Commit a1bdcd87e711d8ec9f060072c7b4f1aa61acdc30 - libcryptx-perl

+29

-30

src/Makefile less more

0	0	OBJS=ltc/ciphers/anubis.o ltc/ciphers/blowfish.o ltc/ciphers/camellia.o ltc/ciphers/cast5.o \
1	1	ltc/ciphers/des.o ltc/ciphers/idea.o ltc/ciphers/kasumi.o ltc/ciphers/khazad.o ltc/ciphers/kseed.o \
2	2	ltc/ciphers/multi2.o ltc/ciphers/noekeon.o ltc/ciphers/rc2.o ltc/ciphers/rc5.o ltc/ciphers/rc6.o \
3		ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/xtea.o ltc/ciphers/aes/aes.o \
4		ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \
	3	ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/tea.o ltc/ciphers/xtea.o \
	4	ltc/ciphers/aes/aes.o ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \
5	5	ltc/encauth/ccm/ccm_add_aad.o ltc/encauth/ccm/ccm_add_nonce.o ltc/encauth/ccm/ccm_done.o \
6	6	ltc/encauth/ccm/ccm_init.o ltc/encauth/ccm/ccm_memory.o ltc/encauth/ccm/ccm_process.o \
7	7	ltc/encauth/ccm/ccm_reset.o ltc/encauth/chachapoly/chacha20poly1305_add_aad.o ltc/encauth/chachapoly/chacha20poly1305_decrypt.o \

43	43	ltc/misc/crc32.o ltc/misc/error_to_string.o ltc/misc/mem_neq.o ltc/misc/zeromem.o \
44	44	ltc/misc/base16/base16_decode.o ltc/misc/base16/base16_encode.o ltc/misc/base32/base32_decode.o \
45	45	ltc/misc/base32/base32_encode.o ltc/misc/base64/base64_decode.o ltc/misc/base64/base64_encode.o \
46		ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \
	46	ltc/misc/bcrypt/bcrypt.o ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \
47	47	ltc/misc/crypt/crypt_cipher_is_valid.o ltc/misc/crypt/crypt_constants.o ltc/misc/crypt/crypt_find_cipher.o \
48	48	ltc/misc/crypt/crypt_find_cipher_any.o ltc/misc/crypt/crypt_find_cipher_id.o ltc/misc/crypt/crypt_find_hash.o \
49	49	ltc/misc/crypt/crypt_find_hash_any.o ltc/misc/crypt/crypt_find_hash_id.o ltc/misc/crypt/crypt_find_hash_oid.o \

124	124	ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o \
125	125	ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o \
126	126	ltc/pk/rsa/rsa_decrypt_key.o ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o \
127		ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o \
128		ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o ltc/pk/rsa/rsa_make_key.o \
129		ltc/pk/rsa/rsa_set.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \
130		ltc/pk/rsa/rsa_verify_hash.o ltc/pk/x25519/x25519_export.o ltc/pk/x25519/x25519_import.o \
131		ltc/pk/x25519/x25519_import_pkcs8.o ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o \
132		ltc/pk/x25519/x25519_set_key.o ltc/pk/x25519/x25519_shared_secret.o ltc/prngs/chacha20.o \
133		ltc/prngs/fortuna.o ltc/prngs/rc4.o ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o \
134		ltc/prngs/sober128.o ltc/prngs/sprng.o ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o \
135		ltc/stream/chacha/chacha_done.o ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o \
136		ltc/stream/chacha/chacha_keystream.o ltc/stream/chacha/chacha_memory.o ltc/stream/chacha/chacha_setup.o \
137		ltc/stream/rabbit/rabbit.o ltc/stream/rabbit/rabbit_memory.o ltc/stream/rc4/rc4_stream.o \
138		ltc/stream/rc4/rc4_stream_memory.o ltc/stream/salsa20/salsa20_crypt.o ltc/stream/salsa20/salsa20_done.o \
139		ltc/stream/salsa20/salsa20_ivctr64.o ltc/stream/salsa20/salsa20_keystream.o ltc/stream/salsa20/salsa20_memory.o \
140		ltc/stream/salsa20/salsa20_setup.o ltc/stream/salsa20/xsalsa20_memory.o ltc/stream/salsa20/xsalsa20_setup.o \
141		ltc/stream/sober128/sober128_stream.o ltc/stream/sober128/sober128_stream_memory.o \
142		ltc/stream/sosemanuk/sosemanuk.o ltc/stream/sosemanuk/sosemanuk_memory.o ltm/bncore.o \
143		ltm/bn_error.o ltm/bn_fast_mp_invmod.o ltm/bn_fast_mp_montgomery_reduce.o ltm/bn_fast_s_mp_mul_digs.o \
144		ltm/bn_fast_s_mp_mul_high_digs.o ltm/bn_fast_s_mp_sqr.o ltm/bn_mp_2expt.o ltm/bn_mp_abs.o \
145		ltm/bn_mp_add.o ltm/bn_mp_addmod.o ltm/bn_mp_add_d.o ltm/bn_mp_and.o ltm/bn_mp_clamp.o \
146		ltm/bn_mp_clear.o ltm/bn_mp_clear_multi.o ltm/bn_mp_cmp.o ltm/bn_mp_cmp_d.o ltm/bn_mp_cmp_mag.o \
147		ltm/bn_mp_cnt_lsb.o ltm/bn_mp_complement.o ltm/bn_mp_copy.o ltm/bn_mp_count_bits.o \
148		ltm/bn_mp_div.o ltm/bn_mp_div_2.o ltm/bn_mp_div_2d.o ltm/bn_mp_div_3.o ltm/bn_mp_div_d.o \
149		ltm/bn_mp_dr_is_modulus.o ltm/bn_mp_dr_reduce.o ltm/bn_mp_dr_setup.o ltm/bn_mp_exch.o \
150		ltm/bn_mp_export.o ltm/bn_mp_exptmod.o ltm/bn_mp_exptmod_fast.o ltm/bn_mp_expt_d.o \
151		ltm/bn_mp_expt_d_ex.o ltm/bn_mp_exteuclid.o ltm/bn_mp_fread.o ltm/bn_mp_fwrite.o \
152		ltm/bn_mp_gcd.o ltm/bn_mp_get_bit.o ltm/bn_mp_get_int.o ltm/bn_mp_get_long.o ltm/bn_mp_grow.o \
153		ltm/bn_mp_import.o ltm/bn_mp_init.o ltm/bn_mp_init_copy.o ltm/bn_mp_init_multi.o \
	127	ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o \
	128	ltc/pk/rsa/rsa_import_x509.o ltc/pk/rsa/rsa_key.o ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o \
	129	ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o ltc/pk/rsa/rsa_verify_hash.o \
	130	ltc/pk/x25519/x25519_export.o ltc/pk/x25519/x25519_import.o ltc/pk/x25519/x25519_import_pkcs8.o \
	131	ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o ltc/pk/x25519/x25519_set_key.o \
	132	ltc/pk/x25519/x25519_shared_secret.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \
	133	ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o ltc/prngs/sober128.o ltc/prngs/sprng.o \
	134	ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o ltc/stream/chacha/chacha_done.o \
	135	ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o ltc/stream/chacha/chacha_keystream.o \
	136	ltc/stream/chacha/chacha_memory.o ltc/stream/chacha/chacha_setup.o ltc/stream/rabbit/rabbit.o \
	137	ltc/stream/rabbit/rabbit_memory.o ltc/stream/rc4/rc4_stream.o ltc/stream/rc4/rc4_stream_memory.o \
	138	ltc/stream/salsa20/salsa20_crypt.o ltc/stream/salsa20/salsa20_done.o ltc/stream/salsa20/salsa20_ivctr64.o \
	139	ltc/stream/salsa20/salsa20_keystream.o ltc/stream/salsa20/salsa20_memory.o ltc/stream/salsa20/salsa20_setup.o \
	140	ltc/stream/salsa20/xsalsa20_memory.o ltc/stream/salsa20/xsalsa20_setup.o ltc/stream/sober128/sober128_stream.o \
	141	ltc/stream/sober128/sober128_stream_memory.o ltc/stream/sosemanuk/sosemanuk.o ltc/stream/sosemanuk/sosemanuk_memory.o \
	142	ltm/bncore.o ltm/bn_error.o ltm/bn_fast_mp_invmod.o ltm/bn_fast_mp_montgomery_reduce.o \
	143	ltm/bn_fast_s_mp_mul_digs.o ltm/bn_fast_s_mp_mul_high_digs.o ltm/bn_fast_s_mp_sqr.o \
	144	ltm/bn_mp_2expt.o ltm/bn_mp_abs.o ltm/bn_mp_add.o ltm/bn_mp_addmod.o ltm/bn_mp_add_d.o \
	145	ltm/bn_mp_and.o ltm/bn_mp_clamp.o ltm/bn_mp_clear.o ltm/bn_mp_clear_multi.o ltm/bn_mp_cmp.o \
	146	ltm/bn_mp_cmp_d.o ltm/bn_mp_cmp_mag.o ltm/bn_mp_cnt_lsb.o ltm/bn_mp_complement.o \
	147	ltm/bn_mp_copy.o ltm/bn_mp_count_bits.o ltm/bn_mp_div.o ltm/bn_mp_div_2.o ltm/bn_mp_div_2d.o \
	148	ltm/bn_mp_div_3.o ltm/bn_mp_div_d.o ltm/bn_mp_dr_is_modulus.o ltm/bn_mp_dr_reduce.o \
	149	ltm/bn_mp_dr_setup.o ltm/bn_mp_exch.o ltm/bn_mp_export.o ltm/bn_mp_exptmod.o ltm/bn_mp_exptmod_fast.o \
	150	ltm/bn_mp_expt_d.o ltm/bn_mp_expt_d_ex.o ltm/bn_mp_exteuclid.o ltm/bn_mp_fread.o \
	151	ltm/bn_mp_fwrite.o ltm/bn_mp_gcd.o ltm/bn_mp_get_bit.o ltm/bn_mp_get_int.o ltm/bn_mp_get_long.o \
	152	ltm/bn_mp_grow.o ltm/bn_mp_import.o ltm/bn_mp_init.o ltm/bn_mp_init_copy.o ltm/bn_mp_init_multi.o \
154	153	ltm/bn_mp_init_set.o ltm/bn_mp_init_set_int.o ltm/bn_mp_init_size.o ltm/bn_mp_invmod.o \
155	154	ltm/bn_mp_invmod_slow.o ltm/bn_mp_is_square.o ltm/bn_mp_jacobi.o ltm/bn_mp_karatsuba_mul.o \
156	155	ltm/bn_mp_karatsuba_sqr.o ltm/bn_mp_kronecker.o ltm/bn_mp_lcm.o ltm/bn_mp_lshd.o \

+20

-20

src/Makefile.nmake less more

1	1	ltc/ciphers/des.obj ltc/ciphers/idea.obj ltc/ciphers/kasumi.obj ltc/ciphers/khazad.obj \
2	2	ltc/ciphers/kseed.obj ltc/ciphers/multi2.obj ltc/ciphers/noekeon.obj ltc/ciphers/rc2.obj \
3	3	ltc/ciphers/rc5.obj ltc/ciphers/rc6.obj ltc/ciphers/serpent.obj ltc/ciphers/skipjack.obj \
4		ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj ltc/ciphers/safer/saferp.obj \
5		ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj ltc/encauth/ccm/ccm_add_nonce.obj \
6		ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj ltc/encauth/ccm/ccm_memory.obj \
7		ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj \
8		ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj ltc/encauth/chachapoly/chacha20poly1305_done.obj \
9		ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj ltc/encauth/chachapoly/chacha20poly1305_init.obj \
10		ltc/encauth/chachapoly/chacha20poly1305_memory.obj ltc/encauth/chachapoly/chacha20poly1305_setiv.obj \
11		ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj ltc/encauth/eax/eax_addheader.obj \
12		ltc/encauth/eax/eax_decrypt.obj ltc/encauth/eax/eax_decrypt_verify_memory.obj ltc/encauth/eax/eax_done.obj \
13		ltc/encauth/eax/eax_encrypt.obj ltc/encauth/eax/eax_encrypt_authenticate_memory.obj \
	4	ltc/ciphers/tea.obj ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj \
	5	ltc/ciphers/safer/saferp.obj ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj \
	6	ltc/encauth/ccm/ccm_add_nonce.obj ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj \
	7	ltc/encauth/ccm/ccm_memory.obj ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj \
	8	ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj \
	9	ltc/encauth/chachapoly/chacha20poly1305_done.obj ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj \
	10	ltc/encauth/chachapoly/chacha20poly1305_init.obj ltc/encauth/chachapoly/chacha20poly1305_memory.obj \
	11	ltc/encauth/chachapoly/chacha20poly1305_setiv.obj ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj \
	12	ltc/encauth/eax/eax_addheader.obj ltc/encauth/eax/eax_decrypt.obj ltc/encauth/eax/eax_decrypt_verify_memory.obj \
	13	ltc/encauth/eax/eax_done.obj ltc/encauth/eax/eax_encrypt.obj ltc/encauth/eax/eax_encrypt_authenticate_memory.obj \
14	14	ltc/encauth/eax/eax_init.obj ltc/encauth/gcm/gcm_add_aad.obj ltc/encauth/gcm/gcm_add_iv.obj \
15	15	ltc/encauth/gcm/gcm_done.obj ltc/encauth/gcm/gcm_gf_mult.obj ltc/encauth/gcm/gcm_init.obj \
16	16	ltc/encauth/gcm/gcm_memory.obj ltc/encauth/gcm/gcm_mult_h.obj ltc/encauth/gcm/gcm_process.obj \

46	46	ltc/misc/crc32.obj ltc/misc/error_to_string.obj ltc/misc/mem_neq.obj ltc/misc/zeromem.obj \
47	47	ltc/misc/base16/base16_decode.obj ltc/misc/base16/base16_encode.obj ltc/misc/base32/base32_decode.obj \
48	48	ltc/misc/base32/base32_encode.obj ltc/misc/base64/base64_decode.obj ltc/misc/base64/base64_encode.obj \
49		ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj ltc/misc/crypt/crypt_cipher_descriptor.obj \
50		ltc/misc/crypt/crypt_cipher_is_valid.obj ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj \
51		ltc/misc/crypt/crypt_find_cipher_any.obj ltc/misc/crypt/crypt_find_cipher_id.obj \
52		ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj ltc/misc/crypt/crypt_find_hash_id.obj \
53		ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj ltc/misc/crypt/crypt_fsa.obj \
54		ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj ltc/misc/crypt/crypt_inits.obj \
55		ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \
	49	ltc/misc/bcrypt/bcrypt.obj ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj \
	50	ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \
	51	ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj ltc/misc/crypt/crypt_find_cipher_any.obj \
	52	ltc/misc/crypt/crypt_find_cipher_id.obj ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj \
	53	ltc/misc/crypt/crypt_find_hash_id.obj ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj \
	54	ltc/misc/crypt/crypt_fsa.obj ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj \
	55	ltc/misc/crypt/crypt_inits.obj ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \
56	56	ltc/misc/crypt/crypt_prng_is_valid.obj ltc/misc/crypt/crypt_prng_rng_descriptor.obj \
57	57	ltc/misc/crypt/crypt_register_all_ciphers.obj ltc/misc/crypt/crypt_register_all_hashes.obj \
58	58	ltc/misc/crypt/crypt_register_all_prngs.obj ltc/misc/crypt/crypt_register_cipher.obj \

