added libtomcrypt-1.09
This commit is contained in:
parent
1eeff0bfb4
commit
a3ce807bae
DoxyfileTODOchangescrypt.textestme.sh
doc
filter.plmakefilemakefile.iccmakefile.msvcmakefile.sharedsrc
ciphers
encauth
headers
misc/crypt
modes/lrw
pk/asn1/der
testprof
updatemakes.sh
2
Doxyfile
2
Doxyfile
@ -23,7 +23,7 @@ PROJECT_NAME = LibTomCrypt
|
||||
# This could be handy for archiving the generated documentation or
|
||||
# if some version control system is used.
|
||||
|
||||
PROJECT_NUMBER = 1.08
|
||||
PROJECT_NUMBER = 1.09
|
||||
|
||||
# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
|
||||
# base path where the generated documentation will be put.
|
||||
|
15
changes
15
changes
@ -1,3 +1,14 @@
|
||||
January 26th, 2006
|
||||
v1.09 -- Added missing doxygen comments to some of the ASN.1 routines
|
||||
-- Added "easy button" define LTC_EASY and LTC will build with a subset of all the algos. Reduces build times for typical
|
||||
configurations. Tunable [see tomcrypt_custom.h]
|
||||
-- Added some error detection to reg_algs() of the testprof.a library to detect when the PRNG is not setup correctly (took me 10 mins to figure out, PITA!)
|
||||
-- Similar fixes to timing demo (MD5 not defined when EASY is defined)
|
||||
-- Added the NLS enc+mac stream cipher from QUALCOMM, disabled for this release, waiting on test vectors
|
||||
-- Finally added an auto-update script for the makefiles. So when I add new files/dirs it can automatically fix up the makefiles [all four of them...]
|
||||
-- Added LRW to the list of cipher modes supported
|
||||
-- cleaned up ciphers definitions to remove cbc/cfb/ofb/ctr/etc from the namespace when not used.
|
||||
|
||||
November 24th, 2005
|
||||
v1.08 -- Added SET and SET OF support to the ASN.1 side
|
||||
-- Fixed up X macros, added QSORT to the mix [thanks SET/SETOF]
|
||||
@ -1394,6 +1405,6 @@ v0.02 -- Changed RC5 to only allow 12 to 24 rounds
|
||||
v0.01 -- We will call this the first version.
|
||||
|
||||
/* $Source: /cvs/libtom/libtomcrypt/changes,v $ */
|
||||
/* $Revision: 1.161 $ */
|
||||
/* $Date: 2005/11/24 03:30:18 $ */
|
||||
/* $Revision: 1.168 $ */
|
||||
/* $Date: 2006/01/26 18:15:51 $ */
|
||||
|
||||
|
111
crypt.tex
111
crypt.tex
@ -47,7 +47,7 @@
|
||||
\def\gap{\vspace{0.5ex}}
|
||||
\makeindex
|
||||
\begin{document}
|
||||
\title{LibTomCrypt \\ Version 1.08}
|
||||
\title{LibTomCrypt \\ Version 1.09}
|
||||
\author{Tom St Denis \\
|
||||
\\
|
||||
tomstdenis@gmail.com \\
|
||||
@ -520,6 +520,18 @@ struct _cipher_descriptor {
|
||||
unsigned char *ct,
|
||||
unsigned long blocks, unsigned char *IV,
|
||||
int mode, symmetric_key *skey);
|
||||
int (*accel_lrw_encrypt)(const unsigned char *pt,
|
||||
unsigned char *ct,
|
||||
unsigned long blocks,
|
||||
unsigned char *IV,
|
||||
const unsigned char *tweak,
|
||||
symmetric_key *skey);
|
||||
int (*accel_lrw_decrypt)(const unsigned char *ct,
|
||||
unsigned char *pt,
|
||||
unsigned long blocks,
|
||||
unsigned char *IV,
|
||||
const unsigned char *tweak,
|
||||
symmetric_key *skey);
|
||||
int (*accel_ccm_memory)(
|
||||
const unsigned char *key, unsigned long keylen,
|
||||
symmetric_key *uskey,
|
||||
@ -938,6 +950,61 @@ int main(void)
|
||||
\end{verbatim}
|
||||
\end{small}
|
||||
|
||||
\subsection{LRW Mode}
|
||||
|
||||
LRW mode is a cipher mode which is meant for indexed encryption like used to handle storage media. It is meant to have efficient seeking and overcome the
|
||||
security problems of ECB mode while not increasing the storage requirements. It is used much like any other chaining mode except with two key differences.
|
||||
|
||||
The key is specified as two strings the first key $K_1$ is the (normally AES) key and can be any length (typically 16, 24 or 32 octets long). The second key
|
||||
$K_2$ is the ``tweak'' key and is always 16 octets long. The tweak value is \textbf{NOT} a nonce or IV value it must be random and secret.
|
||||
|
||||
To initialize LRW mode use:
|
||||
|
||||
\index{lrw\_start()}
|
||||
\begin{verbatim}
|
||||
int lrw_start( int cipher,
|
||||
const unsigned char *IV,
|
||||
const unsigned char *key, int keylen,
|
||||
const unsigned char *tweak,
|
||||
int num_rounds,
|
||||
symmetric_LRW *lrw);
|
||||
\end{verbatim}
|
||||
|
||||
This will initialize the LRW context with the given (16 octet) ``IV'', cipher $K_1$ ``key'' of length ``keylen'' octets and the (16 octet) $K_2$ ``tweak''.
|
||||
While LRW was specified to be used only with AES, LibTomCrypt will allow any 128--bit block cipher to be specified as indexed by ``cipher''. The
|
||||
number of rounds for the block cipher ``num\_rounds'' can be 0 to use the default number of rounds for the given cipher.
|
||||
|
||||
To process data use the following functions:
|
||||
|
||||
\index{lrw\_encrypt()} \index{lrw\_decrypt()}
|
||||
\begin{verbatim}
|
||||
int lrw_encrypt(const unsigned char *pt, unsigned char *ct,
|
||||
unsigned long len, symmetric_LRW *lrw);
|
||||
int lrw_decrypt(const unsigned char *ct, unsigned char *pt,
|
||||
unsigned long len, symmetric_LRW *lrw);
|
||||
\end{verbatim}
|
||||
|
||||
These will encrypt (or decrypt) the plaintext to the ciphertext buffer (or vice versa). The length is specified by ``len'' in octets but must be a multiple
|
||||
of 16.
|
||||
|
||||
To manipulate the IV use the following functions:
|
||||
|
||||
\index{lrw\_getiv()} \index{lrw\_setiv()}
|
||||
\begin{verbatim}
|
||||
int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw);
|
||||
int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw);
|
||||
\end{verbatim}
|
||||
|
||||
These will get or set the 16--octet IV. Note that setting the IV is the same as ``seeking'' and unlike other modes is not a free operation. It requires
|
||||
updating the entire tweak which is slower than sequential use. Avoid seeking excessively in performance constrained code.
|
||||
|
||||
To terminate the LRW state use the following:
|
||||
|
||||
\index{lrw\_done()}
|
||||
\begin{verbatim}
|
||||
int lrw_done(symmetric_LRW *lrw);
|
||||
\end{verbatim}
|
||||
|
||||
\section{Encrypt and Authenticate Modes}
|
||||
|
||||
\subsection{EAX Mode}
|
||||
@ -4306,6 +4373,32 @@ struct ltc_cipher_descriptor {
|
||||
unsigned long blocks, unsigned char *IV,
|
||||
int mode, symmetric_key *skey);
|
||||
|
||||
/** Accelerated LRW
|
||||
@param pt Plaintext
|
||||
@param ct Ciphertext
|
||||
@param blocks The number of complete blocks to process
|
||||
@param IV The initial value (input/output)
|
||||
@param tweak The LRW tweak
|
||||
@param skey The scheduled key context
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int (*accel_lrw_encrypt)(const unsigned char *pt, unsigned char *ct,
|
||||
unsigned long blocks, unsigned char *IV,
|
||||
const unsigned char *tweak, symmetric_key *skey);
|
||||
|
||||
/** Accelerated LRW
|
||||
@param ct Ciphertext
|
||||
@param pt Plaintext
|
||||
@param blocks The number of complete blocks to process
|
||||
@param IV The initial value (input/output)
|
||||
@param tweak The LRW tweak
|
||||
@param skey The scheduled key context
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int (*accel_lrw_decrypt)(const unsigned char *ct, unsigned char *pt,
|
||||
unsigned long blocks, unsigned char *IV,
|
||||
const unsigned char *tweak, symmetric_key *skey);
|
||||
|
||||
/** Accelerated CCM packet (one-shot)
|
||||
@param key The secret key to use
|
||||
@param keylen The length of the secret key (octets)
|
||||
@ -4432,6 +4525,18 @@ buffer provided) before encrypting it to create the pad.
|
||||
|
||||
The accelerator will only be used to encrypt whole blocks. Partial blocks are always handled in software.
|
||||
|
||||
\subsubsection{Accelerated LRW}
|
||||
These functions are meant for accelerated LRW. They process blocks of input in lengths of multiples of 16 octets. They must accept the ``IV'' and ``tweak''
|
||||
state variables and updated them prior to returning. Note that you may want to disable \textbf{LRW\_TABLES} in ``tomcrypt\_custom.h'' if you intend
|
||||
to use accelerators for LRW.
|
||||
|
||||
While both encrypt and decrypt accelerators are not required it is suggested as it makes lrw\_setiv() more efficient.
|
||||
|
||||
Note that calling lrw\_done() will only invoke the cipher\_descriptor[].done() function on the ``symmetric\_key'' parameter of the LRW state. That means
|
||||
if your device requires any (LRW specific) resources you should free them in your ciphers() done function. The simplest way to think of it is to write
|
||||
the plugin solely to do LRW with the cipher. That way cipher\_descriptor[].setup() means to init LRW resources and cipher\_descriptor[].done() means to
|
||||
free them.
|
||||
|
||||
\subsubsection{Accelerated CCM}
|
||||
This function is meant for accelerated CCM encryption or decryption. It processes the entire packet in one call. You can optimize the work flow somewhat
|
||||
by allowing the caller to call the setup() function first to schedule the key if your accelerator cannot do the key schedule on the fly (for instance). This
|
||||
@ -5076,5 +5181,5 @@ Since the function is given the entire RSA key (for private keys only) CRT is po
|
||||
\end{document}
|
||||
|
||||
% $Source: /cvs/libtom/libtomcrypt/crypt.tex,v $
|
||||
% $Revision: 1.59 $
|
||||
% $Date: 2005/11/24 01:53:18 $
|
||||
% $Revision: 1.62 $
|
||||
% $Date: 2006/01/26 18:29:02 $
|
||||
|
BIN
doc/crypt.pdf
BIN
doc/crypt.pdf
Binary file not shown.
30
filter.pl
Normal file
30
filter.pl
Normal file
@ -0,0 +1,30 @@
|
||||
#!/usr/bin/perl
|
||||
|
||||
# we want to filter every between START_INS and END_INS out and then insert crap from another file (this is fun)
|
||||
|
||||
$dst = shift;
|
||||
$ins = shift;
|
||||
|
||||
open(SRC,"<$dst");
|
||||
open(INS,"<$ins");
|
||||
open(TMP,">tmp.delme");
|
||||
|
||||
$l = 0;
|
||||
while (<SRC>) {
|
||||
if ($_ =~ /START_INS/) {
|
||||
print TMP $_;
|
||||
$l = 1;
|
||||
while (<INS>) {
|
||||
print TMP $_;
|
||||
}
|
||||
close INS;
|
||||
} elsif ($_ =~ /END_INS/) {
|
||||
print TMP $_;
|
||||
$l = 0;
|
||||
} elsif ($l == 0) {
|
||||
print TMP $_;
|
||||
}
|
||||
}
|
||||
|
||||
close TMP;
|
||||
close SRC;
|
30
makefile
30
makefile
@ -4,7 +4,7 @@
|
||||
# Modified by Clay Culver
|
||||
|
||||
# The version
|
||||
VERSION=1.08
|
||||
VERSION=1.09
|
||||
|
||||
# Compiler and Linker Names
|
||||
#CC=gcc
|
||||
@ -111,8 +111,9 @@ src/encauth/eax/eax_decrypt.o src/encauth/eax/eax_decrypt_verify_memory.o src/en
|
||||
src/encauth/eax/eax_encrypt.o src/encauth/eax/eax_encrypt_authenticate_memory.o \
|
||||
src/encauth/eax/eax_init.o src/encauth/eax/eax_test.o src/encauth/gcm/gcm_add_aad.o \
|
||||
src/encauth/gcm/gcm_add_iv.o src/encauth/gcm/gcm_done.o src/encauth/gcm/gcm_gf_mult.o \
|
||||
src/encauth/gcm/gcm_init.o src/encauth/gcm/gcm_memory.o src/encauth/gcm/gcm_process.o \
|
||||
src/encauth/gcm/gcm_reset.o src/encauth/gcm/gcm_test.o src/encauth/ocb/ocb_decrypt.o \
|
||||
src/encauth/gcm/gcm_init.o src/encauth/gcm/gcm_memory.o src/encauth/gcm/gcm_mult_h.o \
|
||||
src/encauth/gcm/gcm_process.o src/encauth/gcm/gcm_reset.o src/encauth/gcm/gcm_test.o \
|
||||
src/encauth/nls/nls_memory.o src/encauth/nls/nlsfast.o src/encauth/ocb/ocb_decrypt.o \
|
||||
src/encauth/ocb/ocb_decrypt_verify_memory.o src/encauth/ocb/ocb_done_decrypt.o \
|
||||
src/encauth/ocb/ocb_done_encrypt.o src/encauth/ocb/ocb_encrypt.o \
|
||||
src/encauth/ocb/ocb_encrypt_authenticate_memory.o src/encauth/ocb/ocb_init.o src/encauth/ocb/ocb_ntz.o \
|
||||
@ -150,14 +151,16 @@ src/modes/cfb/cfb_getiv.o src/modes/cfb/cfb_setiv.o src/modes/cfb/cfb_start.o \
|
||||
src/modes/ctr/ctr_decrypt.o src/modes/ctr/ctr_done.o src/modes/ctr/ctr_encrypt.o \
|
||||
src/modes/ctr/ctr_getiv.o src/modes/ctr/ctr_setiv.o src/modes/ctr/ctr_start.o \
|
||||
src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \
|
||||
src/modes/ecb/ecb_start.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \
|
||||
src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \
|
||||
src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \
|
||||
src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \
|
||||
src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \
|
||||
src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \
|
||||
src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \
|
||||
src/pk/asn1/der/integer/der_length_integer.o \
|
||||
src/modes/ecb/ecb_start.o src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o \
|
||||
src/modes/lrw/lrw_encrypt.o src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o \
|
||||
src/modes/lrw/lrw_setiv.o src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o \
|
||||
src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o src/modes/ofb/ofb_encrypt.o \
|
||||
src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o src/modes/ofb/ofb_start.o \
|
||||
src/pk/asn1/der/bit/der_decode_bit_string.o src/pk/asn1/der/bit/der_encode_bit_string.o \
|
||||
src/pk/asn1/der/bit/der_length_bit_string.o src/pk/asn1/der/choice/der_decode_choice.o \
|
||||
src/pk/asn1/der/ia5/der_decode_ia5_string.o src/pk/asn1/der/ia5/der_encode_ia5_string.o \
|
||||
src/pk/asn1/der/ia5/der_length_ia5_string.o src/pk/asn1/der/integer/der_decode_integer.o \
|
||||
src/pk/asn1/der/integer/der_encode_integer.o src/pk/asn1/der/integer/der_length_integer.o \
|
||||
src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
|
||||
src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
|
||||
src/pk/asn1/der/object_identifier/der_length_object_identifier.o \
|
||||
@ -200,6 +203,7 @@ src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt
|
||||
src/headers/tomcrypt_pk.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_math.h \
|
||||
src/headers/tomcrypt_misc.h src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h \
|
||||
src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
|
||||
|
||||
#END_INS
|
||||
|
||||
TESTOBJECTS=demos/test.o
|
||||
@ -361,5 +365,5 @@ zipup: no_oops docs
|
||||
|
||||
|
||||
# $Source: /cvs/libtom/libtomcrypt/makefile,v $
|
||||
# $Revision: 1.108 $
|
||||
# $Date: 2005/11/23 02:34:57 $
|
||||
# $Revision: 1.114 $
|
||||
# $Date: 2006/01/26 06:12:31 $
|
||||
|
28
makefile.icc
28
makefile.icc
@ -98,8 +98,9 @@ src/encauth/eax/eax_decrypt.o src/encauth/eax/eax_decrypt_verify_memory.o src/en
|
||||
src/encauth/eax/eax_encrypt.o src/encauth/eax/eax_encrypt_authenticate_memory.o \
|
||||
src/encauth/eax/eax_init.o src/encauth/eax/eax_test.o src/encauth/gcm/gcm_add_aad.o \
|
||||
src/encauth/gcm/gcm_add_iv.o src/encauth/gcm/gcm_done.o src/encauth/gcm/gcm_gf_mult.o \
|
||||
src/encauth/gcm/gcm_init.o src/encauth/gcm/gcm_memory.o src/encauth/gcm/gcm_process.o \
|
||||
src/encauth/gcm/gcm_reset.o src/encauth/gcm/gcm_test.o src/encauth/ocb/ocb_decrypt.o \
|
||||
src/encauth/gcm/gcm_init.o src/encauth/gcm/gcm_memory.o src/encauth/gcm/gcm_mult_h.o \
|
||||
src/encauth/gcm/gcm_process.o src/encauth/gcm/gcm_reset.o src/encauth/gcm/gcm_test.o \
|
||||
src/encauth/nls/nls_memory.o src/encauth/nls/nlsfast.o src/encauth/ocb/ocb_decrypt.o \
|
||||
src/encauth/ocb/ocb_decrypt_verify_memory.o src/encauth/ocb/ocb_done_decrypt.o \
|
||||
src/encauth/ocb/ocb_done_encrypt.o src/encauth/ocb/ocb_encrypt.o \
|
||||
src/encauth/ocb/ocb_encrypt_authenticate_memory.o src/encauth/ocb/ocb_init.o src/encauth/ocb/ocb_ntz.o \
|
||||
@ -137,14 +138,16 @@ src/modes/cfb/cfb_getiv.o src/modes/cfb/cfb_setiv.o src/modes/cfb/cfb_start.o \
|
||||
src/modes/ctr/ctr_decrypt.o src/modes/ctr/ctr_done.o src/modes/ctr/ctr_encrypt.o \
|
||||
src/modes/ctr/ctr_getiv.o src/modes/ctr/ctr_setiv.o src/modes/ctr/ctr_start.o \
|
||||
src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \
|
||||
src/modes/ecb/ecb_start.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \
|
||||
src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \
|
||||
src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \
|
||||
src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \
|
||||
src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \
|
||||
src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \
|
||||
src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \
|
||||
src/pk/asn1/der/integer/der_length_integer.o \
|
||||
src/modes/ecb/ecb_start.o src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o \
|
||||
src/modes/lrw/lrw_encrypt.o src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o \
|
||||
src/modes/lrw/lrw_setiv.o src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o \
|
||||
src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o src/modes/ofb/ofb_encrypt.o \
|
||||
src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o src/modes/ofb/ofb_start.o \
|
||||
src/pk/asn1/der/bit/der_decode_bit_string.o src/pk/asn1/der/bit/der_encode_bit_string.o \
|
||||
src/pk/asn1/der/bit/der_length_bit_string.o src/pk/asn1/der/choice/der_decode_choice.o \
|
||||
src/pk/asn1/der/ia5/der_decode_ia5_string.o src/pk/asn1/der/ia5/der_encode_ia5_string.o \
|
||||
src/pk/asn1/der/ia5/der_length_ia5_string.o src/pk/asn1/der/integer/der_decode_integer.o \
|
||||
src/pk/asn1/der/integer/der_encode_integer.o src/pk/asn1/der/integer/der_length_integer.o \
|
||||
src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
|
||||
src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
|
||||
src/pk/asn1/der/object_identifier/der_length_object_identifier.o \
|
||||
@ -187,6 +190,7 @@ src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt
|
||||
src/headers/tomcrypt_pk.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_math.h \
|
||||
src/headers/tomcrypt_misc.h src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h \
|
||||
src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
|
||||
|
||||
#END_INS
|
||||
|
||||
#Who do we install as?
