New upstream version 0.066
gregor herrmann
4 years ago
0 | 0 | Changes for CryptX |
1 | ||
2 | 0.066 2019-10-20 | |
3 | - fix #57 Build fails on i686 | |
4 | - bundled libtomcrypt update branch:develop (commit:354c9051 2019-10-20) | |
5 | - no perl module code change | |
6 | ||
7 | 0.065 2019-10-19 | |
8 | - fix #56 Math::BigInt 1.999817 breaks the tests of CryptX | |
9 | - bundled libtomcrypt update branch:develop (commit:25410c75 2019-10-17) | |
10 | - no perl module code change, just tests | |
1 | 11 | |
2 | 12 | 0.064 2019-06-14 |
3 | 13 | - fix #50 libtommath patch - building on HP-UX 11.11 / PA-RISC |
171 | 171 | src/ltc/ciphers/safer/saferp.c |
172 | 172 | src/ltc/ciphers/serpent.c |
173 | 173 | src/ltc/ciphers/skipjack.c |
174 | src/ltc/ciphers/tea.c | |
174 | 175 | src/ltc/ciphers/twofish/twofish.c |
175 | 176 | src/ltc/ciphers/twofish/twofish_tab.c |
176 | 177 | src/ltc/ciphers/xtea.c |
316 | 317 | src/ltc/misc/base32/base32_encode.c |
317 | 318 | src/ltc/misc/base64/base64_decode.c |
318 | 319 | src/ltc/misc/base64/base64_encode.c |
320 | src/ltc/misc/bcrypt/bcrypt.c | |
319 | 321 | src/ltc/misc/burn_stack.c |
320 | 322 | src/ltc/misc/compare_testvector.c |
321 | 323 | src/ltc/misc/copy_or_zeromem.c |
483 | 485 | src/ltc/pk/dsa/dsa_sign_hash.c |
484 | 486 | src/ltc/pk/dsa/dsa_verify_hash.c |
485 | 487 | src/ltc/pk/dsa/dsa_verify_key.c |
488 | src/ltc/pk/ec25519/ec25519_export.c | |
489 | src/ltc/pk/ec25519/ec25519_import_pkcs8.c | |
490 | src/ltc/pk/ec25519/tweetnacl.c | |
486 | 491 | src/ltc/pk/ecc/ecc.c |
487 | 492 | src/ltc/pk/ecc/ecc_ansi_x963_export.c |
488 | 493 | src/ltc/pk/ecc/ecc_ansi_x963_import.c |
521 | 526 | src/ltc/pk/ecc/ltc_ecc_projective_add_point.c |
522 | 527 | src/ltc/pk/ecc/ltc_ecc_projective_dbl_point.c |
523 | 528 | src/ltc/pk/ecc/ltc_ecc_verify_key.c |
529 | src/ltc/pk/ed25519/ed25519_export.c | |
530 | src/ltc/pk/ed25519/ed25519_import.c | |
531 | src/ltc/pk/ed25519/ed25519_import_pkcs8.c | |
532 | src/ltc/pk/ed25519/ed25519_import_x509.c | |
533 | src/ltc/pk/ed25519/ed25519_make_key.c | |
534 | src/ltc/pk/ed25519/ed25519_set_key.c | |
535 | src/ltc/pk/ed25519/ed25519_sign.c | |
536 | src/ltc/pk/ed25519/ed25519_verify.c | |
524 | 537 | src/ltc/pk/pkcs1/pkcs_1_i2osp.c |
525 | 538 | src/ltc/pk/pkcs1/pkcs_1_mgf1.c |
526 | 539 | src/ltc/pk/pkcs1/pkcs_1_oaep_decode.c |
534 | 547 | src/ltc/pk/rsa/rsa_encrypt_key.c |
535 | 548 | src/ltc/pk/rsa/rsa_export.c |
536 | 549 | src/ltc/pk/rsa/rsa_exptmod.c |
537 | src/ltc/pk/rsa/rsa_free.c | |
538 | 550 | src/ltc/pk/rsa/rsa_get_size.c |
539 | 551 | src/ltc/pk/rsa/rsa_import.c |
540 | 552 | src/ltc/pk/rsa/rsa_import_pkcs8.c |
541 | 553 | src/ltc/pk/rsa/rsa_import_x509.c |
554 | src/ltc/pk/rsa/rsa_key.c | |
542 | 555 | src/ltc/pk/rsa/rsa_make_key.c |
543 | 556 | src/ltc/pk/rsa/rsa_set.c |
544 | 557 | src/ltc/pk/rsa/rsa_sign_hash.c |
545 | 558 | src/ltc/pk/rsa/rsa_sign_saltlen_get.c |
546 | 559 | src/ltc/pk/rsa/rsa_verify_hash.c |
560 | src/ltc/pk/x25519/x25519_export.c | |
561 | src/ltc/pk/x25519/x25519_import.c | |
562 | src/ltc/pk/x25519/x25519_import_pkcs8.c | |
563 | src/ltc/pk/x25519/x25519_import_x509.c | |
564 | src/ltc/pk/x25519/x25519_make_key.c | |
565 | src/ltc/pk/x25519/x25519_set_key.c | |
566 | src/ltc/pk/x25519/x25519_shared_secret.c | |
547 | 567 | src/ltc/prngs/chacha20.c |
548 | 568 | src/ltc/prngs/fortuna.c |
549 | 569 | src/ltc/prngs/rc4.c |
44 | 44 | "url" : "https://github.com/DCIT/perl-CryptX" |
45 | 45 | } |
46 | 46 | }, |
47 | "version" : "0.064", | |
47 | "version" : "0.066", | |
48 | 48 | "x_serialization_backend" : "JSON::PP version 2.94" |
49 | 49 | } |
21 | 21 | resources: |
22 | 22 | bugtracker: https://github.com/DCIT/perl-CryptX/issues |
23 | 23 | repository: https://github.com/DCIT/perl-CryptX |
24 | version: '0.064' | |
24 | version: '0.066' | |
25 | 25 | x_serialization_backend: 'CPAN::Meta::YAML version 0.018' |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( ccm_encrypt_authenticate ccm_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( eax_encrypt_authenticate eax_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( gcm_encrypt_authenticate gcm_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( ocb_encrypt_authenticate ocb_decrypt_verify )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | ### not used |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::Checksum Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::Checksum Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( crc32_data crc32_data_hex crc32_data_int crc32_file crc32_file_hex crc32_file_int )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw/ adler32_data adler32_data_hex adler32_data_int adler32_file adler32_file_hex adler32_file_int |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Cipher); |
9 | 9 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use Carp; |
7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_160 blake2b_160_hex blake2b_160_b64 blake2b_160_b64u blake2b_160_file blake2b_160_file_hex blake2b_160_file_b64 blake2b_160_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_256 blake2b_256_hex blake2b_256_b64 blake2b_256_b64u blake2b_256_file blake2b_256_file_hex blake2b_256_file_b64 blake2b_256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_384 blake2b_384_hex blake2b_384_b64 blake2b_384_b64u blake2b_384_file blake2b_384_file_hex blake2b_384_file_b64 blake2b_384_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b_512 blake2b_512_hex blake2b_512_b64 blake2b_512_b64u blake2b_512_file blake2b_512_file_hex blake2b_512_file_b64 blake2b_512_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_128 blake2s_128_hex blake2s_128_b64 blake2s_128_b64u blake2s_128_file blake2s_128_file_hex blake2s_128_file_b64 blake2s_128_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_160 blake2s_160_hex blake2s_160_b64 blake2s_160_b64u blake2s_160_file blake2s_160_file_hex blake2s_160_file_b64 blake2s_160_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_224 blake2s_224_hex blake2s_224_b64 blake2s_224_b64u blake2s_224_file blake2s_224_file_hex blake2s_224_file_b64 blake2s_224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s_256 blake2s_256_hex blake2s_256_b64 blake2s_256_b64u blake2s_256_file blake2s_256_file_hex blake2s_256_file_b64 blake2s_256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( chaes chaes_hex chaes_b64 chaes_b64u chaes_file chaes_file_hex chaes_file_b64 chaes_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak224 keccak224_hex keccak224_b64 keccak224_b64u keccak224_file keccak224_file_hex keccak224_file_b64 keccak224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak256 keccak256_hex keccak256_b64 keccak256_b64u keccak256_file keccak256_file_hex keccak256_file_b64 keccak256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak384 keccak384_hex keccak384_b64 keccak384_b64u keccak384_file keccak384_file_hex keccak384_file_b64 keccak384_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( keccak512 keccak512_hex keccak512_b64 keccak512_b64u keccak512_file keccak512_file_hex keccak512_file_b64 keccak512_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( md2 md2_hex md2_b64 md2_b64u md2_file md2_file_hex md2_file_b64 md2_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( md4 md4_hex md4_b64 md4_b64u md4_file md4_file_hex md4_file_b64 md4_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( md5 md5_hex md5_b64 md5_b64u md5_file md5_file_hex md5_file_b64 md5_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd128 ripemd128_hex ripemd128_b64 ripemd128_b64u ripemd128_file ripemd128_file_hex ripemd128_file_b64 ripemd128_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd160 ripemd160_hex ripemd160_b64 ripemd160_b64u ripemd160_file ripemd160_file_hex ripemd160_file_b64 ripemd160_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd256 ripemd256_hex ripemd256_b64 ripemd256_b64u ripemd256_file ripemd256_file_hex ripemd256_file_b64 ripemd256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( ripemd320 ripemd320_hex ripemd320_b64 ripemd320_b64u ripemd320_file ripemd320_file_hex ripemd320_file_b64 ripemd320_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha1 sha1_hex sha1_b64 sha1_b64u sha1_file sha1_file_hex sha1_file_b64 sha1_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha224 sha224_hex sha224_b64 sha224_b64u sha224_file sha224_file_hex sha224_file_b64 sha224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha256 sha256_hex sha256_b64 sha256_b64u sha256_file sha256_file_hex sha256_file_b64 sha256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha384 sha384_hex sha384_b64 sha384_b64u sha384_file sha384_file_hex sha384_file_b64 sha384_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_224 sha3_224_hex sha3_224_b64 sha3_224_b64u sha3_224_file sha3_224_file_hex sha3_224_file_b64 sha3_224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_256 sha3_256_hex sha3_256_b64 sha3_256_b64u sha3_256_file sha3_256_file_hex sha3_256_file_b64 sha3_256_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_384 sha3_384_hex sha3_384_b64 sha3_384_b64u sha3_384_file sha3_384_file_hex sha3_384_file_b64 sha3_384_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha3_512 sha3_512_hex sha3_512_b64 sha3_512_b64u sha3_512_file sha3_512_file_hex sha3_512_file_b64 sha3_512_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512 sha512_hex sha512_b64 sha512_b64u sha512_file sha512_file_hex sha512_file_b64 sha512_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512_224 sha512_224_hex sha512_224_b64 sha512_224_b64u sha512_224_file sha512_224_file_hex sha512_224_file_b64 sha512_224_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( sha512_256 sha512_256_hex sha512_256_b64 sha512_256_b64u sha512_256_file sha512_256_file_hex sha512_256_file_b64 sha512_256_file_b64u )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use Carp; |
7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( tiger192 tiger192_hex tiger192_b64 tiger192_b64u tiger192_file tiger192_file_hex tiger192_file_b64 tiger192_file_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Digest Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( whirlpool whirlpool_hex whirlpool_b64 whirlpool_b64u whirlpool_file whirlpool_file_hex whirlpool_file_b64 whirlpool_file_b64u )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( digest_data digest_data_hex digest_data_b64 digest_data_b64u digest_file digest_file_hex digest_file_b64 digest_file_b64u )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(pbkdf1 pbkdf2 hkdf hkdf_expand hkdf_extract)] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2b blake2b_hex blake2b_b64 blake2b_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( blake2s blake2s_hex blake2s_b64 blake2s_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( f9 f9_hex f9_b64 f9_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( hmac hmac_hex hmac_b64 hmac_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( omac omac_hex omac_b64 omac_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( pmac pmac_hex pmac_b64 pmac_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( pelican pelican_hex pelican_b64 pelican_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( poly1305 poly1305_hex poly1305_b64 poly1305_b64u )] ); |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use base qw(Crypt::Mac Exporter); |
9 | 9 | our %EXPORT_TAGS = ( all => [qw( xcbc xcbc_hex xcbc_b64 xcbc_b64u )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use Carp; |
7 | 7 | $Carp::Internal{(__PACKAGE__)}++; |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import'; |
7 | 7 | use Carp 'croak'; |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
3 | 3 | |
4 | 4 | use strict; |
5 | 5 | use warnings; |
6 | our $VERSION = '0.064'; | |
6 | our $VERSION = '0.066'; | |
7 | 7 | |
8 | 8 | use Crypt::Cipher; |
9 | 9 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | ### not used |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( dh_shared_secret )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( dsa_encrypt dsa_decrypt dsa_sign_message dsa_verify_message dsa_sign_hash dsa_verify_hash )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw( ecc_encrypt ecc_decrypt ecc_sign_message ecc_verify_message ecc_sign_hash ecc_verify_hash ecc_shared_secret )] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_message rsa_sign_hash rsa_verify_hash)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use Carp; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use base qw(Crypt::PRNG Exporter); |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require Exporter; our @ISA = qw(Exporter); ### use Exporter 'import'; |
7 | 7 | our %EXPORT_TAGS = ( all => [qw(random_bytes random_bytes_hex random_bytes_b64 random_bytes_b64u random_string random_string_from rand irand)] ); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings ; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | require XSLoader; |
7 | 7 | XSLoader::load('CryptX', $VERSION); |
1 | 1 | |
2 | 2 | use strict; |
3 | 3 | use warnings; |
4 | our $VERSION = '0.064'; | |
4 | our $VERSION = '0.066'; | |
5 | 5 | |
6 | 6 | use CryptX; |
7 | 7 | use Carp; |
0 | 0 | OBJS=ltc/ciphers/anubis.o ltc/ciphers/blowfish.o ltc/ciphers/camellia.o ltc/ciphers/cast5.o \ |
1 | 1 | ltc/ciphers/des.o ltc/ciphers/idea.o ltc/ciphers/kasumi.o ltc/ciphers/khazad.o ltc/ciphers/kseed.o \ |
2 | 2 | ltc/ciphers/multi2.o ltc/ciphers/noekeon.o ltc/ciphers/rc2.o ltc/ciphers/rc5.o ltc/ciphers/rc6.o \ |
3 | ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/xtea.o ltc/ciphers/aes/aes.o \ | |
4 | ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \ | |
3 | ltc/ciphers/serpent.o ltc/ciphers/skipjack.o ltc/ciphers/tea.o ltc/ciphers/xtea.o \ | |
4 | ltc/ciphers/aes/aes.o ltc/ciphers/safer/safer.o ltc/ciphers/safer/saferp.o ltc/ciphers/twofish/twofish.o \ | |
5 | 5 | ltc/encauth/ccm/ccm_add_aad.o ltc/encauth/ccm/ccm_add_nonce.o ltc/encauth/ccm/ccm_done.o \ |
6 | 6 | ltc/encauth/ccm/ccm_init.o ltc/encauth/ccm/ccm_memory.o ltc/encauth/ccm/ccm_process.o \ |
7 | 7 | ltc/encauth/ccm/ccm_reset.o ltc/encauth/chachapoly/chacha20poly1305_add_aad.o ltc/encauth/chachapoly/chacha20poly1305_decrypt.o \ |
43 | 43 | ltc/misc/crc32.o ltc/misc/error_to_string.o ltc/misc/mem_neq.o ltc/misc/zeromem.o \ |
44 | 44 | ltc/misc/base16/base16_decode.o ltc/misc/base16/base16_encode.o ltc/misc/base32/base32_decode.o \ |
45 | 45 | ltc/misc/base32/base32_encode.o ltc/misc/base64/base64_decode.o ltc/misc/base64/base64_encode.o \ |
46 | ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \ | |
46 | ltc/misc/bcrypt/bcrypt.o ltc/misc/crypt/crypt.o ltc/misc/crypt/crypt_argchk.o ltc/misc/crypt/crypt_cipher_descriptor.o \ | |
47 | 47 | ltc/misc/crypt/crypt_cipher_is_valid.o ltc/misc/crypt/crypt_constants.o ltc/misc/crypt/crypt_find_cipher.o \ |
48 | 48 | ltc/misc/crypt/crypt_find_cipher_any.o ltc/misc/crypt/crypt_find_cipher_id.o ltc/misc/crypt/crypt_find_hash.o \ |
49 | 49 | ltc/misc/crypt/crypt_find_hash_any.o ltc/misc/crypt/crypt_find_hash_id.o ltc/misc/crypt/crypt_find_hash_oid.o \ |
103 | 103 | ltc/pk/dsa/dsa_encrypt_key.o ltc/pk/dsa/dsa_export.o ltc/pk/dsa/dsa_free.o ltc/pk/dsa/dsa_generate_key.o \ |
104 | 104 | ltc/pk/dsa/dsa_generate_pqg.o ltc/pk/dsa/dsa_import.o ltc/pk/dsa/dsa_make_key.o ltc/pk/dsa/dsa_set.o \ |
105 | 105 | ltc/pk/dsa/dsa_set_pqg_dsaparam.o ltc/pk/dsa/dsa_shared_secret.o ltc/pk/dsa/dsa_sign_hash.o \ |
106 | ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ecc/ecc.o ltc/pk/ecc/ecc_ansi_x963_export.o \ | |
107 | ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o ltc/pk/ecc/ecc_encrypt_key.o \ | |
108 | ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o ltc/pk/ecc/ecc_find_curve.o \ | |
109 | ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_oid_str.o ltc/pk/ecc/ecc_get_size.o \ | |
110 | ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o ltc/pk/ecc/ecc_import_pkcs8.o \ | |
111 | ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o ltc/pk/ecc/ecc_recover_key.o \ | |
112 | ltc/pk/ecc/ecc_set_curve.o ltc/pk/ecc/ecc_set_curve_internal.o ltc/pk/ecc/ecc_set_key.o \ | |
113 | ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o \ | |
114 | ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.o ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ltc_ecc_export_point.o \ | |
115 | ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o \ | |
116 | ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o ltc/pk/ecc/ltc_ecc_mulmod.o \ | |
117 | ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o ltc/pk/ecc/ltc_ecc_projective_add_point.o \ | |
118 | ltc/pk/ecc/ltc_ecc_projective_dbl_point.o ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/pkcs1/pkcs_1_i2osp.o \ | |
119 | ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o ltc/pk/pkcs1/pkcs_1_oaep_encode.o \ | |
120 | ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o ltc/pk/pkcs1/pkcs_1_pss_encode.o \ | |
121 | ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o ltc/pk/rsa/rsa_decrypt_key.o \ | |
122 | ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o \ | |
123 | ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o \ | |
124 | ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \ | |
125 | ltc/pk/rsa/rsa_verify_hash.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \ | |
106 | ltc/pk/dsa/dsa_verify_hash.o ltc/pk/dsa/dsa_verify_key.o ltc/pk/ec25519/ec25519_export.o \ | |
107 | ltc/pk/ec25519/ec25519_import_pkcs8.o ltc/pk/ec25519/tweetnacl.o ltc/pk/ecc/ecc.o \ | |
108 | ltc/pk/ecc/ecc_ansi_x963_export.o ltc/pk/ecc/ecc_ansi_x963_import.o ltc/pk/ecc/ecc_decrypt_key.o \ | |
109 | ltc/pk/ecc/ecc_encrypt_key.o ltc/pk/ecc/ecc_export.o ltc/pk/ecc/ecc_export_openssl.o \ | |
110 | ltc/pk/ecc/ecc_find_curve.o ltc/pk/ecc/ecc_free.o ltc/pk/ecc/ecc_get_key.o ltc/pk/ecc/ecc_get_oid_str.o \ | |
111 | ltc/pk/ecc/ecc_get_size.o ltc/pk/ecc/ecc_import.o ltc/pk/ecc/ecc_import_openssl.o \ | |
112 | ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_x509.o ltc/pk/ecc/ecc_make_key.o \ | |
113 | ltc/pk/ecc/ecc_recover_key.o ltc/pk/ecc/ecc_set_curve.o ltc/pk/ecc/ecc_set_curve_internal.o \ | |
114 | ltc/pk/ecc/ecc_set_key.o ltc/pk/ecc/ecc_shared_secret.o ltc/pk/ecc/ecc_sign_hash.o \ | |
115 | ltc/pk/ecc/ecc_sizes.o ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.o ltc/pk/ecc/ecc_verify_hash.o \ | |
116 | ltc/pk/ecc/ltc_ecc_export_point.o ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o \ | |
117 | ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o \ | |
118 | ltc/pk/ecc/ltc_ecc_mulmod.o ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o \ | |
119 | ltc/pk/ecc/ltc_ecc_projective_add_point.o ltc/pk/ecc/ltc_ecc_projective_dbl_point.o \ | |
120 | ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/ed25519/ed25519_export.o ltc/pk/ed25519/ed25519_import.o \ | |
121 | ltc/pk/ed25519/ed25519_import_pkcs8.o ltc/pk/ed25519/ed25519_import_x509.o ltc/pk/ed25519/ed25519_make_key.o \ | |
122 | ltc/pk/ed25519/ed25519_set_key.o ltc/pk/ed25519/ed25519_sign.o ltc/pk/ed25519/ed25519_verify.o \ | |
123 | ltc/pk/pkcs1/pkcs_1_i2osp.o ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o \ | |
124 | ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o \ | |
125 | ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o \ | |
126 | ltc/pk/rsa/rsa_decrypt_key.o ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o \ | |
127 | ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o \ | |
128 | ltc/pk/rsa/rsa_import_x509.o ltc/pk/rsa/rsa_key.o ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o \ | |
129 | ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o ltc/pk/rsa/rsa_verify_hash.o \ | |
130 | ltc/pk/x25519/x25519_export.o ltc/pk/x25519/x25519_import.o ltc/pk/x25519/x25519_import_pkcs8.o \ | |
131 | ltc/pk/x25519/x25519_import_x509.o ltc/pk/x25519/x25519_make_key.o ltc/pk/x25519/x25519_set_key.o \ | |
132 | ltc/pk/x25519/x25519_shared_secret.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \ | |
126 | 133 | ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o ltc/prngs/sober128.o ltc/prngs/sprng.o \ |
127 | 134 | ltc/prngs/yarrow.o ltc/stream/chacha/chacha_crypt.o ltc/stream/chacha/chacha_done.o \ |
128 | 135 | ltc/stream/chacha/chacha_ivctr32.o ltc/stream/chacha/chacha_ivctr64.o ltc/stream/chacha/chacha_keystream.o \ |
1 | 1 | ltc/ciphers/des.obj ltc/ciphers/idea.obj ltc/ciphers/kasumi.obj ltc/ciphers/khazad.obj \ |
2 | 2 | ltc/ciphers/kseed.obj ltc/ciphers/multi2.obj ltc/ciphers/noekeon.obj ltc/ciphers/rc2.obj \ |
3 | 3 | ltc/ciphers/rc5.obj ltc/ciphers/rc6.obj ltc/ciphers/serpent.obj ltc/ciphers/skipjack.obj \ |
4 | ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj ltc/ciphers/safer/saferp.obj \ | |
5 | ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj ltc/encauth/ccm/ccm_add_nonce.obj \ | |
6 | ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj ltc/encauth/ccm/ccm_memory.obj \ | |
7 | ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj \ | |
8 | ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj ltc/encauth/chachapoly/chacha20poly1305_done.obj \ | |
9 | ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj ltc/encauth/chachapoly/chacha20poly1305_init.obj \ | |
10 | ltc/encauth/chachapoly/chacha20poly1305_memory.obj ltc/encauth/chachapoly/chacha20poly1305_setiv.obj \ | |
11 | ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj ltc/encauth/eax/eax_addheader.obj \ | |
12 | ltc/encauth/eax/eax_decrypt.obj ltc/encauth/eax/eax_decrypt_verify_memory.obj ltc/encauth/eax/eax_done.obj \ | |
13 | ltc/encauth/eax/eax_encrypt.obj ltc/encauth/eax/eax_encrypt_authenticate_memory.obj \ | |
4 | ltc/ciphers/tea.obj ltc/ciphers/xtea.obj ltc/ciphers/aes/aes.obj ltc/ciphers/safer/safer.obj \ | |
5 | ltc/ciphers/safer/saferp.obj ltc/ciphers/twofish/twofish.obj ltc/encauth/ccm/ccm_add_aad.obj \ | |
6 | ltc/encauth/ccm/ccm_add_nonce.obj ltc/encauth/ccm/ccm_done.obj ltc/encauth/ccm/ccm_init.obj \ | |
7 | ltc/encauth/ccm/ccm_memory.obj ltc/encauth/ccm/ccm_process.obj ltc/encauth/ccm/ccm_reset.obj \ | |
8 | ltc/encauth/chachapoly/chacha20poly1305_add_aad.obj ltc/encauth/chachapoly/chacha20poly1305_decrypt.obj \ | |
9 | ltc/encauth/chachapoly/chacha20poly1305_done.obj ltc/encauth/chachapoly/chacha20poly1305_encrypt.obj \ | |
10 | ltc/encauth/chachapoly/chacha20poly1305_init.obj ltc/encauth/chachapoly/chacha20poly1305_memory.obj \ | |
11 | ltc/encauth/chachapoly/chacha20poly1305_setiv.obj ltc/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj \ | |
12 | ltc/encauth/eax/eax_addheader.obj ltc/encauth/eax/eax_decrypt.obj ltc/encauth/eax/eax_decrypt_verify_memory.obj \ | |
13 | ltc/encauth/eax/eax_done.obj ltc/encauth/eax/eax_encrypt.obj ltc/encauth/eax/eax_encrypt_authenticate_memory.obj \ | |
14 | 14 | ltc/encauth/eax/eax_init.obj ltc/encauth/gcm/gcm_add_aad.obj ltc/encauth/gcm/gcm_add_iv.obj \ |
15 | 15 | ltc/encauth/gcm/gcm_done.obj ltc/encauth/gcm/gcm_gf_mult.obj ltc/encauth/gcm/gcm_init.obj \ |
16 | 16 | ltc/encauth/gcm/gcm_memory.obj ltc/encauth/gcm/gcm_mult_h.obj ltc/encauth/gcm/gcm_process.obj \ |
46 | 46 | ltc/misc/crc32.obj ltc/misc/error_to_string.obj ltc/misc/mem_neq.obj ltc/misc/zeromem.obj \ |
47 | 47 | ltc/misc/base16/base16_decode.obj ltc/misc/base16/base16_encode.obj ltc/misc/base32/base32_decode.obj \ |
48 | 48 | ltc/misc/base32/base32_encode.obj ltc/misc/base64/base64_decode.obj ltc/misc/base64/base64_encode.obj \ |
49 | ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj ltc/misc/crypt/crypt_cipher_descriptor.obj \ | |
50 | ltc/misc/crypt/crypt_cipher_is_valid.obj ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj \ | |
51 | ltc/misc/crypt/crypt_find_cipher_any.obj ltc/misc/crypt/crypt_find_cipher_id.obj \ | |
52 | ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj ltc/misc/crypt/crypt_find_hash_id.obj \ | |
53 | ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj ltc/misc/crypt/crypt_fsa.obj \ | |
54 | ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj ltc/misc/crypt/crypt_inits.obj \ | |
55 | ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \ | |
