diff options
Diffstat (limited to 'utils/tomcrypt')
28 files changed, 8416 insertions, 0 deletions
diff --git a/utils/tomcrypt/LICENSE b/utils/tomcrypt/LICENSE new file mode 100644 index 0000000000..c4afbc6b5b --- /dev/null +++ b/utils/tomcrypt/LICENSE | |||
@@ -0,0 +1,29 @@ | |||
1 | LibTomCrypt is licensed under DUAL licensing terms. | ||
2 | |||
3 | Choose and use the license of your needs. | ||
4 | |||
5 | [LICENSE #1] | ||
6 | |||
7 | LibTomCrypt is public domain. As should all quality software be. | ||
8 | |||
9 | Tom St Denis | ||
10 | |||
11 | [/LICENSE #1] | ||
12 | |||
13 | [LICENSE #2] | ||
14 | |||
15 | DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE | ||
16 | Version 2, December 2004 | ||
17 | |||
18 | Copyright (C) 2004 Sam Hocevar <sam@hocevar.net> | ||
19 | |||
20 | Everyone is permitted to copy and distribute verbatim or modified | ||
21 | copies of this license document, and changing it is allowed as long | ||
22 | as the name is changed. | ||
23 | |||
24 | DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE | ||
25 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION | ||
26 | |||
27 | 0. You just DO WHAT THE FUCK YOU WANT TO. | ||
28 | |||
29 | [/LICENSE #2] | ||
diff --git a/utils/tomcrypt/README.ROCKBOX b/utils/tomcrypt/README.ROCKBOX new file mode 100644 index 0000000000..53ebe19fdc --- /dev/null +++ b/utils/tomcrypt/README.ROCKBOX | |||
@@ -0,0 +1,7 @@ | |||
1 | This folder contains the source from libtomcrypt. | ||
2 | |||
3 | Only the source files that are actually used have been added. If more | ||
4 | functionality is needed add the missing files. | ||
5 | |||
6 | The source tree has last been synced with libtomcrypt 1.18.2 on 2020-08-08. | ||
7 | |||
diff --git a/utils/tomcrypt/src/ciphers/aes/aes.c b/utils/tomcrypt/src/ciphers/aes/aes.c new file mode 100644 index 0000000000..19c732fe65 --- /dev/null +++ b/utils/tomcrypt/src/ciphers/aes/aes.c | |||
@@ -0,0 +1,743 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* AES implementation by Tom St Denis | ||
11 | * | ||
12 | * Derived from the Public Domain source code by | ||
13 | |||
14 | --- | ||
15 | * rijndael-alg-fst.c | ||
16 | * | ||
17 | * @version 3.0 (December 2000) | ||
18 | * | ||
19 | * Optimised ANSI C code for the Rijndael cipher (now AES) | ||
20 | * | ||
21 | * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> | ||
22 | * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> | ||
23 | * @author Paulo Barreto <paulo.barreto@terra.com.br> | ||
24 | --- | ||
25 | */ | ||
26 | /** | ||
27 | @file aes.c | ||
28 | Implementation of AES | ||
29 | */ | ||
30 | |||
31 | #include "tomcrypt.h" | ||
32 | |||
33 | #ifdef LTC_RIJNDAEL | ||
34 | |||
35 | #ifndef ENCRYPT_ONLY | ||
36 | |||
37 | #define SETUP rijndael_setup | ||
38 | #define ECB_ENC rijndael_ecb_encrypt | ||
39 | #define ECB_DEC rijndael_ecb_decrypt | ||
40 | #define ECB_DONE rijndael_done | ||
41 | #define ECB_TEST rijndael_test | ||
42 | #define ECB_KS rijndael_keysize | ||
43 | |||
44 | const struct ltc_cipher_descriptor rijndael_desc = | ||
45 | { | ||
46 | "rijndael", | ||
47 | 6, | ||
48 | 16, 32, 16, 10, | ||
49 | SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS, | ||
50 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL | ||
51 | }; | ||
52 | |||
53 | const struct ltc_cipher_descriptor aes_desc = | ||
54 | { | ||
55 | "aes", | ||
56 | 6, | ||
57 | 16, 32, 16, 10, | ||
58 | SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS, | ||
59 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL | ||
60 | }; | ||
61 | |||
62 | #else | ||
63 | |||
64 | #define SETUP rijndael_enc_setup | ||
65 | #define ECB_ENC rijndael_enc_ecb_encrypt | ||
66 | #define ECB_KS rijndael_enc_keysize | ||
67 | #define ECB_DONE rijndael_enc_done | ||
68 | |||
69 | const struct ltc_cipher_descriptor rijndael_enc_desc = | ||
70 | { | ||
71 | "rijndael", | ||
72 | 6, | ||
73 | 16, 32, 16, 10, | ||
74 | SETUP, ECB_ENC, NULL, NULL, ECB_DONE, ECB_KS, | ||
75 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL | ||
76 | }; | ||
77 | |||
78 | const struct ltc_cipher_descriptor aes_enc_desc = | ||
79 | { | ||
80 | "aes", | ||
81 | 6, | ||
82 | 16, 32, 16, 10, | ||
83 | SETUP, ECB_ENC, NULL, NULL, ECB_DONE, ECB_KS, | ||
84 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL | ||
85 | }; | ||
86 | |||
87 | #endif | ||
88 | |||
89 | #define __LTC_AES_TAB_C__ | ||
90 | #include "aes_tab.c" | ||
91 | |||
92 | static ulong32 setup_mix(ulong32 temp) | ||
93 | { | ||
94 | return (Te4_3[byte(temp, 2)]) ^ | ||
95 | (Te4_2[byte(temp, 1)]) ^ | ||
96 | (Te4_1[byte(temp, 0)]) ^ | ||
97 | (Te4_0[byte(temp, 3)]); | ||
98 | } | ||
99 | |||
100 | #ifndef ENCRYPT_ONLY | ||
101 | #ifdef LTC_SMALL_CODE | ||
102 | static ulong32 setup_mix2(ulong32 temp) | ||
103 | { | ||
104 | return Td0(255 & Te4[byte(temp, 3)]) ^ | ||
105 | Td1(255 & Te4[byte(temp, 2)]) ^ | ||
106 | Td2(255 & Te4[byte(temp, 1)]) ^ | ||
107 | Td3(255 & Te4[byte(temp, 0)]); | ||
108 | } | ||
109 | #endif | ||
110 | #endif | ||
111 | |||
112 | /** | ||
113 | Initialize the AES (Rijndael) block cipher | ||
114 | @param key The symmetric key you wish to pass | ||
115 | @param keylen The key length in bytes | ||
116 | @param num_rounds The number of rounds desired (0 for default) | ||
117 | @param skey The key in as scheduled by this function. | ||
118 | @return CRYPT_OK if successful | ||
119 | */ | ||
120 | int SETUP(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) | ||
121 | { | ||
122 | int i; | ||
123 | ulong32 temp, *rk; | ||
124 | #ifndef ENCRYPT_ONLY | ||
125 | ulong32 *rrk; | ||
126 | #endif | ||
127 | LTC_ARGCHK(key != NULL); | ||
128 | LTC_ARGCHK(skey != NULL); | ||
129 | |||
130 | if (keylen != 16 && keylen != 24 && keylen != 32) { | ||
131 | return CRYPT_INVALID_KEYSIZE; | ||
132 | } | ||
133 | |||
134 | if (num_rounds != 0 && num_rounds != (10 + ((keylen/8)-2)*2)) { | ||
135 | return CRYPT_INVALID_ROUNDS; | ||
136 | } | ||
137 | |||
138 | skey->rijndael.Nr = 10 + ((keylen/8)-2)*2; | ||
139 | |||
140 | /* setup the forward key */ | ||
141 | i = 0; | ||
142 | rk = skey->rijndael.eK; | ||
143 | LOAD32H(rk[0], key ); | ||
144 | LOAD32H(rk[1], key + 4); | ||
145 | LOAD32H(rk[2], key + 8); | ||
146 | LOAD32H(rk[3], key + 12); | ||
147 | if (keylen == 16) { | ||
148 | for (;;) { | ||
149 | temp = rk[3]; | ||
150 | rk[4] = rk[0] ^ setup_mix(temp) ^ rcon[i]; | ||
151 | rk[5] = rk[1] ^ rk[4]; | ||
152 | rk[6] = rk[2] ^ rk[5]; | ||
153 | rk[7] = rk[3] ^ rk[6]; | ||
154 | if (++i == 10) { | ||
155 | break; | ||
156 | } | ||
157 | rk += 4; | ||
158 | } | ||
159 | } else if (keylen == 24) { | ||
160 | LOAD32H(rk[4], key + 16); | ||
161 | LOAD32H(rk[5], key + 20); | ||
162 | for (;;) { | ||
163 | #ifdef _MSC_VER | ||
164 | temp = skey->rijndael.eK[rk - skey->rijndael.eK + 5]; | ||
165 | #else | ||
166 | temp = rk[5]; | ||
167 | #endif | ||
168 | rk[ 6] = rk[ 0] ^ setup_mix(temp) ^ rcon[i]; | ||
169 | rk[ 7] = rk[ 1] ^ rk[ 6]; | ||
170 | rk[ 8] = rk[ 2] ^ rk[ 7]; | ||
171 | rk[ 9] = rk[ 3] ^ rk[ 8]; | ||
172 | if (++i == 8) { | ||
173 | break; | ||
174 | } | ||
175 | rk[10] = rk[ 4] ^ rk[ 9]; | ||
176 | rk[11] = rk[ 5] ^ rk[10]; | ||
177 | rk += 6; | ||
178 | } | ||
179 | } else if (keylen == 32) { | ||
180 | LOAD32H(rk[4], key + 16); | ||
181 | LOAD32H(rk[5], key + 20); | ||
182 | LOAD32H(rk[6], key + 24); | ||
183 | LOAD32H(rk[7], key + 28); | ||
184 | for (;;) { | ||
185 | #ifdef _MSC_VER | ||
186 | temp = skey->rijndael.eK[rk - skey->rijndael.eK + 7]; | ||
187 | #else | ||
188 | temp = rk[7]; | ||
189 | #endif | ||
190 | rk[ 8] = rk[ 0] ^ setup_mix(temp) ^ rcon[i]; | ||
191 | rk[ 9] = rk[ 1] ^ rk[ 8]; | ||
192 | rk[10] = rk[ 2] ^ rk[ 9]; | ||
193 | rk[11] = rk[ 3] ^ rk[10]; | ||
194 | if (++i == 7) { | ||
195 | break; | ||
196 | } | ||
197 | temp = rk[11]; | ||
198 | rk[12] = rk[ 4] ^ setup_mix(RORc(temp, 8)); | ||
199 | rk[13] = rk[ 5] ^ rk[12]; | ||
200 | rk[14] = rk[ 6] ^ rk[13]; | ||
201 | rk[15] = rk[ 7] ^ rk[14]; | ||
202 | rk += 8; | ||
203 | } | ||
204 | } else { | ||
205 | /* this can't happen */ | ||
206 | /* coverity[dead_error_line] */ | ||
207 | return CRYPT_ERROR; | ||
208 | } | ||
209 | |||
210 | #ifndef ENCRYPT_ONLY | ||
211 | /* setup the inverse key now */ | ||
212 | rk = skey->rijndael.dK; | ||
213 | rrk = skey->rijndael.eK + (28 + keylen) - 4; | ||
214 | |||
215 | /* apply the inverse MixColumn transform to all round keys but the first and the last: */ | ||
216 | /* copy first */ | ||
217 | *rk++ = *rrk++; | ||
218 | *rk++ = *rrk++; | ||
219 | *rk++ = *rrk++; | ||
220 | *rk = *rrk; | ||
221 | rk -= 3; rrk -= 3; | ||
222 | |||
223 | for (i = 1; i < skey->rijndael.Nr; i++) { | ||
224 | rrk -= 4; | ||
225 | rk += 4; | ||
226 | #ifdef LTC_SMALL_CODE | ||
227 | temp = rrk[0]; | ||
228 | rk[0] = setup_mix2(temp); | ||
229 | temp = rrk[1]; | ||
230 | rk[1] = setup_mix2(temp); | ||
231 | temp = rrk[2]; | ||
232 | rk[2] = setup_mix2(temp); | ||
233 | temp = rrk[3]; | ||
234 | rk[3] = setup_mix2(temp); | ||
235 | #else | ||
236 | temp = rrk[0]; | ||
237 | rk[0] = | ||
238 | Tks0[byte(temp, 3)] ^ | ||
239 | Tks1[byte(temp, 2)] ^ | ||
240 | Tks2[byte(temp, 1)] ^ | ||
241 | Tks3[byte(temp, 0)]; | ||
242 | temp = rrk[1]; | ||
243 | rk[1] = | ||
244 | Tks0[byte(temp, 3)] ^ | ||
245 | Tks1[byte(temp, 2)] ^ | ||
246 | Tks2[byte(temp, 1)] ^ | ||
247 | Tks3[byte(temp, 0)]; | ||
248 | temp = rrk[2]; | ||
249 | rk[2] = | ||
250 | Tks0[byte(temp, 3)] ^ | ||
251 | Tks1[byte(temp, 2)] ^ | ||
252 | Tks2[byte(temp, 1)] ^ | ||
253 | Tks3[byte(temp, 0)]; | ||
254 | temp = rrk[3]; | ||
255 | rk[3] = | ||
256 | Tks0[byte(temp, 3)] ^ | ||
257 | Tks1[byte(temp, 2)] ^ | ||
258 | Tks2[byte(temp, 1)] ^ | ||
259 | Tks3[byte(temp, 0)]; | ||
260 | #endif | ||
261 | |||
262 | } | ||
263 | |||
264 | /* copy last */ | ||
265 | rrk -= 4; | ||
266 | rk += 4; | ||
267 | *rk++ = *rrk++; | ||
268 | *rk++ = *rrk++; | ||
269 | *rk++ = *rrk++; | ||
270 | *rk = *rrk; | ||
271 | #endif /* ENCRYPT_ONLY */ | ||
272 | |||
273 | return CRYPT_OK; | ||
274 | } | ||
275 | |||
276 | /** | ||
277 | Encrypts a block of text with AES | ||
278 | @param pt The input plaintext (16 bytes) | ||
279 | @param ct The output ciphertext (16 bytes) | ||
280 | @param skey The key as scheduled | ||
281 | @return CRYPT_OK if successful | ||
282 | */ | ||
283 | #ifdef LTC_CLEAN_STACK | ||
284 | static int _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | ||
285 | #else | ||
286 | int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | ||
287 | #endif | ||
288 | { | ||
289 | ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; | ||
290 | int Nr, r; | ||
291 | |||
292 | LTC_ARGCHK(pt != NULL); | ||
293 | LTC_ARGCHK(ct != NULL); | ||
294 | LTC_ARGCHK(skey != NULL); | ||
295 | |||
296 | Nr = skey->rijndael.Nr; | ||
297 | rk = skey->rijndael.eK; | ||
298 | |||
299 | /* | ||
300 | * map byte array block to cipher state | ||
301 | * and add initial round key: | ||
302 | */ | ||
303 | LOAD32H(s0, pt ); s0 ^= rk[0]; | ||
304 | LOAD32H(s1, pt + 4); s1 ^= rk[1]; | ||
305 | LOAD32H(s2, pt + 8); s2 ^= rk[2]; | ||
306 | LOAD32H(s3, pt + 12); s3 ^= rk[3]; | ||
307 | |||
308 | #ifdef LTC_SMALL_CODE | ||
309 | |||
310 | for (r = 0; ; r++) { | ||
311 | rk += 4; | ||
312 | t0 = | ||
313 | Te0(byte(s0, 3)) ^ | ||
314 | Te1(byte(s1, 2)) ^ | ||
315 | Te2(byte(s2, 1)) ^ | ||
316 | Te3(byte(s3, 0)) ^ | ||
317 | rk[0]; | ||
318 | t1 = | ||
319 | Te0(byte(s1, 3)) ^ | ||
320 | Te1(byte(s2, 2)) ^ | ||
321 | Te2(byte(s3, 1)) ^ | ||
322 | Te3(byte(s0, 0)) ^ | ||
323 | rk[1]; | ||
324 | t2 = | ||
325 | Te0(byte(s2, 3)) ^ | ||
326 | Te1(byte(s3, 2)) ^ | ||
327 | Te2(byte(s0, 1)) ^ | ||
328 | Te3(byte(s1, 0)) ^ | ||
329 | rk[2]; | ||
330 | t3 = | ||
331 | Te0(byte(s3, 3)) ^ | ||
332 | Te1(byte(s0, 2)) ^ | ||
333 | Te2(byte(s1, 1)) ^ | ||
334 | Te3(byte(s2, 0)) ^ | ||
335 | rk[3]; | ||
336 | if (r == Nr-2) { | ||
337 | break; | ||
338 | } | ||
339 | s0 = t0; s1 = t1; s2 = t2; s3 = t3; | ||
340 | } | ||
341 | rk += 4; | ||
342 | |||
343 | #else | ||
344 | |||
345 | /* | ||
346 | * Nr - 1 full rounds: | ||
347 | */ | ||
348 | r = Nr >> 1; | ||
349 | for (;;) { | ||
350 | t0 = | ||
351 | Te0(byte(s0, 3)) ^ | ||
352 | Te1(byte(s1, 2)) ^ | ||
353 | Te2(byte(s2, 1)) ^ | ||
354 | Te3(byte(s3, 0)) ^ | ||
355 | rk[4]; | ||
356 | t1 = | ||
357 | Te0(byte(s1, 3)) ^ | ||
358 | Te1(byte(s2, 2)) ^ | ||
359 | Te2(byte(s3, 1)) ^ | ||
360 | Te3(byte(s0, 0)) ^ | ||
361 | rk[5]; | ||
362 | t2 = | ||
363 | Te0(byte(s2, 3)) ^ | ||
364 | Te1(byte(s3, 2)) ^ | ||
365 | Te2(byte(s0, 1)) ^ | ||
366 | Te3(byte(s1, 0)) ^ | ||
367 | rk[6]; | ||
368 | t3 = | ||
369 | Te0(byte(s3, 3)) ^ | ||
370 | Te1(byte(s0, 2)) ^ | ||
371 | Te2(byte(s1, 1)) ^ | ||
372 | Te3(byte(s2, 0)) ^ | ||
373 | rk[7]; | ||
374 | |||
375 | rk += 8; | ||
376 | if (--r == 0) { | ||
377 | break; | ||
378 | } | ||
379 | |||
380 | s0 = | ||
381 | Te0(byte(t0, 3)) ^ | ||
382 | Te1(byte(t1, 2)) ^ | ||
383 | Te2(byte(t2, 1)) ^ | ||
384 | Te3(byte(t3, 0)) ^ | ||
385 | rk[0]; | ||
386 | s1 = | ||
387 | Te0(byte(t1, 3)) ^ | ||
388 | Te1(byte(t2, 2)) ^ | ||
389 | Te2(byte(t3, 1)) ^ | ||
390 | Te3(byte(t0, 0)) ^ | ||
391 | rk[1]; | ||
392 | s2 = | ||
393 | Te0(byte(t2, 3)) ^ | ||
394 | Te1(byte(t3, 2)) ^ | ||
395 | Te2(byte(t0, 1)) ^ | ||
396 | Te3(byte(t1, 0)) ^ | ||
397 | rk[2]; | ||
398 | s3 = | ||
399 | Te0(byte(t3, 3)) ^ | ||
400 | Te1(byte(t0, 2)) ^ | ||
401 | Te2(byte(t1, 1)) ^ | ||
402 | Te3(byte(t2, 0)) ^ | ||
403 | rk[3]; | ||
404 | } | ||
405 | |||
406 | #endif | ||
407 | |||
408 | /* | ||
409 | * apply last round and | ||
410 | * map cipher state to byte array block: | ||
411 | */ | ||
412 | s0 = | ||
413 | (Te4_3[byte(t0, 3)]) ^ | ||
414 | (Te4_2[byte(t1, 2)]) ^ | ||
415 | (Te4_1[byte(t2, 1)]) ^ | ||
416 | (Te4_0[byte(t3, 0)]) ^ | ||
417 | rk[0]; | ||
418 | STORE32H(s0, ct); | ||
419 | s1 = | ||
420 | (Te4_3[byte(t1, 3)]) ^ | ||
421 | (Te4_2[byte(t2, 2)]) ^ | ||
422 | (Te4_1[byte(t3, 1)]) ^ | ||
423 | (Te4_0[byte(t0, 0)]) ^ | ||
424 | rk[1]; | ||
425 | STORE32H(s1, ct+4); | ||
426 | s2 = | ||
427 | (Te4_3[byte(t2, 3)]) ^ | ||
428 | (Te4_2[byte(t3, 2)]) ^ | ||
429 | (Te4_1[byte(t0, 1)]) ^ | ||
430 | (Te4_0[byte(t1, 0)]) ^ | ||
431 | rk[2]; | ||
432 | STORE32H(s2, ct+8); | ||
433 | s3 = | ||
434 | (Te4_3[byte(t3, 3)]) ^ | ||
435 | (Te4_2[byte(t0, 2)]) ^ | ||
436 | (Te4_1[byte(t1, 1)]) ^ | ||
437 | (Te4_0[byte(t2, 0)]) ^ | ||
438 | rk[3]; | ||
439 | STORE32H(s3, ct+12); | ||
440 | |||
441 | return CRYPT_OK; | ||
442 | } | ||
