TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Bring stuff up2date and added own stuff

Browse Source
This commit is contained in:
WolverinDEV 2019-07-02 21:31:51 +02:00
parent 7e7eb695d5
commit 0274d6c822
75 changed files with 4618 additions and 330 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build.sh → .ci/build.sh
View File

@ -45,7 +45,7 @@ fi
if [ -a testok.txt ] && [ -f testok.txt ]; then
if [ "$LTC_COVERAGE" != "" ]; then
./coverage_more.sh > test_coverage_more.txt || exit 1
bash .ci/coverage_more.sh > test_coverage_more.txt || exit 1
lcov_opts="--capture --no-external --directory src -q"
lcov_out=$(echo coverage_$1_$2_$3 | tr ' -=+' '_')".info"
lcov $lcov_opts --output-file $lcov_out

2
check_source.sh → .ci/check_source.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# output version
bash printinfo.sh
bash .ci/printinfo.sh
make clean > /dev/null

10
coverage.sh → .ci/coverage.sh
View File

@ -23,9 +23,9 @@ if [ "$(echo $3 | grep -v 'makefile[.]')" == "" ]; then
fi
# output version
bash printinfo.sh
bash .ci/printinfo.sh
bash build.sh " $1" " $2" " $3 COVERAGE=1" "$4" "$5"
bash .ci/build.sh " $1" " $2" " $3 COVERAGE=1" "$4" "$5"
if [ -a testok.txt ] && [ -f testok.txt ]; then
echo
else
@ -34,11 +34,11 @@ else
exit 1
fi
./coverage_more.sh > test_coverage_more.txt || { rm -f testok.txt && exit 1 ; }
bash .ci/coverage_more.sh "$5" > test_coverage_more.txt || { rm -f testok.txt && exit 1 ; }
make lcov-single
# if this was executed as './coverage.sh ...' create coverage locally
if [[ "${0%% *}" == "./${0##*/}" ]]; then
# if this isn't run on Travis CI create coverage locally
if [ "$TRAVIS" == "" ]; then
make lcov-html
else
coveralls-lcov coverage.info

4
coverage_more.sh → .ci/coverage_more.sh
View File

@ -2,6 +2,10 @@
set -e
if [ "$#" = "1" -a "$(echo $1 | grep 'gmp')" != "" ]; then
./test t gmp
fi
./sizes
./constants

101
.ci/meta_builds.sh Executable file
View File

@ -0,0 +1,101 @@
#!/bin/bash
#
# This builds different stuff depending on the compiler:
# gcc - valgrind, coverage
# clang - asan, ubsan, scan-build
# both - the two testbuild's NOTEST and NOFILE
set -e
if [ "$#" = "5" -a "$(echo $3 | grep -v 'makefile[.]')" = "" ]; then
echo "only run $0 for the regular makefile, early exit success"
exit 0
fi
if [ -f /proc/cpuinfo ]
then
MAKE_JOBS=$(( ($(cat /proc/cpuinfo | grep -E '^processor[[:space:]]*:' | tail -n -1 | cut -d':' -f2) + 1) * 2 + 1 ))
else
MAKE_JOBS=8
fi
function run_gcc() {
bash .ci/check_source.sh "CHECK_SOURCES" "$2" "$3" "$4" "$5"
make clean &>/dev/null
echo
echo "Build for ASAN..."
make -j$MAKE_JOBS CFLAGS="-fsanitize=address -fno-omit-frame-pointer -static-libasan $2 $CFLAGS $4" EXTRALIBS="-lasan $5" test LTC_DEBUG=1 1>gcc_1.txt 2>gcc_2.txt
echo
echo "Run ASAN tests with LTM..."
ASAN_OPTIONS=verbosity=1 ./test t ltm 1>test_std.txt 2> test_err.txt || exit 1
if echo $2 | grep -q GMP ; then
echo
echo "Run ASAN tests with GMP..."
ASAN_OPTIONS=verbosity=1 ./test t gmp 1>test_std.txt 2> test_err.txt || exit 1
fi
make clean &>/dev/null
echo
echo "Create code coverage"
bash .ci/coverage.sh "COVERAGE" "$2" "$3" "$4" "$5"
}
function run_clang() {
# output version
bash .ci/printinfo.sh
scan_build=$(which scan-build)
[ -z "$scan_build" ] && scan_build=$(find /usr/bin/ -name 'scan-build-*' | sort -nr | head -n1) || true
[ -z "$scan_build" ] && { echo "couldn't find clang scan-build"; exit 1; } || echo "run $scan_build"
$scan_build --status-bugs make -j$MAKE_JOBS all CFLAGS="$2 $CFLAGS $4" EXTRALIBS="$5"
make clean &>/dev/null
echo
echo "Build for UBSAN..."
make -j$MAKE_JOBS LDFLAGS="-fsanitize=undefined" CFLAGS="$2 $CFLAGS $4" EXTRALIBS="$5" all LTC_DEBUG=1 1>gcc_1.txt 2>gcc_2.txt
echo "Run UBSAN tests with LTM..."
UBSAN_OPTIONS=verbosity=1 ./test t ltm 1>test_std.txt 2> test_err.txt || exit 1
if echo $2 | grep -q GMP ; then
echo
echo "Run UBSAN tests with GMP..."
UBSAN_OPTIONS=verbosity=1 ./test t gmp 1>test_std.txt 2> test_err.txt || exit 1
fi
}
make clean &>/dev/null
EXTRALIBS="$5"
echo $2 | grep -q GMP && EXTRALIBS="$EXTRALIBS -lgmp"
if [ -z "$(echo $CC | grep "clang")" ]; then
run_gcc "$1" "$2" "$3" "$4" "$EXTRALIBS"
else
run_clang "$1" "$2" "$3" "$4" "$EXTRALIBS"
fi
make clean &>/dev/null
bash .ci/testbuild.sh "NOTEST" "-DLTC_NO_TEST" "$3" "$4" "$5"
make clean &>/dev/null
bash .ci/testbuild.sh "NOFILE" "-DLTC_NO_FILE" "$3" "$4" "$5"
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

4
printinfo.sh → .ci/printinfo.sh
View File

@ -18,3 +18,7 @@ then
fi
echo "${CC}="`${CC} -dumpversion`
echo
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

10
run.sh → .ci/run.sh
View File

@ -1,9 +1,9 @@
#!/bin/bash
# output version
bash printinfo.sh
bash .ci/printinfo.sh
bash build.sh " $1" "$2 -O2" "$3 IGNORE_SPEED=1" "$4" "$5"
bash .ci/build.sh " $1" "$2 -O2" "$3 IGNORE_SPEED=1" "$4" "$5"
if [ -a testok.txt ] && [ -f testok.txt ]; then
echo
else
@ -13,7 +13,7 @@ else
fi
rm -f testok.txt
bash build.sh " $1" "$2 -Os" "$3 IGNORE_SPEED=1 LTC_SMALL=1" "$4" "$5"
bash .ci/build.sh " $1" "$2 -Os" "$3 IGNORE_SPEED=1 LTC_SMALL=1" "$4" "$5"
if [ -a testok.txt ] && [ -f testok.txt ]; then
echo
else
@ -23,7 +23,7 @@ else
fi
rm -f testok.txt
bash build.sh " $1" "$2" "$3 LTC_DEBUG=1" "$4" "$5"
bash .ci/build.sh " $1" "$2" "$3 LTC_DEBUG=1" "$4" "$5"
if [ -a testok.txt ] && [ -f testok.txt ]; then
echo
else
@ -33,7 +33,7 @@ else
fi
rm -f testok.txt
bash build.sh " $1" "$2" "$3" "$4" "$5"
bash .ci/build.sh " $1" "$2" "$3" "$4" "$5"
if [ -a testok.txt ] && [ -f testok.txt ]; then
echo
else

26
.ci/testbuild.sh Executable file
View File

@ -0,0 +1,26 @@
#!/bin/bash
# output version
bash .ci/printinfo.sh
if [ -f /proc/cpuinfo ]
then
MAKE_JOBS=$(( ($(cat /proc/cpuinfo | grep -E '^processor[[:space:]]*:' | tail -n -1 | cut -d':' -f2) + 1) * 2 + 1 ))
else
MAKE_JOBS=8
fi
echo "$1 (Build Only, $2, $3)..."
make clean 1>/dev/null 2>/dev/null
echo -n "building..."
touch testok.txt
CFLAGS="$2 $CFLAGS $4" EXTRALIBS="$5" make -j$MAKE_JOBS -f $3 test tv_gen 1>gcc_1.txt 2>gcc_2.txt || (echo "build $1 failed see gcc_2.txt for more information" && cat gcc_2.txt && rm -f testok.txt && exit 1)
if find testok.txt -type f 1>/dev/null 2>/dev/null ; then
echo "successful"
exit 0
fi
exit 1
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

37
.ci/valgrind.sh Executable file
View File

@ -0,0 +1,37 @@
#!/bin/bash
set -e
if [ "$#" = "5" -a "$(echo $3 | grep -v 'makefile[.]')" = "" ]; then
echo "only run $0 for the regular makefile, early exit success"
exit 0
fi
if [ -f /proc/cpuinfo ]
then
MAKE_JOBS=$(( ($(cat /proc/cpuinfo | grep -E '^processor[[:space:]]*:' | tail -n -1 | cut -d':' -f2) + 1) * 2 + 1 ))
else
MAKE_JOBS=8
fi
# output version
bash .ci/printinfo.sh
make clean &>/dev/null
echo "Build for valgrind..."
make -j$MAKE_JOBS CFLAGS="$2 $CFLAGS $4" EXTRALIBS="$5" test LTC_DEBUG=1 1>gcc_1.txt 2>gcc_2.txt
echo "Run tests with valgrind..."
for i in `seq 1 10` ; do sleep 300 && echo "Valgrind tests in Progress..."; done &
alive_pid=$!
valgrind --error-exitcode=666 --leak-check=full --show-leak-kinds=all --errors-for-leak-kinds=all ./test >test_std.txt 2> >(tee -a test_err.txt >&2) || { kill $alive_pid; echo "Valgrind failed"; exit 1; }
kill $alive_pid
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

29
.github/ISSUE_TEMPLATE.md vendored Normal file
View File

@ -0,0 +1,29 @@
<!--
Do you want to ask a question? Are you looking for support? The Mailing list is the best place for getting support: https://groups.google.com/forum/#!forum/libtom
This is a very generic template, remove items that do not apply. For completed items, change [ ] to [x].
-->
### Prerequisites
* [ ] Checked the developer manual
* [ ] Checked that your issue isn't already filed: https://github.com/issues?utf8=✓&q=repo%3Alibtom%2Flibtomcrypt
* [ ] Checked that your issue isn't related to TomsFastMath's limitation that PK operations can by default only be done with max. 2048bit keys
### Description
[Description of the issue]
### Steps to Reproduce
<!-- Please either describe your issue or even better, provide a functional code example reproducing your issue. -->
### Version
You can get this information from the define `SCRYPT` in `src/include/tomcrypt.h` or your local git repository by running `git describe --always --tags --dirty`.
Also, please include the compiler, the compiler version, the architecture and (if applicable) the MPI provider, the OS and what version of the OS you're experiencing the issue.
### Additional Information
Any additional information, configuration or data that might be necessary to reproduce the issue.

13
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View File

@ -0,0 +1,13 @@
<!--
Thank you for your pull request.
If this fixes an existing github issue, make sure to have a line saying 'Fixes #XXXX' (without quotes) in the commit message.
-->
### Checklist
<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->
* [ ] documentation is added or updated
* [ ] tests are added or updated

10
.gitignore vendored
View File

@ -58,6 +58,12 @@ timing.exe
.cproject
.settings/
# macOS special files
.DS_Store
# other special files
showlibs # symlink to .libs
# oops ;) but we don't want them to appear in the repository...
*.stackdump
*.core
@ -94,3 +100,7 @@ coverage*.info
cov-int/
.coverity_*
libtomcrypt.lzma
.build_linux_amd64.txt
build/
cmake-build-*/
out/*_*/

441
.idea/workspace.xml Normal file
View File

@ -0,0 +1,441 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="CMakeRunConfigurationManager" shouldGenerate="true" shouldDeleteObsolete="true">
<generated />
</component>
<component name="CMakeSettings">
<configurations>
<configuration PROFILE_NAME="Debug" CONFIG_NAME="Debug" GENERATION_OPTIONS="-DCMAKE_C_FLAGS=&quot;-I/home/wolverindev/TeaSpeak-Client/third_party/tommath/out/linux_amd64/include/ -DLTM_DESC&quot;" />
</configurations>
</component>
<component name="ChangeListManager">
<list default="true" id="f9fbbc11-a5c8-46a1-b57e-dc4d62e89a48" name="Default Changelist" comment="" />
<ignored path="$PROJECT_DIR$/cmake-build-debug/" />
<option name="EXCLUDED_CONVERTED_TO_IGNORED" value="true" />
<option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" />
<option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />
<option name="LAST_RESOLUTION" value="IGNORE" />
</component>
<component name="FileEditorManager">
<leaf>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_math.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="372">
<caret line="510" column="26" selection-start-line="510" selection-start-column="13" selection-end-line="510" selection-end-column="26" />
<folding>
<element signature="e#436#459#0" expanded="true" />
<element signature="e#488#509#0" expanded="true" />
<element signature="e#15842#15884#0" expanded="true" />
<element signature="e#15909#15951#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/../tommath/out/linux_amd64/include/tommath.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="582">
<caret line="92" column="6" selection-start-line="92" selection-start-column="6" selection-end-line="92" selection-end-column="6" />
<folding>
<element signature="e#548#566#0" expanded="true" />
<element signature="e#675#687#0" expanded="true" />
<element signature="e#1597#1797#0" expanded="true" />
<element signature="e#2140#2177#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/src/math/ltm_desc.c">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="238">
<caret line="14" selection-start-line="14" selection-end-line="14" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="true">
<entry file="file://$PROJECT_DIR$/.gitignore">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="816">
<caret line="48" column="5" lean-forward="true" selection-start-line="48" selection-start-column="5" selection-end-line="48" selection-end-column="5" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/makefile">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="415">
<caret line="87" column="33" selection-start-line="87" selection-start-column="33" selection-end-line="87" selection-end-column="33" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/src/pk/ecc/ltc_ecc_mulmod_timing.c">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="1819">
<caret line="107" column="31" selection-start-line="107" selection-start-column="31" selection-end-line="107" selection-end-column="31" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/src/pk/ecc/ltc_ecc_projective_add_point.c">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="435">
<caret line="50" column="12" selection-start-line="50" selection-start-column="12" selection-end-line="50" selection-end-column="12" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="861">
<caret line="90" selection-start-line="90" selection-end-line="90" />
<folding>
<element signature="e#315#334#0" expanded="true" />
<element signature="e#550#562#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
</file>
</leaf>
</component>
<component name="FindInProjectRecents">
<findStrings>
<find>LTC_DER</find>
<find>link</find>
<find>LTM</find>
<find>oid_st</find>
<find>#include</find>
<find>WIN32</find>
<find>LTM_DESC</find>
<find>ltc_mp</find>
<find>-fPIC</find>
<find>LTC_SOURCE</find>
</findStrings>
</component>
<component name="Git.Settings">
<option name="RECENT_GIT_ROOT_PATH" value="$PROJECT_DIR$" />
</component>
<component name="IdeDocumentHistory">
<option name="CHANGED_PATHS">
<list>
<option value="$PROJECT_DIR$/src/headers/tomcrypt.h" />
<option value="$PROJECT_DIR$/src/misc/pk_get_oid.c" />
<option value="$PROJECT_DIR$/changes" />
<option value="$PROJECT_DIR$/src/misc/crypt/crypt_register_all_ciphers.c" />
<option value="$PROJECT_DIR$/tests/der_test.c" />
<option value="$PROJECT_DIR$/helper.pl" />
<option value="$PROJECT_DIR$/makefile_include.mk" />
<option value="$PROJECT_DIR$/create_build.sh" />
<option value="$PROJECT_DIR$/CMakeLists.txt" />
<option value="$PROJECT_DIR$/.gitignore" />
</list>
</option>
</component>
<component name="OCFindUsagesOptions" text="true" ivars="false" properties="true" derivedClasses="false" />
<component name="ProjectFrameBounds" extendedState="6">
<option name="x" value="-1" />
<option name="y" value="2160" />
<option name="width" value="3842" />
<option name="height" value="2138" />
</component>
<component name="ProjectView">
<navigator proportions="" version="1">
<foldersAlwaysOnTop value="true" />
</navigator>
<panes>
<pane id="ProjectPane">
<subPane>
<expand>
<path>
<item name="tomcrypt" type="b2602c69:ProjectViewProjectNode" />
<item name="tomcrypt" type="462c0819:PsiDirectoryNode" />
</path>
<path>
<item name="tomcrypt" type="b2602c69:ProjectViewProjectNode" />
<item name="tomcrypt" type="462c0819:PsiDirectoryNode" />
<item name="src" type="462c0819:PsiDirectoryNode" />
</path>
<path>
<item name="tomcrypt" type="b2602c69:ProjectViewProjectNode" />
<item name="tomcrypt" type="462c0819:PsiDirectoryNode" />
<item name="src" type="462c0819:PsiDirectoryNode" />
<item name="misc" type="462c0819:PsiDirectoryNode" />
</path>
</expand>
<select />
</subPane>
</pane>
<pane id="Scope" />
</panes>
</component>
<component name="PropertiesComponent">
<property name="WebServerToolWindowFactoryState" value="false" />
<property name="last_opened_file_path" value="$PROJECT_DIR$" />
<property name="nodejs_interpreter_path.stuck_in_default_project" value="undefined stuck path" />
<property name="nodejs_npm_path_reset_for_default_project" value="true" />
<property name="settings.editor.selected.configurable" value="CMakeSettings" />
</component>
<component name="RunDashboard">
<option name="ruleStates">
<list>
<RuleState>
<option name="name" value="ConfigurationTypeDashboardGroupingRule" />
</RuleState>
<RuleState>
<option name="name" value="StatusDashboardGroupingRule" />
</RuleState>
</list>
</option>
</component>
<component name="RunManager">
<configuration name="libtomcrypt" type="CMakeRunConfiguration" factoryName="Application" PASS_PARENT_ENVS_2="true" PROJECT_NAME="Project" TARGET_NAME="libtomcrypt" CONFIG_NAME="Debug">
<method v="2">
<option name="com.jetbrains.cidr.execution.CidrBuildBeforeRunTaskProvider$BuildBeforeRunTask" enabled="true" />
</method>
</configuration>
</component>
<component name="SvnConfiguration">
<configuration />
</component>
<component name="TaskManager">
<task active="true" id="Default" summary="Default task">
<changelist id="f9fbbc11-a5c8-46a1-b57e-dc4d62e89a48" name="Default Changelist" comment="" />
<created>1562093198444</created>
<option name="number" value="Default" />
<option name="presentableId" value="Default" />
<updated>1562093198444</updated>
<workItem from="1562093199996" duration="1140000" />
</task>
<task id="LOCAL-00001" summary="Fixed linux builds">
<created>1562093370391</created>
<option name="number" value="00001" />
<option name="presentableId" value="LOCAL-00001" />
<option name="project" value="LOCAL" />
<updated>1562093370391</updated>
</task>
<option name="localTasksCounter" value="2" />
<servers />
</component>
<component name="TimeTrackingManager">
<option name="totallyTimeSpent" value="2175000" />
</component>
<component name="ToolWindowManager">
<frame x="-1" y="2160" width="3842" height="2138" extended-state="6" />
<editor active="true" />
<layout>
<window_info content_ui="combo" id="Project" order="0" visible="true" weight="0.24986808" />
<window_info id="Structure" order="1" side_tool="true" weight="0.25" />
<window_info id="Favorites" order="2" side_tool="true" />
<window_info anchor="bottom" id="Message" order="0" />
<window_info anchor="bottom" id="Find" order="1" />
<window_info anchor="bottom" id="Run" order="2" />
<window_info anchor="bottom" id="Debug" order="3" weight="0.4" />
<window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
<window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
<window_info anchor="bottom" id="TODO" order="6" />
<window_info anchor="bottom" id="Docker" order="7" />
<window_info anchor="bottom" id="Version Control" order="8" weight="0.3296593" />
<window_info anchor="bottom" id="Database Changes" order="9" />
<window_info anchor="bottom" id="CMake" order="10" weight="0.3296593" />
<window_info active="true" anchor="bottom" id="Terminal" order="11" visible="true" weight="0.3296593" />
<window_info anchor="bottom" id="Event Log" order="12" side_tool="true" />
<window_info anchor="bottom" id="Messages" order="13" weight="0.3296593" />
<window_info anchor="right" id="Commander" order="0" weight="0.4" />
<window_info anchor="right" id="Ant Build" order="1" weight="0.25" />
<window_info anchor="right" content_ui="combo" id="Hierarchy" order="2" weight="0.25" />
<window_info anchor="right" id="Database" order="3" />
</layout>
</component>
<component name="TypeScriptGeneratedFilesManager">
<option name="version" value="1" />
</component>
<component name="VcsManagerConfiguration">
<MESSAGE value="Fixed linux builds" />
<option name="LAST_COMMIT_MESSAGE" value="Fixed linux builds" />
</component>
<component name="editorHistoryManager">
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_cipher.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="348">
<caret line="24" column="17" selection-start-line="24" selection-start-column="17" selection-end-line="24" selection-end-column="17" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_hash.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="382">
<caret line="26" column="27" selection-start-line="26" selection-start-column="27" selection-end-line="26" selection-end-column="27" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_mac.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="501">
<caret line="33" selection-start-line="33" selection-end-line="33" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_macros.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="433">
<caret line="94" column="48" selection-start-line="94" selection-start-column="48" selection-end-line="94" selection-end-column="48" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_misc.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="467">
<caret line="31" selection-start-line="31" selection-end-line="31" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_argchk.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="459">
<caret line="27" selection-start-line="27" selection-end-line="27" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_custom.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="406">
<caret line="161" column="22" selection-start-line="161" selection-start-column="22" selection-end-line="161" selection-end-column="22" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_cfg.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="832">
<caret line="56" column="3" selection-start-line="56" selection-start-column="3" selection-end-line="56" selection-end-column="3" />
<folding>
<element signature="e#1799#1946#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_pk.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="1876">
<caret line="673" selection-start-line="673" selection-end-line="673" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/misc/crypt/crypt_register_all_ciphers.c">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="1241">
<caret line="76" column="17" selection-start-line="76" selection-start-column="17" selection-end-line="76" selection-end-column="17" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/misc/pk_get_oid.c">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="425">
<caret line="25" column="10" selection-start-line="25" selection-start-column="10" selection-end-line="25" selection-end-column="10" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/misc/mem_neq.c">
<provider selected="true" editor-type-id="text-editor" />
</entry>
<entry file="file://$PROJECT_DIR$/src/misc/error_to_string.c">
<provider selected="true" editor-type-id="text-editor" />
</entry>
<entry file="file://$PROJECT_DIR$/src/math/ltm_desc.c">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="238">
<caret line="14" selection-start-line="14" selection-end-line="14" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/../tommath/out/linux_amd64/include/tommath.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="582">
<caret line="92" column="6" selection-start-line="92" selection-start-column="6" selection-end-line="92" selection-end-column="6" />
<folding>
<element signature="e#548#566#0" expanded="true" />
<element signature="e#675#687#0" expanded="true" />
<element signature="e#1597#1797#0" expanded="true" />
<element signature="e#2140#2177#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="861">
<caret line="90" selection-start-line="90" selection-end-line="90" />
<folding>
<element signature="e#315#334#0" expanded="true" />
<element signature="e#550#562#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/headers/tomcrypt_math.h">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="372">
<caret line="510" column="26" selection-start-line="510" selection-start-column="13" selection-end-line="510" selection-end-column="26" />
<folding>
<element signature="e#436#459#0" expanded="true" />
<element signature="e#488#509#0" expanded="true" />
<element signature="e#15842#15884#0" expanded="true" />
<element signature="e#15909#15951#0" expanded="true" />
</folding>
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/pk/ecc/ltc_ecc_projective_add_point.c">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="435">
<caret line="50" column="12" selection-start-line="50" selection-start-column="12" selection-end-line="50" selection-end-column="12" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/src/pk/ecc/ltc_ecc_mulmod_timing.c">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="1819">
<caret line="107" column="31" selection-start-line="107" selection-start-column="31" selection-end-line="107" selection-end-column="31" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/makefile">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="415">
<caret line="87" column="33" selection-start-line="87" selection-start-column="33" selection-end-line="87" selection-end-column="33" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/create_build.sh">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="17">
<caret line="1" lean-forward="true" selection-start-line="1" selection-end-line="1" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/CMakeLists.txt">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="901">
<caret line="53" lean-forward="true" selection-start-line="53" selection-end-line="53" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/.gitignore">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="816">
<caret line="48" column="5" lean-forward="true" selection-start-line="48" selection-start-column="5" selection-end-line="48" selection-end-column="5" />
</state>
</provider>
</entry>
</component>
</project>

58
.travis.yml
View File

@ -13,7 +13,7 @@ addons:
install:
- sudo apt-get update -qq
- sudo apt-get install libtommath-dev
- sudo apt-get install libtommath-dev libgmp-dev valgrind
before_script:
- gem install coveralls-lcov
@ -38,89 +38,77 @@ script:
- bash "${BUILDSCRIPT}" "${BUILDNAME}" "${BUILDOPTIONS}" "makefile.shared V=1" "-DUSE_TFM -DTFM_DESC" "-ltfm"
env:
- |
BUILDSCRIPT="check_source.sh"
BUILDNAME="CHECK_SOURCES"
BUILDSCRIPT=".ci/meta_builds.sh"
BUILDNAME="META_BUILS"
BUILDOPTIONS="-DGMP_DESC"
- |
BUILDSCRIPT=".ci/valgrind.sh"
BUILDNAME="VALGRIND"
BUILDOPTIONS=" "
- |
BUILDSCRIPT="scan_build.sh"
BUILDNAME="SCAN_BUILD"
BUILDOPTIONS=" "
- |
BUILDSCRIPT="coverage.sh"
BUILDNAME="COVERAGE"
BUILDOPTIONS=" "
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="STOCK"
BUILDOPTIONS=" "
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="EASY"
BUILDOPTIONS="-DLTC_EASY"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="SMALL"
BUILDOPTIONS="-DLTC_SMALL_CODE"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="NOTABLES"
BUILDOPTIONS="-DLTC_NO_TABLES"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="SMALL+NOTABLES"
BUILDOPTIONS="-DLTC_SMALL_CODE -DLTC_NO_TABLES"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="CLEANSTACK"
BUILDOPTIONS="-DLTC_CLEAN_STACK"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="CLEANSTACK+SMALL"
BUILDOPTIONS="-DLTC_SMALL_CODE -DLTC_CLEAN_STACK"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="CLEANSTACK+NOTABLES"
BUILDOPTIONS="-DLTC_NO_TABLES -DLTC_CLEAN_STACK"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="CLEANSTACK+NOTABLES+SMALL"
BUILDOPTIONS="-DLTC_NO_TABLES -DLTC_CLEAN_STACK -DLTC_SMALL_CODE"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="NO_FAST"
BUILDOPTIONS="-DLTC_NO_FAST"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="NO_FAST+NOTABLES"
BUILDOPTIONS="-DLTC_NO_FAST -DLTC_NO_TABLES"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="NO_ASM"
BUILDOPTIONS="-DLTC_NO_ASM"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="NO_TIMING_RESISTANCE"
BUILDOPTIONS="-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE"
BUILDOPTIONS="-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="PTHREAD"
BUILDOPTIONS="-DLTC_PTHREAD"
- |
BUILDSCRIPT="run.sh"
BUILDSCRIPT=".ci/run.sh"
BUILDNAME="CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE+PTHREAD"
BUILDOPTIONS="-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING -DLTC_PTHREAD"
- |
BUILDSCRIPT="testbuild.sh"
BUILDNAME="NOTEST"
BUILDOPTIONS="-DLTC_NO_TEST"
- |
BUILDSCRIPT="testbuild.sh"
BUILDNAME="NOFILE"
BUILDOPTIONS="-DLTC_NO_FILE"
after_failure:
- cat test_std.txt

75
CMakeLists.txt Normal file
View File

@ -0,0 +1,75 @@
cmake_minimum_required(VERSION 3.0)
IF (CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX)
ADD_DEFINITIONS(-DLTC_NO_ROLC)
ENDIF ()
IF (WIN32)
ADD_DEFINITIONS(-DLTC_NO_PROTOTYPES)
ADD_DEFINITIONS(-D_CRT_SECURE_NO_WARNINGS)
ADD_DEFINITIONS(-DLTC_SOURCE)
ENDIF()
INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/src/headers)
SET (ALL_HEADER_FILES
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_cfg.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_custom.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_mac.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_math.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_pk.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_prng.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_argchk.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_cipher.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_hash.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_macros.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_misc.h
${CMAKE_CURRENT_SOURCE_DIR}/src/headers/tomcrypt_pkcs.h
)
file(GLOB_RECURSE ALL_SOURCE_FILES src/*.c)
if (MSVC)
message(STATUS "Detect MSVC compiler...")
SET(MSVC_LIKE_COMPILER ON)
set(CompilerFlags
CMAKE_CXX_FLAGS
CMAKE_CXX_FLAGS_DEBUG
CMAKE_CXX_FLAGS_RELEASE
CMAKE_C_FLAGS
CMAKE_C_FLAGS_DEBUG
CMAKE_C_FLAGS_RELEASE
)
foreach(CompilerFlag ${CompilerFlags})
string(REPLACE "/MD" "/MT" ${CompilerFlag} "${${CompilerFlag}}")
endforeach()
elseif ("x${CMAKE_CXX_COMPILER_ID}" STREQUAL "xIntel")
if(WIN32)
message(STATUS "Detect Intel compiler and handle it like MSVC...")
SET(MSVC_LIKE_COMPILER ON)
endif ()
endif ()
if (MSVC_LIKE_COMPILER)
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /FI tomcrypt.h")
else ()
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -include tomcrypt.h -fPIC")
endif ()
SET_SOURCE_FILES_PROPERTIES(ALL_HEADER_FILES PROPERTIES HEADER_FILE_ONLY TRUE)
LIST(APPEND ALL_SOURCE_FILES ${ALL_HEADER_FILES})
ADD_LIBRARY(libtomcrypt STATIC ${ALL_SOURCE_FILES})
INSTALL(TARGETS libtomcrypt
ARCHIVE DESTINATION "lib" CONFIGURATIONS Debug Release MinSizeRel RelWithDebInfo
LIBRARY DESTINATION "lib" CONFIGURATIONS Debug Release MinSizeRel RelWithDebInfo
RUNTIME DESTINATION "bin" CONFIGURATIONS Debug Release MinSizeRel RelWithDebInfo
)
INSTALL(FILES ${LIBTOMCRYPT_PUBLIC_HEADER_FILES} DESTINATION "includes/libtomcrypt")
SET(MSVC_LIKE_COMPILER OFF)

4
coverity.sh
View File

@ -38,3 +38,7 @@ curl -k --form project=libtomcrypt \
--form version=\"${myversion}\" \
--form description="\"libtomcrypt version ${myversion}\"" \
https://scan.coverity.com/builds?project=libtom%2Flibtomcrypt
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