49 | ltc/misc/bcrypt/bcrypt.obj ltc/misc/crypt/crypt.obj ltc/misc/crypt/crypt_argchk.obj \ | |
50 | ltc/misc/crypt/crypt_cipher_descriptor.obj ltc/misc/crypt/crypt_cipher_is_valid.obj \ | |
51 | ltc/misc/crypt/crypt_constants.obj ltc/misc/crypt/crypt_find_cipher.obj ltc/misc/crypt/crypt_find_cipher_any.obj \ | |
52 | ltc/misc/crypt/crypt_find_cipher_id.obj ltc/misc/crypt/crypt_find_hash.obj ltc/misc/crypt/crypt_find_hash_any.obj \ | |
53 | ltc/misc/crypt/crypt_find_hash_id.obj ltc/misc/crypt/crypt_find_hash_oid.obj ltc/misc/crypt/crypt_find_prng.obj \ | |
54 | ltc/misc/crypt/crypt_fsa.obj ltc/misc/crypt/crypt_hash_descriptor.obj ltc/misc/crypt/crypt_hash_is_valid.obj \ | |
55 | ltc/misc/crypt/crypt_inits.obj ltc/misc/crypt/crypt_ltc_mp_descriptor.obj ltc/misc/crypt/crypt_prng_descriptor.obj \ | |
56 | 56 | ltc/misc/crypt/crypt_prng_is_valid.obj ltc/misc/crypt/crypt_prng_rng_descriptor.obj \ |
57 | 57 | ltc/misc/crypt/crypt_register_all_ciphers.obj ltc/misc/crypt/crypt_register_all_hashes.obj \ |
58 | 58 | ltc/misc/crypt/crypt_register_all_prngs.obj ltc/misc/crypt/crypt_register_cipher.obj \ |
110 | 110 | ltc/pk/dsa/dsa_generate_key.obj ltc/pk/dsa/dsa_generate_pqg.obj ltc/pk/dsa/dsa_import.obj \ |
111 | 111 | ltc/pk/dsa/dsa_make_key.obj ltc/pk/dsa/dsa_set.obj ltc/pk/dsa/dsa_set_pqg_dsaparam.obj \ |
112 | 112 | ltc/pk/dsa/dsa_shared_secret.obj ltc/pk/dsa/dsa_sign_hash.obj ltc/pk/dsa/dsa_verify_hash.obj \ |
113 | ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \ | |
113 | ltc/pk/dsa/dsa_verify_key.obj ltc/pk/ec25519/ec25519_export.obj ltc/pk/ec25519/ec25519_import_pkcs8.obj \ | |
114 | ltc/pk/ec25519/tweetnacl.obj ltc/pk/ecc/ecc.obj ltc/pk/ecc/ecc_ansi_x963_export.obj \ | |
114 | 115 | ltc/pk/ecc/ecc_ansi_x963_import.obj ltc/pk/ecc/ecc_decrypt_key.obj ltc/pk/ecc/ecc_encrypt_key.obj \ |
115 | 116 | ltc/pk/ecc/ecc_export.obj ltc/pk/ecc/ecc_export_openssl.obj ltc/pk/ecc/ecc_find_curve.obj \ |
116 | 117 | ltc/pk/ecc/ecc_free.obj ltc/pk/ecc/ecc_get_key.obj ltc/pk/ecc/ecc_get_oid_str.obj \ |
123 | 124 | ltc/pk/ecc/ltc_ecc_is_point_at_infinity.obj ltc/pk/ecc/ltc_ecc_map.obj ltc/pk/ecc/ltc_ecc_mul2add.obj \ |
124 | 125 | ltc/pk/ecc/ltc_ecc_mulmod.obj ltc/pk/ecc/ltc_ecc_mulmod_timing.obj ltc/pk/ecc/ltc_ecc_points.obj \ |
125 | 126 | ltc/pk/ecc/ltc_ecc_projective_add_point.obj ltc/pk/ecc/ltc_ecc_projective_dbl_point.obj \ |
126 | ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj \ | |
127 | ltc/pk/pkcs1/pkcs_1_oaep_decode.obj ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj \ | |
128 | ltc/pk/pkcs1/pkcs_1_pss_decode.obj ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj \ | |
129 | ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj \ | |
130 | ltc/pk/rsa/rsa_export.obj ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj \ | |
131 | ltc/pk/rsa/rsa_import.obj ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj \ | |
127 | ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/ed25519/ed25519_export.obj ltc/pk/ed25519/ed25519_import.obj \ | |
128 | ltc/pk/ed25519/ed25519_import_pkcs8.obj ltc/pk/ed25519/ed25519_import_x509.obj ltc/pk/ed25519/ed25519_make_key.obj \ | |
129 | ltc/pk/ed25519/ed25519_set_key.obj ltc/pk/ed25519/ed25519_sign.obj ltc/pk/ed25519/ed25519_verify.obj \ | |
130 | ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj ltc/pk/pkcs1/pkcs_1_oaep_decode.obj \ | |
131 | ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj ltc/pk/pkcs1/pkcs_1_pss_decode.obj \ | |
132 | ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj \ | |
133 | ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj ltc/pk/rsa/rsa_export.obj \ | |
134 | ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj \ | |
135 | ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_key.obj \ | |
132 | 136 | ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \ |
133 | ltc/pk/rsa/rsa_verify_hash.obj ltc/prngs/chacha20.obj ltc/prngs/fortuna.obj ltc/prngs/rc4.obj \ | |
134 | ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj ltc/prngs/sober128.obj ltc/prngs/sprng.obj \ | |
135 | ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj ltc/stream/chacha/chacha_done.obj \ | |
136 | ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj ltc/stream/chacha/chacha_keystream.obj \ | |
137 | ltc/stream/chacha/chacha_memory.obj ltc/stream/chacha/chacha_setup.obj ltc/stream/rabbit/rabbit.obj \ | |
138 | ltc/stream/rabbit/rabbit_memory.obj ltc/stream/rc4/rc4_stream.obj ltc/stream/rc4/rc4_stream_memory.obj \ | |
139 | ltc/stream/salsa20/salsa20_crypt.obj ltc/stream/salsa20/salsa20_done.obj ltc/stream/salsa20/salsa20_ivctr64.obj \ | |
140 | ltc/stream/salsa20/salsa20_keystream.obj ltc/stream/salsa20/salsa20_memory.obj ltc/stream/salsa20/salsa20_setup.obj \ | |
141 | ltc/stream/salsa20/xsalsa20_memory.obj ltc/stream/salsa20/xsalsa20_setup.obj ltc/stream/sober128/sober128_stream.obj \ | |
142 | ltc/stream/sober128/sober128_stream_memory.obj ltc/stream/sosemanuk/sosemanuk.obj \ | |
143 | ltc/stream/sosemanuk/sosemanuk_memory.obj ltm/bncore.obj ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj \ | |
144 | ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj ltm/bn_fast_s_mp_mul_high_digs.obj \ | |
145 | ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj ltm/bn_mp_add.obj \ | |
146 | ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj ltm/bn_mp_clear.obj \ | |
147 | ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj ltm/bn_mp_cmp_mag.obj \ | |
148 | ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_complement.obj ltm/bn_mp_copy.obj ltm/bn_mp_count_bits.obj \ | |
149 | ltm/bn_mp_div.obj ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj \ | |
150 | ltm/bn_mp_dr_is_modulus.obj ltm/bn_mp_dr_reduce.obj ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj \ | |
151 | ltm/bn_mp_export.obj ltm/bn_mp_exptmod.obj ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj \ | |
152 | ltm/bn_mp_expt_d_ex.obj ltm/bn_mp_exteuclid.obj ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj \ | |
153 | ltm/bn_mp_gcd.obj ltm/bn_mp_get_bit.obj ltm/bn_mp_get_int.obj ltm/bn_mp_get_long.obj \ | |
154 | ltm/bn_mp_grow.obj ltm/bn_mp_import.obj ltm/bn_mp_init.obj ltm/bn_mp_init_copy.obj \ | |
155 | ltm/bn_mp_init_multi.obj ltm/bn_mp_init_set.obj ltm/bn_mp_init_set_int.obj ltm/bn_mp_init_size.obj \ | |
156 | ltm/bn_mp_invmod.obj ltm/bn_mp_invmod_slow.obj ltm/bn_mp_is_square.obj ltm/bn_mp_jacobi.obj \ | |
157 | ltm/bn_mp_karatsuba_mul.obj ltm/bn_mp_karatsuba_sqr.obj ltm/bn_mp_kronecker.obj ltm/bn_mp_lcm.obj \ | |
158 | ltm/bn_mp_lshd.obj ltm/bn_mp_mod.obj ltm/bn_mp_mod_2d.obj ltm/bn_mp_mod_d.obj ltm/bn_mp_montgomery_calc_normalization.obj \ | |
159 | ltm/bn_mp_montgomery_reduce.obj ltm/bn_mp_montgomery_setup.obj ltm/bn_mp_mul.obj \ | |
160 | ltm/bn_mp_mulmod.obj ltm/bn_mp_mul_2.obj ltm/bn_mp_mul_2d.obj ltm/bn_mp_mul_d.obj \ | |
161 | ltm/bn_mp_neg.obj ltm/bn_mp_n_root.obj ltm/bn_mp_n_root_ex.obj ltm/bn_mp_or.obj ltm/bn_mp_prime_fermat.obj \ | |
162 | ltm/bn_mp_prime_frobenius_underwood.obj ltm/bn_mp_prime_is_divisible.obj ltm/bn_mp_prime_is_prime.obj \ | |
163 | ltm/bn_mp_prime_miller_rabin.obj ltm/bn_mp_prime_next_prime.obj ltm/bn_mp_prime_rabin_miller_trials.obj \ | |
164 | ltm/bn_mp_prime_random_ex.obj ltm/bn_mp_prime_strong_lucas_selfridge.obj ltm/bn_mp_radix_size.obj \ | |
165 | ltm/bn_mp_radix_smap.obj ltm/bn_mp_rand.obj ltm/bn_mp_read_radix.obj ltm/bn_mp_read_signed_bin.obj \ | |
166 | ltm/bn_mp_read_unsigned_bin.obj ltm/bn_mp_reduce.obj ltm/bn_mp_reduce_2k.obj ltm/bn_mp_reduce_2k_l.obj \ | |
167 | ltm/bn_mp_reduce_2k_setup.obj ltm/bn_mp_reduce_2k_setup_l.obj ltm/bn_mp_reduce_is_2k.obj \ | |
168 | ltm/bn_mp_reduce_is_2k_l.obj ltm/bn_mp_reduce_setup.obj ltm/bn_mp_rshd.obj ltm/bn_mp_set.obj \ | |
169 | ltm/bn_mp_set_int.obj ltm/bn_mp_set_long.obj ltm/bn_mp_shrink.obj ltm/bn_mp_signed_bin_size.obj \ | |
170 | ltm/bn_mp_sqr.obj ltm/bn_mp_sqrmod.obj ltm/bn_mp_sqrt.obj ltm/bn_mp_sqrtmod_prime.obj \ | |
171 | ltm/bn_mp_sub.obj ltm/bn_mp_submod.obj ltm/bn_mp_sub_d.obj ltm/bn_mp_tc_and.obj ltm/bn_mp_tc_div_2d.obj \ | |
137 | ltc/pk/rsa/rsa_verify_hash.obj ltc/pk/x25519/x25519_export.obj ltc/pk/x25519/x25519_import.obj \ | |
138 | ltc/pk/x25519/x25519_import_pkcs8.obj ltc/pk/x25519/x25519_import_x509.obj ltc/pk/x25519/x25519_make_key.obj \ | |
139 | ltc/pk/x25519/x25519_set_key.obj ltc/pk/x25519/x25519_shared_secret.obj ltc/prngs/chacha20.obj \ | |
140 | ltc/prngs/fortuna.obj ltc/prngs/rc4.obj ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj \ | |
141 | ltc/prngs/sober128.obj ltc/prngs/sprng.obj ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj \ | |
142 | ltc/stream/chacha/chacha_done.obj ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj \ | |
143 | ltc/stream/chacha/chacha_keystream.obj ltc/stream/chacha/chacha_memory.obj ltc/stream/chacha/chacha_setup.obj \ | |
144 | ltc/stream/rabbit/rabbit.obj ltc/stream/rabbit/rabbit_memory.obj ltc/stream/rc4/rc4_stream.obj \ | |
145 | ltc/stream/rc4/rc4_stream_memory.obj ltc/stream/salsa20/salsa20_crypt.obj ltc/stream/salsa20/salsa20_done.obj \ | |
146 | ltc/stream/salsa20/salsa20_ivctr64.obj ltc/stream/salsa20/salsa20_keystream.obj ltc/stream/salsa20/salsa20_memory.obj \ | |
147 | ltc/stream/salsa20/salsa20_setup.obj ltc/stream/salsa20/xsalsa20_memory.obj ltc/stream/salsa20/xsalsa20_setup.obj \ | |
148 | ltc/stream/sober128/sober128_stream.obj ltc/stream/sober128/sober128_stream_memory.obj \ | |
149 | ltc/stream/sosemanuk/sosemanuk.obj ltc/stream/sosemanuk/sosemanuk_memory.obj ltm/bncore.obj \ | |
150 | ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj \ | |
151 | ltm/bn_fast_s_mp_mul_high_digs.obj ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj \ | |
152 | ltm/bn_mp_add.obj ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj \ | |
153 | ltm/bn_mp_clear.obj ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj \ | |
154 | ltm/bn_mp_cmp_mag.obj ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_complement.obj ltm/bn_mp_copy.obj \ | |
155 | ltm/bn_mp_count_bits.obj ltm/bn_mp_div.obj ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj \ | |
156 | ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj ltm/bn_mp_dr_is_modulus.obj ltm/bn_mp_dr_reduce.obj \ | |
157 | ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj ltm/bn_mp_export.obj ltm/bn_mp_exptmod.obj \ | |
158 | ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj ltm/bn_mp_expt_d_ex.obj ltm/bn_mp_exteuclid.obj \ | |
159 | ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj ltm/bn_mp_gcd.obj ltm/bn_mp_get_bit.obj \ | |
160 | ltm/bn_mp_get_int.obj ltm/bn_mp_get_long.obj ltm/bn_mp_grow.obj ltm/bn_mp_import.obj \ | |
161 | ltm/bn_mp_init.obj ltm/bn_mp_init_copy.obj ltm/bn_mp_init_multi.obj ltm/bn_mp_init_set.obj \ | |
162 | ltm/bn_mp_init_set_int.obj ltm/bn_mp_init_size.obj ltm/bn_mp_invmod.obj ltm/bn_mp_invmod_slow.obj \ | |
163 | ltm/bn_mp_is_square.obj ltm/bn_mp_jacobi.obj ltm/bn_mp_karatsuba_mul.obj ltm/bn_mp_karatsuba_sqr.obj \ | |
164 | ltm/bn_mp_kronecker.obj ltm/bn_mp_lcm.obj ltm/bn_mp_lshd.obj ltm/bn_mp_mod.obj ltm/bn_mp_mod_2d.obj \ | |
165 | ltm/bn_mp_mod_d.obj ltm/bn_mp_montgomery_calc_normalization.obj ltm/bn_mp_montgomery_reduce.obj \ | |
166 | ltm/bn_mp_montgomery_setup.obj ltm/bn_mp_mul.obj ltm/bn_mp_mulmod.obj ltm/bn_mp_mul_2.obj \ | |
167 | ltm/bn_mp_mul_2d.obj ltm/bn_mp_mul_d.obj ltm/bn_mp_neg.obj ltm/bn_mp_n_root.obj ltm/bn_mp_n_root_ex.obj \ | |
168 | ltm/bn_mp_or.obj ltm/bn_mp_prime_fermat.obj ltm/bn_mp_prime_frobenius_underwood.obj \ | |
169 | ltm/bn_mp_prime_is_divisible.obj ltm/bn_mp_prime_is_prime.obj ltm/bn_mp_prime_miller_rabin.obj \ | |
170 | ltm/bn_mp_prime_next_prime.obj ltm/bn_mp_prime_rabin_miller_trials.obj ltm/bn_mp_prime_random_ex.obj \ | |
171 | ltm/bn_mp_prime_strong_lucas_selfridge.obj ltm/bn_mp_radix_size.obj ltm/bn_mp_radix_smap.obj \ | |
172 | ltm/bn_mp_rand.obj ltm/bn_mp_read_radix.obj ltm/bn_mp_read_signed_bin.obj ltm/bn_mp_read_unsigned_bin.obj \ | |
173 | ltm/bn_mp_reduce.obj ltm/bn_mp_reduce_2k.obj ltm/bn_mp_reduce_2k_l.obj ltm/bn_mp_reduce_2k_setup.obj \ | |
174 | ltm/bn_mp_reduce_2k_setup_l.obj ltm/bn_mp_reduce_is_2k.obj ltm/bn_mp_reduce_is_2k_l.obj \ | |
175 | ltm/bn_mp_reduce_setup.obj ltm/bn_mp_rshd.obj ltm/bn_mp_set.obj ltm/bn_mp_set_int.obj \ | |
176 | ltm/bn_mp_set_long.obj ltm/bn_mp_shrink.obj ltm/bn_mp_signed_bin_size.obj ltm/bn_mp_sqr.obj \ | |
177 | ltm/bn_mp_sqrmod.obj ltm/bn_mp_sqrt.obj ltm/bn_mp_sqrtmod_prime.obj ltm/bn_mp_sub.obj \ | |
178 | ltm/bn_mp_submod.obj ltm/bn_mp_sub_d.obj ltm/bn_mp_tc_and.obj ltm/bn_mp_tc_div_2d.obj \ | |
172 | 179 | ltm/bn_mp_tc_or.obj ltm/bn_mp_tc_xor.obj ltm/bn_mp_toom_mul.obj ltm/bn_mp_toom_sqr.obj \ |
173 | 180 | ltm/bn_mp_toradix.obj ltm/bn_mp_toradix_n.obj ltm/bn_mp_to_signed_bin.obj ltm/bn_mp_to_signed_bin_n.obj \ |
174 | 181 | ltm/bn_mp_to_unsigned_bin.obj ltm/bn_mp_to_unsigned_bin_n.obj ltm/bn_mp_unsigned_bin_size.obj \ |
294 | 294 | LTC_ARGCHK(skey != NULL); |
295 | 295 | |
296 | 296 | Nr = skey->rijndael.Nr; |
297 | ||
298 | if (Nr < 2 || Nr > 16) | |
299 | return CRYPT_INVALID_ROUNDS; | |
300 | ||
297 | 301 | rk = skey->rijndael.eK; |
298 | 302 | |
299 | 303 | /* |
474 | 478 | LTC_ARGCHK(skey != NULL); |
475 | 479 | |
476 | 480 | Nr = skey->rijndael.Nr; |
481 | ||
482 | if (Nr < 2 || Nr > 16) | |
483 | return CRYPT_INVALID_ROUNDS; | |
484 | ||
477 | 485 | rk = skey->rijndael.dK; |
478 | 486 | |
479 | 487 | /* |
1130 | 1130 | LTC_ARGCHK(pt != NULL); |
1131 | 1131 | LTC_ARGCHK(ct != NULL); |
1132 | 1132 | LTC_ARGCHK(skey != NULL); |
1133 | ||
1134 | if (skey->anubis.R < 12 || skey->anubis.R > 18) { | |
1135 | return CRYPT_INVALID_ROUNDS; | |
1136 | } | |
1137 | ||
1133 | 1138 | anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R); |
1134 | 1139 | return CRYPT_OK; |
1135 | 1140 | } |
1146 | 1151 | LTC_ARGCHK(pt != NULL); |
1147 | 1152 | LTC_ARGCHK(ct != NULL); |
1148 | 1153 | LTC_ARGCHK(skey != NULL); |
1154 | ||
1155 | if (skey->anubis.R < 12 || skey->anubis.R > 18) { | |
1156 | return CRYPT_INVALID_ROUNDS; | |
1157 | } | |
1158 | ||
1149 | 1159 | anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R); |
1150 | 1160 | return CRYPT_OK; |
1151 | 1161 | } |
294 | 294 | 0xB74E6132UL, 0xCE77E25BUL, 0x578FDFE3UL, 0x3AC372E6UL } |
295 | 295 | }; |
296 | 296 | |
297 | #ifndef __GNUC__ | |
298 | #define F(x) ((S1[LTC_BYTE(x,3)] + S2[LTC_BYTE(x,2)]) ^ S3[LTC_BYTE(x,1)]) + S4[LTC_BYTE(x,0)] | |
299 | #else | |
300 | #define F(x) ((skey->blowfish.S[0][LTC_BYTE(x,3)] + skey->blowfish.S[1][LTC_BYTE(x,2)]) ^ skey->blowfish.S[2][LTC_BYTE(x,1)]) + skey->blowfish.S[3][LTC_BYTE(x,0)] | |
301 | #endif | |
302 | ||
303 | static void s_blowfish_encipher(ulong32 *L, ulong32 *R, const symmetric_key *skey) | |
304 | { | |
305 | int rounds; | |
306 | ||
307 | ulong32 l, r; | |
308 | #ifndef __GNUC__ | |
309 | const ulong32 *S1, *S2, *S3, *S4; | |
310 | ||
311 | S1 = skey->blowfish.S[0]; | |
312 | S2 = skey->blowfish.S[1]; | |
313 | S3 = skey->blowfish.S[2]; | |
314 | S4 = skey->blowfish.S[3]; | |
315 | #endif | |
316 | ||
317 | l = *L; | |
318 | r = *R; | |
319 | ||
320 | /* do 16 rounds */ | |
321 | for (rounds = 0; rounds < 16; ) { | |
322 | l ^= skey->blowfish.K[rounds++]; r ^= F(l); | |
323 | r ^= skey->blowfish.K[rounds++]; l ^= F(r); | |
324 | l ^= skey->blowfish.K[rounds++]; r ^= F(l); | |
325 | r ^= skey->blowfish.K[rounds++]; l ^= F(r); | |
326 | } | |
327 | ||
328 | /* last keying */ | |
329 | l ^= skey->blowfish.K[16]; | |
330 | r ^= skey->blowfish.K[17]; | |
331 | ||
332 | *L = r; | |
333 | *R = l; | |
334 | } | |
335 | ||
336 | void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey) | |
337 | { | |
338 | unsigned long i; | |
339 | ulong32 *d = data; | |
340 | ||
341 | for (i = 0; i < blocks; ++i) { | |
342 | s_blowfish_encipher(d, d + 1, skey); | |
343 | d += 2; | |
344 | } | |
345 | } | |
346 | ||
347 | static ulong32 s_blowfish_stream2word(const unsigned char *d, int dlen, int *cur) | |
348 | { | |
349 | unsigned int z; | |
350 | int y = *cur; | |
351 | ulong32 ret = 0; | |
352 | ||
353 | for (z = 0; z < 4; z++) { | |
354 | ret = (ret << 8) | ((ulong32)d[y++] & 255); | |
355 | if (y == dlen) { | |
356 | y = 0; | |
357 | } | |
358 | } | |
359 | ||
360 | *cur = y; | |
361 | return ret; | |
362 | } | |
363 | ||
297 | 364 | /** |
298 | Initialize the Blowfish block cipher | |
365 | Expand the Blowfish internal state | |
299 | 366 | @param key The symmetric key you wish to pass |
300 | 367 | @param keylen The key length in bytes |
368 | @param data The additional data you wish to pass (can be NULL) | |
369 | @param datalen The additional data length in bytes | |
301 | 370 | @param num_rounds The number of rounds desired (0 for default) |
302 | 371 | @param skey The key in as scheduled by this function. |
303 | 372 | @return CRYPT_OK if successful |
304 | 373 | */ |
305 | int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, | |
306 | symmetric_key *skey) | |
307 | { | |
308 | ulong32 x, y, z, A; | |
309 | unsigned char B[8]; | |
374 | int blowfish_expand(const unsigned char *key, int keylen, | |
375 | const unsigned char *data, int datalen, | |
376 | symmetric_key *skey) | |
377 | { | |
378 | ulong32 x, y, A, B[2]; | |
379 | int i; | |
310 | 380 | |
311 | 381 | LTC_ARGCHK(key != NULL); |
312 | 382 | LTC_ARGCHK(skey != NULL); |
313 | 383 | |
384 | /* load in key bytes (Supplied by David Hopwood) */ | |
385 | i = 0; | |
386 | for (x = 0; x < 18; x++) { | |
387 | A = s_blowfish_stream2word(key, keylen, &i); | |
388 | skey->blowfish.K[x] ^= A; | |
389 | } | |
390 | ||
391 | ||
392 | i = 0; | |
393 | B[0] = 0; | |
394 | B[1] = 0; | |
395 | for (x = 0; x < 18; x += 2) { | |
396 | if (data != NULL) { | |
397 | B[0] ^= s_blowfish_stream2word(data, datalen, &i); | |
398 | B[1] ^= s_blowfish_stream2word(data, datalen, &i); | |
399 | } | |
400 | /* encrypt it */ | |
401 | s_blowfish_encipher(&B[0], &B[1], skey); | |
402 | /* copy it */ | |
403 | skey->blowfish.K[x] = B[0]; | |
404 | skey->blowfish.K[x+1] = B[1]; | |
405 | } | |
406 | ||
407 | /* encrypt S array */ | |
408 | for (x = 0; x < 4; x++) { | |
409 | for (y = 0; y < 256; y += 2) { | |
410 | if (data != NULL) { | |
411 | B[0] ^= s_blowfish_stream2word(data, datalen, &i); | |
412 | B[1] ^= s_blowfish_stream2word(data, datalen, &i); | |
413 | } | |
414 | /* encrypt it */ | |
415 | s_blowfish_encipher(&B[0], &B[1], skey); | |
416 | /* copy it */ | |
417 | skey->blowfish.S[x][y] = B[0]; | |
418 | skey->blowfish.S[x][y+1] = B[1]; | |
419 | } | |
420 | } | |
421 | ||
422 | #ifdef LTC_CLEAN_STACK | |
423 | zeromem(B, sizeof(B)); | |
424 | #endif | |
425 | ||
426 | return CRYPT_OK; | |
427 | } | |
428 | ||
429 | /** | |
430 | Initialize the Blowfish block cipher | |
431 | @param key The symmetric key you wish to pass | |
432 | @param keylen The key length in bytes | |
433 | @param num_rounds The number of rounds desired (0 for default) | |
434 | @param skey The key in as scheduled by this function. | |
435 | @return CRYPT_OK if successful | |
436 | */ | |
437 | int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, | |
438 | symmetric_key *skey) | |
439 | { | |
314 | 440 | /* check key length */ |
315 | 441 | if (keylen < 8 || keylen > 56) { |
316 | 442 | return CRYPT_INVALID_KEYSIZE; |
317 | 443 | } |
318 | ||
319 | 444 | /* check rounds */ |
320 | 445 | if (num_rounds != 0 && num_rounds != 16) { |
321 | 446 | return CRYPT_INVALID_ROUNDS; |
322 | 447 | } |
323 | 448 | |
324 | /* load in key bytes (Supplied by David Hopwood) */ | |
325 | for (x = y = 0; x < 18; x++) { | |
326 | A = 0; | |
327 | for (z = 0; z < 4; z++) { | |
328 | A = (A << 8) | ((ulong32)key[y++] & 255); | |
329 | if (y == (ulong32)keylen) { | |
330 | y = 0; | |
331 | } | |
332 | } | |
333 | skey->blowfish.K[x] = ORIG_P[x] ^ A; | |
334 | } | |
335 | ||
336 | /* copy sboxes */ | |
337 | for (x = 0; x < 4; x++) { | |
338 | for (y = 0; y < 256; y++) { | |
339 | skey->blowfish.S[x][y] = ORIG_S[x][y]; | |
340 | } | |
341 | } | |
342 | ||
343 | /* encrypt K array */ | |
344 | for (x = 0; x < 8; x++) { | |
345 | B[x] = 0; | |
346 | } | |
347 | ||
348 | for (x = 0; x < 18; x += 2) { | |
349 | /* encrypt it */ | |
350 | blowfish_ecb_encrypt(B, B, skey); | |
351 | /* copy it */ | |
352 | LOAD32H(skey->blowfish.K[x], &B[0]); | |
353 | LOAD32H(skey->blowfish.K[x+1], &B[4]); | |
354 | } | |
355 | ||
356 | /* encrypt S array */ | |
357 | for (x = 0; x < 4; x++) { | |
358 | for (y = 0; y < 256; y += 2) { | |
359 | /* encrypt it */ | |
360 | blowfish_ecb_encrypt(B, B, skey); | |
361 | /* copy it */ | |
362 | LOAD32H(skey->blowfish.S[x][y], &B[0]); | |
363 | LOAD32H(skey->blowfish.S[x][y+1], &B[4]); | |
364 | } | |
365 | } | |
366 | ||
367 | #ifdef LTC_CLEAN_STACK | |
368 | zeromem(B, sizeof(B)); | |
369 | #endif | |
370 | ||
371 | return CRYPT_OK; | |
372 | } | |
373 | ||
374 | #ifndef __GNUC__ | |
375 | #define F(x) ((S1[LTC_BYTE(x,3)] + S2[LTC_BYTE(x,2)]) ^ S3[LTC_BYTE(x,1)]) + S4[LTC_BYTE(x,0)] | |
376 | #else | |
377 | #define F(x) ((skey->blowfish.S[0][LTC_BYTE(x,3)] + skey->blowfish.S[1][LTC_BYTE(x,2)]) ^ skey->blowfish.S[2][LTC_BYTE(x,1)]) + skey->blowfish.S[3][LTC_BYTE(x,0)] | |
378 | #endif | |
449 | return blowfish_setup_with_data(key, keylen, NULL, 0, skey); | |
450 | } | |
451 | ||
452 | /** | |
453 | Alternative initialize of the Blowfish block cipher | |
454 | @param key The symmetric key you wish to pass | |
455 | @param keylen The key length in bytes | |
456 | @param data The additional data you wish to pass (can be NULL) | |
457 | @param datalen The additional data length in bytes | |
458 | @param num_rounds The number of rounds desired (0 for default) | |
459 | @param skey The key in as scheduled by this function. | |
460 | @return CRYPT_OK if successful | |
461 | */ | |
462 | ||
463 | int blowfish_setup_with_data(const unsigned char *key, int keylen, | |
464 | const unsigned char *data, int datalen, | |
465 | symmetric_key *skey) | |
466 | { | |
467 | XMEMCPY(skey->blowfish.K, ORIG_P, sizeof(ORIG_P)); | |
468 | XMEMCPY(skey->blowfish.S, ORIG_S, sizeof(ORIG_S)); | |
469 | return blowfish_expand(key, keylen, data, datalen, skey); | |
470 | } | |
379 | 471 | |
380 | 472 | /** |
381 | 473 | Encrypts a block of text with Blowfish |
391 | 483 | #endif |
392 | 484 | { |
393 | 485 | ulong32 L, R; |
394 | int r; | |
395 | #ifndef __GNUC__ | |
396 | const ulong32 *S1, *S2, *S3, *S4; | |
397 | #endif | |
398 | ||
399 | LTC_ARGCHK(pt != NULL); | |
400 | LTC_ARGCHK(ct != NULL); | |
401 | LTC_ARGCHK(skey != NULL); | |
402 | ||
403 | #ifndef __GNUC__ | |
404 | S1 = skey->blowfish.S[0]; | |
405 | S2 = skey->blowfish.S[1]; | |
406 | S3 = skey->blowfish.S[2]; | |
407 | S4 = skey->blowfish.S[3]; | |
408 | #endif | |
486 | ||
487 | LTC_ARGCHK(pt != NULL); | |
488 | LTC_ARGCHK(ct != NULL); | |
489 | LTC_ARGCHK(skey != NULL); | |
409 | 490 | |
410 | 491 | /* load it */ |
411 | 492 | LOAD32H(L, &pt[0]); |
412 | 493 | LOAD32H(R, &pt[4]); |
413 | 494 | |
414 | /* do 16 rounds */ | |
415 | for (r = 0; r < 16; ) { | |
416 | L ^= skey->blowfish.K[r++]; R ^= F(L); | |
417 | R ^= skey->blowfish.K[r++]; L ^= F(R); | |
418 | L ^= skey->blowfish.K[r++]; R ^= F(L); | |
419 | R ^= skey->blowfish.K[r++]; L ^= F(R); | |
420 | } | |
421 | ||
422 | /* last keying */ | |
423 | R ^= skey->blowfish.K[17]; | |
424 | L ^= skey->blowfish.K[16]; | |
495 | s_blowfish_encipher(&L, &R, skey); | |
425 | 496 | |
426 | 497 | /* store */ |
427 | STORE32H(R, &ct[0]); | |
428 | STORE32H(L, &ct[4]); | |
498 | STORE32H(L, &ct[0]); | |
499 | STORE32H(R, &ct[4]); | |
429 | 500 | |
430 | 501 | return CRYPT_OK; |
431 | 502 | } |
556 | 627 | for (y = 0; y < 1000; y++) blowfish_ecb_decrypt(tmp[0], tmp[0], &key); |
557 | 628 | for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; |
558 | 629 | } |
630 | ||
631 | ||
559 | 632 | return CRYPT_OK; |
560 | 633 | #endif |
561 | 634 | } |
1682 | 1682 | #ifndef LTC_TEST |
1683 | 1683 | return CRYPT_NOP; |
1684 | 1684 | #else |
1685 | int err; | |
1686 | 1685 | static const struct des_test_case { |
1687 | int num, mode; /* mode 1 = encrypt */ | |
1688 | 1686 | unsigned char key[8], txt[8], out[8]; |