443 | |||
444 | #ifdef LTC_CLEAN_STACK | ||
445 | int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) | ||
446 | { | ||
447 | int err = _rijndael_ecb_encrypt(pt, ct, skey); | ||
448 | burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2); | ||
449 | return err; | ||
450 | } | ||
451 | #endif | ||
452 | |||
453 | #ifndef ENCRYPT_ONLY | ||
454 | |||
455 | /** | ||
456 | Decrypts a block of text with AES | ||
457 | @param ct The input ciphertext (16 bytes) | ||
458 | @param pt The output plaintext (16 bytes) | ||
459 | @param skey The key as scheduled | ||
460 | @return CRYPT_OK if successful | ||
461 | */ | ||
462 | #ifdef LTC_CLEAN_STACK | ||
463 | static int _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | ||
464 | #else | ||
465 | int ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | ||
466 | #endif | ||
467 | { | ||
468 | ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; | ||
469 | int Nr, r; | ||
470 | |||
471 | LTC_ARGCHK(pt != NULL); | ||
472 | LTC_ARGCHK(ct != NULL); | ||
473 | LTC_ARGCHK(skey != NULL); | ||
474 | |||
475 | Nr = skey->rijndael.Nr; | ||
476 | rk = skey->rijndael.dK; | ||
477 | |||
478 | /* | ||
479 | * map byte array block to cipher state | ||
480 | * and add initial round key: | ||
481 | */ | ||
482 | LOAD32H(s0, ct ); s0 ^= rk[0]; | ||
483 | LOAD32H(s1, ct + 4); s1 ^= rk[1]; | ||
484 | LOAD32H(s2, ct + 8); s2 ^= rk[2]; | ||
485 | LOAD32H(s3, ct + 12); s3 ^= rk[3]; | ||
486 | |||
487 | #ifdef LTC_SMALL_CODE | ||
488 | for (r = 0; ; r++) { | ||
489 | rk += 4; | ||
490 | t0 = | ||
491 | Td0(byte(s0, 3)) ^ | ||
492 | Td1(byte(s3, 2)) ^ | ||
493 | Td2(byte(s2, 1)) ^ | ||
494 | Td3(byte(s1, 0)) ^ | ||
495 | rk[0]; | ||
496 | t1 = | ||
497 | Td0(byte(s1, 3)) ^ | ||
498 | Td1(byte(s0, 2)) ^ | ||
499 | Td2(byte(s3, 1)) ^ | ||
500 | Td3(byte(s2, 0)) ^ | ||
501 | rk[1]; | ||
502 | t2 = | ||
503 | Td0(byte(s2, 3)) ^ | ||
504 | Td1(byte(s1, 2)) ^ | ||
505 | Td2(byte(s0, 1)) ^ | ||
506 | Td3(byte(s3, 0)) ^ | ||
507 | rk[2]; | ||
508 | t3 = | ||
509 | Td0(byte(s3, 3)) ^ | ||
510 | Td1(byte(s2, 2)) ^ | ||
511 | Td2(byte(s1, 1)) ^ | ||
512 | Td3(byte(s0, 0)) ^ | ||
513 | rk[3]; | ||
514 | if (r == Nr-2) { | ||
515 | break; | ||
516 | } | ||
517 | s0 = t0; s1 = t1; s2 = t2; s3 = t3; | ||
518 | } | ||
519 | rk += 4; | ||
520 | |||
521 | #else | ||
522 | |||
523 | /* | ||
524 | * Nr - 1 full rounds: | ||
525 | */ | ||
526 | r = Nr >> 1; | ||
527 | for (;;) { | ||
528 | |||
529 | t0 = | ||
530 | Td0(byte(s0, 3)) ^ | ||
531 | Td1(byte(s3, 2)) ^ | ||
532 | Td2(byte(s2, 1)) ^ | ||
533 | Td3(byte(s1, 0)) ^ | ||
534 | rk[4]; | ||
535 | t1 = | ||
536 | Td0(byte(s1, 3)) ^ | ||
537 | Td1(byte(s0, 2)) ^ | ||
538 | Td2(byte(s3, 1)) ^ | ||
539 | Td3(byte(s2, 0)) ^ | ||
540 | rk[5]; | ||
541 | t2 = | ||
542 | Td0(byte(s2, 3)) ^ | ||
543 | Td1(byte(s1, 2)) ^ | ||
544 | Td2(byte(s0, 1)) ^ | ||
545 | Td3(byte(s3, 0)) ^ | ||
546 | rk[6]; | ||
547 | t3 = | ||
548 | Td0(byte(s3, 3)) ^ | ||
549 | Td1(byte(s2, 2)) ^ | ||
550 | Td2(byte(s1, 1)) ^ | ||
551 | Td3(byte(s0, 0)) ^ | ||
552 | rk[7]; | ||
553 | |||
554 | rk += 8; | ||
555 | if (--r == 0) { | ||
556 | break; | ||
557 | } | ||
558 | |||
559 | |||
560 | s0 = | ||
561 | Td0(byte(t0, 3)) ^ | ||
562 | Td1(byte(t3, 2)) ^ | ||
563 | Td2(byte(t2, 1)) ^ | ||
564 | Td3(byte(t1, 0)) ^ | ||
565 | rk[0]; | ||
566 | s1 = | ||
567 | Td0(byte(t1, 3)) ^ | ||
568 | Td1(byte(t0, 2)) ^ | ||
569 | Td2(byte(t3, 1)) ^ | ||
570 | Td3(byte(t2, 0)) ^ | ||
571 | rk[1]; | ||
572 | s2 = | ||
573 | Td0(byte(t2, 3)) ^ | ||
574 | Td1(byte(t1, 2)) ^ | ||
575 | Td2(byte(t0, 1)) ^ | ||
576 | Td3(byte(t3, 0)) ^ | ||
577 | rk[2]; | ||
578 | s3 = | ||
579 | Td0(byte(t3, 3)) ^ | ||
580 | Td1(byte(t2, 2)) ^ | ||
581 | Td2(byte(t1, 1)) ^ | ||
582 | Td3(byte(t0, 0)) ^ | ||
583 | rk[3]; | ||
584 | } | ||
585 | #endif | ||
586 | |||
587 | /* | ||
588 | * apply last round and | ||
589 | * map cipher state to byte array block: | ||
590 | */ | ||
591 | s0 = | ||
592 | (Td4[byte(t0, 3)] & 0xff000000) ^ | ||
593 | (Td4[byte(t3, 2)] & 0x00ff0000) ^ | ||
594 | (Td4[byte(t2, 1)] & 0x0000ff00) ^ | ||
595 | (Td4[byte(t1, 0)] & 0x000000ff) ^ | ||
596 | rk[0]; | ||
597 | STORE32H(s0, pt); | ||
598 | s1 = | ||
599 | (Td4[byte(t1, 3)] & 0xff000000) ^ | ||
600 | (Td4[byte(t0, 2)] & 0x00ff0000) ^ | ||
601 | (Td4[byte(t3, 1)] & 0x0000ff00) ^ | ||
602 | (Td4[byte(t2, 0)] & 0x000000ff) ^ | ||
603 | rk[1]; | ||
604 | STORE32H(s1, pt+4); | ||
605 | s2 = | ||
606 | (Td4[byte(t2, 3)] & 0xff000000) ^ | ||
607 | (Td4[byte(t1, 2)] & 0x00ff0000) ^ | ||
608 | (Td4[byte(t0, 1)] & 0x0000ff00) ^ | ||
609 | (Td4[byte(t3, 0)] & 0x000000ff) ^ | ||
610 | rk[2]; | ||
611 | STORE32H(s2, pt+8); | ||
612 | s3 = | ||
613 | (Td4[byte(t3, 3)] & 0xff000000) ^ | ||
614 | (Td4[byte(t2, 2)] & 0x00ff0000) ^ | ||
615 | (Td4[byte(t1, 1)] & 0x0000ff00) ^ | ||
616 | (Td4[byte(t0, 0)] & 0x000000ff) ^ | ||
617 | rk[3]; | ||
618 | STORE32H(s3, pt+12); | ||
619 | |||
620 | return CRYPT_OK; | ||
621 | } | ||
622 | |||
623 | |||
624 | #ifdef LTC_CLEAN_STACK | ||
625 | int ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) | ||
626 | { | ||
627 | int err = _rijndael_ecb_decrypt(ct, pt, skey); | ||
628 | burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2); | ||
629 | return err; | ||
630 | } | ||
631 | #endif | ||
632 | |||
633 | /** | ||
634 | Performs a self-test of the AES block cipher | ||
635 | @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled | ||
636 | */ | ||
637 | int ECB_TEST(void) | ||
638 | { | ||
639 | #ifndef LTC_TEST | ||
640 | return CRYPT_NOP; | ||
641 | #else | ||
642 | int err; | ||
643 | static const struct { | ||
644 | int keylen; | ||
645 | unsigned char key[32], pt[16], ct[16]; | ||
646 | } tests[] = { | ||
647 | { 16, | ||
648 | { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
649 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
650 | { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
651 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
652 | { 0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30, | ||
653 | 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a } | ||
654 | }, { | ||
655 | 24, | ||
656 | { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
657 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
658 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 }, | ||
659 | { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
660 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
661 | { 0xdd, 0xa9, 0x7c, 0xa4, 0x86, 0x4c, 0xdf, 0xe0, | ||
662 | 0x6e, 0xaf, 0x70, 0xa0, 0xec, 0x0d, 0x71, 0x91 } | ||
663 | }, { | ||
664 | 32, | ||
665 | { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
666 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
667 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
668 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
669 | { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
670 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, | ||
671 | { 0x8e, 0xa2, 0xb7, 0xca, 0x51, 0x67, 0x45, 0xbf, | ||
672 | 0xea, 0xfc, 0x49, 0x90, 0x4b, 0x49, 0x60, 0x89 } | ||
673 | } | ||
674 | }; | ||
675 | |||
676 | symmetric_key key; | ||
677 | unsigned char tmp[2][16]; | ||
678 | int i, y; | ||
679 | |||
680 | for (i = 0; i < (int)(sizeof(tests)/sizeof(tests[0])); i++) { | ||
681 | zeromem(&key, sizeof(key)); | ||
682 | if ((err = rijndael_setup(tests[i].key, tests[i].keylen, 0, &key)) != CRYPT_OK) { | ||
683 | return err; | ||
684 | } | ||
685 | |||
686 | rijndael_ecb_encrypt(tests[i].pt, tmp[0], &key); | ||
687 | rijndael_ecb_decrypt(tmp[0], tmp[1], &key); | ||
688 | if (compare_testvector(tmp[0], 16, tests[i].ct, 16, "AES Encrypt", i) || | ||
689 | compare_testvector(tmp[1], 16, tests[i].pt, 16, "AES Decrypt", i)) { | ||
690 | return CRYPT_FAIL_TESTVECTOR; | ||
691 | } | ||
692 | |||
693 | /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */ | ||
694 | for (y = 0; y < 16; y++) tmp[0][y] = 0; | ||
695 | for (y = 0; y < 1000; y++) rijndael_ecb_encrypt(tmp[0], tmp[0], &key); | ||
696 | for (y = 0; y < 1000; y++) rijndael_ecb_decrypt(tmp[0], tmp[0], &key); | ||
697 | for (y = 0; y < 16; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR; | ||
698 | } | ||
699 | return CRYPT_OK; | ||
700 | #endif | ||
701 | } | ||
702 | |||
703 | #endif /* ENCRYPT_ONLY */ | ||
704 | |||
705 | |||
706 | /** Terminate the context | ||
707 | @param skey The scheduled key | ||
708 | */ | ||
709 | void ECB_DONE(symmetric_key *skey) | ||
710 | { | ||
711 | LTC_UNUSED_PARAM(skey); | ||
712 | } | ||
713 | |||
714 | |||
715 | /** | ||
716 | Gets suitable key size | ||
717 | @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable. | ||
718 | @return CRYPT_OK if the input key size is acceptable. | ||
719 | */ | ||
720 | int ECB_KS(int *keysize) | ||
721 | { | ||
722 | LTC_ARGCHK(keysize != NULL); | ||
723 | |||
724 | if (*keysize < 16) | ||
725 | return CRYPT_INVALID_KEYSIZE; | ||
726 | if (*keysize < 24) { | ||
727 | *keysize = 16; | ||
728 | return CRYPT_OK; | ||
729 | } else if (*keysize < 32) { | ||
730 | *keysize = 24; | ||
731 | return CRYPT_OK; | ||
732 | } else { | ||
733 | *keysize = 32; | ||
734 | return CRYPT_OK; | ||
735 | } | ||
736 | } | ||
737 | |||
738 | #endif | ||
739 | |||
740 | |||
741 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
742 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
743 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/ciphers/aes/aes_tab.c b/utils/tomcrypt/src/ciphers/aes/aes_tab.c new file mode 100644 index 0000000000..dc556e1cd8 --- /dev/null +++ b/utils/tomcrypt/src/ciphers/aes/aes_tab.c | |||
@@ -0,0 +1,1032 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | /* The precomputed tables for AES */ | ||
10 | /* | ||
11 | Te0[x] = S [x].[02, 01, 01, 03]; | ||
12 | Te1[x] = S [x].[03, 02, 01, 01]; | ||
13 | Te2[x] = S [x].[01, 03, 02, 01]; | ||
14 | Te3[x] = S [x].[01, 01, 03, 02]; | ||
15 | Te4[x] = S [x].[01, 01, 01, 01]; | ||
16 | |||
17 | Td0[x] = Si[x].[0e, 09, 0d, 0b]; | ||
18 | Td1[x] = Si[x].[0b, 0e, 09, 0d]; | ||
19 | Td2[x] = Si[x].[0d, 0b, 0e, 09]; | ||
20 | Td3[x] = Si[x].[09, 0d, 0b, 0e]; | ||
21 | Td4[x] = Si[x].[01, 01, 01, 01]; | ||
22 | */ | ||
23 | |||
24 | #ifdef __LTC_AES_TAB_C__ | ||
25 | |||
26 | /** | ||
27 | @file aes_tab.c | ||
28 | AES tables | ||
29 | */ | ||
30 | static const ulong32 TE0[256] = { | ||
31 | 0xc66363a5UL, 0xf87c7c84UL, 0xee777799UL, 0xf67b7b8dUL, | ||
32 | 0xfff2f20dUL, 0xd66b6bbdUL, 0xde6f6fb1UL, 0x91c5c554UL, | ||
33 | 0x60303050UL, 0x02010103UL, 0xce6767a9UL, 0x562b2b7dUL, | ||
34 | 0xe7fefe19UL, 0xb5d7d762UL, 0x4dababe6UL, 0xec76769aUL, | ||
35 | 0x8fcaca45UL, 0x1f82829dUL, 0x89c9c940UL, 0xfa7d7d87UL, | ||
36 | 0xeffafa15UL, 0xb25959ebUL, 0x8e4747c9UL, 0xfbf0f00bUL, | ||
37 | 0x41adadecUL, 0xb3d4d467UL, 0x5fa2a2fdUL, 0x45afafeaUL, | ||
38 | 0x239c9cbfUL, 0x53a4a4f7UL, 0xe4727296UL, 0x9bc0c05bUL, | ||
39 | 0x75b7b7c2UL, 0xe1fdfd1cUL, 0x3d9393aeUL, 0x4c26266aUL, | ||
40 | 0x6c36365aUL, 0x7e3f3f41UL, 0xf5f7f702UL, 0x83cccc4fUL, | ||
41 | 0x6834345cUL, 0x51a5a5f4UL, 0xd1e5e534UL, 0xf9f1f108UL, | ||
42 | 0xe2717193UL, 0xabd8d873UL, 0x62313153UL, 0x2a15153fUL, | ||
43 | 0x0804040cUL, 0x95c7c752UL, 0x46232365UL, 0x9dc3c35eUL, | ||
44 | 0x30181828UL, 0x379696a1UL, 0x0a05050fUL, 0x2f9a9ab5UL, | ||
45 | 0x0e070709UL, 0x24121236UL, 0x1b80809bUL, 0xdfe2e23dUL, | ||
46 | 0xcdebeb26UL, 0x4e272769UL, 0x7fb2b2cdUL, 0xea75759fUL, | ||
47 | 0x1209091bUL, 0x1d83839eUL, 0x582c2c74UL, 0x341a1a2eUL, | ||
48 | 0x361b1b2dUL, 0xdc6e6eb2UL, 0xb45a5aeeUL, 0x5ba0a0fbUL, | ||
49 | 0xa45252f6UL, 0x763b3b4dUL, 0xb7d6d661UL, 0x7db3b3ceUL, | ||
50 | 0x5229297bUL, 0xdde3e33eUL, 0x5e2f2f71UL, 0x13848497UL, | ||
51 | 0xa65353f5UL, 0xb9d1d168UL, 0x00000000UL, 0xc1eded2cUL, | ||
52 | 0x40202060UL, 0xe3fcfc1fUL, 0x79b1b1c8UL, 0xb65b5bedUL, | ||
53 | 0xd46a6abeUL, 0x8dcbcb46UL, 0x67bebed9UL, 0x7239394bUL, | ||
54 | 0x944a4adeUL, 0x984c4cd4UL, 0xb05858e8UL, 0x85cfcf4aUL, | ||
55 | 0xbbd0d06bUL, 0xc5efef2aUL, 0x4faaaae5UL, 0xedfbfb16UL, | ||
56 | 0x864343c5UL, 0x9a4d4dd7UL, 0x66333355UL, 0x11858594UL, | ||
57 | 0x8a4545cfUL, 0xe9f9f910UL, 0x04020206UL, 0xfe7f7f81UL, | ||
58 | 0xa05050f0UL, 0x783c3c44UL, 0x259f9fbaUL, 0x4ba8a8e3UL, | ||
59 | 0xa25151f3UL, 0x5da3a3feUL, 0x804040c0UL, 0x058f8f8aUL, | ||
60 | 0x3f9292adUL, 0x219d9dbcUL, 0x70383848UL, 0xf1f5f504UL, | ||
61 | 0x63bcbcdfUL, 0x77b6b6c1UL, 0xafdada75UL, 0x42212163UL, | ||
62 | 0x20101030UL, 0xe5ffff1aUL, 0xfdf3f30eUL, 0xbfd2d26dUL, | ||
63 | 0x81cdcd4cUL, 0x180c0c14UL, 0x26131335UL, 0xc3ecec2fUL, | ||
64 | 0xbe5f5fe1UL, 0x359797a2UL, 0x884444ccUL, 0x2e171739UL, | ||
65 | 0x93c4c457UL, 0x55a7a7f2UL, 0xfc7e7e82UL, 0x7a3d3d47UL, | ||
66 | 0xc86464acUL, 0xba5d5de7UL, 0x3219192bUL, 0xe6737395UL, | ||
67 | 0xc06060a0UL, 0x19818198UL, 0x9e4f4fd1UL, 0xa3dcdc7fUL, | ||
68 | 0x44222266UL, 0x542a2a7eUL, 0x3b9090abUL, 0x0b888883UL, | ||
69 | 0x8c4646caUL, 0xc7eeee29UL, 0x6bb8b8d3UL, 0x2814143cUL, | ||
70 | 0xa7dede79UL, 0xbc5e5ee2UL, 0x160b0b1dUL, 0xaddbdb76UL, | ||
71 | 0xdbe0e03bUL, 0x64323256UL, 0x743a3a4eUL, 0x140a0a1eUL, | ||
72 | 0x924949dbUL, 0x0c06060aUL, 0x4824246cUL, 0xb85c5ce4UL, | ||
73 | 0x9fc2c25dUL, 0xbdd3d36eUL, 0x43acacefUL, 0xc46262a6UL, | ||
74 | 0x399191a8UL, 0x319595a4UL, 0xd3e4e437UL, 0xf279798bUL, | ||
75 | 0xd5e7e732UL, 0x8bc8c843UL, 0x6e373759UL, 0xda6d6db7UL, | ||
76 | 0x018d8d8cUL, 0xb1d5d564UL, 0x9c4e4ed2UL, 0x49a9a9e0UL, | ||
77 | 0xd86c6cb4UL, 0xac5656faUL, 0xf3f4f407UL, 0xcfeaea25UL, | ||
78 | 0xca6565afUL, 0xf47a7a8eUL, 0x47aeaee9UL, 0x10080818UL, | ||
79 | 0x6fbabad5UL, 0xf0787888UL, 0x4a25256fUL, 0x5c2e2e72UL, | ||
80 | 0x381c1c24UL, 0x57a6a6f1UL, 0x73b4b4c7UL, 0x97c6c651UL, | ||
81 | 0xcbe8e823UL, 0xa1dddd7cUL, 0xe874749cUL, 0x3e1f1f21UL, | ||
82 | 0x964b4bddUL, 0x61bdbddcUL, 0x0d8b8b86UL, 0x0f8a8a85UL, | ||
83 | 0xe0707090UL, 0x7c3e3e42UL, 0x71b5b5c4UL, 0xcc6666aaUL, | ||
84 | 0x904848d8UL, 0x06030305UL, 0xf7f6f601UL, 0x1c0e0e12UL, | ||
85 | 0xc26161a3UL, 0x6a35355fUL, 0xae5757f9UL, 0x69b9b9d0UL, | ||
86 | 0x17868691UL, 0x99c1c158UL, 0x3a1d1d27UL, 0x279e9eb9UL, | ||
87 | 0xd9e1e138UL, 0xebf8f813UL, 0x2b9898b3UL, 0x22111133UL, | ||
88 | 0xd26969bbUL, 0xa9d9d970UL, 0x078e8e89UL, 0x339494a7UL, | ||
89 | 0x2d9b9bb6UL, 0x3c1e1e22UL, 0x15878792UL, 0xc9e9e920UL, | ||
90 | 0x87cece49UL, 0xaa5555ffUL, 0x50282878UL, 0xa5dfdf7aUL, | ||
91 | 0x038c8c8fUL, 0x59a1a1f8UL, 0x09898980UL, 0x1a0d0d17UL, | ||
92 | 0x65bfbfdaUL, 0xd7e6e631UL, 0x844242c6UL, 0xd06868b8UL, | ||
