update libtomcrypt to: 25410c75 2019-10-17 22:28:18 +0200
Karel Miko
4 years ago
0 | 0 | OBJS=ltc/ciphers/anubis.o ltc/ciphers/blowfish.o ltc/ciphers/camellia.o ltc/ciphers/cast5.o \ |
1 | 1 | ltc/ciphers/des.o ltc/ciphers/idea.o ltc/ciphers/kasumi.o ltc/ciphers/khazad.o ltc/ciphers/kseed.o \ |
2 | 2 | ltc/ciphers/multi2.o ltc/ciphers/noekeon.o ltc/ciphers/rc2.o ltc/ciphers/rc5.o ltc/ciphers/rc6.o \ |
3 | ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/xtea.o ltc/ciphers/aes/aes.o \ | |
4 | ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \ | |
3 | ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/tea.o ltc/ciphers/xtea.o \ | |
4 | ltc/ciphers/aes/aes.o ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \ | |
5 | 5 | ltc/encauth/ccm/ccm_add_aad.o ltc/encauth/ccm/ccm_add_nonce.o ltc/encauth/ccm/ccm_done.o \ |
6 | 6 | ltc/encauth/ccm/ccm_init.o ltc/encauth/ccm/ccm_memory.o ltc/encauth/ccm/ccm_process.o \ |
7 | 7 | ltc/encauth/ccm/ccm_reset.o ltc/encauth/chachapoly/chacha20poly1305_add_aad.o ltc/encauth/chachapoly/chacha20poly1305_decrypt.o \ |
43 | 43 | ltc/misc/crc32.o ltc/misc/error_to_string.o ltc/misc/mem_neq.o ltc/misc/zeromem.o \ |
44 | 44 | ltc/misc/base16/base16_decode.o ltc/misc/base16/base16_encode.o ltc/misc/base32/base32_decode.o \ |
45 | 45 | ltc/misc/base32/base32_encode.o ltc/misc/base64/base64_decode.o ltc/misc/base64/base64_encode.o \ |
46 | ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \ | |
46 | ltc/misc/bcrypt/bcrypt.o ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \ | |
47 | 47 | ltc/misc/crypt/crypt_cipher_is_valid.o ltc/misc/crypt/crypt_constants.o ltc/misc/crypt/crypt_find_cipher.o \ |
48 | 48 | ltc/misc/crypt/crypt_find_cipher_any.o ltc/misc/crypt/crypt_find_cipher_id.o ltc/misc/crypt/crypt_find_hash.o \ |
49 | 49 | ltc/misc/crypt/crypt_find_hash_any.o ltc/misc/crypt/crypt_find_hash_id.o ltc/misc/crypt/crypt_find_hash_oid.o \ |
124 | 124 | ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o \ |
125 | 125 | ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o \ |
126 | 126 | ltc/pk/rsa/rsa_decrypt_key.o ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o \ |
127 | ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o \ | |
128 | ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o ltc/pk/rsa/rsa_make_key.o \ | |
129 | ltc/pk/rsa/rsa_set.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \ | |
130 | ltc/pk/rsa/rsa_verify_hash.o ltc/pk/x25519/x25519_export.o ltc/pk/x25519/x25519_import.o \ | |
131 | ltc/pk/x25519/x25519_import_pkcs8.o ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o \ | |
132 | ltc/pk/x25519/x25519_set_key.o ltc/pk/x25519/x25519_shared_secret.o ltc/prngs/chacha20.o \ | |
133 | ltc/prngs/fortuna.o ltc/prngs/rc4.o ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o \ | |
134 | ltc/prngs/sober128.o ltc/prngs/sprng.o ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o \ | |
135 | ltc/stream/chacha/chacha_done.o ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o \ | |
136 | ltc/stream/chacha/chacha_keystream.o ltc/stream/chacha/chacha_memory.o ltc/stream/chacha/chacha_setup.o \ | |
137 | ltc/stream/rabbit/rabbit.o ltc/stream/rabbit/rabbit_memory.o ltc/stream/rc4/rc4_stream.o \ | |
138 | ltc/stream/rc4/rc4_stream_memory.o ltc/stream/salsa20/salsa20_crypt.o ltc/stream/salsa20/salsa20_done.o \ | |
139 | ltc/stream/salsa20/salsa20_ivctr64.o ltc/stream/salsa20/salsa20_keystream.o ltc/stream/salsa20/salsa20_memory.o \ | |
140 | ltc/stream/salsa20/salsa20_setup.o ltc/stream/salsa20/xsalsa20_memory.o ltc/stream/salsa20/xsalsa20_setup.o \ | |
141 | ltc/stream/sober128/sober128_stream.o ltc/stream/sober128/sober128_stream_memory.o \ | |
142 | ltc/stream/sosemanuk/sosemanuk.o ltc/stream/sosemanuk/sosemanuk_memory.o ltm/bncore.o \ | |
143 | ltm/bn_error.o ltm/bn_fast_mp_invmod.o ltm/bn_fast_mp_montgomery_reduce.o ltm/bn_fast_s_mp_mul_digs.o \ | |
144 | ltm/bn_fast_s_mp_mul_high_digs.o ltm/bn_fast_s_mp_sqr.o ltm/bn_mp_2expt.o ltm/bn_mp_abs.o \ | |
145 | ltm/bn_mp_add.o ltm/bn_mp_addmod.o ltm/bn_mp_add_d.o ltm/bn_mp_and.o ltm/bn_mp_clamp.o \ | |
146 | ltm/bn_mp_clear.o ltm/bn_mp_clear_multi.o ltm/bn_mp_cmp.o ltm/bn_mp_cmp_d.o ltm/bn_mp_cmp_mag.o \ | |
147 | ltm/bn_mp_cnt_lsb.o ltm/bn_mp_complement.o ltm/bn_mp_copy.o ltm/bn_mp_count_bits.o \ | |
148 | ltm/bn_mp_div.o ltm/bn_mp_div_2.o ltm/bn_mp_div_2d.o ltm/bn_mp_div_3.o ltm/bn_mp_div_d.o \ | |
149 | ltm/bn_mp_dr_is_modulus.o ltm/bn_mp_dr_reduce.o ltm/bn_mp_dr_setup.o ltm/bn_mp_exch.o \ | |
150 | ltm/bn_mp_export.o ltm/bn_mp_exptmod.o ltm/bn_mp_exptmod_fast.o ltm/bn_mp_expt_d.o \ | |
151 | ltm/bn_mp_expt_d_ex.o ltm/bn_mp_exteuclid.o ltm/bn_mp_fread.o ltm/bn_mp_fwrite.o \ | |
152 | ltm/bn_mp_gcd.o ltm/bn_mp_get_bit.o ltm/bn_mp_get_int.o ltm/bn_mp_get_long.o ltm/bn_mp_grow.o \ | |
153 | ltm/bn_mp_import.o ltm/bn_mp_init.o ltm/bn_mp_init_copy.o ltm/bn_mp_init_multi.o \ | |
127 | ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o \ | |
128 | ltc/pk/rsa/rsa_import_x509.o ltc/pk/rsa/rsa_key.o ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o \ | |
129 | ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o ltc/pk/rsa/rsa_verify_hash.o \ | |
130 | ltc/pk/x25519/x25519_export.o ltc/pk/x25519/x25519_import.o ltc/pk/x25519/x25519_import_pkcs8.o \ | |
131 | ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o ltc/pk/x25519/x25519_set_key.o \ | |
132 | ltc/pk/x25519/x25519_shared_secret.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \ | |
133 | ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o ltc/prngs/sober128.o ltc/prngs/sprng.o \ | |
134 | ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o ltc/stream/chacha/chacha_done.o \ | |
135 | ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o ltc/stream/chacha/chacha_keystream.o \ | |
136 | ltc/stream/chacha/chacha_memory.o ltc/stream/chacha/chacha_setup.o ltc/stream/rabbit/rabbit.o \ | |
137 | ltc/stream/rabbit/rabbit_memory.o ltc/stream/rc4/rc4_stream.o ltc/stream/rc4/rc4_stream_memory.o \ | |
138 | ltc/stream/salsa20/salsa20_crypt.o ltc/stream/salsa20/salsa20_done.o ltc/stream/salsa20/salsa20_ivctr64.o \ | |
139 | ltc/stream/salsa20/salsa20_keystream.o ltc/stream/salsa20/salsa20_memory.o ltc/stream/salsa20/salsa20_setup.o \ | |
140 | ltc/stream/salsa20/xsalsa20_memory.o ltc/stream/salsa20/xsalsa20_setup.o ltc/stream/sober128/sober128_stream.o \ | |
141 | ltc/stream/sober128/sober128_stream_memory.o ltc/stream/sosemanuk/sosemanuk.o ltc/stream/sosemanuk/sosemanuk_memory.o \ | |
142 | ltm/bncore.o ltm/bn_error.o ltm/bn_fast_mp_invmod.o ltm/bn_fast_mp_montgomery_reduce.o \ | |
143 | ltm/bn_fast_s_mp_mul_digs.o ltm/bn_fast_s_mp_mul_high_digs.o ltm/bn_fast_s_mp_sqr.o \ | |
144 | ltm/bn_mp_2expt.o ltm/bn_mp_abs.o ltm/bn_mp_add.o ltm/bn_mp_addmod.o ltm/bn_mp_add_d.o \ | |
145 | ltm/bn_mp_and.o ltm/bn_mp_clamp.o ltm/bn_mp_clear.o ltm/bn_mp_clear_multi.o ltm/bn_mp_cmp.o \ | |
146 | ltm/bn_mp_cmp_d.o ltm/bn_mp_cmp_mag.o ltm/bn_mp_cnt_lsb.o ltm/bn_mp_complement.o \ | |
147 | ltm/bn_mp_copy.o ltm/bn_mp_count_bits.o ltm/bn_mp_div.o ltm/bn_mp_div_2.o ltm/bn_mp_div_2d.o \ | |
148 | ltm/bn_mp_div_3.o ltm/bn_mp_div_d.o ltm/bn_mp_dr_is_modulus.o ltm/bn_mp_dr_reduce.o \ | |
149 | ltm/bn_mp_dr_setup.o ltm/bn_mp_exch.o ltm/bn_mp_export.o ltm/bn_mp_exptmod.o ltm/bn_mp_exptmod_fast.o \ | |
150 | ltm/bn_mp_expt_d.o ltm/bn_mp_expt_d_ex.o ltm/bn_mp_exteuclid.o ltm/bn_mp_fread.o \ | |
151 | ltm/bn_mp_fwrite.o ltm/bn_mp_gcd.o ltm/bn_mp_get_bit.o ltm/bn_mp_get_int.o ltm/bn_mp_get_long.o \ | |
152 | ltm/bn_mp_grow.o ltm/bn_mp_import.o ltm/bn_mp_init.o ltm/bn_mp_init_copy.o ltm/bn_mp_init_multi.o \ | |
154 | 153 | ltm/bn_mp_init_set.o ltm/bn_mp_init_set_int.o ltm/bn_mp_init_size.o ltm/bn_mp_invmod.o \ |
155 | 154 | ltm/bn_mp_invmod_slow.o ltm/bn_mp_is_square.o ltm/bn_mp_jacobi.o ltm/bn_mp_karatsuba_mul.o \ |
156 | 155 | ltm/bn_mp_karatsuba_sqr.o ltm/bn_mp_kronecker.o ltm/bn_mp_lcm.o ltm/bn_mp_lshd.o \ |
1 | 1 | ltc/ciphers/des.obj ltc/ciphers/idea.obj ltc/ciphers/kasumi.obj ltc/ciphers/khazad.obj \ |
2 | 2 | ltc/ciphers/kseed.obj ltc/ciphers/multi2.obj ltc/ciphers/noekeon.obj ltc/ciphers/rc2.obj \ |
3 | 3 | ltc/ciphers/rc5.obj ltc/ciphers/rc6.obj ltc/ciphers/serpent.obj ltc/ciphers/skipjack.obj \ |
4 | ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj ltc/ciphers/safer/saferp.obj \ | |
5 | ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj ltc/encauth/ccm/ccm_add_nonce.obj \ | |
6 | ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj ltc/encauth/ccm/ccm_memory.obj \ | |
7 | ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj \ | |
8 | ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj ltc/encauth/chachapoly/chacha20poly1305_done.obj \ | |
9 | ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj ltc/encauth/chachapoly/chacha20poly1305_init.obj \ | |
10 | ltc/encauth/chachapoly/chacha20poly1305_memory.obj ltc/encauth/chachapoly/chacha20poly1305_setiv.obj \ | |
11 | ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj ltc/encauth/eax/eax_addheader.obj \ | |
12 | ltc/encauth/eax/eax_decrypt.obj ltc/encauth/eax/eax_decrypt_verify_memory.obj ltc/encauth/eax/eax_done.obj \ | |
13 | ltc/encauth/eax/eax_encrypt.obj ltc/encauth/eax/eax_encrypt_authenticate_memory.obj \ | |
4 | ltc/ciphers/tea.obj ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj \ | |
5 | ltc/ciphers/safer/saferp.obj ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj \ | |
6 | ltc/encauth/ccm/ccm_add_nonce.obj ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj \ | |
7 | ltc/encauth/ccm/ccm_memory.obj ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj \ | |
8 | ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj \ | |
9 | ltc/encauth/chachapoly/chacha20poly1305_done.obj ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj \ | |
10 | ltc/encauth/chachapoly/chacha20poly1305_init.obj ltc/encauth/chachapoly/chacha20poly1305_memory.obj \ | |
11 | ltc/encauth/chachapoly/chacha20poly1305_setiv.obj ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj \ | |
12 | ltc/encauth/eax/eax_addheader.obj ltc/encauth/eax/eax_decrypt.obj ltc/encauth/eax/eax_decrypt_verify_memory.obj \ | |
13 | ltc/encauth/eax/eax_done.obj ltc/encauth/eax/eax_encrypt.obj ltc/encauth/eax/eax_encrypt_authenticate_memory.obj \ | |
14 | 14 | ltc/encauth/eax/eax_init.obj ltc/encauth/gcm/gcm_add_aad.obj ltc/encauth/gcm/gcm_add_iv.obj \ |
15 | 15 | ltc/encauth/gcm/gcm_done.obj ltc/encauth/gcm/gcm_gf_mult.obj ltc/encauth/gcm/gcm_init.obj \ |
16 | 16 | ltc/encauth/gcm/gcm_memory.obj ltc/encauth/gcm/gcm_mult_h.obj ltc/encauth/gcm/gcm_process.obj \ |
46 | 46 | ltc/misc/crc32.obj ltc/misc/error_to_string.obj ltc/misc/mem_neq.obj ltc/misc/zeromem.obj \ |
47 | 47 | ltc/misc/base16/base16_decode.obj ltc/misc/base16/base16_encode.obj ltc/misc/base32/base32_decode.obj \ |
48 | 48 | ltc/misc/base32/base32_encode.obj ltc/misc/base64/base64_decode.obj ltc/misc/base64/base64_encode.obj \ |
49 | ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj ltc/misc/crypt/crypt_cipher_descriptor.obj \ | |
50 | ltc/misc/crypt/crypt_cipher_is_valid.obj ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj \ | |
51 | ltc/misc/crypt/crypt_find_cipher_any.obj ltc/misc/crypt/crypt_find_cipher_id.obj \ | |
52 | ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj ltc/misc/crypt/crypt_find_hash_id.obj \ | |
53 | ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj ltc/misc/crypt/crypt_fsa.obj \ | |
54 | ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj ltc/misc/crypt/crypt_inits.obj \ | |
55 | ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \ | |
49 | ltc/misc/bcrypt/bcrypt.obj ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj \ | |
50 | ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \ | |
51 | ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj ltc/misc/crypt/crypt_find_cipher_any.obj \ | |
52 | ltc/misc/crypt/crypt_find_cipher_id.obj ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj \ | |
53 | ltc/misc/crypt/crypt_find_hash_id.obj ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj \ | |
54 | ltc/misc/crypt/crypt_fsa.obj ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj \ | |
55 | ltc/misc/crypt/crypt_inits.obj ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \ | |
56 | 56 | ltc/misc/crypt/crypt_prng_is_valid.obj ltc/misc/crypt/crypt_prng_rng_descriptor.obj \ |
57 | 57 | ltc/misc/crypt/crypt_register_all_ciphers.obj ltc/misc/crypt/crypt_register_all_hashes.obj \ |
58 | 58 | ltc/misc/crypt/crypt_register_all_prngs.obj ltc/misc/crypt/crypt_register_cipher.obj \ |
131 | 131 | ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj ltc/pk/pkcs1/pkcs_1_pss_decode.obj \ |
132 | 132 | ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj \ |
133 | 133 | ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj ltc/pk/rsa/rsa_export.obj \ |
134 | ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj \ | |
135 | ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_make_key.obj \ | |
136 | ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \ | |
134 | ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj \ | |
135 | ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_key.obj \ | |
136 | ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \ | |
137 | 137 | ltc/pk/rsa/rsa_verify_hash.obj ltc/pk/x25519/x25519_export.obj ltc/pk/x25519/x25519_import.obj \ |
138 | 138 | ltc/pk/x25519/x25519_import_pkcs8.obj ltc/pk/x25519/x25519_import_x509.obj ltc/pk/x25519/x25519_make_key.obj \ |
139 | 139 | ltc/pk/x25519/x25519_set_key.obj ltc/pk/x25519/x25519_shared_secret.obj ltc/prngs/chacha20.obj \ |
1130 | 1130 | LTC_ARGCHK(pt != NULL); |
1131 | 1131 | LTC_ARGCHK(ct != NULL); |
1132 | 1132 | LTC_ARGCHK(skey != NULL); |
1133 | ||
1134 | if (skey->anubis.R < 12 || skey->anubis.R > 18) { | |
1135 | return CRYPT_INVALID_ROUNDS; | |
1136 | } | |
1137 | ||
1133 | 1138 | anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R); |
1134 | 1139 | return CRYPT_OK; |
1135 | 1140 | } |
1146 | 1151 | LTC_ARGCHK(pt != NULL); |
1147 | 1152 | LTC_ARGCHK(ct != NULL); |
1148 | 1153 | LTC_ARGCHK(skey != NULL); |
1154 | ||
1155 | if (skey->anubis.R < 12 || skey->anubis.R > 18) { | |
1156 | return CRYPT_INVALID_ROUNDS; | |
1157 | } | |
1158 | ||
1149 | 1159 | anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R); |
1150 | 1160 | return CRYPT_OK; |
1151 | 1161 | } |
294 | 294 | 0xB74E6132UL, 0xCE77E25BUL, 0x578FDFE3UL, 0x3AC372E6UL } |
295 | 295 | }; |
296 | 296 | |
297 | #ifndef __GNUC__ | |
298 | #define F(x) ((S1[LTC_BYTE(x,3)] + S2[LTC_BYTE(x,2)]) ^ S3[LTC_BYTE(x,1)]) + S4[LTC_BYTE(x,0)] | |
299 | #else | |
