New upstream version 0.066
gregor herrmann
4 years ago
| 0 | 0 | Changes for CryptX |
| 1 | ||
| 2 | 0.066 2019-10-20 | |
| 3 | - fix #57 Build fails on i686 | |
| 4 | - bundled libtomcrypt update branch:develop (commit:354c9051 2019-10-20) | |
| 5 | - no perl module code change | |
| 6 | ||
| 7 | 0.065 2019-10-19 | |
| 8 | - fix #56 Math::BigInt 1.999817 breaks the tests of CryptX | |
| 9 | - bundled libtomcrypt update branch:develop (commit:25410c75 2019-10-17) | |
| 10 | - no perl module code change, just tests | |
| 1 | 11 | |
| 2 | 12 | 0.064 2019-06-14 |
| 3 | 13 | - fix #50 libtommath patch - building on HP-UX 11.11 / PA-RISC |
| 171 | 171 | src/ltc/ciphers/safer/saferp.c |
| 172 | 172 | src/ltc/ciphers/serpent.c |
| 173 | 173 | src/ltc/ciphers/skipjack.c |
| 174 | src/ltc/ciphers/tea.c | |
| 174 | 175 | src/ltc/ciphers/twofish/twofish.c |
| 175 | 176 | src/ltc/ciphers/twofish/twofish_tab.c |
| 176 | 177 | src/ltc/ciphers/xtea.c |
| 316 | 317 | src/ltc/misc/base32/base32_encode.c |
| 317 | 318 | src/ltc/misc/base64/base64_decode.c |
| 318 | 319 | src/ltc/misc/base64/base64_encode.c |
| 320 | src/ltc/misc/bcrypt/bcrypt.c | |
| 319 | 321 | src/ltc/misc/burn_stack.c |
| 320 | 322 | src/ltc/misc/compare_testvector.c |
| 321 | 323 | src/ltc/misc/copy_or_zeromem.c |
| 483 | 485 | src/ltc/pk/dsa/dsa_sign_hash.c |
| 484 | 486 | src/ltc/pk/dsa/dsa_verify_hash.c |
| 485 | 487 | src/ltc/pk/dsa/dsa_verify_key.c |
| 488 | src/ltc/pk/ec25519/ec25519_export.c | |
| 489 | src/ltc/pk/ec25519/ec25519_import_pkcs8.c | |
| 490 | src/ltc/pk/ec25519/tweetnacl.c | |
| 486 | 491 | src/ltc/pk/ecc/ecc.c |
| 487 | 492 | src/ltc/pk/ecc/ecc_ansi_x963_export.c |
| 488 | 493 | src/ltc/pk/ecc/ecc_ansi_x963_import.c |
| 521 | 526 | src/ltc/pk/ecc/ltc_ecc_projective_add_point.c |
| 522 | 527 | src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c |
| 523 | 528 | src/ltc/pk/ecc/ltc_ecc_verify_key.c |
| 529 | src/ltc/pk/ed25519/ed25519_export.c | |
| 530 | src/ltc/pk/ed25519/ed25519_import.c | |
| 531 | src/ltc/pk/ed25519/ed25519_import_pkcs8.c | |
| 532 | src/ltc/pk/ed25519/ed25519_import_x509.c | |
| 533 | src/ltc/pk/ed25519/ed25519_make_key.c | |
| 534 | src/ltc/pk/ed25519/ed25519_set_key.c | |
| 535 | src/ltc/pk/ed25519/ed25519_sign.c | |
| 536 | src/ltc/pk/ed25519/ed25519_verify.c | |
| 524 | 537 | src/ltc/pk/pkcs1/pkcs_1_i2osp.c |
| 525 | 538 | src/ltc/pk/pkcs1/pkcs_1_mgf1.c |
| 526 | 539 | src/ltc/pk/pkcs1/pkcs_1_oaep_decode.c |
| 534 | 547 | src/ltc/pk/rsa/rsa_encrypt_key.c |
| 535 | 548 | src/ltc/pk/rsa/rsa_export.c |
| 536 | 549 | src/ltc/pk/rsa/rsa_exptmod.c |
| 537 | src/ltc/pk/rsa/rsa_free.c | |
| 538 | 550 | src/ltc/pk/rsa/rsa_get_size.c |
| 539 | 551 | src/ltc/pk/rsa/rsa_import.c |
| 540 | 552 | src/ltc/pk/rsa/rsa_import_pkcs8.c |
| 541 | 553 | src/ltc/pk/rsa/rsa_import_x509.c |
| 554 | src/ltc/pk/rsa/rsa_key.c | |
| 542 | 555 | src/ltc/pk/rsa/rsa_make_key.c |
| 543 | 556 | src/ltc/pk/rsa/rsa_set.c |
| 544 | 557 | src/ltc/pk/rsa/rsa_sign_hash.c |
| 545 | 558 | src/ltc/pk/rsa/rsa_sign_saltlen_get.c |
| 546 | 559 | src/ltc/pk/rsa/rsa_verify_hash.c |
| 560 | src/ltc/pk/x25519/x25519_export.c | |
| 561 | src/ltc/pk/x25519/x25519_import.c | |
| 562 | src/ltc/pk/x25519/x25519_import_pkcs8.c | |
| 563 | src/ltc/pk/x25519/x25519_import_x509.c | |
| 564 | src/ltc/pk/x25519/x25519_make_key.c | |
| 565 | src/ltc/pk/x25519/x25519_set_key.c | |
| 566 | src/ltc/pk/x25519/x25519_shared_secret.c | |
| 547 | 567 | src/ltc/prngs/chacha20.c |
| 548 | 568 | src/ltc/prngs/fortuna.c |
| 549 | 569 | src/ltc/prngs/rc4.c |
| 44 | 44 | "url" : "https://github.com/DCIT/perl-CryptX" |
| 45 | 45 | } |
| 46 | 46 | }, |
| 47 | "version" : "0.064", | |
| 47 | "version" : "0.066", | |
| 48 | 48 | "x_serialization_backend" : "JSON::PP version 2.94" |
| 49 | 49 | } |
| 21 | 21 | resources: |
| 22 | 22 | bugtracker: https://github.com/DCIT/perl-CryptX/issues |
| 23 | 23 | repository: https://github.com/DCIT/perl-CryptX |
| 24 | version: '0.064' | |
| 24 | version: '0.066' | |
| 25 | 25 | x_serialization_backend: 'CPAN::Meta::YAML version 0.018' |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( ccm_encrypt_authenticate ccm_decrypt_verify )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( eax_encrypt_authenticate eax_decrypt_verify )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( gcm_encrypt_authenticate gcm_decrypt_verify )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( ocb_encrypt_authenticate ocb_decrypt_verify )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | ### not used |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use base qw(Crypt::Checksum Exporter); |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use base qw(Crypt::Checksum Exporter); |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( crc32_data crc32_data_hex crc32_data_int crc32_file crc32_file_hex crc32_file_int )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw/ adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Cipher); |
| 9 | 9 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use Carp; |
| 7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_160 blake2b_160_hex blake2b_160_b64 blake2b_160_b64u blake2b_160_file blake2b_160_file_hex blake2b_160_file_b64 blake2b_160_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_256 blake2b_256_hex blake2b_256_b64 blake2b_256_b64u blake2b_256_file blake2b_256_file_hex blake2b_256_file_b64 blake2b_256_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_384 blake2b_384_hex blake2b_384_b64 blake2b_384_b64u blake2b_384_file blake2b_384_file_hex blake2b_384_file_b64 blake2b_384_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_512 blake2b_512_hex blake2b_512_b64 blake2b_512_b64u blake2b_512_file blake2b_512_file_hex blake2b_512_file_b64 blake2b_512_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_128 blake2s_128_hex blake2s_128_b64 blake2s_128_b64u blake2s_128_file blake2s_128_file_hex blake2s_128_file_b64 blake2s_128_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_160 blake2s_160_hex blake2s_160_b64 blake2s_160_b64u blake2s_160_file blake2s_160_file_hex blake2s_160_file_b64 blake2s_160_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_224 blake2s_224_hex blake2s_224_b64 blake2s_224_b64u blake2s_224_file blake2s_224_file_hex blake2s_224_file_b64 blake2s_224_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_256 blake2s_256_hex blake2s_256_b64 blake2s_256_b64u blake2s_256_file blake2s_256_file_hex blake2s_256_file_b64 blake2s_256_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( chaes chaes_hex chaes_b64 chaes_b64u chaes_file chaes_file_hex chaes_file_b64 chaes_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak224 keccak224_hex keccak224_b64 keccak224_b64u keccak224_file keccak224_file_hex keccak224_file_b64 keccak224_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak256 keccak256_hex keccak256_b64 keccak256_b64u keccak256_file keccak256_file_hex keccak256_file_b64 keccak256_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak384 keccak384_hex keccak384_b64 keccak384_b64u keccak384_file keccak384_file_hex keccak384_file_b64 keccak384_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak512 keccak512_hex keccak512_b64 keccak512_b64u keccak512_file keccak512_file_hex keccak512_file_b64 keccak512_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( md2 md2_hex md2_b64 md2_b64u md2_file md2_file_hex md2_file_b64 md2_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( md4 md4_hex md4_b64 md4_b64u md4_file md4_file_hex md4_file_b64 md4_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( md5 md5_hex md5_b64 md5_b64u md5_file md5_file_hex md5_file_b64 md5_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd128 ripemd128_hex ripemd128_b64 ripemd128_b64u ripemd128_file ripemd128_file_hex ripemd128_file_b64 ripemd128_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd160 ripemd160_hex ripemd160_b64 ripemd160_b64u ripemd160_file ripemd160_file_hex ripemd160_file_b64 ripemd160_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd256 ripemd256_hex ripemd256_b64 ripemd256_b64u ripemd256_file ripemd256_file_hex ripemd256_file_b64 ripemd256_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd320 ripemd320_hex ripemd320_b64 ripemd320_b64u ripemd320_file ripemd320_file_hex ripemd320_file_b64 ripemd320_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha1 sha1_hex sha1_b64 sha1_b64u sha1_file sha1_file_hex sha1_file_b64 sha1_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha224 sha224_hex sha224_b64 sha224_b64u sha224_file sha224_file_hex sha224_file_b64 sha224_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha256 sha256_hex sha256_b64 sha256_b64u sha256_file sha256_file_hex sha256_file_b64 sha256_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha384 sha384_hex sha384_b64 sha384_b64u sha384_file sha384_file_hex sha384_file_b64 sha384_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_224 sha3_224_hex sha3_224_b64 sha3_224_b64u sha3_224_file sha3_224_file_hex sha3_224_file_b64 sha3_224_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_256 sha3_256_hex sha3_256_b64 sha3_256_b64u sha3_256_file sha3_256_file_hex sha3_256_file_b64 sha3_256_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_384 sha3_384_hex sha3_384_b64 sha3_384_b64u sha3_384_file sha3_384_file_hex sha3_384_file_b64 sha3_384_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_512 sha3_512_hex sha3_512_b64 sha3_512_b64u sha3_512_file sha3_512_file_hex sha3_512_file_b64 sha3_512_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512 sha512_hex sha512_b64 sha512_b64u sha512_file sha512_file_hex sha512_file_b64 sha512_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512_224 sha512_224_hex sha512_224_b64 sha512_224_b64u sha512_224_file sha512_224_file_hex sha512_224_file_b64 sha512_224_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512_256 sha512_256_hex sha512_256_b64 sha512_256_b64u sha512_256_file sha512_256_file_hex sha512_256_file_b64 sha512_256_file_b64u )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use Carp; |
| 7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( tiger192 tiger192_hex tiger192_b64 tiger192_b64u tiger192_file tiger192_file_hex tiger192_file_b64 tiger192_file_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Digest Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( whirlpool whirlpool_hex whirlpool_b64 whirlpool_b64u whirlpool_file whirlpool_file_hex whirlpool_file_b64 whirlpool_file_b64u )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract)] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b blake2b_hex blake2b_b64 blake2b_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s blake2s_hex blake2s_b64 blake2s_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( f9 f9_hex f9_b64 f9_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( hmac hmac_hex hmac_b64 hmac_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( omac omac_hex omac_b64 omac_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( pmac pmac_hex pmac_b64 pmac_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( pelican pelican_hex pelican_b64 pelican_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( poly1305 poly1305_hex poly1305_b64 poly1305_b64u )] ); |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use base qw(Crypt::Mac Exporter); |
| 9 | 9 | our %EXPORT_TAGS = ( all => [qw( xcbc xcbc_hex xcbc_b64 xcbc_b64u )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use Carp; |
| 7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import'; |
| 7 | 7 | use Carp 'croak'; |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use Crypt::Cipher; |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use Crypt::Cipher; |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use Crypt::Cipher; |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use Crypt::Cipher; |
| 9 | 9 |
| 3 | 3 | |
| 4 | 4 | use strict; |
| 5 | 5 | use warnings; |
| 6 | our $VERSION = '0.064'; | |
| 6 | our $VERSION = '0.066'; | |
| 7 | 7 | |
| 8 | 8 | use Crypt::Cipher; |
| 9 | 9 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | ### not used |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( dh_shared_secret )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_message dsa_sign_hash dsa_verify_hash )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw( ecc_encrypt ecc_decrypt ecc_sign_message ecc_verify_message ecc_sign_hash ecc_verify_hash ecc_shared_secret )] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_message rsa_sign_hash rsa_verify_hash)] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use Carp; |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use base qw(Crypt::PRNG Exporter); |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use base qw(Crypt::PRNG Exporter); |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use base qw(Crypt::PRNG Exporter); |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use base qw(Crypt::PRNG Exporter); |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use base qw(Crypt::PRNG Exporter); |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
| 7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use CryptX; |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use CryptX; |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use CryptX; |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use CryptX; |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use CryptX; |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use CryptX; |
| 7 | 7 |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings ; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | require XSLoader; |
| 7 | 7 | XSLoader::load('CryptX', $VERSION); |
| 1 | 1 | |
| 2 | 2 | use strict; |
| 3 | 3 | use warnings; |
| 4 | our $VERSION = '0.064'; | |
| 4 | our $VERSION = '0.066'; | |
| 5 | 5 | |
| 6 | 6 | use CryptX; |
| 7 | 7 | use Carp; |
| 0 | 0 | OBJS=ltc/ciphers/anubis.o ltc/ciphers/blowfish.o ltc/ciphers/camellia.o ltc/ciphers/cast5.o \ |
| 1 | 1 | ltc/ciphers/des.o ltc/ciphers/idea.o ltc/ciphers/kasumi.o ltc/ciphers/khazad.o ltc/ciphers/kseed.o \ |
| 2 | 2 | ltc/ciphers/multi2.o ltc/ciphers/noekeon.o ltc/ciphers/rc2.o ltc/ciphers/rc5.o ltc/ciphers/rc6.o \ |
| 3 | ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/xtea.o ltc/ciphers/aes/aes.o \ | |
| 4 | ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \ | |
| 3 | ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/tea.o ltc/ciphers/xtea.o \ | |
| 4 | ltc/ciphers/aes/aes.o ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \ | |
| 5 | 5 | ltc/encauth/ccm/ccm_add_aad.o ltc/encauth/ccm/ccm_add_nonce.o ltc/encauth/ccm/ccm_done.o \ |
| 6 | 6 | ltc/encauth/ccm/ccm_init.o ltc/encauth/ccm/ccm_memory.o ltc/encauth/ccm/ccm_process.o \ |
| 7 | 7 | ltc/encauth/ccm/ccm_reset.o ltc/encauth/chachapoly/chacha20poly1305_add_aad.o ltc/encauth/chachapoly/chacha20poly1305_decrypt.o \ |
| 43 | 43 | ltc/misc/crc32.o ltc/misc/error_to_string.o ltc/misc/mem_neq.o ltc/misc/zeromem.o \ |
| 44 | 44 | ltc/misc/base16/base16_decode.o ltc/misc/base16/base16_encode.o ltc/misc/base32/base32_decode.o \ |
| 45 | 45 | ltc/misc/base32/base32_encode.o ltc/misc/base64/base64_decode.o ltc/misc/base64/base64_encode.o \ |
| 46 | ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \ | |
| 46 | ltc/misc/bcrypt/bcrypt.o ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \ | |
| 47 | 47 | ltc/misc/crypt/crypt_cipher_is_valid.o ltc/misc/crypt/crypt_constants.o ltc/misc/crypt/crypt_find_cipher.o \ |
| 48 | 48 | ltc/misc/crypt/crypt_find_cipher_any.o ltc/misc/crypt/crypt_find_cipher_id.o ltc/misc/crypt/crypt_find_hash.o \ |
| 49 | 49 | ltc/misc/crypt/crypt_find_hash_any.o ltc/misc/crypt/crypt_find_hash_id.o ltc/misc/crypt/crypt_find_hash_oid.o \ |
| 103 | 103 | ltc/pk/dsa/dsa_encrypt_key.o ltc/pk/dsa/dsa_export.o ltc/pk/dsa/dsa_free.o ltc/pk/dsa/dsa_generate_key.o \ |
| 104 | 104 | ltc/pk/dsa/dsa_generate_pqg.o ltc/pk/dsa/dsa_import.o ltc/pk/dsa/dsa_make_key.o ltc/pk/dsa/dsa_set.o \ |
| 105 | 105 | ltc/pk/dsa/dsa_set_pqg_dsaparam.o ltc/pk/dsa/dsa_shared_secret.o ltc/pk/dsa/dsa_sign_hash.o \ |
| 106 | ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ecc/ecc.o ltc/pk/ecc/ecc_ansi_x963_export.o \ | |
| 107 | ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o ltc/pk/ecc/ecc_encrypt_key.o \ | |
| 108 | ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_find_curve.o \ | |
| 109 | ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_oid_str.o ltc/pk/ecc/ecc_get_size.o \ | |
| 110 | ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o ltc/pk/ecc/ecc_import_pkcs8.o \ | |
| 111 | ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o ltc/pk/ecc/ecc_recover_key.o \ | |
| 112 | ltc/pk/ecc/ecc_set_curve.o ltc/pk/ecc/ecc_set_curve_internal.o ltc/pk/ecc/ecc_set_key.o \ | |
| 113 | ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o \ | |
| 114 | ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.o ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ltc_ecc_export_point.o \ | |
| 115 | ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o \ | |
| 116 | ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o ltc/pk/ecc/ltc_ecc_mulmod.o \ | |
| 117 | ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o ltc/pk/ecc/ltc_ecc_projective_add_point.o \ | |
| 118 | ltc/pk/ecc/ltc_ecc_projective_dbl_point.o ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/pkcs1/pkcs_1_i2osp.o \ | |
| 119 | ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o ltc/pk/pkcs1/pkcs_1_oaep_encode.o \ | |
| 120 | ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o ltc/pk/pkcs1/pkcs_1_pss_encode.o \ | |
| 121 | ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o ltc/pk/rsa/rsa_decrypt_key.o \ | |
| 122 | ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o \ | |
| 123 | ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o \ | |
| 124 | ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \ | |
| 125 | ltc/pk/rsa/rsa_verify_hash.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \ | |
| 106 | ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ec25519/ec25519_export.o \ | |
| 107 | ltc/pk/ec25519/ec25519_import_pkcs8.o ltc/pk/ec25519/tweetnacl.o ltc/pk/ecc/ecc.o \ | |
| 108 | ltc/pk/ecc/ecc_ansi_x963_export.o ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o \ | |
| 109 | ltc/pk/ecc/ecc_encrypt_key.o ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o \ | |
| 110 | ltc/pk/ecc/ecc_find_curve.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_oid_str.o \ | |
| 111 | ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o \ | |
| 112 | ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o \ | |
| 113 | ltc/pk/ecc/ecc_recover_key.o ltc/pk/ecc/ecc_set_curve.o ltc/pk/ecc/ecc_set_curve_internal.o \ | |
| 114 | ltc/pk/ecc/ecc_set_key.o ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o \ | |
| 115 | ltc/pk/ecc/ecc_sizes.o ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.o ltc/pk/ecc/ecc_verify_hash.o \ | |
| 116 | ltc/pk/ecc/ltc_ecc_export_point.o ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o \ | |
| 117 | ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o \ | |
| 118 | ltc/pk/ecc/ltc_ecc_mulmod.o ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o \ | |
| 119 | ltc/pk/ecc/ltc_ecc_projective_add_point.o ltc/pk/ecc/ltc_ecc_projective_dbl_point.o \ | |
| 120 | ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/ed25519/ed25519_export.o ltc/pk/ed25519/ed25519_import.o \ | |
| 121 | ltc/pk/ed25519/ed25519_import_pkcs8.o ltc/pk/ed25519/ed25519_import_x509.o ltc/pk/ed25519/ed25519_make_key.o \ | |
| 122 | ltc/pk/ed25519/ed25519_set_key.o ltc/pk/ed25519/ed25519_sign.o ltc/pk/ed25519/ed25519_verify.o \ | |
| 123 | ltc/pk/pkcs1/pkcs_1_i2osp.o ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o \ | |
| 124 | ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o \ | |
| 125 | ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o \ | |
| 126 | ltc/pk/rsa/rsa_decrypt_key.o ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o \ | |
| 127 | ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o \ | |
| 128 | ltc/pk/rsa/rsa_import_x509.o ltc/pk/rsa/rsa_key.o ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o \ | |
| 129 | ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o ltc/pk/rsa/rsa_verify_hash.o \ | |
| 130 | ltc/pk/x25519/x25519_export.o ltc/pk/x25519/x25519_import.o ltc/pk/x25519/x25519_import_pkcs8.o \ | |
| 131 | ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o ltc/pk/x25519/x25519_set_key.o \ | |
| 132 | ltc/pk/x25519/x25519_shared_secret.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \ | |
| 126 | 133 | ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o ltc/prngs/sober128.o ltc/prngs/sprng.o \ |
| 127 | 134 | ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o ltc/stream/chacha/chacha_done.o \ |
| 128 | 135 | ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o ltc/stream/chacha/chacha_keystream.o \ |
| 1 | 1 | ltc/ciphers/des.obj ltc/ciphers/idea.obj ltc/ciphers/kasumi.obj ltc/ciphers/khazad.obj \ |
| 2 | 2 | ltc/ciphers/kseed.obj ltc/ciphers/multi2.obj ltc/ciphers/noekeon.obj ltc/ciphers/rc2.obj \ |
| 3 | 3 | ltc/ciphers/rc5.obj ltc/ciphers/rc6.obj ltc/ciphers/serpent.obj ltc/ciphers/skipjack.obj \ |
| 4 | ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj ltc/ciphers/safer/saferp.obj \ | |
| 5 | ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj ltc/encauth/ccm/ccm_add_nonce.obj \ | |
| 6 | ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj ltc/encauth/ccm/ccm_memory.obj \ | |
| 7 | ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj \ | |
| 8 | ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj ltc/encauth/chachapoly/chacha20poly1305_done.obj \ | |
| 9 | ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj ltc/encauth/chachapoly/chacha20poly1305_init.obj \ | |
| 10 | ltc/encauth/chachapoly/chacha20poly1305_memory.obj ltc/encauth/chachapoly/chacha20poly1305_setiv.obj \ | |
| 11 | ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj ltc/encauth/eax/eax_addheader.obj \ | |
| 12 | ltc/encauth/eax/eax_decrypt.obj ltc/encauth/eax/eax_decrypt_verify_memory.obj ltc/encauth/eax/eax_done.obj \ | |
| 13 | ltc/encauth/eax/eax_encrypt.obj ltc/encauth/eax/eax_encrypt_authenticate_memory.obj \ | |
| 4 | ltc/ciphers/tea.obj ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj \ | |
| 5 | ltc/ciphers/safer/saferp.obj ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj \ | |
| 6 | ltc/encauth/ccm/ccm_add_nonce.obj ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj \ | |
| 7 | ltc/encauth/ccm/ccm_memory.obj ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj \ | |
| 8 | ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj \ | |
| 9 | ltc/encauth/chachapoly/chacha20poly1305_done.obj ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj \ | |
| 10 | ltc/encauth/chachapoly/chacha20poly1305_init.obj ltc/encauth/chachapoly/chacha20poly1305_memory.obj \ | |
| 11 | ltc/encauth/chachapoly/chacha20poly1305_setiv.obj ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj \ | |
| 12 | ltc/encauth/eax/eax_addheader.obj ltc/encauth/eax/eax_decrypt.obj ltc/encauth/eax/eax_decrypt_verify_memory.obj \ | |
| 13 | ltc/encauth/eax/eax_done.obj ltc/encauth/eax/eax_encrypt.obj ltc/encauth/eax/eax_encrypt_authenticate_memory.obj \ | |
| 14 | 14 | ltc/encauth/eax/eax_init.obj ltc/encauth/gcm/gcm_add_aad.obj ltc/encauth/gcm/gcm_add_iv.obj \ |
| 15 | 15 | ltc/encauth/gcm/gcm_done.obj ltc/encauth/gcm/gcm_gf_mult.obj ltc/encauth/gcm/gcm_init.obj \ |
| 16 | 16 | ltc/encauth/gcm/gcm_memory.obj ltc/encauth/gcm/gcm_mult_h.obj ltc/encauth/gcm/gcm_process.obj \ |
| 46 | 46 | ltc/misc/crc32.obj ltc/misc/error_to_string.obj ltc/misc/mem_neq.obj ltc/misc/zeromem.obj \ |
| 47 | 47 | ltc/misc/base16/base16_decode.obj ltc/misc/base16/base16_encode.obj ltc/misc/base32/base32_decode.obj \ |
| 48 | 48 | ltc/misc/base32/base32_encode.obj ltc/misc/base64/base64_decode.obj ltc/misc/base64/base64_encode.obj \ |
| 49 | ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj ltc/misc/crypt/crypt_cipher_descriptor.obj \ | |
| 50 | ltc/misc/crypt/crypt_cipher_is_valid.obj ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj \ | |
| 51 | ltc/misc/crypt/crypt_find_cipher_any.obj ltc/misc/crypt/crypt_find_cipher_id.obj \ | |
| 52 | ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj ltc/misc/crypt/crypt_find_hash_id.obj \ | |
| 53 | ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj ltc/misc/crypt/crypt_fsa.obj \ | |
| 54 | ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj ltc/misc/crypt/crypt_inits.obj \ | |
| 55 | ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \ | |
| 49 | ltc/misc/bcrypt/bcrypt.obj ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj \ | |
| 50 | ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \ | |
| 51 | ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj ltc/misc/crypt/crypt_find_cipher_any.obj \ | |
| 52 | ltc/misc/crypt/crypt_find_cipher_id.obj ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj \ | |
| 53 | ltc/misc/crypt/crypt_find_hash_id.obj ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj \ | |
| 54 | ltc/misc/crypt/crypt_fsa.obj ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj \ | |
| 55 | ltc/misc/crypt/crypt_inits.obj ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \ | |
| 56 | 56 | ltc/misc/crypt/crypt_prng_is_valid.obj ltc/misc/crypt/crypt_prng_rng_descriptor.obj \ |
| 57 | 57 | ltc/misc/crypt/crypt_register_all_ciphers.obj ltc/misc/crypt/crypt_register_all_hashes.obj \ |
| 58 | 58 | ltc/misc/crypt/crypt_register_all_prngs.obj ltc/misc/crypt/crypt_register_cipher.obj \ |
| 110 | 110 | ltc/pk/dsa/dsa_generate_key.obj ltc/pk/dsa/dsa_generate_pqg.obj ltc/pk/dsa/dsa_import.obj \ |
| 111 | 111 | ltc/pk/dsa/dsa_make_key.obj ltc/pk/dsa/dsa_set.obj ltc/pk/dsa/dsa_set_pqg_dsaparam.obj \ |
| 112 | 112 | ltc/pk/dsa/dsa_shared_secret.obj ltc/pk/dsa/dsa_sign_hash.obj ltc/pk/dsa/dsa_verify_hash.obj \ |
| 113 | ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \ | |
| 113 | ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ec25519/ec25519_export.obj ltc/pk/ec25519/ec25519_import_pkcs8.obj \ | |
| 114 | ltc/pk/ec25519/tweetnacl.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \ | |
| 114 | 115 | ltc/pk/ecc/ecc_ansi_x963_import.obj ltc/pk/ecc/ecc_decrypt_key.obj ltc/pk/ecc/ecc_encrypt_key.obj \ |
| 115 | 116 | ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_openssl.obj ltc/pk/ecc/ecc_find_curve.obj \ |
| 116 | 117 | ltc/pk/ecc/ecc_free.obj ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_oid_str.obj \ |
| 123 | 124 | ltc/pk/ecc/ltc_ecc_is_point_at_infinity.obj ltc/pk/ecc/ltc_ecc_map.obj ltc/pk/ecc/ltc_ecc_mul2add.obj \ |
| 124 | 125 | ltc/pk/ecc/ltc_ecc_mulmod.obj ltc/pk/ecc/ltc_ecc_mulmod_timing.obj ltc/pk/ecc/ltc_ecc_points.obj \ |
| 125 | 126 | ltc/pk/ecc/ltc_ecc_projective_add_point.obj ltc/pk/ecc/ltc_ecc_projective_dbl_point.obj \ |
| 126 | ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj \ | |
| 127 | ltc/pk/pkcs1/pkcs_1_oaep_decode.obj ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj \ | |
| 128 | ltc/pk/pkcs1/pkcs_1_pss_decode.obj ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj \ | |
| 129 | ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj \ | |
| 130 | ltc/pk/rsa/rsa_export.obj ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj \ | |
| 131 | ltc/pk/rsa/rsa_import.obj ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj \ | |
| 127 | ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/ed25519/ed25519_export.obj ltc/pk/ed25519/ed25519_import.obj \ | |
| 128 | ltc/pk/ed25519/ed25519_import_pkcs8.obj ltc/pk/ed25519/ed25519_import_x509.obj ltc/pk/ed25519/ed25519_make_key.obj \ | |
| 129 | ltc/pk/ed25519/ed25519_set_key.obj ltc/pk/ed25519/ed25519_sign.obj ltc/pk/ed25519/ed25519_verify.obj \ | |
| 130 | ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj ltc/pk/pkcs1/pkcs_1_oaep_decode.obj \ | |
| 131 | ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj ltc/pk/pkcs1/pkcs_1_pss_decode.obj \ | |
| 132 | ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj \ | |
| 133 | ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj ltc/pk/rsa/rsa_export.obj \ | |
| 134 | ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj \ | |
| 135 | ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_key.obj \ | |
| 132 | 136 | ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \ |
| 133 | ltc/pk/rsa/rsa_verify_hash.obj ltc/prngs/chacha20.obj ltc/prngs/fortuna.obj ltc/prngs/rc4.obj \ | |
| 134 | ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj ltc/prngs/sober128.obj ltc/prngs/sprng.obj \ | |
| 135 | ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj ltc/stream/chacha/chacha_done.obj \ | |
| 136 | ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj ltc/stream/chacha/chacha_keystream.obj \ | |
| 137 | ltc/stream/chacha/chacha_memory.obj ltc/stream/chacha/chacha_setup.obj ltc/stream/rabbit/rabbit.obj \ | |
| 138 | ltc/stream/rabbit/rabbit_memory.obj ltc/stream/rc4/rc4_stream.obj ltc/stream/rc4/rc4_stream_memory.obj \ | |
| 139 | ltc/stream/salsa20/salsa20_crypt.obj ltc/stream/salsa20/salsa20_done.obj ltc/stream/salsa20/salsa20_ivctr64.obj \ | |
| 140 | ltc/stream/salsa20/salsa20_keystream.obj ltc/stream/salsa20/salsa20_memory.obj ltc/stream/salsa20/salsa20_setup.obj \ | |
| 141 | ltc/stream/salsa20/xsalsa20_memory.obj ltc/stream/salsa20/xsalsa20_setup.obj ltc/stream/sober128/sober128_stream.obj \ | |
| 142 | ltc/stream/sober128/sober128_stream_memory.obj ltc/stream/sosemanuk/sosemanuk.obj \ | |
| 143 | ltc/stream/sosemanuk/sosemanuk_memory.obj ltm/bncore.obj ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj \ | |
| 144 | ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj ltm/bn_fast_s_mp_mul_high_digs.obj \ | |
| 145 | ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj ltm/bn_mp_add.obj \ | |
| 146 | ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj ltm/bn_mp_clear.obj \ | |
| 147 | ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj ltm/bn_mp_cmp_mag.obj \ | |
| 148 | ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_complement.obj ltm/bn_mp_copy.obj ltm/bn_mp_count_bits.obj \ | |
| 149 | ltm/bn_mp_div.obj ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj \ | |
| 150 | ltm/bn_mp_dr_is_modulus.obj ltm/bn_mp_dr_reduce.obj ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj \ | |
| 151 | ltm/bn_mp_export.obj ltm/bn_mp_exptmod.obj ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj \ | |
| 152 | ltm/bn_mp_expt_d_ex.obj ltm/bn_mp_exteuclid.obj ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj \ | |
| 153 | ltm/bn_mp_gcd.obj ltm/bn_mp_get_bit.obj ltm/bn_mp_get_int.obj ltm/bn_mp_get_long.obj \ | |
| 154 | ltm/bn_mp_grow.obj ltm/bn_mp_import.obj ltm/bn_mp_init.obj ltm/bn_mp_init_copy.obj \ | |
| 155 | ltm/bn_mp_init_multi.obj ltm/bn_mp_init_set.obj ltm/bn_mp_init_set_int.obj ltm/bn_mp_init_size.obj \ | |
| 156 | ltm/bn_mp_invmod.obj ltm/bn_mp_invmod_slow.obj ltm/bn_mp_is_square.obj ltm/bn_mp_jacobi.obj \ | |
| 157 | ltm/bn_mp_karatsuba_mul.obj ltm/bn_mp_karatsuba_sqr.obj ltm/bn_mp_kronecker.obj ltm/bn_mp_lcm.obj \ | |
| 158 | ltm/bn_mp_lshd.obj ltm/bn_mp_mod.obj ltm/bn_mp_mod_2d.obj ltm/bn_mp_mod_d.obj ltm/bn_mp_montgomery_calc_normalization.obj \ | |
| 159 | ltm/bn_mp_montgomery_reduce.obj ltm/bn_mp_montgomery_setup.obj ltm/bn_mp_mul.obj \ | |
| 160 | ltm/bn_mp_mulmod.obj ltm/bn_mp_mul_2.obj ltm/bn_mp_mul_2d.obj ltm/bn_mp_mul_d.obj \ | |
| 161 | ltm/bn_mp_neg.obj ltm/bn_mp_n_root.obj ltm/bn_mp_n_root_ex.obj ltm/bn_mp_or.obj ltm/bn_mp_prime_fermat.obj \ | |
| 162 | ltm/bn_mp_prime_frobenius_underwood.obj ltm/bn_mp_prime_is_divisible.obj ltm/bn_mp_prime_is_prime.obj \ | |
| 163 | ltm/bn_mp_prime_miller_rabin.obj ltm/bn_mp_prime_next_prime.obj ltm/bn_mp_prime_rabin_miller_trials.obj \ | |
| 164 | ltm/bn_mp_prime_random_ex.obj ltm/bn_mp_prime_strong_lucas_selfridge.obj ltm/bn_mp_radix_size.obj \ | |
| 165 | ltm/bn_mp_radix_smap.obj ltm/bn_mp_rand.obj ltm/bn_mp_read_radix.obj ltm/bn_mp_read_signed_bin.obj \ | |
| 166 | ltm/bn_mp_read_unsigned_bin.obj ltm/bn_mp_reduce.obj ltm/bn_mp_reduce_2k.obj ltm/bn_mp_reduce_2k_l.obj \ | |
| 167 | ltm/bn_mp_reduce_2k_setup.obj ltm/bn_mp_reduce_2k_setup_l.obj ltm/bn_mp_reduce_is_2k.obj \ | |
| 168 | ltm/bn_mp_reduce_is_2k_l.obj ltm/bn_mp_reduce_setup.obj ltm/bn_mp_rshd.obj ltm/bn_mp_set.obj \ | |
| 169 | ltm/bn_mp_set_int.obj ltm/bn_mp_set_long.obj ltm/bn_mp_shrink.obj ltm/bn_mp_signed_bin_size.obj \ | |
| 170 | ltm/bn_mp_sqr.obj ltm/bn_mp_sqrmod.obj ltm/bn_mp_sqrt.obj ltm/bn_mp_sqrtmod_prime.obj \ | |
| 171 | ltm/bn_mp_sub.obj ltm/bn_mp_submod.obj ltm/bn_mp_sub_d.obj ltm/bn_mp_tc_and.obj ltm/bn_mp_tc_div_2d.obj \ | |
| 137 | ltc/pk/rsa/rsa_verify_hash.obj ltc/pk/x25519/x25519_export.obj ltc/pk/x25519/x25519_import.obj \ | |
| 138 | ltc/pk/x25519/x25519_import_pkcs8.obj ltc/pk/x25519/x25519_import_x509.obj ltc/pk/x25519/x25519_make_key.obj \ | |
| 139 | ltc/pk/x25519/x25519_set_key.obj ltc/pk/x25519/x25519_shared_secret.obj ltc/prngs/chacha20.obj \ | |
| 140 | ltc/prngs/fortuna.obj ltc/prngs/rc4.obj ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj \ | |
| 141 | ltc/prngs/sober128.obj ltc/prngs/sprng.obj ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj \ | |
| 142 | ltc/stream/chacha/chacha_done.obj ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj \ | |
| 143 | ltc/stream/chacha/chacha_keystream.obj ltc/stream/chacha/chacha_memory.obj ltc/stream/chacha/chacha_setup.obj \ | |
| 144 | ltc/stream/rabbit/rabbit.obj ltc/stream/rabbit/rabbit_memory.obj ltc/stream/rc4/rc4_stream.obj \ | |
| 145 | ltc/stream/rc4/rc4_stream_memory.obj ltc/stream/salsa20/salsa20_crypt.obj ltc/stream/salsa20/salsa20_done.obj \ | |
| 146 | ltc/stream/salsa20/salsa20_ivctr64.obj ltc/stream/salsa20/salsa20_keystream.obj ltc/stream/salsa20/salsa20_memory.obj \ | |
| 147 | ltc/stream/salsa20/salsa20_setup.obj ltc/stream/salsa20/xsalsa20_memory.obj ltc/stream/salsa20/xsalsa20_setup.obj \ | |
| 148 | ltc/stream/sober128/sober128_stream.obj ltc/stream/sober128/sober128_stream_memory.obj \ | |
| 149 | ltc/stream/sosemanuk/sosemanuk.obj ltc/stream/sosemanuk/sosemanuk_memory.obj ltm/bncore.obj \ | |
| 150 | ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj \ | |
| 151 | ltm/bn_fast_s_mp_mul_high_digs.obj ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj \ | |
| 152 | ltm/bn_mp_add.obj ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj \ | |
| 153 | ltm/bn_mp_clear.obj ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj \ | |
| 154 | ltm/bn_mp_cmp_mag.obj ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_complement.obj ltm/bn_mp_copy.obj \ | |
| 155 | ltm/bn_mp_count_bits.obj ltm/bn_mp_div.obj ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj \ | |
| 156 | ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj ltm/bn_mp_dr_is_modulus.obj ltm/bn_mp_dr_reduce.obj \ | |
| 157 | ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj ltm/bn_mp_export.obj ltm/bn_mp_exptmod.obj \ | |
| 158 | ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj ltm/bn_mp_expt_d_ex.obj ltm/bn_mp_exteuclid.obj \ | |
| 159 | ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj ltm/bn_mp_gcd.obj ltm/bn_mp_get_bit.obj \ | |
| 160 | ltm/bn_mp_get_int.obj ltm/bn_mp_get_long.obj ltm/bn_mp_grow.obj ltm/bn_mp_import.obj \ | |
| 161 | ltm/bn_mp_init.obj ltm/bn_mp_init_copy.obj ltm/bn_mp_init_multi.obj ltm/bn_mp_init_set.obj \ | |
| 162 | ltm/bn_mp_init_set_int.obj ltm/bn_mp_init_size.obj ltm/bn_mp_invmod.obj ltm/bn_mp_invmod_slow.obj \ | |
| 163 | ltm/bn_mp_is_square.obj ltm/bn_mp_jacobi.obj ltm/bn_mp_karatsuba_mul.obj ltm/bn_mp_karatsuba_sqr.obj \ | |
| 164 | ltm/bn_mp_kronecker.obj ltm/bn_mp_lcm.obj ltm/bn_mp_lshd.obj ltm/bn_mp_mod.obj ltm/bn_mp_mod_2d.obj \ | |
| 165 | ltm/bn_mp_mod_d.obj ltm/bn_mp_montgomery_calc_normalization.obj ltm/bn_mp_montgomery_reduce.obj \ | |
| 166 | ltm/bn_mp_montgomery_setup.obj ltm/bn_mp_mul.obj ltm/bn_mp_mulmod.obj ltm/bn_mp_mul_2.obj \ | |
| 167 | ltm/bn_mp_mul_2d.obj ltm/bn_mp_mul_d.obj ltm/bn_mp_neg.obj ltm/bn_mp_n_root.obj ltm/bn_mp_n_root_ex.obj \ | |
| 168 | ltm/bn_mp_or.obj ltm/bn_mp_prime_fermat.obj ltm/bn_mp_prime_frobenius_underwood.obj \ | |
| 169 | ltm/bn_mp_prime_is_divisible.obj ltm/bn_mp_prime_is_prime.obj ltm/bn_mp_prime_miller_rabin.obj \ | |
| 170 | ltm/bn_mp_prime_next_prime.obj ltm/bn_mp_prime_rabin_miller_trials.obj ltm/bn_mp_prime_random_ex.obj \ | |
| 171 | ltm/bn_mp_prime_strong_lucas_selfridge.obj ltm/bn_mp_radix_size.obj ltm/bn_mp_radix_smap.obj \ | |
| 172 | ltm/bn_mp_rand.obj ltm/bn_mp_read_radix.obj ltm/bn_mp_read_signed_bin.obj ltm/bn_mp_read_unsigned_bin.obj \ | |
| 173 | ltm/bn_mp_reduce.obj ltm/bn_mp_reduce_2k.obj ltm/bn_mp_reduce_2k_l.obj ltm/bn_mp_reduce_2k_setup.obj \ | |
| 174 | ltm/bn_mp_reduce_2k_setup_l.obj ltm/bn_mp_reduce_is_2k.obj ltm/bn_mp_reduce_is_2k_l.obj \ | |
| 175 | ltm/bn_mp_reduce_setup.obj ltm/bn_mp_rshd.obj ltm/bn_mp_set.obj ltm/bn_mp_set_int.obj \ | |
| 176 | ltm/bn_mp_set_long.obj ltm/bn_mp_shrink.obj ltm/bn_mp_signed_bin_size.obj ltm/bn_mp_sqr.obj \ | |
| 177 | ltm/bn_mp_sqrmod.obj ltm/bn_mp_sqrt.obj ltm/bn_mp_sqrtmod_prime.obj ltm/bn_mp_sub.obj \ | |
| 178 | ltm/bn_mp_submod.obj ltm/bn_mp_sub_d.obj ltm/bn_mp_tc_and.obj ltm/bn_mp_tc_div_2d.obj \ | |
| 172 | 179 | ltm/bn_mp_tc_or.obj ltm/bn_mp_tc_xor.obj ltm/bn_mp_toom_mul.obj ltm/bn_mp_toom_sqr.obj \ |
| 173 | 180 | ltm/bn_mp_toradix.obj ltm/bn_mp_toradix_n.obj ltm/bn_mp_to_signed_bin.obj ltm/bn_mp_to_signed_bin_n.obj \ |
| 174 | 181 | ltm/bn_mp_to_unsigned_bin.obj ltm/bn_mp_to_unsigned_bin_n.obj ltm/bn_mp_unsigned_bin_size.obj \ |
| 294 | 294 | LTC_ARGCHK(skey != NULL); |
| 295 | 295 | |
| 296 | 296 | Nr = skey->rijndael.Nr; |
| 297 | ||
| 298 | if (Nr < 2 || Nr > 16) | |
| 299 | return CRYPT_INVALID_ROUNDS; | |
| 300 | ||
| 297 | 301 | rk = skey->rijndael.eK; |
| 298 | 302 | |
| 299 | 303 | /* |
| 474 | 478 | LTC_ARGCHK(skey != NULL); |
| 475 | 479 | |
| 476 | 480 | Nr = skey->rijndael.Nr; |
| 481 | ||
| 482 | if (Nr < 2 || Nr > 16) | |
| 483 | return CRYPT_INVALID_ROUNDS; | |
| 484 | ||
| 477 | 485 | rk = skey->rijndael.dK; |
| 478 | 486 | |
| 479 | 487 | /* |
| 1130 | 1130 | LTC_ARGCHK(pt != NULL); |
| 1131 | 1131 | LTC_ARGCHK(ct != NULL); |
| 1132 | 1132 | LTC_ARGCHK(skey != NULL); |
| 1133 | ||
| 1134 | if (skey->anubis.R < 12 || skey->anubis.R > 18) { | |
| 1135 | return CRYPT_INVALID_ROUNDS; | |
| 1136 | } | |
| 1137 | ||
| 1133 | 1138 | anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R); |
| 1134 | 1139 | return CRYPT_OK; |
| 1135 | 1140 | } |
| 1146 | 1151 | LTC_ARGCHK(pt != NULL); |
| 1147 | 1152 | LTC_ARGCHK(ct != NULL); |
| 1148 | 1153 | LTC_ARGCHK(skey != NULL); |
| 1154 | ||
| 1155 | if (skey->anubis.R < 12 || skey->anubis.R > 18) { | |
| 1156 | return CRYPT_INVALID_ROUNDS; | |
| 1157 | } | |
| 1158 | ||
| 1149 | 1159 | anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R); |
| 1150 | 1160 | return CRYPT_OK; |
| 1151 | 1161 | } |
| 294 | 294 | 0xB74E6132UL, 0xCE77E25BUL, 0x578FDFE3UL, 0x3AC372E6UL } |
| 295 | 295 | }; |
| 296 | 296 | |
| 297 | #ifndef __GNUC__ | |
| 298 | #define F(x) ((S1[LTC_BYTE(x,3)] + S2[LTC_BYTE(x,2)]) ^ S3[LTC_BYTE(x,1)]) + S4[LTC_BYTE(x,0)] | |
| 299 | #else | |
| 300 | #define F(x) ((skey->blowfish.S[0][LTC_BYTE(x,3)] + skey->blowfish.S[1][LTC_BYTE(x,2)]) ^ skey->blowfish.S[2][LTC_BYTE(x,1)]) + skey->blowfish.S[3][LTC_BYTE(x,0)] | |
| 301 | #endif | |
| 302 | ||
| 303 | static void s_blowfish_encipher(ulong32 *L, ulong32 *R, const symmetric_key *skey) | |
| 304 | { | |
| 305 | int rounds; | |
| 306 | ||
| 307 | ulong32 l, r; | |
| 308 | #ifndef __GNUC__ | |
| 309 | const ulong32 *S1, *S2, *S3, *S4; | |
| 310 | ||
| 311 | S1 = skey->blowfish.S[0]; | |
| 312 | S2 = skey->blowfish.S[1]; | |
| 313 | S3 = skey->blowfish.S[2]; | |
| 314 | S4 = skey->blowfish.S[3]; | |
| 315 | #endif | |
| 316 | ||
| 317 | l = *L; | |
| 318 | r = *R; | |
| 319 | ||
| 320 | /* do 16 rounds */ | |
| 321 | for (rounds = 0; rounds < 16; ) { | |
| 322 | l ^= skey->blowfish.K[rounds++]; r ^= F(l); | |
| 323 | r ^= skey->blowfish.K[rounds++]; l ^= F(r); | |
| 324 | l ^= skey->blowfish.K[rounds++]; r ^= F(l); | |
| 325 | r ^= skey->blowfish.K[rounds++]; l ^= F(r); | |
| 326 | } | |
| 327 | ||
| 328 | /* last keying */ | |
| 329 | l ^= skey->blowfish.K[16]; | |
| 330 | r ^= skey->blowfish.K[17]; | |
| 331 | ||
| 332 | *L = r; | |
| 333 | *R = l; | |
| 334 | } | |
| 335 | ||
| 336 | void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey) | |
| 337 | { | |
| 338 | unsigned long i; | |
| 339 | ulong32 *d = data; | |
| 340 | ||
| 341 | for (i = 0; i < blocks; ++i) { | |
| 342 | s_blowfish_encipher(d, d + 1, skey); | |
| 343 | d += 2; | |
| 344 | } | |
| 345 | } | |
| 346 | ||
| 347 | static ulong32 s_blowfish_stream2word(const unsigned char *d, int dlen, int *cur) | |
| 348 | { | |
| 349 | unsigned int z; | |
| 350 | int y = *cur; | |
| 351 | ulong32 ret = 0; | |
| 352 | ||
| 353 | for (z = 0; z < 4; z++) { | |
| 354 | ret = (ret << 8) | ((ulong32)d[y++] & 255); | |
| 355 | if (y == dlen) { | |
| 356 | y = 0; | |
| 357 | } | |
| 358 | } | |
| 359 | ||
| 360 | *cur = y; | |
| 361 | return ret; | |
| 362 | } | |
| 363 | ||
| 297 | 364 | /** |
| 298 | Initialize the Blowfish block cipher | |
| 365 | Expand the Blowfish internal state | |
| 299 | 366 | @param key The symmetric key you wish to pass |
| 300 | 367 | @param keylen The key length in bytes |
| 368 | @param data The additional data you wish to pass (can be NULL) | |
| 369 | @param datalen The additional data length in bytes | |
| 301 | 370 | @param num_rounds The number of rounds desired (0 for default) |
| 302 | 371 | @param skey The key in as scheduled by this function. |
| 303 | 372 | @return CRYPT_OK if successful |
| 304 | 373 | */ |
| 305 | int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, | |
| 306 | symmetric_key *skey) | |
| 307 | { | |
| 308 | ulong32 x, y, z, A; | |
| 309 | unsigned char B[8]; | |
| 374 | int blowfish_expand(const unsigned char *key, int keylen, | |
| 375 | const unsigned char *data, int datalen, | |
| 376 | symmetric_key *skey) | |
| 377 | { | |
| 378 | ulong32 x, y, A, B[2]; | |
| 379 | int i; | |
| 310 | 380 | |
| 311 | 381 | LTC_ARGCHK(key != NULL); |
| 312 | 382 | LTC_ARGCHK(skey != NULL); |
| 313 | 383 | |
| 384 | /* load in key bytes (Supplied by David Hopwood) */ | |
| 385 | i = 0; | |
| 386 | for (x = 0; x < 18; x++) { | |
| 387 | A = s_blowfish_stream2word(key, keylen, &i); | |
| 388 | skey->blowfish.K[x] ^= A; | |
| 389 | } | |
| 390 | ||
| 391 | ||
| 392 | i = 0; | |
| 393 | B[0] = 0; | |
| 394 | B[1] = 0; | |
| 395 | for (x = 0; x < 18; x += 2) { | |
| 396 | if (data != NULL) { | |
| 397 | B[0] ^= s_blowfish_stream2word(data, datalen, &i); | |
| 398 | B[1] ^= s_blowfish_stream2word(data, datalen, &i); | |
| 399 | } | |
| 400 | /* encrypt it */ | |
| 401 | s_blowfish_encipher(&B[0], &B[1], skey); | |
| 402 | /* copy it */ | |
| 403 | skey->blowfish.K[x] = B[0]; | |
| 404 | skey->blowfish.K[x+1] = B[1]; | |
| 405 | } | |
| 406 | ||
| 407 | /* encrypt S array */ | |
| 408 | for (x = 0; x < 4; x++) { | |
| 409 | for (y = 0; y < 256; y += 2) { | |
| 410 | if (data != NULL) { | |
| 411 | B[0] ^= s_blowfish_stream2word(data, datalen, &i); | |
| 412 | B[1] ^= s_blowfish_stream2word(data, datalen, &i); | |
| 413 | } | |
| 414 | /* encrypt it */ | |
| 415 | s_blowfish_encipher(&B[0], &B[1], skey); | |
| 416 | /* copy it */ | |
| 417 | skey->blowfish.S[x][y] = B[0]; | |
| 418 | skey->blowfish.S[x][y+1] = B[1]; | |
| 419 | } | |
| 420 | } | |
| 421 | ||
| 422 | #ifdef LTC_CLEAN_STACK | |
| 423 | zeromem(B, sizeof(B)); | |
| 424 | #endif | |
| 425 | ||
| 426 | return CRYPT_OK; | |
| 427 | } | |
| 428 | ||
| 429 | /** | |
| 430 | Initialize the Blowfish block cipher | |
| 431 | @param key The symmetric key you wish to pass | |
| 432 | @param keylen The key length in bytes | |
| 433 | @param num_rounds The number of rounds desired (0 for default) | |
| 434 | @param skey The key in as scheduled by this function. | |
| 435 | @return CRYPT_OK if successful | |
| 436 | */ | |
| 437 | int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, | |
| 438 | symmetric_key *skey) | |
| 439 | { | |
| 314 | 440 | /* check key length */ |
| 315 | 441 | if (keylen < 8 || keylen > 56) { |
| 316 | 442 | return CRYPT_INVALID_KEYSIZE; |
| 317 | 443 | } |
| 318 | ||
| 319 | 444 | /* check rounds */ |
| 320 | 445 | if (num_rounds != 0 && num_rounds != 16) { |
| 321 | 446 | return CRYPT_INVALID_ROUNDS; |
| 322 | 447 | } |
| 323 | 448 | |
| 324 | /* load in key bytes (Supplied by David Hopwood) */ | |
| 325 | for (x = y = 0; x < 18; x++) { | |
| 326 | A = 0; | |
| 327 | for (z = 0; z < 4; z++) { | |
| 328 | A = (A << 8) | ((ulong32)key[y++] & 255); | |
| 329 | if (y == (ulong32)keylen) { | |
| 330 | y = 0; | |
| 331 | } | |
| 332 | } | |
| 333 | skey->blowfish.K[x] = ORIG_P[x] ^ A; | |
| 334 | } | |
| 335 | ||
| 336 | /* copy sboxes */ | |
| 337 | for (x = 0; x < 4; x++) { | |
| 338 | for (y = 0; y < 256; y++) { | |
| 339 | skey->blowfish.S[x][y] = ORIG_S[x][y]; | |
| 340 | } | |
| 341 | } | |
| 342 | ||
| 343 | /* encrypt K array */ | |
| 344 | for (x = 0; x < 8; x++) { | |
| 345 | B[x] = 0; | |
| 346 | } | |
| 347 | ||
| 348 | for (x = 0; x < 18; x += 2) { | |
| 349 | /* encrypt it */ | |
| 350 | blowfish_ecb_encrypt(B, B, skey); | |
| 351 | /* copy it */ | |
| 352 | LOAD32H(skey->blowfish.K[x], &B[0]); | |
| 353 | LOAD32H(skey->blowfish.K[x+1], &B[4]); | |
| 354 | } | |
| 355 | ||
| 356 | /* encrypt S array */ | |
| 357 | for (x = 0; x < 4; x++) { | |
| 358 | for (y = 0; y < 256; y += 2) { | |
| 359 | /* encrypt it */ | |
| 360 | blowfish_ecb_encrypt(B, B, skey); | |
| 361 | /* copy it */ | |
| 362 | LOAD32H(skey->blowfish.S[x][y], &B[0]); | |
| 363 | LOAD32H(skey->blowfish.S[x][y+1], &B[4]); | |
| 364 | } | |
| 365 | } | |
| 366 | ||
| 367 | #ifdef LTC_CLEAN_STACK | |
| 368 | zeromem(B, sizeof(B)); | |
| 369 | #endif | |
| 370 | ||
| 371 | return CRYPT_OK; | |
| 372 | } | |
| 373 | ||
| 374 | #ifndef __GNUC__ | |
| 375 | #define F(x) ((S1[LTC_BYTE(x,3)] + S2[LTC_BYTE(x,2)]) ^ S3[LTC_BYTE(x,1)]) + S4[LTC_BYTE(x,0)] | |
| 376 | #else | |
| 377 | #define F(x) ((skey->blowfish.S[0][LTC_BYTE(x,3)] + skey->blowfish.S[1][LTC_BYTE(x,2)]) ^ skey->blowfish.S[2][LTC_BYTE(x,1)]) + skey->blowfish.S[3][LTC_BYTE(x,0)] | |
| 378 | #endif | |
| 449 | return blowfish_setup_with_data(key, keylen, NULL, 0, skey); | |
| 450 | } | |
| 451 | ||
| 452 | /** | |
| 453 | Alternative initialize of the Blowfish block cipher | |
| 454 | @param key The symmetric key you wish to pass | |
| 455 | @param keylen The key length in bytes | |
| 456 | @param data The additional data you wish to pass (can be NULL) | |
| 457 | @param datalen The additional data length in bytes | |
| 458 | @param num_rounds The number of rounds desired (0 for default) | |
| 459 | @param skey The key in as scheduled by this function. | |
| 460 | @return CRYPT_OK if successful | |
| 461 | */ | |
| 462 | ||
| 463 | int blowfish_setup_with_data(const unsigned char *key, int keylen, | |
| 464 | const unsigned char *data, int datalen, | |
| 465 | symmetric_key *skey) | |
| 466 | { | |
| 467 | XMEMCPY(skey->blowfish.K, ORIG_P, sizeof(ORIG_P)); | |
| 468 | XMEMCPY(skey->blowfish.S, ORIG_S, sizeof(ORIG_S)); | |
| 469 | return blowfish_expand(key, keylen, data, datalen, skey); | |
| 470 | } | |
| 379 | 471 | |
| 380 | 472 | /** |
| 381 | 473 | Encrypts a block of text with Blowfish |
| 391 | 483 | #endif |
| 392 | 484 | { |
| 393 | 485 | ulong32 L, R; |
| 394 | int r; | |
| 395 | #ifndef __GNUC__ | |
| 396 | const ulong32 *S1, *S2, *S3, *S4; | |
| 397 | #endif | |
| 398 | ||
| 399 | LTC_ARGCHK(pt != NULL); | |
| 400 | LTC_ARGCHK(ct != NULL); | |
| 401 | LTC_ARGCHK(skey != NULL); | |
| 402 | ||
| 403 | #ifndef __GNUC__ | |
| 404 | S1 = skey->blowfish.S[0]; | |
| 405 | S2 = skey->blowfish.S[1]; | |
| 406 | S3 = skey->blowfish.S[2]; | |
| 407 | S4 = skey->blowfish.S[3]; | |
| 408 | #endif | |
| 486 | ||
| 487 | LTC_ARGCHK(pt != NULL); | |
| 488 | LTC_ARGCHK(ct != NULL); | |
| 489 | LTC_ARGCHK(skey != NULL); | |
| 409 | 490 | |
| 410 | 491 | /* load it */ |
| 411 | 492 | LOAD32H(L, &pt[0]); |
| 412 | 493 | LOAD32H(R, &pt[4]); |
| 413 | 494 | |
| 414 | /* do 16 rounds */ | |
| 415 | for (r = 0; r < 16; ) { | |
| 416 | L ^= skey->blowfish.K[r++]; R ^= F(L); | |
| 417 | R ^= skey->blowfish.K[r++]; L ^= F(R); | |
| 418 | L ^= skey->blowfish.K[r++]; R ^= F(L); | |
| 419 | R ^= skey->blowfish.K[r++]; L ^= F(R); | |
| 420 | } | |
| 421 | ||
| 422 | /* last keying */ | |
| 423 | R ^= skey->blowfish.K[17]; | |
| 424 | L ^= skey->blowfish.K[16]; | |
| 495 | s_blowfish_encipher(&L, &R, skey); | |
| 425 | 496 | |
| 426 | 497 | /* store */ |
| 427 | STORE32H(R, &ct[0]); | |
| 428 | STORE32H(L, &ct[4]); | |
| 498 | STORE32H(L, &ct[0]); | |
| 499 | STORE32H(R, &ct[4]); | |
| 429 | 500 | |
| 430 | 501 | return CRYPT_OK; |
| 431 | 502 | } |
| 556 | 627 | for (y = 0; y < 1000; y++) blowfish_ecb_decrypt(tmp[0], tmp[0], &key); |
| 557 | 628 | for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; |
| 558 | 629 | } |
| 630 | ||
| 631 | ||
| 559 | 632 | return CRYPT_OK; |
| 560 | 633 | #endif |
| 561 | 634 | } |
| 1682 | 1682 | #ifndef LTC_TEST |
| 1683 | 1683 | return CRYPT_NOP; |
| 1684 | 1684 | #else |
| 1685 | int err; | |
| 1686 | 1685 | static const struct des_test_case { |
| 1687 | int num, mode; /* mode 1 = encrypt */ | |
| 1688 | 1686 | unsigned char key[8], txt[8], out[8]; |
| 1689 | 1687 | } cases[] = { |
| 1690 | { 1, 1, { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
| 1691 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1692 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 } }, | |
| 1693 | { 2, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1694 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 }, | |
| 1695 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1696 | { 3, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1697 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 }, | |