93 | 0x824141c3UL, 0x299999b0UL, 0x5a2d2d77UL, 0x1e0f0f11UL, | ||
94 | 0x7bb0b0cbUL, 0xa85454fcUL, 0x6dbbbbd6UL, 0x2c16163aUL, | ||
95 | }; | ||
96 | |||
97 | #if !defined(PELI_TAB) && defined(LTC_SMALL_CODE) | ||
98 | static const ulong32 Te4[256] = { | ||
99 | 0x63636363UL, 0x7c7c7c7cUL, 0x77777777UL, 0x7b7b7b7bUL, | ||
100 | 0xf2f2f2f2UL, 0x6b6b6b6bUL, 0x6f6f6f6fUL, 0xc5c5c5c5UL, | ||
101 | 0x30303030UL, 0x01010101UL, 0x67676767UL, 0x2b2b2b2bUL, | ||
102 | 0xfefefefeUL, 0xd7d7d7d7UL, 0xababababUL, 0x76767676UL, | ||
103 | 0xcacacacaUL, 0x82828282UL, 0xc9c9c9c9UL, 0x7d7d7d7dUL, | ||
104 | 0xfafafafaUL, 0x59595959UL, 0x47474747UL, 0xf0f0f0f0UL, | ||
105 | 0xadadadadUL, 0xd4d4d4d4UL, 0xa2a2a2a2UL, 0xafafafafUL, | ||
106 | 0x9c9c9c9cUL, 0xa4a4a4a4UL, 0x72727272UL, 0xc0c0c0c0UL, | ||
107 | 0xb7b7b7b7UL, 0xfdfdfdfdUL, 0x93939393UL, 0x26262626UL, | ||
108 | 0x36363636UL, 0x3f3f3f3fUL, 0xf7f7f7f7UL, 0xccccccccUL, | ||
109 | 0x34343434UL, 0xa5a5a5a5UL, 0xe5e5e5e5UL, 0xf1f1f1f1UL, | ||
110 | 0x71717171UL, 0xd8d8d8d8UL, 0x31313131UL, 0x15151515UL, | ||
111 | 0x04040404UL, 0xc7c7c7c7UL, 0x23232323UL, 0xc3c3c3c3UL, | ||
112 | 0x18181818UL, 0x96969696UL, 0x05050505UL, 0x9a9a9a9aUL, | ||
113 | 0x07070707UL, 0x12121212UL, 0x80808080UL, 0xe2e2e2e2UL, | ||
114 | 0xebebebebUL, 0x27272727UL, 0xb2b2b2b2UL, 0x75757575UL, | ||
115 | 0x09090909UL, 0x83838383UL, 0x2c2c2c2cUL, 0x1a1a1a1aUL, | ||
116 | 0x1b1b1b1bUL, 0x6e6e6e6eUL, 0x5a5a5a5aUL, 0xa0a0a0a0UL, | ||
117 | 0x52525252UL, 0x3b3b3b3bUL, 0xd6d6d6d6UL, 0xb3b3b3b3UL, | ||
118 | 0x29292929UL, 0xe3e3e3e3UL, 0x2f2f2f2fUL, 0x84848484UL, | ||
119 | 0x53535353UL, 0xd1d1d1d1UL, 0x00000000UL, 0xededededUL, | ||
120 | 0x20202020UL, 0xfcfcfcfcUL, 0xb1b1b1b1UL, 0x5b5b5b5bUL, | ||
121 | 0x6a6a6a6aUL, 0xcbcbcbcbUL, 0xbebebebeUL, 0x39393939UL, | ||
122 | 0x4a4a4a4aUL, 0x4c4c4c4cUL, 0x58585858UL, 0xcfcfcfcfUL, | ||
123 | 0xd0d0d0d0UL, 0xefefefefUL, 0xaaaaaaaaUL, 0xfbfbfbfbUL, | ||
124 | 0x43434343UL, 0x4d4d4d4dUL, 0x33333333UL, 0x85858585UL, | ||
125 | 0x45454545UL, 0xf9f9f9f9UL, 0x02020202UL, 0x7f7f7f7fUL, | ||
126 | 0x50505050UL, 0x3c3c3c3cUL, 0x9f9f9f9fUL, 0xa8a8a8a8UL, | ||
127 | 0x51515151UL, 0xa3a3a3a3UL, 0x40404040UL, 0x8f8f8f8fUL, | ||
128 | 0x92929292UL, 0x9d9d9d9dUL, 0x38383838UL, 0xf5f5f5f5UL, | ||
129 | 0xbcbcbcbcUL, 0xb6b6b6b6UL, 0xdadadadaUL, 0x21212121UL, | ||
130 | 0x10101010UL, 0xffffffffUL, 0xf3f3f3f3UL, 0xd2d2d2d2UL, | ||
131 | 0xcdcdcdcdUL, 0x0c0c0c0cUL, 0x13131313UL, 0xececececUL, | ||
132 | 0x5f5f5f5fUL, 0x97979797UL, 0x44444444UL, 0x17171717UL, | ||
133 | 0xc4c4c4c4UL, 0xa7a7a7a7UL, 0x7e7e7e7eUL, 0x3d3d3d3dUL, | ||
134 | 0x64646464UL, 0x5d5d5d5dUL, 0x19191919UL, 0x73737373UL, | ||
135 | 0x60606060UL, 0x81818181UL, 0x4f4f4f4fUL, 0xdcdcdcdcUL, | ||
136 | 0x22222222UL, 0x2a2a2a2aUL, 0x90909090UL, 0x88888888UL, | ||
137 | 0x46464646UL, 0xeeeeeeeeUL, 0xb8b8b8b8UL, 0x14141414UL, | ||
138 | 0xdedededeUL, 0x5e5e5e5eUL, 0x0b0b0b0bUL, 0xdbdbdbdbUL, | ||
139 | 0xe0e0e0e0UL, 0x32323232UL, 0x3a3a3a3aUL, 0x0a0a0a0aUL, | ||
140 | 0x49494949UL, 0x06060606UL, 0x24242424UL, 0x5c5c5c5cUL, | ||
141 | 0xc2c2c2c2UL, 0xd3d3d3d3UL, 0xacacacacUL, 0x62626262UL, | ||
142 | 0x91919191UL, 0x95959595UL, 0xe4e4e4e4UL, 0x79797979UL, | ||
143 | 0xe7e7e7e7UL, 0xc8c8c8c8UL, 0x37373737UL, 0x6d6d6d6dUL, | ||
144 | 0x8d8d8d8dUL, 0xd5d5d5d5UL, 0x4e4e4e4eUL, 0xa9a9a9a9UL, | ||
145 | 0x6c6c6c6cUL, 0x56565656UL, 0xf4f4f4f4UL, 0xeaeaeaeaUL, | ||
146 | 0x65656565UL, 0x7a7a7a7aUL, 0xaeaeaeaeUL, 0x08080808UL, | ||
147 | 0xbabababaUL, 0x78787878UL, 0x25252525UL, 0x2e2e2e2eUL, | ||
148 | 0x1c1c1c1cUL, 0xa6a6a6a6UL, 0xb4b4b4b4UL, 0xc6c6c6c6UL, | ||
149 | 0xe8e8e8e8UL, 0xddddddddUL, 0x74747474UL, 0x1f1f1f1fUL, | ||
150 | 0x4b4b4b4bUL, 0xbdbdbdbdUL, 0x8b8b8b8bUL, 0x8a8a8a8aUL, | ||
151 | 0x70707070UL, 0x3e3e3e3eUL, 0xb5b5b5b5UL, 0x66666666UL, | ||
152 | 0x48484848UL, 0x03030303UL, 0xf6f6f6f6UL, 0x0e0e0e0eUL, | ||
153 | 0x61616161UL, 0x35353535UL, 0x57575757UL, 0xb9b9b9b9UL, | ||
154 | 0x86868686UL, 0xc1c1c1c1UL, 0x1d1d1d1dUL, 0x9e9e9e9eUL, | ||
155 | 0xe1e1e1e1UL, 0xf8f8f8f8UL, 0x98989898UL, 0x11111111UL, | ||
156 | 0x69696969UL, 0xd9d9d9d9UL, 0x8e8e8e8eUL, 0x94949494UL, | ||
157 | 0x9b9b9b9bUL, 0x1e1e1e1eUL, 0x87878787UL, 0xe9e9e9e9UL, | ||
158 | 0xcecececeUL, 0x55555555UL, 0x28282828UL, 0xdfdfdfdfUL, | ||
159 | 0x8c8c8c8cUL, 0xa1a1a1a1UL, 0x89898989UL, 0x0d0d0d0dUL, | ||
160 | 0xbfbfbfbfUL, 0xe6e6e6e6UL, 0x42424242UL, 0x68686868UL, | ||
161 | 0x41414141UL, 0x99999999UL, 0x2d2d2d2dUL, 0x0f0f0f0fUL, | ||
162 | 0xb0b0b0b0UL, 0x54545454UL, 0xbbbbbbbbUL, 0x16161616UL, | ||
163 | }; | ||
164 | #endif | ||
165 | |||
166 | #ifndef ENCRYPT_ONLY | ||
167 | |||
168 | static const ulong32 TD0[256] = { | ||
169 | 0x51f4a750UL, 0x7e416553UL, 0x1a17a4c3UL, 0x3a275e96UL, | ||
170 | 0x3bab6bcbUL, 0x1f9d45f1UL, 0xacfa58abUL, 0x4be30393UL, | ||
171 | 0x2030fa55UL, 0xad766df6UL, 0x88cc7691UL, 0xf5024c25UL, | ||
172 | 0x4fe5d7fcUL, 0xc52acbd7UL, 0x26354480UL, 0xb562a38fUL, | ||
173 | 0xdeb15a49UL, 0x25ba1b67UL, 0x45ea0e98UL, 0x5dfec0e1UL, | ||
174 | 0xc32f7502UL, 0x814cf012UL, 0x8d4697a3UL, 0x6bd3f9c6UL, | ||
175 | 0x038f5fe7UL, 0x15929c95UL, 0xbf6d7aebUL, 0x955259daUL, | ||
176 | 0xd4be832dUL, 0x587421d3UL, 0x49e06929UL, 0x8ec9c844UL, | ||
177 | 0x75c2896aUL, 0xf48e7978UL, 0x99583e6bUL, 0x27b971ddUL, | ||
178 | 0xbee14fb6UL, 0xf088ad17UL, 0xc920ac66UL, 0x7dce3ab4UL, | ||
179 | 0x63df4a18UL, 0xe51a3182UL, 0x97513360UL, 0x62537f45UL, | ||
180 | 0xb16477e0UL, 0xbb6bae84UL, 0xfe81a01cUL, 0xf9082b94UL, | ||
181 | 0x70486858UL, 0x8f45fd19UL, 0x94de6c87UL, 0x527bf8b7UL, | ||
182 | 0xab73d323UL, 0x724b02e2UL, 0xe31f8f57UL, 0x6655ab2aUL, | ||
183 | 0xb2eb2807UL, 0x2fb5c203UL, 0x86c57b9aUL, 0xd33708a5UL, | ||
184 | 0x302887f2UL, 0x23bfa5b2UL, 0x02036abaUL, 0xed16825cUL, | ||
185 | 0x8acf1c2bUL, 0xa779b492UL, 0xf307f2f0UL, 0x4e69e2a1UL, | ||
186 | 0x65daf4cdUL, 0x0605bed5UL, 0xd134621fUL, 0xc4a6fe8aUL, | ||
187 | 0x342e539dUL, 0xa2f355a0UL, 0x058ae132UL, 0xa4f6eb75UL, | ||
188 | 0x0b83ec39UL, 0x4060efaaUL, 0x5e719f06UL, 0xbd6e1051UL, | ||
189 | 0x3e218af9UL, 0x96dd063dUL, 0xdd3e05aeUL, 0x4de6bd46UL, | ||
190 | 0x91548db5UL, 0x71c45d05UL, 0x0406d46fUL, 0x605015ffUL, | ||
191 | 0x1998fb24UL, 0xd6bde997UL, 0x894043ccUL, 0x67d99e77UL, | ||
192 | 0xb0e842bdUL, 0x07898b88UL, 0xe7195b38UL, 0x79c8eedbUL, | ||
193 | 0xa17c0a47UL, 0x7c420fe9UL, 0xf8841ec9UL, 0x00000000UL, | ||
194 | 0x09808683UL, 0x322bed48UL, 0x1e1170acUL, 0x6c5a724eUL, | ||
195 | 0xfd0efffbUL, 0x0f853856UL, 0x3daed51eUL, 0x362d3927UL, | ||
196 | 0x0a0fd964UL, 0x685ca621UL, 0x9b5b54d1UL, 0x24362e3aUL, | ||
197 | 0x0c0a67b1UL, 0x9357e70fUL, 0xb4ee96d2UL, 0x1b9b919eUL, | ||
198 | 0x80c0c54fUL, 0x61dc20a2UL, 0x5a774b69UL, 0x1c121a16UL, | ||
199 | 0xe293ba0aUL, 0xc0a02ae5UL, 0x3c22e043UL, 0x121b171dUL, | ||
200 | 0x0e090d0bUL, 0xf28bc7adUL, 0x2db6a8b9UL, 0x141ea9c8UL, | ||
201 | 0x57f11985UL, 0xaf75074cUL, 0xee99ddbbUL, 0xa37f60fdUL, | ||
202 | 0xf701269fUL, 0x5c72f5bcUL, 0x44663bc5UL, 0x5bfb7e34UL, | ||
203 | 0x8b432976UL, 0xcb23c6dcUL, 0xb6edfc68UL, 0xb8e4f163UL, | ||
204 | 0xd731dccaUL, 0x42638510UL, 0x13972240UL, 0x84c61120UL, | ||
205 | 0x854a247dUL, 0xd2bb3df8UL, 0xaef93211UL, 0xc729a16dUL, | ||
206 | 0x1d9e2f4bUL, 0xdcb230f3UL, 0x0d8652ecUL, 0x77c1e3d0UL, | ||
207 | 0x2bb3166cUL, 0xa970b999UL, 0x119448faUL, 0x47e96422UL, | ||
208 | 0xa8fc8cc4UL, 0xa0f03f1aUL, 0x567d2cd8UL, 0x223390efUL, | ||
209 | 0x87494ec7UL, 0xd938d1c1UL, 0x8ccaa2feUL, 0x98d40b36UL, | ||
210 | 0xa6f581cfUL, 0xa57ade28UL, 0xdab78e26UL, 0x3fadbfa4UL, | ||
211 | 0x2c3a9de4UL, 0x5078920dUL, 0x6a5fcc9bUL, 0x547e4662UL, | ||
212 | 0xf68d13c2UL, 0x90d8b8e8UL, 0x2e39f75eUL, 0x82c3aff5UL, | ||
213 | 0x9f5d80beUL, 0x69d0937cUL, 0x6fd52da9UL, 0xcf2512b3UL, | ||
214 | 0xc8ac993bUL, 0x10187da7UL, 0xe89c636eUL, 0xdb3bbb7bUL, | ||
215 | 0xcd267809UL, 0x6e5918f4UL, 0xec9ab701UL, 0x834f9aa8UL, | ||
216 | 0xe6956e65UL, 0xaaffe67eUL, 0x21bccf08UL, 0xef15e8e6UL, | ||
217 | 0xbae79bd9UL, 0x4a6f36ceUL, 0xea9f09d4UL, 0x29b07cd6UL, | ||
218 | 0x31a4b2afUL, 0x2a3f2331UL, 0xc6a59430UL, 0x35a266c0UL, | ||
219 | 0x744ebc37UL, 0xfc82caa6UL, 0xe090d0b0UL, 0x33a7d815UL, | ||
220 | 0xf104984aUL, 0x41ecdaf7UL, 0x7fcd500eUL, 0x1791f62fUL, | ||
221 | 0x764dd68dUL, 0x43efb04dUL, 0xccaa4d54UL, 0xe49604dfUL, | ||
222 | 0x9ed1b5e3UL, 0x4c6a881bUL, 0xc12c1fb8UL, 0x4665517fUL, | ||
223 | 0x9d5eea04UL, 0x018c355dUL, 0xfa877473UL, 0xfb0b412eUL, | ||
224 | 0xb3671d5aUL, 0x92dbd252UL, 0xe9105633UL, 0x6dd64713UL, | ||
225 | 0x9ad7618cUL, 0x37a10c7aUL, 0x59f8148eUL, 0xeb133c89UL, | ||
226 | 0xcea927eeUL, 0xb761c935UL, 0xe11ce5edUL, 0x7a47b13cUL, | ||
227 | 0x9cd2df59UL, 0x55f2733fUL, 0x1814ce79UL, 0x73c737bfUL, | ||
228 | 0x53f7cdeaUL, 0x5ffdaa5bUL, 0xdf3d6f14UL, 0x7844db86UL, | ||
229 | 0xcaaff381UL, 0xb968c43eUL, 0x3824342cUL, 0xc2a3405fUL, | ||
230 | 0x161dc372UL, 0xbce2250cUL, 0x283c498bUL, 0xff0d9541UL, | ||
231 | 0x39a80171UL, 0x080cb3deUL, 0xd8b4e49cUL, 0x6456c190UL, | ||
232 | 0x7bcb8461UL, 0xd532b670UL, 0x486c5c74UL, 0xd0b85742UL, | ||
233 | }; | ||
234 | |||
235 | static const ulong32 Td4[256] = { | ||
236 | 0x52525252UL, 0x09090909UL, 0x6a6a6a6aUL, 0xd5d5d5d5UL, | ||
237 | 0x30303030UL, 0x36363636UL, 0xa5a5a5a5UL, 0x38383838UL, | ||
238 | 0xbfbfbfbfUL, 0x40404040UL, 0xa3a3a3a3UL, 0x9e9e9e9eUL, | ||
239 | 0x81818181UL, 0xf3f3f3f3UL, 0xd7d7d7d7UL, 0xfbfbfbfbUL, | ||
240 | 0x7c7c7c7cUL, 0xe3e3e3e3UL, 0x39393939UL, 0x82828282UL, | ||
241 | 0x9b9b9b9bUL, 0x2f2f2f2fUL, 0xffffffffUL, 0x87878787UL, | ||
242 | 0x34343434UL, 0x8e8e8e8eUL, 0x43434343UL, 0x44444444UL, | ||
243 | 0xc4c4c4c4UL, 0xdedededeUL, 0xe9e9e9e9UL, 0xcbcbcbcbUL, | ||
244 | 0x54545454UL, 0x7b7b7b7bUL, 0x94949494UL, 0x32323232UL, | ||
245 | 0xa6a6a6a6UL, 0xc2c2c2c2UL, 0x23232323UL, 0x3d3d3d3dUL, | ||
246 | 0xeeeeeeeeUL, 0x4c4c4c4cUL, 0x95959595UL, 0x0b0b0b0bUL, | ||
247 | 0x42424242UL, 0xfafafafaUL, 0xc3c3c3c3UL, 0x4e4e4e4eUL, | ||
248 | 0x08080808UL, 0x2e2e2e2eUL, 0xa1a1a1a1UL, 0x66666666UL, | ||
249 | 0x28282828UL, 0xd9d9d9d9UL, 0x24242424UL, 0xb2b2b2b2UL, | ||
250 | 0x76767676UL, 0x5b5b5b5bUL, 0xa2a2a2a2UL, 0x49494949UL, | ||
251 | 0x6d6d6d6dUL, 0x8b8b8b8bUL, 0xd1d1d1d1UL, 0x25252525UL, | ||
252 | 0x72727272UL, 0xf8f8f8f8UL, 0xf6f6f6f6UL, 0x64646464UL, | ||
253 | 0x86868686UL, 0x68686868UL, 0x98989898UL, 0x16161616UL, | ||
254 | 0xd4d4d4d4UL, 0xa4a4a4a4UL, 0x5c5c5c5cUL, 0xccccccccUL, | ||
255 | 0x5d5d5d5dUL, 0x65656565UL, 0xb6b6b6b6UL, 0x92929292UL, | ||
256 | 0x6c6c6c6cUL, 0x70707070UL, 0x48484848UL, 0x50505050UL, | ||
257 | 0xfdfdfdfdUL, 0xededededUL, 0xb9b9b9b9UL, 0xdadadadaUL, | ||
258 | 0x5e5e5e5eUL, 0x15151515UL, 0x46464646UL, 0x57575757UL, | ||
259 | 0xa7a7a7a7UL, 0x8d8d8d8dUL, 0x9d9d9d9dUL, 0x84848484UL, | ||
260 | 0x90909090UL, 0xd8d8d8d8UL, 0xababababUL, 0x00000000UL, | ||
261 | 0x8c8c8c8cUL, 0xbcbcbcbcUL, 0xd3d3d3d3UL, 0x0a0a0a0aUL, | ||
262 | 0xf7f7f7f7UL, 0xe4e4e4e4UL, 0x58585858UL, 0x05050505UL, | ||
263 | 0xb8b8b8b8UL, 0xb3b3b3b3UL, 0x45454545UL, 0x06060606UL, | ||
264 | 0xd0d0d0d0UL, 0x2c2c2c2cUL, 0x1e1e1e1eUL, 0x8f8f8f8fUL, | ||
265 | 0xcacacacaUL, 0x3f3f3f3fUL, 0x0f0f0f0fUL, 0x02020202UL, | ||
266 | 0xc1c1c1c1UL, 0xafafafafUL, 0xbdbdbdbdUL, 0x03030303UL, | ||
267 | 0x01010101UL, 0x13131313UL, 0x8a8a8a8aUL, 0x6b6b6b6bUL, | ||
268 | 0x3a3a3a3aUL, 0x91919191UL, 0x11111111UL, 0x41414141UL, | ||
269 | 0x4f4f4f4fUL, 0x67676767UL, 0xdcdcdcdcUL, 0xeaeaeaeaUL, | ||
270 | 0x97979797UL, 0xf2f2f2f2UL, 0xcfcfcfcfUL, 0xcecececeUL, | ||
271 | 0xf0f0f0f0UL, 0xb4b4b4b4UL, 0xe6e6e6e6UL, 0x73737373UL, | ||
272 | 0x96969696UL, 0xacacacacUL, 0x74747474UL, 0x22222222UL, | ||
273 | 0xe7e7e7e7UL, 0xadadadadUL, 0x35353535UL, 0x85858585UL, | ||
274 | 0xe2e2e2e2UL, 0xf9f9f9f9UL, 0x37373737UL, 0xe8e8e8e8UL, | ||
275 | 0x1c1c1c1cUL, 0x75757575UL, 0xdfdfdfdfUL, 0x6e6e6e6eUL, | ||
276 | 0x47474747UL, 0xf1f1f1f1UL, 0x1a1a1a1aUL, 0x71717171UL, | ||
277 | 0x1d1d1d1dUL, 0x29292929UL, 0xc5c5c5c5UL, 0x89898989UL, | ||
278 | 0x6f6f6f6fUL, 0xb7b7b7b7UL, 0x62626262UL, 0x0e0e0e0eUL, | ||
279 | 0xaaaaaaaaUL, 0x18181818UL, 0xbebebebeUL, 0x1b1b1b1bUL, | ||
280 | 0xfcfcfcfcUL, 0x56565656UL, 0x3e3e3e3eUL, 0x4b4b4b4bUL, | ||
281 | 0xc6c6c6c6UL, 0xd2d2d2d2UL, 0x79797979UL, 0x20202020UL, | ||
282 | 0x9a9a9a9aUL, 0xdbdbdbdbUL, 0xc0c0c0c0UL, 0xfefefefeUL, | ||
283 | 0x78787878UL, 0xcdcdcdcdUL, 0x5a5a5a5aUL, 0xf4f4f4f4UL, | ||
284 | 0x1f1f1f1fUL, 0xddddddddUL, 0xa8a8a8a8UL, 0x33333333UL, | ||
285 | 0x88888888UL, 0x07070707UL, 0xc7c7c7c7UL, 0x31313131UL, | ||
286 | 0xb1b1b1b1UL, 0x12121212UL, 0x10101010UL, 0x59595959UL, | ||
287 | 0x27272727UL, 0x80808080UL, 0xececececUL, 0x5f5f5f5fUL, | ||
288 | 0x60606060UL, 0x51515151UL, 0x7f7f7f7fUL, 0xa9a9a9a9UL, | ||
289 | 0x19191919UL, 0xb5b5b5b5UL, 0x4a4a4a4aUL, 0x0d0d0d0dUL, | ||
290 | 0x2d2d2d2dUL, 0xe5e5e5e5UL, 0x7a7a7a7aUL, 0x9f9f9f9fUL, | ||
291 | 0x93939393UL, 0xc9c9c9c9UL, 0x9c9c9c9cUL, 0xefefefefUL, | ||
292 | 0xa0a0a0a0UL, 0xe0e0e0e0UL, 0x3b3b3b3bUL, 0x4d4d4d4dUL, | ||
293 | 0xaeaeaeaeUL, 0x2a2a2a2aUL, 0xf5f5f5f5UL, 0xb0b0b0b0UL, | ||
294 | 0xc8c8c8c8UL, 0xebebebebUL, 0xbbbbbbbbUL, 0x3c3c3c3cUL, | ||
295 | 0x83838383UL, 0x53535353UL, 0x99999999UL, 0x61616161UL, | ||
296 | 0x17171717UL, 0x2b2b2b2bUL, 0x04040404UL, 0x7e7e7e7eUL, | ||
297 | 0xbabababaUL, 0x77777777UL, 0xd6d6d6d6UL, 0x26262626UL, | ||
298 | 0xe1e1e1e1UL, 0x69696969UL, 0x14141414UL, 0x63636363UL, | ||
299 | 0x55555555UL, 0x21212121UL, 0x0c0c0c0cUL, 0x7d7d7d7dUL, | ||
300 | }; | ||
301 | |||
302 | #endif /* ENCRYPT_ONLY */ | ||
303 | |||
304 | #ifdef LTC_SMALL_CODE | ||
305 | |||
306 | #define Te0(x) TE0[x] | ||
307 | #define Te1(x) RORc(TE0[x], 8) | ||
308 | #define Te2(x) RORc(TE0[x], 16) | ||
309 | #define Te3(x) RORc(TE0[x], 24) | ||
310 | |||
311 | #define Td0(x) TD0[x] | ||
312 | #define Td1(x) RORc(TD0[x], 8) | ||
313 | #define Td2(x) RORc(TD0[x], 16) | ||
314 | #define Td3(x) RORc(TD0[x], 24) | ||
315 | |||
316 | #define Te4_0 0x000000FF & Te4 | ||
317 | #define Te4_1 0x0000FF00 & Te4 | ||
318 | #define Te4_2 0x00FF0000 & Te4 | ||
319 | #define Te4_3 0xFF000000 & Te4 | ||
320 | |||
321 | #else | ||
322 | |||
323 | #define Te0(x) TE0[x] | ||
324 | #define Te1(x) TE1[x] | ||
325 | #define Te2(x) TE2[x] | ||
326 | #define Te3(x) TE3[x] | ||
327 | |||
328 | #define Td0(x) TD0[x] | ||
329 | #define Td1(x) TD1[x] | ||
330 | #define Td2(x) TD2[x] | ||
331 | #define Td3(x) TD3[x] | ||
332 | |||
333 | static const ulong32 TE1[256] = { | ||
334 | 0xa5c66363UL, 0x84f87c7cUL, 0x99ee7777UL, 0x8df67b7bUL, | ||
335 | 0x0dfff2f2UL, 0xbdd66b6bUL, 0xb1de6f6fUL, 0x5491c5c5UL, | ||
336 | 0x50603030UL, 0x03020101UL, 0xa9ce6767UL, 0x7d562b2bUL, | ||