131	131	ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj ltc/pk/pkcs1/pkcs_1_pss_decode.obj \
132	132	ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj \
133	133	ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj ltc/pk/rsa/rsa_export.obj \
134		ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj \
135		ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_make_key.obj \
136		ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \
	134	ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj \
	135	ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_key.obj \
	136	ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \
137	137	ltc/pk/rsa/rsa_verify_hash.obj ltc/pk/x25519/x25519_export.obj ltc/pk/x25519/x25519_import.obj \
138	138	ltc/pk/x25519/x25519_import_pkcs8.obj ltc/pk/x25519/x25519_import_x509.obj ltc/pk/x25519/x25519_make_key.obj \
139	139	ltc/pk/x25519/x25519_set_key.obj ltc/pk/x25519/x25519_shared_secret.obj ltc/prngs/chacha20.obj \

+10

-0

src/ltc/ciphers/anubis.c less more

1130	1130	LTC_ARGCHK(pt != NULL);
1131	1131	LTC_ARGCHK(ct != NULL);
1132	1132	LTC_ARGCHK(skey != NULL);
	1133
	1134	if (skey->anubis.R < 12 \|\| skey->anubis.R > 18) {
	1135	return CRYPT_INVALID_ROUNDS;
	1136	}
	1137
1133	1138	anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R);
1134	1139	return CRYPT_OK;
1135	1140	}

1146	1151	LTC_ARGCHK(pt != NULL);
1147	1152	LTC_ARGCHK(ct != NULL);
1148	1153	LTC_ARGCHK(skey != NULL);
	1154
	1155	if (skey->anubis.R < 12 \|\| skey->anubis.R > 18) {
	1156	return CRYPT_INVALID_ROUNDS;
	1157	}
	1158
1149	1159	anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R);
1150	1160	return CRYPT_OK;
1151	1161	}

+163

-90

src/ltc/ciphers/blowfish.c less more

294	294	0xB74E6132UL, 0xCE77E25BUL, 0x578FDFE3UL, 0x3AC372E6UL }
295	295	};
296	296
	297	#ifndef __GNUC__
	298	#define F(x) ((S1[LTC_BYTE(x,3)] + S2[LTC_BYTE(x,2)]) ^ S3[LTC_BYTE(x,1)]) + S4[LTC_BYTE(x,0)]
	299	#else
	300	#define F(x) ((skey->blowfish.S[0][LTC_BYTE(x,3)] + skey->blowfish.S[1][LTC_BYTE(x,2)]) ^ skey->blowfish.S[2][LTC_BYTE(x,1)]) + skey->blowfish.S[3][LTC_BYTE(x,0)]
	301	#endif
	302
	303	static void s_blowfish_encipher(ulong32 L, ulong32 R, const symmetric_key *skey)
	304	{
	305	int rounds;
	306
	307	ulong32 l, r;
	308	#ifndef __GNUC__
	309	const ulong32 S1, S2, S3, S4;
	310
	311	S1 = skey->blowfish.S[0];
	312	S2 = skey->blowfish.S[1];
	313	S3 = skey->blowfish.S[2];
	314	S4 = skey->blowfish.S[3];
	315	#endif
	316
	317	l = *L;
	318	r = *R;
	319
	320	/* do 16 rounds */
	321	for (rounds = 0; rounds < 16; ) {
	322	l ^= skey->blowfish.K[rounds++]; r ^= F(l);
	323	r ^= skey->blowfish.K[rounds++]; l ^= F(r);
	324	l ^= skey->blowfish.K[rounds++]; r ^= F(l);
	325	r ^= skey->blowfish.K[rounds++]; l ^= F(r);
	326	}
	327
	328	/* last keying */
	329	l ^= skey->blowfish.K[16];
	330	r ^= skey->blowfish.K[17];
	331
	332	*L = r;
	333	*R = l;
	334	}
	335
	336	void blowfish_enc(ulong32 data, unsigned long blocks, const symmetric_key skey)
	337	{
	338	unsigned long i;
	339	ulong32 *d = data;
	340
	341	for (i = 0; i < blocks; ++i) {
	342	s_blowfish_encipher(d, d + 1, skey);
	343	d += 2;
	344	}
	345	}
	346
	347	static ulong32 s_blowfish_stream2word(const unsigned char d, int dlen, int cur)
	348	{
	349	unsigned int z;
	350	int y = *cur;
	351	ulong32 ret = 0;
	352
	353	for (z = 0; z < 4; z++) {
	354	ret = (ret << 8) \| ((ulong32)d[y++] & 255);
	355	if (y == dlen) {
	356	y = 0;
	357	}
	358	}
	359
	360	*cur = y;
	361	return ret;
	362	}
	363
297	364	/**
298		Initialize the Blowfish block cipher
	365	Expand the Blowfish internal state
299	366	@param key The symmetric key you wish to pass
300	367	@param keylen The key length in bytes
	368	@param data The additional data you wish to pass (can be NULL)
	369	@param datalen The additional data length in bytes
301	370	@param num_rounds The number of rounds desired (0 for default)
302	371	@param skey The key in as scheduled by this function.
303	372	@return CRYPT_OK if successful
304	373	*/
305		int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
306		symmetric_key *skey)
307		{
308		ulong32 x, y, z, A;
309		unsigned char B[8];
	374	int blowfish_expand(const unsigned char *key, int keylen,
	375	const unsigned char *data, int datalen,
	376	symmetric_key *skey)
	377	{
	378	ulong32 x, y, A, B[2];
	379	int i;
310	380
311	381	LTC_ARGCHK(key != NULL);
312	382	LTC_ARGCHK(skey != NULL);
313	383
	384	/* load in key bytes (Supplied by David Hopwood) */
	385	i = 0;
	386	for (x = 0; x < 18; x++) {
	387	A = s_blowfish_stream2word(key, keylen, &i);
	388	skey->blowfish.K[x] ^= A;
	389	}
	390
	391
	392	i = 0;
	393	B[0] = 0;
	394	B[1] = 0;
	395	for (x = 0; x < 18; x += 2) {
	396	if (data != NULL) {
	397	B[0] ^= s_blowfish_stream2word(data, datalen, &i);
	398	B[1] ^= s_blowfish_stream2word(data, datalen, &i);
	399	}
	400	/* encrypt it */
	401	s_blowfish_encipher(&B[0], &B[1], skey);
	402	/* copy it */
	403	skey->blowfish.K[x] = B[0];
	404	skey->blowfish.K[x+1] = B[1];
	405	}
	406
	407	/* encrypt S array */
	408	for (x = 0; x < 4; x++) {
	409	for (y = 0; y < 256; y += 2) {
	410	if (data != NULL) {
	411	B[0] ^= s_blowfish_stream2word(data, datalen, &i);
	412	B[1] ^= s_blowfish_stream2word(data, datalen, &i);
	413	}
	414	/* encrypt it */
	415	s_blowfish_encipher(&B[0], &B[1], skey);
	416	/* copy it */
	417	skey->blowfish.S[x][y] = B[0];
	418	skey->blowfish.S[x][y+1] = B[1];
	419	}
	420	}
	421
	422	#ifdef LTC_CLEAN_STACK
	423	zeromem(B, sizeof(B));
	424	#endif
	425
	426	return CRYPT_OK;
	427	}
	428
	429	/**
	430	Initialize the Blowfish block cipher
	431	@param key The symmetric key you wish to pass
	432	@param keylen The key length in bytes
	433	@param num_rounds The number of rounds desired (0 for default)
	434	@param skey The key in as scheduled by this function.
	435	@return CRYPT_OK if successful
	436	*/
	437	int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
	438	symmetric_key *skey)
	439	{
314	440	/* check key length */
315	441	if (keylen < 8 \|\| keylen > 56) {
316	442	return CRYPT_INVALID_KEYSIZE;
317	443	}
318
319	444	/* check rounds */
320	445	if (num_rounds != 0 && num_rounds != 16) {
321	446	return CRYPT_INVALID_ROUNDS;
322	447	}
323	448
324		/* load in key bytes (Supplied by David Hopwood) */
325		for (x = y = 0; x < 18; x++) {
326		A = 0;
327		for (z = 0; z < 4; z++) {
328		A = (A << 8) \| ((ulong32)key[y++] & 255);
329		if (y == (ulong32)keylen) {
330		y = 0;
331		}
332		}
333		skey->blowfish.K[x] = ORIG_P[x] ^ A;
334		}
335
336		/* copy sboxes */
337		for (x = 0; x < 4; x++) {
338		for (y = 0; y < 256; y++) {
339		skey->blowfish.S[x][y] = ORIG_S[x][y];
340		}
341		}
342
343		/* encrypt K array */
344		for (x = 0; x < 8; x++) {
345		B[x] = 0;
346		}
347
348		for (x = 0; x < 18; x += 2) {
349		/* encrypt it */
350		blowfish_ecb_encrypt(B, B, skey);
351		/* copy it */
352		LOAD32H(skey->blowfish.K[x], &B[0]);
353		LOAD32H(skey->blowfish.K[x+1], &B[4]);
354		}
355
356		/* encrypt S array */
357		for (x = 0; x < 4; x++) {
358		for (y = 0; y < 256; y += 2) {
359		/* encrypt it */
360		blowfish_ecb_encrypt(B, B, skey);
361		/* copy it */
362		LOAD32H(skey->blowfish.S[x][y], &B[0]);
363		LOAD32H(skey->blowfish.S[x][y+1], &B[4]);
364		}
365		}
366
367		#ifdef LTC_CLEAN_STACK
368		zeromem(B, sizeof(B));
369		#endif
370
371		return CRYPT_OK;
372		}
373
374		#ifndef __GNUC__
375		#define F(x) ((S1[LTC_BYTE(x,3)] + S2[LTC_BYTE(x,2)]) ^ S3[LTC_BYTE(x,1)]) + S4[LTC_BYTE(x,0)]
376		#else
377		#define F(x) ((skey->blowfish.S[0][LTC_BYTE(x,3)] + skey->blowfish.S[1][LTC_BYTE(x,2)]) ^ skey->blowfish.S[2][LTC_BYTE(x,1)]) + skey->blowfish.S[3][LTC_BYTE(x,0)]
378		#endif
	449	return blowfish_setup_with_data(key, keylen, NULL, 0, skey);
	450	}
	451
	452	/**
	453	Alternative initialize of the Blowfish block cipher
	454	@param key The symmetric key you wish to pass
	455	@param keylen The key length in bytes
	456	@param data The additional data you wish to pass (can be NULL)
	457	@param datalen The additional data length in bytes
	458	@param num_rounds The number of rounds desired (0 for default)
	459	@param skey The key in as scheduled by this function.
	460	@return CRYPT_OK if successful
	461	*/
	462
	463	int blowfish_setup_with_data(const unsigned char *key, int keylen,
	464	const unsigned char *data, int datalen,
	465	symmetric_key *skey)
	466	{
	467	XMEMCPY(skey->blowfish.K, ORIG_P, sizeof(ORIG_P));
	468	XMEMCPY(skey->blowfish.S, ORIG_S, sizeof(ORIG_S));
	469	return blowfish_expand(key, keylen, data, datalen, skey);
	470	}
379	471
380	472	/**
381	473	Encrypts a block of text with Blowfish

391	483	#endif
392	484	{
393	485	ulong32 L, R;
394		int r;
395		#ifndef __GNUC__
396		const ulong32 S1, S2, S3, S4;
397		#endif
398
399		LTC_ARGCHK(pt != NULL);
400		LTC_ARGCHK(ct != NULL);
401		LTC_ARGCHK(skey != NULL);
402
403		#ifndef __GNUC__
404		S1 = skey->blowfish.S[0];
405		S2 = skey->blowfish.S[1];
406		S3 = skey->blowfish.S[2];
407		S4 = skey->blowfish.S[3];
408		#endif
	486
	487	LTC_ARGCHK(pt != NULL);
	488	LTC_ARGCHK(ct != NULL);
	489	LTC_ARGCHK(skey != NULL);
409	490
410	491	/* load it */
411	492	LOAD32H(L, &pt[0]);
412	493	LOAD32H(R, &pt[4]);
413	494
414		/* do 16 rounds */
415		for (r = 0; r < 16; ) {
416		L ^= skey->blowfish.K[r++]; R ^= F(L);
417		R ^= skey->blowfish.K[r++]; L ^= F(R);
418		L ^= skey->blowfish.K[r++]; R ^= F(L);
419		R ^= skey->blowfish.K[r++]; L ^= F(R);
420		}
421
422		/* last keying */
423		R ^= skey->blowfish.K[17];
424		L ^= skey->blowfish.K[16];
	495	s_blowfish_encipher(&L, &R, skey);
425	496
426	497	/* store */
427		STORE32H(R, &ct[0]);
428		STORE32H(L, &ct[4]);
	498	STORE32H(L, &ct[0]);
	499	STORE32H(R, &ct[4]);
429	500
430	501	return CRYPT_OK;
431	502	}

556	627	for (y = 0; y < 1000; y++) blowfish_ecb_decrypt(tmp[0], tmp[0], &key);
557	628	for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR;
558	629	}
	630
	631
559	632	return CRYPT_OK;
560	633	#endif
561	634	}