8
create_build.sh Executable file
View File

@ -0,0 +1,8 @@
#!/usr/bin/env bash
[[ -z "${tommath_library}" ]] && tommath_library="$(pwd)/../tommath/build/libtommathStatic.a"
[[ -z "${tommath_include}" ]] && tommath_include="../tommath/"
make -f makefile clean
CFLAGS="-fPIC -DUSE_LTM -DLTM_DESC -I${tommath_include}" make -f makefile EXTRALIBS="${tommath_library}"
make PREFIX=./out/${build_os_type}_${build_os_arch}/ install

53
demos/timing.c
View File

@ -520,20 +520,15 @@ static void time_hash(void)
}
/*#warning you need an mp_rand!!!*/
#if !defined(USE_LTM) && !defined(USE_TFM) && !defined(USE_GMP) && !defined(EXT_MATH_LIB)
#undef LTC_MPI
#undef LTC_TEST_MPI
#else
#define LTC_TEST_MPI
#endif
#ifdef LTC_MPI
static void time_mult(void)
{
ulong64 t1, t2;
unsigned long x, y;
void *a, *b, *c;
if (ltc_mp.name == NULL) return;
fprintf(stderr, "Timing Multiplying:\n");
mp_init_multi(&a,&b,&c,NULL);
for (x = 128/MP_DIGIT_BIT; x <= (unsigned long)1536/MP_DIGIT_BIT; x += 128/MP_DIGIT_BIT) {
@ -565,6 +560,8 @@ static void time_sqr(void)
unsigned long x, y;
void *a, *b;
if (ltc_mp.name == NULL) return;
fprintf(stderr, "Timing Squaring:\n");
mp_init_multi(&a,&b,NULL);
for (x = 128/MP_DIGIT_BIT; x <= (unsigned long)1536/MP_DIGIT_BIT; x += 128/MP_DIGIT_BIT) {
@ -588,10 +585,6 @@ static void time_sqr(void)
#undef DO1
#undef DO2
}
#else
static void time_mult(void) { fprintf(stderr, "NO MULT\n"); }
static void time_sqr(void) { fprintf(stderr, "NO SQR\n"); }
#endif
static void time_prng(void)
{
@ -645,7 +638,7 @@ static void time_prng(void)
}
}
#if defined(LTC_MDSA) && defined(LTC_TEST_MPI)
#if defined(LTC_MDSA)
/* time various DSA operations */
static void time_dsa(void)
{
@ -665,6 +658,8 @@ static const struct {
#endif
};
if (ltc_mp.name == NULL) return;
for (x = 0; x < (sizeof(groups)/sizeof(groups[0])); x++) {
t2 = 0;
for (y = 0; y < 4; y++) {
@ -700,7 +695,7 @@ static void time_dsa(void) { fprintf(stderr, "NO DSA\n"); }
#endif
#if defined(LTC_MRSA) && defined(LTC_TEST_MPI)
#if defined(LTC_MRSA)
/* time various RSA operations */
static void time_rsa(void)
{
@ -710,6 +705,8 @@ static void time_rsa(void)
unsigned long x, y, z, zzz;
int err, zz, stat;
if (ltc_mp.name == NULL) return;
for (x = 1024; x <= 2048; x += 256) {
t2 = 0;
for (y = 0; y < 4; y++) {
@ -824,7 +821,7 @@ static void time_rsa(void)
static void time_rsa(void) { fprintf(stderr, "NO RSA\n"); }
#endif
#if defined(LTC_MKAT) && defined(LTC_TEST_MPI)
#if defined(LTC_MKAT)
/* time various KAT operations */
static void time_katja(void)
{
@ -834,6 +831,8 @@ static void time_katja(void)
unsigned long x, y, z, zzz;
int err, zz;
if (ltc_mp.name == NULL) return;
for (x = 1024; x <= 2048; x += 256) {
t2 = 0;
for (y = 0; y < 4; y++) {
@ -894,7 +893,7 @@ static void time_katja(void)
static void time_katja(void) { fprintf(stderr, "NO Katja\n"); }
#endif
#if defined(LTC_MDH) && defined(LTC_TEST_MPI)
#if defined(LTC_MDH)
/* time various DH operations */
static void time_dh(void)
{
@ -909,6 +908,8 @@ static void time_dh(void)
100000
};
if (ltc_mp.name == NULL) return;
for (x = sizes[i=0]; x < 100000; x = sizes[++i]) {
t2 = 0;
for (y = 0; y < 16; y++) {
@ -936,7 +937,7 @@ static void time_dh(void)
static void time_dh(void) { fprintf(stderr, "NO DH\n"); }
#endif
#if defined(LTC_MECC) && defined(LTC_TEST_MPI)
#if defined(LTC_MECC)
/* time various ECC operations */
static void time_ecc(void)
{
@ -972,6 +973,8 @@ static void time_ecc(void)
#endif
100000};
if (ltc_mp.name == NULL) return;
for (x = sizes[i=0]; x < 100000; x = sizes[++i]) {
t2 = 0;
for (y = 0; y < 256; y++) {
@ -1425,6 +1428,7 @@ const struct
};
char *single_test = NULL;
unsigned int i;
const char* mpi_provider = NULL;
init_timer();
register_all_ciphers();
@ -1432,18 +1436,21 @@ register_all_hashes();
register_all_prngs();
#ifdef USE_LTM
ltc_mp = ltm_desc;
mpi_provider = "ltm";
#elif defined(USE_TFM)
ltc_mp = tfm_desc;
mpi_provider = "tfm";
#elif defined(USE_GMP)
ltc_mp = gmp_desc;
mpi_provider = "gmp";
#elif defined(EXT_MATH_LIB)
{
extern ltc_math_descriptor EXT_MATH_LIB;
ltc_mp = EXT_MATH_LIB;
}
mpi_provider = "ext";
#endif
if (argc > 2) {
mpi_provider = argv[2];
}
crypt_mp_init(mpi_provider);
if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT_OK) {
fprintf(stderr, "rng_make_prng failed: %s\n", error_to_string(err));
exit(EXIT_FAILURE);

24
demos/tv_gen.c
View File

@ -213,7 +213,11 @@ void omac_gen(void)
}
len = sizeof(output);
if ((err = omac_memory(x, key, kl, input, y, output, &len)) != CRYPT_OK) {
printf("Error omacing: %s\n", error_to_string(err));
printf("Error OMAC'ing: %s\n", error_to_string(err));
exit(EXIT_FAILURE);
}
if (len == 0) {
printf("Error OMAC'ing: zero length\n");
exit(EXIT_FAILURE);
}
fprintf(out, "%3d: ", y);
@ -270,7 +274,11 @@ void pmac_gen(void)
}
len = sizeof(output);
if ((err = pmac_memory(x, key, kl, input, y, output, &len)) != CRYPT_OK) {
printf("Error omacing: %s\n", error_to_string(err));
printf("Error PMACing: %s\n", error_to_string(err));
exit(EXIT_FAILURE);
}
if (len == 0) {
printf("Error PMAC'ing: zero length\n");
exit(EXIT_FAILURE);
}
fprintf(out, "%3d: ", y);
@ -331,6 +339,10 @@ void eax_gen(void)
printf("Error EAX'ing: %s\n", error_to_string(err));
exit(EXIT_FAILURE);
}
if (len == 0) {
printf("Error EAX'ing: zero length\n");
exit(EXIT_FAILURE);
}
fprintf(out, "%3d: ", y1);
for (z = 0; z < y1; z++) {
fprintf(out, "%02X", plaintext[z]);
@ -396,6 +408,10 @@ void ocb_gen(void)
printf("Error OCB'ing: %s\n", error_to_string(err));
exit(EXIT_FAILURE);
}
if (len == 0) {
printf("Error OCB'ing: zero length\n");
exit(EXIT_FAILURE);
}
fprintf(out, "%3d: ", y1);
for (z = 0; z < y1; z++) {
fprintf(out, "%02X", plaintext[z]);
@ -462,6 +478,10 @@ void ocb3_gen(void)
printf("Error OCB3'ing: %s\n", error_to_string(err));
exit(EXIT_FAILURE);
}
if (len == 0) {
printf("Error OCB3'ing: zero length\n");
exit(EXIT_FAILURE);
}
fprintf(out, "%3d: ", y1);
for (z = 0; z < y1; z++) {
fprintf(out, "%02X", plaintext[z]);

183
doc/crypt.tex
View File

@ -1,3 +1,8 @@
\def\fixedpdfdate{D:20171128222929+01'00'}
\pdfinfo{
/CreationDate (\fixedpdfdate)
/ModDate (\fixedpdfdate)
}
\documentclass[synpaper]{book}
\usepackage{geometry}
\usepackage{hyperref}
@ -600,6 +605,7 @@ As of this release the current cipher\_descriptors elements are the following:
\index{Cipher descriptor table}
\index{blowfish\_desc} \index{xtea\_desc} \index{rc2\_desc} \index{rc5\_desc} \index{rc6\_desc} \index{saferp\_desc} \index{aes\_desc} \index{twofish\_desc}
\index{des\_desc} \index{des3\_desc} \index{noekeon\_desc} \index{skipjack\_desc} \index{anubis\_desc} \index{khazad\_desc} \index{kseed\_desc} \index{kasumi\_desc} \index{camellia\_desc} \index{aes\_enc\_desc}
\index{idea\_desc} \index{serpent\_desc}
\begin{figure}[hpbt]
\begin{small}
\begin{center}
@ -624,6 +630,8 @@ As of this release the current cipher\_descriptors elements are the following:
\hline SEED & kseed\_desc & 16 & 16 & 16 \\
\hline KASUMI & kasumi\_desc & 8 & 16 & 8 \\
\hline Camellia & camellia\_desc & 16 & 16, 24, 32 & 18, 24 \\
\hline IDEA & idea\_desc & 8 & 16 & 8 \\
\hline Serpent & serpent\_desc & 16 & 16, 24, 32 & 32 \\
\hline
\end{tabular}
\end{center}
@ -1298,6 +1306,96 @@ At the end you have to terminate the state:
err = chacha_done(&st);
\end{verbatim}
\mysection{Salsa20}
\textit{Salsa20} is the forerunner of the ChaCha stream cipher. The ChaCha cipher is
Salsa20 with a few minor tweaks to further improve its strength, and in so doing, increase its
speed performance by about 5 percent. Unless you need Salsa20 for some reason, you should
probably choose ChaCha instead.
In April 2008 \textit{Salsa20/12} was named one of the winners in the EU eSTREAM competition.
Salsa20 was originally submitted by Daniel Bernstein with 20 rounds of strength but the
12-round reduced-round version was deemed to have sufficient strength and declared a winner.
Even the 8-round reduced-round version, Salsa20/8, has withstood attack.
For more information about Salsa20 see \url{https://en.wikipedia.org/wiki/Salsa20}.
Supported key size: 16 or 32 bytes (128 or 256 bits).
You can initialize Salsa20 with 64bit \textit{nonce} + 64bit \textit{counter}:
\begin{verbatim}
salsa20_state st;
err = salsa20_setup(&st, key, key_len, rounds);
err = salsa20_ivctr64(&st, nonce, 8, initial_64bit_ctr);
\end{verbatim}
The \textit{salsa20\_setup} takes the number of rounds as a parameter -- choose 20 (the default)
if you are not sure. As always never ever use the same key + nonce pair more than once.
For the actual encryption or decryption you have to call:
\begin{verbatim}
err = salsa20_crypt(&st, in_buffer, in_len, out_buffer);
\end{verbatim}
If you just want a random stream of bytes initialize the cipher with a truly random \textit{key}
(32 bytes), a truly random \textit{nonce} (8 bytes) and zero initial counter. After that you can
get a stream of pseudo--random bytes via:
\begin{verbatim}
err = salsa20_keystream(&st, out_buffer, out_len);
\end{verbatim}
When finished you should wipe the state:
\begin{verbatim}
err = salsa20_done(&st);
\end{verbatim}
\mysection{Sosemanuk}
\textit{Sosemanuk}, along with Salsa20, HC-128, and Rabbit, was named one of the winners in
the EU eSTREAM competition. Sosemanuk is a stream cipher that borrows heavily from SNOW,
another stream cipher, and the block cipher Serpent. (Sosemanuk means "snow snake" in the
Cree Indian language.)
Sosemanuk will accept a key between 1 and 256 bits, but Sosemanuk's security level of 128
bits is achieved only if the key is between 128 and 256 bits. Keys longer than 128 bits
are not guaranteed to provided higher security. The initialization vector is 128 bits.
See \url{http://www.ecrypt.eu.org/stream/p3ciphers/sosemanuk/sosemanuk_p3.pdf} for more
information.
You begin initializing Sosemanuk by creating a key context using a 128- to 256-bit key.
\begin{verbatim}
sosemanuk_key_context kc;
err = sosemanuk_schedule(&kc, key, key_len);
\end{verbatim}
Use the key context to create a run context and finish initialization with a 128-bit iv.
\begin{verbatim}
sosemanuk_run_context rc;
err = sosemanuk_init(&rc, &kc, iv, iv_len);
\end{verbatim}
For the actual encryption or decryption, call:
\begin{verbatim}
err = sosemanuk_crypt(&rc, in_buffer, in_len, out_buffer);
\end{verbatim}
If you just want a random stream of bytes initialize the cipher with a truly random \textit{key}
(32 bytes), a truly random \textit{iv} (16 bytes). After that you can
get a stream of pseudo--random bytes via:
\begin{verbatim}
err = sosemanuk_keystream(&rc, out_buffer, out_len);
\end{verbatim}
When finished you should wipe the key and run contexts:
\begin{verbatim}
err = sosemanuk_done(&kc, &rc);
\end{verbatim}
To do multiple encryptions and decryptions with the same key, you can reset the algorithm
using sosemanuk_init() if you saved the key context and did not wipe it with sosemanuk_done().
You will want to use a different iv but you do not need to re-run sosemanuk_schedule() again.
\mysection{RC4}
For more information about RC4 see \url{https://en.wikipedia.org/wiki/RC4}.
@ -6367,6 +6465,46 @@ int base64url_strict_decode(const unsigned char *in, unsigned long len,
unsigned char *out, unsigned long *outlen);
\end{verbatim}
\mysection{Base32 Encoding and Decoding}
The library provides functions to encode and decode a Base32 coding scheme. The supported mappings are:
\begin{center}
\begin{tabular}{|l|l|l|}
\hline \textbf{id} & \textbf{Mapping} & \textbf{Name} \\
\hline BASE32\_RFC4648 & ABCDEFGHIJKLMNOPQRSTUVWXYZ234567 & RFC-4648 \\
\hline BASE32\_BASE32HEX & 0123456789ABCDEFGHIJKLMNOPQRSTUV & Base32hex \\
\hline BASE32\_ZBASE32 & YBNDRFG8EJKMCPQXOT1UWISZA345H769 & ZBase32 \\
\hline BASE32\_CROCKFORD & 0123456789ABCDEFGHJKMNPQRSTVWXYZ & Crockford \\
\hline
\end{tabular}
\end{center}
To encode a binary string in base32 call:
\index{base32\_encode()}
\begin{verbatim}
int base32_encode(const unsigned char *in,
unsigned long len,
unsigned char *out,
unsigned long *outlen,
base32_alphabet id);
\end{verbatim}
Where \textit{in} is the binary string, \textit{out} is where the ASCII output is placed and \textit{id} is
\textit{BASE32\_RFC4648}, \textit{BASE32\_BASE32HEX}, \textit{BASE32\_ZBASE32} or \textit{BASE32\_CROCKFORD} according the table above.
To decode a base32 string call:
\index{base32\_decode()}
\begin{verbatim}
int base32_decode(const unsigned char *in,
unsigned long len,
unsigned char *out,
unsigned long *outlen,
base32_alphabet id);
\end{verbatim}
\mysection{Primality Testing}
\index{Primality Testing}
The library includes primality testing and random prime functions as well. The primality tester will perform the test in
@ -6542,29 +6680,36 @@ int crypt_list_all_constants( char *names_list,
unsigned int *names_list_size);
\end{verbatim}
You may want to call these functions twice, first to get the amount
of memory to be allocated for the $names_list$, and a final time to
actually populate $names_list$. If $names_list$ is NULL,
$names_list_size$ will be the minimum size needed to receive the
complete $names_list$. If $names_list$ is NOT NULL, $names_list$ must
be a pointer to sufficient memory into which the $names_list$ will be
written. Also, the value in $names_list_size$ sets the upper bound of
of memory to be allocated for the $names\_list$, and a final time to
actually populate $names\_list$. If $names\_list$ is NULL,
$names\_list\_size$ will be the minimum size needed to receive the
complete $names\_list$. If $names\_list$ is NOT NULL, $names\_list$ must
be a pointer to sufficient memory into which the $names\_list$ will be
written. Also, the value in $names\_list\_size$ sets the upper bound of
the number of characters to be written. A -1 return value signifies
insufficient space.
The format of the $names_list$ string is a series of $name,value$ pairs
The format of the $names\_list$ string is a series of $name,value$ pairs
where each name and value is separated by a comma, the pairs are separated
by newlines, and the list is null terminated.
Calling either of these functions will initialize the respective
math library.
\index{crypt\_mp\_init()}
\begin{verbatim}
void init_LTM(void);
void init_TFM(void);
void init_GMP(void);
int crypt_mp_init(const char* mpi);
\end{verbatim}
To ease the setup of a specific math descriptor, in cases where the library was compiled with support for multiple MPI libraries,
the function \textit{crypt\_mp\_init()} is provided.
It takes a string to the desired MPI library to use as an argument.
The three default MPI libraries are identified as follows, \textit{LibTomMath} as \texttt{"ltm"}, \textit{TomsFastmath} as \texttt{"tfm"}
and the \textit{GNU Multi Precision Arithmetic Library} as \texttt{"gmp"}.
The identification happens case-insensitive and only on the first character.
Here is a Python program demonstrating how to call various LTC dynamic
language support functions.
A more detailed example is given in the library source in \texttt{demos/demo\_dynamic.py}.
\begin{verbatim}
from ctypes import *
@ -8258,6 +8403,20 @@ for RSA--1024 the output is always 128 bytes regardless of how small the numeric
Since the function is given the entire RSA key (for private keys only) CRT is possible as prescribed in the PKCS \#1 v2.1 specification.
\mysection{Deprecated API functions}
\subsection{After v1.18.0}
\index{init\_LTM()} \index{init\_TFM()} \index{init\_GMP()}
\begin{verbatim}
void init_LTM(void);
void init_TFM(void);
void init_GMP(void);
\end{verbatim}
These three MPI init functions have been introduced in version 1.18.0 and have been deprecated in the same version in favor of \textit{crypt\_mp\_init()}.
\newpage
\markboth{Index}{Index}
\input{crypt.ind}

60
libtomcrypt_VS2008.vcproj
View File

@ -351,6 +351,10 @@
RelativePath="src\ciphers\des.c"
>
</File>
<File
RelativePath="src\ciphers\idea.c"
>
</File>
<File
RelativePath="src\ciphers\kasumi.c"
>
@ -383,6 +387,10 @@
RelativePath="src\ciphers\rc6.c"
>
</File>
<File
RelativePath="src\ciphers\serpent.c"
>
</File>
<File
RelativePath="src\ciphers\skipjack.c"
>
@ -1363,6 +1371,18 @@
RelativePath="src\misc\zeromem.c"
>
</File>
<Filter
Name="base32"
>
<File
RelativePath="src\misc\base32\base32_decode.c"
>
</File>
<File
RelativePath="src\misc\base32\base32_encode.c"
>
</File>
</Filter>
<Filter
Name="base64"
>
@ -2455,6 +2475,34 @@
>
</File>
</Filter>
<Filter
Name="salsa20"
>
<File
RelativePath="src\stream\salsa20\salsa20_crypt.c"
>
</File>
<File
RelativePath="src\stream\salsa20\salsa20_done.c"
>
</File>
<File
RelativePath="src\stream\salsa20\salsa20_ivctr64.c"
>
</File>
<File
RelativePath="src\stream\salsa20\salsa20_keystream.c"
>
</File>
<File
RelativePath="src\stream\salsa20\salsa20_setup.c"
>
</File>
<File
RelativePath="src\stream\salsa20\salsa20_test.c"
>
</File>
</Filter>
<Filter
Name="sober128"
>
@ -2511,6 +2559,18 @@
</FileConfiguration>
</File>
</Filter>
<Filter
Name="sosemanuk"
>
<File
RelativePath="src\stream\sosemanuk\sosemanuk.c"
>
</File>
<File
RelativePath="src\stream\sosemanuk\sosemanuk_test.c"
>
</File>
</Filter>
</Filter>
</Files>
<Globals>

73
makefile.mingw
View File

@ -36,16 +36,17 @@ LIBMAIN_D =libtomcrypt.dll
#List of objects to compile (all goes to libtomcrypt.a)
OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src/ciphers/blowfish.o \
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/kasumi.o src/ciphers/khazad.o \
src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o src/ciphers/rc5.o \
src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o src/ciphers/skipjack.o \
src/ciphers/twofish/twofish.o src/ciphers/xtea.o src/encauth/ccm/ccm_add_aad.o \
src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o src/encauth/ccm/ccm_init.o \
src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o src/encauth/ccm/ccm_reset.o \
src/encauth/ccm/ccm_test.o src/encauth/chachapoly/chacha20poly1305_add_aad.o \
src/encauth/chachapoly/chacha20poly1305_decrypt.o src/encauth/chachapoly/chacha20poly1305_done.o \
src/encauth/chachapoly/chacha20poly1305_encrypt.o src/encauth/chachapoly/chacha20poly1305_init.o \
src/encauth/chachapoly/chacha20poly1305_memory.o src/encauth/chachapoly/chacha20poly1305_setiv.o \
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/twofish/twofish.o src/ciphers/xtea.o \
src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o \
src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o \
src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
src/encauth/chachapoly/chacha20poly1305_add_aad.o src/encauth/chachapoly/chacha20poly1305_decrypt.o \
src/encauth/chachapoly/chacha20poly1305_done.o src/encauth/chachapoly/chacha20poly1305_encrypt.o \
src/encauth/chachapoly/chacha20poly1305_init.o src/encauth/chachapoly/chacha20poly1305_memory.o \
src/encauth/chachapoly/chacha20poly1305_setiv.o \
src/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.o \
src/encauth/chachapoly/chacha20poly1305_test.o src/encauth/eax/eax_addheader.o \
src/encauth/eax/eax_decrypt.o src/encauth/eax/eax_decrypt_verify_memory.o src/encauth/eax/eax_done.o \
@ -90,20 +91,21 @@ src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
src/misc/crypt/crypt_constants.o src/misc/crypt/crypt_find_cipher.o \
src/misc/crypt/crypt_find_cipher_any.o src/misc/crypt/crypt_find_cipher_id.o \
src/misc/crypt/crypt_find_hash.o src/misc/crypt/crypt_find_hash_any.o \
src/misc/crypt/crypt_find_hash_id.o src/misc/crypt/crypt_find_hash_oid.o \
src/misc/crypt/crypt_find_prng.o src/misc/crypt/crypt_fsa.o src/misc/crypt/crypt_hash_descriptor.o \
src/misc/crypt/crypt_hash_is_valid.o src/misc/crypt/crypt_inits.o \
src/misc/crypt/crypt_ltc_mp_descriptor.o src/misc/crypt/crypt_prng_descriptor.o \
src/misc/crypt/crypt_prng_is_valid.o src/misc/crypt/crypt_prng_rng_descriptor.o \
src/misc/crypt/crypt_register_all_ciphers.o src/misc/crypt/crypt_register_all_hashes.o \
src/misc/crypt/crypt_register_all_prngs.o src/misc/crypt/crypt_register_cipher.o \
src/misc/crypt/crypt_register_hash.o src/misc/crypt/crypt_register_prng.o src/misc/crypt/crypt_sizes.o \
src/misc/base32/base32_decode.o src/misc/base32/base32_encode.o src/misc/base64/base64_decode.o \
src/misc/base64/base64_encode.o src/misc/burn_stack.o src/misc/compare_testvector.o src/misc/crc32.o \
src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o src/misc/crypt/crypt_cipher_descriptor.o \
src/misc/crypt/crypt_cipher_is_valid.o src/misc/crypt/crypt_constants.o \
src/misc/crypt/crypt_find_cipher.o src/misc/crypt/crypt_find_cipher_any.o \
src/misc/crypt/crypt_find_cipher_id.o src/misc/crypt/crypt_find_hash.o \
src/misc/crypt/crypt_find_hash_any.o src/misc/crypt/crypt_find_hash_id.o \
src/misc/crypt/crypt_find_hash_oid.o src/misc/crypt/crypt_find_prng.o src/misc/crypt/crypt_fsa.o \
src/misc/crypt/crypt_hash_descriptor.o src/misc/crypt/crypt_hash_is_valid.o \
src/misc/crypt/crypt_inits.o src/misc/crypt/crypt_ltc_mp_descriptor.o \
src/misc/crypt/crypt_prng_descriptor.o src/misc/crypt/crypt_prng_is_valid.o \
src/misc/crypt/crypt_prng_rng_descriptor.o src/misc/crypt/crypt_register_all_ciphers.o \
src/misc/crypt/crypt_register_all_hashes.o src/misc/crypt/crypt_register_all_prngs.o \
src/misc/crypt/crypt_register_cipher.o src/misc/crypt/crypt_register_hash.o \
src/misc/crypt/crypt_register_prng.o src/misc/crypt/crypt_sizes.o \
src/misc/crypt/crypt_unregister_cipher.o src/misc/crypt/crypt_unregister_hash.o \
src/misc/crypt/crypt_unregister_prng.o src/misc/error_to_string.o src/misc/hkdf/hkdf.o \
src/misc/hkdf/hkdf_test.o src/misc/mem_neq.o src/misc/pk_get_oid.o src/misc/pkcs5/pkcs_5_1.o \
@ -188,15 +190,20 @@ src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/so
src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
src/stream/chacha/chacha_ivctr32.o src/stream/chacha/chacha_ivctr64.o \
src/stream/chacha/chacha_keystream.o src/stream/chacha/chacha_setup.o src/stream/chacha/chacha_test.o \
src/stream/rc4/rc4_stream.o src/stream/rc4/rc4_test.o src/stream/sober128/sober128_stream.o \
src/stream/sober128/sober128_test.o
src/stream/rc4/rc4_stream.o src/stream/rc4/rc4_test.o src/stream/salsa20/salsa20_crypt.o \
src/stream/salsa20/salsa20_done.o src/stream/salsa20/salsa20_ivctr64.o \
src/stream/salsa20/salsa20_keystream.o src/stream/salsa20/salsa20_setup.o \
src/stream/salsa20/salsa20_test.o src/stream/sober128/sober128_stream.o \
src/stream/sober128/sober128_test.o src/stream/sosemanuk/sosemanuk.o \
src/stream/sosemanuk/sosemanuk_test.o
#List of test objects to compile
TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
TOBJECTS=tests/base32_test.o tests/base64_test.o tests/cipher_hash_test.o tests/common.o \
tests/der_test.o tests/dh_test.o tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o \
tests/mac_test.o tests/misc_test.o tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o \
tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o \
tests/pkcs_1_test.o tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o \
tests/test.o
#The following headers will be installed by "make install"
HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
@ -286,3 +293,7 @@ install_bins: hashsum
install_docs: doc/crypt.pdf
cmd /c if not exist "$(PREFIX)\doc" mkdir "$(PREFIX)\doc"
copy /Y doc\crypt.pdf "$(PREFIX)\doc"
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