337 | 0x19e7fefeUL, 0x62b5d7d7UL, 0xe64dababUL, 0x9aec7676UL, | ||
338 | 0x458fcacaUL, 0x9d1f8282UL, 0x4089c9c9UL, 0x87fa7d7dUL, | ||
339 | 0x15effafaUL, 0xebb25959UL, 0xc98e4747UL, 0x0bfbf0f0UL, | ||
340 | 0xec41adadUL, 0x67b3d4d4UL, 0xfd5fa2a2UL, 0xea45afafUL, | ||
341 | 0xbf239c9cUL, 0xf753a4a4UL, 0x96e47272UL, 0x5b9bc0c0UL, | ||
342 | 0xc275b7b7UL, 0x1ce1fdfdUL, 0xae3d9393UL, 0x6a4c2626UL, | ||
343 | 0x5a6c3636UL, 0x417e3f3fUL, 0x02f5f7f7UL, 0x4f83ccccUL, | ||
344 | 0x5c683434UL, 0xf451a5a5UL, 0x34d1e5e5UL, 0x08f9f1f1UL, | ||
345 | 0x93e27171UL, 0x73abd8d8UL, 0x53623131UL, 0x3f2a1515UL, | ||
346 | 0x0c080404UL, 0x5295c7c7UL, 0x65462323UL, 0x5e9dc3c3UL, | ||
347 | 0x28301818UL, 0xa1379696UL, 0x0f0a0505UL, 0xb52f9a9aUL, | ||
348 | 0x090e0707UL, 0x36241212UL, 0x9b1b8080UL, 0x3ddfe2e2UL, | ||
349 | 0x26cdebebUL, 0x694e2727UL, 0xcd7fb2b2UL, 0x9fea7575UL, | ||
350 | 0x1b120909UL, 0x9e1d8383UL, 0x74582c2cUL, 0x2e341a1aUL, | ||
351 | 0x2d361b1bUL, 0xb2dc6e6eUL, 0xeeb45a5aUL, 0xfb5ba0a0UL, | ||
352 | 0xf6a45252UL, 0x4d763b3bUL, 0x61b7d6d6UL, 0xce7db3b3UL, | ||
353 | 0x7b522929UL, 0x3edde3e3UL, 0x715e2f2fUL, 0x97138484UL, | ||
354 | 0xf5a65353UL, 0x68b9d1d1UL, 0x00000000UL, 0x2cc1ededUL, | ||
355 | 0x60402020UL, 0x1fe3fcfcUL, 0xc879b1b1UL, 0xedb65b5bUL, | ||
356 | 0xbed46a6aUL, 0x468dcbcbUL, 0xd967bebeUL, 0x4b723939UL, | ||
357 | 0xde944a4aUL, 0xd4984c4cUL, 0xe8b05858UL, 0x4a85cfcfUL, | ||
358 | 0x6bbbd0d0UL, 0x2ac5efefUL, 0xe54faaaaUL, 0x16edfbfbUL, | ||
359 | 0xc5864343UL, 0xd79a4d4dUL, 0x55663333UL, 0x94118585UL, | ||
360 | 0xcf8a4545UL, 0x10e9f9f9UL, 0x06040202UL, 0x81fe7f7fUL, | ||
361 | 0xf0a05050UL, 0x44783c3cUL, 0xba259f9fUL, 0xe34ba8a8UL, | ||
362 | 0xf3a25151UL, 0xfe5da3a3UL, 0xc0804040UL, 0x8a058f8fUL, | ||
363 | 0xad3f9292UL, 0xbc219d9dUL, 0x48703838UL, 0x04f1f5f5UL, | ||
364 | 0xdf63bcbcUL, 0xc177b6b6UL, 0x75afdadaUL, 0x63422121UL, | ||
365 | 0x30201010UL, 0x1ae5ffffUL, 0x0efdf3f3UL, 0x6dbfd2d2UL, | ||
366 | 0x4c81cdcdUL, 0x14180c0cUL, 0x35261313UL, 0x2fc3ececUL, | ||
367 | 0xe1be5f5fUL, 0xa2359797UL, 0xcc884444UL, 0x392e1717UL, | ||
368 | 0x5793c4c4UL, 0xf255a7a7UL, 0x82fc7e7eUL, 0x477a3d3dUL, | ||
369 | 0xacc86464UL, 0xe7ba5d5dUL, 0x2b321919UL, 0x95e67373UL, | ||
370 | 0xa0c06060UL, 0x98198181UL, 0xd19e4f4fUL, 0x7fa3dcdcUL, | ||
371 | 0x66442222UL, 0x7e542a2aUL, 0xab3b9090UL, 0x830b8888UL, | ||
372 | 0xca8c4646UL, 0x29c7eeeeUL, 0xd36bb8b8UL, 0x3c281414UL, | ||
373 | 0x79a7dedeUL, 0xe2bc5e5eUL, 0x1d160b0bUL, 0x76addbdbUL, | ||
374 | 0x3bdbe0e0UL, 0x56643232UL, 0x4e743a3aUL, 0x1e140a0aUL, | ||
375 | 0xdb924949UL, 0x0a0c0606UL, 0x6c482424UL, 0xe4b85c5cUL, | ||
376 | 0x5d9fc2c2UL, 0x6ebdd3d3UL, 0xef43acacUL, 0xa6c46262UL, | ||
377 | 0xa8399191UL, 0xa4319595UL, 0x37d3e4e4UL, 0x8bf27979UL, | ||
378 | 0x32d5e7e7UL, 0x438bc8c8UL, 0x596e3737UL, 0xb7da6d6dUL, | ||
379 | 0x8c018d8dUL, 0x64b1d5d5UL, 0xd29c4e4eUL, 0xe049a9a9UL, | ||
380 | 0xb4d86c6cUL, 0xfaac5656UL, 0x07f3f4f4UL, 0x25cfeaeaUL, | ||
381 | 0xafca6565UL, 0x8ef47a7aUL, 0xe947aeaeUL, 0x18100808UL, | ||
382 | 0xd56fbabaUL, 0x88f07878UL, 0x6f4a2525UL, 0x725c2e2eUL, | ||
383 | 0x24381c1cUL, 0xf157a6a6UL, 0xc773b4b4UL, 0x5197c6c6UL, | ||
384 | 0x23cbe8e8UL, 0x7ca1ddddUL, 0x9ce87474UL, 0x213e1f1fUL, | ||
385 | 0xdd964b4bUL, 0xdc61bdbdUL, 0x860d8b8bUL, 0x850f8a8aUL, | ||
386 | 0x90e07070UL, 0x427c3e3eUL, 0xc471b5b5UL, 0xaacc6666UL, | ||
387 | 0xd8904848UL, 0x05060303UL, 0x01f7f6f6UL, 0x121c0e0eUL, | ||
388 | 0xa3c26161UL, 0x5f6a3535UL, 0xf9ae5757UL, 0xd069b9b9UL, | ||
389 | 0x91178686UL, 0x5899c1c1UL, 0x273a1d1dUL, 0xb9279e9eUL, | ||
390 | 0x38d9e1e1UL, 0x13ebf8f8UL, 0xb32b9898UL, 0x33221111UL, | ||
391 | 0xbbd26969UL, 0x70a9d9d9UL, 0x89078e8eUL, 0xa7339494UL, | ||
392 | 0xb62d9b9bUL, 0x223c1e1eUL, 0x92158787UL, 0x20c9e9e9UL, | ||
393 | 0x4987ceceUL, 0xffaa5555UL, 0x78502828UL, 0x7aa5dfdfUL, | ||
394 | 0x8f038c8cUL, 0xf859a1a1UL, 0x80098989UL, 0x171a0d0dUL, | ||
395 | 0xda65bfbfUL, 0x31d7e6e6UL, 0xc6844242UL, 0xb8d06868UL, | ||
396 | 0xc3824141UL, 0xb0299999UL, 0x775a2d2dUL, 0x111e0f0fUL, | ||
397 | 0xcb7bb0b0UL, 0xfca85454UL, 0xd66dbbbbUL, 0x3a2c1616UL, | ||
398 | }; | ||
399 | static const ulong32 TE2[256] = { | ||
400 | 0x63a5c663UL, 0x7c84f87cUL, 0x7799ee77UL, 0x7b8df67bUL, | ||
401 | 0xf20dfff2UL, 0x6bbdd66bUL, 0x6fb1de6fUL, 0xc55491c5UL, | ||
402 | 0x30506030UL, 0x01030201UL, 0x67a9ce67UL, 0x2b7d562bUL, | ||
403 | 0xfe19e7feUL, 0xd762b5d7UL, 0xabe64dabUL, 0x769aec76UL, | ||
404 | 0xca458fcaUL, 0x829d1f82UL, 0xc94089c9UL, 0x7d87fa7dUL, | ||
405 | 0xfa15effaUL, 0x59ebb259UL, 0x47c98e47UL, 0xf00bfbf0UL, | ||
406 | 0xadec41adUL, 0xd467b3d4UL, 0xa2fd5fa2UL, 0xafea45afUL, | ||
407 | 0x9cbf239cUL, 0xa4f753a4UL, 0x7296e472UL, 0xc05b9bc0UL, | ||
408 | 0xb7c275b7UL, 0xfd1ce1fdUL, 0x93ae3d93UL, 0x266a4c26UL, | ||
409 | 0x365a6c36UL, 0x3f417e3fUL, 0xf702f5f7UL, 0xcc4f83ccUL, | ||
410 | 0x345c6834UL, 0xa5f451a5UL, 0xe534d1e5UL, 0xf108f9f1UL, | ||
411 | 0x7193e271UL, 0xd873abd8UL, 0x31536231UL, 0x153f2a15UL, | ||
412 | 0x040c0804UL, 0xc75295c7UL, 0x23654623UL, 0xc35e9dc3UL, | ||
413 | 0x18283018UL, 0x96a13796UL, 0x050f0a05UL, 0x9ab52f9aUL, | ||
414 | 0x07090e07UL, 0x12362412UL, 0x809b1b80UL, 0xe23ddfe2UL, | ||
415 | 0xeb26cdebUL, 0x27694e27UL, 0xb2cd7fb2UL, 0x759fea75UL, | ||
416 | 0x091b1209UL, 0x839e1d83UL, 0x2c74582cUL, 0x1a2e341aUL, | ||
417 | 0x1b2d361bUL, 0x6eb2dc6eUL, 0x5aeeb45aUL, 0xa0fb5ba0UL, | ||
418 | 0x52f6a452UL, 0x3b4d763bUL, 0xd661b7d6UL, 0xb3ce7db3UL, | ||
419 | 0x297b5229UL, 0xe33edde3UL, 0x2f715e2fUL, 0x84971384UL, | ||
420 | 0x53f5a653UL, 0xd168b9d1UL, 0x00000000UL, 0xed2cc1edUL, | ||
421 | 0x20604020UL, 0xfc1fe3fcUL, 0xb1c879b1UL, 0x5bedb65bUL, | ||
422 | 0x6abed46aUL, 0xcb468dcbUL, 0xbed967beUL, 0x394b7239UL, | ||
423 | 0x4ade944aUL, 0x4cd4984cUL, 0x58e8b058UL, 0xcf4a85cfUL, | ||
424 | 0xd06bbbd0UL, 0xef2ac5efUL, 0xaae54faaUL, 0xfb16edfbUL, | ||
425 | 0x43c58643UL, 0x4dd79a4dUL, 0x33556633UL, 0x85941185UL, | ||
426 | 0x45cf8a45UL, 0xf910e9f9UL, 0x02060402UL, 0x7f81fe7fUL, | ||
427 | 0x50f0a050UL, 0x3c44783cUL, 0x9fba259fUL, 0xa8e34ba8UL, | ||
428 | 0x51f3a251UL, 0xa3fe5da3UL, 0x40c08040UL, 0x8f8a058fUL, | ||
429 | 0x92ad3f92UL, 0x9dbc219dUL, 0x38487038UL, 0xf504f1f5UL, | ||
430 | 0xbcdf63bcUL, 0xb6c177b6UL, 0xda75afdaUL, 0x21634221UL, | ||
431 | 0x10302010UL, 0xff1ae5ffUL, 0xf30efdf3UL, 0xd26dbfd2UL, | ||
432 | 0xcd4c81cdUL, 0x0c14180cUL, 0x13352613UL, 0xec2fc3ecUL, | ||
433 | 0x5fe1be5fUL, 0x97a23597UL, 0x44cc8844UL, 0x17392e17UL, | ||
434 | 0xc45793c4UL, 0xa7f255a7UL, 0x7e82fc7eUL, 0x3d477a3dUL, | ||
435 | 0x64acc864UL, 0x5de7ba5dUL, 0x192b3219UL, 0x7395e673UL, | ||
436 | 0x60a0c060UL, 0x81981981UL, 0x4fd19e4fUL, 0xdc7fa3dcUL, | ||
437 | 0x22664422UL, 0x2a7e542aUL, 0x90ab3b90UL, 0x88830b88UL, | ||
438 | 0x46ca8c46UL, 0xee29c7eeUL, 0xb8d36bb8UL, 0x143c2814UL, | ||
439 | 0xde79a7deUL, 0x5ee2bc5eUL, 0x0b1d160bUL, 0xdb76addbUL, | ||
440 | 0xe03bdbe0UL, 0x32566432UL, 0x3a4e743aUL, 0x0a1e140aUL, | ||
441 | 0x49db9249UL, 0x060a0c06UL, 0x246c4824UL, 0x5ce4b85cUL, | ||
442 | 0xc25d9fc2UL, 0xd36ebdd3UL, 0xacef43acUL, 0x62a6c462UL, | ||
443 | 0x91a83991UL, 0x95a43195UL, 0xe437d3e4UL, 0x798bf279UL, | ||
444 | 0xe732d5e7UL, 0xc8438bc8UL, 0x37596e37UL, 0x6db7da6dUL, | ||
445 | 0x8d8c018dUL, 0xd564b1d5UL, 0x4ed29c4eUL, 0xa9e049a9UL, | ||
446 | 0x6cb4d86cUL, 0x56faac56UL, 0xf407f3f4UL, 0xea25cfeaUL, | ||
447 | 0x65afca65UL, 0x7a8ef47aUL, 0xaee947aeUL, 0x08181008UL, | ||
448 | 0xbad56fbaUL, 0x7888f078UL, 0x256f4a25UL, 0x2e725c2eUL, | ||
449 | 0x1c24381cUL, 0xa6f157a6UL, 0xb4c773b4UL, 0xc65197c6UL, | ||
450 | 0xe823cbe8UL, 0xdd7ca1ddUL, 0x749ce874UL, 0x1f213e1fUL, | ||
451 | 0x4bdd964bUL, 0xbddc61bdUL, 0x8b860d8bUL, 0x8a850f8aUL, | ||
452 | 0x7090e070UL, 0x3e427c3eUL, 0xb5c471b5UL, 0x66aacc66UL, | ||
453 | 0x48d89048UL, 0x03050603UL, 0xf601f7f6UL, 0x0e121c0eUL, | ||
454 | 0x61a3c261UL, 0x355f6a35UL, 0x57f9ae57UL, 0xb9d069b9UL, | ||
455 | 0x86911786UL, 0xc15899c1UL, 0x1d273a1dUL, 0x9eb9279eUL, | ||
456 | 0xe138d9e1UL, 0xf813ebf8UL, 0x98b32b98UL, 0x11332211UL, | ||
457 | 0x69bbd269UL, 0xd970a9d9UL, 0x8e89078eUL, 0x94a73394UL, | ||
458 | 0x9bb62d9bUL, 0x1e223c1eUL, 0x87921587UL, 0xe920c9e9UL, | ||
459 | 0xce4987ceUL, 0x55ffaa55UL, 0x28785028UL, 0xdf7aa5dfUL, | ||
460 | 0x8c8f038cUL, 0xa1f859a1UL, 0x89800989UL, 0x0d171a0dUL, | ||
461 | 0xbfda65bfUL, 0xe631d7e6UL, 0x42c68442UL, 0x68b8d068UL, | ||
462 | 0x41c38241UL, 0x99b02999UL, 0x2d775a2dUL, 0x0f111e0fUL, | ||
463 | 0xb0cb7bb0UL, 0x54fca854UL, 0xbbd66dbbUL, 0x163a2c16UL, | ||
464 | }; | ||
465 | static const ulong32 TE3[256] = { | ||
466 | |||
467 | 0x6363a5c6UL, 0x7c7c84f8UL, 0x777799eeUL, 0x7b7b8df6UL, | ||
468 | 0xf2f20dffUL, 0x6b6bbdd6UL, 0x6f6fb1deUL, 0xc5c55491UL, | ||
469 | 0x30305060UL, 0x01010302UL, 0x6767a9ceUL, 0x2b2b7d56UL, | ||
470 | 0xfefe19e7UL, 0xd7d762b5UL, 0xababe64dUL, 0x76769aecUL, | ||
471 | 0xcaca458fUL, 0x82829d1fUL, 0xc9c94089UL, 0x7d7d87faUL, | ||
472 | 0xfafa15efUL, 0x5959ebb2UL, 0x4747c98eUL, 0xf0f00bfbUL, | ||
473 | 0xadadec41UL, 0xd4d467b3UL, 0xa2a2fd5fUL, 0xafafea45UL, | ||
474 | 0x9c9cbf23UL, 0xa4a4f753UL, 0x727296e4UL, 0xc0c05b9bUL, | ||
475 | 0xb7b7c275UL, 0xfdfd1ce1UL, 0x9393ae3dUL, 0x26266a4cUL, | ||
476 | 0x36365a6cUL, 0x3f3f417eUL, 0xf7f702f5UL, 0xcccc4f83UL, | ||
477 | 0x34345c68UL, 0xa5a5f451UL, 0xe5e534d1UL, 0xf1f108f9UL, | ||
478 | 0x717193e2UL, 0xd8d873abUL, 0x31315362UL, 0x15153f2aUL, | ||
479 | 0x04040c08UL, 0xc7c75295UL, 0x23236546UL, 0xc3c35e9dUL, | ||
480 | 0x18182830UL, 0x9696a137UL, 0x05050f0aUL, 0x9a9ab52fUL, | ||
481 | 0x0707090eUL, 0x12123624UL, 0x80809b1bUL, 0xe2e23ddfUL, | ||
482 | 0xebeb26cdUL, 0x2727694eUL, 0xb2b2cd7fUL, 0x75759feaUL, | ||
483 | 0x09091b12UL, 0x83839e1dUL, 0x2c2c7458UL, 0x1a1a2e34UL, | ||
484 | 0x1b1b2d36UL, 0x6e6eb2dcUL, 0x5a5aeeb4UL, 0xa0a0fb5bUL, | ||
485 | 0x5252f6a4UL, 0x3b3b4d76UL, 0xd6d661b7UL, 0xb3b3ce7dUL, | ||
486 | 0x29297b52UL, 0xe3e33eddUL, 0x2f2f715eUL, 0x84849713UL, | ||
487 | 0x5353f5a6UL, 0xd1d168b9UL, 0x00000000UL, 0xeded2cc1UL, | ||
488 | 0x20206040UL, 0xfcfc1fe3UL, 0xb1b1c879UL, 0x5b5bedb6UL, | ||
489 | 0x6a6abed4UL, 0xcbcb468dUL, 0xbebed967UL, 0x39394b72UL, | ||
490 | 0x4a4ade94UL, 0x4c4cd498UL, 0x5858e8b0UL, 0xcfcf4a85UL, | ||
491 | 0xd0d06bbbUL, 0xefef2ac5UL, 0xaaaae54fUL, 0xfbfb16edUL, | ||
492 | 0x4343c586UL, 0x4d4dd79aUL, 0x33335566UL, 0x85859411UL, | ||
493 | 0x4545cf8aUL, 0xf9f910e9UL, 0x02020604UL, 0x7f7f81feUL, | ||
494 | 0x5050f0a0UL, 0x3c3c4478UL, 0x9f9fba25UL, 0xa8a8e34bUL, | ||
495 | 0x5151f3a2UL, 0xa3a3fe5dUL, 0x4040c080UL, 0x8f8f8a05UL, | ||
496 | 0x9292ad3fUL, 0x9d9dbc21UL, 0x38384870UL, 0xf5f504f1UL, | ||
497 | 0xbcbcdf63UL, 0xb6b6c177UL, 0xdada75afUL, 0x21216342UL, | ||
498 | 0x10103020UL, 0xffff1ae5UL, 0xf3f30efdUL, 0xd2d26dbfUL, | ||
499 | 0xcdcd4c81UL, 0x0c0c1418UL, 0x13133526UL, 0xecec2fc3UL, | ||
500 | 0x5f5fe1beUL, 0x9797a235UL, 0x4444cc88UL, 0x1717392eUL, | ||
501 | 0xc4c45793UL, 0xa7a7f255UL, 0x7e7e82fcUL, 0x3d3d477aUL, | ||
502 | 0x6464acc8UL, 0x5d5de7baUL, 0x19192b32UL, 0x737395e6UL, | ||
503 | 0x6060a0c0UL, 0x81819819UL, 0x4f4fd19eUL, 0xdcdc7fa3UL, | ||
504 | 0x22226644UL, 0x2a2a7e54UL, 0x9090ab3bUL, 0x8888830bUL, | ||
505 | 0x4646ca8cUL, 0xeeee29c7UL, 0xb8b8d36bUL, 0x14143c28UL, | ||
506 | 0xdede79a7UL, 0x5e5ee2bcUL, 0x0b0b1d16UL, 0xdbdb76adUL, | ||
507 | 0xe0e03bdbUL, 0x32325664UL, 0x3a3a4e74UL, 0x0a0a1e14UL, | ||
508 | 0x4949db92UL, 0x06060a0cUL, 0x24246c48UL, 0x5c5ce4b8UL, | ||
509 | 0xc2c25d9fUL, 0xd3d36ebdUL, 0xacacef43UL, 0x6262a6c4UL, | ||
510 | 0x9191a839UL, 0x9595a431UL, 0xe4e437d3UL, 0x79798bf2UL, | ||
511 | 0xe7e732d5UL, 0xc8c8438bUL, 0x3737596eUL, 0x6d6db7daUL, | ||
512 | 0x8d8d8c01UL, 0xd5d564b1UL, 0x4e4ed29cUL, 0xa9a9e049UL, | ||
513 | 0x6c6cb4d8UL, 0x5656faacUL, 0xf4f407f3UL, 0xeaea25cfUL, | ||
514 | 0x6565afcaUL, 0x7a7a8ef4UL, 0xaeaee947UL, 0x08081810UL, | ||
515 | 0xbabad56fUL, 0x787888f0UL, 0x25256f4aUL, 0x2e2e725cUL, | ||
516 | 0x1c1c2438UL, 0xa6a6f157UL, 0xb4b4c773UL, 0xc6c65197UL, | ||
517 | 0xe8e823cbUL, 0xdddd7ca1UL, 0x74749ce8UL, 0x1f1f213eUL, | ||
518 | 0x4b4bdd96UL, 0xbdbddc61UL, 0x8b8b860dUL, 0x8a8a850fUL, | ||
519 | 0x707090e0UL, 0x3e3e427cUL, 0xb5b5c471UL, 0x6666aaccUL, | ||
520 | 0x4848d890UL, 0x03030506UL, 0xf6f601f7UL, 0x0e0e121cUL, | ||
521 | 0x6161a3c2UL, 0x35355f6aUL, 0x5757f9aeUL, 0xb9b9d069UL, | ||
522 | 0x86869117UL, 0xc1c15899UL, 0x1d1d273aUL, 0x9e9eb927UL, | ||
523 | 0xe1e138d9UL, 0xf8f813ebUL, 0x9898b32bUL, 0x11113322UL, | ||
524 | 0x6969bbd2UL, 0xd9d970a9UL, 0x8e8e8907UL, 0x9494a733UL, | ||
525 | 0x9b9bb62dUL, 0x1e1e223cUL, 0x87879215UL, 0xe9e920c9UL, | ||
526 | 0xcece4987UL, 0x5555ffaaUL, 0x28287850UL, 0xdfdf7aa5UL, | ||
527 | 0x8c8c8f03UL, 0xa1a1f859UL, 0x89898009UL, 0x0d0d171aUL, | ||
528 | 0xbfbfda65UL, 0xe6e631d7UL, 0x4242c684UL, 0x6868b8d0UL, | ||
529 | 0x4141c382UL, 0x9999b029UL, 0x2d2d775aUL, 0x0f0f111eUL, | ||
530 | 0xb0b0cb7bUL, 0x5454fca8UL, 0xbbbbd66dUL, 0x16163a2cUL, | ||
531 | }; | ||
532 | |||
533 | #ifndef PELI_TAB | ||
534 | static const ulong32 Te4_0[] = { | ||
535 | 0x00000063UL, 0x0000007cUL, 0x00000077UL, 0x0000007bUL, 0x000000f2UL, 0x0000006bUL, 0x0000006fUL, 0x000000c5UL, | ||
536 | 0x00000030UL, 0x00000001UL, 0x00000067UL, 0x0000002bUL, 0x000000feUL, 0x000000d7UL, 0x000000abUL, 0x00000076UL, | ||
537 | 0x000000caUL, 0x00000082UL, 0x000000c9UL, 0x0000007dUL, 0x000000faUL, 0x00000059UL, 0x00000047UL, 0x000000f0UL, | ||
538 | 0x000000adUL, 0x000000d4UL, 0x000000a2UL, 0x000000afUL, 0x0000009cUL, 0x000000a4UL, 0x00000072UL, 0x000000c0UL, | ||
539 | 0x000000b7UL, 0x000000fdUL, 0x00000093UL, 0x00000026UL, 0x00000036UL, 0x0000003fUL, 0x000000f7UL, 0x000000ccUL, | ||
540 | 0x00000034UL, 0x000000a5UL, 0x000000e5UL, 0x000000f1UL, 0x00000071UL, 0x000000d8UL, 0x00000031UL, 0x00000015UL, | ||
541 | 0x00000004UL, 0x000000c7UL, 0x00000023UL, 0x000000c3UL, 0x00000018UL, 0x00000096UL, 0x00000005UL, 0x0000009aUL, | ||
542 | 0x00000007UL, 0x00000012UL, 0x00000080UL, 0x000000e2UL, 0x000000ebUL, 0x00000027UL, 0x000000b2UL, 0x00000075UL, | ||
543 | 0x00000009UL, 0x00000083UL, 0x0000002cUL, 0x0000001aUL, 0x0000001bUL, 0x0000006eUL, 0x0000005aUL, 0x000000a0UL, | ||
544 | 0x00000052UL, 0x0000003bUL, 0x000000d6UL, 0x000000b3UL, 0x00000029UL, 0x000000e3UL, 0x0000002fUL, 0x00000084UL, | ||
545 | 0x00000053UL, 0x000000d1UL, 0x00000000UL, 0x000000edUL, 0x00000020UL, 0x000000fcUL, 0x000000b1UL, 0x0000005bUL, | ||
546 | 0x0000006aUL, 0x000000cbUL, 0x000000beUL, 0x00000039UL, 0x0000004aUL, 0x0000004cUL, 0x00000058UL, 0x000000cfUL, | ||
547 | 0x000000d0UL, 0x000000efUL, 0x000000aaUL, 0x000000fbUL, 0x00000043UL, 0x0000004dUL, 0x00000033UL, 0x00000085UL, | ||