+297

-281

src/ltc/ciphers/des.c less more

1682	1682	#ifndef LTC_TEST
1683	1683	return CRYPT_NOP;
1684	1684	#else
1685		int err;
1686	1685	static const struct des_test_case {
1687		int num, mode; /* mode 1 = encrypt */
1688	1686	unsigned char key[8], txt[8], out[8];
1689	1687	} cases[] = {
1690		{ 1, 1, { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A },
1691		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1692		{ 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 } },
1693		{ 2, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1694		{ 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 },
1695		{ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1696		{ 3, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1697		{ 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 },
1698		{ 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1699		{ 4, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1700		{ 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA },
1701		{ 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1702		{ 5, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1703		{ 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F },
1704		{ 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1705		{ 6, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1706		{ 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 },
1707		{ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1708		{ 7, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1709		{ 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF },
1710		{ 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1711		{ 8, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1712		{ 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F },
1713		{ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1714		{ 9, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1715		{ 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 },
1716		{ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1717		{10, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1718		{ 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A },
1719		{ 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1720
1721		{ 1, 0, { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A },
1722		{ 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 },
1723		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
1724		{ 2, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1725		{ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1726		{ 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 } },
1727		{ 3, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1728		{ 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1729		{ 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 } },
1730		{ 4, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1731		{ 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1732		{ 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA } },
1733		{ 5, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1734		{ 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1735		{ 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F } },
1736		{ 6, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1737		{ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1738		{ 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 } },
1739		{ 7, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1740		{ 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1741		{ 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF } },
1742		{ 8, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1743		{ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1744		{ 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F } },
1745		{ 9, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1746		{ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1747		{ 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 } },
1748		{10, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1749		{ 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1750		{ 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A } },
1751
1752		#ifdef LTC_TEST_EXT
1753		{ 0+11, 0, { 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1754		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1755		{ 0x95, 0xA8, 0xD7, 0x28, 0x13, 0xDA, 0xA9, 0x4D } },
1756		{ 1+11, 0, { 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1757		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1758		{ 0x0E, 0xEC, 0x14, 0x87, 0xDD, 0x8C, 0x26, 0xD5 } },
1759		{ 2+11, 0, { 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1760		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1761		{ 0x7A, 0xD1, 0x6F, 0xFB, 0x79, 0xC4, 0x59, 0x26 } },
1762		{ 3+11, 0, { 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1763		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1764		{ 0xD3, 0x74, 0x62, 0x94, 0xCA, 0x6A, 0x6C, 0xF3 } },
1765		{ 4+11, 0, { 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1766		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1767		{ 0x80, 0x9F, 0x5F, 0x87, 0x3C, 0x1F, 0xD7, 0x61 } },
1768		{ 5+11, 0, { 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1769		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1770		{ 0xC0, 0x2F, 0xAF, 0xFE, 0xC9, 0x89, 0xD1, 0xFC } },
1771		{ 6+11, 0, { 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1772		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1773		{ 0x46, 0x15, 0xAA, 0x1D, 0x33, 0xE7, 0x2F, 0x10 } },
1774		{ 7+11, 0, { 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1775		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1776		{ 0x20, 0x55, 0x12, 0x33, 0x50, 0xC0, 0x08, 0x58 } },
1777		{ 8+11, 0, { 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1778		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1779		{ 0xDF, 0x3B, 0x99, 0xD6, 0x57, 0x73, 0x97, 0xC8 } },
1780		{ 9+11, 0, { 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1781		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1782		{ 0x31, 0xFE, 0x17, 0x36, 0x9B, 0x52, 0x88, 0xC9 } },
1783		{10+11, 0, { 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1784		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1785		{ 0xDF, 0xDD, 0x3C, 0xC6, 0x4D, 0xAE, 0x16, 0x42 } },
1786		{11+11, 0, { 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1787		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1788		{ 0x17, 0x8C, 0x83, 0xCE, 0x2B, 0x39, 0x9D, 0x94 } },
1789		{12+11, 0, { 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1790		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1791		{ 0x50, 0xF6, 0x36, 0x32, 0x4A, 0x9B, 0x7F, 0x80 } },
1792		{13+11, 0, { 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
1793		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1794		{ 0xA8, 0x46, 0x8E, 0xE3, 0xBC, 0x18, 0xF0, 0x6D } },
1795		{14+11, 0, { 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01 },
1796		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1797		{ 0xA2, 0xDC, 0x9E, 0x92, 0xFD, 0x3C, 0xDE, 0x92 } },
1798		{15+11, 0, { 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01 },
1799		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1800		{ 0xCA, 0xC0, 0x9F, 0x79, 0x7D, 0x03, 0x12, 0x87 } },
1801		{16+11, 0, { 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01 },
1802		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1803		{ 0x90, 0xBA, 0x68, 0x0B, 0x22, 0xAE, 0xB5, 0x25 } },
1804		{17+11, 0, { 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01 },
1805		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1806		{ 0xCE, 0x7A, 0x24, 0xF3, 0x50, 0xE2, 0x80, 0xB6 } },
1807		{18+11, 0, { 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01 },
1808		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1809		{ 0x88, 0x2B, 0xFF, 0x0A, 0xA0, 0x1A, 0x0B, 0x87 } },
1810		{19+11, 0, { 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01 },
1811		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1812		{ 0x25, 0x61, 0x02, 0x88, 0x92, 0x45, 0x11, 0xC2 } },
1813		{20+11, 0, { 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01 },
1814		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1815		{ 0xC7, 0x15, 0x16, 0xC2, 0x9C, 0x75, 0xD1, 0x70 } },
1816		{21+11, 0, { 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01 },
1817		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1818		{ 0x51, 0x99, 0xC2, 0x9A, 0x52, 0xC9, 0xF0, 0x59 } },
1819		{22+11, 0, { 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01 },
1820		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1821		{ 0xC2, 0x2F, 0x0A, 0x29, 0x4A, 0x71, 0xF2, 0x9F } },
1822		{23+11, 0, { 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01 },
1823		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1824		{ 0xEE, 0x37, 0x14, 0x83, 0x71, 0x4C, 0x02, 0xEA } },
1825		{24+11, 0, { 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01 },
1826		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1827		{ 0xA8, 0x1F, 0xBD, 0x44, 0x8F, 0x9E, 0x52, 0x2F } },
1828		{25+11, 0, { 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01 },
1829		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1830		{ 0x4F, 0x64, 0x4C, 0x92, 0xE1, 0x92, 0xDF, 0xED } },
1831		{26+11, 0, { 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01 },
1832		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1833		{ 0x1A, 0xFA, 0x9A, 0x66, 0xA6, 0xDF, 0x92, 0xAE } },
1834		{27+11, 0, { 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01 },
1835		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1836		{ 0xB3, 0xC1, 0xCC, 0x71, 0x5C, 0xB8, 0x79, 0xD8 } },
1837		{28+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01 },
1838		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1839		{ 0x19, 0xD0, 0x32, 0xE6, 0x4A, 0xB0, 0xBD, 0x8B } },
1840		{29+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01 },
1841		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1842		{ 0x3C, 0xFA, 0xA7, 0xA7, 0xDC, 0x87, 0x20, 0xDC } },
1843		{30+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01 },
1844		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1845		{ 0xB7, 0x26, 0x5F, 0x7F, 0x44, 0x7A, 0xC6, 0xF3 } },
1846		{31+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01 },
1847		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1848		{ 0x9D, 0xB7, 0x3B, 0x3C, 0x0D, 0x16, 0x3F, 0x54 } },
1849		{32+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01 },
1850		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1851		{ 0x81, 0x81, 0xB6, 0x5B, 0xAB, 0xF4, 0xA9, 0x75 } },
1852		{33+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01 },
1853		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1854		{ 0x93, 0xC9, 0xB6, 0x40, 0x42, 0xEA, 0xA2, 0x40 } },
1855		{34+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01 },
1856		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1857		{ 0x55, 0x70, 0x53, 0x08, 0x29, 0x70, 0x55, 0x92 } },
1858		{35+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01 },
1859		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1860		{ 0x86, 0x38, 0x80, 0x9E, 0x87, 0x87, 0x87, 0xA0 } },
1861		{36+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01 },
1862		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1863		{ 0x41, 0xB9, 0xA7, 0x9A, 0xF7, 0x9A, 0xC2, 0x08 } },
1864		{37+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01 },
1865		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1866		{ 0x7A, 0x9B, 0xE4, 0x2F, 0x20, 0x09, 0xA8, 0x92 } },
1867		{38+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01 },
1868		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1869		{ 0x29, 0x03, 0x8D, 0x56, 0xBA, 0x6D, 0x27, 0x45 } },
1870		{39+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01 },
1871		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1872		{ 0x54, 0x95, 0xC6, 0xAB, 0xF1, 0xE5, 0xDF, 0x51 } },
1873		{40+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01 },
1874		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1875		{ 0xAE, 0x13, 0xDB, 0xD5, 0x61, 0x48, 0x89, 0x33 } },
1876		{41+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01 },
1877		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1878		{ 0x02, 0x4D, 0x1F, 0xFA, 0x89, 0x04, 0xE3, 0x89 } },
1879		{42+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01 },
1880		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1881		{ 0xD1, 0x39, 0x97, 0x12, 0xF9, 0x9B, 0xF0, 0x2E } },
1882		{43+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01 },
1883		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1884		{ 0x14, 0xC1, 0xD7, 0xC1, 0xCF, 0xFE, 0xC7, 0x9E } },
1885		{44+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01 },
1886		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1887		{ 0x1D, 0xE5, 0x27, 0x9D, 0xAE, 0x3B, 0xED, 0x6F } },
1888		{45+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01 },
1889		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1890		{ 0xE9, 0x41, 0xA3, 0x3F, 0x85, 0x50, 0x13, 0x03 } },
1891		{46+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01 },
1892		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1893		{ 0xDA, 0x99, 0xDB, 0xBC, 0x9A, 0x03, 0xF3, 0x79 } },
1894		{47+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01 },
1895		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1896		{ 0xB7, 0xFC, 0x92, 0xF9, 0x1D, 0x8E, 0x92, 0xE9 } },
1897		{48+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01 },
1898		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1899		{ 0xAE, 0x8E, 0x5C, 0xAA, 0x3C, 0xA0, 0x4E, 0x85 } },
1900		{49+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80 },
1901		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1902		{ 0x9C, 0xC6, 0x2D, 0xF4, 0x3B, 0x6E, 0xED, 0x74 } },
1903		{50+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40 },
1904		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1905		{ 0xD8, 0x63, 0xDB, 0xB5, 0xC5, 0x9A, 0x91, 0xA0 } },
1906		{51+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20 },
1907		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1908		{ 0xA1, 0xAB, 0x21, 0x90, 0x54, 0x5B, 0x91, 0xD7 } },
1909		{52+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10 },
1910		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1911		{ 0x08, 0x75, 0x04, 0x1E, 0x64, 0xC5, 0x70, 0xF7 } },
1912		{53+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08 },
1913		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1914		{ 0x5A, 0x59, 0x45, 0x28, 0xBE, 0xBE, 0xF1, 0xCC } },
1915		{54+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04 },
1916		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1917		{ 0xFC, 0xDB, 0x32, 0x91, 0xDE, 0x21, 0xF0, 0xC0 } },
1918		{55+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02 },
1919		{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
1920		{ 0x86, 0x9E, 0xFD, 0x7F, 0x9F, 0x26, 0x5A, 0x09 } },
1921		#endif /* LTC_TEST_EXT */
	1688	{ { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A },
	1689	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1690	{ 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 } },
	1691	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1692	{ 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 },
	1693	{ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1694	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1695	{ 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 },
	1696	{ 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1697	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1698	{ 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA },
	1699	{ 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1700	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1701	{ 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F },
	1702	{ 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1703	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1704	{ 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 },
	1705	{ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1706	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1707	{ 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF },
	1708	{ 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1709	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1710	{ 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F },
	1711	{ 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1712	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1713	{ 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 },
	1714	{ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1715	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1716	{ 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A },
	1717	{ 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1718
	1719	{ { 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1720	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1721	{ 0x95, 0xA8, 0xD7, 0x28, 0x13, 0xDA, 0xA9, 0x4D } },
	1722	{ { 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1723	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1724	{ 0x0E, 0xEC, 0x14, 0x87, 0xDD, 0x8C, 0x26, 0xD5 } },
	1725	{ { 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1726	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1727	{ 0x7A, 0xD1, 0x6F, 0xFB, 0x79, 0xC4, 0x59, 0x26 } },
	1728	{ { 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1729	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1730	{ 0xD3, 0x74, 0x62, 0x94, 0xCA, 0x6A, 0x6C, 0xF3 } },
	1731	{ { 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1732	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1733	{ 0x80, 0x9F, 0x5F, 0x87, 0x3C, 0x1F, 0xD7, 0x61 } },
	1734	{ { 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1735	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1736	{ 0xC0, 0x2F, 0xAF, 0xFE, 0xC9, 0x89, 0xD1, 0xFC } },
	1737	{ { 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1738	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1739	{ 0x46, 0x15, 0xAA, 0x1D, 0x33, 0xE7, 0x2F, 0x10 } },
	1740	{ { 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1741	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1742	{ 0x20, 0x55, 0x12, 0x33, 0x50, 0xC0, 0x08, 0x58 } },
	1743	{ { 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1744	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1745	{ 0xDF, 0x3B, 0x99, 0xD6, 0x57, 0x73, 0x97, 0xC8 } },
	1746	{ { 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1747	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1748	{ 0x31, 0xFE, 0x17, 0x36, 0x9B, 0x52, 0x88, 0xC9 } },
	1749	{ { 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1750	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1751	{ 0xDF, 0xDD, 0x3C, 0xC6, 0x4D, 0xAE, 0x16, 0x42 } },
	1752	{ { 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1753	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1754	{ 0x17, 0x8C, 0x83, 0xCE, 0x2B, 0x39, 0x9D, 0x94 } },
	1755	{ { 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1756	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1757	{ 0x50, 0xF6, 0x36, 0x32, 0x4A, 0x9B, 0x7F, 0x80 } },
	1758	{ { 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1759	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1760	{ 0xA8, 0x46, 0x8E, 0xE3, 0xBC, 0x18, 0xF0, 0x6D } },
	1761	{ { 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1762	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1763	{ 0xA2, 0xDC, 0x9E, 0x92, 0xFD, 0x3C, 0xDE, 0x92 } },
	1764	{ { 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1765	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1766	{ 0xCA, 0xC0, 0x9F, 0x79, 0x7D, 0x03, 0x12, 0x87 } },
	1767	{ { 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1768	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1769	{ 0x90, 0xBA, 0x68, 0x0B, 0x22, 0xAE, 0xB5, 0x25 } },
	1770	{ { 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1771	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1772	{ 0xCE, 0x7A, 0x24, 0xF3, 0x50, 0xE2, 0x80, 0xB6 } },
	1773	{ { 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1774	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1775	{ 0x88, 0x2B, 0xFF, 0x0A, 0xA0, 0x1A, 0x0B, 0x87 } },
	1776	{ { 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1777	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1778	{ 0x25, 0x61, 0x02, 0x88, 0x92, 0x45, 0x11, 0xC2 } },
	1779	{ { 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01 },
	1780	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1781	{ 0xC7, 0x15, 0x16, 0xC2, 0x9C, 0x75, 0xD1, 0x70 } },
	1782	{ { 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01 },
	1783	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1784	{ 0x51, 0x99, 0xC2, 0x9A, 0x52, 0xC9, 0xF0, 0x59 } },
	1785	{ { 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01 },
	1786	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1787	{ 0xC2, 0x2F, 0x0A, 0x29, 0x4A, 0x71, 0xF2, 0x9F } },
	1788	{ { 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01 },
	1789	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1790	{ 0xEE, 0x37, 0x14, 0x83, 0x71, 0x4C, 0x02, 0xEA } },
	1791	{ { 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01 },
	1792	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1793	{ 0xA8, 0x1F, 0xBD, 0x44, 0x8F, 0x9E, 0x52, 0x2F } },
	1794	{ { 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01 },
	1795	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1796	{ 0x4F, 0x64, 0x4C, 0x92, 0xE1, 0x92, 0xDF, 0xED } },
	1797	{ { 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01 },
	1798	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1799	{ 0x1A, 0xFA, 0x9A, 0x66, 0xA6, 0xDF, 0x92, 0xAE } },
	1800	{ { 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01 },
	1801	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1802	{ 0xB3, 0xC1, 0xCC, 0x71, 0x5C, 0xB8, 0x79, 0xD8 } },
	1803	{ { 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01 },
	1804	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1805	{ 0x19, 0xD0, 0x32, 0xE6, 0x4A, 0xB0, 0xBD, 0x8B } },
	1806	{ { 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01 },
	1807	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1808	{ 0x3C, 0xFA, 0xA7, 0xA7, 0xDC, 0x87, 0x20, 0xDC } },
	1809	{ { 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01 },
	1810	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1811	{ 0xB7, 0x26, 0x5F, 0x7F, 0x44, 0x7A, 0xC6, 0xF3 } },
	1812	{ { 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01 },
	1813	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1814	{ 0x9D, 0xB7, 0x3B, 0x3C, 0x0D, 0x16, 0x3F, 0x54 } },
	1815	{ { 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01 },
	1816	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1817	{ 0x81, 0x81, 0xB6, 0x5B, 0xAB, 0xF4, 0xA9, 0x75 } },
	1818	{ { 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01 },
	1819	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1820	{ 0x93, 0xC9, 0xB6, 0x40, 0x42, 0xEA, 0xA2, 0x40 } },
	1821	{ { 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01 },
	1822	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1823	{ 0x55, 0x70, 0x53, 0x08, 0x29, 0x70, 0x55, 0x92 } },
	1824	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01 },
	1825	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1826	{ 0x86, 0x38, 0x80, 0x9E, 0x87, 0x87, 0x87, 0xA0 } },
	1827	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01 },
	1828	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1829	{ 0x41, 0xB9, 0xA7, 0x9A, 0xF7, 0x9A, 0xC2, 0x08 } },
	1830	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01 },
	1831	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1832	{ 0x7A, 0x9B, 0xE4, 0x2F, 0x20, 0x09, 0xA8, 0x92 } },
	1833	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01 },
	1834	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1835	{ 0x29, 0x03, 0x8D, 0x56, 0xBA, 0x6D, 0x27, 0x45 } },
	1836	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01 },
	1837	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1838	{ 0x54, 0x95, 0xC6, 0xAB, 0xF1, 0xE5, 0xDF, 0x51 } },
	1839	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01 },
	1840	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1841	{ 0xAE, 0x13, 0xDB, 0xD5, 0x61, 0x48, 0x89, 0x33 } },
	1842	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01 },
	1843	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1844	{ 0x02, 0x4D, 0x1F, 0xFA, 0x89, 0x04, 0xE3, 0x89 } },
	1845	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01 },
	1846	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1847	{ 0xD1, 0x39, 0x97, 0x12, 0xF9, 0x9B, 0xF0, 0x2E } },
	1848	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01 },
	1849	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1850	{ 0x14, 0xC1, 0xD7, 0xC1, 0xCF, 0xFE, 0xC7, 0x9E } },
	1851	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01 },
	1852	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1853	{ 0x1D, 0xE5, 0x27, 0x9D, 0xAE, 0x3B, 0xED, 0x6F } },
	1854	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01 },
	1855	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1856	{ 0xE9, 0x41, 0xA3, 0x3F, 0x85, 0x50, 0x13, 0x03 } },
	1857	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01 },
	1858	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1859	{ 0xDA, 0x99, 0xDB, 0xBC, 0x9A, 0x03, 0xF3, 0x79 } },
	1860	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01 },
	1861	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1862	{ 0xB7, 0xFC, 0x92, 0xF9, 0x1D, 0x8E, 0x92, 0xE9 } },
	1863	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01 },
	1864	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1865	{ 0xAE, 0x8E, 0x5C, 0xAA, 0x3C, 0xA0, 0x4E, 0x85 } },
	1866	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80 },
	1867	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1868	{ 0x9C, 0xC6, 0x2D, 0xF4, 0x3B, 0x6E, 0xED, 0x74 } },
	1869	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40 },
	1870	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1871	{ 0xD8, 0x63, 0xDB, 0xB5, 0xC5, 0x9A, 0x91, 0xA0 } },
	1872	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20 },
	1873	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1874	{ 0xA1, 0xAB, 0x21, 0x90, 0x54, 0x5B, 0x91, 0xD7 } },
	1875	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10 },
	1876	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1877	{ 0x08, 0x75, 0x04, 0x1E, 0x64, 0xC5, 0x70, 0xF7 } },
	1878	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08 },
	1879	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1880	{ 0x5A, 0x59, 0x45, 0x28, 0xBE, 0xBE, 0xF1, 0xCC } },
	1881	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04 },
	1882	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1883	{ 0xFC, 0xDB, 0x32, 0x91, 0xDE, 0x21, 0xF0, 0xC0 } },
	1884	{ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02 },
	1885	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1886	{ 0x86, 0x9E, 0xFD, 0x7F, 0x9F, 0x26, 0x5A, 0x09 } },
1922	1887
1923	1888	/*** more test cases you could add if you are not convinced (the above test cases aren't really too good):
1924	1889