|
||||
@ -266,6 +270,6 @@ install: library
|
||||
install -g $(GROUP) -o $(USER) $(HEADERS) $(DESTDIR)$(INCPATH)
|
||||
|
||||
# $Source: /cvs/libtom/libtomcrypt/makefile.icc,v $
|
||||
# $Revision: 1.45 $
|
||||
# $Date: 2005/11/23 02:34:57 $
|
||||
# $Revision: 1.49 $
|
||||
# $Date: 2006/01/26 06:12:31 $
|
||||
|
||||
|
@ -13,8 +13,9 @@ src/encauth/eax/eax_decrypt.obj src/encauth/eax/eax_decrypt_verify_memory.obj sr
|
||||
src/encauth/eax/eax_encrypt.obj src/encauth/eax/eax_encrypt_authenticate_memory.obj \
|
||||
src/encauth/eax/eax_init.obj src/encauth/eax/eax_test.obj src/encauth/gcm/gcm_add_aad.obj \
|
||||
src/encauth/gcm/gcm_add_iv.obj src/encauth/gcm/gcm_done.obj src/encauth/gcm/gcm_gf_mult.obj \
|
||||
src/encauth/gcm/gcm_init.obj src/encauth/gcm/gcm_memory.obj src/encauth/gcm/gcm_process.obj \
|
||||
src/encauth/gcm/gcm_reset.obj src/encauth/gcm/gcm_test.obj src/encauth/ocb/ocb_decrypt.obj \
|
||||
src/encauth/gcm/gcm_init.obj src/encauth/gcm/gcm_memory.obj src/encauth/gcm/gcm_mult_h.obj \
|
||||
src/encauth/gcm/gcm_process.obj src/encauth/gcm/gcm_reset.obj src/encauth/gcm/gcm_test.obj \
|
||||
src/encauth/nls/nls_memory.obj src/encauth/nls/nlsfast.obj src/encauth/ocb/ocb_decrypt.obj \
|
||||
src/encauth/ocb/ocb_decrypt_verify_memory.obj src/encauth/ocb/ocb_done_decrypt.obj \
|
||||
src/encauth/ocb/ocb_done_encrypt.obj src/encauth/ocb/ocb_encrypt.obj \
|
||||
src/encauth/ocb/ocb_encrypt_authenticate_memory.obj src/encauth/ocb/ocb_init.obj src/encauth/ocb/ocb_ntz.obj \
|
||||
@ -52,14 +53,16 @@ src/modes/cfb/cfb_getiv.obj src/modes/cfb/cfb_setiv.obj src/modes/cfb/cfb_start.
|
||||
src/modes/ctr/ctr_decrypt.obj src/modes/ctr/ctr_done.obj src/modes/ctr/ctr_encrypt.obj \
|
||||
src/modes/ctr/ctr_getiv.obj src/modes/ctr/ctr_setiv.obj src/modes/ctr/ctr_start.obj \
|
||||
src/modes/ecb/ecb_decrypt.obj src/modes/ecb/ecb_done.obj src/modes/ecb/ecb_encrypt.obj \
|
||||
src/modes/ecb/ecb_start.obj src/modes/ofb/ofb_decrypt.obj src/modes/ofb/ofb_done.obj \
|
||||
src/modes/ofb/ofb_encrypt.obj src/modes/ofb/ofb_getiv.obj src/modes/ofb/ofb_setiv.obj \
|
||||
src/modes/ofb/ofb_start.obj src/pk/asn1/der/bit/der_decode_bit_string.obj \
|
||||
src/pk/asn1/der/bit/der_encode_bit_string.obj src/pk/asn1/der/bit/der_length_bit_string.obj \
|
||||
src/pk/asn1/der/choice/der_decode_choice.obj src/pk/asn1/der/ia5/der_decode_ia5_string.obj \
|
||||
src/pk/asn1/der/ia5/der_encode_ia5_string.obj src/pk/asn1/der/ia5/der_length_ia5_string.obj \
|
||||
src/pk/asn1/der/integer/der_decode_integer.obj src/pk/asn1/der/integer/der_encode_integer.obj \
|
||||
src/pk/asn1/der/integer/der_length_integer.obj \
|
||||
src/modes/ecb/ecb_start.obj src/modes/lrw/lrw_decrypt.obj src/modes/lrw/lrw_done.obj \
|
||||
src/modes/lrw/lrw_encrypt.obj src/modes/lrw/lrw_getiv.obj src/modes/lrw/lrw_process.obj \
|
||||
src/modes/lrw/lrw_setiv.obj src/modes/lrw/lrw_start.obj src/modes/lrw/lrw_test.obj \
|
||||
src/modes/ofb/ofb_decrypt.obj src/modes/ofb/ofb_done.obj src/modes/ofb/ofb_encrypt.obj \
|
||||
src/modes/ofb/ofb_getiv.obj src/modes/ofb/ofb_setiv.obj src/modes/ofb/ofb_start.obj \
|
||||
src/pk/asn1/der/bit/der_decode_bit_string.obj src/pk/asn1/der/bit/der_encode_bit_string.obj \
|
||||
src/pk/asn1/der/bit/der_length_bit_string.obj src/pk/asn1/der/choice/der_decode_choice.obj \
|
||||
src/pk/asn1/der/ia5/der_decode_ia5_string.obj src/pk/asn1/der/ia5/der_encode_ia5_string.obj \
|
||||
src/pk/asn1/der/ia5/der_length_ia5_string.obj src/pk/asn1/der/integer/der_decode_integer.obj \
|
||||
src/pk/asn1/der/integer/der_encode_integer.obj src/pk/asn1/der/integer/der_length_integer.obj \
|
||||
src/pk/asn1/der/object_identifier/der_decode_object_identifier.obj \
|
||||
src/pk/asn1/der/object_identifier/der_encode_object_identifier.obj \
|
||||
src/pk/asn1/der/object_identifier/der_length_object_identifier.obj \
|
||||
@ -102,6 +105,7 @@ src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt
|
||||
src/headers/tomcrypt_pk.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_math.h \
|
||||
src/headers/tomcrypt_misc.h src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h \
|
||||
src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
|
||||
|
||||
#END_INS
|
||||
|
||||
default: library
|
||||
@ -129,5 +133,5 @@ timing: demos/timing.c library
|
||||
cl $(CFLAGS) demos/timing.c testprof/tomcrypt_prof.lib tomcrypt.lib advapi32.lib $(EXTRALIBS)
|
||||
|
||||
# $Source: /cvs/libtom/libtomcrypt/makefile.msvc,v $
|
||||
# $Revision: 1.25 $
|
||||
# $Date: 2005/11/23 02:34:57 $
|
||||
# $Revision: 1.29 $
|
||||
# $Date: 2006/01/26 06:12:31 $
|
||||
|
@ -6,7 +6,7 @@
|
||||
# Tom St Denis
|
||||
|
||||
# The version
|
||||
VERSION=0:108
|
||||
VERSION=0:109
|
||||
|
||||
# Compiler and Linker Names
|
||||
CC=libtool --mode=compile gcc
|
||||
@ -105,8 +105,9 @@ src/encauth/eax/eax_decrypt.o src/encauth/eax/eax_decrypt_verify_memory.o src/en
|
||||
src/encauth/eax/eax_encrypt.o src/encauth/eax/eax_encrypt_authenticate_memory.o \
|
||||
src/encauth/eax/eax_init.o src/encauth/eax/eax_test.o src/encauth/gcm/gcm_add_aad.o \
|
||||
src/encauth/gcm/gcm_add_iv.o src/encauth/gcm/gcm_done.o src/encauth/gcm/gcm_gf_mult.o \
|
||||
src/encauth/gcm/gcm_init.o src/encauth/gcm/gcm_memory.o src/encauth/gcm/gcm_process.o \
|
||||
src/encauth/gcm/gcm_reset.o src/encauth/gcm/gcm_test.o src/encauth/ocb/ocb_decrypt.o \
|
||||
src/encauth/gcm/gcm_init.o src/encauth/gcm/gcm_memory.o src/encauth/gcm/gcm_mult_h.o \
|
||||
src/encauth/gcm/gcm_process.o src/encauth/gcm/gcm_reset.o src/encauth/gcm/gcm_test.o \
|
||||
src/encauth/nls/nls_memory.o src/encauth/nls/nlsfast.o src/encauth/ocb/ocb_decrypt.o \
|
||||
src/encauth/ocb/ocb_decrypt_verify_memory.o src/encauth/ocb/ocb_done_decrypt.o \
|
||||
src/encauth/ocb/ocb_done_encrypt.o src/encauth/ocb/ocb_encrypt.o \
|
||||
src/encauth/ocb/ocb_encrypt_authenticate_memory.o src/encauth/ocb/ocb_init.o src/encauth/ocb/ocb_ntz.o \
|
||||
@ -144,14 +145,16 @@ src/modes/cfb/cfb_getiv.o src/modes/cfb/cfb_setiv.o src/modes/cfb/cfb_start.o \
|
||||
src/modes/ctr/ctr_decrypt.o src/modes/ctr/ctr_done.o src/modes/ctr/ctr_encrypt.o \
|
||||
src/modes/ctr/ctr_getiv.o src/modes/ctr/ctr_setiv.o src/modes/ctr/ctr_start.o \
|
||||
src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \
|
||||
src/modes/ecb/ecb_start.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \
|
||||
src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \
|
||||
src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \
|
||||
src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \
|
||||
src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \
|
||||
src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \
|
||||
src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \
|
||||
src/pk/asn1/der/integer/der_length_integer.o \
|
||||
src/modes/ecb/ecb_start.o src/modes/lrw/lrw_decrypt.o src/modes/lrw/lrw_done.o \
|
||||
src/modes/lrw/lrw_encrypt.o src/modes/lrw/lrw_getiv.o src/modes/lrw/lrw_process.o \
|
||||
src/modes/lrw/lrw_setiv.o src/modes/lrw/lrw_start.o src/modes/lrw/lrw_test.o \
|
||||
src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o src/modes/ofb/ofb_encrypt.o \
|
||||
src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o src/modes/ofb/ofb_start.o \
|
||||
src/pk/asn1/der/bit/der_decode_bit_string.o src/pk/asn1/der/bit/der_encode_bit_string.o \
|
||||
src/pk/asn1/der/bit/der_length_bit_string.o src/pk/asn1/der/choice/der_decode_choice.o \
|
||||
src/pk/asn1/der/ia5/der_decode_ia5_string.o src/pk/asn1/der/ia5/der_encode_ia5_string.o \
|
||||
src/pk/asn1/der/ia5/der_length_ia5_string.o src/pk/asn1/der/integer/der_decode_integer.o \
|
||||
src/pk/asn1/der/integer/der_encode_integer.o src/pk/asn1/der/integer/der_length_integer.o \
|
||||
src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
|
||||
src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
|
||||
src/pk/asn1/der/object_identifier/der_length_object_identifier.o \
|
||||
@ -194,6 +197,7 @@ src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt
|
||||
src/headers/tomcrypt_pk.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_math.h \
|
||||
src/headers/tomcrypt_misc.h src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h \
|
||||
src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
|
||||
|
||||
#END_INS
|
||||
|
||||
TESTOBJECTS=demos/test.o
|
||||
@ -255,5 +259,5 @@ timing: library testprof/$(LIBTEST) $(TIMINGS)
|
||||
gcc -o $(TIMING) $(TIMINGS) -ltomcrypt_prof -ltomcrypt $(EXTRALIBS)
|
||||
|
||||
# $Source: /cvs/libtom/libtomcrypt/makefile.shared,v $
|
||||
# $Revision: 1.38 $
|
||||
# $Date: 2005/11/23 02:34:57 $
|
||||
# $Revision: 1.43 $
|
||||
# $Date: 2006/01/26 06:12:31 $
|
||||
|
@ -49,7 +49,7 @@ const struct ltc_cipher_descriptor rijndael_desc =
|
||||
6,
|
||||
16, 32, 16, 10,
|
||||
SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
const struct ltc_cipher_descriptor aes_desc =
|
||||
@ -58,7 +58,7 @@ const struct ltc_cipher_descriptor aes_desc =
|
||||
6,
|
||||
16, 32, 16, 10,
|
||||
SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
#else
|
||||
@ -74,7 +74,7 @@ const struct ltc_cipher_descriptor rijndael_enc_desc =
|
||||
6,
|
||||
16, 32, 16, 10,
|
||||
SETUP, ECB_ENC, NULL, NULL, ECB_DONE, ECB_KS,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
const struct ltc_cipher_descriptor aes_enc_desc =
|
||||
@ -83,7 +83,7 @@ const struct ltc_cipher_descriptor aes_enc_desc =
|
||||
6,
|
||||
16, 32, 16, 10,
|
||||
SETUP, ECB_ENC, NULL, NULL, ECB_DONE, ECB_KS,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
#endif
|
||||
|
@ -29,7 +29,7 @@ const struct ltc_cipher_descriptor anubis_desc = {
|
||||
&anubis_test,
|
||||
&anubis_done,
|
||||
&anubis_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
#define MIN_N 4
|
||||
|
@ -27,7 +27,7 @@ const struct ltc_cipher_descriptor blowfish_desc =
|
||||
&blowfish_test,
|
||||
&blowfish_done,
|
||||
&blowfish_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
static const ulong32 ORIG_P[16 + 2] = {
|
||||
|
@ -27,7 +27,7 @@ const struct ltc_cipher_descriptor cast5_desc = {
|
||||
&cast5_test,
|
||||
&cast5_done,
|
||||
&cast5_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
static const ulong32 S1[256] = {
|
||||
|
@ -31,7 +31,7 @@ const struct ltc_cipher_descriptor des_desc =
|
||||
&des_test,
|
||||
&des_done,
|
||||
&des_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
const struct ltc_cipher_descriptor des3_desc =
|
||||
@ -45,7 +45,7 @@ const struct ltc_cipher_descriptor des3_desc =
|
||||
&des3_test,
|
||||
&des3_done,
|
||||
&des3_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
static const ulong32 bytebit[8] =
|
||||
|
@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor khazad_desc = {
|
||||
&khazad_test,
|
||||
&khazad_done,
|
||||
&khazad_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
#define R 8
|
||||
|
@ -27,7 +27,7 @@ const struct ltc_cipher_descriptor noekeon_desc =
|
||||
&noekeon_test,
|
||||
&noekeon_done,
|
||||
&noekeon_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
static const ulong32 RC[] = {
|
||||
|
@ -36,7 +36,7 @@ const struct ltc_cipher_descriptor rc2_desc = {
|
||||
&rc2_test,
|
||||
&rc2_done,
|
||||
&rc2_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
/* 256-entry permutation table, probably derived somehow from pi */
|
||||
|
@ -29,7 +29,7 @@ const struct ltc_cipher_descriptor rc5_desc =
|
||||
&rc5_test,
|
||||
&rc5_done,
|
||||
&rc5_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
static const ulong32 stab[50] = {
|
||||
|
@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor rc6_desc =
|
||||
&rc6_test,
|
||||
&rc6_done,
|
||||
&rc6_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
static const ulong32 stab[44] = {
|
||||
|
@ -42,7 +42,7 @@ const struct ltc_cipher_descriptor
|
||||
&safer_k64_test,
|
||||
&safer_done,
|
||||
&safer_64_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
},
|
||||
|
||||
safer_sk64_desc = {
|
||||
@ -54,7 +54,7 @@ const struct ltc_cipher_descriptor
|
||||
&safer_sk64_test,
|
||||
&safer_done,
|
||||
&safer_64_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
},
|
||||
|
||||
safer_k128_desc = {
|
||||
@ -66,7 +66,7 @@ const struct ltc_cipher_descriptor
|
||||
&safer_sk128_test,
|
||||
&safer_done,
|
||||
&safer_128_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
},
|
||||
|
||||
safer_sk128_desc = {
|
||||
@ -78,7 +78,7 @@ const struct ltc_cipher_descriptor
|
||||
&safer_sk128_test,
|
||||
&safer_done,
|
||||
&safer_128_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
/******************* Constants ************************************************/
|
||||
|
@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor saferp_desc =
|
||||
&saferp_test,
|
||||
&saferp_done,
|
||||
&saferp_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
/* ROUND(b,i)
|
||||
|
@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor skipjack_desc =
|
||||
&skipjack_test,
|
||||
&skipjack_done,
|
||||
&skipjack_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
static const unsigned char sbox[256] = {
|
||||
|
@ -35,7 +35,7 @@ const struct ltc_cipher_descriptor twofish_desc =
|
||||
&twofish_test,
|
||||
&twofish_done,
|
||||
&twofish_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
/* the two polynomials */
|
||||
|
@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor xtea_desc =
|
||||
&xtea_test,
|
||||
&xtea_done,
|
||||
&xtea_keysize,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
|
||||
};
|
||||
|
||||
int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
|
||||
|
@ -11,11 +11,11 @@
|
||||
|
||||
/**
|
||||
@file gcm_gf_mult.c
|
||||
GCM implementation, initialize state, by Tom St Denis
|
||||
GCM implementation, do the GF mult, by Tom St Denis
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
#ifdef GCM_MODE
|
||||
#if defined(GCM_MODE) || defined(LRW_MODE)
|
||||
|
||||
/* right shift */
|
||||
static void gcm_rightshift(unsigned char *a)
|
||||
@ -57,36 +57,6 @@ void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *
|
||||
}
|
||||
XMEMCPY(c, Z, 16);
|
||||
}
|
||||
|
||||
/**
|
||||
GCM multiply by H
|
||||
@param gcm The GCM state which holds the H value
|
||||
@param I The value to multiply H by
|
||||
*/
|
||||
void gcm_mult_h(gcm_state *gcm, unsigned char *I)
|
||||
{
|
||||
unsigned char T[16];
|
||||
#ifdef GCM_TABLES
|
||||
int x, y;
|
||||
XMEMCPY(T, &gcm->PC[0][I[0]][0], 16);
|
||||
for (x = 1; x < 16; x++) {
|
||||
#ifdef LTC_FAST
|
||||
for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
|
||||
*((LTC_FAST_TYPE *)(T + y)) ^= *((LTC_FAST_TYPE *)(&gcm->PC[x][I[x]][y]));