300 | #define F(x) ((skey->blowfish.S[0][LTC_BYTE(x,3)] + skey->blowfish.S[1][LTC_BYTE(x,2)]) ^ skey->blowfish.S[2][LTC_BYTE(x,1)]) + skey->blowfish.S[3][LTC_BYTE(x,0)] | |
301 | #endif | |
302 | ||
303 | static void s_blowfish_encipher(ulong32 *L, ulong32 *R, const symmetric_key *skey) | |
304 | { | |
305 | int rounds; | |
306 | ||
307 | ulong32 l, r; | |
308 | #ifndef __GNUC__ | |
309 | const ulong32 *S1, *S2, *S3, *S4; | |
310 | ||
311 | S1 = skey->blowfish.S[0]; | |
312 | S2 = skey->blowfish.S[1]; | |
313 | S3 = skey->blowfish.S[2]; | |
314 | S4 = skey->blowfish.S[3]; | |
315 | #endif | |
316 | ||
317 | l = *L; | |
318 | r = *R; | |
319 | ||
320 | /* do 16 rounds */ | |
321 | for (rounds = 0; rounds < 16; ) { | |
322 | l ^= skey->blowfish.K[rounds++]; r ^= F(l); | |
323 | r ^= skey->blowfish.K[rounds++]; l ^= F(r); | |
324 | l ^= skey->blowfish.K[rounds++]; r ^= F(l); | |
325 | r ^= skey->blowfish.K[rounds++]; l ^= F(r); | |
326 | } | |
327 | ||
328 | /* last keying */ | |
329 | l ^= skey->blowfish.K[16]; | |
330 | r ^= skey->blowfish.K[17]; | |
331 | ||
332 | *L = r; | |
333 | *R = l; | |
334 | } | |
335 | ||
336 | void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey) | |
337 | { | |
338 | unsigned long i; | |
339 | ulong32 *d = data; | |
340 | ||
341 | for (i = 0; i < blocks; ++i) { | |
342 | s_blowfish_encipher(d, d + 1, skey); | |
343 | d += 2; | |
344 | } | |
345 | } | |
346 | ||
347 | static ulong32 s_blowfish_stream2word(const unsigned char *d, int dlen, int *cur) | |
348 | { | |
349 | unsigned int z; | |
350 | int y = *cur; | |
351 | ulong32 ret = 0; | |
352 | ||
353 | for (z = 0; z < 4; z++) { | |
354 | ret = (ret << 8) | ((ulong32)d[y++] & 255); | |
355 | if (y == dlen) { | |
356 | y = 0; | |
357 | } | |
358 | } | |
359 | ||
360 | *cur = y; | |
361 | return ret; | |
362 | } | |
363 | ||
297 | 364 | /** |
298 | Initialize the Blowfish block cipher | |
365 | Expand the Blowfish internal state | |
299 | 366 | @param key The symmetric key you wish to pass |
300 | 367 | @param keylen The key length in bytes |
368 | @param data The additional data you wish to pass (can be NULL) | |
369 | @param datalen The additional data length in bytes | |
301 | 370 | @param num_rounds The number of rounds desired (0 for default) |
302 | 371 | @param skey The key in as scheduled by this function. |
303 | 372 | @return CRYPT_OK if successful |
304 | 373 | */ |
305 | int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, | |
306 | symmetric_key *skey) | |
307 | { | |
308 | ulong32 x, y, z, A; | |
309 | unsigned char B[8]; | |
374 | int blowfish_expand(const unsigned char *key, int keylen, | |
375 | const unsigned char *data, int datalen, | |
376 | symmetric_key *skey) | |
377 | { | |
378 | ulong32 x, y, A, B[2]; | |
379 | int i; | |
310 | 380 | |
311 | 381 | LTC_ARGCHK(key != NULL); |
312 | 382 | LTC_ARGCHK(skey != NULL); |
313 | 383 | |
384 | /* load in key bytes (Supplied by David Hopwood) */ | |
385 | i = 0; | |
386 | for (x = 0; x < 18; x++) { | |
387 | A = s_blowfish_stream2word(key, keylen, &i); | |
388 | skey->blowfish.K[x] ^= A; | |
389 | } | |
390 | ||
391 | ||
392 | i = 0; | |
393 | B[0] = 0; | |
394 | B[1] = 0; | |
395 | for (x = 0; x < 18; x += 2) { | |
396 | if (data != NULL) { | |
397 | B[0] ^= s_blowfish_stream2word(data, datalen, &i); | |
398 | B[1] ^= s_blowfish_stream2word(data, datalen, &i); | |
399 | } | |
400 | /* encrypt it */ | |
401 | s_blowfish_encipher(&B[0], &B[1], skey); | |
402 | /* copy it */ | |
403 | skey->blowfish.K[x] = B[0]; | |
404 | skey->blowfish.K[x+1] = B[1]; | |
405 | } | |
406 | ||
407 | /* encrypt S array */ | |
408 | for (x = 0; x < 4; x++) { | |
409 | for (y = 0; y < 256; y += 2) { | |
410 | if (data != NULL) { | |
411 | B[0] ^= s_blowfish_stream2word(data, datalen, &i); | |
412 | B[1] ^= s_blowfish_stream2word(data, datalen, &i); | |
413 | } | |
414 | /* encrypt it */ | |
415 | s_blowfish_encipher(&B[0], &B[1], skey); | |
416 | /* copy it */ | |
417 | skey->blowfish.S[x][y] = B[0]; | |
418 | skey->blowfish.S[x][y+1] = B[1]; | |
419 | } | |
420 | } | |
421 | ||
422 | #ifdef LTC_CLEAN_STACK | |
423 | zeromem(B, sizeof(B)); | |
424 | #endif | |
425 | ||
426 | return CRYPT_OK; | |
427 | } | |
428 | ||
429 | /** | |
430 | Initialize the Blowfish block cipher | |
431 | @param key The symmetric key you wish to pass | |
432 | @param keylen The key length in bytes | |
433 | @param num_rounds The number of rounds desired (0 for default) | |
434 | @param skey The key in as scheduled by this function. | |
435 | @return CRYPT_OK if successful | |
436 | */ | |
437 | int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, | |
438 | symmetric_key *skey) | |
439 | { | |
314 | 440 | /* check key length */ |
315 | 441 | if (keylen < 8 || keylen > 56) { |
316 | 442 | return CRYPT_INVALID_KEYSIZE; |
317 | 443 | } |
318 | ||
319 | 444 | /* check rounds */ |
320 | 445 | if (num_rounds != 0 && num_rounds != 16) { |
321 | 446 | return CRYPT_INVALID_ROUNDS; |
322 | 447 | } |
323 | 448 | |
324 | /* load in key bytes (Supplied by David Hopwood) */ | |
325 | for (x = y = 0; x < 18; x++) { | |
326 | A = 0; | |
327 | for (z = 0; z < 4; z++) { | |
328 | A = (A << 8) | ((ulong32)key[y++] & 255); | |
329 | if (y == (ulong32)keylen) { | |
330 | y = 0; | |
331 | } | |
332 | } | |
333 | skey->blowfish.K[x] = ORIG_P[x] ^ A; | |
334 | } | |
335 | ||
336 | /* copy sboxes */ | |
337 | for (x = 0; x < 4; x++) { | |
338 | for (y = 0; y < 256; y++) { | |
339 | skey->blowfish.S[x][y] = ORIG_S[x][y]; | |
340 | } | |
341 | } | |
342 | ||
343 | /* encrypt K array */ | |
344 | for (x = 0; x < 8; x++) { | |
345 | B[x] = 0; | |
346 | } | |
347 | ||
348 | for (x = 0; x < 18; x += 2) { | |
349 | /* encrypt it */ | |
350 | blowfish_ecb_encrypt(B, B, skey); | |
351 | /* copy it */ | |
352 | LOAD32H(skey->blowfish.K[x], &B[0]); | |
353 | LOAD32H(skey->blowfish.K[x+1], &B[4]); | |
354 | } | |
355 | ||
356 | /* encrypt S array */ | |
357 | for (x = 0; x < 4; x++) { | |
358 | for (y = 0; y < 256; y += 2) { | |
359 | /* encrypt it */ | |
360 | blowfish_ecb_encrypt(B, B, skey); | |
361 | /* copy it */ | |
362 | LOAD32H(skey->blowfish.S[x][y], &B[0]); | |
363 | LOAD32H(skey->blowfish.S[x][y+1], &B[4]); | |
364 | } | |
365 | } | |
366 | ||
367 | #ifdef LTC_CLEAN_STACK | |
368 | zeromem(B, sizeof(B)); | |
369 | #endif | |
370 | ||
371 | return CRYPT_OK; | |
372 | } | |
373 | ||
374 | #ifndef __GNUC__ | |
375 | #define F(x) ((S1[LTC_BYTE(x,3)] + S2[LTC_BYTE(x,2)]) ^ S3[LTC_BYTE(x,1)]) + S4[LTC_BYTE(x,0)] | |
376 | #else | |
377 | #define F(x) ((skey->blowfish.S[0][LTC_BYTE(x,3)] + skey->blowfish.S[1][LTC_BYTE(x,2)]) ^ skey->blowfish.S[2][LTC_BYTE(x,1)]) + skey->blowfish.S[3][LTC_BYTE(x,0)] | |
378 | #endif | |
449 | return blowfish_setup_with_data(key, keylen, NULL, 0, skey); | |
450 | } | |
451 | ||
452 | /** | |
453 | Alternative initialize of the Blowfish block cipher | |
454 | @param key The symmetric key you wish to pass | |
455 | @param keylen The key length in bytes | |
456 | @param data The additional data you wish to pass (can be NULL) | |
457 | @param datalen The additional data length in bytes | |
458 | @param num_rounds The number of rounds desired (0 for default) | |
459 | @param skey The key in as scheduled by this function. | |
460 | @return CRYPT_OK if successful | |
461 | */ | |
462 | ||
463 | int blowfish_setup_with_data(const unsigned char *key, int keylen, | |
464 | const unsigned char *data, int datalen, | |
465 | symmetric_key *skey) | |
466 | { | |
467 | XMEMCPY(skey->blowfish.K, ORIG_P, sizeof(ORIG_P)); | |
468 | XMEMCPY(skey->blowfish.S, ORIG_S, sizeof(ORIG_S)); | |
469 | return blowfish_expand(key, keylen, data, datalen, skey); | |
470 | } | |
379 | 471 | |
380 | 472 | /** |
381 | 473 | Encrypts a block of text with Blowfish |
391 | 483 | #endif |
392 | 484 | { |
393 | 485 | ulong32 L, R; |
394 | int r; | |
395 | #ifndef __GNUC__ | |
396 | const ulong32 *S1, *S2, *S3, *S4; | |
397 | #endif | |
398 | ||
399 | LTC_ARGCHK(pt != NULL); | |
400 | LTC_ARGCHK(ct != NULL); | |
401 | LTC_ARGCHK(skey != NULL); | |
402 | ||
403 | #ifndef __GNUC__ | |
404 | S1 = skey->blowfish.S[0]; | |
405 | S2 = skey->blowfish.S[1]; | |
406 | S3 = skey->blowfish.S[2]; | |
407 | S4 = skey->blowfish.S[3]; | |
408 | #endif | |
486 | ||
487 | LTC_ARGCHK(pt != NULL); | |
488 | LTC_ARGCHK(ct != NULL); | |
489 | LTC_ARGCHK(skey != NULL); | |
409 | 490 | |
410 | 491 | /* load it */ |
411 | 492 | LOAD32H(L, &pt[0]); |
412 | 493 | LOAD32H(R, &pt[4]); |
413 | 494 | |
414 | /* do 16 rounds */ | |
415 | for (r = 0; r < 16; ) { | |
416 | L ^= skey->blowfish.K[r++]; R ^= F(L); | |
417 | R ^= skey->blowfish.K[r++]; L ^= F(R); | |
418 | L ^= skey->blowfish.K[r++]; R ^= F(L); | |
419 | R ^= skey->blowfish.K[r++]; L ^= F(R); | |
420 | } | |
421 | ||
422 | /* last keying */ | |
423 | R ^= skey->blowfish.K[17]; | |
424 | L ^= skey->blowfish.K[16]; | |
495 | s_blowfish_encipher(&L, &R, skey); | |
425 | 496 | |
426 | 497 | /* store */ |
427 | STORE32H(R, &ct[0]); | |
428 | STORE32H(L, &ct[4]); | |
498 | STORE32H(L, &ct[0]); | |
499 | STORE32H(R, &ct[4]); | |
429 | 500 | |
430 | 501 | return CRYPT_OK; |
431 | 502 | } |
556 | 627 | for (y = 0; y < 1000; y++) blowfish_ecb_decrypt(tmp[0], tmp[0], &key); |
557 | 628 | for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; |
558 | 629 | } |
630 | ||
631 | ||
559 | 632 | return CRYPT_OK; |
560 | 633 | #endif |
561 | 634 | } |
1682 | 1682 | #ifndef LTC_TEST |
1683 | 1683 | return CRYPT_NOP; |
1684 | 1684 | #else |
1685 | int err; | |
1686 | 1685 | static const struct des_test_case { |
1687 | int num, mode; /* mode 1 = encrypt */ | |
1688 | 1686 | unsigned char key[8], txt[8], out[8]; |
1689 | 1687 | } cases[] = { |
1690 | { 1, 1, { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
1691 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1692 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 } }, | |
1693 | { 2, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1694 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 }, | |
1695 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1696 | { 3, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1697 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 }, | |
1698 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1699 | { 4, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1700 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA }, | |
1701 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1702 | { 5, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1703 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F }, | |
1704 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1705 | { 6, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1706 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 }, | |
1707 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1708 | { 7, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1709 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF }, | |
1710 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1711 | { 8, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1712 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F }, | |
1713 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1714 | { 9, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1715 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 }, | |
1716 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1717 | {10, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1718 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A }, | |
1719 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1720 | ||
1721 | { 1, 0, { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
1722 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 }, | |
1723 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1724 | { 2, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1725 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1726 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 } }, | |
1727 | { 3, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1728 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1729 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 } }, | |
1730 | { 4, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1731 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1732 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA } }, | |
1733 | { 5, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1734 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1735 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F } }, | |
1736 | { 6, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1737 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1738 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 } }, | |
1739 | { 7, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1740 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1741 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF } }, | |
1742 | { 8, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1743 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1744 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F } }, | |
1745 | { 9, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1746 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1747 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 } }, | |
1748 | {10, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1749 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1750 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A } }, | |
1751 | ||
1752 | #ifdef LTC_TEST_EXT | |
1753 | { 0+11, 0, { 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1754 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1755 | { 0x95, 0xA8, 0xD7, 0x28, 0x13, 0xDA, 0xA9, 0x4D } }, | |
1756 | { 1+11, 0, { 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1757 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1758 | { 0x0E, 0xEC, 0x14, 0x87, 0xDD, 0x8C, 0x26, 0xD5 } }, | |
1759 | { 2+11, 0, { 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1760 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1761 | { 0x7A, 0xD1, 0x6F, 0xFB, 0x79, 0xC4, 0x59, 0x26 } }, | |
1762 | { 3+11, 0, { 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1763 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1764 | { 0xD3, 0x74, 0x62, 0x94, 0xCA, 0x6A, 0x6C, 0xF3 } }, | |
1765 | { 4+11, 0, { 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1766 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1767 | { 0x80, 0x9F, 0x5F, 0x87, 0x3C, 0x1F, 0xD7, 0x61 } }, | |