548 | 0x00000045UL, 0x000000f9UL, 0x00000002UL, 0x0000007fUL, 0x00000050UL, 0x0000003cUL, 0x0000009fUL, 0x000000a8UL, | ||
549 | 0x00000051UL, 0x000000a3UL, 0x00000040UL, 0x0000008fUL, 0x00000092UL, 0x0000009dUL, 0x00000038UL, 0x000000f5UL, | ||
550 | 0x000000bcUL, 0x000000b6UL, 0x000000daUL, 0x00000021UL, 0x00000010UL, 0x000000ffUL, 0x000000f3UL, 0x000000d2UL, | ||
551 | 0x000000cdUL, 0x0000000cUL, 0x00000013UL, 0x000000ecUL, 0x0000005fUL, 0x00000097UL, 0x00000044UL, 0x00000017UL, | ||
552 | 0x000000c4UL, 0x000000a7UL, 0x0000007eUL, 0x0000003dUL, 0x00000064UL, 0x0000005dUL, 0x00000019UL, 0x00000073UL, | ||
553 | 0x00000060UL, 0x00000081UL, 0x0000004fUL, 0x000000dcUL, 0x00000022UL, 0x0000002aUL, 0x00000090UL, 0x00000088UL, | ||
554 | 0x00000046UL, 0x000000eeUL, 0x000000b8UL, 0x00000014UL, 0x000000deUL, 0x0000005eUL, 0x0000000bUL, 0x000000dbUL, | ||
555 | 0x000000e0UL, 0x00000032UL, 0x0000003aUL, 0x0000000aUL, 0x00000049UL, 0x00000006UL, 0x00000024UL, 0x0000005cUL, | ||
556 | 0x000000c2UL, 0x000000d3UL, 0x000000acUL, 0x00000062UL, 0x00000091UL, 0x00000095UL, 0x000000e4UL, 0x00000079UL, | ||
557 | 0x000000e7UL, 0x000000c8UL, 0x00000037UL, 0x0000006dUL, 0x0000008dUL, 0x000000d5UL, 0x0000004eUL, 0x000000a9UL, | ||
558 | 0x0000006cUL, 0x00000056UL, 0x000000f4UL, 0x000000eaUL, 0x00000065UL, 0x0000007aUL, 0x000000aeUL, 0x00000008UL, | ||
559 | 0x000000baUL, 0x00000078UL, 0x00000025UL, 0x0000002eUL, 0x0000001cUL, 0x000000a6UL, 0x000000b4UL, 0x000000c6UL, | ||
560 | 0x000000e8UL, 0x000000ddUL, 0x00000074UL, 0x0000001fUL, 0x0000004bUL, 0x000000bdUL, 0x0000008bUL, 0x0000008aUL, | ||
561 | 0x00000070UL, 0x0000003eUL, 0x000000b5UL, 0x00000066UL, 0x00000048UL, 0x00000003UL, 0x000000f6UL, 0x0000000eUL, | ||
562 | 0x00000061UL, 0x00000035UL, 0x00000057UL, 0x000000b9UL, 0x00000086UL, 0x000000c1UL, 0x0000001dUL, 0x0000009eUL, | ||
563 | 0x000000e1UL, 0x000000f8UL, 0x00000098UL, 0x00000011UL, 0x00000069UL, 0x000000d9UL, 0x0000008eUL, 0x00000094UL, | ||
564 | 0x0000009bUL, 0x0000001eUL, 0x00000087UL, 0x000000e9UL, 0x000000ceUL, 0x00000055UL, 0x00000028UL, 0x000000dfUL, | ||
565 | 0x0000008cUL, 0x000000a1UL, 0x00000089UL, 0x0000000dUL, 0x000000bfUL, 0x000000e6UL, 0x00000042UL, 0x00000068UL, | ||
566 | 0x00000041UL, 0x00000099UL, 0x0000002dUL, 0x0000000fUL, 0x000000b0UL, 0x00000054UL, 0x000000bbUL, 0x00000016UL | ||
567 | }; | ||
568 | |||
569 | static const ulong32 Te4_1[] = { | ||
570 | 0x00006300UL, 0x00007c00UL, 0x00007700UL, 0x00007b00UL, 0x0000f200UL, 0x00006b00UL, 0x00006f00UL, 0x0000c500UL, | ||
571 | 0x00003000UL, 0x00000100UL, 0x00006700UL, 0x00002b00UL, 0x0000fe00UL, 0x0000d700UL, 0x0000ab00UL, 0x00007600UL, | ||
572 | 0x0000ca00UL, 0x00008200UL, 0x0000c900UL, 0x00007d00UL, 0x0000fa00UL, 0x00005900UL, 0x00004700UL, 0x0000f000UL, | ||
573 | 0x0000ad00UL, 0x0000d400UL, 0x0000a200UL, 0x0000af00UL, 0x00009c00UL, 0x0000a400UL, 0x00007200UL, 0x0000c000UL, | ||
574 | 0x0000b700UL, 0x0000fd00UL, 0x00009300UL, 0x00002600UL, 0x00003600UL, 0x00003f00UL, 0x0000f700UL, 0x0000cc00UL, | ||
575 | 0x00003400UL, 0x0000a500UL, 0x0000e500UL, 0x0000f100UL, 0x00007100UL, 0x0000d800UL, 0x00003100UL, 0x00001500UL, | ||
576 | 0x00000400UL, 0x0000c700UL, 0x00002300UL, 0x0000c300UL, 0x00001800UL, 0x00009600UL, 0x00000500UL, 0x00009a00UL, | ||
577 | 0x00000700UL, 0x00001200UL, 0x00008000UL, 0x0000e200UL, 0x0000eb00UL, 0x00002700UL, 0x0000b200UL, 0x00007500UL, | ||
578 | 0x00000900UL, 0x00008300UL, 0x00002c00UL, 0x00001a00UL, 0x00001b00UL, 0x00006e00UL, 0x00005a00UL, 0x0000a000UL, | ||
579 | 0x00005200UL, 0x00003b00UL, 0x0000d600UL, 0x0000b300UL, 0x00002900UL, 0x0000e300UL, 0x00002f00UL, 0x00008400UL, | ||
580 | 0x00005300UL, 0x0000d100UL, 0x00000000UL, 0x0000ed00UL, 0x00002000UL, 0x0000fc00UL, 0x0000b100UL, 0x00005b00UL, | ||
581 | 0x00006a00UL, 0x0000cb00UL, 0x0000be00UL, 0x00003900UL, 0x00004a00UL, 0x00004c00UL, 0x00005800UL, 0x0000cf00UL, | ||
582 | 0x0000d000UL, 0x0000ef00UL, 0x0000aa00UL, 0x0000fb00UL, 0x00004300UL, 0x00004d00UL, 0x00003300UL, 0x00008500UL, | ||
583 | 0x00004500UL, 0x0000f900UL, 0x00000200UL, 0x00007f00UL, 0x00005000UL, 0x00003c00UL, 0x00009f00UL, 0x0000a800UL, | ||
584 | 0x00005100UL, 0x0000a300UL, 0x00004000UL, 0x00008f00UL, 0x00009200UL, 0x00009d00UL, 0x00003800UL, 0x0000f500UL, | ||
585 | 0x0000bc00UL, 0x0000b600UL, 0x0000da00UL, 0x00002100UL, 0x00001000UL, 0x0000ff00UL, 0x0000f300UL, 0x0000d200UL, | ||
586 | 0x0000cd00UL, 0x00000c00UL, 0x00001300UL, 0x0000ec00UL, 0x00005f00UL, 0x00009700UL, 0x00004400UL, 0x00001700UL, | ||
587 | 0x0000c400UL, 0x0000a700UL, 0x00007e00UL, 0x00003d00UL, 0x00006400UL, 0x00005d00UL, 0x00001900UL, 0x00007300UL, | ||
588 | 0x00006000UL, 0x00008100UL, 0x00004f00UL, 0x0000dc00UL, 0x00002200UL, 0x00002a00UL, 0x00009000UL, 0x00008800UL, | ||
589 | 0x00004600UL, 0x0000ee00UL, 0x0000b800UL, 0x00001400UL, 0x0000de00UL, 0x00005e00UL, 0x00000b00UL, 0x0000db00UL, | ||
590 | 0x0000e000UL, 0x00003200UL, 0x00003a00UL, 0x00000a00UL, 0x00004900UL, 0x00000600UL, 0x00002400UL, 0x00005c00UL, | ||
591 | 0x0000c200UL, 0x0000d300UL, 0x0000ac00UL, 0x00006200UL, 0x00009100UL, 0x00009500UL, 0x0000e400UL, 0x00007900UL, | ||
592 | 0x0000e700UL, 0x0000c800UL, 0x00003700UL, 0x00006d00UL, 0x00008d00UL, 0x0000d500UL, 0x00004e00UL, 0x0000a900UL, | ||
593 | 0x00006c00UL, 0x00005600UL, 0x0000f400UL, 0x0000ea00UL, 0x00006500UL, 0x00007a00UL, 0x0000ae00UL, 0x00000800UL, | ||
594 | 0x0000ba00UL, 0x00007800UL, 0x00002500UL, 0x00002e00UL, 0x00001c00UL, 0x0000a600UL, 0x0000b400UL, 0x0000c600UL, | ||
595 | 0x0000e800UL, 0x0000dd00UL, 0x00007400UL, 0x00001f00UL, 0x00004b00UL, 0x0000bd00UL, 0x00008b00UL, 0x00008a00UL, | ||
596 | 0x00007000UL, 0x00003e00UL, 0x0000b500UL, 0x00006600UL, 0x00004800UL, 0x00000300UL, 0x0000f600UL, 0x00000e00UL, | ||
597 | 0x00006100UL, 0x00003500UL, 0x00005700UL, 0x0000b900UL, 0x00008600UL, 0x0000c100UL, 0x00001d00UL, 0x00009e00UL, | ||
598 | 0x0000e100UL, 0x0000f800UL, 0x00009800UL, 0x00001100UL, 0x00006900UL, 0x0000d900UL, 0x00008e00UL, 0x00009400UL, | ||
599 | 0x00009b00UL, 0x00001e00UL, 0x00008700UL, 0x0000e900UL, 0x0000ce00UL, 0x00005500UL, 0x00002800UL, 0x0000df00UL, | ||
600 | 0x00008c00UL, 0x0000a100UL, 0x00008900UL, 0x00000d00UL, 0x0000bf00UL, 0x0000e600UL, 0x00004200UL, 0x00006800UL, | ||
601 | 0x00004100UL, 0x00009900UL, 0x00002d00UL, 0x00000f00UL, 0x0000b000UL, 0x00005400UL, 0x0000bb00UL, 0x00001600UL | ||
602 | }; | ||
603 | |||
604 | static const ulong32 Te4_2[] = { | ||
605 | 0x00630000UL, 0x007c0000UL, 0x00770000UL, 0x007b0000UL, 0x00f20000UL, 0x006b0000UL, 0x006f0000UL, 0x00c50000UL, | ||
606 | 0x00300000UL, 0x00010000UL, 0x00670000UL, 0x002b0000UL, 0x00fe0000UL, 0x00d70000UL, 0x00ab0000UL, 0x00760000UL, | ||
607 | 0x00ca0000UL, 0x00820000UL, 0x00c90000UL, 0x007d0000UL, 0x00fa0000UL, 0x00590000UL, 0x00470000UL, 0x00f00000UL, | ||
608 | 0x00ad0000UL, 0x00d40000UL, 0x00a20000UL, 0x00af0000UL, 0x009c0000UL, 0x00a40000UL, 0x00720000UL, 0x00c00000UL, | ||
609 | 0x00b70000UL, 0x00fd0000UL, 0x00930000UL, 0x00260000UL, 0x00360000UL, 0x003f0000UL, 0x00f70000UL, 0x00cc0000UL, | ||
610 | 0x00340000UL, 0x00a50000UL, 0x00e50000UL, 0x00f10000UL, 0x00710000UL, 0x00d80000UL, 0x00310000UL, 0x00150000UL, | ||
611 | 0x00040000UL, 0x00c70000UL, 0x00230000UL, 0x00c30000UL, 0x00180000UL, 0x00960000UL, 0x00050000UL, 0x009a0000UL, | ||
612 | 0x00070000UL, 0x00120000UL, 0x00800000UL, 0x00e20000UL, 0x00eb0000UL, 0x00270000UL, 0x00b20000UL, 0x00750000UL, | ||
613 | 0x00090000UL, 0x00830000UL, 0x002c0000UL, 0x001a0000UL, 0x001b0000UL, 0x006e0000UL, 0x005a0000UL, 0x00a00000UL, | ||
614 | 0x00520000UL, 0x003b0000UL, 0x00d60000UL, 0x00b30000UL, 0x00290000UL, 0x00e30000UL, 0x002f0000UL, 0x00840000UL, | ||
615 | 0x00530000UL, 0x00d10000UL, 0x00000000UL, 0x00ed0000UL, 0x00200000UL, 0x00fc0000UL, 0x00b10000UL, 0x005b0000UL, | ||
616 | 0x006a0000UL, 0x00cb0000UL, 0x00be0000UL, 0x00390000UL, 0x004a0000UL, 0x004c0000UL, 0x00580000UL, 0x00cf0000UL, | ||
617 | 0x00d00000UL, 0x00ef0000UL, 0x00aa0000UL, 0x00fb0000UL, 0x00430000UL, 0x004d0000UL, 0x00330000UL, 0x00850000UL, | ||
618 | 0x00450000UL, 0x00f90000UL, 0x00020000UL, 0x007f0000UL, 0x00500000UL, 0x003c0000UL, 0x009f0000UL, 0x00a80000UL, | ||
619 | 0x00510000UL, 0x00a30000UL, 0x00400000UL, 0x008f0000UL, 0x00920000UL, 0x009d0000UL, 0x00380000UL, 0x00f50000UL, | ||
620 | 0x00bc0000UL, 0x00b60000UL, 0x00da0000UL, 0x00210000UL, 0x00100000UL, 0x00ff0000UL, 0x00f30000UL, 0x00d20000UL, | ||
621 | 0x00cd0000UL, 0x000c0000UL, 0x00130000UL, 0x00ec0000UL, 0x005f0000UL, 0x00970000UL, 0x00440000UL, 0x00170000UL, | ||
622 | 0x00c40000UL, 0x00a70000UL, 0x007e0000UL, 0x003d0000UL, 0x00640000UL, 0x005d0000UL, 0x00190000UL, 0x00730000UL, | ||
623 | 0x00600000UL, 0x00810000UL, 0x004f0000UL, 0x00dc0000UL, 0x00220000UL, 0x002a0000UL, 0x00900000UL, 0x00880000UL, | ||
624 | 0x00460000UL, 0x00ee0000UL, 0x00b80000UL, 0x00140000UL, 0x00de0000UL, 0x005e0000UL, 0x000b0000UL, 0x00db0000UL, | ||
625 | 0x00e00000UL, 0x00320000UL, 0x003a0000UL, 0x000a0000UL, 0x00490000UL, 0x00060000UL, 0x00240000UL, 0x005c0000UL, | ||
626 | 0x00c20000UL, 0x00d30000UL, 0x00ac0000UL, 0x00620000UL, 0x00910000UL, 0x00950000UL, 0x00e40000UL, 0x00790000UL, | ||
627 | 0x00e70000UL, 0x00c80000UL, 0x00370000UL, 0x006d0000UL, 0x008d0000UL, 0x00d50000UL, 0x004e0000UL, 0x00a90000UL, | ||
628 | 0x006c0000UL, 0x00560000UL, 0x00f40000UL, 0x00ea0000UL, 0x00650000UL, 0x007a0000UL, 0x00ae0000UL, 0x00080000UL, | ||
629 | 0x00ba0000UL, 0x00780000UL, 0x00250000UL, 0x002e0000UL, 0x001c0000UL, 0x00a60000UL, 0x00b40000UL, 0x00c60000UL, | ||
630 | 0x00e80000UL, 0x00dd0000UL, 0x00740000UL, 0x001f0000UL, 0x004b0000UL, 0x00bd0000UL, 0x008b0000UL, 0x008a0000UL, | ||
631 | 0x00700000UL, 0x003e0000UL, 0x00b50000UL, 0x00660000UL, 0x00480000UL, 0x00030000UL, 0x00f60000UL, 0x000e0000UL, | ||
632 | 0x00610000UL, 0x00350000UL, 0x00570000UL, 0x00b90000UL, 0x00860000UL, 0x00c10000UL, 0x001d0000UL, 0x009e0000UL, | ||
633 | 0x00e10000UL, 0x00f80000UL, 0x00980000UL, 0x00110000UL, 0x00690000UL, 0x00d90000UL, 0x008e0000UL, 0x00940000UL, | ||
634 | 0x009b0000UL, 0x001e0000UL, 0x00870000UL, 0x00e90000UL, 0x00ce0000UL, 0x00550000UL, 0x00280000UL, 0x00df0000UL, | ||
635 | 0x008c0000UL, 0x00a10000UL, 0x00890000UL, 0x000d0000UL, 0x00bf0000UL, 0x00e60000UL, 0x00420000UL, 0x00680000UL, | ||
636 | 0x00410000UL, 0x00990000UL, 0x002d0000UL, 0x000f0000UL, 0x00b00000UL, 0x00540000UL, 0x00bb0000UL, 0x00160000UL | ||
637 | }; | ||
638 | |||
639 | static const ulong32 Te4_3[] = { | ||
640 | 0x63000000UL, 0x7c000000UL, 0x77000000UL, 0x7b000000UL, 0xf2000000UL, 0x6b000000UL, 0x6f000000UL, 0xc5000000UL, | ||
641 | 0x30000000UL, 0x01000000UL, 0x67000000UL, 0x2b000000UL, 0xfe000000UL, 0xd7000000UL, 0xab000000UL, 0x76000000UL, | ||
642 | 0xca000000UL, 0x82000000UL, 0xc9000000UL, 0x7d000000UL, 0xfa000000UL, 0x59000000UL, 0x47000000UL, 0xf0000000UL, | ||
643 | 0xad000000UL, 0xd4000000UL, 0xa2000000UL, 0xaf000000UL, 0x9c000000UL, 0xa4000000UL, 0x72000000UL, 0xc0000000UL, | ||
644 | 0xb7000000UL, 0xfd000000UL, 0x93000000UL, 0x26000000UL, 0x36000000UL, 0x3f000000UL, 0xf7000000UL, 0xcc000000UL, | ||
645 | 0x34000000UL, 0xa5000000UL, 0xe5000000UL, 0xf1000000UL, 0x71000000UL, 0xd8000000UL, 0x31000000UL, 0x15000000UL, | ||
646 | 0x04000000UL, 0xc7000000UL, 0x23000000UL, 0xc3000000UL, 0x18000000UL, 0x96000000UL, 0x05000000UL, 0x9a000000UL, | ||
647 | 0x07000000UL, 0x12000000UL, 0x80000000UL, 0xe2000000UL, 0xeb000000UL, 0x27000000UL, 0xb2000000UL, 0x75000000UL, | ||
648 | 0x09000000UL, 0x83000000UL, 0x2c000000UL, 0x1a000000UL, 0x1b000000UL, 0x6e000000UL, 0x5a000000UL, 0xa0000000UL, | ||
649 | 0x52000000UL, 0x3b000000UL, 0xd6000000UL, 0xb3000000UL, 0x29000000UL, 0xe3000000UL, 0x2f000000UL, 0x84000000UL, | ||
650 | 0x53000000UL, 0xd1000000UL, 0x00000000UL, 0xed000000UL, 0x20000000UL, 0xfc000000UL, 0xb1000000UL, 0x5b000000UL, | ||
651 | 0x6a000000UL, 0xcb000000UL, 0xbe000000UL, 0x39000000UL, 0x4a000000UL, 0x4c000000UL, 0x58000000UL, 0xcf000000UL, | ||
652 | 0xd0000000UL, 0xef000000UL, 0xaa000000UL, 0xfb000000UL, 0x43000000UL, 0x4d000000UL, 0x33000000UL, 0x85000000UL, | ||
653 | 0x45000000UL, 0xf9000000UL, 0x02000000UL, 0x7f000000UL, 0x50000000UL, 0x3c000000UL, 0x9f000000UL, 0xa8000000UL, | ||
654 | 0x51000000UL, 0xa3000000UL, 0x40000000UL, 0x8f000000UL, 0x92000000UL, 0x9d000000UL, 0x38000000UL, 0xf5000000UL, | ||
655 | 0xbc000000UL, 0xb6000000UL, 0xda000000UL, 0x21000000UL, 0x10000000UL, 0xff000000UL, 0xf3000000UL, 0xd2000000UL, | ||
656 | 0xcd000000UL, 0x0c000000UL, 0x13000000UL, 0xec000000UL, 0x5f000000UL, 0x97000000UL, 0x44000000UL, 0x17000000UL, | ||
657 | 0xc4000000UL, 0xa7000000UL, 0x7e000000UL, 0x3d000000UL, 0x64000000UL, 0x5d000000UL, 0x19000000UL, 0x73000000UL, | ||
658 | 0x60000000UL, 0x81000000UL, 0x4f000000UL, 0xdc000000UL, 0x22000000UL, 0x2a000000UL, 0x90000000UL, 0x88000000UL, | ||
659 | 0x46000000UL, 0xee000000UL, 0xb8000000UL, 0x14000000UL, 0xde000000UL, 0x5e000000UL, 0x0b000000UL, 0xdb000000UL, | ||
660 | 0xe0000000UL, 0x32000000UL, 0x3a000000UL, 0x0a000000UL, 0x49000000UL, 0x06000000UL, 0x24000000UL, 0x5c000000UL, | ||
661 | 0xc2000000UL, 0xd3000000UL, 0xac000000UL, 0x62000000UL, 0x91000000UL, 0x95000000UL, 0xe4000000UL, 0x79000000UL, | ||
662 | 0xe7000000UL, 0xc8000000UL, 0x37000000UL, 0x6d000000UL, 0x8d000000UL, 0xd5000000UL, 0x4e000000UL, 0xa9000000UL, | ||
663 | 0x6c000000UL, 0x56000000UL, 0xf4000000UL, 0xea000000UL, 0x65000000UL, 0x7a000000UL, 0xae000000UL, 0x08000000UL, | ||
664 | 0xba000000UL, 0x78000000UL, 0x25000000UL, 0x2e000000UL, 0x1c000000UL, 0xa6000000UL, 0xb4000000UL, 0xc6000000UL, | ||
665 | 0xe8000000UL, 0xdd000000UL, 0x74000000UL, 0x1f000000UL, 0x4b000000UL, 0xbd000000UL, 0x8b000000UL, 0x8a000000UL, | ||
666 | 0x70000000UL, 0x3e000000UL, 0xb5000000UL, 0x66000000UL, 0x48000000UL, 0x03000000UL, 0xf6000000UL, 0x0e000000UL, | ||
667 | 0x61000000UL, 0x35000000UL, 0x57000000UL, 0xb9000000UL, 0x86000000UL, 0xc1000000UL, 0x1d000000UL, 0x9e000000UL, | ||
668 | 0xe1000000UL, 0xf8000000UL, 0x98000000UL, 0x11000000UL, 0x69000000UL, 0xd9000000UL, 0x8e000000UL, 0x94000000UL, | ||
669 | 0x9b000000UL, 0x1e000000UL, 0x87000000UL, 0xe9000000UL, 0xce000000UL, 0x55000000UL, 0x28000000UL, 0xdf000000UL, | ||
670 | 0x8c000000UL, 0xa1000000UL, 0x89000000UL, 0x0d000000UL, 0xbf000000UL, 0xe6000000UL, 0x42000000UL, 0x68000000UL, | ||
671 | 0x41000000UL, 0x99000000UL, 0x2d000000UL, 0x0f000000UL, 0xb0000000UL, 0x54000000UL, 0xbb000000UL, 0x16000000UL | ||
672 | }; | ||
673 | #endif /* pelimac */ | ||
674 | |||