|
||||
}
|
||||
#else
|
||||
for (y = 0; y < 16; y++) {
|
||||
T[y] ^= gcm->PC[x][I[x]][y];
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#else
|
||||
gcm_gf_mult(gcm->H, I, T);
|
||||
#endif
|
||||
XMEMCPY(I, T, 16);
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
/* $Source$ */
|
||||
|
50
src/encauth/gcm/gcm_mult_h.c
Normal file
50
src/encauth/gcm/gcm_mult_h.c
Normal file
@ -0,0 +1,50 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
|
||||
/**
|
||||
@file gcm_mult_h.c
|
||||
GCM implementation, do the GF mult, by Tom St Denis
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
#if defined(GCM_MODE)
|
||||
/**
|
||||
GCM multiply by H
|
||||
@param gcm The GCM state which holds the H value
|
||||
@param I The value to multiply H by
|
||||
*/
|
||||
void gcm_mult_h(gcm_state *gcm, unsigned char *I)
|
||||
{
|
||||
unsigned char T[16];
|
||||
#ifdef GCM_TABLES
|
||||
int x, y;
|
||||
XMEMCPY(T, &gcm->PC[0][I[0]][0], 16);
|
||||
for (x = 1; x < 16; x++) {
|
||||
#ifdef LTC_FAST
|
||||
for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
|
||||
*((LTC_FAST_TYPE *)(T + y)) ^= *((LTC_FAST_TYPE *)(&gcm->PC[x][I[x]][y]));
|
||||
}
|
||||
#else
|
||||
for (y = 0; y < 16; y++) {
|
||||
T[y] ^= gcm->PC[x][I[x]][y];
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#else
|
||||
gcm_gf_mult(gcm->H, I, T);
|
||||
#endif
|
||||
XMEMCPY(I, T, 16);
|
||||
}
|
||||
#endif
|
||||
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
94
src/encauth/nls/nls_memory.c
Normal file
94
src/encauth/nls/nls_memory.c
Normal file
@ -0,0 +1,94 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
|
||||
/**
|
||||
@file nls_memory.c
|
||||
NLS support, process a block of memory, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef NLS_MODE
|
||||
|
||||
int nls_memory(const unsigned char *key, unsigned long keylen,
|
||||
const unsigned char *IV, unsigned long IVlen,
|
||||
const unsigned char *adata, unsigned long adatalen,
|
||||
unsigned char *pt, unsigned long ptlen,
|
||||
unsigned char *ct,
|
||||
unsigned char *tag, unsigned long taglen,
|
||||
int direction)
|
||||
{
|
||||
nls_state *nls;
|
||||
int err;
|
||||
|
||||
LTC_ARGCHK(key != NULL);
|
||||
LTC_ARGCHK(IV != NULL);
|
||||
if (adatalen > 0) {
|
||||
LTC_ARGCHK(adata != NULL);
|
||||
}
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
if (taglen > 0) {
|
||||
LTC_ARGCHK(tag != NULL);
|
||||
}
|
||||
|
||||
/* alloc NLS state */
|
||||
nls = XCALLOC(1, sizeof(*nls));
|
||||
if (nls == NULL) {
|
||||
return CRYPT_MEM;
|
||||
}
|
||||
|
||||
/* init key and IV */
|
||||
if ((err = nls_key(nls, key, keylen)) != CRYPT_OK) {
|
||||
goto done;
|
||||
}
|
||||
if ((err = nls_nonce(nls, IV, IVlen)) != CRYPT_OK) {
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* process adata */
|
||||
if (adatalen > 0) {
|
||||
if ((err = nls_maconly(nls, adata, adatalen)) != CRYPT_OK) {
|
||||
goto done;
|
||||
}
|
||||
}
|
||||
|
||||
/* process msg */
|
||||
if (direction == NLS_ENCRYPT) {
|
||||
if ((err = nls_encrypt(nls, pt, nbytes, ct)) != CRYPT_OK) {
|
||||
goto done;
|
||||
}
|
||||
} else {
|
||||
if ((err = nls_decrypt(nls, ct, nbytes, pt)) != CRYPT_OK) {
|
||||
goto done;
|
||||
}
|
||||
}
|
||||
|
||||
/* grab tag */
|
||||
if (taglen > 0) {
|
||||
if ((err = nls_finish(nls, tag, taglen)) != CRYPT_OK) {
|
||||
goto done;
|
||||
}
|
||||
}
|
||||
|
||||
err = CRYPT_OK;
|
||||
done:
|
||||
#ifdef LTC_CLEAN_STACK
|
||||
zeromem(nls, sizeof(*nls));
|
||||
#endif
|
||||
XFREE(nls);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
981
src/encauth/nls/nlsfast.c
Normal file
981
src/encauth/nls/nlsfast.c
Normal file
@ -0,0 +1,981 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
|
||||
/**
|
||||
@file nlsfast.c
|
||||
NLS support, entire suite, Tom St Denis
|
||||
*/
|
||||
|
||||
|
||||
/* Id: nlsfast.c 346 2005-04-22 18:36:12Z mwp */
|
||||
/* nlsfast: NLS stream cipher and Mundja MAC -- fast implementation */
|
||||
|
||||
/*
|
||||
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
||||
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND AGAINST
|
||||
INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
|
||||
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||||
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||||
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
|
||||
/* This source has been modified from the original source for the LibTomCrypt project
|
||||
* by Tom St Denis. (Warnings fixed and code GNU indented)
|
||||
*/
|
||||
|
||||
#include "tomcrypt.h"
|
||||
|
||||
#ifdef NLS_MODE
|
||||
|
||||
#define NLS_LONG_OUTPUT 1
|
||||
#define N 17
|
||||
#define NMAC 8
|
||||
#define WORDSIZE 32
|
||||
#define F16 0x10001ul
|
||||
#define MACKONST 8
|
||||
|
||||
/* interface, multiplication table and SBox */
|
||||
#include "nlssbox.inc"
|
||||
#include "nlsmultab.inc"
|
||||
/*
|
||||
* FOLD is how many register cycles need to be performed after combining the
|
||||
* last byte of key and non-linear feedback, before every byte depends on every
|
||||
* byte of the key. This depends on the feedback and nonlinear functions, and
|
||||
* on where they are combined into the register.
|
||||
*/
|
||||
#define FOLD N /* how many iterations of folding to do */
|
||||
#define INITKONST 0x6996c53a /* value of KONST to use during key loading */
|
||||
#define KEYP 15 /* where to insert key words */
|
||||
#define FOLDP 4 /* where to insert non-linear feedback */
|
||||
#if NLS_LONG_OUTPUT
|
||||
#define CTRP 2 /* where to insert counter to avoid small cycles */
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
|
||||
#define Byte(x,i) ((unsigned char)(((x) >> (8*i)) & 0xFF))
|
||||
|
||||
/* define IS_LITTLE_ENDIAN for faster operation when appropriate */
|
||||
#if defined(ENDIAN_LITTLE) && defined(ENDIAN_32BITWORD)
|
||||
/* Useful macros -- little endian words on a little endian machine */
|
||||
#define BYTE2WORD(b) (*(ulong32 *)(b))
|
||||
#define WORD2BYTE(w, b) ((*(ulong32 *)(b)) = w)
|
||||
#define XORWORD(w, b) ((*(ulong32 *)(b)) ^= w)
|
||||
#else
|
||||
/* Useful macros -- machine independent little-endian version */
|
||||
#define BYTE2WORD(b) ( \
|
||||
(((ulong32)(b)[3] & 0xFF)<<24) | \
|
||||
(((ulong32)(b)[2] & 0xFF)<<16) | \
|
||||
(((ulong32)(b)[1] & 0xFF)<<8) | \
|
||||
(((ulong32)(b)[0] & 0xFF)) \
|
||||
)
|
||||
#define WORD2BYTE(w, b) { \
|
||||
(b)[3] = Byte(w,3); \
|
||||
(b)[2] = Byte(w,2); \
|
||||
(b)[1] = Byte(w,1); \
|
||||
(b)[0] = Byte(w,0); \
|
||||
}
|
||||
#define XORWORD(w, b) { \
|
||||
(b)[3] ^= Byte(w,3); \
|
||||
(b)[2] ^= Byte(w,2); \
|
||||
(b)[1] ^= Byte(w,1); \
|
||||
(b)[0] ^= Byte(w,0); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#if NLS_LONG_OUTPUT
|
||||
#define ZEROCOUNTER(c) c->CtrModF16 = c->CtrMod232 = 0
|
||||
#else
|
||||
#define ZEROCOUNTER(c) /* nothing */
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
|
||||
/* give correct offset for the current position of the register,
|
||||
* where logically R[0] is at position "zero".
|
||||
*/
|
||||
#define OFF(zero, i) (((zero)+(i)) % N)
|
||||
|
||||
#if NLS_LONG_OUTPUT
|
||||
/* Increment counter and mix into register every so often */
|
||||
#define FIXCTR(c,z) \
|
||||
{ \
|
||||
if (++c->CtrModF16 == F16) { \
|
||||
c->CtrMod232 += c->CtrModF16; \
|
||||
c->R[OFF(z,CTRP)] += c->CtrMod232; \
|
||||
c->CtrMod232 = 0; \
|
||||
} \
|
||||
}
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
|
||||
/* step the shift register */
|
||||
/* After stepping, "zero" moves right one place */
|
||||
#define STEP(c,z) \
|
||||
{ register ulong32 tt; \
|
||||
tt = ROL(c->R[OFF(z,0)],19) + ROL(c->R[OFF(z,15)],9) + c->konst; \
|
||||
tt ^= Sbox[(tt >> 24) & 0xFF]; \
|
||||
c->R[OFF(z,0)] = tt ^ c->R[OFF(z,4)]; \
|
||||
}
|
||||
static void cycle(nls_state * c)
|
||||
{
|
||||
ulong32 t;
|
||||
int i;
|
||||
|
||||
/* nonlinear feedback function */
|
||||
STEP(c, 0);
|
||||
/* shift register */
|
||||
t = c->R[0];
|
||||
for (i = 1; i < N; ++i)
|
||||
c->R[i - 1] = c->R[i];
|
||||
c->R[N - 1] = t;
|
||||
#if NLS_LONG_OUTPUT
|
||||
FIXCTR(c, 0);
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
}
|
||||
|
||||
/* Return a non-linear function of some parts of the register.
|
||||
*/
|
||||
#define NLFUNC(c,z) \
|
||||
(c->R[OFF(z,0)] + c->R[OFF(z,16)]) \
|
||||
^ (c->R[OFF(z,1)] + c->konst) \
|
||||
^ (c->R[OFF(z,6)] + c->R[OFF(z,13)])
|
||||
|
||||
static ulong32 nltap(nls_state * c)
|
||||
{
|
||||
return NLFUNC(c, 0);
|
||||
}
|
||||
|
||||
/* The Mundja MAC function is modelled after the round function of SHA-256.
|
||||
* The following lines establish aliases for the MAC accumulator, just
|
||||
* so that the definition of that function looks more like FIPS-180-2.
|
||||
*/
|
||||
#define A c->M[0]
|
||||
#define B c->M[1]
|
||||
#define C c->M[2]
|
||||
#define D c->M[3]
|
||||
#define E c->M[4]
|
||||
#define F c->M[5]
|
||||
#define G c->M[6]
|
||||
#define H c->M[7]
|
||||
#define SIGMA0(x) (ROR((x), 2) ^ ROR((x), 13) ^ ROR((x), 22))
|
||||
#define SIGMA1(x) (ROR((x), 6) ^ ROR((x), 11) ^ ROR((x), 25))
|
||||
#define CHOOSE(x,y,z) (z ^ (x & (y ^ z)))
|
||||
#define MAJORITY(x,y,z) ((x & y) | (z & (x | y)))
|
||||
|
||||
/* Accumulate a nonlinear function of a register word and an input word for MAC.
|
||||
* Except for the added S-Box and SOBER LFSR input instead of constants,
|
||||
* this is exactly a round of SHA-256.
|
||||
*/
|
||||
#define SHAFUNC(c,i,k,A,B,C,D,E,F,G,H) \
|
||||
{ \
|
||||
ulong32 t1; \
|
||||
t1 = H + k + i; \
|
||||
t1 ^= Sbox[(t1 >> 24) & 0xFF]; \
|
||||
t1 += SIGMA1(E) + CHOOSE(E, F, G); \
|
||||
D += t1; \
|
||||
t1 += SIGMA0(A) + MAJORITY(A, B, C); \
|
||||
H = t1; \
|
||||
}
|
||||
|
||||
static void shafunc(nls_state * c, ulong32 i)
|
||||
{
|
||||
ulong32 t;
|
||||
|
||||
SHAFUNC(c, i, c->R[MACKONST], A, B, C, D, E, F, G, H);
|
||||
/* now correct alignment of MAC accumulator */
|
||||
t = c->M[NMAC - 1];
|
||||
for (i = NMAC - 1; i > 0; --i)
|
||||
c->M[i] = c->M[i - 1];
|
||||
c->M[0] = t;
|
||||
}
|
||||
|
||||
/* Accumulate a CRC of input words, later to be fed into MAC.
|
||||
*/
|
||||
#define CRCFUNC(c,i,zero,five) \
|
||||
{ \
|
||||
ulong32 t1; \
|
||||
t1 = (c->CRC[zero] << 8) ^ Multab[(c->CRC[zero] >> 24) & 0xFF] \
|
||||
^ c->CRC[five] ^ i; \
|
||||
c->CRC[zero] = t1; \
|
||||
}
|
||||
|
||||
static void crcfunc(nls_state * c, ulong32 i)
|
||||
{
|
||||
ulong32 t;
|
||||
|
||||
CRCFUNC(c, i, 0, 5);
|
||||
/* now correct alignment of CRC accumulator */
|
||||
t = c->CRC[0];
|
||||
for (i = 1; i < NMAC; ++i)
|
||||
c->CRC[i - 1] = c->CRC[i];
|
||||
c->CRC[NMAC - 1] = t;
|
||||
}
|
||||
|
||||
/* Normal MAC word processing: do both SHA and CRC.
|
||||
*/
|
||||
static void macfunc(nls_state * c, ulong32 i)
|
||||
{
|
||||
crcfunc(c, i);
|
||||
shafunc(c, i);
|
||||
}
|
||||
|
||||
/* initialise to known state
|
||||
*/
|
||||
static void nls_initstate(nls_state * c)
|
||||
{
|
||||
int i;
|
||||
|
||||
/* Register initialised to Fibonacci numbers */
|
||||
c->R[0] = 1;
|
||||
c->R[1] = 1;
|
||||
for (i = 2; i < N; ++i)
|
||||
c->R[i] = c->R[i - 1] + c->R[i - 2];
|
||||
c->konst = INITKONST;
|
||||
ZEROCOUNTER(c);
|
||||
}
|
||||
|
||||
/* Save the current register state
|
||||
*/
|
||||
static void nls_savestate(nls_state * c)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < N; ++i)
|
||||
c->initR[i] = c->R[i];
|
||||
}
|
||||
|
||||
/* initialise to previously saved register state
|
||||
*/
|
||||
static void nls_reloadstate(nls_state * c)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < N; ++i)
|
||||
c->R[i] = c->initR[i];
|
||||
ZEROCOUNTER(c);
|
||||
}
|
||||
|
||||
/* Initialise "konst"
|
||||
*/
|
||||
static void nls_genkonst(nls_state * c)
|
||||
{
|
||||
ulong32 newkonst;
|
||||
|
||||
do {
|
||||
cycle(c);
|
||||
newkonst = nltap(c);
|
||||
}
|
||||
while ((newkonst & 0xFF000000) == 0);
|
||||
c->konst = newkonst;
|
||||
}
|
||||
|
||||
/* Load key material into the register
|
||||
*/
|
||||
#define ADDKEY(k) \
|
||||
c->R[KEYP] += (k);
|
||||
|
||||
#define XORNL(nl) \
|
||||
c->R[FOLDP] ^= (nl);
|
||||
|
||||
/* nonlinear diffusion of register for key and MAC */
|
||||
#define DROUND(z) STEP(c,z); c->R[OFF((z+1),FOLDP)] ^= NLFUNC(c,(z+1));
|
||||
static void nls_diffuse(nls_state * c)
|
||||
{
|
||||
/* relies on FOLD == N! */
|
||||
DROUND(0);
|
||||
DROUND(1);
|
||||
DROUND(2);
|
||||
DROUND(3);
|
||||
DROUND(4);
|
||||
DROUND(5);
|
||||
DROUND(6);
|
||||
DROUND(7);
|
||||
DROUND(8);
|
||||
DROUND(9);
|
||||
DROUND(10);
|
||||
DROUND(11);
|
||||
DROUND(12);
|
||||
DROUND(13);
|
||||
DROUND(14);
|
||||
DROUND(15);
|
||||
DROUND(16);
|
||||
}
|
||||
|
||||
/* common actions for loading key material */
|
||||
static void
|
||||
nls_loadkey(nls_state * c, const unsigned char *key, unsigned long keylen)
|
||||
{
|
||||
ulong32 i, k;
|
||||
|
||||
/* start folding in key, reject odd sized keys */
|
||||
if ((keylen & 3) != 0)
|
||||
abort();
|
||||
for (i = 0; i < keylen; i += 4) {
|
||||
k = BYTE2WORD(&key[i]);
|
||||
ADDKEY(k);
|
||||
cycle(c);
|
||||
XORNL(nltap(c));
|
||||
}
|
||||
|
||||
/* also fold in the length of the key */
|
||||
ADDKEY(keylen);
|
||||
|
||||
/* now diffuse */
|
||||
nls_diffuse(c);
|
||||
}
|
||||
|
||||
/* initialise MAC related registers
|
||||
*/
|
||||
static void nls_macinit(nls_state * c)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < NMAC; ++i) {
|
||||
c->M[i] = c->R[i];
|
||||
c->CRC[i] = c->R[i + NMAC];
|
||||
}
|
||||
}
|
||||
|
||||
/* Published "key" interface
|
||||
*/
|
||||
int nls_key(nls_state * c, const unsigned char *key, unsigned long keylen)
|
||||
{
|
||||
LTC_ARGCHK(c != NULL);
|
||||
LTC_ARGCHK(key != NULL);
|
||||
|
||||
if (keylen == 0) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
nls_initstate(c);
|
||||
nls_loadkey(c, key, keylen);
|
||||
nls_genkonst(c);
|
||||
nls_savestate(c);
|
||||
nls_macinit(c);
|
||||
c->nbuf = 0;
|
||||
ZEROCOUNTER(c);
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
/* Published "nonce" interface
|
||||
*/
|
||||
int
|
||||
nls_nonce(nls_state * c, const unsigned char *nonce, unsigned long noncelen)
|
||||
{
|
||||
LTC_ARGCHK(c != NULL);
|
||||
LTC_ARGCHK(nonce != NULL);
|
||||
if (noncelen == 0) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
nls_reloadstate(c);
|
||||
nls_loadkey(c, nonce, noncelen);
|
||||
nls_macinit(c);
|
||||
c->nbuf = 0;
|
||||
ZEROCOUNTER(c);
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
#if 0
|
||||
/* XOR pseudo-random bytes into buffer
|
||||
* Note: doesn't play well with MAC functions.