73
makefile.msvc
View File

@ -29,16 +29,17 @@ LIBMAIN_S =tomcrypt.lib
#List of objects to compile (all goes to tomcrypt.lib)
OBJECTS=src/ciphers/aes/aes.obj src/ciphers/aes/aes_enc.obj src/ciphers/anubis.obj src/ciphers/blowfish.obj \
src/ciphers/camellia.obj src/ciphers/cast5.obj src/ciphers/des.obj src/ciphers/kasumi.obj src/ciphers/khazad.obj \
src/ciphers/kseed.obj src/ciphers/multi2.obj src/ciphers/noekeon.obj src/ciphers/rc2.obj src/ciphers/rc5.obj \
src/ciphers/rc6.obj src/ciphers/safer/safer.obj src/ciphers/safer/saferp.obj src/ciphers/skipjack.obj \
src/ciphers/twofish/twofish.obj src/ciphers/xtea.obj src/encauth/ccm/ccm_add_aad.obj \
src/encauth/ccm/ccm_add_nonce.obj src/encauth/ccm/ccm_done.obj src/encauth/ccm/ccm_init.obj \
src/encauth/ccm/ccm_memory.obj src/encauth/ccm/ccm_process.obj src/encauth/ccm/ccm_reset.obj \
src/encauth/ccm/ccm_test.obj src/encauth/chachapoly/chacha20poly1305_add_aad.obj \
src/encauth/chachapoly/chacha20poly1305_decrypt.obj src/encauth/chachapoly/chacha20poly1305_done.obj \
src/encauth/chachapoly/chacha20poly1305_encrypt.obj src/encauth/chachapoly/chacha20poly1305_init.obj \
src/encauth/chachapoly/chacha20poly1305_memory.obj src/encauth/chachapoly/chacha20poly1305_setiv.obj \
src/ciphers/camellia.obj src/ciphers/cast5.obj src/ciphers/des.obj src/ciphers/idea.obj src/ciphers/kasumi.obj \
src/ciphers/khazad.obj src/ciphers/kseed.obj src/ciphers/multi2.obj src/ciphers/noekeon.obj src/ciphers/rc2.obj \
src/ciphers/rc5.obj src/ciphers/rc6.obj src/ciphers/safer/safer.obj src/ciphers/safer/saferp.obj \
src/ciphers/serpent.obj src/ciphers/skipjack.obj src/ciphers/twofish/twofish.obj src/ciphers/xtea.obj \
src/encauth/ccm/ccm_add_aad.obj src/encauth/ccm/ccm_add_nonce.obj src/encauth/ccm/ccm_done.obj \
src/encauth/ccm/ccm_init.obj src/encauth/ccm/ccm_memory.obj src/encauth/ccm/ccm_process.obj \
src/encauth/ccm/ccm_reset.obj src/encauth/ccm/ccm_test.obj \
src/encauth/chachapoly/chacha20poly1305_add_aad.obj src/encauth/chachapoly/chacha20poly1305_decrypt.obj \
src/encauth/chachapoly/chacha20poly1305_done.obj src/encauth/chachapoly/chacha20poly1305_encrypt.obj \
src/encauth/chachapoly/chacha20poly1305_init.obj src/encauth/chachapoly/chacha20poly1305_memory.obj \
src/encauth/chachapoly/chacha20poly1305_setiv.obj \
src/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.obj \
src/encauth/chachapoly/chacha20poly1305_test.obj src/encauth/eax/eax_addheader.obj \
src/encauth/eax/eax_decrypt.obj src/encauth/eax/eax_decrypt_verify_memory.obj src/encauth/eax/eax_done.obj \
@ -83,20 +84,21 @@ src/mac/xcbc/xcbc_file.obj src/mac/xcbc/xcbc_init.obj src/mac/xcbc/xcbc_memory.o
src/mac/xcbc/xcbc_memory_multi.obj src/mac/xcbc/xcbc_process.obj src/mac/xcbc/xcbc_test.obj \
src/math/fp/ltc_ecc_fp_mulmod.obj src/math/gmp_desc.obj src/math/ltm_desc.obj src/math/multi.obj \
src/math/radix_to_bin.obj src/math/rand_bn.obj src/math/rand_prime.obj src/math/tfm_desc.obj src/misc/adler32.obj \
src/misc/base64/base64_decode.obj src/misc/base64/base64_encode.obj src/misc/burn_stack.obj \
src/misc/compare_testvector.obj src/misc/crc32.obj src/misc/crypt/crypt.obj src/misc/crypt/crypt_argchk.obj \
src/misc/crypt/crypt_cipher_descriptor.obj src/misc/crypt/crypt_cipher_is_valid.obj \
src/misc/crypt/crypt_constants.obj src/misc/crypt/crypt_find_cipher.obj \
src/misc/crypt/crypt_find_cipher_any.obj src/misc/crypt/crypt_find_cipher_id.obj \
src/misc/crypt/crypt_find_hash.obj src/misc/crypt/crypt_find_hash_any.obj \
src/misc/crypt/crypt_find_hash_id.obj src/misc/crypt/crypt_find_hash_oid.obj \
src/misc/crypt/crypt_find_prng.obj src/misc/crypt/crypt_fsa.obj src/misc/crypt/crypt_hash_descriptor.obj \
src/misc/crypt/crypt_hash_is_valid.obj src/misc/crypt/crypt_inits.obj \
src/misc/crypt/crypt_ltc_mp_descriptor.obj src/misc/crypt/crypt_prng_descriptor.obj \
src/misc/crypt/crypt_prng_is_valid.obj src/misc/crypt/crypt_prng_rng_descriptor.obj \
src/misc/crypt/crypt_register_all_ciphers.obj src/misc/crypt/crypt_register_all_hashes.obj \
src/misc/crypt/crypt_register_all_prngs.obj src/misc/crypt/crypt_register_cipher.obj \
src/misc/crypt/crypt_register_hash.obj src/misc/crypt/crypt_register_prng.obj src/misc/crypt/crypt_sizes.obj \
src/misc/base32/base32_decode.obj src/misc/base32/base32_encode.obj src/misc/base64/base64_decode.obj \
src/misc/base64/base64_encode.obj src/misc/burn_stack.obj src/misc/compare_testvector.obj src/misc/crc32.obj \
src/misc/crypt/crypt.obj src/misc/crypt/crypt_argchk.obj src/misc/crypt/crypt_cipher_descriptor.obj \
src/misc/crypt/crypt_cipher_is_valid.obj src/misc/crypt/crypt_constants.obj \
src/misc/crypt/crypt_find_cipher.obj src/misc/crypt/crypt_find_cipher_any.obj \
src/misc/crypt/crypt_find_cipher_id.obj src/misc/crypt/crypt_find_hash.obj \
src/misc/crypt/crypt_find_hash_any.obj src/misc/crypt/crypt_find_hash_id.obj \
src/misc/crypt/crypt_find_hash_oid.obj src/misc/crypt/crypt_find_prng.obj src/misc/crypt/crypt_fsa.obj \
src/misc/crypt/crypt_hash_descriptor.obj src/misc/crypt/crypt_hash_is_valid.obj \
src/misc/crypt/crypt_inits.obj src/misc/crypt/crypt_ltc_mp_descriptor.obj \
src/misc/crypt/crypt_prng_descriptor.obj src/misc/crypt/crypt_prng_is_valid.obj \
src/misc/crypt/crypt_prng_rng_descriptor.obj src/misc/crypt/crypt_register_all_ciphers.obj \
src/misc/crypt/crypt_register_all_hashes.obj src/misc/crypt/crypt_register_all_prngs.obj \
src/misc/crypt/crypt_register_cipher.obj src/misc/crypt/crypt_register_hash.obj \
src/misc/crypt/crypt_register_prng.obj src/misc/crypt/crypt_sizes.obj \
src/misc/crypt/crypt_unregister_cipher.obj src/misc/crypt/crypt_unregister_hash.obj \
src/misc/crypt/crypt_unregister_prng.obj src/misc/error_to_string.obj src/misc/hkdf/hkdf.obj \
src/misc/hkdf/hkdf_test.obj src/misc/mem_neq.obj src/misc/pk_get_oid.obj src/misc/pkcs5/pkcs_5_1.obj \
@ -181,15 +183,20 @@ src/prngs/rc4.obj src/prngs/rng_get_bytes.obj src/prngs/rng_make_prng.obj src/pr
src/prngs/sprng.obj src/prngs/yarrow.obj src/stream/chacha/chacha_crypt.obj src/stream/chacha/chacha_done.obj \
src/stream/chacha/chacha_ivctr32.obj src/stream/chacha/chacha_ivctr64.obj \
src/stream/chacha/chacha_keystream.obj src/stream/chacha/chacha_setup.obj src/stream/chacha/chacha_test.obj \
src/stream/rc4/rc4_stream.obj src/stream/rc4/rc4_test.obj src/stream/sober128/sober128_stream.obj \
src/stream/sober128/sober128_test.obj
src/stream/rc4/rc4_stream.obj src/stream/rc4/rc4_test.obj src/stream/salsa20/salsa20_crypt.obj \
src/stream/salsa20/salsa20_done.obj src/stream/salsa20/salsa20_ivctr64.obj \
src/stream/salsa20/salsa20_keystream.obj src/stream/salsa20/salsa20_setup.obj \
src/stream/salsa20/salsa20_test.obj src/stream/sober128/sober128_stream.obj \
src/stream/sober128/sober128_test.obj src/stream/sosemanuk/sosemanuk.obj \
src/stream/sosemanuk/sosemanuk_test.obj
#List of test objects to compile
TOBJECTS=tests/base64_test.obj tests/cipher_hash_test.obj tests/common.obj tests/der_test.obj tests/dh_test.obj \
tests/dsa_test.obj tests/ecc_test.obj tests/file_test.obj tests/katja_test.obj tests/mac_test.obj tests/misc_test.obj \
tests/modes_test.obj tests/mpi_test.obj tests/multi_test.obj tests/no_prng.obj tests/pkcs_1_eme_test.obj \
tests/pkcs_1_emsa_test.obj tests/pkcs_1_oaep_test.obj tests/pkcs_1_pss_test.obj tests/pkcs_1_test.obj \
tests/prng_test.obj tests/rotate_test.obj tests/rsa_test.obj tests/store_test.obj tests/test.obj
TOBJECTS=tests/base32_test.obj tests/base64_test.obj tests/cipher_hash_test.obj tests/common.obj \
tests/der_test.obj tests/dh_test.obj tests/dsa_test.obj tests/ecc_test.obj tests/file_test.obj tests/katja_test.obj \
tests/mac_test.obj tests/misc_test.obj tests/modes_test.obj tests/mpi_test.obj tests/multi_test.obj tests/no_prng.obj \
tests/pkcs_1_eme_test.obj tests/pkcs_1_emsa_test.obj tests/pkcs_1_oaep_test.obj tests/pkcs_1_pss_test.obj \
tests/pkcs_1_test.obj tests/prng_test.obj tests/rotate_test.obj tests/rsa_test.obj tests/store_test.obj \
tests/test.obj
#The following headers will be installed by "make install"
HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
@ -271,3 +278,7 @@ install_bins: hashsum
install_docs: doc/crypt.pdf
cmd /c if not exist "$(PREFIX)\doc" mkdir "$(PREFIX)\doc"
copy /Y doc\crypt.pdf "$(PREFIX)\doc"
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

73
makefile.unix
View File

@ -46,16 +46,17 @@ LIBMAIN_S =libtomcrypt.a
#List of objects to compile (all goes to libtomcrypt.a)
OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src/ciphers/blowfish.o \
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/kasumi.o src/ciphers/khazad.o \
src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o src/ciphers/rc5.o \
src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o src/ciphers/skipjack.o \
src/ciphers/twofish/twofish.o src/ciphers/xtea.o src/encauth/ccm/ccm_add_aad.o \
src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o src/encauth/ccm/ccm_init.o \
src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o src/encauth/ccm/ccm_reset.o \
src/encauth/ccm/ccm_test.o src/encauth/chachapoly/chacha20poly1305_add_aad.o \
src/encauth/chachapoly/chacha20poly1305_decrypt.o src/encauth/chachapoly/chacha20poly1305_done.o \
src/encauth/chachapoly/chacha20poly1305_encrypt.o src/encauth/chachapoly/chacha20poly1305_init.o \
src/encauth/chachapoly/chacha20poly1305_memory.o src/encauth/chachapoly/chacha20poly1305_setiv.o \
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/twofish/twofish.o src/ciphers/xtea.o \
src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o \
src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o \
src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
src/encauth/chachapoly/chacha20poly1305_add_aad.o src/encauth/chachapoly/chacha20poly1305_decrypt.o \
src/encauth/chachapoly/chacha20poly1305_done.o src/encauth/chachapoly/chacha20poly1305_encrypt.o \
src/encauth/chachapoly/chacha20poly1305_init.o src/encauth/chachapoly/chacha20poly1305_memory.o \
src/encauth/chachapoly/chacha20poly1305_setiv.o \
src/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.o \
src/encauth/chachapoly/chacha20poly1305_test.o src/encauth/eax/eax_addheader.o \
src/encauth/eax/eax_decrypt.o src/encauth/eax/eax_decrypt_verify_memory.o src/encauth/eax/eax_done.o \
@ -100,20 +101,21 @@ src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
src/misc/crypt/crypt_constants.o src/misc/crypt/crypt_find_cipher.o \
src/misc/crypt/crypt_find_cipher_any.o src/misc/crypt/crypt_find_cipher_id.o \
src/misc/crypt/crypt_find_hash.o src/misc/crypt/crypt_find_hash_any.o \
src/misc/crypt/crypt_find_hash_id.o src/misc/crypt/crypt_find_hash_oid.o \
src/misc/crypt/crypt_find_prng.o src/misc/crypt/crypt_fsa.o src/misc/crypt/crypt_hash_descriptor.o \
src/misc/crypt/crypt_hash_is_valid.o src/misc/crypt/crypt_inits.o \
src/misc/crypt/crypt_ltc_mp_descriptor.o src/misc/crypt/crypt_prng_descriptor.o \
src/misc/crypt/crypt_prng_is_valid.o src/misc/crypt/crypt_prng_rng_descriptor.o \
src/misc/crypt/crypt_register_all_ciphers.o src/misc/crypt/crypt_register_all_hashes.o \
src/misc/crypt/crypt_register_all_prngs.o src/misc/crypt/crypt_register_cipher.o \
src/misc/crypt/crypt_register_hash.o src/misc/crypt/crypt_register_prng.o src/misc/crypt/crypt_sizes.o \
src/misc/base32/base32_decode.o src/misc/base32/base32_encode.o src/misc/base64/base64_decode.o \
src/misc/base64/base64_encode.o src/misc/burn_stack.o src/misc/compare_testvector.o src/misc/crc32.o \
src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o src/misc/crypt/crypt_cipher_descriptor.o \
src/misc/crypt/crypt_cipher_is_valid.o src/misc/crypt/crypt_constants.o \
src/misc/crypt/crypt_find_cipher.o src/misc/crypt/crypt_find_cipher_any.o \
src/misc/crypt/crypt_find_cipher_id.o src/misc/crypt/crypt_find_hash.o \
src/misc/crypt/crypt_find_hash_any.o src/misc/crypt/crypt_find_hash_id.o \
src/misc/crypt/crypt_find_hash_oid.o src/misc/crypt/crypt_find_prng.o src/misc/crypt/crypt_fsa.o \
src/misc/crypt/crypt_hash_descriptor.o src/misc/crypt/crypt_hash_is_valid.o \
src/misc/crypt/crypt_inits.o src/misc/crypt/crypt_ltc_mp_descriptor.o \
src/misc/crypt/crypt_prng_descriptor.o src/misc/crypt/crypt_prng_is_valid.o \
src/misc/crypt/crypt_prng_rng_descriptor.o src/misc/crypt/crypt_register_all_ciphers.o \
src/misc/crypt/crypt_register_all_hashes.o src/misc/crypt/crypt_register_all_prngs.o \
src/misc/crypt/crypt_register_cipher.o src/misc/crypt/crypt_register_hash.o \
src/misc/crypt/crypt_register_prng.o src/misc/crypt/crypt_sizes.o \
src/misc/crypt/crypt_unregister_cipher.o src/misc/crypt/crypt_unregister_hash.o \
src/misc/crypt/crypt_unregister_prng.o src/misc/error_to_string.o src/misc/hkdf/hkdf.o \
src/misc/hkdf/hkdf_test.o src/misc/mem_neq.o src/misc/pk_get_oid.o src/misc/pkcs5/pkcs_5_1.o \
@ -198,15 +200,20 @@ src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/so
src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
src/stream/chacha/chacha_ivctr32.o src/stream/chacha/chacha_ivctr64.o \
src/stream/chacha/chacha_keystream.o src/stream/chacha/chacha_setup.o src/stream/chacha/chacha_test.o \
src/stream/rc4/rc4_stream.o src/stream/rc4/rc4_test.o src/stream/sober128/sober128_stream.o \
src/stream/sober128/sober128_test.o
src/stream/rc4/rc4_stream.o src/stream/rc4/rc4_test.o src/stream/salsa20/salsa20_crypt.o \
src/stream/salsa20/salsa20_done.o src/stream/salsa20/salsa20_ivctr64.o \
src/stream/salsa20/salsa20_keystream.o src/stream/salsa20/salsa20_setup.o \
src/stream/salsa20/salsa20_test.o src/stream/sober128/sober128_stream.o \
src/stream/sober128/sober128_test.o src/stream/sosemanuk/sosemanuk.o \
src/stream/sosemanuk/sosemanuk_test.o
#List of test objects to compile (all goes to libtomcrypt_prof.a)
TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
TOBJECTS=tests/base32_test.o tests/base64_test.o tests/cipher_hash_test.o tests/common.o \
tests/der_test.o tests/dh_test.o tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o \
tests/mac_test.o tests/misc_test.o tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o \
tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o \
tests/pkcs_1_test.o tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o \
tests/test.o
#The following headers will be installed by "make install"
HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
@ -292,3 +299,7 @@ install_bins: hashsum
install_docs: doc/crypt.pdf
@mkdir -p $(DESTDIR)$(DATAPATH)
@cp doc/crypt.pdf $(DESTDIR)$(DATAPATH)/
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

73
makefile_include.mk
View File

@ -204,16 +204,17 @@ library: $(call print-help,library,Builds the library) $(LIBNAME)
# List of objects to compile (all goes to libtomcrypt.a)
OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src/ciphers/blowfish.o \
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/kasumi.o src/ciphers/khazad.o \
src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o src/ciphers/rc5.o \
src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o src/ciphers/skipjack.o \
src/ciphers/twofish/twofish.o src/ciphers/xtea.o src/encauth/ccm/ccm_add_aad.o \
src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o src/encauth/ccm/ccm_init.o \
src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o src/encauth/ccm/ccm_reset.o \
src/encauth/ccm/ccm_test.o src/encauth/chachapoly/chacha20poly1305_add_aad.o \
src/encauth/chachapoly/chacha20poly1305_decrypt.o src/encauth/chachapoly/chacha20poly1305_done.o \
src/encauth/chachapoly/chacha20poly1305_encrypt.o src/encauth/chachapoly/chacha20poly1305_init.o \
src/encauth/chachapoly/chacha20poly1305_memory.o src/encauth/chachapoly/chacha20poly1305_setiv.o \
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/twofish/twofish.o src/ciphers/xtea.o \
src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o \
src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o \
src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
src/encauth/chachapoly/chacha20poly1305_add_aad.o src/encauth/chachapoly/chacha20poly1305_decrypt.o \
src/encauth/chachapoly/chacha20poly1305_done.o src/encauth/chachapoly/chacha20poly1305_encrypt.o \
src/encauth/chachapoly/chacha20poly1305_init.o src/encauth/chachapoly/chacha20poly1305_memory.o \
src/encauth/chachapoly/chacha20poly1305_setiv.o \
src/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.o \
src/encauth/chachapoly/chacha20poly1305_test.o src/encauth/eax/eax_addheader.o \
src/encauth/eax/eax_decrypt.o src/encauth/eax/eax_decrypt_verify_memory.o src/encauth/eax/eax_done.o \
@ -258,20 +259,21 @@ src/mac/xcbc/xcbc_file.o src/mac/xcbc/xcbc_init.o src/mac/xcbc/xcbc_memory.o \
src/mac/xcbc/xcbc_memory_multi.o src/mac/xcbc/xcbc_process.o src/mac/xcbc/xcbc_test.o \
src/math/fp/ltc_ecc_fp_mulmod.o src/math/gmp_desc.o src/math/ltm_desc.o src/math/multi.o \
src/math/radix_to_bin.o src/math/rand_bn.o src/math/rand_prime.o src/math/tfm_desc.o src/misc/adler32.o \
src/misc/base64/base64_decode.o src/misc/base64/base64_encode.o src/misc/burn_stack.o \
src/misc/compare_testvector.o src/misc/crc32.o src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o \
src/misc/crypt/crypt_cipher_descriptor.o src/misc/crypt/crypt_cipher_is_valid.o \
src/misc/crypt/crypt_constants.o src/misc/crypt/crypt_find_cipher.o \
src/misc/crypt/crypt_find_cipher_any.o src/misc/crypt/crypt_find_cipher_id.o \
src/misc/crypt/crypt_find_hash.o src/misc/crypt/crypt_find_hash_any.o \
src/misc/crypt/crypt_find_hash_id.o src/misc/crypt/crypt_find_hash_oid.o \
src/misc/crypt/crypt_find_prng.o src/misc/crypt/crypt_fsa.o src/misc/crypt/crypt_hash_descriptor.o \
src/misc/crypt/crypt_hash_is_valid.o src/misc/crypt/crypt_inits.o \
src/misc/crypt/crypt_ltc_mp_descriptor.o src/misc/crypt/crypt_prng_descriptor.o \
src/misc/crypt/crypt_prng_is_valid.o src/misc/crypt/crypt_prng_rng_descriptor.o \
src/misc/crypt/crypt_register_all_ciphers.o src/misc/crypt/crypt_register_all_hashes.o \
src/misc/crypt/crypt_register_all_prngs.o src/misc/crypt/crypt_register_cipher.o \
src/misc/crypt/crypt_register_hash.o src/misc/crypt/crypt_register_prng.o src/misc/crypt/crypt_sizes.o \
src/misc/base32/base32_decode.o src/misc/base32/base32_encode.o src/misc/base64/base64_decode.o \
src/misc/base64/base64_encode.o src/misc/burn_stack.o src/misc/compare_testvector.o src/misc/crc32.o \
src/misc/crypt/crypt.o src/misc/crypt/crypt_argchk.o src/misc/crypt/crypt_cipher_descriptor.o \
src/misc/crypt/crypt_cipher_is_valid.o src/misc/crypt/crypt_constants.o \
src/misc/crypt/crypt_find_cipher.o src/misc/crypt/crypt_find_cipher_any.o \
src/misc/crypt/crypt_find_cipher_id.o src/misc/crypt/crypt_find_hash.o \
src/misc/crypt/crypt_find_hash_any.o src/misc/crypt/crypt_find_hash_id.o \
src/misc/crypt/crypt_find_hash_oid.o src/misc/crypt/crypt_find_prng.o src/misc/crypt/crypt_fsa.o \
src/misc/crypt/crypt_hash_descriptor.o src/misc/crypt/crypt_hash_is_valid.o \
src/misc/crypt/crypt_inits.o src/misc/crypt/crypt_ltc_mp_descriptor.o \
src/misc/crypt/crypt_prng_descriptor.o src/misc/crypt/crypt_prng_is_valid.o \
src/misc/crypt/crypt_prng_rng_descriptor.o src/misc/crypt/crypt_register_all_ciphers.o \
src/misc/crypt/crypt_register_all_hashes.o src/misc/crypt/crypt_register_all_prngs.o \
src/misc/crypt/crypt_register_cipher.o src/misc/crypt/crypt_register_hash.o \
src/misc/crypt/crypt_register_prng.o src/misc/crypt/crypt_sizes.o \
src/misc/crypt/crypt_unregister_cipher.o src/misc/crypt/crypt_unregister_hash.o \
src/misc/crypt/crypt_unregister_prng.o src/misc/error_to_string.o src/misc/hkdf/hkdf.o \
src/misc/hkdf/hkdf_test.o src/misc/mem_neq.o src/misc/pk_get_oid.o src/misc/pkcs5/pkcs_5_1.o \
@ -356,15 +358,20 @@ src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/so
src/prngs/sprng.o src/prngs/yarrow.o src/stream/chacha/chacha_crypt.o src/stream/chacha/chacha_done.o \
src/stream/chacha/chacha_ivctr32.o src/stream/chacha/chacha_ivctr64.o \
src/stream/chacha/chacha_keystream.o src/stream/chacha/chacha_setup.o src/stream/chacha/chacha_test.o \
src/stream/rc4/rc4_stream.o src/stream/rc4/rc4_test.o src/stream/sober128/sober128_stream.o \
src/stream/sober128/sober128_test.o
src/stream/rc4/rc4_stream.o src/stream/rc4/rc4_test.o src/stream/salsa20/salsa20_crypt.o \
src/stream/salsa20/salsa20_done.o src/stream/salsa20/salsa20_ivctr64.o \
src/stream/salsa20/salsa20_keystream.o src/stream/salsa20/salsa20_setup.o \
src/stream/salsa20/salsa20_test.o src/stream/sober128/sober128_stream.o \
src/stream/sober128/sober128_test.o src/stream/sosemanuk/sosemanuk.o \
src/stream/sosemanuk/sosemanuk_test.o
# List of test objects to compile (all goes to libtomcrypt_prof.a)
TOBJECTS=tests/base64_test.o tests/cipher_hash_test.o tests/common.o tests/der_test.o tests/dh_test.o \
tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o tests/mac_test.o tests/misc_test.o \
tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o tests/pkcs_1_eme_test.o \
tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o tests/pkcs_1_test.o \
tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o tests/test.o
TOBJECTS=tests/base32_test.o tests/base64_test.o tests/cipher_hash_test.o tests/common.o \
tests/der_test.o tests/dh_test.o tests/dsa_test.o tests/ecc_test.o tests/file_test.o tests/katja_test.o \
tests/mac_test.o tests/misc_test.o tests/modes_test.o tests/mpi_test.o tests/multi_test.o tests/no_prng.o \
tests/pkcs_1_eme_test.o tests/pkcs_1_emsa_test.o tests/pkcs_1_oaep_test.o tests/pkcs_1_pss_test.o \
tests/pkcs_1_test.o tests/prng_test.o tests/rotate_test.o tests/rsa_test.o tests/store_test.o \
tests/test.o
# The following headers will be installed by "make install"
HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
@ -488,3 +495,7 @@ codecheck: $(call print-help,codecheck,Check the code of the library)
perlcritic *.pl
help: $(call print-help,help,That's what you're currently looking at)
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$

35
notes/ccm_tv.txt
View File

@ -282,3 +282,38 @@ CCM-camellia (16 byte key)
31: 20C3DFE512F4EC1F17973BBB164E9F1B77CC3EB37B486119614764F4C7D0E2, 57CEB0625D34AD40935B03C54A1B8779
32: 913F8D366D4C2AC10ACB3196CCBDB5F436CFA92377045EB3A1C066F6ED7DE0E9, F48C8BB647E719049DB38C39EF779CE2
CCM-serpent (16 byte key)
0: , 726ABF3B4ACBBC8B070A9FC609236977
1: 6A, 7E6C89FFAC41D271DEC5BAD3AD8EA354
2: 2C81, 00E3ACFA709B79FBDA9E71CD3C9168FB
3: FE9C81, 43353C952AAFD83A2C1D5589C8E24E45
4: A2F11A0E, DEE85E7C3658DC8DF46D5AE1ED89AB59
5: CBE82F9630, B2D90C1FC51FB51A145174AD9684FA71
6: 188CEA135A54, 3694247A366DDD83E1FE316FF15DA749
7: 2A41651928C6A8, E9B876246C7DC7E43C8209EA8549B79D
8: B98493573BAE3B79, F855DA22A957D0AFA34C5EBB0E142808
9: 123FE16121F02E5BD6, FAE0086D7A55E70C29DC1290D841D5DC
10: 5F94D4D6751C9795A50F, 668ADCD75C09D13CC899CF754F1FE15E
11: 9536425ACA7760D046DCCE, 3E965163CFD52A417524A2CEC1EEC35C
12: 7AB41CD2E0F078158FF0FADA, 40A3F1FC69F504D360D2B436F9106518
13: BC6CEE61B19E6E31951C93836D, FC0A38F88337EE3A36CC7967326AD369
14: 15257C23B2D63E00240F6D6A4D73, 30B0A6DC89C7B510508BD7967CEBB459
15: 0462B854CEB1C296E2CB8E490CA8F1, 335B6AF1F0FB1CA58D8C597A4D026393
16: F0D7486377DB32DE318E5828CC80078C, 7DD1C34BDB97EFAD73DFA536D974EC90
17: 4060AAB19ADE345E17855306079C75C6CE, FCCF85A879E68FFCFD8E6DC87FE6C1A6
18: 0675484821044CC980FFADE6CA7E8AB4B30B, CD126CFAC9051B879FA9D97BAD93AF0F
19: 71410ABE5055DA1364FF49B7C5414CEF2F78CC, 829D43AAB76120A8DC1413471A933022
20: 89BF4BA19F90227C76227AB3AFBD081D946B89AD, 922FCC378C436872AB6EC7A8D38A4F85
21: F8C43EDA603B3B2E932D124708B5016EEBFB24CDAD, DFE32FC372DDC93147824B8A6C22C7C3
22: 0935912F14181741FB895A1FA5E4DDB457EFA69818F5, 644F7A9195AC51D3DBA2C31D1A0D5EFC
23: 5ED4EC4AA4A73FCA3FA526DEB0F6203631DA2D9BB1A0D4, 4E1FD5B50AEFF1DC3621B7FADA27904A
24: A7A8D1396FE4C92276D74E20EAC7A3878ECA9BA36EFC0890, 612479C852B0F156292D416E66EBDE02
25: 98215D0F2308E7141D03DCFDBD4B1D7BB2535F1EA8DB1CDD22, 083456921EBFCD54468FDED21F6FC3C9
26: 325D0D2B6309F5032A3419A3866D3DA98DD0431570DD7CEA788E, 44AA618565711D440BCF155B1E5EB5DB
27: 44F7DB4FF3E3B56E0550F05C186DEC9B5FBB4ACAF9FC285646B8F3, 152B310160CD3867B9E4ED19764A6A77
28: 3350DA12E24D7A2F6B6267351BF888A77163B64E0A793080C57914E9, C17FDF94E9D6EE6DA8D677B33363E2C9
29: 3A39B76E3B7453AB8C93586A56AB8A24829D850D1C02E8CB469DA1B9EE, 3B754A51F325FAF7D2027C56932B6D1B
30: 66460EBE06BB081686606ED76C9C4267E8C6723BBB96F9DCA45632BB3BAA, 868F460107DF75880FCAF007719BC3D6
31: 6EE6731CF4308C4B76DFEBDE9342DCDBA540BCD408697A666E10CF3B070D36, 0E4A1EFBC616F54B45C1613680E6C894
32: 233CDC7E52BBA8450E76270723AA771877BD10954DA306911AE4E141A95C5489, C557E221C25644FD57E8D2E716EABFB4

