update libtomcrypt to devel/1937f412 2019-11-22 12:03:27 +0100
Karel Miko
4 years ago
| 118 | 118 | ltc/pk/ecc/ltc_ecc_mulmod.o ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o \ |
| 119 | 119 | ltc/pk/ecc/ltc_ecc_projective_add_point.o ltc/pk/ecc/ltc_ecc_projective_dbl_point.o \ |
| 120 | 120 | ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/ed25519/ed25519_export.o ltc/pk/ed25519/ed25519_import.o \ |
| 121 | ltc/pk/ed25519/ed25519_import_pkcs8.o ltc/pk/ed25519/ed25519_import_x509.o ltc/pk/ed25519/ed25519_make_key.o \ | |
| 122 | ltc/pk/ed25519/ed25519_set_key.o ltc/pk/ed25519/ed25519_sign.o ltc/pk/ed25519/ed25519_verify.o \ | |
| 121 | ltc/pk/ed25519/ed25519_import_pkcs8.o ltc/pk/ed25519/ed25519_import_raw.o ltc/pk/ed25519/ed25519_import_x509.o \ | |
| 122 | ltc/pk/ed25519/ed25519_make_key.o ltc/pk/ed25519/ed25519_sign.o ltc/pk/ed25519/ed25519_verify.o \ | |
| 123 | 123 | ltc/pk/pkcs1/pkcs_1_i2osp.o ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o \ |
| 124 | 124 | ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o \ |
| 125 | 125 | ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o \ |
| 128 | 128 | ltc/pk/rsa/rsa_import_x509.o ltc/pk/rsa/rsa_key.o ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o \ |
| 129 | 129 | ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o ltc/pk/rsa/rsa_verify_hash.o \ |
| 130 | 130 | ltc/pk/x25519/x25519_export.o ltc/pk/x25519/x25519_import.o ltc/pk/x25519/x25519_import_pkcs8.o \ |
| 131 | ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o ltc/pk/x25519/x25519_set_key.o \ | |
| 131 | ltc/pk/x25519/x25519_import_raw.o ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o \ | |
| 132 | 132 | ltc/pk/x25519/x25519_shared_secret.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \ |
| 133 | 133 | ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o ltc/prngs/sober128.o ltc/prngs/sprng.o \ |
| 134 | 134 | ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o ltc/stream/chacha/chacha_done.o \ |
| 125 | 125 | ltc/pk/ecc/ltc_ecc_mulmod.obj ltc/pk/ecc/ltc_ecc_mulmod_timing.obj ltc/pk/ecc/ltc_ecc_points.obj \ |
| 126 | 126 | ltc/pk/ecc/ltc_ecc_projective_add_point.obj ltc/pk/ecc/ltc_ecc_projective_dbl_point.obj \ |
| 127 | 127 | ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/ed25519/ed25519_export.obj ltc/pk/ed25519/ed25519_import.obj \ |
| 128 | ltc/pk/ed25519/ed25519_import_pkcs8.obj ltc/pk/ed25519/ed25519_import_x509.obj ltc/pk/ed25519/ed25519_make_key.obj \ | |
| 129 | ltc/pk/ed25519/ed25519_set_key.obj ltc/pk/ed25519/ed25519_sign.obj ltc/pk/ed25519/ed25519_verify.obj \ | |
| 128 | ltc/pk/ed25519/ed25519_import_pkcs8.obj ltc/pk/ed25519/ed25519_import_raw.obj ltc/pk/ed25519/ed25519_import_x509.obj \ | |
| 129 | ltc/pk/ed25519/ed25519_make_key.obj ltc/pk/ed25519/ed25519_sign.obj ltc/pk/ed25519/ed25519_verify.obj \ | |
| 130 | 130 | ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj ltc/pk/pkcs1/pkcs_1_oaep_decode.obj \ |
| 131 | 131 | ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj ltc/pk/pkcs1/pkcs_1_pss_decode.obj \ |
| 132 | 132 | ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj \ |
| 135 | 135 | ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_key.obj \ |
| 136 | 136 | ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \ |
| 137 | 137 | ltc/pk/rsa/rsa_verify_hash.obj ltc/pk/x25519/x25519_export.obj ltc/pk/x25519/x25519_import.obj \ |
| 138 | ltc/pk/x25519/x25519_import_pkcs8.obj ltc/pk/x25519/x25519_import_x509.obj ltc/pk/x25519/x25519_make_key.obj \ | |
| 139 | ltc/pk/x25519/x25519_set_key.obj ltc/pk/x25519/x25519_shared_secret.obj ltc/prngs/chacha20.obj \ | |
