 | LTC_MUTEX_LOCK(&prng->lock); | |
186 | /* new K = LTC_SHA256(K || in) */ | |
187 | sha256_init(&md); | |
188 | if ((err = sha256_process(&md, prng->fortuna.K, 32)) != CRYPT_OK) { | |
189 | sha256_done(&md, tmp); | |
190 | goto LBL_UNLOCK; | |
191 | } | |
192 | if ((err = sha256_process(&md, in, inlen)) != CRYPT_OK) { | |
193 | sha256_done(&md, tmp); | |
194 | goto LBL_UNLOCK; | |
195 | } | |
196 | /* finish key */ | |
197 | if ((err = sha256_done(&md, prng->fortuna.K)) != CRYPT_OK) { | |
198 | goto LBL_UNLOCK; | |
199 | } | |
200 | _fortuna_update_iv(prng); | |
201 | ||
202 | LBL_UNLOCK: | |
203 | LTC_MUTEX_UNLOCK(&prng->lock); | |
204 | #ifdef LTC_CLEAN_STACK | |
205 | zeromem(&md, sizeof(md)); | |
206 | #endif | |
207 | ||
208 | return err; | |
121 | 209 | } |
122 | 210 | |
123 | 211 | /** |
160 | 248 | return CRYPT_OK; |
161 | 249 | } |
162 | 250 | |
251 | static int _fortuna_add(unsigned long source, unsigned long pool, const unsigned char *in, unsigned long inlen, prng_state *prng) | |
252 | { | |
253 | unsigned char tmp[2]; | |
254 | int err; | |
255 | ||
256 | /* ensure inlen <= 32 */ | |
257 | if (inlen > 32) { | |
258 | inlen = 32; | |
259 | } | |
260 | ||
261 | /* add s || length(in) || in to pool[pool_idx] */ | |
262 | tmp[0] = (unsigned char)source; | |
263 | tmp[1] = (unsigned char)inlen; | |
264 | ||
265 | if ((err = sha256_process(&prng->fortuna.pool[pool], tmp, 2)) != CRYPT_OK) { | |
266 | return err; | |
267 | } | |
268 | if ((err = sha256_process(&prng->fortuna.pool[pool], in, inlen)) != CRYPT_OK) { | |
269 | return err; | |
270 | } | |
271 | if (pool == 0) { | |
272 | prng->fortuna.pool0_len += inlen; | |
273 | } | |
274 | return CRYPT_OK; /* success */ | |
275 | } | |
276 | ||
277 | /** | |
278 | Add random event to the PRNG state as proposed by the original paper. | |
279 | @param source The source this random event comes from (0 .. 255) | |
280 | @param pool The pool where to add the data to (0 .. LTC_FORTUNA_POOLS) | |
281 | @param in The data to add | |
282 | @param inlen Length of the data to add | |
283 | @param prng PRNG state to update | |
284 | @return CRYPT_OK if successful | |
285 | */ | |
286 | int fortuna_add_random_event(unsigned long source, unsigned long pool, const unsigned char *in, unsigned long inlen, prng_state *prng) | |
287 | { | |
288 | int err; | |
289 | ||
290 | LTC_ARGCHK(prng != NULL); | |
291 | LTC_ARGCHK(in != NULL); | |
292 | LTC_ARGCHK(inlen > 0); | |
293 | LTC_ARGCHK(source <= 255); | |
294 | LTC_ARGCHK(pool < LTC_FORTUNA_POOLS); | |
295 | ||
296 | LTC_MUTEX_LOCK(&prng->lock); | |
297 | ||
298 | err = _fortuna_add(source, pool, in, inlen, prng); | |
299 | ||
300 | LTC_MUTEX_UNLOCK(&prng->lock); | |
301 | ||
302 | return err; | |
303 | } | |
304 | ||
163 | 305 | /** |
164 | 306 | Add entropy to the PRNG state |
165 | 307 | @param in The data to add |
169 | 311 | */ |
170 | 312 | int fortuna_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng) |
171 | 313 | { |
172 | unsigned char tmp[2]; | |
173 | int err; | |
314 | int err; | |
174 | 315 | |
175 | 316 | LTC_ARGCHK(prng != NULL); |