1961	1926	http://www.ecs.soton.ac.uk/~prw99r/ez438/vectors.txt
1962	1927	***/
1963	1928	};
1964		int i, y;
1965		unsigned char tmp[8];
1966		symmetric_key des;
1967
1968		for(i=0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++)
	1929	unsigned char key[8], pt[8], ct[8], tmp[8];
	1930	symmetric_key skey;
	1931	int i, err;
	1932
	1933	for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++)
1969	1934	{
1970		if ((err = des_setup(cases[i].key, 8, 0, &des)) != CRYPT_OK) {
1971		return err;
	1935	if ((err = des_setup(cases[i].key, 8, 0, &skey)) != CRYPT_OK) {
	1936	return err;
1972	1937	}
1973		if (cases[i].mode != 0) {
1974		des_ecb_encrypt(cases[i].txt, tmp, &des);
1975		} else {
1976		des_ecb_decrypt(cases[i].txt, tmp, &des);
	1938
	1939	des_ecb_encrypt(cases[i].txt, ct, &skey);
	1940
	1941	if (compare_testvector(ct, sizeof(ct), cases[i].out, 8, "DES Encrypt", i) != 0) {
	1942	return CRYPT_FAIL_TESTVECTOR;
1977	1943	}
1978	1944
1979		if (compare_testvector(cases[i].out, sizeof(tmp), tmp, sizeof(tmp), "DES", i) != 0) {
1980		return CRYPT_FAIL_TESTVECTOR;
	1945	des_ecb_decrypt(ct, pt, &skey);
	1946
	1947	if (compare_testvector(pt, sizeof(pt), cases[i].txt, 8, "DES Decrypt", i) != 0) {
	1948	return CRYPT_FAIL_TESTVECTOR;
1981	1949	}
1982
1983		/* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
1984		for (y = 0; y < 8; y++) tmp[y] = 0;
1985		for (y = 0; y < 1000; y++) des_ecb_encrypt(tmp, tmp, &des);
1986		for (y = 0; y < 1000; y++) des_ecb_decrypt(tmp, tmp, &des);
1987		for (y = 0; y < 8; y++) if (tmp[y] != 0) return CRYPT_FAIL_TESTVECTOR;
	1950	}
	1951
	1952	/* See if we can encrypt all zero bytes 1000 times, decrypt and come back to where we started */
	1953
	1954	for (i = 0; i < 8; i++) key[i] = i;
	1955
	1956	if ((err = des_setup(key, 8, 0, &skey)) != CRYPT_OK) {
	1957	return err;
	1958	}
	1959
	1960	for (i = 0; i < 8; i++) pt[i] = tmp[i] = 0;
	1961	for (i = 0; i < 1000; i++) des_ecb_encrypt(tmp, tmp, &skey);
	1962	for (i = 0; i < 1000; i++) des_ecb_decrypt(tmp, tmp, &skey);
	1963
	1964	if (compare_testvector(tmp, 8, pt, 8, "DES", 0) != 0) {
	1965	return CRYPT_FAIL_TESTVECTOR;
1988	1966	}
1989	1967
1990	1968	return CRYPT_OK;

1996	1974	#ifndef LTC_TEST
1997	1975	return CRYPT_NOP;
1998	1976	#else
1999		unsigned char key[24], pt[8], ct[8], tmp[8];
2000		symmetric_key skey;
2001		int x, err;
2002
2003		if ((err = des_test()) != CRYPT_OK) {
2004		return err;
2005		}
2006
2007		for (x = 0; x < 8; x++) {
2008		pt[x] = x;
2009		}
2010
2011		for (x = 0; x < 24; x++) {
2012		key[x] = x;
2013		}
2014
2015		if ((err = des3_setup(key, 24, 0, &skey)) != CRYPT_OK) {
2016		return err;
2017		}
2018
2019		des3_ecb_encrypt(pt, ct, &skey);
2020		des3_ecb_decrypt(ct, tmp, &skey);
2021
2022		if (compare_testvector(pt, 8, tmp, 8, "3DES", 0) != 0) {
2023		return CRYPT_FAIL_TESTVECTOR;
2024		}
2025
2026		return CRYPT_OK;
	1977	static const struct des3_test_case {
	1978	unsigned char key[16], txt[8], out[8];
	1979	} cases[] = {
	1980	/*
	1981	https://www.cosic.esat.kuleuven.be/nessie/testvectors/bc/des/Triple-Des-2-Key-128-64.unverified.test-vectors
	1982	*/
	1983	{ { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1984	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1985	{ 0xFA, 0xFD, 0x50, 0x84, 0x37, 0x4F, 0xCE, 0x34 } },
	1986	{ { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1987	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1988	{ 0x60, 0xCC, 0x37, 0xB7, 0xB5, 0x37, 0xA1, 0xDC } },
	1989	{ { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1990	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
	1991	{ 0xBE, 0x3E, 0x73, 0x04, 0xFE, 0x92, 0xC2, 0xBC } },
	1992	{ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00 },
	1993	{ 0xE5, 0xA9, 0xE3, 0x80, 0x03, 0xA5, 0xA0, 0xFD },
	1994	{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
	1995	{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F },
	1996	{ 0xE4, 0xFC, 0x19, 0xD6, 0x94, 0x63, 0xB7, 0x83 },
	1997	{ 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 } },
	1998	};
	1999	unsigned char key[24], pt[8], ct[8], tmp[8];
	2000	symmetric_key skey;
	2001	int i, err;
	2002
	2003	if ((err = des_test()) != CRYPT_OK) {
	2004	return err;
	2005	}
	2006
	2007	for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++)
	2008	{
	2009	if ((err = des3_setup(cases[i].key, 16, 0, &skey)) != CRYPT_OK) {
	2010	return err;
	2011	}
	2012
	2013	des3_ecb_encrypt(cases[i].txt, ct, &skey);
	2014
	2015	if (compare_testvector(ct, sizeof(ct), cases[i].out, 8, "3DES Encrypt", i) != 0) {
	2016	return CRYPT_FAIL_TESTVECTOR;
	2017	}
	2018
	2019	des3_ecb_decrypt(ct, pt, &skey);
	2020
	2021	if (compare_testvector(pt, sizeof(pt), cases[i].txt, 8, "3DES Decrypt", i) != 0) {
	2022	return CRYPT_FAIL_TESTVECTOR;
	2023	}
	2024	}
	2025
	2026	/* See if we can encrypt all zero bytes 1000 times, decrypt and come back to where we started */
	2027
	2028	for (i = 0; i < 24; i++) key[i] = i;
	2029
	2030	if ((err = des3_setup(key, 24, 0, &skey)) != CRYPT_OK) {
	2031	return err;
	2032	}
	2033
	2034	for (i = 0; i < 8; i++) pt[i] = tmp[i] = 0;
	2035	for (i = 0; i < 1000; i++) des3_ecb_encrypt(tmp, tmp, &skey);
	2036	for (i = 0; i < 1000; i++) des3_ecb_decrypt(tmp, tmp, &skey);
	2037
	2038	if (compare_testvector(tmp, 8, pt, 8, "3DES", 0) != 0) {
	2039	return CRYPT_FAIL_TESTVECTOR;
	2040	}
	2041
	2042	return CRYPT_OK;
2027	2043	#endif
2028	2044	}
2029	2045

+8

-0

src/ltc/ciphers/rc5.c less more

135	135	LTC_ARGCHK(pt != NULL);
136	136	LTC_ARGCHK(ct != NULL);
137	137
	138	if (skey->rc5.rounds < 12 \|\| skey->rc5.rounds > 24) {
	139	return CRYPT_INVALID_ROUNDS;
	140	}
	141
138	142	LOAD32L(A, &pt[0]);
139	143	LOAD32L(B, &pt[4]);
140	144	A += skey->rc5.K[0];

190	194	LTC_ARGCHK(skey != NULL);
191	195	LTC_ARGCHK(pt != NULL);
192	196	LTC_ARGCHK(ct != NULL);
	197
	198	if (skey->rc5.rounds < 12 \|\| skey->rc5.rounds > 24) {
	199	return CRYPT_INVALID_ROUNDS;
	200	}
193	201
194	202	LOAD32L(A, &ct[0]);
195	203	LOAD32L(B, &ct[4]);

+8

-0

src/ltc/ciphers/safer/saferp.c less more

346	346	LTC_ARGCHK(ct != NULL);
347	347	LTC_ARGCHK(skey != NULL);
348	348
	349	if (skey->saferp.rounds < 8 \|\| skey->saferp.rounds > 16) {
	350	return CRYPT_INVALID_ROUNDS;
	351	}
	352
349	353	/* do eight rounds */
350	354	for (x = 0; x < 16; x++) {
351	355	b[x] = pt[x];

409	413	LTC_ARGCHK(pt != NULL);
410	414	LTC_ARGCHK(ct != NULL);
411	415	LTC_ARGCHK(skey != NULL);
	416
	417	if (skey->saferp.rounds < 8 \|\| skey->saferp.rounds > 16) {
	418	return CRYPT_INVALID_ROUNDS;
	419	}
412	420
413	421	/* do eight rounds */
414	422	b[0] = ct[0] ^ skey->saferp.K[skey->saferp.rounds*2][0];