675 | #ifndef ENCRYPT_ONLY | ||
676 | |||
677 | static const ulong32 TD1[256] = { | ||
678 | 0x5051f4a7UL, 0x537e4165UL, 0xc31a17a4UL, 0x963a275eUL, | ||
679 | 0xcb3bab6bUL, 0xf11f9d45UL, 0xabacfa58UL, 0x934be303UL, | ||
680 | 0x552030faUL, 0xf6ad766dUL, 0x9188cc76UL, 0x25f5024cUL, | ||
681 | 0xfc4fe5d7UL, 0xd7c52acbUL, 0x80263544UL, 0x8fb562a3UL, | ||
682 | 0x49deb15aUL, 0x6725ba1bUL, 0x9845ea0eUL, 0xe15dfec0UL, | ||
683 | 0x02c32f75UL, 0x12814cf0UL, 0xa38d4697UL, 0xc66bd3f9UL, | ||
684 | 0xe7038f5fUL, 0x9515929cUL, 0xebbf6d7aUL, 0xda955259UL, | ||
685 | 0x2dd4be83UL, 0xd3587421UL, 0x2949e069UL, 0x448ec9c8UL, | ||
686 | 0x6a75c289UL, 0x78f48e79UL, 0x6b99583eUL, 0xdd27b971UL, | ||
687 | 0xb6bee14fUL, 0x17f088adUL, 0x66c920acUL, 0xb47dce3aUL, | ||
688 | 0x1863df4aUL, 0x82e51a31UL, 0x60975133UL, 0x4562537fUL, | ||
689 | 0xe0b16477UL, 0x84bb6baeUL, 0x1cfe81a0UL, 0x94f9082bUL, | ||
690 | 0x58704868UL, 0x198f45fdUL, 0x8794de6cUL, 0xb7527bf8UL, | ||
691 | 0x23ab73d3UL, 0xe2724b02UL, 0x57e31f8fUL, 0x2a6655abUL, | ||
692 | 0x07b2eb28UL, 0x032fb5c2UL, 0x9a86c57bUL, 0xa5d33708UL, | ||
693 | 0xf2302887UL, 0xb223bfa5UL, 0xba02036aUL, 0x5ced1682UL, | ||
694 | 0x2b8acf1cUL, 0x92a779b4UL, 0xf0f307f2UL, 0xa14e69e2UL, | ||
695 | 0xcd65daf4UL, 0xd50605beUL, 0x1fd13462UL, 0x8ac4a6feUL, | ||
696 | 0x9d342e53UL, 0xa0a2f355UL, 0x32058ae1UL, 0x75a4f6ebUL, | ||
697 | 0x390b83ecUL, 0xaa4060efUL, 0x065e719fUL, 0x51bd6e10UL, | ||
698 | 0xf93e218aUL, 0x3d96dd06UL, 0xaedd3e05UL, 0x464de6bdUL, | ||
699 | 0xb591548dUL, 0x0571c45dUL, 0x6f0406d4UL, 0xff605015UL, | ||
700 | 0x241998fbUL, 0x97d6bde9UL, 0xcc894043UL, 0x7767d99eUL, | ||
701 | 0xbdb0e842UL, 0x8807898bUL, 0x38e7195bUL, 0xdb79c8eeUL, | ||
702 | 0x47a17c0aUL, 0xe97c420fUL, 0xc9f8841eUL, 0x00000000UL, | ||
703 | 0x83098086UL, 0x48322bedUL, 0xac1e1170UL, 0x4e6c5a72UL, | ||
704 | 0xfbfd0effUL, 0x560f8538UL, 0x1e3daed5UL, 0x27362d39UL, | ||
705 | 0x640a0fd9UL, 0x21685ca6UL, 0xd19b5b54UL, 0x3a24362eUL, | ||
706 | 0xb10c0a67UL, 0x0f9357e7UL, 0xd2b4ee96UL, 0x9e1b9b91UL, | ||
707 | 0x4f80c0c5UL, 0xa261dc20UL, 0x695a774bUL, 0x161c121aUL, | ||
708 | 0x0ae293baUL, 0xe5c0a02aUL, 0x433c22e0UL, 0x1d121b17UL, | ||
709 | 0x0b0e090dUL, 0xadf28bc7UL, 0xb92db6a8UL, 0xc8141ea9UL, | ||
710 | 0x8557f119UL, 0x4caf7507UL, 0xbbee99ddUL, 0xfda37f60UL, | ||
711 | 0x9ff70126UL, 0xbc5c72f5UL, 0xc544663bUL, 0x345bfb7eUL, | ||
712 | 0x768b4329UL, 0xdccb23c6UL, 0x68b6edfcUL, 0x63b8e4f1UL, | ||
713 | 0xcad731dcUL, 0x10426385UL, 0x40139722UL, 0x2084c611UL, | ||
714 | 0x7d854a24UL, 0xf8d2bb3dUL, 0x11aef932UL, 0x6dc729a1UL, | ||
715 | 0x4b1d9e2fUL, 0xf3dcb230UL, 0xec0d8652UL, 0xd077c1e3UL, | ||
716 | 0x6c2bb316UL, 0x99a970b9UL, 0xfa119448UL, 0x2247e964UL, | ||
717 | 0xc4a8fc8cUL, 0x1aa0f03fUL, 0xd8567d2cUL, 0xef223390UL, | ||
718 | 0xc787494eUL, 0xc1d938d1UL, 0xfe8ccaa2UL, 0x3698d40bUL, | ||
719 | 0xcfa6f581UL, 0x28a57adeUL, 0x26dab78eUL, 0xa43fadbfUL, | ||
720 | 0xe42c3a9dUL, 0x0d507892UL, 0x9b6a5fccUL, 0x62547e46UL, | ||
721 | 0xc2f68d13UL, 0xe890d8b8UL, 0x5e2e39f7UL, 0xf582c3afUL, | ||
722 | 0xbe9f5d80UL, 0x7c69d093UL, 0xa96fd52dUL, 0xb3cf2512UL, | ||
723 | 0x3bc8ac99UL, 0xa710187dUL, 0x6ee89c63UL, 0x7bdb3bbbUL, | ||
724 | 0x09cd2678UL, 0xf46e5918UL, 0x01ec9ab7UL, 0xa8834f9aUL, | ||
725 | 0x65e6956eUL, 0x7eaaffe6UL, 0x0821bccfUL, 0xe6ef15e8UL, | ||
726 | 0xd9bae79bUL, 0xce4a6f36UL, 0xd4ea9f09UL, 0xd629b07cUL, | ||
727 | 0xaf31a4b2UL, 0x312a3f23UL, 0x30c6a594UL, 0xc035a266UL, | ||
728 | 0x37744ebcUL, 0xa6fc82caUL, 0xb0e090d0UL, 0x1533a7d8UL, | ||
729 | 0x4af10498UL, 0xf741ecdaUL, 0x0e7fcd50UL, 0x2f1791f6UL, | ||
730 | 0x8d764dd6UL, 0x4d43efb0UL, 0x54ccaa4dUL, 0xdfe49604UL, | ||
731 | 0xe39ed1b5UL, 0x1b4c6a88UL, 0xb8c12c1fUL, 0x7f466551UL, | ||
732 | 0x049d5eeaUL, 0x5d018c35UL, 0x73fa8774UL, 0x2efb0b41UL, | ||
733 | 0x5ab3671dUL, 0x5292dbd2UL, 0x33e91056UL, 0x136dd647UL, | ||
734 | 0x8c9ad761UL, 0x7a37a10cUL, 0x8e59f814UL, 0x89eb133cUL, | ||
735 | 0xeecea927UL, 0x35b761c9UL, 0xede11ce5UL, 0x3c7a47b1UL, | ||
736 | 0x599cd2dfUL, 0x3f55f273UL, 0x791814ceUL, 0xbf73c737UL, | ||
737 | 0xea53f7cdUL, 0x5b5ffdaaUL, 0x14df3d6fUL, 0x867844dbUL, | ||
738 | 0x81caaff3UL, 0x3eb968c4UL, 0x2c382434UL, 0x5fc2a340UL, | ||
739 | 0x72161dc3UL, 0x0cbce225UL, 0x8b283c49UL, 0x41ff0d95UL, | ||
740 | 0x7139a801UL, 0xde080cb3UL, 0x9cd8b4e4UL, 0x906456c1UL, | ||
741 | 0x617bcb84UL, 0x70d532b6UL, 0x74486c5cUL, 0x42d0b857UL, | ||
742 | }; | ||
743 | static const ulong32 TD2[256] = { | ||
744 | 0xa75051f4UL, 0x65537e41UL, 0xa4c31a17UL, 0x5e963a27UL, | ||
745 | 0x6bcb3babUL, 0x45f11f9dUL, 0x58abacfaUL, 0x03934be3UL, | ||
746 | 0xfa552030UL, 0x6df6ad76UL, 0x769188ccUL, 0x4c25f502UL, | ||
747 | 0xd7fc4fe5UL, 0xcbd7c52aUL, 0x44802635UL, 0xa38fb562UL, | ||
748 | 0x5a49deb1UL, 0x1b6725baUL, 0x0e9845eaUL, 0xc0e15dfeUL, | ||
749 | 0x7502c32fUL, 0xf012814cUL, 0x97a38d46UL, 0xf9c66bd3UL, | ||
750 | 0x5fe7038fUL, 0x9c951592UL, 0x7aebbf6dUL, 0x59da9552UL, | ||
751 | 0x832dd4beUL, 0x21d35874UL, 0x692949e0UL, 0xc8448ec9UL, | ||
752 | 0x896a75c2UL, 0x7978f48eUL, 0x3e6b9958UL, 0x71dd27b9UL, | ||
753 | 0x4fb6bee1UL, 0xad17f088UL, 0xac66c920UL, 0x3ab47dceUL, | ||
754 | 0x4a1863dfUL, 0x3182e51aUL, 0x33609751UL, 0x7f456253UL, | ||
755 | 0x77e0b164UL, 0xae84bb6bUL, 0xa01cfe81UL, 0x2b94f908UL, | ||
756 | 0x68587048UL, 0xfd198f45UL, 0x6c8794deUL, 0xf8b7527bUL, | ||
757 | 0xd323ab73UL, 0x02e2724bUL, 0x8f57e31fUL, 0xab2a6655UL, | ||
758 | 0x2807b2ebUL, 0xc2032fb5UL, 0x7b9a86c5UL, 0x08a5d337UL, | ||
759 | 0x87f23028UL, 0xa5b223bfUL, 0x6aba0203UL, 0x825ced16UL, | ||
760 | 0x1c2b8acfUL, 0xb492a779UL, 0xf2f0f307UL, 0xe2a14e69UL, | ||
761 | 0xf4cd65daUL, 0xbed50605UL, 0x621fd134UL, 0xfe8ac4a6UL, | ||
762 | 0x539d342eUL, 0x55a0a2f3UL, 0xe132058aUL, 0xeb75a4f6UL, | ||
763 | 0xec390b83UL, 0xefaa4060UL, 0x9f065e71UL, 0x1051bd6eUL, | ||
764 | 0x8af93e21UL, 0x063d96ddUL, 0x05aedd3eUL, 0xbd464de6UL, | ||
765 | 0x8db59154UL, 0x5d0571c4UL, 0xd46f0406UL, 0x15ff6050UL, | ||
766 | 0xfb241998UL, 0xe997d6bdUL, 0x43cc8940UL, 0x9e7767d9UL, | ||
767 | 0x42bdb0e8UL, 0x8b880789UL, 0x5b38e719UL, 0xeedb79c8UL, | ||
768 | 0x0a47a17cUL, 0x0fe97c42UL, 0x1ec9f884UL, 0x00000000UL, | ||
769 | 0x86830980UL, 0xed48322bUL, 0x70ac1e11UL, 0x724e6c5aUL, | ||
770 | 0xfffbfd0eUL, 0x38560f85UL, 0xd51e3daeUL, 0x3927362dUL, | ||
771 | 0xd9640a0fUL, 0xa621685cUL, 0x54d19b5bUL, 0x2e3a2436UL, | ||
772 | 0x67b10c0aUL, 0xe70f9357UL, 0x96d2b4eeUL, 0x919e1b9bUL, | ||
773 | 0xc54f80c0UL, 0x20a261dcUL, 0x4b695a77UL, 0x1a161c12UL, | ||
774 | 0xba0ae293UL, 0x2ae5c0a0UL, 0xe0433c22UL, 0x171d121bUL, | ||
775 | 0x0d0b0e09UL, 0xc7adf28bUL, 0xa8b92db6UL, 0xa9c8141eUL, | ||
776 | 0x198557f1UL, 0x074caf75UL, 0xddbbee99UL, 0x60fda37fUL, | ||
777 | 0x269ff701UL, 0xf5bc5c72UL, 0x3bc54466UL, 0x7e345bfbUL, | ||
778 | 0x29768b43UL, 0xc6dccb23UL, 0xfc68b6edUL, 0xf163b8e4UL, | ||
779 | 0xdccad731UL, 0x85104263UL, 0x22401397UL, 0x112084c6UL, | ||
780 | 0x247d854aUL, 0x3df8d2bbUL, 0x3211aef9UL, 0xa16dc729UL, | ||
781 | 0x2f4b1d9eUL, 0x30f3dcb2UL, 0x52ec0d86UL, 0xe3d077c1UL, | ||
782 | 0x166c2bb3UL, 0xb999a970UL, 0x48fa1194UL, 0x642247e9UL, | ||
783 | 0x8cc4a8fcUL, 0x3f1aa0f0UL, 0x2cd8567dUL, 0x90ef2233UL, | ||
784 | 0x4ec78749UL, 0xd1c1d938UL, 0xa2fe8ccaUL, 0x0b3698d4UL, | ||
785 | 0x81cfa6f5UL, 0xde28a57aUL, 0x8e26dab7UL, 0xbfa43fadUL, | ||
786 | 0x9de42c3aUL, 0x920d5078UL, 0xcc9b6a5fUL, 0x4662547eUL, | ||
787 | 0x13c2f68dUL, 0xb8e890d8UL, 0xf75e2e39UL, 0xaff582c3UL, | ||
788 | 0x80be9f5dUL, 0x937c69d0UL, 0x2da96fd5UL, 0x12b3cf25UL, | ||
789 | 0x993bc8acUL, 0x7da71018UL, 0x636ee89cUL, 0xbb7bdb3bUL, | ||
790 | 0x7809cd26UL, 0x18f46e59UL, 0xb701ec9aUL, 0x9aa8834fUL, | ||
791 | 0x6e65e695UL, 0xe67eaaffUL, 0xcf0821bcUL, 0xe8e6ef15UL, | ||
792 | 0x9bd9bae7UL, 0x36ce4a6fUL, 0x09d4ea9fUL, 0x7cd629b0UL, | ||
793 | 0xb2af31a4UL, 0x23312a3fUL, 0x9430c6a5UL, 0x66c035a2UL, | ||
794 | 0xbc37744eUL, 0xcaa6fc82UL, 0xd0b0e090UL, 0xd81533a7UL, | ||
795 | 0x984af104UL, 0xdaf741ecUL, 0x500e7fcdUL, 0xf62f1791UL, | ||
796 | 0xd68d764dUL, 0xb04d43efUL, 0x4d54ccaaUL, 0x04dfe496UL, | ||
797 | 0xb5e39ed1UL, 0x881b4c6aUL, 0x1fb8c12cUL, 0x517f4665UL, | ||
798 | 0xea049d5eUL, 0x355d018cUL, 0x7473fa87UL, 0x412efb0bUL, | ||
799 | 0x1d5ab367UL, 0xd25292dbUL, 0x5633e910UL, 0x47136dd6UL, | ||
800 | 0x618c9ad7UL, 0x0c7a37a1UL, 0x148e59f8UL, 0x3c89eb13UL, | ||
801 | 0x27eecea9UL, 0xc935b761UL, 0xe5ede11cUL, 0xb13c7a47UL, | ||
802 | 0xdf599cd2UL, 0x733f55f2UL, 0xce791814UL, 0x37bf73c7UL, | ||
803 | 0xcdea53f7UL, 0xaa5b5ffdUL, 0x6f14df3dUL, 0xdb867844UL, | ||
804 | 0xf381caafUL, 0xc43eb968UL, 0x342c3824UL, 0x405fc2a3UL, | ||
805 | 0xc372161dUL, 0x250cbce2UL, 0x498b283cUL, 0x9541ff0dUL, | ||
806 | 0x017139a8UL, 0xb3de080cUL, 0xe49cd8b4UL, 0xc1906456UL, | ||
807 | 0x84617bcbUL, 0xb670d532UL, 0x5c74486cUL, 0x5742d0b8UL, | ||
808 | }; | ||
809 | static const ulong32 TD3[256] = { | ||
810 | 0xf4a75051UL, 0x4165537eUL, 0x17a4c31aUL, 0x275e963aUL, | ||
811 | 0xab6bcb3bUL, 0x9d45f11fUL, 0xfa58abacUL, 0xe303934bUL, | ||
812 | 0x30fa5520UL, 0x766df6adUL, 0xcc769188UL, 0x024c25f5UL, | ||
813 | 0xe5d7fc4fUL, 0x2acbd7c5UL, 0x35448026UL, 0x62a38fb5UL, | ||
814 | 0xb15a49deUL, 0xba1b6725UL, 0xea0e9845UL, 0xfec0e15dUL, | ||
815 | 0x2f7502c3UL, 0x4cf01281UL, 0x4697a38dUL, 0xd3f9c66bUL, | ||
816 | 0x8f5fe703UL, 0x929c9515UL, 0x6d7aebbfUL, 0x5259da95UL, | ||
817 | 0xbe832dd4UL, 0x7421d358UL, 0xe0692949UL, 0xc9c8448eUL, | ||
818 | 0xc2896a75UL, 0x8e7978f4UL, 0x583e6b99UL, 0xb971dd27UL, | ||
819 | 0xe14fb6beUL, 0x88ad17f0UL, 0x20ac66c9UL, 0xce3ab47dUL, | ||
820 | 0xdf4a1863UL, 0x1a3182e5UL, 0x51336097UL, 0x537f4562UL, | ||
821 | 0x6477e0b1UL, 0x6bae84bbUL, 0x81a01cfeUL, 0x082b94f9UL, | ||
822 | 0x48685870UL, 0x45fd198fUL, 0xde6c8794UL, 0x7bf8b752UL, | ||
823 | 0x73d323abUL, 0x4b02e272UL, 0x1f8f57e3UL, 0x55ab2a66UL, | ||
824 | 0xeb2807b2UL, 0xb5c2032fUL, 0xc57b9a86UL, 0x3708a5d3UL, | ||
825 | 0x2887f230UL, 0xbfa5b223UL, 0x036aba02UL, 0x16825cedUL, | ||
826 | 0xcf1c2b8aUL, 0x79b492a7UL, 0x07f2f0f3UL, 0x69e2a14eUL, | ||
827 | 0xdaf4cd65UL, 0x05bed506UL, 0x34621fd1UL, 0xa6fe8ac4UL, | ||
828 | 0x2e539d34UL, 0xf355a0a2UL, 0x8ae13205UL, 0xf6eb75a4UL, | ||
829 | 0x83ec390bUL, 0x60efaa40UL, 0x719f065eUL, 0x6e1051bdUL, | ||
830 | 0x218af93eUL, 0xdd063d96UL, 0x3e05aeddUL, 0xe6bd464dUL, | ||
831 | 0x548db591UL, 0xc45d0571UL, 0x06d46f04UL, 0x5015ff60UL, | ||
832 | 0x98fb2419UL, 0xbde997d6UL, 0x4043cc89UL, 0xd99e7767UL, | ||
833 | 0xe842bdb0UL, 0x898b8807UL, 0x195b38e7UL, 0xc8eedb79UL, | ||
834 | 0x7c0a47a1UL, 0x420fe97cUL, 0x841ec9f8UL, 0x00000000UL, | ||
835 | 0x80868309UL, 0x2bed4832UL, 0x1170ac1eUL, 0x5a724e6cUL, | ||
836 | 0x0efffbfdUL, 0x8538560fUL, 0xaed51e3dUL, 0x2d392736UL, | ||
837 | 0x0fd9640aUL, 0x5ca62168UL, 0x5b54d19bUL, 0x362e3a24UL, | ||
838 | 0x0a67b10cUL, 0x57e70f93UL, 0xee96d2b4UL, 0x9b919e1bUL, | ||
839 | 0xc0c54f80UL, 0xdc20a261UL, 0x774b695aUL, 0x121a161cUL, | ||
840 | 0x93ba0ae2UL, 0xa02ae5c0UL, 0x22e0433cUL, 0x1b171d12UL, | ||
841 | 0x090d0b0eUL, 0x8bc7adf2UL, 0xb6a8b92dUL, 0x1ea9c814UL, | ||
842 | 0xf1198557UL, 0x75074cafUL, 0x99ddbbeeUL, 0x7f60fda3UL, | ||
843 | 0x01269ff7UL, 0x72f5bc5cUL, 0x663bc544UL, 0xfb7e345bUL, | ||
844 | 0x4329768bUL, 0x23c6dccbUL, 0xedfc68b6UL, 0xe4f163b8UL, | ||
845 | 0x31dccad7UL, 0x63851042UL, 0x97224013UL, 0xc6112084UL, | ||
846 | 0x4a247d85UL, 0xbb3df8d2UL, 0xf93211aeUL, 0x29a16dc7UL, | ||
847 | 0x9e2f4b1dUL, 0xb230f3dcUL, 0x8652ec0dUL, 0xc1e3d077UL, | ||
848 | 0xb3166c2bUL, 0x70b999a9UL, 0x9448fa11UL, 0xe9642247UL, | ||
849 | 0xfc8cc4a8UL, 0xf03f1aa0UL, 0x7d2cd856UL, 0x3390ef22UL, | ||
850 | 0x494ec787UL, 0x38d1c1d9UL, 0xcaa2fe8cUL, 0xd40b3698UL, | ||
851 | 0xf581cfa6UL, 0x7ade28a5UL, 0xb78e26daUL, 0xadbfa43fUL, | ||
852 | 0x3a9de42cUL, 0x78920d50UL, 0x5fcc9b6aUL, 0x7e466254UL, | ||
853 | 0x8d13c2f6UL, 0xd8b8e890UL, 0x39f75e2eUL, 0xc3aff582UL, | ||
854 | 0x5d80be9fUL, 0xd0937c69UL, 0xd52da96fUL, 0x2512b3cfUL, | ||
855 | 0xac993bc8UL, 0x187da710UL, 0x9c636ee8UL, 0x3bbb7bdbUL, | ||
856 | 0x267809cdUL, 0x5918f46eUL, 0x9ab701ecUL, 0x4f9aa883UL, | ||
857 | 0x956e65e6UL, 0xffe67eaaUL, 0xbccf0821UL, 0x15e8e6efUL, | ||
858 | 0xe79bd9baUL, 0x6f36ce4aUL, 0x9f09d4eaUL, 0xb07cd629UL, | ||
859 | 0xa4b2af31UL, 0x3f23312aUL, 0xa59430c6UL, 0xa266c035UL, | ||
860 | 0x4ebc3774UL, 0x82caa6fcUL, 0x90d0b0e0UL, 0xa7d81533UL, | ||
861 | 0x04984af1UL, 0xecdaf741UL, 0xcd500e7fUL, 0x91f62f17UL, | ||
862 | 0x4dd68d76UL, 0xefb04d43UL, 0xaa4d54ccUL, 0x9604dfe4UL, | ||
863 | 0xd1b5e39eUL, 0x6a881b4cUL, 0x2c1fb8c1UL, 0x65517f46UL, | ||
864 | 0x5eea049dUL, 0x8c355d01UL, 0x877473faUL, 0x0b412efbUL, | ||
865 | 0x671d5ab3UL, 0xdbd25292UL, 0x105633e9UL, 0xd647136dUL, | ||
866 | 0xd7618c9aUL, 0xa10c7a37UL, 0xf8148e59UL, 0x133c89ebUL, | ||
867 | 0xa927eeceUL, 0x61c935b7UL, 0x1ce5ede1UL, 0x47b13c7aUL, | ||
868 | 0xd2df599cUL, 0xf2733f55UL, 0x14ce7918UL, 0xc737bf73UL, | ||
869 | 0xf7cdea53UL, 0xfdaa5b5fUL, 0x3d6f14dfUL, 0x44db8678UL, | ||
870 | 0xaff381caUL, 0x68c43eb9UL, 0x24342c38UL, 0xa3405fc2UL, | ||
871 | 0x1dc37216UL, 0xe2250cbcUL, 0x3c498b28UL, 0x0d9541ffUL, | ||
872 | 0xa8017139UL, 0x0cb3de08UL, 0xb4e49cd8UL, 0x56c19064UL, | ||
873 | 0xcb84617bUL, 0x32b670d5UL, 0x6c5c7448UL, 0xb85742d0UL, | ||
874 | }; | ||
875 | |||
876 | static const ulong32 Tks0[] = { | ||
877 | 0x00000000UL, 0x0e090d0bUL, 0x1c121a16UL, 0x121b171dUL, 0x3824342cUL, 0x362d3927UL, 0x24362e3aUL, 0x2a3f2331UL, | ||
878 | 0x70486858UL, 0x7e416553UL, 0x6c5a724eUL, 0x62537f45UL, 0x486c5c74UL, 0x4665517fUL, 0x547e4662UL, 0x5a774b69UL, | ||
879 | 0xe090d0b0UL, 0xee99ddbbUL, 0xfc82caa6UL, 0xf28bc7adUL, 0xd8b4e49cUL, 0xd6bde997UL, 0xc4a6fe8aUL, 0xcaaff381UL, | ||
880 | 0x90d8b8e8UL, 0x9ed1b5e3UL, 0x8ccaa2feUL, 0x82c3aff5UL, 0xa8fc8cc4UL, 0xa6f581cfUL, 0xb4ee96d2UL, 0xbae79bd9UL, | ||
881 | 0xdb3bbb7bUL, 0xd532b670UL, 0xc729a16dUL, 0xc920ac66UL, 0xe31f8f57UL, 0xed16825cUL, 0xff0d9541UL, 0xf104984aUL, | ||
882 | 0xab73d323UL, 0xa57ade28UL, 0xb761c935UL, 0xb968c43eUL, 0x9357e70fUL, 0x9d5eea04UL, 0x8f45fd19UL, 0x814cf012UL, | ||
883 | 0x3bab6bcbUL, 0x35a266c0UL, 0x27b971ddUL, 0x29b07cd6UL, 0x038f5fe7UL, 0x0d8652ecUL, 0x1f9d45f1UL, 0x119448faUL, | ||
884 | 0x4be30393UL, 0x45ea0e98UL, 0x57f11985UL, 0x59f8148eUL, 0x73c737bfUL, 0x7dce3ab4UL, 0x6fd52da9UL, 0x61dc20a2UL, | ||
885 | 0xad766df6UL, 0xa37f60fdUL, 0xb16477e0UL, 0xbf6d7aebUL, 0x955259daUL, 0x9b5b54d1UL, 0x894043ccUL, 0x87494ec7UL, | ||
886 | 0xdd3e05aeUL, 0xd33708a5UL, 0xc12c1fb8UL, 0xcf2512b3UL, 0xe51a3182UL, 0xeb133c89UL, 0xf9082b94UL, 0xf701269fUL, | ||
887 | 0x4de6bd46UL, 0x43efb04dUL, 0x51f4a750UL, 0x5ffdaa5bUL, 0x75c2896aUL, 0x7bcb8461UL, 0x69d0937cUL, 0x67d99e77UL, | ||