212
notes/cipher_tv.txt
View File

@ -2337,3 +2337,215 @@ Key Size: 32 bytes
49: DA293A4CB96FE3608CFFD89B927C9ED6
Cipher: idea
Key Size: 16 bytes
0: 864C9D7D208A0E65
1: CDAFE32D1A8EBA33
2: 3989CB9583F08C88
3: 70973E563F1E2E07
4: DA726569D30529F5
5: 43D6D99BC0C233B5
6: 088FFC262410DBBB
7: 9CBC35AFFCB511C2
8: 438C85399278C1CE
9: 500DA9D21AE98636
10: 150939AD3D9903D8
11: 8A6875B4927E6C6E
12: DAEAF890BBE85A9D
13: 139E61F0275E7891
14: 5E30A76838137E01
15: 7F6332498B5F51CC
16: AD445C6A3EBD574C
17: 89E6E33284E53F09
18: 521F71E00A913E99
19: 667A20538C318C02
20: BBA379F0086F0A4E
21: 2EC884D978B4C24D
22: 32C1107E18D55BB0
23: BDF96F21BF9141F3
24: 1A1F6D475CD51FC3
25: 3EA0742C99C4D52E
26: E56BBB14C208A256
27: C71251372B8F60DC
28: 4025E8BC529D0104
29: DB36989E3F1B1D47
30: 8052C8D71F181567
31: E23C2EE53AC2E561
32: CDE53F91E1BC6CC9
33: A0729FCA7E8DA776
34: 058B0E2DF2589B35
35: 9E763832EE07F897
36: CBDE6CBD2B8CBA67
37: BEA90B26D75D96CC
38: C7BCE6979C47764E
39: 669C80474504B5F2
40: 9A00E0D5C9CCC929
41: 1B2EE3D38B8C2002
42: 61909D16FE53D15A
43: E7924A4A1CD58DC1
44: 9310B2DE922C9C30
45: 98B9D6043CAB599E
46: 63AC5444D191BF98
47: 5D62FF2B2220ADAA
48: F72EEEC71279A541
49: 132613157CA97A35
Cipher: serpent
Key Size: 16 bytes
0: 4C7D8A328072A22C823E4A1F3ACDA16D
1: F3436B52DFE96FDF63C1022C12605E01
2: D09DDC0E2D4EAA12614A60E69E7FDEDE
3: 2D59407400422FB0261995D4E605F7DE
4: 742E889747CCFFE18751B8DCDB1D8392
5: 08C18E529FF09A6A62A06DC0A95CB18C
6: DDB44E9668F5C1D1022E7F3362A7FD72
7: 8CB1EB9DBA6AA24FA9EFE299719ADE70
8: 5ABBCDB55E2F63542F4A3A7F78E03D8F
9: C3148BF3FC1ED6E58827DA0243DB026A
10: 2C63349B3E87437E88C1E8C24A42CBFF
11: 0D81637AD817D7BB6057E05B33BDE89C
12: 63A6338C4413DE93232D1137D3B4B5F3
13: 4979CADD7DC0A8A7864547400784CCAA
14: A0F7717D9F30AF023B68715FD0F586E5
15: 6A82314506773190EFDB99BC82796EC3
16: 6E24C30869393EC6D591901984CD3375
17: C1DD310FE278FAAD2F8DF4F98088C5D6
18: C806DD34A64A9C919A832E53DC7AC9DD
19: 6E0C31BA89B92F9A117D234E9AEFDC87
20: 76BB6900B0356047989803FD6DFD921A
21: 69656813894044B243565C8646729D83
22: C5B5CCA56367361718AC83438B777F50
23: 50164105407E66060A20B06C712F39AF
24: EB185AE6E8F691918AC6CAACB0BBEDDC
25: E06EABCC4907CBEE474925BE276352D9
26: A1017D3D0DF0F34BE288ABE6121FF5D7
27: E5D7AFB5E0A177332DE1849709BFA137
28: CE707C175ABBA720E7569722C394B771
29: D0AFDD3954703AA68FC48C906148FB07
30: 1144EB2FB275FD030BFCA0E2757F412A
31: E7BFC2E528A99A6AC48F133DC1D8A2A8
32: A27E54A237A91E3D8F845F3D8A4B0771
33: E95277B8353F4D194B3DF8C1E31CAFCD
34: 7A643CF73F018D8BAE449C60C5AA34D2
35: 350E523CC35DB3F0CCF712B423D944FC
36: F4E1CBD38F379AEB37BCEC7489282926
37: ADF64B0CE1CF4461C4CA2AF5DEFD2A51
38: AE6219617D186AC6C324832383A0EE53
39: 533094603845C674AB4F915E660DEBB5
40: 97C2B4B94F3057613692B452606E2BDD
41: 37E6FEF71C55A58DCE8B641EB1AADAFF
42: F0236BE046EF46B78256AA3C6EA2731D
43: FC354DC818B2406E17AB5A194B5A8AF6
44: CFAAD2165A59BEA3283FDB057948AFFC
45: 0AB2F01A911996BF98035292AE2C6F24
46: 5E45901119391E81EE392B2E78897038
47: 3619AF47AB128405544DDF377ADDB80A
48: 635CA8B8968DF2EA5D377C61156044FA
49: B02D925EE0A47E45C32FC261813CC257
Key Size: 24 bytes
0: 753D5B42D86672FB29070C4FE4EAAF4C
1: 04D794B6EBB934D244813C0D8664124B
2: 7DF123A5CCCFF43D8A7EFC8200E40DAC
3: CDE0B4E9C2F9A0596B72D0C294763CCA
4: 95B341AF73152EB44850E65BA41F835E
5: CECD25A9CA5A6F7FFD0DCFE125857C83
6: DEE7E320983F0841CF2D4F9361D1F86C
7: FD6689BCDB3979289701134E36461513
8: DF1EB30E9EC17F28AB2390DF5149C95F
9: C1167910D14F2335BB3D51E84BF9C00D
10: FA7CB639BBDAB4A95C6170E97B778429
11: 34D95FCA8C309190960FA2A585CFCD14
12: 229BADE5090D5A8E0FBE14D691FABE26
13: D634EB7B7C8250E31B5E5282F1A5BCDA
14: 1C74AC94B2996B56C468ECC3279CC90B
15: A8E203CDE49DD7B75947CDD4BF602CC3
16: 5FEDE885F086CC4DB9CD4B88A671C635
17: BF0468962FD3CF7FB3C56A0D4E495279
18: FA545A5E62D495A78ABB5DB22CB32979
19: C46651AD99291B20CF9AEC33BAB150B6
20: 00B912000F583BCC777EF4BDDCC41CA5
21: 8010FA2E1D05677221904EAC7B717449
22: 0432C8A62427586C03E9B6D6B58730BC
23: 4CC70D235863006EEB38A8FF77D2D26E
24: AC0C2878D7B24E07FF8F082937A0ECB3
25: B3220213E730B965704BB421F20FB271
26: 4099A7F5654A20E69437069DBD5C4033
27: 86C0FF7196543B12D37694B1B6D5C15D
28: F8E7D2F8DF2BFFD038D53CE1DCCE56C0
29: 0FDF7635291A88BAB065BF3C1465DB83
30: DCC2915BAE71AE13625AAD09CF20E939
31: 233D73653107EE12441E2D3B1F4D15B0
32: 93010FBC36A59338C12B8E4CEE962758
33: A28C25E43B8A5DF411A628F1E706F95D
34: 0888FAF1CA0FA63932AADC35D7800CF5
35: 8800A7DAD2A72CA213886F6B40A2A171
36: 780EAD41E4B9138C505DFD17259F60A7
37: D29AEE369B6369873A280BF82E558B39
38: F08B02049678A56B834CEE410D0F89FA
39: 06766638EA1C9F87AC50ECB833F2DDD8
40: AB4AAE5039497996403EE050EBEED49F
41: A3C421A8904815E29FF8EA7F8F73BDFE
42: C8F6A6EFFCAB57288B449DC21B305B9F
43: AD74935E4516B4898136C8081BC0F501
44: 38652264470798FD14C447309B636999
45: 81570450125A44D18FA95D66D849C4B9
46: A54560FFEC85BCA455F1B9110B85AA6E
47: 1EE7838B7167B1023A1D216C64A4D016
48: 8D4027CBF78A3C40DD988571625C7AF4
49: F018A1F3A5ECA0F552FE2A91B084294D
Key Size: 32 bytes
0: DE269FF833E432B85B2E88D2701CE75C
1: 9F8A7BD8355A5DA8F962F60B937642E3
2: 364FADEF177F89C7F76D5242AC4C9AED
3: C8467544AA4024525CE7CDE4536424D5
4: B624A3E479FF2CB40DEB2DD492C0FA7B
5: 169C3DD5F2E8DAE95AD2C311BE3D22D3
6: D607FBC8986E0613A5D3E6705B824276
7: 555BFE5CD108FD6C7CD60D41E1EBF427
8: 3992E8417207969B17E77D7F2782352F
9: 30BB268730B585215A809064CB6BB02F
10: 4B04596B53036803CEAC49941FED8C9F
11: FA40AC41AF79BC7FFABE61F4AC970FDF
12: 7AE0FF90DE1D3CE31B72CB6808C99324
13: BC3C6ED7EDDF820A266C584E83DB9A8D
14: 578D9AA20A86C239CA3A37B359170B97
15: AA20FF60C011A93A40A603F34389DC54
16: 55F27D4338056970D3386570F2C4B687
17: 00AAB0B8AA64D8FCF962BFAE3ED6ADA3
18: 81B305AF82100BE96B58B61263C455AF
19: 305F4DA751C7E1278C3640A62B685C8B
20: 9BA6BDF257560FBE2E7EEA68F9F56A6D
21: 63C3EEA7C1F7F792455F94DE12453A22
22: D006597A75C55AFD697D2C3B682ED7CC
23: 5D73056F39CD3202A415F7A79CC06D68
24: FD5275B3312208D3FE7800E924118F80
25: AEB0FBEF9B702C040CF7CC69852213C7
26: 30743D504858C8AF88EAF67EC36210E6
27: 24BEE43160AAC086893904F4E0E4DD4C
28: 2DE746D379907BC0283A9E740BD2FF8C
29: 6C9AED135243A1D74AD499EA4F715C59
30: C3F270819104BC72A37075EB17597B08
31: E2D8E0AB533C5E6F01BA20B521F93B5C
32: 1D28B307F349CEAD34482C8AC0CFF029
33: 4BC2D07A4E4186F4925D6653FA968270
34: C650ACAC93555956FC26CA6437C5C961
35: 70D56EF90E4703B7A84096D6325013A2
36: 69714F2AABE76A078AB39917D0B7DD82
37: C2AE9D7016AF9FCCA3CCFF54A1140B4B
38: 4A7F1F21A402EA5ABF62EBA30D227086
39: 7C40B445D30258EF5F1BCBCD9FD556B7
40: 434DFEE99021592E6A8D9C3C6FCB50E2
41: FF4DF73D4A4C63432F874438B196DE64
42: 05A0B7E9412A7D12931DBDEA87B0A9DA
43: 9EEB9F8B646BF296E08335E839DAC581
44: 0EDB3008C41E0F88124D6CBFF73C816D
45: 4157908C9C90B568DAA611B759C26D39
46: B7C1CC378876668DC8F08EBE4F86589C
47: 8836CB48E3E257AE4DD3995034C1D6DA
48: A8E6EB5A6C65673D6E72A6159FBD3CCB
49: 80DEC7F355AEA1BCCD1F8209C3FE9E16

54
notes/eax_tv.txt
View File

@ -567,3 +567,57 @@ EAX-camellia (16 byte key)
31: 1CFD6D8EF6F44265703544AFEB2BBA2A067BE8DAB412E071B66B70E357238A, 0A5BB055E00D42F4291CAB3813FC2946
32: 8E6E6433E4FF879155E0612F17EFC00AA8D5236EFAB5D9D6A912898F3124B588, EDF81BB73FF9288F315B988413432823
EAX-idea (16 byte key)
0: , 1EA089EEF0584537
1: 64, E2DAD93E481FF4CA
2: AF89, 1C59390B95864F2B
3: 967B36, 9B17DDF2DDE56ACF
4: 1466E27D, 3F4682ED320CCB0A
5: 2D36047872, 6A654C4B4D125951
6: C765097A4A83, 56C1A3EA50AD6EBF
7: 0D1D54E316B557, D400C71220491CD6
8: C0749FCDC4777FDB, 5A528132145ECBB4
9: 77FAF1DCA9F9D9743E, 9751D64F46B0E936
10: B1620900348AF0A28327, 23965D98E04157A0
11: 95DADF663B30F50719C15B, CD063ACF7A4E5AA0
12: D9E5D2558521BA6482D3A1DC, D823D92F16306198
13: 50AC1D9A7BB5C01F5795B569EB, 8EBE9364D8BA009F
14: C86F400959559607A228D47F2312, A89392C46483F839
15: 7F2F87C5A4DD93A73A1F83FE0D3066, 3B9CFCB7B4C90CAB
16: 22A2BC3531E9FBCAAEB678B419227CE4, A38C34F31BAFA2EA
EAX-serpent (16 byte key)
0: , 97A6952931A6CDA57BCC4716D30F82A1
1: 96, 7C2A3B5E78FD8E51D8EFA5B18704EABF
2: DA43, FC534F23581A3A767EA2EDF709B5AF64
3: 6712DB, 7DBB01EBC12F5DDEF4EA73AFB9333F87
4: 26AA0D44, 0811A8CBB5C44104BD9EFF485A847DB5
5: 3536F9E911, 1A28F0F4140C1EA11433897919C6865C
6: 6FE844A82588, 2AEB14AAEC834F069E4FF8EB58C84D53
7: 9845B4C2DE5C80, ADE2938A7195AA6F3D5311436DDA7AF9
8: BFCFFDBADE812BB1, 86379A0BD9D056C7B8DD13A7A344E0D2
9: AE58D2CEF3546BE633, 7D9AF596AAEB3E64B4DD6548C1EF7C5A
10: BE55A4240519306EC22E, 9D8932C3DAD8F64366F7280D1FF15B57
11: 7D22DF89DE40EDBB5A2CD0, 8D1A5E14933F430D171473E79AFAC748
12: 723E2E279953930DDBF6FB7E, 64F83827882916B8CAEDE297B7CE5E5B
13: 978AEFC3F017FBAEAA71F66E95, 14B825061B7268BD58D0386212CCB2B6
14: E81D5B4A5D124329B35E3542E637, F689AF556D208DBB524025A2AEBA3B54
15: 1DF96C551C75E13FCF077D25314779, 733E93DDC99CE73220336C75E0B0FF13
16: 631EC21D6892E8CD3BA4894AF357602E, 294DCD6EBC59FE575AFD89356E792C92
17: B5EBF5378580BE3BBC1507B2667189BE61, 84AF67D9154C9938660BF8B797878A05
18: B4FD794C8616540EC9BA129AF21A9F0BA768, D6C65005C772005488CAE0EBB75D6A43
19: E607A3F3612D084E187F4E5A1506CB85E5F456, B9AB2A96B877A5DB507F676A3E5820BC
20: 545E4AC37DFC52F7BD113DC2150BA08E3C865039, B1F3E0969DC54CB2A1BAACA190365FCF
21: 65A85C4ED7495E93FCF8EB77C71E6DB3AEB97849B1, 279646B82D6B10944A7FAFFBF62B726D
22: 13650C731A41A257274DA26139C6E1C0D4E0A9302A7F, 4F29AACBACB496E5C30715E4FD6700F4
23: ED9DBDF146A4C2F0FBB0ED17EE8D5155EA2D208A8E8CFA, 20F1E5754C15CA7EBAACBD8673C8BC09
24: 5BA09045237D8DD1D71C8E88611A61D24F16F5813D42ADCF, C5DFF900DC89989E30EC3466B1E807C9
25: 86BB29486407CA1E3D060D67136394FB7A1161F85028FDC632, F2376DA28876CC987434CE7311992FB4
26: 3BD15D58DBC6B050B4ACCC6278F912ECA2E4E3BD86B20041B62E, 6A4786A05D146DFAF8868C511CD63C6C
27: 6A4A427F65A0B6C95E6192FF8F53A4F2810D83015298AD6EBE9A8F, 97DA45CC64772B2041649AFB529C0469
28: 0167FC2B17965AB0D38592796D5CD41D3AC6C7D36EC97A92D4CD38E6, 297C86CCBDE5E7692AB5E4CBA9C7068D
29: 8FFA2B377A264C13DF09C80755543D0BEE76048DD10C405BFCF4318AD6, F64D9A18F677C48A2FE312D7D798C3AD
30: 2BEF6C54A7D57D5DEA5A7A39CD2B201D18F1CA1941F8F9AE9A78F28CE533, 7F64BF8DD0962AC93642564249698777
31: EFD3F06A589F09A08D00A70F2235D64E54ED7E213F4D39191586087AC20833, 9035327451DBC7F9E9A49FF83B704C97
32: 1DFDE8719F4FC7C235A1BB9862E1E6E132EC0C77EFEC71FD7E48C6B000C14291, 0CD8517E1B79FCA166F9D7CA1FB6336F

34
notes/gcm_tv.txt
View File

@ -274,3 +274,37 @@ GCM-camellia (16 byte key)
31: 6F575BCEF0FC079F8FA300040AA50AD6CF6F4C92A27E24A210AD32FB1FB0E7, 057E5239A6277E1D96BC277D4EEF5FFA
32: 5090FF37EF4F163F5B54AEA54DAF1CDAC1125C46A8617CE3D251576BF52143E2, 182FD3ED463E1A6A615F4E25B34CA748
GCM-serpent (16 byte key)
1: 59, 99CC473736142E231C8E2F7983696FC2
2: A073, 97EA5DB74235D7C9CF7ACDAAE9A0A7D3
3: 7384C2, 0284EC6DBF6EEE7AC038894F0B83E740
4: 6BC5F0D5, B1A9E78ABFDA9DAFD93E3E6F10785402
5: BCFD59F173, 818144A066F55AAEB713F6936CE79501
6: 87DEE1FA7D21, 6694DA4EE26599A6836C7736C5A0A9AA
7: FA2DD1DEAD1ED2, 9B7F45A3E8C5584CA68C5E8C24073036
8: B6AEEC38E4BAE411, CCCB1EBCE819F011241CD295818B4CAE
9: FE2FD69E73754AB2AB, E08D2FF91E5B08DCCAD050A0F399518C
10: 409169EB71E9986BA336, E797131B00564D9A4F420FDCA4EDE649
11: FECDF3D772D5595FD84330, 232FF07D2945D119058EBE9D0A09C852
12: A849518D738FF180519CAC0B, 4E7EE3BBA0442C19A854383255D2A6B0
13: C9F9F35975DA8CD50ED16302DA, 7D9F2B224D975EDECC381B78F845EE88
14: E5AB8D47CAB6B2AF0110C9C9A3EF, 218A677E10FCD9862B5E6C885D7D01C1
15: 82FD0D94DFF3FCFE5C1133F8DBA522, 1930CBD7C04F6B075875C8641FA9E39A
16: 7EDF3267E7E798C0622F31FC7235B86F, AA472388E03067DBFFED9F8DAC6DD296
17: 0A51F0E3D46C47EB677CD33CFE7638D762, A961F757ACCFF8677A9D33D1AB16C7A0
18: 2C5F591358F2BC1CE2FB984CA5BD35680EFF, 6D722B6E47DE42FD33D99C2847951724
19: 4282489BEA7383C82544969E1BED4201687178, 2B70E41844175DA01170DEF7AE4C677E
20: 1A1410118E91AF9D670DA0F3A6245410BF4A58C1, 20214C685137D8E642E5040E020103E8
21: CA792BD1ABC2F0D671D5A24CF7ED286E45A858C15E, 969B7BB2762B440DA35E97AE4A7D8AF6
22: 46035A0BE300E7C6ECF6CFFB9BB0E30C3DA5F33837FA, 0371E1F6A3C71EC92D9A1109539CE20B
23: D0D19F32DD401A2F26CF7CCC3EEA551F9EF6EBC62B4503, 07AC0EDF5BA03782F655C1864FE03A1C
24: 0BA2D9B107991D08020537FAAA73E85733FB2E94E5370A91, 3D192C4A6CEFB1E9C01224A83CE56C22
25: FD83350D639213E2CD87B17C46A3A68FD4744A0E9132A54408, 76DE3B21C33287DA5F6A6496D8EF0544
26: 2AC44A6ACCADB4B3FAA87DA0CA2F0E64435350D5629345862FDD, 9DA24FB432515AF720127024DF7522CB
27: 3E72B3820ED4B358D78275A33BCC06B378BD1075974B66A7BF7CB8, 9D05B7C4C3A394E40D56F8E48D62D1F8
28: 82B4AAAEBEEFBD4960B23E8020733926C4716BDFA6B6DD1A97CA3623, 9D9056217F955B28AC37932A213012E3
29: 85B43B381EBF7D4A61BF261DC2E0018FED9A3BFFA5097150624E00BDEA, 128B0ACC4E5342174BB092BEB87B9A30
30: 8C06161B3CA867B3EB61A9C71C85EB8586772BD45682FD57B15E03C0423B, A17FE2999ACA23CEF1196E3424A0ED0C
31: 4331553A74B44F279B6B007E9714322105AE73ADB83A7FBC5A622DDFAFAED6, EB4781C244484C51A155F2A0F78D38FE
32: 855378D251F29B822948E3788176E96247B7CA292D4DEF383FFD936BE3F7F42B, 6A08DF742301EED938AECC730D187AD2

35
notes/ocb3_tv.txt
View File

@ -282,3 +282,38 @@ OCB3-camellia (16 byte key)
31: 41C092516DC494E4E165EABAF939858EDAE3D3DAE488D14EFDB0E850675565, F45307A495AFE24E29E2AB744311F07C
32: EFFEAF5A73C2A825AFEE12A2BE80406937C75D4264FD937A310FA57C7D5D01CB, 3B430C0DA47DAA069FCC5C92C5427396
OCB3-serpent (16 byte key)
0: , 41644B8EC26D2E17704E9672E35B7680
1: CB, C2A63BA8383D6B7715F9F9537832AB3A
2: CF55, 05C93C786C5690D7263D1E8A2000FD60
3: C2DC71, C5DD3ADFC37AE996864C668A4FA79661
4: 70B3C079, 196DC9A8BE594ACE825F71BE8ABDC5A4
5: C546167392, 8BFF55BAAEFDA76EC8DE7E5B301C1B78
6: 8F6B6E1C7DA4, F9C28EB7BC64C26F3C862AE5315C9C70
7: BEF54F32A4E502, D931EC6EA9165E4A23DE6531D728F79D
8: 862DA6C6C4C6864A, 8D087F4E192AA08AC14CC0E8FE735A33
9: 5336AB6945FAA347B8, 9CAD11FBE86011F872C68D85B7003DB3
10: F4950C42B79374E4C0D2, 775ADDAD869DD3B912444D33B8B98AE6
11: E445E8B46DA8623E3F6960, AD253749B2453F1D86D5D4CE91C3A11E
12: A9B21268031B0DBC8D091FB4, 11CF154818B007F9E2335DC2CE3692AB
13: 5DDD737D9CAAECA39E9A282CE2, DA8E7275360A6099A5FCD3EE4D65C30F
14: 66631DA582F7A1E8C35ABBB869A5, 71927DD54E189F5C43B68B675F00CCE0
15: 3475EBEF7803C8D3CDB8774FF7AED2, EE2D9370434B6CDC2DAD922265AD0E53
16: 732536E50C887334D05DB25F2ECC6ED3, 9233CF71135D979C27E79FD6AB7DAF25
17: AE5BCDA23B70894E1192ADDA30A10FE30A, D05D97B23D3F813622DE7A7EFC67BF8B
18: 65F2023E4DF6006180709A239A5A9387D649, EDA9F67ABB96AC268E23BFA1F07192F9
19: 837A31A15D3562C99C1A108CE27F81CDEB1245, 91DBA8ADA9BAC949B22B86C08E04C27E
20: EED3C97EE7CBA13815E6EF5E22C75A7D486BF274, 714DE1E7163934419D650D99F1FECB77
21: 59E589AF5ACD014D4AB450490287E7BF766CBDD131, 914DA019D53052AF65BC066112FE7CCD
22: 9F8AB009C4A3E849C8055ECBD7AEDD6A1F70426385C1, 6654B56A1D589EA5486BFE902C355FA2
23: 532438DBE6E47A8729EE02E8C47111E4D7B90A7B098499, 34F3A82F9D7E6BADB6F8CE7193D81663
24: 2FD29C61D3A70C9EDA7EB42CA3DBDB1ED24E20DBD5710F4E, 4CB52CF090FFF15974236428DC0D321F
25: E3E404730231203895EFFDD83495AEFE265D4B4F122EF32894, 3739208F2E9D9AD3FCA138E8BC399A65
26: 2FB6945DFC9144D25C505F991C154243B5BBEE43BEDC3C9F3978, 2C291D274D751C93DA3168A45DF7FF2C
27: 11F244A9265C3D0FF8DE581F28002434C395458143F94C02BD7A55, 8B73783A1BEE7CC879C8944BA15E033E
28: 7AA49DCBC09E877CC91714FE6CE2CADECAF9DF771197DF0EAA2B5B20, 7DFFABCC40089E828F3C1A4DBBE28A68
29: C05269D72B17120FBE86397D655279F7C198467567F0B1FA24BBB077DF, E5487A7BCAFDBC08342369DA09FABF12
30: 7F97808D172665B399495FCAA6A673010E98EB6ADB25C1A41CF0F957B958, 33E6CA26292F6E9F55EBC6BFB3694E89
31: F7435456F02EE5ACE92F7E1F29D239A09AEB487BDA78B08A40837547CBFDC7, 86E15E8711A93AE7F89808D21BD69AD6
32: 9D49A127710AE66D612C8E7089CB254523109DFBB0ED2A3E44412C3BD81326FA, 624FA0DF639EB14A5A337273886E6CE5

54
notes/ocb_tv.txt
View File

@ -567,3 +567,57 @@ OCB-camellia (16 byte key)
31: 9C760ED6C10A80C52F092ED20AB1D03A52427B6235F3C7FE7541033AACDD74, 8AB98FCA89D1245B177E0AC06E083024
32: C38F260587B3BA9919601BD0A56909FB36ABCEB8968D08DD6B74F1EF5ED7065C, E357D0D56124276790DACA38D95792BB
OCB-idea (16 byte key)
0: , BDB7AEE81A437AD8
1: 20, 98EC8CAA4544B41E
2: CF69, 33A6414FBC482456
3: 25723A, DA6DE676482C6607
4: E4220FC6, F67538CEA28002AE
5: E440418489, A21E9F1D15F44038
6: 886944E0CF10, 2EF54D278B08DE7D
7: 5088BF9EFA7E6E, 8443C572C85AF187
8: 0D6765F689BF0BE5, 7E658DF3FA677FD0
9: D5D02EDEB67AC6E573, 1B1568BC59905994
10: 0C6BDA63A6EF19AE4A3F, 6FA765B6906E5B8B
11: C58013FE24604DCD40611D, 58A5351EA8CADBC4
12: DB78CF844EA91A3F7CCF1478, F9B6EC2F22888C12
13: 4329E9812856B9A80297CC95C7, 46A1DE8C53B6A1A4
14: 6D1CD2DF838697CACCDB28376973, A587EE5CE2351348
15: 21C3BCB256DBFC0B472F30A6D469CA, 3ADD0D84695C5B14
16: BE073E735F86AFA6D3A4F56C914D5EB8, 07921F5BA6E9F250
OCB-serpent (16 byte key)
0: , D9490CE405238D17C036B3E5DF4DFC7F
1: DB, 44C1E20A0467B693019DFBA21EAF9035
2: A343, 2E20DAB7135E395AA3FF227959A70610
3: CB7E24, EE8FAA34CA9C43CFB24061B79DE82C70
4: F9BCE9E7, B6A48414BED23D37F99FED990A3A0B14
5: 2D3FB0FEA0, 06700497ABDC995F781771CCEAC341B7
6: 0C1BAB99858B, E4EB74D56565A50D16CF91D9872B702E
7: 72CEBD89561A1D, 8FCC39F07C721EC8C92AEEA3C4BE845F
8: A6CC972273DAF3E8, 099BDEA86D5CB994285A7AB9BC59EAC7
9: 0ED1E78C9A39377377, C969C9583F3CCE5799630C5450BE9134
10: F68611B69D657B6D6DC4, 893C25068299C5F6305411E3A9199616
11: 7402BE21EEE415AA5438F8, 01916E4C573FF695CFEC41C7F29EA1CC
12: 125918FFB1902AC3F4F81265, F3EA4E417E4DA6B8BDCCC8BD4E87FE27
13: 01C2E839EB6C4CFFFF4856C97C, B57A6FB6918F8E11113E449D75CF638F
14: 708B33704EB6E379FEC223371C74, 44EC0A795B2E604D29B8E917A73EAC29
15: A45EEE44431E19F61B5E4D257B7BDD, E42E3A6D212B42595E39E5A6E14B0C43
16: F23AD7425EB8D3CE0FAFDCBEF52A1962, 5C6BD772DD1DE0070391A9BF63D0913D
17: 9B40D36F988B6F105380C7C949EDB1F379, 78FC67EEC03CE078A72977801B75DA52
18: 9A894DFCA373610C48ED16149CE0D84E2939, D2E05400320F61FDAF1729F5505B513F
19: 47CE7BBF27734E7C480CD4F9DD69F4B3E11223, 07C22A4DCCB71372A12ABB0ED2C5EAD3
20: 61F7F55DD6DC89472728E54C53CCC7034922EC7C, 490D005087FF9ACB5211FE2E40D3B5B7
21: DE27EBD9891828F422321C96BA900026F4033A1B98, E8C33743F34494061455F0F5A104F218
22: D73F22E0BBE04F9B7537DB5A8B35D9B978AC45B1DCA0, 3271FA71E989D845EEB7E76755A68CB0
23: F61DC254C28E7CEA0B526D9E4BF0E6C554A09251BC0BAA, FA74560634DDAD5F56B8842B2E49EFE8
24: 6155A4D65C03F0AB2665FC65408FDD29276C4D3B6E957CCE, E41DCA2C8D3601AD9C344BE53334F8A7
25: 9C4487CC097FF24A45502A9A3C0F7A2134235EDB2108ED470A, C28CB7100F45C6D87B0CE1682871761D
26: 0CB17A181F579A62B28A1171B1C3AF8A275C8D99D6AF95A3514A, 33BB5B063092B223A40C310B98B8FDE9
27: A5D0455E5E4C3DE2009A774F055F5DDAFFDC89A25872E99DCB1E75, 19488A3644BBF9BB621E80ED45EB826D
28: F4A054D11AD6B2A3A7F7A4EF40A09243373F4C151320464A0A9A9E06, 272D1709AA49838DEDA8F78D9878CD4F
29: 83EFF58C64BFCD1CB5DD0F6D040B8ACFE6C8992E14605FCCCFF142D0AC, 5BE7739321D83A5E4CC9AB5FA6D56966
30: E12A3514CBF30326E5078B8117678823E6AFA8F3A78FEAF06C5B1508CEA0, 301B3BE76675FD30209EEA086BB40CD8
31: 77E2B65956B52BD90E90081F389BBFC8D4550FBCC74B6469C5CE98FC093A0F, C43272FD03A35AE4D9AF467CD7811F1D
32: 77E116BE37F8153D717F3F19DEFD045C2E8CAC499295B9EE6A95A3509D4CBC47, A0406E2C09C510AB5A9E5A5B20B0C306

54
notes/omac_tv.txt
View File

@ -567,3 +567,57 @@ OMAC-camellia (16 byte key)
31: 7D611F8BFEF0491CED8815C0E3D4CAFF
32: 31E04DE5F9D1403C660E39891DE0D8DE
OMAC-idea (16 byte key)
0: B821849AF0FBE074
1: F686CE9F4D057023
2: A76370E35B3F4AF2
3: 77553E49EAA385F2
4: EC535FA524C96DEB
5: 2C0D343664AFFC4E
6: 42CD72FF061B53FF
7: 7FA04FA032DAAC2B
8: 9C9390E1F70D50BC
9: 30CAF924369C5249
10: 9FBB0EFC020AAC6E
11: 131B42C7B807BE1A
12: D2B7B9B0C6DB4EEE
13: AEC00D350FE9B72C
14: 046985BB876162E8
15: 2650AF8B3983AE0D
16: 50F09209EB28179E
OMAC-serpent (16 byte key)
0: 32B85B2D0F6A080E75F1FFE3A9FB5FFB
1: F64B8FE18564E74DCBD49F773D7979CA
2: E3C48FFF5808AA7945481908FC717548
3: E0C62FF36F4B4EA65E1AF2D09039CFE3
4: AB03CE05922E2B6AF001B267DBE31BB1
5: E4064DD1F7B97BB930F38C601375A6ED
6: DC0E7B1BA3CDBD7E12EE7925937551CC
7: 57339E1EF4A9E91D10C3FBE6FE93CC93
8: 85DF3A320B77510535723BDB885C6471
9: 15E3F593D2200F27DEF08CEFE763CBC6
10: FEA659B89FD367CB508411FFED43F1B8
11: 4B7C3776A1520E31A5BC80EBE3470276
12: 425FC3093FEEB420672EA70A71D7C7BC
13: EDE32E118616A02F3E43E1607D5E715E
14: 00ABB127256308E517C12D41D72C6F53
15: 2AC61ED0CE3393129EA22A6715536334
16: 01175B1577CE91E81C27B51372617995
17: ECE4166171B912D090AB134875C7249C
18: 481E14C574AA8AB6DFBDFA81B3B6F298
19: 2CC33E74FC8FF36A268D25E28610B46E
20: 270735B926CE2F9AD7DEC785D4B4F8E3
21: 5A47B86DBF557698B37025A70417FCFF
22: 19130FFE070FD9C2546C98B76D447104
23: C6BC0BED4C8CF5E182F69DAA13AFA47C
24: BC33925A9EFE64C20B24278663C7FBB0
25: 1552EB3F1396031C7306B2D34EEEC01A
26: 8C0BFE93E9FCF490CA4B4254CFD2C24D
27: 3F570BD03EA24C72CF6CC740B4EA2652
28: C34DAA57DED46E788573472F4DAA1743
29: EA26F5DAC00DEC6BC7F5DA35902DB020
30: 71573E129764A4C1B8F8A2D1BF2013CF
31: C7E18CC108DF3FF1E3A024A1B0B928E0
32: 6E458187EC664A776005EA140154ACBF

54
notes/pmac_tv.txt
View File

@ -567,3 +567,57 @@ PMAC-camellia (16 byte key)
31: D5C0143E1BA233BA5F862EE6E11A8F58
32: C8DAF08BD68F4AE401C6663393C257CB
PMAC-idea (16 byte key)
0: 1B010822EBB2E3F0
1: 943AA2133BD2CAE7
2: 6AB636AFF380D7E1
3: 9F5CA3037C13D0A9
4: 8EBB7A3E8757A414
5: C01F7BF5986987D7
6: FA9C1B62100EF6C7
7: F69FC035FD89BDB9
8: FA5C607B2D97FD7D
9: A112CDFAFF150870
10: ABBFD9DC6D530842
11: 6FF72677F0A845D2
12: A6803A517E9F1C34
13: A5A45E3AD8300F30
14: 3854B6FABF268B8A
15: DD3E679D6387A082
16: 872DDF68887A9606
PMAC-serpent (16 byte key)
0: F339DEF404209BCB165EB7BCFD992CBE
1: 4AC8EFF62CBCF0DF5EED09C481DAEC02
2: 8D89B71DE01632A07641FA5A92DB8F3F
3: CD3BA1D7DD7ABE17BFBD48E1B391EB77
4: 579BF88799B0B67F2E1B12D34B20DF9C
5: 56C6AACC2B142F18A680B6AAA5AA82A4
6: 082EFD0AA9B9BA02132F2B74B748E243
7: 6B800A69716D6FFF5C9836176F724AA3
8: FF406270AED77526DC8E84FEFC7A57C2
9: C2E5741342F888E4CE0D661986388FEE
10: 47AB010F388A9E10017155D88F35F20B
11: A5623D8A148DF62024F2C621DE0C4E2A
12: C6B47AAAF01A7E4683C461D119288354
13: FB7274149DB6E4E2CC757E8A95EBE335
14: FE74C4559520165DABCB75942C333950
15: EFD0DEBF6304F04C6CFAD4B6A4DF6C58
16: 89BDE6A86A4A14ED553732CF979F9599
17: AEB77664F24297E6471218B2F68A5BFD
18: 1AD0F4ED52FDEF747BF3E3C8DF7334DE
19: 16273AD4918181B8E183F661D1EE7991
20: 061DBAABEA31DFBD68A57151633FEDF5
21: 2206B89F47FA497C506B25736B672F70
22: 86F3809E186C70B2FD7B0BC88A0A81F6
23: 193CD2D4777DAE6FD7EF176EA9065C81
24: 9274BBB50D1CB86C39CA0AC0A5224A9E
25: F7BD94AB66D03AA22CB41F72874316DE
26: 1E48C30E5502E98B7F7038BEE7BC658A
27: AB7E6F468283DA5219CC76D83915CA63
28: 54CBD6BB08511366E56EA95414766D97
29: 73E91132A2B53930D4415A5B4F7BD523
30: 67E45427A9CCFAB9A11BD6AF2C4E9A80
31: 11F399978DB69A7957F2DF1A44206841
32: D6C0DE7EEB98DA9EB0F800D2734B100A