1689 | 1687 | } cases[] = { |
1690 | { 1, 1, { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
1691 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1692 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 } }, | |
1693 | { 2, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1694 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 }, | |
1695 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1696 | { 3, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1697 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 }, | |
1698 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1699 | { 4, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1700 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA }, | |
1701 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1702 | { 5, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1703 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F }, | |
1704 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1705 | { 6, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1706 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 }, | |
1707 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1708 | { 7, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1709 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF }, | |
1710 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1711 | { 8, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1712 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F }, | |
1713 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1714 | { 9, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1715 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 }, | |
1716 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1717 | {10, 1, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1718 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A }, | |
1719 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1720 | ||
1721 | { 1, 0, { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
1722 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 }, | |
1723 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1724 | { 2, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1725 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1726 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 } }, | |
1727 | { 3, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1728 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1729 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 } }, | |
1730 | { 4, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1731 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1732 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA } }, | |
1733 | { 5, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1734 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1735 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F } }, | |
1736 | { 6, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1737 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1738 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 } }, | |
1739 | { 7, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1740 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1741 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF } }, | |
1742 | { 8, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1743 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1744 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F } }, | |
1745 | { 9, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1746 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1747 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 } }, | |
1748 | {10, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1749 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1750 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A } }, | |
1751 | ||
1752 | #ifdef LTC_TEST_EXT | |
1753 | { 0+11, 0, { 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1754 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1755 | { 0x95, 0xA8, 0xD7, 0x28, 0x13, 0xDA, 0xA9, 0x4D } }, | |
1756 | { 1+11, 0, { 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1757 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1758 | { 0x0E, 0xEC, 0x14, 0x87, 0xDD, 0x8C, 0x26, 0xD5 } }, | |
1759 | { 2+11, 0, { 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1760 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1761 | { 0x7A, 0xD1, 0x6F, 0xFB, 0x79, 0xC4, 0x59, 0x26 } }, | |
1762 | { 3+11, 0, { 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1763 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1764 | { 0xD3, 0x74, 0x62, 0x94, 0xCA, 0x6A, 0x6C, 0xF3 } }, | |
1765 | { 4+11, 0, { 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1766 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1767 | { 0x80, 0x9F, 0x5F, 0x87, 0x3C, 0x1F, 0xD7, 0x61 } }, | |
1768 | { 5+11, 0, { 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1769 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1770 | { 0xC0, 0x2F, 0xAF, 0xFE, 0xC9, 0x89, 0xD1, 0xFC } }, | |
1771 | { 6+11, 0, { 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1772 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1773 | { 0x46, 0x15, 0xAA, 0x1D, 0x33, 0xE7, 0x2F, 0x10 } }, | |
1774 | { 7+11, 0, { 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1775 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1776 | { 0x20, 0x55, 0x12, 0x33, 0x50, 0xC0, 0x08, 0x58 } }, | |
1777 | { 8+11, 0, { 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1778 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1779 | { 0xDF, 0x3B, 0x99, 0xD6, 0x57, 0x73, 0x97, 0xC8 } }, | |
1780 | { 9+11, 0, { 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1781 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1782 | { 0x31, 0xFE, 0x17, 0x36, 0x9B, 0x52, 0x88, 0xC9 } }, | |
1783 | {10+11, 0, { 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1784 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1785 | { 0xDF, 0xDD, 0x3C, 0xC6, 0x4D, 0xAE, 0x16, 0x42 } }, | |
1786 | {11+11, 0, { 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1787 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1788 | { 0x17, 0x8C, 0x83, 0xCE, 0x2B, 0x39, 0x9D, 0x94 } }, | |
1789 | {12+11, 0, { 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1790 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1791 | { 0x50, 0xF6, 0x36, 0x32, 0x4A, 0x9B, 0x7F, 0x80 } }, | |
1792 | {13+11, 0, { 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1793 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1794 | { 0xA8, 0x46, 0x8E, 0xE3, 0xBC, 0x18, 0xF0, 0x6D } }, | |
1795 | {14+11, 0, { 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1796 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1797 | { 0xA2, 0xDC, 0x9E, 0x92, 0xFD, 0x3C, 0xDE, 0x92 } }, | |
1798 | {15+11, 0, { 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1799 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1800 | { 0xCA, 0xC0, 0x9F, 0x79, 0x7D, 0x03, 0x12, 0x87 } }, | |
1801 | {16+11, 0, { 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1802 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1803 | { 0x90, 0xBA, 0x68, 0x0B, 0x22, 0xAE, 0xB5, 0x25 } }, | |
1804 | {17+11, 0, { 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1805 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1806 | { 0xCE, 0x7A, 0x24, 0xF3, 0x50, 0xE2, 0x80, 0xB6 } }, | |
1807 | {18+11, 0, { 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1808 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1809 | { 0x88, 0x2B, 0xFF, 0x0A, 0xA0, 0x1A, 0x0B, 0x87 } }, | |
1810 | {19+11, 0, { 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1811 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1812 | { 0x25, 0x61, 0x02, 0x88, 0x92, 0x45, 0x11, 0xC2 } }, | |
1813 | {20+11, 0, { 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1814 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1815 | { 0xC7, 0x15, 0x16, 0xC2, 0x9C, 0x75, 0xD1, 0x70 } }, | |
1816 | {21+11, 0, { 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01 }, | |
1817 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1818 | { 0x51, 0x99, 0xC2, 0x9A, 0x52, 0xC9, 0xF0, 0x59 } }, | |
1819 | {22+11, 0, { 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01 }, | |
1820 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1821 | { 0xC2, 0x2F, 0x0A, 0x29, 0x4A, 0x71, 0xF2, 0x9F } }, | |
1822 | {23+11, 0, { 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01 }, | |
1823 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1824 | { 0xEE, 0x37, 0x14, 0x83, 0x71, 0x4C, 0x02, 0xEA } }, | |
1825 | {24+11, 0, { 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01 }, | |
1826 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1827 | { 0xA8, 0x1F, 0xBD, 0x44, 0x8F, 0x9E, 0x52, 0x2F } }, | |
1828 | {25+11, 0, { 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01 }, | |
1829 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1830 | { 0x4F, 0x64, 0x4C, 0x92, 0xE1, 0x92, 0xDF, 0xED } }, | |
1831 | {26+11, 0, { 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01 }, | |
1832 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1833 | { 0x1A, 0xFA, 0x9A, 0x66, 0xA6, 0xDF, 0x92, 0xAE } }, | |
1834 | {27+11, 0, { 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01 }, | |
1835 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1836 | { 0xB3, 0xC1, 0xCC, 0x71, 0x5C, 0xB8, 0x79, 0xD8 } }, | |
1837 | {28+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01 }, | |
1838 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1839 | { 0x19, 0xD0, 0x32, 0xE6, 0x4A, 0xB0, 0xBD, 0x8B } }, | |
1840 | {29+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01 }, | |
1841 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1842 | { 0x3C, 0xFA, 0xA7, 0xA7, 0xDC, 0x87, 0x20, 0xDC } }, | |
1843 | {30+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01 }, | |
1844 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1845 | { 0xB7, 0x26, 0x5F, 0x7F, 0x44, 0x7A, 0xC6, 0xF3 } }, | |
1846 | {31+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01 }, | |
1847 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1848 | { 0x9D, 0xB7, 0x3B, 0x3C, 0x0D, 0x16, 0x3F, 0x54 } }, | |
1849 | {32+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01 }, | |
1850 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1851 | { 0x81, 0x81, 0xB6, 0x5B, 0xAB, 0xF4, 0xA9, 0x75 } }, | |
1852 | {33+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01 }, | |
1853 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1854 | { 0x93, 0xC9, 0xB6, 0x40, 0x42, 0xEA, 0xA2, 0x40 } }, | |
1855 | {34+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01 }, | |
1856 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1857 | { 0x55, 0x70, 0x53, 0x08, 0x29, 0x70, 0x55, 0x92 } }, | |
1858 | {35+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01 }, | |
1859 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1860 | { 0x86, 0x38, 0x80, 0x9E, 0x87, 0x87, 0x87, 0xA0 } }, | |
1861 | {36+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01 }, | |
1862 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1863 | { 0x41, 0xB9, 0xA7, 0x9A, 0xF7, 0x9A, 0xC2, 0x08 } }, | |
1864 | {37+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01 }, | |
1865 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1866 | { 0x7A, 0x9B, 0xE4, 0x2F, 0x20, 0x09, 0xA8, 0x92 } }, | |
1867 | {38+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01 }, | |
1868 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1869 | { 0x29, 0x03, 0x8D, 0x56, 0xBA, 0x6D, 0x27, 0x45 } }, | |
1870 | {39+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01 }, | |
1871 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1872 | { 0x54, 0x95, 0xC6, 0xAB, 0xF1, 0xE5, 0xDF, 0x51 } }, | |
1873 | {40+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01 }, | |
1874 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1875 | { 0xAE, 0x13, 0xDB, 0xD5, 0x61, 0x48, 0x89, 0x33 } }, | |
1876 | {41+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01 }, | |
1877 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1878 | { 0x02, 0x4D, 0x1F, 0xFA, 0x89, 0x04, 0xE3, 0x89 } }, | |
1879 | {42+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01 }, | |
1880 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1881 | { 0xD1, 0x39, 0x97, 0x12, 0xF9, 0x9B, 0xF0, 0x2E } }, | |
1882 | {43+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01 }, | |
1883 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1884 | { 0x14, 0xC1, 0xD7, 0xC1, 0xCF, 0xFE, 0xC7, 0x9E } }, | |
1885 | {44+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01 }, | |
1886 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1887 | { 0x1D, 0xE5, 0x27, 0x9D, 0xAE, 0x3B, 0xED, 0x6F } }, | |
1888 | {45+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01 }, | |
1889 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1890 | { 0xE9, 0x41, 0xA3, 0x3F, 0x85, 0x50, 0x13, 0x03 } }, | |
1891 | {46+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01 }, | |
1892 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1893 | { 0xDA, 0x99, 0xDB, 0xBC, 0x9A, 0x03, 0xF3, 0x79 } }, | |
1894 | {47+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01 }, | |
1895 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1896 | { 0xB7, 0xFC, 0x92, 0xF9, 0x1D, 0x8E, 0x92, 0xE9 } }, | |
1897 | {48+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01 }, | |
1898 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1899 | { 0xAE, 0x8E, 0x5C, 0xAA, 0x3C, 0xA0, 0x4E, 0x85 } }, | |
1900 | {49+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80 }, | |
1901 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1902 | { 0x9C, 0xC6, 0x2D, 0xF4, 0x3B, 0x6E, 0xED, 0x74 } }, | |
1903 | {50+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40 }, | |
1904 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1905 | { 0xD8, 0x63, 0xDB, 0xB5, 0xC5, 0x9A, 0x91, 0xA0 } }, | |
1906 | {51+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20 }, | |
1907 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1908 | { 0xA1, 0xAB, 0x21, 0x90, 0x54, 0x5B, 0x91, 0xD7 } }, | |
1909 | {52+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10 }, | |
1910 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1911 | { 0x08, 0x75, 0x04, 0x1E, 0x64, 0xC5, 0x70, 0xF7 } }, | |
1912 | {53+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08 }, | |
1913 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1914 | { 0x5A, 0x59, 0x45, 0x28, 0xBE, 0xBE, 0xF1, 0xCC } }, | |
1915 | {54+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04 }, | |
1916 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1917 | { 0xFC, 0xDB, 0x32, 0x91, 0xDE, 0x21, 0xF0, 0xC0 } }, | |
1918 | {55+11, 0, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02 }, | |
1919 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1920 | { 0x86, 0x9E, 0xFD, 0x7F, 0x9F, 0x26, 0x5A, 0x09 } }, | |
1921 | #endif /* LTC_TEST_EXT */ | |
1688 | { { 0x10, 0x31, 0x6E, 0x02, 0x8C, 0x8F, 0x3B, 0x4A }, | |
1689 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1690 | { 0x82, 0xDC, 0xBA, 0xFB, 0xDE, 0xAB, 0x66, 0x02 } }, | |
1691 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1692 | { 0x95, 0xF8, 0xA5, 0xE5, 0xDD, 0x31, 0xD9, 0x00 }, | |
1693 | { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1694 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1695 | { 0xDD, 0x7F, 0x12, 0x1C, 0xA5, 0x01, 0x56, 0x19 }, | |
1696 | { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1697 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1698 | { 0x2E, 0x86, 0x53, 0x10, 0x4F, 0x38, 0x34, 0xEA }, | |
1699 | { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1700 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1701 | { 0x4B, 0xD3, 0x88, 0xFF, 0x6C, 0xD8, 0x1D, 0x4F }, | |
1702 | { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1703 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1704 | { 0x20, 0xB9, 0xE7, 0x67, 0xB2, 0xFB, 0x14, 0x56 }, | |
1705 | { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1706 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1707 | { 0x55, 0x57, 0x93, 0x80, 0xD7, 0x71, 0x38, 0xEF }, | |
1708 | { 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1709 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1710 | { 0x6C, 0xC5, 0xDE, 0xFA, 0xAF, 0x04, 0x51, 0x2F }, | |
1711 | { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1712 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1713 | { 0x0D, 0x9F, 0x27, 0x9B, 0xA5, 0xD8, 0x72, 0x60 }, | |
1714 | { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1715 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1716 | { 0xD9, 0x03, 0x1B, 0x02, 0x71, 0xBD, 0x5A, 0x0A }, | |
1717 | { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1718 | ||
1719 | { { 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1720 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1721 | { 0x95, 0xA8, 0xD7, 0x28, 0x13, 0xDA, 0xA9, 0x4D } }, | |
1722 | { { 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1723 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1724 | { 0x0E, 0xEC, 0x14, 0x87, 0xDD, 0x8C, 0x26, 0xD5 } }, | |
1725 | { { 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1726 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1727 | { 0x7A, 0xD1, 0x6F, 0xFB, 0x79, 0xC4, 0x59, 0x26 } }, | |
1728 | { { 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1729 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1730 | { 0xD3, 0x74, 0x62, 0x94, 0xCA, 0x6A, 0x6C, 0xF3 } }, | |
1731 | { { 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1732 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1733 | { 0x80, 0x9F, 0x5F, 0x87, 0x3C, 0x1F, 0xD7, 0x61 } }, | |
1734 | { { 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1735 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1736 | { 0xC0, 0x2F, 0xAF, 0xFE, 0xC9, 0x89, 0xD1, 0xFC } }, | |
1737 | { { 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1738 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1739 | { 0x46, 0x15, 0xAA, 0x1D, 0x33, 0xE7, 0x2F, 0x10 } }, | |
1740 | { { 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1741 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1742 | { 0x20, 0x55, 0x12, 0x33, 0x50, 0xC0, 0x08, 0x58 } }, | |
1743 | { { 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1744 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1745 | { 0xDF, 0x3B, 0x99, 0xD6, 0x57, 0x73, 0x97, 0xC8 } }, | |
1746 | { { 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1747 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1748 | { 0x31, 0xFE, 0x17, 0x36, 0x9B, 0x52, 0x88, 0xC9 } }, | |
1749 | { { 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1750 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1751 | { 0xDF, 0xDD, 0x3C, 0xC6, 0x4D, 0xAE, 0x16, 0x42 } }, | |
1752 | { { 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1753 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1754 | { 0x17, 0x8C, 0x83, 0xCE, 0x2B, 0x39, 0x9D, 0x94 } }, | |
1755 | { { 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1756 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1757 | { 0x50, 0xF6, 0x36, 0x32, 0x4A, 0x9B, 0x7F, 0x80 } }, | |
1758 | { { 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1759 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1760 | { 0xA8, 0x46, 0x8E, 0xE3, 0xBC, 0x18, 0xF0, 0x6D } }, | |
1761 | { { 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1762 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1763 | { 0xA2, 0xDC, 0x9E, 0x92, 0xFD, 0x3C, 0xDE, 0x92 } }, | |
1764 | { { 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1765 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1766 | { 0xCA, 0xC0, 0x9F, 0x79, 0x7D, 0x03, 0x12, 0x87 } }, | |
1767 | { { 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1768 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1769 | { 0x90, 0xBA, 0x68, 0x0B, 0x22, 0xAE, 0xB5, 0x25 } }, | |
1770 | { { 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1771 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1772 | { 0xCE, 0x7A, 0x24, 0xF3, 0x50, 0xE2, 0x80, 0xB6 } }, | |
1773 | { { 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1774 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1775 | { 0x88, 0x2B, 0xFF, 0x0A, 0xA0, 0x1A, 0x0B, 0x87 } }, | |
1776 | { { 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1777 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1778 | { 0x25, 0x61, 0x02, 0x88, 0x92, 0x45, 0x11, 0xC2 } }, | |
1779 | { { 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01, 0x01 }, | |
1780 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1781 | { 0xC7, 0x15, 0x16, 0xC2, 0x9C, 0x75, 0xD1, 0x70 } }, | |
1782 | { { 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01, 0x01 }, | |
1783 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1784 | { 0x51, 0x99, 0xC2, 0x9A, 0x52, 0xC9, 0xF0, 0x59 } }, | |
1785 | { { 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01, 0x01 }, | |
1786 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1787 | { 0xC2, 0x2F, 0x0A, 0x29, 0x4A, 0x71, 0xF2, 0x9F } }, | |
1788 | { { 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01, 0x01 }, | |
1789 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1790 | { 0xEE, 0x37, 0x14, 0x83, 0x71, 0x4C, 0x02, 0xEA } }, | |
1791 | { { 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01, 0x01 }, | |
1792 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1793 | { 0xA8, 0x1F, 0xBD, 0x44, 0x8F, 0x9E, 0x52, 0x2F } }, | |
1794 | { { 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01, 0x01 }, | |
1795 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1796 | { 0x4F, 0x64, 0x4C, 0x92, 0xE1, 0x92, 0xDF, 0xED } }, | |
1797 | { { 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01, 0x01 }, | |
1798 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1799 | { 0x1A, 0xFA, 0x9A, 0x66, 0xA6, 0xDF, 0x92, 0xAE } }, | |
1800 | { { 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01, 0x01 }, | |
1801 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1802 | { 0xB3, 0xC1, 0xCC, 0x71, 0x5C, 0xB8, 0x79, 0xD8 } }, | |
1803 | { { 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01, 0x01 }, | |
1804 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1805 | { 0x19, 0xD0, 0x32, 0xE6, 0x4A, 0xB0, 0xBD, 0x8B } }, | |
1806 | { { 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01, 0x01 }, | |
1807 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1808 | { 0x3C, 0xFA, 0xA7, 0xA7, 0xDC, 0x87, 0x20, 0xDC } }, | |
1809 | { { 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01, 0x01 }, | |
1810 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1811 | { 0xB7, 0x26, 0x5F, 0x7F, 0x44, 0x7A, 0xC6, 0xF3 } }, | |
1812 | { { 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01, 0x01 }, | |
1813 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1814 | { 0x9D, 0xB7, 0x3B, 0x3C, 0x0D, 0x16, 0x3F, 0x54 } }, | |
1815 | { { 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01, 0x01 }, | |
1816 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1817 | { 0x81, 0x81, 0xB6, 0x5B, 0xAB, 0xF4, 0xA9, 0x75 } }, | |
1818 | { { 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01, 0x01 }, | |
1819 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1820 | { 0x93, 0xC9, 0xB6, 0x40, 0x42, 0xEA, 0xA2, 0x40 } }, | |
1821 | { { 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01, 0x01 }, | |
1822 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1823 | { 0x55, 0x70, 0x53, 0x08, 0x29, 0x70, 0x55, 0x92 } }, | |
1824 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01, 0x01 }, | |
1825 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1826 | { 0x86, 0x38, 0x80, 0x9E, 0x87, 0x87, 0x87, 0xA0 } }, | |
1827 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01, 0x01 }, | |
1828 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1829 | { 0x41, 0xB9, 0xA7, 0x9A, 0xF7, 0x9A, 0xC2, 0x08 } }, | |
1830 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01, 0x01 }, | |