888 | 0x3daed51eUL, 0x33a7d815UL, 0x21bccf08UL, 0x2fb5c203UL, 0x058ae132UL, 0x0b83ec39UL, 0x1998fb24UL, 0x1791f62fUL, | ||
889 | 0x764dd68dUL, 0x7844db86UL, 0x6a5fcc9bUL, 0x6456c190UL, 0x4e69e2a1UL, 0x4060efaaUL, 0x527bf8b7UL, 0x5c72f5bcUL, | ||
890 | 0x0605bed5UL, 0x080cb3deUL, 0x1a17a4c3UL, 0x141ea9c8UL, 0x3e218af9UL, 0x302887f2UL, 0x223390efUL, 0x2c3a9de4UL, | ||
891 | 0x96dd063dUL, 0x98d40b36UL, 0x8acf1c2bUL, 0x84c61120UL, 0xaef93211UL, 0xa0f03f1aUL, 0xb2eb2807UL, 0xbce2250cUL, | ||
892 | 0xe6956e65UL, 0xe89c636eUL, 0xfa877473UL, 0xf48e7978UL, 0xdeb15a49UL, 0xd0b85742UL, 0xc2a3405fUL, 0xccaa4d54UL, | ||
893 | 0x41ecdaf7UL, 0x4fe5d7fcUL, 0x5dfec0e1UL, 0x53f7cdeaUL, 0x79c8eedbUL, 0x77c1e3d0UL, 0x65daf4cdUL, 0x6bd3f9c6UL, | ||
894 | 0x31a4b2afUL, 0x3fadbfa4UL, 0x2db6a8b9UL, 0x23bfa5b2UL, 0x09808683UL, 0x07898b88UL, 0x15929c95UL, 0x1b9b919eUL, | ||
895 | 0xa17c0a47UL, 0xaf75074cUL, 0xbd6e1051UL, 0xb3671d5aUL, 0x99583e6bUL, 0x97513360UL, 0x854a247dUL, 0x8b432976UL, | ||
896 | 0xd134621fUL, 0xdf3d6f14UL, 0xcd267809UL, 0xc32f7502UL, 0xe9105633UL, 0xe7195b38UL, 0xf5024c25UL, 0xfb0b412eUL, | ||
897 | 0x9ad7618cUL, 0x94de6c87UL, 0x86c57b9aUL, 0x88cc7691UL, 0xa2f355a0UL, 0xacfa58abUL, 0xbee14fb6UL, 0xb0e842bdUL, | ||
898 | 0xea9f09d4UL, 0xe49604dfUL, 0xf68d13c2UL, 0xf8841ec9UL, 0xd2bb3df8UL, 0xdcb230f3UL, 0xcea927eeUL, 0xc0a02ae5UL, | ||
899 | 0x7a47b13cUL, 0x744ebc37UL, 0x6655ab2aUL, 0x685ca621UL, 0x42638510UL, 0x4c6a881bUL, 0x5e719f06UL, 0x5078920dUL, | ||
900 | 0x0a0fd964UL, 0x0406d46fUL, 0x161dc372UL, 0x1814ce79UL, 0x322bed48UL, 0x3c22e043UL, 0x2e39f75eUL, 0x2030fa55UL, | ||
901 | 0xec9ab701UL, 0xe293ba0aUL, 0xf088ad17UL, 0xfe81a01cUL, 0xd4be832dUL, 0xdab78e26UL, 0xc8ac993bUL, 0xc6a59430UL, | ||
902 | 0x9cd2df59UL, 0x92dbd252UL, 0x80c0c54fUL, 0x8ec9c844UL, 0xa4f6eb75UL, 0xaaffe67eUL, 0xb8e4f163UL, 0xb6edfc68UL, | ||
903 | 0x0c0a67b1UL, 0x02036abaUL, 0x10187da7UL, 0x1e1170acUL, 0x342e539dUL, 0x3a275e96UL, 0x283c498bUL, 0x26354480UL, | ||
904 | 0x7c420fe9UL, 0x724b02e2UL, 0x605015ffUL, 0x6e5918f4UL, 0x44663bc5UL, 0x4a6f36ceUL, 0x587421d3UL, 0x567d2cd8UL, | ||
905 | 0x37a10c7aUL, 0x39a80171UL, 0x2bb3166cUL, 0x25ba1b67UL, 0x0f853856UL, 0x018c355dUL, 0x13972240UL, 0x1d9e2f4bUL, | ||
906 | 0x47e96422UL, 0x49e06929UL, 0x5bfb7e34UL, 0x55f2733fUL, 0x7fcd500eUL, 0x71c45d05UL, 0x63df4a18UL, 0x6dd64713UL, | ||
907 | 0xd731dccaUL, 0xd938d1c1UL, 0xcb23c6dcUL, 0xc52acbd7UL, 0xef15e8e6UL, 0xe11ce5edUL, 0xf307f2f0UL, 0xfd0efffbUL, | ||
908 | 0xa779b492UL, 0xa970b999UL, 0xbb6bae84UL, 0xb562a38fUL, 0x9f5d80beUL, 0x91548db5UL, 0x834f9aa8UL, 0x8d4697a3UL | ||
909 | }; | ||
910 | |||
911 | static const ulong32 Tks1[] = { | ||
912 | 0x00000000UL, 0x0b0e090dUL, 0x161c121aUL, 0x1d121b17UL, 0x2c382434UL, 0x27362d39UL, 0x3a24362eUL, 0x312a3f23UL, | ||
913 | 0x58704868UL, 0x537e4165UL, 0x4e6c5a72UL, 0x4562537fUL, 0x74486c5cUL, 0x7f466551UL, 0x62547e46UL, 0x695a774bUL, | ||
914 | 0xb0e090d0UL, 0xbbee99ddUL, 0xa6fc82caUL, 0xadf28bc7UL, 0x9cd8b4e4UL, 0x97d6bde9UL, 0x8ac4a6feUL, 0x81caaff3UL, | ||
915 | 0xe890d8b8UL, 0xe39ed1b5UL, 0xfe8ccaa2UL, 0xf582c3afUL, 0xc4a8fc8cUL, 0xcfa6f581UL, 0xd2b4ee96UL, 0xd9bae79bUL, | ||
916 | 0x7bdb3bbbUL, 0x70d532b6UL, 0x6dc729a1UL, 0x66c920acUL, 0x57e31f8fUL, 0x5ced1682UL, 0x41ff0d95UL, 0x4af10498UL, | ||
917 | 0x23ab73d3UL, 0x28a57adeUL, 0x35b761c9UL, 0x3eb968c4UL, 0x0f9357e7UL, 0x049d5eeaUL, 0x198f45fdUL, 0x12814cf0UL, | ||
918 | 0xcb3bab6bUL, 0xc035a266UL, 0xdd27b971UL, 0xd629b07cUL, 0xe7038f5fUL, 0xec0d8652UL, 0xf11f9d45UL, 0xfa119448UL, | ||
919 | 0x934be303UL, 0x9845ea0eUL, 0x8557f119UL, 0x8e59f814UL, 0xbf73c737UL, 0xb47dce3aUL, 0xa96fd52dUL, 0xa261dc20UL, | ||
920 | 0xf6ad766dUL, 0xfda37f60UL, 0xe0b16477UL, 0xebbf6d7aUL, 0xda955259UL, 0xd19b5b54UL, 0xcc894043UL, 0xc787494eUL, | ||
921 | 0xaedd3e05UL, 0xa5d33708UL, 0xb8c12c1fUL, 0xb3cf2512UL, 0x82e51a31UL, 0x89eb133cUL, 0x94f9082bUL, 0x9ff70126UL, | ||
922 | 0x464de6bdUL, 0x4d43efb0UL, 0x5051f4a7UL, 0x5b5ffdaaUL, 0x6a75c289UL, 0x617bcb84UL, 0x7c69d093UL, 0x7767d99eUL, | ||
923 | 0x1e3daed5UL, 0x1533a7d8UL, 0x0821bccfUL, 0x032fb5c2UL, 0x32058ae1UL, 0x390b83ecUL, 0x241998fbUL, 0x2f1791f6UL, | ||
924 | 0x8d764dd6UL, 0x867844dbUL, 0x9b6a5fccUL, 0x906456c1UL, 0xa14e69e2UL, 0xaa4060efUL, 0xb7527bf8UL, 0xbc5c72f5UL, | ||
925 | 0xd50605beUL, 0xde080cb3UL, 0xc31a17a4UL, 0xc8141ea9UL, 0xf93e218aUL, 0xf2302887UL, 0xef223390UL, 0xe42c3a9dUL, | ||
926 | 0x3d96dd06UL, 0x3698d40bUL, 0x2b8acf1cUL, 0x2084c611UL, 0x11aef932UL, 0x1aa0f03fUL, 0x07b2eb28UL, 0x0cbce225UL, | ||
927 | 0x65e6956eUL, 0x6ee89c63UL, 0x73fa8774UL, 0x78f48e79UL, 0x49deb15aUL, 0x42d0b857UL, 0x5fc2a340UL, 0x54ccaa4dUL, | ||
928 | 0xf741ecdaUL, 0xfc4fe5d7UL, 0xe15dfec0UL, 0xea53f7cdUL, 0xdb79c8eeUL, 0xd077c1e3UL, 0xcd65daf4UL, 0xc66bd3f9UL, | ||
929 | 0xaf31a4b2UL, 0xa43fadbfUL, 0xb92db6a8UL, 0xb223bfa5UL, 0x83098086UL, 0x8807898bUL, 0x9515929cUL, 0x9e1b9b91UL, | ||
930 | 0x47a17c0aUL, 0x4caf7507UL, 0x51bd6e10UL, 0x5ab3671dUL, 0x6b99583eUL, 0x60975133UL, 0x7d854a24UL, 0x768b4329UL, | ||
931 | 0x1fd13462UL, 0x14df3d6fUL, 0x09cd2678UL, 0x02c32f75UL, 0x33e91056UL, 0x38e7195bUL, 0x25f5024cUL, 0x2efb0b41UL, | ||
932 | 0x8c9ad761UL, 0x8794de6cUL, 0x9a86c57bUL, 0x9188cc76UL, 0xa0a2f355UL, 0xabacfa58UL, 0xb6bee14fUL, 0xbdb0e842UL, | ||
933 | 0xd4ea9f09UL, 0xdfe49604UL, 0xc2f68d13UL, 0xc9f8841eUL, 0xf8d2bb3dUL, 0xf3dcb230UL, 0xeecea927UL, 0xe5c0a02aUL, | ||
934 | 0x3c7a47b1UL, 0x37744ebcUL, 0x2a6655abUL, 0x21685ca6UL, 0x10426385UL, 0x1b4c6a88UL, 0x065e719fUL, 0x0d507892UL, | ||
935 | 0x640a0fd9UL, 0x6f0406d4UL, 0x72161dc3UL, 0x791814ceUL, 0x48322bedUL, 0x433c22e0UL, 0x5e2e39f7UL, 0x552030faUL, | ||
936 | 0x01ec9ab7UL, 0x0ae293baUL, 0x17f088adUL, 0x1cfe81a0UL, 0x2dd4be83UL, 0x26dab78eUL, 0x3bc8ac99UL, 0x30c6a594UL, | ||
937 | 0x599cd2dfUL, 0x5292dbd2UL, 0x4f80c0c5UL, 0x448ec9c8UL, 0x75a4f6ebUL, 0x7eaaffe6UL, 0x63b8e4f1UL, 0x68b6edfcUL, | ||
938 | 0xb10c0a67UL, 0xba02036aUL, 0xa710187dUL, 0xac1e1170UL, 0x9d342e53UL, 0x963a275eUL, 0x8b283c49UL, 0x80263544UL, | ||
939 | 0xe97c420fUL, 0xe2724b02UL, 0xff605015UL, 0xf46e5918UL, 0xc544663bUL, 0xce4a6f36UL, 0xd3587421UL, 0xd8567d2cUL, | ||
940 | 0x7a37a10cUL, 0x7139a801UL, 0x6c2bb316UL, 0x6725ba1bUL, 0x560f8538UL, 0x5d018c35UL, 0x40139722UL, 0x4b1d9e2fUL, | ||
941 | 0x2247e964UL, 0x2949e069UL, 0x345bfb7eUL, 0x3f55f273UL, 0x0e7fcd50UL, 0x0571c45dUL, 0x1863df4aUL, 0x136dd647UL, | ||
942 | 0xcad731dcUL, 0xc1d938d1UL, 0xdccb23c6UL, 0xd7c52acbUL, 0xe6ef15e8UL, 0xede11ce5UL, 0xf0f307f2UL, 0xfbfd0effUL, | ||
943 | 0x92a779b4UL, 0x99a970b9UL, 0x84bb6baeUL, 0x8fb562a3UL, 0xbe9f5d80UL, 0xb591548dUL, 0xa8834f9aUL, 0xa38d4697UL | ||
944 | }; | ||
945 | |||
946 | static const ulong32 Tks2[] = { | ||
947 | 0x00000000UL, 0x0d0b0e09UL, 0x1a161c12UL, 0x171d121bUL, 0x342c3824UL, 0x3927362dUL, 0x2e3a2436UL, 0x23312a3fUL, | ||
948 | 0x68587048UL, 0x65537e41UL, 0x724e6c5aUL, 0x7f456253UL, 0x5c74486cUL, 0x517f4665UL, 0x4662547eUL, 0x4b695a77UL, | ||
949 | 0xd0b0e090UL, 0xddbbee99UL, 0xcaa6fc82UL, 0xc7adf28bUL, 0xe49cd8b4UL, 0xe997d6bdUL, 0xfe8ac4a6UL, 0xf381caafUL, | ||
950 | 0xb8e890d8UL, 0xb5e39ed1UL, 0xa2fe8ccaUL, 0xaff582c3UL, 0x8cc4a8fcUL, 0x81cfa6f5UL, 0x96d2b4eeUL, 0x9bd9bae7UL, | ||
951 | 0xbb7bdb3bUL, 0xb670d532UL, 0xa16dc729UL, 0xac66c920UL, 0x8f57e31fUL, 0x825ced16UL, 0x9541ff0dUL, 0x984af104UL, | ||
952 | 0xd323ab73UL, 0xde28a57aUL, 0xc935b761UL, 0xc43eb968UL, 0xe70f9357UL, 0xea049d5eUL, 0xfd198f45UL, 0xf012814cUL, | ||
953 | 0x6bcb3babUL, 0x66c035a2UL, 0x71dd27b9UL, 0x7cd629b0UL, 0x5fe7038fUL, 0x52ec0d86UL, 0x45f11f9dUL, 0x48fa1194UL, | ||
954 | 0x03934be3UL, 0x0e9845eaUL, 0x198557f1UL, 0x148e59f8UL, 0x37bf73c7UL, 0x3ab47dceUL, 0x2da96fd5UL, 0x20a261dcUL, | ||
955 | 0x6df6ad76UL, 0x60fda37fUL, 0x77e0b164UL, 0x7aebbf6dUL, 0x59da9552UL, 0x54d19b5bUL, 0x43cc8940UL, 0x4ec78749UL, | ||
956 | 0x05aedd3eUL, 0x08a5d337UL, 0x1fb8c12cUL, 0x12b3cf25UL, 0x3182e51aUL, 0x3c89eb13UL, 0x2b94f908UL, 0x269ff701UL, | ||
957 | 0xbd464de6UL, 0xb04d43efUL, 0xa75051f4UL, 0xaa5b5ffdUL, 0x896a75c2UL, 0x84617bcbUL, 0x937c69d0UL, 0x9e7767d9UL, | ||
958 | 0xd51e3daeUL, 0xd81533a7UL, 0xcf0821bcUL, 0xc2032fb5UL, 0xe132058aUL, 0xec390b83UL, 0xfb241998UL, 0xf62f1791UL, | ||
959 | 0xd68d764dUL, 0xdb867844UL, 0xcc9b6a5fUL, 0xc1906456UL, 0xe2a14e69UL, 0xefaa4060UL, 0xf8b7527bUL, 0xf5bc5c72UL, | ||
960 | 0xbed50605UL, 0xb3de080cUL, 0xa4c31a17UL, 0xa9c8141eUL, 0x8af93e21UL, 0x87f23028UL, 0x90ef2233UL, 0x9de42c3aUL, | ||
961 | 0x063d96ddUL, 0x0b3698d4UL, 0x1c2b8acfUL, 0x112084c6UL, 0x3211aef9UL, 0x3f1aa0f0UL, 0x2807b2ebUL, 0x250cbce2UL, | ||
962 | 0x6e65e695UL, 0x636ee89cUL, 0x7473fa87UL, 0x7978f48eUL, 0x5a49deb1UL, 0x5742d0b8UL, 0x405fc2a3UL, 0x4d54ccaaUL, | ||
963 | 0xdaf741ecUL, 0xd7fc4fe5UL, 0xc0e15dfeUL, 0xcdea53f7UL, 0xeedb79c8UL, 0xe3d077c1UL, 0xf4cd65daUL, 0xf9c66bd3UL, | ||
964 | 0xb2af31a4UL, 0xbfa43fadUL, 0xa8b92db6UL, 0xa5b223bfUL, 0x86830980UL, 0x8b880789UL, 0x9c951592UL, 0x919e1b9bUL, | ||
965 | 0x0a47a17cUL, 0x074caf75UL, 0x1051bd6eUL, 0x1d5ab367UL, 0x3e6b9958UL, 0x33609751UL, 0x247d854aUL, 0x29768b43UL, | ||
966 | 0x621fd134UL, 0x6f14df3dUL, 0x7809cd26UL, 0x7502c32fUL, 0x5633e910UL, 0x5b38e719UL, 0x4c25f502UL, 0x412efb0bUL, | ||
967 | 0x618c9ad7UL, 0x6c8794deUL, 0x7b9a86c5UL, 0x769188ccUL, 0x55a0a2f3UL, 0x58abacfaUL, 0x4fb6bee1UL, 0x42bdb0e8UL, | ||
968 | 0x09d4ea9fUL, 0x04dfe496UL, 0x13c2f68dUL, 0x1ec9f884UL, 0x3df8d2bbUL, 0x30f3dcb2UL, 0x27eecea9UL, 0x2ae5c0a0UL, | ||
969 | 0xb13c7a47UL, 0xbc37744eUL, 0xab2a6655UL, 0xa621685cUL, 0x85104263UL, 0x881b4c6aUL, 0x9f065e71UL, 0x920d5078UL, | ||
970 | 0xd9640a0fUL, 0xd46f0406UL, 0xc372161dUL, 0xce791814UL, 0xed48322bUL, 0xe0433c22UL, 0xf75e2e39UL, 0xfa552030UL, | ||
971 | 0xb701ec9aUL, 0xba0ae293UL, 0xad17f088UL, 0xa01cfe81UL, 0x832dd4beUL, 0x8e26dab7UL, 0x993bc8acUL, 0x9430c6a5UL, | ||
972 | 0xdf599cd2UL, 0xd25292dbUL, 0xc54f80c0UL, 0xc8448ec9UL, 0xeb75a4f6UL, 0xe67eaaffUL, 0xf163b8e4UL, 0xfc68b6edUL, | ||
973 | 0x67b10c0aUL, 0x6aba0203UL, 0x7da71018UL, 0x70ac1e11UL, 0x539d342eUL, 0x5e963a27UL, 0x498b283cUL, 0x44802635UL, | ||
974 | 0x0fe97c42UL, 0x02e2724bUL, 0x15ff6050UL, 0x18f46e59UL, 0x3bc54466UL, 0x36ce4a6fUL, 0x21d35874UL, 0x2cd8567dUL, | ||
975 | 0x0c7a37a1UL, 0x017139a8UL, 0x166c2bb3UL, 0x1b6725baUL, 0x38560f85UL, 0x355d018cUL, 0x22401397UL, 0x2f4b1d9eUL, | ||
976 | 0x642247e9UL, 0x692949e0UL, 0x7e345bfbUL, 0x733f55f2UL, 0x500e7fcdUL, 0x5d0571c4UL, 0x4a1863dfUL, 0x47136dd6UL, | ||
977 | 0xdccad731UL, 0xd1c1d938UL, 0xc6dccb23UL, 0xcbd7c52aUL, 0xe8e6ef15UL, 0xe5ede11cUL, 0xf2f0f307UL, 0xfffbfd0eUL, | ||
978 | 0xb492a779UL, 0xb999a970UL, 0xae84bb6bUL, 0xa38fb562UL, 0x80be9f5dUL, 0x8db59154UL, 0x9aa8834fUL, 0x97a38d46UL | ||
979 | }; | ||
980 | |||
981 | static const ulong32 Tks3[] = { | ||
982 | 0x00000000UL, 0x090d0b0eUL, 0x121a161cUL, 0x1b171d12UL, 0x24342c38UL, 0x2d392736UL, 0x362e3a24UL, 0x3f23312aUL, | ||
983 | 0x48685870UL, 0x4165537eUL, 0x5a724e6cUL, 0x537f4562UL, 0x6c5c7448UL, 0x65517f46UL, 0x7e466254UL, 0x774b695aUL, | ||
984 | 0x90d0b0e0UL, 0x99ddbbeeUL, 0x82caa6fcUL, 0x8bc7adf2UL, 0xb4e49cd8UL, 0xbde997d6UL, 0xa6fe8ac4UL, 0xaff381caUL, | ||
985 | 0xd8b8e890UL, 0xd1b5e39eUL, 0xcaa2fe8cUL, 0xc3aff582UL, 0xfc8cc4a8UL, 0xf581cfa6UL, 0xee96d2b4UL, 0xe79bd9baUL, | ||
986 | 0x3bbb7bdbUL, 0x32b670d5UL, 0x29a16dc7UL, 0x20ac66c9UL, 0x1f8f57e3UL, 0x16825cedUL, 0x0d9541ffUL, 0x04984af1UL, | ||
987 | 0x73d323abUL, 0x7ade28a5UL, 0x61c935b7UL, 0x68c43eb9UL, 0x57e70f93UL, 0x5eea049dUL, 0x45fd198fUL, 0x4cf01281UL, | ||
988 | 0xab6bcb3bUL, 0xa266c035UL, 0xb971dd27UL, 0xb07cd629UL, 0x8f5fe703UL, 0x8652ec0dUL, 0x9d45f11fUL, 0x9448fa11UL, | ||
989 | 0xe303934bUL, 0xea0e9845UL, 0xf1198557UL, 0xf8148e59UL, 0xc737bf73UL, 0xce3ab47dUL, 0xd52da96fUL, 0xdc20a261UL, | ||
990 | 0x766df6adUL, 0x7f60fda3UL, 0x6477e0b1UL, 0x6d7aebbfUL, 0x5259da95UL, 0x5b54d19bUL, 0x4043cc89UL, 0x494ec787UL, | ||
991 | 0x3e05aeddUL, 0x3708a5d3UL, 0x2c1fb8c1UL, 0x2512b3cfUL, 0x1a3182e5UL, 0x133c89ebUL, 0x082b94f9UL, 0x01269ff7UL, | ||
992 | 0xe6bd464dUL, 0xefb04d43UL, 0xf4a75051UL, 0xfdaa5b5fUL, 0xc2896a75UL, 0xcb84617bUL, 0xd0937c69UL, 0xd99e7767UL, | ||
993 | 0xaed51e3dUL, 0xa7d81533UL, 0xbccf0821UL, 0xb5c2032fUL, 0x8ae13205UL, 0x83ec390bUL, 0x98fb2419UL, 0x91f62f17UL, | ||
994 | 0x4dd68d76UL, 0x44db8678UL, 0x5fcc9b6aUL, 0x56c19064UL, 0x69e2a14eUL, 0x60efaa40UL, 0x7bf8b752UL, 0x72f5bc5cUL, | ||
995 | 0x05bed506UL, 0x0cb3de08UL, 0x17a4c31aUL, 0x1ea9c814UL, 0x218af93eUL, 0x2887f230UL, 0x3390ef22UL, 0x3a9de42cUL, | ||
996 | 0xdd063d96UL, 0xd40b3698UL, 0xcf1c2b8aUL, 0xc6112084UL, 0xf93211aeUL, 0xf03f1aa0UL, 0xeb2807b2UL, 0xe2250cbcUL, | ||
997 | 0x956e65e6UL, 0x9c636ee8UL, 0x877473faUL, 0x8e7978f4UL, 0xb15a49deUL, 0xb85742d0UL, 0xa3405fc2UL, 0xaa4d54ccUL, | ||
998 | 0xecdaf741UL, 0xe5d7fc4fUL, 0xfec0e15dUL, 0xf7cdea53UL, 0xc8eedb79UL, 0xc1e3d077UL, 0xdaf4cd65UL, 0xd3f9c66bUL, | ||
999 | 0xa4b2af31UL, 0xadbfa43fUL, 0xb6a8b92dUL, 0xbfa5b223UL, 0x80868309UL, 0x898b8807UL, 0x929c9515UL, 0x9b919e1bUL, | ||
1000 | 0x7c0a47a1UL, 0x75074cafUL, 0x6e1051bdUL, 0x671d5ab3UL, 0x583e6b99UL, 0x51336097UL, 0x4a247d85UL, 0x4329768bUL, | ||
1001 | 0x34621fd1UL, 0x3d6f14dfUL, 0x267809cdUL, 0x2f7502c3UL, 0x105633e9UL, 0x195b38e7UL, 0x024c25f5UL, 0x0b412efbUL, | ||
1002 | 0xd7618c9aUL, 0xde6c8794UL, 0xc57b9a86UL, 0xcc769188UL, 0xf355a0a2UL, 0xfa58abacUL, 0xe14fb6beUL, 0xe842bdb0UL, | ||
1003 | 0x9f09d4eaUL, 0x9604dfe4UL, 0x8d13c2f6UL, 0x841ec9f8UL, 0xbb3df8d2UL, 0xb230f3dcUL, 0xa927eeceUL, 0xa02ae5c0UL, | ||
1004 | 0x47b13c7aUL, 0x4ebc3774UL, 0x55ab2a66UL, 0x5ca62168UL, 0x63851042UL, 0x6a881b4cUL, 0x719f065eUL, 0x78920d50UL, | ||
1005 | 0x0fd9640aUL, 0x06d46f04UL, 0x1dc37216UL, 0x14ce7918UL, 0x2bed4832UL, 0x22e0433cUL, 0x39f75e2eUL, 0x30fa5520UL, | ||
1006 | 0x9ab701ecUL, 0x93ba0ae2UL, 0x88ad17f0UL, 0x81a01cfeUL, 0xbe832dd4UL, 0xb78e26daUL, 0xac993bc8UL, 0xa59430c6UL, | ||
1007 | 0xd2df599cUL, 0xdbd25292UL, 0xc0c54f80UL, 0xc9c8448eUL, 0xf6eb75a4UL, 0xffe67eaaUL, 0xe4f163b8UL, 0xedfc68b6UL, | ||
1008 | 0x0a67b10cUL, 0x036aba02UL, 0x187da710UL, 0x1170ac1eUL, 0x2e539d34UL, 0x275e963aUL, 0x3c498b28UL, 0x35448026UL, | ||
1009 | 0x420fe97cUL, 0x4b02e272UL, 0x5015ff60UL, 0x5918f46eUL, 0x663bc544UL, 0x6f36ce4aUL, 0x7421d358UL, 0x7d2cd856UL, | ||
1010 | 0xa10c7a37UL, 0xa8017139UL, 0xb3166c2bUL, 0xba1b6725UL, 0x8538560fUL, 0x8c355d01UL, 0x97224013UL, 0x9e2f4b1dUL, | ||
1011 | 0xe9642247UL, 0xe0692949UL, 0xfb7e345bUL, 0xf2733f55UL, 0xcd500e7fUL, 0xc45d0571UL, 0xdf4a1863UL, 0xd647136dUL, | ||
1012 | 0x31dccad7UL, 0x38d1c1d9UL, 0x23c6dccbUL, 0x2acbd7c5UL, 0x15e8e6efUL, 0x1ce5ede1UL, 0x07f2f0f3UL, 0x0efffbfdUL, | ||