|
||||
*/
|
||||
#define SROUND(z) STEP(c,z); t = NLFUNC(c,(z+1)); XORWORD(t, buf+(z*4));
|
||||
static void
|
||||
nls_stream(nls_state * c, unsigned char *buf, unsigned long nbytes)
|
||||
{
|
||||
ulong32 t = 0;
|
||||
|
||||
/* handle any previously buffered bytes */
|
||||
while (c->nbuf != 0 && nbytes != 0) {
|
||||
*buf++ ^= c->sbuf & 0xFF;
|
||||
c->sbuf >>= 8;
|
||||
c->nbuf -= 8;
|
||||
--nbytes;
|
||||
}
|
||||
|
||||
/* do lots at a time, if there's enough to do */
|
||||
while (nbytes >= N * 4) {
|
||||
#if NLS_LONG_OUTPUT
|
||||
if (c->CtrModF16 < (F16 - 17)) {
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
SROUND(0);
|
||||
SROUND(1);
|
||||
SROUND(2);
|
||||
SROUND(3);
|
||||
SROUND(4);
|
||||
SROUND(5);
|
||||
SROUND(6);
|
||||
SROUND(7);
|
||||
SROUND(8);
|
||||
SROUND(9);
|
||||
SROUND(10);
|
||||
SROUND(11);
|
||||
SROUND(12);
|
||||
SROUND(13);
|
||||
SROUND(14);
|
||||
SROUND(15);
|
||||
SROUND(16);
|
||||
#if NLS_LONG_OUTPUT
|
||||
c->CtrModF16 += 17;
|
||||
} else {
|
||||
SROUND(0);
|
||||
FIXCTR(c, 1);
|
||||
SROUND(1);
|
||||
FIXCTR(c, 2);
|
||||
SROUND(2);
|
||||
FIXCTR(c, 3);
|
||||
SROUND(3);
|
||||
FIXCTR(c, 4);
|
||||
SROUND(4);
|
||||
FIXCTR(c, 5);
|
||||
SROUND(5);
|
||||
FIXCTR(c, 6);
|
||||
SROUND(6);
|
||||
FIXCTR(c, 7);
|
||||
SROUND(7);
|
||||
FIXCTR(c, 8);
|
||||
SROUND(8);
|
||||
FIXCTR(c, 9);
|
||||
SROUND(9);
|
||||
FIXCTR(c, 10);
|
||||
SROUND(10);
|
||||
FIXCTR(c, 11);
|
||||
SROUND(11);
|
||||
FIXCTR(c, 12);
|
||||
SROUND(12);
|
||||
FIXCTR(c, 13);
|
||||
SROUND(13);
|
||||
FIXCTR(c, 14);
|
||||
SROUND(14);
|
||||
FIXCTR(c, 15);
|
||||
SROUND(15);
|
||||
FIXCTR(c, 16);
|
||||
SROUND(16);
|
||||
FIXCTR(c, 0);
|
||||
}
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
buf += 4 * N;
|
||||
nbytes -= N * 4;
|
||||
}
|
||||
|
||||
/* do small or odd size buffers the slow way */
|
||||
while (4 <= nbytes) {
|
||||
cycle(c);
|
||||
t = nltap(c);
|
||||
XORWORD(t, buf);
|
||||
buf += 4;
|
||||
nbytes -= 4;
|
||||
}
|
||||
|
||||
/* handle any trailing bytes */
|
||||
if (nbytes != 0) {
|
||||
cycle(c);
|
||||
c->sbuf = nltap(c);
|
||||
c->nbuf = 32;
|
||||
while (c->nbuf != 0 && nbytes != 0) {
|
||||
*buf++ ^= c->sbuf & 0xFF;
|
||||
c->sbuf >>= 8;
|
||||
c->nbuf -= 8;
|
||||
--nbytes;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/* accumulate words into MAC without encryption
|
||||
* Note that plaintext is accumulated for MAC.
|
||||
*/
|
||||
#define MROUND(z,A,B,C,D,E,F,G,H) \
|
||||
t = BYTE2WORD(buf+(z*4)); \
|
||||
STEP(c,z); \
|
||||
CRCFUNC(c,t,((z)&0x7),(((z)+5)&0x7)); \
|
||||
SHAFUNC(c,t,c->R[OFF(z+1,MACKONST)],A,B,C,D,E,F,G,H);
|
||||
int nls_maconly(nls_state * c, const unsigned char *buf, unsigned long nbytes)
|
||||
{
|
||||
int i;
|
||||
ulong32 t = 0;
|
||||
|
||||
LTC_ARGCHK(c != NULL);
|
||||
LTC_ARGCHK(buf != NULL);
|
||||
|
||||
|
||||
/* handle any previously buffered bytes */
|
||||
if (c->nbuf != 0) {
|
||||
while (c->nbuf != 0 && nbytes != 0) {
|
||||
c->mbuf ^= (*buf++) << (32 - c->nbuf);
|
||||
c->nbuf -= 8;
|
||||
--nbytes;
|
||||
}
|
||||
if (c->nbuf != 0) { /* not a whole word yet */
|
||||
return CRYPT_OK;
|
||||
}
|
||||
/* LFSR already cycled */
|
||||
macfunc(c, c->mbuf);
|
||||
}
|
||||
|
||||
/* do lots at a time, if there's enough to do */
|
||||
while (4 * N <= nbytes) {
|
||||
#if NLS_LONG_OUTPUT
|
||||
if (c->CtrModF16 < (F16 - 17)) {
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
MROUND(0, A, B, C, D, E, F, G, H);
|
||||
MROUND(1, H, A, B, C, D, E, F, G);
|
||||
MROUND(2, G, H, A, B, C, D, E, F);
|
||||
MROUND(3, F, G, H, A, B, C, D, E);
|
||||
MROUND(4, E, F, G, H, A, B, C, D);
|
||||
MROUND(5, D, E, F, G, H, A, B, C);
|
||||
MROUND(6, C, D, E, F, G, H, A, B);
|
||||
MROUND(7, B, C, D, E, F, G, H, A);
|
||||
MROUND(8, A, B, C, D, E, F, G, H);
|
||||
MROUND(9, H, A, B, C, D, E, F, G);
|
||||
MROUND(10, G, H, A, B, C, D, E, F);
|
||||
MROUND(11, F, G, H, A, B, C, D, E);
|
||||
MROUND(12, E, F, G, H, A, B, C, D);
|
||||
MROUND(13, D, E, F, G, H, A, B, C);
|
||||
MROUND(14, C, D, E, F, G, H, A, B);
|
||||
MROUND(15, B, C, D, E, F, G, H, A);
|
||||
MROUND(16, A, B, C, D, E, F, G, H);
|
||||
#if NLS_LONG_OUTPUT
|
||||
c->CtrModF16 += 17;
|
||||
} else {
|
||||
MROUND(0, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 1);
|
||||
MROUND(1, H, A, B, C, D, E, F, G);
|
||||
FIXCTR(c, 2);
|
||||
MROUND(2, G, H, A, B, C, D, E, F);
|
||||
FIXCTR(c, 3);
|
||||
MROUND(3, F, G, H, A, B, C, D, E);
|
||||
FIXCTR(c, 4);
|
||||
MROUND(4, E, F, G, H, A, B, C, D);
|
||||
FIXCTR(c, 5);
|
||||
MROUND(5, D, E, F, G, H, A, B, C);
|
||||
FIXCTR(c, 6);
|
||||
MROUND(6, C, D, E, F, G, H, A, B);
|
||||
FIXCTR(c, 7);
|
||||
MROUND(7, B, C, D, E, F, G, H, A);
|
||||
FIXCTR(c, 8);
|
||||
MROUND(8, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 9);
|
||||
MROUND(9, H, A, B, C, D, E, F, G);
|
||||
FIXCTR(c, 10);
|
||||
MROUND(10, G, H, A, B, C, D, E, F);
|
||||
FIXCTR(c, 11);
|
||||
MROUND(11, F, G, H, A, B, C, D, E);
|
||||
FIXCTR(c, 12);
|
||||
MROUND(12, E, F, G, H, A, B, C, D);
|
||||
FIXCTR(c, 13);
|
||||
MROUND(13, D, E, F, G, H, A, B, C);
|
||||
FIXCTR(c, 14);
|
||||
MROUND(14, C, D, E, F, G, H, A, B);
|
||||
FIXCTR(c, 15);
|
||||
MROUND(15, B, C, D, E, F, G, H, A);
|
||||
FIXCTR(c, 16);
|
||||
MROUND(16, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 0);
|
||||
}
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
buf += 4 * N;
|
||||
nbytes -= 4 * N;
|
||||
/* fix alignment of MAC buffer */
|
||||
t = c->M[NMAC - 1];
|
||||
for (i = NMAC - 1; i > 0; --i)
|
||||
c->M[i] = c->M[i - 1];
|
||||
c->M[0] = t;
|
||||
/* fix alignment of CRC buffer */
|
||||
t = c->CRC[0];
|
||||
for (i = 1; i < NMAC; ++i)
|
||||
c->CRC[i - 1] = c->CRC[i];
|
||||
c->CRC[NMAC - 1] = t;
|
||||
}
|
||||
|
||||
/* do small or odd size buffers the slow way */
|
||||
while (4 <= nbytes) {
|
||||
cycle(c);
|
||||
macfunc(c, BYTE2WORD(buf));
|
||||
buf += 4;
|
||||
nbytes -= 4;
|
||||
}
|
||||
|
||||
/* handle any trailing bytes */
|
||||
if (nbytes != 0) {
|
||||
cycle(c);
|
||||
c->sbuf = nltap(c);
|
||||
c->mbuf = 0;
|
||||
c->nbuf = 32;
|
||||
while (nbytes != 0) {
|
||||
c->mbuf ^= (*buf++) << (32 - c->nbuf);
|
||||
c->nbuf -= 8;
|
||||
--nbytes;
|
||||
}
|
||||
}
|
||||
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
/* Combined MAC and encryption.
|
||||
* Note that plaintext is accumulated for MAC.
|
||||
*/
|
||||
#define EROUND(z,A,B,C,D,E,F,G,H) \
|
||||
STEP(c,z); \
|
||||
t3 = BYTE2WORD(buf+(z*4)); \
|
||||
CRCFUNC(c,t3,((z)&0x7),(((z)+5)&0x7)); \
|
||||
SHAFUNC(c,t3,c->R[OFF(z+1,MACKONST)],A,B,C,D,E,F,G,H); \
|
||||
t = NLFUNC(c,(z+1)); \
|
||||
t ^= t3; \
|
||||
WORD2BYTE(t,buf+(z*4));
|
||||
int nls_encrypt(nls_state * c,
|
||||
const unsigned char *pt, unsigned long nbytes,
|
||||
unsigned char *ct)
|
||||
{
|
||||
ulong32 t = 0, t3 = 0;
|
||||
int i;
|
||||
|
||||
LTC_ARGCHK(c != NULL);
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
|
||||
#define buf ct
|
||||
|
||||
/* do copy as required */
|
||||
if (pt != ct) {
|
||||
XMEMCPY(ct, pt, nbytes);
|
||||
}
|
||||
|
||||
/* handle any previously buffered bytes */
|
||||
if (c->nbuf != 0) {
|
||||
while (c->nbuf != 0 && nbytes != 0) {
|
||||
c->mbuf ^= *buf << (32 - c->nbuf);
|
||||
*buf ^= (c->sbuf >> (32 - c->nbuf)) & 0xFF;
|
||||
++buf;
|
||||
c->nbuf -= 8;
|
||||
--nbytes;
|
||||
}
|
||||
if (c->nbuf != 0) /* not a whole word yet */
|
||||
return CRYPT_OK;
|
||||
/* LFSR already cycled */
|
||||
macfunc(c, c->mbuf);
|
||||
}
|
||||
|
||||
/* do lots at a time, if there's enough to do */
|
||||
while (4 * N <= nbytes) {
|
||||
#if NLS_LONG_OUTPUT
|
||||
if (c->CtrModF16 < (F16 - 17)) {
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
EROUND(0, A, B, C, D, E, F, G, H);
|
||||
EROUND(1, H, A, B, C, D, E, F, G);
|
||||
EROUND(2, G, H, A, B, C, D, E, F);
|
||||
EROUND(3, F, G, H, A, B, C, D, E);
|
||||
EROUND(4, E, F, G, H, A, B, C, D);
|
||||
EROUND(5, D, E, F, G, H, A, B, C);
|
||||
EROUND(6, C, D, E, F, G, H, A, B);
|
||||
EROUND(7, B, C, D, E, F, G, H, A);
|
||||
EROUND(8, A, B, C, D, E, F, G, H);
|
||||
EROUND(9, H, A, B, C, D, E, F, G);
|
||||
EROUND(10, G, H, A, B, C, D, E, F);
|
||||
EROUND(11, F, G, H, A, B, C, D, E);
|
||||
EROUND(12, E, F, G, H, A, B, C, D);
|
||||
EROUND(13, D, E, F, G, H, A, B, C);
|
||||
EROUND(14, C, D, E, F, G, H, A, B);
|
||||
EROUND(15, B, C, D, E, F, G, H, A);
|
||||
EROUND(16, A, B, C, D, E, F, G, H);
|
||||
#if NLS_LONG_OUTPUT
|
||||
c->CtrModF16 += 17;
|
||||
} else {
|
||||
EROUND(0, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 1);
|
||||
EROUND(1, H, A, B, C, D, E, F, G);
|
||||
FIXCTR(c, 2);
|
||||
EROUND(2, G, H, A, B, C, D, E, F);
|
||||
FIXCTR(c, 3);
|
||||
EROUND(3, F, G, H, A, B, C, D, E);
|
||||
FIXCTR(c, 4);
|
||||
EROUND(4, E, F, G, H, A, B, C, D);
|
||||
FIXCTR(c, 5);
|
||||
EROUND(5, D, E, F, G, H, A, B, C);
|
||||
FIXCTR(c, 6);
|
||||
EROUND(6, C, D, E, F, G, H, A, B);
|
||||
FIXCTR(c, 7);
|
||||
EROUND(7, B, C, D, E, F, G, H, A);
|
||||
FIXCTR(c, 8);
|
||||
EROUND(8, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 9);
|
||||
EROUND(9, H, A, B, C, D, E, F, G);
|
||||
FIXCTR(c, 10);
|
||||
EROUND(10, G, H, A, B, C, D, E, F);
|
||||
FIXCTR(c, 11);
|
||||
EROUND(11, F, G, H, A, B, C, D, E);
|
||||
FIXCTR(c, 12);
|
||||
EROUND(12, E, F, G, H, A, B, C, D);
|
||||
FIXCTR(c, 13);
|
||||
EROUND(13, D, E, F, G, H, A, B, C);
|
||||
FIXCTR(c, 14);
|
||||
EROUND(14, C, D, E, F, G, H, A, B);
|
||||
FIXCTR(c, 15);
|
||||
EROUND(15, B, C, D, E, F, G, H, A);
|
||||
FIXCTR(c, 16);
|
||||
EROUND(16, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 0);
|
||||
}
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
buf += 4 * N;
|
||||
nbytes -= 4 * N;
|
||||
/* fix alignment of MAC buffer */
|
||||
t = c->M[7];
|
||||
for (i = NMAC - 1; i > 0; --i)
|
||||
c->M[i] = c->M[i - 1];
|
||||
c->M[0] = t;
|
||||
/* fix alignment of CRC buffer */
|
||||
t = c->CRC[0];
|
||||
for (i = 1; i < NMAC; ++i)
|
||||
c->CRC[i - 1] = c->CRC[i];
|
||||
c->CRC[NMAC - 1] = t;
|
||||
}
|
||||
|
||||
/* do small or odd size buffers the slow way */
|
||||
while (4 <= nbytes) {
|
||||
cycle(c);
|
||||
t = BYTE2WORD(buf);
|
||||
macfunc(c, t);
|
||||
t ^= nltap(c);
|
||||
WORD2BYTE(t, buf);
|
||||
nbytes -= 4;
|
||||
buf += 4;
|
||||
}
|
||||
|
||||
/* handle any trailing bytes */
|
||||
if (nbytes != 0) {
|
||||
cycle(c);
|
||||
c->sbuf = nltap(c);
|
||||
c->mbuf = 0;
|
||||
c->nbuf = 32;
|
||||
while (c->nbuf != 0 && nbytes != 0) {
|
||||
c->mbuf ^= *buf << (32 - c->nbuf);
|
||||
*buf ^= (c->sbuf >> (32 - c->nbuf)) & 0xFF;
|
||||
++buf;
|
||||
c->nbuf -= 8;
|
||||
--nbytes;
|
||||
}
|
||||
}
|
||||
|
||||
#undef buf
|
||||
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
/* Combined MAC and decryption.