1768 | { 5+11, 0, { 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1769 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1770 | { 0xC0, 0x2F, 0xAF, 0xFE, 0xC9, 0x89, 0xD1, 0xFC } }, | |
1771 | { 6+11, 0, { 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1772 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1773 | { 0x46, 0x15, 0xAA, 0x1D, 0x33, 0xE7, 0x2F, 0x10 } }, | |
1774 | { 7+11, 0, { 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1775 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1776 | { 0x20, 0x55, 0x12, 0x33, 0x50, 0xC0, 0x08, 0x58 } }, | |
1777 | { 8+11, 0, { 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1778 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1779 | { 0xDF, 0x3B, 0x99, 0xD6, 0x57, 0x73, 0x97, 0xC8 } }, | |
1780 | { 9+11, 0, { 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1781 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1782 | { 0x31, 0xFE, 0x17, 0x36, 0x9B, 0x52, 0x88, 0xC9 } }, | |
1783 | {10+11, 0, { 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1784 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1785 | { 0xDF, 0xDD, 0x3C, 0xC6, 0x4D, 0xAE, 0x16, 0x42 } }, | |
1786 | {11+11, 0, { 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1787 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1788 | { 0x17, 0x8C, 0x83, 0xCE, 0x2B, 0x39, 0x9D, 0x94 } }, | |
1789 | {12+11, 0, { 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1790 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1791 | { 0x50, 0xF6, 0x36, 0x32, 0x4A, 0x9B, 0x7F, 0x80 } }, | |
1792 | {13+11, 0, { 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1793 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1794 | { 0xA8, 0x46, 0x8E, 0xE3, 0xBC, 0x18, 0xF0, 0x6D } }, | |
1795 | {14+11, 0, { 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1796 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1797 | { 0xA2, 0xDC, 0x9E, 0x92, 0xFD, 0x3C, 0xDE, 0x92 } }, | |
1798 | {15+11, 0, { 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1799 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1800 | { 0xCA, 0xC0, 0x9F, 0x79, 0x7D, 0x03, 0x12, 0x87 } }, | |
1801 | {16+11, 0, { 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1802 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1803 | { 0x90, 0xBA, 0x68, 0x0B, 0x22, 0xAE, 0xB5, 0x25 } }, | |
1804 | {17+11, 0, { 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1805 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1806 | { 0xCE, 0x7A, 0x24, 0xF3, 0x50, 0xE2, 0x80, 0xB6 } }, | |
1807 | {18+11, 0, { 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1808 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1809 | { 0x88, 0x2B, 0xFF, 0x0A, 0xA0, 0x1A, 0x0B, 0x87 } }, | |
1810 | {19+11, 0, { 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1811 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1812 | { 0x25, 0x61, 0x02, 0x88, 0x92, 0x45, 0x11, 0xC2 } }, | |
1813 | {20+11, 0, { 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1814 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1815 | { 0xC7, 0x15, 0x16, 0xC2, 0x9C, 0x75, 0xD1, 0x70 } }, | |
1816 | {21+11, 0, { 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01 }, | |
1817 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1818 | { 0x51, 0x99, 0xC2, 0x9A, 0x52, 0xC9, 0xF0, 0x59 } }, | |
1819 | {22+11, 0, { 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01 }, | |
1820 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1821 | { 0xC2, 0x2F, 0x0A, 0x29, 0x4A, 0x71, 0xF2, 0x9F } }, | |
1822 | {23+11, 0, { 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01 }, | |
1823 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1824 | { 0xEE, 0x37, 0x14, 0x83, 0x71, 0x4C, 0x02, 0xEA } }, | |
1825 | {24+11, 0, { 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01 }, | |
1826 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1827 | { 0xA8, 0x1F, 0xBD, 0x44, 0x8F, 0x9E, 0x52, 0x2F } }, | |
1828 | {25+11, 0, { 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01 }, | |
1829 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1830 | { 0x4F, 0x64, 0x4C, 0x92, 0xE1, 0x92, 0xDF, 0xED } }, | |
1831 | {26+11, 0, { 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01 }, | |
1832 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1833 | { 0x1A, 0xFA, 0x9A, 0x66, 0xA6, 0xDF, 0x92, 0xAE } }, | |
1834 | {27+11, 0, { 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01 }, | |
1835 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1836 | { 0xB3, 0xC1, 0xCC, 0x71, 0x5C, 0xB8, 0x79, 0xD8 } }, | |
1837 | {28+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01 }, | |
1838 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1839 | { 0x19, 0xD0, 0x32, 0xE6, 0x4A, 0xB0, 0xBD, 0x8B } }, | |
1840 | {29+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01 }, | |
1841 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1842 | { 0x3C, 0xFA, 0xA7, 0xA7, 0xDC, 0x87, 0x20, 0xDC } }, | |
1843 | {30+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01 }, | |
1844 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1845 | { 0xB7, 0x26, 0x5F, 0x7F, 0x44, 0x7A, 0xC6, 0xF3 } }, | |
1846 | {31+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01 }, | |
1847 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1848 | { 0x9D, 0xB7, 0x3B, 0x3C, 0x0D, 0x16, 0x3F, 0x54 } }, | |
1849 | {32+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01 }, | |
1850 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1851 | { 0x81, 0x81, 0xB6, 0x5B, 0xAB, 0xF4, 0xA9, 0x75 } }, | |
1852 | {33+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01 }, | |
1853 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1854 | { 0x93, 0xC9, 0xB6, 0x40, 0x42, 0xEA, 0xA2, 0x40 } }, | |
1855 | {34+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01 }, | |
1856 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1857 | { 0x55, 0x70, 0x53, 0x08, 0x29, 0x70, 0x55, 0x92 } }, | |
1858 | {35+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01 }, | |
1859 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1860 | { 0x86, 0x38, 0x80, 0x9E, 0x87, 0x87, 0x87, 0xA0 } }, | |
1861 | {36+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01 }, | |
1862 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1863 | { 0x41, 0xB9, 0xA7, 0x9A, 0xF7, 0x9A, 0xC2, 0x08 } }, | |
1864 | {37+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01 }, | |
1865 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1866 | { 0x7A, 0x9B, 0xE4, 0x2F, 0x20, 0x09, 0xA8, 0x92 } }, | |
1867 | {38+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01 }, | |
1868 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1869 | { 0x29, 0x03, 0x8D, 0x56, 0xBA, 0x6D, 0x27, 0x45 } }, | |
1870 | {39+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01 }, | |
1871 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1872 | { 0x54, 0x95, 0xC6, 0xAB, 0xF1, 0xE5, 0xDF, 0x51 } }, | |
1873 | {40+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01 }, | |
1874 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1875 | { 0xAE, 0x13, 0xDB, 0xD5, 0x61, 0x48, 0x89, 0x33 } }, | |
1876 | {41+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01 }, | |
1877 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1878 | { 0x02, 0x4D, 0x1F, 0xFA, 0x89, 0x04, 0xE3, 0x89 } }, | |
1879 | {42+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01 }, | |
1880 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1881 | { 0xD1, 0x39, 0x97, 0x12, 0xF9, 0x9B, 0xF0, 0x2E } }, | |
1882 | {43+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01 }, | |
1883 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1884 | { 0x14, 0xC1, 0xD7, 0xC1, 0xCF, 0xFE, 0xC7, 0x9E } }, | |
1885 | {44+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01 }, | |
1886 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1887 | { 0x1D, 0xE5, 0x27, 0x9D, 0xAE, 0x3B, 0xED, 0x6F } }, | |
1888 | {45+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01 }, | |
1889 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1890 | { 0xE9, 0x41, 0xA3, 0x3F, 0x85, 0x50, 0x13, 0x03 } }, | |
1891 | {46+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01 }, | |
1892 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1893 | { 0xDA, 0x99, 0xDB, 0xBC, 0x9A, 0x03, 0xF3, 0x79 } }, | |
1894 | {47+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01 }, | |
1895 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1896 | { 0xB7, 0xFC, 0x92, 0xF9, 0x1D, 0x8E, 0x92, 0xE9 } }, | |
1897 | {48+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01 }, | |
1898 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1899 | { 0xAE, 0x8E, 0x5C, 0xAA, 0x3C, 0xA0, 0x4E, 0x85 } }, | |
1900 | {49+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80 }, | |
1901 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1902 | { 0x9C, 0xC6, 0x2D, 0xF4, 0x3B, 0x6E, 0xED, 0x74 } }, | |
1903 | {50+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40 }, | |
1904 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1905 | { 0xD8, 0x63, 0xDB, 0xB5, 0xC5, 0x9A, 0x91, 0xA0 } }, | |
1906 | {51+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20 }, | |
1907 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1908 | { 0xA1, 0xAB, 0x21, 0x90, 0x54, 0x5B, 0x91, 0xD7 } }, | |
1909 | {52+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10 }, | |
1910 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1911 | { 0x08, 0x75, 0x04, 0x1E, 0x64, 0xC5, 0x70, 0xF7 } }, | |
1912 | {53+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08 }, | |
1913 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1914 | { 0x5A, 0x59, 0x45, 0x28, 0xBE, 0xBE, 0xF1, 0xCC } }, | |
1915 | {54+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04 }, | |
1916 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1917 | { 0xFC, 0xDB, 0x32, 0x91, 0xDE, 0x21, 0xF0, 0xC0 } }, | |
1918 | {55+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02 }, | |
1919 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1920 | { 0x86, 0x9E, 0xFD, 0x7F, 0x9F, 0x26, 0x5A, 0x09 } }, | |
1921 | #endif /* LTC_TEST_EXT */ | |
1688 | { { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
1689 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1690 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 } }, | |
1691 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1692 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 }, | |
1693 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1694 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1695 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 }, | |
1696 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1697 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1698 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA }, | |
1699 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1700 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1701 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F }, | |
1702 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1703 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1704 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 }, | |
1705 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1706 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1707 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF }, | |
1708 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1709 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1710 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F }, | |
1711 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1712 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1713 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 }, | |
1714 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1715 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1716 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A }, | |
1717 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1718 | ||
1719 | { { 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1720 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1721 | { 0x95, 0xA8, 0xD7, 0x28, 0x13, 0xDA, 0xA9, 0x4D } }, | |
1722 | { { 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1723 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1724 | { 0x0E, 0xEC, 0x14, 0x87, 0xDD, 0x8C, 0x26, 0xD5 } }, | |
1725 | { { 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1726 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1727 | { 0x7A, 0xD1, 0x6F, 0xFB, 0x79, 0xC4, 0x59, 0x26 } }, | |
1728 | { { 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1729 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1730 | { 0xD3, 0x74, 0x62, 0x94, 0xCA, 0x6A, 0x6C, 0xF3 } }, | |
1731 | { { 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1732 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1733 | { 0x80, 0x9F, 0x5F, 0x87, 0x3C, 0x1F, 0xD7, 0x61 } }, | |
1734 | { { 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1735 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1736 | { 0xC0, 0x2F, 0xAF, 0xFE, 0xC9, 0x89, 0xD1, 0xFC } }, | |
1737 | { { 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1738 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1739 | { 0x46, 0x15, 0xAA, 0x1D, 0x33, 0xE7, 0x2F, 0x10 } }, | |
1740 | { { 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1741 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1742 | { 0x20, 0x55, 0x12, 0x33, 0x50, 0xC0, 0x08, 0x58 } }, | |
1743 | { { 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1744 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1745 | { 0xDF, 0x3B, 0x99, 0xD6, 0x57, 0x73, 0x97, 0xC8 } }, | |
1746 | { { 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1747 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1748 | { 0x31, 0xFE, 0x17, 0x36, 0x9B, 0x52, 0x88, 0xC9 } }, | |
1749 | { { 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1750 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1751 | { 0xDF, 0xDD, 0x3C, 0xC6, 0x4D, 0xAE, 0x16, 0x42 } }, | |
1752 | { { 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1753 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1754 | { 0x17, 0x8C, 0x83, 0xCE, 0x2B, 0x39, 0x9D, 0x94 } }, | |
1755 | { { 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1756 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1757 | { 0x50, 0xF6, 0x36, 0x32, 0x4A, 0x9B, 0x7F, 0x80 } }, | |
1758 | { { 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1759 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1760 | { 0xA8, 0x46, 0x8E, 0xE3, 0xBC, 0x18, 0xF0, 0x6D } }, | |
1761 | { { 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1762 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1763 | { 0xA2, 0xDC, 0x9E, 0x92, 0xFD, 0x3C, 0xDE, 0x92 } }, | |
