TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added libtomcrypt-0.88

Browse Source
This commit is contained in:
Tom St Denis 2003-07-11 02:09:41 +00:00 committed by Steffen Jaeckel
parent e309942b29
commit bd479d2bc1
34 changed files with 3904 additions and 2141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
aes.c
View File

@ -1,4 +1,4 @@
/* AES implementation by Tom St Denis
/* AES implementation by Tom St Denis
*
* Derived from the Public Domain source code by
@ -48,7 +48,7 @@ const struct _cipher_descriptor aes_desc =
int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_key *skey)
{
int i = 0, j;
unsigned long temp, *rk, *rrk;
ulong32 temp, *rk, *rrk;
_ARGCHK(key != NULL);
_ARGCHK(skey != NULL);
@ -235,7 +235,7 @@ int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_k
void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
{
unsigned long s0, s1, s2, s3, t0, t1, t2, t3, *rk;
ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
int Nr, r;
_ARGCHK(pt != NULL);
@ -261,13 +261,6 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
for (;;) {
/* Both of these blocks are equivalent except the top is more friendlier for x86 processors */
#if defined(__GNUC__)
t0 = rk[4]; t1 = rk[5]; t2 = rk[6]; t3 = rk[7];
t1 ^= Te3[byte(s0, 0)]; t2 ^= Te2[byte(s0, 1)]; t3 ^= Te1[byte(s0, 2)]; t0 ^= Te0[byte(s0, 3)];
t2 ^= Te3[byte(s1, 0)]; t3 ^= Te2[byte(s1, 1)]; t0 ^= Te1[byte(s1, 2)]; t1 ^= Te0[byte(s1, 3)];
t3 ^= Te3[byte(s2, 0)]; t0 ^= Te2[byte(s2, 1)]; t1 ^= Te1[byte(s2, 2)]; t2 ^= Te0[byte(s2, 3)];
t0 ^= Te3[byte(s3, 0)]; t1 ^= Te2[byte(s3, 1)]; t2 ^= Te1[byte(s3, 2)]; t3 ^= Te0[byte(s3, 3)];
#else
t0 =
Te0[byte(s0, 3)] ^
Te1[byte(s1, 2)] ^
@ -292,21 +285,12 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
Te2[byte(s1, 1)] ^
Te3[byte(s2, 0)] ^
rk[7];
#endif
rk += 8;
if (--r == 0) {
break;
}
/* this second half optimization actually makes it slower on the Athlon, use with caution. */
#if 0
s1 = rk[1]; s2 = rk[2]; s3 = rk[3]; s0 = rk[0];
s1 ^= Te3[byte(t0, 0)]; s2 ^= Te2[byte(t0, 1)]; s3 ^= Te1[byte(t0, 2)]; s0 ^= Te0[byte(t0, 3)];
s2 ^= Te3[byte(t1, 0)]; s3 ^= Te2[byte(t1, 1)]; s0 ^= Te1[byte(t1, 2)]; s1 ^= Te0[byte(t1, 3)];
s3 ^= Te3[byte(t2, 0)]; s0 ^= Te2[byte(t2, 1)]; s1 ^= Te1[byte(t2, 2)]; s2 ^= Te0[byte(t2, 3)];
s0 ^= Te3[byte(t3, 0)]; s1 ^= Te2[byte(t3, 1)]; s2 ^= Te1[byte(t3, 2)]; s3 ^= Te0[byte(t3, 3)];
#else
s0 =
Te0[byte(t0, 3)] ^
Te1[byte(t1, 2)] ^
@ -331,7 +315,6 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
Te2[byte(t1, 1)] ^
Te3[byte(t2, 0)] ^
rk[3];
#endif
}
/*
* apply last round and
@ -368,7 +351,7 @@ void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
}
void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) {
unsigned long s0, s1, s2, s3, t0, t1, t2, t3, *rk;
ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
int Nr, r;
_ARGCHK(pt != NULL);

38
aes_tab.c
View File

@ -13,7 +13,7 @@ Td3[x] = Si[x].[09, 0d, 0b, 0e];
Td4[x] = Si[x].[01, 01, 01, 01];
*/
static const unsigned long Te0[256] = {
static const ulong32 Te0[256] = {
0xc66363a5UL, 0xf87c7c84UL, 0xee777799UL, 0xf67b7b8dUL,
0xfff2f20dUL, 0xd66b6bbdUL, 0xde6f6fb1UL, 0x91c5c554UL,
0x60303050UL, 0x02010103UL, 0xce6767a9UL, 0x562b2b7dUL,
@ -79,7 +79,7 @@ static const unsigned long Te0[256] = {
0x824141c3UL, 0x299999b0UL, 0x5a2d2d77UL, 0x1e0f0f11UL,
0x7bb0b0cbUL, 0xa85454fcUL, 0x6dbbbbd6UL, 0x2c16163aUL,
};
static const unsigned long Te1[256] = {
static const ulong32 Te1[256] = {
0xa5c66363UL, 0x84f87c7cUL, 0x99ee7777UL, 0x8df67b7bUL,
0x0dfff2f2UL, 0xbdd66b6bUL, 0xb1de6f6fUL, 0x5491c5c5UL,
0x50603030UL, 0x03020101UL, 0xa9ce6767UL, 0x7d562b2bUL,
@ -145,7 +145,7 @@ static const unsigned long Te1[256] = {
0xc3824141UL, 0xb0299999UL, 0x775a2d2dUL, 0x111e0f0fUL,
0xcb7bb0b0UL, 0xfca85454UL, 0xd66dbbbbUL, 0x3a2c1616UL,
};
static const unsigned long Te2[256] = {
static const ulong32 Te2[256] = {
0x63a5c663UL, 0x7c84f87cUL, 0x7799ee77UL, 0x7b8df67bUL,
0xf20dfff2UL, 0x6bbdd66bUL, 0x6fb1de6fUL, 0xc55491c5UL,
0x30506030UL, 0x01030201UL, 0x67a9ce67UL, 0x2b7d562bUL,
@ -211,7 +211,7 @@ static const unsigned long Te2[256] = {
0x41c38241UL, 0x99b02999UL, 0x2d775a2dUL, 0x0f111e0fUL,
0xb0cb7bb0UL, 0x54fca854UL, 0xbbd66dbbUL, 0x163a2c16UL,
};
static const unsigned long Te3[256] = {
static const ulong32 Te3[256] = {
0x6363a5c6UL, 0x7c7c84f8UL, 0x777799eeUL, 0x7b7b8df6UL,
0xf2f20dffUL, 0x6b6bbdd6UL, 0x6f6fb1deUL, 0xc5c55491UL,
@ -278,7 +278,7 @@ static const unsigned long Te3[256] = {
0x4141c382UL, 0x9999b029UL, 0x2d2d775aUL, 0x0f0f111eUL,
0xb0b0cb7bUL, 0x5454fca8UL, 0xbbbbd66dUL, 0x16163a2cUL,
};
static const unsigned long Te4[256] = {
static const ulong32 Te4[256] = {
0x63636363UL, 0x7c7c7c7cUL, 0x77777777UL, 0x7b7b7b7bUL,
0xf2f2f2f2UL, 0x6b6b6b6bUL, 0x6f6f6f6fUL, 0xc5c5c5c5UL,
0x30303030UL, 0x01010101UL, 0x67676767UL, 0x2b2b2b2bUL,
@ -354,7 +354,7 @@ static const unsigned long Te4[256] = {
#else
static const unsigned long Te4_0[] = {
static const ulong32 Te4_0[] = {
0x00000063UL, 0x0000007cUL, 0x00000077UL, 0x0000007bUL, 0x000000f2UL, 0x0000006bUL, 0x0000006fUL, 0x000000c5UL,
0x00000030UL, 0x00000001UL, 0x00000067UL, 0x0000002bUL, 0x000000feUL, 0x000000d7UL, 0x000000abUL, 0x00000076UL,
0x000000caUL, 0x00000082UL, 0x000000c9UL, 0x0000007dUL, 0x000000faUL, 0x00000059UL, 0x00000047UL, 0x000000f0UL,
@ -389,7 +389,7 @@ static const unsigned long Te4_0[] = {
0x00000041UL, 0x00000099UL, 0x0000002dUL, 0x0000000fUL, 0x000000b0UL, 0x00000054UL, 0x000000bbUL, 0x00000016UL
};
static const unsigned long Te4_1[] = {
static const ulong32 Te4_1[] = {
0x00006300UL, 0x00007c00UL, 0x00007700UL, 0x00007b00UL, 0x0000f200UL, 0x00006b00UL, 0x00006f00UL, 0x0000c500UL,
0x00003000UL, 0x00000100UL, 0x00006700UL, 0x00002b00UL, 0x0000fe00UL, 0x0000d700UL, 0x0000ab00UL, 0x00007600UL,
0x0000ca00UL, 0x00008200UL, 0x0000c900UL, 0x00007d00UL, 0x0000fa00UL, 0x00005900UL, 0x00004700UL, 0x0000f000UL,
@ -424,7 +424,7 @@ static const unsigned long Te4_1[] = {
0x00004100UL, 0x00009900UL, 0x00002d00UL, 0x00000f00UL, 0x0000b000UL, 0x00005400UL, 0x0000bb00UL, 0x00001600UL
};
static const unsigned long Te4_2[] = {
static const ulong32 Te4_2[] = {
0x00630000UL, 0x007c0000UL, 0x00770000UL, 0x007b0000UL, 0x00f20000UL, 0x006b0000UL, 0x006f0000UL, 0x00c50000UL,
0x00300000UL, 0x00010000UL, 0x00670000UL, 0x002b0000UL, 0x00fe0000UL, 0x00d70000UL, 0x00ab0000UL, 0x00760000UL,
0x00ca0000UL, 0x00820000UL, 0x00c90000UL, 0x007d0000UL, 0x00fa0000UL, 0x00590000UL, 0x00470000UL, 0x00f00000UL,
@ -459,7 +459,7 @@ static const unsigned long Te4_2[] = {
0x00410000UL, 0x00990000UL, 0x002d0000UL, 0x000f0000UL, 0x00b00000UL, 0x00540000UL, 0x00bb0000UL, 0x00160000UL
};
static const unsigned long Te4_3[] = {
static const ulong32 Te4_3[] = {
0x63000000UL, 0x7c000000UL, 0x77000000UL, 0x7b000000UL, 0xf2000000UL, 0x6b000000UL, 0x6f000000UL, 0xc5000000UL,
0x30000000UL, 0x01000000UL, 0x67000000UL, 0x2b000000UL, 0xfe000000UL, 0xd7000000UL, 0xab000000UL, 0x76000000UL,
0xca000000UL, 0x82000000UL, 0xc9000000UL, 0x7d000000UL, 0xfa000000UL, 0x59000000UL, 0x47000000UL, 0xf0000000UL,
@ -496,7 +496,7 @@ static const unsigned long Te4_3[] = {
#endif
static const unsigned long Td0[256] = {
static const ulong32 Td0[256] = {
0x51f4a750UL, 0x7e416553UL, 0x1a17a4c3UL, 0x3a275e96UL,
0x3bab6bcbUL, 0x1f9d45f1UL, 0xacfa58abUL, 0x4be30393UL,
0x2030fa55UL, 0xad766df6UL, 0x88cc7691UL, 0xf5024c25UL,
@ -562,7 +562,7 @@ static const unsigned long Td0[256] = {
0x39a80171UL, 0x080cb3deUL, 0xd8b4e49cUL, 0x6456c190UL,
0x7bcb8461UL, 0xd532b670UL, 0x486c5c74UL, 0xd0b85742UL,
};
static const unsigned long Td1[256] = {
static const ulong32 Td1[256] = {
0x5051f4a7UL, 0x537e4165UL, 0xc31a17a4UL, 0x963a275eUL,
0xcb3bab6bUL, 0xf11f9d45UL, 0xabacfa58UL, 0x934be303UL,
0x552030faUL, 0xf6ad766dUL, 0x9188cc76UL, 0x25f5024cUL,
@ -628,7 +628,7 @@ static const unsigned long Td1[256] = {
0x7139a801UL, 0xde080cb3UL, 0x9cd8b4e4UL, 0x906456c1UL,
0x617bcb84UL, 0x70d532b6UL, 0x74486c5cUL, 0x42d0b857UL,
};
static const unsigned long Td2[256] = {
static const ulong32 Td2[256] = {
0xa75051f4UL, 0x65537e41UL, 0xa4c31a17UL, 0x5e963a27UL,
0x6bcb3babUL, 0x45f11f9dUL, 0x58abacfaUL, 0x03934be3UL,
0xfa552030UL, 0x6df6ad76UL, 0x769188ccUL, 0x4c25f502UL,
@ -695,7 +695,7 @@ static const unsigned long Td2[256] = {
0x017139a8UL, 0xb3de080cUL, 0xe49cd8b4UL, 0xc1906456UL,
0x84617bcbUL, 0xb670d532UL, 0x5c74486cUL, 0x5742d0b8UL,
};
static const unsigned long Td3[256] = {
static const ulong32 Td3[256] = {
0xf4a75051UL, 0x4165537eUL, 0x17a4c31aUL, 0x275e963aUL,
0xab6bcb3bUL, 0x9d45f11fUL, 0xfa58abacUL, 0xe303934bUL,
0x30fa5520UL, 0x766df6adUL, 0xcc769188UL, 0x024c25f5UL,
@ -761,7 +761,7 @@ static const unsigned long Td3[256] = {
0xa8017139UL, 0x0cb3de08UL, 0xb4e49cd8UL, 0x56c19064UL,
0xcb84617bUL, 0x32b670d5UL, 0x6c5c7448UL, 0xb85742d0UL,
};
static const unsigned long Td4[256] = {
static const ulong32 Td4[256] = {
0x52525252UL, 0x09090909UL, 0x6a6a6a6aUL, 0xd5d5d5d5UL,
0x30303030UL, 0x36363636UL, 0xa5a5a5a5UL, 0x38383838UL,
0xbfbfbfbfUL, 0x40404040UL, 0xa3a3a3a3UL, 0x9e9e9e9eUL,
@ -827,14 +827,14 @@ static const unsigned long Td4[256] = {
0xe1e1e1e1UL, 0x69696969UL, 0x14141414UL, 0x63636363UL,
0x55555555UL, 0x21212121UL, 0x0c0c0c0cUL, 0x7d7d7d7dUL,
};
static const unsigned long rcon[] = {
static const ulong32 rcon[] = {
0x01000000UL, 0x02000000UL, 0x04000000UL, 0x08000000UL,
0x10000000UL, 0x20000000UL, 0x40000000UL, 0x80000000UL,
0x1B000000UL, 0x36000000UL, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
};
#ifndef SMALL_CODE
static const unsigned long Tks0[] = {
static const ulong32 Tks0[] = {
0x00000000UL, 0x0e090d0bUL, 0x1c121a16UL, 0x121b171dUL, 0x3824342cUL, 0x362d3927UL, 0x24362e3aUL, 0x2a3f2331UL,
0x70486858UL, 0x7e416553UL, 0x6c5a724eUL, 0x62537f45UL, 0x486c5c74UL, 0x4665517fUL, 0x547e4662UL, 0x5a774b69UL,
0xe090d0b0UL, 0xee99ddbbUL, 0xfc82caa6UL, 0xf28bc7adUL, 0xd8b4e49cUL, 0xd6bde997UL, 0xc4a6fe8aUL, 0xcaaff381UL,
@ -869,7 +869,7 @@ static const unsigned long Tks0[] = {
0xa779b492UL, 0xa970b999UL, 0xbb6bae84UL, 0xb562a38fUL, 0x9f5d80beUL, 0x91548db5UL, 0x834f9aa8UL, 0x8d4697a3UL
};
static const unsigned long Tks1[] = {
static const ulong32 Tks1[] = {
0x00000000UL, 0x0b0e090dUL, 0x161c121aUL, 0x1d121b17UL, 0x2c382434UL, 0x27362d39UL, 0x3a24362eUL, 0x312a3f23UL,
0x58704868UL, 0x537e4165UL, 0x4e6c5a72UL, 0x4562537fUL, 0x74486c5cUL, 0x7f466551UL, 0x62547e46UL, 0x695a774bUL,
0xb0e090d0UL, 0xbbee99ddUL, 0xa6fc82caUL, 0xadf28bc7UL, 0x9cd8b4e4UL, 0x97d6bde9UL, 0x8ac4a6feUL, 0x81caaff3UL,
@ -904,7 +904,7 @@ static const unsigned long Tks1[] = {
0x92a779b4UL, 0x99a970b9UL, 0x84bb6baeUL, 0x8fb562a3UL, 0xbe9f5d80UL, 0xb591548dUL, 0xa8834f9aUL, 0xa38d4697UL
};
static const unsigned long Tks2[] = {
static const ulong32 Tks2[] = {
0x00000000UL, 0x0d0b0e09UL, 0x1a161c12UL, 0x171d121bUL, 0x342c3824UL, 0x3927362dUL, 0x2e3a2436UL, 0x23312a3fUL,
0x68587048UL, 0x65537e41UL, 0x724e6c5aUL, 0x7f456253UL, 0x5c74486cUL, 0x517f4665UL, 0x4662547eUL, 0x4b695a77UL,
0xd0b0e090UL, 0xddbbee99UL, 0xcaa6fc82UL, 0xc7adf28bUL, 0xe49cd8b4UL, 0xe997d6bdUL, 0xfe8ac4a6UL, 0xf381caafUL,
@ -939,7 +939,7 @@ static const unsigned long Tks2[] = {
0xb492a779UL, 0xb999a970UL, 0xae84bb6bUL, 0xa38fb562UL, 0x80be9f5dUL, 0x8db59154UL, 0x9aa8834fUL, 0x97a38d46UL
};
static const unsigned long Tks3[] = {
static const ulong32 Tks3[] = {
0x00000000UL, 0x090d0b0eUL, 0x121a161cUL, 0x1b171d12UL, 0x24342c38UL, 0x2d392736UL, 0x362e3a24UL, 0x3f23312aUL,
0x48685870UL, 0x4165537eUL, 0x5a724e6cUL, 0x537f4562UL, 0x6c5c7448UL, 0x65517f46UL, 0x7e466254UL, 0x774b695aUL,
0x90d0b0e0UL, 0x99ddbbeeUL, 0x82caa6fcUL, 0x8bc7adf2UL, 0xb4e49cd8UL, 0xbde997d6UL, 0xa6fe8ac4UL, 0xaff381caUL,