176 | 317 | LTC_ARGCHK(in != NULL); |
177 | 318 | LTC_ARGCHK(inlen > 0); |
178 | 319 | |
179 | /* ensure inlen <= 32 */ | |
180 | if (inlen > 32) { | |
181 | inlen = 32; | |
182 | } | |
183 | ||
184 | /* add s || length(in) || in to pool[pool_idx] */ | |
185 | tmp[0] = 0; | |
186 | tmp[1] = (unsigned char)inlen; | |
187 | ||
188 | 320 | LTC_MUTEX_LOCK(&prng->lock); |
189 | if ((err = sha256_process(&prng->fortuna.pool[prng->fortuna.pool_idx], tmp, 2)) != CRYPT_OK) { | |
190 | goto LBL_UNLOCK; | |
191 | } | |
192 | if ((err = sha256_process(&prng->fortuna.pool[prng->fortuna.pool_idx], in, inlen)) != CRYPT_OK) { | |
193 | goto LBL_UNLOCK; | |
194 | } | |
195 | if (prng->fortuna.pool_idx == 0) { | |
196 | prng->fortuna.pool0_len += inlen; | |
197 | } | |
198 | if (++(prng->fortuna.pool_idx) == LTC_FORTUNA_POOLS) { | |
199 | prng->fortuna.pool_idx = 0; | |
200 | } | |
201 | err = CRYPT_OK; /* success */ | |
202 | ||
203 | LBL_UNLOCK: | |
321 | ||
322 | err = _fortuna_add(0, prng->fortuna.pool_idx, in, inlen, prng); | |
323 | ||
324 | if (err == CRYPT_OK) { | |
325 | ++(prng->fortuna.pool_idx); | |
326 | prng->fortuna.pool_idx %= LTC_FORTUNA_POOLS; | |
327 | } | |
328 | ||
204 | 329 | LTC_MUTEX_UNLOCK(&prng->lock); |
330 | ||
205 | 331 | return err; |
206 | 332 | } |
207 | 333 | |
216 | 342 | LTC_ARGCHK(prng != NULL); |
217 | 343 | |
218 | 344 | LTC_MUTEX_LOCK(&prng->lock); |
345 | /* make sure the reseed doesn't fail because | |
346 | * of the chosen rate limit */ | |
347 | #ifdef LTC_FORTUNA_RESEED_RATELIMIT_TIMED | |
348 | prng->fortuna.wd = _fortuna_current_time() - 1; | |
349 | #else | |
350 | prng->fortuna.wd = LTC_FORTUNA_WD; | |
351 | #endif | |
219 | 352 | err = _fortuna_reseed(prng); |
220 | 353 | prng->ready = (err == CRYPT_OK) ? 1 : 0; |
221 | 354 | |
244 | 377 | } |
245 | 378 | |
246 | 379 | /* do we have to reseed? */ |
247 | if (++prng->fortuna.wd == LTC_FORTUNA_WD || prng->fortuna.pool0_len >= 64) { | |
380 | if (prng->fortuna.pool0_len >= 64) { | |
248 | 381 | if (_fortuna_reseed(prng) != CRYPT_OK) { |
249 | 382 | goto LBL_UNLOCK; |
250 | 383 | } |
384 | } | |
385 | ||
386 | /* ensure that one reseed happened before allowing to read */ | |
387 | if (prng->fortuna.reset_cnt == 0) { | |
388 | goto LBL_UNLOCK; | |
251 | 389 | } |
252 | 390 | |
253 | 391 | /* now generate the blocks required */ |
328 | 466 | @param prng The PRNG to export |
329 | 467 | @return CRYPT_OK if successful |
330 | 468 | */ |
331 | int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng) | |
332 | { | |
333 | int x, err; | |
334 | hash_state *md; | |
335 | unsigned long len = fortuna_desc.export_size; | |
336 | ||
337 | LTC_ARGCHK(out != NULL); | |
338 | LTC_ARGCHK(outlen != NULL); | |
339 | LTC_ARGCHK(prng != NULL); | |
340 | ||
341 | LTC_MUTEX_LOCK(&prng->lock); | |
342 | ||
343 | if (!prng->ready) { | |
344 | err = CRYPT_ERROR; | |
345 | goto LBL_UNLOCK; | |
346 | } | |
347 | ||
348 | /* we'll write bytes for s&g's */ | |
349 | if (*outlen < len) { | |
350 | *outlen = len; | |
351 | err = CRYPT_BUFFER_OVERFLOW; | |