| 1698 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1699 | { 4, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1700 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA }, | |
| 1701 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1702 | { 5, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1703 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F }, | |
| 1704 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1705 | { 6, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1706 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 }, | |
| 1707 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1708 | { 7, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1709 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF }, | |
| 1710 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1711 | { 8, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1712 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F }, | |
| 1713 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1714 | { 9, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1715 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 }, | |
| 1716 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1717 | {10, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1718 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A }, | |
| 1719 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1720 | ||
| 1721 | { 1, 0, { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
| 1722 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 }, | |
| 1723 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1724 | { 2, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1725 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1726 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 } }, | |
| 1727 | { 3, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1728 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1729 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 } }, | |
| 1730 | { 4, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1731 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1732 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA } }, | |
| 1733 | { 5, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1734 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1735 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F } }, | |
| 1736 | { 6, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1737 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1738 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 } }, | |
| 1739 | { 7, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1740 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1741 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF } }, | |
| 1742 | { 8, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1743 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1744 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F } }, | |
| 1745 | { 9, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1746 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1747 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 } }, | |
| 1748 | {10, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1749 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1750 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A } }, | |
| 1751 | ||
| 1752 | #ifdef LTC_TEST_EXT | |
| 1753 | { 0+11, 0, { 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1754 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1755 | { 0x95, 0xA8, 0xD7, 0x28, 0x13, 0xDA, 0xA9, 0x4D } }, | |
| 1756 | { 1+11, 0, { 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1757 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1758 | { 0x0E, 0xEC, 0x14, 0x87, 0xDD, 0x8C, 0x26, 0xD5 } }, | |
| 1759 | { 2+11, 0, { 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1760 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1761 | { 0x7A, 0xD1, 0x6F, 0xFB, 0x79, 0xC4, 0x59, 0x26 } }, | |
| 1762 | { 3+11, 0, { 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1763 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1764 | { 0xD3, 0x74, 0x62, 0x94, 0xCA, 0x6A, 0x6C, 0xF3 } }, | |
| 1765 | { 4+11, 0, { 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1766 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1767 | { 0x80, 0x9F, 0x5F, 0x87, 0x3C, 0x1F, 0xD7, 0x61 } }, | |
| 1768 | { 5+11, 0, { 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1769 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1770 | { 0xC0, 0x2F, 0xAF, 0xFE, 0xC9, 0x89, 0xD1, 0xFC } }, | |
| 1771 | { 6+11, 0, { 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1772 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1773 | { 0x46, 0x15, 0xAA, 0x1D, 0x33, 0xE7, 0x2F, 0x10 } }, | |
| 1774 | { 7+11, 0, { 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1775 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1776 | { 0x20, 0x55, 0x12, 0x33, 0x50, 0xC0, 0x08, 0x58 } }, | |
| 1777 | { 8+11, 0, { 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1778 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1779 | { 0xDF, 0x3B, 0x99, 0xD6, 0x57, 0x73, 0x97, 0xC8 } }, | |
| 1780 | { 9+11, 0, { 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1781 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1782 | { 0x31, 0xFE, 0x17, 0x36, 0x9B, 0x52, 0x88, 0xC9 } }, | |
| 1783 | {10+11, 0, { 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1784 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1785 | { 0xDF, 0xDD, 0x3C, 0xC6, 0x4D, 0xAE, 0x16, 0x42 } }, | |
| 1786 | {11+11, 0, { 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1787 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1788 | { 0x17, 0x8C, 0x83, 0xCE, 0x2B, 0x39, 0x9D, 0x94 } }, | |
| 1789 | {12+11, 0, { 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1790 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1791 | { 0x50, 0xF6, 0x36, 0x32, 0x4A, 0x9B, 0x7F, 0x80 } }, | |
| 1792 | {13+11, 0, { 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1793 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1794 | { 0xA8, 0x46, 0x8E, 0xE3, 0xBC, 0x18, 0xF0, 0x6D } }, | |
| 1795 | {14+11, 0, { 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1796 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1797 | { 0xA2, 0xDC, 0x9E, 0x92, 0xFD, 0x3C, 0xDE, 0x92 } }, | |
| 1798 | {15+11, 0, { 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1799 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1800 | { 0xCA, 0xC0, 0x9F, 0x79, 0x7D, 0x03, 0x12, 0x87 } }, | |
| 1801 | {16+11, 0, { 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1802 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1803 | { 0x90, 0xBA, 0x68, 0x0B, 0x22, 0xAE, 0xB5, 0x25 } }, | |
| 1804 | {17+11, 0, { 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1805 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1806 | { 0xCE, 0x7A, 0x24, 0xF3, 0x50, 0xE2, 0x80, 0xB6 } }, | |
| 1807 | {18+11, 0, { 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1808 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1809 | { 0x88, 0x2B, 0xFF, 0x0A, 0xA0, 0x1A, 0x0B, 0x87 } }, | |
| 1810 | {19+11, 0, { 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1811 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1812 | { 0x25, 0x61, 0x02, 0x88, 0x92, 0x45, 0x11, 0xC2 } }, | |
| 1813 | {20+11, 0, { 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1814 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1815 | { 0xC7, 0x15, 0x16, 0xC2, 0x9C, 0x75, 0xD1, 0x70 } }, | |
| 1816 | {21+11, 0, { 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01 }, | |
| 1817 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1818 | { 0x51, 0x99, 0xC2, 0x9A, 0x52, 0xC9, 0xF0, 0x59 } }, | |
| 1819 | {22+11, 0, { 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01 }, | |
| 1820 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1821 | { 0xC2, 0x2F, 0x0A, 0x29, 0x4A, 0x71, 0xF2, 0x9F } }, | |
| 1822 | {23+11, 0, { 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01 }, | |
| 1823 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1824 | { 0xEE, 0x37, 0x14, 0x83, 0x71, 0x4C, 0x02, 0xEA } }, | |
| 1825 | {24+11, 0, { 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01 }, | |
| 1826 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1827 | { 0xA8, 0x1F, 0xBD, 0x44, 0x8F, 0x9E, 0x52, 0x2F } }, | |
| 1828 | {25+11, 0, { 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01 }, | |
| 1829 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1830 | { 0x4F, 0x64, 0x4C, 0x92, 0xE1, 0x92, 0xDF, 0xED } }, | |
| 1831 | {26+11, 0, { 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01 }, | |
| 1832 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1833 | { 0x1A, 0xFA, 0x9A, 0x66, 0xA6, 0xDF, 0x92, 0xAE } }, | |
| 1834 | {27+11, 0, { 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01 }, | |
| 1835 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1836 | { 0xB3, 0xC1, 0xCC, 0x71, 0x5C, 0xB8, 0x79, 0xD8 } }, | |
| 1837 | {28+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01 }, | |
| 1838 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1839 | { 0x19, 0xD0, 0x32, 0xE6, 0x4A, 0xB0, 0xBD, 0x8B } }, | |
| 1840 | {29+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01 }, | |
| 1841 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1842 | { 0x3C, 0xFA, 0xA7, 0xA7, 0xDC, 0x87, 0x20, 0xDC } }, | |
| 1843 | {30+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01 }, | |
| 1844 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1845 | { 0xB7, 0x26, 0x5F, 0x7F, 0x44, 0x7A, 0xC6, 0xF3 } }, | |
| 1846 | {31+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01 }, | |
| 1847 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1848 | { 0x9D, 0xB7, 0x3B, 0x3C, 0x0D, 0x16, 0x3F, 0x54 } }, | |
| 1849 | {32+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01 }, | |
| 1850 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1851 | { 0x81, 0x81, 0xB6, 0x5B, 0xAB, 0xF4, 0xA9, 0x75 } }, | |
| 1852 | {33+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01 }, | |
| 1853 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1854 | { 0x93, 0xC9, 0xB6, 0x40, 0x42, 0xEA, 0xA2, 0x40 } }, | |
| 1855 | {34+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01 }, | |
| 1856 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1857 | { 0x55, 0x70, 0x53, 0x08, 0x29, 0x70, 0x55, 0x92 } }, | |
| 1858 | {35+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01 }, | |
| 1859 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1860 | { 0x86, 0x38, 0x80, 0x9E, 0x87, 0x87, 0x87, 0xA0 } }, | |
| 1861 | {36+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01 }, | |
| 1862 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1863 | { 0x41, 0xB9, 0xA7, 0x9A, 0xF7, 0x9A, 0xC2, 0x08 } }, | |
| 1864 | {37+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01 }, | |
| 1865 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1866 | { 0x7A, 0x9B, 0xE4, 0x2F, 0x20, 0x09, 0xA8, 0x92 } }, | |
| 1867 | {38+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01 }, | |
| 1868 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1869 | { 0x29, 0x03, 0x8D, 0x56, 0xBA, 0x6D, 0x27, 0x45 } }, | |
| 1870 | {39+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01 }, | |
| 1871 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1872 | { 0x54, 0x95, 0xC6, 0xAB, 0xF1, 0xE5, 0xDF, 0x51 } }, | |
| 1873 | {40+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01 }, | |
| 1874 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1875 | { 0xAE, 0x13, 0xDB, 0xD5, 0x61, 0x48, 0x89, 0x33 } }, | |
| 1876 | {41+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01 }, | |
| 1877 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1878 | { 0x02, 0x4D, 0x1F, 0xFA, 0x89, 0x04, 0xE3, 0x89 } }, | |
| 1879 | {42+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01 }, | |
| 1880 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1881 | { 0xD1, 0x39, 0x97, 0x12, 0xF9, 0x9B, 0xF0, 0x2E } }, | |
| 1882 | {43+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01 }, | |
| 1883 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1884 | { 0x14, 0xC1, 0xD7, 0xC1, 0xCF, 0xFE, 0xC7, 0x9E } }, | |
| 1885 | {44+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01 }, | |
| 1886 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1887 | { 0x1D, 0xE5, 0x27, 0x9D, 0xAE, 0x3B, 0xED, 0x6F } }, | |
| 1888 | {45+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01 }, | |
| 1889 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1890 | { 0xE9, 0x41, 0xA3, 0x3F, 0x85, 0x50, 0x13, 0x03 } }, | |
| 1891 | {46+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01 }, | |
| 1892 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1893 | { 0xDA, 0x99, 0xDB, 0xBC, 0x9A, 0x03, 0xF3, 0x79 } }, | |
| 1894 | {47+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01 }, | |
| 1895 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1896 | { 0xB7, 0xFC, 0x92, 0xF9, 0x1D, 0x8E, 0x92, 0xE9 } }, | |
| 1897 | {48+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01 }, | |
| 1898 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1899 | { 0xAE, 0x8E, 0x5C, 0xAA, 0x3C, 0xA0, 0x4E, 0x85 } }, | |
| 1900 | {49+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80 }, | |
| 1901 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1902 | { 0x9C, 0xC6, 0x2D, 0xF4, 0x3B, 0x6E, 0xED, 0x74 } }, | |
| 1903 | {50+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40 }, | |
| 1904 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1905 | { 0xD8, 0x63, 0xDB, 0xB5, 0xC5, 0x9A, 0x91, 0xA0 } }, | |
| 1906 | {51+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20 }, | |
| 1907 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1908 | { 0xA1, 0xAB, 0x21, 0x90, 0x54, 0x5B, 0x91, 0xD7 } }, | |
| 1909 | {52+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10 }, | |
| 1910 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1911 | { 0x08, 0x75, 0x04, 0x1E, 0x64, 0xC5, 0x70, 0xF7 } }, | |
| 1912 | {53+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08 }, | |
| 1913 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1914 | { 0x5A, 0x59, 0x45, 0x28, 0xBE, 0xBE, 0xF1, 0xCC } }, | |
| 1915 | {54+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04 }, | |
| 1916 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1917 | { 0xFC, 0xDB, 0x32, 0x91, 0xDE, 0x21, 0xF0, 0xC0 } }, | |
| 1918 | {55+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02 }, | |
| 1919 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1920 | { 0x86, 0x9E, 0xFD, 0x7F, 0x9F, 0x26, 0x5A, 0x09 } }, | |
| 1921 | #endif /* LTC_TEST_EXT */ | |
| 1688 | { { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
| 1689 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1690 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 } }, | |
| 1691 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1692 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 }, | |
| 1693 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1694 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1695 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 }, | |
| 1696 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1697 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1698 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA }, | |
| 1699 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1700 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1701 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F }, | |
| 1702 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1703 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1704 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 }, | |
| 1705 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1706 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1707 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF }, | |
| 1708 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1709 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1710 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F }, | |
| 1711 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1712 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1713 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 }, | |
| 1714 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1715 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1716 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A }, | |
| 1717 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1718 | ||
| 1719 | { { 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1720 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1721 | { 0x95, 0xA8, 0xD7, 0x28, 0x13, 0xDA, 0xA9, 0x4D } }, | |
| 1722 | { { 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1723 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1724 | { 0x0E, 0xEC, 0x14, 0x87, 0xDD, 0x8C, 0x26, 0xD5 } }, | |
| 1725 | { { 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1726 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1727 | { 0x7A, 0xD1, 0x6F, 0xFB, 0x79, 0xC4, 0x59, 0x26 } }, | |
| 1728 | { { 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1729 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1730 | { 0xD3, 0x74, 0x62, 0x94, 0xCA, 0x6A, 0x6C, 0xF3 } }, | |
| 1731 | { { 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1732 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1733 | { 0x80, 0x9F, 0x5F, 0x87, 0x3C, 0x1F, 0xD7, 0x61 } }, | |
| 1734 | { { 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1735 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1736 | { 0xC0, 0x2F, 0xAF, 0xFE, 0xC9, 0x89, 0xD1, 0xFC } }, | |
| 1737 | { { 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1738 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1739 | { 0x46, 0x15, 0xAA, 0x1D, 0x33, 0xE7, 0x2F, 0x10 } }, | |
| 1740 | { { 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1741 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1742 | { 0x20, 0x55, 0x12, 0x33, 0x50, 0xC0, 0x08, 0x58 } }, | |
| 1743 | { { 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1744 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1745 | { 0xDF, 0x3B, 0x99, 0xD6, 0x57, 0x73, 0x97, 0xC8 } }, | |
| 1746 | { { 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1747 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1748 | { 0x31, 0xFE, 0x17, 0x36, 0x9B, 0x52, 0x88, 0xC9 } }, | |
| 1749 | { { 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1750 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1751 | { 0xDF, 0xDD, 0x3C, 0xC6, 0x4D, 0xAE, 0x16, 0x42 } }, | |
| 1752 | { { 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1753 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1754 | { 0x17, 0x8C, 0x83, 0xCE, 0x2B, 0x39, 0x9D, 0x94 } }, | |
| 1755 | { { 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1756 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1757 | { 0x50, 0xF6, 0x36, 0x32, 0x4A, 0x9B, 0x7F, 0x80 } }, | |
| 1758 | { { 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1759 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1760 | { 0xA8, 0x46, 0x8E, 0xE3, 0xBC, 0x18, 0xF0, 0x6D } }, | |
| 1761 | { { 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1762 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1763 | { 0xA2, 0xDC, 0x9E, 0x92, 0xFD, 0x3C, 0xDE, 0x92 } }, | |
| 1764 | { { 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1765 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1766 | { 0xCA, 0xC0, 0x9F, 0x79, 0x7D, 0x03, 0x12, 0x87 } }, | |
| 1767 | { { 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1768 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1769 | { 0x90, 0xBA, 0x68, 0x0B, 0x22, 0xAE, 0xB5, 0x25 } }, | |
| 1770 | { { 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1771 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1772 | { 0xCE, 0x7A, 0x24, 0xF3, 0x50, 0xE2, 0x80, 0xB6 } }, | |
| 1773 | { { 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1774 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1775 | { 0x88, 0x2B, 0xFF, 0x0A, 0xA0, 0x1A, 0x0B, 0x87 } }, | |
| 1776 | { { 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1777 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1778 | { 0x25, 0x61, 0x02, 0x88, 0x92, 0x45, 0x11, 0xC2 } }, | |
| 1779 | { { 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
| 1780 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1781 | { 0xC7, 0x15, 0x16, 0xC2, 0x9C, 0x75, 0xD1, 0x70 } }, | |
| 1782 | { { 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01 }, | |
| 1783 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1784 | { 0x51, 0x99, 0xC2, 0x9A, 0x52, 0xC9, 0xF0, 0x59 } }, | |
| 1785 | { { 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01 }, | |
| 1786 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1787 | { 0xC2, 0x2F, 0x0A, 0x29, 0x4A, 0x71, 0xF2, 0x9F } }, | |
| 1788 | { { 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01 }, | |
| 1789 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1790 | { 0xEE, 0x37, 0x14, 0x83, 0x71, 0x4C, 0x02, 0xEA } }, | |
| 1791 | { { 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01 }, | |
| 1792 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1793 | { 0xA8, 0x1F, 0xBD, 0x44, 0x8F, 0x9E, 0x52, 0x2F } }, | |
| 1794 | { { 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01 }, | |
| 1795 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1796 | { 0x4F, 0x64, 0x4C, 0x92, 0xE1, 0x92, 0xDF, 0xED } }, | |
| 1797 | { { 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01 }, | |
| 1798 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1799 | { 0x1A, 0xFA, 0x9A, 0x66, 0xA6, 0xDF, 0x92, 0xAE } }, | |
| 1800 | { { 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01 }, | |
| 1801 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1802 | { 0xB3, 0xC1, 0xCC, 0x71, 0x5C, 0xB8, 0x79, 0xD8 } }, | |
| 1803 | { { 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01 }, | |
| 1804 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1805 | { 0x19, 0xD0, 0x32, 0xE6, 0x4A, 0xB0, 0xBD, 0x8B } }, | |
| 1806 | { { 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01 }, | |
| 1807 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1808 | { 0x3C, 0xFA, 0xA7, 0xA7, 0xDC, 0x87, 0x20, 0xDC } }, | |
| 1809 | { { 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01 }, | |
| 1810 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1811 | { 0xB7, 0x26, 0x5F, 0x7F, 0x44, 0x7A, 0xC6, 0xF3 } }, | |
| 1812 | { { 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01 }, | |
| 1813 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1814 | { 0x9D, 0xB7, 0x3B, 0x3C, 0x0D, 0x16, 0x3F, 0x54 } }, | |
| 1815 | { { 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01 }, | |
| 1816 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1817 | { 0x81, 0x81, 0xB6, 0x5B, 0xAB, 0xF4, 0xA9, 0x75 } }, | |
| 1818 | { { 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01 }, | |
| 1819 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1820 | { 0x93, 0xC9, 0xB6, 0x40, 0x42, 0xEA, 0xA2, 0x40 } }, | |
| 1821 | { { 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01 }, | |
| 1822 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1823 | { 0x55, 0x70, 0x53, 0x08, 0x29, 0x70, 0x55, 0x92 } }, | |
| 1824 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01 }, | |
| 1825 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1826 | { 0x86, 0x38, 0x80, 0x9E, 0x87, 0x87, 0x87, 0xA0 } }, | |
| 1827 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01 }, | |
| 1828 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1829 | { 0x41, 0xB9, 0xA7, 0x9A, 0xF7, 0x9A, 0xC2, 0x08 } }, | |
| 1830 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01 }, | |
| 1831 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1832 | { 0x7A, 0x9B, 0xE4, 0x2F, 0x20, 0x09, 0xA8, 0x92 } }, | |
| 1833 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01 }, | |
| 1834 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1835 | { 0x29, 0x03, 0x8D, 0x56, 0xBA, 0x6D, 0x27, 0x45 } }, | |
| 1836 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01 }, | |
| 1837 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1838 | { 0x54, 0x95, 0xC6, 0xAB, 0xF1, 0xE5, 0xDF, 0x51 } }, | |
| 1839 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01 }, | |
| 1840 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1841 | { 0xAE, 0x13, 0xDB, 0xD5, 0x61, 0x48, 0x89, 0x33 } }, | |
| 1842 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01 }, | |
| 1843 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1844 | { 0x02, 0x4D, 0x1F, 0xFA, 0x89, 0x04, 0xE3, 0x89 } }, | |
| 1845 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01 }, | |
| 1846 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1847 | { 0xD1, 0x39, 0x97, 0x12, 0xF9, 0x9B, 0xF0, 0x2E } }, | |
| 1848 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01 }, | |
| 1849 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1850 | { 0x14, 0xC1, 0xD7, 0xC1, 0xCF, 0xFE, 0xC7, 0x9E } }, | |
| 1851 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01 }, | |