22
bits.c
View File

@ -1,4 +1,6 @@
/* portable way to get secure random bits to feed a PRNG */
#include <fcntl.h>
#include <unistd.h>
#include "mycrypt.h"
#ifdef DEVRANDOM
@ -9,26 +11,20 @@ static unsigned long rng_nix(unsigned char *buf, unsigned long len,
#ifdef NO_FILE
return 0;
#else
FILE *f;
int src;
unsigned long x;
#ifdef TRY_URANDOM_FIRST
f = fopen("/dev/urandom", "rb");
if (f == NULL)
src = open("/dev/urandom", O_RDONLY);
if (src == -1)
#endif /* TRY_URANDOM_FIRST */
f = fopen("/dev/random", "rb");
src = open("/dev/random", O_RDONLY);
if (f == NULL) {
if (src == -1) {
return 0;
}
/* disable buffering */
if (setvbuf(f, NULL, _IONBF, 0) != 0) {
fclose(f);
return 0;
}
x = (unsigned long)fread(buf, 1, (size_t)len, f);
fclose(f);
x = (unsigned long)read(src, buf, (size_t)len);
close(src);
return x;
#endif /* NO_FILE */
}

20
blowfish.c
View File

@ -14,7 +14,7 @@ const struct _cipher_descriptor blowfish_desc =
&blowfish_keysize
};
static const unsigned long ORIG_P[16 + 2] = {
static const ulong32 ORIG_P[16 + 2] = {
0x243F6A88UL, 0x85A308D3UL, 0x13198A2EUL, 0x03707344UL,
0xA4093822UL, 0x299F31D0UL, 0x082EFA98UL, 0xEC4E6C89UL,
0x452821E6UL, 0x38D01377UL, 0xBE5466CFUL, 0x34E90C6CUL,
@ -22,7 +22,7 @@ static const unsigned long ORIG_P[16 + 2] = {
0x9216D5D9UL, 0x8979FB1BUL
};
static const unsigned long ORIG_S[4][256] = {
static const ulong32 ORIG_S[4][256] = {
{ 0xD1310BA6UL, 0x98DFB5ACUL, 0x2FFD72DBUL, 0xD01ADFB7UL,
0xB8E1AFEDUL, 0x6A267E96UL, 0xBA7C9045UL, 0xF12C7F99UL,
0x24A19947UL, 0xB3916CF7UL, 0x0801F2E2UL, 0x858EFC16UL,
@ -284,7 +284,7 @@ static const unsigned long ORIG_S[4][256] = {
int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
symmetric_key *skey)
{
unsigned long x, y, z, A;
ulong32 x, y, z, A;
unsigned char B[8];
_ARGCHK(key != NULL);
@ -304,7 +304,7 @@ int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
for (x = y = 0; x < 18; x++) {
A = 0;
for (z = 0; z < 4; z++) {
A = (A << 8) | ((unsigned long)key[y++ % keylen]);
A = (A << 8) | ((ulong32)key[y++ % keylen]);
}
skey->blowfish.K[x] = ORIG_P[x] ^ A;
}
@ -362,10 +362,10 @@ static void _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sy
void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
#endif
{
unsigned long L, R;
ulong32 L, R;
int r;
#if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
unsigned long *S1, *S2, *S3, *S4;
ulong32 *S1, *S2, *S3, *S4;
#endif
_ARGCHK(pt != NULL);
@ -404,7 +404,7 @@ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
{
_blowfish_ecb_encrypt(pt, ct, key);
burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
burn_stack(sizeof(ulong32) * 2 + sizeof(int));
}
#endif
@ -414,10 +414,10 @@ static void _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sy
void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
#endif
{
unsigned long L, R;
ulong32 L, R;
int r;
#if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
unsigned long *S1, *S2, *S3, *S4;
ulong32 *S1, *S2, *S3, *S4;
#endif
_ARGCHK(pt != NULL);
@ -456,7 +456,7 @@ void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
{
_blowfish_ecb_decrypt(ct, pt, key);
burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
burn_stack(sizeof(ulong32) * 2 + sizeof(int));
}
#endif

40
cast5.c
View File

@ -14,7 +14,7 @@ const struct _cipher_descriptor cast5_desc = {
&cast5_keysize
};
static const unsigned long S1[256] = {
static const ulong32 S1[256] = {
0x30fb40d4UL, 0x9fa0ff0bUL, 0x6beccd2fUL, 0x3f258c7aUL, 0x1e213f2fUL, 0x9c004dd3UL,
0x6003e540UL, 0xcf9fc949UL, 0xbfd4af27UL, 0x88bbbdb5UL, 0xe2034090UL, 0x98d09675UL,
0x6e63a0e0UL, 0x15c361d2UL, 0xc2e7661dUL, 0x22d4ff8eUL, 0x28683b6fUL, 0xc07fd059UL,
@ -59,7 +59,7 @@ static const unsigned long S1[256] = {
0xb141ab08UL, 0x7cca89b9UL, 0x1a69e783UL, 0x02cc4843UL, 0xa2f7c579UL, 0x429ef47dUL,
0x427b169cUL, 0x5ac9f049UL, 0xdd8f0f00UL, 0x5c8165bfUL};
static const unsigned long S2[256] = {
static const ulong32 S2[256] = {
0x1f201094UL, 0xef0ba75bUL, 0x69e3cf7eUL, 0x393f4380UL, 0xfe61cf7aUL, 0xeec5207aUL,
0x55889c94UL, 0x72fc0651UL, 0xada7ef79UL, 0x4e1d7235UL, 0xd55a63ceUL, 0xde0436baUL,
0x99c430efUL, 0x5f0c0794UL, 0x18dcdb7dUL, 0xa1d6eff3UL, 0xa0b52f7bUL, 0x59e83605UL,
@ -104,7 +104,7 @@ static const unsigned long S2[256] = {
0x5c038323UL, 0x3e5d3bb9UL, 0x43d79572UL, 0x7e6dd07cUL, 0x06dfdf1eUL, 0x6c6cc4efUL,
0x7160a539UL, 0x73bfbe70UL, 0x83877605UL, 0x4523ecf1UL};
static const unsigned long S3[256] = {
static const ulong32 S3[256] = {
0x8defc240UL, 0x25fa5d9fUL, 0xeb903dbfUL, 0xe810c907UL, 0x47607fffUL, 0x369fe44bUL,
0x8c1fc644UL, 0xaececa90UL, 0xbeb1f9bfUL, 0xeefbcaeaUL, 0xe8cf1950UL, 0x51df07aeUL,
0x920e8806UL, 0xf0ad0548UL, 0xe13c8d83UL, 0x927010d5UL, 0x11107d9fUL, 0x07647db9UL,
@ -149,7 +149,7 @@ static const unsigned long S3[256] = {
0x52bce688UL, 0x1b03588aUL, 0xf7baefd5UL, 0x4142ed9cUL, 0xa4315c11UL, 0x83323ec5UL,
0xdfef4636UL, 0xa133c501UL, 0xe9d3531cUL, 0xee353783UL};
static const unsigned long S4[256] = {
static const ulong32 S4[256] = {
0x9db30420UL, 0x1fb6e9deUL, 0xa7be7befUL, 0xd273a298UL, 0x4a4f7bdbUL, 0x64ad8c57UL,
0x85510443UL, 0xfa020ed1UL, 0x7e287affUL, 0xe60fb663UL, 0x095f35a1UL, 0x79ebf120UL,
0xfd059d43UL, 0x6497b7b1UL, 0xf3641f63UL, 0x241e4adfUL, 0x28147f5fUL, 0x4fa2b8cdUL,
@ -194,7 +194,7 @@ static const unsigned long S4[256] = {
0xb657c34dUL, 0x4edfd282UL, 0x7ae5290cUL, 0x3cb9536bUL, 0x851e20feUL, 0x9833557eUL,
0x13ecf0b0UL, 0xd3ffb372UL, 0x3f85c5c1UL, 0x0aef7ed2UL};
static const unsigned long S5[256] = {
static const ulong32 S5[256] = {
0x7ec90c04UL, 0x2c6e74b9UL, 0x9b0e66dfUL, 0xa6337911UL, 0xb86a7fffUL, 0x1dd358f5UL,
0x44dd9d44UL, 0x1731167fUL, 0x08fbf1faUL, 0xe7f511ccUL, 0xd2051b00UL, 0x735aba00UL,
0x2ab722d8UL, 0x386381cbUL, 0xacf6243aUL, 0x69befd7aUL, 0xe6a2e77fUL, 0xf0c720cdUL,
@ -239,7 +239,7 @@ static const unsigned long S5[256] = {
0x34010718UL, 0xbb30cab8UL, 0xe822fe15UL, 0x88570983UL, 0x750e6249UL, 0xda627e55UL,
0x5e76ffa8UL, 0xb1534546UL, 0x6d47de08UL, 0xefe9e7d4UL};
static const unsigned long S6[256] = {
static const ulong32 S6[256] = {
0xf6fa8f9dUL, 0x2cac6ce1UL, 0x4ca34867UL, 0xe2337f7cUL, 0x95db08e7UL, 0x016843b4UL,
0xeced5cbcUL, 0x325553acUL, 0xbf9f0960UL, 0xdfa1e2edUL, 0x83f0579dUL, 0x63ed86b9UL,
0x1ab6a6b8UL, 0xde5ebe39UL, 0xf38ff732UL, 0x8989b138UL, 0x33f14961UL, 0xc01937bdUL,
@ -284,7 +284,7 @@ static const unsigned long S6[256] = {
0xb0e93524UL, 0xbebb8fbdUL, 0xa2d762cfUL, 0x49c92f54UL, 0x38b5f331UL, 0x7128a454UL,
0x48392905UL, 0xa65b1db8UL, 0x851c97bdUL, 0xd675cf2fUL};
static const unsigned long S7[256] = {
static const ulong32 S7[256] = {
0x85e04019UL, 0x332bf567UL, 0x662dbfffUL, 0xcfc65693UL, 0x2a8d7f6fUL, 0xab9bc912UL,
0xde6008a1UL, 0x2028da1fUL, 0x0227bce7UL, 0x4d642916UL, 0x18fac300UL, 0x50f18b82UL,
0x2cb2cb11UL, 0xb232e75cUL, 0x4b3695f2UL, 0xb28707deUL, 0xa05fbcf6UL, 0xcd4181e9UL,
@ -329,7 +329,7 @@ static const unsigned long S7[256] = {
0xc3c0bdaeUL, 0x4958c24cUL, 0x518f36b2UL, 0x84b1d370UL, 0x0fedce83UL, 0x878ddadaUL,
0xf2a279c7UL, 0x94e01be8UL, 0x90716f4bUL, 0x954b8aa3UL};
static const unsigned long S8[256] = {
static const ulong32 S8[256] = {
0xe216300dUL, 0xbbddfffcUL, 0xa7ebdabdUL, 0x35648095UL, 0x7789f8b7UL, 0xe6c1121bUL,
0x0e241600UL, 0x052ce8b5UL, 0x11a9cfb0UL, 0xe5952f11UL, 0xece7990aUL, 0x9386d174UL,
0x2a42931cUL, 0x76e38111UL, 0xb12def3aUL, 0x37ddddfcUL, 0xde9adeb1UL, 0x0a0cc32cUL,
@ -375,11 +375,15 @@ static const unsigned long S8[256] = {
0x50b2ad80UL, 0xeaee6801UL, 0x8db2a283UL, 0xea8bf59eUL};
/* returns the i'th byte of a variable */
#define GB(x, i) (((x[(15-i)>>2])>>(unsigned)(8*((15-i)&3)))&255)
#ifdef _MSC_VER
#define GB(x, i) ((unsigned char)((x[(15-i)>>2])>>(unsigned)(8*((15-i)&3))))
#else
#define GB(x, i) (((x[(15-i)>>2])>>(unsigned)(8*((15-i)&3)))&255)
#endif
int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
{
unsigned long x[4], z[4];
ulong32 x[4], z[4];
unsigned char buf[16];
int y, i;
@ -464,25 +468,25 @@ int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_
#define INLINE
#endif
INLINE static unsigned long FI(unsigned long R, unsigned long Km, unsigned long Kr)
INLINE static ulong32 FI(ulong32 R, ulong32 Km, ulong32 Kr)
{
unsigned long I;
ulong32 I;
I = (Km + R);
I = ROL(I, Kr);
return ((S1[byte(I, 3)] ^ S2[byte(I,2)]) - S3[byte(I,1)]) + S4[byte(I,0)];
}
INLINE static unsigned long FII(unsigned long R, unsigned long Km, unsigned long Kr)
INLINE static ulong32 FII(ulong32 R, ulong32 Km, ulong32 Kr)
{
unsigned long I;
ulong32 I;
I = (Km ^ R);
I = ROL(I, Kr);
return ((S1[byte(I, 3)] - S2[byte(I,2)]) + S3[byte(I,1)]) ^ S4[byte(I,0)];
}
INLINE static unsigned long FIII(unsigned long R, unsigned long Km, unsigned long Kr)
INLINE static ulong32 FIII(ulong32 R, ulong32 Km, ulong32 Kr)
{
unsigned long I;
ulong32 I;
I = (Km - R);
I = ROL(I, Kr);
return ((S1[byte(I, 3)] + S2[byte(I,2)]) ^ S3[byte(I,1)]) - S4[byte(I,0)];
@ -490,7 +494,7 @@ INLINE static unsigned long FIII(unsigned long R, unsigned long Km, unsigned lon
void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
{
unsigned long R, L;
ulong32 R, L;
_ARGCHK(pt != NULL);
_ARGCHK(ct != NULL);
@ -523,7 +527,7 @@ void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
{
unsigned long R, L;
ulong32 R, L;
_ARGCHK(pt != NULL);
_ARGCHK(ct != NULL);