19
scan_build.sh
View File

@ -1,19 +0,0 @@
#!/bin/bash
[ "$TRAVIS_CI" != "" ] && { [ -z "$(which scan-build)" ] && { echo "installing clang"; sudo apt-get install clang -y -qq; }; } || true
if [ "$#" = "5" -a "$(echo $3 | grep -v 'makefile[.]')" = "" ]; then
echo "only run $0 for the regular makefile, early exit success"
exit 0
fi
# output version
bash printinfo.sh
make clean > /dev/null
scan_build=$(which scan-build)
[ -z "$scan_build" ] && scan_build=$(find /usr/bin/ -name 'scan-build-*' | sort -nr | head -n1) || true
[ -z "$scan_build" ] && { echo "couldn't find clang scan-build"; exit 1; } || echo "run $scan_build"
export CFLAGS="-DUSE_LTM -DLTM_DESC -I/usr/include"
export EXTRALIBS="-ltommath"
$scan_build --status-bugs make -f makefile.unix all CFLAGS="$CFLAGS" EXTRALIBS="$EXTRALIBS"

260
src/ciphers/idea.c Normal file
View File

@ -0,0 +1,260 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/* Based on idea.cpp - originally written and placed in the public domain by Wei Dai
https://github.com/weidai11/cryptopp/blob/master/idea.cpp
Patents should be expired. On 2017-10-16 wikipedia says:
https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
A patent application for IDEA was first filed in Switzerland (CH A 1690/90) on May 18, 1990,
then an international patent application was filed under the Patent Cooperation Treaty on
May 16, 1991. Patents were eventually granted in Austria, France, Germany, Italy, the Netherlands,
Spain, Sweden, Switzerland, the United Kingdom, (European Patent Register entry for European
patent no. 0482154, filed May 16, 1991, issued June 22, 1994 and expired May 16, 2011),
the United States (U.S. Patent 5,214,703, issued May 25, 1993 and expired January 7, 2012)
and Japan (JP 3225440) (expired May 16, 2011).
*/
#include "tomcrypt.h"
#ifdef LTC_IDEA
const struct ltc_cipher_descriptor idea_desc = {
"idea",
24, /* cipher_ID */
16, 16, 8, 8, /* min_key_len, max_key_len, block_len, default_rounds */
&idea_setup,
&idea_ecb_encrypt,
&idea_ecb_decrypt,
&idea_test,
&idea_done,
&idea_keysize,
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
};
typedef unsigned short int ushort16;
#define _LOW16(x) ((x)&0xffff) /* compiler should be able to optimize this away if x is 16 bits */
#define _HIGH16(x) ((x)>>16)
#define _MUL(a,b) { \
ulong32 p = (ulong32)_LOW16(a) * b; \
if (p) { \
p = _LOW16(p) - _HIGH16(p); \
a = (ushort16)p - (ushort16)_HIGH16(p); \
} \
else \
a = 1 - a - b; \
}
#define _STORE16(x,y) { (y)[0] = (unsigned char)(((x)>>8)&255); (y)[1] = (unsigned char)((x)&255); }
#define _LOAD16(x,y) { x = ((ushort16)((y)[0] & 255)<<8) | ((ushort16)((y)[1] & 255)); }
static ushort16 _mul_inv(ushort16 x)
{
ushort16 y = x;
unsigned i;
for (i = 0; i < 15; i++) {
_MUL(y, _LOW16(y));
_MUL(y, x);
}
return _LOW16(y);
}
static ushort16 _add_inv(ushort16 x)
{
return _LOW16(0 - x);
}
static int _setup_key(const unsigned char *key, symmetric_key *skey)
{
int i, j;
ushort16 *e_key = skey->idea.ek;
ushort16 *d_key = skey->idea.dk;
/* prepare enc key */
for (i = 0; i < 8; i++) {
_LOAD16(e_key[i], key + 2 * i);
}
for (; i < LTC_IDEA_KEYLEN; i++) {
j = (i - i % 8) - 8;
e_key[i] = _LOW16((e_key[j+(i+1)%8] << 9) | (e_key[j+(i+2)%8] >> 7));
}
/* prepare dec key */
for (i = 0; i < LTC_IDEA_ROUNDS; i++) {
d_key[i*6+0] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+0]);
d_key[i*6+1] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+1+(i>0 ? 1 : 0)]);
d_key[i*6+2] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+2-(i>0 ? 1 : 0)]);
d_key[i*6+3] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+3]);
d_key[i*6+4] = e_key[(LTC_IDEA_ROUNDS-1-i)*6+4];
d_key[i*6+5] = e_key[(LTC_IDEA_ROUNDS-1-i)*6+5];
}
d_key[i*6+0] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+0]);
d_key[i*6+1] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+1]);
d_key[i*6+2] = _add_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+2]);
d_key[i*6+3] = _mul_inv(e_key[(LTC_IDEA_ROUNDS-i)*6+3]);
return CRYPT_OK;
}
static int _process_block(const unsigned char *in, unsigned char *out, ushort16 *m_key)
{
int i;
ushort16 x0, x1, x2, x3, t0, t1;
_LOAD16(x0, in + 0);
_LOAD16(x1, in + 2);
_LOAD16(x2, in + 4);
_LOAD16(x3, in + 6);
for (i = 0; i < LTC_IDEA_ROUNDS; i++) {
_MUL(x0, m_key[i*6+0]);
x1 += m_key[i*6+1];
x2 += m_key[i*6+2];
_MUL(x3, m_key[i*6+3]);
t0 = x0^x2;
_MUL(t0, m_key[i*6+4]);
t1 = t0 + (x1^x3);
_MUL(t1, m_key[i*6+5]);
t0 += t1;
x0 ^= t1;
x3 ^= t0;
t0 ^= x1;
x1 = x2^t1;
x2 = t0;
}
_MUL(x0, m_key[LTC_IDEA_ROUNDS*6+0]);
x2 += m_key[LTC_IDEA_ROUNDS*6+1];
x1 += m_key[LTC_IDEA_ROUNDS*6+2];
_MUL(x3, m_key[LTC_IDEA_ROUNDS*6+3]);
_STORE16(x0, out + 0);
_STORE16(x2, out + 2);
_STORE16(x1, out + 4);
_STORE16(x3, out + 6);
return CRYPT_OK;
}
int idea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
{
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(skey != NULL);
if (num_rounds != 0 && num_rounds != 8) return CRYPT_INVALID_ROUNDS;
if (keylen != 16) return CRYPT_INVALID_KEYSIZE;
return _setup_key(key, skey);
}
int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
{
int err = _process_block(pt, ct, skey->idea.ek);
#ifdef LTC_CLEAN_STACK
burn_stack(sizeof(ushort16) * 6 + sizeof(int));
#endif
return err;
}
int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
{
int err = _process_block(ct, pt, skey->idea.dk);
#ifdef LTC_CLEAN_STACK
burn_stack(sizeof(ushort16) * 6 + sizeof(int));
#endif
return err;
}
void idea_done(symmetric_key *skey)
{
LTC_UNUSED_PARAM(skey);
}
int idea_keysize(int *keysize)
{
LTC_ARGCHK(keysize != NULL);
if (*keysize < 16) {
return CRYPT_INVALID_KEYSIZE;
}
*keysize = 16;
return CRYPT_OK;
}
int idea_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
static const struct {
unsigned char key[16], pt[8], ct[8];
} tests[] = {
{
/* key */ { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* ct */ { 0xB1, 0xF5, 0xF7, 0xF8, 0x79, 0x01, 0x37, 0x0F }
},
{
/* key */ { 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* ct */ { 0xB3, 0x92, 0x7D, 0xFF, 0xB6, 0x35, 0x86, 0x26 }
},
{
/* key */ { 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* ct */ { 0xE9, 0x87, 0xE0, 0x02, 0x9F, 0xB9, 0x97, 0x85 }
},
{
/* key */ { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* ct */ { 0x75, 0x4A, 0x03, 0xCE, 0x08, 0xDB, 0x7D, 0xAA }
},
{
/* key */ { 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* pt */ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
/* ct */ { 0xF0, 0x15, 0xF9, 0xFB, 0x0C, 0xFC, 0x7E, 0x1C }
},
};
unsigned char buf[2][8];
symmetric_key key;
int err, x;
if (sizeof(ushort16) != 2) {
return CRYPT_FAIL_TESTVECTOR;
}
for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
if ((err = idea_setup(tests[x].key, 16, 8, &key)) != CRYPT_OK) {
return err;
}
if ((err = idea_ecb_encrypt(tests[x].pt, buf[0], &key)) != CRYPT_OK) {
return err;
}
if (compare_testvector(buf[0], 8, tests[x].ct, 8, "IDEA Encrypt", x)) {
return CRYPT_FAIL_TESTVECTOR;
}
if ((err = idea_ecb_decrypt(tests[x].ct, buf[1], &key)) != CRYPT_OK) {
return err;
}
if (compare_testvector(buf[1], 8, tests[x].pt, 8, "IDEA Decrypt", x)) {
return CRYPT_FAIL_TESTVECTOR;
}
}
return CRYPT_OK;
#endif
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

727
src/ciphers/serpent.c Normal file
View File

@ -0,0 +1,727 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/* Based on serpent.cpp - originally written and placed in the public domain by Wei Dai
https://github.com/weidai11/cryptopp/blob/master/serpent.cpp
On 2017-10-16 wikipedia says:
"The Serpent cipher algorithm is in the public domain and has not been patented."
https://en.wikipedia.org/wiki/Serpent_(cipher)
*/
#include "tomcrypt.h"
#ifdef LTC_SERPENT
const struct ltc_cipher_descriptor serpent_desc = {
"serpent",
25, /* cipher_ID */
16, 32, 16, 32, /* min_key_len, max_key_len, block_len, default_rounds */
&serpent_setup,
&serpent_ecb_encrypt,
&serpent_ecb_decrypt,
&serpent_test,
&serpent_done,
&serpent_keysize,
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
};
/* linear transformation */
#define _LT(i,a,b,c,d,e) { \
a = ROLc(a, 13); \
c = ROLc(c, 3); \
d = ROLc(d ^ c ^ (a << 3), 7); \
b = ROLc(b ^ a ^ c, 1); \
a = ROLc(a ^ b ^ d, 5); \
c = ROLc(c ^ d ^ (b << 7), 22); \
}
/* inverse linear transformation */
#define _ILT(i,a,b,c,d,e) { \
c = RORc(c, 22); \
a = RORc(a, 5); \
c ^= d ^ (b << 7); \
a ^= b ^ d; \
b = RORc(b, 1); \
d = RORc(d, 7) ^ c ^ (a << 3); \
b ^= a ^ c; \
c = RORc(c, 3); \
a = RORc(a, 13); \
}
/* order of output from S-box functions */
#define _beforeS0(f) f(0,a,b,c,d,e)
#define _afterS0(f) f(1,b,e,c,a,d)
#define _afterS1(f) f(2,c,b,a,e,d)
#define _afterS2(f) f(3,a,e,b,d,c)
#define _afterS3(f) f(4,e,b,d,c,a)
#define _afterS4(f) f(5,b,a,e,c,d)
#define _afterS5(f) f(6,a,c,b,e,d)
#define _afterS6(f) f(7,a,c,d,b,e)
#define _afterS7(f) f(8,d,e,b,a,c)
/* order of output from inverse S-box functions */
#define _beforeI7(f) f(8,a,b,c,d,e)
#define _afterI7(f) f(7,d,a,b,e,c)
#define _afterI6(f) f(6,a,b,c,e,d)
#define _afterI5(f) f(5,b,d,e,c,a)
#define _afterI4(f) f(4,b,c,e,a,d)
#define _afterI3(f) f(3,a,b,e,c,d)
#define _afterI2(f) f(2,b,d,e,c,a)
#define _afterI1(f) f(1,a,b,c,e,d)
#define _afterI0(f) f(0,a,d,b,e,c)
/* The instruction sequences for the S-box functions
* come from Dag Arne Osvik's paper "Speeding up Serpent".
*/
#define _S0(i, r0, r1, r2, r3, r4) { \
r3 ^= r0; \
r4 = r1; \
r1 &= r3; \
r4 ^= r2; \
r1 ^= r0; \
r0 |= r3; \
r0 ^= r4; \
r4 ^= r3; \
r3 ^= r2; \
r2 |= r1; \
r2 ^= r4; \
r4 = ~r4; \
r4 |= r1; \
r1 ^= r3; \
r1 ^= r4; \
r3 |= r0; \
r1 ^= r3; \
r4 ^= r3; \
}
#define _I0(i, r0, r1, r2, r3, r4) { \
r2 = ~r2; \
r4 = r1; \
r1 |= r0; \
r4 = ~r4; \
r1 ^= r2; \
r2 |= r4; \
r1 ^= r3; \
r0 ^= r4; \
r2 ^= r0; \
r0 &= r3; \
r4 ^= r0; \
r0 |= r1; \
r0 ^= r2; \
r3 ^= r4; \
r2 ^= r1; \
r3 ^= r0; \
r3 ^= r1; \
r2 &= r3; \
r4 ^= r2; \
}
#define _S1(i, r0, r1, r2, r3, r4) { \
r0 = ~r0; \
r2 = ~r2; \
r4 = r0; \
r0 &= r1; \
r2 ^= r0; \
r0 |= r3; \
r3 ^= r2; \
r1 ^= r0; \
r0 ^= r4; \
r4 |= r1; \
r1 ^= r3; \
r2 |= r0; \
r2 &= r4; \
r0 ^= r1; \
r1 &= r2; \
r1 ^= r0; \
r0 &= r2; \
r0 ^= r4; \
}
#define _I1(i, r0, r1, r2, r3, r4) { \
r4 = r1; \
r1 ^= r3; \
r3 &= r1; \
r4 ^= r2; \
r3 ^= r0; \
r0 |= r1; \
r2 ^= r3; \
r0 ^= r4; \
r0 |= r2; \
r1 ^= r3; \
r0 ^= r1; \
r1 |= r3; \
r1 ^= r0; \
r4 = ~r4; \
r4 ^= r1; \
r1 |= r0; \
r1 ^= r0; \
r1 |= r4; \
r3 ^= r1; \
}
#define _S2(i, r0, r1, r2, r3, r4) { \
r4 = r0; \
r0 &= r2; \
r0 ^= r3; \
r2 ^= r1; \
r2 ^= r0; \
r3 |= r4; \
r3 ^= r1; \
r4 ^= r2; \
r1 = r3; \
r3 |= r4; \
r3 ^= r0; \
r0 &= r1; \
r4 ^= r0; \
r1 ^= r3; \
r1 ^= r4; \
r4 = ~r4; \
}
#define _I2(i, r0, r1, r2, r3, r4) { \
r2 ^= r3; \
r3 ^= r0; \
r4 = r3; \
r3 &= r2; \
r3 ^= r1; \
r1 |= r2; \
r1 ^= r4; \
r4 &= r3; \
r2 ^= r3; \
r4 &= r0; \
r4 ^= r2; \
r2 &= r1; \
r2 |= r0; \
r3 = ~r3; \
r2 ^= r3; \
r0 ^= r3; \
r0 &= r1; \
r3 ^= r4; \
r3 ^= r0; \
}
#define _S3(i, r0, r1, r2, r3, r4) { \
r4 = r0; \
r0 |= r3; \
r3 ^= r1; \
r1 &= r4; \
r4 ^= r2; \
r2 ^= r3; \
r3 &= r0; \
r4 |= r1; \
r3 ^= r4; \
r0 ^= r1; \
r4 &= r0; \
r1 ^= r3; \
r4 ^= r2; \
r1 |= r0; \
r1 ^= r2; \
r0 ^= r3; \
r2 = r1; \
r1 |= r3; \
r1 ^= r0; \
}
#define _I3(i, r0, r1, r2, r3, r4) { \
r4 = r2; \
r2 ^= r1; \
r1 &= r2; \
r1 ^= r0; \
r0 &= r4; \
r4 ^= r3; \
r3 |= r1; \
r3 ^= r2; \
r0 ^= r4; \
r2 ^= r0; \
r0 |= r3; \
r0 ^= r1; \
r4 ^= r2; \
r2 &= r3; \
r1 |= r3; \
r1 ^= r2; \
r4 ^= r0; \
r2 ^= r4; \
}
#define _S4(i, r0, r1, r2, r3, r4) { \
r1 ^= r3; \
r3 = ~r3; \
r2 ^= r3; \
r3 ^= r0; \
r4 = r1; \
r1 &= r3; \
r1 ^= r2; \
r4 ^= r3; \
r0 ^= r4; \
r2 &= r4; \
r2 ^= r0; \
r0 &= r1; \
r3 ^= r0; \
r4 |= r1; \
r4 ^= r0; \
r0 |= r3; \
r0 ^= r2; \
r2 &= r3; \
r0 = ~r0; \
r4 ^= r2; \
}
#define _I4(i, r0, r1, r2, r3, r4) { \
r4 = r2; \
r2 &= r3; \
r2 ^= r1; \
r1 |= r3; \
r1 &= r0; \
r4 ^= r2; \
r4 ^= r1; \
r1 &= r2; \
r0 = ~r0; \
r3 ^= r4; \
r1 ^= r3; \
r3 &= r0; \
r3 ^= r2; \
r0 ^= r1; \
r2 &= r0; \
r3 ^= r0; \
r2 ^= r4; \
r2 |= r3; \
r3 ^= r0; \
r2 ^= r1; \
}
#define _S5(i, r0, r1, r2, r3, r4) { \
r0 ^= r1; \
r1 ^= r3; \
r3 = ~r3; \
r4 = r1; \
r1 &= r0; \
r2 ^= r3; \
r1 ^= r2; \
r2 |= r4; \
r4 ^= r3; \
r3 &= r1; \
r3 ^= r0; \
r4 ^= r1; \
r4 ^= r2; \
r2 ^= r0; \
r0 &= r3; \
r2 = ~r2; \
r0 ^= r4; \
r4 |= r3; \
r2 ^= r4; \
}
#define _I5(i, r0, r1, r2, r3, r4) { \
r1 = ~r1; \
r4 = r3; \
r2 ^= r1; \
r3 |= r0; \
r3 ^= r2; \
r2 |= r1; \
r2 &= r0; \
r4 ^= r3; \
r2 ^= r4; \
r4 |= r0; \
r4 ^= r1; \
r1 &= r2; \
r1 ^= r3; \
r4 ^= r2; \
r3 &= r4; \
r4 ^= r1; \
r3 ^= r0; \
r3 ^= r4; \
r4 = ~r4; \
}
#define _S6(i, r0, r1, r2, r3, r4) { \
r2 = ~r2; \
r4 = r3; \
r3 &= r0; \
r0 ^= r4; \
r3 ^= r2; \
r2 |= r4; \
r1 ^= r3; \
r2 ^= r0; \
r0 |= r1; \
r2 ^= r1; \
r4 ^= r0; \
r0 |= r3; \
r0 ^= r2; \
r4 ^= r3; \
r4 ^= r0; \
r3 = ~r3; \
r2 &= r4; \
r2 ^= r3; \
}
#define _I6(i, r0, r1, r2, r3, r4) { \
r0 ^= r2; \
r4 = r2; \
r2 &= r0; \
r4 ^= r3; \
r2 = ~r2; \
r3 ^= r1; \
r2 ^= r3; \
r4 |= r0; \
r0 ^= r2; \
r3 ^= r4; \
r4 ^= r1; \
r1 &= r3; \
r1 ^= r0; \
r0 ^= r3; \
r0 |= r2; \
r3 ^= r1; \
r4 ^= r0; \
}
#define _S7(i, r0, r1, r2, r3, r4) { \
r4 = r2; \
r2 &= r1; \
r2 ^= r3; \
r3 &= r1; \
r4 ^= r2; \
r2 ^= r1; \
r1 ^= r0; \
r0 |= r4; \
r0 ^= r2; \
r3 ^= r1; \
r2 ^= r3; \
r3 &= r0; \
r3 ^= r4; \
r4 ^= r2; \
r2 &= r0; \
r4 = ~r4; \
r2 ^= r4; \
r4 &= r0; \
r1 ^= r3; \
r4 ^= r1; \
}
#define _I7(i, r0, r1, r2, r3, r4) { \
r4 = r2; \
r2 ^= r0; \
r0 &= r3; \
r2 = ~r2; \
r4 |= r3; \
r3 ^= r1; \
r1 |= r0; \
r0 ^= r2; \
r2 &= r4; \
r1 ^= r2; \
r2 ^= r0; \
r0 |= r2; \
r3 &= r4; \
r0 ^= r3; \
r4 ^= r1; \
r3 ^= r4; \
r4 |= r0; \
r3 ^= r2; \
r4 ^= r2; \
}
/* key xor */
#define _KX(r, a, b, c, d, e) { \
a ^= k[4 * r + 0]; \
b ^= k[4 * r + 1]; \
c ^= k[4 * r + 2]; \
d ^= k[4 * r + 3]; \
}
#define _LK(r, a, b, c, d, e) { \
a = k[(8-r)*4 + 0]; \
b = k[(8-r)*4 + 1]; \
c = k[(8-r)*4 + 2]; \
d = k[(8-r)*4 + 3]; \
}
#define _SK(r, a, b, c, d, e) { \
k[(8-r)*4 + 4] = a; \
k[(8-r)*4 + 5] = b; \
k[(8-r)*4 + 6] = c; \
k[(8-r)*4 + 7] = d; \
}
static int _setup_key(const unsigned char *key, int keylen, int rounds, ulong32 *k)
{
int i;
ulong32 t;
ulong32 k0[8] = { 0 }; /* zero-initialize */
ulong32 a, b, c, d, e;
for (i = 0; i < 8 && i < keylen/4; ++i) {
LOAD32L(k0[i], key + i * 4);
}
if (keylen < 32) {
k0[keylen/4] |= (ulong32)1 << ((keylen%4)*8);
}
t = k0[7];
for (i = 0; i < 8; ++i) {
k[i] = k0[i] = t = ROLc(k0[i] ^ k0[(i+3)%8] ^ k0[(i+5)%8] ^ t ^ 0x9e3779b9 ^ i, 11);
}
for (i = 8; i < 4*(rounds+1); ++i) {
k[i] = t = ROLc(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11);
}
k -= 20;
for (i = 0; i < rounds/8; i++) {
_afterS2(_LK); _afterS2(_S3); _afterS3(_SK);
_afterS1(_LK); _afterS1(_S2); _afterS2(_SK);
_afterS0(_LK); _afterS0(_S1); _afterS1(_SK);
_beforeS0(_LK); _beforeS0(_S0); _afterS0(_SK);
k += 8*4;
_afterS6(_LK); _afterS6(_S7); _afterS7(_SK);
_afterS5(_LK); _afterS5(_S6); _afterS6(_SK);
_afterS4(_LK); _afterS4(_S5); _afterS5(_SK);
_afterS3(_LK); _afterS3(_S4); _afterS4(_SK);
}
_afterS2(_LK); _afterS2(_S3); _afterS3(_SK);
return CRYPT_OK;
}
static int _enc_block(const unsigned char *in, unsigned char *out, ulong32 *k)
{
ulong32 a, b, c, d, e;
unsigned int i = 1;
LOAD32L(a, in + 0);
LOAD32L(b, in + 4);
LOAD32L(c, in + 8);
LOAD32L(d, in + 12);
do {
_beforeS0(_KX); _beforeS0(_S0); _afterS0(_LT);
_afterS0(_KX); _afterS0(_S1); _afterS1(_LT);
_afterS1(_KX); _afterS1(_S2); _afterS2(_LT);
_afterS2(_KX); _afterS2(_S3); _afterS3(_LT);
_afterS3(_KX); _afterS3(_S4); _afterS4(_LT);
_afterS4(_KX); _afterS4(_S5); _afterS5(_LT);
_afterS5(_KX); _afterS5(_S6); _afterS6(_LT);
_afterS6(_KX); _afterS6(_S7);
if (i == 4) break;
++i;
c = b;
b = e;
e = d;
d = a;
a = e;
k += 32;
_beforeS0(_LT);
} while (1);
_afterS7(_KX);
STORE32L(d, out + 0);
STORE32L(e, out + 4);
STORE32L(b, out + 8);
STORE32L(a, out + 12);
return CRYPT_OK;
}
static int _dec_block(const unsigned char *in, unsigned char *out, ulong32 *k)
{
ulong32 a, b, c, d, e;
unsigned int i;
LOAD32L(a, in + 0);
LOAD32L(b, in + 4);
LOAD32L(c, in + 8);
LOAD32L(d, in + 12);
e = 0; LTC_UNUSED_PARAM(e); /* avoid scan-build warning */
i = 4;
k += 96;
_beforeI7(_KX);
goto start;
do {
c = b;
b = d;
d = e;
k -= 32;
_beforeI7(_ILT);
start:
_beforeI7(_I7); _afterI7(_KX);
_afterI7(_ILT); _afterI7(_I6); _afterI6(_KX);
_afterI6(_ILT); _afterI6(_I5); _afterI5(_KX);
_afterI5(_ILT); _afterI5(_I4); _afterI4(_KX);
_afterI4(_ILT); _afterI4(_I3); _afterI3(_KX);
_afterI3(_ILT); _afterI3(_I2); _afterI2(_KX);
_afterI2(_ILT); _afterI2(_I1); _afterI1(_KX);
_afterI1(_ILT); _afterI1(_I0); _afterI0(_KX);
} while (--i != 0);
STORE32L(a, out + 0);
STORE32L(d, out + 4);
STORE32L(b, out + 8);
STORE32L(e, out + 12);
return CRYPT_OK;
}
int serpent_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
{
int err;
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(skey != NULL);
if (num_rounds != 0 && num_rounds != 32) return CRYPT_INVALID_ROUNDS;
if (keylen != 16 && keylen != 24 && keylen != 32) return CRYPT_INVALID_KEYSIZE;
err = _setup_key(key, keylen, 32, skey->serpent.k);
#ifdef LTC_CLEAN_STACK
burn_stack(sizeof(ulong32) * 14 + sizeof(int));
#endif
return err;
}
int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
{
int err = _enc_block(pt, ct, skey->serpent.k);
#ifdef LTC_CLEAN_STACK
burn_stack(sizeof(ulong32) * 5 + sizeof(int));
#endif
return err;
}
int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
{
int err = _dec_block(ct, pt, skey->serpent.k);
#ifdef LTC_CLEAN_STACK
burn_stack(sizeof(ulong32) * 5 + sizeof(int));
#endif
return err;
}
void serpent_done(symmetric_key *skey)
{
LTC_UNUSED_PARAM(skey);
}
int serpent_keysize(int *keysize)
{
LTC_ARGCHK(keysize != NULL);
if (*keysize >= 32) { *keysize = 32; }
else if (*keysize >= 24) { *keysize = 24; }
else if (*keysize >= 16) { *keysize = 16; }
else return CRYPT_INVALID_KEYSIZE;
return CRYPT_OK;
}
int serpent_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
static const struct {
unsigned char key[32];
int keylen;
unsigned char pt[16], ct[16];
} tests[] = {
{
/* key */ {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 32,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0xA2,0x23,0xAA,0x12,0x88,0x46,0x3C,0x0E,0x2B,0xE3,0x8E,0xBD,0x82,0x56,0x16,0xC0}
},
{
/* key */ {0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 32,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0xEA,0xE1,0xD4,0x05,0x57,0x01,0x74,0xDF,0x7D,0xF2,0xF9,0x96,0x6D,0x50,0x91,0x59}
},
{
/* key */ {0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 32,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0x65,0xF3,0x76,0x84,0x47,0x1E,0x92,0x1D,0xC8,0xA3,0x0F,0x45,0xB4,0x3C,0x44,0x99}
},
{
/* key */ {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 24,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0x9E,0x27,0x4E,0xAD,0x9B,0x73,0x7B,0xB2,0x1E,0xFC,0xFC,0xA5,0x48,0x60,0x26,0x89}
},
{
/* key */ {0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 24,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0x92,0xFC,0x8E,0x51,0x03,0x99,0xE4,0x6A,0x04,0x1B,0xF3,0x65,0xE7,0xB3,0xAE,0x82}
},
{
/* key */ {0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 24,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0x5E,0x0D,0xA3,0x86,0xC4,0x6A,0xD4,0x93,0xDE,0xA2,0x03,0xFD,0xC6,0xF5,0x7D,0x70}
},
{
/* key */ {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 16,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0x26,0x4E,0x54,0x81,0xEF,0xF4,0x2A,0x46,0x06,0xAB,0xDA,0x06,0xC0,0xBF,0xDA,0x3D}
},
{
/* key */ {0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 16,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0x4A,0x23,0x1B,0x3B,0xC7,0x27,0x99,0x34,0x07,0xAC,0x6E,0xC8,0x35,0x0E,0x85,0x24}
},
{
/* key */ {0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* keylen */ 16,
/* pt */ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
/* ct */ {0xE0,0x32,0x69,0xF9,0xE9,0xFD,0x85,0x3C,0x7D,0x81,0x56,0xDF,0x14,0xB9,0x8D,0x56}
}
};
unsigned char buf[2][16];
symmetric_key key;
int err, x;
for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
if ((err = serpent_setup(tests[x].key, tests[x].keylen, 0, &key)) != CRYPT_OK) {
return err;
}
if ((err = serpent_ecb_encrypt(tests[x].pt, buf[0], &key)) != CRYPT_OK) {
return err;
}
if (compare_testvector(buf[0], 16, tests[x].ct, 16, "SERPENT Encrypt", x)) {
return CRYPT_FAIL_TESTVECTOR;
}
if ((err = serpent_ecb_decrypt(tests[x].ct, buf[1], &key)) != CRYPT_OK) {
return err;
}
if (compare_testvector(buf[1], 16, tests[x].pt, 16, "SERPENT Decrypt", x)) {
return CRYPT_FAIL_TESTVECTOR;
}
}
return CRYPT_OK;
#endif
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