| 1852 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1853 | { 0x1D, 0xE5, 0x27, 0x9D, 0xAE, 0x3B, 0xED, 0x6F } }, | |
| 1854 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01 }, | |
| 1855 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1856 | { 0xE9, 0x41, 0xA3, 0x3F, 0x85, 0x50, 0x13, 0x03 } }, | |
| 1857 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01 }, | |
| 1858 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1859 | { 0xDA, 0x99, 0xDB, 0xBC, 0x9A, 0x03, 0xF3, 0x79 } }, | |
| 1860 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01 }, | |
| 1861 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1862 | { 0xB7, 0xFC, 0x92, 0xF9, 0x1D, 0x8E, 0x92, 0xE9 } }, | |
| 1863 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01 }, | |
| 1864 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1865 | { 0xAE, 0x8E, 0x5C, 0xAA, 0x3C, 0xA0, 0x4E, 0x85 } }, | |
| 1866 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80 }, | |
| 1867 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1868 | { 0x9C, 0xC6, 0x2D, 0xF4, 0x3B, 0x6E, 0xED, 0x74 } }, | |
| 1869 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40 }, | |
| 1870 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1871 | { 0xD8, 0x63, 0xDB, 0xB5, 0xC5, 0x9A, 0x91, 0xA0 } }, | |
| 1872 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20 }, | |
| 1873 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1874 | { 0xA1, 0xAB, 0x21, 0x90, 0x54, 0x5B, 0x91, 0xD7 } }, | |
| 1875 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10 }, | |
| 1876 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1877 | { 0x08, 0x75, 0x04, 0x1E, 0x64, 0xC5, 0x70, 0xF7 } }, | |
| 1878 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08 }, | |
| 1879 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1880 | { 0x5A, 0x59, 0x45, 0x28, 0xBE, 0xBE, 0xF1, 0xCC } }, | |
| 1881 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04 }, | |
| 1882 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1883 | { 0xFC, 0xDB, 0x32, 0x91, 0xDE, 0x21, 0xF0, 0xC0 } }, | |
| 1884 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02 }, | |
| 1885 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1886 | { 0x86, 0x9E, 0xFD, 0x7F, 0x9F, 0x26, 0x5A, 0x09 } }, | |
| 1922 | 1887 | |
| 1923 | 1888 | /*** more test cases you could add if you are not convinced (the above test cases aren't really too good): |
| 1924 | 1889 | |
| 1961 | 1926 | http://www.ecs.soton.ac.uk/~prw99r/ez438/vectors.txt |
| 1962 | 1927 | ***/ |
| 1963 | 1928 | }; |
| 1964 | int i, y; | |
| 1965 | unsigned char tmp[8]; | |
| 1966 | symmetric_key des; | |
| 1967 | ||
| 1968 | for(i=0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
| 1929 | unsigned char key[8], pt[8], ct[8], tmp[8]; | |
| 1930 | symmetric_key skey; | |
| 1931 | int i, err; | |
| 1932 | ||
| 1933 | for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
| 1969 | 1934 | { |
| 1970 | if ((err = des_setup(cases[i].key, 8, 0, &des)) != CRYPT_OK) { | |
| 1971 | return err; | |
| 1935 | if ((err = des_setup(cases[i].key, 8, 0, &skey)) != CRYPT_OK) { | |
| 1936 | return err; | |
| 1972 | 1937 | } |
| 1973 | if (cases[i].mode != 0) { | |
| 1974 | des_ecb_encrypt(cases[i].txt, tmp, &des); | |
| 1975 | } else { | |
| 1976 | des_ecb_decrypt(cases[i].txt, tmp, &des); | |
| 1938 | ||
| 1939 | des_ecb_encrypt(cases[i].txt, ct, &skey); | |
| 1940 | ||
| 1941 | if (compare_testvector(ct, sizeof(ct), cases[i].out, 8, "DES Encrypt", i) != 0) { | |
| 1942 | return CRYPT_FAIL_TESTVECTOR; | |
| 1977 | 1943 | } |
| 1978 | 1944 | |
| 1979 | if (compare_testvector(cases[i].out, sizeof(tmp), tmp, sizeof(tmp), "DES", i) != 0) { | |
| 1980 | return CRYPT_FAIL_TESTVECTOR; | |
| 1945 | des_ecb_decrypt(ct, pt, &skey); | |
| 1946 | ||
| 1947 | if (compare_testvector(pt, sizeof(pt), cases[i].txt, 8, "DES Decrypt", i) != 0) { | |
| 1948 | return CRYPT_FAIL_TESTVECTOR; | |
| 1981 | 1949 | } |
| 1982 | ||
| 1983 | /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ | |
| 1984 | for (y = 0; y < 8; y++) tmp[y] = 0; | |
| 1985 | for (y = 0; y < 1000; y++) des_ecb_encrypt(tmp, tmp, &des); | |
| 1986 | for (y = 0; y < 1000; y++) des_ecb_decrypt(tmp, tmp, &des); | |
| 1987 | for (y = 0; y < 8; y++) if (tmp[y] != 0) return CRYPT_FAIL_TESTVECTOR; | |
| 1950 | } | |
| 1951 | ||
| 1952 | /* See if we can encrypt all zero bytes 1000 times, decrypt and come back to where we started */ | |
| 1953 | ||
| 1954 | for (i = 0; i < 8; i++) key[i] = i; | |
| 1955 | ||
| 1956 | if ((err = des_setup(key, 8, 0, &skey)) != CRYPT_OK) { | |
| 1957 | return err; | |
| 1958 | } | |
| 1959 | ||
| 1960 | for (i = 0; i < 8; i++) pt[i] = tmp[i] = 0; | |
| 1961 | for (i = 0; i < 1000; i++) des_ecb_encrypt(tmp, tmp, &skey); | |
| 1962 | for (i = 0; i < 1000; i++) des_ecb_decrypt(tmp, tmp, &skey); | |
| 1963 | ||
| 1964 | if (compare_testvector(tmp, 8, pt, 8, "DES", 0) != 0) { | |
| 1965 | return CRYPT_FAIL_TESTVECTOR; | |
| 1988 | 1966 | } |
| 1989 | 1967 | |
| 1990 | 1968 | return CRYPT_OK; |
| 1996 | 1974 | #ifndef LTC_TEST |
| 1997 | 1975 | return CRYPT_NOP; |
| 1998 | 1976 | #else |
| 1999 | unsigned char key[24], pt[8], ct[8], tmp[8]; | |
| 2000 | symmetric_key skey; | |
| 2001 | int x, err; | |
| 2002 | ||
| 2003 | if ((err = des_test()) != CRYPT_OK) { | |
| 2004 | return err; | |
| 2005 | } | |
| 2006 | ||
| 2007 | for (x = 0; x < 8; x++) { | |
| 2008 | pt[x] = x; | |
| 2009 | } | |
| 2010 | ||
| 2011 | for (x = 0; x < 24; x++) { | |
| 2012 | key[x] = x; | |
| 2013 | } | |
| 2014 | ||
| 2015 | if ((err = des3_setup(key, 24, 0, &skey)) != CRYPT_OK) { | |
| 2016 | return err; | |
| 2017 | } | |
| 2018 | ||
| 2019 | des3_ecb_encrypt(pt, ct, &skey); | |
| 2020 | des3_ecb_decrypt(ct, tmp, &skey); | |
| 2021 | ||
| 2022 | if (compare_testvector(pt, 8, tmp, 8, "3DES", 0) != 0) { | |
| 2023 | return CRYPT_FAIL_TESTVECTOR; | |
| 2024 | } | |
| 2025 | ||
| 2026 | return CRYPT_OK; | |
| 1977 | static const struct des3_test_case { | |
| 1978 | unsigned char key[16], txt[8], out[8]; | |
| 1979 | } cases[] = { | |
| 1980 | /* | |
| 1981 | https://www.cosic.esat.kuleuven.be/nessie/testvectors/bc/des/Triple-Des-2-Key-128-64.unverified.test-vectors | |
| 1982 | */ | |
| 1983 | { { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1984 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1985 | { 0xFA, 0xFD, 0x50, 0x84, 0x37, 0x4F, 0xCE, 0x34 } }, | |
| 1986 | { { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1987 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1988 | { 0x60, 0xCC, 0x37, 0xB7, 0xB5, 0x37, 0xA1, 0xDC } }, | |
| 1989 | { { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1990 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
| 1991 | { 0xBE, 0x3E, 0x73, 0x04, 0xFE, 0x92, 0xC2, 0xBC } }, | |
| 1992 | { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00 }, | |
| 1993 | { 0xE5, 0xA9, 0xE3, 0x80, 0x03, 0xA5, 0xA0, 0xFD }, | |
| 1994 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
| 1995 | { { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }, | |
| 1996 | { 0xE4, 0xFC, 0x19, 0xD6, 0x94, 0x63, 0xB7, 0x83 }, | |
| 1997 | { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 } }, | |
| 1998 | }; | |
| 1999 | unsigned char key[24], pt[8], ct[8], tmp[8]; | |
| 2000 | symmetric_key skey; | |
| 2001 | int i, err; | |
| 2002 | ||
| 2003 | if ((err = des_test()) != CRYPT_OK) { | |
| 2004 | return err; | |
| 2005 | } | |
| 2006 | ||
| 2007 | for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
| 2008 | { | |
| 2009 | if ((err = des3_setup(cases[i].key, 16, 0, &skey)) != CRYPT_OK) { | |
| 2010 | return err; | |
| 2011 | } | |
| 2012 | ||
| 2013 | des3_ecb_encrypt(cases[i].txt, ct, &skey); | |
| 2014 | ||
| 2015 | if (compare_testvector(ct, sizeof(ct), cases[i].out, 8, "3DES Encrypt", i) != 0) { | |
| 2016 | return CRYPT_FAIL_TESTVECTOR; | |
| 2017 | } | |
| 2018 | ||
| 2019 | des3_ecb_decrypt(ct, pt, &skey); | |
| 2020 | ||
| 2021 | if (compare_testvector(pt, sizeof(pt), cases[i].txt, 8, "3DES Decrypt", i) != 0) { | |
| 2022 | return CRYPT_FAIL_TESTVECTOR; | |
| 2023 | } | |
| 2024 | } | |
| 2025 | ||
| 2026 | /* See if we can encrypt all zero bytes 1000 times, decrypt and come back to where we started */ | |
| 2027 | ||
| 2028 | for (i = 0; i < 24; i++) key[i] = i; | |
| 2029 | ||
| 2030 | if ((err = des3_setup(key, 24, 0, &skey)) != CRYPT_OK) { | |
| 2031 | return err; | |
| 2032 | } | |
| 2033 | ||
| 2034 | for (i = 0; i < 8; i++) pt[i] = tmp[i] = 0; | |
| 2035 | for (i = 0; i < 1000; i++) des3_ecb_encrypt(tmp, tmp, &skey); | |
| 2036 | for (i = 0; i < 1000; i++) des3_ecb_decrypt(tmp, tmp, &skey); | |
| 2037 | ||
| 2038 | if (compare_testvector(tmp, 8, pt, 8, "3DES", 0) != 0) { | |
| 2039 | return CRYPT_FAIL_TESTVECTOR; | |
| 2040 | } | |
| 2041 | ||
| 2042 | return CRYPT_OK; | |
| 2027 | 2043 | #endif |
| 2028 | 2044 | } |
| 2029 | 2045 | |
| 135 | 135 | LTC_ARGCHK(pt != NULL); |
| 136 | 136 | LTC_ARGCHK(ct != NULL); |
| 137 | 137 | |
| 138 | if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) { | |
| 139 | return CRYPT_INVALID_ROUNDS; | |
| 140 | } | |
| 141 | ||
| 138 | 142 | LOAD32L(A, &pt[0]); |
| 139 | 143 | LOAD32L(B, &pt[4]); |
| 140 | 144 | A += skey->rc5.K[0]; |
| 190 | 194 | LTC_ARGCHK(skey != NULL); |
| 191 | 195 | LTC_ARGCHK(pt != NULL); |
| 192 | 196 | LTC_ARGCHK(ct != NULL); |
| 197 | ||
| 198 | if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) { | |
| 199 | return CRYPT_INVALID_ROUNDS; | |
| 200 | } | |
| 193 | 201 | |
| 194 | 202 | LOAD32L(A, &ct[0]); |
| 195 | 203 | LOAD32L(B, &ct[4]); |
| 346 | 346 | LTC_ARGCHK(ct != NULL); |
| 347 | 347 | LTC_ARGCHK(skey != NULL); |
| 348 | 348 | |
| 349 | if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) { | |
| 350 | return CRYPT_INVALID_ROUNDS; | |
| 351 | } | |
| 352 | ||
| 349 | 353 | /* do eight rounds */ |
| 350 | 354 | for (x = 0; x < 16; x++) { |
| 351 | 355 | b[x] = pt[x]; |
| 409 | 413 | LTC_ARGCHK(pt != NULL); |
| 410 | 414 | LTC_ARGCHK(ct != NULL); |
| 411 | 415 | LTC_ARGCHK(skey != NULL); |
| 416 | ||
| 417 | if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) { | |
| 418 | return CRYPT_INVALID_ROUNDS; | |
| 419 | } | |
| 412 | 420 | |
| 413 | 421 | /* do eight rounds */ |
| 414 | 422 | b[0] = ct[0] ^ skey->saferp.K[skey->saferp.rounds*2][0]; |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | ||
| 9 | /** | |
| 10 | @file tea.c | |
| 11 | Implementation of TEA, Steffen Jaeckel | |
| 12 | */ | |
| 13 | #include "tomcrypt_private.h" | |
| 14 | ||
| 15 | #ifdef LTC_TEA | |
| 16 | ||
| 17 | const struct ltc_cipher_descriptor tea_desc = | |
| 18 | { | |
| 19 | "tea", | |
| 20 | 26, | |
| 21 | 16, 16, 8, 32, | |
| 22 | &tea_setup, | |
| 23 | &tea_ecb_encrypt, | |
| 24 | &tea_ecb_decrypt, | |
| 25 | &tea_test, | |
| 26 | &tea_done, | |
| 27 | &tea_keysize, | |
| 28 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL | |
| 29 | }; | |
| 30 | ||
| 31 | #define DELTA 0x9E3779B9uL | |
| 32 | #define SUM 0xC6EF3720uL | |
| 33 | ||
| 34 | int tea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) | |
| 35 | { | |
| 36 | LTC_ARGCHK(key != NULL); | |
| 37 | LTC_ARGCHK(skey != NULL); | |
| 38 | ||
| 39 | /* check arguments */ | |
| 40 | if (keylen != 16) { | |
| 41 | return CRYPT_INVALID_KEYSIZE; | |
| 42 | } | |
| 43 | ||
| 44 | if (num_rounds != 0 && num_rounds != 32) { | |
| 45 | return CRYPT_INVALID_ROUNDS; | |
| 46 | } | |
| 47 | ||
| 48 | /* load key */ | |
| 49 | LOAD32H(skey->tea.k[0], key+0); | |
| 50 | LOAD32H(skey->tea.k[1], key+4); | |
| 51 | LOAD32H(skey->tea.k[2], key+8); | |
| 52 | LOAD32H(skey->tea.k[3], key+12); | |
| 53 | ||
| 54 | return CRYPT_OK; | |
| 55 | } | |
| 56 | ||
| 57 | /** | |
| 58 | Encrypts a block of text with TEA | |
| 59 | @param pt The input plaintext (8 bytes) | |
| 60 | @param ct The output ciphertext (8 bytes) | |
| 61 | @param skey The key as scheduled | |
| 62 | @return CRYPT_OK if successful | |
| 63 | */ | |
| 64 | int tea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
| 65 | { | |
| 66 | ulong32 y, z, sum = 0; | |
| 67 | const ulong32 delta = DELTA; | |
| 68 | int r; | |
| 69 | ||
| 70 | LTC_ARGCHK(pt != NULL); | |
| 71 | LTC_ARGCHK(ct != NULL); | |
| 72 | LTC_ARGCHK(skey != NULL); | |
| 73 | ||
| 74 | LOAD32H(y, &pt[0]); | |
| 75 | LOAD32H(z, &pt[4]); | |
| 76 | for (r = 0; r < 32; r += 4) { | |
| 77 | sum += delta; | |
| 78 | y += ((z<<4) + skey->tea.k[0]) ^ (z + sum) ^ ((z>>5) + skey->tea.k[1]); | |
| 79 | z += ((y<<4) + skey->tea.k[2]) ^ (y + sum) ^ ((y>>5) + skey->tea.k[3]); | |
| 80 | } | |
| 81 | STORE32H(y, &ct[0]); | |
| 82 | STORE32H(z, &ct[4]); | |
| 83 | return CRYPT_OK; | |
| 84 | } | |
| 85 | ||
| 86 | /** | |
| 87 | Decrypts a block of text with TEA | |
| 88 | @param ct The input ciphertext (8 bytes) | |
| 89 | @param pt The output plaintext (8 bytes) | |
| 90 | @param skey The key as scheduled | |
| 91 | @return CRYPT_OK if successful | |
| 92 | */ | |
| 93 | int tea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
| 94 | { | |
| 95 | ulong32 v0, v1, sum = SUM; | |
| 96 | const ulong32 delta = DELTA; | |
| 97 | int r; | |
| 98 | ||
| 99 | LTC_ARGCHK(pt != NULL); | |
| 100 | LTC_ARGCHK(ct != NULL); | |
| 101 | LTC_ARGCHK(skey != NULL); | |
| 102 | ||
| 103 | LOAD32H(v0, &ct[0]); | |
| 104 | LOAD32H(v1, &ct[4]); | |
| 105 | ||
| 106 | for (r = 0; r < 32; r++) { | |
| 107 | v1 -= ((v0 << 4) + skey->tea.k[2]) ^ (v0 + sum) ^ ((v0 >> 5) + skey->tea.k[3]); | |
| 108 | v0 -= ((v1 << 4) + skey->tea.k[0]) ^ (v1 + sum) ^ ((v1 >> 5) + skey->tea.k[1]); | |
| 109 | sum -= delta; | |
| 110 | } | |
| 111 | ||
| 112 | STORE32H(v0, &pt[0]); | |
| 113 | STORE32H(v1, &pt[4]); | |
| 114 | return CRYPT_OK; | |
| 115 | } | |
| 116 | ||
| 117 | /** | |
| 118 | Performs a self-test of the TEA block cipher | |
| 119 | @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled | |
| 120 | */ | |
| 121 | int tea_test(void) | |
| 122 | { | |
| 123 | #ifndef LTC_TEST | |
| 124 | return CRYPT_NOP; | |
| 125 | #else | |
| 126 | static const struct { | |
| 127 | const char *key, *pt, *ct; | |
| 128 | } tests[] = { | |
| 129 | { | |
| 130 | "00000000000000000000000000000000", | |
| 131 | "0000000000000000", | |
| 132 | "41ea3a0a94baa940" | |
| 133 | }, { | |
| 134 | "32a1e65408b63bb9214105744ec5d2e2", | |
| 135 | "5ada1d89a9c3801a", | |
| 136 | "dd46249e28aa0b4b" | |
| 137 | }, { | |
| 138 | "60388adadf70a1f5d9cb4e097d2c6c57", | |
| 139 | "7a6adb4d69c53e0f", | |
| 140 | "44b71215cf25368a" | |
| 141 | }, { | |
| 142 | "4368d2249bd0321eb7c56d5b63a1bfac", | |
| 143 | "5a5d7ca2e186c41a", | |
| 144 | "91f56dff7281794f" | |
| 145 | }, { | |
| 146 | "5c60bff27072d01c4513c5eb8f3a38ab", | |
| 147 | "80d9c4adcf899635", | |
| 148 | "2bb0f1b3c023ed11" | |
| 149 | } | |
| 150 | }; | |
| 151 | unsigned char ptct[2][8]; | |
| 152 | unsigned char tmp[2][8]; | |
| 153 | unsigned char key[16]; | |
| 154 | unsigned long l; | |
| 155 | symmetric_key skey; | |
| 156 | size_t i; | |
| 157 | int err, y; | |
| 158 | for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { | |
| 159 | zeromem(&skey, sizeof(skey)); | |
| 160 | ||
| 161 | l = sizeof(key); | |
| 162 | if ((err = base16_decode(tests[i].key, XSTRLEN(tests[i].key), key, &l)) != CRYPT) return err; | |
| 163 | l = sizeof(ptct[0]); | |
| 164 | if ((err = base16_decode(tests[i].pt, XSTRLEN(tests[i].pt), ptct[0], &l)) != CRYPT) return err; | |
| 165 | l = sizeof(ptct[1]); | |
| 166 | if ((err = base16_decode(tests[i].ct, XSTRLEN(tests[i].ct), ptct[1], &l)) != CRYPT) return err; | |
| 167 | ||
| 168 | if ((err = tea_setup(key, 16, 0, &skey)) != CRYPT_OK) { | |
| 169 | return err; | |
| 170 | } | |
| 171 | tea_ecb_encrypt(ptct[0], tmp[0], &skey); | |
| 172 | tea_ecb_decrypt(tmp[0], tmp[1], &skey); | |
| 173 | ||
| 174 | if (compare_testvector(tmp[0], 8, ptct[0], 8, "TEA Encrypt", i) != 0 || | |
| 175 | compare_testvector(tmp[1], 8, ptct[1], 8, "TEA Decrypt", i) != 0) { | |
| 176 | return CRYPT_FAIL_TESTVECTOR; | |
| 177 | } | |
| 178 | ||
| 179 | /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ | |
| 180 | for (y = 0; y < 8; y++) tmp[0][y] = 0; | |
| 181 | for (y = 0; y < 1000; y++) tea_ecb_encrypt(tmp[0], tmp[0], &skey); | |
| 182 | for (y = 0; y < 1000; y++) tea_ecb_decrypt(tmp[0], tmp[0], &skey); | |
| 183 | for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; | |
| 184 | } /* for */ | |
| 185 | ||
| 186 | return CRYPT_OK; | |
| 187 | #endif | |
| 188 | } | |
| 189 | ||
| 190 | /** Terminate the context | |
| 191 | @param skey The scheduled key | |
| 192 | */ | |
| 193 | void tea_done(symmetric_key *skey) | |
| 194 | { | |
| 195 | LTC_UNUSED_PARAM(skey); | |
| 196 | } | |
| 197 | ||
| 198 | /** | |
| 199 | Gets suitable key size | |
| 200 | @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. | |
| 201 | @return CRYPT_OK if the input key size is acceptable. | |
| 202 | */ | |
| 203 | int tea_keysize(int *keysize) | |
| 204 | { | |
| 205 | LTC_ARGCHK(keysize != NULL); | |
| 206 | if (*keysize < 16) { | |
| 207 | return CRYPT_INVALID_KEYSIZE; | |
| 208 | } | |
| 209 | *keysize = 16; | |
| 210 | return CRYPT_OK; | |
| 211 | } | |
| 212 | ||
| 213 | #endif | |
| 214 | ||
| 215 | ||
| 216 | /* ref: $Format:%D$ */ | |
| 217 | /* git commit: $Format:%H$ */ | |
| 218 | /* commit time: $Format:%ai$ */ |
| 8 | 8 | |
| 9 | 9 | /** |
| 10 | 10 | @file xtea.c |
| 11 | Implementation of LTC_XTEA, Tom St Denis | |
| 11 | Implementation of eXtended TEA, Tom St Denis | |
| 12 | 12 | */ |
| 13 | 13 | #include "tomcrypt_private.h" |
| 14 | 14 |
| 12 | 12 | */ |
| 13 | 13 | #include "tomcrypt_private.h" |
| 14 | 14 | |
| 15 | #if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || ((defined(LTC_GCM_MODE) || defined(LTC_GCM_MODE)) && defined(LTC_FAST)) | |
| 15 | #if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || (defined(LTC_GCM_MODE) && defined(LTC_FAST)) | |
| 16 | 16 | |
| 17 | 17 | /* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format. Since only the |
| 18 | 18 | * lower 16 bits are not zero'ed I removed the upper 14 bytes */ |
| 479 | 479 | |
| 480 | 480 | for (i = 0; tests[i].msg != NULL; i++) { |
| 481 | 481 | blake2b_512_init(&md); |
| 482 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 482 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 483 | 483 | blake2b_done(&md, tmp); |
| 484 | 484 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_512", i)) { |
| 485 | 485 | return CRYPT_FAIL_TESTVECTOR; |
| 526 | 526 | |
| 527 | 527 | for (i = 0; tests[i].msg != NULL; i++) { |
| 528 | 528 | blake2b_384_init(&md); |
| 529 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 529 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 530 | 530 | blake2b_done(&md, tmp); |
| 531 | 531 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_384", i)) { |
| 532 | 532 | return CRYPT_FAIL_TESTVECTOR; |
| 579 | 579 | |
| 580 | 580 | for (i = 0; tests[i].msg != NULL; i++) { |
| 581 | 581 | blake2b_256_init(&md); |
| 582 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 582 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 583 | 583 | blake2b_done(&md, tmp); |
| 584 | 584 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_256", i)) { |
| 585 | 585 | return CRYPT_FAIL_TESTVECTOR; |
| 620 | 620 | |
| 621 | 621 | for (i = 0; tests[i].msg != NULL; i++) { |
| 622 | 622 | blake2b_160_init(&md); |
| 623 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 623 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 624 | 624 | blake2b_done(&md, tmp); |
| 625 | 625 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_160", i)) { |
| 626 | 626 | return CRYPT_FAIL_TESTVECTOR; |
| 469 | 469 | |
| 470 | 470 | for (i = 0; tests[i].msg != NULL; i++) { |
| 471 | 471 | blake2s_256_init(&md); |
| 472 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 472 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 473 | 473 | blake2s_done(&md, tmp); |
| 474 | 474 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_256", i)) { |
| 475 | 475 | return CRYPT_FAIL_TESTVECTOR; |
| 513 | 513 | |
| 514 | 514 | for (i = 0; tests[i].msg != NULL; i++) { |
| 515 | 515 | blake2s_224_init(&md); |
| 516 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 516 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 517 | 517 | blake2s_done(&md, tmp); |
| 518 | 518 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_224", i)) { |
| 519 | 519 | return CRYPT_FAIL_TESTVECTOR; |
| 555 | 555 | |
| 556 | 556 | for (i = 0; tests[i].msg != NULL; i++) { |
| 557 | 557 | blake2s_160_init(&md); |
| 558 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 558 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 559 | 559 | blake2s_done(&md, tmp); |
| 560 | 560 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_160", i)) { |
| 561 | 561 | return CRYPT_FAIL_TESTVECTOR; |
| 595 | 595 | |
| 596 | 596 | for (i = 0; tests[i].msg != NULL; i++) { |
| 597 | 597 | blake2s_128_init(&md); |
| 598 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 598 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 599 | 599 | blake2s_done(&md, tmp); |
| 600 | 600 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_128", i)) { |
| 601 | 601 | return CRYPT_FAIL_TESTVECTOR; |
| 269 | 269 | 16 |
| 270 | 270 | } |
| 271 | 271 | }; |
| 272 | int i, oldhashidx, idx; | |
| 272 | int i, oldhashidx, idx, err; | |
| 273 | 273 | unsigned char tmp[MAXBLOCKSIZE]; |
| 274 | 274 | hash_state md; |
| 275 | 275 | |
| 283 | 283 | chc_register(idx); |
| 284 | 284 | |
| 285 | 285 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
| 286 | chc_init(&md); | |
| 287 | chc_process(&md, tests[i].msg, strlen((char *)tests[i].msg)); | |
| 288 | chc_done(&md, tmp); | |
| 286 | if ((err = chc_init(&md)) != CRYPT_OK) { | |
| 287 | return err; | |
| 288 | } | |
| 289 | if ((err = chc_process(&md, tests[i].msg, XSTRLEN((char *)tests[i].msg))) != CRYPT_OK) { | |
| 290 | return err; | |
| 291 | } | |
| 292 | if ((err = chc_done(&md, tmp)) != CRYPT_OK) { | |
| 293 | return err; | |
| 294 | } | |
| 289 | 295 | if (compare_testvector(tmp, tests[i].len, tests[i].hash, tests[i].len, "CHC", i)) { |
| 290 | 296 | return CRYPT_FAIL_TESTVECTOR; |
| 291 | 297 | } |
| 231 | 231 | |
| 232 | 232 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 233 | 233 | md2_init(&md); |
| 234 | md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 234 | md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 235 | 235 | md2_done(&md, tmp); |
| 236 | 236 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD2", i)) { |
| 237 | 237 | return CRYPT_FAIL_TESTVECTOR; |
| 285 | 285 | |
| 286 | 286 | for(i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 287 | 287 | md4_init(&md); |
| 288 | md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)strlen(tests[i].input)); | |
| 288 | md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)XSTRLEN(tests[i].input)); | |
| 289 | 289 | md4_done(&md, tmp); |
| 290 | 290 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD4", i)) { |
| 291 | 291 | return CRYPT_FAIL_TESTVECTOR; |
| 346 | 346 | |
| 347 | 347 | for (i = 0; tests[i].msg != NULL; i++) { |
| 348 | 348 | md5_init(&md); |
| 349 | md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 349 | md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 350 | 350 | md5_done(&md, tmp); |
| 351 | 351 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD5", i)) { |
| 352 | 352 | return CRYPT_FAIL_TESTVECTOR; |
| 387 | 387 | |
| 388 | 388 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
| 389 | 389 | rmd128_init(&md); |
| 390 | rmd128_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
| 390 | rmd128_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
| 391 | 391 | rmd128_done(&md, tmp); |
| 392 | 392 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD128", i)) { |
| 393 | 393 | return CRYPT_FAIL_TESTVECTOR; |
| 446 | 446 | |
| 447 | 447 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
| 448 | 448 | rmd160_init(&md); |
| 449 | rmd160_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
| 449 | rmd160_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
| 450 | 450 | rmd160_done(&md, tmp); |
| 451 | 451 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD160", i)) { |
| 452 | 452 | return CRYPT_FAIL_TESTVECTOR; |
| 412 | 412 | |
| 413 | 413 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
| 414 | 414 | rmd256_init(&md); |
| 415 | rmd256_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
| 415 | rmd256_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
| 416 | 416 | rmd256_done(&md, tmp); |
| 417 | 417 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD256", i)) { |
| 418 | 418 | return CRYPT_FAIL_TESTVECTOR; |
| 477 | 477 | |
| 478 | 478 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
| 479 | 479 | rmd320_init(&md); |
| 480 | rmd320_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
| 480 | rmd320_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
| 481 | 481 | rmd320_done(&md, tmp); |
| 482 | 482 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD320", i)) { |
| 483 | 483 | return CRYPT_FAIL_TESTVECTOR; |