10
changes
View File

@ -1,3 +1,13 @@
Jul 10th, 2003
v0.88 -- Sped up CAST5 key schedule for MSVC
-- added "ulong32" which allows people on 64-bit platforms to force the 32-bit tables in
ciphers like blowfish and AES to be 32-bits. E.g. when unsigned long is 64-bits.
-- Optimized the SAFER-SK64, SAFER-SK128, SAFER+, RC5 and RC6 key schedule [big time!]
-- Optimized SHA-1 and SHA-256 quite a bit too.
-- Fixed up the makefile to use -fomit-frame-pointer more liberally
-- Added tv_gen program which makes test vectors for ciphers/hashes
-- Merged in LibTomMath v0.22
Jun 19th, 2003
v0.87 -- Many MSVC optimizations to the code base
-- Improved the AES and Twofish key schedule [faster, more constant time]

152
crypt.out
View File

@ -1,76 +1,76 @@
\BOOKMARK [0][-]{chapter.1}{Introduction}{}
\BOOKMARK [1][-]{section.1.1}{What is the LibTomCrypt?}{chapter.1}
\BOOKMARK [2][-]{subsection.1.1.1}{What the library IS for?}{section.1.1}
\BOOKMARK [2][-]{subsection.1.1.2}{What the library IS NOT for?}{section.1.1}
\BOOKMARK [1][-]{section.1.2}{Why did I write it?}{chapter.1}
\BOOKMARK [2][-]{subsection.1.2.1}{Modular}{section.1.2}
\BOOKMARK [1][-]{section.1.3}{License}{chapter.1}
\BOOKMARK [1][-]{section.1.4}{Patent Disclosure}{chapter.1}
\BOOKMARK [1][-]{section.1.5}{Building the library}{chapter.1}
\BOOKMARK [1][-]{section.1.6}{Building against the library}{chapter.1}
\BOOKMARK [1][-]{section.1.7}{Thanks}{chapter.1}
\BOOKMARK [0][-]{chapter.2}{The Application Programming Interface \(API\)}{}
\BOOKMARK [1][-]{section.2.1}{Introduction}{chapter.2}
\BOOKMARK [1][-]{section.2.2}{Macros}{chapter.2}
\BOOKMARK [1][-]{section.2.3}{Functions with Variable Length Output}{chapter.2}
\BOOKMARK [1][-]{section.2.4}{Functions that need a PRNG}{chapter.2}
\BOOKMARK [1][-]{section.2.5}{Functions that use Arrays of Octets}{chapter.2}
\BOOKMARK [0][-]{chapter.3}{Symmetric Block Ciphers}{}
\BOOKMARK [1][-]{section.3.1}{Core Functions}{chapter.3}
\BOOKMARK [1][-]{section.3.2}{Key Sizes and Number of Rounds}{chapter.3}
\BOOKMARK [1][-]{section.3.3}{The Cipher Descriptors}{chapter.3}
\BOOKMARK [2][-]{subsection.3.3.1}{Notes}{section.3.3}
\BOOKMARK [1][-]{section.3.4}{Symmetric Modes of Operations}{chapter.3}
\BOOKMARK [2][-]{subsection.3.4.1}{Background}{section.3.4}
\BOOKMARK [2][-]{subsection.3.4.2}{Choice of Mode}{section.3.4}
\BOOKMARK [2][-]{subsection.3.4.3}{Implementation}{section.3.4}
\BOOKMARK [0][-]{chapter.4}{One-Way Cryptographic Hash Functions}{}
\BOOKMARK [1][-]{section.4.1}{Core Functions}{chapter.4}
\BOOKMARK [1][-]{section.4.2}{Hash Descriptors}{chapter.4}
\BOOKMARK [2][-]{subsection.4.2.1}{Notice}{section.4.2}
\BOOKMARK [1][-]{section.4.3}{Hash based Message Authenication Codes}{chapter.4}
\BOOKMARK [0][-]{chapter.5}{Pseudo-Random Number Generators}{}
\BOOKMARK [1][-]{section.5.1}{Core Functions}{chapter.5}
\BOOKMARK [2][-]{subsection.5.1.1}{Remarks}{section.5.1}
\BOOKMARK [2][-]{subsection.5.1.2}{Example}{section.5.1}
\BOOKMARK [1][-]{section.5.2}{PRNG Descriptors}{chapter.5}
\BOOKMARK [1][-]{section.5.3}{The Secure RNG}{chapter.5}
\BOOKMARK [2][-]{subsection.5.3.1}{The Secure PRNG Interface}{section.5.3}
\BOOKMARK [0][-]{chapter.6}{RSA Routines}{}
\BOOKMARK [1][-]{section.6.1}{Background}{chapter.6}
\BOOKMARK [1][-]{section.6.2}{Core Functions}{chapter.6}
\BOOKMARK [1][-]{section.6.3}{Packet Routines}{chapter.6}
\BOOKMARK [1][-]{section.6.4}{Remarks}{chapter.6}
\BOOKMARK [0][-]{chapter.7}{Diffie-Hellman Key Exchange}{}
\BOOKMARK [1][-]{section.7.1}{Background}{chapter.7}
\BOOKMARK [1][-]{section.7.2}{Core Functions}{chapter.7}
\BOOKMARK [2][-]{subsection.7.2.1}{Remarks on Usage}{section.7.2}
\BOOKMARK [2][-]{subsection.7.2.2}{Remarks on The Snippet}{section.7.2}
\BOOKMARK [1][-]{section.7.3}{Other Diffie-Hellman Functions}{chapter.7}
\BOOKMARK [1][-]{section.7.4}{DH Packet}{chapter.7}
\BOOKMARK [0][-]{chapter.8}{Elliptic Curve Cryptography}{}
\BOOKMARK [1][-]{section.8.1}{Background}{chapter.8}
\BOOKMARK [1][-]{section.8.2}{Core Functions}{chapter.8}
\BOOKMARK [1][-]{section.8.3}{ECC Packet}{chapter.8}
\BOOKMARK [1][-]{section.8.4}{ECC Keysizes}{chapter.8}
\BOOKMARK [0][-]{chapter.9}{Public Keyrings}{}
\BOOKMARK [1][-]{section.9.1}{Introduction}{chapter.9}
\BOOKMARK [1][-]{section.9.2}{The Keyring API}{chapter.9}
\BOOKMARK [0][-]{chapter.10}{GF\(2w\) Math Routines}{}
\BOOKMARK [0][-]{chapter.11}{Miscellaneous}{}
\BOOKMARK [1][-]{section.11.1}{Base64 Encoding and Decoding}{chapter.11}
\BOOKMARK [1][-]{section.11.2}{The Multiple Precision Integer Library \(MPI\)}{chapter.11}
\BOOKMARK [2][-]{subsection.11.2.1}{Binary Forms of ``mp\137int'' Variables}{section.11.2}
\BOOKMARK [2][-]{subsection.11.2.2}{Primality Testing}{section.11.2}
\BOOKMARK [0][-]{chapter.12}{Programming Guidelines}{}
\BOOKMARK [1][-]{section.12.1}{Secure Pseudo Random Number Generators}{chapter.12}
\BOOKMARK [1][-]{section.12.2}{Preventing Trivial Errors}{chapter.12}
\BOOKMARK [1][-]{section.12.3}{Registering Your Algorithms}{chapter.12}
\BOOKMARK [1][-]{section.12.4}{Key Sizes}{chapter.12}
\BOOKMARK [2][-]{subsection.12.4.1}{Symmetric Ciphers}{section.12.4}
\BOOKMARK [2][-]{subsection.12.4.2}{Assymetric Ciphers}{section.12.4}
\BOOKMARK [1][-]{section.12.5}{Thread Safety}{chapter.12}
\BOOKMARK [0][-]{chapter.13}{Configuring the Library}{}
\BOOKMARK [1][-]{section.13.1}{Introduction}{chapter.13}
\BOOKMARK [1][-]{section.13.2}{mycrypt\137cfg.h}{chapter.13}
\BOOKMARK [1][-]{section.13.3}{The Configure Script}{chapter.13}
\BOOKMARK [0][-]{chapter.1}{Introduction}{}
\BOOKMARK [1][-]{section.1.1}{What is the LibTomCrypt?}{chapter.1}
\BOOKMARK [2][-]{subsection.1.1.1}{What the library IS for?}{section.1.1}
\BOOKMARK [2][-]{subsection.1.1.2}{What the library IS NOT for?}{section.1.1}
\BOOKMARK [1][-]{section.1.2}{Why did I write it?}{chapter.1}
\BOOKMARK [2][-]{subsection.1.2.1}{Modular}{section.1.2}
\BOOKMARK [1][-]{section.1.3}{License}{chapter.1}
\BOOKMARK [1][-]{section.1.4}{Patent Disclosure}{chapter.1}
\BOOKMARK [1][-]{section.1.5}{Building the library}{chapter.1}
\BOOKMARK [1][-]{section.1.6}{Building against the library}{chapter.1}
\BOOKMARK [1][-]{section.1.7}{Thanks}{chapter.1}
\BOOKMARK [0][-]{chapter.2}{The Application Programming Interface \(API\)}{}
\BOOKMARK [1][-]{section.2.1}{Introduction}{chapter.2}
\BOOKMARK [1][-]{section.2.2}{Macros}{chapter.2}
\BOOKMARK [1][-]{section.2.3}{Functions with Variable Length Output}{chapter.2}
\BOOKMARK [1][-]{section.2.4}{Functions that need a PRNG}{chapter.2}
\BOOKMARK [1][-]{section.2.5}{Functions that use Arrays of Octets}{chapter.2}
\BOOKMARK [0][-]{chapter.3}{Symmetric Block Ciphers}{}
\BOOKMARK [1][-]{section.3.1}{Core Functions}{chapter.3}
\BOOKMARK [1][-]{section.3.2}{Key Sizes and Number of Rounds}{chapter.3}
\BOOKMARK [1][-]{section.3.3}{The Cipher Descriptors}{chapter.3}
\BOOKMARK [2][-]{subsection.3.3.1}{Notes}{section.3.3}
\BOOKMARK [1][-]{section.3.4}{Symmetric Modes of Operations}{chapter.3}
\BOOKMARK [2][-]{subsection.3.4.1}{Background}{section.3.4}
\BOOKMARK [2][-]{subsection.3.4.2}{Choice of Mode}{section.3.4}
\BOOKMARK [2][-]{subsection.3.4.3}{Implementation}{section.3.4}
\BOOKMARK [0][-]{chapter.4}{One-Way Cryptographic Hash Functions}{}
\BOOKMARK [1][-]{section.4.1}{Core Functions}{chapter.4}
\BOOKMARK [1][-]{section.4.2}{Hash Descriptors}{chapter.4}
\BOOKMARK [2][-]{subsection.4.2.1}{Notice}{section.4.2}
\BOOKMARK [1][-]{section.4.3}{Hash based Message Authenication Codes}{chapter.4}
\BOOKMARK [0][-]{chapter.5}{Pseudo-Random Number Generators}{}
\BOOKMARK [1][-]{section.5.1}{Core Functions}{chapter.5}
\BOOKMARK [2][-]{subsection.5.1.1}{Remarks}{section.5.1}
\BOOKMARK [2][-]{subsection.5.1.2}{Example}{section.5.1}
\BOOKMARK [1][-]{section.5.2}{PRNG Descriptors}{chapter.5}
\BOOKMARK [1][-]{section.5.3}{The Secure RNG}{chapter.5}
\BOOKMARK [2][-]{subsection.5.3.1}{The Secure PRNG Interface}{section.5.3}
\BOOKMARK [0][-]{chapter.6}{RSA Routines}{}
\BOOKMARK [1][-]{section.6.1}{Background}{chapter.6}
\BOOKMARK [1][-]{section.6.2}{Core Functions}{chapter.6}
\BOOKMARK [1][-]{section.6.3}{Packet Routines}{chapter.6}
\BOOKMARK [1][-]{section.6.4}{Remarks}{chapter.6}
\BOOKMARK [0][-]{chapter.7}{Diffie-Hellman Key Exchange}{}
\BOOKMARK [1][-]{section.7.1}{Background}{chapter.7}
\BOOKMARK [1][-]{section.7.2}{Core Functions}{chapter.7}
\BOOKMARK [2][-]{subsection.7.2.1}{Remarks on Usage}{section.7.2}
\BOOKMARK [2][-]{subsection.7.2.2}{Remarks on The Snippet}{section.7.2}
\BOOKMARK [1][-]{section.7.3}{Other Diffie-Hellman Functions}{chapter.7}
\BOOKMARK [1][-]{section.7.4}{DH Packet}{chapter.7}
\BOOKMARK [0][-]{chapter.8}{Elliptic Curve Cryptography}{}
\BOOKMARK [1][-]{section.8.1}{Background}{chapter.8}
\BOOKMARK [1][-]{section.8.2}{Core Functions}{chapter.8}
\BOOKMARK [1][-]{section.8.3}{ECC Packet}{chapter.8}
\BOOKMARK [1][-]{section.8.4}{ECC Keysizes}{chapter.8}
\BOOKMARK [0][-]{chapter.9}{Public Keyrings}{}
\BOOKMARK [1][-]{section.9.1}{Introduction}{chapter.9}
\BOOKMARK [1][-]{section.9.2}{The Keyring API}{chapter.9}
\BOOKMARK [0][-]{chapter.10}{GF\(2w\) Math Routines}{}
\BOOKMARK [0][-]{chapter.11}{Miscellaneous}{}
\BOOKMARK [1][-]{section.11.1}{Base64 Encoding and Decoding}{chapter.11}
\BOOKMARK [1][-]{section.11.2}{The Multiple Precision Integer Library \(MPI\)}{chapter.11}
\BOOKMARK [2][-]{subsection.11.2.1}{Binary Forms of ``mp\137int'' Variables}{section.11.2}
\BOOKMARK [2][-]{subsection.11.2.2}{Primality Testing}{section.11.2}
\BOOKMARK [0][-]{chapter.12}{Programming Guidelines}{}
\BOOKMARK [1][-]{section.12.1}{Secure Pseudo Random Number Generators}{chapter.12}
\BOOKMARK [1][-]{section.12.2}{Preventing Trivial Errors}{chapter.12}
\BOOKMARK [1][-]{section.12.3}{Registering Your Algorithms}{chapter.12}
\BOOKMARK [1][-]{section.12.4}{Key Sizes}{chapter.12}
\BOOKMARK [2][-]{subsection.12.4.1}{Symmetric Ciphers}{section.12.4}
\BOOKMARK [2][-]{subsection.12.4.2}{Assymetric Ciphers}{section.12.4}
\BOOKMARK [1][-]{section.12.5}{Thread Safety}{chapter.12}
\BOOKMARK [0][-]{chapter.13}{Configuring the Library}{}
\BOOKMARK [1][-]{section.13.1}{Introduction}{chapter.13}
\BOOKMARK [1][-]{section.13.2}{mycrypt\137cfg.h}{chapter.13}
\BOOKMARK [1][-]{section.13.3}{The Configure Script}{chapter.13}

BIN
crypt.pdf
View File

Binary file not shown.