18
src/headers/tomcrypt_cfg.h
View File

@ -51,12 +51,14 @@ LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2);
#endif
/* some compilers do not like "inline" (or maybe "static inline"), namely: HP cc, IBM xlc */
#if defined(__HP_cc) || defined(__xlc__)
#define LTC_INLINE
#elif defined(_MSC_VER)
#if defined(__GNUC__) || defined(__xlc__)
#define LTC_INLINE __inline__
#elif defined(_MSC_VER) || defined(__HP_cc)
#define LTC_INLINE __inline
#else
#elif defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
#define LTC_INLINE inline
#else
#define LTC_INLINE
#endif
/* type of argument checking, 0=default, 1=fatal and 2=error+continue, 3=nothing */
@ -277,6 +279,14 @@ typedef unsigned long ltc_mp_digit;
#define LTC_HAVE_BSWAP_BUILTIN
#endif
#if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301)
#define LTC_DEPRECATED __attribute__((deprecated))
#elif defined(_MSC_VER) && _MSC_VER >= 1500
/* supported since Visual Studio 2008 */
#define LTC_DEPRECATED __declspec(deprecated)
#else
#define LTC_DEPRECATED
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */

90
src/headers/tomcrypt_cipher.h
View File

@ -154,6 +154,23 @@ struct camellia_key {
};
#endif
#ifdef LTC_IDEA
/* rounds */
#define LTC_IDEA_ROUNDS 8
/* key schedule length in # of unsigned shorts */
#define LTC_IDEA_KEYLEN 6*LTC_IDEA_ROUNDS+4
struct idea_key {
unsigned short int ek[LTC_IDEA_KEYLEN]; /* enc key */
unsigned short int dk[LTC_IDEA_KEYLEN]; /* dec key */
};
#endif
#ifdef LTC_SERPENT
struct serpent_key {
ulong32 k[33*4];
};
#endif
typedef union Symmetric_key {
#ifdef LTC_DES
struct des_key des;
@ -212,6 +229,12 @@ typedef union Symmetric_key {
#endif
#ifdef LTC_CAMELLIA
struct camellia_key camellia;
#endif
#ifdef LTC_IDEA
struct idea_key idea;
#endif
#ifdef LTC_SERPENT
struct serpent_key serpent;
#endif
void *data;
} symmetric_key;
@ -816,6 +839,26 @@ int camellia_keysize(int *keysize);
extern const struct ltc_cipher_descriptor camellia_desc;
#endif
#ifdef LTC_IDEA
int idea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
int idea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
int idea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
int idea_test(void);
void idea_done(symmetric_key *skey);
int idea_keysize(int *keysize);
extern const struct ltc_cipher_descriptor idea_desc;
#endif
#ifdef LTC_SERPENT
int serpent_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
int serpent_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
int serpent_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
int serpent_test(void);
void serpent_done(symmetric_key *skey);
int serpent_keysize(int *keysize);
extern const struct ltc_cipher_descriptor serpent_desc;
#endif
#ifdef LTC_ECB_MODE
int ecb_start(int cipher, const unsigned char *key,
int keylen, int num_rounds, symmetric_ECB *ecb);
@ -969,6 +1012,53 @@ int chacha_test(void);
#endif /* LTC_CHACHA */
#ifdef LTC_SALSA20
typedef struct {
ulong32 input[16];
unsigned char kstream[64];
unsigned long ksleft;
unsigned long ivlen;
int rounds;
} salsa20_state;
int salsa20_setup(salsa20_state *st, const unsigned char *key, unsigned long keylen, int rounds);
int salsa20_ivctr64(salsa20_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 counter);
int salsa20_crypt(salsa20_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out);
int salsa20_keystream(salsa20_state *st, unsigned char *out, unsigned long outlen);
int salsa20_done(salsa20_state *st);
int salsa20_test(void);
#endif /* LTC_SALSA20 */
#ifdef LTC_SOSEMANUK
typedef struct {
ulong32 kc[100]; /* key_context */
ulong32 s00, s01, s02, s03, s04, s05, s06, s07, s08, s09;
ulong32 r1, r2;
/*
* Buffering: the stream cipher produces output data by
* blocks of 640 bits. buf[] contains such a block, and
* "ptr" is the index of the next output byte.
*/
unsigned char buf[80];
unsigned ptr;
} sosemanuk_state;
int sosemanuk_setup(sosemanuk_state *ss, unsigned char *key, unsigned long keylen);
int sosemanuk_setiv(sosemanuk_state *ss, unsigned char *iv, unsigned long ivlen);
int sosemanuk_crypt(sosemanuk_state *ss, const unsigned char *in, unsigned long datalen, unsigned char *out);
int sosemanuk_keystream(sosemanuk_state *ss, unsigned char *out, unsigned long outlen);
int sosemanuk_done(sosemanuk_state *ss);
int sosemanuk_test(void);
#endif /* LTC_SOSEMANUK */
#ifdef LTC_RC4_STREAM
typedef struct {

6
src/headers/tomcrypt_custom.h
View File

@ -202,9 +202,13 @@
#define LTC_KASUMI
#define LTC_MULTI2
#define LTC_CAMELLIA
#define LTC_IDEA
#define LTC_SERPENT
/* stream ciphers */
#define LTC_CHACHA
#define LTC_SALSA20
#define LTC_SOSEMANUK
#define LTC_RC4_STREAM
#define LTC_SOBER128_STREAM
@ -442,6 +446,8 @@
#define LTC_BASE64
/* ... and it's URL safe version */
#define LTC_BASE64_URL
/* Base32 encoding/decoding */
#define LTC_BASE32
/* Keep LTC_NO_HKDF for compatibility reasons
* superseeded by LTC_NO_MISC*/

2
src/headers/tomcrypt_mac.h
View File

@ -12,7 +12,7 @@ typedef struct Hmac_state {
hash_state md;
int hash;
hash_state hashstate;
unsigned char *key;
unsigned char key[MAXBLOCKSIZE];
} hmac_state;
int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned long keylen);

23
src/headers/tomcrypt_misc.h
View File

@ -30,6 +30,22 @@ int base64url_strict_decode(const unsigned char *in, unsigned long len,
unsigned char *out, unsigned long *outlen);
#endif
/* ---- BASE32 Routines ---- */
#ifdef LTC_BASE32
typedef enum {
BASE32_RFC4648 = 0,
BASE32_BASE32HEX = 1,
BASE32_ZBASE32 = 2,
BASE32_CROCKFORD = 3
} base32_alphabet;
int base32_encode(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
base32_alphabet id);
int base32_decode(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
base32_alphabet id);
#endif
/* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */
#ifdef LTC_HKDF
@ -73,14 +89,15 @@ int crypt_get_size(const char* namein, unsigned int *sizeout);
int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size);
#ifdef LTM_DESC
void init_LTM(void);
LTC_DEPRECATED void init_LTM(void);
#endif
#ifdef TFM_DESC
void init_TFM(void);
LTC_DEPRECATED void init_TFM(void);
#endif
#ifdef GMP_DESC
void init_GMP(void);
LTC_DEPRECATED void init_GMP(void);
#endif
int crypt_mp_init(const char* mpi);
#ifdef LTC_ADLER32
typedef struct adler32_state_s

1
src/mac/hmac/hmac_done.c
View File

@ -87,7 +87,6 @@ int hmac_done(hmac_state *hmac, unsigned char *out, unsigned long *outlen)
err = CRYPT_OK;
LBL_ERR:
XFREE(hmac->key);
#ifdef LTC_CLEAN_STACK
zeromem(isha, hashsize);
zeromem(buf, hashsize);

14
src/mac/hmac/hmac_init.c
View File

@ -53,11 +53,10 @@ int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned lon
return CRYPT_MEM;
}
/* allocate memory for key */
hmac->key = XMALLOC(LTC_HMAC_BLOCKSIZE);
if (hmac->key == NULL) {
XFREE(buf);
return CRYPT_MEM;
/* check hash block fits */
if (sizeof(hmac->key) < LTC_HMAC_BLOCKSIZE) {
err = CRYPT_BUFFER_OVERFLOW;
goto LBL_ERR;
}
/* (1) make sure we have a large enough key */
@ -88,11 +87,8 @@ int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned lon
if ((err = hash_descriptor[hash].process(&hmac->md, buf, LTC_HMAC_BLOCKSIZE)) != CRYPT_OK) {
goto LBL_ERR;
}
goto done;
LBL_ERR:
/* free the key since we failed */
XFREE(hmac->key);
done:
#ifdef LTC_CLEAN_STACK
zeromem(buf, LTC_HMAC_BLOCKSIZE);
#endif

122
src/misc/base32/base32_decode.c Normal file
View File

@ -0,0 +1,122 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
#ifdef LTC_BASE32
/**
Base32 decode a buffer
@param in The Base32 data to decode
@param inlen The length of the Base32 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@param id Alphabet to use BASE32_RFC4648, BASE32_BASE32HEX, BASE32_ZBASE32 or BASE32_CROCKFORD
@return CRYPT_OK if successful
*/
int base32_decode(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
base32_alphabet id)
{
unsigned long x;
int y = 0;
ulong64 t = 0;
unsigned char c;
const unsigned char *map;
const unsigned char tables[4][43] = {
{ /* id = BASE32_RFC4648 : ABCDEFGHIJKLMNOPQRSTUVWXYZ234567 */
99/*0*/,99/*1*/,26/*2*/,27/*3*/,28/*4*/,29/*5*/,30/*6*/,31/*7*/,99/*8*/,99/*9*/,
99/*:*/,99/*;*/,99/*<*/,99/*=*/,99/*>*/,99/*?*/,99/*@*/,
0/*A*/, 1/*B*/, 2/*C*/, 3/*D*/, 4/*E*/, 5/*F*/, 6/*G*/, 7/*H*/, 8/*I*/, 9/*J*/,10/*K*/,11/*L*/,12/*M*/,
13/*N*/,14/*O*/,15/*P*/,16/*Q*/,17/*R*/,18/*S*/,19/*T*/,20/*U*/,21/*V*/,22/*W*/,23/*X*/,24/*Y*/,25/*Z*/
},
{ /* id = BASE32_BASE32HEX : 0123456789ABCDEFGHIJKLMNOPQRSTUV */
0/*0*/, 1/*1*/, 2/*2*/, 3/*3*/, 4/*4*/, 5/*5*/, 6/*6*/, 7/*7*/, 8/*8*/, 9/*9*/,
99/*:*/,99/*;*/,99/*<*/,99/*=*/,99/*>*/,99/*?*/,99/*@*/,
10/*A*/,11/*B*/,12/*C*/,13/*D*/,14/*E*/,15/*F*/,16/*G*/,17/*H*/,18/*I*/,19/*J*/,20/*K*/,21/*L*/,22/*M*/,
23/*N*/,24/*O*/,25/*P*/,26/*Q*/,27/*R*/,28/*S*/,29/*T*/,30/*U*/,31/*V*/,99/*W*/,99/*X*/,99/*Y*/,99/*Z*/
},
{ /* id = BASE32_ZBASE32 : YBNDRFG8EJKMCPQXOT1UWISZA345H769 */
99/*0*/,18/*1*/,99/*2*/,25/*3*/,26/*4*/,27/*5*/,30/*6*/,29/*7*/, 7/*8*/,31/*9*/,
99/*:*/,99/*;*/,99/*<*/,99/*=*/,99/*>*/,99/*?*/,99/*@*/,
24/*A*/, 1/*B*/,12/*C*/, 3/*D*/, 8/*E*/, 5/*F*/, 6/*G*/,28/*H*/,21/*I*/, 9/*J*/,10/*K*/,99/*L*/,11/*M*/,
2/*N*/,16/*O*/,13/*P*/,14/*Q*/, 4/*R*/,22/*S*/,17/*T*/,19/*U*/,99/*V*/,20/*W*/,15/*X*/, 0/*Y*/,23/*Z*/
},
{ /* id = BASE32_CROCKFORD : 0123456789ABCDEFGHJKMNPQRSTVWXYZ + O=>0 + IL=>1 */
0/*0*/, 1/*1*/, 2/*2*/, 3/*3*/, 4/*4*/, 5/*5*/, 6/*6*/, 7/*7*/, 8/*8*/, 9/*9*/,
99/*:*/,99/*;*/,99/*<*/,99/*=*/,99/*>*/,99/*?*/,99/*@*/,
10/*A*/,11/*B*/,12/*C*/,13/*D*/,14/*E*/,15/*F*/,16/*G*/,17/*H*/, 1/*I*/,18/*J*/,19/*K*/, 1/*L*/,20/*M*/,
21/*N*/, 0/*O*/,22/*P*/,23/*Q*/,24/*R*/,25/*S*/,26/*T*/,99/*U*/,27/*V*/,28/*W*/,29/*X*/,30/*Y*/,31/*Z*/
}
};
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(id >= BASE32_RFC4648);
LTC_ARGCHK(id <= BASE32_CROCKFORD);
/* ignore all trailing = */
while (inlen > 0 && in[inlen-1] == '=') inlen--;
/* no input, nothing to do */
if (inlen == 0) {
*outlen = 0;
return CRYPT_OK;
}
/* check the size of output buffer */
x = (inlen * 5) / 8;
if (*outlen < x) {
*outlen = x;
return CRYPT_BUFFER_OVERFLOW;
}
*outlen = x;
/* check input data length */
x = inlen % 8;
if (x == 1 || x == 3 || x == 6) {
return CRYPT_INVALID_PACKET;
}
map = tables[id];
for (x = 0; x < inlen; x++) {
c = in[x];
/* convert to upper case */
if ((c >= 'a') && (c <= 'z')) c -= 32;
/* '0' = 48 .. 'Z' = 90 */
if (c < 48 || c > 90 || map[c-48] > 31) {
return CRYPT_INVALID_PACKET;
}
t = (t<<5)|map[c-48];
if (++y == 8) {
*out++ = (unsigned char)((t>>32) & 255);
*out++ = (unsigned char)((t>>24) & 255);
*out++ = (unsigned char)((t>>16) & 255);
*out++ = (unsigned char)((t>> 8) & 255);
*out++ = (unsigned char)( t & 255);
y = 0;
t = 0;
}
}
if (y > 0) {
t = t << (5 * (8 - y));
if (y >= 2) *out++ = (unsigned char)((t>>32) & 255);
if (y >= 4) *out++ = (unsigned char)((t>>24) & 255);
if (y >= 5) *out++ = (unsigned char)((t>>16) & 255);
if (y >= 7) *out++ = (unsigned char)((t>> 8) & 255);
}
return CRYPT_OK;
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

95
src/misc/base32/base32_encode.c Normal file
View File

@ -0,0 +1,95 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
#ifdef LTC_BASE32
/**
Base32 encode a buffer
@param in The input buffer to encode
@param inlen The length of the input buffer
@param out [out] The destination of the Base32 encoded data
@param outlen [in/out] The max size and resulting size of the encoded data
@param id Alphabet to use BASE32_RFC4648, BASE32_BASE32HEX, BASE32_ZBASE32 or BASE32_CROCKFORD
@return CRYPT_OK if successful
*/
int base32_encode(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
base32_alphabet id)
{
unsigned long i, x;
unsigned char *codes;
const char *alphabet[4] = {
"ABCDEFGHIJKLMNOPQRSTUVWXYZ234567", /* id = BASE32_RFC4648 */
"0123456789ABCDEFGHIJKLMNOPQRSTUV", /* id = BASE32_BASE32HEX */
"ybndrfg8ejkmcpqxot1uwisza345h769", /* id = BASE32_ZBASE32 */
"0123456789ABCDEFGHJKMNPQRSTVWXYZ" /* id = BASE32_CROCKFORD */
};
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(id >= BASE32_RFC4648);
LTC_ARGCHK(id <= BASE32_CROCKFORD);
/* no input, nothing to do */
if (inlen == 0) {
*outlen = 0;
return CRYPT_OK;
}
/* check the size of output buffer */
x = (8 * inlen + 4) / 5;
if (*outlen < x) {
*outlen = x;
return CRYPT_BUFFER_OVERFLOW;
}
*outlen = x;
codes = (unsigned char*)alphabet[id];
x = 5 * (inlen / 5);
for (i = 0; i < x; i += 5) {
*out++ = codes[(in[0] >> 3) & 0x1F];
*out++ = codes[(((in[0] & 0x7) << 2) + (in[1] >> 6)) & 0x1F];
*out++ = codes[(in[1] >> 1) & 0x1F];
*out++ = codes[(((in[1] & 0x1) << 4) + (in[2] >> 4)) & 0x1F];
*out++ = codes[(((in[2] & 0xF) << 1) + (in[3] >> 7)) & 0x1F];
*out++ = codes[(in[3] >> 2) & 0x1F];
*out++ = codes[(((in[3] & 0x3) << 3) + (in[4] >> 5)) & 0x1F];
*out++ = codes[in[4] & 0x1F];
in += 5;
}
if (i < inlen) {
unsigned a = in[0];
unsigned b = (i+1 < inlen) ? in[1] : 0;
unsigned c = (i+2 < inlen) ? in[2] : 0;
unsigned d = (i+3 < inlen) ? in[3] : 0;
*out++ = codes[(a >> 3) & 0x1F];
*out++ = codes[(((a & 0x7) << 2) + (b >> 6)) & 0x1F];
if (i+1 < inlen) {
*out++ = codes[(b >> 1) & 0x1F];
*out++ = codes[(((b & 0x1) << 4) + (c >> 4)) & 0x1F];
}
if (i+2 < inlen) {
*out++ = codes[(((c & 0xF) << 1) + (d >> 7)) & 0x1F];
*out++ = codes[(d >> 2) & 0x1F];
}
if (i+3 < inlen) {
*out++ = codes[((d & 0x3) << 3) & 0x1F];
}
}
return CRYPT_OK;
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

15
src/misc/crypt/crypt.c
View File

@ -121,11 +121,23 @@ const char *crypt_build_settings =
#endif
#if defined(LTC_CAMELLIA)
" Camellia\n"
#endif
#if defined(LTC_IDEA)
" IDEA\n"
#endif
#if defined(LTC_SERPENT)
" Serpent\n"
#endif
"Stream ciphers built-in:\n"
#if defined(LTC_CHACHA)
" ChaCha\n"
#endif
#if defined(LTC_SALSA20)
" Salsa20\n"
#endif
#if defined(LTC_SOSEMANUK)
" Sosemanuk\n"
#endif
#if defined(LTC_RC4_STREAM)
" RC4\n"
#endif
@ -393,6 +405,9 @@ const char *crypt_build_settings =
#if defined(LTC_BASE64_URL)
" BASE64-URL-SAFE "
#endif
#if defined(LTC_BASE32)
" BASE32 "
#endif
#if defined(LTC_CRC32)
" CRC32 "
#endif

48
src/misc/crypt/crypt_inits.c
View File

@ -37,6 +37,54 @@ void init_GMP(void)
}
#endif
int crypt_mp_init(const char* mpi)
{
if (mpi == NULL) return CRYPT_ERROR;
switch (mpi[0]) {
#ifdef LTM_DESC
case 'l':
case 'L':
ltc_mp = ltm_desc;
return CRYPT_OK;
#endif
#ifdef TFM_DESC
case 't':
case 'T':
ltc_mp = tfm_desc;
return CRYPT_OK;
#endif
#ifdef GMP_DESC
case 'g':
case 'G':
ltc_mp = gmp_desc;
return CRYPT_OK;
#endif
#ifdef EXT_MATH_LIB
case 'e':
case 'E':
{
extern ltc_math_descriptor EXT_MATH_LIB;
ltc_mp = EXT_MATH_LIB;
}
#if defined(LTC_TEST_DBG)
#define NAME_VALUE(s) #s"="NAME(s)
#define NAME(s) #s
printf("EXT_MATH_LIB = %s\n", NAME_VALUE(EXT_MATH_LIB));
#undef NAME_VALUE
#undef NAME
#endif
return CRYPT_OK;
#endif
default:
#if defined(LTC_TEST_DBG)
printf("Unknown/Invalid MPI provider: %s\n", mpi);
#endif
return CRYPT_ERROR;
}
}
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */

12
src/misc/crypt/crypt_sizes.c
View File

@ -98,6 +98,9 @@ static const crypt_size _crypt_sizes[] = {
_SZ_STRINGIFY_S(des_key),
_SZ_STRINGIFY_S(des3_key),
#endif
#ifdef LTC_IDEA
_SZ_STRINGIFY_S(idea_key),
#endif
#ifdef LTC_KASUMI
_SZ_STRINGIFY_S(kasumi_key),
#endif
@ -122,6 +125,9 @@ static const crypt_size _crypt_sizes[] = {
#ifdef LTC_RC6
_SZ_STRINGIFY_S(rc6_key),
#endif
#ifdef LTC_SERPENT
_SZ_STRINGIFY_S(serpent_key),
#endif
#ifdef LTC_SKIPJACK
_SZ_STRINGIFY_S(skipjack_key),
#endif
@ -171,6 +177,12 @@ static const crypt_size _crypt_sizes[] = {
#ifdef LTC_CHACHA
_SZ_STRINGIFY_T(chacha_state),
#endif
#ifdef LTC_SALSA20
_SZ_STRINGIFY_T(salsa20_state),
#endif
#ifdef LTC_SOSEMANUK
_SZ_STRINGIFY_T(sosemanuk_state),
#endif
#ifdef LTC_RC4_STREAM
_SZ_STRINGIFY_T(rc4_state),
#endif

2
src/prngs/rng_make_prng.c
View File

@ -43,7 +43,7 @@ int rng_make_prng(int bits, int wprng, prng_state *prng,
return err;
}
bits = ((bits/8)+((bits&7)!=0?1:0)) * 2;
bits = ((bits+7)/8) * 2;
if (rng_get_bytes(buf, (unsigned long)bits, callback) != (unsigned long)bits) {
return CRYPT_ERROR_READPRNG;
}

96
src/stream/salsa20/salsa20_crypt.c Normal file
View File

@ -0,0 +1,96 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/* The implementation is based on:
* "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf
* and salsa20-ref.c version 20051118
* Public domain from D. J. Bernstein
*/
#include "tomcrypt.h"
#ifdef LTC_SALSA20
#define QUARTERROUND(a,b,c,d) \
x[b] ^= (ROL((x[a] + x[d]), 7)); \
x[c] ^= (ROL((x[b] + x[a]), 9)); \
x[d] ^= (ROL((x[c] + x[b]), 13)); \
x[a] ^= (ROL((x[d] + x[c]), 18));
static void _salsa20_block(unsigned char *output, const ulong32 *input, int rounds)
{
ulong32 x[16];
int i;
XMEMCPY(x, input, sizeof(x));
for (i = rounds; i > 0; i -= 2) {
QUARTERROUND( 0, 4, 8,12)
QUARTERROUND( 5, 9,13, 1)
QUARTERROUND(10,14, 2, 6)
QUARTERROUND(15, 3, 7,11)
QUARTERROUND( 0, 1, 2, 3)
QUARTERROUND( 5, 6, 7, 4)
QUARTERROUND(10,11, 8, 9)
QUARTERROUND(15,12,13,14)
}
for (i = 0; i < 16; ++i) {
x[i] += input[i];
STORE32L(x[i], output + 4 * i);
}
}
/**
Encrypt (or decrypt) bytes of ciphertext (or plaintext) with Salsa20
@param st The Salsa20 state
@param in The plaintext (or ciphertext)
@param inlen The length of the input (octets)
@param out [out] The ciphertext (or plaintext), length inlen
@return CRYPT_OK if successful
*/
int salsa20_crypt(salsa20_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out)
{
unsigned char buf[64];
unsigned long i, j;
if (inlen == 0) return CRYPT_OK; /* nothing to do */
LTC_ARGCHK(st != NULL);
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(st->ivlen == 8);
if (st->ksleft > 0) {
j = MIN(st->ksleft, inlen);
for (i = 0; i < j; ++i, st->ksleft--) out[i] = in[i] ^ st->kstream[64 - st->ksleft];
inlen -= j;
if (inlen == 0) return CRYPT_OK;
out += j;
in += j;
}
for (;;) {
_salsa20_block(buf, st->input, st->rounds);
/* Salsa20: 64-bit IV, increment 64-bit counter */
if (0 == ++st->input[8] && 0 == ++st->input[9]) return CRYPT_OVERFLOW;
if (inlen <= 64) {
for (i = 0; i < inlen; ++i) out[i] = in[i] ^ buf[i];
st->ksleft = 64 - inlen;
for (i = inlen; i < 64; ++i) st->kstream[i] = buf[i];
return CRYPT_OK;
}
for (i = 0; i < 64; ++i) out[i] = in[i] ^ buf[i];
inlen -= 64;
out += 64;
in += 64;
}
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

30
src/stream/salsa20/salsa20_done.c Normal file
View File

@ -0,0 +1,30 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
#ifdef LTC_SALSA20
/**
Terminate and clear Salsa20 state
@param st The Salsa20 state
@return CRYPT_OK on success
*/
int salsa20_done(salsa20_state *st)
{
LTC_ARGCHK(st != NULL);
XMEMSET(st, 0, sizeof(salsa20_state));
return CRYPT_OK;
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

48
src/stream/salsa20/salsa20_ivctr64.c Normal file
View File

@ -0,0 +1,48 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/* The implementation is based on:
* "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf
* and salsa20-ref.c version 20051118
* Public domain from D. J. Bernstein
*/
#include "tomcrypt.h"
#ifdef LTC_SALSA20
/**
Set IV + counter data to the Salsa20 state
@param st The Salsa20 state
@param iv The IV data to add
@param ivlen The length of the IV (must be 8)
@param counter 64bit (unsigned) initial counter value
@return CRYPT_OK on success
*/
int salsa20_ivctr64(salsa20_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 counter)
{
LTC_ARGCHK(st != NULL);
LTC_ARGCHK(iv != NULL);
/* Salsa20: 64-bit IV (nonce) + 64-bit counter */
LTC_ARGCHK(ivlen == 8);
LOAD32L(st->input[6], iv + 0);
LOAD32L(st->input[7], iv + 4);
st->input[8] = (ulong32)(counter & 0xFFFFFFFF);
st->input[9] = (ulong32)(counter >> 32);
st->ksleft = 0;
st->ivlen = ivlen;
return CRYPT_OK;
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

39
src/stream/salsa20/salsa20_keystream.c Normal file
View File

@ -0,0 +1,39 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/* The implementation is based on:
* "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf
* and salsa20-ref.c version 20051118
* Public domain from D. J. Bernstein
*/
#include "tomcrypt.h"
#ifdef LTC_SALSA20
/**
Generate a stream of random bytes via Salsa20
@param st The Salsa20 state
@param out [out] The output buffer
@param outlen The output length
@return CRYPT_OK on success
*/
int salsa20_keystream(salsa20_state *st, unsigned char *out, unsigned long outlen)
{
if (outlen == 0) return CRYPT_OK; /* nothing to do */
LTC_ARGCHK(out != NULL);
XMEMSET(out, 0, outlen);
return salsa20_crypt(st, out, outlen, out);
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

69
src/stream/salsa20/salsa20_setup.c Normal file
View File

@ -0,0 +1,69 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/* The implementation is based on:
* "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf
* and salsa20-ref.c version 20051118
* Public domain from D. J. Bernstein
*/
#include "tomcrypt.h"
#ifdef LTC_SALSA20
static const char * const sigma = "expand 32-byte k";
static const char * const tau = "expand 16-byte k";
/**
Initialize an Salsa20 context (only the key)
@param st [out] The destination of the Salsa20 state
@param key The secret key
@param keylen The length of the secret key (octets)
@param rounds Number of rounds (e.g. 20 for Salsa20)
@return CRYPT_OK if successful
*/
int salsa20_setup(salsa20_state *st, const unsigned char *key, unsigned long keylen, int rounds)
{
const char *constants;
LTC_ARGCHK(st != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(keylen == 32 || keylen == 16);
if (rounds == 0) rounds = 20;
LTC_ARGCHK(rounds % 2 == 0); /* number of rounds must be evenly divisible by 2 */
LOAD32L(st->input[1], key + 0);
LOAD32L(st->input[2], key + 4);
LOAD32L(st->input[3], key + 8);
LOAD32L(st->input[4], key + 12);
if (keylen == 32) { /* 256bit */
key += 16;
constants = sigma;
} else { /* 128bit */
constants = tau;
}
LOAD32L(st->input[11], key + 0);
LOAD32L(st->input[12], key + 4);
LOAD32L(st->input[13], key + 8);
LOAD32L(st->input[14], key + 12);
LOAD32L(st->input[ 0], constants + 0);
LOAD32L(st->input[ 5], constants + 4);
LOAD32L(st->input[10], constants + 8);
LOAD32L(st->input[15], constants + 12);
st->rounds = rounds; /* default is 20 for salsa20 */
st->ivlen = 0; /* will be set later by salsa20_ivctr(32|64) */
return CRYPT_OK;
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

91
src/stream/salsa20/salsa20_test.c Normal file
View File

@ -0,0 +1,91 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/* The implementation is based on:
* "Salsa20 specification", http://cr.yp.to/snuffle/spec.pdf
* and salsa20-ref.c version 20051118
* Public domain from D. J. Bernstein
*/
#include "tomcrypt.h"
#ifdef LTC_SALSA20
int salsa20_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
salsa20_state st;
unsigned char k[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f };
unsigned char n[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4a };
unsigned char ct[] = { 0x37, 0x37, 0x2e, 0x60, 0xb8, 0xae, 0x88, 0x1f, 0xf8, 0xdf, 0x00, 0x26, 0x6c, 0x30, 0x34, 0x2d,
0xa1, 0xd7, 0x79, 0x60, 0x67, 0x72, 0xe0, 0x67, 0x26, 0x22, 0xad, 0x00, 0x9e, 0xd5, 0x59, 0x44,
0x51, 0xd9, 0xe6, 0xaa, 0xc9, 0x59, 0x9e, 0x60, 0xff, 0x87, 0x90, 0xc1, 0xc9, 0x1e };
unsigned char ct2[] = { 0xec, 0x06, 0x32, 0xb3, 0x83, 0x5c, 0xae, 0x91, 0x01, 0x82, 0x7a, 0x71, 0xd9, 0x7d, 0x45, 0xd7,
0xa6, 0x5b, 0xa0, 0x89, 0x9d, 0xd2, 0x6c, 0xaa, 0xbb, 0x2f, 0x5f, 0x30, 0x89, 0x54, 0xff, 0x3e,
0x83, 0xc3, 0x34, 0x10, 0xb6, 0xe1, 0xab, 0xe7, 0xf5, 0xab, 0xab, 0xed, 0xa4, 0xff };
char pt[] = "Kilroy was here, and there. ...and everywhere!"; /* len = 46 bytes */
unsigned long len;
unsigned char out[1000];
int counter;
int rounds;
int err;
len = strlen(pt);
/* crypt piece by piece */
counter = 0;
rounds = 12;
if ((err = salsa20_setup(&st, k, sizeof(k), rounds)) != CRYPT_OK) return err;
if ((err = salsa20_ivctr64(&st, n, sizeof(n), counter)) != CRYPT_OK) return err;
if ((err = salsa20_crypt(&st, (unsigned char*)pt, 5, out)) != CRYPT_OK) return err;
if ((err = salsa20_crypt(&st, (unsigned char*)pt + 5, 25, out + 5)) != CRYPT_OK) return err;
if ((err = salsa20_crypt(&st, (unsigned char*)pt + 30, 10, out + 30)) != CRYPT_OK) return err;
if ((err = salsa20_crypt(&st, (unsigned char*)pt + 40, len - 40, out + 40)) != CRYPT_OK) return err;
if (compare_testvector(out, len, ct, sizeof(ct), "SALSA20-TV1", 1)) return CRYPT_FAIL_TESTVECTOR;
/* crypt in one go - using salsa20_ivctr64() */
counter = 0;
rounds = 20;
if ((err = salsa20_setup(&st, k, sizeof(k), rounds)) != CRYPT_OK) return err;
if ((err = salsa20_ivctr64(&st, n, sizeof(n), counter)) != CRYPT_OK) return err;
if ((err = salsa20_crypt(&st, (unsigned char*)pt, len, out)) != CRYPT_OK) return err;
if (compare_testvector(out, len, ct2, sizeof(ct), "SALSA20-TV2", 1)) return CRYPT_FAIL_TESTVECTOR;
{
/* keystream
* http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/verified.test-vectors?rev=161&view=markup
* Set 6, vector 0
*/
unsigned char k3[] = { 0x00, 0x53, 0xA6, 0xF9, 0x4C, 0x9F, 0xF2, 0x45, 0x98, 0xEB, 0x3E, 0x91, 0xE4, 0x37, 0x8A, 0xDD,
0x30, 0x83, 0xD6, 0x29, 0x7C, 0xCF, 0x22, 0x75, 0xC8, 0x1B, 0x6E, 0xC1, 0x14, 0x67, 0xBA, 0x0D };
unsigned char n3[] = { 0x0D, 0x74, 0xDB, 0x42, 0xA9, 0x10, 0x77, 0xDE };
unsigned char ct3[] = { 0xF5, 0xFA, 0xD5, 0x3F, 0x79, 0xF9, 0xDF, 0x58, 0xC4, 0xAE, 0xA0, 0xD0, 0xED, 0x9A, 0x96, 0x01,
0xF2, 0x78, 0x11, 0x2C, 0xA7, 0x18, 0x0D, 0x56, 0x5B, 0x42, 0x0A, 0x48, 0x01, 0x96, 0x70, 0xEA,
0xF2, 0x4C, 0xE4, 0x93, 0xA8, 0x62, 0x63, 0xF6, 0x77, 0xB4, 0x6A, 0xCE, 0x19, 0x24, 0x77, 0x3D,
0x2B, 0xB2, 0x55, 0x71, 0xE1, 0xAA, 0x85, 0x93, 0x75, 0x8F, 0xC3, 0x82, 0xB1, 0x28, 0x0B, 0x71 };
int counter3 = 0;
int rounds3 = 20;
if ((err = salsa20_setup(&st, k3, sizeof(k3), rounds3)) != CRYPT_OK) return err;
if ((err = salsa20_ivctr64(&st, n3, sizeof(n3), counter3)) != CRYPT_OK) return err;
if ((err = salsa20_keystream(&st, out, 64)) != CRYPT_OK) return err;
if ((err = salsa20_done(&st)) != CRYPT_OK) return err;
if (compare_testvector(out, 64, ct3, sizeof(ct3), "SALSA20-TV3", 1)) return CRYPT_FAIL_TESTVECTOR;
}
return CRYPT_OK;
#endif
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