+219

-0

src/ltc/ciphers/tea.c less more

	0	/* LibTomCrypt, modular cryptographic library -- Tom St Denis
	1	*
	2	* LibTomCrypt is a library that provides various cryptographic
	3	* algorithms in a highly modular and flexible manner.
	4	*
	5	* The library is free for all purposes without any express
	6	* guarantee it works.
	7	*/
	8
	9	/**
	10	@file tea.c
	11	Implementation of TEA, Steffen Jaeckel
	12	*/
	13	#include "tomcrypt_private.h"
	14
	15	#ifdef LTC_TEA
	16
	17	const struct ltc_cipher_descriptor tea_desc =
	18	{
	19	"tea",
	20	26,
	21	16, 16, 8, 32,
	22	&tea_setup,
	23	&tea_ecb_encrypt,
	24	&tea_ecb_decrypt,
	25	&tea_test,
	26	&tea_done,
	27	&tea_keysize,
	28	NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
	29	};
	30
	31	#define DELTA 0x9E3779B9uL
	32	#define SUM 0xC6EF3720uL
	33
	34	int tea_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey)
	35	{
	36	LTC_ARGCHK(key != NULL);
	37	LTC_ARGCHK(skey != NULL);
	38
	39	/* check arguments */
	40	if (keylen != 16) {
	41	return CRYPT_INVALID_KEYSIZE;
	42	}
	43
	44	if (num_rounds != 0 && num_rounds != 32) {
	45	return CRYPT_INVALID_ROUNDS;
	46	}
	47
	48	/* load key */
	49	LOAD32H(skey->tea.k[0], key+0);
	50	LOAD32H(skey->tea.k[1], key+4);
	51	LOAD32H(skey->tea.k[2], key+8);
	52	LOAD32H(skey->tea.k[3], key+12);
	53
	54	return CRYPT_OK;
	55	}
	56
	57	/**
	58	Encrypts a block of text with TEA
	59	@param pt The input plaintext (8 bytes)
	60	@param ct The output ciphertext (8 bytes)
	61	@param skey The key as scheduled
	62	@return CRYPT_OK if successful
	63	*/
	64	int tea_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey)
	65	{
	66	ulong32 y, z, sum = 0;
	67	const ulong32 delta = DELTA;
	68	int r;
	69
	70	LTC_ARGCHK(pt != NULL);
	71	LTC_ARGCHK(ct != NULL);
	72	LTC_ARGCHK(skey != NULL);
	73
	74	LOAD32H(y, &pt[0]);
	75	LOAD32H(z, &pt[4]);
	76	for (r = 0; r < 32; r += 4) {
	77	sum += delta;
	78	y += ((z<<4) + skey->tea.k[0]) ^ (z + sum) ^ ((z>>5) + skey->tea.k[1]);
	79	z += ((y<<4) + skey->tea.k[2]) ^ (y + sum) ^ ((y>>5) + skey->tea.k[3]);
	80	}
	81	STORE32H(y, &ct[0]);
	82	STORE32H(z, &ct[4]);
	83	return CRYPT_OK;
	84	}
	85
	86	/**
	87	Decrypts a block of text with TEA
	88	@param ct The input ciphertext (8 bytes)
	89	@param pt The output plaintext (8 bytes)
	90	@param skey The key as scheduled
	91	@return CRYPT_OK if successful
	92	*/
	93	int tea_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey)
	94	{
	95	ulong32 v0, v1, sum = SUM;
	96	const ulong32 delta = DELTA;
	97	int r;
	98
	99	LTC_ARGCHK(pt != NULL);
	100	LTC_ARGCHK(ct != NULL);
	101	LTC_ARGCHK(skey != NULL);
	102
	103	LOAD32H(v0, &ct[0]);
	104	LOAD32H(v1, &ct[4]);
	105
	106	for (r = 0; r < 32; r++) {
	107	v1 -= ((v0 << 4) + skey->tea.k[2]) ^ (v0 + sum) ^ ((v0 >> 5) + skey->tea.k[3]);
	108	v0 -= ((v1 << 4) + skey->tea.k[0]) ^ (v1 + sum) ^ ((v1 >> 5) + skey->tea.k[1]);
	109	sum -= delta;
	110	}
	111
	112	STORE32H(v0, &pt[0]);
	113	STORE32H(v1, &pt[4]);
	114	return CRYPT_OK;
	115	}
	116
	117	/**
	118	Performs a self-test of the TEA block cipher
	119	@return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled
	120	*/
	121	int tea_test(void)
	122	{
	123	#ifndef LTC_TEST
	124	return CRYPT_NOP;
	125	#else
	126	static const struct {
	127	const char key, pt, *ct;
	128	} tests[] = {
	129	{
	130	"00000000000000000000000000000000",
	131	"0000000000000000",
	132	"41ea3a0a94baa940"
	133	}, {
	134	"32a1e65408b63bb9214105744ec5d2e2",
	135	"5ada1d89a9c3801a",
	136	"dd46249e28aa0b4b"
	137	}, {
	138	"60388adadf70a1f5d9cb4e097d2c6c57",
	139	"7a6adb4d69c53e0f",
	140	"44b71215cf25368a"
	141	}, {
	142	"4368d2249bd0321eb7c56d5b63a1bfac",
	143	"5a5d7ca2e186c41a",
	144	"91f56dff7281794f"
	145	}, {
	146	"5c60bff27072d01c4513c5eb8f3a38ab",
	147	"80d9c4adcf899635",
	148	"2bb0f1b3c023ed11"
	149	}
	150	};
	151	unsigned char ptct[2][8];
	152	unsigned char tmp[2][8];
	153	unsigned char key[16];
	154	unsigned long l;
	155	symmetric_key skey;
	156	size_t i;
	157	int err, y;
	158	for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
	159	zeromem(&skey, sizeof(skey));
	160
	161	l = sizeof(key);
	162	if ((err = base16_decode(tests[i].key, XSTRLEN(tests[i].key), key, &l)) != CRYPT) return err;
	163	l = sizeof(ptct[0]);
	164	if ((err = base16_decode(tests[i].pt, XSTRLEN(tests[i].pt), ptct[0], &l)) != CRYPT) return err;
	165	l = sizeof(ptct[1]);
	166	if ((err = base16_decode(tests[i].ct, XSTRLEN(tests[i].ct), ptct[1], &l)) != CRYPT) return err;
	167
	168	if ((err = tea_setup(key, 16, 0, &skey)) != CRYPT_OK) {
	169	return err;
	170	}
	171	tea_ecb_encrypt(ptct[0], tmp[0], &skey);
	172	tea_ecb_decrypt(tmp[0], tmp[1], &skey);
	173
	174	if (compare_testvector(tmp[0], 8, ptct[0], 8, "TEA Encrypt", i) != 0 \|\|
	175	compare_testvector(tmp[1], 8, ptct[1], 8, "TEA Decrypt", i) != 0) {
	176	return CRYPT_FAIL_TESTVECTOR;
	177	}
	178
	179	/* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
	180	for (y = 0; y < 8; y++) tmp[0][y] = 0;
	181	for (y = 0; y < 1000; y++) tea_ecb_encrypt(tmp[0], tmp[0], &skey);
	182	for (y = 0; y < 1000; y++) tea_ecb_decrypt(tmp[0], tmp[0], &skey);
	183	for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR;
	184	} /* for */
	185
	186	return CRYPT_OK;
	187	#endif
	188	}
	189
	190	/** Terminate the context
	191	@param skey The scheduled key
	192	*/
	193	void tea_done(symmetric_key *skey)
	194	{
	195	LTC_UNUSED_PARAM(skey);
	196	}
	197
	198	/**
	199	Gets suitable key size
	200	@param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable.
	201	@return CRYPT_OK if the input key size is acceptable.
	202	*/
	203	int tea_keysize(int *keysize)
	204	{
	205	LTC_ARGCHK(keysize != NULL);
	206	if (*keysize < 16) {
	207	return CRYPT_INVALID_KEYSIZE;
	208	}
	209	*keysize = 16;
	210	return CRYPT_OK;
	211	}
	212
	213	#endif
	214
	215
	216	/* ref: $Format:%D$ */
	217	/* git commit: $Format:%H$ */
	218	/* commit time: $Format:%ai$ */

+1

-1

src/ltc/ciphers/xtea.c less more

8	8
9	9	/**
10	10	@file xtea.c
11		Implementation of LTC_XTEA, Tom St Denis
	11	Implementation of eXtended TEA, Tom St Denis
12	12	*/
13	13	#include "tomcrypt_private.h"
14	14

+1

-1

src/ltc/encauth/gcm/gcm_gf_mult.c less more

12	12	*/
13	13	#include "tomcrypt_private.h"
14	14
15		#if defined(LTC_GCM_TABLES) \|\| defined(LTC_LRW_TABLES) \|\| ((defined(LTC_GCM_MODE) \|\| defined(LTC_GCM_MODE)) && defined(LTC_FAST))
	15	#if defined(LTC_GCM_TABLES) \|\| defined(LTC_LRW_TABLES) \|\| (defined(LTC_GCM_MODE) && defined(LTC_FAST))
16	16
17	17	/* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format. Since only the
18	18	* lower 16 bits are not zero'ed I removed the upper 14 bytes */

+4

-4

src/ltc/hashes/blake2b.c less more

479	479
480	480	for (i = 0; tests[i].msg != NULL; i++) {
481	481	blake2b_512_init(&md);
482		blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	482	blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
483	483	blake2b_done(&md, tmp);
484	484	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_512", i)) {
485	485	return CRYPT_FAIL_TESTVECTOR;

526	526
527	527	for (i = 0; tests[i].msg != NULL; i++) {
528	528	blake2b_384_init(&md);
529		blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	529	blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
530	530	blake2b_done(&md, tmp);
531	531	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_384", i)) {
532	532	return CRYPT_FAIL_TESTVECTOR;

579	579
580	580	for (i = 0; tests[i].msg != NULL; i++) {
581	581	blake2b_256_init(&md);
582		blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	582	blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
583	583	blake2b_done(&md, tmp);
584	584	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_256", i)) {
585	585	return CRYPT_FAIL_TESTVECTOR;

620	620
621	621	for (i = 0; tests[i].msg != NULL; i++) {
622	622	blake2b_160_init(&md);
623		blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	623	blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
624	624	blake2b_done(&md, tmp);
625	625	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_160", i)) {
626	626	return CRYPT_FAIL_TESTVECTOR;

+4

-4

src/ltc/hashes/blake2s.c less more

469	469
470	470	for (i = 0; tests[i].msg != NULL; i++) {
471	471	blake2s_256_init(&md);
472		blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	472	blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
473	473	blake2s_done(&md, tmp);
474	474	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_256", i)) {
475	475	return CRYPT_FAIL_TESTVECTOR;

513	513
514	514	for (i = 0; tests[i].msg != NULL; i++) {
515	515	blake2s_224_init(&md);
516		blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	516	blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
517	517	blake2s_done(&md, tmp);
518	518	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_224", i)) {
519	519	return CRYPT_FAIL_TESTVECTOR;

555	555
556	556	for (i = 0; tests[i].msg != NULL; i++) {
557	557	blake2s_160_init(&md);
558		blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	558	blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
559	559	blake2s_done(&md, tmp);
560	560	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_160", i)) {
561	561	return CRYPT_FAIL_TESTVECTOR;

595	595
596	596	for (i = 0; tests[i].msg != NULL; i++) {
597	597	blake2s_128_init(&md);
598		blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	598	blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
599	599	blake2s_done(&md, tmp);
600	600	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_128", i)) {
601	601	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/chc/chc.c less more

286	286	if ((err = chc_init(&md)) != CRYPT_OK) {
287	287	return err;
288	288	}
289		if ((err = chc_process(&md, tests[i].msg, strlen((char *)tests[i].msg))) != CRYPT_OK) {
	289	if ((err = chc_process(&md, tests[i].msg, XSTRLEN((char *)tests[i].msg))) != CRYPT_OK) {
290	290	return err;
291	291	}
292	292	if ((err = chc_done(&md, tmp)) != CRYPT_OK) {

+1

-1

src/ltc/hashes/md2.c less more

231	231
232	232	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
233	233	md2_init(&md);
234		md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	234	md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
235	235	md2_done(&md, tmp);
236	236	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD2", i)) {
237	237	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/md4.c less more

285	285
286	286	for(i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
287	287	md4_init(&md);
288		md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)strlen(tests[i].input));
	288	md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)XSTRLEN(tests[i].input));
289	289	md4_done(&md, tmp);
290	290	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD4", i)) {
291	291	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/md5.c less more

346	346
347	347	for (i = 0; tests[i].msg != NULL; i++) {
348	348	md5_init(&md);
349		md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	349	md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
350	350	md5_done(&md, tmp);
351	351	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD5", i)) {
352	352	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/rmd128.c less more

387	387
388	388	for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
389	389	rmd128_init(&md);
390		rmd128_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
	390	rmd128_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg));
391	391	rmd128_done(&md, tmp);
392	392	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD128", i)) {
393	393	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/rmd160.c less more

446	446
447	447	for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
448	448	rmd160_init(&md);
449		rmd160_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
	449	rmd160_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg));
450	450	rmd160_done(&md, tmp);
451	451	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD160", i)) {
452	452	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/rmd256.c less more

412	412
413	413	for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
414	414	rmd256_init(&md);
415		rmd256_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
	415	rmd256_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg));
416	416	rmd256_done(&md, tmp);
417	417	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD256", i)) {
418	418	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/rmd320.c less more

477	477
478	478	for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) {
479	479	rmd320_init(&md);
480		rmd320_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
	480	rmd320_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg));
481	481	rmd320_done(&md, tmp);
482	482	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD320", i)) {
483	483	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/sha1.c less more

266	266
267	267	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
268	268	sha1_init(&md);
269		sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	269	sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
270	270	sha1_done(&md, tmp);
271	271	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA1", i)) {
272	272	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/sha2/sha224.c less more

110	110
111	111	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
112	112	sha224_init(&md);
113		sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	113	sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
114	114	sha224_done(&md, tmp);
115	115	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA224", i)) {
116	116	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/sha2/sha256.c less more

314	314
315	315	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
316	316	sha256_init(&md);
317		sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	317	sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
318	318	sha256_done(&md, tmp);
319	319	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA256", i)) {
320	320	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/sha2/sha384.c less more

116	116
117	117	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
118	118	sha384_init(&md);
119		sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	119	sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
120	120	sha384_done(&md, tmp);
121	121	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA384", i)) {
122	122	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/sha2/sha512.c less more

292	292
293	293	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
294	294	sha512_init(&md);
295		sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	295	sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
296	296	sha512_done(&md, tmp);
297	297	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512", i)) {
298	298	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/sha2/sha512_224.c less more

112	112
113	113	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
114	114	sha512_224_init(&md);
115		sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	115	sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
116	116	sha512_224_done(&md, tmp);
117	117	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-224", i)) {
118	118	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/sha2/sha512_256.c less more

112	112
113	113	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
114	114	sha512_256_init(&md);
115		sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	115	sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
116	116	sha512_256_done(&md, tmp);
117	117	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-265", i)) {
118	118	return CRYPT_FAIL_TESTVECTOR;

+1

-1

src/ltc/hashes/tiger.c less more

770	770
771	771	for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
772	772	tiger_init(&md);
773		tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
	773	tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg));
774	774	tiger_done(&md, tmp);
775	775	if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "TIGER", i)) {
776	776	return CRYPT_FAIL_TESTVECTOR;

+12

-12

src/ltc/headers/tomcrypt.h less more

18	18	#include <limits.h>
19	19
20	20	/* use configuration data */
21		#include <tomcrypt_custom.h>
	21	#include "tomcrypt_custom.h"
22	22
23	23	#ifdef __cplusplus
24	24	extern "C" {

80	80	CRYPT_HASH_OVERFLOW /* Hash applied to too many bits */
81	81	};
82	82
83		#include <tomcrypt_cfg.h>
84		#include <tomcrypt_macros.h>
85		#include <tomcrypt_cipher.h>
86		#include <tomcrypt_hash.h>
87		#include <tomcrypt_mac.h>
88		#include <tomcrypt_prng.h>
89		#include <tomcrypt_pk.h>
90		#include <tomcrypt_math.h>
91		#include <tomcrypt_misc.h>
92		#include <tomcrypt_argchk.h>
93		#include <tomcrypt_pkcs.h>
	83	#include "tomcrypt_cfg.h"
	84	#include "tomcrypt_macros.h"
	85	#include "tomcrypt_cipher.h"
	86	#include "tomcrypt_hash.h"
	87	#include "tomcrypt_mac.h"
	88	#include "tomcrypt_prng.h"
	89	#include "tomcrypt_pk.h"
	90	#include "tomcrypt_math.h"
	91	#include "tomcrypt_misc.h"
	92	#include "tomcrypt_argchk.h"
	93	#include "tomcrypt_pkcs.h"
94	94
95	95	#ifdef __cplusplus
96	96	}

+13

-7

src/ltc/headers/tomcrypt_cfg.h less more

293	293	#define LTC_HAVE_ROTATE_BUILTIN
294	294	#endif
295	295
296		#if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301)
297		#define LTC_DEPRECATED __attribute__((deprecated))
	296	#if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405)
	297	# define LTC_DEPRECATED(s) __attribute__((deprecated("replaced by " #s)))
	298	# define PRIVATE_LTC_DEPRECATED_PRAGMA(s) _Pragma(#s)
	299	# define LTC_DEPRECATED_PRAGMA(s) PRIVATE_LTC_DEPRECATED_PRAGMA(GCC warning s)
	300	#elif defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301)
	301	# define LTC_DEPRECATED(s) __attribute__((deprecated))
	302	# define LTC_DEPRECATED_PRAGMA(s)
298	303	#elif defined(_MSC_VER) && _MSC_VER >= 1500
299	304	/* supported since Visual Studio 2008 */
300		#define LTC_DEPRECATED __declspec(deprecated)
301		#else
302		#define LTC_DEPRECATED
303		#endif
304
	305	# define LTC_DEPRECATED(s) __declspec(deprecated("replaced by " #s))
	306	# define LTC_DEPRECATED_PRAGMA(s) __pragma(message(s))
	307	#else
	308	# define LTC_DEPRECATED(s)
	309	# define LTC_DEPRECATED_PRAGMA(s)
	310	#endif
305	311	/* ref: $Format:%D$ */
306	312	/* git commit: $Format:%H$ */
307	313	/* commit time: $Format:%ai$ */

+19

-0

src/ltc/headers/tomcrypt_cipher.h less more

170	170	};
171	171	#endif
172	172
	173	#ifdef LTC_TEA
	174	struct tea_key {
	175	ulong32 k[4];
	176	};
	177	#endif
	178
173	179	typedef union Symmetric_key {
174	180	#ifdef LTC_DES
175	181	struct des_key des;