2
crypt.tex
View File

@ -47,7 +47,7 @@
\def\gap{\vspace{0.5ex}}
\makeindex
\begin{document}
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.87}
\title{A Tiny Crypto Library, \\ LibTomCrypt \\ Version 0.88}
\author{Tom St Denis \\
Algonquin College \\
\\

2
demos/test.c
View File

@ -1261,7 +1261,7 @@ gf_tests (void)
void
test_prime (void)
{
unsigned char buf[1024];
char buf[1024];
mp_int a;
int x;

167
demos/tv_gen.c Normal file
View File

@ -0,0 +1,167 @@
#include <mycrypt.h>
void reg_algs(void)
{
#ifdef RIJNDAEL
register_cipher (&aes_desc);
#endif
#ifdef BLOWFISH
register_cipher (&blowfish_desc);
#endif
#ifdef XTEA
register_cipher (&xtea_desc);
#endif
#ifdef RC5
register_cipher (&rc5_desc);
#endif
#ifdef RC6
register_cipher (&rc6_desc);
#endif
#ifdef SAFERP
register_cipher (&saferp_desc);
#endif
#ifdef TWOFISH
register_cipher (&twofish_desc);
#endif
#ifdef SAFER
register_cipher (&safer_k64_desc);
register_cipher (&safer_sk64_desc);
register_cipher (&safer_k128_desc);
register_cipher (&safer_sk128_desc);
#endif
#ifdef RC2
register_cipher (&rc2_desc);
#endif
#ifdef DES
register_cipher (&des_desc);
register_cipher (&des3_desc);
#endif
#ifdef CAST5
register_cipher (&cast5_desc);
#endif
#ifdef NOEKEON
register_cipher (&noekeon_desc);
#endif
#ifdef TIGER
register_hash (&tiger_desc);
#endif
#ifdef MD2
register_hash (&md2_desc);
#endif
#ifdef MD4
register_hash (&md4_desc);
#endif
#ifdef MD5
register_hash (&md5_desc);
#endif
#ifdef SHA1
register_hash (&sha1_desc);
#endif
#ifdef SHA256
register_hash (&sha256_desc);
#endif
#ifdef SHA384
register_hash (&sha384_desc);
#endif
#ifdef SHA512
register_hash (&sha512_desc);
#endif
}
void hash_gen(void)
{
unsigned char md[MAXBLOCKSIZE], buf[MAXBLOCKSIZE*2+2];
unsigned long outlen, x, y, z;
FILE *out;
out = fopen("hash_tv.txt", "w");
fprintf(out, "Hash Test Vectors:\n\nThese are the hashes of nn bytes '00 01 02 03 .. (nn-1)'\n\n");
for (x = 0; hash_descriptor[x].name != NULL; x++) {
fprintf(out, "Hash: %s\n", hash_descriptor[x].name);
for (y = 0; y <= (hash_descriptor[x].blocksize * 2); y++) {
for (z = 0; z < y; z++) {
buf[z] = (unsigned char)z;
}
outlen = sizeof(md);
hash_memory(x, buf, y, md, &outlen);
fprintf(out, "%3lu: ", y);
for (z = 0; z < outlen; z++) {
fprintf(out, "%02X", md[z]);
}
fprintf(out, "\n");
}
fprintf(out, "\n");
}
fclose(out);
}
void cipher_gen(void)
{
unsigned char key[MAXBLOCKSIZE], pt[MAXBLOCKSIZE];
unsigned long x, y, z, w;
int kl, lastkl;
FILE *out;
symmetric_key skey;
out = fopen("cipher_tv.txt", "w");
fprintf(out, "Cipher Test Vectors\n\nThese are test encryptions with key of nn bytes '00 01 02 03 .. (nn-1)' and original PT of the same style.\n\n");
for (x = 0; cipher_descriptor[x].name != NULL; x++) {
fprintf(out, "Cipher: %s\n", cipher_descriptor[x].name);
/* three modes, smallest, medium, large keys */
lastkl = 10000;
for (y = 0; y < 3; y++) {
switch (y) {
case 0: kl = cipher_descriptor[x].min_key_length; break;
case 1: kl = (cipher_descriptor[x].min_key_length + cipher_descriptor[x].max_key_length)/2; break;
case 2: kl = cipher_descriptor[x].max_key_length; break;
}
cipher_descriptor[x].keysize(&kl);
if (kl == lastkl) break;
lastkl = kl;
fprintf(out, "Key Size: %d bytes\n", kl);
for (z = 0; (int)z < kl; z++) {
key[z] = (unsigned char)z;
}
cipher_descriptor[x].setup(key, kl, 0, &skey);
for (z = 0; (int)z < cipher_descriptor[x].block_length; z++) {
pt[z] = (unsigned char)z;
}
for (w = 0; w < 25; w++) {
cipher_descriptor[x].ecb_encrypt(pt, pt, &skey);
fprintf(out, "%2lu: ", w);
for (z = 0; (int)z < cipher_descriptor[x].block_length; z++) {
fprintf(out, "%02X", pt[z]);
}
fprintf(out, "\n");
}
fprintf(out, "\n");
}
fprintf(out, "\n");
}
fclose(out);
}
int main(void)
{
reg_algs();
hash_gen();
cipher_gen();
return 0;
}

574
demos/x86_prof.c
View File

@ -1,291 +1,283 @@
#include <mycrypt.h>
#define KTIMES 25
#define TIMES 10000
/* RDTSC from Scott Duplichan */
static ulong64 rdtsc (void)
{
#if defined __GNUC__
#ifdef i386
ulong64 a;
asm volatile("rdtsc ":"=A" (a));
return a;
#else /* gcc-IA64 version */
unsigned long result;
__asm__ __volatile__("mov %0=ar.itc" : "=r"(result) :: "memory");
while (__builtin_expect ((int) result == -1, 0))
__asm__ __volatile__("mov %0=ar.itc" : "=r"(result) :: "memory");
return result;
#endif
// Microsoft and Intel Windows compilers
#elif defined _M_IX86
__asm rdtsc
#elif defined _M_AMD64
return __rdtsc ();
#elif defined _M_IA64
#if defined __INTEL_COMPILER
#include <ia64intrin.h>
#endif
return __getReg (3116);
#else
#error need rdtsc function for this build
#endif
}
ulong64 timer, skew = 0;
void t_start(void)
{
timer = rdtsc();
}
ulong64 t_read(void)
{
return rdtsc() - timer;
}
void init_timer(void)
{
ulong64 c1, c2, t1, t2, t3;
unsigned long y1;
c1 = c2 = (ulong64)-1;
for (y1 = 0; y1 < TIMES*100; y1++) {
t_start();
t1 = t_read();
t3 = t_read();
t2 = t_read() - t1;
c1 = (c1 > t1) ? t1 : c1;
c2 = (c2 > t2) ? t2 : c2;
}
skew = c2 - c1;
printf("Clock Skew: %lu\n", (unsigned long)skew);
}
void reg_algs(void)
{
#ifdef RIJNDAEL
register_cipher (&aes_desc);
#endif
#ifdef BLOWFISH
register_cipher (&blowfish_desc);
#endif
#ifdef XTEA
register_cipher (&xtea_desc);
#endif
#ifdef RC5
register_cipher (&rc5_desc);
#endif
#ifdef RC6
register_cipher (&rc6_desc);
#endif
#ifdef SAFERP
register_cipher (&saferp_desc);
#endif
#ifdef TWOFISH
register_cipher (&twofish_desc);
#endif
#ifdef SAFER
register_cipher (&safer_k64_desc);
register_cipher (&safer_sk64_desc);
register_cipher (&safer_k128_desc);
register_cipher (&safer_sk128_desc);
#endif
#ifdef RC2
register_cipher (&rc2_desc);
#endif
#ifdef DES
register_cipher (&des_desc);
register_cipher (&des3_desc);
#endif
#ifdef CAST5
register_cipher (&cast5_desc);
#endif
#ifdef NOEKEON
register_cipher (&noekeon_desc);
#endif
#ifdef TIGER
register_hash (&tiger_desc);
#endif
#ifdef MD2
register_hash (&md2_desc);
#endif
#ifdef MD4
register_hash (&md4_desc);
#endif
#ifdef MD5
register_hash (&md5_desc);
#endif
#ifdef SHA1
register_hash (&sha1_desc);
#endif
#ifdef SHA256
register_hash (&sha256_desc);
#endif
#ifdef SHA384
register_hash (&sha384_desc);
#endif
#ifdef SHA512
register_hash (&sha512_desc);
#endif
}
int time_keysched(void)
{
unsigned long x, i, y1;
ulong64 t1, c1;
symmetric_key skey;
int kl;
int (*func) (const unsigned char *, int , int , symmetric_key *);
unsigned char key[256][MAXBLOCKSIZE];
printf ("\n\nKey Schedule Time Trials for the Symmetric Ciphers:\n(Times are cycles per key)\n");
for (x = 0; cipher_descriptor[x].name != NULL; x++) {
#define DO1(k) func(k, kl, 0, &skey);
func = cipher_descriptor[x].setup;
kl = cipher_descriptor[x].min_key_length;
c1 = (ulong64)-1;
for (y1 = 0; y1 < KTIMES; y1++) {
for (i = 0; i < 256; i++) {
rng_get_bytes(key[i], kl, NULL);
}
t_start();
for (i = 0; i < 256; i++) {
DO1(key[i]);
}
t1 = t_read() >> 8;
if (t1 < c1) { if (y1 > 0) --y1; }
c1 = (t1 > c1) ? c1 : t1;
}
t1 = c1 - skew;
printf
("%-20s: Schedule at %6lu\n", cipher_descriptor[x].name, (unsigned long)t1);
#undef DO1
}
return 0;
}
int time_cipher(void)
{
unsigned long x, y1;
ulong64 t1, t2, c1, c2, a1, a2;
symmetric_key skey;
void (*func) (const unsigned char *, unsigned char *, symmetric_key *);
unsigned char key[MAXBLOCKSIZE], pt[MAXBLOCKSIZE];
printf ("\n\nECB Time Trials for the Symmetric Ciphers:\n");
for (x = 0; cipher_descriptor[x].name != NULL; x++) {
cipher_descriptor[x].setup (key, cipher_descriptor[x].min_key_length, 0,
&skey);
#define DO1 func(pt,pt,&skey);
#define DO2 DO1 DO1
func = cipher_descriptor[x].ecb_encrypt;
c1 = c2 = (ulong64)-1;
for (y1 = 0; y1 < TIMES; y1++) {
t_start();
DO1;
t1 = t_read();
DO2;
t2 = t_read();
t2 -= t1;
c1 = (t1 > c1 ? c1 : t1);
c2 = (t2 > c2 ? c2 : t2);
}
a1 = c2 - c1 - skew;
func = cipher_descriptor[x].ecb_decrypt;
c1 = c2 = (ulong64)-1;
for (y1 = 0; y1 < TIMES; y1++) {
t_start();
DO1;
t1 = t_read();
DO2;
t2 = t_read();
t2 -= t1;
c1 = (t1 > c1 ? c1 : t1);
c2 = (t2 > c2 ? c2 : t2);
}
a2 = c2 - c1 - skew;
printf
("%-20s: Encrypt at %7.3f, Decrypt at %7.3f\n", cipher_descriptor[x].name, a1/(double)cipher_descriptor[x].block_length, a2/(double)cipher_descriptor[x].block_length);
#undef DO2
#undef DO1
}
return 0;
}
int time_hash(void)
{
unsigned long x, y1, len;
ulong64 t1, t2, c1, c2;
hash_state md;
void (*func)(hash_state *, const unsigned char *, unsigned long);
unsigned char pt[MAXBLOCKSIZE];
printf ("\n\nHASH Time Trials for:\n");
for (x = 0; hash_descriptor[x].name != NULL; x++) {
hash_descriptor[x].init(&md);
#define DO1 func(&md,pt,len);
#define DO2 DO1 DO1
func = hash_descriptor[x].process;
len = hash_descriptor[x].blocksize;
c1 = c2 = (ulong64)-1;
for (y1 = 0; y1 < TIMES; y1++) {
t_start();
DO1;
t1 = t_read();
DO2;
t2 = t_read() - t1;
c1 = (t1 > c1) ? c1 : t1;
c2 = (t2 > c2) ? c2 : t2;
}
t1 = c2 - c1 - skew;
t1 = ((t1 * CONST64(1000))) / ((ulong64)hash_descriptor[x].blocksize);
printf
("%-20s: Process at %9.3f\n", hash_descriptor[x].name, t1 / 1000.0);
#undef DO2
#undef DO1
}
return 0;
}
int main(void)
{
reg_algs();
printf("Timings for ciphers and hashes. Times are listed as cycles per byte processed.\n\n");
// init_timer();
time_keysched();
time_cipher();
time_hash();
return EXIT_SUCCESS;
}
#include <mycrypt.h>
#define KTIMES 25
#define TIMES 100000
/* RDTSC from Scott Duplichan */
static ulong64 rdtsc (void)
{
#if defined __GNUC__
#ifdef i386
ulong64 a;
asm volatile("rdtsc ":"=A" (a));
return a;
#else /* gcc-IA64 version */
unsigned long result;
__asm__ __volatile__("mov %0=ar.itc" : "=r"(result) :: "memory");
while (__builtin_expect ((int) result == -1, 0))
__asm__ __volatile__("mov %0=ar.itc" : "=r"(result) :: "memory");
return result;
#endif
// Microsoft and Intel Windows compilers
#elif defined _M_IX86
__asm rdtsc
#elif defined _M_AMD64
return __rdtsc ();
#elif defined _M_IA64
#if defined __INTEL_COMPILER
#include <ia64intrin.h>
#endif
return __getReg (3116);
#else
#error need rdtsc function for this build
#endif
}
ulong64 timer, skew = 0;
void t_start(void)
{
timer = rdtsc();
}
ulong64 t_read(void)
{
return rdtsc() - timer;
}
void init_timer(void)
{
ulong64 c1, c2, t1, t2, t3;
unsigned long y1;
c1 = c2 = (ulong64)-1;
for (y1 = 0; y1 < TIMES*100; y1++) {
t_start();
t1 = t_read();
t3 = t_read();
t2 = t_read() - t1;
c1 = (c1 > t1) ? t1 : c1;
c2 = (c2 > t2) ? t2 : c2;
}
skew = c2 - c1;
printf("Clock Skew: %lu\n", (unsigned long)skew);
}
void reg_algs(void)
{
#ifdef RIJNDAEL
register_cipher (&aes_desc);
#endif
#ifdef BLOWFISH
register_cipher (&blowfish_desc);
#endif
#ifdef XTEA
register_cipher (&xtea_desc);
#endif
#ifdef RC5
register_cipher (&rc5_desc);
#endif
#ifdef RC6
register_cipher (&rc6_desc);
#endif
#ifdef SAFERP
register_cipher (&saferp_desc);
#endif
#ifdef TWOFISH
register_cipher (&twofish_desc);
#endif
#ifdef SAFER
register_cipher (&safer_k64_desc);
register_cipher (&safer_sk64_desc);
register_cipher (&safer_k128_desc);
register_cipher (&safer_sk128_desc);
#endif
#ifdef RC2
register_cipher (&rc2_desc);
#endif
#ifdef DES
register_cipher (&des_desc);
register_cipher (&des3_desc);
#endif
#ifdef CAST5
register_cipher (&cast5_desc);
#endif
#ifdef NOEKEON
register_cipher (&noekeon_desc);
#endif
#ifdef TIGER
register_hash (&tiger_desc);
#endif
#ifdef MD2
register_hash (&md2_desc);
#endif
#ifdef MD4
register_hash (&md4_desc);
#endif
#ifdef MD5
register_hash (&md5_desc);
#endif
#ifdef SHA1
register_hash (&sha1_desc);
#endif
#ifdef SHA256
register_hash (&sha256_desc);
#endif
#ifdef SHA384
register_hash (&sha384_desc);
#endif
#ifdef SHA512
register_hash (&sha512_desc);
#endif
}
int time_keysched(void)
{
unsigned long x, i, y1;
ulong64 t1, c1;
symmetric_key skey;
int kl;
int (*func) (const unsigned char *, int , int , symmetric_key *);
unsigned char key[MAXBLOCKSIZE];
printf ("\n\nKey Schedule Time Trials for the Symmetric Ciphers:\n(Times are cycles per key)\n");
for (x = 0; cipher_descriptor[x].name != NULL; x++) {
#define DO1(k) func(k, kl, 0, &skey);
func = cipher_descriptor[x].setup;
kl = cipher_descriptor[x].min_key_length;
c1 = (ulong64)-1;
for (y1 = 0; y1 < KTIMES; y1++) {
rng_get_bytes(key, kl, NULL);
t_start();
DO1(key);
t1 = t_read();
c1 = (t1 > c1) ? c1 : t1;
}
t1 = c1 - skew;
printf("%-20s: Schedule at %6lu\n", cipher_descriptor[x].name, (unsigned long)t1);
#undef DO1
}
return 0;
}
int time_cipher(void)
{
unsigned long x, y1;
ulong64 t1, t2, c1, c2, a1, a2;
symmetric_key skey;
void (*func) (const unsigned char *, unsigned char *, symmetric_key *);
unsigned char key[MAXBLOCKSIZE], pt[MAXBLOCKSIZE];
printf ("\n\nECB Time Trials for the Symmetric Ciphers:\n");
for (x = 0; cipher_descriptor[x].name != NULL; x++) {
cipher_descriptor[x].setup (key, cipher_descriptor[x].min_key_length, 0,
&skey);
#define DO1 func(pt,pt,&skey);
#define DO2 DO1 DO1
func = cipher_descriptor[x].ecb_encrypt;
c1 = c2 = (ulong64)-1;
for (y1 = 0; y1 < TIMES; y1++) {
t_start();
DO1;
t1 = t_read();
DO2;
t2 = t_read();
t2 -= t1;
c1 = (t1 > c1 ? c1 : t1);
c2 = (t2 > c2 ? c2 : t2);
}
a1 = c2 - c1 - skew;
func = cipher_descriptor[x].ecb_decrypt;
c1 = c2 = (ulong64)-1;
for (y1 = 0; y1 < TIMES; y1++) {
t_start();
DO1;
t1 = t_read();
DO2;
t2 = t_read();
t2 -= t1;
c1 = (t1 > c1 ? c1 : t1);
c2 = (t2 > c2 ? c2 : t2);
}
a2 = c2 - c1 - skew;
printf
("%-20s: Encrypt at %7.3f, Decrypt at %7.3f\n", cipher_descriptor[x].name, a1/(double)cipher_descriptor[x].block_length, a2/(double)cipher_descriptor[x].block_length);
#undef DO2
#undef DO1
}
return 0;
}
int time_hash(void)
{
unsigned long x, y1, len;
ulong64 t1, t2, c1, c2;
hash_state md;
void (*func)(hash_state *, const unsigned char *, unsigned long);
unsigned char pt[MAXBLOCKSIZE];
printf ("\n\nHASH Time Trials for:\n");
for (x = 0; hash_descriptor[x].name != NULL; x++) {
hash_descriptor[x].init(&md);
#define DO1 func(&md,pt,len);
#define DO2 DO1 DO1
func = hash_descriptor[x].process;
len = hash_descriptor[x].blocksize;
c1 = c2 = (ulong64)-1;
for (y1 = 0; y1 < TIMES; y1++) {
t_start();
DO1;
t1 = t_read();
DO2;
t2 = t_read() - t1;
c1 = (t1 > c1) ? c1 : t1;
c2 = (t2 > c2) ? c2 : t2;
}
t1 = c2 - c1 - skew;
t1 = ((t1 * CONST64(1000))) / ((ulong64)hash_descriptor[x].blocksize);
printf
("%-20s: Process at %9.3f\n", hash_descriptor[x].name, t1 / 1000.0);
#undef DO2
#undef DO1
}
return 0;
}
int main(void)
{
reg_algs();
printf("Timings for ciphers and hashes. Times are listed as cycles per byte processed.\n\n");
// init_timer();
time_cipher();
time_keysched();
time_hash();
return EXIT_SUCCESS;
}