819
src/stream/sosemanuk/sosemanuk.c Normal file
View File

@ -0,0 +1,819 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
/*
* This LTC implementation was adapted from:
* http://www.ecrypt.eu.org/stream/e2-sosemanuk.html
*/
/*
* SOSEMANUK reference implementation.
*
* This code is supposed to run on any conforming C implementation (C90
* or later).
*
* (c) 2005 X-CRYPT project. This software is provided 'as-is', without
* any express or implied warranty. In no event will the authors be held
* liable for any damages arising from the use of this software.
*
* Permission is granted to anyone to use this software for any purpose,
* including commercial applications, and to alter it and redistribute it
* freely, subject to no restriction.
*
* Technical remarks and questions can be addressed to
* <thomas.pornin@cryptolog.com>
*/
#include "tomcrypt.h"
#ifdef LTC_SOSEMANUK
/* ======================================================================== */
/*
* We want (and sometimes need) to perform explicit truncations to 32 bits.
*/
#define T32(x) ((x) & (ulong32)0xFFFFFFFF)
/*
* Some of our functions will be tagged as "inline" to help the compiler
* optimize things. We use "inline" only if the compiler is advanced
* enough to understand it; C99 compilers, and pre-C99 versions of gcc,
* understand enough "inline" for our purposes.
*/
/* ======================================================================== */
/*
* Serpent S-boxes, implemented in bitslice mode. These circuits have
* been published by Dag Arne Osvik ("Speeding up Serpent", published in
* the 3rd AES Candidate Conference) and work on five 32-bit registers:
* the four inputs, and a fifth scratch register. There are meant to be
* quite fast on Pentium-class processors. These are not the fastest
* published, but they are "fast enough" and they are unencumbered as
* far as intellectual property is concerned (note: these are rewritten
* from the article itself, and hence are not covered by the GPL on
* Dag's code, which was not used here).
*
* The output bits are permuted. Here is the correspondance:
* S0: 1420
* S1: 2031
* S2: 2314
* S3: 1234
* S4: 1403
* S5: 1302
* S6: 0142
* S7: 4310
* (for instance, the output of S0 is in "r1, r4, r2, r0").
*/
#define S0(r0, r1, r2, r3, r4) do { \
r3 ^= r0; r4 = r1; \
r1 &= r3; r4 ^= r2; \
r1 ^= r0; r0 |= r3; \
r0 ^= r4; r4 ^= r3; \
r3 ^= r2; r2 |= r1; \
r2 ^= r4; r4 = ~r4; \
r4 |= r1; r1 ^= r3; \
r1 ^= r4; r3 |= r0; \
r1 ^= r3; r4 ^= r3; \
} while (0)
#define S1(r0, r1, r2, r3, r4) do { \
r0 = ~r0; r2 = ~r2; \
r4 = r0; r0 &= r1; \
r2 ^= r0; r0 |= r3; \
r3 ^= r2; r1 ^= r0; \
r0 ^= r4; r4 |= r1; \
r1 ^= r3; r2 |= r0; \
r2 &= r4; r0 ^= r1; \
r1 &= r2; \
r1 ^= r0; r0 &= r2; \
r0 ^= r4; \
} while (0)
#define S2(r0, r1, r2, r3, r4) do { \
r4 = r0; r0 &= r2; \
r0 ^= r3; r2 ^= r1; \
r2 ^= r0; r3 |= r4; \
r3 ^= r1; r4 ^= r2; \
r1 = r3; r3 |= r4; \
r3 ^= r0; r0 &= r1; \
r4 ^= r0; r1 ^= r3; \
r1 ^= r4; r4 = ~r4; \
} while (0)
#define S3(r0, r1, r2, r3, r4) do { \
r4 = r0; r0 |= r3; \
r3 ^= r1; r1 &= r4; \
r4 ^= r2; r2 ^= r3; \
r3 &= r0; r4 |= r1; \
r3 ^= r4; r0 ^= r1; \
r4 &= r0; r1 ^= r3; \
r4 ^= r2; r1 |= r0; \
r1 ^= r2; r0 ^= r3; \
r2 = r1; r1 |= r3; \
r1 ^= r0; \
} while (0)
#define S4(r0, r1, r2, r3, r4) do { \
r1 ^= r3; r3 = ~r3; \
r2 ^= r3; r3 ^= r0; \
r4 = r1; r1 &= r3; \
r1 ^= r2; r4 ^= r3; \
r0 ^= r4; r2 &= r4; \
r2 ^= r0; r0 &= r1; \
r3 ^= r0; r4 |= r1; \
r4 ^= r0; r0 |= r3; \
r0 ^= r2; r2 &= r3; \
r0 = ~r0; r4 ^= r2; \
} while (0)
#define S5(r0, r1, r2, r3, r4) do { \
r0 ^= r1; r1 ^= r3; \
r3 = ~r3; r4 = r1; \
r1 &= r0; r2 ^= r3; \
r1 ^= r2; r2 |= r4; \
r4 ^= r3; r3 &= r1; \
r3 ^= r0; r4 ^= r1; \
r4 ^= r2; r2 ^= r0; \
r0 &= r3; r2 = ~r2; \
r0 ^= r4; r4 |= r3; \
r2 ^= r4; \
} while (0)
#define S6(r0, r1, r2, r3, r4) do { \
r2 = ~r2; r4 = r3; \
r3 &= r0; r0 ^= r4; \
r3 ^= r2; r2 |= r4; \
r1 ^= r3; r2 ^= r0; \
r0 |= r1; r2 ^= r1; \
r4 ^= r0; r0 |= r3; \
r0 ^= r2; r4 ^= r3; \
r4 ^= r0; r3 = ~r3; \
r2 &= r4; \
r2 ^= r3; \
} while (0)
#define S7(r0, r1, r2, r3, r4) do { \
r4 = r1; r1 |= r2; \
r1 ^= r3; r4 ^= r2; \
r2 ^= r1; r3 |= r4; \
r3 &= r0; r4 ^= r2; \
r3 ^= r1; r1 |= r4; \
r1 ^= r0; r0 |= r4; \
r0 ^= r2; r1 ^= r4; \
r2 ^= r1; r1 &= r0; \
r1 ^= r4; r2 = ~r2; \
r2 |= r0; \
r4 ^= r2; \
} while (0)
/*
* The Serpent linear transform.
*/
#define SERPENT_LT(x0, x1, x2, x3) do { \
x0 = ROLc(x0, 13); \
x2 = ROLc(x2, 3); \
x1 = x1 ^ x0 ^ x2; \
x3 = x3 ^ x2 ^ T32(x0 << 3); \
x1 = ROLc(x1, 1); \
x3 = ROLc(x3, 7); \
x0 = x0 ^ x1 ^ x3; \
x2 = x2 ^ x3 ^ T32(x1 << 7); \
x0 = ROLc(x0, 5); \
x2 = ROLc(x2, 22); \
} while (0)
/* ======================================================================== */
/*
* Key schedule: initialize the key context structure with the provided
* secret key. The secret key is an array of 1 to 32 bytes.
* @param ss The Sosemanuk state
* @param key Key
* @param keylen Length of key
* @return CRYPT_OK on success
*/
int sosemanuk_setup(sosemanuk_state *ss, unsigned char *key, unsigned long keylen)
{
/*
* This key schedule is actually a truncated Serpent key schedule.
* The key-derived words (w_i) are computed within the eight
* local variables w0 to w7, which are reused again and again.
*/
#define SKS(S, o0, o1, o2, o3, d0, d1, d2, d3) do { \
ulong32 r0, r1, r2, r3, r4; \
r0 = w ## o0; \
r1 = w ## o1; \
r2 = w ## o2; \
r3 = w ## o3; \
S(r0, r1, r2, r3, r4); \
ss->kc[i ++] = r ## d0; \
ss->kc[i ++] = r ## d1; \
ss->kc[i ++] = r ## d2; \
ss->kc[i ++] = r ## d3; \
} while (0)
#define SKS0 SKS(S0, 4, 5, 6, 7, 1, 4, 2, 0)
#define SKS1 SKS(S1, 0, 1, 2, 3, 2, 0, 3, 1)
#define SKS2 SKS(S2, 4, 5, 6, 7, 2, 3, 1, 4)
#define SKS3 SKS(S3, 0, 1, 2, 3, 1, 2, 3, 4)
#define SKS4 SKS(S4, 4, 5, 6, 7, 1, 4, 0, 3)
#define SKS5 SKS(S5, 0, 1, 2, 3, 1, 3, 0, 2)
#define SKS6 SKS(S6, 4, 5, 6, 7, 0, 1, 4, 2)
#define SKS7 SKS(S7, 0, 1, 2, 3, 4, 3, 1, 0)
#define WUP(wi, wi5, wi3, wi1, cc) do { \
ulong32 tt = (wi) ^ (wi5) ^ (wi3) \
^ (wi1) ^ (0x9E3779B9 ^ (ulong32)(cc)); \
(wi) = ROLc(tt, 11); \
} while (0)
#define WUP0(cc) do { \
WUP(w0, w3, w5, w7, cc); \
WUP(w1, w4, w6, w0, cc + 1); \
WUP(w2, w5, w7, w1, cc + 2); \
WUP(w3, w6, w0, w2, cc + 3); \
} while (0)
#define WUP1(cc) do { \
WUP(w4, w7, w1, w3, cc); \
WUP(w5, w0, w2, w4, cc + 1); \
WUP(w6, w1, w3, w5, cc + 2); \
WUP(w7, w2, w4, w6, cc + 3); \
} while (0)
unsigned char wbuf[32];
ulong32 w0, w1, w2, w3, w4, w5, w6, w7;
int i = 0;
LTC_ARGCHK(ss != NULL);
LTC_ARGCHK(key != NULL);
/*
* The key is copied into the wbuf[] buffer and padded to 256 bits
* as described in the Serpent specification.
*/
if (keylen == 0 || keylen > 32) {
fprintf(stderr, "invalid key size: %lu\n",
(unsigned long)keylen);
exit(EXIT_FAILURE);
}
XMEMCPY(wbuf, key, keylen);
if (keylen < 32) {
wbuf[keylen] = 0x01;
if (keylen < 31)
XMEMSET(wbuf + keylen + 1, 0, 31 - keylen);
}
LOAD32L(w0, wbuf);
LOAD32L(w1, wbuf + 4);
LOAD32L(w2, wbuf + 8);
LOAD32L(w3, wbuf + 12);
LOAD32L(w4, wbuf + 16);
LOAD32L(w5, wbuf + 20);
LOAD32L(w6, wbuf + 24);
LOAD32L(w7, wbuf + 28);
WUP0(0); SKS3;
WUP1(4); SKS2;
WUP0(8); SKS1;
WUP1(12); SKS0;
WUP0(16); SKS7;
WUP1(20); SKS6;
WUP0(24); SKS5;
WUP1(28); SKS4;
WUP0(32); SKS3;
WUP1(36); SKS2;
WUP0(40); SKS1;
WUP1(44); SKS0;
WUP0(48); SKS7;
WUP1(52); SKS6;
WUP0(56); SKS5;
WUP1(60); SKS4;
WUP0(64); SKS3;
WUP1(68); SKS2;
WUP0(72); SKS1;
WUP1(76); SKS0;
WUP0(80); SKS7;
WUP1(84); SKS6;
WUP0(88); SKS5;
WUP1(92); SKS4;
WUP0(96); SKS3;
#undef SKS
#undef SKS0
#undef SKS1
#undef SKS2
#undef SKS3
#undef SKS4
#undef SKS5
#undef SKS6
#undef SKS7
#undef WUP
#undef WUP0
#undef WUP1
/*
* Initialize with a zero-value iv to ensure state is correct in the
* event user fails to call setiv().
*/
return sosemanuk_setiv(ss, NULL, 0);
}
/*
* Cipher initialization: the cipher internal state is initialized, using
* the provided key context and IV. The IV length is up to 16 bytes. If
* "ivlen" is 0 (no IV), then the "iv" parameter can be NULL.
* @param ss The Sosemanuk state
* @param iv Initialization vector
* @param ivlen Length of iv
* @return CRYPT_OK on success
*/
int sosemanuk_setiv(sosemanuk_state *ss, unsigned char *iv, unsigned long ivlen)
{
/*
* The Serpent key addition step.
*/
#define KA(zc, x0, x1, x2, x3) do { \
x0 ^= ss->kc[(zc)]; \
x1 ^= ss->kc[(zc) + 1]; \
x2 ^= ss->kc[(zc) + 2]; \
x3 ^= ss->kc[(zc) + 3]; \
} while (0)
/*
* One Serpent round.
* zc = current subkey counter
* S = S-box macro for this round
* i0 to i4 = input register numbers (the fifth is a scratch register)
* o0 to o3 = output register numbers
*/
#define FSS(zc, S, i0, i1, i2, i3, i4, o0, o1, o2, o3) do { \
KA(zc, r ## i0, r ## i1, r ## i2, r ## i3); \
S(r ## i0, r ## i1, r ## i2, r ## i3, r ## i4); \
SERPENT_LT(r ## o0, r ## o1, r ## o2, r ## o3); \
} while (0)
/*
* Last Serpent round. Contrary to the "true" Serpent, we keep
* the linear transformation for that last round.
*/
#define FSF(zc, S, i0, i1, i2, i3, i4, o0, o1, o2, o3) do { \
KA(zc, r ## i0, r ## i1, r ## i2, r ## i3); \
S(r ## i0, r ## i1, r ## i2, r ## i3, r ## i4); \
SERPENT_LT(r ## o0, r ## o1, r ## o2, r ## o3); \
KA(zc + 4, r ## o0, r ## o1, r ## o2, r ## o3); \
} while (0)
ulong32 r0, r1, r2, r3, r4;
unsigned char ivtmp[16] = {0};
LTC_ARGCHK(ss != NULL);
LTC_ARGCHK(ivlen <= 16);
LTC_ARGCHK(iv != NULL || ivlen == 0);
if (ivlen > 0) XMEMCPY(ivtmp, iv, ivlen);
/*
* Decode IV into four 32-bit words (little-endian).
*/
LOAD32L(r0, ivtmp);
LOAD32L(r1, ivtmp + 4);
LOAD32L(r2, ivtmp + 8);
LOAD32L(r3, ivtmp + 12);
/*
* Encrypt IV with Serpent24. Some values are extracted from the
* output of the twelfth, eighteenth and twenty-fourth rounds.
*/
FSS(0, S0, 0, 1, 2, 3, 4, 1, 4, 2, 0);
FSS(4, S1, 1, 4, 2, 0, 3, 2, 1, 0, 4);
FSS(8, S2, 2, 1, 0, 4, 3, 0, 4, 1, 3);
FSS(12, S3, 0, 4, 1, 3, 2, 4, 1, 3, 2);
FSS(16, S4, 4, 1, 3, 2, 0, 1, 0, 4, 2);
FSS(20, S5, 1, 0, 4, 2, 3, 0, 2, 1, 4);
FSS(24, S6, 0, 2, 1, 4, 3, 0, 2, 3, 1);
FSS(28, S7, 0, 2, 3, 1, 4, 4, 1, 2, 0);
FSS(32, S0, 4, 1, 2, 0, 3, 1, 3, 2, 4);
FSS(36, S1, 1, 3, 2, 4, 0, 2, 1, 4, 3);
FSS(40, S2, 2, 1, 4, 3, 0, 4, 3, 1, 0);
FSS(44, S3, 4, 3, 1, 0, 2, 3, 1, 0, 2);
ss->s09 = r3;
ss->s08 = r1;
ss->s07 = r0;
ss->s06 = r2;
FSS(48, S4, 3, 1, 0, 2, 4, 1, 4, 3, 2);
FSS(52, S5, 1, 4, 3, 2, 0, 4, 2, 1, 3);
FSS(56, S6, 4, 2, 1, 3, 0, 4, 2, 0, 1);
FSS(60, S7, 4, 2, 0, 1, 3, 3, 1, 2, 4);
FSS(64, S0, 3, 1, 2, 4, 0, 1, 0, 2, 3);
FSS(68, S1, 1, 0, 2, 3, 4, 2, 1, 3, 0);
ss->r1 = r2;
ss->s04 = r1;
ss->r2 = r3;
ss->s05 = r0;
FSS(72, S2, 2, 1, 3, 0, 4, 3, 0, 1, 4);
FSS(76, S3, 3, 0, 1, 4, 2, 0, 1, 4, 2);
FSS(80, S4, 0, 1, 4, 2, 3, 1, 3, 0, 2);
FSS(84, S5, 1, 3, 0, 2, 4, 3, 2, 1, 0);
FSS(88, S6, 3, 2, 1, 0, 4, 3, 2, 4, 1);
FSF(92, S7, 3, 2, 4, 1, 0, 0, 1, 2, 3);
ss->s03 = r0;
ss->s02 = r1;
ss->s01 = r2;
ss->s00 = r3;
ss->ptr = sizeof(ss->buf);
#undef KA
#undef FSS
#undef FSF
return CRYPT_OK;
}
/*
* Multiplication by alpha: alpha * x = T32(x << 8) ^ mul_a[x >> 24]
*/
static const ulong32 mul_a[] = {
0x00000000, 0xE19FCF13, 0x6B973726, 0x8A08F835,
0xD6876E4C, 0x3718A15F, 0xBD10596A, 0x5C8F9679,
0x05A7DC98, 0xE438138B, 0x6E30EBBE, 0x8FAF24AD,
0xD320B2D4, 0x32BF7DC7, 0xB8B785F2, 0x59284AE1,
0x0AE71199, 0xEB78DE8A, 0x617026BF, 0x80EFE9AC,
0xDC607FD5, 0x3DFFB0C6, 0xB7F748F3, 0x566887E0,
0x0F40CD01, 0xEEDF0212, 0x64D7FA27, 0x85483534,
0xD9C7A34D, 0x38586C5E, 0xB250946B, 0x53CF5B78,
0x1467229B, 0xF5F8ED88, 0x7FF015BD, 0x9E6FDAAE,
0xC2E04CD7, 0x237F83C4, 0xA9777BF1, 0x48E8B4E2,
0x11C0FE03, 0xF05F3110, 0x7A57C925, 0x9BC80636,
0xC747904F, 0x26D85F5C, 0xACD0A769, 0x4D4F687A,
0x1E803302, 0xFF1FFC11, 0x75170424, 0x9488CB37,
0xC8075D4E, 0x2998925D, 0xA3906A68, 0x420FA57B,
0x1B27EF9A, 0xFAB82089, 0x70B0D8BC, 0x912F17AF,
0xCDA081D6, 0x2C3F4EC5, 0xA637B6F0, 0x47A879E3,
0x28CE449F, 0xC9518B8C, 0x435973B9, 0xA2C6BCAA,
0xFE492AD3, 0x1FD6E5C0, 0x95DE1DF5, 0x7441D2E6,
0x2D699807, 0xCCF65714, 0x46FEAF21, 0xA7616032,
0xFBEEF64B, 0x1A713958, 0x9079C16D, 0x71E60E7E,
0x22295506, 0xC3B69A15, 0x49BE6220, 0xA821AD33,
0xF4AE3B4A, 0x1531F459, 0x9F390C6C, 0x7EA6C37F,
0x278E899E, 0xC611468D, 0x4C19BEB8, 0xAD8671AB,
0xF109E7D2, 0x109628C1, 0x9A9ED0F4, 0x7B011FE7,
0x3CA96604, 0xDD36A917, 0x573E5122, 0xB6A19E31,
0xEA2E0848, 0x0BB1C75B, 0x81B93F6E, 0x6026F07D,
0x390EBA9C, 0xD891758F, 0x52998DBA, 0xB30642A9,
0xEF89D4D0, 0x0E161BC3, 0x841EE3F6, 0x65812CE5,
0x364E779D, 0xD7D1B88E, 0x5DD940BB, 0xBC468FA8,
0xE0C919D1, 0x0156D6C2, 0x8B5E2EF7, 0x6AC1E1E4,
0x33E9AB05, 0xD2766416, 0x587E9C23, 0xB9E15330,
0xE56EC549, 0x04F10A5A, 0x8EF9F26F, 0x6F663D7C,
0x50358897, 0xB1AA4784, 0x3BA2BFB1, 0xDA3D70A2,
0x86B2E6DB, 0x672D29C8, 0xED25D1FD, 0x0CBA1EEE,
0x5592540F, 0xB40D9B1C, 0x3E056329, 0xDF9AAC3A,
0x83153A43, 0x628AF550, 0xE8820D65, 0x091DC276,
0x5AD2990E, 0xBB4D561D, 0x3145AE28, 0xD0DA613B,
0x8C55F742, 0x6DCA3851, 0xE7C2C064, 0x065D0F77,
0x5F754596, 0xBEEA8A85, 0x34E272B0, 0xD57DBDA3,
0x89F22BDA, 0x686DE4C9, 0xE2651CFC, 0x03FAD3EF,
0x4452AA0C, 0xA5CD651F, 0x2FC59D2A, 0xCE5A5239,
0x92D5C440, 0x734A0B53, 0xF942F366, 0x18DD3C75,
0x41F57694, 0xA06AB987, 0x2A6241B2, 0xCBFD8EA1,
0x977218D8, 0x76EDD7CB, 0xFCE52FFE, 0x1D7AE0ED,
0x4EB5BB95, 0xAF2A7486, 0x25228CB3, 0xC4BD43A0,
0x9832D5D9, 0x79AD1ACA, 0xF3A5E2FF, 0x123A2DEC,
0x4B12670D, 0xAA8DA81E, 0x2085502B, 0xC11A9F38,
0x9D950941, 0x7C0AC652, 0xF6023E67, 0x179DF174,
0x78FBCC08, 0x9964031B, 0x136CFB2E, 0xF2F3343D,
0xAE7CA244, 0x4FE36D57, 0xC5EB9562, 0x24745A71,
0x7D5C1090, 0x9CC3DF83, 0x16CB27B6, 0xF754E8A5,
0xABDB7EDC, 0x4A44B1CF, 0xC04C49FA, 0x21D386E9,
0x721CDD91, 0x93831282, 0x198BEAB7, 0xF81425A4,
0xA49BB3DD, 0x45047CCE, 0xCF0C84FB, 0x2E934BE8,
0x77BB0109, 0x9624CE1A, 0x1C2C362F, 0xFDB3F93C,
0xA13C6F45, 0x40A3A056, 0xCAAB5863, 0x2B349770,
0x6C9CEE93, 0x8D032180, 0x070BD9B5, 0xE69416A6,
0xBA1B80DF, 0x5B844FCC, 0xD18CB7F9, 0x301378EA,
0x693B320B, 0x88A4FD18, 0x02AC052D, 0xE333CA3E,
0xBFBC5C47, 0x5E239354, 0xD42B6B61, 0x35B4A472,
0x667BFF0A, 0x87E43019, 0x0DECC82C, 0xEC73073F,
0xB0FC9146, 0x51635E55, 0xDB6BA660, 0x3AF46973,
0x63DC2392, 0x8243EC81, 0x084B14B4, 0xE9D4DBA7,
0xB55B4DDE, 0x54C482CD, 0xDECC7AF8, 0x3F53B5EB
};
/*
* Multiplication by 1/alpha: 1/alpha * x = (x >> 8) ^ mul_ia[x & 0xFF]
*/
static const ulong32 mul_ia[] = {
0x00000000, 0x180F40CD, 0x301E8033, 0x2811C0FE,
0x603CA966, 0x7833E9AB, 0x50222955, 0x482D6998,
0xC078FBCC, 0xD877BB01, 0xF0667BFF, 0xE8693B32,
0xA04452AA, 0xB84B1267, 0x905AD299, 0x88559254,
0x29F05F31, 0x31FF1FFC, 0x19EEDF02, 0x01E19FCF,
0x49CCF657, 0x51C3B69A, 0x79D27664, 0x61DD36A9,
0xE988A4FD, 0xF187E430, 0xD99624CE, 0xC1996403,
0x89B40D9B, 0x91BB4D56, 0xB9AA8DA8, 0xA1A5CD65,
0x5249BE62, 0x4A46FEAF, 0x62573E51, 0x7A587E9C,
0x32751704, 0x2A7A57C9, 0x026B9737, 0x1A64D7FA,
0x923145AE, 0x8A3E0563, 0xA22FC59D, 0xBA208550,
0xF20DECC8, 0xEA02AC05, 0xC2136CFB, 0xDA1C2C36,
0x7BB9E153, 0x63B6A19E, 0x4BA76160, 0x53A821AD,
0x1B854835, 0x038A08F8, 0x2B9BC806, 0x339488CB,
0xBBC11A9F, 0xA3CE5A52, 0x8BDF9AAC, 0x93D0DA61,
0xDBFDB3F9, 0xC3F2F334, 0xEBE333CA, 0xF3EC7307,
0xA492D5C4, 0xBC9D9509, 0x948C55F7, 0x8C83153A,
0xC4AE7CA2, 0xDCA13C6F, 0xF4B0FC91, 0xECBFBC5C,
0x64EA2E08, 0x7CE56EC5, 0x54F4AE3B, 0x4CFBEEF6,
0x04D6876E, 0x1CD9C7A3, 0x34C8075D, 0x2CC74790,
0x8D628AF5, 0x956DCA38, 0xBD7C0AC6, 0xA5734A0B,
0xED5E2393, 0xF551635E, 0xDD40A3A0, 0xC54FE36D,
0x4D1A7139, 0x551531F4, 0x7D04F10A, 0x650BB1C7,
0x2D26D85F, 0x35299892, 0x1D38586C, 0x053718A1,
0xF6DB6BA6, 0xEED42B6B, 0xC6C5EB95, 0xDECAAB58,
0x96E7C2C0, 0x8EE8820D, 0xA6F942F3, 0xBEF6023E,
0x36A3906A, 0x2EACD0A7, 0x06BD1059, 0x1EB25094,
0x569F390C, 0x4E9079C1, 0x6681B93F, 0x7E8EF9F2,
0xDF2B3497, 0xC724745A, 0xEF35B4A4, 0xF73AF469,
0xBF179DF1, 0xA718DD3C, 0x8F091DC2, 0x97065D0F,
0x1F53CF5B, 0x075C8F96, 0x2F4D4F68, 0x37420FA5,
0x7F6F663D, 0x676026F0, 0x4F71E60E, 0x577EA6C3,
0xE18D0321, 0xF98243EC, 0xD1938312, 0xC99CC3DF,
0x81B1AA47, 0x99BEEA8A, 0xB1AF2A74, 0xA9A06AB9,
0x21F5F8ED, 0x39FAB820, 0x11EB78DE, 0x09E43813,
0x41C9518B, 0x59C61146, 0x71D7D1B8, 0x69D89175,
0xC87D5C10, 0xD0721CDD, 0xF863DC23, 0xE06C9CEE,
0xA841F576, 0xB04EB5BB, 0x985F7545, 0x80503588,
0x0805A7DC, 0x100AE711, 0x381B27EF, 0x20146722,
0x68390EBA, 0x70364E77, 0x58278E89, 0x4028CE44,
0xB3C4BD43, 0xABCBFD8E, 0x83DA3D70, 0x9BD57DBD,
0xD3F81425, 0xCBF754E8, 0xE3E69416, 0xFBE9D4DB,
0x73BC468F, 0x6BB30642, 0x43A2C6BC, 0x5BAD8671,
0x1380EFE9, 0x0B8FAF24, 0x239E6FDA, 0x3B912F17,
0x9A34E272, 0x823BA2BF, 0xAA2A6241, 0xB225228C,
0xFA084B14, 0xE2070BD9, 0xCA16CB27, 0xD2198BEA,
0x5A4C19BE, 0x42435973, 0x6A52998D, 0x725DD940,
0x3A70B0D8, 0x227FF015, 0x0A6E30EB, 0x12617026,
0x451FD6E5, 0x5D109628, 0x750156D6, 0x6D0E161B,
0x25237F83, 0x3D2C3F4E, 0x153DFFB0, 0x0D32BF7D,
0x85672D29, 0x9D686DE4, 0xB579AD1A, 0xAD76EDD7,
0xE55B844F, 0xFD54C482, 0xD545047C, 0xCD4A44B1,
0x6CEF89D4, 0x74E0C919, 0x5CF109E7, 0x44FE492A,
0x0CD320B2, 0x14DC607F, 0x3CCDA081, 0x24C2E04C,
0xAC977218, 0xB49832D5, 0x9C89F22B, 0x8486B2E6,
0xCCABDB7E, 0xD4A49BB3, 0xFCB55B4D, 0xE4BA1B80,
0x17566887, 0x0F59284A, 0x2748E8B4, 0x3F47A879,
0x776AC1E1, 0x6F65812C, 0x477441D2, 0x5F7B011F,
0xD72E934B, 0xCF21D386, 0xE7301378, 0xFF3F53B5,
0xB7123A2D, 0xAF1D7AE0, 0x870CBA1E, 0x9F03FAD3,
0x3EA637B6, 0x26A9777B, 0x0EB8B785, 0x16B7F748,
0x5E9A9ED0, 0x4695DE1D, 0x6E841EE3, 0x768B5E2E,
0xFEDECC7A, 0xE6D18CB7, 0xCEC04C49, 0xD6CF0C84,
0x9EE2651C, 0x86ED25D1, 0xAEFCE52F, 0xB6F3A5E2
};
/*
* Compute the next block of bits of output stream. This is equivalent
* to one full rotation of the shift register.
*/
static LTC_INLINE void _sosemanuk_internal(sosemanuk_state *ss)
{
/*
* MUL_A(x) computes alpha * x (in F_{2^32}).
* MUL_G(x) computes 1/alpha * x (in F_{2^32}).
*/
#define MUL_A(x) (T32((x) << 8) ^ mul_a[(x) >> 24])
#define MUL_G(x) (((x) >> 8) ^ mul_ia[(x) & 0xFF])
/*
* This macro computes the special multiplexer, which chooses
* between "x" and "x xor y", depending on the least significant
* bit of the control word. We use the C "?:" selection operator
* (which most compilers know how to optimise) except for Alpha,
* where the manual sign extension seems to perform equally well
* with DEC/Compaq/HP compiler, and much better with gcc.
*/
#ifdef __alpha
#define XMUX(c, x, y) ((((signed int)((c) << 31) >> 31) & (y)) ^ (x))
#else
#define XMUX(c, x, y) (((c) & 0x1) ? ((x) ^ (y)) : (x))
#endif
/*
* FSM() updates the finite state machine.
*/
#define FSM(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9) do { \
ulong32 tt, or1; \
tt = XMUX(r1, s ## x1, s ## x8); \
or1 = r1; \
r1 = T32(r2 + tt); \
tt = T32(or1 * 0x54655307); \
r2 = ROLc(tt, 7); \
} while (0)
/*
* LRU updates the shift register; the dropped value is stored
* in variable "dd".
*/
#define LRU(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, dd) do { \
dd = s ## x0; \
s ## x0 = MUL_A(s ## x0) ^ MUL_G(s ## x3) ^ s ## x9; \
} while (0)
/*
* CC1 stores into variable "ee" the next intermediate word
* (combination of the new states of the LFSR and the FSM).
*/
#define CC1(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, ee) do { \
ee = T32(s ## x9 + r1) ^ r2; \
} while (0)
/*
* STEP computes one internal round. "dd" receives the "s_t"
* value (dropped from the LFSR) and "ee" gets the value computed
* from the LFSR and FSM.
*/
#define STEP(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, dd, ee) do { \
FSM(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9); \
LRU(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, dd); \
CC1(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, ee); \
} while (0)
/*
* Apply one Serpent round (with the provided S-box macro), XOR
* the result with the "v" values, and encode the result into
* the destination buffer, at the provided offset. The "x*"
* arguments encode the output permutation of the "S" macro.
*/
#define SRD(S, x0, x1, x2, x3, ooff) do { \
S(u0, u1, u2, u3, u4); \
STORE32L(u ## x0 ^ v0, ss->buf + ooff); \
STORE32L(u ## x1 ^ v1, ss->buf + ooff + 4); \
STORE32L(u ## x2 ^ v2, ss->buf + ooff + 8); \
STORE32L(u ## x3 ^ v3, ss->buf + ooff + 12); \
} while (0)
ulong32 s00 = ss->s00;
ulong32 s01 = ss->s01;
ulong32 s02 = ss->s02;
ulong32 s03 = ss->s03;
ulong32 s04 = ss->s04;
ulong32 s05 = ss->s05;
ulong32 s06 = ss->s06;
ulong32 s07 = ss->s07;
ulong32 s08 = ss->s08;
ulong32 s09 = ss->s09;
ulong32 r1 = ss->r1;
ulong32 r2 = ss->r2;
ulong32 u0, u1, u2, u3, u4;
ulong32 v0, v1, v2, v3;
STEP(00, 01, 02, 03, 04, 05, 06, 07, 08, 09, v0, u0);
STEP(01, 02, 03, 04, 05, 06, 07, 08, 09, 00, v1, u1);
STEP(02, 03, 04, 05, 06, 07, 08, 09, 00, 01, v2, u2);
STEP(03, 04, 05, 06, 07, 08, 09, 00, 01, 02, v3, u3);
SRD(S2, 2, 3, 1, 4, 0);
STEP(04, 05, 06, 07, 08, 09, 00, 01, 02, 03, v0, u0);
STEP(05, 06, 07, 08, 09, 00, 01, 02, 03, 04, v1, u1);
STEP(06, 07, 08, 09, 00, 01, 02, 03, 04, 05, v2, u2);
STEP(07, 08, 09, 00, 01, 02, 03, 04, 05, 06, v3, u3);
SRD(S2, 2, 3, 1, 4, 16);
STEP(08, 09, 00, 01, 02, 03, 04, 05, 06, 07, v0, u0);
STEP(09, 00, 01, 02, 03, 04, 05, 06, 07, 08, v1, u1);
STEP(00, 01, 02, 03, 04, 05, 06, 07, 08, 09, v2, u2);
STEP(01, 02, 03, 04, 05, 06, 07, 08, 09, 00, v3, u3);
SRD(S2, 2, 3, 1, 4, 32);
STEP(02, 03, 04, 05, 06, 07, 08, 09, 00, 01, v0, u0);
STEP(03, 04, 05, 06, 07, 08, 09, 00, 01, 02, v1, u1);
STEP(04, 05, 06, 07, 08, 09, 00, 01, 02, 03, v2, u2);
STEP(05, 06, 07, 08, 09, 00, 01, 02, 03, 04, v3, u3);
SRD(S2, 2, 3, 1, 4, 48);
STEP(06, 07, 08, 09, 00, 01, 02, 03, 04, 05, v0, u0);
STEP(07, 08, 09, 00, 01, 02, 03, 04, 05, 06, v1, u1);
STEP(08, 09, 00, 01, 02, 03, 04, 05, 06, 07, v2, u2);
STEP(09, 00, 01, 02, 03, 04, 05, 06, 07, 08, v3, u3);
SRD(S2, 2, 3, 1, 4, 64);
ss->s00 = s00;
ss->s01 = s01;
ss->s02 = s02;
ss->s03 = s03;
ss->s04 = s04;
ss->s05 = s05;
ss->s06 = s06;
ss->s07 = s07;
ss->s08 = s08;
ss->s09 = s09;
ss->r1 = r1;
ss->r2 = r2;
}
/*
* Combine buffers in1[] and in2[] by XOR, result in out[]. The length
* is "datalen" (in bytes). Partial overlap of out[] with either in1[]
* or in2[] is not allowed. Total overlap (out == in1 and/or out == in2)
* is allowed.
*/
static LTC_INLINE void _xorbuf(const unsigned char *in1, const unsigned char *in2,
unsigned char *out, unsigned long datalen)
{
while (datalen -- > 0)
*out ++ = *in1 ++ ^ *in2 ++;
}
/*
* Cipher operation, as a stream cipher: data is read from the "in"
* buffer, combined by XOR with the stream, and the result is written
* in the "out" buffer. "in" and "out" must be either equal, or
* reference distinct buffers (no partial overlap is allowed).
* @param ss The Sosemanuk state
* @param in Data in
* @param out Data out
* @param datalen Length of data
* @return CRYPT_OK on success
*/
int sosemanuk_crypt(sosemanuk_state *ss,
const unsigned char *in, unsigned long datalen, unsigned char *out)
{
LTC_ARGCHK(ss != NULL);
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
if (ss->ptr < (sizeof(ss->buf))) {
unsigned long rlen = (sizeof(ss->buf)) - ss->ptr;
if (rlen > datalen)
rlen = datalen;
_xorbuf(ss->buf + ss->ptr, in, out, rlen);
in += rlen;
out += rlen;
datalen -= rlen;
ss->ptr += rlen;
}
while (datalen > 0) {
_sosemanuk_internal(ss);
if (datalen >= sizeof(ss->buf)) {
_xorbuf(ss->buf, in, out, sizeof(ss->buf));
in += sizeof(ss->buf);
out += sizeof(ss->buf);
datalen -= sizeof(ss->buf);
} else {
_xorbuf(ss->buf, in, out, datalen);
ss->ptr = datalen;
datalen = 0;
}
}
return CRYPT_OK;
}
/*
* Cipher operation, as a PRNG: the provided output buffer is filled with
* pseudo-random bytes as output from the stream cipher.
* @param ss The Sosemanuk state
* @param out Data out
* @param outlen Length of output
* @return CRYPT_OK on success
*/
int sosemanuk_keystream(sosemanuk_state *ss, unsigned char *out, unsigned long outlen)
{
if (outlen == 0) return CRYPT_OK; /* nothing to do */
LTC_ARGCHK(out != NULL);
XMEMSET(out, 0, outlen);
return sosemanuk_crypt(ss, out, outlen, out);
}
/*
* Terminate and clear Sosemanuk key context
* @param kc The Sosemanuk key context
* @return CRYPT_OK on success
*/
int sosemanuk_done(sosemanuk_state *ss)
{
LTC_ARGCHK(ss != NULL);
XMEMSET(ss, 0, sizeof(sosemanuk_state));
return CRYPT_OK;
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