1764 | { { 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1765 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1766 | { 0xCA, 0xC0, 0x9F, 0x79, 0x7D, 0x03, 0x12, 0x87 } }, | |
1767 | { { 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1768 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1769 | { 0x90, 0xBA, 0x68, 0x0B, 0x22, 0xAE, 0xB5, 0x25 } }, | |
1770 | { { 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1771 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1772 | { 0xCE, 0x7A, 0x24, 0xF3, 0x50, 0xE2, 0x80, 0xB6 } }, | |
1773 | { { 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1774 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1775 | { 0x88, 0x2B, 0xFF, 0x0A, 0xA0, 0x1A, 0x0B, 0x87 } }, | |
1776 | { { 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1777 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1778 | { 0x25, 0x61, 0x02, 0x88, 0x92, 0x45, 0x11, 0xC2 } }, | |
1779 | { { 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1780 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1781 | { 0xC7, 0x15, 0x16, 0xC2, 0x9C, 0x75, 0xD1, 0x70 } }, | |
1782 | { { 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01 }, | |
1783 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1784 | { 0x51, 0x99, 0xC2, 0x9A, 0x52, 0xC9, 0xF0, 0x59 } }, | |
1785 | { { 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01 }, | |
1786 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1787 | { 0xC2, 0x2F, 0x0A, 0x29, 0x4A, 0x71, 0xF2, 0x9F } }, | |
1788 | { { 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01 }, | |
1789 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1790 | { 0xEE, 0x37, 0x14, 0x83, 0x71, 0x4C, 0x02, 0xEA } }, | |
1791 | { { 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01 }, | |
1792 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1793 | { 0xA8, 0x1F, 0xBD, 0x44, 0x8F, 0x9E, 0x52, 0x2F } }, | |
1794 | { { 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01 }, | |
1795 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1796 | { 0x4F, 0x64, 0x4C, 0x92, 0xE1, 0x92, 0xDF, 0xED } }, | |
1797 | { { 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01 }, | |
1798 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1799 | { 0x1A, 0xFA, 0x9A, 0x66, 0xA6, 0xDF, 0x92, 0xAE } }, | |
1800 | { { 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01 }, | |
1801 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1802 | { 0xB3, 0xC1, 0xCC, 0x71, 0x5C, 0xB8, 0x79, 0xD8 } }, | |
1803 | { { 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01 }, | |
1804 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1805 | { 0x19, 0xD0, 0x32, 0xE6, 0x4A, 0xB0, 0xBD, 0x8B } }, | |
1806 | { { 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01 }, | |
1807 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1808 | { 0x3C, 0xFA, 0xA7, 0xA7, 0xDC, 0x87, 0x20, 0xDC } }, | |
1809 | { { 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01 }, | |
1810 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1811 | { 0xB7, 0x26, 0x5F, 0x7F, 0x44, 0x7A, 0xC6, 0xF3 } }, | |
1812 | { { 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01 }, | |
1813 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1814 | { 0x9D, 0xB7, 0x3B, 0x3C, 0x0D, 0x16, 0x3F, 0x54 } }, | |
1815 | { { 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01 }, | |
1816 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1817 | { 0x81, 0x81, 0xB6, 0x5B, 0xAB, 0xF4, 0xA9, 0x75 } }, | |
1818 | { { 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01 }, | |
1819 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1820 | { 0x93, 0xC9, 0xB6, 0x40, 0x42, 0xEA, 0xA2, 0x40 } }, | |
1821 | { { 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01 }, | |
1822 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1823 | { 0x55, 0x70, 0x53, 0x08, 0x29, 0x70, 0x55, 0x92 } }, | |
1824 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01 }, | |
1825 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1826 | { 0x86, 0x38, 0x80, 0x9E, 0x87, 0x87, 0x87, 0xA0 } }, | |
1827 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01 }, | |
1828 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1829 | { 0x41, 0xB9, 0xA7, 0x9A, 0xF7, 0x9A, 0xC2, 0x08 } }, | |
1830 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01 }, | |
1831 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1832 | { 0x7A, 0x9B, 0xE4, 0x2F, 0x20, 0x09, 0xA8, 0x92 } }, | |
1833 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01 }, | |
1834 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1835 | { 0x29, 0x03, 0x8D, 0x56, 0xBA, 0x6D, 0x27, 0x45 } }, | |
1836 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01 }, | |
1837 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1838 | { 0x54, 0x95, 0xC6, 0xAB, 0xF1, 0xE5, 0xDF, 0x51 } }, | |
1839 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01 }, | |
1840 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1841 | { 0xAE, 0x13, 0xDB, 0xD5, 0x61, 0x48, 0x89, 0x33 } }, | |
1842 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01 }, | |
1843 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1844 | { 0x02, 0x4D, 0x1F, 0xFA, 0x89, 0x04, 0xE3, 0x89 } }, | |
1845 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01 }, | |
1846 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1847 | { 0xD1, 0x39, 0x97, 0x12, 0xF9, 0x9B, 0xF0, 0x2E } }, | |
1848 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01 }, | |
1849 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1850 | { 0x14, 0xC1, 0xD7, 0xC1, 0xCF, 0xFE, 0xC7, 0x9E } }, | |
1851 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01 }, | |
1852 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1853 | { 0x1D, 0xE5, 0x27, 0x9D, 0xAE, 0x3B, 0xED, 0x6F } }, | |
1854 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01 }, | |
1855 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1856 | { 0xE9, 0x41, 0xA3, 0x3F, 0x85, 0x50, 0x13, 0x03 } }, | |
1857 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01 }, | |
1858 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1859 | { 0xDA, 0x99, 0xDB, 0xBC, 0x9A, 0x03, 0xF3, 0x79 } }, | |
1860 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01 }, | |
1861 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1862 | { 0xB7, 0xFC, 0x92, 0xF9, 0x1D, 0x8E, 0x92, 0xE9 } }, | |
1863 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01 }, | |
1864 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1865 | { 0xAE, 0x8E, 0x5C, 0xAA, 0x3C, 0xA0, 0x4E, 0x85 } }, | |
1866 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80 }, | |
1867 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1868 | { 0x9C, 0xC6, 0x2D, 0xF4, 0x3B, 0x6E, 0xED, 0x74 } }, | |
1869 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40 }, | |
1870 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1871 | { 0xD8, 0x63, 0xDB, 0xB5, 0xC5, 0x9A, 0x91, 0xA0 } }, | |
1872 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20 }, | |
1873 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1874 | { 0xA1, 0xAB, 0x21, 0x90, 0x54, 0x5B, 0x91, 0xD7 } }, | |
1875 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10 }, | |
1876 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1877 | { 0x08, 0x75, 0x04, 0x1E, 0x64, 0xC5, 0x70, 0xF7 } }, | |
1878 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08 }, | |
1879 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1880 | { 0x5A, 0x59, 0x45, 0x28, 0xBE, 0xBE, 0xF1, 0xCC } }, | |
1881 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04 }, | |
1882 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1883 | { 0xFC, 0xDB, 0x32, 0x91, 0xDE, 0x21, 0xF0, 0xC0 } }, | |
1884 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02 }, | |
1885 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1886 | { 0x86, 0x9E, 0xFD, 0x7F, 0x9F, 0x26, 0x5A, 0x09 } }, | |
1922 | 1887 | |
1923 | 1888 | /*** more test cases you could add if you are not convinced (the above test cases aren't really too good): |
1924 | 1889 | |
1961 | 1926 | http://www.ecs.soton.ac.uk/~prw99r/ez438/vectors.txt |
1962 | 1927 | ***/ |
1963 | 1928 | }; |
1964 | int i, y; | |
1965 | unsigned char tmp[8]; | |
1966 | symmetric_key des; | |
1967 | ||
1968 | for(i=0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
1929 | unsigned char key[8], pt[8], ct[8], tmp[8]; | |
1930 | symmetric_key skey; | |
1931 | int i, err; | |
1932 | ||
1933 | for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
1969 | 1934 | { |
1970 | if ((err = des_setup(cases[i].key, 8, 0, &des)) != CRYPT_OK) { | |
1971 | return err; | |
1935 | if ((err = des_setup(cases[i].key, 8, 0, &skey)) != CRYPT_OK) { | |
1936 | return err; | |
1972 | 1937 | } |
1973 | if (cases[i].mode != 0) { | |
1974 | des_ecb_encrypt(cases[i].txt, tmp, &des); | |
1975 | } else { | |
1976 | des_ecb_decrypt(cases[i].txt, tmp, &des); | |
1938 | ||
1939 | des_ecb_encrypt(cases[i].txt, ct, &skey); | |
1940 | ||
1941 | if (compare_testvector(ct, sizeof(ct), cases[i].out, 8, "DES Encrypt", i) != 0) { | |
1942 | return CRYPT_FAIL_TESTVECTOR; | |
1977 | 1943 | } |
1978 | 1944 | |
1979 | if (compare_testvector(cases[i].out, sizeof(tmp), tmp, sizeof(tmp), "DES", i) != 0) { | |
1980 | return CRYPT_FAIL_TESTVECTOR; | |
1945 | des_ecb_decrypt(ct, pt, &skey); | |
1946 | ||
1947 | if (compare_testvector(pt, sizeof(pt), cases[i].txt, 8, "DES Decrypt", i) != 0) { | |
1948 | return CRYPT_FAIL_TESTVECTOR; | |
1981 | 1949 | } |
1982 | ||
1983 | /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ | |
1984 | for (y = 0; y < 8; y++) tmp[y] = 0; | |
1985 | for (y = 0; y < 1000; y++) des_ecb_encrypt(tmp, tmp, &des); | |
1986 | for (y = 0; y < 1000; y++) des_ecb_decrypt(tmp, tmp, &des); | |
1987 | for (y = 0; y < 8; y++) if (tmp[y] != 0) return CRYPT_FAIL_TESTVECTOR; | |
1950 | } | |
1951 | ||
1952 | /* See if we can encrypt all zero bytes 1000 times, decrypt and come back to where we started */ | |
1953 | ||
1954 | for (i = 0; i < 8; i++) key[i] = i; | |
1955 | ||
1956 | if ((err = des_setup(key, 8, 0, &skey)) != CRYPT_OK) { | |
1957 | return err; | |
1958 | } | |
1959 | ||
1960 | for (i = 0; i < 8; i++) pt[i] = tmp[i] = 0; | |
1961 | for (i = 0; i < 1000; i++) des_ecb_encrypt(tmp, tmp, &skey); | |
1962 | for (i = 0; i < 1000; i++) des_ecb_decrypt(tmp, tmp, &skey); | |
1963 | ||
1964 | if (compare_testvector(tmp, 8, pt, 8, "DES", 0) != 0) { | |
1965 | return CRYPT_FAIL_TESTVECTOR; | |
1988 | 1966 | } |
1989 | 1967 | |
1990 | 1968 | return CRYPT_OK; |
1996 | 1974 | #ifndef LTC_TEST |
1997 | 1975 | return CRYPT_NOP; |
1998 | 1976 | #else |
1999 | unsigned char key[24], pt[8], ct[8], tmp[8]; | |
2000 | symmetric_key skey; | |
2001 | int x, err; | |
2002 | ||
2003 | if ((err = des_test()) != CRYPT_OK) { | |
2004 | return err; | |
2005 | } | |
2006 | ||
2007 | for (x = 0; x < 8; x++) { | |
2008 | pt[x] = x; | |
2009 | } | |
2010 | ||
2011 | for (x = 0; x < 24; x++) { | |
2012 | key[x] = x; | |
2013 | } | |
2014 | ||
2015 | if ((err = des3_setup(key, 24, 0, &skey)) != CRYPT_OK) { | |
2016 | return err; | |
2017 | } | |
2018 | ||
2019 | des3_ecb_encrypt(pt, ct, &skey); | |
2020 | des3_ecb_decrypt(ct, tmp, &skey); | |
2021 | ||
2022 | if (compare_testvector(pt, 8, tmp, 8, "3DES", 0) != 0) { | |
2023 | return CRYPT_FAIL_TESTVECTOR; | |
2024 | } | |
2025 | ||
2026 | return CRYPT_OK; | |
1977 | static const struct des3_test_case { | |
1978 | unsigned char key[16], txt[8], out[8]; | |
1979 | } cases[] = { | |
1980 | /* | |
1981 | https://www.cosic.esat.kuleuven.be/nessie/testvectors/bc/des/Triple-Des-2-Key-128-64.unverified.test-vectors | |
1982 | */ | |
1983 | { { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1984 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1985 | { 0xFA, 0xFD, 0x50, 0x84, 0x37, 0x4F, 0xCE, 0x34 } }, | |
1986 | { { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1987 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1988 | { 0x60, 0xCC, 0x37, 0xB7, 0xB5, 0x37, 0xA1, 0xDC } }, | |
1989 | { { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1990 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1991 | { 0xBE, 0x3E, 0x73, 0x04, 0xFE, 0x92, 0xC2, 0xBC } }, | |
1992 | { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00 }, | |
1993 | { 0xE5, 0xA9, 0xE3, 0x80, 0x03, 0xA5, 0xA0, 0xFD }, | |
1994 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1995 | { { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }, | |
1996 | { 0xE4, 0xFC, 0x19, 0xD6, 0x94, 0x63, 0xB7, 0x83 }, | |
1997 | { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 } }, | |
1998 | }; | |
1999 | unsigned char key[24], pt[8], ct[8], tmp[8]; | |
2000 | symmetric_key skey; | |
2001 | int i, err; | |
2002 | ||
2003 | if ((err = des_test()) != CRYPT_OK) { | |
2004 | return err; | |
2005 | } | |
2006 | ||
2007 | for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
2008 | { | |
2009 | if ((err = des3_setup(cases[i].key, 16, 0, &skey)) != CRYPT_OK) { | |
2010 | return err; | |
2011 | } | |
2012 | ||
2013 | des3_ecb_encrypt(cases[i].txt, ct, &skey); | |
2014 | ||
2015 | if (compare_testvector(ct, sizeof(ct), cases[i].out, 8, "3DES Encrypt", i) != 0) { | |
2016 | return CRYPT_FAIL_TESTVECTOR; | |
2017 | } | |
2018 | ||
2019 | des3_ecb_decrypt(ct, pt, &skey); | |
2020 | ||
2021 | if (compare_testvector(pt, sizeof(pt), cases[i].txt, 8, "3DES Decrypt", i) != 0) { | |
2022 | return CRYPT_FAIL_TESTVECTOR; | |
2023 | } | |
2024 | } | |
2025 | ||
2026 | /* See if we can encrypt all zero bytes 1000 times, decrypt and come back to where we started */ | |
2027 | ||
2028 | for (i = 0; i < 24; i++) key[i] = i; | |
2029 | ||
2030 | if ((err = des3_setup(key, 24, 0, &skey)) != CRYPT_OK) { | |
2031 | return err; | |
2032 | } | |
2033 | ||
2034 | for (i = 0; i < 8; i++) pt[i] = tmp[i] = 0; | |
2035 | for (i = 0; i < 1000; i++) des3_ecb_encrypt(tmp, tmp, &skey); | |
2036 | for (i = 0; i < 1000; i++) des3_ecb_decrypt(tmp, tmp, &skey); | |
2037 | ||
2038 | if (compare_testvector(tmp, 8, pt, 8, "3DES", 0) != 0) { | |
2039 | return CRYPT_FAIL_TESTVECTOR; | |
2040 | } | |
2041 | ||
2042 | return CRYPT_OK; | |
2027 | 2043 | #endif |
2028 | 2044 | } |
2029 | 2045 |
135 | 135 | LTC_ARGCHK(pt != NULL); |
136 | 136 | LTC_ARGCHK(ct != NULL); |
137 | 137 | |
138 | if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) { | |
139 | return CRYPT_INVALID_ROUNDS; | |
140 | } | |
141 | ||
138 | 142 | LOAD32L(A, &pt[0]); |
139 | 143 | LOAD32L(B, &pt[4]); |
140 | 144 | A += skey->rc5.K[0]; |
190 | 194 | LTC_ARGCHK(skey != NULL); |