1157
des.c
View File

File diff suppressed because it is too large Load Diff

6
dh.c
View File

@ -155,8 +155,8 @@ int dh_test(void)
#if 0
printf("dh_test():testing size %d-bits\n", sets[x].size * 8);
#endif
if (mp_read_radix(&g,(unsigned char *)sets[x].base, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&p,(unsigned char *)sets[x].prime, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&g,(char *)sets[x].base, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&p,(char *)sets[x].prime, 64) != MP_OKAY) { goto error; }
/* ensure p is prime */
if ((res = is_prime(&p, &primality)) != CRYPT_OK) { goto done; }
@ -464,7 +464,7 @@ int dh_shared_secret(dh_key *private_key, dh_key *public_key,
return CRYPT_MEM;
}
if (mp_read_radix(&p, (unsigned char *)sets[private_key->idx].prime, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&p, (char *)sets[private_key->idx].prime, 64) != MP_OKAY) { goto error; }
if (mp_exptmod(&public_key->y, &private_key->x, &p, &tmp) != MP_OKAY) { goto error; }
/* enough space for output? */

24
ecc.c
View File

@ -528,8 +528,8 @@ int ecc_test(void)
#if 0
printf("Testing %d\n", sets[i].size);
#endif
if (mp_read_radix(&modulus, (unsigned char *)sets[i].prime, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&order, (unsigned char *)sets[i].order, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&modulus, (char *)sets[i].prime, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&order, (char *)sets[i].order, 64) != MP_OKAY) { goto error; }
/* is prime actually prime? */
if (is_prime(&modulus, &primality) != CRYPT_OK) { goto error; }
@ -545,8 +545,8 @@ int ecc_test(void)
goto done1;
}
if (mp_read_radix(&G->x, (unsigned char *)sets[i].Gx, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&G->y, (unsigned char *)sets[i].Gy, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&G->x, (char *)sets[i].Gx, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&G->y, (char *)sets[i].Gy, 64) != MP_OKAY) { goto error; }
/* then we should have G == (order + 1)G */
if (mp_add_d(&order, 1, &order) != MP_OKAY) { goto error; }
@ -624,9 +624,9 @@ int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key)
}
/* read in the specs for this key */
if (mp_read_radix(&prime, (unsigned char *)sets[key->idx].prime, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&base->x, (unsigned char *)sets[key->idx].Gx, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&base->y, (unsigned char *)sets[key->idx].Gy, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&prime, (char *)sets[key->idx].prime, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&base->x, (char *)sets[key->idx].Gx, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&base->y, (char *)sets[key->idx].Gy, 64) != MP_OKAY) { goto error; }
if (mp_read_unsigned_bin(&key->k, (unsigned char *)buf, keysize) != MP_OKAY) { goto error; }
/* make the public key */
@ -671,12 +671,12 @@ static int compress_y_point(ecc_point *pt, int idx, int *result)
}
/* get x^3 - 3x + b */
if (mp_read_radix(&p, (unsigned char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */
if (mp_read_radix(&p, (char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */
if (mp_expt_d(&pt->x, 3, &tmp) != MP_OKAY) { goto error; } /* tmp = pX^3 */
if (mp_mul_d(&pt->x, 3, &tmp2) != MP_OKAY) { goto error; } /* tmp2 = 3*pX^3 */
if (mp_sub(&tmp, &tmp2, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp - tmp2 */
if (mp_add(&tmp, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp + p */
if (mp_read_radix(&p, (unsigned char *)sets[idx].prime, 64) != MP_OKAY) { goto error; } /* p = prime */
if (mp_read_radix(&p, (char *)sets[idx].prime, 64) != MP_OKAY) { goto error; } /* p = prime */
if (mp_mod(&tmp, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp mod p */
/* now find square root */
@ -713,12 +713,12 @@ static int expand_y_point(ecc_point *pt, int idx, int result)
}
/* get x^3 - 3x + b */
if (mp_read_radix(&p, (unsigned char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */
if (mp_read_radix(&p, (char *)sets[idx].B, 64) != MP_OKAY) { goto error; } /* p = B */
if (mp_expt_d(&pt->x, 3, &tmp) != MP_OKAY) { goto error; } /* tmp = pX^3 */
if (mp_mul_d(&pt->x, 3, &tmp2) != MP_OKAY) { goto error; } /* tmp2 = 3*pX^3 */
if (mp_sub(&tmp, &tmp2, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp - tmp2 */
if (mp_add(&tmp, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp + p */
if (mp_read_radix(&p, (unsigned char *)sets[idx].prime, 64) != MP_OKAY) { goto error; } /* p = prime */
if (mp_read_radix(&p, (char *)sets[idx].prime, 64) != MP_OKAY) { goto error; } /* p = prime */
if (mp_mod(&tmp, &p, &tmp) != MP_OKAY) { goto error; } /* tmp = tmp mod p */
/* now find square root */
@ -935,7 +935,7 @@ int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
return CRYPT_MEM;
}
if (mp_read_radix(&prime, (unsigned char *)sets[private_key->idx].prime, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&prime, (char *)sets[private_key->idx].prime, 64) != MP_OKAY) { goto error; }
if ((res = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime)) != CRYPT_OK) { goto done1; }
x = (unsigned long)mp_unsigned_bin_size(&result->x);

8
ecc_sys.c
View File

@ -238,7 +238,7 @@ int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
ecc_free(&pubkey);
return CRYPT_MEM;
}
if (mp_read_radix(&p, (unsigned char *)sets[key->idx].order, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&p, (char *)sets[key->idx].order, 64) != MP_OKAY) { goto error; }
if (mp_read_unsigned_bin(&b, (unsigned char *)in, (int)inlen) != MP_OKAY) { goto error; }
/* find b = (m - x)/k */
@ -389,7 +389,7 @@ int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
if (mp_read_unsigned_bin(&m, (unsigned char *)hash, (int)inlen) != MP_OKAY) { goto error; }
/* load prime */
if (mp_read_radix(&p, (unsigned char *)sets[key->idx].prime, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&p, (char *)sets[key->idx].prime, 64) != MP_OKAY) { goto error; }
/* calculate barrett stuff */
mp_set(&mu, 1);
@ -406,8 +406,8 @@ int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
if (add_point(&pubkey.pubkey, &key->pubkey, &pubkey.pubkey, &p, &mu) != CRYPT_OK) { goto error; }
/* get mG */
if (mp_read_radix(&mG->x, (unsigned char *)sets[key->idx].Gx, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&mG->y, (unsigned char *)sets[key->idx].Gy, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&mG->x, (char *)sets[key->idx].Gx, 64) != MP_OKAY) { goto error; }
if (mp_read_radix(&mG->y, (char *)sets[key->idx].Gy, 64) != MP_OKAY) { goto error; }
if (ecc_mulmod(&m, mG, mG, &p) != CRYPT_OK) { goto error; }
/* compare mG to bA + Y */