| 138 | ltc/pk/x25519/x25519_import_pkcs8.obj ltc/pk/x25519/x25519_import_raw.obj ltc/pk/x25519/x25519_import_x509.obj \ | |
| 139 | ltc/pk/x25519/x25519_make_key.obj ltc/pk/x25519/x25519_shared_secret.obj ltc/prngs/chacha20.obj \ | |
| 140 | 140 | ltc/prngs/fortuna.obj ltc/prngs/rc4.obj ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj \ |
| 141 | 141 | ltc/prngs/sober128.obj ltc/prngs/sprng.obj ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj \ |
| 142 | 142 | ltc/stream/chacha/chacha_done.obj ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj \ |
| 10 | 10 | typedef struct Hmac_state { |
| 11 | 11 | hash_state md; |
| 12 | 12 | int hash; |
| 13 | hash_state hashstate; | |
| 14 | 13 | unsigned char key[MAXBLOCKSIZE]; |
| 15 | 14 | } hmac_state; |
| 16 | 15 |
| 348 | 348 | /** Ed25519 Signature API */ |
| 349 | 349 | int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key); |
| 350 | 350 | |
| 351 | int ed25519_set_key(const unsigned char *sk, unsigned long sklen, | |
| 352 | const unsigned char *pk, unsigned long pklen, | |
| 353 | curve25519_key *key); | |
| 354 | ||
| 355 | 351 | int ed25519_export( unsigned char *out, unsigned long *outlen, |
| 356 | 352 | int which, |
| 357 | 353 | const curve25519_key *key); |
| 358 | 354 | |
| 359 | 355 | int ed25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key); |
| 356 | int ed25519_import_raw(const unsigned char *in, unsigned long inlen, int which, curve25519_key *key); | |
| 360 | 357 | int ed25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key); |
| 361 | 358 | int ed25519_import_pkcs8(const unsigned char *in, unsigned long inlen, |
| 362 | 359 | const void *pwd, unsigned long pwdlen, |
| 373 | 370 | /** X25519 Key-Exchange API */ |
| 374 | 371 | int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key); |
| 375 | 372 | |
| 376 | int x25519_set_key(const unsigned char *k, unsigned long klen, | |
| 377 | const unsigned char *u, unsigned long ulen, | |
| 378 | curve25519_key *key); | |
| 379 | ||
| 380 | 373 | int x25519_export( unsigned char *out, unsigned long *outlen, |
| 381 | 374 | int which, |
| 382 | 375 | const curve25519_key *key); |
| 383 | 376 | |
| 384 | 377 | int x25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key); |
| 378 | int x25519_import_raw(const unsigned char *in, unsigned long inlen, int which, curve25519_key *key); | |
| 385 | 379 | int x25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key); |
| 386 | 380 | int x25519_import_pkcs8(const unsigned char *in, unsigned long inlen, |
| 387 | 381 | const void *pwd, unsigned long pwdlen, |
| 12 | 12 | #ifdef LTM_DESC |
| 13 | 13 | |
| 14 | 14 | #include <tommath.h> |
| 15 | #if !defined(PRIVATE_MP_WARRAY) && !defined(BN_MP_PRIME_IS_PRIME_C) | |
| 16 | #include <stdbool.h> | |
| 17 | #endif | |
| 15 | 18 | |
| 16 | 19 | static const struct { |
| 17 | 20 | mp_err mpi_code; |
| 446 | 449 | static int isprime(void *a, int b, int *c) |
| 447 | 450 | { |
| 448 | 451 | int err; |
| 452 | #if defined(PRIVATE_MP_WARRAY) || defined(BN_MP_PRIME_IS_PRIME_C) | |
| 453 | int res; | |
| 454 | #else | |
| 455 | bool res; | |
| 456 | #endif | |
| 449 | 457 | LTC_ARGCHK(a != NULL); |
| 450 | 458 | LTC_ARGCHK(c != NULL); |
| 451 | 459 | b = mp_prime_rabin_miller_trials(mp_count_bits(a)); |
| 452 | err = mpi_to_ltc_error(mp_prime_is_prime(a, b, c)); | |
| 453 | *c = (*c == MP_YES) ? LTC_MP_YES : LTC_MP_NO; | |
| 460 | err = mpi_to_ltc_error(mp_prime_is_prime(a, b, &res)); | |
| 461 | *c = res ? LTC_MP_YES : LTC_MP_NO; | |
| 454 | 462 | return err; |
| 455 | 463 | } |
| 456 | 464 | |
| 9 | 9 | |
| 10 | 10 | /** |
| 11 | 11 | @file ed25519_import.c |
| 12 | Import a Ed25519 key from a binary packet, Steffen Jaeckel | |