352 | goto LBL_UNLOCK; | |
353 | } | |
354 | ||
355 | md = XMALLOC(sizeof(hash_state)); | |
356 | if (md == NULL) { | |
357 | err = CRYPT_MEM; | |
358 | goto LBL_UNLOCK; | |
359 | } | |
360 | ||
361 | /* to emit the state we copy each pool, terminate it then hash it again so | |
362 | * an attacker who sees the state can't determine the current state of the PRNG | |
363 | */ | |
364 | for (x = 0; x < LTC_FORTUNA_POOLS; x++) { | |
365 | /* copy the PRNG */ | |
366 | XMEMCPY(md, &(prng->fortuna.pool[x]), sizeof(*md)); | |
367 | ||
368 | /* terminate it */ | |
369 | if ((err = sha256_done(md, out+x*32)) != CRYPT_OK) { | |
370 | goto LBL_ERR; | |
371 | } | |
372 | ||
373 | /* now hash it */ | |
374 | if ((err = sha256_init(md)) != CRYPT_OK) { | |
375 | goto LBL_ERR; | |
376 | } | |
377 | if ((err = sha256_process(md, out+x*32, 32)) != CRYPT_OK) { | |
378 | goto LBL_ERR; | |
379 | } | |
380 | if ((err = sha256_done(md, out+x*32)) != CRYPT_OK) { | |
381 | goto LBL_ERR; | |
382 | } | |
383 | } | |
384 | *outlen = len; | |
385 | err = CRYPT_OK; | |
386 | ||
387 | LBL_ERR: | |
388 | #ifdef LTC_CLEAN_STACK | |
389 | zeromem(md, sizeof(*md)); | |
390 | #endif | |
391 | XFREE(md); | |
392 | LBL_UNLOCK: | |
393 | LTC_MUTEX_UNLOCK(&prng->lock); | |
394 | return err; | |
395 | } | |
469 | _LTC_PRNG_EXPORT(fortuna) | |
396 | 470 | |
397 | 471 | /** |
398 | 472 | Import a PRNG state |
403 | 477 | */ |
404 | 478 | int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng) |
405 | 479 | { |
406 | int err, x; | |
407 | ||
408 | LTC_ARGCHK(in != NULL); | |
409 | LTC_ARGCHK(prng != NULL); | |
480 | int err; | |
481 | ||
482 | LTC_ARGCHK(in != NULL); | |
483 | LTC_ARGCHK(prng != NULL); | |
410 | 484 | |
411 | 485 | if (inlen < (unsigned long)fortuna_desc.export_size) { |
412 | 486 | return CRYPT_INVALID_ARG; |
415 | 489 | if ((err = fortuna_start(prng)) != CRYPT_OK) { |
416 | 490 | return err; |
417 | 491 | } |
418 | for (x = 0; x < LTC_FORTUNA_POOLS; x++) { | |
419 | if ((err = fortuna_add_entropy(in+x*32, 32, prng)) != CRYPT_OK) { | |
420 | return err; | |
421 | } | |
422 | } | |
423 | return CRYPT_OK; | |
492 | ||
493 | if ((err = fortuna_update_seed(in, inlen, prng)) != CRYPT_OK) { | |
494 | return err; | |
495 | } | |
496 | ||
497 | return err; | |
424 | 498 | } |
425 | 499 | |
426 | 500 | /** |
152 | 152 | @param prng The PRNG to export |
153 | 153 | @return CRYPT_OK if successful |
154 | 154 | */ |
155 | int rc4_export(unsigned char *out, unsigned long *outlen, prng_state *prng) | |
156 | { | |
157 | unsigned long len = rc4_desc.export_size; | |
158 | ||
159 | LTC_ARGCHK(prng != NULL); | |
160 | LTC_ARGCHK(out != NULL); | |
161 | LTC_ARGCHK(outlen != NULL); | |
162 | ||
163 | if (*outlen < len) { | |
164 | *outlen = len; | |
165 | return CRYPT_BUFFER_OVERFLOW; | |
166 | } | |
167 | ||
168 | if (rc4_read(out, len, prng) != len) { | |
169 | return CRYPT_ERROR_READPRNG; | |
170 | } | |
171 | ||
172 | *outlen = len; | |
173 | return CRYPT_OK; | |
174 | } | |
155 | _LTC_PRNG_EXPORT(rc4) | |
175 | 156 | |
176 | 157 | /** |
177 | 158 | Import a PRNG state |