70
makefile
View File

@ -9,7 +9,7 @@
# a build. This is easy to remedy though, for those that have problems.
# The version
VERSION=0.87
VERSION=0.88
#ch1-01-1
# Compiler and Linker Names
@ -28,9 +28,8 @@ CFLAGS += -c -I./ -Wall -Wsign-compare -W -Wno-unused -Wshadow -Werror
# optimize for SPEED
#CFLAGS += -O3 -funroll-loops
#add -fomit-frame-pointer. v3.2 is buggy for certain platforms so this is used for files it is known to work for
#default is off but you may enable this to get further performance [make sure you run the test suite!]
#EXT_CFLAGS = -fomit-frame-pointer
#add -fomit-frame-pointer. v3.2 is buggy for certain platforms!
#CFLAGS += -fomit-frame-pointer
# optimize for SIZE
CFLAGS += -Os
@ -48,6 +47,8 @@ HASH=hashsum
CRYPT=encrypt
SMALL=small
PROF=x86_prof
TV=tv_gen
#LIBPATH-The directory for libtomcrypt to be installed to.
#INCPATH-The directory to install the header files for libtomcrypt.
@ -58,17 +59,22 @@ INCPATH=/usr/include
DATAPATH=/usr/share/doc/libtomcrypt/pdf
#List of objects to compile.
#Leave MPI built-in or force developer to link against libtommath?
MPIOBJECT=mpi.o
OBJECTS=keyring.o gf.o mem.o sprng.o ecc.o base64.o dh.o rsa.o \
bits.o yarrow.o cfb.o ofb.o ecb.o ctr.o cbc.o hash.o tiger.o sha1.o \
md5.o md4.o md2.o sha256.o sha512.o xtea.o aes.o des.o \
safer_tab.o safer.o safer+.o rc4.o rc2.o rc6.o rc5.o cast5.o noekeon.o blowfish.o crypt.o \
mpi.o prime.o twofish.o packet.o hmac.o strings.o
prime.o twofish.o packet.o hmac.o strings.o $(MPIOBJECT)
TESTOBJECTS=demos/test.o
HASHOBJECTS=demos/hashsum.o
CRYPTOBJECTS=demos/encrypt.o
SMALLOBJECTS=demos/small.o
PROFS=demos/x86_prof.o
TVS=demos/tv_gen.o
#Files left over from making the crypt.pdf.
LEFTOVERS=*.dvi *.log *.aux *.toc *.idx *.ilg *.ind
@ -91,45 +97,8 @@ dh.o: dh.c dh_sys.c
aes.o: aes.c aes_tab.c
sha512.o: sha512.c sha384.c
#These are objects that are known to build with -fomit-frame-pointer successfully [RISK!]
aes.o: aes.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c aes.c
blowfish.o: blowfish.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c blowfish.c
cast5.o: cast5.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c cast5.c
des.o: des.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c des.c
twofish.o: twofish.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c twofish.c
md2.o: md2.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c md2.c
md4.o: md4.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c md4.c
md5.o: md5.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c md5.c
sha1.o: sha1.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c sha1.c
sha256.o: sha256.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c sha256.c
sha512.o: sha512.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c sha512.c
tiger.o: tiger.c
$(CC) $(CFLAGS) $(EXT_CFLAGS) -c tiger.c
#This rule makes the libtomcrypt library.
library: $(OBJECTS)
library: $(OBJECTS)
$(AR) $(ARFLAGS) $(LIBNAME) $(OBJECTS)
ranlib $(LIBNAME)
@ -150,7 +119,10 @@ small: library $(SMALLOBJECTS)
$(CC) $(SMALLOBJECTS) $(LIBNAME) -o $(SMALL) $(WARN)
x86_prof: library $(PROFS)
$(CC) demos/x86_prof.o $(LIBNAME) -o $(PROF)
$(CC) $(PROFS) $(LIBNAME) -o $(PROF)
tv_gen: library $(TVS)
$(CC) $(TVS) $(LIBNAME) -o $(TV)
#This rule installs the library and the header files. This must be run
#as root in order to have a high enough permission to write to the correct
@ -167,8 +139,8 @@ install: library docs
#documentation.
clean:
rm -f $(OBJECTS) $(TESTOBJECTS) $(HASHOBJECTS) $(CRYPTOBJECTS) $(SMALLOBJECTS) $(LEFTOVERS) $(LIBNAME)
rm -f $(TEST) $(HASH) $(COMPRESSED)
rm -f *stackdump *.lib *.exe *.obj demos/*.obj demos/*.o *.bat
rm -f $(TEST) $(HASH) $(COMPRESSED) $(PROFS) $(PROF) $(TVS) $(TV)
rm -f *stackdump *.lib *.exe *.obj demos/*.obj demos/*.o *.bat hash_tv.txt cipher_tv.txt
#This builds the crypt.pdf file. Note that the rm -f *.pdf has been removed
#from the clean command! This is because most people would like to keep the
@ -181,6 +153,12 @@ docs: crypt.tex
pdflatex crypt > /dev/null
rm -f $(LEFTOVERS)
#beta
beta: clean
cd .. ; rm -rf crypt* libtomcrypt-$(VERSION)-beta ; mkdir libtomcrypt-$(VERSION)-beta ; \
cp -R ./libtomcrypt/* ./libtomcrypt-$(VERSION)-beta/ ; tar -c libtomcrypt-$(VERSION)-beta/* > crypt-$(VERSION)-beta.tar ; \
bzip2 -9vv crypt-$(VERSION)-beta.tar ; zip -9 -r crypt-$(VERSION)-beta.zip libtomcrypt-$(VERSION)-beta/*
#zipup the project (take that!)
zipup: clean docs
cd .. ; rm -rf crypt* libtomcrypt-$(VERSION) ; mkdir libtomcrypt-$(VERSION) ; \

7
makefile.msvc
View File

@ -12,7 +12,7 @@ OBJECTS=keyring.obj gf.obj mem.obj sprng.obj ecc.obj base64.obj dh.obj rsa.obj \
bits.obj yarrow.obj cfb.obj ofb.obj ecb.obj ctr.obj cbc.obj hash.obj tiger.obj sha1.obj \
md5.obj md4.obj md2.obj sha256.obj sha512.obj xtea.obj aes.obj des.obj \
safer_tab.obj safer.obj safer+.obj rc4.obj rc2.obj rc6.obj rc5.obj cast5.obj noekeon.obj \
blowfish.obj crypt.obj mpi.obj prime.obj twofish.obj packet.obj hmac.obj strings.obj
blowfish.obj crypt.obj mpi.obj prime.obj twofish.obj packet.obj hmac.obj strings.obj
library: $(OBJECTS)
lib /out:tomcrypt.lib $(OBJECTS)
@ -24,4 +24,7 @@ test: library test.obj
cl test.obj tomcrypt.lib advapi32.lib
x86_prof: demos/x86_prof.c library
cl $(CFLAGS) demos/x86_prof.c tomcrypt.lib advapi32.lib
cl $(CFLAGS) demos/x86_prof.c tomcrypt.lib advapi32.lib
tv_gen: demos/tv_gen.c library
cl $(CFLAGS) demos/tv_gen.c tomcrypt.lib advapi32.lib

8
md5.c
View File

@ -20,16 +20,16 @@ const struct _hash_descriptor md5_desc =
#define I(x,y,z) (y^(x|(~z)))
#define FF(a,b,c,d,M,s,t) \
a = (a + F(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
a = (a + F(b,c,d) + M + t); a = ROL(a, s) + b;
#define GG(a,b,c,d,M,s,t) \
a = (a + G(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
a = (a + G(b,c,d) + M + t); a = ROL(a, s) + b;
#define HH(a,b,c,d,M,s,t) \
a = (a + H(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
a = (a + H(b,c,d) + M + t); a = ROL(a, s) + b;
#define II(a,b,c,d,M,s,t) \
a = (a + I(b,c,d) + M + t); a = ROL(a, s); a = (b + a);
a = (a + I(b,c,d) + M + t); a = ROL(a, s) + b;
#ifdef CLEAN_STACK
static void _md5_compress(hash_state *md)

3265
mpi.c
View File

File diff suppressed because it is too large Load Diff

4
mycrypt.h
View File

@ -16,8 +16,8 @@ extern "C" {
#endif
/* version */
#define CRYPT 0x0086
#define SCRYPT "0.86"
#define CRYPT 0x0088
#define SCRYPT "0.88"
/* max size of either a cipher/hash block or symmetric key [largest of the two] */
#define MAXBLOCKSIZE 128

22
mycrypt_cipher.h
View File

@ -5,21 +5,21 @@
*/
#ifdef BLOWFISH
struct blowfish_key {
unsigned long S[4][256];
unsigned long K[18];
ulong32 S[4][256];
ulong32 K[18];
};
#endif
#ifdef RC5
struct rc5_key {
int rounds;
unsigned long K[50];
ulong32 K[50];
};
#endif
#ifdef RC6
struct rc6_key {
unsigned long K[44];
ulong32 K[44];
};
#endif
@ -32,7 +32,7 @@ struct saferp_key {
#ifdef RIJNDAEL
struct rijndael_key {
unsigned long eK[64], dK[64];
ulong32 eK[64], dK[64];
int Nr;
};
#endif
@ -46,11 +46,11 @@ struct xtea_key {
#ifdef TWOFISH
#ifndef TWOFISH_SMALL
struct twofish_key {
unsigned long S[4][256], K[40];
ulong32 S[4][256], K[40];
};
#else
struct twofish_key {
unsigned long K[40];
ulong32 K[40];
unsigned char S[32], start;
};
#endif
@ -75,23 +75,23 @@ struct rc2_key { unsigned xkey[64]; };
#ifdef DES
struct des_key {
unsigned long ek[32], dk[32];
ulong32 ek[32], dk[32];
};
struct des3_key {
unsigned long ek[3][32], dk[3][32];
ulong32 ek[3][32], dk[3][32];
};
#endif
#ifdef CAST5
struct cast5_key {
unsigned long K[32], keylen;
ulong32 K[32], keylen;
};
#endif
#ifdef NOEKEON
struct noekeon_key {
unsigned long K[4], dK[4];
ulong32 K[4], dK[4];
};
#endif

4
mycrypt_custom.h
View File

@ -15,9 +15,8 @@
#define XFREE free
#define XCLOCK clock
#define XCLOCKS_PER_SEC CLOCKS_PER_SEC
#define TWOFISH_TABLES
//#define SMALL_CODE
#define LTC_TEST
#define SMALL_CODE
#define BLOWFISH
#define RC2
#define RC5
@ -25,6 +24,7 @@
#define SAFERP
#define SAFER
#define RIJNDAEL
#define SERPENT
#define XTEA
#define TWOFISH
#define DES

5
mycrypt_macros.h
View File

@ -7,6 +7,11 @@
typedef unsigned long long ulong64;
#endif
/* this is the "32-bit at least" data type
* Re-define it to suit your platform but it must be at least 32-bits
*/
typedef unsigned long ulong32;
extern char *crypt_error;
/* ---- HELPER MACROS ---- */

16
noekeon.c
View File

@ -15,7 +15,7 @@ const struct _cipher_descriptor noekeon_desc =
&noekeon_keysize
};
static const unsigned long RC[] = {
static const ulong32 RC[] = {
0x00000080UL, 0x0000001bUL, 0x00000036UL, 0x0000006cUL,
0x000000d8UL, 0x000000abUL, 0x0000004dUL, 0x0000009aUL,
0x0000002fUL, 0x0000005eUL, 0x000000bcUL, 0x00000063UL,
@ -54,7 +54,7 @@ static const unsigned long RC[] = {
int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
{
unsigned long temp;
ulong32 temp;
_ARGCHK(key != NULL);
_ARGCHK(skey != NULL);
@ -88,7 +88,7 @@ static void _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sym
void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
#endif
{
unsigned long a,b,c,d,temp;
ulong32 a,b,c,d,temp;
int r;
_ARGCHK(key != NULL);
@ -105,11 +105,9 @@ void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
GAMMA(a,b,c,d); \
PI2(a,b,c,d);
for (r = 0; r < 16; r += 4) {
for (r = 0; r < 16; r += 2) {
ROUND(0);
ROUND(1);
ROUND(2);
ROUND(3);
}
#undef ROUND
@ -125,7 +123,7 @@ void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
{
_noekeon_ecb_encrypt(pt, ct, key);
burn_stack(sizeof(unsigned long) * 5 + sizeof(int));
burn_stack(sizeof(ulong32) * 5 + sizeof(int));
}
#endif
@ -135,7 +133,7 @@ static void _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sym
void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
#endif
{
unsigned long a,b,c,d, temp;
ulong32 a,b,c,d, temp;
int r;
_ARGCHK(key != NULL);
@ -170,7 +168,7 @@ void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
{
_noekeon_ecb_decrypt(ct, pt, key);
burn_stack(sizeof(unsigned long) * 5 + sizeof(int));
burn_stack(sizeof(ulong32) * 5 + sizeof(int));
}
#endif

47
rc5.c
View File

@ -14,16 +14,27 @@ const struct _cipher_descriptor rc5_desc =
&rc5_keysize
};
static const ulong32 stab[50] = {
0xb7e15163UL, 0x5618cb1cUL, 0xf45044d5UL, 0x9287be8eUL, 0x30bf3847UL, 0xcef6b200UL, 0x6d2e2bb9UL, 0x0b65a572UL,
0xa99d1f2bUL, 0x47d498e4UL, 0xe60c129dUL, 0x84438c56UL, 0x227b060fUL, 0xc0b27fc8UL, 0x5ee9f981UL, 0xfd21733aUL,
0x9b58ecf3UL, 0x399066acUL, 0xd7c7e065UL, 0x75ff5a1eUL, 0x1436d3d7UL, 0xb26e4d90UL, 0x50a5c749UL, 0xeedd4102UL,
0x8d14babbUL, 0x2b4c3474UL, 0xc983ae2dUL, 0x67bb27e6UL, 0x05f2a19fUL, 0xa42a1b58UL, 0x42619511UL, 0xe0990ecaUL,
0x7ed08883UL, 0x1d08023cUL, 0xbb3f7bf5UL, 0x5976f5aeUL, 0xf7ae6f67UL, 0x95e5e920UL, 0x341d62d9UL, 0xd254dc92UL,
0x708c564bUL, 0x0ec3d004UL, 0xacfb49bdUL, 0x4b32c376UL, 0xe96a3d2fUL, 0x87a1b6e8UL, 0x25d930a1UL, 0xc410aa5aUL,
0x62482413UL, 0x007f9dccUL
};
#ifdef CLEAN_STACK
static int _rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
#else
int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
#endif
{
unsigned long L[64], S[50], A, B, i, j, v, s, t, l;
ulong32 L[64], *S, A, B, i, j, v, s, t, l;
_ARGCHK(skey != NULL);
_ARGCHK(key != NULL);
/* test parameters */
if (num_rounds == 0) {
@ -38,10 +49,13 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
if (keylen < 8 || keylen > 128) {
return CRYPT_INVALID_KEYSIZE;
}
skey->rc5.rounds = num_rounds;
S = skey->rc5.K;
/* copy the key into the L array */
for (A = i = j = 0; i < (unsigned long)keylen; ) {
A = (A << 8) | ((unsigned long)(key[i++] & 255));
for (A = i = j = 0; i < (ulong32)keylen; ) {
A = (A << 8) | ((ulong32)(key[i++] & 255));
if ((i & 3) == 0) {
L[j++] = BSWAP(A);
A = 0;
@ -49,14 +63,13 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
}
if ((keylen & 3) != 0) {
A <<= (unsigned long)((8 * (4 - (keylen&3))));
A <<= (ulong32)((8 * (4 - (keylen&3))));
L[j++] = BSWAP(A);
}
/* setup the S array */
t = (unsigned long)(2 * (num_rounds + 1));
S[0] = 0xB7E15163UL;
for (i = 1; i < t; i++) S[i] = S[i - 1] + 0x9E3779B9UL;
t = (ulong32)(2 * (num_rounds + 1));
memcpy(S, stab, t * sizeof(stab[0]));
/* mix buffer */
s = 3 * MAX(t, j);
@ -64,15 +77,9 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
for (A = B = i = j = v = 0; v < s; v++) {
A = S[i] = ROL(S[i] + A + B, 3);
B = L[j] = ROL(L[j] + A + B, (A+B));
i = (i + 1) % t;
j = (j + 1) % l;
if (++i == t) { i = 0; }
if (++j == l) { j = 0; }
}
/* copy to key */
for (i = 0; i < t; i++) {
skey->rc5.K[i] = S[i];
}
skey->rc5.rounds = num_rounds;
return CRYPT_OK;
}
@ -81,7 +88,7 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
{
int x;
x = _rc5_setup(key, keylen, num_rounds, skey);
burn_stack(sizeof(unsigned long) * 122 + sizeof(int));
burn_stack(sizeof(ulong32) * 122 + sizeof(int));
return x;
}
#endif
@ -92,7 +99,7 @@ static void _rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetr
void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
#endif
{
unsigned long A, B, *K;
ulong32 A, B, *K;
int r;
_ARGCHK(key != NULL);
_ARGCHK(pt != NULL);
@ -127,7 +134,7 @@ void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
{
_rc5_ecb_encrypt(pt, ct, key);
burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
burn_stack(sizeof(ulong32) * 2 + sizeof(int));
}
#endif
@ -137,7 +144,7 @@ static void _rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetr
void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
#endif
{
unsigned long A, B, *K;
ulong32 A, B, *K;
int r;
_ARGCHK(key != NULL);
_ARGCHK(pt != NULL);
@ -173,7 +180,7 @@ void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
{
_rc5_ecb_decrypt(ct, pt, key);
burn_stack(sizeof(unsigned long) * 2 + sizeof(int));
burn_stack(sizeof(ulong32) * 2 + sizeof(int));
}
#endif