1831 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1832 | { 0x7A, 0x9B, 0xE4, 0x2F, 0x20, 0x09, 0xA8, 0x92 } }, | |
1833 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01, 0x01 }, | |
1834 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1835 | { 0x29, 0x03, 0x8D, 0x56, 0xBA, 0x6D, 0x27, 0x45 } }, | |
1836 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01, 0x01 }, | |
1837 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1838 | { 0x54, 0x95, 0xC6, 0xAB, 0xF1, 0xE5, 0xDF, 0x51 } }, | |
1839 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01, 0x01 }, | |
1840 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1841 | { 0xAE, 0x13, 0xDB, 0xD5, 0x61, 0x48, 0x89, 0x33 } }, | |
1842 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01 }, | |
1843 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1844 | { 0x02, 0x4D, 0x1F, 0xFA, 0x89, 0x04, 0xE3, 0x89 } }, | |
1845 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80, 0x01 }, | |
1846 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1847 | { 0xD1, 0x39, 0x97, 0x12, 0xF9, 0x9B, 0xF0, 0x2E } }, | |
1848 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40, 0x01 }, | |
1849 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1850 | { 0x14, 0xC1, 0xD7, 0xC1, 0xCF, 0xFE, 0xC7, 0x9E } }, | |
1851 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x01 }, | |
1852 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1853 | { 0x1D, 0xE5, 0x27, 0x9D, 0xAE, 0x3B, 0xED, 0x6F } }, | |
1854 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10, 0x01 }, | |
1855 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1856 | { 0xE9, 0x41, 0xA3, 0x3F, 0x85, 0x50, 0x13, 0x03 } }, | |
1857 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08, 0x01 }, | |
1858 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1859 | { 0xDA, 0x99, 0xDB, 0xBC, 0x9A, 0x03, 0xF3, 0x79 } }, | |
1860 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04, 0x01 }, | |
1861 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1862 | { 0xB7, 0xFC, 0x92, 0xF9, 0x1D, 0x8E, 0x92, 0xE9 } }, | |
1863 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02, 0x01 }, | |
1864 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1865 | { 0xAE, 0x8E, 0x5C, 0xAA, 0x3C, 0xA0, 0x4E, 0x85 } }, | |
1866 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x80 }, | |
1867 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1868 | { 0x9C, 0xC6, 0x2D, 0xF4, 0x3B, 0x6E, 0xED, 0x74 } }, | |
1869 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x40 }, | |
1870 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1871 | { 0xD8, 0x63, 0xDB, 0xB5, 0xC5, 0x9A, 0x91, 0xA0 } }, | |
1872 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20 }, | |
1873 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1874 | { 0xA1, 0xAB, 0x21, 0x90, 0x54, 0x5B, 0x91, 0xD7 } }, | |
1875 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x10 }, | |
1876 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1877 | { 0x08, 0x75, 0x04, 0x1E, 0x64, 0xC5, 0x70, 0xF7 } }, | |
1878 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x08 }, | |
1879 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1880 | { 0x5A, 0x59, 0x45, 0x28, 0xBE, 0xBE, 0xF1, 0xCC } }, | |
1881 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x04 }, | |
1882 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1883 | { 0xFC, 0xDB, 0x32, 0x91, 0xDE, 0x21, 0xF0, 0xC0 } }, | |
1884 | { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x02 }, | |
1885 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1886 | { 0x86, 0x9E, 0xFD, 0x7F, 0x9F, 0x26, 0x5A, 0x09 } }, | |
1922 | 1887 | |
1923 | 1888 | /*** more test cases you could add if you are not convinced (the above test cases aren't really too good): |
1924 | 1889 | |
1961 | 1926 | http://www.ecs.soton.ac.uk/~prw99r/ez438/vectors.txt |
1962 | 1927 | ***/ |
1963 | 1928 | }; |
1964 | int i, y; | |
1965 | unsigned char tmp[8]; | |
1966 | symmetric_key des; | |
1967 | ||
1968 | for(i=0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
1929 | unsigned char key[8], pt[8], ct[8], tmp[8]; | |
1930 | symmetric_key skey; | |
1931 | int i, err; | |
1932 | ||
1933 | for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
1969 | 1934 | { |
1970 | if ((err = des_setup(cases[i].key, 8, 0, &des)) != CRYPT_OK) { | |
1971 | return err; | |
1935 | if ((err = des_setup(cases[i].key, 8, 0, &skey)) != CRYPT_OK) { | |
1936 | return err; | |
1972 | 1937 | } |
1973 | if (cases[i].mode != 0) { | |
1974 | des_ecb_encrypt(cases[i].txt, tmp, &des); | |
1975 | } else { | |
1976 | des_ecb_decrypt(cases[i].txt, tmp, &des); | |
1938 | ||
1939 | des_ecb_encrypt(cases[i].txt, ct, &skey); | |
1940 | ||
1941 | if (compare_testvector(ct, sizeof(ct), cases[i].out, 8, "DES Encrypt", i) != 0) { | |
1942 | return CRYPT_FAIL_TESTVECTOR; | |
1977 | 1943 | } |
1978 | 1944 | |
1979 | if (compare_testvector(cases[i].out, sizeof(tmp), tmp, sizeof(tmp), "DES", i) != 0) { | |
1980 | return CRYPT_FAIL_TESTVECTOR; | |
1945 | des_ecb_decrypt(ct, pt, &skey); | |
1946 | ||
1947 | if (compare_testvector(pt, sizeof(pt), cases[i].txt, 8, "DES Decrypt", i) != 0) { | |
1948 | return CRYPT_FAIL_TESTVECTOR; | |
1981 | 1949 | } |
1982 | ||
1983 | /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ | |
1984 | for (y = 0; y < 8; y++) tmp[y] = 0; | |
1985 | for (y = 0; y < 1000; y++) des_ecb_encrypt(tmp, tmp, &des); | |
1986 | for (y = 0; y < 1000; y++) des_ecb_decrypt(tmp, tmp, &des); | |
1987 | for (y = 0; y < 8; y++) if (tmp[y] != 0) return CRYPT_FAIL_TESTVECTOR; | |
1950 | } | |
1951 | ||
1952 | /* See if we can encrypt all zero bytes 1000 times, decrypt and come back to where we started */ | |
1953 | ||
1954 | for (i = 0; i < 8; i++) key[i] = i; | |
1955 | ||
1956 | if ((err = des_setup(key, 8, 0, &skey)) != CRYPT_OK) { | |
1957 | return err; | |
1958 | } | |
1959 | ||
1960 | for (i = 0; i < 8; i++) pt[i] = tmp[i] = 0; | |
1961 | for (i = 0; i < 1000; i++) des_ecb_encrypt(tmp, tmp, &skey); | |
1962 | for (i = 0; i < 1000; i++) des_ecb_decrypt(tmp, tmp, &skey); | |
1963 | ||
1964 | if (compare_testvector(tmp, 8, pt, 8, "DES", 0) != 0) { | |
1965 | return CRYPT_FAIL_TESTVECTOR; | |
1988 | 1966 | } |
1989 | 1967 | |
1990 | 1968 | return CRYPT_OK; |
1996 | 1974 | #ifndef LTC_TEST |
1997 | 1975 | return CRYPT_NOP; |
1998 | 1976 | #else |
1999 | unsigned char key[24], pt[8], ct[8], tmp[8]; | |
2000 | symmetric_key skey; | |
2001 | int x, err; | |
2002 | ||
2003 | if ((err = des_test()) != CRYPT_OK) { | |
2004 | return err; | |
2005 | } | |
2006 | ||
2007 | for (x = 0; x < 8; x++) { | |
2008 | pt[x] = x; | |
2009 | } | |
2010 | ||
2011 | for (x = 0; x < 24; x++) { | |
2012 | key[x] = x; | |
2013 | } | |
2014 | ||
2015 | if ((err = des3_setup(key, 24, 0, &skey)) != CRYPT_OK) { | |
2016 | return err; | |
2017 | } | |
2018 | ||
2019 | des3_ecb_encrypt(pt, ct, &skey); | |
2020 | des3_ecb_decrypt(ct, tmp, &skey); | |
2021 | ||
2022 | if (compare_testvector(pt, 8, tmp, 8, "3DES", 0) != 0) { | |
2023 | return CRYPT_FAIL_TESTVECTOR; | |
2024 | } | |
2025 | ||
2026 | return CRYPT_OK; | |
1977 | static const struct des3_test_case { | |
1978 | unsigned char key[16], txt[8], out[8]; | |
1979 | } cases[] = { | |
1980 | /* | |
1981 | https://www.cosic.esat.kuleuven.be/nessie/testvectors/bc/des/Triple-Des-2-Key-128-64.unverified.test-vectors | |
1982 | */ | |
1983 | { { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1984 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1985 | { 0xFA, 0xFD, 0x50, 0x84, 0x37, 0x4F, 0xCE, 0x34 } }, | |
1986 | { { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1987 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1988 | { 0x60, 0xCC, 0x37, 0xB7, 0xB5, 0x37, 0xA1, 0xDC } }, | |
1989 | { { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1990 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | |
1991 | { 0xBE, 0x3E, 0x73, 0x04, 0xFE, 0x92, 0xC2, 0xBC } }, | |
1992 | { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00 }, | |
1993 | { 0xE5, 0xA9, 0xE3, 0x80, 0x03, 0xA5, 0xA0, 0xFD }, | |
1994 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, | |
1995 | { { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }, | |
1996 | { 0xE4, 0xFC, 0x19, 0xD6, 0x94, 0x63, 0xB7, 0x83 }, | |
1997 | { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 } }, | |
1998 | }; | |
1999 | unsigned char key[24], pt[8], ct[8], tmp[8]; | |
2000 | symmetric_key skey; | |
2001 | int i, err; | |
2002 | ||
2003 | if ((err = des_test()) != CRYPT_OK) { | |
2004 | return err; | |
2005 | } | |
2006 | ||
2007 | for (i = 0; i < (int)(sizeof(cases)/sizeof(cases[0])); i++) | |
2008 | { | |
2009 | if ((err = des3_setup(cases[i].key, 16, 0, &skey)) != CRYPT_OK) { | |
2010 | return err; | |
2011 | } | |
2012 | ||
2013 | des3_ecb_encrypt(cases[i].txt, ct, &skey); | |
2014 | ||
2015 | if (compare_testvector(ct, sizeof(ct), cases[i].out, 8, "3DES Encrypt", i) != 0) { | |
2016 | return CRYPT_FAIL_TESTVECTOR; | |
2017 | } | |
2018 | ||
2019 | des3_ecb_decrypt(ct, pt, &skey); | |
2020 | ||
2021 | if (compare_testvector(pt, sizeof(pt), cases[i].txt, 8, "3DES Decrypt", i) != 0) { | |
2022 | return CRYPT_FAIL_TESTVECTOR; | |
2023 | } | |
2024 | } | |
2025 | ||
2026 | /* See if we can encrypt all zero bytes 1000 times, decrypt and come back to where we started */ | |
2027 | ||
2028 | for (i = 0; i < 24; i++) key[i] = i; | |
2029 | ||
2030 | if ((err = des3_setup(key, 24, 0, &skey)) != CRYPT_OK) { | |
2031 | return err; | |
2032 | } | |
2033 | ||
2034 | for (i = 0; i < 8; i++) pt[i] = tmp[i] = 0; | |
2035 | for (i = 0; i < 1000; i++) des3_ecb_encrypt(tmp, tmp, &skey); | |
2036 | for (i = 0; i < 1000; i++) des3_ecb_decrypt(tmp, tmp, &skey); | |
2037 | ||
2038 | if (compare_testvector(tmp, 8, pt, 8, "3DES", 0) != 0) { | |
2039 | return CRYPT_FAIL_TESTVECTOR; | |
2040 | } | |
2041 | ||
2042 | return CRYPT_OK; | |
2027 | 2043 | #endif |
2028 | 2044 | } |
2029 | 2045 |
135 | 135 | LTC_ARGCHK(pt != NULL); |
136 | 136 | LTC_ARGCHK(ct != NULL); |
137 | 137 | |
138 | if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) { | |
139 | return CRYPT_INVALID_ROUNDS; | |
140 | } | |
141 | ||
138 | 142 | LOAD32L(A, &pt[0]); |
139 | 143 | LOAD32L(B, &pt[4]); |
140 | 144 | A += skey->rc5.K[0]; |
190 | 194 | LTC_ARGCHK(skey != NULL); |
191 | 195 | LTC_ARGCHK(pt != NULL); |
192 | 196 | LTC_ARGCHK(ct != NULL); |
197 | ||
198 | if (skey->rc5.rounds < 12 || skey->rc5.rounds > 24) { | |
199 | return CRYPT_INVALID_ROUNDS; | |
200 | } | |
193 | 201 | |
194 | 202 | LOAD32L(A, &ct[0]); |
195 | 203 | LOAD32L(B, &ct[4]); |
346 | 346 | LTC_ARGCHK(ct != NULL); |
347 | 347 | LTC_ARGCHK(skey != NULL); |
348 | 348 | |
349 | if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) { | |
350 | return CRYPT_INVALID_ROUNDS; | |
351 | } | |
352 | ||
349 | 353 | /* do eight rounds */ |
350 | 354 | for (x = 0; x < 16; x++) { |
351 | 355 | b[x] = pt[x]; |
409 | 413 | LTC_ARGCHK(pt != NULL); |
410 | 414 | LTC_ARGCHK(ct != NULL); |
411 | 415 | LTC_ARGCHK(skey != NULL); |
416 | ||
417 | if (skey->saferp.rounds < 8 || skey->saferp.rounds > 16) { | |
418 | return CRYPT_INVALID_ROUNDS; | |
419 | } | |
412 | 420 | |
413 | 421 | /* do eight rounds */ |
414 | 422 | b[0] = ct[0] ^ skey->saferp.K[skey->saferp.rounds*2][0]; |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | ||
9 | /** | |
10 | @file tea.c | |
11 | Implementation of TEA, Steffen Jaeckel | |
12 | */ | |
13 | #include "tomcrypt_private.h" | |
14 | ||
15 | #ifdef LTC_TEA | |
16 | ||
17 | const struct ltc_cipher_descriptor tea_desc = | |
18 | { | |
19 | "tea", | |
20 | 26, | |
21 | 16, 16, 8, 32, | |
22 | &tea_setup, | |
23 | &tea_ecb_encrypt, | |
24 | &tea_ecb_decrypt, | |
25 | &tea_test, | |
26 | &tea_done, | |
27 | &tea_keysize, | |
28 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL | |
29 | }; | |
30 | ||
31 | #define DELTA 0x9E3779B9uL | |
32 | #define SUM 0xC6EF3720uL | |
33 | ||
34 | int tea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) | |
35 | { | |
36 | LTC_ARGCHK(key != NULL); | |
37 | LTC_ARGCHK(skey != NULL); | |
38 | ||
39 | /* check arguments */ | |
40 | if (keylen != 16) { | |
41 | return CRYPT_INVALID_KEYSIZE; | |
42 | } | |
43 | ||
44 | if (num_rounds != 0 && num_rounds != 32) { | |
45 | return CRYPT_INVALID_ROUNDS; | |
46 | } | |
47 | ||
48 | /* load key */ | |
49 | LOAD32H(skey->tea.k[0], key+0); | |
50 | LOAD32H(skey->tea.k[1], key+4); | |
51 | LOAD32H(skey->tea.k[2], key+8); | |
52 | LOAD32H(skey->tea.k[3], key+12); | |
53 | ||
54 | return CRYPT_OK; | |
55 | } | |
56 | ||
57 | /** | |
58 | Encrypts a block of text with TEA | |
59 | @param pt The input plaintext (8 bytes) | |
60 | @param ct The output ciphertext (8 bytes) | |
61 | @param skey The key as scheduled | |
62 | @return CRYPT_OK if successful | |
63 | */ | |
64 | int tea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) | |
65 | { | |
66 | ulong32 y, z, sum = 0; | |
67 | const ulong32 delta = DELTA; | |
68 | int r; | |
69 | ||
70 | LTC_ARGCHK(pt != NULL); | |
71 | LTC_ARGCHK(ct != NULL); | |
72 | LTC_ARGCHK(skey != NULL); | |
73 | ||
74 | LOAD32H(y, &pt[0]); | |
75 | LOAD32H(z, &pt[4]); | |
76 | for (r = 0; r < 32; r += 4) { | |
77 | sum += delta; | |
78 | y += ((z<<4) + skey->tea.k[0]) ^ (z + sum) ^ ((z>>5) + skey->tea.k[1]); | |
79 | z += ((y<<4) + skey->tea.k[2]) ^ (y + sum) ^ ((y>>5) + skey->tea.k[3]); | |
80 | } | |
81 | STORE32H(y, &ct[0]); | |
82 | STORE32H(z, &ct[4]); | |
83 | return CRYPT_OK; | |
84 | } | |
85 | ||
86 | /** | |
87 | Decrypts a block of text with TEA | |
88 | @param ct The input ciphertext (8 bytes) | |
89 | @param pt The output plaintext (8 bytes) | |
90 | @param skey The key as scheduled | |
91 | @return CRYPT_OK if successful | |
92 | */ | |
93 | int tea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) | |
94 | { | |
95 | ulong32 v0, v1, sum = SUM; | |
96 | const ulong32 delta = DELTA; | |
97 | int r; | |
98 | ||
99 | LTC_ARGCHK(pt != NULL); | |
100 | LTC_ARGCHK(ct != NULL); | |
101 | LTC_ARGCHK(skey != NULL); | |
102 | ||
103 | LOAD32H(v0, &ct[0]); | |
104 | LOAD32H(v1, &ct[4]); | |
105 | ||
106 | for (r = 0; r < 32; r++) { | |
107 | v1 -= ((v0 << 4) + skey->tea.k[2]) ^ (v0 + sum) ^ ((v0 >> 5) + skey->tea.k[3]); | |
108 | v0 -= ((v1 << 4) + skey->tea.k[0]) ^ (v1 + sum) ^ ((v1 >> 5) + skey->tea.k[1]); | |
109 | sum -= delta; | |
110 | } | |
111 | ||
112 | STORE32H(v0, &pt[0]); | |
113 | STORE32H(v1, &pt[4]); | |
114 | return CRYPT_OK; | |
115 | } | |
116 | ||
117 | /** | |
118 | Performs a self-test of the TEA block cipher | |
119 | @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled | |
120 | */ | |
121 | int tea_test(void) | |
122 | { | |
123 | #ifndef LTC_TEST | |
124 | return CRYPT_NOP; | |
125 | #else | |
126 | static const struct { | |
127 | const char *key, *pt, *ct; | |
128 | } tests[] = { | |
129 | { | |
130 | "00000000000000000000000000000000", | |
131 | "0000000000000000", | |
132 | "41ea3a0a94baa940" | |
133 | }, { | |
134 | "32a1e65408b63bb9214105744ec5d2e2", | |
135 | "5ada1d89a9c3801a", | |
136 | "dd46249e28aa0b4b" | |
137 | }, { | |
138 | "60388adadf70a1f5d9cb4e097d2c6c57", | |
139 | "7a6adb4d69c53e0f", | |
140 | "44b71215cf25368a" | |
141 | }, { | |
142 | "4368d2249bd0321eb7c56d5b63a1bfac", | |
143 | "5a5d7ca2e186c41a", | |
144 | "91f56dff7281794f" | |
145 | }, { | |
146 | "5c60bff27072d01c4513c5eb8f3a38ab", | |
147 | "80d9c4adcf899635", | |
148 | "2bb0f1b3c023ed11" | |
149 | } | |
150 | }; | |
151 | unsigned char ptct[2][8]; | |
152 | unsigned char tmp[2][8]; | |
153 | unsigned char key[16]; | |
154 | unsigned long l; | |
155 | symmetric_key skey; | |
156 | size_t i; | |
157 | int err, y; | |
158 | for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { | |
159 | zeromem(&skey, sizeof(skey)); | |
160 | ||
161 | l = sizeof(key); | |
162 | if ((err = base16_decode(tests[i].key, XSTRLEN(tests[i].key), key, &l)) != CRYPT) return err; | |
163 | l = sizeof(ptct[0]); | |
164 | if ((err = base16_decode(tests[i].pt, XSTRLEN(tests[i].pt), ptct[0], &l)) != CRYPT) return err; | |
165 | l = sizeof(ptct[1]); | |
166 | if ((err = base16_decode(tests[i].ct, XSTRLEN(tests[i].ct), ptct[1], &l)) != CRYPT) return err; | |
167 | ||
168 | if ((err = tea_setup(key, 16, 0, &skey)) != CRYPT_OK) { | |
169 | return err; | |
170 | } | |
171 | tea_ecb_encrypt(ptct[0], tmp[0], &skey); | |
172 | tea_ecb_decrypt(tmp[0], tmp[1], &skey); | |
173 | ||
174 | if (compare_testvector(tmp[0], 8, ptct[0], 8, "TEA Encrypt", i) != 0 || | |
175 | compare_testvector(tmp[1], 8, ptct[1], 8, "TEA Decrypt", i) != 0) { | |
176 | return CRYPT_FAIL_TESTVECTOR; | |
177 | } | |
178 | ||
179 | /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ | |
180 | for (y = 0; y < 8; y++) tmp[0][y] = 0; | |
181 | for (y = 0; y < 1000; y++) tea_ecb_encrypt(tmp[0], tmp[0], &skey); | |
182 | for (y = 0; y < 1000; y++) tea_ecb_decrypt(tmp[0], tmp[0], &skey); | |
183 | for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; | |
184 | } /* for */ | |
185 | ||
186 | return CRYPT_OK; | |
187 | #endif | |
188 | } | |
189 | ||
190 | /** Terminate the context | |
191 | @param skey The scheduled key | |
192 | */ | |
193 | void tea_done(symmetric_key *skey) | |
194 | { | |
195 | LTC_UNUSED_PARAM(skey); | |
196 | } | |
197 | ||
198 | /** | |
199 | Gets suitable key size | |
200 | @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. | |
201 | @return CRYPT_OK if the input key size is acceptable. | |
202 | */ | |
203 | int tea_keysize(int *keysize) | |
204 | { | |
205 | LTC_ARGCHK(keysize != NULL); | |
206 | if (*keysize < 16) { | |
207 | return CRYPT_INVALID_KEYSIZE; | |
208 | } | |
209 | *keysize = 16; | |
210 | return CRYPT_OK; | |
211 | } | |
212 | ||
213 | #endif | |
214 | ||
215 | ||
216 | /* ref: $Format:%D$ */ | |
217 | /* git commit: $Format:%H$ */ | |
218 | /* commit time: $Format:%ai$ */ |
8 | 8 | |
9 | 9 | /** |
10 | 10 | @file xtea.c |
11 | Implementation of LTC_XTEA, Tom St Denis | |
11 | Implementation of eXtended TEA, Tom St Denis | |
12 | 12 | */ |
13 | 13 | #include "tomcrypt_private.h" |
14 | 14 |
12 | 12 | */ |
13 | 13 | #include "tomcrypt_private.h" |
14 | 14 | |
15 | #if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || ((defined(LTC_GCM_MODE) || defined(LTC_GCM_MODE)) && defined(LTC_FAST)) | |
15 | #if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || (defined(LTC_GCM_MODE) && defined(LTC_FAST)) | |
16 | 16 | |
17 | 17 | /* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format. Since only the |
18 | 18 | * lower 16 bits are not zero'ed I removed the upper 14 bytes */ |
479 | 479 | |
480 | 480 | for (i = 0; tests[i].msg != NULL; i++) { |
481 | 481 | blake2b_512_init(&md); |
482 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
482 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
483 | 483 | blake2b_done(&md, tmp); |
484 | 484 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_512", i)) { |
485 | 485 | return CRYPT_FAIL_TESTVECTOR; |
526 | 526 | |
527 | 527 | for (i = 0; tests[i].msg != NULL; i++) { |
528 | 528 | blake2b_384_init(&md); |
529 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
529 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
530 | 530 | blake2b_done(&md, tmp); |
531 | 531 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_384", i)) { |
532 | 532 | return CRYPT_FAIL_TESTVECTOR; |
579 | 579 | |
580 | 580 | for (i = 0; tests[i].msg != NULL; i++) { |
581 | 581 | blake2b_256_init(&md); |
582 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
582 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
583 | 583 | blake2b_done(&md, tmp); |
584 | 584 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_256", i)) { |
585 | 585 | return CRYPT_FAIL_TESTVECTOR; |
620 | 620 | |
621 | 621 | for (i = 0; tests[i].msg != NULL; i++) { |
622 | 622 | blake2b_160_init(&md); |
623 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
623 | blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
624 | 624 | blake2b_done(&md, tmp); |
625 | 625 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2B_160", i)) { |
626 | 626 | return CRYPT_FAIL_TESTVECTOR; |
469 | 469 | |
470 | 470 | for (i = 0; tests[i].msg != NULL; i++) { |
471 | 471 | blake2s_256_init(&md); |
472 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
472 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
473 | 473 | blake2s_done(&md, tmp); |
474 | 474 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_256", i)) { |
475 | 475 | return CRYPT_FAIL_TESTVECTOR; |
513 | 513 | |
514 | 514 | for (i = 0; tests[i].msg != NULL; i++) { |
515 | 515 | blake2s_224_init(&md); |
516 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
516 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
517 | 517 | blake2s_done(&md, tmp); |
518 | 518 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_224", i)) { |
519 | 519 | return CRYPT_FAIL_TESTVECTOR; |
555 | 555 | |
556 | 556 | for (i = 0; tests[i].msg != NULL; i++) { |
557 | 557 | blake2s_160_init(&md); |
558 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
558 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
559 | 559 | blake2s_done(&md, tmp); |
560 | 560 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_160", i)) { |
561 | 561 | return CRYPT_FAIL_TESTVECTOR; |
595 | 595 | |
596 | 596 | for (i = 0; tests[i].msg != NULL; i++) { |
597 | 597 | blake2s_128_init(&md); |
598 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
598 | blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
599 | 599 | blake2s_done(&md, tmp); |
600 | 600 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "BLAKE2S_128", i)) { |
601 | 601 | return CRYPT_FAIL_TESTVECTOR; |
269 | 269 | 16 |
270 | 270 | } |
271 | 271 | }; |
272 | int i, oldhashidx, idx; | |
272 | int i, oldhashidx, idx, err; | |
273 | 273 | unsigned char tmp[MAXBLOCKSIZE]; |
274 | 274 | hash_state md; |
275 | 275 | |
283 | 283 | chc_register(idx); |
284 | 284 | |
285 | 285 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
286 | chc_init(&md); | |
287 | chc_process(&md, tests[i].msg, strlen((char *)tests[i].msg)); | |
288 | chc_done(&md, tmp); | |
286 | if ((err = chc_init(&md)) != CRYPT_OK) { | |
287 | return err; | |
288 | } | |
289 | if ((err = chc_process(&md, tests[i].msg, XSTRLEN((char *)tests[i].msg))) != CRYPT_OK) { | |
290 | return err; | |
291 | } | |
292 | if ((err = chc_done(&md, tmp)) != CRYPT_OK) { | |
293 | return err; | |
294 | } | |
289 | 295 | if (compare_testvector(tmp, tests[i].len, tests[i].hash, tests[i].len, "CHC", i)) { |
290 | 296 | return CRYPT_FAIL_TESTVECTOR; |
291 | 297 | } |
231 | 231 | |
232 | 232 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
233 | 233 | md2_init(&md); |
234 | md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
234 | md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
235 | 235 | md2_done(&md, tmp); |
236 | 236 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD2", i)) { |
237 | 237 | return CRYPT_FAIL_TESTVECTOR; |
285 | 285 | |
286 | 286 | for(i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
287 | 287 | md4_init(&md); |
288 | md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)strlen(tests[i].input)); | |
288 | md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)XSTRLEN(tests[i].input)); | |
289 | 289 | md4_done(&md, tmp); |
290 | 290 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD4", i)) { |
291 | 291 | return CRYPT_FAIL_TESTVECTOR; |
346 | 346 | |
347 | 347 | for (i = 0; tests[i].msg != NULL; i++) { |
348 | 348 | md5_init(&md); |
349 | md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
349 | md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
350 | 350 | md5_done(&md, tmp); |
351 | 351 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD5", i)) { |
352 | 352 | return CRYPT_FAIL_TESTVECTOR; |
387 | 387 | |
388 | 388 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
389 | 389 | rmd128_init(&md); |
390 | rmd128_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
390 | rmd128_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
391 | 391 | rmd128_done(&md, tmp); |