15 | 15 | |
16 | 16 | /** |
17 | 17 | Create a PRNG from a RNG |
18 | @param bits Number of bits of entropy desired (64 ... 1024) | |
18 | ||
19 | In case you pass bits as '-1' the PRNG will be setup | |
20 | as if the export/import functionality has been used, | |
21 | but the imported data comes directly from the RNG. | |
22 | ||
23 | @param bits Number of bits of entropy desired (-1 or 64 ... 1024) | |
19 | 24 | @param wprng Index of which PRNG to setup |
20 | 25 | @param prng [out] PRNG state to initialize |
21 | 26 | @param callback A pointer to a void function for when the RNG is slow, this can be NULL |
24 | 29 | int rng_make_prng(int bits, int wprng, prng_state *prng, |
25 | 30 | void (*callback)(void)) |
26 | 31 | { |
27 | unsigned char buf[256]; | |
32 | unsigned char* buf; | |
33 | unsigned long bytes; | |
28 | 34 | int err; |
29 | 35 | |
30 | 36 | LTC_ARGCHK(prng != NULL); |
34 | 40 | return err; |
35 | 41 | } |
36 | 42 | |
37 | if (bits < 64 || bits > 1024) { | |
43 | if (bits == -1) { | |
44 | bytes = prng_descriptor[wprng].export_size; | |
45 | } else if (bits < 64 || bits > 1024) { | |
38 | 46 | return CRYPT_INVALID_PRNGSIZE; |
47 | } else { | |
48 | bytes = (unsigned long)((bits+7)/8) * 2; | |
39 | 49 | } |
40 | 50 | |
41 | 51 | if ((err = prng_descriptor[wprng].start(prng)) != CRYPT_OK) { |
42 | 52 | return err; |
43 | 53 | } |
44 | 54 | |
45 | bits = ((bits+7)/8) * 2; | |
46 | if (rng_get_bytes(buf, (unsigned long)bits, callback) != (unsigned long)bits) { | |
47 | return CRYPT_ERROR_READPRNG; | |
55 | buf = XMALLOC(bytes); | |
56 | if (buf == NULL) { | |
57 | return CRYPT_MEM; | |
48 | 58 | } |
49 | 59 | |
50 | if ((err = prng_descriptor[wprng].add_entropy(buf, (unsigned long)bits, prng)) != CRYPT_OK) { | |
51 | return err; | |
60 | if (rng_get_bytes(buf, bytes, callback) != bytes) { | |
61 | err = CRYPT_ERROR_READPRNG; | |
62 | goto LBL_ERR; | |
52 | 63 | } |
53 | 64 | |
65 | if (bits == -1) { | |
66 | if ((err = prng_descriptor[wprng].pimport(buf, bytes, prng)) != CRYPT_OK) { | |
67 | goto LBL_ERR; | |
68 | } | |
69 | } else { | |
70 | if ((err = prng_descriptor[wprng].add_entropy(buf, bytes, prng)) != CRYPT_OK) { | |
71 | goto LBL_ERR; | |
72 | } | |
73 | } | |
54 | 74 | if ((err = prng_descriptor[wprng].ready(prng)) != CRYPT_OK) { |
55 | return err; | |
75 | goto LBL_ERR; | |
56 | 76 | } |
57 | 77 | |
78 | LBL_ERR: | |
58 | 79 | #ifdef LTC_CLEAN_STACK |
59 | zeromem(buf, sizeof(buf)); | |
80 | zeromem(buf, bytes); | |
60 | 81 | #endif |
61 | return CRYPT_OK; | |
82 | XFREE(buf); | |
83 | return err; | |
62 | 84 | } |
63 | 85 | #endif /* #ifdef LTC_RNG_MAKE_PRNG */ |
64 | 86 |
151 | 151 | @param prng The PRNG to export |
152 | 152 | @return CRYPT_OK if successful |
153 | 153 | */ |
154 | int sober128_export(unsigned char *out, unsigned long *outlen, prng_state *prng) | |
155 | { | |
156 | unsigned long len = sober128_desc.export_size; | |
157 | ||
158 | LTC_ARGCHK(prng != NULL); | |
159 | LTC_ARGCHK(out != NULL); | |
160 | LTC_ARGCHK(outlen != NULL); | |
161 | ||
162 | if (*outlen < len) { | |