|
||||
* Note that plaintext is accumulated for MAC.
|
||||
*/
|
||||
#undef DROUND
|
||||
#define DROUND(z,A,B,C,D,E,F,G,H) \
|
||||
STEP(c,z); \
|
||||
t = NLFUNC(c,(z+1)); \
|
||||
t3 = BYTE2WORD(buf+(z*4)); \
|
||||
t ^= t3; \
|
||||
CRCFUNC(c,t,((z)&0x7),(((z)+5)&0x7)); \
|
||||
SHAFUNC(c,t,c->R[OFF(z+1,MACKONST)],A,B,C,D,E,F,G,H); \
|
||||
WORD2BYTE(t, buf+(z*4));
|
||||
int nls_decrypt(nls_state * c,
|
||||
const unsigned char *ct, unsigned long nbytes,
|
||||
unsigned char *pt)
|
||||
{
|
||||
ulong32 t = 0, t3 = 0;
|
||||
int i;
|
||||
|
||||
LTC_ARGCHK(c != NULL);
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
|
||||
#define buf pt
|
||||
|
||||
if (pt != ct) {
|
||||
XMEMCPY(pt, ct, nbytes);
|
||||
}
|
||||
|
||||
/* handle any previously buffered bytes */
|
||||
if (c->nbuf != 0) {
|
||||
while (c->nbuf != 0 && nbytes != 0) {
|
||||
*buf ^= (c->sbuf >> (32 - c->nbuf)) & 0xFF;
|
||||
c->mbuf ^= *buf << (32 - c->nbuf);
|
||||
++buf;
|
||||
c->nbuf -= 8;
|
||||
--nbytes;
|
||||
}
|
||||
if (c->nbuf != 0) /* not a whole word yet */
|
||||
return CRYPT_OK;
|
||||
/* LFSR already cycled */
|
||||
macfunc(c, c->mbuf);
|
||||
}
|
||||
|
||||
/* now do lots at a time, if there's enough */
|
||||
while (4 * N <= nbytes) {
|
||||
#if NLS_LONG_OUTPUT
|
||||
if (c->CtrModF16 < (F16 - 17)) {
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
DROUND(0, A, B, C, D, E, F, G, H);
|
||||
DROUND(1, H, A, B, C, D, E, F, G);
|
||||
DROUND(2, G, H, A, B, C, D, E, F);
|
||||
DROUND(3, F, G, H, A, B, C, D, E);
|
||||
DROUND(4, E, F, G, H, A, B, C, D);
|
||||
DROUND(5, D, E, F, G, H, A, B, C);
|
||||
DROUND(6, C, D, E, F, G, H, A, B);
|
||||
DROUND(7, B, C, D, E, F, G, H, A);
|
||||
DROUND(8, A, B, C, D, E, F, G, H);
|
||||
DROUND(9, H, A, B, C, D, E, F, G);
|
||||
DROUND(10, G, H, A, B, C, D, E, F);
|
||||
DROUND(11, F, G, H, A, B, C, D, E);
|
||||
DROUND(12, E, F, G, H, A, B, C, D);
|
||||
DROUND(13, D, E, F, G, H, A, B, C);
|
||||
DROUND(14, C, D, E, F, G, H, A, B);
|
||||
DROUND(15, B, C, D, E, F, G, H, A);
|
||||
DROUND(16, A, B, C, D, E, F, G, H);
|
||||
#if NLS_LONG_OUTPUT
|
||||
c->CtrModF16 += 17;
|
||||
} else {
|
||||
DROUND(0, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 1);
|
||||
DROUND(1, H, A, B, C, D, E, F, G);
|
||||
FIXCTR(c, 2);
|
||||
DROUND(2, G, H, A, B, C, D, E, F);
|
||||
FIXCTR(c, 3);
|
||||
DROUND(3, F, G, H, A, B, C, D, E);
|
||||
FIXCTR(c, 4);
|
||||
DROUND(4, E, F, G, H, A, B, C, D);
|
||||
FIXCTR(c, 5);
|
||||
DROUND(5, D, E, F, G, H, A, B, C);
|
||||
FIXCTR(c, 6);
|
||||
DROUND(6, C, D, E, F, G, H, A, B);
|
||||
FIXCTR(c, 7);
|
||||
DROUND(7, B, C, D, E, F, G, H, A);
|
||||
FIXCTR(c, 8);
|
||||
DROUND(8, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 9);
|
||||
DROUND(9, H, A, B, C, D, E, F, G);
|
||||
FIXCTR(c, 10);
|
||||
DROUND(10, G, H, A, B, C, D, E, F);
|
||||
FIXCTR(c, 11);
|
||||
DROUND(11, F, G, H, A, B, C, D, E);
|
||||
FIXCTR(c, 12);
|
||||
DROUND(12, E, F, G, H, A, B, C, D);
|
||||
FIXCTR(c, 13);
|
||||
DROUND(13, D, E, F, G, H, A, B, C);
|
||||
FIXCTR(c, 14);
|
||||
DROUND(14, C, D, E, F, G, H, A, B);
|
||||
FIXCTR(c, 15);
|
||||
DROUND(15, B, C, D, E, F, G, H, A);
|
||||
FIXCTR(c, 16);
|
||||
DROUND(16, A, B, C, D, E, F, G, H);
|
||||
FIXCTR(c, 0);
|
||||
}
|
||||
#endif /*NLS_LONG_OUTPUT */
|
||||
buf += 4 * N;
|
||||
nbytes -= 4 * N;
|
||||
/* fix alignment of MAC buffer */
|
||||
t = c->M[7];
|
||||
for (i = NMAC - 1; i > 0; --i)
|
||||
c->M[i] = c->M[i - 1];
|
||||
c->M[0] = t;
|
||||
/* fix alignment of CRC buffer */
|
||||
t = c->CRC[0];
|
||||
for (i = 1; i < NMAC; ++i)
|
||||
c->CRC[i - 1] = c->CRC[i];
|
||||
c->CRC[NMAC - 1] = t;
|
||||
}
|
||||
|
||||
/* do small or odd size buffers the slow way */
|
||||
while (4 <= nbytes) {
|
||||
cycle(c);
|
||||
t = nltap(c);
|
||||
t3 = BYTE2WORD(buf);
|
||||
t ^= t3;
|
||||
macfunc(c, t);
|
||||
WORD2BYTE(t, buf);
|
||||
nbytes -= 4;
|
||||
buf += 4;
|
||||
}
|
||||
|
||||
/* handle any trailing bytes */
|
||||
if (nbytes != 0) {
|
||||
cycle(c);
|
||||
c->sbuf = nltap(c);
|
||||
c->mbuf = 0;
|
||||
c->nbuf = 32;
|
||||
while (c->nbuf != 0 && nbytes != 0) {
|
||||
*buf ^= (c->sbuf >> (32 - c->nbuf)) & 0xFF;
|
||||
c->mbuf ^= *buf << (32 - c->nbuf);
|
||||
++buf;
|
||||
c->nbuf -= 8;
|
||||
--nbytes;
|
||||
}
|
||||
}
|
||||
return CRYPT_OK;
|
||||
|
||||
#undef buf
|
||||
}
|
||||
|
||||
/* Having accumulated a MAC, finish processing and return it.
|
||||
* Note that any unprocessed bytes are treated as if
|
||||
* they were encrypted zero bytes, so plaintext (zero) is accumulated.
|
||||
*/
|
||||
int nls_finish(nls_state * c, unsigned char *buf, unsigned long nbytes)
|
||||
{
|
||||
ulong32 i;
|
||||
|
||||
LTC_ARGCHK(c != NULL);
|
||||
LTC_ARGCHK(buf != NULL);
|
||||
|
||||
/* handle any previously buffered bytes */
|
||||
if (c->nbuf != 0) {
|
||||
/* LFSR already cycled */
|
||||
macfunc(c, c->mbuf);
|
||||
}
|
||||
|
||||
/* perturb the MAC to mark end of input.
|
||||
* Note that only the SHA part is updated, not the CRC. This is an
|
||||
* action that can't be duplicated by passing in plaintext, hence
|
||||
* defeating any kind of extension attack.
|
||||
*/
|
||||
cycle(c);
|
||||
shafunc(c, INITKONST + (c->nbuf << 24));
|
||||
c->nbuf = 0;
|
||||
|
||||
/* now add the CRC to the MAC like input material */
|
||||
for (i = 0; i < NMAC; ++i) {
|
||||
cycle(c);
|
||||
crcfunc(c, 0);
|
||||
shafunc(c, c->CRC[7]);
|
||||
}
|
||||
|
||||
/* continue that process, producing output from the MAC buffer */
|
||||
while (nbytes > 0) {
|
||||
cycle(c);
|
||||
crcfunc(c, 0);
|
||||
shafunc(c, c->CRC[7]);
|
||||
if (nbytes >= 4) {
|
||||
WORD2BYTE(A, buf);
|
||||
nbytes -= 4;
|
||||
buf += 4;
|
||||
} else {
|
||||
for (i = 0; i < nbytes; ++i)
|
||||
buf[i] = Byte(A, i);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
68
src/encauth/nls/nlsmultab.inc
Normal file
68
src/encauth/nls/nlsmultab.inc
Normal file
@ -0,0 +1,68 @@
|
||||
/* Id: nlsmultab.h 333 2005-04-13 05:35:54Z mwp */
|
||||
/* Multiplication table for Mundja using 0xD02B4367 */
|
||||
static const ulong32 Multab[256] = {
|
||||
0x00000000, 0xD02B4367, 0xED5686CE, 0x3D7DC5A9,
|
||||
0x97AC41D1, 0x478702B6, 0x7AFAC71F, 0xAAD18478,
|
||||
0x631582EF, 0xB33EC188, 0x8E430421, 0x5E684746,
|
||||
0xF4B9C33E, 0x24928059, 0x19EF45F0, 0xC9C40697,
|
||||
0xC62A4993, 0x16010AF4, 0x2B7CCF5D, 0xFB578C3A,
|
||||
0x51860842, 0x81AD4B25, 0xBCD08E8C, 0x6CFBCDEB,
|
||||
0xA53FCB7C, 0x7514881B, 0x48694DB2, 0x98420ED5,
|
||||
0x32938AAD, 0xE2B8C9CA, 0xDFC50C63, 0x0FEE4F04,
|
||||
0xC154926B, 0x117FD10C, 0x2C0214A5, 0xFC2957C2,
|
||||
0x56F8D3BA, 0x86D390DD, 0xBBAE5574, 0x6B851613,
|
||||
0xA2411084, 0x726A53E3, 0x4F17964A, 0x9F3CD52D,
|
||||
0x35ED5155, 0xE5C61232, 0xD8BBD79B, 0x089094FC,
|
||||
0x077EDBF8, 0xD755989F, 0xEA285D36, 0x3A031E51,
|
||||
0x90D29A29, 0x40F9D94E, 0x7D841CE7, 0xADAF5F80,
|
||||
0x646B5917, 0xB4401A70, 0x893DDFD9, 0x59169CBE,
|
||||
0xF3C718C6, 0x23EC5BA1, 0x1E919E08, 0xCEBADD6F,
|
||||
0xCFA869D6, 0x1F832AB1, 0x22FEEF18, 0xF2D5AC7F,
|
||||
0x58042807, 0x882F6B60, 0xB552AEC9, 0x6579EDAE,
|
||||
0xACBDEB39, 0x7C96A85E, 0x41EB6DF7, 0x91C02E90,
|
||||
0x3B11AAE8, 0xEB3AE98F, 0xD6472C26, 0x066C6F41,
|
||||
0x09822045, 0xD9A96322, 0xE4D4A68B, 0x34FFE5EC,
|
||||
0x9E2E6194, 0x4E0522F3, 0x7378E75A, 0xA353A43D,
|
||||
0x6A97A2AA, 0xBABCE1CD, 0x87C12464, 0x57EA6703,
|
||||
0xFD3BE37B, 0x2D10A01C, 0x106D65B5, 0xC04626D2,
|
||||
0x0EFCFBBD, 0xDED7B8DA, 0xE3AA7D73, 0x33813E14,
|
||||
0x9950BA6C, 0x497BF90B, 0x74063CA2, 0xA42D7FC5,
|
||||
0x6DE97952, 0xBDC23A35, 0x80BFFF9C, 0x5094BCFB,
|
||||
0xFA453883, 0x2A6E7BE4, 0x1713BE4D, 0xC738FD2A,
|
||||
0xC8D6B22E, 0x18FDF149, 0x258034E0, 0xF5AB7787,
|
||||
0x5F7AF3FF, 0x8F51B098, 0xB22C7531, 0x62073656,
|
||||
0xABC330C1, 0x7BE873A6, 0x4695B60F, 0x96BEF568,
|
||||
0x3C6F7110, 0xEC443277, 0xD139F7DE, 0x0112B4B9,
|
||||
0xD31DD2E1, 0x03369186, 0x3E4B542F, 0xEE601748,
|
||||
0x44B19330, 0x949AD057, 0xA9E715FE, 0x79CC5699,
|
||||
0xB008500E, 0x60231369, 0x5D5ED6C0, 0x8D7595A7,
|
||||
0x27A411DF, 0xF78F52B8, 0xCAF29711, 0x1AD9D476,
|
||||
0x15379B72, 0xC51CD815, 0xF8611DBC, 0x284A5EDB,
|
||||
0x829BDAA3, 0x52B099C4, 0x6FCD5C6D, 0xBFE61F0A,
|
||||
0x7622199D, 0xA6095AFA, 0x9B749F53, 0x4B5FDC34,
|
||||
0xE18E584C, 0x31A51B2B, 0x0CD8DE82, 0xDCF39DE5,
|
||||
0x1249408A, 0xC26203ED, 0xFF1FC644, 0x2F348523,
|
||||
0x85E5015B, 0x55CE423C, 0x68B38795, 0xB898C4F2,
|
||||
0x715CC265, 0xA1778102, 0x9C0A44AB, 0x4C2107CC,
|
||||
0xE6F083B4, 0x36DBC0D3, 0x0BA6057A, 0xDB8D461D,
|
||||
0xD4630919, 0x04484A7E, 0x39358FD7, 0xE91ECCB0,
|
||||
0x43CF48C8, 0x93E40BAF, 0xAE99CE06, 0x7EB28D61,
|
||||
0xB7768BF6, 0x675DC891, 0x5A200D38, 0x8A0B4E5F,
|
||||
0x20DACA27, 0xF0F18940, 0xCD8C4CE9, 0x1DA70F8E,
|
||||
0x1CB5BB37, 0xCC9EF850, 0xF1E33DF9, 0x21C87E9E,
|
||||
0x8B19FAE6, 0x5B32B981, 0x664F7C28, 0xB6643F4F,
|
||||
0x7FA039D8, 0xAF8B7ABF, 0x92F6BF16, 0x42DDFC71,
|
||||
0xE80C7809, 0x38273B6E, 0x055AFEC7, 0xD571BDA0,
|
||||
0xDA9FF2A4, 0x0AB4B1C3, 0x37C9746A, 0xE7E2370D,
|
||||
0x4D33B375, 0x9D18F012, 0xA06535BB, 0x704E76DC,
|
||||
0xB98A704B, 0x69A1332C, 0x54DCF685, 0x84F7B5E2,
|
||||
0x2E26319A, 0xFE0D72FD, 0xC370B754, 0x135BF433,
|
||||
0xDDE1295C, 0x0DCA6A3B, 0x30B7AF92, 0xE09CECF5,
|
||||
0x4A4D688D, 0x9A662BEA, 0xA71BEE43, 0x7730AD24,
|
||||
0xBEF4ABB3, 0x6EDFE8D4, 0x53A22D7D, 0x83896E1A,
|
||||
0x2958EA62, 0xF973A905, 0xC40E6CAC, 0x14252FCB,
|
||||
0x1BCB60CF, 0xCBE023A8, 0xF69DE601, 0x26B6A566,
|
||||
0x8C67211E, 0x5C4C6279, 0x6131A7D0, 0xB11AE4B7,
|
||||
0x78DEE220, 0xA8F5A147, 0x958864EE, 0x45A32789,
|
||||
0xEF72A3F1, 0x3F59E096, 0x0224253F, 0xD20F6658,
|
||||
};
|
84
src/encauth/nls/nlssbox.inc
Normal file
84
src/encauth/nls/nlssbox.inc
Normal file
@ -0,0 +1,84 @@
|
||||
/* Id: nlssbox.h 333 2005-04-13 05:35:54Z mwp */
|
||||
/* Sbox for NLS */
|
||||
/*
|
||||
* This is really the combination of two SBoxes; the least significant
|
||||
* 24 bits comes from:
|
||||
* 8->32 Sbox generated by Millan et. al. at Queensland University of
|
||||
* Technology. See: E. Dawson, W. Millan, L. Burnett, G. Carter,
|
||||
* "On the Design of 8*32 S-boxes". Unpublished report, by the
|
||||
* Information Systems Research Centre,
|
||||
* Queensland University of Technology, 1999.
|
||||
*
|
||||
* The most significant 8 bits are the Skipjack "F table", which can be
|
||||
* found at http://csrc.nist.gov/CryptoToolkit/skipjack/skipjack.pdf .
|
||||
* In this optimised table, though, the intent is to XOR the word from
|
||||
* the table selected by the high byte with the input word. Thus, the
|
||||
* high byte is actually the Skipjack F-table entry XORED with its
|
||||
* table index.