234	240	#endif
235	241	#ifdef LTC_SERPENT
236	242	struct serpent_key serpent;
	243	#endif
	244	#ifdef LTC_TEA
	245	struct tea_key tea;
237	246	#endif
238	247	void *data;
239	248	} symmetric_key;

858	867	extern const struct ltc_cipher_descriptor serpent_desc;
859	868	#endif
860	869
	870	#ifdef LTC_TEA
	871	int tea_setup(const unsigned char key, int keylen, int num_rounds, symmetric_key skey);
	872	int tea_ecb_encrypt(const unsigned char pt, unsigned char ct, const symmetric_key *skey);
	873	int tea_ecb_decrypt(const unsigned char ct, unsigned char pt, const symmetric_key *skey);
	874	int tea_test(void);
	875	void tea_done(symmetric_key *skey);
	876	int tea_keysize(int *keysize);
	877	extern const struct ltc_cipher_descriptor tea_desc;
	878	#endif
	879
861	880	#ifdef LTC_ECB_MODE
862	881	int ecb_start(int cipher, const unsigned char *key,
863	882	int keylen, int num_rounds, symmetric_ECB *ecb);

+16

-1

src/ltc/headers/tomcrypt_custom.h less more

44	44	#ifndef XSTRCMP
45	45	#define XSTRCMP strcmp
46	46	#endif
	47	#ifndef XSTRLEN
	48	#define XSTRLEN strlen
	49	#endif
47	50	#ifndef XSTRNCPY
48	51	#define XSTRNCPY strncpy
49	52	#endif

58	61
59	62	#if ( defined(malloc) \|\| defined(realloc) \|\| defined(calloc) \|\| defined(free) \|\| \
60	63	defined(memset) \|\| defined(memcpy) \|\| defined(memcmp) \|\| defined(strcmp) \|\| \
61		defined(strncpy) \|\| defined(clock) \|\| defined(qsort) ) && !defined(LTC_NO_PROTOTYPES)
	64	defined(strlen) \|\| defined(strncpy) \|\| defined(clock) \|\| defined(qsort) ) \
	65	&& !defined(LTC_NO_PROTOTYPES)
62	66	#define LTC_NO_PROTOTYPES
63	67	#endif
64	68

206	210	#define LTC_CAMELLIA
207	211	#define LTC_IDEA
208	212	#define LTC_SERPENT
	213	#define LTC_TEA
209	214
210	215	/* stream ciphers */
211	216	#define LTC_CHACHA

487	492	#define LTC_BASE32
488	493	/* Base16/hex encoding/decoding */
489	494	#define LTC_BASE16
	495
	496	#define LTC_BCRYPT
	497
	498	#ifndef LTC_BCRYPT_DEFAULT_ROUNDS
	499	#define LTC_BCRYPT_DEFAULT_ROUNDS 10
	500	#endif
490	501
491	502	/* Keep LTC_NO_HKDF for compatibility reasons
492	503	* superseeded by LTC_NO_MISC*/

599	610	#error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled
600	611	#endif
601	612
	613	#if defined(LTC_BCRYPT) && !defined(LTC_BLOWFISH)
	614	#error LTC_BCRYPT requires LTC_BLOWFISH
	615	#endif
	616
602	617	#if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) \|\| !defined(LTC_POLY1305))
603	618	#error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305
604	619	#endif

+12

-5

src/ltc/headers/tomcrypt_misc.h less more

58	58	unsigned char out, unsigned long outlen);
59	59	#endif
60	60
	61	#ifdef LTC_BCRYPT
	62	int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len,
	63	const unsigned char *salt, unsigned long salt_len,
	64	unsigned int rounds, int hash_idx,
	65	unsigned char out, unsigned long outlen);
	66	#endif
	67
61	68	/* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */
62	69	#ifdef LTC_HKDF
63	70

101	108	int crypt_list_all_sizes(char names_list, unsigned int names_list_size);
102	109
103	110	#ifdef LTM_DESC
104		LTC_DEPRECATED void init_LTM(void);
	111	LTC_DEPRECATED(crypt_mp_init) void init_LTM(void);
105	112	#endif
106	113	#ifdef TFM_DESC
107		LTC_DEPRECATED void init_TFM(void);
	114	LTC_DEPRECATED(crypt_mp_init) void init_TFM(void);
108	115	#endif
109	116	#ifdef GMP_DESC
110		LTC_DEPRECATED void init_GMP(void);
	117	LTC_DEPRECATED(crypt_mp_init) void init_GMP(void);
111	118	#endif
112	119	int crypt_mp_init(const char* mpi);
113	120

155	162
156	163	#ifdef LTC_SSH
157	164	typedef enum ssh_data_type_ {
	165	LTC_SSHDATA_EOL,
158	166	LTC_SSHDATA_BYTE,
159	167	LTC_SSHDATA_BOOLEAN,
160	168	LTC_SSHDATA_UINT32,

162	170	LTC_SSHDATA_STRING,
163	171	LTC_SSHDATA_MPINT,
164	172	LTC_SSHDATA_NAMELIST,
165		LTC_SSHDATA_EOL
166	173	} ssh_data_type;
167	174
168	175	/* VA list handy helpers with tuples of <type, data> */
169	176	int ssh_encode_sequence_multi(unsigned char out, unsigned long outlen, ...);
170		int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...);
	177	int ssh_decode_sequence_multi(const unsigned char in, unsigned long inlen, ...);
171	178	#endif /* LTC_SSH */
172	179
173	180	int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which);

+17

-0

src/ltc/headers/tomcrypt_private.h less more

70	70	/*
71	71	* Internal functions
72	72	*/
	73
	74
	75	/* tomcrypt_cipher.h */
	76
	77	void blowfish_enc(ulong32 data, unsigned long blocks, const symmetric_key skey);
	78	int blowfish_expand(const unsigned char *key, int keylen,
	79	const unsigned char *data, int datalen,
	80	symmetric_key *skey);
	81	int blowfish_setup_with_data(const unsigned char *key, int keylen,
	82	const unsigned char *data, int datalen,
	83	symmetric_key *skey);
73	84
74	85	/* tomcrypt_hash.h */
75	86

214	225	int pk_oid_num_to_str(const unsigned long oid, unsigned long oidlen, char OID, unsigned long *outlen);
215	226
216	227	/* ---- DH Routines ---- */
	228	#ifdef LTC_MRSA
	229	int rsa_init(rsa_key *key);
	230	void rsa_shrink_key(rsa_key *key);
	231	#endif /* LTC_MRSA */
	232
	233	/* ---- DH Routines ---- */
217	234	#ifdef LTC_MDH
218	235	extern const ltc_dh_set_type ltc_dh_sets[];
219	236

+53

-25

src/ltc/math/ltm_desc.c less more

14	14	#include <tommath.h>
15	15
16	16	static const struct {
17		int mpi_code, ltc_code;
	17	mp_err mpi_code;
	18	int ltc_code;
18	19	} mpi_to_ltc_codes[] = {
19	20	{ MP_OKAY , CRYPT_OK},
20	21	{ MP_MEM , CRYPT_MEM},
21	22	{ MP_VAL , CRYPT_INVALID_ARG},
	23	#if defined(MP_BUF) \|\| defined(MP_USE_ENUMS)
	24	{ MP_ITER , CRYPT_INVALID_PACKET},
	25	{ MP_BUF , CRYPT_BUFFER_OVERFLOW},
	26	#endif
22	27	};
23	28
24	29	/**

26	31	@param err The error to convert
27	32	@return The equivalent LTC error code or CRYPT_ERROR if none found
28	33	*/
29		static int mpi_to_ltc_error(int err)
30		{
31		int x;
32
33		for (x = 0; x < (int)(sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0])); x++) {
	34	static int mpi_to_ltc_error(mp_err err)
	35	{
	36	size_t x;
	37
	38	for (x = 0; x < sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0]); x++) {
34	39	if (err == mpi_to_ltc_codes[x].mpi_code) {
35	40	return mpi_to_ltc_codes[x].ltc_code;
36	41	}

38	43	return CRYPT_ERROR;
39	44	}
40	45
41		static int init(void **a)
42		{
43		int err;
44
	46	static int init_mpi(void **a)
	47	{
45	48	LTC_ARGCHK(a != NULL);
46	49
47	50	*a = XCALLOC(1, sizeof(mp_int));
48	51	if (*a == NULL) {
49	52	return CRYPT_MEM;
50		}
51
	53	} else {
	54	return CRYPT_OK;
	55	}
	56	}
	57
	58	static int init(void **a)
	59	{
	60	int err;
	61
	62	LTC_ARGCHK(a != NULL);
	63
	64	if ((err = init_mpi(a)) != CRYPT_OK) {
	65	return err;
	66	}
52	67	if ((err = mpi_to_ltc_error(mp_init(*a))) != CRYPT_OK) {
53	68	XFREE(*a);
54	69	}

78	93
79	94	static int init_copy(void *a, void b)
80	95	{
81		if (init(a) != CRYPT_OK) {
82		return CRYPT_MEM;
83		}
84		return copy(b, *a);
	96	int err;
	97	LTC_ARGCHK(a != NULL);
	98	LTC_ARGCHK(b != NULL);
	99	if ((err = init_mpi(a)) != CRYPT_OK) return err;
	100	return mpi_to_ltc_error(mp_init_copy(*a, b));
85	101	}
86	102
87	103	/* ---- trivial ---- */

124	140
125	141	static int compare(void a, void b)
126	142	{
127		int ret;
128		LTC_ARGCHK(a != NULL);
129		LTC_ARGCHK(b != NULL);
130		ret = mp_cmp(a, b);
131		switch (ret) {
	143	LTC_ARGCHK(a != NULL);
	144	LTC_ARGCHK(b != NULL);
	145	switch (mp_cmp(a, b)) {
132	146	case MP_LT: return LTC_MP_LT;
133	147	case MP_EQ: return LTC_MP_EQ;
134	148	case MP_GT: return LTC_MP_GT;

138	152
139	153	static int compare_d(void *a, ltc_mp_digit b)
140	154	{
141		int ret;
142		LTC_ARGCHK(a != NULL);
143		ret = mp_cmp_d(a, b);
144		switch (ret) {
	155	LTC_ARGCHK(a != NULL);
	156	switch (mp_cmp_d(a, b)) {
145	157	case MP_LT: return LTC_MP_LT;
146	158	case MP_EQ: return LTC_MP_EQ;
147	159	case MP_GT: return LTC_MP_GT;

183	195	{
184	196	LTC_ARGCHK(a != NULL);
185	197	LTC_ARGCHK(b != NULL);
	198	#ifdef BN_MP_TORADIX_C
186	199	return mpi_to_ltc_error(mp_toradix(a, b, radix));
	200	#else
	201	return mpi_to_ltc_error(mp_to_radix(a, b, SIZE_MAX, NULL, radix));
	202	#endif
187	203	}
188	204
189	205	/* get size as unsigned char string */
190	206	static unsigned long unsigned_size(void *a)
191	207	{
192	208	LTC_ARGCHK(a != NULL);
	209	#ifdef BN_MP_UNSIGNED_BIN_SIZE_C
193	210	return mp_unsigned_bin_size(a);
	211	#else
	212	return (unsigned long)mp_ubin_size(a);
	213	#endif
194	214	}
195	215
196	216	/* store */

198	218	{
199	219	LTC_ARGCHK(a != NULL);
200	220	LTC_ARGCHK(b != NULL);
	221	#ifdef BN_MP_TO_UNSIGNED_BIN_C
201	222	return mpi_to_ltc_error(mp_to_unsigned_bin(a, b));
	223	#else
	224	return mpi_to_ltc_error(mp_to_ubin(a, b, SIZE_MAX, NULL));
	225	#endif
202	226	}
203	227
204	228	/* read */

206	230	{
207	231	LTC_ARGCHK(a != NULL);
208	232	LTC_ARGCHK(b != NULL);
	233	#ifdef BN_MP_READ_UNSIGNED_BIN_C
209	234	return mpi_to_ltc_error(mp_read_unsigned_bin(a, b, len));
	235	#else
	236	return mpi_to_ltc_error(mp_from_ubin(a, b, (size_t)len));
	237	#endif
210	238	}
211	239
212	240	/* add */

+1

-1

src/ltc/misc/adler32.c less more

117	117	unsigned char out[4];
118	118	adler32_state ctx;
119	119	adler32_init(&ctx);
120		adler32_update(&ctx, in, strlen(in));
	120	adler32_update(&ctx, in, XSTRLEN(in));
121	121	adler32_finish(&ctx, out, 4);
122	122	if (compare_testvector(adler32, 4, out, 4, "adler32", 0)) {
123	123	return CRYPT_FAIL_TESTVECTOR;