| 266 | 266 | |
| 267 | 267 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 268 | 268 | sha1_init(&md); |
| 269 | sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 269 | sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 270 | 270 | sha1_done(&md, tmp); |
| 271 | 271 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA1", i)) { |
| 272 | 272 | return CRYPT_FAIL_TESTVECTOR; |
| 110 | 110 | |
| 111 | 111 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 112 | 112 | sha224_init(&md); |
| 113 | sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 113 | sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 114 | 114 | sha224_done(&md, tmp); |
| 115 | 115 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA224", i)) { |
| 116 | 116 | return CRYPT_FAIL_TESTVECTOR; |
| 314 | 314 | |
| 315 | 315 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 316 | 316 | sha256_init(&md); |
| 317 | sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 317 | sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 318 | 318 | sha256_done(&md, tmp); |
| 319 | 319 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA256", i)) { |
| 320 | 320 | return CRYPT_FAIL_TESTVECTOR; |
| 116 | 116 | |
| 117 | 117 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 118 | 118 | sha384_init(&md); |
| 119 | sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 119 | sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 120 | 120 | sha384_done(&md, tmp); |
| 121 | 121 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA384", i)) { |
| 122 | 122 | return CRYPT_FAIL_TESTVECTOR; |
| 292 | 292 | |
| 293 | 293 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 294 | 294 | sha512_init(&md); |
| 295 | sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 295 | sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 296 | 296 | sha512_done(&md, tmp); |
| 297 | 297 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512", i)) { |
| 298 | 298 | return CRYPT_FAIL_TESTVECTOR; |
| 112 | 112 | |
| 113 | 113 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 114 | 114 | sha512_224_init(&md); |
| 115 | sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 115 | sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 116 | 116 | sha512_224_done(&md, tmp); |
| 117 | 117 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-224", i)) { |
| 118 | 118 | return CRYPT_FAIL_TESTVECTOR; |
| 112 | 112 | |
| 113 | 113 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 114 | 114 | sha512_256_init(&md); |
| 115 | sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 115 | sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 116 | 116 | sha512_256_done(&md, tmp); |
| 117 | 117 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-265", i)) { |
| 118 | 118 | return CRYPT_FAIL_TESTVECTOR; |
| 770 | 770 | |
| 771 | 771 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
| 772 | 772 | tiger_init(&md); |
| 773 | tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
| 773 | tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
| 774 | 774 | tiger_done(&md, tmp); |
| 775 | 775 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "TIGER", i)) { |
| 776 | 776 | return CRYPT_FAIL_TESTVECTOR; |
| 18 | 18 | #include <limits.h> |
| 19 | 19 | |
| 20 | 20 | /* use configuration data */ |
| 21 | #include <tomcrypt_custom.h> | |
| 21 | #include "tomcrypt_custom.h" | |
| 22 | 22 | |
| 23 | 23 | #ifdef __cplusplus |
| 24 | 24 | extern "C" { |
| 80 | 80 | CRYPT_HASH_OVERFLOW /* Hash applied to too many bits */ |
| 81 | 81 | }; |
| 82 | 82 | |
| 83 | #include <tomcrypt_cfg.h> | |
| 84 | #include <tomcrypt_macros.h> | |
| 85 | #include <tomcrypt_cipher.h> | |
| 86 | #include <tomcrypt_hash.h> | |
| 87 | #include <tomcrypt_mac.h> | |
| 88 | #include <tomcrypt_prng.h> | |
| 89 | #include <tomcrypt_pk.h> | |
| 90 | #include <tomcrypt_math.h> | |
| 91 | #include <tomcrypt_misc.h> | |
| 92 | #include <tomcrypt_argchk.h> | |
| 93 | #include <tomcrypt_pkcs.h> | |
| 83 | #include "tomcrypt_cfg.h" | |
| 84 | #include "tomcrypt_macros.h" | |
| 85 | #include "tomcrypt_cipher.h" | |
| 86 | #include "tomcrypt_hash.h" | |
| 87 | #include "tomcrypt_mac.h" | |
| 88 | #include "tomcrypt_prng.h" | |
| 89 | #include "tomcrypt_pk.h" | |
| 90 | #include "tomcrypt_math.h" | |
| 91 | #include "tomcrypt_misc.h" | |
| 92 | #include "tomcrypt_argchk.h" | |
| 93 | #include "tomcrypt_pkcs.h" | |
| 94 | 94 | |
| 95 | 95 | #ifdef __cplusplus |
| 96 | 96 | } |
| 205 | 205 | #ifdef _MSC_VER |
| 206 | 206 | #define CONST64(n) n ## ui64 |
| 207 | 207 | typedef unsigned __int64 ulong64; |
| 208 | typedef __int64 long64; | |
| 208 | 209 | #else |
| 209 | 210 | #define CONST64(n) n ## ULL |
| 210 | 211 | typedef unsigned long long ulong64; |
| 212 | typedef long long long64; | |
| 211 | 213 | #endif |
| 212 | 214 | |
| 213 | 215 | /* ulong32: "32-bit at least" data type */ |
| 240 | 242 | #undef ENDIAN_32BITWORD |
| 241 | 243 | #undef ENDIAN_64BITWORD |
| 242 | 244 | #undef LTC_FAST |
| 245 | #define LTC_NO_BSWAP | |
| 243 | 246 | #define LTC_NO_ROLC |
| 244 | #define LTC_NO_BSWAP | |
| 247 | #define LTC_NO_ROTATE | |
| 245 | 248 | #endif |
| 246 | 249 | |
| 247 | 250 | /* No LTC_FAST if: explicitly disabled OR non-gcc/non-clang compiler OR old gcc OR using -ansi -std=c99 */ |
| 286 | 289 | #define LTC_HAVE_BSWAP_BUILTIN |
| 287 | 290 | #endif |
| 288 | 291 | |
| 289 | #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301) | |
| 290 | #define LTC_DEPRECATED __attribute__((deprecated)) | |
| 292 | #if !defined(LTC_NO_ROTATE) && (__has_builtin(__builtin_rotateleft32) && __has_builtin(__builtin_rotateright32)) | |
| 293 | #define LTC_HAVE_ROTATE_BUILTIN | |
| 294 | #endif | |
| 295 | ||
| 296 | #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405) | |
| 297 | # define LTC_DEPRECATED(s) __attribute__((deprecated("replaced by " #s))) | |
| 298 | # define PRIVATE_LTC_DEPRECATED_PRAGMA(s) _Pragma(#s) | |
| 299 | # define LTC_DEPRECATED_PRAGMA(s) PRIVATE_LTC_DEPRECATED_PRAGMA(GCC warning s) | |
| 300 | #elif defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301) | |
| 301 | # define LTC_DEPRECATED(s) __attribute__((deprecated)) | |
| 302 | # define LTC_DEPRECATED_PRAGMA(s) | |
| 291 | 303 | #elif defined(_MSC_VER) && _MSC_VER >= 1500 |
| 292 | 304 | /* supported since Visual Studio 2008 */ |
| 293 | #define LTC_DEPRECATED __declspec(deprecated) | |
| 294 | #else | |
| 295 | #define LTC_DEPRECATED | |
| 296 | #endif | |
| 297 | ||
| 305 | # define LTC_DEPRECATED(s) __declspec(deprecated("replaced by " #s)) | |
| 306 | # define LTC_DEPRECATED_PRAGMA(s) __pragma(message(s)) | |
| 307 | #else | |
| 308 | # define LTC_DEPRECATED(s) | |
| 309 | # define LTC_DEPRECATED_PRAGMA(s) | |
| 310 | #endif | |
| 298 | 311 | /* ref: $Format:%D$ */ |
| 299 | 312 | /* git commit: $Format:%H$ */ |
| 300 | 313 | /* commit time: $Format:%ai$ */ |
| 170 | 170 | }; |
| 171 | 171 | #endif |
| 172 | 172 | |
| 173 | #ifdef LTC_TEA | |
| 174 | struct tea_key { | |
| 175 | ulong32 k[4]; | |
| 176 | }; | |
| 177 | #endif | |
| 178 | ||
| 173 | 179 | typedef union Symmetric_key { |
| 174 | 180 | #ifdef LTC_DES |
| 175 | 181 | struct des_key des; |
| 234 | 240 | #endif |
| 235 | 241 | #ifdef LTC_SERPENT |
| 236 | 242 | struct serpent_key serpent; |
| 243 | #endif | |
| 244 | #ifdef LTC_TEA | |
| 245 | struct tea_key tea; | |
| 237 | 246 | #endif |
| 238 | 247 | void *data; |
| 239 | 248 | } symmetric_key; |
| 858 | 867 | extern const struct ltc_cipher_descriptor serpent_desc; |
| 859 | 868 | #endif |
| 860 | 869 | |
| 870 | #ifdef LTC_TEA | |
| 871 | int tea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | |
| 872 | int tea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
| 873 | int tea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
| 874 | int tea_test(void); | |
| 875 | void tea_done(symmetric_key *skey); | |
| 876 | int tea_keysize(int *keysize); | |
| 877 | extern const struct ltc_cipher_descriptor tea_desc; | |
| 878 | #endif | |
| 879 | ||
| 861 | 880 | #ifdef LTC_ECB_MODE |
| 862 | 881 | int ecb_start(int cipher, const unsigned char *key, |
| 863 | 882 | int keylen, int num_rounds, symmetric_ECB *ecb); |
| 44 | 44 | #ifndef XSTRCMP |
| 45 | 45 | #define XSTRCMP strcmp |
| 46 | 46 | #endif |
| 47 | #ifndef XSTRLEN | |
| 48 | #define XSTRLEN strlen | |
| 49 | #endif | |
| 47 | 50 | #ifndef XSTRNCPY |
| 48 | 51 | #define XSTRNCPY strncpy |
| 49 | 52 | #endif |
| 58 | 61 | |
| 59 | 62 | #if ( defined(malloc) || defined(realloc) || defined(calloc) || defined(free) || \ |
| 60 | 63 | defined(memset) || defined(memcpy) || defined(memcmp) || defined(strcmp) || \ |
| 61 | defined(strncpy) || defined(clock) || defined(qsort) ) && !defined(LTC_NO_PROTOTYPES) | |
| 64 | defined(strlen) || defined(strncpy) || defined(clock) || defined(qsort) ) \ | |
| 65 | && !defined(LTC_NO_PROTOTYPES) | |
| 62 | 66 | #define LTC_NO_PROTOTYPES |
| 63 | 67 | #endif |
| 64 | 68 | |
| 206 | 210 | #define LTC_CAMELLIA |
| 207 | 211 | #define LTC_IDEA |
| 208 | 212 | #define LTC_SERPENT |
| 213 | #define LTC_TEA | |
| 209 | 214 | |
| 210 | 215 | /* stream ciphers */ |
| 211 | 216 | #define LTC_CHACHA |
| 430 | 435 | /* Digital Signature Algorithm */ |
| 431 | 436 | #define LTC_MDSA |
| 432 | 437 | |
| 438 | /* Ed25519 & X25519 */ | |
| 439 | #define LTC_CURVE25519 | |
| 440 | ||
| 433 | 441 | /* ECC */ |
| 434 | 442 | #define LTC_MECC |
| 435 | 443 | |
| 484 | 492 | #define LTC_BASE32 |
| 485 | 493 | /* Base16/hex encoding/decoding */ |
| 486 | 494 | #define LTC_BASE16 |
| 495 | ||
| 496 | #define LTC_BCRYPT | |
| 497 | ||
| 498 | #ifndef LTC_BCRYPT_DEFAULT_ROUNDS | |
| 499 | #define LTC_BCRYPT_DEFAULT_ROUNDS 10 | |
| 500 | #endif | |
| 487 | 501 | |
| 488 | 502 | /* Keep LTC_NO_HKDF for compatibility reasons |
| 489 | 503 | * superseeded by LTC_NO_MISC*/ |
| 596 | 610 | #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled |
| 597 | 611 | #endif |
| 598 | 612 | |
| 613 | #if defined(LTC_BCRYPT) && !defined(LTC_BLOWFISH) | |
| 614 | #error LTC_BCRYPT requires LTC_BLOWFISH | |
| 615 | #endif | |
| 616 | ||
| 599 | 617 | #if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) || !defined(LTC_POLY1305)) |
| 600 | 618 | #error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305 |
| 601 | 619 | #endif |
| 240 | 240 | |
| 241 | 241 | /* 32-bit Rotates */ |
| 242 | 242 | #if defined(_MSC_VER) |
| 243 | #define LTC_ROx_ASM | |
| 243 | #define LTC_ROx_BUILTIN | |
| 244 | 244 | |
| 245 | 245 | /* instrinsic rotate */ |
| 246 | 246 | #include <stdlib.h> |
| 247 | #pragma intrinsic(_lrotr,_lrotl) | |
| 248 | #define ROR(x,n) _lrotr(x,n) | |
| 249 | #define ROL(x,n) _lrotl(x,n) | |
| 250 | #define RORc(x,n) _lrotr(x,n) | |
| 251 | #define ROLc(x,n) _lrotl(x,n) | |
| 247 | #pragma intrinsic(_rotr,_rotl) | |
| 248 | #define ROR(x,n) _rotr(x,n) | |
| 249 | #define ROL(x,n) _rotl(x,n) | |
| 250 | #define RORc(x,n) ROR(x,n) | |
| 251 | #define ROLc(x,n) ROL(x,n) | |
| 252 | ||
| 253 | #elif defined(LTC_HAVE_ROTATE_BUILTIN) | |
| 254 | #define LTC_ROx_BUILTIN | |
| 255 | ||
| 256 | #define ROR(x,n) __builtin_rotateright32(x,n) | |
| 257 | #define ROL(x,n) __builtin_rotateleft32(x,n) | |
| 258 | #define ROLc(x,n) ROL(x,n) | |
| 259 | #define RORc(x,n) ROR(x,n) | |
| 252 | 260 | |
| 253 | 261 | #elif !defined(__STRICT_ANSI__) && defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC) && !defined(LTC_NO_ASM) |
| 254 | 262 | #define LTC_ROx_ASM |
| 352 | 360 | |
| 353 | 361 | |
| 354 | 362 | /* 64-bit Rotates */ |
| 355 | #if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(_WIN64) && !defined(LTC_NO_ASM) | |
| 363 | #if defined(_MSC_VER) | |
| 364 | ||
| 365 | /* instrinsic rotate */ | |
| 366 | #include <stdlib.h> | |
| 367 | #pragma intrinsic(_rotr64,_rotr64) | |
| 368 | #define ROR64(x,n) _rotr64(x,n) | |
| 369 | #define ROL64(x,n) _rotl64(x,n) | |
| 370 | #define ROR64c(x,n) ROR64(x,n) | |
| 371 | #define ROL64c(x,n) ROL64(x,n) | |
| 372 | ||
| 373 | #elif defined(LTC_HAVE_ROTATE_BUILTIN) | |
| 374 | ||
| 375 | #define ROR64(x,n) __builtin_rotateright64(x,n) | |
| 376 | #define ROL64(x,n) __builtin_rotateleft64(x,n) | |
| 377 | #define ROR64c(x,n) ROR64(x,n) | |
| 378 | #define ROL64c(x,n) ROL64(x,n) | |
| 379 | ||
| 380 | #elif !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(INTEL_CC) && !defined(LTC_NO_ASM) | |
| 356 | 381 | |
| 357 | 382 | static inline ulong64 ROL64(ulong64 word, int i) |
| 358 | 383 | { |
| 58 | 58 | unsigned char *out, unsigned long *outlen); |
| 59 | 59 | #endif |
| 60 | 60 | |
| 61 | #ifdef LTC_BCRYPT | |
| 62 | int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len, | |
| 63 | const unsigned char *salt, unsigned long salt_len, | |
| 64 | unsigned int rounds, int hash_idx, | |
| 65 | unsigned char *out, unsigned long *outlen); | |
| 66 | #endif | |
| 67 | ||
| 61 | 68 | /* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */ |
| 62 | 69 | #ifdef LTC_HKDF |
| 63 | 70 | |
| 101 | 108 | int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size); |
| 102 | 109 | |
| 103 | 110 | #ifdef LTM_DESC |
| 104 | LTC_DEPRECATED void init_LTM(void); | |
| 111 | LTC_DEPRECATED(crypt_mp_init) void init_LTM(void); | |
| 105 | 112 | #endif |
| 106 | 113 | #ifdef TFM_DESC |
| 107 | LTC_DEPRECATED void init_TFM(void); | |
| 114 | LTC_DEPRECATED(crypt_mp_init) void init_TFM(void); | |
| 108 | 115 | #endif |
| 109 | 116 | #ifdef GMP_DESC |
| 110 | LTC_DEPRECATED void init_GMP(void); | |
| 117 | LTC_DEPRECATED(crypt_mp_init) void init_GMP(void); | |
| 111 | 118 | #endif |
| 112 | 119 | int crypt_mp_init(const char* mpi); |
| 113 | 120 | |
| 155 | 162 | |
| 156 | 163 | #ifdef LTC_SSH |
| 157 | 164 | typedef enum ssh_data_type_ { |
| 165 | LTC_SSHDATA_EOL, | |
| 158 | 166 | LTC_SSHDATA_BYTE, |
| 159 | 167 | LTC_SSHDATA_BOOLEAN, |
| 160 | 168 | LTC_SSHDATA_UINT32, |
| 162 | 170 | LTC_SSHDATA_STRING, |
| 163 | 171 | LTC_SSHDATA_MPINT, |
| 164 | 172 | LTC_SSHDATA_NAMELIST, |
| 165 | LTC_SSHDATA_EOL | |
| 166 | 173 | } ssh_data_type; |
| 167 | 174 | |
| 168 | 175 | /* VA list handy helpers with tuples of <type, data> */ |
| 169 | 176 | int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...); |
| 170 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...); | |
| 177 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...); | |
| 171 | 178 | #endif /* LTC_SSH */ |
| 172 | 179 | |
| 173 | 180 | int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which); |
| 323 | 323 | int recid, ecc_signature_type sigformat, ecc_key *key); |
| 324 | 324 | |
| 325 | 325 | #endif |
| 326 | ||
| 327 | #ifdef LTC_CURVE25519 | |
| 328 | ||
| 329 | typedef struct { | |
| 330 | /** The key type, PK_PRIVATE or PK_PUBLIC */ | |
| 331 | enum public_key_type type; | |
| 332 | ||
| 333 | /** The PK-algorithm, PKA_ED25519 or PKA_X25519 */ | |
| 334 | /** This was supposed to be: | |
| 335 | * enum public_key_algorithms algo; | |
| 336 | * but that enum is now in tomcrypt_private.h | |
| 337 | */ | |
| 338 | int algo; | |
| 339 | ||
| 340 | /** The private key */ | |
| 341 | unsigned char priv[32]; | |
| 342 | ||
| 343 | /** The public key */ | |
| 344 | unsigned char pub[32]; | |
| 345 | } curve25519_key; | |
| 346 | ||
| 347 | ||
| 348 | /** Ed25519 Signature API */ | |
| 349 | int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key); | |
| 350 | ||
| 351 | int ed25519_set_key(const unsigned char *sk, unsigned long sklen, | |
| 352 | const unsigned char *pk, unsigned long pklen, | |
| 353 | curve25519_key *key); | |
| 354 | ||
| 355 | int ed25519_export( unsigned char *out, unsigned long *outlen, | |
| 356 | int which, | |
| 357 | const curve25519_key *key); | |
| 358 | ||
| 359 | int ed25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key); | |
| 360 | int ed25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key); | |
| 361 | int ed25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
| 362 | const void *pwd, unsigned long pwdlen, | |
| 363 | curve25519_key *key); | |
| 364 | ||
| 365 | int ed25519_sign(const unsigned char *msg, unsigned long msglen, | |
| 366 | unsigned char *sig, unsigned long *siglen, | |
| 367 | const curve25519_key *private_key); | |
| 368 | ||
| 369 | int ed25519_verify(const unsigned char *msg, unsigned long msglen, | |
| 370 | const unsigned char *sig, unsigned long siglen, | |
| 371 | int *stat, const curve25519_key *public_key); | |
| 372 | ||
| 373 | /** X25519 Key-Exchange API */ | |
| 374 | int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key); | |
| 375 | ||
| 376 | int x25519_set_key(const unsigned char *k, unsigned long klen, | |
| 377 | const unsigned char *u, unsigned long ulen, | |
| 378 | curve25519_key *key); | |
| 379 | ||
| 380 | int x25519_export( unsigned char *out, unsigned long *outlen, | |
| 381 | int which, | |
| 382 | const curve25519_key *key); | |
| 383 | ||
| 384 | int x25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key); | |
| 385 | int x25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key); | |
| 386 | int x25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
| 387 | const void *pwd, unsigned long pwdlen, | |
| 388 | curve25519_key *key); | |
| 389 | ||
| 390 | int x25519_shared_secret(const curve25519_key *private_key, | |
| 391 | const curve25519_key *public_key, | |
| 392 | unsigned char *out, unsigned long *outlen); | |
| 393 | ||
| 394 | #endif /* LTC_CURVE25519 */ | |
| 326 | 395 | |
| 327 | 396 | #ifdef LTC_MDSA |
| 328 | 397 |
| 22 | 22 | PKA_RSA, |
| 23 | 23 | PKA_DSA, |
| 24 | 24 | PKA_EC, |
| 25 | PKA_EC_PRIMEF | |
| 25 | PKA_EC_PRIMEF, | |
| 26 | PKA_X25519, | |
| 27 | PKA_ED25519, | |
| 26 | 28 | }; |
| 27 | 29 | |
| 28 | 30 | /* |
| 68 | 70 | /* |
| 69 | 71 | * Internal functions |
| 70 | 72 | */ |
| 73 | ||
| 74 | ||
| 75 | /* tomcrypt_cipher.h */ | |
| 76 | ||
| 77 | void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey); | |
| 78 | int blowfish_expand(const unsigned char *key, int keylen, | |
| 79 | const unsigned char *data, int datalen, | |
| 80 | symmetric_key *skey); | |
| 81 | int blowfish_setup_with_data(const unsigned char *key, int keylen, | |
| 82 | const unsigned char *data, int datalen, | |
| 83 | symmetric_key *skey); | |
| 71 | 84 | |
| 72 | 85 | /* tomcrypt_hash.h */ |
| 73 | 86 | |
| 212 | 225 | int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen); |
| 213 | 226 | |
| 214 | 227 | /* ---- DH Routines ---- */ |
| 228 | #ifdef LTC_MRSA | |
| 229 | int rsa_init(rsa_key *key); | |
| 230 | void rsa_shrink_key(rsa_key *key); | |
| 231 | #endif /* LTC_MRSA */ | |
| 232 | ||
| 233 | /* ---- DH Routines ---- */ | |
| 215 | 234 | #ifdef LTC_MDH |
| 216 | 235 | extern const ltc_dh_set_type ltc_dh_sets[]; |
| 217 | 236 | |
| 295 | 314 | int dsa_int_validate_pqg(const dsa_key *key, int *stat); |
| 296 | 315 | int dsa_int_validate_primes(const dsa_key *key, int *stat); |
| 297 | 316 | #endif /* LTC_MDSA */ |
| 317 | ||
| 318 | ||
| 319 | #ifdef LTC_CURVE25519 | |
| 320 | ||
| 321 | int tweetnacl_crypto_sign( | |
| 322 | unsigned char *sm,unsigned long long *smlen, | |
| 323 | const unsigned char *m,unsigned long long mlen, | |
| 324 | const unsigned char *sk, const unsigned char *pk); | |
| 325 | int tweetnacl_crypto_sign_open( | |
| 326 | int *stat, | |
| 327 | unsigned char *m,unsigned long long *mlen, | |
| 328 | const unsigned char *sm,unsigned long long smlen, | |
| 329 | const unsigned char *pk); | |
| 330 | int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, unsigned char *pk,unsigned char *sk); | |
| 331 | int tweetnacl_crypto_sk_to_pk(unsigned char *pk, const unsigned char *sk); | |
| 332 | int tweetnacl_crypto_scalarmult(unsigned char *q, const unsigned char *n, const unsigned char *p); | |
| 333 | int tweetnacl_crypto_scalarmult_base(unsigned char *q,const unsigned char *n); | |
| 334 | ||
| 335 | typedef int (*sk_to_pk)(unsigned char *pk ,const unsigned char *sk); | |
| 336 | int ec25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
| 337 | const void *pwd, unsigned long pwdlen, | |
| 338 | enum ltc_oid_id id, sk_to_pk fp, | |
| 339 | curve25519_key *key); | |
| 340 | int ec25519_export( unsigned char *out, unsigned long *outlen, | |
| 341 | int which, | |
| 342 | const curve25519_key *key); | |
| 343 | #endif /* LTC_CURVE25519 */ | |
| 298 | 344 | |
| 299 | 345 | #ifdef LTC_DER |
| 300 | 346 | |
| 14 | 14 | #include <tommath.h> |
| 15 | 15 | |
| 16 | 16 | static const struct { |
| 17 | int mpi_code, ltc_code; | |
| 17 | mp_err mpi_code; | |
| 18 | int ltc_code; | |
| 18 | 19 | } mpi_to_ltc_codes[] = { |
| 19 | 20 | { MP_OKAY , CRYPT_OK}, |
| 20 | 21 | { MP_MEM , CRYPT_MEM}, |
| 21 | 22 | { MP_VAL , CRYPT_INVALID_ARG}, |
| 23 | #if defined(MP_BUF) || defined(MP_USE_ENUMS) | |
| 24 | { MP_ITER , CRYPT_INVALID_PACKET}, | |
| 25 | { MP_BUF , CRYPT_BUFFER_OVERFLOW}, | |
| 26 | #endif | |
| 22 | 27 | }; |
| 23 | 28 | |
| 24 | 29 | /** |
| 26 | 31 | @param err The error to convert |
| 27 | 32 | @return The equivalent LTC error code or CRYPT_ERROR if none found |
| 28 | 33 | */ |
| 29 | static int mpi_to_ltc_error(int err) | |
| 30 | { | |
| 31 | int x; | |
| 32 | ||
| 33 | for (x = 0; x < (int)(sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0])); x++) { | |
| 34 | static int mpi_to_ltc_error(mp_err err) | |
| 35 | { | |
| 36 | size_t x; | |
| 37 | ||
| 38 | for (x = 0; x < sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0]); x++) { | |
| 34 | 39 | if (err == mpi_to_ltc_codes[x].mpi_code) { |
| 35 | 40 | return mpi_to_ltc_codes[x].ltc_code; |
| 36 | 41 | } |
| 38 | 43 | return CRYPT_ERROR; |
| 39 | 44 | } |
| 40 | 45 | |
| 41 | static int init(void **a) | |
| 42 | { | |
| 43 | int err; | |
| 44 | ||
| 46 | static int init_mpi(void **a) | |
| 47 | { | |
| 45 | 48 | LTC_ARGCHK(a != NULL); |
| 46 | 49 | |
| 47 | 50 | *a = XCALLOC(1, sizeof(mp_int)); |
| 48 | 51 | if (*a == NULL) { |
| 49 | 52 | return CRYPT_MEM; |
| 50 | } | |
| 51 | ||
| 53 | } else { | |
| 54 | return CRYPT_OK; | |
| 55 | } | |
| 56 | } | |
| 57 | ||
| 58 | static int init(void **a) | |
| 59 | { | |
| 60 | int err; | |
| 61 | ||
| 62 | LTC_ARGCHK(a != NULL); | |
| 63 | ||
| 64 | if ((err = init_mpi(a)) != CRYPT_OK) { | |
| 65 | return err; | |
| 66 | } | |
| 52 | 67 | if ((err = mpi_to_ltc_error(mp_init(*a))) != CRYPT_OK) { |
| 53 | 68 | XFREE(*a); |
| 54 | 69 | } |
| 78 | 93 | |
| 79 | 94 | static int init_copy(void **a, void *b) |
| 80 | 95 | { |
| 81 | if (init(a) != CRYPT_OK) { | |
| 82 | return CRYPT_MEM; | |
| 83 | } | |
| 84 | return copy(b, *a); | |
| 96 | int err; | |
| 97 | LTC_ARGCHK(a != NULL); | |
| 98 | LTC_ARGCHK(b != NULL); | |
| 99 | if ((err = init_mpi(a)) != CRYPT_OK) return err; | |
| 100 | return mpi_to_ltc_error(mp_init_copy(*a, b)); | |
| 85 | 101 | } |
| 86 | 102 | |
| 87 | 103 | /* ---- trivial ---- */ |
| 124 | 140 | |
| 125 | 141 | static int compare(void *a, void *b) |
| 126 | 142 | { |
| 127 | int ret; | |
| 128 | LTC_ARGCHK(a != NULL); | |
| 129 | LTC_ARGCHK(b != NULL); | |
| 130 | ret = mp_cmp(a, b); | |
| 131 | switch (ret) { | |
| 143 | LTC_ARGCHK(a != NULL); | |
| 144 | LTC_ARGCHK(b != NULL); | |
| 145 | switch (mp_cmp(a, b)) { | |
| 132 | 146 | case MP_LT: return LTC_MP_LT; |
| 133 | 147 | case MP_EQ: return LTC_MP_EQ; |
| 134 | 148 | case MP_GT: return LTC_MP_GT; |
| 138 | 152 | |
| 139 | 153 | static int compare_d(void *a, ltc_mp_digit b) |
| 140 | 154 | { |
| 141 | int ret; | |
| 142 | LTC_ARGCHK(a != NULL); | |
| 143 | ret = mp_cmp_d(a, b); | |
| 144 | switch (ret) { | |
| 155 | LTC_ARGCHK(a != NULL); | |
| 156 | switch (mp_cmp_d(a, b)) { | |
| 145 | 157 | case MP_LT: return LTC_MP_LT; |
| 146 | 158 | case MP_EQ: return LTC_MP_EQ; |
| 147 | 159 | case MP_GT: return LTC_MP_GT; |
| 183 | 195 | { |
| 184 | 196 | LTC_ARGCHK(a != NULL); |
| 185 | 197 | LTC_ARGCHK(b != NULL); |
| 198 | #ifdef BN_MP_TORADIX_C | |
| 186 | 199 | return mpi_to_ltc_error(mp_toradix(a, b, radix)); |
| 200 | #else | |
| 201 | return mpi_to_ltc_error(mp_to_radix(a, b, SIZE_MAX, NULL, radix)); | |
| 202 | #endif | |
| 187 | 203 | } |
| 188 | 204 | |
| 189 | 205 | /* get size as unsigned char string */ |
| 190 | 206 | static unsigned long unsigned_size(void *a) |
| 191 | 207 | { |
| 192 | 208 | LTC_ARGCHK(a != NULL); |
| 209 | #ifdef BN_MP_UNSIGNED_BIN_SIZE_C | |
| 193 | 210 | return mp_unsigned_bin_size(a); |
| 211 | #else | |
| 212 | return (unsigned long)mp_ubin_size(a); | |
| 213 | #endif | |
| 194 | 214 | } |
| 195 | 215 | |
| 196 | 216 | /* store */ |
| 198 | 218 | { |
| 199 | 219 | LTC_ARGCHK(a != NULL); |
| 200 | 220 | LTC_ARGCHK(b != NULL); |
| 221 | #ifdef BN_MP_TO_UNSIGNED_BIN_C | |
| 201 | 222 | return mpi_to_ltc_error(mp_to_unsigned_bin(a, b)); |
| 223 | #else | |
| 224 | return mpi_to_ltc_error(mp_to_ubin(a, b, SIZE_MAX, NULL)); | |
| 225 | #endif | |
| 202 | 226 | } |
| 203 | 227 | |
| 204 | 228 | /* read */ |
| 206 | 230 | { |
| 207 | 231 | LTC_ARGCHK(a != NULL); |
| 208 | 232 | LTC_ARGCHK(b != NULL); |
| 233 | #ifdef BN_MP_READ_UNSIGNED_BIN_C | |
| 209 | 234 | return mpi_to_ltc_error(mp_read_unsigned_bin(a, b, len)); |
| 235 | #else | |
| 236 | return mpi_to_ltc_error(mp_from_ubin(a, b, (size_t)len)); | |