37
rc6.c
View File

@ -14,13 +14,21 @@ const struct _cipher_descriptor rc6_desc =
&rc6_keysize
};
static const ulong32 stab[44] = {
0xb7e15163UL, 0x5618cb1cUL, 0xf45044d5UL, 0x9287be8eUL, 0x30bf3847UL, 0xcef6b200UL, 0x6d2e2bb9UL, 0x0b65a572UL,
0xa99d1f2bUL, 0x47d498e4UL, 0xe60c129dUL, 0x84438c56UL, 0x227b060fUL, 0xc0b27fc8UL, 0x5ee9f981UL, 0xfd21733aUL,
0x9b58ecf3UL, 0x399066acUL, 0xd7c7e065UL, 0x75ff5a1eUL, 0x1436d3d7UL, 0xb26e4d90UL, 0x50a5c749UL, 0xeedd4102UL,
0x8d14babbUL, 0x2b4c3474UL, 0xc983ae2dUL, 0x67bb27e6UL, 0x05f2a19fUL, 0xa42a1b58UL, 0x42619511UL, 0xe0990ecaUL,
0x7ed08883UL, 0x1d08023cUL, 0xbb3f7bf5UL, 0x5976f5aeUL, 0xf7ae6f67UL, 0x95e5e920UL, 0x341d62d9UL, 0xd254dc92UL,
0x708c564bUL, 0x0ec3d004UL, 0xacfb49bdUL, 0x4b32c376UL };
#ifdef CLEAN_STACK
static int _rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
#else
int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
#endif
{
unsigned long L[64], S[50], A, B, i, j, v, s, t, l;
ulong32 L[64], S[50], A, B, i, j, v, s, l;
_ARGCHK(key != NULL);
_ARGCHK(skey != NULL);
@ -36,8 +44,8 @@ int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
}
/* copy the key into the L array */
for (A = i = j = 0; i < (unsigned long)keylen; ) {
A = (A << 8) | ((unsigned long)(key[i++] & 255));
for (A = i = j = 0; i < (ulong32)keylen; ) {
A = (A << 8) | ((ulong32)(key[i++] & 255));
if (!(i & 3)) {
L[j++] = BSWAP(A);
A = 0;
@ -51,23 +59,20 @@ int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
}
/* setup the S array */
t = 44; /* fixed at 20 rounds */
S[0] = 0xB7E15163UL;
for (i = 1; i < t; i++)
S[i] = S[i - 1] + 0x9E3779B9UL;
memcpy(S, stab, 44 * sizeof(stab[0]));
/* mix buffer */
s = 3 * MAX(t, j);
s = 3 * MAX(44, j);
l = j;
for (A = B = i = j = v = 0; v < s; v++) {
A = S[i] = ROL(S[i] + A + B, 3);
B = L[j] = ROL(L[j] + A + B, (A+B));
i = (i + 1) % t;
j = (j + 1) % l;
if (++i == 44) { i = 0; }
if (++j == l) { j = 0; }
}
/* copy to key */
for (i = 0; i < t; i++) {
for (i = 0; i < 44; i++) {
skey->rc6.K[i] = S[i];
}
return CRYPT_OK;
@ -78,7 +83,7 @@ int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
{
int x;
x = _rc6_setup(key, keylen, num_rounds, skey);
burn_stack(sizeof(unsigned long) * 122);
burn_stack(sizeof(ulong32) * 122);
return x;
}
#endif
@ -89,7 +94,7 @@ static void _rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetr
void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
#endif
{
unsigned long a,b,c,d,t,u, *K;
ulong32 a,b,c,d,t,u, *K;
int r;
_ARGCHK(key != NULL);
@ -125,7 +130,7 @@ void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
{
_rc6_ecb_encrypt(pt, ct, key);
burn_stack(sizeof(unsigned long) * 6 + sizeof(int));
burn_stack(sizeof(ulong32) * 6 + sizeof(int));
}
#endif
@ -135,7 +140,7 @@ static void _rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetr
void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
#endif
{
unsigned long a,b,c,d,t,u, *K;
ulong32 a,b,c,d,t,u, *K;
int r;
_ARGCHK(key != NULL);
@ -172,7 +177,7 @@ void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
{
_rc6_ecb_decrypt(ct, pt, key);
burn_stack(sizeof(unsigned long) * 6 + sizeof(int));
burn_stack(sizeof(ulong32) * 6 + sizeof(int));
}
#endif

14
safer+.c
View File

@ -190,7 +190,7 @@ static const unsigned char safer_bias[33][16] = {
int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
{
unsigned x, y;
unsigned x, y, z;
unsigned char t[33];
static const int rounds[3] = { 8, 12, 16 };
@ -231,8 +231,10 @@ int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric
}
/* select and add */
z = x;
for (y = 0; y < 16; y++) {
skey->saferp.K[x][y] = (t[(x+y)%17] + safer_bias[x-1][y]) & 255;
skey->saferp.K[x][y] = (t[z] + safer_bias[x-1][y]) & 255;
if (++z == 17) { z = 0; }
}
}
skey->saferp.rounds = 8;
@ -256,8 +258,10 @@ int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric
}
/* select and add */
z = x;
for (y = 0; y < 16; y++) {
skey->saferp.K[x][y] = (t[(x+y)%25] + safer_bias[x-1][y]) & 255;
skey->saferp.K[x][y] = (t[z] + safer_bias[x-1][y]) & 255;
if (++z == 25) { z = 0; }
}
}
skey->saferp.rounds = 12;
@ -281,8 +285,10 @@ int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric
}
/* select and add */
z = x;
for (y = 0; y < 16; y++) {
skey->saferp.K[x][y] = (t[(x+y)%33] + safer_bias[x-1][y]) & 255;
skey->saferp.K[x][y] = (t[z] + safer_bias[x-1][y]) & 255;
if (++z == 33) { z = 0; }
}
}
skey->saferp.rounds = 16;

17
safer.c
View File

@ -91,7 +91,7 @@ static void Safer_Expand_Userkey(const unsigned char *userkey_1,
int strengthened,
safer_key_t key)
#endif
{ unsigned int i, j;
{ unsigned int i, j, k;
unsigned char ka[SAFER_BLOCK_LEN + 1];
unsigned char kb[SAFER_BLOCK_LEN + 1];
@ -100,6 +100,7 @@ static void Safer_Expand_Userkey(const unsigned char *userkey_1,
*key++ = (unsigned char)nof_rounds;
ka[SAFER_BLOCK_LEN] = (unsigned char)0;
kb[SAFER_BLOCK_LEN] = (unsigned char)0;
k = 0;
for (j = 0; j < SAFER_BLOCK_LEN; j++) {
ka[j] = ROL8(userkey_1[j], 5);
ka[SAFER_BLOCK_LEN] ^= ka[j];
@ -111,18 +112,28 @@ static void Safer_Expand_Userkey(const unsigned char *userkey_1,
ka[j] = ROL8(ka[j], 6);
kb[j] = ROL8(kb[j], 6);
}
if (strengthened) {
k = 2 * i - 1;
while (k >= (SAFER_BLOCK_LEN + 1)) { k -= SAFER_BLOCK_LEN + 1; }
}
for (j = 0; j < SAFER_BLOCK_LEN; j++) {
if (strengthened) {
*key++ = (ka[(j + 2 * i - 1) % (SAFER_BLOCK_LEN + 1)]
*key++ = (ka[k]
+ safer_ebox[(int)safer_ebox[(int)((18 * i + j + 1)&0xFF)]]) & 0xFF;
if (++k == (SAFER_BLOCK_LEN + 1)) { k = 0; }
} else {
*key++ = (ka[j] + safer_ebox[(int)safer_ebox[(int)((18 * i + j + 1)&0xFF)]]) & 0xFF;
}
}
if (strengthened) {
k = 2 * i;
while (k >= (SAFER_BLOCK_LEN + 1)) { k -= SAFER_BLOCK_LEN + 1; }
}
for (j = 0; j < SAFER_BLOCK_LEN; j++) {
if (strengthened) {
*key++ = (kb[(j + 2 * i) % (SAFER_BLOCK_LEN + 1)]
*key++ = (kb[k]
+ safer_ebox[(int)safer_ebox[(int)((18 * i + j + 10)&0xFF)]]) & 0xFF;
if (++k == (SAFER_BLOCK_LEN + 1)) { k = 0; }
} else {
*key++ = (kb[j] + safer_ebox[(int)safer_ebox[(int)((18 * i + j + 10)&0xFF)]]) & 0xFF;
}

67
sha1.c
View File

@ -25,7 +25,7 @@ static void _sha1_compress(hash_state *md)
static void sha1_compress(hash_state *md)
#endif
{
unsigned long a,b,c,d,e,W[80],i,j;
unsigned long a,b,c,d,e,W[80],i;
_ARGCHK(md != NULL);
@ -43,52 +43,57 @@ static void sha1_compress(hash_state *md)
/* expand it */
for (i = 16; i < 80; i++) {
j = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16];
W[i] = ROL(j, 1);
W[i] = ROL(W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16], 1);
}
/* compress */
/* round one */
for (i = 0; i < 20; i++) {
j = (ROL(a, 5) + F0(b,c,d) + e + W[i] + 0x5a827999UL);
e = d;
d = c;
c = ROL(b, 30);
b = a;
a = j;
#define FF0(a,b,c,d,e,i) e = (ROL(a, 5) + F0(b,c,d) + e + W[i] + 0x5a827999UL); b = ROL(b, 30);
#define FF1(a,b,c,d,e,i) e = (ROL(a, 5) + F1(b,c,d) + e + W[i] + 0x6ed9eba1UL); b = ROL(b, 30);
#define FF2(a,b,c,d,e,i) e = (ROL(a, 5) + F2(b,c,d) + e + W[i] + 0x8f1bbcdcUL); b = ROL(b, 30);
#define FF3(a,b,c,d,e,i) e = (ROL(a, 5) + F3(b,c,d) + e + W[i] + 0xca62c1d6UL); b = ROL(b, 30);
for (i = 0; i < 20; ) {
FF0(a,b,c,d,e,i++);
FF0(e,a,b,c,d,i++);
FF0(d,e,a,b,c,i++);
FF0(c,d,e,a,b,i++);
FF0(b,c,d,e,a,i++);
}
/* round two */
for (i = 20; i < 40; i++) {
j = (ROL(a, 5) + F1(b,c,d) + e + W[i] + 0x6ed9eba1UL);
e = d;
d = c;
c = ROL(b, 30);
b = a;
a = j;
for (i = 20; i < 40; ) {
FF1(a,b,c,d,e,i++);
FF1(e,a,b,c,d,i++);
FF1(d,e,a,b,c,i++);
FF1(c,d,e,a,b,i++);
FF1(b,c,d,e,a,i++);
}
/* round three */
for (i = 40; i < 60; i++) {
j = (ROL(a, 5) + F2(b,c,d) + e + W[i] + 0x8f1bbcdcUL);
e = d;
d = c;
c = ROL(b, 30);
b = a;
a = j;
for (i = 40; i < 60; ) {
FF2(a,b,c,d,e,i++);
FF2(e,a,b,c,d,i++);
FF2(d,e,a,b,c,i++);
FF2(c,d,e,a,b,i++);
FF2(b,c,d,e,a,i++);
}
/* round four */
for (i = 60; i < 80; i++) {
j = (ROL(a, 5) + F3(b,c,d) + e + W[i] + 0xca62c1d6UL);
e = d;
d = c;
c = ROL(b, 30);
b = a;
a = j;
for (i = 60; i < 80; ) {
FF3(a,b,c,d,e,i++);
FF3(e,a,b,c,d,i++);
FF3(d,e,a,b,c,i++);
FF3(c,d,e,a,b,i++);
FF3(b,c,d,e,a,i++);
}
#undef FF0
#undef FF1
#undef FF2
#undef FF3
/* store */
md->sha1.state[0] = md->sha1.state[0] + a;
md->sha1.state[1] = md->sha1.state[1] + b;