+201

-0

src/ltc/misc/bcrypt/bcrypt.c less more

	0	/* LibTomCrypt, modular cryptographic library -- Tom St Denis
	1	*
	2	* LibTomCrypt is a library that provides various cryptographic
	3	* algorithms in a highly modular and flexible manner.
	4	*
	5	* The library is free for all purposes without any express
	6	* guarantee it works.
	7	*/
	8	#include "tomcrypt_private.h"
	9
	10	/**
	11	@file bcrypt.c
	12	bcrypt pbkdf, Steffen Jaeckel
	13	*/
	14	#ifdef LTC_BCRYPT
	15
	16	#define BCRYPT_WORDS 8
	17	#define BCRYPT_HASHSIZE (BCRYPT_WORDS * 4)
	18
	19	static int _bcrypt_hash(const unsigned char *pt,
	20	const unsigned char *pass, unsigned long passlen,
	21	const unsigned char *salt, unsigned long saltlen,
	22	unsigned char out, unsigned long outlen)
	23	{
	24	symmetric_key key;
	25	int err, n;
	26	ulong32 ct[BCRYPT_WORDS];
	27
	28	if ((err = blowfish_setup_with_data(pass, passlen, salt, saltlen, &key)) != CRYPT_OK) {
	29	return err;
	30	}
	31	for (n = 0; n < 64; ++n) {
	32	if ((err = blowfish_expand(salt, saltlen, NULL, 0, &key)) != CRYPT_OK) {
	33	return err;
	34	}
	35	if ((err = blowfish_expand(pass, passlen, NULL, 0, &key)) != CRYPT_OK) {
	36	return err;
	37	}
	38	}
	39
	40	for (n = 0; n < BCRYPT_WORDS; ++n) {
	41	LOAD32H(ct[n], &pt[n*4]);
	42	}
	43
	44	for (n = 0; n < 64; ++n) {
	45	blowfish_enc(ct, BCRYPT_WORDS/2, &key);
	46	}
	47
	48	for (n = 0; n < BCRYPT_WORDS; ++n) {
	49	STORE32L(ct[n], &out[4 * n]);
	50	}
	51	*outlen = sizeof(ct);
	52	#ifdef LTC_CLEAN_STACK
	53	zeromem(&key, sizeof(key));
	54	zeromem(ct, sizeof(ct));
	55	#endif
	56
	57	return CRYPT_OK;
	58	}
	59
	60	static int _bcrypt_pbkdf_hash(const unsigned char *pass, unsigned long passlen,
	61	const unsigned char *salt, unsigned long saltlen,
	62	unsigned char out, unsigned long outlen)
	63	{
	64	const unsigned char pt[] = "OxychromaticBlowfishSwatDynamite";
	65	return _bcrypt_hash(pt, pass, passlen, salt, saltlen, out, outlen);
	66	}
	67
	68	/**
	69	Compatible to bcrypt_pbkdf() as provided in OpenBSD
	70	@param password The input password (or key)
	71	@param password_len The length of the password (octets)
	72	@param salt The salt (or nonce)
	73	@param salt_len The length of the salt (octets)
	74	@param rounds # of iterations desired [read specs for more]
	75	@param hash_idx The index of the hash desired
	76	@param out [out] The destination for this algorithm
	77	@param outlen [in/out] The desired size of the algorithm output
	78	@return CRYPT_OK if successful
	79	*/
	80	int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len,
	81	const unsigned char *salt, unsigned long salt_len,
	82	unsigned int rounds, int hash_idx,
	83	unsigned char out, unsigned long outlen)
	84	{
	85	int err;
	86	ulong32 blkno;
	87	unsigned long left, itts, x, y, hashed_pass_len, step_size, steps, dest, used_rounds;
	88	unsigned char *buf[3], blkbuf[4];
	89	unsigned char *hashed_pass;
	90
	91	LTC_ARGCHK(secret != NULL);
	92	LTC_ARGCHK(salt != NULL);
	93	LTC_ARGCHK(out != NULL);
	94	LTC_ARGCHK(outlen != NULL);
	95
	96	if ((secret_len == 0) \|\| (salt_len == 0) \|\| (*outlen == 0)) {
	97	return CRYPT_INVALID_ARG;
	98	}
	99	/* test hash IDX */
	100	if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
	101	return err;
	102	}
	103	/* set default value for rounds if not given */
	104	if (rounds == 0) {
	105	used_rounds = LTC_BCRYPT_DEFAULT_ROUNDS;
	106	} else {
	107	used_rounds = rounds;
	108	}
	109
	110	buf[0] = XMALLOC(MAXBLOCKSIZE * 3);
	111	hashed_pass = XMALLOC(MAXBLOCKSIZE);
	112	if (buf[0] == NULL \|\| hashed_pass == NULL) {
	113	if (hashed_pass != NULL) {
	114	XFREE(hashed_pass);
	115	}
	116	if (buf[0] != NULL) {
	117	XFREE(buf[0]);
	118	}
	119	return CRYPT_MEM;
	120	}
	121	/* buf[1] points to the second block of MAXBLOCKSIZE bytes */
	122	buf[1] = buf[0] + MAXBLOCKSIZE;
	123	buf[2] = buf[1] + MAXBLOCKSIZE;
	124
	125	step_size = (*outlen + BCRYPT_HASHSIZE - 1) / BCRYPT_HASHSIZE;
	126	steps = (*outlen + step_size - 1) / step_size;
	127
	128	hashed_pass_len = MAXBLOCKSIZE;
	129	if ((err = hash_memory(hash_idx, (unsigned char*)secret, secret_len, hashed_pass, &hashed_pass_len)) != CRYPT_OK) {
	130	goto LBL_ERR;
	131	}
	132
	133	left = *outlen;
	134	blkno = 0;
	135	while (left != 0) {
	136	/* increment and store current block number */
	137	++blkno;
	138	STORE32H(blkno, blkbuf);
	139
	140	/* process block number blkno */
	141	zeromem(buf[0], MAXBLOCKSIZE*2);
	142
	143	x = MAXBLOCKSIZE;
	144	if ((err = hash_memory_multi(hash_idx, buf[0], &x,
	145	salt, salt_len,
	146	blkbuf, 4uL,
	147	NULL, 0)) != CRYPT_OK) {
	148	goto LBL_ERR;
	149	}
	150	y = MAXBLOCKSIZE;
	151	if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) {
	152	goto LBL_ERR;
	153	}
	154	XMEMCPY(buf[2], buf[1], y);
	155
	156	/* now compute repeated and XOR it in buf[2] */
	157	for (itts = 1; itts < used_rounds; ++itts) {
	158	x = MAXBLOCKSIZE;
	159	if ((err = hash_memory(hash_idx, buf[1], y, buf[0], &x)) != CRYPT_OK) {
	160	goto LBL_ERR;
	161	}
	162	y = MAXBLOCKSIZE;
	163	if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) {
	164	goto LBL_ERR;
	165	}
	166	for (x = 0; x < y; x++) {
	167	buf[2][x] ^= buf[1][x];
	168	}
	169	}
	170
	171	/* now emit upto `steps` bytes of buf[2] to output */
	172	steps = MIN(steps, left);
	173	for (y = 0; y < steps; ++y) {
	174	dest = y * step_size + (blkno - 1);
	175	if (dest >= *outlen)
	176	break;
	177	out[dest] = buf[2][y];
	178	}
	179	left -= y;
	180	}
	181
	182	err = CRYPT_OK;
	183	LBL_ERR:
	184	#ifdef LTC_CLEAN_STACK
	185	zeromem(buf[0], MAXBLOCKSIZE*3);
	186	zeromem(hashed_pass, MAXBLOCKSIZE);
	187	#endif
	188
	189	XFREE(hashed_pass);
	190	XFREE(buf[0]);
	191
	192	return err;
	193	}
	194
	195	#endif
	196
	197
	198	/* ref: $Format:%D$ */
	199	/* git commit: $Format:%H$ */
	200	/* commit time: $Format:%ai$ */

+1

-1

src/ltc/misc/crc32.c less more

187	187	unsigned char out[4];
188	188	crc32_state ctx;
189	189	crc32_init(&ctx);
190		crc32_update(&ctx, in, strlen(in));
	190	crc32_update(&ctx, in, XSTRLEN(in));
191	191	crc32_finish(&ctx, out, 4);
192	192	if (compare_testvector(crc32, 4, out, 4, "CRC32", 0)) {
193	193	return CRYPT_FAIL_TESTVECTOR;

+7

-0

src/ltc/misc/crypt/crypt.c less more

127	127	#if defined(LTC_SERPENT)
128	128	" Serpent\n"
129	129	#endif
	130	#if defined(LTC_TEA)
	131	" TEA\n"
	132	#endif
130	133	"Stream ciphers built-in:\n"
131	134	#if defined(LTC_CHACHA)
132	135	" ChaCha\n"

430	433	#if defined(LTC_BASE16)
431	434	" BASE16 "
432	435	#endif
	436	#if defined(LTC_BCRYPT)
	437	" BCRYPT "
	438	" " NAME_VALUE(LTC_BCRYPT_DEFAULT_ROUNDS) " "
	439	#endif
433	440	#if defined(LTC_CRC32)
434	441	" CRC32 "
435	442	#endif

+3

-0

src/ltc/misc/crypt/crypt_register_all_ciphers.c less more

97	97	#ifdef LTC_SERPENT
98	98	REGISTER_CIPHER(&serpent_desc);
99	99	#endif
	100	#ifdef LTC_TEA
	101	REGISTER_CIPHER(&tea_desc);
	102	#endif
100	103	return CRYPT_OK;
101	104	}
102	105

+5

-4

src/ltc/misc/padding/padding_pad.c less more

83	83	*/
84	84	int padding_pad(unsigned char data, unsigned long length, unsigned long padded_length, unsigned long mode)
85	85	{
86		unsigned long diff, l;
	86	unsigned long l;
87	87	enum padding_type type;
88	88	int err;
	89	unsigned char diff;
89	90
90	91	LTC_ARGCHK(data != NULL);
91	92	LTC_ARGCHK(padded_length != NULL);

110	111	return CRYPT_BUFFER_OVERFLOW;
111	112	}
112	113
113		diff = l - length;
114		if (diff > 255) return CRYPT_INVALID_ARG;
	114	if (l - length > 255) return CRYPT_INVALID_ARG;
	115	diff = (unsigned char)(l - length);
115	116
116	117	switch (type) {
117	118	case LTC_PAD_PKCS7:

119	120	break;
120	121	#ifdef LTC_RNG_GET_BYTES
121	122	case LTC_PAD_ISO_10126:
122		if (rng_get_bytes(&data[length], diff-1, NULL) != diff-1) {
	123	if (rng_get_bytes(&data[length], diff-1u, NULL) != diff-1u) {
123	124	return CRYPT_ERROR_READPRNG;
124	125	}
125	126	data[l-1] = diff;

+35

-22

src/ltc/misc/ssh/ssh_decode_sequence_multi.c less more

17	17
18	18	/**
19	19	Decode a SSH sequence using a VA list
20		@param in Data to decode
21		@param inlen Length of buffer to decode
22		@remark <...> is of the form <type, data> (int, void*) except for string <type, data, size>
	20	@param in The input buffer
	21	@param inlen [in/out] The length of the input buffer and on output the amount of decoded data
	22	@remark <...> is of the form <type, data> (int, <unsigned char,ulong32,ulong64>) except for string&name-list <type, data, size> (int, void, unsigned long*)
23	23	@return CRYPT_OK on success
24	24	*/
25		int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
	25	int ssh_decode_sequence_multi(const unsigned char in, unsigned long inlen, ...)
26	26	{
27	27	int err;
28	28	va_list args;

32	32	char *sdata;
33	33	ulong32 *u32data;
34	34	ulong64 *u64data;
35		unsigned long bufsize;
	35	unsigned long *bufsize;
36	36	ulong32 size;
	37	unsigned long remaining;
37	38
38	39	LTC_ARGCHK(in != NULL);
	40	LTC_ARGCHK(inlen != NULL);
39	41
	42	remaining = *inlen;
40	43	/* Decode values from buffer */
41	44	va_start(args, inlen);
42	45	while ((type = (ssh_data_type)va_arg(args, int)) != LTC_SSHDATA_EOL) {

46	49	type == LTC_SSHDATA_MPINT)
47	50	{
48	51	/* Check we'll not read too far */
49		if (inlen < 4) {
	52	if (remaining < 4) {
50	53	err = CRYPT_BUFFER_OVERFLOW;
51	54	goto error;
52	55	}

70	73	case LTC_SSHDATA_MPINT:
71	74	LOAD32H(size, in);
72	75	in += 4;
73		inlen -= 4;
	76	remaining -= 4;
74	77	break;
75	78
76	79	case LTC_SSHDATA_EOL:

80	83	}
81	84
82	85	/* Check we'll not read too far */
83		if (inlen < size) {
	86	if (remaining < size) {
84	87	err = CRYPT_BUFFER_OVERFLOW;
85	88	goto error;
86	89	} else {
87		inlen -= size;
	90	remaining -= size;
	91	}
	92
	93	vdata = va_arg(args, void*);
	94	if (vdata == NULL) {
	95	err = CRYPT_INVALID_ARG;
	96	goto error;
88	97	}
89	98
90	99	/* Read data */
91	100	switch (type) {
92	101	case LTC_SSHDATA_BYTE:
93		cdata = va_arg(args, unsigned char*);
	102	cdata = vdata;
94	103	cdata = in++;
95	104	break;
96	105	case LTC_SSHDATA_BOOLEAN:
97		cdata = va_arg(args, unsigned char*);
	106	cdata = vdata;
98	107	/*
99	108	The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be
100	109	interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1.
101		*/
	110	*/
102	111	cdata = (in++)?1:0;
103	112	break;
104	113	case LTC_SSHDATA_UINT32:
105		u32data = va_arg(args, ulong32*);
	114	u32data = vdata;
106	115	LOAD32H(*u32data, in);
107	116	in += 4;
108	117	break;
109	118	case LTC_SSHDATA_UINT64:
110		u64data = va_arg(args, ulong64*);
	119	u64data = vdata;
111	120	LOAD64H(*u64data, in);
112	121	in += 8;
113	122	break;
114	123	case LTC_SSHDATA_STRING:
115	124	case LTC_SSHDATA_NAMELIST:
116		sdata = va_arg(args, char*);
117		bufsize = va_arg(args, unsigned long);
118		if (size >= bufsize) {
	125	sdata = vdata;
	126	bufsize = va_arg(args, unsigned long*);
	127	if (bufsize == NULL) {
	128	err = CRYPT_INVALID_ARG;
	129	goto error;
	130	}
	131	if (size + 1 >= *bufsize) {
119	132	err = CRYPT_BUFFER_OVERFLOW;
120	133	goto error;
121	134	}
122	135	if (size > 0) {
123		XSTRNCPY(sdata, (const char *)in, size);
124		sdata[size] = '\0'; /* strncpy doesn't NUL-terminate */
125		} else {
126		*sdata = '\0';
	136	XMEMCPY(sdata, (const char *)in, size);
127	137	}
	138	sdata[size] = '\0';
	139	*bufsize = size;
128	140	in += size;
129	141	break;
130	142	case LTC_SSHDATA_MPINT:
131		vdata = va_arg(args, void*);
132	143	if (size == 0) {
133	144	if ((err = mp_set(vdata, 0)) != CRYPT_OK) { goto error; }
134	145	} else if ((in[0] & 0x80) != 0) {

149	160	}
150	161	err = CRYPT_OK;
151	162
	163	*inlen -= remaining;
	164
152	165	error:
153	166	va_end(args);
154	167	return err;

+7

-7

src/ltc/misc/ssh/ssh_encode_sequence_multi.c less more

19	19	Encode a SSH sequence using a VA list
20	20	@param out [out] Destination for data
21	21	@param outlen [in/out] Length of buffer and resulting length of output
22		@remark <...> is of the form <type, data> (int, void*)
	22	@remark <...> is of the form <type, data> (int, <int,ulong32,ulong64>) except for string&name-list <type, data, size> (int, void*, unsigned long)
23	23	@return CRYPT_OK on success
24	24	*/
25	25	int ssh_encode_sequence_multi(unsigned char out, unsigned long outlen, ...)