| 237 | #endif | |
| 210 | 238 | } |
| 211 | 239 | |
| 212 | 240 | /* add */ |
| 117 | 117 | unsigned char out[4]; |
| 118 | 118 | adler32_state ctx; |
| 119 | 119 | adler32_init(&ctx); |
| 120 | adler32_update(&ctx, in, strlen(in)); | |
| 120 | adler32_update(&ctx, in, XSTRLEN(in)); | |
| 121 | 121 | adler32_finish(&ctx, out, 4); |
| 122 | 122 | if (compare_testvector(adler32, 4, out, 4, "adler32", 0)) { |
| 123 | 123 | return CRYPT_FAIL_TESTVECTOR; |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file bcrypt.c | |
| 12 | bcrypt pbkdf, Steffen Jaeckel | |
| 13 | */ | |
| 14 | #ifdef LTC_BCRYPT | |
| 15 | ||
| 16 | #define BCRYPT_WORDS 8 | |
| 17 | #define BCRYPT_HASHSIZE (BCRYPT_WORDS * 4) | |
| 18 | ||
| 19 | static int _bcrypt_hash(const unsigned char *pt, | |
| 20 | const unsigned char *pass, unsigned long passlen, | |
| 21 | const unsigned char *salt, unsigned long saltlen, | |
| 22 | unsigned char *out, unsigned long *outlen) | |
| 23 | { | |
| 24 | symmetric_key key; | |
| 25 | int err, n; | |
| 26 | ulong32 ct[BCRYPT_WORDS]; | |
| 27 | ||
| 28 | if ((err = blowfish_setup_with_data(pass, passlen, salt, saltlen, &key)) != CRYPT_OK) { | |
| 29 | return err; | |
| 30 | } | |
| 31 | for (n = 0; n < 64; ++n) { | |
| 32 | if ((err = blowfish_expand(salt, saltlen, NULL, 0, &key)) != CRYPT_OK) { | |
| 33 | return err; | |
| 34 | } | |
| 35 | if ((err = blowfish_expand(pass, passlen, NULL, 0, &key)) != CRYPT_OK) { | |
| 36 | return err; | |
| 37 | } | |
| 38 | } | |
| 39 | ||
| 40 | for (n = 0; n < BCRYPT_WORDS; ++n) { | |
| 41 | LOAD32H(ct[n], &pt[n*4]); | |
| 42 | } | |
| 43 | ||
| 44 | for (n = 0; n < 64; ++n) { | |
| 45 | blowfish_enc(ct, BCRYPT_WORDS/2, &key); | |
| 46 | } | |
| 47 | ||
| 48 | for (n = 0; n < BCRYPT_WORDS; ++n) { | |
| 49 | STORE32L(ct[n], &out[4 * n]); | |
| 50 | } | |
| 51 | *outlen = sizeof(ct); | |
| 52 | #ifdef LTC_CLEAN_STACK | |
| 53 | zeromem(&key, sizeof(key)); | |
| 54 | zeromem(ct, sizeof(ct)); | |
| 55 | #endif | |
| 56 | ||
| 57 | return CRYPT_OK; | |
| 58 | } | |
| 59 | ||
| 60 | static int _bcrypt_pbkdf_hash(const unsigned char *pass, unsigned long passlen, | |
| 61 | const unsigned char *salt, unsigned long saltlen, | |
| 62 | unsigned char *out, unsigned long *outlen) | |
| 63 | { | |
| 64 | const unsigned char pt[] = "OxychromaticBlowfishSwatDynamite"; | |
| 65 | return _bcrypt_hash(pt, pass, passlen, salt, saltlen, out, outlen); | |
| 66 | } | |
| 67 | ||
| 68 | /** | |
| 69 | Compatible to bcrypt_pbkdf() as provided in OpenBSD | |
| 70 | @param password The input password (or key) | |
| 71 | @param password_len The length of the password (octets) | |
| 72 | @param salt The salt (or nonce) | |
| 73 | @param salt_len The length of the salt (octets) | |
| 74 | @param rounds # of iterations desired [read specs for more] | |
| 75 | @param hash_idx The index of the hash desired | |
| 76 | @param out [out] The destination for this algorithm | |
| 77 | @param outlen [in/out] The desired size of the algorithm output | |
| 78 | @return CRYPT_OK if successful | |
| 79 | */ | |
| 80 | int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len, | |
| 81 | const unsigned char *salt, unsigned long salt_len, | |
| 82 | unsigned int rounds, int hash_idx, | |
| 83 | unsigned char *out, unsigned long *outlen) | |
| 84 | { | |
| 85 | int err; | |
| 86 | ulong32 blkno; | |
| 87 | unsigned long left, itts, x, y, hashed_pass_len, step_size, steps, dest, used_rounds; | |
| 88 | unsigned char *buf[3], blkbuf[4]; | |
| 89 | unsigned char *hashed_pass; | |
| 90 | ||
| 91 | LTC_ARGCHK(secret != NULL); | |
| 92 | LTC_ARGCHK(salt != NULL); | |
| 93 | LTC_ARGCHK(out != NULL); | |
| 94 | LTC_ARGCHK(outlen != NULL); | |
| 95 | ||
| 96 | if ((secret_len == 0) || (salt_len == 0) || (*outlen == 0)) { | |
| 97 | return CRYPT_INVALID_ARG; | |
| 98 | } | |
| 99 | /* test hash IDX */ | |
| 100 | if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { | |
| 101 | return err; | |
| 102 | } | |
| 103 | /* set default value for rounds if not given */ | |
| 104 | if (rounds == 0) { | |
| 105 | used_rounds = LTC_BCRYPT_DEFAULT_ROUNDS; | |
| 106 | } else { | |
| 107 | used_rounds = rounds; | |
| 108 | } | |
| 109 | ||
| 110 | buf[0] = XMALLOC(MAXBLOCKSIZE * 3); | |
| 111 | hashed_pass = XMALLOC(MAXBLOCKSIZE); | |
| 112 | if (buf[0] == NULL || hashed_pass == NULL) { | |
| 113 | if (hashed_pass != NULL) { | |
| 114 | XFREE(hashed_pass); | |
| 115 | } | |
| 116 | if (buf[0] != NULL) { | |
| 117 | XFREE(buf[0]); | |
| 118 | } | |
| 119 | return CRYPT_MEM; | |
| 120 | } | |
| 121 | /* buf[1] points to the second block of MAXBLOCKSIZE bytes */ | |
| 122 | buf[1] = buf[0] + MAXBLOCKSIZE; | |
| 123 | buf[2] = buf[1] + MAXBLOCKSIZE; | |
| 124 | ||
| 125 | step_size = (*outlen + BCRYPT_HASHSIZE - 1) / BCRYPT_HASHSIZE; | |
| 126 | steps = (*outlen + step_size - 1) / step_size; | |
| 127 | ||
| 128 | hashed_pass_len = MAXBLOCKSIZE; | |
| 129 | if ((err = hash_memory(hash_idx, (unsigned char*)secret, secret_len, hashed_pass, &hashed_pass_len)) != CRYPT_OK) { | |
| 130 | goto LBL_ERR; | |
| 131 | } | |
| 132 | ||
| 133 | left = *outlen; | |
| 134 | blkno = 0; | |
| 135 | while (left != 0) { | |
| 136 | /* increment and store current block number */ | |
| 137 | ++blkno; | |
| 138 | STORE32H(blkno, blkbuf); | |
| 139 | ||
| 140 | /* process block number blkno */ | |
| 141 | zeromem(buf[0], MAXBLOCKSIZE*2); | |
| 142 | ||
| 143 | x = MAXBLOCKSIZE; | |
| 144 | if ((err = hash_memory_multi(hash_idx, buf[0], &x, | |
| 145 | salt, salt_len, | |
| 146 | blkbuf, 4uL, | |
| 147 | NULL, 0)) != CRYPT_OK) { | |
| 148 | goto LBL_ERR; | |
| 149 | } | |
| 150 | y = MAXBLOCKSIZE; | |
| 151 | if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) { | |
| 152 | goto LBL_ERR; | |
| 153 | } | |
| 154 | XMEMCPY(buf[2], buf[1], y); | |
| 155 | ||
| 156 | /* now compute repeated and XOR it in buf[2] */ | |
| 157 | for (itts = 1; itts < used_rounds; ++itts) { | |
| 158 | x = MAXBLOCKSIZE; | |
| 159 | if ((err = hash_memory(hash_idx, buf[1], y, buf[0], &x)) != CRYPT_OK) { | |
| 160 | goto LBL_ERR; | |
| 161 | } | |
| 162 | y = MAXBLOCKSIZE; | |
| 163 | if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) { | |
| 164 | goto LBL_ERR; | |
| 165 | } | |
| 166 | for (x = 0; x < y; x++) { | |
| 167 | buf[2][x] ^= buf[1][x]; | |
| 168 | } | |
| 169 | } | |
| 170 | ||
| 171 | /* now emit upto `steps` bytes of buf[2] to output */ | |
| 172 | steps = MIN(steps, left); | |
| 173 | for (y = 0; y < steps; ++y) { | |
| 174 | dest = y * step_size + (blkno - 1); | |
| 175 | if (dest >= *outlen) | |
| 176 | break; | |
| 177 | out[dest] = buf[2][y]; | |
| 178 | } | |
| 179 | left -= y; | |
| 180 | } | |
| 181 | ||
| 182 | err = CRYPT_OK; | |
| 183 | LBL_ERR: | |
| 184 | #ifdef LTC_CLEAN_STACK | |
| 185 | zeromem(buf[0], MAXBLOCKSIZE*3); | |
| 186 | zeromem(hashed_pass, MAXBLOCKSIZE); | |
| 187 | #endif | |
| 188 | ||
| 189 | XFREE(hashed_pass); | |
| 190 | XFREE(buf[0]); | |
| 191 | ||
| 192 | return err; | |
| 193 | } | |
| 194 | ||
| 195 | #endif | |
| 196 | ||
| 197 | ||
| 198 | /* ref: $Format:%D$ */ | |
| 199 | /* git commit: $Format:%H$ */ | |
| 200 | /* commit time: $Format:%ai$ */ |
| 187 | 187 | unsigned char out[4]; |
| 188 | 188 | crc32_state ctx; |
| 189 | 189 | crc32_init(&ctx); |
| 190 | crc32_update(&ctx, in, strlen(in)); | |
| 190 | crc32_update(&ctx, in, XSTRLEN(in)); | |
| 191 | 191 | crc32_finish(&ctx, out, 4); |
| 192 | 192 | if (compare_testvector(crc32, 4, out, 4, "CRC32", 0)) { |
| 193 | 193 | return CRYPT_FAIL_TESTVECTOR; |
| 127 | 127 | #if defined(LTC_SERPENT) |
| 128 | 128 | " Serpent\n" |
| 129 | 129 | #endif |
| 130 | #if defined(LTC_TEA) | |
| 131 | " TEA\n" | |
| 132 | #endif | |
| 130 | 133 | "Stream ciphers built-in:\n" |
| 131 | 134 | #if defined(LTC_CHACHA) |
| 132 | 135 | " ChaCha\n" |
| 352 | 355 | #if defined(LTC_MDSA) |
| 353 | 356 | " DSA\n" |
| 354 | 357 | #endif |
| 358 | #if defined(LTC_CURVE25519) | |
| 359 | #if defined(LTC_CURVE25519) | |
| 360 | " Ed25519\n" | |
| 361 | #endif | |
| 362 | #if defined(LTC_CURVE25519) | |
| 363 | " X25519\n" | |
| 364 | #endif | |
| 365 | #endif | |
| 355 | 366 | #if defined(LTC_PK_MAX_RETRIES) |
| 356 | 367 | " "NAME_VALUE(LTC_PK_MAX_RETRIES)"\n" |
| 357 | 368 | #endif |
| 422 | 433 | #if defined(LTC_BASE16) |
| 423 | 434 | " BASE16 " |
| 424 | 435 | #endif |
| 436 | #if defined(LTC_BCRYPT) | |
| 437 | " BCRYPT " | |
| 438 | " " NAME_VALUE(LTC_BCRYPT_DEFAULT_ROUNDS) " " | |
| 439 | #endif | |
| 425 | 440 | #if defined(LTC_CRC32) |
| 426 | 441 | " CRC32 " |
| 427 | 442 | #endif |
| 505 | 520 | #if defined(LTC_NO_ASM) |
| 506 | 521 | " LTC_NO_ASM " |
| 507 | 522 | #endif |
| 508 | #if defined(LTC_ROx_ASM) | |
| 523 | #if defined(LTC_ROx_BUILTIN) | |
| 524 | " LTC_ROx_BUILTIN " | |
| 525 | #elif defined(LTC_ROx_ASM) | |
| 509 | 526 | " LTC_ROx_ASM " |
| 510 | 527 | #if defined(LTC_NO_ROLC) |
| 511 | 528 | " LTC_NO_ROLC " |
| 97 | 97 | #ifdef LTC_SERPENT |
| 98 | 98 | REGISTER_CIPHER(&serpent_desc); |
| 99 | 99 | #endif |
| 100 | #ifdef LTC_TEA | |
| 101 | REGISTER_CIPHER(&tea_desc); | |
| 102 | #endif | |
| 100 | 103 | return CRYPT_OK; |
| 101 | 104 | } |
| 102 | 105 |
| 83 | 83 | */ |
| 84 | 84 | int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode) |
| 85 | 85 | { |
| 86 | unsigned long diff, l; | |
| 86 | unsigned long l; | |
| 87 | 87 | enum padding_type type; |
| 88 | 88 | int err; |
| 89 | unsigned char diff; | |
| 89 | 90 | |
| 90 | 91 | LTC_ARGCHK(data != NULL); |
| 91 | 92 | LTC_ARGCHK(padded_length != NULL); |
| 110 | 111 | return CRYPT_BUFFER_OVERFLOW; |
| 111 | 112 | } |
| 112 | 113 | |
| 113 | diff = l - length; | |
| 114 | if (diff > 255) return CRYPT_INVALID_ARG; | |
| 114 | if (l - length > 255) return CRYPT_INVALID_ARG; | |
| 115 | diff = (unsigned char)(l - length); | |
| 115 | 116 | |
| 116 | 117 | switch (type) { |
| 117 | 118 | case LTC_PAD_PKCS7: |
| 119 | 120 | break; |
| 120 | 121 | #ifdef LTC_RNG_GET_BYTES |
| 121 | 122 | case LTC_PAD_ISO_10126: |
| 122 | if (rng_get_bytes(&data[length], diff-1, NULL) != diff-1) { | |
| 123 | if (rng_get_bytes(&data[length], diff-1u, NULL) != diff-1u) { | |
| 123 | 124 | return CRYPT_ERROR_READPRNG; |
| 124 | 125 | } |
| 125 | 126 | data[l-1] = diff; |
| 17 | 17 | |
| 18 | 18 | /** |
| 19 | 19 | Decode a SSH sequence using a VA list |
| 20 | @param in Data to decode | |
| 21 | @param inlen Length of buffer to decode | |
| 22 | @remark <...> is of the form <type, data> (int, void*) except for string <type, data, size> | |
| 20 | @param in The input buffer | |
| 21 | @param inlen [in/out] The length of the input buffer and on output the amount of decoded data | |
| 22 | @remark <...> is of the form <type, data*> (int, <unsigned char*,ulong32*,ulong64*>) except for string&name-list <type, data, size*> (int, void*, unsigned long*) | |
| 23 | 23 | @return CRYPT_OK on success |
| 24 | 24 | */ |
| 25 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) | |
| 25 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...) | |
| 26 | 26 | { |
| 27 | 27 | int err; |
| 28 | 28 | va_list args; |
| 32 | 32 | char *sdata; |
| 33 | 33 | ulong32 *u32data; |
| 34 | 34 | ulong64 *u64data; |
| 35 | unsigned long bufsize; | |
| 35 | unsigned long *bufsize; | |
| 36 | 36 | ulong32 size; |
| 37 | unsigned long remaining; | |
| 37 | 38 | |
| 38 | 39 | LTC_ARGCHK(in != NULL); |
| 40 | LTC_ARGCHK(inlen != NULL); | |
| 39 | 41 | |
| 42 | remaining = *inlen; | |
| 40 | 43 | /* Decode values from buffer */ |
| 41 | 44 | va_start(args, inlen); |
| 42 | 45 | while ((type = (ssh_data_type)va_arg(args, int)) != LTC_SSHDATA_EOL) { |
| 46 | 49 | type == LTC_SSHDATA_MPINT) |
| 47 | 50 | { |
| 48 | 51 | /* Check we'll not read too far */ |
| 49 | if (inlen < 4) { | |
| 52 | if (remaining < 4) { | |
| 50 | 53 | err = CRYPT_BUFFER_OVERFLOW; |
| 51 | 54 | goto error; |
| 52 | 55 | } |
| 70 | 73 | case LTC_SSHDATA_MPINT: |
| 71 | 74 | LOAD32H(size, in); |
| 72 | 75 | in += 4; |
| 73 | inlen -= 4; | |
| 76 | remaining -= 4; | |
| 74 | 77 | break; |
| 75 | 78 | |
| 76 | 79 | case LTC_SSHDATA_EOL: |
| 80 | 83 | } |
| 81 | 84 | |
| 82 | 85 | /* Check we'll not read too far */ |
| 83 | if (inlen < size) { | |
| 86 | if (remaining < size) { | |
| 84 | 87 | err = CRYPT_BUFFER_OVERFLOW; |
| 85 | 88 | goto error; |
| 86 | 89 | } else { |
| 87 | inlen -= size; | |
| 90 | remaining -= size; | |
| 91 | } | |
| 92 | ||
| 93 | vdata = va_arg(args, void*); | |
| 94 | if (vdata == NULL) { | |
| 95 | err = CRYPT_INVALID_ARG; | |
| 96 | goto error; | |
| 88 | 97 | } |
| 89 | 98 | |
| 90 | 99 | /* Read data */ |
| 91 | 100 | switch (type) { |
| 92 | 101 | case LTC_SSHDATA_BYTE: |
| 93 | cdata = va_arg(args, unsigned char*); | |
| 102 | cdata = vdata; | |
| 94 | 103 | *cdata = *in++; |
| 95 | 104 | break; |
| 96 | 105 | case LTC_SSHDATA_BOOLEAN: |
| 97 | cdata = va_arg(args, unsigned char*); | |
| 106 | cdata = vdata; | |
| 98 | 107 | /* |
| 99 | 108 | The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be |
| 100 | 109 | interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1. |
| 101 | */ | |
| 110 | */ | |
| 102 | 111 | *cdata = (*in++)?1:0; |
| 103 | 112 | break; |
| 104 | 113 | case LTC_SSHDATA_UINT32: |
| 105 | u32data = va_arg(args, ulong32*); | |
| 114 | u32data = vdata; | |
| 106 | 115 | LOAD32H(*u32data, in); |
| 107 | 116 | in += 4; |
| 108 | 117 | break; |
| 109 | 118 | case LTC_SSHDATA_UINT64: |
| 110 | u64data = va_arg(args, ulong64*); | |
| 119 | u64data = vdata; | |
| 111 | 120 | LOAD64H(*u64data, in); |
| 112 | 121 | in += 8; |
| 113 | 122 | break; |
| 114 | 123 | case LTC_SSHDATA_STRING: |
| 115 | 124 | case LTC_SSHDATA_NAMELIST: |
| 116 | sdata = va_arg(args, char*); | |
| 117 | bufsize = va_arg(args, unsigned long); | |
| 118 | if (size >= bufsize) { | |
| 125 | sdata = vdata; | |
| 126 | bufsize = va_arg(args, unsigned long*); | |
| 127 | if (bufsize == NULL) { | |
| 128 | err = CRYPT_INVALID_ARG; | |
| 129 | goto error; | |
| 130 | } | |
| 131 | if (size + 1 >= *bufsize) { | |
| 119 | 132 | err = CRYPT_BUFFER_OVERFLOW; |
| 120 | 133 | goto error; |
| 121 | 134 | } |
| 122 | 135 | if (size > 0) { |
| 123 | XSTRNCPY(sdata, (const char *)in, size); | |
| 124 | sdata[size] = '\0'; /* strncpy doesn't NUL-terminate */ | |
| 125 | } else { | |
| 126 | *sdata = '\0'; | |
| 136 | XMEMCPY(sdata, (const char *)in, size); | |
| 127 | 137 | } |
| 138 | sdata[size] = '\0'; | |
| 139 | *bufsize = size; | |
| 128 | 140 | in += size; |
| 129 | 141 | break; |
| 130 | 142 | case LTC_SSHDATA_MPINT: |
| 131 | vdata = va_arg(args, void*); | |
| 132 | 143 | if (size == 0) { |
| 133 | 144 | if ((err = mp_set(vdata, 0)) != CRYPT_OK) { goto error; } |
| 134 | 145 | } else if ((in[0] & 0x80) != 0) { |
| 149 | 160 | } |
| 150 | 161 | err = CRYPT_OK; |
| 151 | 162 | |
| 163 | *inlen -= remaining; | |
| 164 | ||
| 152 | 165 | error: |
| 153 | 166 | va_end(args); |
| 154 | 167 | return err; |
| 19 | 19 | Encode a SSH sequence using a VA list |
| 20 | 20 | @param out [out] Destination for data |
| 21 | 21 | @param outlen [in/out] Length of buffer and resulting length of output |
| 22 | @remark <...> is of the form <type, data> (int, void*) | |
| 22 | @remark <...> is of the form <type, data> (int, <int,ulong32,ulong64>) except for string&name-list <type, data, size> (int, void*, unsigned long) | |
| 23 | 23 | @return CRYPT_OK on success |
| 24 | 24 | */ |
| 25 | 25 | int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) |
| 28 | 28 | va_list args; |
| 29 | 29 | ulong32 size; |
| 30 | 30 | ssh_data_type type; |
| 31 | void *vdata; | |
| 32 | const char *sdata; | |
| 31 | void *vdata; | |
| 32 | const char *sdata; | |
| 33 | 33 | int idata; |
| 34 | 34 | ulong32 u32data; |
| 35 | 35 | ulong64 u64data; |
| 57 | 57 | break; |
| 58 | 58 | case LTC_SSHDATA_STRING: |
| 59 | 59 | case LTC_SSHDATA_NAMELIST: |
| 60 | sdata = va_arg(args, char*); | |
| 60 | LTC_UNUSED_PARAM( va_arg(args, char*) ); | |
| 61 | size += va_arg(args, unsigned long); | |
| 61 | 62 | size += 4; |
| 62 | size += strlen(sdata); | |
| 63 | 63 | break; |
| 64 | 64 | case LTC_SSHDATA_MPINT: |
| 65 | 65 | vdata = va_arg(args, void*); |
| 101 | 101 | /* |
| 102 | 102 | The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be |
| 103 | 103 | interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1. |
| 104 | */ | |
| 104 | */ | |
| 105 | 105 | *out++ = (idata)?1:0; |
| 106 | 106 | break; |
| 107 | 107 | case LTC_SSHDATA_UINT32: |
| 117 | 117 | case LTC_SSHDATA_STRING: |
| 118 | 118 | case LTC_SSHDATA_NAMELIST: |
| 119 | 119 | sdata = va_arg(args, char*); |
| 120 | size = strlen(sdata); | |
| 120 | size = va_arg(args, unsigned long); | |
| 121 | 121 | STORE32H(size, out); |
| 122 | 122 | out += 4; |
| 123 | 123 | XMEMCPY(out, sdata, size); |
| 64 | 64 | /* count number of bytes */ |
| 65 | 65 | for (z = 0; (tmp & 0x80) && (z <= 4); z++, tmp = (tmp << 1) & 0xFF); |
| 66 | 66 | |
| 67 | if (z > 4 || (x + (z - 1) > inlen)) { | |
| 67 | if (z == 1 || z > 4 || (x + (z - 1) > inlen)) { | |
| 68 | 68 | return CRYPT_INVALID_PACKET; |
| 69 | 69 | } |
| 70 | 70 |
| 19 | 19 | { PKA_DSA, "1.2.840.10040.4.1" }, |
| 20 | 20 | { PKA_EC, "1.2.840.10045.2.1" }, |
| 21 | 21 | { PKA_EC_PRIMEF, "1.2.840.10045.1.1" }, |
| 22 | { PKA_X25519, "1.3.101.110" }, | |
| 23 | { PKA_ED25519, "1.3.101.112" }, | |
| 22 | 24 | }; |
| 23 | 25 | |
| 24 | 26 | /* |
| 10 | 10 | |
| 11 | 11 | int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen) |
| 12 | 12 | { |
| 13 | unsigned long i, j, limit, OID_len, oid_j; | |
| 13 | unsigned long i, j, limit, oid_j; | |
| 14 | size_t OID_len; | |
| 14 | 15 | |
| 15 | 16 | LTC_ARGCHK(oidlen != NULL); |
| 16 | 17 | |
| 20 | 21 | |
| 21 | 22 | if (OID == NULL) return CRYPT_OK; |
| 22 | 23 | |
| 23 | OID_len = strlen(OID); | |
| 24 | OID_len = XSTRLEN(OID); | |
| 24 | 25 | if (OID_len == 0) return CRYPT_OK; |
| 25 | 26 | |
| 26 | 27 | for (i = 0, j = 0; i < OID_len; i++) { |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ec25519_export.c | |
| 12 | Generic export of a Curve/Ed25519 key to a binary packet, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Generic export of a Curve/Ed25519 key to a binary packet | |
| 19 | @param out [out] The destination for the key | |
| 20 | @param outlen [in/out] The max size and resulting size of the Ed25519 key | |
| 21 | @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC) | |
| 22 | @param key The key you wish to export | |
| 23 | @return CRYPT_OK if successful | |
| 24 | */ | |
| 25 | int ec25519_export( unsigned char *out, unsigned long *outlen, | |
| 26 | int which, | |
| 27 | const curve25519_key *key) | |
| 28 | { | |
| 29 | int err, std; | |
| 30 | const char* OID; | |
| 31 | unsigned long oid[16], oidlen; | |
| 32 | ltc_asn1_list alg_id[1]; | |
| 33 | unsigned char private_key[34]; | |
| 34 | unsigned long version, private_key_len = sizeof(private_key); | |
| 35 | ||
| 36 | LTC_ARGCHK(out != NULL); | |
| 37 | LTC_ARGCHK(outlen != NULL); | |
| 38 | LTC_ARGCHK(key != NULL); | |
| 39 | ||
| 40 | std = which & PK_STD; | |
| 41 | which &= ~PK_STD; | |
| 42 | ||
| 43 | if (which == PK_PRIVATE) { | |
| 44 | if(key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE; | |
| 45 | ||
| 46 | if (std == PK_STD) { | |
| 47 | if ((err = pk_get_oid(key->algo, &OID)) != CRYPT_OK) { | |
| 48 | return err; | |
| 49 | } | |
| 50 | oidlen = sizeof(oid)/sizeof(oid[0]); | |
| 51 | if ((err = pk_oid_str_to_num(OID, oid, &oidlen)) != CRYPT_OK) { | |
| 52 | return err; | |
| 53 | } | |
| 54 | ||
| 55 | LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, oidlen); | |
| 56 | ||
| 57 | /* encode private key as PKCS#8 */ | |
| 58 | if ((err = der_encode_octet_string(key->priv, 32uL, private_key, &private_key_len)) != CRYPT_OK) { | |
| 59 | return err; | |
| 60 | } | |
| 61 | ||
| 62 | version = 0; | |
| 63 | err = der_encode_sequence_multi(out, outlen, | |
| 64 | LTC_ASN1_SHORT_INTEGER, 1uL, &version, | |
| 65 | LTC_ASN1_SEQUENCE, 1uL, alg_id, | |
| 66 | LTC_ASN1_OCTET_STRING, private_key_len, private_key, | |
| 67 | LTC_ASN1_EOL, 0uL, NULL); | |
| 68 | } else { | |
| 69 | if (*outlen < sizeof(key->priv)) { | |
| 70 | err = CRYPT_BUFFER_OVERFLOW; | |
| 71 | } else { | |
| 72 | XMEMCPY(out, key->priv, sizeof(key->priv)); | |
| 73 | err = CRYPT_OK; | |
| 74 | } | |
| 75 | *outlen = sizeof(key->priv); | |
| 76 | } | |
| 77 | } else { | |
| 78 | if (std == PK_STD) { | |
| 79 | /* encode public key as SubjectPublicKeyInfo */ | |
| 80 | err = x509_encode_subject_public_key_info(out, outlen, key->algo, key->pub, 32uL, LTC_ASN1_EOL, NULL, 0); | |
| 81 | } else { | |
| 82 | if (*outlen < sizeof(key->pub)) { | |
| 83 | err = CRYPT_BUFFER_OVERFLOW; | |
| 84 | } else { | |
| 85 | XMEMCPY(out, key->pub, sizeof(key->pub)); | |
| 86 | err = CRYPT_OK; | |
| 87 | } | |
| 88 | *outlen = sizeof(key->pub); | |
| 89 | } | |
| 90 | } | |
| 91 | ||
| 92 | return err; | |
| 93 | } | |
| 94 | ||
| 95 | #endif | |
| 96 | ||
| 97 | /* ref: $Format:%D$ */ | |
| 98 | /* git commit: $Format:%H$ */ | |
| 99 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ec25519_import_pkcs8.c | |
| 12 | Generic import of a Curve/Ed25519 private key in PKCS#8 format, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Generic import of a Curve/Ed25519 private key in PKCS#8 format | |
| 19 | @param in The DER-encoded PKCS#8-formatted private key | |
| 20 | @param inlen The length of the input data | |
| 21 | @param passwd The password to decrypt the private key | |
| 22 | @param passwdlen Password's length (octets) | |
| 23 | @param key [out] Where to import the key to | |
| 24 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
| 25 | */ | |
| 26 | int ec25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
| 27 | const void *pwd, unsigned long pwdlen, | |
| 28 | enum ltc_oid_id id, sk_to_pk fp, | |
| 29 | curve25519_key *key) | |
| 30 | { | |
| 31 | int err; | |
| 32 | ltc_asn1_list *l = NULL; | |
| 33 | const char *oid; | |
| 34 | ltc_asn1_list alg_id[1]; | |
| 35 | unsigned char private_key[34]; | |
| 36 | unsigned long version, key_len; | |
| 37 | unsigned long tmpoid[16]; | |
| 38 | ||
| 39 | LTC_ARGCHK(in != NULL); | |
| 40 | LTC_ARGCHK(key != NULL); | |
| 41 | LTC_ARGCHK(fp != NULL); | |
| 42 | ||
| 43 | if ((err = pkcs8_decode_flexi(in, inlen, pwd, pwdlen, &l)) == CRYPT_OK) { | |
| 44 | ||
| 45 | LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid) / sizeof(tmpoid[0])); | |
| 46 | ||
| 47 | key_len = sizeof(private_key); | |
| 48 | if ((err = der_decode_sequence_multi(l->data, l->size, | |
| 49 | LTC_ASN1_SHORT_INTEGER, 1uL, &version, | |
| 50 | LTC_ASN1_SEQUENCE, 1uL, alg_id, | |
| 51 | LTC_ASN1_OCTET_STRING, key_len, private_key, | |
| 52 | LTC_ASN1_EOL, 0uL, NULL)) | |
| 53 | != CRYPT_OK) { | |
| 54 | /* If there are attributes added after the private_key it is tagged with version 1 and | |
| 55 | * we get an 'input too long' error but the rest is already decoded and can be | |
| 56 | * handled the same as for version 0 | |
| 57 | */ | |
| 58 | if ((err == CRYPT_INPUT_TOO_LONG) && (version == 1)) { | |
| 59 | version = 0; | |
| 60 | } else { | |
| 61 | goto out; | |
| 62 | } | |
| 63 | } | |
| 64 | ||
| 65 | if ((err = pk_get_oid(id, &oid)) != CRYPT_OK) { | |
| 66 | goto out; | |
| 67 | } | |
| 68 | if ((err = pk_oid_cmp_with_asn1(oid, &alg_id[0])) != CRYPT_OK) { | |
| 69 | goto out; | |
| 70 | } | |
| 71 | ||
| 72 | if (version == 0) { | |
| 73 | key_len = sizeof(key->priv); | |
| 74 | if ((err = der_decode_octet_string(private_key, sizeof(private_key), key->priv, &key_len)) == CRYPT_OK) { | |
| 75 | fp(key->pub, key->priv); | |
| 76 | key->type = PK_PRIVATE; | |
| 77 | key->algo = id; | |
| 78 | } | |
| 79 | } else { | |
| 80 | err = CRYPT_PK_INVALID_TYPE; | |
| 81 | } | |
| 82 | } | |
| 83 | out: | |
| 84 | if (l) der_free_sequence_flexi(l); | |
| 85 | #ifdef LTC_CLEAN_STACK | |
| 86 | zeromem(private_key, sizeof(private_key)); | |
| 87 | #endif | |
| 88 | ||
| 89 | return err; | |
| 90 | } | |
| 91 | ||
| 92 | #endif | |
| 93 | ||
| 94 | /* ref: $Format:%D$ */ | |
| 95 | /* git commit: $Format:%H$ */ | |
| 96 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /* automatically generated file, do not edit */ | |
| 11 | ||
| 12 | #define FOR(i,n) for (i = 0;i < n;++i) | |
| 13 | #define sv static void | |
| 14 | ||
| 15 | typedef unsigned char u8; | |
| 16 | typedef ulong32 u32; | |
| 17 | typedef ulong64 u64; | |
| 18 | typedef long64 i64; | |
| 19 | typedef i64 gf[16]; | |
| 20 | ||
| 21 | static const u8 | |
| 22 | _9[32] = {9}; | |
| 23 | static const gf | |
| 24 | gf0, | |
| 25 | gf1 = {1}, | |
| 26 | _121665 = {0xDB41,1}, | |
| 27 | D = {0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203}, | |
| 28 | D2 = {0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406}, | |
| 29 | X = {0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169}, | |
| 30 | Y = {0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666}, | |
| 31 | I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83}; | |
| 32 | ||
| 33 | static int vn(const u8 *x,const u8 *y,int n) | |