79
sha256.c
View File

@ -54,8 +54,9 @@ static void sha256_compress(hash_state * md)
_ARGCHK(md != NULL);
/* copy state into S */
for (i = 0; i < 8; i++)
for (i = 0; i < 8; i++) {
S[i] = md->sha256.state[i];
}
/* copy the state into 512-bits into W[0..15] */
for (i = 0; i < 16; i++) {
@ -68,6 +69,7 @@ static void sha256_compress(hash_state * md)
}
/* Compress */
#ifdef SMALL_CODE
for (i = 0; i < 64; i++) {
t0 = S[7] + Sigma1(S[4]) + Ch(S[4], S[5], S[6]) + K[i] + W[i];
t1 = Sigma0(S[0]) + Maj(S[0], S[1], S[2]);
@ -80,6 +82,81 @@ static void sha256_compress(hash_state * md)
S[1] = S[0];
S[0] = t0 + t1;
}
#else
#define RND(a,b,c,d,e,f,g,h,i,ki) \
t0 = h + Sigma1(e) + Ch(e, f, g) + ki + W[i]; \
t1 = Sigma0(a) + Maj(a, b, c); \
d += t0; \
h = t0 + t1;
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],0,0x428a2f98);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],1,0x71374491);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],2,0xb5c0fbcf);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],3,0xe9b5dba5);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],4,0x3956c25b);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],5,0x59f111f1);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],6,0x923f82a4);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],7,0xab1c5ed5);
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],8,0xd807aa98);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],9,0x12835b01);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],10,0x243185be);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],11,0x550c7dc3);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],12,0x72be5d74);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],13,0x80deb1fe);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],14,0x9bdc06a7);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],15,0xc19bf174);
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],16,0xe49b69c1);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],17,0xefbe4786);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],18,0x0fc19dc6);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],19,0x240ca1cc);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],20,0x2de92c6f);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],21,0x4a7484aa);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],22,0x5cb0a9dc);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],23,0x76f988da);
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],24,0x983e5152);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],25,0xa831c66d);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],26,0xb00327c8);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],27,0xbf597fc7);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],28,0xc6e00bf3);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],29,0xd5a79147);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],30,0x06ca6351);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],31,0x14292967);
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],32,0x27b70a85);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],33,0x2e1b2138);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],34,0x4d2c6dfc);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],35,0x53380d13);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],36,0x650a7354);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],37,0x766a0abb);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],38,0x81c2c92e);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],39,0x92722c85);
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],40,0xa2bfe8a1);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],41,0xa81a664b);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],42,0xc24b8b70);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],43,0xc76c51a3);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],44,0xd192e819);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],45,0xd6990624);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],46,0xf40e3585);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],47,0x106aa070);
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],48,0x19a4c116);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],49,0x1e376c08);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],50,0x2748774c);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],51,0x34b0bcb5);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],52,0x391c0cb3);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],53,0x4ed8aa4a);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],54,0x5b9cca4f);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],55,0x682e6ff3);
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],56,0x748f82ee);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],57,0x78a5636f);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],58,0x84c87814);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],59,0x8cc70208);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],60,0x90befffa);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],61,0xa4506ceb);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],62,0xbef9a3f7);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],63,0xc67178f2);
#undef RND
#endif
/* feedback */
for (i = 0; i < 8; i++) {

20
sha512.c
View File

@ -95,6 +95,7 @@ static void sha512_compress(hash_state * md)
}
/* Compress */
#ifdef SMALL_CODE
for (i = 0; i < 80; i++) {
t0 = S[7] + Sigma1(S[4]) + Ch(S[4], S[5], S[6]) + K[i] + W[i];
t1 = Sigma0(S[0]) + Maj(S[0], S[1], S[2]);
@ -107,6 +108,25 @@ static void sha512_compress(hash_state * md)
S[1] = S[0];
S[0] = t0 + t1;
}
#else
#define RND(a,b,c,d,e,f,g,h,i) \
t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \
t1 = Sigma0(a) + Maj(a, b, c); \
d += t0; \
h = t0 + t1;
for (i = 0; i < 80; i += 8) {
RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],i+0);
RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],i+1);
RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],i+2);
RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],i+3);
RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],i+4);
RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],i+5);
RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],i+6);
RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],i+7);
}
#endif
/* feedback */
for (i = 0; i < 8; i++) {

20
tommath.h
View File

@ -85,6 +85,7 @@ extern "C" {
#define DIGIT_BIT 31
#else
#define DIGIT_BIT 28
#define MP_28BIT
#endif
#endif
@ -120,11 +121,21 @@ extern int KARATSUBA_MUL_CUTOFF,
TOOM_SQR_CUTOFF;
/* various build options */
#define MP_PREC 64 /* default digits of precision (must be power of two) */
#define MP_PREC 64 /* default digits of precision (must be power of two) */
/* define this to use lower memory usage routines (exptmods mostly) */
/* #define MP_LOW_MEM */
/* have no cpu based mult? */
/* #define SLOW_MULT */
#ifdef SLOW_MULT
#define MULT(x, y) s_mp_mult((x), (y))
mp_word s_mp_mult(mp_digit, mp_digit);
#else
#define MULT(x, y) (((mp_word)(x)) * ((mp_word)(y)))
#endif
/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */
#define MP_WARRAY (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
@ -166,7 +177,7 @@ int mp_init_size(mp_int *a, int size);
/* ---> Basic Manipulations <--- */
#define mp_iszero(a) (((a)->used == 0) ? 1 : 0)
#define mp_iseven(a) (((a)->used == 0 || (((a)->dp[0] & 1) == 0)) ? 1 : 0)
#define mp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? 1 : 0)
#define mp_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? 1 : 0)
/* set to zero */
@ -213,6 +224,9 @@ int mp_mod_2d(mp_int *a, int b, mp_int *c);
/* computes a = 2**b */
int mp_2expt(mp_int *a, int b);
/* Counts the number of lsbs which are zero before the first zero bit */
int mp_cnt_lsb(mp_int *a);
/* makes a pseudo-random int of a given size */
int mp_rand(mp_int *a, int digits);
@ -451,6 +465,8 @@ int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int mode);
int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
void bn_reverse(unsigned char *s, int len);
extern const char *mp_s_rmap;
#ifdef __cplusplus
}
#endif

92
twofish.c
View File

@ -101,7 +101,7 @@ static const unsigned char SBOX[2][256] = {
0x86, 0x56, 0x55, 0x09, 0xbe, 0x91}
};
static const unsigned long mds_tab[4][256] = {
static const ulong32 mds_tab[4][256] = {
{
0x00000000UL, 0xefef5b01UL, 0xb7b7b602UL, 0x5858ed03UL, 0x07070504UL, 0xe8e85e05UL, 0xb0b0b306UL, 0x5f5fe807UL,
0x0e0e0a08UL, 0xe1e15109UL, 0xb9b9bc0aUL, 0x5656e70bUL, 0x09090f0cUL, 0xe6e6540dUL, 0xbebeb90eUL, 0x5151e20fUL,
@ -239,7 +239,7 @@ static const unsigned long mds_tab[4][256] = {
0xc6baf8c6UL, 0x9d55f99dUL, 0x700dfa70UL, 0x2be2fb2bUL, 0xc3bdfcc3UL, 0x9852fd98UL, 0x750afe75UL, 0x2ee5ff2eUL
}};
#define sbox(i, x) ((unsigned long)SBOX[i][(x)&255])
#define sbox(i, x) ((ulong32)SBOX[i][(x)&255])
#else
@ -261,9 +261,9 @@ static const unsigned char qbox[2][4][16] = {
/* computes S_i[x] */
#ifdef CLEAN_STACK
static unsigned long _sbox(int i, unsigned long x)
static ulong32 _sbox(int i, ulong32 x)
#else
static unsigned long sbox(int i, unsigned long x)
static ulong32 sbox(int i, ulong32 x)
#endif
{
unsigned char a0,b0,a1,b1,a2,b2,a3,b3,a4,b4,y;
@ -296,13 +296,13 @@ static unsigned long sbox(int i, unsigned long x)
y = (b4 << 4) + a4;
/* return result */
return (unsigned long)y;
return (ulong32)y;
}
#ifdef CLEAN_STACK
static unsigned long sbox(int i, unsigned long x)
static ulong32 sbox(int i, ulong32 x)
{
unsigned long y;
ulong32 y;
y = _sbox(i, x);
burn_stack(sizeof(unsigned char) * 11);
return y;
@ -312,22 +312,22 @@ static unsigned long sbox(int i, unsigned long x)
#endif /* TWOFISH_TABLES */
/* computes ab mod p */
static unsigned long gf_mult(unsigned long a, unsigned long b, unsigned long p)
static ulong32 gf_mult(ulong32 a, ulong32 b, ulong32 p)
{
unsigned long result = 0, B[2], P[2];
ulong32 result = 0, B[2], P[2];
P[1] = p;
B[1] = b;
P[0] = B[0] = 0;
/* unrolled branchless GF multiplier */
result ^= B[a&1]; a >>= 1; B[1] <<= 1; B[1] ^= P[B[1]>>8];
result ^= B[a&1]; a >>= 1; B[1] <<= 1; B[1] ^= P[B[1]>>8];
result ^= B[a&1]; a >>= 1; B[1] <<= 1; B[1] ^= P[B[1]>>8];
result ^= B[a&1]; a >>= 1; B[1] <<= 1; B[1] ^= P[B[1]>>8];
result ^= B[a&1]; a >>= 1; B[1] <<= 1; B[1] ^= P[B[1]>>8];
result ^= B[a&1]; a >>= 1; B[1] <<= 1; B[1] ^= P[B[1]>>8];
result ^= B[a&1]; a >>= 1; B[1] <<= 1; B[1] ^= P[B[1]>>8];
result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1);
result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1);
result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1);
result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1);
result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1);
result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1);
result ^= B[a&1]; a >>= 1; B[1] = P[B[1]>>7] ^ (B[1] << 1);
result ^= B[a&1];
return result;
@ -335,9 +335,9 @@ static unsigned long gf_mult(unsigned long a, unsigned long b, unsigned long p)
/* computes [y0 y1 y2 y3] = MDS . [x0] */
#ifndef TWOFISH_TABLES
static unsigned long mds_column_mult(unsigned char in, int col)
static ulong32 mds_column_mult(unsigned char in, int col)
{
unsigned long x01, x5B, xEF;
ulong32 x01, x5B, xEF;
x01 = in;
x5B = gf_mult(in, 0x5B, MDS_POLY);
@ -379,7 +379,7 @@ static unsigned long mds_column_mult(unsigned char in, int col)
static void mds_mult(const unsigned char *in, unsigned char *out)
{
int x;
unsigned long tmp;
ulong32 tmp;
for (tmp = x = 0; x < 4; x++) {
tmp ^= mds_column_mult(in[x], x);
}
@ -407,20 +407,20 @@ static void h_func(const unsigned char *in, unsigned char *out, unsigned char *M
switch (k) {
case 4:
y[0] = (unsigned char)(sbox(1, (unsigned long)y[0]) ^ M[4 * (6 + offset) + 0]);
y[1] = (unsigned char)(sbox(0, (unsigned long)y[1]) ^ M[4 * (6 + offset) + 1]);
y[2] = (unsigned char)(sbox(0, (unsigned long)y[2]) ^ M[4 * (6 + offset) + 2]);
y[3] = (unsigned char)(sbox(1, (unsigned long)y[3]) ^ M[4 * (6 + offset) + 3]);
y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (6 + offset) + 0]);
y[1] = (unsigned char)(sbox(0, (ulong32)y[1]) ^ M[4 * (6 + offset) + 1]);
y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (6 + offset) + 2]);
y[3] = (unsigned char)(sbox(1, (ulong32)y[3]) ^ M[4 * (6 + offset) + 3]);
case 3:
y[0] = (unsigned char)(sbox(1, (unsigned long)y[0]) ^ M[4 * (4 + offset) + 0]);
y[1] = (unsigned char)(sbox(1, (unsigned long)y[1]) ^ M[4 * (4 + offset) + 1]);
y[2] = (unsigned char)(sbox(0, (unsigned long)y[2]) ^ M[4 * (4 + offset) + 2]);
y[3] = (unsigned char)(sbox(0, (unsigned long)y[3]) ^ M[4 * (4 + offset) + 3]);
y[0] = (unsigned char)(sbox(1, (ulong32)y[0]) ^ M[4 * (4 + offset) + 0]);
y[1] = (unsigned char)(sbox(1, (ulong32)y[1]) ^ M[4 * (4 + offset) + 1]);
y[2] = (unsigned char)(sbox(0, (ulong32)y[2]) ^ M[4 * (4 + offset) + 2]);
y[3] = (unsigned char)(sbox(0, (ulong32)y[3]) ^ M[4 * (4 + offset) + 3]);
case 2:
y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, (unsigned long)y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0]));
y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, (unsigned long)y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1]));
y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, (unsigned long)y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2]));
y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, (unsigned long)y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3]));
y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, (ulong32)y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0]));
y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, (ulong32)y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1]));
y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, (ulong32)y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2]));
y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, (ulong32)y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3]));
}
mds_mult(y, out);
}
@ -442,13 +442,13 @@ static void h_func(const unsigned char *in, unsigned char *out, unsigned char *M
#else
#ifdef CLEAN_STACK
static unsigned long _g_func(unsigned long x, symmetric_key *key)
static ulong32 _g_func(ulong32 x, symmetric_key *key)
#else
static unsigned long g_func(unsigned long x, symmetric_key *key)
static ulong32 g_func(ulong32 x, symmetric_key *key)
#endif
{
unsigned char g, i, y, z;
unsigned long res;
ulong32 res;
res = 0;
for (y = 0; y < 4; y++) {
@ -475,11 +475,11 @@ static unsigned long g_func(unsigned long x, symmetric_key *key)
#define g1_func(x, key) g_func(ROL(x, 8), key)
#ifdef CLEAN_STACK
static unsigned long g_func(unsigned long x, symmetric_key *key)
static ulong32 g_func(ulong32 x, symmetric_key *key)
{
unsigned long y;
ulong32 y;
y = _g_func(x, key);
burn_stack(sizeof(unsigned char) * 4 + sizeof(unsigned long));
burn_stack(sizeof(unsigned char) * 4 + sizeof(ulong32));
return y;
}
#endif /* CLEAN_STACK */
@ -493,13 +493,13 @@ int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
#endif
{
#ifndef TWOFISH_SMALL
unsigned long g;
ulong32 g;
int z, i;
unsigned char S[4*4];
#endif
int k, x, y, start;
unsigned char tmp[4], tmp2[4], M[8*4];
unsigned long A, B;
ulong32 A, B;
_ARGCHK(key != NULL);
_ARGCHK(skey != NULL);
@ -591,7 +591,7 @@ int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
{
int x;
x = _twofish_setup(key, keylen, num_rounds, skey);
burn_stack(sizeof(int) * 7 + sizeof(unsigned char) * 56 + sizeof(unsigned long) * 2);
burn_stack(sizeof(int) * 7 + sizeof(unsigned char) * 56 + sizeof(ulong32) * 2);
return x;
}
#endif
@ -602,10 +602,10 @@ static void _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, sym
void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
#endif
{
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k;
ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k;
int r;
#if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
unsigned long *S1, *S2, *S3, *S4;
ulong32 *S1, *S2, *S3, *S4;
#endif
_ARGCHK(pt != NULL);
@ -656,7 +656,7 @@ void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key)
{
_twofish_ecb_encrypt(pt, ct, key);
burn_stack(sizeof(unsigned long) * 10 + sizeof(int));
burn_stack(sizeof(ulong32) * 10 + sizeof(int));
}
#endif
@ -666,10 +666,10 @@ static void _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, sym
void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
#endif
{
unsigned long a,b,c,d,ta,tb,tc,td,t1,t2, *k;
ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k;
int r;
#if !defined(TWOFISH_SMALL) && !defined(__GNUC__)
unsigned long *S1, *S2, *S3, *S4;
ulong32 *S1, *S2, *S3, *S4;
#endif
_ARGCHK(pt != NULL);
@ -723,7 +723,7 @@ void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key)
{
_twofish_ecb_decrypt(ct, pt, key);
burn_stack(sizeof(unsigned long) * 10 + sizeof(int));
burn_stack(sizeof(ulong32) * 10 + sizeof(int));
}
#endif