|
||||
*/
|
||||
static const ulong32 Sbox[256] = {
|
||||
0xa3aa1887, 0xd65e435c, 0x0b65c042, 0x800e6ef4,
|
||||
0xfc57ee20, 0x4d84fed3, 0xf066c502, 0xf354e8ae,
|
||||
0xbb2ee9d9, 0x281f38d4, 0x1f829b5d, 0x735cdf3c,
|
||||
0x95864249, 0xbc2e3963, 0xa1f4429f, 0xf6432c35,
|
||||
0xf7f40325, 0x3cc0dd70, 0x5f973ded, 0x9902dc5e,
|
||||
0xda175b42, 0x590012bf, 0xdc94d78c, 0x39aab26b,
|
||||
0x4ac11b9a, 0x8c168146, 0xc3ea8ec5, 0x058ac28f,
|
||||
0x52ed5c0f, 0x25b4101c, 0x5a2db082, 0x370929e1,
|
||||
0x2a1843de, 0xfe8299fc, 0x202fbc4b, 0x833915dd,
|
||||
0x33a803fa, 0xd446b2de, 0x46233342, 0x4fcee7c3,
|
||||
0x3ad607ef, 0x9e97ebab, 0x507f859b, 0xe81f2e2f,
|
||||
0xc55b71da, 0xd7e2269a, 0x1339c3d1, 0x7ca56b36,
|
||||
0xa6c9def2, 0xb5c9fc5f, 0x5927b3a3, 0x89a56ddf,
|
||||
0xc625b510, 0x560f85a7, 0xace82e71, 0x2ecb8816,
|
||||
0x44951e2a, 0x97f5f6af, 0xdfcbc2b3, 0xce4ff55d,
|
||||
0xcb6b6214, 0x2b0b83e3, 0x549ea6f5, 0x9de041af,
|
||||
0x792f1f17, 0xf73b99ee, 0x39a65ec0, 0x4c7016c6,
|
||||
0x857709a4, 0xd6326e01, 0xc7b280d9, 0x5cfb1418,
|
||||
0xa6aff227, 0xfd548203, 0x506b9d96, 0xa117a8c0,
|
||||
0x9cd5bf6e, 0xdcee7888, 0x61fcfe64, 0xf7a193cd,
|
||||
0x050d0184, 0xe8ae4930, 0x88014f36, 0xd6a87088,
|
||||
0x6bad6c2a, 0x1422c678, 0xe9204de7, 0xb7c2e759,
|
||||
0x0200248e, 0x013b446b, 0xda0d9fc2, 0x0414a895,
|
||||
0x3a6cc3a1, 0x56fef170, 0x86c19155, 0xcf7b8a66,
|
||||
0x551b5e69, 0xb4a8623e, 0xa2bdfa35, 0xc4f068cc,
|
||||
0x573a6acd, 0x6355e936, 0x03602db9, 0x0edf13c1,
|
||||
0x2d0bb16d, 0x6980b83c, 0xfeb23763, 0x3dd8a911,
|
||||
0x01b6bc13, 0xf55579d7, 0xf55c2fa8, 0x19f4196e,
|
||||
0xe7db5476, 0x8d64a866, 0xc06e16ad, 0xb17fc515,
|
||||
0xc46feb3c, 0x8bc8a306, 0xad6799d9, 0x571a9133,
|
||||
0x992466dd, 0x92eb5dcd, 0xac118f50, 0x9fafb226,
|
||||
0xa1b9cef3, 0x3ab36189, 0x347a19b1, 0x62c73084,
|
||||
0xc27ded5c, 0x6c8bc58f, 0x1cdde421, 0xed1e47fb,
|
||||
0xcdcc715e, 0xb9c0ff99, 0x4b122f0f, 0xc4d25184,
|
||||
0xaf7a5e6c, 0x5bbf18bc, 0x8dd7c6e0, 0x5fb7e420,
|
||||
0x521f523f, 0x4ad9b8a2, 0xe9da1a6b, 0x97888c02,
|
||||
0x19d1e354, 0x5aba7d79, 0xa2cc7753, 0x8c2d9655,
|
||||
0x19829da1, 0x531590a7, 0x19c1c149, 0x3d537f1c,
|
||||
0x50779b69, 0xed71f2b7, 0x463c58fa, 0x52dc4418,
|
||||
0xc18c8c76, 0xc120d9f0, 0xafa80d4d, 0x3b74c473,
|
||||
0xd09410e9, 0x290e4211, 0xc3c8082b, 0x8f6b334a,
|
||||
0x3bf68ed2, 0xa843cc1b, 0x8d3c0ff3, 0x20e564a0,
|
||||
0xf8f55a4f, 0x2b40f8e7, 0xfea7f15f, 0xcf00fe21,
|
||||
0x8a6d37d6, 0xd0d506f1, 0xade00973, 0xefbbde36,
|
||||
0x84670fa8, 0xfa31ab9e, 0xaedab618, 0xc01f52f5,
|
||||
0x6558eb4f, 0x71b9e343, 0x4b8d77dd, 0x8cb93da6,
|
||||
0x740fd52d, 0x425412f8, 0xc5a63360, 0x10e53ad0,
|
||||
0x5a700f1c, 0x8324ed0b, 0xe53dc1ec, 0x1a366795,
|
||||
0x6d549d15, 0xc5ce46d7, 0xe17abe76, 0x5f48e0a0,
|
||||
0xd0f07c02, 0x941249b7, 0xe49ed6ba, 0x37a47f78,
|
||||
0xe1cfffbd, 0xb007ca84, 0xbb65f4da, 0xb59f35da,
|
||||
0x33d2aa44, 0x417452ac, 0xc0d674a7, 0x2d61a46a,
|
||||
0xdc63152a, 0x3e12b7aa, 0x6e615927, 0xa14fb118,
|
||||
0xa151758d, 0xba81687b, 0xe152f0b3, 0x764254ed,
|
||||
0x34c77271, 0x0a31acab, 0x54f94aec, 0xb9e994cd,
|
||||
0x574d9e81, 0x5b623730, 0xce8a21e8, 0x37917f0b,
|
||||
0xe8a9b5d6, 0x9697adf8, 0xf3d30431, 0x5dcac921,
|
||||
0x76b35d46, 0xaa430a36, 0xc2194022, 0x22bca65e,
|
||||
0xdaec70ba, 0xdfaea8cc, 0x777bae8b, 0x242924d5,
|
||||
0x1f098a5a, 0x4b396b81, 0x55de2522, 0x435c1cb8,
|
||||
0xaeb8fe1d, 0x9db3c697, 0x5b164f83, 0xe0c16376,
|
||||
0xa319224c, 0xd0203b35, 0x433ac0fe, 0x1466a19a,
|
||||
0x45f0b24f, 0x51fda998, 0xc0d52d71, 0xfa0896a8,
|
||||
0xf9e6053f, 0xa4b0d300, 0xd499cbcc, 0xb95e3d40,
|
||||
};
|
@ -16,8 +16,8 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
/* version */
|
||||
#define CRYPT 0x0108
|
||||
#define SCRYPT "1.08"
|
||||
#define CRYPT 0x0109
|
||||
#define SCRYPT "1.09"
|
||||
|
||||
/* max size of either a cipher/hash block or symmetric key [largest of the two] */
|
||||
#define MAXBLOCKSIZE 128
|
||||
|
@ -167,6 +167,7 @@ typedef union Symmetric_key {
|
||||
void *data;
|
||||
} symmetric_key;
|
||||
|
||||
#ifdef ECB
|
||||
/** A block cipher ECB structure */
|
||||
typedef struct {
|
||||
/** The index of the cipher chosen */
|
||||
@ -176,7 +177,9 @@ typedef struct {
|
||||
/** The scheduled key */
|
||||
symmetric_key key;
|
||||
} symmetric_ECB;
|
||||
#endif
|
||||
|
||||
#ifdef CFB
|
||||
/** A block cipher CFB structure */
|
||||
typedef struct {
|
||||
/** The index of the cipher chosen */
|
||||
@ -192,7 +195,9 @@ typedef struct {
|
||||
/** The scheduled key */
|
||||
symmetric_key key;
|
||||
} symmetric_CFB;
|
||||
#endif
|
||||
|
||||
#ifdef OFB
|
||||
/** A block cipher OFB structure */
|
||||
typedef struct {
|
||||
/** The index of the cipher chosen */
|
||||
@ -206,7 +211,9 @@ typedef struct {
|
||||
/** The scheduled key */
|
||||
symmetric_key key;
|
||||
} symmetric_OFB;
|
||||
#endif
|
||||
|
||||
#ifdef CBC
|
||||
/** A block cipher CBC structure */
|
||||
typedef struct {
|
||||
/** The index of the cipher chosen */
|
||||
@ -218,7 +225,10 @@ typedef struct {
|
||||
/** The scheduled key */
|
||||
symmetric_key key;
|
||||
} symmetric_CBC;
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef CTR
|
||||
/** A block cipher CTR structure */
|
||||
typedef struct {
|
||||
/** The index of the cipher chosen */
|
||||
@ -236,6 +246,35 @@ typedef struct {
|
||||
/** The scheduled key */
|
||||
symmetric_key key;
|
||||
} symmetric_CTR;
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef LRW_MODE
|
||||
/** A LRW structure */
|
||||
typedef struct {
|
||||
/** The index of the cipher chosen (must be a 128-bit block cipher) */
|
||||
int cipher;
|
||||
|
||||
/** The current IV */
|
||||
unsigned char IV[16],
|
||||
|
||||
/** the tweak key */
|
||||
tweak[16],
|
||||
|
||||
/** The current pad, it's the product of the first 15 bytes against the tweak key */
|
||||
pad[16];
|
||||
|
||||
/** The scheduled symmetric key */
|
||||
symmetric_key key;
|
||||
|
||||
#ifdef LRW_TABLES
|
||||
/** The pre-computed multiplication table */
|
||||
unsigned char PC[16][256][16];
|
||||
#endif
|
||||
} symmetric_LRW;
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
/** cipher descriptor table, last entry has "name == NULL" to mark the end of table */
|
||||
extern struct ltc_cipher_descriptor {
|
||||
@ -339,6 +378,28 @@ extern struct ltc_cipher_descriptor {
|
||||
*/
|
||||
int (*accel_ctr_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, int mode, symmetric_key *skey);
|
||||
|
||||
/** Accelerated LRW
|
||||
@param pt Plaintext
|
||||
@param ct Ciphertext
|
||||
@param blocks The number of complete blocks to process
|
||||
@param IV The initial value (input/output)
|
||||
@param tweak The LRW tweak
|
||||
@param skey The scheduled key context
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int (*accel_lrw_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey);
|
||||
|
||||
/** Accelerated LRW
|
||||
@param ct Ciphertext
|
||||
@param pt Plaintext
|
||||
@param blocks The number of complete blocks to process
|
||||
@param IV The initial value (input/output)
|
||||
@param tweak The LRW tweak
|
||||
@param skey The scheduled key context
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int (*accel_lrw_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey);
|
||||
|
||||
/** Accelerated CCM packet (one-shot)
|
||||
@param key The secret key to use
|
||||
@param keylen The length of the secret key (octets)
|
||||
@ -624,7 +685,29 @@ int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr);
|
||||
int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr);
|
||||
int ctr_done(symmetric_CTR *ctr);
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
#define LRW_ENCRYPT 0
|
||||
#define LRW_DECRYPT 1
|
||||
|
||||
int lrw_start( int cipher,
|
||||
const unsigned char *IV,
|
||||
const unsigned char *key, int keylen,
|
||||
const unsigned char *tweak,
|
||||
int num_rounds,
|
||||
symmetric_LRW *lrw);
|
||||
int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw);
|
||||
int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw);
|
||||
int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw);
|
||||
int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw);
|
||||
int lrw_done(symmetric_LRW *lrw);
|
||||
|
||||
/* don't call */
|
||||
int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, int mode, symmetric_LRW *lrw);
|
||||
|
||||
|
||||
#endif
|
||||
int find_cipher(const char *name);
|
||||
int find_cipher_any(const char *name, int blocklen, int keylen);
|
||||
int find_cipher_id(unsigned char ID);
|
||||
|
@ -36,6 +36,45 @@
|
||||
#define XQSORT qsort
|
||||
#endif
|
||||
|
||||
/* Easy button? */
|
||||
#ifdef LTC_EASY
|
||||
#define LTC_NO_CIPHERS
|
||||
#define RIJNDAEL
|
||||
#define BLOWFISH
|
||||
#define DES
|
||||
#define CAST5
|
||||
|
||||
#define LTC_NO_MODES
|
||||
#define ECB
|
||||
#define CBC
|
||||
#define CTR
|
||||
|
||||
#define LTC_NO_HASHES
|
||||
#define SHA1
|
||||
#define SHA512
|
||||
#define SHA384
|
||||
#define SHA256
|
||||
#define SHA224
|
||||
#define WHIRLPOOL
|
||||
|
||||
#define LTC_NO_MACS
|
||||
#define HMAC
|
||||
#define OMAC
|
||||
#define CCM_MODE
|
||||
|
||||
#define LTC_NO_PRNGS
|
||||
#define SPRNG
|
||||
#define YARROW
|
||||
#define DEVRANDOM
|
||||
#define TRY_URANDOM_FIRST
|
||||
|
||||
#define LTC_NO_PK
|
||||
#define MRSA
|
||||
#define MECC
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
/* Use small code where possible */
|
||||
/* #define LTC_SMALL_CODE */
|
||||
|
||||
@ -101,6 +140,15 @@
|
||||
#define CBC
|
||||
#define CTR
|
||||
|
||||
/* LRW mode */
|
||||
#define LRW_MODE
|
||||
#ifndef LTC_NO_TABLES
|
||||
/* like GCM mode this will enable 16 8x128 tables [64KB] that make
|
||||
* seeking very fast.
|
||||
*/
|
||||
#define LRW_TABLES
|
||||
#endif
|
||||
|
||||
#endif /* LTC_NO_MODES */
|
||||
|
||||
/* ---> One-Way Hash Functions <--- */
|
||||
@ -143,8 +191,9 @@
|
||||
|
||||
#define OCB_MODE
|
||||
#define CCM_MODE
|
||||
|
||||
#define GCM_MODE
|
||||
/* disabled waiting on test vectors */
|
||||
/* #define NLS_MODE */
|
||||
|
||||
/* Use 64KiB tables */
|
||||
#ifndef LTC_NO_TABLES
|
||||
|
@ -212,6 +212,10 @@ int ccm_test(void);
|
||||
|
||||
#endif /* CCM_MODE */
|
||||
|
||||
#if defined(LRW_MODE) || defined(GCM_MODE)
|
||||
void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *c);
|
||||
#endif
|
||||
|
||||
#ifdef GCM_MODE
|
||||
|
||||
#define GCM_ENCRYPT 0
|
||||
@ -243,7 +247,6 @@ typedef struct {
|
||||
|
||||
} gcm_state;
|
||||
|
||||
void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *c);
|
||||
void gcm_mult_h(gcm_state *gcm, unsigned char *I);
|
||||
|
||||
int gcm_init(gcm_state *gcm, int cipher,
|
||||
@ -297,6 +300,48 @@ int pelican_memory(const unsigned char *key, unsigned long keylen,
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef NLS_MODE
|
||||
|
||||
#define NLS_ENCRYPT 0
|
||||
#define NLS_DECRYPT 1
|
||||
|
||||
typedef struct {
|
||||
ulong32 R[17]; /* Working storage for the shift register */
|
||||
ulong32 M[8]; /* Working storage for MAC accumulation */
|
||||
ulong32 CRC[8]; /* Working storage for CRC accumulation */
|
||||
ulong32 initR[17]; /* saved register contents */
|
||||
ulong32 konst; /* key dependent constant */
|
||||
ulong32 sbuf; /* partial ulong32 encryption buffer */
|
||||
ulong32 mbuf; /* partial ulong32 MAC buffer */
|
||||
int nbuf; /* number of part-ulong32 stream bits buffered */
|
||||
ulong32 CtrModF16; /* Multiprecision counter, modulo F16 */
|
||||
ulong32 CtrMod232; /* Multiprecision counter, LSW */
|
||||
} nls_state;
|
||||
|
||||
/* interface definitions */
|
||||
int nls_key(nls_state *c, const unsigned char *key, unsigned long keylen); /* set key */
|
||||
int nls_nonce(nls_state *c, const unsigned char *nonce, unsigned long noncelen); /* set IV */
|
||||
int nls_maconly(nls_state *c, const unsigned char *buf, unsigned long nbytes); /* accumulate MAC */
|
||||
int nls_encrypt(nls_state * c,
|
||||
const unsigned char *pt, unsigned long nbytes,
|
||||
unsigned char *ct); /* enc+MAC */
|
||||
int nls_decrypt(nls_state * c,
|
||||
const unsigned char *ct, unsigned long nbytes,
|
||||
unsigned char *pt); /* dec+MAC */
|
||||
int nls_finish(nls_state *c, unsigned char *buf, unsigned long nbytes); /* finalize MAC */
|
||||
|
||||
int nls_memory(const unsigned char *key, unsigned long keylen,
|
||||
const unsigned char *IV, unsigned long IVlen,
|
||||
const unsigned char *adata, unsigned long adatalen,
|
||||
unsigned char *pt, unsigned long ptlen,
|
||||
unsigned char *ct,
|
||||
unsigned char *tag, unsigned long taglen,
|
||||
int direction);
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
||||
|
@ -168,6 +168,13 @@ const char *crypt_build_settings =
|
||||
#if defined(CTR)
|
||||
" CTR\n"
|
||||
#endif
|
||||
#if defined(LRW_MODE)
|
||||
" LRW_MODE"
|
||||
#if defined(LRW_TABLES)
|
||||
" (LRW_TABLES) "
|
||||
#endif
|
||||
"\n"
|
||||
#endif
|
||||
|
||||
"\nMACs:\n"
|
||||
#if defined(HMAC)
|
||||
@ -314,6 +321,9 @@ const char *crypt_build_settings =
|
||||
#if defined(TFM_DESC)
|
||||
" TFM_DESC "
|
||||
#endif
|
||||
#if defined(LTC_EASY)
|
||||
" (easy) "
|
||||
#endif
|
||||
|
||||
"\n"
|
||||
"\n\n\n"
|
||||
|
51
src/modes/lrw/lrw_decrypt.c
Normal file
51
src/modes/lrw/lrw_decrypt.c
Normal file
@ -0,0 +1,51 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
/**
|
||||
@file lrw_decrypt.c
|
||||
LRW_MODE implementation, Decrypt blocks, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
/**
|
||||
LRW decrypt blocks
|
||||
@param ct The ciphertext
|
||||
@param pt [out] The plaintext
|
||||
@param len The length in octets, must be a multiple of 16
|
||||
@param lrw The LRW state
|
||||
*/
|
||||
int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw)
|
||||
{
|
||||
int err;
|
||||
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
LTC_ARGCHK(lrw != NULL);
|
||||
|
||||
if ((err = cipher_is_valid(lrw->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
if (cipher_descriptor[lrw->cipher].accel_lrw_decrypt != NULL) {
|
||||
return cipher_descriptor[lrw->cipher].accel_lrw_decrypt(ct, pt, len, lrw->IV, lrw->tweak, &lrw->key);
|
||||
}
|
||||
|
||||
return lrw_process(ct, pt, len, LRW_DECRYPT, lrw);
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
42
src/modes/lrw/lrw_done.c
Normal file
42
src/modes/lrw/lrw_done.c
Normal file
@ -0,0 +1,42 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
/**
|
||||
@file lrw_done.c
|
||||
LRW_MODE implementation, Free resources, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
/**
|
||||
Terminate a LRW state
|
||||
@param lrw The state to terminate
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int lrw_done(symmetric_LRW *lrw)
|
||||
{
|
||||
int err;
|
||||
|
||||
LTC_ARGCHK(lrw != NULL);
|
||||
|
||||
if ((err = cipher_is_valid(lrw->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
cipher_descriptor[lrw->cipher].done(&lrw->key);
|
||||
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
#endif
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
50
src/modes/lrw/lrw_encrypt.c
Normal file
50
src/modes/lrw/lrw_encrypt.c
Normal file
@ -0,0 +1,50 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
/**
|
||||
@file lrw_encrypt.c
|
||||
LRW_MODE implementation, Encrypt blocks, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
/**
|
||||
LRW encrypt blocks
|
||||
@param pt The plaintext
|
||||
@param ct [out] The ciphertext
|
||||
@param len The length in octets, must be a multiple of 16
|
||||
@param lrw The LRW state
|
||||
*/
|
||||
int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw)
|
||||
{
|
||||
int err;
|
||||
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
LTC_ARGCHK(lrw != NULL);
|
||||
|
||||
if ((err = cipher_is_valid(lrw->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
if (cipher_descriptor[lrw->cipher].accel_lrw_encrypt != NULL) {
|
||||
return cipher_descriptor[lrw->cipher].accel_lrw_encrypt(pt, ct, len, lrw->IV, lrw->tweak, &lrw->key);
|
||||
}
|
||||
|
||||
return lrw_process(pt, ct, len, LRW_ENCRYPT, lrw);
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
44
src/modes/lrw/lrw_getiv.c
Normal file
44
src/modes/lrw/lrw_getiv.c
Normal file
@ -0,0 +1,44 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
/**
|
||||
@file lrw_getiv.c
|
||||
LRW_MODE implementation, Retrieve the current IV, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
/**
|
||||
Get the IV for LRW
|
||||
@param IV [out] The IV, must be 16 octets
|
||||
@param len Length ... must be at least 16 :-)
|
||||
@param lrw The LRW state to read
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw)
|
||||
{
|
||||
LTC_ARGCHK(IV != NULL);
|
||||
LTC_ARGCHK(len != NULL);
|
||||
LTC_ARGCHK(lrw != NULL);
|
||||
if (*len < 16) {
|
||||
return CRYPT_BUFFER_OVERFLOW;
|
||||
}
|
||||
|
||||
XMEMCPY(IV, lrw->IV, 16);
|
||||
*len = 16;
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
#endif
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
116
src/modes/lrw/lrw_process.c
Normal file
116
src/modes/lrw/lrw_process.c
Normal file
@ -0,0 +1,116 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
/**
|
||||
@file lrw_process.c
|
||||
LRW_MODE implementation, Encrypt/decrypt blocks, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
/**
|
||||
Process blocks with LRW, since decrypt/encrypt are largely the same they share this code.