392 | 392 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD128", i)) { |
393 | 393 | return CRYPT_FAIL_TESTVECTOR; |
446 | 446 | |
447 | 447 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
448 | 448 | rmd160_init(&md); |
449 | rmd160_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
449 | rmd160_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
450 | 450 | rmd160_done(&md, tmp); |
451 | 451 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD160", i)) { |
452 | 452 | return CRYPT_FAIL_TESTVECTOR; |
412 | 412 | |
413 | 413 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
414 | 414 | rmd256_init(&md); |
415 | rmd256_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
415 | rmd256_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
416 | 416 | rmd256_done(&md, tmp); |
417 | 417 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD256", i)) { |
418 | 418 | return CRYPT_FAIL_TESTVECTOR; |
477 | 477 | |
478 | 478 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { |
479 | 479 | rmd320_init(&md); |
480 | rmd320_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg)); | |
480 | rmd320_process(&md, (unsigned char *)tests[i].msg, XSTRLEN(tests[i].msg)); | |
481 | 481 | rmd320_done(&md, tmp); |
482 | 482 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "RIPEMD320", i)) { |
483 | 483 | return CRYPT_FAIL_TESTVECTOR; |
266 | 266 | |
267 | 267 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
268 | 268 | sha1_init(&md); |
269 | sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
269 | sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
270 | 270 | sha1_done(&md, tmp); |
271 | 271 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA1", i)) { |
272 | 272 | return CRYPT_FAIL_TESTVECTOR; |
110 | 110 | |
111 | 111 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
112 | 112 | sha224_init(&md); |
113 | sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
113 | sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
114 | 114 | sha224_done(&md, tmp); |
115 | 115 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA224", i)) { |
116 | 116 | return CRYPT_FAIL_TESTVECTOR; |
314 | 314 | |
315 | 315 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
316 | 316 | sha256_init(&md); |
317 | sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
317 | sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
318 | 318 | sha256_done(&md, tmp); |
319 | 319 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA256", i)) { |
320 | 320 | return CRYPT_FAIL_TESTVECTOR; |
116 | 116 | |
117 | 117 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
118 | 118 | sha384_init(&md); |
119 | sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
119 | sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
120 | 120 | sha384_done(&md, tmp); |
121 | 121 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA384", i)) { |
122 | 122 | return CRYPT_FAIL_TESTVECTOR; |
292 | 292 | |
293 | 293 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
294 | 294 | sha512_init(&md); |
295 | sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
295 | sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
296 | 296 | sha512_done(&md, tmp); |
297 | 297 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512", i)) { |
298 | 298 | return CRYPT_FAIL_TESTVECTOR; |
112 | 112 | |
113 | 113 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
114 | 114 | sha512_224_init(&md); |
115 | sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
115 | sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
116 | 116 | sha512_224_done(&md, tmp); |
117 | 117 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-224", i)) { |
118 | 118 | return CRYPT_FAIL_TESTVECTOR; |
112 | 112 | |
113 | 113 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
114 | 114 | sha512_256_init(&md); |
115 | sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
115 | sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
116 | 116 | sha512_256_done(&md, tmp); |
117 | 117 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA512-265", i)) { |
118 | 118 | return CRYPT_FAIL_TESTVECTOR; |
770 | 770 | |
771 | 771 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { |
772 | 772 | tiger_init(&md); |
773 | tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | |
773 | tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)XSTRLEN(tests[i].msg)); | |
774 | 774 | tiger_done(&md, tmp); |
775 | 775 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "TIGER", i)) { |
776 | 776 | return CRYPT_FAIL_TESTVECTOR; |
18 | 18 | #include <limits.h> |
19 | 19 | |
20 | 20 | /* use configuration data */ |
21 | #include <tomcrypt_custom.h> | |
21 | #include "tomcrypt_custom.h" | |
22 | 22 | |
23 | 23 | #ifdef __cplusplus |
24 | 24 | extern "C" { |
80 | 80 | CRYPT_HASH_OVERFLOW /* Hash applied to too many bits */ |
81 | 81 | }; |
82 | 82 | |
83 | #include <tomcrypt_cfg.h> | |
84 | #include <tomcrypt_macros.h> | |
85 | #include <tomcrypt_cipher.h> | |
86 | #include <tomcrypt_hash.h> | |
87 | #include <tomcrypt_mac.h> | |
88 | #include <tomcrypt_prng.h> | |
89 | #include <tomcrypt_pk.h> | |
90 | #include <tomcrypt_math.h> | |
91 | #include <tomcrypt_misc.h> | |
92 | #include <tomcrypt_argchk.h> | |
93 | #include <tomcrypt_pkcs.h> | |
83 | #include "tomcrypt_cfg.h" | |
84 | #include "tomcrypt_macros.h" | |
85 | #include "tomcrypt_cipher.h" | |
86 | #include "tomcrypt_hash.h" | |
87 | #include "tomcrypt_mac.h" | |
88 | #include "tomcrypt_prng.h" | |
89 | #include "tomcrypt_pk.h" | |
90 | #include "tomcrypt_math.h" | |
91 | #include "tomcrypt_misc.h" | |
92 | #include "tomcrypt_argchk.h" | |
93 | #include "tomcrypt_pkcs.h" | |
94 | 94 | |
95 | 95 | #ifdef __cplusplus |
96 | 96 | } |
205 | 205 | #ifdef _MSC_VER |
206 | 206 | #define CONST64(n) n ## ui64 |
207 | 207 | typedef unsigned __int64 ulong64; |
208 | typedef __int64 long64; | |
208 | 209 | #else |
209 | 210 | #define CONST64(n) n ## ULL |
210 | 211 | typedef unsigned long long ulong64; |
212 | typedef long long long64; | |
211 | 213 | #endif |
212 | 214 | |
213 | 215 | /* ulong32: "32-bit at least" data type */ |
240 | 242 | #undef ENDIAN_32BITWORD |
241 | 243 | #undef ENDIAN_64BITWORD |
242 | 244 | #undef LTC_FAST |
245 | #define LTC_NO_BSWAP | |
243 | 246 | #define LTC_NO_ROLC |
244 | #define LTC_NO_BSWAP | |
247 | #define LTC_NO_ROTATE | |
245 | 248 | #endif |
246 | 249 | |
247 | 250 | /* No LTC_FAST if: explicitly disabled OR non-gcc/non-clang compiler OR old gcc OR using -ansi -std=c99 */ |
286 | 289 | #define LTC_HAVE_BSWAP_BUILTIN |
287 | 290 | #endif |
288 | 291 | |
289 | #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301) | |
290 | #define LTC_DEPRECATED __attribute__((deprecated)) | |
292 | #if !defined(LTC_NO_ROTATE) && (__has_builtin(__builtin_rotateleft32) && __has_builtin(__builtin_rotateright32)) | |
293 | #define LTC_HAVE_ROTATE_BUILTIN | |
294 | #endif | |
295 | ||
296 | #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405) | |
297 | # define LTC_DEPRECATED(s) __attribute__((deprecated("replaced by " #s))) | |
298 | # define PRIVATE_LTC_DEPRECATED_PRAGMA(s) _Pragma(#s) | |
299 | # define LTC_DEPRECATED_PRAGMA(s) PRIVATE_LTC_DEPRECATED_PRAGMA(GCC warning s) | |
300 | #elif defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301) | |
301 | # define LTC_DEPRECATED(s) __attribute__((deprecated)) | |
302 | # define LTC_DEPRECATED_PRAGMA(s) | |
291 | 303 | #elif defined(_MSC_VER) && _MSC_VER >= 1500 |
292 | 304 | /* supported since Visual Studio 2008 */ |
293 | #define LTC_DEPRECATED __declspec(deprecated) | |
294 | #else | |
295 | #define LTC_DEPRECATED | |
296 | #endif | |
297 | ||
305 | # define LTC_DEPRECATED(s) __declspec(deprecated("replaced by " #s)) | |
306 | # define LTC_DEPRECATED_PRAGMA(s) __pragma(message(s)) | |
307 | #else | |
308 | # define LTC_DEPRECATED(s) | |
309 | # define LTC_DEPRECATED_PRAGMA(s) | |
310 | #endif | |
298 | 311 | /* ref: $Format:%D$ */ |
299 | 312 | /* git commit: $Format:%H$ */ |
300 | 313 | /* commit time: $Format:%ai$ */ |
170 | 170 | }; |
171 | 171 | #endif |
172 | 172 | |
173 | #ifdef LTC_TEA | |
174 | struct tea_key { | |
175 | ulong32 k[4]; | |
176 | }; | |
177 | #endif | |
178 | ||
173 | 179 | typedef union Symmetric_key { |
174 | 180 | #ifdef LTC_DES |
175 | 181 | struct des_key des; |
234 | 240 | #endif |
235 | 241 | #ifdef LTC_SERPENT |
236 | 242 | struct serpent_key serpent; |
243 | #endif | |
244 | #ifdef LTC_TEA | |
245 | struct tea_key tea; | |
237 | 246 | #endif |
238 | 247 | void *data; |
239 | 248 | } symmetric_key; |
858 | 867 | extern const struct ltc_cipher_descriptor serpent_desc; |
859 | 868 | #endif |
860 | 869 | |
870 | #ifdef LTC_TEA | |
871 | int tea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | |
872 | int tea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); | |
873 | int tea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey); | |
874 | int tea_test(void); | |
875 | void tea_done(symmetric_key *skey); | |
876 | int tea_keysize(int *keysize); | |
877 | extern const struct ltc_cipher_descriptor tea_desc; | |
878 | #endif | |
879 | ||
861 | 880 | #ifdef LTC_ECB_MODE |
862 | 881 | int ecb_start(int cipher, const unsigned char *key, |
863 | 882 | int keylen, int num_rounds, symmetric_ECB *ecb); |
44 | 44 | #ifndef XSTRCMP |
45 | 45 | #define XSTRCMP strcmp |
46 | 46 | #endif |
47 | #ifndef XSTRLEN | |
48 | #define XSTRLEN strlen | |
49 | #endif | |
47 | 50 | #ifndef XSTRNCPY |
48 | 51 | #define XSTRNCPY strncpy |
49 | 52 | #endif |
58 | 61 | |
59 | 62 | #if ( defined(malloc) || defined(realloc) || defined(calloc) || defined(free) || \ |
60 | 63 | defined(memset) || defined(memcpy) || defined(memcmp) || defined(strcmp) || \ |
61 | defined(strncpy) || defined(clock) || defined(qsort) ) && !defined(LTC_NO_PROTOTYPES) | |
64 | defined(strlen) || defined(strncpy) || defined(clock) || defined(qsort) ) \ | |
65 | && !defined(LTC_NO_PROTOTYPES) | |
62 | 66 | #define LTC_NO_PROTOTYPES |
63 | 67 | #endif |
64 | 68 | |
206 | 210 | #define LTC_CAMELLIA |
207 | 211 | #define LTC_IDEA |
208 | 212 | #define LTC_SERPENT |
213 | #define LTC_TEA | |
209 | 214 | |
210 | 215 | /* stream ciphers */ |
211 | 216 | #define LTC_CHACHA |
430 | 435 | /* Digital Signature Algorithm */ |
431 | 436 | #define LTC_MDSA |
432 | 437 | |
438 | /* Ed25519 & X25519 */ | |
439 | #define LTC_CURVE25519 | |
440 | ||
433 | 441 | /* ECC */ |
434 | 442 | #define LTC_MECC |
435 | 443 | |
484 | 492 | #define LTC_BASE32 |
485 | 493 | /* Base16/hex encoding/decoding */ |
486 | 494 | #define LTC_BASE16 |
495 | ||
496 | #define LTC_BCRYPT | |
497 | ||
498 | #ifndef LTC_BCRYPT_DEFAULT_ROUNDS | |
499 | #define LTC_BCRYPT_DEFAULT_ROUNDS 10 | |
500 | #endif | |
487 | 501 | |
488 | 502 | /* Keep LTC_NO_HKDF for compatibility reasons |
489 | 503 | * superseeded by LTC_NO_MISC*/ |
596 | 610 | #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled |
597 | 611 | #endif |
598 | 612 | |
613 | #if defined(LTC_BCRYPT) && !defined(LTC_BLOWFISH) | |
614 | #error LTC_BCRYPT requires LTC_BLOWFISH | |
615 | #endif | |
616 | ||
599 | 617 | #if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) || !defined(LTC_POLY1305)) |
600 | 618 | #error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305 |
601 | 619 | #endif |
240 | 240 | |
241 | 241 | /* 32-bit Rotates */ |
242 | 242 | #if defined(_MSC_VER) |
243 | #define LTC_ROx_ASM | |
243 | #define LTC_ROx_BUILTIN | |
244 | 244 | |
245 | 245 | /* instrinsic rotate */ |
246 | 246 | #include <stdlib.h> |
247 | #pragma intrinsic(_lrotr,_lrotl) | |
248 | #define ROR(x,n) _lrotr(x,n) | |
249 | #define ROL(x,n) _lrotl(x,n) | |
250 | #define RORc(x,n) _lrotr(x,n) | |
251 | #define ROLc(x,n) _lrotl(x,n) | |
247 | #pragma intrinsic(_rotr,_rotl) | |
248 | #define ROR(x,n) _rotr(x,n) | |
249 | #define ROL(x,n) _rotl(x,n) | |
250 | #define RORc(x,n) ROR(x,n) | |
251 | #define ROLc(x,n) ROL(x,n) | |
252 | ||
253 | #elif defined(LTC_HAVE_ROTATE_BUILTIN) | |
254 | #define LTC_ROx_BUILTIN | |
255 | ||
256 | #define ROR(x,n) __builtin_rotateright32(x,n) | |
257 | #define ROL(x,n) __builtin_rotateleft32(x,n) | |
258 | #define ROLc(x,n) ROL(x,n) | |
259 | #define RORc(x,n) ROR(x,n) | |
252 | 260 | |
253 | 261 | #elif !defined(__STRICT_ANSI__) && defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC) && !defined(LTC_NO_ASM) |
254 | 262 | #define LTC_ROx_ASM |
352 | 360 | |
353 | 361 | |
354 | 362 | /* 64-bit Rotates */ |
355 | #if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(_WIN64) && !defined(LTC_NO_ASM) | |
363 | #if defined(_MSC_VER) | |
364 | ||
365 | /* instrinsic rotate */ | |
366 | #include <stdlib.h> | |
367 | #pragma intrinsic(_rotr64,_rotr64) | |
368 | #define ROR64(x,n) _rotr64(x,n) | |
369 | #define ROL64(x,n) _rotl64(x,n) | |
370 | #define ROR64c(x,n) ROR64(x,n) | |
371 | #define ROL64c(x,n) ROL64(x,n) | |
372 | ||
373 | #elif defined(LTC_HAVE_ROTATE_BUILTIN) | |
374 | ||
375 | #define ROR64(x,n) __builtin_rotateright64(x,n) | |
376 | #define ROL64(x,n) __builtin_rotateleft64(x,n) | |
377 | #define ROR64c(x,n) ROR64(x,n) | |
378 | #define ROL64c(x,n) ROL64(x,n) | |
379 | ||
380 | #elif !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(INTEL_CC) && !defined(LTC_NO_ASM) | |
356 | 381 | |
357 | 382 | static inline ulong64 ROL64(ulong64 word, int i) |
358 | 383 | { |
58 | 58 | unsigned char *out, unsigned long *outlen); |
59 | 59 | #endif |
60 | 60 | |
61 | #ifdef LTC_BCRYPT | |
62 | int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len, | |
63 | const unsigned char *salt, unsigned long salt_len, | |
64 | unsigned int rounds, int hash_idx, | |
65 | unsigned char *out, unsigned long *outlen); | |
66 | #endif | |
67 | ||
61 | 68 | /* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */ |
62 | 69 | #ifdef LTC_HKDF |
63 | 70 | |
101 | 108 | int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size); |
102 | 109 | |
103 | 110 | #ifdef LTM_DESC |
104 | LTC_DEPRECATED void init_LTM(void); | |
111 | LTC_DEPRECATED(crypt_mp_init) void init_LTM(void); | |
105 | 112 | #endif |
106 | 113 | #ifdef TFM_DESC |
107 | LTC_DEPRECATED void init_TFM(void); | |
114 | LTC_DEPRECATED(crypt_mp_init) void init_TFM(void); | |
108 | 115 | #endif |
109 | 116 | #ifdef GMP_DESC |
110 | LTC_DEPRECATED void init_GMP(void); | |
117 | LTC_DEPRECATED(crypt_mp_init) void init_GMP(void); | |
111 | 118 | #endif |
112 | 119 | int crypt_mp_init(const char* mpi); |
113 | 120 | |
155 | 162 | |
156 | 163 | #ifdef LTC_SSH |
157 | 164 | typedef enum ssh_data_type_ { |
165 | LTC_SSHDATA_EOL, | |
158 | 166 | LTC_SSHDATA_BYTE, |
159 | 167 | LTC_SSHDATA_BOOLEAN, |
160 | 168 | LTC_SSHDATA_UINT32, |
162 | 170 | LTC_SSHDATA_STRING, |
163 | 171 | LTC_SSHDATA_MPINT, |
164 | 172 | LTC_SSHDATA_NAMELIST, |
165 | LTC_SSHDATA_EOL | |
166 | 173 | } ssh_data_type; |
167 | 174 | |
168 | 175 | /* VA list handy helpers with tuples of <type, data> */ |
169 | 176 | int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...); |
170 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...); | |
177 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...); | |
171 | 178 | #endif /* LTC_SSH */ |
172 | 179 | |
173 | 180 | int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which); |
323 | 323 | int recid, ecc_signature_type sigformat, ecc_key *key); |
324 | 324 | |
325 | 325 | #endif |
326 | ||
327 | #ifdef LTC_CURVE25519 | |
328 | ||
329 | typedef struct { | |
330 | /** The key type, PK_PRIVATE or PK_PUBLIC */ | |
331 | enum public_key_type type; | |
332 | ||
333 | /** The PK-algorithm, PKA_ED25519 or PKA_X25519 */ | |
334 | /** This was supposed to be: | |
335 | * enum public_key_algorithms algo; | |
336 | * but that enum is now in tomcrypt_private.h | |
337 | */ | |
338 | int algo; | |
339 | ||
340 | /** The private key */ | |
341 | unsigned char priv[32]; | |
342 | ||
343 | /** The public key */ | |
344 | unsigned char pub[32]; | |
345 | } curve25519_key; | |
346 | ||
347 | ||
348 | /** Ed25519 Signature API */ | |
349 | int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key); | |
350 | ||
351 | int ed25519_set_key(const unsigned char *sk, unsigned long sklen, | |
352 | const unsigned char *pk, unsigned long pklen, | |
353 | curve25519_key *key); | |
354 | ||
355 | int ed25519_export( unsigned char *out, unsigned long *outlen, | |
356 | int which, | |
357 | const curve25519_key *key); | |
358 | ||
359 | int ed25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key); | |
360 | int ed25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key); | |
361 | int ed25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
362 | const void *pwd, unsigned long pwdlen, | |
363 | curve25519_key *key); | |
364 | ||
365 | int ed25519_sign(const unsigned char *msg, unsigned long msglen, | |
366 | unsigned char *sig, unsigned long *siglen, | |
367 | const curve25519_key *private_key); | |
368 | ||
369 | int ed25519_verify(const unsigned char *msg, unsigned long msglen, | |
370 | const unsigned char *sig, unsigned long siglen, | |
371 | int *stat, const curve25519_key *public_key); | |
372 | ||
373 | /** X25519 Key-Exchange API */ | |
374 | int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key); | |
375 | ||
376 | int x25519_set_key(const unsigned char *k, unsigned long klen, | |
377 | const unsigned char *u, unsigned long ulen, | |
378 | curve25519_key *key); | |
379 | ||
380 | int x25519_export( unsigned char *out, unsigned long *outlen, | |
381 | int which, | |
382 | const curve25519_key *key); | |
383 | ||
384 | int x25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key); | |
385 | int x25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key); | |
386 | int x25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
387 | const void *pwd, unsigned long pwdlen, | |
388 | curve25519_key *key); | |
389 | ||
390 | int x25519_shared_secret(const curve25519_key *private_key, | |
391 | const curve25519_key *public_key, | |
392 | unsigned char *out, unsigned long *outlen); | |
393 | ||
394 | #endif /* LTC_CURVE25519 */ | |
326 | 395 | |
327 | 396 | #ifdef LTC_MDSA |
328 | 397 |
22 | 22 | PKA_RSA, |
23 | 23 | PKA_DSA, |
24 | 24 | PKA_EC, |
25 | PKA_EC_PRIMEF | |
25 | PKA_EC_PRIMEF, | |
26 | PKA_X25519, | |
27 | PKA_ED25519, | |
26 | 28 | }; |
27 | 29 | |
28 | 30 | /* |
68 | 70 | /* |
69 | 71 | * Internal functions |
70 | 72 | */ |
73 | ||
74 | ||
75 | /* tomcrypt_cipher.h */ | |
76 | ||
77 | void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey); | |
78 | int blowfish_expand(const unsigned char *key, int keylen, | |
79 | const unsigned char *data, int datalen, | |
80 | symmetric_key *skey); | |
81 | int blowfish_setup_with_data(const unsigned char *key, int keylen, | |
82 | const unsigned char *data, int datalen, | |
83 | symmetric_key *skey); | |
71 | 84 | |
72 | 85 | /* tomcrypt_hash.h */ |
73 | 86 | |
212 | 225 | int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen); |
213 | 226 | |
214 | 227 | /* ---- DH Routines ---- */ |
228 | #ifdef LTC_MRSA | |
229 | int rsa_init(rsa_key *key); | |
230 | void rsa_shrink_key(rsa_key *key); | |
231 | #endif /* LTC_MRSA */ | |
232 | ||
233 | /* ---- DH Routines ---- */ | |
215 | 234 | #ifdef LTC_MDH |
216 | 235 | extern const ltc_dh_set_type ltc_dh_sets[]; |
217 | 236 | |
295 | 314 | int dsa_int_validate_pqg(const dsa_key *key, int *stat); |
296 | 315 | int dsa_int_validate_primes(const dsa_key *key, int *stat); |
297 | 316 | #endif /* LTC_MDSA */ |
317 | ||
318 | ||
319 | #ifdef LTC_CURVE25519 | |
320 | ||
321 | int tweetnacl_crypto_sign( | |
322 | unsigned char *sm,unsigned long long *smlen, | |
323 | const unsigned char *m,unsigned long long mlen, | |
324 | const unsigned char *sk, const unsigned char *pk); | |
325 | int tweetnacl_crypto_sign_open( | |
326 | int *stat, | |
327 | unsigned char *m,unsigned long long *mlen, | |
328 | const unsigned char *sm,unsigned long long smlen, | |
329 | const unsigned char *pk); | |
330 | int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, unsigned char *pk,unsigned char *sk); | |
331 | int tweetnacl_crypto_sk_to_pk(unsigned char *pk, const unsigned char *sk); | |
332 | int tweetnacl_crypto_scalarmult(unsigned char *q, const unsigned char *n, const unsigned char *p); | |
333 | int tweetnacl_crypto_scalarmult_base(unsigned char *q,const unsigned char *n); | |
334 | ||
335 | typedef int (*sk_to_pk)(unsigned char *pk ,const unsigned char *sk); | |
336 | int ec25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
337 | const void *pwd, unsigned long pwdlen, | |
338 | enum ltc_oid_id id, sk_to_pk fp, | |
339 | curve25519_key *key); | |
340 | int ec25519_export( unsigned char *out, unsigned long *outlen, | |
341 | int which, | |
342 | const curve25519_key *key); | |
343 | #endif /* LTC_CURVE25519 */ | |
298 | 344 | |
299 | 345 | #ifdef LTC_DER |
300 | 346 |
14 | 14 | #include <tommath.h> |
15 | 15 | |
16 | 16 | static const struct { |
17 | int mpi_code, ltc_code; | |
17 | mp_err mpi_code; | |
18 | int ltc_code; | |
18 | 19 | } mpi_to_ltc_codes[] = { |
19 | 20 | { MP_OKAY , CRYPT_OK}, |
20 | 21 | { MP_MEM , CRYPT_MEM}, |
21 | 22 | { MP_VAL , CRYPT_INVALID_ARG}, |
23 | #if defined(MP_BUF) || defined(MP_USE_ENUMS) | |
24 | { MP_ITER , CRYPT_INVALID_PACKET}, | |
25 | { MP_BUF , CRYPT_BUFFER_OVERFLOW}, | |
26 | #endif | |
22 | 27 | }; |
23 | 28 | |
24 | 29 | /** |
26 | 31 | @param err The error to convert |
27 | 32 | @return The equivalent LTC error code or CRYPT_ERROR if none found |
28 | 33 | */ |
29 | static int mpi_to_ltc_error(int err) | |
30 | { | |
31 | int x; | |
32 | ||
33 | for (x = 0; x < (int)(sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0])); x++) { | |
34 | static int mpi_to_ltc_error(mp_err err) | |
35 | { | |
36 | size_t x; | |
37 | ||
38 | for (x = 0; x < sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0]); x++) { | |
34 | 39 | if (err == mpi_to_ltc_codes[x].mpi_code) { |
35 | 40 | return mpi_to_ltc_codes[x].ltc_code; |
36 | 41 | } |
38 | 43 | return CRYPT_ERROR; |
39 | 44 | } |
40 | 45 | |
41 | static int init(void **a) | |
42 | { | |
43 | int err; | |
44 | ||
46 | static int init_mpi(void **a) | |
47 | { | |
45 | 48 | LTC_ARGCHK(a != NULL); |
46 | 49 | |
47 | 50 | *a = XCALLOC(1, sizeof(mp_int)); |
48 | 51 | if (*a == NULL) { |
49 | 52 | return CRYPT_MEM; |
50 | } | |
51 | ||
53 | } else { | |
54 | return CRYPT_OK; | |
55 | } | |
56 | } | |
57 | ||
58 | static int init(void **a) | |
59 | { | |
60 | int err; | |
61 | ||
62 | LTC_ARGCHK(a != NULL); | |
63 | ||
64 | if ((err = init_mpi(a)) != CRYPT_OK) { | |
65 | return err; | |
66 | } | |
52 | 67 | if ((err = mpi_to_ltc_error(mp_init(*a))) != CRYPT_OK) { |
53 | 68 | XFREE(*a); |
54 | 69 | } |
78 | 93 | |
79 | 94 | static int init_copy(void **a, void *b) |
80 | 95 | { |
81 | if (init(a) != CRYPT_OK) { | |
82 | return CRYPT_MEM; | |
83 | } | |
84 | return copy(b, *a); | |
96 | int err; | |
97 | LTC_ARGCHK(a != NULL); | |
98 | LTC_ARGCHK(b != NULL); | |
99 | if ((err = init_mpi(a)) != CRYPT_OK) return err; | |
100 | return mpi_to_ltc_error(mp_init_copy(*a, b)); | |
85 | 101 | } |
86 | 102 | |
87 | 103 | /* ---- trivial ---- */ |
124 | 140 | |
125 | 141 | static int compare(void *a, void *b) |
126 | 142 | { |
127 | int ret; | |
128 | LTC_ARGCHK(a != NULL); | |
129 | LTC_ARGCHK(b != NULL); | |
130 | ret = mp_cmp(a, b); | |
131 | switch (ret) { | |
143 | LTC_ARGCHK(a != NULL); | |
144 | LTC_ARGCHK(b != NULL); | |
145 | switch (mp_cmp(a, b)) { | |
132 | 146 | case MP_LT: return LTC_MP_LT; |
133 | 147 | case MP_EQ: return LTC_MP_EQ; |
134 | 148 | case MP_GT: return LTC_MP_GT; |
138 | 152 | |
139 | 153 | static int compare_d(void *a, ltc_mp_digit b) |
140 | 154 | { |
141 | int ret; | |
142 | LTC_ARGCHK(a != NULL); | |
143 | ret = mp_cmp_d(a, b); | |
144 | switch (ret) { | |
155 | LTC_ARGCHK(a != NULL); | |
156 | switch (mp_cmp_d(a, b)) { | |
145 | 157 | case MP_LT: return LTC_MP_LT; |
146 | 158 | case MP_EQ: return LTC_MP_EQ; |
147 | 159 | case MP_GT: return LTC_MP_GT; |
183 | 195 | { |
184 | 196 | LTC_ARGCHK(a != NULL); |
185 | 197 | LTC_ARGCHK(b != NULL); |
198 | #ifdef BN_MP_TORADIX_C | |
186 | 199 | return mpi_to_ltc_error(mp_toradix(a, b, radix)); |