191 | 195 | LTC_ARGCHK(pt != NULL); |
192 | 196 | LTC_ARGCHK(ct != NULL); |
197 | ||
198 | if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) { | |
199 | return CRYPT_INVALID_ROUNDS; | |
200 | } | |
193 | 201 | |
194 | 202 | LOAD32L(A, &ct[0]); |
195 | 203 | LOAD32L(B, &ct[4]); |
346 | 346 | LTC_ARGCHK(ct != NULL); |
347 | 347 | LTC_ARGCHK(skey != NULL); |
348 | 348 | |
349 | if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) { | |
350 | return CRYPT_INVALID_ROUNDS; | |
351 | } | |
352 | ||
349 | 353 | /* do eight rounds */ |
350 | 354 | for (x = 0; x < 16; x++) { |
351 | 355 | b[x] = pt[x]; |
409 | 413 | LTC_ARGCHK(pt != NULL); |
410 | 414 | LTC_ARGCHK(ct != NULL); |
411 | 415 | LTC_ARGCHK(skey != NULL); |
416 | ||
417 | if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) { | |
418 | return CRYPT_INVALID_ROUNDS; | |
419 | } | |
412 | 420 | |
413 | 421 | /* do eight rounds */ |
414 | 422 | b[0] = ct[0] ^ skey->saferp.K[skey->saferp.rounds*2][0]; |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | ||
9 | /** | |
10 | @file tea.c | |
11 | Implementation of TEA, Steffen Jaeckel | |
12 | */ | |
13 | #include "tomcrypt_private.h" | |
14 | ||
15 | #ifdef LTC_TEA | |
16 | ||
17 | const struct ltc_cipher_descriptor tea_desc = | |
18 | { | |
19 | "tea", | |
20 | 26, | |
21 | 16, 16, 8, 32, | |
22 | &tea_setup, | |
23 | &tea_ecb_encrypt, | |
24 | &tea_ecb_decrypt, | |
25 | &tea_test, | |
26 | &tea_done, | |
27 | &tea_keysize, | |
28 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL | |
29 | }; | |
30 | ||
31 | #define DELTA 0x9E3779B9uL | |
32 | #define SUM 0xC6EF3720uL | |
33 | ||
34 | int tea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) | |
35 | { | |
36 | LTC_ARGCHK(key != NULL); | |
37 | LTC_ARGCHK(skey != NULL); | |
38 | ||
39 | /* check arguments */ | |
40 | if (keylen != 16) { | |
41 | return CRYPT_INVALID_KEYSIZE; | |
42 | } | |
43 | ||
44 | if (num_rounds != 0 && num_rounds != 32) { | |
45 | return CRYPT_INVALID_ROUNDS; | |
46 | } | |
47 | ||
48 | /* load key */ | |
49 | LOAD32H(skey->tea.k[0], key+0); | |
50 | LOAD32H(skey->tea.k[1], key+4); | |
51 | LOAD32H(skey->tea.k[2], key+8); | |
52 | LOAD32H(skey->tea.k[3], key+12); | |
53 | ||
54 | return CRYPT_OK; | |
55 | } | |
56 | ||
57 | /** | |
58 | Encrypts a block of text with TEA | |
59 | @param pt The input plaintext (8 bytes) | |
60 | @param ct The output ciphertext (8 bytes) | |
61 | @param skey The key as scheduled | |
62 | @return CRYPT_OK if successful | |
63 | */ | |
64 | int tea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
65 | { | |
66 | ulong32 y, z, sum = 0; | |
67 | const ulong32 delta = DELTA; | |
68 | int r; | |
69 | ||
70 | LTC_ARGCHK(pt != NULL); | |
71 | LTC_ARGCHK(ct != NULL); | |
72 | LTC_ARGCHK(skey != NULL); | |
73 | ||
74 | LOAD32H(y, &pt[0]); | |
75 | LOAD32H(z, &pt[4]); | |
76 | for (r = 0; r < 32; r += 4) { | |
77 | sum += delta; | |
78 | y += ((z<<4) + skey->tea.k[0]) ^ (z + sum) ^ ((z>>5) + skey->tea.k[1]); | |
79 | z += ((y<<4) + skey->tea.k[2]) ^ (y + sum) ^ ((y>>5) + skey->tea.k[3]); | |
80 | } | |
81 | STORE32H(y, &ct[0]); | |
82 | STORE32H(z, &ct[4]); | |
83 | return CRYPT_OK; | |
84 | } | |
85 | ||
86 | /** | |
87 | Decrypts a block of text with TEA | |
88 | @param ct The input ciphertext (8 bytes) | |
89 | @param pt The output plaintext (8 bytes) | |
90 | @param skey The key as scheduled | |
91 | @return CRYPT_OK if successful | |
92 | */ | |
93 | int tea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
94 | { | |
95 | ulong32 v0, v1, sum = SUM; | |
96 | const ulong32 delta = DELTA; | |
97 | int r; | |
98 | ||
99 | LTC_ARGCHK(pt != NULL); | |
100 | LTC_ARGCHK(ct != NULL); | |
101 | LTC_ARGCHK(skey != NULL); | |
102 | ||
103 | LOAD32H(v0, &ct[0]); | |
104 | LOAD32H(v1, &ct[4]); | |
105 | ||
106 | for (r = 0; r < 32; r++) { | |
107 | v1 -= ((v0 << 4) + skey->tea.k[2]) ^ (v0 + sum) ^ ((v0 >> 5) + skey->tea.k[3]); | |
108 | v0 -= ((v1 << 4) + skey->tea.k[0]) ^ (v1 + sum) ^ ((v1 >> 5) + skey->tea.k[1]); | |
109 | sum -= delta; | |
110 | } | |
111 | ||
112 | STORE32H(v0, &pt[0]); | |
113 | STORE32H(v1, &pt[4]); | |
114 | return CRYPT_OK; | |
115 | } | |
116 | ||
117 | /** | |
118 | Performs a self-test of the TEA block cipher | |
119 | @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled | |
120 | */ | |
121 | int tea_test(void) | |
122 | { | |
123 | #ifndef LTC_TEST | |
124 | return CRYPT_NOP; | |
125 | #else | |
126 | static const struct { | |
127 | const char *key, *pt, *ct; | |
128 | } tests[] = { | |
129 | { | |
130 | "00000000000000000000000000000000", | |
131 | "0000000000000000", | |
132 | "41ea3a0a94baa940" | |
133 | }, { | |
134 | "32a1e65408b63bb9214105744ec5d2e2", | |
135 | "5ada1d89a9c3801a", | |
136 | "dd46249e28aa0b4b" | |
137 | }, { | |
138 | "60388adadf70a1f5d9cb4e097d2c6c57", | |
139 | "7a6adb4d69c53e0f", | |
140 | "44b71215cf25368a" | |
141 | }, { | |
142 | "4368d2249bd0321eb7c56d5b63a1bfac", | |
143 | "5a5d7ca2e186c41a", | |
144 | "91f56dff7281794f" | |
145 | }, { | |
146 | "5c60bff27072d01c4513c5eb8f3a38ab", | |
147 | "80d9c4adcf899635", | |
148 | "2bb0f1b3c023ed11" | |
149 | } | |
150 | }; | |
151 | unsigned char ptct[2][8]; | |
152 | unsigned char tmp[2][8]; | |
153 | unsigned char key[16]; | |
154 | unsigned long l; | |
155 | symmetric_key skey; | |
156 | size_t i; | |
157 | int err, y; | |
158 | for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { | |
159 | zeromem(&skey, sizeof(skey)); | |
160 | ||
161 | l = sizeof(key); | |
162 | if ((err = base16_decode(tests[i].key, XSTRLEN(tests[i].key), key, &l)) != CRYPT) return err; | |
163 | l = sizeof(ptct[0]); | |
164 | if ((err = base16_decode(tests[i].pt, XSTRLEN(tests[i].pt), ptct[0], &l)) != CRYPT) return err; | |
165 | l = sizeof(ptct[1]); | |
166 | if ((err = base16_decode(tests[i].ct, XSTRLEN(tests[i].ct), ptct[1], &l)) != CRYPT) return err; | |
167 | ||
168 | if ((err = tea_setup(key, 16, 0, &skey)) != CRYPT_OK) { | |
169 | return err; | |
170 | } | |
171 | tea_ecb_encrypt(ptct[0], tmp[0], &skey); | |
172 | tea_ecb_decrypt(tmp[0], tmp[1], &skey); | |
173 | ||
174 | if (compare_testvector(tmp[0], 8, ptct[0], 8, "TEA Encrypt", i) != 0 || | |
175 | compare_testvector(tmp[1], 8, ptct[1], 8, "TEA Decrypt", i) != 0) { | |
176 | return CRYPT_FAIL_TESTVECTOR; | |
177 | } | |
178 | ||
179 | /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ | |
180 | for (y = 0; y < 8; y++) tmp[0][y] = 0; | |
181 | for (y = 0; y < 1000; y++) tea_ecb_encrypt(tmp[0], tmp[0], &skey); | |
182 | for (y = 0; y < 1000; y++) tea_ecb_decrypt(tmp[0], tmp[0], &skey); | |
183 | for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; | |
184 | } /* for */ | |
185 | ||
186 | return CRYPT_OK; | |
187 | #endif | |
188 | } | |
189 | ||
190 | /** Terminate the context | |
191 | @param skey The scheduled key | |
192 | */ | |
193 | void tea_done(symmetric_key *skey) | |
194 | { | |
195 | LTC_UNUSED_PARAM(skey); | |
196 | } | |
197 | ||
198 | /** | |
199 | Gets suitable key size | |
200 | @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. | |
201 | @return CRYPT_OK if the input key size is acceptable. | |
202 | */ | |
203 | int tea_keysize(int *keysize) | |
204 | { | |
205 | LTC_ARGCHK(keysize != NULL); | |
206 | if (*keysize < 16) { | |
207 | return CRYPT_INVALID_KEYSIZE; | |
208 | } | |
209 | *keysize = 16; | |
210 | return CRYPT_OK; | |
211 | } | |
212 | ||
213 | #endif | |
214 | ||
215 | ||
216 | /* ref: $Format:%D$ */ | |
217 | /* git commit: $Format:%H$ */ | |
218 | /* commit time: $Format:%ai$ */ |
8 | 8 | |
9 | 9 | /** |
10 | 10 | @file xtea.c |
11 | Implementation of LTC_XTEA, Tom St Denis | |
11 | Implementation of eXtended TEA, Tom St Denis | |
12 | 12 | */ |
13 | 13 | #include "tomcrypt_private.h" |
14 | 14 |
12 | 12 | */ |
13 | 13 | #include "tomcrypt_private.h" |
14 | 14 | |
15 | #if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || ((defined(LTC_GCM_MODE) || defined(LTC_GCM_MODE)) && defined(LTC_FAST)) | |
15 | #if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || (defined(LTC_GCM_MODE) && defined(LTC_FAST)) | |
16 | 16 | |
17 | 17 | /* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format. Since only the |
18 | 18 | * lower 16 bits are not zero'ed I removed the upper 14 bytes */ |
479 | 479 | |
480 | 480 | for (i = 0; tests[i].msg != NULL; i++) { |
481 | 481 | blake2b_512_init(&md); |
482 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
482 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
483 | 483 | blake2b_done(&md, tmp); |
484 | 484 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_512", i)) { |
485 | 485 | return CRYPT_FAIL_TESTVECTOR; |
526 | 526 | |
527 | 527 | for (i = 0; tests[i].msg != NULL; i++) { |
528 | 528 | blake2b_384_init(&md); |
529 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
529 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
530 | 530 | blake2b_done(&md, tmp); |
531 | 531 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_384", i)) { |
532 | 532 | return CRYPT_FAIL_TESTVECTOR; |
579 | 579 | |
580 | 580 | for (i = 0; tests[i].msg != NULL; i++) { |
581 | 581 | blake2b_256_init(&md); |
582 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
582 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
583 | 583 | blake2b_done(&md, tmp); |
584 | 584 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_256", i)) { |
585 | 585 | return CRYPT_FAIL_TESTVECTOR; |
620 | 620 | |
621 | 621 | for (i = 0; tests[i].msg != NULL; i++) { |
622 | 622 | blake2b_160_init(&md); |
623 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
623 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
624 | 624 | blake2b_done(&md, tmp); |
625 | 625 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_160", i)) { |
626 | 626 | return CRYPT_FAIL_TESTVECTOR; |
469 | 469 | |
470 | 470 | for (i = 0; tests[i].msg != NULL; i++) { |
471 | 471 | blake2s_256_init(&md); |
472 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
472 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
473 | 473 | blake2s_done(&md, tmp); |
474 | 474 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_256", i)) { |
475 | 475 | return CRYPT_FAIL_TESTVECTOR; |
513 | 513 | |
514 | 514 | for (i = 0; tests[i].msg != NULL; i++) { |
515 | 515 | blake2s_224_init(&md); |
516 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
516 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
517 | 517 | blake2s_done(&md, tmp); |
518 | 518 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_224", i)) { |
519 | 519 | return CRYPT_FAIL_TESTVECTOR; |
555 | 555 | |
556 | 556 | for (i = 0; tests[i].msg != NULL; i++) { |
557 | 557 | blake2s_160_init(&md); |
558 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
558 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
559 | 559 | blake2s_done(&md, tmp); |
560 | 560 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_160", i)) { |
561 | 561 | return CRYPT_FAIL_TESTVECTOR; |
595 | 595 | |
596 | 596 | for (i = 0; tests[i].msg != NULL; i++) { |
597 | 597 | blake2s_128_init(&md); |
598 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
598 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
599 | 599 | blake2s_done(&md, tmp); |
600 | 600 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_128", i)) { |
601 | 601 | return CRYPT_FAIL_TESTVECTOR; |
286 | 286 | if ((err = chc_init(&md)) != CRYPT_OK) { |
287 | 287 | return err; |
288 | 288 | } |
289 | if ((err = chc_process(&md, tests[i].msg, strlen((char *)tests[i].msg))) != CRYPT_OK) { | |
289 | if ((err = chc_process(&md, tests[i].msg, XSTRLEN((char *)tests[i].msg))) != CRYPT_OK) { | |
290 | 290 | return err; |
291 | 291 | } |
292 | 292 | if ((err = chc_done(&md, tmp)) != CRYPT_OK) { |
231 | 231 | |
232 | 232 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
233 | 233 | md2_init(&md); |
234 | md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
234 | md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
235 | 235 | md2_done(&md, tmp); |
236 | 236 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD2", i)) { |
237 | 237 | return CRYPT_FAIL_TESTVECTOR; |
285 | 285 | |
286 | 286 | for(i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
287 | 287 | md4_init(&md); |
288 | md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)strlen(tests[i].input)); | |
288 | md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)XSTRLEN(tests[i].input)); | |
289 | 289 | md4_done(&md, tmp); |
290 | 290 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD4", i)) { |
291 | 291 | return CRYPT_FAIL_TESTVECTOR; |
346 | 346 | |
347 | 347 | for (i = 0; tests[i].msg != NULL; i++) { |
348 | 348 | md5_init(&md); |
349 | md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
349 | md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
350 | 350 | md5_done(&md, tmp); |
351 | 351 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD5", i)) { |
352 | 352 | return CRYPT_FAIL_TESTVECTOR; |
387 | 387 | |
388 | 388 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
389 | 389 | rmd128_init(&md); |
390 | rmd128_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
390 | rmd128_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
391 | 391 | rmd128_done(&md, tmp); |
392 | 392 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD128", i)) { |
393 | 393 | return CRYPT_FAIL_TESTVECTOR; |
446 | 446 | |
447 | 447 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
448 | 448 | rmd160_init(&md); |
449 | rmd160_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
449 | rmd160_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
450 | 450 | rmd160_done(&md, tmp); |
451 | 451 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD160", i)) { |
452 | 452 | return CRYPT_FAIL_TESTVECTOR; |
412 | 412 | |
413 | 413 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
414 | 414 | rmd256_init(&md); |
415 | rmd256_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
415 | rmd256_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
416 | 416 | rmd256_done(&md, tmp); |
417 | 417 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD256", i)) { |
418 | 418 | return CRYPT_FAIL_TESTVECTOR; |
477 | 477 | |
478 | 478 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
479 | 479 | rmd320_init(&md); |
480 | rmd320_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
480 | rmd320_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
481 | 481 | rmd320_done(&md, tmp); |
482 | 482 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD320", i)) { |
483 | 483 | return CRYPT_FAIL_TESTVECTOR; |
266 | 266 | |
267 | 267 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
268 | 268 | sha1_init(&md); |