163 | *outlen = len; | |
164 | return CRYPT_BUFFER_OVERFLOW; | |
165 | } | |
166 | ||
167 | if (sober128_read(out, len, prng) != len) { | |
168 | return CRYPT_ERROR_READPRNG; | |
169 | } | |
170 | ||
171 | *outlen = len; | |
172 | return CRYPT_OK; | |
173 | } | |
154 | _LTC_PRNG_EXPORT(sober128) | |
174 | 155 | |
175 | 156 | /** |
176 | 157 | Import a PRNG state |
188 | 169 | if (inlen < (unsigned long)sober128_desc.export_size) return CRYPT_INVALID_ARG; |
189 | 170 | |
190 | 171 | if ((err = sober128_start(prng)) != CRYPT_OK) return err; |
191 | if ((err = sober128_add_entropy(in, sober128_desc.export_size, prng)) != CRYPT_OK) return err; | |
172 | if ((err = sober128_add_entropy(in, inlen, prng)) != CRYPT_OK) return err; | |
192 | 173 | return CRYPT_OK; |
193 | 174 | } |
194 | 175 |
272 | 272 | @param prng The PRNG to export |
273 | 273 | @return CRYPT_OK if successful |
274 | 274 | */ |
275 | int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng) | |
276 | { | |
277 | unsigned long len = yarrow_desc.export_size; | |
278 | ||
279 | LTC_ARGCHK(out != NULL); | |
280 | LTC_ARGCHK(outlen != NULL); | |
281 | LTC_ARGCHK(prng != NULL); | |
282 | ||
283 | if (*outlen < len) { | |
284 | *outlen = len; | |
285 | return CRYPT_BUFFER_OVERFLOW; | |
286 | } | |
287 | ||
288 | if (yarrow_read(out, len, prng) != len) { | |
289 | return CRYPT_ERROR_READPRNG; | |
290 | } | |
291 | ||
292 | *outlen = len; | |
293 | return CRYPT_OK; | |
294 | } | |
275 | _LTC_PRNG_EXPORT(yarrow) | |
295 | 276 | |
296 | 277 | /** |
297 | 278 | Import a PRNG state |
27 | 27 | |
28 | 28 | #define B(x,i) ((unsigned char)(((x) >> (8*i)) & 0xFF)) |
29 | 29 | |
30 | static ulong32 BYTE2WORD(unsigned char *b) | |
30 | static ulong32 BYTE2WORD(const unsigned char *b) | |
31 | 31 | { |
32 | 32 | ulong32 t; |
33 | 33 | LOAD32L(t, b); |
77 | 77 | t = t + c->R[OFF(z,13)]; \ |
78 | 78 | } |
79 | 79 | |
80 | static ulong32 nltap(sober128_state *c) | |
80 | static ulong32 nltap(const sober128_state *c) | |
81 | 81 | { |
82 | 82 | ulong32 t; |
83 | 83 | NLFUNC(c, 0); |
200 | 200 | * @param keylen Length of key in bytes |
201 | 201 | * @return CRYPT_OK on success |
202 | 202 | */ |
203 | int sosemanuk_setup(sosemanuk_state *ss, unsigned char *key, unsigned long keylen) | |
203 | int sosemanuk_setup(sosemanuk_state *ss, const unsigned char *key, unsigned long keylen) | |
204 | 204 | { |
205 | 205 | /* |
206 | 206 | * This key schedule is actually a truncated Serpent key schedule. |
340 | 340 | * @param ivlen Length of iv in bytes |
341 | 341 | * @return CRYPT_OK on success |
342 | 342 | */ |
343 | int sosemanuk_setiv(sosemanuk_state *ss, unsigned char *iv, unsigned long ivlen) | |
343 | int sosemanuk_setiv(sosemanuk_state *ss, const unsigned char *iv, unsigned long ivlen) | |
344 | 344 | { |
345 | 345 | |
346 | 346 | /* |
2 | 2 | |
3 | 3 | use Test::More; |
4 | 4 | |
5 | plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; | |
5 | plan skip_all => "set AUTHOR_MODE to enable this test (developer only!)" unless $ENV{AUTHOR_MODE}; | |
6 | 6 | plan skip_all => "File::Find not installed" unless eval { require File::Find }; |