200 | #else | |
201 | return mpi_to_ltc_error(mp_to_radix(a, b, SIZE_MAX, NULL, radix)); | |
202 | #endif | |
187 | 203 | } |
188 | 204 | |
189 | 205 | /* get size as unsigned char string */ |
190 | 206 | static unsigned long unsigned_size(void *a) |
191 | 207 | { |
192 | 208 | LTC_ARGCHK(a != NULL); |
209 | #ifdef BN_MP_UNSIGNED_BIN_SIZE_C | |
193 | 210 | return mp_unsigned_bin_size(a); |
211 | #else | |
212 | return (unsigned long)mp_ubin_size(a); | |
213 | #endif | |
194 | 214 | } |
195 | 215 | |
196 | 216 | /* store */ |
198 | 218 | { |
199 | 219 | LTC_ARGCHK(a != NULL); |
200 | 220 | LTC_ARGCHK(b != NULL); |
221 | #ifdef BN_MP_TO_UNSIGNED_BIN_C | |
201 | 222 | return mpi_to_ltc_error(mp_to_unsigned_bin(a, b)); |
223 | #else | |
224 | return mpi_to_ltc_error(mp_to_ubin(a, b, SIZE_MAX, NULL)); | |
225 | #endif | |
202 | 226 | } |
203 | 227 | |
204 | 228 | /* read */ |
206 | 230 | { |
207 | 231 | LTC_ARGCHK(a != NULL); |
208 | 232 | LTC_ARGCHK(b != NULL); |
233 | #ifdef BN_MP_READ_UNSIGNED_BIN_C | |
209 | 234 | return mpi_to_ltc_error(mp_read_unsigned_bin(a, b, len)); |
235 | #else | |
236 | return mpi_to_ltc_error(mp_from_ubin(a, b, (size_t)len)); | |
237 | #endif | |
210 | 238 | } |
211 | 239 | |
212 | 240 | /* add */ |
117 | 117 | unsigned char out[4]; |
118 | 118 | adler32_state ctx; |
119 | 119 | adler32_init(&ctx); |
120 | adler32_update(&ctx, in, strlen(in)); | |
120 | adler32_update(&ctx, in, XSTRLEN(in)); | |
121 | 121 | adler32_finish(&ctx, out, 4); |
122 | 122 | if (compare_testvector(adler32, 4, out, 4, "adler32", 0)) { |
123 | 123 | return CRYPT_FAIL_TESTVECTOR; |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file bcrypt.c | |
12 | bcrypt pbkdf, Steffen Jaeckel | |
13 | */ | |
14 | #ifdef LTC_BCRYPT | |
15 | ||
16 | #define BCRYPT_WORDS 8 | |
17 | #define BCRYPT_HASHSIZE (BCRYPT_WORDS * 4) | |
18 | ||
19 | static int _bcrypt_hash(const unsigned char *pt, | |
20 | const unsigned char *pass, unsigned long passlen, | |
21 | const unsigned char *salt, unsigned long saltlen, | |
22 | unsigned char *out, unsigned long *outlen) | |
23 | { | |
24 | symmetric_key key; | |
25 | int err, n; | |
26 | ulong32 ct[BCRYPT_WORDS]; | |
27 | ||
28 | if ((err = blowfish_setup_with_data(pass, passlen, salt, saltlen, &key)) != CRYPT_OK) { | |
29 | return err; | |
30 | } | |
31 | for (n = 0; n < 64; ++n) { | |
32 | if ((err = blowfish_expand(salt, saltlen, NULL, 0, &key)) != CRYPT_OK) { | |
33 | return err; | |
34 | } | |
35 | if ((err = blowfish_expand(pass, passlen, NULL, 0, &key)) != CRYPT_OK) { | |
36 | return err; | |
37 | } | |
38 | } | |
39 | ||
40 | for (n = 0; n < BCRYPT_WORDS; ++n) { | |
41 | LOAD32H(ct[n], &pt[n*4]); | |
42 | } | |
43 | ||
44 | for (n = 0; n < 64; ++n) { | |
45 | blowfish_enc(ct, BCRYPT_WORDS/2, &key); | |
46 | } | |
47 | ||
48 | for (n = 0; n < BCRYPT_WORDS; ++n) { | |
49 | STORE32L(ct[n], &out[4 * n]); | |
50 | } | |
51 | *outlen = sizeof(ct); | |
52 | #ifdef LTC_CLEAN_STACK | |
53 | zeromem(&key, sizeof(key)); | |
54 | zeromem(ct, sizeof(ct)); | |
55 | #endif | |
56 | ||
57 | return CRYPT_OK; | |
58 | } | |
59 | ||
60 | static int _bcrypt_pbkdf_hash(const unsigned char *pass, unsigned long passlen, | |
61 | const unsigned char *salt, unsigned long saltlen, | |
62 | unsigned char *out, unsigned long *outlen) | |
63 | { | |
64 | const unsigned char pt[] = "OxychromaticBlowfishSwatDynamite"; | |
65 | return _bcrypt_hash(pt, pass, passlen, salt, saltlen, out, outlen); | |
66 | } | |
67 | ||
68 | /** | |
69 | Compatible to bcrypt_pbkdf() as provided in OpenBSD | |
70 | @param password The input password (or key) | |
71 | @param password_len The length of the password (octets) | |
72 | @param salt The salt (or nonce) | |
73 | @param salt_len The length of the salt (octets) | |
74 | @param rounds # of iterations desired [read specs for more] | |
75 | @param hash_idx The index of the hash desired | |
76 | @param out [out] The destination for this algorithm | |
77 | @param outlen [in/out] The desired size of the algorithm output | |
78 | @return CRYPT_OK if successful | |
79 | */ | |
80 | int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len, | |
81 | const unsigned char *salt, unsigned long salt_len, | |
82 | unsigned int rounds, int hash_idx, | |
83 | unsigned char *out, unsigned long *outlen) | |
84 | { | |
85 | int err; | |
86 | ulong32 blkno; | |
87 | unsigned long left, itts, x, y, hashed_pass_len, step_size, steps, dest, used_rounds; | |
88 | unsigned char *buf[3], blkbuf[4]; | |
89 | unsigned char *hashed_pass; | |
90 | ||
91 | LTC_ARGCHK(secret != NULL); | |
92 | LTC_ARGCHK(salt != NULL); | |
93 | LTC_ARGCHK(out != NULL); | |
94 | LTC_ARGCHK(outlen != NULL); | |
95 | ||
96 | if ((secret_len == 0) || (salt_len == 0) || (*outlen == 0)) { | |
97 | return CRYPT_INVALID_ARG; | |
98 | } | |
99 | /* test hash IDX */ | |
100 | if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { | |
101 | return err; | |
102 | } | |
103 | /* set default value for rounds if not given */ | |
104 | if (rounds == 0) { | |
105 | used_rounds = LTC_BCRYPT_DEFAULT_ROUNDS; | |
106 | } else { | |
107 | used_rounds = rounds; | |
108 | } | |
109 | ||
110 | buf[0] = XMALLOC(MAXBLOCKSIZE * 3); | |
111 | hashed_pass = XMALLOC(MAXBLOCKSIZE); | |
112 | if (buf[0] == NULL || hashed_pass == NULL) { | |
113 | if (hashed_pass != NULL) { | |
114 | XFREE(hashed_pass); | |
115 | } | |
116 | if (buf[0] != NULL) { | |
117 | XFREE(buf[0]); | |
118 | } | |
119 | return CRYPT_MEM; | |
120 | } | |
121 | /* buf[1] points to the second block of MAXBLOCKSIZE bytes */ | |
122 | buf[1] = buf[0] + MAXBLOCKSIZE; | |
123 | buf[2] = buf[1] + MAXBLOCKSIZE; | |
124 | ||
125 | step_size = (*outlen + BCRYPT_HASHSIZE - 1) / BCRYPT_HASHSIZE; | |
126 | steps = (*outlen + step_size - 1) / step_size; | |
127 | ||
128 | hashed_pass_len = MAXBLOCKSIZE; | |
129 | if ((err = hash_memory(hash_idx, (unsigned char*)secret, secret_len, hashed_pass, &hashed_pass_len)) != CRYPT_OK) { | |
130 | goto LBL_ERR; | |
131 | } | |
132 | ||
133 | left = *outlen; | |
134 | blkno = 0; | |
135 | while (left != 0) { | |
136 | /* increment and store current block number */ | |
137 | ++blkno; | |
138 | STORE32H(blkno, blkbuf); | |
139 | ||
140 | /* process block number blkno */ | |
141 | zeromem(buf[0], MAXBLOCKSIZE*2); | |
142 | ||
143 | x = MAXBLOCKSIZE; | |
144 | if ((err = hash_memory_multi(hash_idx, buf[0], &x, | |
145 | salt, salt_len, | |
146 | blkbuf, 4uL, | |
147 | NULL, 0)) != CRYPT_OK) { | |
148 | goto LBL_ERR; | |
149 | } | |
150 | y = MAXBLOCKSIZE; | |
151 | if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) { | |
152 | goto LBL_ERR; | |
153 | } | |
154 | XMEMCPY(buf[2], buf[1], y); | |
155 | ||
156 | /* now compute repeated and XOR it in buf[2] */ | |
157 | for (itts = 1; itts < used_rounds; ++itts) { | |
158 | x = MAXBLOCKSIZE; | |
159 | if ((err = hash_memory(hash_idx, buf[1], y, buf[0], &x)) != CRYPT_OK) { | |
160 | goto LBL_ERR; | |
161 | } | |
162 | y = MAXBLOCKSIZE; | |
163 | if ((err = _bcrypt_pbkdf_hash(hashed_pass, hashed_pass_len, buf[0], x, buf[1], &y)) != CRYPT_OK) { | |
164 | goto LBL_ERR; | |
165 | } | |
166 | for (x = 0; x < y; x++) { | |
167 | buf[2][x] ^= buf[1][x]; | |
168 | } | |
169 | } | |
170 | ||
171 | /* now emit upto `steps` bytes of buf[2] to output */ | |
172 | steps = MIN(steps, left); | |
173 | for (y = 0; y < steps; ++y) { | |
174 | dest = y * step_size + (blkno - 1); | |
175 | if (dest >= *outlen) | |
176 | break; | |
177 | out[dest] = buf[2][y]; | |
178 | } | |
179 | left -= y; | |
180 | } | |
181 | ||
182 | err = CRYPT_OK; | |
183 | LBL_ERR: | |
184 | #ifdef LTC_CLEAN_STACK | |
185 | zeromem(buf[0], MAXBLOCKSIZE*3); | |
186 | zeromem(hashed_pass, MAXBLOCKSIZE); | |
187 | #endif | |
188 | ||
189 | XFREE(hashed_pass); | |
190 | XFREE(buf[0]); | |
191 | ||
192 | return err; | |
193 | } | |
194 | ||
195 | #endif | |
196 | ||
197 | ||
198 | /* ref: $Format:%D$ */ | |
199 | /* git commit: $Format:%H$ */ | |
200 | /* commit time: $Format:%ai$ */ |
187 | 187 | unsigned char out[4]; |
188 | 188 | crc32_state ctx; |
189 | 189 | crc32_init(&ctx); |
190 | crc32_update(&ctx, in, strlen(in)); | |
190 | crc32_update(&ctx, in, XSTRLEN(in)); | |
191 | 191 | crc32_finish(&ctx, out, 4); |
192 | 192 | if (compare_testvector(crc32, 4, out, 4, "CRC32", 0)) { |
193 | 193 | return CRYPT_FAIL_TESTVECTOR; |
127 | 127 | #if defined(LTC_SERPENT) |
128 | 128 | " Serpent\n" |
129 | 129 | #endif |
130 | #if defined(LTC_TEA) | |
131 | " TEA\n" | |
132 | #endif | |
130 | 133 | "Stream ciphers built-in:\n" |
131 | 134 | #if defined(LTC_CHACHA) |
132 | 135 | " ChaCha\n" |
352 | 355 | #if defined(LTC_MDSA) |
353 | 356 | " DSA\n" |
354 | 357 | #endif |
358 | #if defined(LTC_CURVE25519) | |
359 | #if defined(LTC_CURVE25519) | |
360 | " Ed25519\n" | |
361 | #endif | |
362 | #if defined(LTC_CURVE25519) | |
363 | " X25519\n" | |
364 | #endif | |
365 | #endif | |
355 | 366 | #if defined(LTC_PK_MAX_RETRIES) |
356 | 367 | " "NAME_VALUE(LTC_PK_MAX_RETRIES)"\n" |
357 | 368 | #endif |
422 | 433 | #if defined(LTC_BASE16) |
423 | 434 | " BASE16 " |
424 | 435 | #endif |
436 | #if defined(LTC_BCRYPT) | |
437 | " BCRYPT " | |
438 | " " NAME_VALUE(LTC_BCRYPT_DEFAULT_ROUNDS) " " | |
439 | #endif | |
425 | 440 | #if defined(LTC_CRC32) |
426 | 441 | " CRC32 " |
427 | 442 | #endif |
505 | 520 | #if defined(LTC_NO_ASM) |
506 | 521 | " LTC_NO_ASM " |
507 | 522 | #endif |
508 | #if defined(LTC_ROx_ASM) | |
523 | #if defined(LTC_ROx_BUILTIN) | |
524 | " LTC_ROx_BUILTIN " | |
525 | #elif defined(LTC_ROx_ASM) | |
509 | 526 | " LTC_ROx_ASM " |
510 | 527 | #if defined(LTC_NO_ROLC) |
511 | 528 | " LTC_NO_ROLC " |
97 | 97 | #ifdef LTC_SERPENT |
98 | 98 | REGISTER_CIPHER(&serpent_desc); |
99 | 99 | #endif |
100 | #ifdef LTC_TEA | |
101 | REGISTER_CIPHER(&tea_desc); | |
102 | #endif | |
100 | 103 | return CRYPT_OK; |
101 | 104 | } |
102 | 105 |
83 | 83 | */ |
84 | 84 | int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode) |
85 | 85 | { |
86 | unsigned long diff, l; | |
86 | unsigned long l; | |
87 | 87 | enum padding_type type; |
88 | 88 | int err; |
89 | unsigned char diff; | |
89 | 90 | |
90 | 91 | LTC_ARGCHK(data != NULL); |
91 | 92 | LTC_ARGCHK(padded_length != NULL); |
110 | 111 | return CRYPT_BUFFER_OVERFLOW; |
111 | 112 | } |
112 | 113 | |
113 | diff = l - length; | |
114 | if (diff > 255) return CRYPT_INVALID_ARG; | |
114 | if (l - length > 255) return CRYPT_INVALID_ARG; | |
115 | diff = (unsigned char)(l - length); | |
115 | 116 | |
116 | 117 | switch (type) { |
117 | 118 | case LTC_PAD_PKCS7: |
119 | 120 | break; |
120 | 121 | #ifdef LTC_RNG_GET_BYTES |
121 | 122 | case LTC_PAD_ISO_10126: |
122 | if (rng_get_bytes(&data[length], diff-1, NULL) != diff-1) { | |
123 | if (rng_get_bytes(&data[length], diff-1u, NULL) != diff-1u) { | |
123 | 124 | return CRYPT_ERROR_READPRNG; |
124 | 125 | } |
125 | 126 | data[l-1] = diff; |
17 | 17 | |
18 | 18 | /** |
19 | 19 | Decode a SSH sequence using a VA list |
20 | @param in Data to decode | |
21 | @param inlen Length of buffer to decode | |
22 | @remark <...> is of the form <type, data> (int, void*) except for string <type, data, size> | |
20 | @param in The input buffer | |
21 | @param inlen [in/out] The length of the input buffer and on output the amount of decoded data | |
22 | @remark <...> is of the form <type, data*> (int, <unsigned char*,ulong32*,ulong64*>) except for string&name-list <type, data, size*> (int, void*, unsigned long*) | |
23 | 23 | @return CRYPT_OK on success |
24 | 24 | */ |
25 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) | |
25 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...) | |
26 | 26 | { |
27 | 27 | int err; |
28 | 28 | va_list args; |
32 | 32 | char *sdata; |
33 | 33 | ulong32 *u32data; |
34 | 34 | ulong64 *u64data; |
35 | unsigned long bufsize; | |
35 | unsigned long *bufsize; | |
36 | 36 | ulong32 size; |
37 | unsigned long remaining; | |
37 | 38 | |
38 | 39 | LTC_ARGCHK(in != NULL); |
40 | LTC_ARGCHK(inlen != NULL); | |
39 | 41 | |
42 | remaining = *inlen; | |
40 | 43 | /* Decode values from buffer */ |
41 | 44 | va_start(args, inlen); |
42 | 45 | while ((type = (ssh_data_type)va_arg(args, int)) != LTC_SSHDATA_EOL) { |
46 | 49 | type == LTC_SSHDATA_MPINT) |
47 | 50 | { |
48 | 51 | /* Check we'll not read too far */ |
49 | if (inlen < 4) { | |
52 | if (remaining < 4) { | |
50 | 53 | err = CRYPT_BUFFER_OVERFLOW; |
51 | 54 | goto error; |
52 | 55 | } |
70 | 73 | case LTC_SSHDATA_MPINT: |
71 | 74 | LOAD32H(size, in); |
72 | 75 | in += 4; |
73 | inlen -= 4; | |
76 | remaining -= 4; | |
74 | 77 | break; |
75 | 78 | |
76 | 79 | case LTC_SSHDATA_EOL: |
80 | 83 | } |
81 | 84 | |
82 | 85 | /* Check we'll not read too far */ |
83 | if (inlen < size) { | |
86 | if (remaining < size) { | |
84 | 87 | err = CRYPT_BUFFER_OVERFLOW; |
85 | 88 | goto error; |
86 | 89 | } else { |
87 | inlen -= size; | |
90 | remaining -= size; | |
91 | } | |
92 | ||
93 | vdata = va_arg(args, void*); | |
94 | if (vdata == NULL) { | |
95 | err = CRYPT_INVALID_ARG; | |
96 | goto error; | |
88 | 97 | } |
89 | 98 | |
90 | 99 | /* Read data */ |
91 | 100 | switch (type) { |
92 | 101 | case LTC_SSHDATA_BYTE: |
93 | cdata = va_arg(args, unsigned char*); | |
102 | cdata = vdata; | |
94 | 103 | *cdata = *in++; |
95 | 104 | break; |
96 | 105 | case LTC_SSHDATA_BOOLEAN: |
97 | cdata = va_arg(args, unsigned char*); | |
106 | cdata = vdata; | |
98 | 107 | /* |
99 | 108 | The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be |
100 | 109 | interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1. |
101 | */ | |
110 | */ | |
102 | 111 | *cdata = (*in++)?1:0; |
103 | 112 | break; |
104 | 113 | case LTC_SSHDATA_UINT32: |
105 | u32data = va_arg(args, ulong32*); | |
114 | u32data = vdata; | |
106 | 115 | LOAD32H(*u32data, in); |
107 | 116 | in += 4; |
108 | 117 | break; |
109 | 118 | case LTC_SSHDATA_UINT64: |
110 | u64data = va_arg(args, ulong64*); | |
119 | u64data = vdata; | |
111 | 120 | LOAD64H(*u64data, in); |
112 | 121 | in += 8; |
113 | 122 | break; |
114 | 123 | case LTC_SSHDATA_STRING: |
115 | 124 | case LTC_SSHDATA_NAMELIST: |
116 | sdata = va_arg(args, char*); | |
117 | bufsize = va_arg(args, unsigned long); | |
118 | if (size >= bufsize) { | |
125 | sdata = vdata; | |
126 | bufsize = va_arg(args, unsigned long*); | |
127 | if (bufsize == NULL) { | |
128 | err = CRYPT_INVALID_ARG; | |
129 | goto error; | |
130 | } | |
131 | if (size + 1 >= *bufsize) { | |
119 | 132 | err = CRYPT_BUFFER_OVERFLOW; |
120 | 133 | goto error; |
121 | 134 | } |
122 | 135 | if (size > 0) { |
123 | XSTRNCPY(sdata, (const char *)in, size); | |
124 | sdata[size] = '\0'; /* strncpy doesn't NUL-terminate */ | |
125 | } else { | |
126 | *sdata = '\0'; | |
136 | XMEMCPY(sdata, (const char *)in, size); | |
127 | 137 | } |
138 | sdata[size] = '\0'; | |
139 | *bufsize = size; | |
128 | 140 | in += size; |
129 | 141 | break; |
130 | 142 | case LTC_SSHDATA_MPINT: |
131 | vdata = va_arg(args, void*); | |
132 | 143 | if (size == 0) { |
133 | 144 | if ((err = mp_set(vdata, 0)) != CRYPT_OK) { goto error; } |
134 | 145 | } else if ((in[0] & 0x80) != 0) { |
149 | 160 | } |
150 | 161 | err = CRYPT_OK; |
151 | 162 | |
163 | *inlen -= remaining; | |
164 | ||
152 | 165 | error: |
153 | 166 | va_end(args); |
154 | 167 | return err; |
19 | 19 | Encode a SSH sequence using a VA list |
20 | 20 | @param out [out] Destination for data |
21 | 21 | @param outlen [in/out] Length of buffer and resulting length of output |
22 | @remark <...> is of the form <type, data> (int, void*) | |
22 | @remark <...> is of the form <type, data> (int, <int,ulong32,ulong64>) except for string&name-list <type, data, size> (int, void*, unsigned long) | |
23 | 23 | @return CRYPT_OK on success |
24 | 24 | */ |
25 | 25 | int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) |
28 | 28 | va_list args; |
29 | 29 | ulong32 size; |
30 | 30 | ssh_data_type type; |
31 | void *vdata; | |
32 | const char *sdata; | |
31 | void *vdata; | |
32 | const char *sdata; | |
33 | 33 | int idata; |
34 | 34 | ulong32 u32data; |
35 | 35 | ulong64 u64data; |
57 | 57 | break; |
58 | 58 | case LTC_SSHDATA_STRING: |
59 | 59 | case LTC_SSHDATA_NAMELIST: |
60 | sdata = va_arg(args, char*); | |
60 | LTC_UNUSED_PARAM( va_arg(args, char*) ); | |
61 | size += va_arg(args, unsigned long); | |
61 | 62 | size += 4; |
62 | size += strlen(sdata); | |
63 | 63 | break; |
64 | 64 | case LTC_SSHDATA_MPINT: |
65 | 65 | vdata = va_arg(args, void*); |
101 | 101 | /* |
102 | 102 | The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be |
103 | 103 | interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1. |
104 | */ | |
104 | */ | |
105 | 105 | *out++ = (idata)?1:0; |
106 | 106 | break; |
107 | 107 | case LTC_SSHDATA_UINT32: |
117 | 117 | case LTC_SSHDATA_STRING: |
118 | 118 | case LTC_SSHDATA_NAMELIST: |
119 | 119 | sdata = va_arg(args, char*); |
120 | size = strlen(sdata); | |
120 | size = va_arg(args, unsigned long); | |
121 | 121 | STORE32H(size, out); |
122 | 122 | out += 4; |
123 | 123 | XMEMCPY(out, sdata, size); |
64 | 64 | /* count number of bytes */ |
65 | 65 | for (z = 0; (tmp & 0x80) && (z <= 4); z++, tmp = (tmp << 1) & 0xFF); |
66 | 66 | |
67 | if (z > 4 || (x + (z - 1) > inlen)) { | |
67 | if (z == 1 || z > 4 || (x + (z - 1) > inlen)) { | |
68 | 68 | return CRYPT_INVALID_PACKET; |
69 | 69 | } |
70 | 70 |
19 | 19 | { PKA_DSA, "1.2.840.10040.4.1" }, |
20 | 20 | { PKA_EC, "1.2.840.10045.2.1" }, |
21 | 21 | { PKA_EC_PRIMEF, "1.2.840.10045.1.1" }, |
22 | { PKA_X25519, "1.3.101.110" }, | |
23 | { PKA_ED25519, "1.3.101.112" }, | |
22 | 24 | }; |
23 | 25 | |
24 | 26 | /* |
10 | 10 | |
11 | 11 | int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen) |
12 | 12 | { |
13 | unsigned long i, j, limit, OID_len, oid_j; | |
13 | unsigned long i, j, limit, oid_j; | |
14 | size_t OID_len; | |
14 | 15 | |
15 | 16 | LTC_ARGCHK(oidlen != NULL); |
16 | 17 | |
20 | 21 | |
21 | 22 | if (OID == NULL) return CRYPT_OK; |
22 | 23 | |
23 | OID_len = strlen(OID); | |
24 | OID_len = XSTRLEN(OID); | |
24 | 25 | if (OID_len == 0) return CRYPT_OK; |
25 | 26 | |
26 | 27 | for (i = 0, j = 0; i < OID_len; i++) { |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ec25519_export.c | |
12 | Generic export of a Curve/Ed25519 key to a binary packet, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Generic export of a Curve/Ed25519 key to a binary packet | |
19 | @param out [out] The destination for the key | |
20 | @param outlen [in/out] The max size and resulting size of the Ed25519 key | |
21 | @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC) | |
22 | @param key The key you wish to export | |
23 | @return CRYPT_OK if successful | |
24 | */ | |
25 | int ec25519_export( unsigned char *out, unsigned long *outlen, | |
26 | int which, | |
27 | const curve25519_key *key) | |
28 | { | |
29 | int err, std; | |
30 | const char* OID; | |
31 | unsigned long oid[16], oidlen; | |
32 | ltc_asn1_list alg_id[1]; | |
33 | unsigned char private_key[34]; | |
34 | unsigned long version, private_key_len = sizeof(private_key); | |
35 | ||
36 | LTC_ARGCHK(out != NULL); | |
37 | LTC_ARGCHK(outlen != NULL); | |
38 | LTC_ARGCHK(key != NULL); | |
39 | ||
40 | std = which & PK_STD; | |
41 | which &= ~PK_STD; | |
42 | ||
43 | if (which == PK_PRIVATE) { | |
44 | if(key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE; | |
45 | ||
46 | if (std == PK_STD) { | |
47 | if ((err = pk_get_oid(key->algo, &OID)) != CRYPT_OK) { | |
48 | return err; | |
49 | } | |
50 | oidlen = sizeof(oid)/sizeof(oid[0]); | |
51 | if ((err = pk_oid_str_to_num(OID, oid, &oidlen)) != CRYPT_OK) { | |
52 | return err; | |
53 | } | |
54 | ||
55 | LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid, oidlen); | |
56 | ||
57 | /* encode private key as PKCS#8 */ | |
58 | if ((err = der_encode_octet_string(key->priv, 32uL, private_key, &private_key_len)) != CRYPT_OK) { | |
59 | return err; | |
60 | } | |
61 | ||
62 | version = 0; | |
63 | err = der_encode_sequence_multi(out, outlen, | |
64 | LTC_ASN1_SHORT_INTEGER, 1uL, &version, | |
65 | LTC_ASN1_SEQUENCE, 1uL, alg_id, | |
66 | LTC_ASN1_OCTET_STRING, private_key_len, private_key, | |
67 | LTC_ASN1_EOL, 0uL, NULL); | |
68 | } else { | |
69 | if (*outlen < sizeof(key->priv)) { | |
70 | err = CRYPT_BUFFER_OVERFLOW; | |
71 | } else { | |
72 | XMEMCPY(out, key->priv, sizeof(key->priv)); | |
73 | err = CRYPT_OK; | |
74 | } | |
75 | *outlen = sizeof(key->priv); | |
76 | } | |
77 | } else { | |
78 | if (std == PK_STD) { | |
79 | /* encode public key as SubjectPublicKeyInfo */ | |
80 | err = x509_encode_subject_public_key_info(out, outlen, key->algo, key->pub, 32uL, LTC_ASN1_EOL, NULL, 0); | |
81 | } else { | |
82 | if (*outlen < sizeof(key->pub)) { | |
83 | err = CRYPT_BUFFER_OVERFLOW; | |
84 | } else { | |
85 | XMEMCPY(out, key->pub, sizeof(key->pub)); | |
86 | err = CRYPT_OK; | |
87 | } | |
88 | *outlen = sizeof(key->pub); | |
89 | } | |
90 | } | |
91 | ||
92 | return err; | |
93 | } | |
94 | ||
95 | #endif | |
96 | ||
97 | /* ref: $Format:%D$ */ | |
98 | /* git commit: $Format:%H$ */ | |
99 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ec25519_import_pkcs8.c | |
12 | Generic import of a Curve/Ed25519 private key in PKCS#8 format, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Generic import of a Curve/Ed25519 private key in PKCS#8 format | |
19 | @param in The DER-encoded PKCS#8-formatted private key | |
20 | @param inlen The length of the input data | |
21 | @param passwd The password to decrypt the private key | |
22 | @param passwdlen Password's length (octets) | |
23 | @param key [out] Where to import the key to | |
24 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
25 | */ | |
26 | int ec25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
27 | const void *pwd, unsigned long pwdlen, | |
28 | enum ltc_oid_id id, sk_to_pk fp, | |
29 | curve25519_key *key) | |
30 | { | |
31 | int err; | |
32 | ltc_asn1_list *l = NULL; | |
33 | const char *oid; | |
34 | ltc_asn1_list alg_id[1]; | |
35 | unsigned char private_key[34]; | |
36 | unsigned long version, key_len; | |
37 | unsigned long tmpoid[16]; | |
38 | ||
39 | LTC_ARGCHK(in != NULL); | |
40 | LTC_ARGCHK(key != NULL); | |
41 | LTC_ARGCHK(fp != NULL); | |
42 | ||
43 | if ((err = pkcs8_decode_flexi(in, inlen, pwd, pwdlen, &l)) == CRYPT_OK) { | |
44 | ||
45 | LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid) / sizeof(tmpoid[0])); | |
46 | ||
47 | key_len = sizeof(private_key); | |
48 | if ((err = der_decode_sequence_multi(l->data, l->size, | |
49 | LTC_ASN1_SHORT_INTEGER, 1uL, &version, | |
50 | LTC_ASN1_SEQUENCE, 1uL, alg_id, | |
51 | LTC_ASN1_OCTET_STRING, key_len, private_key, | |
52 | LTC_ASN1_EOL, 0uL, NULL)) | |
53 | != CRYPT_OK) { | |
54 | /* If there are attributes added after the private_key it is tagged with version 1 and | |
55 | * we get an 'input too long' error but the rest is already decoded and can be | |
56 | * handled the same as for version 0 | |
57 | */ | |
58 | if ((err == CRYPT_INPUT_TOO_LONG) && (version == 1)) { | |
59 | version = 0; | |
60 | } else { | |
61 | goto out; | |
62 | } | |
63 | } | |
64 | ||
65 | if ((err = pk_get_oid(id, &oid)) != CRYPT_OK) { | |
66 | goto out; | |
67 | } | |
68 | if ((err = pk_oid_cmp_with_asn1(oid, &alg_id[0])) != CRYPT_OK) { | |
69 | goto out; | |
70 | } | |
71 | ||
72 | if (version == 0) { | |
73 | key_len = sizeof(key->priv); | |
74 | if ((err = der_decode_octet_string(private_key, sizeof(private_key), key->priv, &key_len)) == CRYPT_OK) { | |
75 | fp(key->pub, key->priv); | |
76 | key->type = PK_PRIVATE; | |
77 | key->algo = id; | |
78 | } | |
79 | } else { | |
80 | err = CRYPT_PK_INVALID_TYPE; | |
81 | } | |
82 | } | |
83 | out: | |
84 | if (l) der_free_sequence_flexi(l); | |
85 | #ifdef LTC_CLEAN_STACK | |
86 | zeromem(private_key, sizeof(private_key)); | |
87 | #endif | |
88 | ||
89 | return err; | |
90 | } | |
91 | ||
92 | #endif | |
93 | ||
94 | /* ref: $Format:%D$ */ | |
95 | /* git commit: $Format:%H$ */ | |
96 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /* automatically generated file, do not edit */ | |