84
src/stream/sosemanuk/sosemanuk_test.c Normal file
View File

@ -0,0 +1,84 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt.h"
#ifdef LTC_SOSEMANUK
int sosemanuk_test(void)
{
#ifndef LTC_TEST
return CRYPT_NOP;
#else
sosemanuk_state ss;
int err;
unsigned char out[1000];
{
unsigned char k[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f };
unsigned char n[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
unsigned char ct[] = { 0x7e, 0xfe, 0x2e, 0x6f, 0x8f, 0x77, 0x15, 0x72, 0x6a, 0x88, 0x14, 0xa6, 0x56, 0x88, 0x29, 0x9a,
0x86, 0x32, 0x7f, 0x14, 0xd6, 0xb1, 0x94, 0x90, 0x25, 0xbc, 0x73, 0xfd, 0x02, 0x6c, 0x6a, 0xb8,
0xda, 0x8e, 0x7f, 0x61, 0x70, 0x81, 0xe3, 0xbb, 0x99, 0xaf, 0x19, 0x9f, 0x20, 0x45 };
char pt[] = "Kilroy was here, and there. ...and everywhere!"; /* len = 46 bytes */
unsigned long len;
len = strlen(pt);
/* crypt piece by piece */
if ((err = sosemanuk_setup(&ss, k, sizeof(k))) != CRYPT_OK) return err;
if ((err = sosemanuk_setiv(&ss, n, sizeof(n))) != CRYPT_OK) return err;
if ((err = sosemanuk_crypt(&ss, (unsigned char*)pt, 5, out)) != CRYPT_OK) return err;
if ((err = sosemanuk_crypt(&ss, (unsigned char*)pt + 5, 25, out + 5)) != CRYPT_OK) return err;
if ((err = sosemanuk_crypt(&ss, (unsigned char*)pt + 30, 10, out + 30)) != CRYPT_OK) return err;
if ((err = sosemanuk_crypt(&ss, (unsigned char*)pt + 40, len - 40, out + 40)) != CRYPT_OK) return err;
if (compare_testvector(out, len, ct, sizeof(ct), "SOSEMANUK-TV1", 1)) return CRYPT_FAIL_TESTVECTOR;
/* crypt in one go - using sosemanuk_ivctr64() */
if ((err = sosemanuk_setup(&ss, k, sizeof(k))) != CRYPT_OK) return err;
if ((err = sosemanuk_setiv(&ss, n, sizeof(n))) != CRYPT_OK) return err;
if ((err = sosemanuk_crypt(&ss, (unsigned char*)pt, len, out)) != CRYPT_OK) return err;
if (compare_testvector(out, len, ct, sizeof(ct), "SOSEMANUK-TV2", 1)) return CRYPT_FAIL_TESTVECTOR;
}
{
/* keystream
* http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/sosemanuk/unverified.test-vectors?rev=210&view=auto
* Set 6, vector 0
* key = 0053A6F94C9FF24598EB3E91E4378ADD
* 3083D6297CCF2275C81B6EC11467BA0D
* IV = 0D74DB42A91077DE45AC137AE148AF16
* stream[0..63] = 55EB8D174C2E0351E5A53C90E84740EB
* 0F5A24AAFEC8E0C9F9D2CE48B2ADB0A3
* 4D2E8C4E016102607368FFA43A0F9155
* 0706E3548AD9E5EA15A53EB6F0EDE9DC
*
*/
unsigned char k3[] = { 0x00, 0x53, 0xA6, 0xF9, 0x4C, 0x9F, 0xF2, 0x45, 0x98, 0xEB, 0x3E, 0x91, 0xE4, 0x37, 0x8A, 0xDD,
0x30, 0x83, 0xD6, 0x29, 0x7C, 0xCF, 0x22, 0x75, 0xC8, 0x1B, 0x6E, 0xC1, 0x14, 0x67, 0xBA, 0x0D };
unsigned char n3[] = { 0x0D, 0x74, 0xDB, 0x42, 0xA9, 0x10, 0x77, 0xDE, 0x45, 0xAC, 0x13, 0x7A, 0xE1, 0x48, 0xAF, 0x16 };
unsigned char ct3[] = { 0x55, 0xEB, 0x8D, 0x17, 0x4C, 0x2E, 0x03, 0x51, 0xE5, 0xA5, 0x3C, 0x90, 0xE8, 0x47, 0x40, 0xEB,
0x0F, 0x5A, 0x24, 0xAA, 0xFE, 0xC8, 0xE0, 0xC9, 0xF9, 0xD2, 0xCE, 0x48, 0xB2, 0xAD, 0xB0, 0xA3,
0x4D, 0x2E, 0x8C, 0x4E, 0x01, 0x61, 0x02, 0x60, 0x73, 0x68, 0xFF, 0xA4, 0x3A, 0x0F, 0x91, 0x55,
0x07, 0x06, 0xE3, 0x54, 0x8A, 0xD9, 0xE5, 0xEA, 0x15, 0xA5, 0x3E, 0xB6, 0xF0, 0xED, 0xE9, 0xDC };
if ((err = sosemanuk_setup(&ss, k3, sizeof(k3))) != CRYPT_OK) return err;
if ((err = sosemanuk_setiv(&ss, n3, sizeof(n3))) != CRYPT_OK) return err;
if ((err = sosemanuk_keystream(&ss, out, 64)) != CRYPT_OK) return err;
if ((err = sosemanuk_done(&ss)) != CRYPT_OK) return err;
if (compare_testvector(out, 64, ct3, sizeof(ct3), "SOSEMANUK-TV3", 1)) return CRYPT_FAIL_TESTVECTOR;
}
return CRYPT_OK;
#endif
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

15
testbuild.sh
View File

@ -1,15 +0,0 @@
#!/bin/bash
# output version
bash printinfo.sh
echo "$1 (Build Only, $2, $3)..."
make clean 1>/dev/null 2>/dev/null
echo -n "building..."
touch testok.txt
CFLAGS="$2 $CFLAGS $4" EXTRALIBS="$5" make -f $3 test tv_gen 1>gcc_1.txt 2>gcc_2.txt || (echo "build $1 failed see gcc_2.txt for more information" && cat gcc_2.txt && rm -f testok.txt && exit 1)
if find testok.txt -type f 1>/dev/null 2>/dev/null ; then
echo "successful"
exit 0
fi
exit 1

42
testme.sh
View File

@ -12,59 +12,59 @@ fi
echo "date="`date`
# check sources
bash check_source.sh "CHECK_SOURCES" " " "$1" "$2" "$3" || exit 1
bash .ci/check_source.sh "CHECK_SOURCES" " " "$1" "$2" "$3" || exit 1
mk="$1"
[ "$LTC_COVERAGE" != "" ] && mk="$mk COVERAGE=1"
# meta builds
bash .ci/meta_builds.sh "META_BUILS" " " "$mk" "$2" "$3" || exit 1
# valgrind build
bash .ci/valgrind.sh "VALGRIND" " " "$mk" "$2" "$3" || exit 1
# stock build
bash run.sh "STOCK" " " "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "STOCK" " " "$mk" "$2" "$3" || exit 1
# EASY build
bash run.sh "EASY" "-DLTC_EASY" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "EASY" "-DLTC_EASY" "$mk" "$2" "$3" || exit 1
# SMALL code
bash run.sh "SMALL" "-DLTC_SMALL_CODE" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "SMALL" "-DLTC_SMALL_CODE" "$mk" "$2" "$3" || exit 1
# NOTABLES
bash run.sh "NOTABLES" "-DLTC_NO_TABLES" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "NOTABLES" "-DLTC_NO_TABLES" "$mk" "$2" "$3" || exit 1
# SMALL+NOTABLES
bash run.sh "SMALL+NOTABLES" "-DLTC_SMALL_CODE -DLTC_NO_TABLES" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "SMALL+NOTABLES" "-DLTC_SMALL_CODE -DLTC_NO_TABLES" "$mk" "$2" "$3" || exit 1
# CLEANSTACK
bash run.sh "CLEANSTACK" "-DLTC_CLEAN_STACK" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "CLEANSTACK" "-DLTC_CLEAN_STACK" "$mk" "$2" "$3" || exit 1
# CLEANSTACK + SMALL
bash run.sh "CLEANSTACK+SMALL" "-DLTC_SMALL_CODE -DLTC_CLEAN_STACK" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "CLEANSTACK+SMALL" "-DLTC_SMALL_CODE -DLTC_CLEAN_STACK" "$mk" "$2" "$3" || exit 1
# CLEANSTACK + NOTABLES
bash run.sh "CLEANSTACK+NOTABLES" "-DLTC_NO_TABLES -DLTC_CLEAN_STACK" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "CLEANSTACK+NOTABLES" "-DLTC_NO_TABLES -DLTC_CLEAN_STACK" "$mk" "$2" "$3" || exit 1
# CLEANSTACK + NOTABLES + SMALL
bash run.sh "CLEANSTACK+NOTABLES+SMALL" "-DLTC_NO_TABLES -DLTC_CLEAN_STACK -DLTC_SMALL_CODE" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "CLEANSTACK+NOTABLES+SMALL" "-DLTC_NO_TABLES -DLTC_CLEAN_STACK -DLTC_SMALL_CODE" "$mk" "$2" "$3" || exit 1
# NO_FAST
bash run.sh "NO_FAST" "-DLTC_NO_FAST" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "NO_FAST" "-DLTC_NO_FAST" "$mk" "$2" "$3" || exit 1
# NO_FAST + NOTABLES
bash run.sh "NO_FAST+NOTABLES" "-DLTC_NO_FAST -DLTC_NO_TABLES" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "NO_FAST+NOTABLES" "-DLTC_NO_FAST -DLTC_NO_TABLES" "$mk" "$2" "$3" || exit 1
# NO_ASM
bash run.sh "NO_ASM" "-DLTC_NO_ASM" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "NO_ASM" "-DLTC_NO_ASM" "$mk" "$2" "$3" || exit 1
# NO_TIMING_RESISTANCE
bash run.sh "NO_TIMING_RESISTANCE" "-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "NO_TIMING_RESISTANCE" "-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING" "$mk" "$2" "$3" || exit 1
# CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE
bash run.sh "CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE" "-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING" "$mk" "$2" "$3" || exit 1
# test build with no testing
bash testbuild.sh "NOTEST" "-DLTC_NO_TEST" "$mk" "$2" "$3" || exit 1
# test build with no file routines
bash testbuild.sh "NOFILE" "-DLTC_NO_FILE" "$mk" "$2" "$3" || exit 1
bash .ci/run.sh "CLEANSTACK+NOTABLES+SMALL+NO_ASM+NO_TIMING_RESISTANCE" "-DLTC_CLEAN_STACK -DLTC_NO_TABLES -DLTC_SMALL_CODE -DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING" "$mk" "$2" "$3" || exit 1
# ref: $Format:%D$
# git commit: $Format:%H$

66
tests/base32_test.c Normal file
View File

@ -0,0 +1,66 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include <tomcrypt_test.h>
#ifdef LTC_BASE32
int base32_test(void)
{
unsigned char in[100], out[160], tmp[100];
unsigned char testin[] = { 0x61,0xc2,0xcb,0xbc,0x5e,0x6d,0x2a,0x7a,0x1a,0x19,0x1a,0xae,0xc9,0x02,0xd4,0xbf,0x7d };
const int testid[4] = {
BASE32_RFC4648,
BASE32_BASE32HEX,
BASE32_ZBASE32,
BASE32_CROCKFORD
};
const char *testout[4] = {
"MHBMXPC6NUVHUGQZDKXMSAWUX56Q",
"C71CNF2UDKL7K6GP3ANCI0MKNTUG",
"c8bczxn6pwi8wgo3dkzc1yswz76o",
"C71CQF2YDMN7M6GS3AQCJ0PMQXYG"
};
unsigned long x, l1, l2;
int idx;
for (idx = 0; idx < 4; idx++) {
for (x = 0; x < 100; x++) {
yarrow_read(in, x, &yarrow_prng);
l1 = sizeof(out);
DO(base32_encode(in, x, out, &l1, testid[idx]));
l2 = sizeof(tmp);
DO(base32_decode(out, l1, tmp, &l2, testid[idx]));
if (compare_testvector(tmp, l2, in, x, "random base32", idx * 100 + x)) {
return CRYPT_FAIL_TESTVECTOR;
}
}
}
for (idx = 0; idx < 4; idx++) {
l1 = sizeof(out);
DO(base32_encode(testin, sizeof(testin), out, &l1, testid[idx]));
if (compare_testvector(out, l1, testout[idx], strlen(testout[idx]), "testout base32", idx)) {
return CRYPT_FAIL_TESTVECTOR;
}
l2 = sizeof(tmp);
DO(base32_decode(out, l1, tmp, &l2, testid[idx]));
if (compare_testvector(tmp, l2, testin, sizeof(testin), "testin base32", idx)) {
return CRYPT_FAIL_TESTVECTOR;
}
}
return CRYPT_OK;
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

10
tests/cipher_hash_test.c
View File

@ -14,15 +14,21 @@ int cipher_hash_test(void)
{
int x;
/* test ciphers */
/* test block ciphers */
for (x = 0; cipher_descriptor[x].name != NULL; x++) {
DOX(cipher_descriptor[x].test(), cipher_descriptor[x].name);
}
/* stream ciphers */
/* test stream ciphers */
#ifdef LTC_CHACHA
DO(chacha_test());
#endif
#ifdef LTC_SALSA20
DO(salsa20_test());
#endif
#ifdef LTC_SOSEMANUK
DO(sosemanuk_test());
#endif
#ifdef LTC_RC4_STREAM
DO(rc4_stream_test());
#endif

5
tests/dh_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_MDH) && defined(LTC_TEST_MPI)
#if defined(LTC_MDH)
#ifdef LTC_DH4096
#define KEYSIZE 4096
@ -433,6 +433,9 @@ static int _basic_test(void)
int dh_test(void)
{
int fails = 0;
if (ltc_mp.name == NULL) return CRYPT_NOP;
if (_prime_test() != CRYPT_OK) fails++;
if (_basic_test() != CRYPT_OK) fails++;
if (_dhparam_test() != CRYPT_OK) fails++;

4
tests/dsa_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_MDSA) && defined(LTC_TEST_MPI)
#if defined(LTC_MDSA)
/* This is the private key from test_dsa.key */
static const unsigned char openssl_priv_dsa[] = {
@ -324,6 +324,8 @@ int dsa_test(void)
int stat1, stat2;
dsa_key key, key2;
if (ltc_mp.name == NULL) return CRYPT_NOP;
DO(_dsa_compat_test());
DO(_dsa_wycheproof_test());

4
tests/ecc_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_MECC) && defined(LTC_TEST_MPI)
#if defined(LTC_MECC)
static unsigned int sizes[] = {
#ifdef LTC_ECC112
@ -120,6 +120,8 @@ int ecc_tests (void)
int stat, stat2;
ecc_key usera, userb, pubKey, privKey;
if (ltc_mp.name == NULL) return CRYPT_NOP;
DO(ecc_test ());
for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) {

4
tests/katja_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_MKAT) && defined(LTC_TEST_MPI)
#if defined(LTC_MKAT)
int katja_test(void)
{
@ -18,6 +18,8 @@ int katja_test(void)
unsigned long kat_msgsize, len, len2, cnt;
static unsigned char lparam[] = { 0x01, 0x02, 0x03, 0x04 };
if (ltc_mp.name == NULL) return CRYPT_NOP;
hash_idx = find_hash("sha1");
prng_idx = find_prng("yarrow");
if (hash_idx == -1 || prng_idx == -1) {

3
tests/misc_test.c
View File

@ -19,6 +19,9 @@ int misc_test(void)
#ifdef LTC_BASE64
DO(base64_test());
#endif
#ifdef LTC_BASE32
DO(base32_test());
#endif
#ifdef LTC_ADLER32
DO(adler32_test());
#endif

3
tests/mpi_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_MPI) && defined(LTC_TEST_MPI)
#if defined(LTC_MPI)
static int _radix_to_bin_test(void)
{
/* RADIX 16 */
@ -133,6 +133,7 @@ static int _radix_to_bin_test(void)
int mpi_test(void)
{
if (ltc_mp.name == NULL) return CRYPT_NOP;
return _radix_to_bin_test();
}
#else

4
tests/pkcs_1_eme_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_PKCS_1) && defined(LTC_TEST_MPI)
#if defined(LTC_PKCS_1)
#include "../notes/rsa-testvectors/pkcs1v15crypt-vectors.c"
@ -22,6 +22,8 @@ int pkcs_1_eme_test(void)
unsigned int i;
unsigned int j;
if (ltc_mp.name == NULL) return CRYPT_NOP;
DO(prng_is_valid(prng_idx));
DO(hash_is_valid(hash_idx));

4
tests/pkcs_1_emsa_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_PKCS_1) && defined(LTC_TEST_MPI)
#if defined(LTC_PKCS_1)
#include "../notes/rsa-testvectors/pkcs1v15sign-vectors.c"
@ -20,6 +20,8 @@ int pkcs_1_emsa_test(void)
unsigned int i;
unsigned int j;
if (ltc_mp.name == NULL) return CRYPT_NOP;
DO(hash_is_valid(hash_idx));
for (i = 0; i < sizeof(testcases_emsa)/sizeof(testcases_emsa[0]); ++i) {

4
tests/pkcs_1_oaep_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_PKCS_1) && defined(LTC_TEST_MPI)
#if defined(LTC_PKCS_1)
#include "../notes/rsa-testvectors/oaep-vect.c"
@ -22,6 +22,8 @@ int pkcs_1_oaep_test(void)
unsigned int i;
unsigned int j;
if (ltc_mp.name == NULL) return CRYPT_NOP;
DO(prng_is_valid(prng_idx));
DO(hash_is_valid(hash_idx));

4
tests/pkcs_1_pss_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_PKCS_1) && defined(LTC_TEST_MPI)
#if defined(LTC_PKCS_1)
#include "../notes/rsa-testvectors/pss-vect.c"
@ -22,6 +22,8 @@ int pkcs_1_pss_test(void)
unsigned int i;
unsigned int j;
if (ltc_mp.name == NULL) return CRYPT_NOP;
DO(prng_is_valid(prng_idx));
DO(hash_is_valid(hash_idx));

4
tests/rsa_test.c
View File

@ -8,7 +8,7 @@
*/
#include <tomcrypt_test.h>
#if defined(LTC_MRSA) && defined(LTC_TEST_MPI)
#if defined(LTC_MRSA)
#define RSA_MSGSIZE 78
@ -355,6 +355,8 @@ int rsa_test(void)
unsigned char* p2;
unsigned char* p3;
if (ltc_mp.name == NULL) return CRYPT_NOP;
if (rsa_compat_test() != 0) {
return 1;
}

45
tests/test.c
View File

@ -177,6 +177,12 @@ static void _unregister_all(void)
#ifdef LTC_CAMELLIA
unregister_cipher(&camellia_desc);
#endif
#ifdef LTC_IDEA
unregister_cipher(&idea_desc);
#endif
#ifdef LTC_SERPENT
unregister_cipher(&serpent_desc);
#endif
#ifdef LTC_TIGER
unregister_hash(&tiger_desc);
@ -305,6 +311,7 @@ int main(int argc, char **argv)
#endif
int x, pass = 0, fail = 0, nop = 0;
size_t fn_len, i, dots;
const char* mpi_provider = NULL;
char *single_test = NULL;
ulong64 ts;
long delta, dur, real = 0;
@ -313,34 +320,28 @@ int main(int argc, char **argv)
printf("LTC_VERSION = %s\n%s\n\n", GIT_VERSION, crypt_build_settings);
#ifdef USE_LTM
ltc_mp = ltm_desc;
printf("MP_PROVIDER = LibTomMath\n");
mpi_provider = "ltm";
#elif defined(USE_TFM)
ltc_mp = tfm_desc;
printf("MP_PROVIDER = TomsFastMath\n");
mpi_provider = "tfm";
#elif defined(USE_GMP)
ltc_mp = gmp_desc;
printf("MP_PROVIDER = GnuMP\n");
mpi_provider = "gmp";
#elif defined(EXT_MATH_LIB)
{
extern ltc_math_descriptor EXT_MATH_LIB;
ltc_mp = EXT_MATH_LIB;
mpi_provider = "ext";
#endif
if (argc > 2) {
mpi_provider = argv[2];
}
#define NAME_VALUE(s) #s"="NAME(s)
#define NAME(s) #s
printf("MP_PROVIDER = %s\n", NAME_VALUE(EXT_MATH_LIB));
#undef NAME_VALUE
#undef NAME
crypt_mp_init(mpi_provider);
#endif
#ifdef LTC_TEST_MPI
printf("MP_DIGIT_BIT = %d\n", MP_DIGIT_BIT);
#else
printf("NO math provider selected, all tests requiring MPI were disabled and will 'nop'\n");
#endif
printf("sizeof(ltc_mp_digit) = %d\n", (int)sizeof(ltc_mp_digit));
if (ltc_mp.name != NULL) {
printf("MP_PROVIDER = %s\n", ltc_mp.name);
printf("MP_DIGIT_BIT = %d\n", MP_DIGIT_BIT);
printf("sizeof(ltc_mp_digit) = %d\n", (int)sizeof(ltc_mp_digit));
} else {
printf("NO math provider selected, all tests requiring MPI will 'nop'\n");
}
#ifdef LTC_PTHREAD
tinfo = XCALLOC(sizeof(test_functions)/sizeof(test_functions[0]), sizeof(thread_info));

15
tests/tomcrypt_test.h
View File

@ -14,20 +14,6 @@
#include "common.h"
#ifdef USE_LTM
/* Use libtommath as MPI provider */
#define LTC_TEST_MPI
#elif defined(USE_TFM)
/* Use tomsfastmath as MPI provider */
#define LTC_TEST_MPI
#elif defined(USE_GMP)
/* Use GNU Multiple Precision Arithmetic Library as MPI provider */
#define LTC_TEST_MPI
#elif defined(EXT_MATH_LIB)
/* The user must define his own MPI provider! */
#define LTC_TEST_MPI
#endif
typedef struct {
char *name, *prov, *req;
int (*entry)(void);
@ -52,6 +38,7 @@ int dsa_test(void);
int der_test(void);
int misc_test(void);
int base64_test(void);
int base32_test(void);
int file_test(void);
int multi_test(void);
int prng_test(void);

4
updatemakes.sh
View File

@ -10,3 +10,7 @@ if [ $# -eq 1 ] && [ "$1" == "-c" ]; then
fi
exit 0
# ref: $Format:%D$
# git commit: $Format:%H$
# commit time: $Format:%ai$