269 | sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
269 | sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
270 | 270 | sha1_done(&md, tmp); |
271 | 271 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA1", i)) { |
272 | 272 | return CRYPT_FAIL_TESTVECTOR; |
110 | 110 | |
111 | 111 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
112 | 112 | sha224_init(&md); |
113 | sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
113 | sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
114 | 114 | sha224_done(&md, tmp); |
115 | 115 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA224", i)) { |
116 | 116 | return CRYPT_FAIL_TESTVECTOR; |
314 | 314 | |
315 | 315 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
316 | 316 | sha256_init(&md); |
317 | sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
317 | sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
318 | 318 | sha256_done(&md, tmp); |
319 | 319 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA256", i)) { |
320 | 320 | return CRYPT_FAIL_TESTVECTOR; |
116 | 116 | |
117 | 117 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
118 | 118 | sha384_init(&md); |
119 | sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
119 | sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
120 | 120 | sha384_done(&md, tmp); |
121 | 121 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA384", i)) { |
122 | 122 | return CRYPT_FAIL_TESTVECTOR; |
292 | 292 | |
293 | 293 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
294 | 294 | sha512_init(&md); |
295 | sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
295 | sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
296 | 296 | sha512_done(&md, tmp); |
297 | 297 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512", i)) { |
298 | 298 | return CRYPT_FAIL_TESTVECTOR; |
112 | 112 | |
113 | 113 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
114 | 114 | sha512_224_init(&md); |
115 | sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
115 | sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
116 | 116 | sha512_224_done(&md, tmp); |
117 | 117 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-224", i)) { |
118 | 118 | return CRYPT_FAIL_TESTVECTOR; |
112 | 112 | |
113 | 113 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
114 | 114 | sha512_256_init(&md); |
115 | sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
115 | sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
116 | 116 | sha512_256_done(&md, tmp); |
117 | 117 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-265", i)) { |
118 | 118 | return CRYPT_FAIL_TESTVECTOR; |
770 | 770 | |
771 | 771 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
772 | 772 | tiger_init(&md); |
773 | tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
773 | tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
774 | 774 | tiger_done(&md, tmp); |
775 | 775 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "TIGER", i)) { |
776 | 776 | return CRYPT_FAIL_TESTVECTOR; |
18 | 18 | #include <limits.h> |
19 | 19 | |
20 | 20 | /* use configuration data */ |
21 | #include <tomcrypt_custom.h> | |
21 | #include "tomcrypt_custom.h" | |
22 | 22 | |
23 | 23 | #ifdef __cplusplus |
24 | 24 | extern "C" { |
80 | 80 | CRYPT_HASH_OVERFLOW /* Hash applied to too many bits */ |
81 | 81 | }; |
82 | 82 | |
83 | #include <tomcrypt_cfg.h> | |
84 | #include <tomcrypt_macros.h> | |
85 | #include <tomcrypt_cipher.h> | |
86 | #include <tomcrypt_hash.h> | |
87 | #include <tomcrypt_mac.h> | |
88 | #include <tomcrypt_prng.h> | |
89 | #include <tomcrypt_pk.h> | |
90 | #include <tomcrypt_math.h> | |
91 | #include <tomcrypt_misc.h> | |
92 | #include <tomcrypt_argchk.h> | |
93 | #include <tomcrypt_pkcs.h> | |
83 | #include "tomcrypt_cfg.h" | |
84 | #include "tomcrypt_macros.h" | |
85 | #include "tomcrypt_cipher.h" | |
86 | #include "tomcrypt_hash.h" | |
87 | #include "tomcrypt_mac.h" | |
88 | #include "tomcrypt_prng.h" | |
89 | #include "tomcrypt_pk.h" | |
90 | #include "tomcrypt_math.h" | |
91 | #include "tomcrypt_misc.h" | |
92 | #include "tomcrypt_argchk.h" | |
93 | #include "tomcrypt_pkcs.h" | |
94 | 94 | |
95 | 95 | #ifdef __cplusplus |
96 | 96 | } |
293 | 293 | #define LTC_HAVE_ROTATE_BUILTIN |
294 | 294 | #endif |
295 | 295 | |
296 | #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301) | |
297 | #define LTC_DEPRECATED __attribute__((deprecated)) | |
296 | #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405) | |
297 | # define LTC_DEPRECATED(s) __attribute__((deprecated("replaced by " #s))) | |
298 | # define PRIVATE_LTC_DEPRECATED_PRAGMA(s) _Pragma(#s) | |
299 | # define LTC_DEPRECATED_PRAGMA(s) PRIVATE_LTC_DEPRECATED_PRAGMA(GCC warning s) | |
300 | #elif defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301) | |
301 | # define LTC_DEPRECATED(s) __attribute__((deprecated)) | |
302 | # define LTC_DEPRECATED_PRAGMA(s) | |
298 | 303 | #elif defined(_MSC_VER) && _MSC_VER >= 1500 |
299 | 304 | /* supported since Visual Studio 2008 */ |
300 | #define LTC_DEPRECATED __declspec(deprecated) | |
301 | #else | |
302 | #define LTC_DEPRECATED | |
303 | #endif | |
304 | ||
305 | # define LTC_DEPRECATED(s) __declspec(deprecated("replaced by " #s)) | |
306 | # define LTC_DEPRECATED_PRAGMA(s) __pragma(message(s)) | |
307 | #else | |
308 | # define LTC_DEPRECATED(s) | |
309 | # define LTC_DEPRECATED_PRAGMA(s) | |
310 | #endif | |
305 | 311 | /* ref: $Format:%D$ */ |
306 | 312 | /* git commit: $Format:%H$ */ |
307 | 313 | /* commit time: $Format:%ai$ */ |
170 | 170 | }; |
171 | 171 | #endif |
172 | 172 | |
173 | #ifdef LTC_TEA | |
174 | struct tea_key { | |
175 | ulong32 k[4]; | |
176 | }; | |
177 | #endif | |
178 | ||
173 | 179 | typedef union Symmetric_key { |
174 | 180 | #ifdef LTC_DES |
175 | 181 | struct des_key des; |
234 | 240 | #endif |
235 | 241 | #ifdef LTC_SERPENT |
236 | 242 | struct serpent_key serpent; |
243 | #endif | |
244 | #ifdef LTC_TEA | |
245 | struct tea_key tea; | |
237 | 246 | #endif |
238 | 247 | void *data; |
239 | 248 | } symmetric_key; |
858 | 867 | extern const struct ltc_cipher_descriptor serpent_desc; |
859 | 868 | #endif |
860 | 869 | |
870 | #ifdef LTC_TEA | |
871 | int tea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | |
872 | int tea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
873 | int tea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
874 | int tea_test(void); | |
875 | void tea_done(symmetric_key *skey); | |
876 | int tea_keysize(int *keysize); | |
877 | extern const struct ltc_cipher_descriptor tea_desc; | |
878 | #endif | |
879 | ||
861 | 880 | #ifdef LTC_ECB_MODE |
862 | 881 | int ecb_start(int cipher, const unsigned char *key, |
863 | 882 | int keylen, int num_rounds, symmetric_ECB *ecb); |
44 | 44 | #ifndef XSTRCMP |
45 | 45 | #define XSTRCMP strcmp |
46 | 46 | #endif |
47 | #ifndef XSTRLEN | |
48 | #define XSTRLEN strlen | |
49 | #endif | |
47 | 50 | #ifndef XSTRNCPY |
48 | 51 | #define XSTRNCPY strncpy |
49 | 52 | #endif |
58 | 61 | |
59 | 62 | #if ( defined(malloc) || defined(realloc) || defined(calloc) || defined(free) || \ |
60 | 63 | defined(memset) || defined(memcpy) || defined(memcmp) || defined(strcmp) || \ |
61 | defined(strncpy) || defined(clock) || defined(qsort) ) && !defined(LTC_NO_PROTOTYPES) | |
64 | defined(strlen) || defined(strncpy) || defined(clock) || defined(qsort) ) \ | |
65 | && !defined(LTC_NO_PROTOTYPES) | |
62 | 66 | #define LTC_NO_PROTOTYPES |
63 | 67 | #endif |
64 | 68 | |
206 | 210 | #define LTC_CAMELLIA |
207 | 211 | #define LTC_IDEA |
208 | 212 | #define LTC_SERPENT |
213 | #define LTC_TEA | |
209 | 214 | |
210 | 215 | /* stream ciphers */ |
211 | 216 | #define LTC_CHACHA |
487 | 492 | #define LTC_BASE32 |
488 | 493 | /* Base16/hex encoding/decoding */ |
489 | 494 | #define LTC_BASE16 |
495 | ||
496 | #define LTC_BCRYPT | |
497 | ||
498 | #ifndef LTC_BCRYPT_DEFAULT_ROUNDS | |
499 | #define LTC_BCRYPT_DEFAULT_ROUNDS 10 | |
500 | #endif | |
490 | 501 | |
491 | 502 | /* Keep LTC_NO_HKDF for compatibility reasons |
492 | 503 | * superseeded by LTC_NO_MISC*/ |
599 | 610 | #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled |
600 | 611 | #endif |
601 | 612 | |
613 | #if defined(LTC_BCRYPT) && !defined(LTC_BLOWFISH) | |
614 | #error LTC_BCRYPT requires LTC_BLOWFISH | |
615 | #endif | |
616 | ||
602 | 617 | #if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) || !defined(LTC_POLY1305)) |
603 | 618 | #error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305 |
604 | 619 | #endif |
58 | 58 | unsigned char *out, unsigned long *outlen); |
59 | 59 | #endif |
60 | 60 | |
61 | #ifdef LTC_BCRYPT | |
62 | int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len, | |
63 | const unsigned char *salt, unsigned long salt_len, | |
64 | unsigned int rounds, int hash_idx, | |
65 | unsigned char *out, unsigned long *outlen); | |
66 | #endif | |
67 | ||
61 | 68 | /* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */ |
62 | 69 | #ifdef LTC_HKDF |
63 | 70 | |
101 | 108 | int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size); |
102 | 109 | |
103 | 110 | #ifdef LTM_DESC |
104 | LTC_DEPRECATED void init_LTM(void); | |
111 | LTC_DEPRECATED(crypt_mp_init) void init_LTM(void); | |
105 | 112 | #endif |
106 | 113 | #ifdef TFM_DESC |
107 | LTC_DEPRECATED void init_TFM(void); | |
114 | LTC_DEPRECATED(crypt_mp_init) void init_TFM(void); | |
108 | 115 | #endif |
109 | 116 | #ifdef GMP_DESC |
110 | LTC_DEPRECATED void init_GMP(void); | |
117 | LTC_DEPRECATED(crypt_mp_init) void init_GMP(void); | |
111 | 118 | #endif |
112 | 119 | int crypt_mp_init(const char* mpi); |
113 | 120 | |
155 | 162 | |
156 | 163 | #ifdef LTC_SSH |
157 | 164 | typedef enum ssh_data_type_ { |
165 | LTC_SSHDATA_EOL, | |
158 | 166 | LTC_SSHDATA_BYTE, |
159 | 167 | LTC_SSHDATA_BOOLEAN, |
160 | 168 | LTC_SSHDATA_UINT32, |
162 | 170 | LTC_SSHDATA_STRING, |
163 | 171 | LTC_SSHDATA_MPINT, |
164 | 172 | LTC_SSHDATA_NAMELIST, |
165 | LTC_SSHDATA_EOL | |
166 | 173 | } ssh_data_type; |
167 | 174 | |
168 | 175 | /* VA list handy helpers with tuples of <type, data> */ |
169 | 176 | int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...); |
170 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...); | |
177 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...); | |
171 | 178 | #endif /* LTC_SSH */ |
172 | 179 | |
173 | 180 | int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which); |
70 | 70 | /* |
71 | 71 | * Internal functions |
72 | 72 | */ |
73 | ||
74 | ||
75 | /* tomcrypt_cipher.h */ | |
76 | ||
77 | void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey); | |
78 | int blowfish_expand(const unsigned char *key, int keylen, | |
79 | const unsigned char *data, int datalen, | |
80 | symmetric_key *skey); | |
81 | int blowfish_setup_with_data(const unsigned char *key, int keylen, | |
82 | const unsigned char *data, int datalen, | |
83 | symmetric_key *skey); | |
73 | 84 | |
74 | 85 | /* tomcrypt_hash.h */ |
75 | 86 | |
214 | 225 | int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen); |
215 | 226 | |
216 | 227 | /* ---- DH Routines ---- */ |
228 | #ifdef LTC_MRSA | |
229 | int rsa_init(rsa_key *key); | |
230 | void rsa_shrink_key(rsa_key *key); | |
231 | #endif /* LTC_MRSA */ | |
232 | ||
233 | /* ---- DH Routines ---- */ | |
217 | 234 | #ifdef LTC_MDH |
218 | 235 | extern const ltc_dh_set_type ltc_dh_sets[]; |
219 | 236 |
14 | 14 | #include <tommath.h> |
15 | 15 | |
16 | 16 | static const struct { |
17 | int mpi_code, ltc_code; | |
17 | mp_err mpi_code; | |
18 | int ltc_code; | |
18 | 19 | } mpi_to_ltc_codes[] = { |
19 | 20 | { MP_OKAY , CRYPT_OK}, |
20 | 21 | { MP_MEM , CRYPT_MEM}, |
21 | 22 | { MP_VAL , CRYPT_INVALID_ARG}, |
23 | #if defined(MP_BUF) || defined(MP_USE_ENUMS) | |
24 | { MP_ITER , CRYPT_INVALID_PACKET}, | |
25 | { MP_BUF , CRYPT_BUFFER_OVERFLOW}, | |
26 | #endif | |
22 | 27 | }; |
23 | 28 | |
24 | 29 | /** |
26 | 31 | @param err The error to convert |
27 | 32 | @return The equivalent LTC error code or CRYPT_ERROR if none found |
28 | 33 | */ |
29 | static int mpi_to_ltc_error(int err) | |
30 | { | |
31 | int x; | |
32 | ||
33 | for (x = 0; x < (int)(sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0])); x++) { | |
34 | static int mpi_to_ltc_error(mp_err err) | |
35 | { | |
36 | size_t x; | |
37 | ||
38 | for (x = 0; x < sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0]); x++) { | |
34 | 39 | if (err == mpi_to_ltc_codes[x].mpi_code) { |
35 | 40 | return mpi_to_ltc_codes[x].ltc_code; |
36 | 41 | } |
38 | 43 | return CRYPT_ERROR; |
39 | 44 | } |
40 | 45 | |
41 | static int init(void **a) | |
42 | { | |
43 | int err; | |
44 | ||
46 | static int init_mpi(void **a) | |
47 | { | |
45 | 48 | LTC_ARGCHK(a != NULL); |
46 | 49 | |
47 | 50 | *a = XCALLOC(1, sizeof(mp_int)); |
48 | 51 | if (*a == NULL) { |
49 | 52 | return CRYPT_MEM; |
50 | } | |
51 | ||
53 | } else { | |
54 | return CRYPT_OK; | |
55 | } | |
56 | } | |
57 | ||
58 | static int init(void **a) | |
59 | { | |
60 | int err; | |
61 | ||
62 | LTC_ARGCHK(a != NULL); | |
63 | ||
64 | if ((err = init_mpi(a)) != CRYPT_OK) { | |
65 | return err; | |
66 | } | |
52 | 67 | if ((err = mpi_to_ltc_error(mp_init(*a))) != CRYPT_OK) { |
53 | 68 | XFREE(*a); |
54 | 69 | } |
78 | 93 | |
79 | 94 | static int init_copy(void **a, void *b) |
80 | 95 | { |
81 | if (init(a) != CRYPT_OK) { | |
82 | return CRYPT_MEM; | |
83 | } | |
84 | return copy(b, *a); | |
96 | int err; | |
97 | LTC_ARGCHK(a != NULL); | |
98 | LTC_ARGCHK(b != NULL); | |
99 | if ((err = init_mpi(a)) != CRYPT_OK) return err; | |
100 | return mpi_to_ltc_error(mp_init_copy(*a, b)); | |
85 | 101 | } |
86 | 102 | |
87 | 103 | /* ---- trivial ---- */ |
124 | 140 | |
125 | 141 | static int compare(void *a, void *b) |
126 | 142 | { |
127 | int ret; | |
128 | LTC_ARGCHK(a != NULL); | |
129 | LTC_ARGCHK(b != NULL); | |
130 | ret = mp_cmp(a, b); | |
131 | switch (ret) { | |
143 | LTC_ARGCHK(a != NULL); | |
144 | LTC_ARGCHK(b != NULL); | |
145 | switch (mp_cmp(a, b)) { | |
132 | 146 | case MP_LT: return LTC_MP_LT; |
133 | 147 | case MP_EQ: return LTC_MP_EQ; |
134 | 148 | case MP_GT: return LTC_MP_GT; |
138 | 152 | |
139 | 153 | static int compare_d(void *a, ltc_mp_digit b) |
140 | 154 | { |
141 | int ret; | |
142 | LTC_ARGCHK(a != NULL); | |
143 | ret = mp_cmp_d(a, b); | |
144 | switch (ret) { | |
155 | LTC_ARGCHK(a != NULL); | |
156 | switch (mp_cmp_d(a, b)) { | |
145 | 157 | case MP_LT: return LTC_MP_LT; |
146 | 158 | case MP_EQ: return LTC_MP_EQ; |
147 | 159 | case MP_GT: return LTC_MP_GT; |
183 | 195 | { |
184 | 196 | LTC_ARGCHK(a != NULL); |