| 34 | { | |
| 35 | int i; | |
| 36 | u32 d = 0; | |
| 37 | FOR(i,n) d |= x[i]^y[i]; | |
| 38 | return (1 & ((d - 1) >> 8)) - 1; | |
| 39 | } | |
| 40 | ||
| 41 | static int tweetnacl_crypto_verify_32(const u8 *x,const u8 *y) | |
| 42 | { | |
| 43 | return vn(x,y,32); | |
| 44 | } | |
| 45 | ||
| 46 | sv set25519(gf r, const gf a) | |
| 47 | { | |
| 48 | int i; | |
| 49 | FOR(i,16) r[i]=a[i]; | |
| 50 | } | |
| 51 | ||
| 52 | sv car25519(gf o) | |
| 53 | { | |
| 54 | int i; | |
| 55 | i64 c; | |
| 56 | FOR(i,16) { | |
| 57 | o[i]+=(1LL<<16); | |
| 58 | c=o[i]>>16; | |
| 59 | o[(i+1)*(i<15)]+=c-1+37*(c-1)*(i==15); | |
| 60 | o[i]-=c<<16; | |
| 61 | } | |
| 62 | } | |
| 63 | ||
| 64 | sv sel25519(gf p,gf q,int b) | |
| 65 | { | |
| 66 | i64 t,i,c=~(b-1); | |
| 67 | FOR(i,16) { | |
| 68 | t= c&(p[i]^q[i]); | |
| 69 | p[i]^=t; | |
| 70 | q[i]^=t; | |
| 71 | } | |
| 72 | } | |
| 73 | ||
| 74 | sv pack25519(u8 *o,const gf n) | |
| 75 | { | |
| 76 | int i,j,b; | |
| 77 | gf m,t; | |
| 78 | FOR(i,16) t[i]=n[i]; | |
| 79 | car25519(t); | |
| 80 | car25519(t); | |
| 81 | car25519(t); | |
| 82 | FOR(j,2) { | |
| 83 | m[0]=t[0]-0xffed; | |
| 84 | for(i=1;i<15;i++) { | |
| 85 | m[i]=t[i]-0xffff-((m[i-1]>>16)&1); | |
| 86 | m[i-1]&=0xffff; | |
| 87 | } | |
| 88 | m[15]=t[15]-0x7fff-((m[14]>>16)&1); | |
| 89 | b=(m[15]>>16)&1; | |
| 90 | m[14]&=0xffff; | |
| 91 | sel25519(t,m,1-b); | |
| 92 | } | |
| 93 | FOR(i,16) { | |
| 94 | o[2*i]=t[i]&0xff; | |
| 95 | o[2*i+1]=t[i]>>8; | |
| 96 | } | |
| 97 | } | |
| 98 | ||
| 99 | static int neq25519(const gf a, const gf b) | |
| 100 | { | |
| 101 | u8 c[32],d[32]; | |
| 102 | pack25519(c,a); | |
| 103 | pack25519(d,b); | |
| 104 | return tweetnacl_crypto_verify_32(c,d); | |
| 105 | } | |
| 106 | ||
| 107 | static u8 par25519(const gf a) | |
| 108 | { | |
| 109 | u8 d[32]; | |
| 110 | pack25519(d,a); | |
| 111 | return d[0]&1; | |
| 112 | } | |
| 113 | ||
| 114 | sv unpack25519(gf o, const u8 *n) | |
| 115 | { | |
| 116 | int i; | |
| 117 | FOR(i,16) o[i]=n[2*i]+((i64)n[2*i+1]<<8); | |
| 118 | o[15]&=0x7fff; | |
| 119 | } | |
| 120 | ||
| 121 | sv A(gf o,const gf a,const gf b) | |
| 122 | { | |
| 123 | int i; | |
| 124 | FOR(i,16) o[i]=a[i]+b[i]; | |
| 125 | } | |
| 126 | ||
| 127 | sv Z(gf o,const gf a,const gf b) | |
| 128 | { | |
| 129 | int i; | |
| 130 | FOR(i,16) o[i]=a[i]-b[i]; | |
| 131 | } | |
| 132 | ||
| 133 | sv M(gf o,const gf a,const gf b) | |
| 134 | { | |
| 135 | i64 i,j,t[31]; | |
| 136 | FOR(i,31) t[i]=0; | |
| 137 | FOR(i,16) FOR(j,16) t[i+j]+=a[i]*b[j]; | |
| 138 | FOR(i,15) t[i]+=38*t[i+16]; | |
| 139 | FOR(i,16) o[i]=t[i]; | |
| 140 | car25519(o); | |
| 141 | car25519(o); | |
| 142 | } | |
| 143 | ||
| 144 | sv S(gf o,const gf a) | |
| 145 | { | |
| 146 | M(o,a,a); | |
| 147 | } | |
| 148 | ||
| 149 | sv inv25519(gf o,const gf i) | |
| 150 | { | |
| 151 | gf c; | |
| 152 | int a; | |
| 153 | FOR(a,16) c[a]=i[a]; | |
| 154 | for(a=253;a>=0;a--) { | |
| 155 | S(c,c); | |
| 156 | if(a!=2&&a!=4) M(c,c,i); | |
| 157 | } | |
| 158 | FOR(a,16) o[a]=c[a]; | |
| 159 | } | |
| 160 | ||
| 161 | sv pow2523(gf o,const gf i) | |
| 162 | { | |
| 163 | gf c; | |
| 164 | int a; | |
| 165 | FOR(a,16) c[a]=i[a]; | |
| 166 | for(a=250;a>=0;a--) { | |
| 167 | S(c,c); | |
| 168 | if(a!=1) M(c,c,i); | |
| 169 | } | |
| 170 | FOR(a,16) o[a]=c[a]; | |
| 171 | } | |
| 172 | ||
| 173 | int tweetnacl_crypto_scalarmult(u8 *q,const u8 *n,const u8 *p) | |
| 174 | { | |
| 175 | u8 z[32]; | |
| 176 | i64 x[80],r,i; | |
| 177 | gf a,b,c,d,e,f; | |
| 178 | FOR(i,31) z[i]=n[i]; | |
| 179 | z[31]=(n[31]&127)|64; | |
| 180 | z[0]&=248; | |
| 181 | unpack25519(x,p); | |
| 182 | FOR(i,16) { | |
| 183 | b[i]=x[i]; | |
| 184 | d[i]=a[i]=c[i]=0; | |
| 185 | } | |
| 186 | a[0]=d[0]=1; | |
| 187 | for(i=254;i>=0;--i) { | |
| 188 | r=(z[i>>3]>>(i&7))&1; | |
| 189 | sel25519(a,b,r); | |
| 190 | sel25519(c,d,r); | |
| 191 | A(e,a,c); | |
| 192 | Z(a,a,c); | |
| 193 | A(c,b,d); | |
| 194 | Z(b,b,d); | |
| 195 | S(d,e); | |
| 196 | S(f,a); | |
| 197 | M(a,c,a); | |
| 198 | M(c,b,e); | |
| 199 | A(e,a,c); | |
| 200 | Z(a,a,c); | |
| 201 | S(b,a); | |
| 202 | Z(c,d,f); | |
| 203 | M(a,c,_121665); | |
| 204 | A(a,a,d); | |
| 205 | M(c,c,a); | |
| 206 | M(a,d,f); | |
| 207 | M(d,b,x); | |
| 208 | S(b,e); | |
| 209 | sel25519(a,b,r); | |
| 210 | sel25519(c,d,r); | |
| 211 | } | |
| 212 | FOR(i,16) { | |
| 213 | x[i+16]=a[i]; | |
| 214 | x[i+32]=c[i]; | |
| 215 | x[i+48]=b[i]; | |
| 216 | x[i+64]=d[i]; | |
| 217 | } | |
| 218 | inv25519(x+32,x+32); | |
| 219 | M(x+16,x+16,x+32); | |
| 220 | pack25519(q,x+16); | |
| 221 | return 0; | |
| 222 | } | |
| 223 | ||
| 224 | int tweetnacl_crypto_scalarmult_base(u8 *q,const u8 *n) | |
| 225 | { | |
| 226 | return tweetnacl_crypto_scalarmult(q,n,_9); | |
| 227 | } | |
| 228 | ||
| 229 | static int tweetnacl_crypto_hash(u8 *out,const u8 *m,u64 n) | |
| 230 | { | |
| 231 | unsigned long len; | |
| 232 | int err, hash_idx; | |
| 233 | ||
| 234 | if (n > ULONG_MAX) return CRYPT_OVERFLOW; | |
| 235 | ||
| 236 | hash_idx = find_hash("sha512"); | |
| 237 | len = 64; | |
| 238 | if ((err = hash_memory(hash_idx, m, n, out, &len)) != CRYPT_OK) return err; | |
| 239 | ||
| 240 | return 0; | |
| 241 | } | |
| 242 | ||
| 243 | sv add(gf p[4],gf q[4]) | |
| 244 | { | |
| 245 | gf a,b,c,d,t,e,f,g,h; | |
| 246 | ||
| 247 | Z(a, p[1], p[0]); | |
| 248 | Z(t, q[1], q[0]); | |
| 249 | M(a, a, t); | |
| 250 | A(b, p[0], p[1]); | |
| 251 | A(t, q[0], q[1]); | |
| 252 | M(b, b, t); | |
| 253 | M(c, p[3], q[3]); | |
| 254 | M(c, c, D2); | |
| 255 | M(d, p[2], q[2]); | |
| 256 | A(d, d, d); | |
| 257 | Z(e, b, a); | |
| 258 | Z(f, d, c); | |
| 259 | A(g, d, c); | |
| 260 | A(h, b, a); | |
| 261 | ||
| 262 | M(p[0], e, f); | |
| 263 | M(p[1], h, g); | |
| 264 | M(p[2], g, f); | |
| 265 | M(p[3], e, h); | |
| 266 | } | |
| 267 | ||
| 268 | sv cswap(gf p[4],gf q[4],u8 b) | |
| 269 | { | |
| 270 | int i; | |
| 271 | FOR(i,4) | |
| 272 | sel25519(p[i],q[i],b); | |
| 273 | } | |
| 274 | ||
| 275 | sv pack(u8 *r,gf p[4]) | |
| 276 | { | |
| 277 | gf tx, ty, zi; | |
| 278 | inv25519(zi, p[2]); | |
| 279 | M(tx, p[0], zi); | |
| 280 | M(ty, p[1], zi); | |
| 281 | pack25519(r, ty); | |
| 282 | r[31] ^= par25519(tx) << 7; | |
| 283 | } | |
| 284 | ||
| 285 | sv scalarmult(gf p[4],gf q[4],const u8 *s) | |
| 286 | { | |
| 287 | int i; | |
| 288 | set25519(p[0],gf0); | |
| 289 | set25519(p[1],gf1); | |
| 290 | set25519(p[2],gf1); | |
| 291 | set25519(p[3],gf0); | |
| 292 | for (i = 255;i >= 0;--i) { | |
| 293 | u8 b = (s[i/8]>>(i&7))&1; | |
| 294 | cswap(p,q,b); | |
| 295 | add(q,p); | |
| 296 | add(p,p); | |
| 297 | cswap(p,q,b); | |
| 298 | } | |
| 299 | } | |
| 300 | ||
| 301 | sv scalarbase(gf p[4],const u8 *s) | |
| 302 | { | |
| 303 | gf q[4]; | |
| 304 | set25519(q[0],X); | |
| 305 | set25519(q[1],Y); | |
| 306 | set25519(q[2],gf1); | |
| 307 | M(q[3],X,Y); | |
| 308 | scalarmult(p,q,s); | |
| 309 | } | |
| 310 | ||
| 311 | int tweetnacl_crypto_sk_to_pk(u8 *pk, const u8 *sk) | |
| 312 | { | |
| 313 | u8 d[64]; | |
| 314 | gf p[4]; | |
| 315 | tweetnacl_crypto_hash(d, sk, 32); | |
| 316 | d[0] &= 248; | |
| 317 | d[31] &= 127; | |
| 318 | d[31] |= 64; | |
| 319 | ||
| 320 | scalarbase(p,d); | |
| 321 | pack(pk,p); | |
| 322 | ||
| 323 | return 0; | |
| 324 | } | |
| 325 | ||
| 326 | int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, u8 *pk, u8 *sk) | |
| 327 | { | |
| 328 | int err; | |
| 329 | ||
| 330 | /* randombytes(sk,32); */ | |
| 331 | if ((err = prng_is_valid(wprng)) != CRYPT_OK) { | |
| 332 | return err; | |
| 333 | } | |
| 334 | ||
| 335 | if (prng_descriptor[wprng].read(sk,32, prng) != 32) { | |
| 336 | return CRYPT_ERROR_READPRNG; | |
| 337 | } | |
| 338 | ||
| 339 | if ((err = tweetnacl_crypto_sk_to_pk(pk, sk)) != CRYPT_OK) { | |
| 340 | return err; | |
| 341 | } | |
| 342 | ||
| 343 | /* FOR(i,32) sk[32 + i] = pk[i]; | |
| 344 | * we don't copy the pk in the sk */ | |
| 345 | return CRYPT_OK; | |
| 346 | } | |
| 347 | ||
| 348 | static const u64 L[32] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10}; | |
| 349 | ||
| 350 | sv modL(u8 *r,i64 x[64]) | |
| 351 | { | |
| 352 | i64 carry,i,j; | |
| 353 | for (i = 63;i >= 32;--i) { | |
| 354 | carry = 0; | |
| 355 | for (j = i - 32;j < i - 12;++j) { | |
| 356 | x[j] += carry - 16 * x[i] * L[j - (i - 32)]; | |
| 357 | carry = (x[j] + 128) >> 8; | |
| 358 | x[j] -= carry << 8; | |
| 359 | } | |
| 360 | x[j] += carry; | |
| 361 | x[i] = 0; | |
| 362 | } | |
| 363 | carry = 0; | |
| 364 | FOR(j,32) { | |
| 365 | x[j] += carry - (x[31] >> 4) * L[j]; | |
| 366 | carry = x[j] >> 8; | |
| 367 | x[j] &= 255; | |
| 368 | } | |
| 369 | FOR(j,32) x[j] -= carry * L[j]; | |
| 370 | FOR(i,32) { | |
| 371 | x[i+1] += x[i] >> 8; | |
| 372 | r[i] = x[i] & 255; | |
| 373 | } | |
| 374 | } | |
| 375 | ||
| 376 | sv reduce(u8 *r) | |
| 377 | { | |
| 378 | i64 x[64],i; | |
| 379 | FOR(i,64) x[i] = (u64) r[i]; | |
| 380 | FOR(i,64) r[i] = 0; | |
| 381 | modL(r,x); | |
| 382 | } | |
| 383 | ||
| 384 | int tweetnacl_crypto_sign(u8 *sm,u64 *smlen,const u8 *m,u64 mlen,const u8 *sk,const u8 *pk) | |
| 385 | { | |
| 386 | u8 d[64],h[64],r[64]; | |
| 387 | i64 i,j,x[64]; | |
| 388 | gf p[4]; | |
| 389 | ||
| 390 | tweetnacl_crypto_hash(d, sk, 32); | |
| 391 | d[0] &= 248; | |
| 392 | d[31] &= 127; | |
| 393 | d[31] |= 64; | |
| 394 | ||
| 395 | *smlen = mlen+64; | |
| 396 | FOR(i,(i64)mlen) sm[64 + i] = m[i]; | |
| 397 | FOR(i,32) sm[32 + i] = d[32 + i]; | |
| 398 | ||
| 399 | tweetnacl_crypto_hash(r, sm+32, mlen+32); | |
| 400 | reduce(r); | |
| 401 | scalarbase(p,r); | |
| 402 | pack(sm,p); | |
| 403 | ||
| 404 | FOR(i,32) sm[i+32] = pk[i]; | |
| 405 | tweetnacl_crypto_hash(h,sm,mlen + 64); | |
| 406 | reduce(h); | |
| 407 | ||
| 408 | FOR(i,64) x[i] = 0; | |
| 409 | FOR(i,32) x[i] = (u64) r[i]; | |
| 410 | FOR(i,32) FOR(j,32) x[i+j] += h[i] * (u64) d[j]; | |
| 411 | modL(sm + 32,x); | |
| 412 | ||
| 413 | return 0; | |
| 414 | } | |
| 415 | ||
| 416 | static int unpackneg(gf r[4],const u8 p[32]) | |
| 417 | { | |
| 418 | gf t, chk, num, den, den2, den4, den6; | |
| 419 | set25519(r[2],gf1); | |
| 420 | unpack25519(r[1],p); | |
| 421 | S(num,r[1]); | |
| 422 | M(den,num,D); | |
| 423 | Z(num,num,r[2]); | |
| 424 | A(den,r[2],den); | |
| 425 | ||
| 426 | S(den2,den); | |
| 427 | S(den4,den2); | |
| 428 | M(den6,den4,den2); | |
| 429 | M(t,den6,num); | |
| 430 | M(t,t,den); | |
| 431 | ||
| 432 | pow2523(t,t); | |
| 433 | M(t,t,num); | |
| 434 | M(t,t,den); | |
| 435 | M(t,t,den); | |
| 436 | M(r[0],t,den); | |
| 437 | ||
| 438 | S(chk,r[0]); | |
| 439 | M(chk,chk,den); | |
| 440 | if (neq25519(chk, num)) M(r[0],r[0],I); | |
| 441 | ||
| 442 | S(chk,r[0]); | |
| 443 | M(chk,chk,den); | |
| 444 | if (neq25519(chk, num)) return -1; | |
| 445 | ||
| 446 | if (par25519(r[0]) == (p[31]>>7)) Z(r[0],gf0,r[0]); | |
| 447 | ||
| 448 | M(r[3],r[0],r[1]); | |
| 449 | return 0; | |
| 450 | } | |
| 451 | ||
| 452 | int tweetnacl_crypto_sign_open(int *stat, u8 *m,u64 *mlen,const u8 *sm,u64 smlen,const u8 *pk) | |
| 453 | { | |
| 454 | u64 i; | |
| 455 | u8 s[32],t[32],h[64]; | |
| 456 | gf p[4],q[4]; | |
| 457 | ||
| 458 | *stat = 0; | |
| 459 | if (*mlen < smlen) return CRYPT_BUFFER_OVERFLOW; | |
| 460 | *mlen = -1; | |
| 461 | if (smlen < 64) return CRYPT_INVALID_ARG; | |
| 462 | ||
| 463 | if (unpackneg(q,pk)) return CRYPT_ERROR; | |
| 464 | ||
| 465 | XMEMMOVE(m,sm,smlen); | |
| 466 | XMEMMOVE(s,m + 32,32); | |
| 467 | XMEMMOVE(m + 32,pk,32); | |
| 468 | tweetnacl_crypto_hash(h,m,smlen); | |
| 469 | reduce(h); | |
| 470 | scalarmult(p,q,h); | |
| 471 | ||
| 472 | scalarbase(q,s); | |
| 473 | add(p,q); | |
| 474 | pack(t,p); | |
| 475 | ||
| 476 | smlen -= 64; | |
| 477 | if (tweetnacl_crypto_verify_32(sm, t)) { | |
| 478 | FOR(i,smlen) m[i] = 0; | |
| 479 | zeromem(m, smlen); | |
| 480 | return CRYPT_OK; | |
| 481 | } | |
| 482 | ||
| 483 | *stat = 1; | |
| 484 | XMEMMOVE(m,m + 64,smlen); | |
| 485 | *mlen = smlen; | |
| 486 | return CRYPT_OK; | |
| 487 | } | |
| 488 | ||
| 489 | /* ref: $Format:%D$ */ | |
| 490 | /* git commit: $Format:%H$ */ | |
| 491 | /* commit time: $Format:%ai$ */ |
| 113 | 113 | #ifdef LTC_SSH |
| 114 | 114 | else if (sigformat == LTC_ECCSIG_RFC5656) { |
| 115 | 115 | char name[64], name2[64]; |
| 116 | unsigned long namelen = sizeof(name2); | |
| 116 | unsigned long namelen = sizeof(name); | |
| 117 | unsigned long name2len = sizeof(name2); | |
| 117 | 118 | |
| 118 | 119 | /* Decode as SSH data sequence, per RFC4251 */ |
| 119 | if ((err = ssh_decode_sequence_multi(sig, siglen, | |
| 120 | LTC_SSHDATA_STRING, name, 64, | |
| 120 | if ((err = ssh_decode_sequence_multi(sig, &siglen, | |
| 121 | LTC_SSHDATA_STRING, name, &namelen, | |
| 121 | 122 | LTC_SSHDATA_MPINT, r, |
| 122 | 123 | LTC_SSHDATA_MPINT, s, |
| 123 | 124 | LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; } |
| 124 | 125 | |
| 125 | 126 | |
| 126 | 127 | /* Check curve matches identifier string */ |
| 127 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; } | |
| 128 | if (XSTRCMP(name,name2) != 0) { | |
| 128 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &name2len, key)) != CRYPT_OK) { goto error; } | |
| 129 | if ((namelen != name2len) || (XSTRCMP(name, name2) != 0)) { | |
| 129 | 130 | err = CRYPT_INVALID_ARG; |
| 130 | 131 | goto error; |
| 131 | 132 | } |
| 163 | 163 | |
| 164 | 164 | /* Store as SSH data sequence, per RFC4251 */ |
| 165 | 165 | err = ssh_encode_sequence_multi(out, outlen, |
| 166 | LTC_SSHDATA_STRING, name, | |
| 166 | LTC_SSHDATA_STRING, name, namelen, | |
| 167 | 167 | LTC_SSHDATA_MPINT, r, |
| 168 | 168 | LTC_SSHDATA_MPINT, s, |
| 169 | 169 | LTC_SSHDATA_EOL, NULL); |
| 24 | 24 | { |
| 25 | 25 | char oidstr[64]; |
| 26 | 26 | unsigned long oidlen = sizeof(oidstr); |
| 27 | unsigned long size = 0; | |
| 28 | int err; | |
| 27 | int err, size = 0; | |
| 29 | 28 | |
| 30 | 29 | LTC_ARGCHK(buffer != NULL); |
| 31 | 30 | LTC_ARGCHK(buflen != NULL); |
| 51 | 50 | size = snprintf(buffer, *buflen, "ecdsa-sha2-%s", oidstr); |
| 52 | 51 | } |
| 53 | 52 | |
| 54 | /* snprintf returns size that would have been written, but limits to buflen-1 chars plus terminator */ | |
| 55 | if (size >= *buflen) { | |
| 53 | /* snprintf returns a negative value on error | |
| 54 | * or the size that would have been written, but limits to buflen-1 chars plus terminator */ | |
| 55 | if (size < 0) { | |
| 56 | err = CRYPT_ERROR; | |
| 57 | } else if ((unsigned)size >= *buflen) { | |
| 56 | 58 | err = CRYPT_BUFFER_OVERFLOW; |
| 57 | 59 | } else { |
| 58 | 60 | err = CRYPT_OK; |
| 99 | 99 | #ifdef LTC_SSH |
| 100 | 100 | else if (sigformat == LTC_ECCSIG_RFC5656) { |
| 101 | 101 | char name[64], name2[64]; |
| 102 | unsigned long namelen = sizeof(name2); | |
| 102 | unsigned long namelen = sizeof(name); | |
| 103 | unsigned long name2len = sizeof(name2); | |
| 103 | 104 | |
| 104 | 105 | /* Decode as SSH data sequence, per RFC4251 */ |
| 105 | if ((err = ssh_decode_sequence_multi(sig, siglen, | |
| 106 | LTC_SSHDATA_STRING, name, 64, | |
| 106 | if ((err = ssh_decode_sequence_multi(sig, &siglen, | |
| 107 | LTC_SSHDATA_STRING, name, &namelen, | |
| 107 | 108 | LTC_SSHDATA_MPINT, r, |
| 108 | 109 | LTC_SSHDATA_MPINT, s, |
| 109 | 110 | LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; } |
| 110 | 111 | |
| 111 | 112 | |
| 112 | 113 | /* Check curve matches identifier string */ |
| 113 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; } | |
| 114 | if (XSTRCMP(name,name2) != 0) { | |
| 114 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &name2len, key)) != CRYPT_OK) { goto error; } | |
| 115 | if ((namelen != name2len) || (XSTRCMP(name, name2) != 0)) { | |
| 115 | 116 | err = CRYPT_INVALID_ARG; |
| 116 | 117 | goto error; |
| 117 | 118 | } |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_export.c | |
| 12 | Export an Ed25519 key to a binary packet, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Export an Ed25519 key to a binary packet | |
| 19 | @param out [out] The destination for the key | |
| 20 | @param outlen [in/out] The max size and resulting size of the Ed25519 key | |
| 21 | @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC) | |
| 22 | @param key The key you wish to export | |
| 23 | @return CRYPT_OK if successful | |
| 24 | */ | |
| 25 | int ed25519_export( unsigned char *out, unsigned long *outlen, | |
| 26 | int which, | |
| 27 | const curve25519_key *key) | |
| 28 | { | |
| 29 | LTC_ARGCHK(key != NULL); | |
| 30 | ||
| 31 | if (key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; | |
| 32 | ||
| 33 | return ec25519_export(out, outlen, which, key); | |
| 34 | } | |
| 35 | ||
| 36 | #endif | |
| 37 | ||
| 38 | /* ref: $Format:%D$ */ | |
| 39 | /* git commit: $Format:%H$ */ | |
| 40 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_import.c | |
| 12 | Import a Ed25519 key from a binary packet, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Import an Ed25519 public key | |
| 19 | @param in The packet to read | |
| 20 | @param inlen The length of the input packet | |
| 21 | @param key [out] Where to import the key to | |
| 22 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
| 23 | */ | |
| 24 | int ed25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
| 25 | { | |
| 26 | int err; | |
| 27 | unsigned long key_len; | |
| 28 | ||
| 29 | LTC_ARGCHK(in != NULL); | |
| 30 | LTC_ARGCHK(key != NULL); | |
| 31 | ||
| 32 | key_len = sizeof(key->pub); | |
| 33 | if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_ED25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { | |
| 34 | key->type = PK_PUBLIC; | |
| 35 | key->algo = PKA_ED25519; | |
| 36 | } | |
| 37 | return err; | |
| 38 | } | |
| 39 | ||
| 40 | #endif | |
| 41 | ||
| 42 | /* ref: $Format:%D$ */ | |
| 43 | /* git commit: $Format:%H$ */ | |
| 44 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_import_pkcs8.c | |
| 12 | Import an Ed25519 key in PKCS#8 format, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Import an Ed25519 private key in PKCS#8 format | |
| 19 | @param in The DER-encoded PKCS#8-formatted private key | |
| 20 | @param inlen The length of the input data | |
| 21 | @param passwd The password to decrypt the private key | |
| 22 | @param passwdlen Password's length (octets) | |
| 23 | @param key [out] Where to import the key to | |
| 24 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
| 25 | */ | |
| 26 | int ed25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
| 27 | const void *pwd, unsigned long pwdlen, | |
| 28 | curve25519_key *key) | |
| 29 | { | |
| 30 | return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, PKA_ED25519, tweetnacl_crypto_sk_to_pk, key); | |
| 31 | } | |
| 32 | ||
| 33 | #endif | |
| 34 | ||
| 35 | /* ref: $Format:%D$ */ | |
| 36 | /* git commit: $Format:%H$ */ | |
| 37 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_import_x509.c | |
| 12 | Import an Ed25519 key from a X.509 certificate, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | static int _ed25519_decode(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
| 18 | { | |
| 19 | if (inlen != sizeof(key->pub)) return CRYPT_PK_INVALID_SIZE; | |
| 20 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
| 21 | return CRYPT_OK; | |
| 22 | } | |
| 23 | ||
| 24 | /** | |
| 25 | Import an Ed25519 public key from a X.509 certificate | |
| 26 | @param in The DER encoded X.509 certificate | |
| 27 | @param inlen The length of the certificate | |
| 28 | @param key [out] Where to import the key to | |
| 29 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
| 30 | */ | |
| 31 | int ed25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
| 32 | { | |
| 33 | int err; | |
| 34 | ||
| 35 | LTC_ARGCHK(in != NULL); | |
| 36 | LTC_ARGCHK(key != NULL); | |
| 37 | ||
| 38 | if ((err = x509_decode_public_key_from_certificate(in, inlen, | |
| 39 | PKA_ED25519, | |
| 40 | LTC_ASN1_EOL, NULL, NULL, | |
| 41 | (public_key_decode_cb)_ed25519_decode, key)) != CRYPT_OK) { | |
| 42 | return err; | |
| 43 | } | |
| 44 | key->type = PK_PUBLIC; | |
| 45 | key->algo = PKA_ED25519; | |
| 46 | ||
| 47 | return err; | |
| 48 | } | |
| 49 | ||
| 50 | #endif | |
| 51 | ||
| 52 | /* ref: $Format:%D$ */ | |
| 53 | /* git commit: $Format:%H$ */ | |
| 54 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_make_key.c | |
| 12 | Create an Ed25519 key, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Create an Ed25519 key | |
| 19 | @param prng An active PRNG state | |
| 20 | @param wprng The index of the PRNG desired | |
| 21 | @param key [out] Destination of a newly created private key pair | |
| 22 | @return CRYPT_OK if successful | |
| 23 | */ | |
| 24 | int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key) | |
| 25 | { | |
| 26 | int err; | |
| 27 | ||
| 28 | LTC_ARGCHK(prng != NULL); | |
| 29 | LTC_ARGCHK(key != NULL); | |
| 30 | ||
| 31 | if ((err = tweetnacl_crypto_sign_keypair(prng, wprng, key->pub, key->priv)) != CRYPT_OK) { | |
| 32 | return err; | |
| 33 | } | |
| 34 | ||
| 35 | key->type = PK_PRIVATE; | |
| 36 | key->algo = PKA_ED25519; | |
| 37 | ||
| 38 | return err; | |
| 39 | } | |
| 40 | ||
| 41 | #endif | |
| 42 | ||
| 43 | /* ref: $Format:%D$ */ | |
| 44 | /* git commit: $Format:%H$ */ | |
| 45 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_set_ku.c | |
| 12 | Set the parameters of an Ed25519 key, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Set the parameters of an Ed25519 key | |
| 19 | ||
| 20 | In case sk and pk are given it is validated that pk is really the | |
| 21 | corresponding public part of the key pair. | |
| 22 | ||
| 23 | @param sk The secret key | |
| 24 | @param sklen The length of sk | |
| 25 | @param pk The public key | |
| 26 | @param pklen The length of pk | |
| 27 | @param key [out] Destination of the key | |
| 28 | @return CRYPT_OK if successful | |
| 29 | */ | |
| 30 | int ed25519_set_key(const unsigned char *sk, unsigned long sklen, | |
| 31 | const unsigned char *pk, unsigned long pklen, | |
| 32 | curve25519_key *key) | |
| 33 | { | |
| 34 | LTC_ARGCHK(key != NULL); | |
| 35 | ||
| 36 | if (sk != NULL) { | |
| 37 | LTC_ARGCHK(sklen == 32uL); | |
| 38 | XMEMCPY(key->priv, sk, sizeof(key->priv)); | |
| 39 | tweetnacl_crypto_sk_to_pk(key->pub, key->priv); | |
| 40 | if (pk != NULL) { | |
| 41 | LTC_ARGCHK(pklen == 32uL); | |
| 42 | if (XMEM_NEQ(pk, key->pub, sizeof(key->pub)) != 0) { | |
| 43 | zeromem(key, sizeof(*key)); | |
| 44 | return CRYPT_INVALID_ARG; | |
| 45 | } | |
| 46 | } | |
| 47 | key->type = PK_PRIVATE; | |
| 48 | } else if (pk != NULL) { | |
| 49 | LTC_ARGCHK(pklen == 32uL); | |
| 50 | XMEMCPY(key->pub, pk, sizeof(key->pub)); | |
| 51 | key->type = PK_PUBLIC; | |
| 52 | } else { | |
| 53 | return CRYPT_INVALID_ARG; | |
| 54 | } | |
| 55 | key->algo = PKA_ED25519; | |
| 56 | ||
| 57 | return CRYPT_OK; | |
| 58 | } | |
| 59 | ||
| 60 | #endif | |
| 61 | ||
| 62 | /* ref: $Format:%D$ */ | |
| 63 | /* git commit: $Format:%H$ */ | |
| 64 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_shared_secret.c | |
| 12 | Create an Ed25519 signature, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Create an Ed25519 signature. | |
| 19 | @param private_key The private Ed25519 key in the pair | |
| 20 | @param public_key The public Ed25519 key in the pair | |
| 21 | @param out [out] The destination of the shared data | |
| 22 | @param outlen [in/out] The max size and resulting size of the shared data. | |
| 23 | @return CRYPT_OK if successful | |
| 24 | */ | |
| 25 | int ed25519_sign(const unsigned char *msg, unsigned long msglen, | |
| 26 | unsigned char *sig, unsigned long *siglen, | |
| 27 | const curve25519_key *private_key) | |
| 28 | { | |
| 29 | unsigned char *s; | |
| 30 | unsigned long long smlen; | |
| 31 | int err; | |
| 32 | ||
| 33 | LTC_ARGCHK(msg != NULL); | |
| 34 | LTC_ARGCHK(sig != NULL); | |
| 35 | LTC_ARGCHK(siglen != NULL); | |
| 36 | LTC_ARGCHK(private_key != NULL); | |
| 37 | ||
| 38 | if (private_key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; | |
| 39 | if (private_key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE; | |
| 40 | ||
| 41 | if (*siglen < 64uL) { | |
| 42 | *siglen = 64uL; | |
| 43 | return CRYPT_BUFFER_OVERFLOW; | |
| 44 | } | |
| 45 | ||
| 46 | smlen = msglen + 64; | |
| 47 | s = XMALLOC(smlen); | |
| 48 | if (s == NULL) return CRYPT_MEM; | |
| 49 | ||
| 50 | err = tweetnacl_crypto_sign(s, &smlen, | |
| 51 | msg, msglen, | |
| 52 | private_key->priv, private_key->pub); | |
| 53 | ||
| 54 | XMEMCPY(sig, s, 64uL); | |
| 55 | *siglen = 64uL; | |
| 56 | ||
| 57 | #ifdef LTC_CLEAN_STACK | |
| 58 | zeromem(s, smlen); | |
| 59 | #endif | |
| 60 | XFREE(s); | |
| 61 | ||
| 62 | return err; | |
| 63 | } | |
| 64 | ||
| 65 | #endif | |
| 66 | ||
| 67 | /* ref: $Format:%D$ */ | |
| 68 | /* git commit: $Format:%H$ */ | |
| 69 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file ed25519_verify.c | |
| 12 | Verify an Ed25519 signature, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Verify an Ed25519 signature. | |