|
||||
@param pt The "input" data
|
||||
@param ct [out] The "output" data
|
||||
@param len The length of the input, must be a multiple of 128-bits (16 octets)
|
||||
@param mode LRW_ENCRYPT or LRW_DECRYPT
|
||||
@param lrw The LRW state
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, int mode, symmetric_LRW *lrw)
|
||||
{
|
||||
unsigned char prod[16];
|
||||
int x;
|
||||
#ifdef LRW_TABLES
|
||||
int y;
|
||||
#endif
|
||||
|
||||
LTC_ARGCHK(pt != NULL);
|
||||
LTC_ARGCHK(ct != NULL);
|
||||
LTC_ARGCHK(lrw != NULL);
|
||||
|
||||
if (len & 15) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
while (len) {
|
||||
/* copy pad */
|
||||
XMEMCPY(prod, lrw->pad, 16);
|
||||
|
||||
/* increment IV */
|
||||
for (x = 15; x >= 0; x--) {
|
||||
lrw->IV[x] = (lrw->IV[x] + 1) & 255;
|
||||
if (lrw->IV[x]) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/* update pad */
|
||||
#ifdef LRW_2TABLES
|
||||
/* for each byte changed we undo it's affect on the pad then add the new product */
|
||||
for (; x < 16; x++) {
|
||||
#ifdef LTC_FAST
|
||||
for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
|
||||
*((LTC_FAST_TYPE *)(lrw->pad + y)) ^= *((LTC_FAST_TYPE *)(&lrw->PC[x][lrw->IV[x]][y])) ^ *((LTC_FAST_TYPE *)(&lrw->PC[x][(lrw->IV[x]-1)&255][y]));
|
||||
}
|
||||
#else
|
||||
for (y = 0; y < 16; y++) {
|
||||
lrw->pad[y] ^= lrw->PC[x][lrw->IV[x]][y] ^ lrw->PC[x][(lrw->IV[x]-1)&255][y];
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#else
|
||||
gcm_gf_mult(lrw->tweak, lrw->IV, lrw->pad);
|
||||
#endif
|
||||
|
||||
/* xor prod */
|
||||
#ifdef LTC_FAST
|
||||
for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) {
|
||||
*((LTC_FAST_TYPE *)(ct + x)) = *((LTC_FAST_TYPE *)(pt + x)) ^ *((LTC_FAST_TYPE *)(prod + x));
|
||||
}
|
||||
#else
|
||||
for (x = 0; x < 16; x++) {
|
||||
ct[x] = pt[x] ^ prod[x];
|
||||
}
|
||||
#endif
|
||||
|
||||
/* send through cipher */
|
||||
if (mode == LRW_ENCRYPT) {
|
||||
cipher_descriptor[lrw->cipher].ecb_encrypt(ct, ct, &lrw->key);
|
||||
} else {
|
||||
cipher_descriptor[lrw->cipher].ecb_decrypt(ct, ct, &lrw->key);
|
||||
}
|
||||
|
||||
/* xor prod */
|
||||
#ifdef LTC_FAST
|
||||
for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) {
|
||||
*((LTC_FAST_TYPE *)(ct + x)) = *((LTC_FAST_TYPE *)(ct + x)) ^ *((LTC_FAST_TYPE *)(prod + x));
|
||||
}
|
||||
#else
|
||||
for (x = 0; x < 16; x++) {
|
||||
ct[x] = ct[x] ^ prod[x];
|
||||
}
|
||||
#endif
|
||||
|
||||
/* move to next */
|
||||
pt += 16;
|
||||
ct += 16;
|
||||
len -= 16;
|
||||
}
|
||||
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
#endif
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
79
src/modes/lrw/lrw_setiv.c
Normal file
79
src/modes/lrw/lrw_setiv.c
Normal file
@ -0,0 +1,79 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
/**
|
||||
@file lrw_setiv.c
|
||||
LRW_MODE implementation, Set the current IV, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
/**
|
||||
Set the IV for LRW
|
||||
@param IV The IV, must be 16 octets
|
||||
@param len Length ... must be 16 :-)
|
||||
@param lrw The LRW state to update
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw)
|
||||
{
|
||||
int err;
|
||||
#ifdef LRW_TABLES
|
||||
unsigned char T[16];
|
||||
int x, y;
|
||||
#endif
|
||||
LTC_ARGCHK(IV != NULL);
|
||||
LTC_ARGCHK(lrw != NULL);
|
||||
|
||||
if (len != 16) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
|
||||
if ((err = cipher_is_valid(lrw->cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
|
||||
/* copy the IV */
|
||||
XMEMCPY(lrw->IV, IV, 16);
|
||||
|
||||
/* check if we have to actually do work */
|
||||
if (cipher_descriptor[lrw->cipher].accel_lrw_encrypt != NULL && cipher_descriptor[lrw->cipher].accel_lrw_decrypt != NULL) {
|
||||
/* we have accelerators, let's bail since they don't use lrw->pad anyways */
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
#ifdef LRW_TABLES
|
||||
XMEMCPY(T, &lrw->PC[0][IV[0]][0], 16);
|
||||
for (x = 1; x < 16; x++) {
|
||||
#ifdef LTC_FAST
|
||||
for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
|
||||
*((LTC_FAST_TYPE *)(T + y)) ^= *((LTC_FAST_TYPE *)(&lrw->PC[x][IV[x]][y]));
|
||||
}
|
||||
#else
|
||||
for (y = 0; y < 16; y++) {
|
||||
T[y] ^= lrw->PC[x][IV[x]][y];
|
||||
}
|
||||
#endif
|
||||
}
|
||||
XMEMCPY(lrw->pad, T, 16);
|
||||
#else
|
||||
gcm_gf_mult(lrw->tweak, IV, lrw->pad);
|
||||
#endif
|
||||
|
||||
return CRYPT_OK;
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
143
src/modes/lrw/lrw_start.c
Normal file
143
src/modes/lrw/lrw_start.c
Normal file
@ -0,0 +1,143 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
/**
|
||||
@file lrw_start.c
|
||||
LRW_MODE implementation, start mode, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
#ifdef LRW_TABLES
|
||||
|
||||
/* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format. Since only the
|
||||
* lower 16 bits are not zero'ed I removed the upper 14 bytes */
|
||||
static const unsigned char gcm_shift_table[256*2] = {
|
||||
0x00, 0x00, 0x01, 0xc2, 0x03, 0x84, 0x02, 0x46, 0x07, 0x08, 0x06, 0xca, 0x04, 0x8c, 0x05, 0x4e,
|
||||
0x0e, 0x10, 0x0f, 0xd2, 0x0d, 0x94, 0x0c, 0x56, 0x09, 0x18, 0x08, 0xda, 0x0a, 0x9c, 0x0b, 0x5e,
|
||||
0x1c, 0x20, 0x1d, 0xe2, 0x1f, 0xa4, 0x1e, 0x66, 0x1b, 0x28, 0x1a, 0xea, 0x18, 0xac, 0x19, 0x6e,
|
||||
0x12, 0x30, 0x13, 0xf2, 0x11, 0xb4, 0x10, 0x76, 0x15, 0x38, 0x14, 0xfa, 0x16, 0xbc, 0x17, 0x7e,
|
||||
0x38, 0x40, 0x39, 0x82, 0x3b, 0xc4, 0x3a, 0x06, 0x3f, 0x48, 0x3e, 0x8a, 0x3c, 0xcc, 0x3d, 0x0e,
|
||||
0x36, 0x50, 0x37, 0x92, 0x35, 0xd4, 0x34, 0x16, 0x31, 0x58, 0x30, 0x9a, 0x32, 0xdc, 0x33, 0x1e,
|
||||
0x24, 0x60, 0x25, 0xa2, 0x27, 0xe4, 0x26, 0x26, 0x23, 0x68, 0x22, 0xaa, 0x20, 0xec, 0x21, 0x2e,
|
||||
0x2a, 0x70, 0x2b, 0xb2, 0x29, 0xf4, 0x28, 0x36, 0x2d, 0x78, 0x2c, 0xba, 0x2e, 0xfc, 0x2f, 0x3e,
|
||||
0x70, 0x80, 0x71, 0x42, 0x73, 0x04, 0x72, 0xc6, 0x77, 0x88, 0x76, 0x4a, 0x74, 0x0c, 0x75, 0xce,
|
||||
0x7e, 0x90, 0x7f, 0x52, 0x7d, 0x14, 0x7c, 0xd6, 0x79, 0x98, 0x78, 0x5a, 0x7a, 0x1c, 0x7b, 0xde,
|
||||
0x6c, 0xa0, 0x6d, 0x62, 0x6f, 0x24, 0x6e, 0xe6, 0x6b, 0xa8, 0x6a, 0x6a, 0x68, 0x2c, 0x69, 0xee,
|
||||
0x62, 0xb0, 0x63, 0x72, 0x61, 0x34, 0x60, 0xf6, 0x65, 0xb8, 0x64, 0x7a, 0x66, 0x3c, 0x67, 0xfe,
|
||||
0x48, 0xc0, 0x49, 0x02, 0x4b, 0x44, 0x4a, 0x86, 0x4f, 0xc8, 0x4e, 0x0a, 0x4c, 0x4c, 0x4d, 0x8e,
|
||||
0x46, 0xd0, 0x47, 0x12, 0x45, 0x54, 0x44, 0x96, 0x41, 0xd8, 0x40, 0x1a, 0x42, 0x5c, 0x43, 0x9e,
|
||||
0x54, 0xe0, 0x55, 0x22, 0x57, 0x64, 0x56, 0xa6, 0x53, 0xe8, 0x52, 0x2a, 0x50, 0x6c, 0x51, 0xae,
|
||||
0x5a, 0xf0, 0x5b, 0x32, 0x59, 0x74, 0x58, 0xb6, 0x5d, 0xf8, 0x5c, 0x3a, 0x5e, 0x7c, 0x5f, 0xbe,
|
||||
0xe1, 0x00, 0xe0, 0xc2, 0xe2, 0x84, 0xe3, 0x46, 0xe6, 0x08, 0xe7, 0xca, 0xe5, 0x8c, 0xe4, 0x4e,
|
||||
0xef, 0x10, 0xee, 0xd2, 0xec, 0x94, 0xed, 0x56, 0xe8, 0x18, 0xe9, 0xda, 0xeb, 0x9c, 0xea, 0x5e,
|
||||
0xfd, 0x20, 0xfc, 0xe2, 0xfe, 0xa4, 0xff, 0x66, 0xfa, 0x28, 0xfb, 0xea, 0xf9, 0xac, 0xf8, 0x6e,
|
||||
0xf3, 0x30, 0xf2, 0xf2, 0xf0, 0xb4, 0xf1, 0x76, 0xf4, 0x38, 0xf5, 0xfa, 0xf7, 0xbc, 0xf6, 0x7e,
|
||||
0xd9, 0x40, 0xd8, 0x82, 0xda, 0xc4, 0xdb, 0x06, 0xde, 0x48, 0xdf, 0x8a, 0xdd, 0xcc, 0xdc, 0x0e,
|
||||
0xd7, 0x50, 0xd6, 0x92, 0xd4, 0xd4, 0xd5, 0x16, 0xd0, 0x58, 0xd1, 0x9a, 0xd3, 0xdc, 0xd2, 0x1e,
|
||||
0xc5, 0x60, 0xc4, 0xa2, 0xc6, 0xe4, 0xc7, 0x26, 0xc2, 0x68, 0xc3, 0xaa, 0xc1, 0xec, 0xc0, 0x2e,
|
||||
0xcb, 0x70, 0xca, 0xb2, 0xc8, 0xf4, 0xc9, 0x36, 0xcc, 0x78, 0xcd, 0xba, 0xcf, 0xfc, 0xce, 0x3e,
|
||||
0x91, 0x80, 0x90, 0x42, 0x92, 0x04, 0x93, 0xc6, 0x96, 0x88, 0x97, 0x4a, 0x95, 0x0c, 0x94, 0xce,
|
||||
0x9f, 0x90, 0x9e, 0x52, 0x9c, 0x14, 0x9d, 0xd6, 0x98, 0x98, 0x99, 0x5a, 0x9b, 0x1c, 0x9a, 0xde,
|
||||
0x8d, 0xa0, 0x8c, 0x62, 0x8e, 0x24, 0x8f, 0xe6, 0x8a, 0xa8, 0x8b, 0x6a, 0x89, 0x2c, 0x88, 0xee,
|
||||
0x83, 0xb0, 0x82, 0x72, 0x80, 0x34, 0x81, 0xf6, 0x84, 0xb8, 0x85, 0x7a, 0x87, 0x3c, 0x86, 0xfe,
|
||||
0xa9, 0xc0, 0xa8, 0x02, 0xaa, 0x44, 0xab, 0x86, 0xae, 0xc8, 0xaf, 0x0a, 0xad, 0x4c, 0xac, 0x8e,
|
||||
0xa7, 0xd0, 0xa6, 0x12, 0xa4, 0x54, 0xa5, 0x96, 0xa0, 0xd8, 0xa1, 0x1a, 0xa3, 0x5c, 0xa2, 0x9e,
|
||||
0xb5, 0xe0, 0xb4, 0x22, 0xb6, 0x64, 0xb7, 0xa6, 0xb2, 0xe8, 0xb3, 0x2a, 0xb1, 0x6c, 0xb0, 0xae,
|
||||
0xbb, 0xf0, 0xba, 0x32, 0xb8, 0x74, 0xb9, 0xb6, 0xbc, 0xf8, 0xbd, 0x3a, 0xbf, 0x7c, 0xbe, 0xbe };
|
||||
|
||||
#endif
|
||||
|
||||
/**
|
||||
Initialize the LRW context
|
||||
@param cipher The cipher desired, must be a 128-bit block cipher
|
||||
@param IV The index value, must be 128-bits
|
||||
@param key The cipher key
|
||||
@param keylen The length of the cipher key in octets
|
||||
@param tweak The tweak value (second key), must be 128-bits
|
||||
@param num_rounds The number of rounds for the cipher (0 == default)
|
||||
@param lrw [out] The LRW state
|
||||
@return CRYPT_OK on success.
|
||||
*/
|
||||
int lrw_start( int cipher,
|
||||
const unsigned char *IV,
|
||||
const unsigned char *key, int keylen,
|
||||
const unsigned char *tweak,
|
||||
int num_rounds,
|
||||
symmetric_LRW *lrw)
|
||||
{
|
||||
int err;
|
||||
#ifdef LRW_TABLES
|
||||
unsigned char B[16];
|
||||
int x, y, z, t;
|
||||
#endif
|
||||
|
||||
LTC_ARGCHK(IV != NULL);
|
||||
LTC_ARGCHK(key != NULL);
|
||||
LTC_ARGCHK(tweak != NULL);
|
||||
LTC_ARGCHK(lrw != NULL);
|
||||
|
||||
#ifdef LTC_FAST
|
||||
if (16 % sizeof(LTC_FAST_TYPE)) {
|
||||
return CRYPT_INVALID_ARG;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* is cipher valid? */
|
||||
if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
if (cipher_descriptor[cipher].block_length != 16) {
|
||||
return CRYPT_INVALID_CIPHER;
|
||||
}
|
||||
|
||||
/* schedule key */
|
||||
if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, &lrw->key)) != CRYPT_OK) {
|
||||
return err;
|
||||
}
|
||||
lrw->cipher = cipher;
|
||||
|
||||
/* copy the IV and tweak */
|
||||
XMEMCPY(lrw->tweak, tweak, 16);
|
||||
|
||||
#ifdef LRW_TABLES
|
||||
/* setup tables */
|
||||
/* generate the first table as it has no shifting (from which we make the other tables) */
|
||||
zeromem(B, 16);
|
||||
for (y = 0; y < 256; y++) {
|
||||
B[0] = y;
|
||||
gcm_gf_mult(tweak, B, &lrw->PC[0][y][0]);
|
||||
}
|
||||
|
||||
/* now generate the rest of the tables based the previous table */
|
||||
for (x = 1; x < 16; x++) {
|
||||
for (y = 0; y < 256; y++) {
|
||||
/* now shift it right by 8 bits */
|
||||
t = lrw->PC[x-1][y][15];
|
||||
for (z = 15; z > 0; z--) {
|
||||
lrw->PC[x][y][z] = lrw->PC[x-1][y][z-1];
|
||||
}
|
||||
lrw->PC[x][y][0] = gcm_shift_table[t<<1];
|
||||
lrw->PC[x][y][1] ^= gcm_shift_table[(t<<1)+1];
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* generate first pad */
|
||||
return lrw_setiv(IV, 16, lrw);
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
157
src/modes/lrw/lrw_test.c
Normal file
157
src/modes/lrw/lrw_test.c
Normal file
@ -0,0 +1,157 @@
|
||||
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
|
||||
*
|
||||
* LibTomCrypt is a library that provides various cryptographic
|
||||
* algorithms in a highly modular and flexible manner.