185 | 197 | LTC_ARGCHK(b != NULL); |
198 | #ifdef BN_MP_TORADIX_C | |
186 | 199 | return mpi_to_ltc_error(mp_toradix(a, b, radix)); |
200 | #else | |
201 | return mpi_to_ltc_error(mp_to_radix(a, b, SIZE_MAX, NULL, radix)); | |
202 | #endif | |
187 | 203 | } |
188 | 204 | |
189 | 205 | /* get size as unsigned char string */ |
190 | 206 | static unsigned long unsigned_size(void *a) |
191 | 207 | { |
192 | 208 | LTC_ARGCHK(a != NULL); |
209 | #ifdef BN_MP_UNSIGNED_BIN_SIZE_C | |
193 | 210 | return mp_unsigned_bin_size(a); |
211 | #else | |
212 | return (unsigned long)mp_ubin_size(a); | |
213 | #endif | |
194 | 214 | } |
195 | 215 | |
196 | 216 | /* store */ |
198 | 218 | { |
199 | 219 | LTC_ARGCHK(a != NULL); |
200 | 220 | LTC_ARGCHK(b != NULL); |
221 | #ifdef BN_MP_TO_UNSIGNED_BIN_C | |
201 | 222 | return mpi_to_ltc_error(mp_to_unsigned_bin(a, b)); |
223 | #else | |
224 | return mpi_to_ltc_error(mp_to_ubin(a, b, SIZE_MAX, NULL)); | |
225 | #endif | |
202 | 226 | } |
203 | 227 | |
204 | 228 | /* read */ |
206 | 230 | { |
207 | 231 | LTC_ARGCHK(a != NULL); |
208 | 232 | LTC_ARGCHK(b != NULL); |
233 | #ifdef BN_MP_READ_UNSIGNED_BIN_C | |
209 | 234 | return mpi_to_ltc_error(mp_read_unsigned_bin(a, b, len)); |
235 | #else | |
236 | return mpi_to_ltc_error(mp_from_ubin(a, b, (size_t)len)); | |
237 | #endif | |
210 | 238 | } |
211 | 239 | |
212 | 240 | /* add */ |
117 | 117 | unsigned char out[4]; |
118 | 118 | adler32_state ctx; |
119 | 119 | adler32_init(&ctx); |
120 | adler32_update(&ctx, in, strlen(in)); | |
120 | adler32_update(&ctx, in, XSTRLEN(in)); | |
121 | 121 | adler32_finish(&ctx, out, 4); |
122 | 122 | if (compare_testvector(adler32, 4, out, 4, "adler32", 0)) { |
123 | 123 | return CRYPT_FAIL_TESTVECTOR; |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file bcrypt.c | |
12 | bcrypt pbkdf, Steffen Jaeckel | |
13 | */ | |
14 | #ifdef LTC_BCRYPT | |
15 | ||
16 | #define BCRYPT_WORDS 8 | |
17 | #define BCRYPT_HASHSIZE (BCRYPT_WORDS * 4) | |
18 | ||
19 | static int _bcrypt_hash(const unsigned char *pt, | |
20 | const unsigned char *pass, unsigned long passlen, | |
21 | const unsigned char *salt, unsigned long saltlen, | |
22 | unsigned char *out, unsigned long *outlen) | |
23 | { | |
24 | symmetric_key key; | |
25 | int err, n; | |
26 | ulong32 ct[BCRYPT_WORDS]; | |
27 | ||
28 | if ((err = blowfish_setup_with_data(pass, passlen, salt, saltlen, &key)) != CRYPT_OK) { | |
29 | return err; | |
30 | } | |
31 | for (n = 0; n < 64; ++n) { | |
32 | if ((err = blowfish_expand(salt, saltlen, NULL, 0, &key)) != CRYPT_OK) { | |
33 | return err; | |
34 | } | |
35 | if ((err = blowfish_expand(pass, passlen, NULL, 0, &key)) != CRYPT_OK) { | |
36 | return err; | |
37 | } | |
38 | } | |
39 | ||
40 | for (n = 0; n < BCRYPT_WORDS; ++n) { | |
41 | LOAD32H(ct[n], &pt[n*4]); | |
42 | } | |
43 | ||
44 | for (n = 0; n < 64; ++n) { | |
45 | blowfish_enc(ct, BCRYPT_WORDS/2, &key); | |
46 | } | |
47 | ||
48 | for (n = 0; n < BCRYPT_WORDS; ++n) { | |
49 | STORE32L(ct[n], &out[4 * n]); | |
50 | } | |
51 | *outlen = sizeof(ct); | |
52 | #ifdef LTC_CLEAN_STACK | |
53 | zeromem(&key, sizeof(key)); | |
54 | zeromem(ct, sizeof(ct)); | |
55 | #endif | |
56 | ||
57 | return CRYPT_OK; | |
58 | } | |
59 | ||
60 | static int _bcrypt_pbkdf_hash(const unsigned char *pass, unsigned long passlen, | |
61 | const unsigned char *salt, unsigned long saltlen, | |
62 | unsigned char *out, unsigned long *outlen) | |
63 | { | |
64 | const unsigned char pt[] = "OxychromaticBlowfishSwatDynamite"; | |
65 | return _bcrypt_hash(pt, pass, passlen, salt, saltlen, out, outlen); | |
66 | } | |
67 | ||
68 | /** | |
69 | Compatible to bcrypt_pbkdf() as provided in OpenBSD | |
70 | @param password The input password (or key) | |
71 | @param password_len The length of the password (octets) | |
72 | @param salt The salt (or nonce) | |
73 | @param salt_len The length of the salt (octets) | |
74 | @param rounds # of iterations desired [read specs for more] | |
75 | @param hash_idx The index of the hash desired | |
76 | @param out [out] The destination for this algorithm | |
77 | @param outlen [in/out] The desired size of the algorithm output | |
78 | @return CRYPT_OK if successful | |
79 | */ | |
80 | int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len, | |
81 | const unsigned char *salt, unsigned long salt_len, | |
82 | unsigned int rounds, int hash_idx, | |
83 | unsigned char *out, unsigned long *outlen) | |
84 | { | |
85 | int err; | |
86 | ulong32 blkno; | |
87 | unsigned long left, itts, x, y, hashed_pass_len, step_size, steps, dest, used_rounds; | |
88 | unsigned char *buf[3], blkbuf[4]; | |
89 | unsigned char *hashed_pass; | |
90 | ||
91 | LTC_ARGCHK(secret != NULL); | |
92 | LTC_ARGCHK(salt != NULL); | |
93 | LTC_ARGCHK(out != NULL); | |
94 | LTC_ARGCHK(outlen != NULL); | |
95 | ||
96 | if ((secret_len == 0) || (salt_len == 0) || (*outlen == 0)) { | |
97 | return CRYPT_INVALID_ARG; | |
98 | } | |
99 | /* test hash IDX */ | |
100 | if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { | |
101 | return err; | |
102 | } | |
103 | /* set default value for rounds if not given */ | |
104 | if (rounds == 0) { | |
105 | used_rounds = LTC_BCRYPT_DEFAULT_ROUNDS; | |
106 | } else { | |
107 | used_rounds = rounds; | |
108 | } | |
109 | ||
110 | buf[0] = XMALLOC(MAXBLOCKSIZE * 3); | |
111 | hashed_pass = XMALLOC(MAXBLOCKSIZE); | |
112 | if (buf[0] == NULL || hashed_pass == NULL) { | |
113 | if (hashed_pass != NULL) { | |
114 | XFREE(hashed_pass); | |
115 | } | |
116 | if (buf[0] != NULL) { | |
117 | XFREE(buf[0]); | |
118 | } | |
119 | return CRYPT_MEM; | |
120 | } | |
121 | /* buf[1] points to the second block of MAXBLOCKSIZE bytes */ | |
122 | buf[1] = buf[0] + MAXBLOCKSIZE; | |
123 | buf[2] = buf[1] + MAXBLOCKSIZE; | |
124 | ||
125 | step_size = (*outlen + BCRYPT_HASHSIZE - 1) / BCRYPT_HASHSIZE; | |
126 | steps = (*outlen + step_size - 1) / step_size; | |
127 | ||
128 | hashed_pass_len = MAXBLOCKSIZE; | |
129 | if ((err = hash_memory(hash_idx, (unsigned char*)secret, secret_len, hashed_pass, &hashed_pass_len)) != CRYPT_OK) { | |
130 | goto LBL_ERR; | |
131 | } | |
132 | ||
133 | left = *outlen; | |
134 | blkno = 0; | |
135 | while (left != 0) { | |
136 | /* increment and store current block number */ | |
137 | ++blkno; | |
138 | STORE32H(blkno, blkbuf); | |
139 | ||
140 | /* process block number blkno */ | |
141 | zeromem(buf[0], MAXBLOCKSIZE*2); | |
142 | ||
143 | x = MAXBLOCKSIZE; | |
144 | if ((err = hash_memory_multi(hash_idx, buf[0], &x, | |
145 | salt, salt_len, | |
146 | blkbuf, 4uL, | |
147 | NULL, 0)) != CRYPT_OK) { | |
148 | goto LBL_ERR; | |
149 | } | |
150 | y = MAXBLOCKSIZE; | |
151 | if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) { | |
152 | goto LBL_ERR; | |
153 | } | |
154 | XMEMCPY(buf[2], buf[1], y); | |
155 | ||
156 | /* now compute repeated and XOR it in buf[2] */ | |
157 | for (itts = 1; itts < used_rounds; ++itts) { | |
158 | x = MAXBLOCKSIZE; | |
159 | if ((err = hash_memory(hash_idx, buf[1], y, buf[0], &x)) != CRYPT_OK) { | |
160 | goto LBL_ERR; | |
161 | } | |
162 | y = MAXBLOCKSIZE; | |
163 | if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) { | |
164 | goto LBL_ERR; | |
165 | } | |
166 | for (x = 0; x < y; x++) { | |
167 | buf[2][x] ^= buf[1][x]; | |
168 | } | |
169 | } | |
170 | ||
171 | /* now emit upto `steps` bytes of buf[2] to output */ | |
172 | steps = MIN(steps, left); | |
173 | for (y = 0; y < steps; ++y) { | |
174 | dest = y * step_size + (blkno - 1); | |
175 | if (dest >= *outlen) | |
176 | break; | |
177 | out[dest] = buf[2][y]; | |
178 | } | |
179 | left -= y; | |
180 | } | |
181 | ||
182 | err = CRYPT_OK; | |
183 | LBL_ERR: | |
184 | #ifdef LTC_CLEAN_STACK | |
185 | zeromem(buf[0], MAXBLOCKSIZE*3); | |
186 | zeromem(hashed_pass, MAXBLOCKSIZE); | |
187 | #endif | |
188 | ||
189 | XFREE(hashed_pass); | |
190 | XFREE(buf[0]); | |
191 | ||
192 | return err; | |
193 | } | |
194 | ||
195 | #endif | |
196 | ||
197 | ||
198 | /* ref: $Format:%D$ */ | |
199 | /* git commit: $Format:%H$ */ | |
200 | /* commit time: $Format:%ai$ */ |
187 | 187 | unsigned char out[4]; |
188 | 188 | crc32_state ctx; |
189 | 189 | crc32_init(&ctx); |
190 | crc32_update(&ctx, in, strlen(in)); | |
190 | crc32_update(&ctx, in, XSTRLEN(in)); | |
191 | 191 | crc32_finish(&ctx, out, 4); |
192 | 192 | if (compare_testvector(crc32, 4, out, 4, "CRC32", 0)) { |
193 | 193 | return CRYPT_FAIL_TESTVECTOR; |
127 | 127 | #if defined(LTC_SERPENT) |
128 | 128 | " Serpent\n" |
129 | 129 | #endif |
130 | #if defined(LTC_TEA) | |
131 | " TEA\n" | |
132 | #endif | |
130 | 133 | "Stream ciphers built-in:\n" |
131 | 134 | #if defined(LTC_CHACHA) |
132 | 135 | " ChaCha\n" |
430 | 433 | #if defined(LTC_BASE16) |
431 | 434 | " BASE16 " |
432 | 435 | #endif |
436 | #if defined(LTC_BCRYPT) | |
437 | " BCRYPT " | |
438 | " " NAME_VALUE(LTC_BCRYPT_DEFAULT_ROUNDS) " " | |
439 | #endif | |
433 | 440 | #if defined(LTC_CRC32) |
434 | 441 | " CRC32 " |
435 | 442 | #endif |
97 | 97 | #ifdef LTC_SERPENT |
98 | 98 | REGISTER_CIPHER(&serpent_desc); |
99 | 99 | #endif |
100 | #ifdef LTC_TEA | |
101 | REGISTER_CIPHER(&tea_desc); | |
102 | #endif | |
100 | 103 | return CRYPT_OK; |
101 | 104 | } |
102 | 105 |
83 | 83 | */ |
84 | 84 | int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode) |
85 | 85 | { |
86 | unsigned long diff, l; | |
86 | unsigned long l; | |
87 | 87 | enum padding_type type; |
88 | 88 | int err; |
89 | unsigned char diff; | |
89 | 90 | |
90 | 91 | LTC_ARGCHK(data != NULL); |
91 | 92 | LTC_ARGCHK(padded_length != NULL); |
110 | 111 | return CRYPT_BUFFER_OVERFLOW; |
111 | 112 | } |
112 | 113 | |
113 | diff = l - length; | |
114 | if (diff > 255) return CRYPT_INVALID_ARG; | |
114 | if (l - length > 255) return CRYPT_INVALID_ARG; | |
115 | diff = (unsigned char)(l - length); | |
115 | 116 | |
116 | 117 | switch (type) { |
117 | 118 | case LTC_PAD_PKCS7: |
119 | 120 | break; |
120 | 121 | #ifdef LTC_RNG_GET_BYTES |
121 | 122 | case LTC_PAD_ISO_10126: |
122 | if (rng_get_bytes(&data[length], diff-1, NULL) != diff-1) { | |
123 | if (rng_get_bytes(&data[length], diff-1u, NULL) != diff-1u) { | |
123 | 124 | return CRYPT_ERROR_READPRNG; |
124 | 125 | } |
125 | 126 | data[l-1] = diff; |
17 | 17 | |
18 | 18 | /** |
19 | 19 | Decode a SSH sequence using a VA list |
20 | @param in Data to decode | |
21 | @param inlen Length of buffer to decode | |
22 | @remark <...> is of the form <type, data> (int, void*) except for string <type, data, size> | |
20 | @param in The input buffer | |
21 | @param inlen [in/out] The length of the input buffer and on output the amount of decoded data | |
22 | @remark <...> is of the form <type, data*> (int, <unsigned char*,ulong32*,ulong64*>) except for string&name-list <type, data, size*> (int, void*, unsigned long*) | |
23 | 23 | @return CRYPT_OK on success |
24 | 24 | */ |
25 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) | |
25 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...) | |
26 | 26 | { |
27 | 27 | int err; |
28 | 28 | va_list args; |
32 | 32 | char *sdata; |
33 | 33 | ulong32 *u32data; |
34 | 34 | ulong64 *u64data; |
35 | unsigned long bufsize; | |
35 | unsigned long *bufsize; | |
36 | 36 | ulong32 size; |
37 | unsigned long remaining; | |
37 | 38 | |
38 | 39 | LTC_ARGCHK(in != NULL); |
40 | LTC_ARGCHK(inlen != NULL); | |
39 | 41 | |
42 | remaining = *inlen; | |
40 | 43 | /* Decode values from buffer */ |
41 | 44 | va_start(args, inlen); |
42 | 45 | while ((type = (ssh_data_type)va_arg(args, int)) != LTC_SSHDATA_EOL) { |
46 | 49 | type == LTC_SSHDATA_MPINT) |
47 | 50 | { |
48 | 51 | /* Check we'll not read too far */ |
49 | if (inlen < 4) { | |
52 | if (remaining < 4) { | |
50 | 53 | err = CRYPT_BUFFER_OVERFLOW; |
51 | 54 | goto error; |
52 | 55 | } |
70 | 73 | case LTC_SSHDATA_MPINT: |
71 | 74 | LOAD32H(size, in); |
72 | 75 | in += 4; |
73 | inlen -= 4; | |
76 | remaining -= 4; | |
74 | 77 | break; |
75 | 78 | |
76 | 79 | case LTC_SSHDATA_EOL: |
80 | 83 | } |
81 | 84 | |
82 | 85 | /* Check we'll not read too far */ |
83 | if (inlen < size) { | |
86 | if (remaining < size) { | |
84 | 87 | err = CRYPT_BUFFER_OVERFLOW; |
85 | 88 | goto error; |
86 | 89 | } else { |
87 | inlen -= size; | |
90 | remaining -= size; | |
91 | } | |
92 | ||
93 | vdata = va_arg(args, void*); | |
94 | if (vdata == NULL) { | |
95 | err = CRYPT_INVALID_ARG; | |
96 | goto error; | |
88 | 97 | } |
89 | 98 | |
90 | 99 | /* Read data */ |
91 | 100 | switch (type) { |
92 | 101 | case LTC_SSHDATA_BYTE: |
93 | cdata = va_arg(args, unsigned char*); | |
102 | cdata = vdata; | |
94 | 103 | *cdata = *in++; |
95 | 104 | break; |
96 | 105 | case LTC_SSHDATA_BOOLEAN: |
97 | cdata = va_arg(args, unsigned char*); | |
106 | cdata = vdata; | |
98 | 107 | /* |
99 | 108 | The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be |
100 | 109 | interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1. |
101 | */ | |
110 | */ | |
102 | 111 | *cdata = (*in++)?1:0; |
103 | 112 | break; |
104 | 113 | case LTC_SSHDATA_UINT32: |
105 | u32data = va_arg(args, ulong32*); | |
114 | u32data = vdata; | |
106 | 115 | LOAD32H(*u32data, in); |
107 | 116 | in += 4; |
108 | 117 | break; |
109 | 118 | case LTC_SSHDATA_UINT64: |
110 | u64data = va_arg(args, ulong64*); | |
119 | u64data = vdata; | |
111 | 120 | LOAD64H(*u64data, in); |
112 | 121 | in += 8; |
113 | 122 | break; |
114 | 123 | case LTC_SSHDATA_STRING: |
115 | 124 | case LTC_SSHDATA_NAMELIST: |
116 | sdata = va_arg(args, char*); | |
117 | bufsize = va_arg(args, unsigned long); | |
118 | if (size >= bufsize) { | |
125 | sdata = vdata; | |
126 | bufsize = va_arg(args, unsigned long*); | |
127 | if (bufsize == NULL) { | |
128 | err = CRYPT_INVALID_ARG; | |
129 | goto error; | |
130 | } | |
131 | if (size + 1 >= *bufsize) { | |
119 | 132 | err = CRYPT_BUFFER_OVERFLOW; |
120 | 133 | goto error; |
121 | 134 | } |
122 | 135 | if (size > 0) { |
123 | XSTRNCPY(sdata, (const char *)in, size); | |
124 | sdata[size] = '\0'; /* strncpy doesn't NUL-terminate */ | |
125 | } else { | |
126 | *sdata = '\0'; | |
136 | XMEMCPY(sdata, (const char *)in, size); | |
127 | 137 | } |
138 | sdata[size] = '\0'; | |
139 | *bufsize = size; | |
128 | 140 | in += size; |
129 | 141 | break; |
130 | 142 | case LTC_SSHDATA_MPINT: |
131 | vdata = va_arg(args, void*); | |
132 | 143 | if (size == 0) { |
133 | 144 | if ((err = mp_set(vdata, 0)) != CRYPT_OK) { goto error; } |
134 | 145 | } else if ((in[0] & 0x80) != 0) { |
149 | 160 | } |
150 | 161 | err = CRYPT_OK; |
151 | 162 | |
163 | *inlen -= remaining; | |
164 | ||
152 | 165 | error: |
153 | 166 | va_end(args); |
154 | 167 | return err; |