| 19 | @param private_key The private Ed25519 key in the pair | |
| 20 | @param public_key The public Ed25519 key in the pair | |
| 21 | @param out [out] The destination of the shared data | |
| 22 | @param outlen [in/out] The max size and resulting size of the shared data. | |
| 23 | @param stat [out] The result of the signature verification, 1==valid, 0==invalid | |
| 24 | @return CRYPT_OK if successful | |
| 25 | */ | |
| 26 | int ed25519_verify(const unsigned char *msg, unsigned long msglen, | |
| 27 | const unsigned char *sig, unsigned long siglen, | |
| 28 | int *stat, const curve25519_key *public_key) | |
| 29 | { | |
| 30 | unsigned char* m; | |
| 31 | unsigned long long mlen; | |
| 32 | int err; | |
| 33 | ||
| 34 | LTC_ARGCHK(msg != NULL); | |
| 35 | LTC_ARGCHK(sig != NULL); | |
| 36 | LTC_ARGCHK(stat != NULL); | |
| 37 | LTC_ARGCHK(public_key != NULL); | |
| 38 | ||
| 39 | *stat = 0; | |
| 40 | ||
| 41 | if (siglen != 64uL) return CRYPT_INVALID_ARG; | |
| 42 | if (public_key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; | |
| 43 | ||
| 44 | mlen = msglen + siglen; | |
| 45 | if ((mlen < msglen) || (mlen < siglen)) return CRYPT_OVERFLOW; | |
| 46 | ||
| 47 | m = XMALLOC(mlen); | |
| 48 | if (m == NULL) return CRYPT_MEM; | |
| 49 | ||
| 50 | XMEMCPY(m, sig, siglen); | |
| 51 | XMEMCPY(m + siglen, msg, msglen); | |
| 52 | ||
| 53 | err = tweetnacl_crypto_sign_open(stat, | |
| 54 | m, &mlen, | |
| 55 | m, mlen, | |
| 56 | public_key->pub); | |
| 57 | ||
| 58 | #ifdef LTC_CLEAN_STACK | |
| 59 | zeromem(m, mlen); | |
| 60 | #endif | |
| 61 | XFREE(m); | |
| 62 | ||
| 63 | return err; | |
| 64 | } | |
| 65 | ||
| 66 | #endif | |
| 67 | ||
| 68 | /* ref: $Format:%D$ */ | |
| 69 | /* git commit: $Format:%H$ */ | |
| 70 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file rsa_free.c | |
| 12 | Free an RSA key, Tom St Denis | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_MRSA | |
| 16 | ||
| 17 | /** | |
| 18 | Free an RSA key from memory | |
| 19 | @param key The RSA key to free | |
| 20 | */ | |
| 21 | void rsa_free(rsa_key *key) | |
| 22 | { | |
| 23 | LTC_ARGCHKVD(key != NULL); | |
| 24 | mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL); | |
| 25 | } | |
| 26 | ||
| 27 | #endif | |
| 28 | ||
| 29 | /* ref: $Format:%D$ */ | |
| 30 | /* git commit: $Format:%H$ */ | |
| 31 | /* commit time: $Format:%ai$ */ |
| 33 | 33 | LTC_ARGCHK(ltc_mp.name != NULL); |
| 34 | 34 | |
| 35 | 35 | /* init key */ |
| 36 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, | |
| 37 | &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
| 36 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
| 38 | 37 | return err; |
| 39 | 38 | } |
| 40 | 39 | |
| 112 | 111 | goto LBL_FREE; |
| 113 | 112 | |
| 114 | 113 | LBL_ERR: |
| 115 | mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); | |
| 114 | rsa_free(key); | |
| 116 | 115 | |
| 117 | 116 | LBL_FREE: |
| 118 | 117 | if (tmpbuf != NULL) { |
| 38 | 38 | */ |
| 39 | 39 | |
| 40 | 40 | /** |
| 41 | Import an RSAPublicKey or RSAPrivateKey in PKCS#8 format | |
| 41 | Import an RSAPrivateKey in PKCS#8 format | |
| 42 | 42 | @param in The packet to import from |
| 43 | 43 | @param inlen It's length (octets) |
| 44 | @param passwd The password for decrypting privkey (NOT SUPPORTED YET) | |
| 44 | @param passwd The password for decrypting privkey | |
| 45 | 45 | @param passwdlen Password's length (octets) |
| 46 | 46 | @param key [out] Destination for newly imported key |
| 47 | 47 | @return CRYPT_OK if successful, upon error allocated memory is freed |
| 77 | 77 | buf2 = XMALLOC(buf2len); |
| 78 | 78 | if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE1; } |
| 79 | 79 | |
| 80 | if ((err = mp_init_multi(&zero, &iter, NULL)) != CRYPT_OK) { goto LBL_FREE2; } | |
| 80 | 81 | /* init key */ |
| 81 | err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, &zero, &iter, NULL); | |
| 82 | if (err != CRYPT_OK) { goto LBL_FREE2; } | |
| 82 | if ((err = rsa_init(key)) != CRYPT_OK) { goto LBL_FREE3; } | |
| 83 | 83 | |
| 84 | 84 | /* try to decode encrypted priv key */ |
| 85 | 85 | if ((err = pkcs8_decode_flexi(in, inlen, passwd, passwdlen, &l)) != CRYPT_OK) { |
| 116 | 116 | if (err != CRYPT_OK) { goto LBL_ERR; } |
| 117 | 117 | key->type = PK_PRIVATE; |
| 118 | 118 | err = CRYPT_OK; |
| 119 | goto LBL_FREE2; | |
| 119 | goto LBL_FREE3; | |
| 120 | 120 | |
| 121 | 121 | LBL_ERR: |
| 122 | 122 | rsa_free(key); |
| 123 | LBL_FREE3: | |
| 124 | mp_clear_multi(iter, zero, NULL); | |
| 125 | if (l) der_free_sequence_flexi(l); | |
| 123 | 126 | LBL_FREE2: |
| 124 | if (l) der_free_sequence_flexi(l); | |
| 125 | mp_clear_multi(iter, zero, NULL); | |
| 126 | 127 | XFREE(buf2); |
| 127 | 128 | LBL_FREE1: |
| 128 | 129 | XFREE(buf1); |
| 39 | 39 | LTC_ARGCHK(ltc_mp.name != NULL); |
| 40 | 40 | |
| 41 | 41 | /* init key */ |
| 42 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, | |
| 43 | &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
| 42 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
| 44 | 43 | return err; |
| 45 | 44 | } |
| 46 | 45 |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file rsa_key.c | |
| 12 | Free an RSA key, Tom St Denis | |
| 13 | Basic operations on an RSA key, Steffen Jaeckel | |
| 14 | */ | |
| 15 | ||
| 16 | #ifdef LTC_MRSA | |
| 17 | #include <stdarg.h> | |
| 18 | ||
| 19 | static void _mpi_shrink_multi(void **a, ...) | |
| 20 | { | |
| 21 | void **cur; | |
| 22 | unsigned n; | |
| 23 | int err; | |
| 24 | va_list args; | |
| 25 | void *tmp[10] = { 0 }; | |
| 26 | void **arg[10] = { 0 }; | |
| 27 | ||
| 28 | /* We re-allocate in the order that we received the varargs */ | |
| 29 | n = 0; | |
| 30 | err = CRYPT_ERROR; | |
| 31 | cur = a; | |
| 32 | va_start(args, a); | |
| 33 | while (cur != NULL) { | |
| 34 | if (n >= sizeof(tmp)/sizeof(tmp[0])) { | |
| 35 | goto out; | |
| 36 | } | |
| 37 | if (*cur != NULL) { | |
| 38 | arg[n] = cur; | |
| 39 | if ((err = mp_init_copy(&tmp[n], *arg[n])) != CRYPT_OK) { | |
| 40 | goto out; | |
| 41 | } | |
| 42 | n++; | |
| 43 | } | |
| 44 | cur = va_arg(args, void**); | |
| 45 | } | |
| 46 | va_end(args); | |
| 47 | ||
| 48 | /* but we clear the old values in the reverse order */ | |
| 49 | while (n != 0 && arg[--n] != NULL) { | |
| 50 | mp_clear(*arg[n]); | |
| 51 | *arg[n] = tmp[n]; | |
| 52 | } | |
| 53 | out: | |
| 54 | va_end(args); | |
| 55 | /* clean-up after an error | |
| 56 | * or after this was called with too many args | |
| 57 | */ | |
| 58 | if ((err != CRYPT_OK) || | |
| 59 | (n >= sizeof(tmp)/sizeof(tmp[0]))) { | |
| 60 | for (n = 0; n < sizeof(tmp)/sizeof(tmp[0]); ++n) { | |
| 61 | if (tmp[n] != NULL) { | |
| 62 | mp_clear(tmp[n]); | |
| 63 | } | |
| 64 | } | |
| 65 | } | |
| 66 | } | |
| 67 | ||
| 68 | /** | |
| 69 | This shrinks the allocated memory of a RSA key | |
| 70 | ||
| 71 | It will use up some more memory temporarily, | |
| 72 | but then it will free-up the entire sequence that | |
| 73 | was once allocated when the key was created/populated. | |
| 74 | ||
| 75 | This only works with libtommath >= 1.2.0 in earlier versions | |
| 76 | it has the inverse effect due to the way it worked internally. | |
| 77 | Also works for GNU MP, tomsfastmath naturally shows no effect. | |
| 78 | ||
| 79 | @param key The RSA key to shrink | |
| 80 | */ | |
| 81 | void rsa_shrink_key(rsa_key *key) | |
| 82 | { | |
| 83 | LTC_ARGCHKVD(key != NULL); | |
| 84 | _mpi_shrink_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
| 85 | } | |
| 86 | ||
| 87 | /** | |
| 88 | Init an RSA key | |
| 89 | @param key The RSA key to free | |
| 90 | @return CRYPT_OK if successful | |
| 91 | */ | |
| 92 | int rsa_init(rsa_key *key) | |
| 93 | { | |
| 94 | LTC_ARGCHK(key != NULL); | |
| 95 | return mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
| 96 | } | |
| 97 | ||
| 98 | /** | |
| 99 | Free an RSA key from memory | |
| 100 | @param key The RSA key to free | |
| 101 | */ | |
| 102 | void rsa_free(rsa_key *key) | |
| 103 | { | |
| 104 | LTC_ARGCHKVD(key != NULL); | |
| 105 | mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL); | |
| 106 | } | |
| 107 | ||
| 108 | #endif | |
| 109 | ||
| 110 | /* ref: $Format:%D$ */ | |
| 111 | /* git commit: $Format:%H$ */ | |
| 112 | /* commit time: $Format:%ai$ */ |
| 67 | 67 | if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = lcm(p-1, q-1) */ |
| 68 | 68 | |
| 69 | 69 | /* make key */ |
| 70 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
| 70 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
| 71 | 71 | goto errkey; |
| 72 | 72 | } |
| 73 | 73 | |
| 77 | 77 | |
| 78 | 78 | /* optimize for CRT now */ |
| 79 | 79 | /* find d mod q-1 and d mod p-1 */ |
| 80 | if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ | |
| 81 | if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ | |
| 80 | if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */ | |
| 81 | if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = q-1 */ | |
| 82 | 82 | if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */ |
| 83 | 83 | if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */ |
| 84 | 84 | if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */ |
| 34 | 34 | LTC_ARGCHK(e != NULL); |
| 35 | 35 | LTC_ARGCHK(ltc_mp.name != NULL); |
| 36 | 36 | |
| 37 | err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
| 38 | if (err != CRYPT_OK) return err; | |
| 37 | if ((err = rsa_init(key)) != CRYPT_OK) return err; | |
| 39 | 38 | |
| 40 | 39 | if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK) { goto LBL_ERR; } |
| 41 | 40 | if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK) { goto LBL_ERR; } |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_export.c | |
| 12 | Export a X25519 key to a binary packet, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Export a X25519 key to a binary packet | |
| 19 | @param out [out] The destination for the key | |
| 20 | @param outlen [in/out] The max size and resulting size of the X25519 key | |
| 21 | @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC) | |
| 22 | @param key The key you wish to export | |
| 23 | @return CRYPT_OK if successful | |
| 24 | */ | |
| 25 | int x25519_export( unsigned char *out, unsigned long *outlen, | |
| 26 | int which, | |
| 27 | const curve25519_key *key) | |
| 28 | { | |
| 29 | LTC_ARGCHK(key != NULL); | |
| 30 | ||
| 31 | if (key->algo != PKA_X25519) return CRYPT_PK_INVALID_TYPE; | |
| 32 | ||
| 33 | return ec25519_export(out, outlen, which, key); | |
| 34 | } | |
| 35 | ||
| 36 | #endif | |
| 37 | ||
| 38 | /* ref: $Format:%D$ */ | |
| 39 | /* git commit: $Format:%H$ */ | |
| 40 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_import.c | |
| 12 | Import a X25519 key from a binary packet, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Import a X25519 key from a binary packet | |
| 19 | @param in The packet to read | |
| 20 | @param inlen The length of the input packet | |
| 21 | @param key [out] Where to import the key to | |
| 22 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
| 23 | */ | |
| 24 | int x25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
| 25 | { | |
| 26 | int err; | |
| 27 | unsigned long key_len; | |
| 28 | ||
| 29 | LTC_ARGCHK(in != NULL); | |
| 30 | LTC_ARGCHK(key != NULL); | |
| 31 | ||
| 32 | /* There's only one case where the inlen is equal to the pubkey-size | |
| 33 | * and that's a raw pubkey, so let's just do a raw import. | |
| 34 | */ | |
| 35 | if (inlen == sizeof(key->pub)) { | |
| 36 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
| 37 | key->type = PK_PUBLIC; | |
| 38 | key->algo = PKA_X25519; | |
| 39 | return CRYPT_OK; | |
| 40 | } | |
| 41 | ||
| 42 | key_len = sizeof(key->pub); | |
| 43 | if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_X25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { | |
| 44 | key->type = PK_PUBLIC; | |
| 45 | key->algo = PKA_X25519; | |
| 46 | } | |
| 47 | return err; | |
| 48 | } | |
| 49 | ||
| 50 | #endif | |
| 51 | ||
| 52 | /* ref: $Format:%D$ */ | |
| 53 | /* git commit: $Format:%H$ */ | |
| 54 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_import_pkcs8.c | |
| 12 | Import a X25519 key in PKCS#8 format, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Import a X25519 private key in PKCS#8 format | |
| 19 | @param in The DER-encoded PKCS#8-formatted private key | |
| 20 | @param inlen The length of the input data | |
| 21 | @param passwd The password to decrypt the private key | |
| 22 | @param passwdlen Password's length (octets) | |
| 23 | @param key [out] Where to import the key to | |
| 24 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
| 25 | */ | |
| 26 | int x25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
| 27 | const void *pwd, unsigned long pwdlen, | |
| 28 | curve25519_key *key) | |
| 29 | { | |
| 30 | return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, PKA_X25519, tweetnacl_crypto_scalarmult_base, key); | |
| 31 | } | |
| 32 | ||
| 33 | #endif | |
| 34 | ||
| 35 | /* ref: $Format:%D$ */ | |
| 36 | /* git commit: $Format:%H$ */ | |
| 37 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_import_x509.c | |
| 12 | Import a X25519 key from a X.509 certificate, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | static int _x25519_decode(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
| 18 | { | |
| 19 | if (inlen != sizeof(key->pub)) return CRYPT_PK_INVALID_SIZE; | |
| 20 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
| 21 | return CRYPT_OK; | |
| 22 | } | |
| 23 | ||
| 24 | /** | |
| 25 | Import a X25519 public key from a X.509 certificate | |
| 26 | @param in The DER encoded X.509 certificate | |
| 27 | @param inlen The length of the certificate | |
| 28 | @param key [out] Where to import the key to | |
| 29 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
| 30 | */ | |
| 31 | int x25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
| 32 | { | |
| 33 | int err; | |
| 34 | ||
| 35 | LTC_ARGCHK(in != NULL); | |
| 36 | LTC_ARGCHK(key != NULL); | |
| 37 | ||
| 38 | if ((err = x509_decode_public_key_from_certificate(in, inlen, | |
| 39 | PKA_X25519, | |
| 40 | LTC_ASN1_EOL, NULL, NULL, | |
| 41 | (public_key_decode_cb)_x25519_decode, key)) != CRYPT_OK) { | |
| 42 | return err; | |
| 43 | } | |
| 44 | key->type = PK_PUBLIC; | |
| 45 | key->algo = PKA_X25519; | |
| 46 | ||
| 47 | return err; | |
| 48 | } | |
| 49 | ||
| 50 | #endif | |
| 51 | ||
| 52 | /* ref: $Format:%D$ */ | |
| 53 | /* git commit: $Format:%H$ */ | |
| 54 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_make_key.c | |
| 12 | Create a X25519 key, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Create a X25519 key | |
| 19 | @param prng An active PRNG state | |
| 20 | @param wprng The index of the PRNG desired | |
| 21 | @param key [out] Destination of a newly created private key pair | |
| 22 | @return CRYPT_OK if successful | |
| 23 | */ | |
| 24 | int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key) | |
| 25 | { | |
| 26 | int err; | |
| 27 | ||
| 28 | LTC_ARGCHK(prng != NULL); | |
| 29 | LTC_ARGCHK(key != NULL); | |
| 30 | ||
| 31 | if ((err = prng_is_valid(wprng)) != CRYPT_OK) { | |
| 32 | return err; | |
| 33 | } | |
| 34 | ||
| 35 | if (prng_descriptor[wprng].read(key->priv, sizeof(key->priv), prng) != sizeof(key->priv)) { | |
| 36 | return CRYPT_ERROR_READPRNG; | |
| 37 | } | |
| 38 | ||
| 39 | tweetnacl_crypto_scalarmult_base(key->pub, key->priv); | |
| 40 | ||
| 41 | key->type = PK_PRIVATE; | |
| 42 | key->algo = PKA_X25519; | |
| 43 | ||
| 44 | return err; | |
| 45 | } | |
| 46 | ||
| 47 | #endif | |
| 48 | ||
| 49 | /* ref: $Format:%D$ */ | |
| 50 | /* git commit: $Format:%H$ */ | |
| 51 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_set_ku.c | |
| 12 | Set the parameters of a X25519 key, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Set the parameters of a X25519 key | |
| 19 | ||
| 20 | In case k and u are given it is validated that u is really the | |
| 21 | corresponding public part of the key pair | |
| 22 | ||
| 23 | @param k The k value (a.k.a scalar or private part) | |
| 24 | @param klen The length of k | |
| 25 | @param u The u-coordinate (a.k.a public part) | |
| 26 | @param ulen The length of u | |
| 27 | @param key [out] Destination of the key | |
| 28 | @return CRYPT_OK if successful | |
| 29 | */ | |
| 30 | int x25519_set_key(const unsigned char *k, unsigned long klen, | |
| 31 | const unsigned char *u, unsigned long ulen, | |
| 32 | curve25519_key *key) | |
| 33 | { | |
| 34 | LTC_ARGCHK(key != NULL); | |
| 35 | ||
| 36 | if (k != NULL) { | |
| 37 | LTC_ARGCHK(klen == 32uL); | |
| 38 | XMEMCPY(key->priv, k, sizeof(key->priv)); | |
| 39 | tweetnacl_crypto_scalarmult_base(key->pub, key->priv); | |
| 40 | if (u != NULL) { | |
| 41 | LTC_ARGCHK(ulen == 32uL); | |
| 42 | if (XMEM_NEQ(u, key->pub, sizeof(key->pub)) != 0) { | |
| 43 | zeromem(key, sizeof(*key)); | |
| 44 | return CRYPT_INVALID_ARG; | |
| 45 | } | |
| 46 | } | |
| 47 | key->type = PK_PRIVATE; | |
| 48 | } else if (u != NULL) { | |
| 49 | LTC_ARGCHK(ulen == 32uL); | |
| 50 | XMEMCPY(key->pub, u, sizeof(key->pub)); | |
| 51 | key->type = PK_PUBLIC; | |
| 52 | } else { | |
| 53 | return CRYPT_INVALID_ARG; | |
| 54 | } | |
| 55 | key->algo = PKA_X25519; | |
| 56 | ||
| 57 | return CRYPT_OK; | |
| 58 | } | |
| 59 | ||
| 60 | #endif | |
| 61 | ||
| 62 | /* ref: $Format:%D$ */ | |
| 63 | /* git commit: $Format:%H$ */ | |
| 64 | /* commit time: $Format:%ai$ */ |
| 0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
| 1 | * | |
| 2 | * LibTomCrypt is a library that provides various cryptographic | |
| 3 | * algorithms in a highly modular and flexible manner. | |
| 4 | * | |
| 5 | * The library is free for all purposes without any express | |
| 6 | * guarantee it works. | |
| 7 | */ | |
| 8 | #include "tomcrypt_private.h" | |
| 9 | ||
| 10 | /** | |
| 11 | @file x25519_shared_secret.c | |
| 12 | Create a X25519 shared secret, Steffen Jaeckel | |
| 13 | */ | |
| 14 | ||
| 15 | #ifdef LTC_CURVE25519 | |
| 16 | ||
| 17 | /** | |
| 18 | Create a X25519 shared secret. | |
| 19 | @param private_key The private X25519 key in the pair | |
| 20 | @param public_key The public X25519 key in the pair | |
| 21 | @param out [out] The destination of the shared data | |
| 22 | @param outlen [in/out] The max size and resulting size of the shared data. | |
| 23 | @return CRYPT_OK if successful | |
| 24 | */ | |
| 25 | int x25519_shared_secret(const curve25519_key *private_key, | |
| 26 | const curve25519_key *public_key, | |
| 27 | unsigned char *out, unsigned long *outlen) | |
| 28 | { | |
| 29 | LTC_ARGCHK(private_key != NULL); | |
| 30 | LTC_ARGCHK(public_key != NULL); | |
| 31 | LTC_ARGCHK(out != NULL); | |
| 32 | LTC_ARGCHK(outlen != NULL); | |
| 33 | ||
| 34 | if(private_key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE; | |
| 35 | ||
| 36 | if(*outlen < 32uL) { | |
| 37 | *outlen = 32uL; | |
| 38 | return CRYPT_BUFFER_OVERFLOW; | |
| 39 | } | |
| 40 | ||
| 41 | tweetnacl_crypto_scalarmult(out, private_key->priv, public_key->pub); | |
| 42 | *outlen = 32uL; | |
| 43 | ||
| 44 | return CRYPT_OK; | |
| 45 | } | |
| 46 | ||
| 47 | #endif | |
| 48 | ||
| 49 | /* ref: $Format:%D$ */ | |
| 50 | /* git commit: $Format:%H$ */ | |
| 51 | /* commit time: $Format:%ai$ */ |
| 236 | 236 | return err; |
| 237 | 237 | } |
| 238 | 238 | } |
| 239 | prng->u.fortuna.pool_idx = prng->u.fortuna.pool0_len = prng->u.fortuna.wd = 0; | |
| 240 | prng->u.fortuna.reset_cnt = 0; | |
| 239 | prng->u.fortuna.pool_idx = prng->u.fortuna.pool0_len = 0; | |
| 240 | prng->u.fortuna.reset_cnt = prng->u.fortuna.wd = 0; | |
| 241 | 241 | |
| 242 | 242 | /* reset bufs */ |
| 243 | 243 | zeromem(prng->u.fortuna.K, 32); |
| 18 | 18 | int chacha_done(chacha_state *st) |
| 19 | 19 | { |
| 20 | 20 | LTC_ARGCHK(st != NULL); |
| 21 | XMEMSET(st, 0, sizeof(chacha_state)); | |
| 21 | zeromem(st, sizeof(chacha_state)); | |
| 22 | 22 | return CRYPT_OK; |
| 23 | 23 | } |
| 24 | 24 |
| 33 | 33 | |
| 34 | 34 | if ((err = chacha_setup(&st, key, keylen, rounds)) != CRYPT_OK) goto WIPE_KEY; |
| 35 | 35 | if (ivlen > 8) { |
| 36 | if ((err = chacha_ivctr32(&st, iv, ivlen, counter)) != CRYPT_OK) goto WIPE_KEY; | |
| 36 | if ((err = chacha_ivctr32(&st, iv, ivlen, (ulong32)counter)) != CRYPT_OK) goto WIPE_KEY; | |
| 37 | 37 | } else { |
| 38 | 38 | if ((err = chacha_ivctr64(&st, iv, ivlen, counter)) != CRYPT_OK) goto WIPE_KEY; |
| 39 | 39 | } |
| 409 | 409 | 0xea, 0xec, 0x34, 0x9d, 0x8f, 0xb4, 0x6b, 0x60, |
| 410 | 410 | 0x79, 0x1b, 0xea, 0x16, 0xcb, 0xef, 0x46, 0x87, |
| 411 | 411 | 0x60, 0xa6, 0x55, 0x14, 0xff, 0xca, 0xac }; |
| 412 | unsigned long ptlen = strlen(pt); | |
| 412 | unsigned long ptlen = XSTRLEN(pt); | |
| 413 | 413 | unsigned char out2[1000] = { 0 }; |
| 414 | 414 | unsigned char nulls[1000] = { 0 }; |
| 415 | 415 |
| 99 | 99 | int rc4_stream_done(rc4_state *st) |
| 100 | 100 | { |
| 101 | 101 | LTC_ARGCHK(st != NULL); |
| 102 | XMEMSET(st, 0, sizeof(rc4_state)); | |
| 102 | zeromem(st, sizeof(rc4_state)); | |
| 103 | 103 | return CRYPT_OK; |
| 104 | 104 | } |
| 105 | 105 |
| 18 | 18 | int salsa20_done(salsa20_state *st) |
| 19 | 19 | { |
| 20 | 20 | LTC_ARGCHK(st != NULL); |
| 21 | XMEMSET(st, 0, sizeof(salsa20_state)); | |
| 21 | zeromem(st, sizeof(salsa20_state)); | |
| 22 | 22 | return CRYPT_OK; |
| 23 | 23 | } |
| 24 | 24 |
| 331 | 331 | int sober128_stream_done(sober128_state *st) |
| 332 | 332 | { |
| 333 | 333 | LTC_ARGCHK(st != NULL); |
| 334 | XMEMSET(st, 0, sizeof(sober128_state)); | |
| 334 | zeromem(st, sizeof(sober128_state)); | |
| 335 | 335 | return CRYPT_OK; |
| 336 | 336 | } |
| 337 | 337 |
| 804 | 804 | int sosemanuk_done(sosemanuk_state *st) |
| 805 | 805 | { |
| 806 | 806 | LTC_ARGCHK(st != NULL); |
| 807 | XMEMSET(st, 0, sizeof(sosemanuk_state)); | |
| 807 | zeromem(st, sizeof(sosemanuk_state)); | |
| 808 | 808 | return CRYPT_OK; |
| 809 | 809 | } |
| 810 | 810 |
| 2642 | 2642 | -2:3:-8 |
| 2643 | 2643 | -2:4:16 |
| 2644 | 2644 | -2:5:-32 |
| 2645 | 2:-1:NaN | |
| 2646 | -2:-1:NaN | |
| 2647 | 2:-2:NaN | |
| 2648 | -2:-2:NaN | |
| 2645 | 2:-1:0 | |
| 2646 | -2:-1:0 | |
| 2647 | 2:-2:0 | |
| 2648 | -2:-2:0 | |
| 2649 | 2649 | # inf tests |
| 2650 | 2650 | +inf:1234500012:inf |
| 2651 | 2651 | -inf:1234500012:inf |
| 5 | 5 | use Test::More; |
| 6 | 6 | |
| 7 | 7 | BEGIN { |
| 8 | plan skip_all => "requires Math::BigInt 1.999712+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999712 }; | |
| 8 | plan skip_all => "requires Math::BigInt 1.999817+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999817 }; | |
| 9 | 9 | plan tests => 3712 # tests in require'd file |
| 10 | 10 | + 6; # tests in this file |
| 11 | 11 | } |
| 5 | 5 | use Test::More; |
| 6 | 6 | |
| 7 | 7 | BEGIN { |
| 8 | plan skip_all => "requires Math::BigInt 1.999712+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999712 }; | |
| 9 | plan tests => 3712 # tests in require'd file | |
| 10 | + 6; # tests in this file | |
| 8 | plan skip_all => "requires Math::BigInt" unless eval { require Math::BigInt }; | |
| 9 | plan tests => 2; | |
| 11 | 10 | } |
| 12 | 11 | |
| 13 | 12 | use Math::BigInt lib => 'LTM'; |
| 14 | 13 | |
| 15 | our ($CLASS, $CALC); | |
| 16 | $CLASS = "Math::BigInt"; | |
| 17 | $CALC = "Math::BigInt::LTM"; | |
| 14 | my $V = $Math::BigInt::VERSION; | |
| 18 | 15 | |
| 19 | my $x; | |
| 20 | ||
| 21 | ############################################################################# | |
| 22 | # from_hex(), from_bin() and from_oct() tests | |
| 23 | ||
| 24 | $x = Math::BigInt->from_hex('0xcafe'); | |
| 25 | is($x, "51966", | |
| 26 | qq|Math::BigInt->from_hex("0xcafe")|); | |
| 27 | ||
| 28 | $x = Math::BigInt->from_hex('0xcafebabedead'); | |
| 29 | is($x, "223195403574957", | |
| 30 | qq|Math::BigInt->from_hex("0xcafebabedead")|); | |
| 31 | ||
| 32 | $x = Math::BigInt->from_bin('0b1001'); | |
| 33 | is($x, "9", | |
| 34 | qq|Math::BigInt->from_bin("0b1001")|); | |
| 35 | ||
| 36 | $x = Math::BigInt->from_bin('0b1001100110011001100110011001'); | |
| 37 | is($x, "161061273", | |
| 38 | qq|Math::BigInt->from_bin("0b1001100110011001100110011001");|); | |
| 39 | ||
| 40 | $x = Math::BigInt->from_oct('0775'); | |
| 41 | is($x, "509", | |
| 42 | qq|Math::BigInt->from_oct("0775");|); | |
| 43 | ||
| 44 | $x = Math::BigInt->from_oct('07777777777777711111111222222222'); | |
| 45 | is($x, "9903520314281112085086151826", | |
| 46 | qq|Math::BigInt->from_oct("07777777777777711111111222222222");|); | |
| 47 | ||
| 48 | ############################################################################# | |
| 49 | # all the other tests | |
| 50 | ||
| 51 | require './t/mbi_ltm/bigintpm.inc'; # all tests here for sharing | |
| 16 | # https://github.com/DCIT/perl-CryptX/issues/56 | |
| 17 | { | |
| 18 | my ($x, $y); | |
| 19 | $x = Math::BigInt->new("2"); | |
| 20 | $y = Math::BigInt->new("-1"); | |
| 21 | is($x ** $y, $V < 1.999817 ? 'NaN' : 0); | |
| 22 | $x = Math::BigInt->new("-2"); | |
| 23 | $y = Math::BigInt->new("-2"); | |
| 24 | is($x ** $y, $V < 1.999817 ? 'NaN' : 0); | |
| 25 | } |