7 | 7 | plan tests => 1; |
8 | 8 |
2 | 2 | |
3 | 3 | use Test::More; |
4 | 4 | |
5 | plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; | |
5 | plan skip_all => "set AUTHOR_MODE to enable this test (developer only!)" unless $ENV{AUTHOR_MODE}; | |
6 | 6 | plan skip_all => "File::Find not installed" unless eval { require File::Find }; |
7 | 7 | plan skip_all => "Test::Pod not installed" unless eval { require Test::Pod }; |
8 | 8 | plan tests => 107; |
2 | 2 | |
3 | 3 | use Test::More; |
4 | 4 | |
5 | plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; | |
5 | plan skip_all => "set AUTHOR_MODE to enable this test (developer only!)" unless $ENV{AUTHOR_MODE}; | |
6 | 6 | plan skip_all => "File::Find not installed" unless eval { require File::Find }; |
7 | 7 | plan skip_all => "Test::Pod::Spelling or Text::Aspell not installed" unless eval { require Test::Pod::Spelling; require Text::Aspell; }; |
8 | 8 |
2 | 2 | |
3 | 3 | use Test::More; |
4 | 4 | |
5 | plan skip_all => "set TEST_POD to enable this test (developer only!)" unless $ENV{TEST_POD}; | |
5 | plan skip_all => "set AUTHOR_MODE to enable this test (developer only!)" unless $ENV{AUTHOR_MODE}; | |
6 | 6 | plan skip_all => "Pod::Coverage not installed" unless eval { require Pod::Coverage }; |
7 | 7 | plan skip_all => "File::Find not installed" unless eval { require File::Find }; |
8 | 8 | plan tests => 107; |
949 | 949 | abc:123.456:NaN |
950 | 950 | 123.456:abc:NaN |
951 | 951 | +inf:123.45:inf |
952 | -inf:123.45:-inf | |
953 | +inf:-123.45:inf | |
954 | -inf:-123.45:-inf | |
955 | 952 | -2:2:4 |
956 | 953 | -2:3:-8 |
957 | 954 | -2:4:16 |
2650 | 2650 | +inf:1234500012:inf |
2651 | 2651 | -inf:1234500012:inf |
2652 | 2652 | -inf:1234500013:-inf |
2653 | +inf:-12345000123:inf | |
2654 | -inf:-12345000123:-inf | |
2655 | 2653 | # -inf * -inf = inf |
2656 | 2654 | -inf:2:inf |
2657 | 2655 | -inf:0:NaN |
2658 | 2656 | -inf:-1:0 |
2659 | -inf:inf:NaN | |
2660 | 2657 | 2:inf:inf |
2661 | 2658 | 2:-inf:0 |
2662 | 2659 | 0:inf:0 |
2663 | 2660 | 0:-inf:inf |
2664 | 2661 | -1:-inf:NaN |
2665 | 2662 | -1:inf:NaN |
2666 | -2:inf:NaN | |
2667 | 2663 | -2:-inf:0 |
2668 | 2664 | NaN:inf:NaN |
2669 | 2665 | NaN:-inf:NaN |
2670 | 2666 | -inf:NaN:NaN |
2671 | 2667 | inf:NaN:NaN |
2672 | inf:-inf:NaN | |
2673 | 2668 | 1:inf:1 |
2674 | 2669 | 1:-inf:1 |
2675 | 2670 | # 1 ** -x => 1 / (1 ** x) |
6 | 6 | |
7 | 7 | BEGIN { |
8 | 8 | plan skip_all => "requires Math::BigFloat 1.999715+" unless eval { require Math::BigFloat && eval($Math::BigFloat::VERSION) >= 1.999715 }; |
9 | plan tests => 2409 # tests in require'd file | |
9 | plan tests => 2403 # tests in require'd file | |
10 | 10 | + 5; # tests in this file |
11 | 11 | } |
12 | 12 |
6 | 6 | |
7 | 7 | BEGIN { |
8 | 8 | plan skip_all => "requires Math::BigInt 1.999712+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999712 }; |
9 | plan tests => 3722 # tests in require'd file | |
9 | plan tests => 3712 # tests in require'd file | |
10 | 10 | + 6; # tests in this file |
11 | 11 | } |
12 | 12 |