11 | ||
12 | #define FOR(i,n) for (i = 0;i < n;++i) | |
13 | #define sv static void | |
14 | ||
15 | typedef unsigned char u8; | |
16 | typedef ulong32 u32; | |
17 | typedef ulong64 u64; | |
18 | typedef long64 i64; | |
19 | typedef i64 gf[16]; | |
20 | ||
21 | static const u8 | |
22 | _9[32] = {9}; | |
23 | static const gf | |
24 | gf0, | |
25 | gf1 = {1}, | |
26 | _121665 = {0xDB41,1}, | |
27 | D = {0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203}, | |
28 | D2 = {0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406}, | |
29 | X = {0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169}, | |
30 | Y = {0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666}, | |
31 | I = {0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83}; | |
32 | ||
33 | static int vn(const u8 *x,const u8 *y,int n) | |
34 | { | |
35 | int i; | |
36 | u32 d = 0; | |
37 | FOR(i,n) d |= x[i]^y[i]; | |
38 | return (1 & ((d - 1) >> 8)) - 1; | |
39 | } | |
40 | ||
41 | static int tweetnacl_crypto_verify_32(const u8 *x,const u8 *y) | |
42 | { | |
43 | return vn(x,y,32); | |
44 | } | |
45 | ||
46 | sv set25519(gf r, const gf a) | |
47 | { | |
48 | int i; | |
49 | FOR(i,16) r[i]=a[i]; | |
50 | } | |
51 | ||
52 | sv car25519(gf o) | |
53 | { | |
54 | int i; | |
55 | i64 c; | |
56 | FOR(i,16) { | |
57 | o[i]+=(1LL<<16); | |
58 | c=o[i]>>16; | |
59 | o[(i+1)*(i<15)]+=c-1+37*(c-1)*(i==15); | |
60 | o[i]-=c<<16; | |
61 | } | |
62 | } | |
63 | ||
64 | sv sel25519(gf p,gf q,int b) | |
65 | { | |
66 | i64 t,i,c=~(b-1); | |
67 | FOR(i,16) { | |
68 | t= c&(p[i]^q[i]); | |
69 | p[i]^=t; | |
70 | q[i]^=t; | |
71 | } | |
72 | } | |
73 | ||
74 | sv pack25519(u8 *o,const gf n) | |
75 | { | |
76 | int i,j,b; | |
77 | gf m,t; | |
78 | FOR(i,16) t[i]=n[i]; | |
79 | car25519(t); | |
80 | car25519(t); | |
81 | car25519(t); | |
82 | FOR(j,2) { | |
83 | m[0]=t[0]-0xffed; | |
84 | for(i=1;i<15;i++) { | |
85 | m[i]=t[i]-0xffff-((m[i-1]>>16)&1); | |
86 | m[i-1]&=0xffff; | |
87 | } | |
88 | m[15]=t[15]-0x7fff-((m[14]>>16)&1); | |
89 | b=(m[15]>>16)&1; | |
90 | m[14]&=0xffff; | |
91 | sel25519(t,m,1-b); | |
92 | } | |
93 | FOR(i,16) { | |
94 | o[2*i]=t[i]&0xff; | |
95 | o[2*i+1]=t[i]>>8; | |
96 | } | |
97 | } | |
98 | ||
99 | static int neq25519(const gf a, const gf b) | |
100 | { | |
101 | u8 c[32],d[32]; | |
102 | pack25519(c,a); | |
103 | pack25519(d,b); | |
104 | return tweetnacl_crypto_verify_32(c,d); | |
105 | } | |
106 | ||
107 | static u8 par25519(const gf a) | |
108 | { | |
109 | u8 d[32]; | |
110 | pack25519(d,a); | |
111 | return d[0]&1; | |
112 | } | |
113 | ||
114 | sv unpack25519(gf o, const u8 *n) | |
115 | { | |
116 | int i; | |
117 | FOR(i,16) o[i]=n[2*i]+((i64)n[2*i+1]<<8); | |
118 | o[15]&=0x7fff; | |
119 | } | |
120 | ||
121 | sv A(gf o,const gf a,const gf b) | |
122 | { | |
123 | int i; | |
124 | FOR(i,16) o[i]=a[i]+b[i]; | |
125 | } | |
126 | ||
127 | sv Z(gf o,const gf a,const gf b) | |
128 | { | |
129 | int i; | |
130 | FOR(i,16) o[i]=a[i]-b[i]; | |
131 | } | |
132 | ||
133 | sv M(gf o,const gf a,const gf b) | |
134 | { | |
135 | i64 i,j,t[31]; | |
136 | FOR(i,31) t[i]=0; | |
137 | FOR(i,16) FOR(j,16) t[i+j]+=a[i]*b[j]; | |
138 | FOR(i,15) t[i]+=38*t[i+16]; | |
139 | FOR(i,16) o[i]=t[i]; | |
140 | car25519(o); | |
141 | car25519(o); | |
142 | } | |
143 | ||
144 | sv S(gf o,const gf a) | |
145 | { | |
146 | M(o,a,a); | |
147 | } | |
148 | ||
149 | sv inv25519(gf o,const gf i) | |
150 | { | |
151 | gf c; | |
152 | int a; | |
153 | FOR(a,16) c[a]=i[a]; | |
154 | for(a=253;a>=0;a--) { | |
155 | S(c,c); | |
156 | if(a!=2&&a!=4) M(c,c,i); | |
157 | } | |
158 | FOR(a,16) o[a]=c[a]; | |
159 | } | |
160 | ||
161 | sv pow2523(gf o,const gf i) | |
162 | { | |
163 | gf c; | |
164 | int a; | |
165 | FOR(a,16) c[a]=i[a]; | |
166 | for(a=250;a>=0;a--) { | |
167 | S(c,c); | |
168 | if(a!=1) M(c,c,i); | |
169 | } | |
170 | FOR(a,16) o[a]=c[a]; | |
171 | } | |
172 | ||
173 | int tweetnacl_crypto_scalarmult(u8 *q,const u8 *n,const u8 *p) | |
174 | { | |
175 | u8 z[32]; | |
176 | i64 x[80],r,i; | |
177 | gf a,b,c,d,e,f; | |
178 | FOR(i,31) z[i]=n[i]; | |
179 | z[31]=(n[31]&127)|64; | |
180 | z[0]&=248; | |
181 | unpack25519(x,p); | |
182 | FOR(i,16) { | |
183 | b[i]=x[i]; | |
184 | d[i]=a[i]=c[i]=0; | |
185 | } | |
186 | a[0]=d[0]=1; | |
187 | for(i=254;i>=0;--i) { | |
188 | r=(z[i>>3]>>(i&7))&1; | |
189 | sel25519(a,b,r); | |
190 | sel25519(c,d,r); | |
191 | A(e,a,c); | |
192 | Z(a,a,c); | |
193 | A(c,b,d); | |
194 | Z(b,b,d); | |
195 | S(d,e); | |
196 | S(f,a); | |
197 | M(a,c,a); | |
198 | M(c,b,e); | |
199 | A(e,a,c); | |
200 | Z(a,a,c); | |
201 | S(b,a); | |
202 | Z(c,d,f); | |
203 | M(a,c,_121665); | |
204 | A(a,a,d); | |
205 | M(c,c,a); | |
206 | M(a,d,f); | |
207 | M(d,b,x); | |
208 | S(b,e); | |
209 | sel25519(a,b,r); | |
210 | sel25519(c,d,r); | |
211 | } | |
212 | FOR(i,16) { | |
213 | x[i+16]=a[i]; | |
214 | x[i+32]=c[i]; | |
215 | x[i+48]=b[i]; | |
216 | x[i+64]=d[i]; | |
217 | } | |
218 | inv25519(x+32,x+32); | |
219 | M(x+16,x+16,x+32); | |
220 | pack25519(q,x+16); | |
221 | return 0; | |
222 | } | |
223 | ||
224 | int tweetnacl_crypto_scalarmult_base(u8 *q,const u8 *n) | |
225 | { | |
226 | return tweetnacl_crypto_scalarmult(q,n,_9); | |
227 | } | |
228 | ||
229 | static int tweetnacl_crypto_hash(u8 *out,const u8 *m,u64 n) | |
230 | { | |
231 | unsigned long len; | |
232 | int err, hash_idx; | |
233 | ||
234 | if (n > ULONG_MAX) return CRYPT_OVERFLOW; | |
235 | ||
236 | hash_idx = find_hash("sha512"); | |
237 | len = 64; | |
238 | if ((err = hash_memory(hash_idx, m, n, out, &len)) != CRYPT_OK) return err; | |
239 | ||
240 | return 0; | |
241 | } | |
242 | ||
243 | sv add(gf p[4],gf q[4]) | |
244 | { | |
245 | gf a,b,c,d,t,e,f,g,h; | |
246 | ||
247 | Z(a, p[1], p[0]); | |
248 | Z(t, q[1], q[0]); | |
249 | M(a, a, t); | |
250 | A(b, p[0], p[1]); | |
251 | A(t, q[0], q[1]); | |
252 | M(b, b, t); | |
253 | M(c, p[3], q[3]); | |
254 | M(c, c, D2); | |
255 | M(d, p[2], q[2]); | |
256 | A(d, d, d); | |
257 | Z(e, b, a); | |
258 | Z(f, d, c); | |
259 | A(g, d, c); | |
260 | A(h, b, a); | |
261 | ||
262 | M(p[0], e, f); | |
263 | M(p[1], h, g); | |
264 | M(p[2], g, f); | |
265 | M(p[3], e, h); | |
266 | } | |
267 | ||
268 | sv cswap(gf p[4],gf q[4],u8 b) | |
269 | { | |
270 | int i; | |
271 | FOR(i,4) | |
272 | sel25519(p[i],q[i],b); | |
273 | } | |
274 | ||
275 | sv pack(u8 *r,gf p[4]) | |
276 | { | |
277 | gf tx, ty, zi; | |
278 | inv25519(zi, p[2]); | |
279 | M(tx, p[0], zi); | |
280 | M(ty, p[1], zi); | |
281 | pack25519(r, ty); | |
282 | r[31] ^= par25519(tx) << 7; | |
283 | } | |
284 | ||
285 | sv scalarmult(gf p[4],gf q[4],const u8 *s) | |
286 | { | |
287 | int i; | |
288 | set25519(p[0],gf0); | |
289 | set25519(p[1],gf1); | |
290 | set25519(p[2],gf1); | |
291 | set25519(p[3],gf0); | |
292 | for (i = 255;i >= 0;--i) { | |
293 | u8 b = (s[i/8]>>(i&7))&1; | |
294 | cswap(p,q,b); | |
295 | add(q,p); | |
296 | add(p,p); | |
297 | cswap(p,q,b); | |
298 | } | |
299 | } | |
300 | ||
301 | sv scalarbase(gf p[4],const u8 *s) | |
302 | { | |
303 | gf q[4]; | |
304 | set25519(q[0],X); | |
305 | set25519(q[1],Y); | |
306 | set25519(q[2],gf1); | |
307 | M(q[3],X,Y); | |
308 | scalarmult(p,q,s); | |
309 | } | |
310 | ||
311 | int tweetnacl_crypto_sk_to_pk(u8 *pk, const u8 *sk) | |
312 | { | |
313 | u8 d[64]; | |
314 | gf p[4]; | |
315 | tweetnacl_crypto_hash(d, sk, 32); | |
316 | d[0] &= 248; | |
317 | d[31] &= 127; | |
318 | d[31] |= 64; | |
319 | ||
320 | scalarbase(p,d); | |
321 | pack(pk,p); | |
322 | ||
323 | return 0; | |
324 | } | |
325 | ||
326 | int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, u8 *pk, u8 *sk) | |
327 | { | |
328 | int err; | |
329 | ||
330 | /* randombytes(sk,32); */ | |
331 | if ((err = prng_is_valid(wprng)) != CRYPT_OK) { | |
332 | return err; | |
333 | } | |
334 | ||
335 | if (prng_descriptor[wprng].read(sk,32, prng) != 32) { | |
336 | return CRYPT_ERROR_READPRNG; | |
337 | } | |
338 | ||
339 | if ((err = tweetnacl_crypto_sk_to_pk(pk, sk)) != CRYPT_OK) { | |
340 | return err; | |
341 | } | |
342 | ||
343 | /* FOR(i,32) sk[32 + i] = pk[i]; | |
344 | * we don't copy the pk in the sk */ | |
345 | return CRYPT_OK; | |
346 | } | |
347 | ||
348 | static const u64 L[32] = {0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10}; | |
349 | ||
350 | sv modL(u8 *r,i64 x[64]) | |
351 | { | |
352 | i64 carry,i,j; | |
353 | for (i = 63;i >= 32;--i) { | |
354 | carry = 0; | |
355 | for (j = i - 32;j < i - 12;++j) { | |
356 | x[j] += carry - 16 * x[i] * L[j - (i - 32)]; | |
357 | carry = (x[j] + 128) >> 8; | |
358 | x[j] -= carry << 8; | |
359 | } | |
360 | x[j] += carry; | |
361 | x[i] = 0; | |
362 | } | |
363 | carry = 0; | |
364 | FOR(j,32) { | |
365 | x[j] += carry - (x[31] >> 4) * L[j]; | |
366 | carry = x[j] >> 8; | |
367 | x[j] &= 255; | |
368 | } | |
369 | FOR(j,32) x[j] -= carry * L[j]; | |
370 | FOR(i,32) { | |
371 | x[i+1] += x[i] >> 8; | |
372 | r[i] = x[i] & 255; | |
373 | } | |
374 | } | |
375 | ||
376 | sv reduce(u8 *r) | |
377 | { | |
378 | i64 x[64],i; | |
379 | FOR(i,64) x[i] = (u64) r[i]; | |
380 | FOR(i,64) r[i] = 0; | |
381 | modL(r,x); | |
382 | } | |
383 | ||
384 | int tweetnacl_crypto_sign(u8 *sm,u64 *smlen,const u8 *m,u64 mlen,const u8 *sk,const u8 *pk) | |
385 | { | |
386 | u8 d[64],h[64],r[64]; | |
387 | i64 i,j,x[64]; | |
388 | gf p[4]; | |
389 | ||
390 | tweetnacl_crypto_hash(d, sk, 32); | |
391 | d[0] &= 248; | |
392 | d[31] &= 127; | |
393 | d[31] |= 64; | |
394 | ||
395 | *smlen = mlen+64; | |
396 | FOR(i,(i64)mlen) sm[64 + i] = m[i]; | |
397 | FOR(i,32) sm[32 + i] = d[32 + i]; | |
398 | ||
399 | tweetnacl_crypto_hash(r, sm+32, mlen+32); | |
400 | reduce(r); | |
401 | scalarbase(p,r); | |
402 | pack(sm,p); | |
403 | ||
404 | FOR(i,32) sm[i+32] = pk[i]; | |
405 | tweetnacl_crypto_hash(h,sm,mlen + 64); | |
406 | reduce(h); | |
407 | ||
408 | FOR(i,64) x[i] = 0; | |
409 | FOR(i,32) x[i] = (u64) r[i]; | |
410 | FOR(i,32) FOR(j,32) x[i+j] += h[i] * (u64) d[j]; | |
411 | modL(sm + 32,x); | |
412 | ||
413 | return 0; | |
414 | } | |
415 | ||
416 | static int unpackneg(gf r[4],const u8 p[32]) | |
417 | { | |
418 | gf t, chk, num, den, den2, den4, den6; | |
419 | set25519(r[2],gf1); | |
420 | unpack25519(r[1],p); | |
421 | S(num,r[1]); | |
422 | M(den,num,D); | |
423 | Z(num,num,r[2]); | |
424 | A(den,r[2],den); | |
425 | ||
426 | S(den2,den); | |
427 | S(den4,den2); | |
428 | M(den6,den4,den2); | |
429 | M(t,den6,num); | |
430 | M(t,t,den); | |
431 | ||
432 | pow2523(t,t); | |
433 | M(t,t,num); | |
434 | M(t,t,den); | |
435 | M(t,t,den); | |
436 | M(r[0],t,den); | |
437 | ||
438 | S(chk,r[0]); | |
439 | M(chk,chk,den); | |
440 | if (neq25519(chk, num)) M(r[0],r[0],I); | |
441 | ||
442 | S(chk,r[0]); | |
443 | M(chk,chk,den); | |
444 | if (neq25519(chk, num)) return -1; | |
445 | ||
446 | if (par25519(r[0]) == (p[31]>>7)) Z(r[0],gf0,r[0]); | |
447 | ||
448 | M(r[3],r[0],r[1]); | |
449 | return 0; | |
450 | } | |
451 | ||
452 | int tweetnacl_crypto_sign_open(int *stat, u8 *m,u64 *mlen,const u8 *sm,u64 smlen,const u8 *pk) | |
453 | { | |
454 | u64 i; | |
455 | u8 s[32],t[32],h[64]; | |
456 | gf p[4],q[4]; | |
457 | ||
458 | *stat = 0; | |
459 | if (*mlen < smlen) return CRYPT_BUFFER_OVERFLOW; | |
460 | *mlen = -1; | |
461 | if (smlen < 64) return CRYPT_INVALID_ARG; | |
462 | ||
463 | if (unpackneg(q,pk)) return CRYPT_ERROR; | |
464 | ||
465 | XMEMMOVE(m,sm,smlen); | |
466 | XMEMMOVE(s,m + 32,32); | |
467 | XMEMMOVE(m + 32,pk,32); | |
468 | tweetnacl_crypto_hash(h,m,smlen); | |
469 | reduce(h); | |
470 | scalarmult(p,q,h); | |
471 | ||
472 | scalarbase(q,s); | |
473 | add(p,q); | |
474 | pack(t,p); | |
475 | ||
476 | smlen -= 64; | |
477 | if (tweetnacl_crypto_verify_32(sm, t)) { | |
478 | FOR(i,smlen) m[i] = 0; | |
479 | zeromem(m, smlen); | |
480 | return CRYPT_OK; | |
481 | } | |
482 | ||
483 | *stat = 1; | |
484 | XMEMMOVE(m,m + 64,smlen); | |
485 | *mlen = smlen; | |
486 | return CRYPT_OK; | |
487 | } | |
488 | ||
489 | /* ref: $Format:%D$ */ | |
490 | /* git commit: $Format:%H$ */ | |
491 | /* commit time: $Format:%ai$ */ |
113 | 113 | #ifdef LTC_SSH |
114 | 114 | else if (sigformat == LTC_ECCSIG_RFC5656) { |
115 | 115 | char name[64], name2[64]; |
116 | unsigned long namelen = sizeof(name2); | |
116 | unsigned long namelen = sizeof(name); | |
117 | unsigned long name2len = sizeof(name2); | |
117 | 118 | |
118 | 119 | /* Decode as SSH data sequence, per RFC4251 */ |
119 | if ((err = ssh_decode_sequence_multi(sig, siglen, | |
120 | LTC_SSHDATA_STRING, name, 64, | |
120 | if ((err = ssh_decode_sequence_multi(sig, &siglen, | |
121 | LTC_SSHDATA_STRING, name, &namelen, | |
121 | 122 | LTC_SSHDATA_MPINT, r, |
122 | 123 | LTC_SSHDATA_MPINT, s, |
123 | 124 | LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; } |
124 | 125 | |
125 | 126 | |
126 | 127 | /* Check curve matches identifier string */ |
127 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; } | |
128 | if (XSTRCMP(name,name2) != 0) { | |
128 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &name2len, key)) != CRYPT_OK) { goto error; } | |
129 | if ((namelen != name2len) || (XSTRCMP(name, name2) != 0)) { | |
129 | 130 | err = CRYPT_INVALID_ARG; |
130 | 131 | goto error; |
131 | 132 | } |
163 | 163 | |
164 | 164 | /* Store as SSH data sequence, per RFC4251 */ |
165 | 165 | err = ssh_encode_sequence_multi(out, outlen, |
166 | LTC_SSHDATA_STRING, name, | |
166 | LTC_SSHDATA_STRING, name, namelen, | |
167 | 167 | LTC_SSHDATA_MPINT, r, |
168 | 168 | LTC_SSHDATA_MPINT, s, |
169 | 169 | LTC_SSHDATA_EOL, NULL); |
24 | 24 | { |
25 | 25 | char oidstr[64]; |
26 | 26 | unsigned long oidlen = sizeof(oidstr); |
27 | unsigned long size = 0; | |
28 | int err; | |
27 | int err, size = 0; | |
29 | 28 | |
30 | 29 | LTC_ARGCHK(buffer != NULL); |
31 | 30 | LTC_ARGCHK(buflen != NULL); |
51 | 50 | size = snprintf(buffer, *buflen, "ecdsa-sha2-%s", oidstr); |
52 | 51 | } |
53 | 52 | |
54 | /* snprintf returns size that would have been written, but limits to buflen-1 chars plus terminator */ | |
55 | if (size >= *buflen) { | |
53 | /* snprintf returns a negative value on error | |
54 | * or the size that would have been written, but limits to buflen-1 chars plus terminator */ | |
55 | if (size < 0) { | |
56 | err = CRYPT_ERROR; | |
57 | } else if ((unsigned)size >= *buflen) { | |
56 | 58 | err = CRYPT_BUFFER_OVERFLOW; |
57 | 59 | } else { |
58 | 60 | err = CRYPT_OK; |
99 | 99 | #ifdef LTC_SSH |
100 | 100 | else if (sigformat == LTC_ECCSIG_RFC5656) { |
101 | 101 | char name[64], name2[64]; |
102 | unsigned long namelen = sizeof(name2); | |
102 | unsigned long namelen = sizeof(name); | |
103 | unsigned long name2len = sizeof(name2); | |
103 | 104 | |
104 | 105 | /* Decode as SSH data sequence, per RFC4251 */ |
105 | if ((err = ssh_decode_sequence_multi(sig, siglen, | |
106 | LTC_SSHDATA_STRING, name, 64, | |
106 | if ((err = ssh_decode_sequence_multi(sig, &siglen, | |
107 | LTC_SSHDATA_STRING, name, &namelen, | |
107 | 108 | LTC_SSHDATA_MPINT, r, |
108 | 109 | LTC_SSHDATA_MPINT, s, |
109 | 110 | LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; } |
110 | 111 | |
111 | 112 | |
112 | 113 | /* Check curve matches identifier string */ |
113 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; } | |
114 | if (XSTRCMP(name,name2) != 0) { | |
114 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &name2len, key)) != CRYPT_OK) { goto error; } | |
115 | if ((namelen != name2len) || (XSTRCMP(name, name2) != 0)) { | |
115 | 116 | err = CRYPT_INVALID_ARG; |
116 | 117 | goto error; |
117 | 118 | } |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ed25519_export.c | |
12 | Export an Ed25519 key to a binary packet, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Export an Ed25519 key to a binary packet | |
19 | @param out [out] The destination for the key | |
20 | @param outlen [in/out] The max size and resulting size of the Ed25519 key | |
21 | @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC) | |
22 | @param key The key you wish to export | |
23 | @return CRYPT_OK if successful | |
24 | */ | |
25 | int ed25519_export( unsigned char *out, unsigned long *outlen, | |
26 | int which, | |
27 | const curve25519_key *key) | |
28 | { | |
29 | LTC_ARGCHK(key != NULL); | |
30 | ||
31 | if (key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; | |
32 | ||
33 | return ec25519_export(out, outlen, which, key); | |
34 | } | |
35 | ||
36 | #endif | |
37 | ||
38 | /* ref: $Format:%D$ */ | |
39 | /* git commit: $Format:%H$ */ | |
40 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ed25519_import.c | |
12 | Import a Ed25519 key from a binary packet, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Import an Ed25519 public key | |
19 | @param in The packet to read | |
20 | @param inlen The length of the input packet | |
21 | @param key [out] Where to import the key to | |
22 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
23 | */ | |
24 | int ed25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
25 | { | |
26 | int err; | |
27 | unsigned long key_len; | |
28 | ||
29 | LTC_ARGCHK(in != NULL); | |
30 | LTC_ARGCHK(key != NULL); | |
31 | ||
32 | key_len = sizeof(key->pub); | |
33 | if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_ED25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { | |
34 | key->type = PK_PUBLIC; | |
35 | key->algo = PKA_ED25519; | |
36 | } | |
37 | return err; | |
38 | } | |
39 | ||
40 | #endif | |
41 | ||
42 | /* ref: $Format:%D$ */ | |
43 | /* git commit: $Format:%H$ */ | |
44 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ed25519_import_pkcs8.c | |
12 | Import an Ed25519 key in PKCS#8 format, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Import an Ed25519 private key in PKCS#8 format | |
19 | @param in The DER-encoded PKCS#8-formatted private key | |
20 | @param inlen The length of the input data | |
21 | @param passwd The password to decrypt the private key | |
22 | @param passwdlen Password's length (octets) | |
23 | @param key [out] Where to import the key to | |
24 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
25 | */ | |
26 | int ed25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
27 | const void *pwd, unsigned long pwdlen, | |
28 | curve25519_key *key) | |
29 | { | |
30 | return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, PKA_ED25519, tweetnacl_crypto_sk_to_pk, key); | |
31 | } | |
32 | ||
33 | #endif | |
34 | ||
35 | /* ref: $Format:%D$ */ | |
36 | /* git commit: $Format:%H$ */ | |
37 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ed25519_import_x509.c | |
12 | Import an Ed25519 key from a X.509 certificate, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | static int _ed25519_decode(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
18 | { | |
19 | if (inlen != sizeof(key->pub)) return CRYPT_PK_INVALID_SIZE; | |
20 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
21 | return CRYPT_OK; | |
22 | } | |
23 | ||
24 | /** | |
25 | Import an Ed25519 public key from a X.509 certificate | |
26 | @param in The DER encoded X.509 certificate | |
27 | @param inlen The length of the certificate | |
28 | @param key [out] Where to import the key to | |
29 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
30 | */ | |
31 | int ed25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
32 | { | |
33 | int err; | |
34 | ||
35 | LTC_ARGCHK(in != NULL); | |
36 | LTC_ARGCHK(key != NULL); | |
37 | ||
38 | if ((err = x509_decode_public_key_from_certificate(in, inlen, | |
39 | PKA_ED25519, | |
40 | LTC_ASN1_EOL, NULL, NULL, | |
41 | (public_key_decode_cb)_ed25519_decode, key)) != CRYPT_OK) { | |
42 | return err; | |
43 | } | |
44 | key->type = PK_PUBLIC; | |
45 | key->algo = PKA_ED25519; | |
46 | ||
47 | return err; | |
48 | } | |
49 | ||
50 | #endif | |
51 | ||
52 | /* ref: $Format:%D$ */ | |
53 | /* git commit: $Format:%H$ */ | |
54 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ed25519_make_key.c | |
12 | Create an Ed25519 key, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Create an Ed25519 key | |
19 | @param prng An active PRNG state | |
20 | @param wprng The index of the PRNG desired | |
21 | @param key [out] Destination of a newly created private key pair | |
22 | @return CRYPT_OK if successful | |
23 | */ | |
24 | int ed25519_make_key(prng_state *prng, int wprng, curve25519_key *key) | |
25 | { | |
26 | int err; | |
27 | ||
28 | LTC_ARGCHK(prng != NULL); | |
29 | LTC_ARGCHK(key != NULL); | |
30 | ||
31 | if ((err = tweetnacl_crypto_sign_keypair(prng, wprng, key->pub, key->priv)) != CRYPT_OK) { | |
32 | return err; | |
33 | } | |
34 | ||
35 | key->type = PK_PRIVATE; | |
36 | key->algo = PKA_ED25519; | |
37 | ||
38 | return err; | |
39 | } | |
40 | ||
41 | #endif | |
42 | ||
43 | /* ref: $Format:%D$ */ | |
44 | /* git commit: $Format:%H$ */ | |
45 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ed25519_set_ku.c | |
12 | Set the parameters of an Ed25519 key, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Set the parameters of an Ed25519 key | |
19 | ||
20 | In case sk and pk are given it is validated that pk is really the | |
21 | corresponding public part of the key pair. | |
22 | ||
23 | @param sk The secret key | |
24 | @param sklen The length of sk | |
25 | @param pk The public key | |
26 | @param pklen The length of pk | |
27 | @param key [out] Destination of the key | |
28 | @return CRYPT_OK if successful | |
29 | */ | |
30 | int ed25519_set_key(const unsigned char *sk, unsigned long sklen, | |
31 | const unsigned char *pk, unsigned long pklen, | |
32 | curve25519_key *key) | |
33 | { | |
34 | LTC_ARGCHK(key != NULL); | |
35 | ||
36 | if (sk != NULL) { | |
37 | LTC_ARGCHK(sklen == 32uL); | |
38 | XMEMCPY(key->priv, sk, sizeof(key->priv)); | |
39 | tweetnacl_crypto_sk_to_pk(key->pub, key->priv); | |
40 | if (pk != NULL) { | |
41 | LTC_ARGCHK(pklen == 32uL); | |
42 | if (XMEM_NEQ(pk, key->pub, sizeof(key->pub)) != 0) { | |
43 | zeromem(key, sizeof(*key)); | |
44 | return CRYPT_INVALID_ARG; | |
45 | } | |
46 | } | |
47 | key->type = PK_PRIVATE; | |
48 | } else if (pk != NULL) { | |
49 | LTC_ARGCHK(pklen == 32uL); | |
50 | XMEMCPY(key->pub, pk, sizeof(key->pub)); | |
51 | key->type = PK_PUBLIC; | |
52 | } else { | |
53 | return CRYPT_INVALID_ARG; | |
54 | } | |
55 | key->algo = PKA_ED25519; | |
56 | ||
57 | return CRYPT_OK; | |
58 | } | |
59 | ||
60 | #endif | |
61 | ||
62 | /* ref: $Format:%D$ */ | |
63 | /* git commit: $Format:%H$ */ | |
64 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ed25519_shared_secret.c | |
12 | Create an Ed25519 signature, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Create an Ed25519 signature. | |
19 | @param private_key The private Ed25519 key in the pair | |
20 | @param public_key The public Ed25519 key in the pair | |
21 | @param out [out] The destination of the shared data | |
22 | @param outlen [in/out] The max size and resulting size of the shared data. | |
23 | @return CRYPT_OK if successful | |
24 | */ | |
25 | int ed25519_sign(const unsigned char *msg, unsigned long msglen, | |
26 | unsigned char *sig, unsigned long *siglen, | |
27 | const curve25519_key *private_key) | |
28 | { | |
29 | unsigned char *s; | |
30 | unsigned long long smlen; | |
31 | int err; | |
32 | ||
33 | LTC_ARGCHK(msg != NULL); | |
34 | LTC_ARGCHK(sig != NULL); | |
35 | LTC_ARGCHK(siglen != NULL); | |
36 | LTC_ARGCHK(private_key != NULL); | |
37 | ||
38 | if (private_key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; | |
39 | if (private_key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE; | |
40 | ||
41 | if (*siglen < 64uL) { | |
42 | *siglen = 64uL; | |
43 | return CRYPT_BUFFER_OVERFLOW; | |
44 | } | |
45 | ||
46 | smlen = msglen + 64; | |
47 | s = XMALLOC(smlen); | |
48 | if (s == NULL) return CRYPT_MEM; | |
49 | ||
50 | err = tweetnacl_crypto_sign(s, &smlen, | |
51 | msg, msglen, | |
52 | private_key->priv, private_key->pub); | |
53 | ||
54 | XMEMCPY(sig, s, 64uL); | |
55 | *siglen = 64uL; | |
56 | ||
57 | #ifdef LTC_CLEAN_STACK | |
58 | zeromem(s, smlen); | |
59 | #endif | |