|
||||
*
|
||||
* The library is free for all purposes without any express
|
||||
* guarantee it works.
|
||||
*
|
||||
* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
|
||||
*/
|
||||
#include "tomcrypt.h"
|
||||
|
||||
/**
|
||||
@file lrw_test.c
|
||||
LRW_MODE implementation, test LRW, Tom St Denis
|
||||
*/
|
||||
|
||||
#ifdef LRW_MODE
|
||||
|
||||
/**
|
||||
Test LRW against specs
|
||||
@return CRYPT_OK if goodly
|
||||
*/
|
||||
int lrw_test(void)
|
||||
{
|
||||
#ifndef LTC_TEST
|
||||
return CRYPT_NOP;
|
||||
#else
|
||||
static const struct {
|
||||
unsigned char key[16], tweak[16], IV[16], P[16], expected_tweak[16], C[16];
|
||||
} tests[] = {
|
||||
|
||||
{
|
||||
{ 0x45, 0x62, 0xac, 0x25, 0xf8, 0x28, 0x17, 0x6d, 0x4c, 0x26, 0x84, 0x14, 0xb5, 0x68, 0x01, 0x85 },
|
||||
{ 0x25, 0x8e, 0x2a, 0x05, 0xe7, 0x3e, 0x9d, 0x03, 0xee, 0x5a, 0x83, 0x0c, 0xcc, 0x09, 0x4c, 0x87 },
|
||||
{ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
|
||||
{ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
|
||||
{ 0x25, 0x8e, 0x2a, 0x05, 0xe7, 0x3e, 0x9d, 0x03, 0xee, 0x5a, 0x83, 0x0c, 0xcc, 0x09, 0x4c, 0x87 },
|
||||
{ 0xf1, 0xb2, 0x73, 0xcd, 0x65, 0xa3, 0xdf, 0x5f, 0xe9, 0x5d, 0x48, 0x92, 0x54, 0x63, 0x4e, 0xb8 }
|
||||
},
|
||||
|
||||
{
|
||||
{ 0x59, 0x70, 0x47, 0x14, 0xf5, 0x57, 0x47, 0x8c, 0xd7, 0x79, 0xe8, 0x0f, 0x54, 0x88, 0x79, 0x44 },
|
||||
{ 0x35, 0x23, 0xc2, 0xde, 0xc5, 0x69, 0x4f, 0xa8, 0x72, 0xa9, 0xac, 0xa7, 0x0b, 0x2b, 0xee, 0xbc },
|
||||
{ 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
|
||||
{ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
|
||||
{ 0x1a, 0x91, 0xe1, 0x6f, 0x62, 0xb4, 0xa7, 0xd4, 0x39, 0x54, 0xd6, 0x53, 0x85, 0x95, 0xf7, 0x5e },
|
||||
{ 0x00, 0xc8, 0x2b, 0xae, 0x95, 0xbb, 0xcd, 0xe5, 0x27, 0x4f, 0x07, 0x69, 0xb2, 0x60, 0xe1, 0x36 },
|
||||
},
|
||||
|
||||
{
|
||||
{ 0x59, 0x70, 0x47, 0x14, 0xf5, 0x57, 0x47, 0x8c, 0xd7, 0x79, 0xe8, 0x0f, 0x54, 0x88, 0x79, 0x44 },
|
||||
{ 0x67, 0x53, 0xc9, 0x0c, 0xb7, 0xd8, 0xcd, 0xe5, 0x06, 0xa0, 0x47, 0x78, 0x1a, 0xad, 0x85, 0x11 },
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 },
|
||||
{ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
|
||||
{ 0x1a, 0x91, 0xe1, 0x6f, 0x62, 0xb4, 0xa7, 0xd4, 0x39, 0x54, 0xd6, 0x53, 0x85, 0x95, 0xf7, 0x5e },
|
||||
{ 0x00, 0xc8, 0x2b, 0xae, 0x95, 0xbb, 0xcd, 0xe5, 0x27, 0x4f, 0x07, 0x69, 0xb2, 0x60, 0xe1, 0x36 },
|
||||
},
|
||||
|
||||
{
|
||||
|
||||
{ 0xd8, 0x2a, 0x91, 0x34, 0xb2, 0x6a, 0x56, 0x50, 0x30, 0xfe, 0x69, 0xe2, 0x37, 0x7f, 0x98, 0x47 },
|
||||
{ 0x4e, 0xb5, 0x5d, 0x31, 0x05, 0x97, 0x3a, 0x3f, 0x5e, 0x23, 0xda, 0xfb, 0x5a, 0x45, 0xd6, 0xc0 },
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00 },
|
||||
{ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
|
||||
{ 0x18, 0xc9, 0x1f, 0x6d, 0x60, 0x1a, 0x1a, 0x37, 0x5d, 0x0b, 0x0e, 0xf7, 0x3a, 0xd5, 0x74, 0xc4 },
|
||||
{ 0x76, 0x32, 0x21, 0x83, 0xed, 0x8f, 0xf1, 0x82, 0xf9, 0x59, 0x62, 0x03, 0x69, 0x0e, 0x5e, 0x01 },
|
||||
|
||||
}
|
||||
};
|
||||
|
||||
int idx, err, x;
|
||||
symmetric_LRW lrw;
|
||||
unsigned char buf[2][16];
|
||||
|
||||
idx = find_cipher("aes");
|
||||
if (idx == -1) {
|
||||
idx = find_cipher("rijndael");
|
||||
if (idx == -1) {
|
||||
return CRYPT_NOP;
|
||||
}
|
||||
}
|
||||
|
||||
#define PRINT
|
||||
|
||||
for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
|
||||
/* schedule it */
|
||||
if ((err = lrw_start(idx, tests[x].IV, tests[x].key, 16, tests[x].tweak, 0, &lrw)) != CRYPT_OK) {
|
||||
#ifdef PRINT
|
||||
printf("\n\nERR at %d\n", __LINE__);
|
||||
#endif
|
||||
return err;
|
||||
}
|
||||
|
||||
/* check pad against expected tweak */
|
||||
if (XMEMCMP(tests[x].expected_tweak, lrw.pad, 16)) {
|
||||
lrw_done(&lrw);
|
||||
#ifdef PRINT
|
||||
printf("\n\nERR at %d\n", __LINE__);
|
||||
#endif
|
||||
return CRYPT_FAIL_TESTVECTOR;
|
||||
}
|
||||
|
||||
/* process block */
|
||||
if ((err = lrw_encrypt(tests[x].P, buf[0], 16, &lrw)) != CRYPT_OK) {
|
||||
lrw_done(&lrw);
|
||||
#ifdef PRINT
|
||||
printf("\n\nERR at %d\n", __LINE__);
|
||||
#endif
|
||||
return err;
|
||||
}
|
||||
|
||||
if (XMEMCMP(buf[0], tests[x].C, 16)) {
|
||||
lrw_done(&lrw);
|
||||
#ifdef PRINT
|
||||
printf("\n\nERR at %d\n", __LINE__);
|
||||
#endif
|
||||
return CRYPT_FAIL_TESTVECTOR;
|
||||
}
|
||||
|
||||
/* process block */
|
||||
if ((err = lrw_setiv(tests[x].IV, 16, &lrw)) != CRYPT_OK) {
|
||||
lrw_done(&lrw);
|
||||
#ifdef PRINT
|
||||
printf("\n\nERR at %d\n", __LINE__);
|
||||
#endif
|
||||
return err;
|
||||
}
|
||||
|
||||
if ((err = lrw_decrypt(buf[0], buf[1], 16, &lrw)) != CRYPT_OK) {
|
||||
lrw_done(&lrw);
|
||||
#ifdef PRINT
|
||||
printf("\n\nERR at %d\n", __LINE__);
|
||||
#endif
|
||||
return err;
|
||||
}
|
||||
|
||||
if (XMEMCMP(buf[1], tests[x].P, 16)) {
|
||||
lrw_done(&lrw);
|
||||
#ifdef PRINT
|
||||
printf("\n\nERR at %d\n", __LINE__);
|
||||
#endif
|
||||
return CRYPT_FAIL_TESTVECTOR;
|
||||
}
|
||||
lrw_done(&lrw);
|
||||
}
|
||||
return CRYPT_OK;
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
/* $Source$ */
|
||||
/* $Revision$ */
|
||||
/* $Date$ */
|
@ -19,6 +19,13 @@
|
||||
|
||||
#ifdef LTC_DER
|
||||
|
||||
/**
|
||||
Decode a SEQUENCE type using a VA list
|
||||
@param in Input buffer
|
||||
@param inlen Length of input in octets
|
||||
@remark <...> is of the form <type, size, data> (int, unsigned long, void*)
|
||||
@return CRYPT_OK on success
|
||||
*/
|
||||
int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
|
||||
{
|
||||
int err, type;
|
||||
|
@ -19,6 +19,13 @@
|
||||
|
||||
#ifdef LTC_DER
|
||||
|
||||
/**
|
||||
Encode a SEQUENCE type using a VA list
|
||||
@param out [out] Destination for data
|
||||
@param outlen [in/out] Length of buffer and resulting length of output
|
||||
@remark <...> is of the form <type, size, data> (int, unsigned long, void*)
|
||||
@return CRYPT_OK on success
|
||||
*/
|
||||
int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...)
|
||||
{
|
||||
int err, type;
|
||||
|
@ -54,6 +54,14 @@ static int qsort_helper(const void *a, const void *b)
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
Encode a SET type
|
||||
@param list The list of items to encode
|
||||
@param inlen The number of items in the list
|
||||
@param out [out] The destination
|
||||
@param outlen [in/out] The size of the output
|
||||
@return CRYPT_OK on success
|
||||
*/
|
||||
int der_encode_set(ltc_asn1_list *list, unsigned long inlen,
|
||||
unsigned char *out, unsigned long *outlen)
|
||||
{
|
||||
|
@ -50,6 +50,14 @@ static int qsort_helper(const void *a, const void *b)
|
||||
return r;
|
||||
}
|
||||
|
||||
/**
|
||||
Encode a SETOF stucture
|
||||
@param list The list of items to encode
|
||||
@param inlen The number of items in the list
|
||||
@param out [out] The destination
|
||||
@param outlen [in/out] The size of the output
|
||||
@return CRYPT_OK on success
|
||||
*/
|
||||
int der_encode_setof(ltc_asn1_list *list, unsigned long inlen,
|
||||
unsigned char *out, unsigned long *outlen)
|
||||
{
|
||||
|
@ -19,7 +19,7 @@
|
||||
#ifdef LTC_DER
|
||||
|
||||
/**
|
||||
Read a mp_int integer
|
||||
Read a short integer
|
||||
@param in The DER encoded data
|
||||
@param inlen Size of data
|
||||
@param num [out] The integer to decode
|
||||
|
@ -18,9 +18,8 @@
|
||||
|
||||
#ifdef LTC_DER
|
||||
|
||||
/* Exports a positive integer as DER format (upto 32-bits in size) */
|
||||
/**
|
||||
Store a mp_int integer
|
||||
Store a short integer in the range (0,2^32-1)
|
||||
@param num The integer to encode
|
||||
@param out [out] The destination for the DER encoded integers
|
||||
@param outlen [in/out] The max size and resulting size of the DER encoded integers
|
||||
|
@ -39,6 +39,13 @@ static int char_to_int(unsigned char x)
|
||||
if (y >= max) return CRYPT_INVALID_PACKET; \
|
||||
x += 2;
|
||||
|
||||
/**
|
||||
Decodes a UTC time structure in DER format (reads all 6 valid encoding formats)
|
||||
@param in Input buffer
|
||||
@param inlen Length of input buffer in octets
|
||||
@param out [out] Destination of UTC time structure
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int der_decode_utctime(const unsigned char *in, unsigned long *inlen,
|
||||
ltc_utctime *out)
|
||||
{
|
||||
|
@ -14,7 +14,6 @@ echo "uname="`uname -a`
|
||||
echo "gcc="`gcc -dumpversion`
|
||||
echo
|
||||
|
||||
|
||||
# stock build
|
||||
bash run.sh "STOCK" " " "$1" "$2" "$3" || exit 1
|
||||
|
||||
@ -42,6 +41,9 @@ bash run.sh "CLEANSTACK+NOTABLES+SMALL" "-DLTC_NO_TABLES -DLTC_CLEAN_STACK -DLTC
|
||||
# NO_FAST
|
||||
bash run.sh "NO_FAST" "-DLTC_NO_FAST" "$1" "$2" "$3" || exit 1
|
||||
|
||||
# NO_FAST + NOTABLES
|
||||
bash run.sh "NO_FAST+NOTABLES" "-DLTC_NO_FAST -DLTC_NO_TABLES" "$1" "$2" "$3" || exit 1
|
||||
|
||||
# NO_ASM
|
||||
bash run.sh "NO_ASM" "-DLTC_NO_ASM" "$1" "$2" "$3" || exit 1
|
||||
|
||||
@ -52,5 +54,5 @@ bash testbuild.sh "NOTEST" "-DLTC_NO_TEST" "$1" "$2" "$3" || exit 1
|
||||
bash testbuild.sh "NOFILE" "-DLTC_NO_FILE" "$1" "$2" "$3" || exit 1
|
||||
|
||||
# $Source: /cvs/libtom/libtomcrypt/testme.sh,v $
|
||||
# $Revision: 1.19 $
|
||||
# $Date: 2005/07/28 01:32:41 $
|
||||
# $Revision: 1.20 $
|
||||
# $Date: 2006/01/26 14:49:43 $
|
||||
|
@ -5,10 +5,18 @@ int modes_test(void)
|
||||
{
|
||||
unsigned char pt[64], ct[64], tmp[64], key[16], iv[16], iv2[16];
|
||||
int cipher_idx;
|
||||
#ifdef CBC
|
||||
symmetric_CBC cbc;
|
||||
#endif
|
||||
#ifdef CFB
|
||||
symmetric_CFB cfb;
|
||||
#endif
|
||||
#ifdef OFB
|
||||
symmetric_OFB ofb;
|
||||
#endif
|
||||
#ifdef CTR
|
||||
symmetric_CTR ctr;
|
||||
#endif
|
||||
unsigned long l;
|
||||
|
||||
/* make a random pt, key and iv */
|
||||
@ -23,6 +31,10 @@ int modes_test(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifdef LRW_MODE
|
||||
DO(lrw_test());
|
||||
#endif
|
||||
|
||||
#ifdef CBC
|
||||
/* test CBC mode */
|
||||
/* encode the block */
|
||||
|
@ -233,7 +233,11 @@ register_prng(&rc4_desc);
|
||||
register_prng(&sober128_desc);
|
||||
#endif
|
||||
|
||||
rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL);
|
||||
if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT_OK) {
|
||||
fprintf(stderr, "rng_make_prng failed: %s\n", error_to_string(err));
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
int time_keysched(void)
|
||||
@ -886,7 +890,12 @@ void time_macs_(unsigned long MAC_SIZE)
|
||||
}
|
||||
|
||||
cipher_idx = find_cipher("aes");
|
||||
hash_idx = find_hash("md5");
|
||||
hash_idx = find_hash("sha1");
|
||||
|
||||
if (cipher_idx == -1 || hash_idx == -1) {
|
||||
fprintf(stderr, "Warning the MAC tests requires AES and SHA1 to operate... so sorry\n");
|
||||
return;
|
||||
}
|
||||
|
||||
yarrow_read(buf, MAC_SIZE*1024, &yarrow_prng);
|
||||
yarrow_read(key, 16, &yarrow_prng);
|
||||
@ -904,7 +913,7 @@ void time_macs_(unsigned long MAC_SIZE)
|
||||
t1 = t_read() - t1;
|
||||
if (t1 < t2) t2 = t1;
|
||||
}
|
||||
fprintf(stderr, "OMAC-AES\t\t%9llu\n", t2/(ulong64)(MAC_SIZE*1024));
|
||||
fprintf(stderr, "OMAC-%s\t\t%9llu\n", cipher_descriptor[cipher_idx].name, t2/(ulong64)(MAC_SIZE*1024));
|
||||
#endif
|
||||
|
||||
#ifdef PMAC
|
||||
@ -952,7 +961,7 @@ void time_macs_(unsigned long MAC_SIZE)
|
||||
t1 = t_read() - t1;
|
||||
if (t1 < t2) t2 = t1;
|
||||
}
|
||||
fprintf(stderr, "HMAC-MD5\t\t%9llu\n", t2/(ulong64)(MAC_SIZE*1024));
|
||||
fprintf(stderr, "HMAC-%s\t\t%9llu\n", hash_descriptor[hash_idx].name, t2/(ulong64)(MAC_SIZE*1024));
|
||||
#endif
|
||||
|
||||
XFREE(buf);
|
||||
|
18
updatemakes.sh
Normal file
18
updatemakes.sh
Normal file
@ -0,0 +1,18 @@
|
||||
#!/bin/bash
|
||||
|
||||
bash genlist.sh > tmplist
|
||||
|
||||
perl filter.pl makefile tmplist
|
||||
mv -f tmp.delme makefile
|
||||
|
||||
perl filter.pl makefile.icc tmplist
|
||||
mv -f tmp.delme makefile.icc
|
||||
|
||||
perl filter.pl makefile.shared tmplist
|
||||
mv -f tmp.delme makefile.shared
|
||||
|
||||
perl filter.pl makefile.msvc tmplist
|
||||
sed -e 's/\.o /.obj /g' < tmp.delme > makefile.msvc
|
||||
|
||||
rm -f tmplist
|
||||
rm -f tmp.delme
|
Loading…
Reference in New Issue
Block a user