| 12 | Import a Ed25519 key from a SubjectPublicKeyInfo, Steffen Jaeckel | |
| 13 | 13 | */ |
| 14 | 14 | |
| 15 | 15 | #ifdef LTC_CURVE25519 |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_import_raw.c | |
| 12 | Set the parameters of an Ed25519 key, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Set the parameters of an Ed25519 key | |
| 19 | ||
| 20 | @param in The key | |
| 21 | @param inlen The length of the key | |
| 22 | @param which Which type of key (PK_PRIVATE or PK_PUBLIC) | |
| 23 | @param key [out] Destination of the key | |
| 24 | @return CRYPT_OK if successful | |
| 25 | */ | |
| 26 | int ed25519_import_raw(const unsigned char *in, unsigned long inlen, int which, curve25519_key *key) | |
| 27 | { | |
| 28 | LTC_ARGCHK(in != NULL); | |
| 29 | LTC_ARGCHK(inlen == 32uL); | |
| 30 | LTC_ARGCHK(key != NULL); | |
| 31 | ||
| 32 | if (which == PK_PRIVATE) { | |
| 33 | XMEMCPY(key->priv, in, sizeof(key->priv)); | |
| 34 | tweetnacl_crypto_sk_to_pk(key->pub, key->priv); | |
| 35 | } else if (which == PK_PUBLIC) { | |
| 36 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
| 37 | } else { | |
| 38 | return CRYPT_INVALID_ARG; | |
| 39 | } | |
| 40 | key->algo = PKA_ED25519; | |
| 41 | key->type = which; | |
| 42 | ||
| 43 | return CRYPT_OK; | |
| 44 | } | |
| 45 | ||
| 46 | #endif | |
| 47 | ||
| 48 | /* ref: $Format:%D$ */ | |
| 49 | /* git commit: $Format:%H$ */ | |
| 50 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_set_ku.c | |
| 12 | Set the parameters of an Ed25519 key, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Set the parameters of an Ed25519 key | |
| 19 | ||
| 20 | In case sk and pk are given it is validated that pk is really the | |
| 21 | corresponding public part of the key pair. | |
| 22 | ||
| 23 | @param sk The secret key | |
| 24 | @param sklen The length of sk | |
| 25 | @param pk The public key | |
| 26 | @param pklen The length of pk | |
| 27 | @param key [out] Destination of the key | |
| 28 | @return CRYPT_OK if successful | |
| 29 | */ | |
| 30 | int ed25519_set_key(const unsigned char *sk, unsigned long sklen, | |
| 31 | const unsigned char *pk, unsigned long pklen, | |
| 32 | curve25519_key *key) | |
| 33 | { | |
| 34 | LTC_ARGCHK(key != NULL); | |
| 35 | ||
| 36 | if (sk != NULL) { | |
| 37 | LTC_ARGCHK(sklen == 32uL); | |
| 38 | XMEMCPY(key->priv, sk, sizeof(key->priv)); | |
| 39 | tweetnacl_crypto_sk_to_pk(key->pub, key->priv); | |
| 40 | if (pk != NULL) { | |
| 41 | LTC_ARGCHK(pklen == 32uL); | |
| 42 | if (XMEM_NEQ(pk, key->pub, sizeof(key->pub)) != 0) { | |
| 43 | zeromem(key, sizeof(*key)); | |
| 44 | return CRYPT_INVALID_ARG; | |
| 45 | } | |
| 46 | } | |
| 47 | key->type = PK_PRIVATE; | |
| 48 | } else if (pk != NULL) { | |
| 49 | LTC_ARGCHK(pklen == 32uL); | |
| 50 | XMEMCPY(key->pub, pk, sizeof(key->pub)); | |
| 51 | key->type = PK_PUBLIC; | |
| 52 | } else { | |
| 53 | return CRYPT_INVALID_ARG; | |
| 54 | } | |
| 55 | key->algo = PKA_ED25519; | |
| 56 | ||
| 57 | return CRYPT_OK; | |
| 58 | } | |
| 59 | ||
| 60 | #endif | |
| 61 | ||
| 62 | /* ref: $Format:%D$ */ | |
| 63 | /* git commit: $Format:%H$ */ | |
| 64 | /* commit time: $Format:%ai$ */ |
| 9 | 9 | |
| 10 | 10 | /** |
| 11 | 11 | @file x25519_import.c |
| 12 | Import a X25519 key from a binary packet, Steffen Jaeckel | |
| 12 | Import a X25519 key from a SubjectPublicKeyInfo, Steffen Jaeckel | |
| 13 | 13 | */ |
| 14 | 14 | |
| 15 | 15 | #ifdef LTC_CURVE25519 |
| 16 | 16 | |
| 17 | 17 | /** |
| 18 | Import a X25519 key from a binary packet | |
| 18 | Import a X25519 key | |
| 19 | 19 | @param in The packet to read |
| 20 | 20 | @param inlen The length of the input packet |
| 21 | 21 | @param key [out] Where to import the key to |