60 | XFREE(s); | |
61 | ||
62 | return err; | |
63 | } | |
64 | ||
65 | #endif | |
66 | ||
67 | /* ref: $Format:%D$ */ | |
68 | /* git commit: $Format:%H$ */ | |
69 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ed25519_verify.c | |
12 | Verify an Ed25519 signature, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Verify an Ed25519 signature. | |
19 | @param private_key The private Ed25519 key in the pair | |
20 | @param public_key The public Ed25519 key in the pair | |
21 | @param out [out] The destination of the shared data | |
22 | @param outlen [in/out] The max size and resulting size of the shared data. | |
23 | @param stat [out] The result of the signature verification, 1==valid, 0==invalid | |
24 | @return CRYPT_OK if successful | |
25 | */ | |
26 | int ed25519_verify(const unsigned char *msg, unsigned long msglen, | |
27 | const unsigned char *sig, unsigned long siglen, | |
28 | int *stat, const curve25519_key *public_key) | |
29 | { | |
30 | unsigned char* m; | |
31 | unsigned long long mlen; | |
32 | int err; | |
33 | ||
34 | LTC_ARGCHK(msg != NULL); | |
35 | LTC_ARGCHK(sig != NULL); | |
36 | LTC_ARGCHK(stat != NULL); | |
37 | LTC_ARGCHK(public_key != NULL); | |
38 | ||
39 | *stat = 0; | |
40 | ||
41 | if (siglen != 64uL) return CRYPT_INVALID_ARG; | |
42 | if (public_key->algo != PKA_ED25519) return CRYPT_PK_INVALID_TYPE; | |
43 | ||
44 | mlen = msglen + siglen; | |
45 | if ((mlen < msglen) || (mlen < siglen)) return CRYPT_OVERFLOW; | |
46 | ||
47 | m = XMALLOC(mlen); | |
48 | if (m == NULL) return CRYPT_MEM; | |
49 | ||
50 | XMEMCPY(m, sig, siglen); | |
51 | XMEMCPY(m + siglen, msg, msglen); | |
52 | ||
53 | err = tweetnacl_crypto_sign_open(stat, | |
54 | m, &mlen, | |
55 | m, mlen, | |
56 | public_key->pub); | |
57 | ||
58 | #ifdef LTC_CLEAN_STACK | |
59 | zeromem(m, mlen); | |
60 | #endif | |
61 | XFREE(m); | |
62 | ||
63 | return err; | |
64 | } | |
65 | ||
66 | #endif | |
67 | ||
68 | /* ref: $Format:%D$ */ | |
69 | /* git commit: $Format:%H$ */ | |
70 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file rsa_free.c | |
12 | Free an RSA key, Tom St Denis | |
13 | */ | |
14 | ||
15 | #ifdef LTC_MRSA | |
16 | ||
17 | /** | |
18 | Free an RSA key from memory | |
19 | @param key The RSA key to free | |
20 | */ | |
21 | void rsa_free(rsa_key *key) | |
22 | { | |
23 | LTC_ARGCHKVD(key != NULL); | |
24 | mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL); | |
25 | } | |
26 | ||
27 | #endif | |
28 | ||
29 | /* ref: $Format:%D$ */ | |
30 | /* git commit: $Format:%H$ */ | |
31 | /* commit time: $Format:%ai$ */ |
33 | 33 | LTC_ARGCHK(ltc_mp.name != NULL); |
34 | 34 | |
35 | 35 | /* init key */ |
36 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, | |
37 | &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
36 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
38 | 37 | return err; |
39 | 38 | } |
40 | 39 | |
112 | 111 | goto LBL_FREE; |
113 | 112 | |
114 | 113 | LBL_ERR: |
115 | mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); | |
114 | rsa_free(key); | |
116 | 115 | |
117 | 116 | LBL_FREE: |
118 | 117 | if (tmpbuf != NULL) { |
38 | 38 | */ |
39 | 39 | |
40 | 40 | /** |
41 | Import an RSAPublicKey or RSAPrivateKey in PKCS#8 format | |
41 | Import an RSAPrivateKey in PKCS#8 format | |
42 | 42 | @param in The packet to import from |
43 | 43 | @param inlen It's length (octets) |
44 | @param passwd The password for decrypting privkey (NOT SUPPORTED YET) | |
44 | @param passwd The password for decrypting privkey | |
45 | 45 | @param passwdlen Password's length (octets) |
46 | 46 | @param key [out] Destination for newly imported key |
47 | 47 | @return CRYPT_OK if successful, upon error allocated memory is freed |
77 | 77 | buf2 = XMALLOC(buf2len); |
78 | 78 | if (buf2 == NULL) { err = CRYPT_MEM; goto LBL_FREE1; } |
79 | 79 | |
80 | if ((err = mp_init_multi(&zero, &iter, NULL)) != CRYPT_OK) { goto LBL_FREE2; } | |
80 | 81 | /* init key */ |
81 | err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, &zero, &iter, NULL); | |
82 | if (err != CRYPT_OK) { goto LBL_FREE2; } | |
82 | if ((err = rsa_init(key)) != CRYPT_OK) { goto LBL_FREE3; } | |
83 | 83 | |
84 | 84 | /* try to decode encrypted priv key */ |
85 | 85 | if ((err = pkcs8_decode_flexi(in, inlen, passwd, passwdlen, &l)) != CRYPT_OK) { |
116 | 116 | if (err != CRYPT_OK) { goto LBL_ERR; } |
117 | 117 | key->type = PK_PRIVATE; |
118 | 118 | err = CRYPT_OK; |
119 | goto LBL_FREE2; | |
119 | goto LBL_FREE3; | |
120 | 120 | |
121 | 121 | LBL_ERR: |
122 | 122 | rsa_free(key); |
123 | LBL_FREE3: | |
124 | mp_clear_multi(iter, zero, NULL); | |
125 | if (l) der_free_sequence_flexi(l); | |
123 | 126 | LBL_FREE2: |
124 | if (l) der_free_sequence_flexi(l); | |
125 | mp_clear_multi(iter, zero, NULL); | |
126 | 127 | XFREE(buf2); |
127 | 128 | LBL_FREE1: |
128 | 129 | XFREE(buf1); |
39 | 39 | LTC_ARGCHK(ltc_mp.name != NULL); |
40 | 40 | |
41 | 41 | /* init key */ |
42 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, | |
43 | &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
42 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
44 | 43 | return err; |
45 | 44 | } |
46 | 45 |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file rsa_key.c | |
12 | Free an RSA key, Tom St Denis | |
13 | Basic operations on an RSA key, Steffen Jaeckel | |
14 | */ | |
15 | ||
16 | #ifdef LTC_MRSA | |
17 | #include <stdarg.h> | |
18 | ||
19 | static void _mpi_shrink_multi(void **a, ...) | |
20 | { | |
21 | void **cur; | |
22 | unsigned n; | |
23 | int err; | |
24 | va_list args; | |
25 | void *tmp[10] = { 0 }; | |
26 | void **arg[10] = { 0 }; | |
27 | ||
28 | /* We re-allocate in the order that we received the varargs */ | |
29 | n = 0; | |
30 | err = CRYPT_ERROR; | |
31 | cur = a; | |
32 | va_start(args, a); | |
33 | while (cur != NULL) { | |
34 | if (n >= sizeof(tmp)/sizeof(tmp[0])) { | |
35 | goto out; | |
36 | } | |
37 | if (*cur != NULL) { | |
38 | arg[n] = cur; | |
39 | if ((err = mp_init_copy(&tmp[n], *arg[n])) != CRYPT_OK) { | |
40 | goto out; | |
41 | } | |
42 | n++; | |
43 | } | |
44 | cur = va_arg(args, void**); | |
45 | } | |
46 | va_end(args); | |
47 | ||
48 | /* but we clear the old values in the reverse order */ | |
49 | while (n != 0 && arg[--n] != NULL) { | |
50 | mp_clear(*arg[n]); | |
51 | *arg[n] = tmp[n]; | |
52 | } | |
53 | out: | |
54 | va_end(args); | |
55 | /* clean-up after an error | |
56 | * or after this was called with too many args | |
57 | */ | |
58 | if ((err != CRYPT_OK) || | |
59 | (n >= sizeof(tmp)/sizeof(tmp[0]))) { | |
60 | for (n = 0; n < sizeof(tmp)/sizeof(tmp[0]); ++n) { | |
61 | if (tmp[n] != NULL) { | |
62 | mp_clear(tmp[n]); | |
63 | } | |
64 | } | |
65 | } | |
66 | } | |
67 | ||
68 | /** | |
69 | This shrinks the allocated memory of a RSA key | |
70 | ||
71 | It will use up some more memory temporarily, | |
72 | but then it will free-up the entire sequence that | |
73 | was once allocated when the key was created/populated. | |
74 | ||
75 | This only works with libtommath >= 1.2.0 in earlier versions | |
76 | it has the inverse effect due to the way it worked internally. | |
77 | Also works for GNU MP, tomsfastmath naturally shows no effect. | |
78 | ||
79 | @param key The RSA key to shrink | |
80 | */ | |
81 | void rsa_shrink_key(rsa_key *key) | |
82 | { | |
83 | LTC_ARGCHKVD(key != NULL); | |
84 | _mpi_shrink_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
85 | } | |
86 | ||
87 | /** | |
88 | Init an RSA key | |
89 | @param key The RSA key to free | |
90 | @return CRYPT_OK if successful | |
91 | */ | |
92 | int rsa_init(rsa_key *key) | |
93 | { | |
94 | LTC_ARGCHK(key != NULL); | |
95 | return mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
96 | } | |
97 | ||
98 | /** | |
99 | Free an RSA key from memory | |
100 | @param key The RSA key to free | |
101 | */ | |
102 | void rsa_free(rsa_key *key) | |
103 | { | |
104 | LTC_ARGCHKVD(key != NULL); | |
105 | mp_cleanup_multi(&key->q, &key->p, &key->qP, &key->dP, &key->dQ, &key->N, &key->d, &key->e, NULL); | |
106 | } | |
107 | ||
108 | #endif | |
109 | ||
110 | /* ref: $Format:%D$ */ | |
111 | /* git commit: $Format:%H$ */ | |
112 | /* commit time: $Format:%ai$ */ |
67 | 67 | if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto cleanup; } /* tmp1 = lcm(p-1, q-1) */ |
68 | 68 | |
69 | 69 | /* make key */ |
70 | if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
70 | if ((err = rsa_init(key)) != CRYPT_OK) { | |
71 | 71 | goto errkey; |
72 | 72 | } |
73 | 73 | |
77 | 77 | |
78 | 78 | /* optimize for CRT now */ |
79 | 79 | /* find d mod q-1 and d mod p-1 */ |
80 | if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ | |
81 | if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ | |
80 | if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */ | |
81 | if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = q-1 */ | |
82 | 82 | if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */ |
83 | 83 | if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */ |
84 | 84 | if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */ |
34 | 34 | LTC_ARGCHK(e != NULL); |
35 | 35 | LTC_ARGCHK(ltc_mp.name != NULL); |
36 | 36 | |
37 | err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); | |
38 | if (err != CRYPT_OK) return err; | |
37 | if ((err = rsa_init(key)) != CRYPT_OK) return err; | |
39 | 38 | |
40 | 39 | if ((err = mp_read_unsigned_bin(key->N , (unsigned char *)N , Nlen)) != CRYPT_OK) { goto LBL_ERR; } |
41 | 40 | if ((err = mp_read_unsigned_bin(key->e , (unsigned char *)e , elen)) != CRYPT_OK) { goto LBL_ERR; } |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file x25519_export.c | |
12 | Export a X25519 key to a binary packet, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Export a X25519 key to a binary packet | |
19 | @param out [out] The destination for the key | |
20 | @param outlen [in/out] The max size and resulting size of the X25519 key | |
21 | @param type Which type of key (PK_PRIVATE, PK_PUBLIC|PK_STD or PK_PUBLIC) | |
22 | @param key The key you wish to export | |
23 | @return CRYPT_OK if successful | |
24 | */ | |
25 | int x25519_export( unsigned char *out, unsigned long *outlen, | |
26 | int which, | |
27 | const curve25519_key *key) | |
28 | { | |
29 | LTC_ARGCHK(key != NULL); | |
30 | ||
31 | if (key->algo != PKA_X25519) return CRYPT_PK_INVALID_TYPE; | |
32 | ||
33 | return ec25519_export(out, outlen, which, key); | |
34 | } | |
35 | ||
36 | #endif | |
37 | ||
38 | /* ref: $Format:%D$ */ | |
39 | /* git commit: $Format:%H$ */ | |
40 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file x25519_import.c | |
12 | Import a X25519 key from a binary packet, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Import a X25519 key from a binary packet | |
19 | @param in The packet to read | |
20 | @param inlen The length of the input packet | |
21 | @param key [out] Where to import the key to | |
22 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
23 | */ | |
24 | int x25519_import(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
25 | { | |
26 | int err; | |
27 | unsigned long key_len; | |
28 | ||
29 | LTC_ARGCHK(in != NULL); | |
30 | LTC_ARGCHK(key != NULL); | |
31 | ||
32 | /* There's only one case where the inlen is equal to the pubkey-size | |
33 | * and that's a raw pubkey, so let's just do a raw import. | |
34 | */ | |
35 | if (inlen == sizeof(key->pub)) { | |
36 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
37 | key->type = PK_PUBLIC; | |
38 | key->algo = PKA_X25519; | |
39 | return CRYPT_OK; | |
40 | } | |
41 | ||
42 | key_len = sizeof(key->pub); | |
43 | if ((err = x509_decode_subject_public_key_info(in, inlen, PKA_X25519, key->pub, &key_len, LTC_ASN1_EOL, NULL, 0uL)) == CRYPT_OK) { | |
44 | key->type = PK_PUBLIC; | |
45 | key->algo = PKA_X25519; | |
46 | } | |
47 | return err; | |
48 | } | |
49 | ||
50 | #endif | |
51 | ||
52 | /* ref: $Format:%D$ */ | |
53 | /* git commit: $Format:%H$ */ | |
54 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file x25519_import_pkcs8.c | |
12 | Import a X25519 key in PKCS#8 format, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Import a X25519 private key in PKCS#8 format | |
19 | @param in The DER-encoded PKCS#8-formatted private key | |
20 | @param inlen The length of the input data | |
21 | @param passwd The password to decrypt the private key | |
22 | @param passwdlen Password's length (octets) | |
23 | @param key [out] Where to import the key to | |
24 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
25 | */ | |
26 | int x25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | |
27 | const void *pwd, unsigned long pwdlen, | |
28 | curve25519_key *key) | |
29 | { | |
30 | return ec25519_import_pkcs8(in, inlen, pwd, pwdlen, PKA_X25519, tweetnacl_crypto_scalarmult_base, key); | |
31 | } | |
32 | ||
33 | #endif | |
34 | ||
35 | /* ref: $Format:%D$ */ | |
36 | /* git commit: $Format:%H$ */ | |
37 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file x25519_import_x509.c | |
12 | Import a X25519 key from a X.509 certificate, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | static int _x25519_decode(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
18 | { | |
19 | if (inlen != sizeof(key->pub)) return CRYPT_PK_INVALID_SIZE; | |
20 | XMEMCPY(key->pub, in, sizeof(key->pub)); | |
21 | return CRYPT_OK; | |
22 | } | |
23 | ||
24 | /** | |
25 | Import a X25519 public key from a X.509 certificate | |
26 | @param in The DER encoded X.509 certificate | |
27 | @param inlen The length of the certificate | |
28 | @param key [out] Where to import the key to | |
29 | @return CRYPT_OK if successful, on error all allocated memory is freed automatically | |
30 | */ | |
31 | int x25519_import_x509(const unsigned char *in, unsigned long inlen, curve25519_key *key) | |
32 | { | |
33 | int err; | |
34 | ||
35 | LTC_ARGCHK(in != NULL); | |
36 | LTC_ARGCHK(key != NULL); | |
37 | ||
38 | if ((err = x509_decode_public_key_from_certificate(in, inlen, | |
39 | PKA_X25519, | |
40 | LTC_ASN1_EOL, NULL, NULL, | |
41 | (public_key_decode_cb)_x25519_decode, key)) != CRYPT_OK) { | |
42 | return err; | |
43 | } | |
44 | key->type = PK_PUBLIC; | |
45 | key->algo = PKA_X25519; | |
46 | ||
47 | return err; | |
48 | } | |
49 | ||
50 | #endif | |
51 | ||
52 | /* ref: $Format:%D$ */ | |
53 | /* git commit: $Format:%H$ */ | |
54 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file x25519_make_key.c | |
12 | Create a X25519 key, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Create a X25519 key | |
19 | @param prng An active PRNG state | |
20 | @param wprng The index of the PRNG desired | |
21 | @param key [out] Destination of a newly created private key pair | |
22 | @return CRYPT_OK if successful | |
23 | */ | |
24 | int x25519_make_key(prng_state *prng, int wprng, curve25519_key *key) | |
25 | { | |
26 | int err; | |
27 | ||
28 | LTC_ARGCHK(prng != NULL); | |
29 | LTC_ARGCHK(key != NULL); | |
30 | ||
31 | if ((err = prng_is_valid(wprng)) != CRYPT_OK) { | |
32 | return err; | |
33 | } | |
34 | ||
35 | if (prng_descriptor[wprng].read(key->priv, sizeof(key->priv), prng) != sizeof(key->priv)) { | |
36 | return CRYPT_ERROR_READPRNG; | |
37 | } | |
38 | ||
39 | tweetnacl_crypto_scalarmult_base(key->pub, key->priv); | |
40 | ||
41 | key->type = PK_PRIVATE; | |
42 | key->algo = PKA_X25519; | |
43 | ||
44 | return err; | |
45 | } | |
46 | ||
47 | #endif | |
48 | ||
49 | /* ref: $Format:%D$ */ | |
50 | /* git commit: $Format:%H$ */ | |
51 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file x25519_set_ku.c | |
12 | Set the parameters of a X25519 key, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Set the parameters of a X25519 key | |
19 | ||
20 | In case k and u are given it is validated that u is really the | |
21 | corresponding public part of the key pair | |
22 | ||
23 | @param k The k value (a.k.a scalar or private part) | |
24 | @param klen The length of k | |
25 | @param u The u-coordinate (a.k.a public part) | |
26 | @param ulen The length of u | |
27 | @param key [out] Destination of the key | |
28 | @return CRYPT_OK if successful | |
29 | */ | |
30 | int x25519_set_key(const unsigned char *k, unsigned long klen, | |
31 | const unsigned char *u, unsigned long ulen, | |
32 | curve25519_key *key) | |
33 | { | |
34 | LTC_ARGCHK(key != NULL); | |
35 | ||
36 | if (k != NULL) { | |
37 | LTC_ARGCHK(klen == 32uL); | |
38 | XMEMCPY(key->priv, k, sizeof(key->priv)); | |
39 | tweetnacl_crypto_scalarmult_base(key->pub, key->priv); | |
40 | if (u != NULL) { | |
41 | LTC_ARGCHK(ulen == 32uL); | |
42 | if (XMEM_NEQ(u, key->pub, sizeof(key->pub)) != 0) { | |
43 | zeromem(key, sizeof(*key)); | |
44 | return CRYPT_INVALID_ARG; | |
45 | } | |
46 | } | |
47 | key->type = PK_PRIVATE; | |
48 | } else if (u != NULL) { | |
49 | LTC_ARGCHK(ulen == 32uL); | |
50 | XMEMCPY(key->pub, u, sizeof(key->pub)); | |
51 | key->type = PK_PUBLIC; | |
52 | } else { | |
53 | return CRYPT_INVALID_ARG; | |
54 | } | |
55 | key->algo = PKA_X25519; | |
56 | ||
57 | return CRYPT_OK; | |
58 | } | |
59 | ||
60 | #endif | |
61 | ||
62 | /* ref: $Format:%D$ */ | |
63 | /* git commit: $Format:%H$ */ | |
64 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file x25519_shared_secret.c | |
12 | Create a X25519 shared secret, Steffen Jaeckel | |
13 | */ | |
14 | ||
15 | #ifdef LTC_CURVE25519 | |
16 | ||
17 | /** | |
18 | Create a X25519 shared secret. | |
19 | @param private_key The private X25519 key in the pair | |
20 | @param public_key The public X25519 key in the pair | |
21 | @param out [out] The destination of the shared data | |
22 | @param outlen [in/out] The max size and resulting size of the shared data. | |
23 | @return CRYPT_OK if successful | |
24 | */ | |
25 | int x25519_shared_secret(const curve25519_key *private_key, | |
26 | const curve25519_key *public_key, | |
27 | unsigned char *out, unsigned long *outlen) | |
28 | { | |
29 | LTC_ARGCHK(private_key != NULL); | |
30 | LTC_ARGCHK(public_key != NULL); | |
31 | LTC_ARGCHK(out != NULL); | |
32 | LTC_ARGCHK(outlen != NULL); | |
33 | ||
34 | if(private_key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE; | |
35 | ||
36 | if(*outlen < 32uL) { | |
37 | *outlen = 32uL; | |
38 | return CRYPT_BUFFER_OVERFLOW; | |
39 | } | |
40 | ||
41 | tweetnacl_crypto_scalarmult(out, private_key->priv, public_key->pub); | |
42 | *outlen = 32uL; | |
43 | ||
44 | return CRYPT_OK; | |
45 | } | |
46 | ||
47 | #endif | |
48 | ||
49 | /* ref: $Format:%D$ */ | |
50 | /* git commit: $Format:%H$ */ | |
51 | /* commit time: $Format:%ai$ */ |
236 | 236 | return err; |
237 | 237 | } |
238 | 238 | } |
239 | prng->u.fortuna.pool_idx = prng->u.fortuna.pool0_len = prng->u.fortuna.wd = 0; | |
240 | prng->u.fortuna.reset_cnt = 0; | |
239 | prng->u.fortuna.pool_idx = prng->u.fortuna.pool0_len = 0; | |
240 | prng->u.fortuna.reset_cnt = prng->u.fortuna.wd = 0; | |
241 | 241 | |
242 | 242 | /* reset bufs */ |
243 | 243 | zeromem(prng->u.fortuna.K, 32); |
18 | 18 | int chacha_done(chacha_state *st) |
19 | 19 | { |
20 | 20 | LTC_ARGCHK(st != NULL); |
21 | XMEMSET(st, 0, sizeof(chacha_state)); | |
21 | zeromem(st, sizeof(chacha_state)); | |
22 | 22 | return CRYPT_OK; |
23 | 23 | } |
24 | 24 |
33 | 33 | |
34 | 34 | if ((err = chacha_setup(&st, key, keylen, rounds)) != CRYPT_OK) goto WIPE_KEY; |
35 | 35 | if (ivlen > 8) { |
36 | if ((err = chacha_ivctr32(&st, iv, ivlen, counter)) != CRYPT_OK) goto WIPE_KEY; | |
36 | if ((err = chacha_ivctr32(&st, iv, ivlen, (ulong32)counter)) != CRYPT_OK) goto WIPE_KEY; | |
37 | 37 | } else { |
38 | 38 | if ((err = chacha_ivctr64(&st, iv, ivlen, counter)) != CRYPT_OK) goto WIPE_KEY; |
39 | 39 | } |
409 | 409 | 0xea, 0xec, 0x34, 0x9d, 0x8f, 0xb4, 0x6b, 0x60, |
410 | 410 | 0x79, 0x1b, 0xea, 0x16, 0xcb, 0xef, 0x46, 0x87, |
411 | 411 | 0x60, 0xa6, 0x55, 0x14, 0xff, 0xca, 0xac }; |
412 | unsigned long ptlen = strlen(pt); | |
412 | unsigned long ptlen = XSTRLEN(pt); | |
413 | 413 | unsigned char out2[1000] = { 0 }; |
414 | 414 | unsigned char nulls[1000] = { 0 }; |
415 | 415 |
99 | 99 | int rc4_stream_done(rc4_state *st) |
100 | 100 | { |
101 | 101 | LTC_ARGCHK(st != NULL); |
102 | XMEMSET(st, 0, sizeof(rc4_state)); | |
102 | zeromem(st, sizeof(rc4_state)); | |
103 | 103 | return CRYPT_OK; |
104 | 104 | } |
105 | 105 |
18 | 18 | int salsa20_done(salsa20_state *st) |
19 | 19 | { |
20 | 20 | LTC_ARGCHK(st != NULL); |
21 | XMEMSET(st, 0, sizeof(salsa20_state)); | |
21 | zeromem(st, sizeof(salsa20_state)); | |
22 | 22 | return CRYPT_OK; |
23 | 23 | } |
24 | 24 |
331 | 331 | int sober128_stream_done(sober128_state *st) |
332 | 332 | { |
333 | 333 | LTC_ARGCHK(st != NULL); |
334 | XMEMSET(st, 0, sizeof(sober128_state)); | |
334 | zeromem(st, sizeof(sober128_state)); | |
335 | 335 | return CRYPT_OK; |
336 | 336 | } |
337 | 337 |
804 | 804 | int sosemanuk_done(sosemanuk_state *st) |
805 | 805 | { |
806 | 806 | LTC_ARGCHK(st != NULL); |
807 | XMEMSET(st, 0, sizeof(sosemanuk_state)); | |
807 | zeromem(st, sizeof(sosemanuk_state)); | |
808 | 808 | return CRYPT_OK; |
809 | 809 | } |
810 | 810 |
2642 | 2642 | -2:3:-8 |
2643 | 2643 | -2:4:16 |
2644 | 2644 | -2:5:-32 |
2645 | 2:-1:NaN | |
2646 | -2:-1:NaN | |
2647 | 2:-2:NaN | |
2648 | -2:-2:NaN | |
2645 | 2:-1:0 | |
2646 | -2:-1:0 | |
2647 | 2:-2:0 | |
2648 | -2:-2:0 | |
2649 | 2649 | # inf tests |
2650 | 2650 | +inf:1234500012:inf |
2651 | 2651 | -inf:1234500012:inf |
5 | 5 | use Test::More; |
6 | 6 | |
7 | 7 | BEGIN { |
8 | plan skip_all => "requires Math::BigInt 1.999712+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999712 }; | |
8 | plan skip_all => "requires Math::BigInt 1.999817+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999817 }; | |
9 | 9 | plan tests => 3712 # tests in require'd file |
10 | 10 | + 6; # tests in this file |
11 | 11 | } |
5 | 5 | use Test::More; |
6 | 6 | |
7 | 7 | BEGIN { |
8 | plan skip_all => "requires Math::BigInt 1.999712+" unless eval { require Math::BigInt && eval($Math::BigInt::VERSION) >= 1.999712 }; | |
9 | plan tests => 3712 # tests in require'd file | |
10 | + 6; # tests in this file | |
8 | plan skip_all => "requires Math::BigInt" unless eval { require Math::BigInt }; | |
9 | plan tests => 2; | |
11 | 10 | } |
12 | 11 | |
13 | 12 | use Math::BigInt lib => 'LTM'; |
14 | 13 | |
15 | our ($CLASS, $CALC); | |
16 | $CLASS = "Math::BigInt"; | |
17 | $CALC = "Math::BigInt::LTM"; | |
14 | my $V = $Math::BigInt::VERSION; | |
18 | 15 | |
19 | my $x; | |
20 | ||
21 | ############################################################################# | |
22 | # from_hex(), from_bin() and from_oct() tests | |
23 | ||
24 | $x = Math::BigInt->from_hex('0xcafe'); | |
25 | is($x, "51966", | |
26 | qq|Math::BigInt->from_hex("0xcafe")|); | |
27 | ||
28 | $x = Math::BigInt->from_hex('0xcafebabedead'); | |
29 | is($x, "223195403574957", | |
30 | qq|Math::BigInt->from_hex("0xcafebabedead")|); | |
31 | ||
32 | $x = Math::BigInt->from_bin('0b1001'); | |
33 | is($x, "9", | |
34 | qq|Math::BigInt->from_bin("0b1001")|); | |
35 | ||
36 | $x = Math::BigInt->from_bin('0b1001100110011001100110011001'); | |
37 | is($x, "161061273", | |
38 | qq|Math::BigInt->from_bin("0b1001100110011001100110011001");|); | |
39 | ||
40 | $x = Math::BigInt->from_oct('0775'); | |
41 | is($x, "509", | |
42 | qq|Math::BigInt->from_oct("0775");|); | |
43 | ||
44 | $x = Math::BigInt->from_oct('07777777777777711111111222222222'); | |
45 | is($x, "9903520314281112085086151826", | |
46 | qq|Math::BigInt->from_oct("07777777777777711111111222222222");|); | |
47 | ||
48 | ############################################################################# | |
49 | # all the other tests | |
50 | ||
51 | require './t/mbi_ltm/bigintpm.inc'; # all tests here for sharing | |
16 | # https://github.com/DCIT/perl-CryptX/issues/56 | |
17 | { | |
18 | my ($x, $y); | |
19 | $x = Math::BigInt->new("2"); | |
20 | $y = Math::BigInt->new("-1"); | |
21 | is($x ** $y, $V < 1.999817 ? 'NaN' : 0); | |
22 | $x = Math::BigInt->new("-2"); | |
23 | $y = Math::BigInt->new("-2"); | |
24 | is($x ** $y, $V < 1.999817 ? 'NaN' : 0); | |
25 | } |