28	28	va_list args;
29	29	ulong32 size;
30	30	ssh_data_type type;
31		void *vdata;
32		const char *sdata;
	31	void *vdata;
	32	const char *sdata;
33	33	int idata;
34	34	ulong32 u32data;
35	35	ulong64 u64data;

57	57	break;
58	58	case LTC_SSHDATA_STRING:
59	59	case LTC_SSHDATA_NAMELIST:
60		sdata = va_arg(args, char*);
	60	LTC_UNUSED_PARAM( va_arg(args, char*) );
	61	size += va_arg(args, unsigned long);
61	62	size += 4;
62		size += strlen(sdata);
63	63	break;
64	64	case LTC_SSHDATA_MPINT:
65	65	vdata = va_arg(args, void*);

101	101	/*
102	102	The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be
103	103	interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1.
104		*/
	104	*/
105	105	*out++ = (idata)?1:0;
106	106	break;
107	107	case LTC_SSHDATA_UINT32:

117	117	case LTC_SSHDATA_STRING:
118	118	case LTC_SSHDATA_NAMELIST:
119	119	sdata = va_arg(args, char*);
120		size = strlen(sdata);
	120	size = va_arg(args, unsigned long);
121	121	STORE32H(size, out);
122	122	out += 4;
123	123	XMEMCPY(out, sdata, size);

+3

-2

src/ltc/pk/asn1/oid/pk_oid_str.c less more

10	10
11	11	int pk_oid_str_to_num(const char OID, unsigned long oid, unsigned long *oidlen)
12	12	{
13		unsigned long i, j, limit, OID_len, oid_j;
	13	unsigned long i, j, limit, oid_j;
	14	size_t OID_len;
14	15
15	16	LTC_ARGCHK(oidlen != NULL);
16	17

20	21
21	22	if (OID == NULL) return CRYPT_OK;
22	23
23		OID_len = strlen(OID);
	24	OID_len = XSTRLEN(OID);
24	25	if (OID_len == 0) return CRYPT_OK;
25	26
26	27	for (i = 0, j = 0; i < OID_len; i++) {

+6

-5

src/ltc/pk/ecc/ecc_recover_key.c less more

113	113	#ifdef LTC_SSH
114	114	else if (sigformat == LTC_ECCSIG_RFC5656) {
115	115	char name[64], name2[64];
116		unsigned long namelen = sizeof(name2);
	116	unsigned long namelen = sizeof(name);
	117	unsigned long name2len = sizeof(name2);
117	118
118	119	/* Decode as SSH data sequence, per RFC4251 */
119		if ((err = ssh_decode_sequence_multi(sig, siglen,
120		LTC_SSHDATA_STRING, name, 64,
	120	if ((err = ssh_decode_sequence_multi(sig, &siglen,
	121	LTC_SSHDATA_STRING, name, &namelen,
121	122	LTC_SSHDATA_MPINT, r,
122	123	LTC_SSHDATA_MPINT, s,
123	124	LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; }
124	125
125	126
126	127	/* Check curve matches identifier string */
127		if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; }
128		if (XSTRCMP(name,name2) != 0) {
	128	if ((err = ecc_ssh_ecdsa_encode_name(name2, &name2len, key)) != CRYPT_OK) { goto error; }
	129	if ((namelen != name2len) \|\| (XSTRCMP(name, name2) != 0)) {
129	130	err = CRYPT_INVALID_ARG;
130	131	goto error;
131	132	}

+1

-1

src/ltc/pk/ecc/ecc_sign_hash.c less more

163	163
164	164	/* Store as SSH data sequence, per RFC4251 */
165	165	err = ssh_encode_sequence_multi(out, outlen,
166		LTC_SSHDATA_STRING, name,
	166	LTC_SSHDATA_STRING, name, namelen,
167	167	LTC_SSHDATA_MPINT, r,
168	168	LTC_SSHDATA_MPINT, s,
169	169	LTC_SSHDATA_EOL, NULL);

+6

-4

src/ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.c less more

24	24	{
25	25	char oidstr[64];
26	26	unsigned long oidlen = sizeof(oidstr);
27		unsigned long size = 0;
28		int err;
	27	int err, size = 0;
29	28
30	29	LTC_ARGCHK(buffer != NULL);
31	30	LTC_ARGCHK(buflen != NULL);

51	50	size = snprintf(buffer, *buflen, "ecdsa-sha2-%s", oidstr);
52	51	}
53	52
54		/* snprintf returns size that would have been written, but limits to buflen-1 chars plus terminator */
55		if (size >= *buflen) {
	53	/* snprintf returns a negative value on error
	54	* or the size that would have been written, but limits to buflen-1 chars plus terminator */
	55	if (size < 0) {
	56	err = CRYPT_ERROR;
	57	} else if ((unsigned)size >= *buflen) {
56	58	err = CRYPT_BUFFER_OVERFLOW;
57	59	} else {
58	60	err = CRYPT_OK;

+6

-5

src/ltc/pk/ecc/ecc_verify_hash.c less more

99	99	#ifdef LTC_SSH
100	100	else if (sigformat == LTC_ECCSIG_RFC5656) {
101	101	char name[64], name2[64];
102		unsigned long namelen = sizeof(name2);
	102	unsigned long namelen = sizeof(name);
	103	unsigned long name2len = sizeof(name2);
103	104
104	105	/* Decode as SSH data sequence, per RFC4251 */
105		if ((err = ssh_decode_sequence_multi(sig, siglen,
106		LTC_SSHDATA_STRING, name, 64,
	106	if ((err = ssh_decode_sequence_multi(sig, &siglen,
	107	LTC_SSHDATA_STRING, name, &namelen,
107	108	LTC_SSHDATA_MPINT, r,
108	109	LTC_SSHDATA_MPINT, s,
109	110	LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; }
110	111
111	112
112	113	/* Check curve matches identifier string */
113		if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; }
114		if (XSTRCMP(name,name2) != 0) {
	114	if ((err = ecc_ssh_ecdsa_encode_name(name2, &name2len, key)) != CRYPT_OK) { goto error; }
	115	if ((namelen != name2len) \|\| (XSTRCMP(name, name2) != 0)) {
115	116	err = CRYPT_INVALID_ARG;
116	117	goto error;
117	118	}

+0

-32

~~src/ltc/pk/rsa/rsa_free.c~~ less more

0		/* LibTomCrypt, modular cryptographic library -- Tom St Denis
1		*
2		* LibTomCrypt is a library that provides various cryptographic
3		* algorithms in a highly modular and flexible manner.
4		*
5		* The library is free for all purposes without any express
6		* guarantee it works.
7		*/
8		#include "tomcrypt_private.h"
9
10		/**
11		@file rsa_free.c
12		Free an RSA key, Tom St Denis
13		*/
14
15		#ifdef LTC_MRSA
16
17		/**
18		Free an RSA key from memory
19		@param key The RSA key to free
20		*/
21		void rsa_free(rsa_key *key)
22		{
23		LTC_ARGCHKVD(key != NULL);
24		mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL);
25		}
26
27		#endif
28
29		/* ref: $Format:%D$ */
30		/* git commit: $Format:%H$ */
31		/* commit time: $Format:%ai$ */

+2

-3

src/ltc/pk/rsa/rsa_import.c less more

33	33	LTC_ARGCHK(ltc_mp.name != NULL);
34	34
35	35	/* init key */
36		if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ,
37		&key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
	36	if ((err = rsa_init(key)) != CRYPT_OK) {
38	37	return err;
39	38	}
40	39

112	111	goto LBL_FREE;
113	112
114	113	LBL_ERR:
115		mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
	114	rsa_free(key);
116	115
117	116	LBL_FREE:
118	117	if (tmpbuf != NULL) {

+6

-5

src/ltc/pk/rsa/rsa_import_pkcs8.c less more

77	77	buf2 = XMALLOC(buf2len);
78	78	if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE1; }
79	79
	80	if ((err = mp_init_multi(&zero, &iter, NULL)) != CRYPT_OK) { goto LBL_FREE2; }
80	81	/* init key */
81		err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, &zero, &iter, NULL);
82		if (err != CRYPT_OK) { goto LBL_FREE2; }
	82	if ((err = rsa_init(key)) != CRYPT_OK) { goto LBL_FREE3; }
83	83
84	84	/* try to decode encrypted priv key */
85	85	if ((err = pkcs8_decode_flexi(in, inlen, passwd, passwdlen, &l)) != CRYPT_OK) {

116	116	if (err != CRYPT_OK) { goto LBL_ERR; }
117	117	key->type = PK_PRIVATE;
118	118	err = CRYPT_OK;
119		goto LBL_FREE2;
	119	goto LBL_FREE3;
120	120
121	121	LBL_ERR:
122	122	rsa_free(key);
	123	LBL_FREE3:
	124	mp_clear_multi(iter, zero, NULL);
	125	if (l) der_free_sequence_flexi(l);
123	126	LBL_FREE2:
124		if (l) der_free_sequence_flexi(l);
125		mp_clear_multi(iter, zero, NULL);
126	127	XFREE(buf2);
127	128	LBL_FREE1:
128	129	XFREE(buf1);

+1

-2

src/ltc/pk/rsa/rsa_import_x509.c less more

39	39	LTC_ARGCHK(ltc_mp.name != NULL);
40	40
41	41	/* init key */
42		if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ,
43		&key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
	42	if ((err = rsa_init(key)) != CRYPT_OK) {
44	43	return err;
45	44	}
46	45

+113

-0

src/ltc/pk/rsa/rsa_key.c less more

	0	/* LibTomCrypt, modular cryptographic library -- Tom St Denis
	1	*
	2	* LibTomCrypt is a library that provides various cryptographic
	3	* algorithms in a highly modular and flexible manner.
	4	*
	5	* The library is free for all purposes without any express
	6	* guarantee it works.
	7	*/
	8	#include "tomcrypt_private.h"
	9
	10	/**
	11	@file rsa_key.c
	12	Free an RSA key, Tom St Denis
	13	Basic operations on an RSA key, Steffen Jaeckel
	14	*/
	15
	16	#ifdef LTC_MRSA
	17	#include <stdarg.h>
	18
	19	static void _mpi_shrink_multi(void **a, ...)
	20	{
	21	void **cur;
	22	unsigned n;
	23	int err;
	24	va_list args;
	25	void *tmp[10] = { 0 };
	26	void **arg[10] = { 0 };
	27
	28	/* We re-allocate in the order that we received the varargs */
	29	n = 0;
	30	err = CRYPT_ERROR;
	31	cur = a;
	32	va_start(args, a);
	33	while (cur != NULL) {
	34	if (n >= sizeof(tmp)/sizeof(tmp[0])) {
	35	goto out;
	36	}
	37	if (*cur != NULL) {
	38	arg[n] = cur;
	39	if ((err = mp_init_copy(&tmp[n], *arg[n])) != CRYPT_OK) {
	40	goto out;
	41	}
	42	n++;
	43	}
	44	cur = va_arg(args, void**);
	45	}
	46	va_end(args);
	47
	48	/* but we clear the old values in the reverse order */
	49	while (n != 0 && arg[--n] != NULL) {
	50	mp_clear(*arg[n]);
	51	*arg[n] = tmp[n];
	52	}
	53	out:
	54	va_end(args);
	55	/* clean-up after an error
	56	* or after this was called with too many args
	57	*/
	58	if ((err != CRYPT_OK) \|\|
	59	(n >= sizeof(tmp)/sizeof(tmp[0]))) {
	60	for (n = 0; n < sizeof(tmp)/sizeof(tmp[0]); ++n) {
	61	if (tmp[n] != NULL) {
	62	mp_clear(tmp[n]);
	63	}
	64	}
	65	}
	66	}
	67
	68	/**
	69	This shrinks the allocated memory of a RSA key
	70
	71	It will use up some more memory temporarily,
	72	but then it will free-up the entire sequence that
	73	was once allocated when the key was created/populated.
	74
	75	This only works with libtommath >= 1.2.0 in earlier versions
	76	it has the inverse effect due to the way it worked internally.
	77	Also works for GNU MP, tomsfastmath naturally shows no effect.
	78
	79	@param key The RSA key to shrink
	80	*/
	81	void rsa_shrink_key(rsa_key *key)
	82	{
	83	LTC_ARGCHKVD(key != NULL);
	84	_mpi_shrink_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
	85	}
	86
	87	/**
	88	Init an RSA key
	89	@param key The RSA key to free
	90	@return CRYPT_OK if successful
	91	*/
	92	int rsa_init(rsa_key *key)
	93	{
	94	LTC_ARGCHK(key != NULL);
	95	return mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
	96	}
	97
	98	/**
	99	Free an RSA key from memory
	100	@param key The RSA key to free
	101	*/
	102	void rsa_free(rsa_key *key)
	103	{
	104	LTC_ARGCHKVD(key != NULL);
	105	mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL);
	106	}
	107
	108	#endif
	109
	110	/* ref: $Format:%D$ */
	111	/* git commit: $Format:%H$ */
	112	/* commit time: $Format:%ai$ */

+3

-3

src/ltc/pk/rsa/rsa_make_key.c less more

67	67	if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = lcm(p-1, q-1) */
68	68
69	69	/* make key */
70		if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
	70	if ((err = rsa_init(key)) != CRYPT_OK) {
71	71	goto errkey;
72	72	}
73	73

77	77
78	78	/* optimize for CRT now */
79	79	/* find d mod q-1 and d mod p-1 */
80		if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */
81		if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */
	80	if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */
	81	if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = q-1 */
82	82	if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */
83	83	if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */
84	84	if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */

+1

-2

src/ltc/pk/rsa/rsa_set.c less more

34	34	LTC_ARGCHK(e != NULL);
35	35	LTC_ARGCHK(ltc_mp.name != NULL);
36	36
37		err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
38		if (err != CRYPT_OK) return err;
	37	if ((err = rsa_init(key)) != CRYPT_OK) return err;
39	38
40	39	if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK) { goto LBL_ERR; }
41	40	if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK) { goto LBL_ERR; }

+2

-2

src/ltc/prngs/fortuna.c less more

236	236	return err;
237	237	}
238	238	}
239		prng->u.fortuna.pool_idx = prng->u.fortuna.pool0_len = prng->u.fortuna.wd = 0;
240		prng->u.fortuna.reset_cnt = 0;
	239	prng->u.fortuna.pool_idx = prng->u.fortuna.pool0_len = 0;
	240	prng->u.fortuna.reset_cnt = prng->u.fortuna.wd = 0;
241	241
242	242	/* reset bufs */
243	243	zeromem(prng->u.fortuna.K, 32);

+1

-1

src/ltc/stream/chacha/chacha_done.c less more

18	18	int chacha_done(chacha_state *st)
19	19	{
20	20	LTC_ARGCHK(st != NULL);
21		XMEMSET(st, 0, sizeof(chacha_state));
	21	zeromem(st, sizeof(chacha_state));
22	22	return CRYPT_OK;
23	23	}
24	24

+1

-1

src/ltc/stream/chacha/chacha_memory.c less more

33	33
34	34	if ((err = chacha_setup(&st, key, keylen, rounds)) != CRYPT_OK) goto WIPE_KEY;
35	35	if (ivlen > 8) {
36		if ((err = chacha_ivctr32(&st, iv, ivlen, counter)) != CRYPT_OK) goto WIPE_KEY;
	36	if ((err = chacha_ivctr32(&st, iv, ivlen, (ulong32)counter)) != CRYPT_OK) goto WIPE_KEY;
37	37	} else {
38	38	if ((err = chacha_ivctr64(&st, iv, ivlen, counter)) != CRYPT_OK) goto WIPE_KEY;
39	39	}

+1

-1

src/ltc/stream/rabbit/rabbit.c less more

409	409	0xea, 0xec, 0x34, 0x9d, 0x8f, 0xb4, 0x6b, 0x60,
410	410	0x79, 0x1b, 0xea, 0x16, 0xcb, 0xef, 0x46, 0x87,
411	411	0x60, 0xa6, 0x55, 0x14, 0xff, 0xca, 0xac };
412		unsigned long ptlen = strlen(pt);
	412	unsigned long ptlen = XSTRLEN(pt);
413	413	unsigned char out2[1000] = { 0 };
414	414	unsigned char nulls[1000] = { 0 };
415	415

+1

-1

src/ltc/stream/rc4/rc4_stream.c less more

99	99	int rc4_stream_done(rc4_state *st)
100	100	{
101	101	LTC_ARGCHK(st != NULL);
102		XMEMSET(st, 0, sizeof(rc4_state));
	102	zeromem(st, sizeof(rc4_state));
103	103	return CRYPT_OK;
104	104	}
105	105

+1

-1

src/ltc/stream/salsa20/salsa20_done.c less more

18	18	int salsa20_done(salsa20_state *st)
19	19	{
20	20	LTC_ARGCHK(st != NULL);
21		XMEMSET(st, 0, sizeof(salsa20_state));
	21	zeromem(st, sizeof(salsa20_state));
22	22	return CRYPT_OK;
23	23	}
24	24

+1

-1

src/ltc/stream/sober128/sober128_stream.c less more

331	331	int sober128_stream_done(sober128_state *st)
332	332	{
333	333	LTC_ARGCHK(st != NULL);
334		XMEMSET(st, 0, sizeof(sober128_state));
	334	zeromem(st, sizeof(sober128_state));
335	335	return CRYPT_OK;
336	336	}
337	337

+1

-1

src/ltc/stream/sosemanuk/sosemanuk.c less more

804	804	int sosemanuk_done(sosemanuk_state *st)
805	805	{
806	806	LTC_ARGCHK(st != NULL);
807		XMEMSET(st, 0, sizeof(sosemanuk_state));
	807	zeromem(st, sizeof(sosemanuk_state));
808	808	return CRYPT_OK;
809	809	}
810	810