| 28 | 28 | |
| 29 | 29 | LTC_ARGCHK(in != NULL); |
| 30 | 30 | LTC_ARGCHK(key != NULL); |
| 31 | ||
| 32 | /* There's only one case where the inlen is equal to the pubkey-size | |
| 33 | * and that's a raw pubkey, so let's just do a raw import. | |
| 34 | */ | |
| 35 | if (inlen == sizeof(key->pub)) { | |
| 36 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
| 37 | key->type = PK_PUBLIC; | |
| 38 | key->algo = PKA_X25519; | |
| 39 | return CRYPT_OK; | |
| 40 | } | |
| 41 | 31 | |
| 42 | 32 | key_len = sizeof(key->pub); |
| 43 | 33 | if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_X25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_import_raw.c | |
| 12 | Set the parameters of a X25519 key, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Set the parameters of a X25519 key | |
| 19 | ||
| 20 | @param in The key | |
| 21 | @param inlen The length of the key | |
| 22 | @param which Which type of key (PK_PRIVATE or PK_PUBLIC) | |
| 23 | @param key [out] Destination of the key | |
| 24 | @return CRYPT_OK if successful | |
| 25 | */ | |
| 26 | int x25519_import_raw(const unsigned char *in, unsigned long inlen, int which, curve25519_key *key) | |
| 27 | { | |
| 28 | LTC_ARGCHK(in != NULL); | |
| 29 | LTC_ARGCHK(inlen == 32uL); | |
| 30 | LTC_ARGCHK(key != NULL); | |
| 31 | ||
| 32 | if (which == PK_PRIVATE) { | |
| 33 | XMEMCPY(key->priv, in, sizeof(key->priv)); | |
| 34 | tweetnacl_crypto_scalarmult_base(key->pub, key->priv); | |
| 35 | } else if (which == PK_PUBLIC) { | |
| 36 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
| 37 | } else { | |
| 38 | return CRYPT_INVALID_ARG; | |
| 39 | } | |
| 40 | key->algo = PKA_X25519; | |
| 41 | key->type = which; | |
| 42 | ||
| 43 | return CRYPT_OK; | |
| 44 | } | |
| 45 | ||
| 46 | #endif | |
| 47 | ||
| 48 | /* ref: $Format:%D$ */ | |
| 49 | /* git commit: $Format:%H$ */ | |
| 50 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_set_ku.c | |
| 12 | Set the parameters of a X25519 key, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Set the parameters of a X25519 key | |
| 19 | ||
| 20 | In case k and u are given it is validated that u is really the | |
| 21 | corresponding public part of the key pair | |
| 22 | ||
| 23 | @param k The k value (a.k.a scalar or private part) | |
| 24 | @param klen The length of k | |
| 25 | @param u The u-coordinate (a.k.a public part) | |
| 26 | @param ulen The length of u | |
| 27 | @param key [out] Destination of the key | |
| 28 | @return CRYPT_OK if successful | |
| 29 | */ | |
| 30 | int x25519_set_key(const unsigned char *k, unsigned long klen, | |
| 31 | const unsigned char *u, unsigned long ulen, | |
| 32 | curve25519_key *key) | |
| 33 | { | |
| 34 | LTC_ARGCHK(key != NULL); | |
| 35 | ||
| 36 | if (k != NULL) { | |
| 37 | LTC_ARGCHK(klen == 32uL); | |
| 38 | XMEMCPY(key->priv, k, sizeof(key->priv)); | |
| 39 | tweetnacl_crypto_scalarmult_base(key->pub, key->priv); | |
| 40 | if (u != NULL) { | |
| 41 | LTC_ARGCHK(ulen == 32uL); | |
| 42 | if (XMEM_NEQ(u, key->pub, sizeof(key->pub)) != 0) { | |
| 43 | zeromem(key, sizeof(*key)); | |
| 44 | return CRYPT_INVALID_ARG; | |
| 45 | } | |
| 46 | } | |
| 47 | key->type = PK_PRIVATE; | |
| 48 | } else if (u != NULL) { | |
| 49 | LTC_ARGCHK(ulen == 32uL); | |
| 50 | XMEMCPY(key->pub, u, sizeof(key->pub)); | |
| 51 | key->type = PK_PUBLIC; | |
| 52 | } else { | |
| 53 | return CRYPT_INVALID_ARG; | |
| 54 | } | |
| 55 | key->algo = PKA_X25519; | |
| 56 | ||
| 57 | return CRYPT_OK; | |
| 58 | } | |
| 59 | ||
| 60 | #endif | |
| 61 | ||
| 62 | /* ref: $Format:%D$ */ | |
| 63 | /* git commit: $Format:%H$ */ | |
| 64 | /* commit time: $Format:%ai$ */ |