19 | 19 | Encode a SSH sequence using a VA list |
20 | 20 | @param out [out] Destination for data |
21 | 21 | @param outlen [in/out] Length of buffer and resulting length of output |
22 | @remark <...> is of the form <type, data> (int, void*) | |
22 | @remark <...> is of the form <type, data> (int, <int,ulong32,ulong64>) except for string&name-list <type, data, size> (int, void*, unsigned long) | |
23 | 23 | @return CRYPT_OK on success |
24 | 24 | */ |
25 | 25 | int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) |
28 | 28 | va_list args; |
29 | 29 | ulong32 size; |
30 | 30 | ssh_data_type type; |
31 | void *vdata; | |
32 | const char *sdata; | |
31 | void *vdata; | |
32 | const char *sdata; | |
33 | 33 | int idata; |
34 | 34 | ulong32 u32data; |
35 | 35 | ulong64 u64data; |
57 | 57 | break; |
58 | 58 | case LTC_SSHDATA_STRING: |
59 | 59 | case LTC_SSHDATA_NAMELIST: |
60 | sdata = va_arg(args, char*); | |
60 | LTC_UNUSED_PARAM( va_arg(args, char*) ); | |
61 | size += va_arg(args, unsigned long); | |
61 | 62 | size += 4; |
62 | size += strlen(sdata); | |
63 | 63 | break; |
64 | 64 | case LTC_SSHDATA_MPINT: |
65 | 65 | vdata = va_arg(args, void*); |
101 | 101 | /* |
102 | 102 | The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be |
103 | 103 | interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1. |
104 | */ | |
104 | */ | |
105 | 105 | *out++ = (idata)?1:0; |
106 | 106 | break; |
107 | 107 | case LTC_SSHDATA_UINT32: |
117 | 117 | case LTC_SSHDATA_STRING: |
118 | 118 | case LTC_SSHDATA_NAMELIST: |
119 | 119 | sdata = va_arg(args, char*); |
120 | size = strlen(sdata); | |
120 | size = va_arg(args, unsigned long); | |
121 | 121 | STORE32H(size, out); |
122 | 122 | out += 4; |
123 | 123 | XMEMCPY(out, sdata, size); |
10 | 10 | |
11 | 11 | int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen) |
12 | 12 | { |
13 | unsigned long i, j, limit, OID_len, oid_j; | |
13 | unsigned long i, j, limit, oid_j; | |
14 | size_t OID_len; | |
14 | 15 | |
15 | 16 | LTC_ARGCHK(oidlen != NULL); |
16 | 17 | |
20 | 21 | |
21 | 22 | if (OID == NULL) return CRYPT_OK; |
22 | 23 | |
23 | OID_len = strlen(OID); | |
24 | OID_len = XSTRLEN(OID); | |
24 | 25 | if (OID_len == 0) return CRYPT_OK; |
25 | 26 | |
26 | 27 | for (i = 0, j = 0; i < OID_len; i++) { |
113 | 113 | #ifdef LTC_SSH |
114 | 114 | else if (sigformat == LTC_ECCSIG_RFC5656) { |
115 | 115 | char name[64], name2[64]; |
116 | unsigned long namelen = sizeof(name2); | |
116 | unsigned long namelen = sizeof(name); | |
117 | unsigned long name2len = sizeof(name2); | |
117 | 118 | |
118 | 119 | /* Decode as SSH data sequence, per RFC4251 */ |
119 | if ((err = ssh_decode_sequence_multi(sig, siglen, | |
120 | LTC_SSHDATA_STRING, name, 64, | |
120 | if ((err = ssh_decode_sequence_multi(sig, &siglen, | |
121 | LTC_SSHDATA_STRING, name, &namelen, | |
121 | 122 | LTC_SSHDATA_MPINT, r, |
122 | 123 | LTC_SSHDATA_MPINT, s, |
123 | 124 | LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; } |
124 | 125 | |
125 | 126 | |
126 | 127 | /* Check curve matches identifier string */ |
127 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; } | |
128 | if (XSTRCMP(name,name2) != 0) { | |
128 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &name2len, key)) != CRYPT_OK) { goto error; } | |
129 | if ((namelen != name2len) || (XSTRCMP(name, name2) != 0)) { | |
129 | 130 | err = CRYPT_INVALID_ARG; |
130 | 131 | goto error; |
131 | 132 | } |
163 | 163 | |
164 | 164 | /* Store as SSH data sequence, per RFC4251 */ |
165 | 165 | err = ssh_encode_sequence_multi(out, outlen, |
166 | LTC_SSHDATA_STRING, name, | |
166 | LTC_SSHDATA_STRING, name, namelen, | |
167 | 167 | LTC_SSHDATA_MPINT, r, |
168 | 168 | LTC_SSHDATA_MPINT, s, |
169 | 169 | LTC_SSHDATA_EOL, NULL); |
24 | 24 | { |
25 | 25 | char oidstr[64]; |
26 | 26 | unsigned long oidlen = sizeof(oidstr); |
27 | unsigned long size = 0; | |
28 | int err; | |
27 | int err, size = 0; | |
29 | 28 | |
30 | 29 | LTC_ARGCHK(buffer != NULL); |
31 | 30 | LTC_ARGCHK(buflen != NULL); |
51 | 50 | size = snprintf(buffer, *buflen, "ecdsa-sha2-%s", oidstr); |
52 | 51 | } |
53 | 52 | |
54 | /* snprintf returns size that would have been written, but limits to buflen-1 chars plus terminator */ | |
55 | if (size >= *buflen) { | |
53 | /* snprintf returns a negative value on error | |
54 | * or the size that would have been written, but limits to buflen-1 chars plus terminator */ | |
55 | if (size < 0) { | |
56 | err = CRYPT_ERROR; | |
57 | } else if ((unsigned)size >= *buflen) { | |
56 | 58 | err = CRYPT_BUFFER_OVERFLOW; |
57 | 59 | } else { |
58 | 60 | err = CRYPT_OK; |
99 | 99 | #ifdef LTC_SSH |
100 | 100 | else if (sigformat == LTC_ECCSIG_RFC5656) { |
101 | 101 | char name[64], name2[64]; |
102 | unsigned long namelen = sizeof(name2); | |
102 | unsigned long namelen = sizeof(name); | |
103 | unsigned long name2len = sizeof(name2); | |
103 | 104 | |
104 | 105 | /* Decode as SSH data sequence, per RFC4251 */ |
105 | if ((err = ssh_decode_sequence_multi(sig, siglen, | |
106 | LTC_SSHDATA_STRING, name, 64, | |
106 | if ((err = ssh_decode_sequence_multi(sig, &siglen, | |
107 | LTC_SSHDATA_STRING, name, &namelen, | |
107 | 108 | LTC_SSHDATA_MPINT, r, |
108 | 109 | LTC_SSHDATA_MPINT, s, |
109 | 110 | LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; } |
110 | 111 | |
111 | 112 | |
112 | 113 | /* Check curve matches identifier string */ |
113 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; } | |
114 | if (XSTRCMP(name,name2) != 0) { | |
114 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &name2len, key)) != CRYPT_OK) { goto error; } | |
115 | if ((namelen != name2len) || (XSTRCMP(name, name2) != 0)) { | |
115 | 116 | err = CRYPT_INVALID_ARG; |
116 | 117 | goto error; |
117 | 118 | } |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file rsa_free.c | |
12 | Free an RSA key, Tom St Denis | |
13 | */ | |
14 | ||
15 | #ifdef LTC_MRSA | |
16 | ||
17 | /** | |
18 | Free an RSA key from memory | |
19 | @param key The RSA key to free | |
20 | */ | |
21 | void rsa_free(rsa_key *key) | |
22 | { | |
23 | LTC_ARGCHKVD(key != NULL); | |
24 | mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL); | |
25 | } | |
26 | ||
27 | #endif | |
28 | ||
29 | /* ref: $Format:%D$ */ | |
30 | /* git commit: $Format:%H$ */ | |
31 | /* commit time: $Format:%ai$ */ |
33 | 33 | LTC_ARGCHK(ltc_mp.name != NULL); |
34 | 34 | |
35 | 35 | /* init key */ |
36 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, | |
37 | &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
36 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
38 | 37 | return err; |
39 | 38 | } |
40 | 39 | |
112 | 111 | goto LBL_FREE; |
113 | 112 | |
114 | 113 | LBL_ERR: |
115 | mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); | |
114 | rsa_free(key); | |
116 | 115 | |
117 | 116 | LBL_FREE: |
118 | 117 | if (tmpbuf != NULL) { |
77 | 77 | buf2 = XMALLOC(buf2len); |
78 | 78 | if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE1; } |
79 | 79 | |
80 | if ((err = mp_init_multi(&zero, &iter, NULL)) != CRYPT_OK) { goto LBL_FREE2; } | |
80 | 81 | /* init key */ |
81 | err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, &zero, &iter, NULL); | |
82 | if (err != CRYPT_OK) { goto LBL_FREE2; } | |
82 | if ((err = rsa_init(key)) != CRYPT_OK) { goto LBL_FREE3; } | |
83 | 83 | |
84 | 84 | /* try to decode encrypted priv key */ |
85 | 85 | if ((err = pkcs8_decode_flexi(in, inlen, passwd, passwdlen, &l)) != CRYPT_OK) { |
116 | 116 | if (err != CRYPT_OK) { goto LBL_ERR; } |
117 | 117 | key->type = PK_PRIVATE; |
118 | 118 | err = CRYPT_OK; |
119 | goto LBL_FREE2; | |
119 | goto LBL_FREE3; | |
120 | 120 | |
121 | 121 | LBL_ERR: |
122 | 122 | rsa_free(key); |
123 | LBL_FREE3: | |
124 | mp_clear_multi(iter, zero, NULL); | |
125 | if (l) der_free_sequence_flexi(l); | |
123 | 126 | LBL_FREE2: |
124 | if (l) der_free_sequence_flexi(l); | |
125 | mp_clear_multi(iter, zero, NULL); | |
126 | 127 | XFREE(buf2); |
127 | 128 | LBL_FREE1: |
128 | 129 | XFREE(buf1); |
39 | 39 | LTC_ARGCHK(ltc_mp.name != NULL); |
40 | 40 | |
41 | 41 | /* init key */ |
42 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, | |
43 | &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
42 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
44 | 43 | return err; |
45 | 44 | } |
46 | 45 |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file rsa_key.c | |
12 | Free an RSA key, Tom St Denis | |
13 | Basic operations on an RSA key, Steffen Jaeckel | |
14 | */ | |
15 | ||
16 | #ifdef LTC_MRSA | |
17 | #include <stdarg.h> | |
18 | ||
19 | static void _mpi_shrink_multi(void **a, ...) | |
20 | { | |
21 | void **cur; | |
22 | unsigned n; | |
23 | int err; | |
24 | va_list args; | |
25 | void *tmp[10] = { 0 }; | |
26 | void **arg[10] = { 0 }; | |
27 | ||
28 | /* We re-allocate in the order that we received the varargs */ | |
29 | n = 0; | |
30 | err = CRYPT_ERROR; | |
31 | cur = a; | |
32 | va_start(args, a); | |
33 | while (cur != NULL) { | |
34 | if (n >= sizeof(tmp)/sizeof(tmp[0])) { | |
35 | goto out; | |
36 | } | |
37 | if (*cur != NULL) { | |
38 | arg[n] = cur; | |
39 | if ((err = mp_init_copy(&tmp[n], *arg[n])) != CRYPT_OK) { | |
40 | goto out; | |
41 | } | |
42 | n++; | |
43 | } | |
44 | cur = va_arg(args, void**); | |
45 | } | |
46 | va_end(args); | |
47 | ||
48 | /* but we clear the old values in the reverse order */ | |
49 | while (n != 0 && arg[--n] != NULL) { | |
50 | mp_clear(*arg[n]); | |
51 | *arg[n] = tmp[n]; | |
52 | } | |
53 | out: | |
54 | va_end(args); | |
55 | /* clean-up after an error | |
56 | * or after this was called with too many args | |
57 | */ | |
58 | if ((err != CRYPT_OK) || | |
59 | (n >= sizeof(tmp)/sizeof(tmp[0]))) { | |
60 | for (n = 0; n < sizeof(tmp)/sizeof(tmp[0]); ++n) { | |
61 | if (tmp[n] != NULL) { | |
62 | mp_clear(tmp[n]); | |
63 | } | |
64 | } | |
65 | } | |
66 | } | |
67 | ||
68 | /** | |
69 | This shrinks the allocated memory of a RSA key | |
70 | ||
71 | It will use up some more memory temporarily, | |
72 | but then it will free-up the entire sequence that | |
73 | was once allocated when the key was created/populated. | |
74 | ||
75 | This only works with libtommath >= 1.2.0 in earlier versions | |
76 | it has the inverse effect due to the way it worked internally. | |
77 | Also works for GNU MP, tomsfastmath naturally shows no effect. | |
78 | ||
79 | @param key The RSA key to shrink | |
80 | */ | |
81 | void rsa_shrink_key(rsa_key *key) | |
82 | { | |
83 | LTC_ARGCHKVD(key != NULL); | |
84 | _mpi_shrink_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
85 | } | |
86 | ||
87 | /** | |
88 | Init an RSA key | |
89 | @param key The RSA key to free | |
90 | @return CRYPT_OK if successful | |
91 | */ | |
92 | int rsa_init(rsa_key *key) | |
93 | { | |
94 | LTC_ARGCHK(key != NULL); | |
95 | return mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
96 | } | |
97 | ||
98 | /** | |
99 | Free an RSA key from memory | |
100 | @param key The RSA key to free | |
101 | */ | |
102 | void rsa_free(rsa_key *key) | |
103 | { | |
104 | LTC_ARGCHKVD(key != NULL); | |
105 | mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL); | |
106 | } | |
107 | ||
108 | #endif | |
109 | ||
110 | /* ref: $Format:%D$ */ | |
111 | /* git commit: $Format:%H$ */ | |
112 | /* commit time: $Format:%ai$ */ |
67 | 67 | if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = lcm(p-1, q-1) */ |
68 | 68 | |
69 | 69 | /* make key */ |
70 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
70 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
71 | 71 | goto errkey; |
72 | 72 | } |
73 | 73 | |
77 | 77 | |
78 | 78 | /* optimize for CRT now */ |
79 | 79 | /* find d mod q-1 and d mod p-1 */ |
80 | if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ | |
81 | if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ | |
80 | if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */ | |
81 | if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = q-1 */ | |
82 | 82 | if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */ |
83 | 83 | if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */ |
84 | 84 | if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */ |
34 | 34 | LTC_ARGCHK(e != NULL); |
35 | 35 | LTC_ARGCHK(ltc_mp.name != NULL); |
36 | 36 | |
37 | err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
38 | if (err != CRYPT_OK) return err; | |
37 | if ((err = rsa_init(key)) != CRYPT_OK) return err; | |
39 | 38 | |
40 | 39 | if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK) { goto LBL_ERR; } |
41 | 40 | if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK) { goto LBL_ERR; } |
236 | 236 | return err; |
237 | 237 | } |
238 | 238 | } |
239 | prng->u.fortuna.pool_idx = prng->u.fortuna.pool0_len = prng->u.fortuna.wd = 0; | |
240 | prng->u.fortuna.reset_cnt = 0; | |
239 | prng->u.fortuna.pool_idx = prng->u.fortuna.pool0_len = 0; | |
240 | prng->u.fortuna.reset_cnt = prng->u.fortuna.wd = 0; | |
241 | 241 | |
242 | 242 | /* reset bufs */ |
243 | 243 | zeromem(prng->u.fortuna.K, 32); |
18 | 18 | int chacha_done(chacha_state *st) |
19 | 19 | { |
20 | 20 | LTC_ARGCHK(st != NULL); |
21 | XMEMSET(st, 0, sizeof(chacha_state)); | |
21 | zeromem(st, sizeof(chacha_state)); | |
22 | 22 | return CRYPT_OK; |
23 | 23 | } |
24 | 24 |
33 | 33 | |
34 | 34 | if ((err = chacha_setup(&st, key, keylen, rounds)) != CRYPT_OK) goto WIPE_KEY; |
35 | 35 | if (ivlen > 8) { |
36 | if ((err = chacha_ivctr32(&st, iv, ivlen, counter)) != CRYPT_OK) goto WIPE_KEY; | |
36 | if ((err = chacha_ivctr32(&st, iv, ivlen, (ulong32)counter)) != CRYPT_OK) goto WIPE_KEY; | |
37 | 37 | } else { |
38 | 38 | if ((err = chacha_ivctr64(&st, iv, ivlen, counter)) != CRYPT_OK) goto WIPE_KEY; |
39 | 39 | } |
409 | 409 | 0xea, 0xec, 0x34, 0x9d, 0x8f, 0xb4, 0x6b, 0x60, |
410 | 410 | 0x79, 0x1b, 0xea, 0x16, 0xcb, 0xef, 0x46, 0x87, |
411 | 411 | 0x60, 0xa6, 0x55, 0x14, 0xff, 0xca, 0xac }; |
412 | unsigned long ptlen = strlen(pt); | |
412 | unsigned long ptlen = XSTRLEN(pt); | |
413 | 413 | unsigned char out2[1000] = { 0 }; |
414 | 414 | unsigned char nulls[1000] = { 0 }; |
415 | 415 |
99 | 99 | int rc4_stream_done(rc4_state *st) |
100 | 100 | { |
101 | 101 | LTC_ARGCHK(st != NULL); |
102 | XMEMSET(st, 0, sizeof(rc4_state)); | |
102 | zeromem(st, sizeof(rc4_state)); | |
103 | 103 | return CRYPT_OK; |
104 | 104 | } |
105 | 105 |
18 | 18 | int salsa20_done(salsa20_state *st) |
19 | 19 | { |
20 | 20 | LTC_ARGCHK(st != NULL); |
21 | XMEMSET(st, 0, sizeof(salsa20_state)); | |
21 | zeromem(st, sizeof(salsa20_state)); | |
22 | 22 | return CRYPT_OK; |
23 | 23 | } |
24 | 24 |