1013 | 0x79b492a7UL, 0x70b999a9UL, 0x6bae84bbUL, 0x62a38fb5UL, 0x5d80be9fUL, 0x548db591UL, 0x4f9aa883UL, 0x4697a38dUL | ||
1014 | }; | ||
1015 | |||
1016 | #endif /* ENCRYPT_ONLY */ | ||
1017 | |||
1018 | #endif /* SMALL CODE */ | ||
1019 | |||
1020 | #ifndef PELI_TAB | ||
1021 | static const ulong32 rcon[] = { | ||
1022 | 0x01000000UL, 0x02000000UL, 0x04000000UL, 0x08000000UL, | ||
1023 | 0x10000000UL, 0x20000000UL, 0x40000000UL, 0x80000000UL, | ||
1024 | 0x1B000000UL, 0x36000000UL, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ | ||
1025 | }; | ||
1026 | #endif | ||
1027 | |||
1028 | #endif /* __LTC_AES_TAB_C__ */ | ||
1029 | |||
1030 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
1031 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
1032 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/hashes/sha1.c b/utils/tomcrypt/src/hashes/sha1.c new file mode 100644 index 0000000000..0e7cc215ba --- /dev/null +++ b/utils/tomcrypt/src/hashes/sha1.c | |||
@@ -0,0 +1,286 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file sha1.c | ||
13 | LTC_SHA1 code by Tom St Denis | ||
14 | */ | ||
15 | |||
16 | |||
17 | #ifdef LTC_SHA1 | ||
18 | |||
19 | const struct ltc_hash_descriptor sha1_desc = | ||
20 | { | ||
21 | "sha1", | ||
22 | 2, | ||
23 | 20, | ||
24 | 64, | ||
25 | |||
26 | /* OID */ | ||
27 | { 1, 3, 14, 3, 2, 26, }, | ||
28 | 6, | ||
29 | |||
30 | &sha1_init, | ||
31 | &sha1_process, | ||
32 | &sha1_done, | ||
33 | &sha1_test, | ||
34 | NULL | ||
35 | }; | ||
36 | |||
37 | #define F0(x,y,z) (z ^ (x & (y ^ z))) | ||
38 | #define F1(x,y,z) (x ^ y ^ z) | ||
39 | #define F2(x,y,z) ((x & y) | (z & (x | y))) | ||
40 | #define F3(x,y,z) (x ^ y ^ z) | ||
41 | |||
42 | #ifdef LTC_CLEAN_STACK | ||
43 | static int _sha1_compress(hash_state *md, unsigned char *buf) | ||
44 | #else | ||
45 | static int sha1_compress(hash_state *md, unsigned char *buf) | ||
46 | #endif | ||
47 | { | ||
48 | ulong32 a,b,c,d,e,W[80],i; | ||
49 | #ifdef LTC_SMALL_CODE | ||
50 | ulong32 t; | ||
51 | #endif | ||
52 | |||
53 | /* copy the state into 512-bits into W[0..15] */ | ||
54 | for (i = 0; i < 16; i++) { | ||
55 | LOAD32H(W[i], buf + (4*i)); | ||
56 | } | ||
57 | |||
58 | /* copy state */ | ||
59 | a = md->sha1.state[0]; | ||
60 | b = md->sha1.state[1]; | ||
61 | c = md->sha1.state[2]; | ||
62 | d = md->sha1.state[3]; | ||
63 | e = md->sha1.state[4]; | ||
64 | |||
65 | /* expand it */ | ||
66 | for (i = 16; i < 80; i++) { | ||
67 | W[i] = ROL(W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16], 1); | ||
68 | } | ||
69 | |||
70 | /* compress */ | ||
71 | /* round one */ | ||
72 | #define FF0(a,b,c,d,e,i) e = (ROLc(a, 5) + F0(b,c,d) + e + W[i] + 0x5a827999UL); b = ROLc(b, 30); | ||
73 | #define FF1(a,b,c,d,e,i) e = (ROLc(a, 5) + F1(b,c,d) + e + W[i] + 0x6ed9eba1UL); b = ROLc(b, 30); | ||
74 | #define FF2(a,b,c,d,e,i) e = (ROLc(a, 5) + F2(b,c,d) + e + W[i] + 0x8f1bbcdcUL); b = ROLc(b, 30); | ||
75 | #define FF3(a,b,c,d,e,i) e = (ROLc(a, 5) + F3(b,c,d) + e + W[i] + 0xca62c1d6UL); b = ROLc(b, 30); | ||
76 | |||
77 | #ifdef LTC_SMALL_CODE | ||
78 | |||
79 | for (i = 0; i < 20; ) { | ||
80 | FF0(a,b,c,d,e,i++); t = e; e = d; d = c; c = b; b = a; a = t; | ||
81 | } | ||
82 | |||
83 | for (; i < 40; ) { | ||
84 | FF1(a,b,c,d,e,i++); t = e; e = d; d = c; c = b; b = a; a = t; | ||
85 | } | ||
86 | |||
87 | for (; i < 60; ) { | ||
88 | FF2(a,b,c,d,e,i++); t = e; e = d; d = c; c = b; b = a; a = t; | ||
89 | } | ||
90 | |||
91 | for (; i < 80; ) { | ||
92 | FF3(a,b,c,d,e,i++); t = e; e = d; d = c; c = b; b = a; a = t; | ||
93 | } | ||
94 | |||
95 | #else | ||
96 | |||
97 | for (i = 0; i < 20; ) { | ||
98 | FF0(a,b,c,d,e,i++); | ||
99 | FF0(e,a,b,c,d,i++); | ||
100 | FF0(d,e,a,b,c,i++); | ||
101 | FF0(c,d,e,a,b,i++); | ||
102 | FF0(b,c,d,e,a,i++); | ||
103 | } | ||
104 | |||
105 | /* round two */ | ||
106 | for (; i < 40; ) { | ||
107 | FF1(a,b,c,d,e,i++); | ||
108 | FF1(e,a,b,c,d,i++); | ||
109 | FF1(d,e,a,b,c,i++); | ||
110 | FF1(c,d,e,a,b,i++); | ||
111 | FF1(b,c,d,e,a,i++); | ||
112 | } | ||
113 | |||
114 | /* round three */ | ||
115 | for (; i < 60; ) { | ||
116 | FF2(a,b,c,d,e,i++); | ||
117 | FF2(e,a,b,c,d,i++); | ||
118 | FF2(d,e,a,b,c,i++); | ||
119 | FF2(c,d,e,a,b,i++); | ||
120 | FF2(b,c,d,e,a,i++); | ||
121 | } | ||
122 | |||
123 | /* round four */ | ||
124 | for (; i < 80; ) { | ||
125 | FF3(a,b,c,d,e,i++); | ||
126 | FF3(e,a,b,c,d,i++); | ||
127 | FF3(d,e,a,b,c,i++); | ||
128 | FF3(c,d,e,a,b,i++); | ||
129 | FF3(b,c,d,e,a,i++); | ||
130 | } | ||
131 | #endif | ||
132 | |||
133 | #undef FF0 | ||
134 | #undef FF1 | ||
135 | #undef FF2 | ||
136 | #undef FF3 | ||
137 | |||
138 | /* store */ | ||
139 | md->sha1.state[0] = md->sha1.state[0] + a; | ||
140 | md->sha1.state[1] = md->sha1.state[1] + b; | ||
141 | md->sha1.state[2] = md->sha1.state[2] + c; | ||
142 | md->sha1.state[3] = md->sha1.state[3] + d; | ||
143 | md->sha1.state[4] = md->sha1.state[4] + e; | ||
144 | |||
145 | return CRYPT_OK; | ||
146 | } | ||
147 | |||
148 | #ifdef LTC_CLEAN_STACK | ||
149 | static int sha1_compress(hash_state *md, unsigned char *buf) | ||
150 | { | ||
151 | int err; | ||
152 | err = _sha1_compress(md, buf); | ||
153 | burn_stack(sizeof(ulong32) * 87); | ||
154 | return err; | ||
155 | } | ||
156 | #endif | ||
157 | |||
158 | /** | ||
159 | Initialize the hash state | ||
160 | @param md The hash state you wish to initialize | ||
161 | @return CRYPT_OK if successful | ||
162 | */ | ||
163 | int sha1_init(hash_state * md) | ||
164 | { | ||
165 | LTC_ARGCHK(md != NULL); | ||
166 | md->sha1.state[0] = 0x67452301UL; | ||
167 | md->sha1.state[1] = 0xefcdab89UL; | ||
168 | md->sha1.state[2] = 0x98badcfeUL; | ||
169 | md->sha1.state[3] = 0x10325476UL; | ||
170 | md->sha1.state[4] = 0xc3d2e1f0UL; | ||
171 | md->sha1.curlen = 0; | ||
172 | md->sha1.length = 0; | ||
173 | return CRYPT_OK; | ||
174 | } | ||
175 | |||
176 | /** | ||
177 | Process a block of memory though the hash | ||
178 | @param md The hash state | ||
179 | @param in The data to hash | ||
180 | @param inlen The length of the data (octets) | ||
181 | @return CRYPT_OK if successful | ||
182 | */ | ||
183 | HASH_PROCESS(sha1_process, sha1_compress, sha1, 64) | ||
184 | |||
185 | /** | ||
186 | Terminate the hash to get the digest | ||
187 | @param md The hash state | ||
188 | @param out [out] The destination of the hash (20 bytes) | ||
189 | @return CRYPT_OK if successful | ||
190 | */ | ||
191 | int sha1_done(hash_state * md, unsigned char *out) | ||
192 | { | ||
193 | int i; | ||
194 | |||
195 | LTC_ARGCHK(md != NULL); | ||
196 | LTC_ARGCHK(out != NULL); | ||
197 | |||
198 | if (md->sha1.curlen >= sizeof(md->sha1.buf)) { | ||
199 | return CRYPT_INVALID_ARG; | ||
200 | } | ||
201 | |||
202 | /* increase the length of the message */ | ||
203 | md->sha1.length += md->sha1.curlen * 8; | ||
204 | |||
205 | /* append the '1' bit */ | ||
206 | md->sha1.buf[md->sha1.curlen++] = (unsigned char)0x80; | ||
207 | |||
208 | /* if the length is currently above 56 bytes we append zeros | ||
209 | * then compress. Then we can fall back to padding zeros and length | ||
210 | * encoding like normal. | ||
211 | */ | ||
212 | if (md->sha1.curlen > 56) { | ||
213 | while (md->sha1.curlen < 64) { | ||
214 | md->sha1.buf[md->sha1.curlen++] = (unsigned char)0; | ||
215 | } | ||
216 | sha1_compress(md, md->sha1.buf); | ||
217 | md->sha1.curlen = 0; | ||
218 | } | ||
219 | |||
220 | /* pad upto 56 bytes of zeroes */ | ||
221 | while (md->sha1.curlen < 56) { | ||
222 | md->sha1.buf[md->sha1.curlen++] = (unsigned char)0; | ||
223 | } | ||
224 | |||
225 | /* store length */ | ||
226 | STORE64H(md->sha1.length, md->sha1.buf+56); | ||
227 | sha1_compress(md, md->sha1.buf); | ||
228 | |||
229 | /* copy output */ | ||
230 | for (i = 0; i < 5; i++) { | ||
231 | STORE32H(md->sha1.state[i], out+(4*i)); | ||
232 | } | ||
233 | #ifdef LTC_CLEAN_STACK | ||
234 | zeromem(md, sizeof(hash_state)); | ||
235 | #endif | ||
236 | return CRYPT_OK; | ||
237 | } | ||
238 | |||
239 | /** | ||
240 | Self-test the hash | ||
241 | @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled | ||
242 | */ | ||
243 | int sha1_test(void) | ||
244 | { | ||
245 | #ifndef LTC_TEST | ||
246 | return CRYPT_NOP; | ||
247 | #else | ||
248 | static const struct { | ||
249 | const char *msg; | ||
250 | unsigned char hash[20]; | ||
251 | } tests[] = { | ||
252 | { "abc", | ||
253 | { 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, | ||
254 | 0xba, 0x3e, 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, | ||
255 | 0x9c, 0xd0, 0xd8, 0x9d } | ||
256 | }, | ||
257 | { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", | ||
258 | { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, | ||
259 | 0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, | ||
260 | 0xE5, 0x46, 0x70, 0xF1 } | ||
261 | } | ||
262 | }; | ||
263 | |||
264 | int i; | ||
265 | unsigned char tmp[20]; | ||
266 | hash_state md; | ||
267 | |||
268 | for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) { | ||
269 | sha1_init(&md); | ||
270 | sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg)); | ||
271 | sha1_done(&md, tmp); | ||
272 | if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA1", i)) { | ||
273 | return CRYPT_FAIL_TESTVECTOR; | ||
274 | } | ||
275 | } | ||
276 | return CRYPT_OK; | ||
277 | #endif | ||
278 | } | ||
279 | |||
280 | #endif | ||
281 | |||
282 | |||
283 | |||
284 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
285 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
286 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt.h b/utils/tomcrypt/src/headers/tomcrypt.h new file mode 100644 index 0000000000..1192ab5c84 --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt.h | |||
@@ -0,0 +1,105 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | #ifndef TOMCRYPT_H_ | ||
11 | #define TOMCRYPT_H_ | ||
12 | #include <assert.h> | ||
13 | #include <stdio.h> | ||
14 | #include <string.h> | ||
15 | #include <stdlib.h> | ||
16 | #include <stddef.h> | ||
17 | #include <time.h> | ||
18 | #include <ctype.h> | ||
19 | #include <limits.h> | ||
20 | |||
21 | /* use configuration data */ | ||
22 | #include <tomcrypt_custom.h> | ||
23 | |||
24 | #ifdef __cplusplus | ||
25 | extern "C" { | ||
26 | #endif | ||
27 | |||
28 | /* version */ | ||
29 | #define CRYPT 0x0118 | ||
30 | #define SCRYPT "1.18.2" | ||
31 | |||
32 | /* max size of either a cipher/hash block or symmetric key [largest of the two] */ | ||
33 | #define MAXBLOCKSIZE 128 | ||
34 | |||
35 | #ifndef TAB_SIZE | ||
36 | /* descriptor table size */ | ||
37 | #define TAB_SIZE 32 | ||
38 | #endif | ||
39 | |||
40 | /* error codes [will be expanded in future releases] */ | ||
41 | enum { | ||
42 | CRYPT_OK=0, /* Result OK */ | ||
43 | CRYPT_ERROR, /* Generic Error */ | ||
44 | CRYPT_NOP, /* Not a failure but no operation was performed */ | ||
45 | |||
46 | CRYPT_INVALID_KEYSIZE, /* Invalid key size given */ | ||
47 | CRYPT_INVALID_ROUNDS, /* Invalid number of rounds */ | ||
48 | CRYPT_FAIL_TESTVECTOR, /* Algorithm failed test vectors */ | ||
49 | |||
50 | CRYPT_BUFFER_OVERFLOW, /* Not enough space for output */ | ||
51 | CRYPT_INVALID_PACKET, /* Invalid input packet given */ | ||
52 | |||
53 | CRYPT_INVALID_PRNGSIZE, /* Invalid number of bits for a PRNG */ | ||
54 | CRYPT_ERROR_READPRNG, /* Could not read enough from PRNG */ | ||
55 | |||
56 | CRYPT_INVALID_CIPHER, /* Invalid cipher specified */ | ||
57 | CRYPT_INVALID_HASH, /* Invalid hash specified */ | ||
58 | CRYPT_INVALID_PRNG, /* Invalid PRNG specified */ | ||
59 | |||
60 | CRYPT_MEM, /* Out of memory */ | ||
61 | |||
62 | CRYPT_PK_TYPE_MISMATCH, /* Not equivalent types of PK keys */ | ||
63 | CRYPT_PK_NOT_PRIVATE, /* Requires a private PK key */ | ||
64 | |||
65 | CRYPT_INVALID_ARG, /* Generic invalid argument */ | ||
66 | CRYPT_FILE_NOTFOUND, /* File Not Found */ | ||
67 | |||
68 | CRYPT_PK_INVALID_TYPE, /* Invalid type of PK key */ | ||
69 | |||
70 | CRYPT_OVERFLOW, /* An overflow of a value was detected/prevented */ | ||
71 | |||
72 | CRYPT_UNUSED1, /* UNUSED1 */ | ||
73 | |||
74 | CRYPT_INPUT_TOO_LONG, /* The input was longer than expected. */ | ||
75 | |||
76 | CRYPT_PK_INVALID_SIZE, /* Invalid size input for PK parameters */ | ||
77 | |||
78 | CRYPT_INVALID_PRIME_SIZE,/* Invalid size of prime requested */ | ||
79 | CRYPT_PK_INVALID_PADDING, /* Invalid padding on input */ | ||
80 | |||
81 | CRYPT_HASH_OVERFLOW /* Hash applied to too many bits */ | ||
82 | }; | ||
83 | |||
84 | #include <tomcrypt_cfg.h> | ||
85 | #include <tomcrypt_macros.h> | ||
86 | #include <tomcrypt_cipher.h> | ||
87 | #include <tomcrypt_hash.h> | ||
88 | #include <tomcrypt_mac.h> | ||
89 | #include <tomcrypt_prng.h> | ||
90 | #include <tomcrypt_pk.h> | ||
91 | #include <tomcrypt_math.h> | ||
92 | #include <tomcrypt_misc.h> | ||
93 | #include <tomcrypt_argchk.h> | ||
94 | #include <tomcrypt_pkcs.h> | ||
95 | |||
96 | #ifdef __cplusplus | ||
97 | } | ||
98 | #endif | ||
99 | |||
100 | #endif /* TOMCRYPT_H_ */ | ||
101 | |||
102 | |||
103 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
104 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
105 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_argchk.h b/utils/tomcrypt/src/headers/tomcrypt_argchk.h new file mode 100644 index 0000000000..c946712f8c --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_argchk.h | |||
@@ -0,0 +1,53 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* Defines the LTC_ARGCHK macro used within the library */ | ||
11 | /* ARGTYPE is defined in tomcrypt_cfg.h */ | ||
12 | #if ARGTYPE == 0 | ||
13 | |||
14 | #include <signal.h> | ||
15 | |||
16 | /* this is the default LibTomCrypt macro */ | ||
17 | #if defined(__clang__) || defined(__GNUC_MINOR__) | ||
18 | #define NORETURN __attribute__ ((noreturn)) | ||
19 | #else | ||
20 | #define NORETURN | ||
21 | #endif | ||
22 | |||
23 | void crypt_argchk(const char *v, const char *s, int d) NORETURN; | ||
24 | #define LTC_ARGCHK(x) do { if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } }while(0) | ||
25 | #define LTC_ARGCHKVD(x) do { if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } }while(0) | ||
26 | |||
27 | #elif ARGTYPE == 1 | ||
28 | |||
29 | /* fatal type of error */ | ||
30 | #define LTC_ARGCHK(x) assert((x)) | ||
31 | #define LTC_ARGCHKVD(x) LTC_ARGCHK(x) | ||
32 | |||
33 | #elif ARGTYPE == 2 | ||
34 | |||
35 | #define LTC_ARGCHK(x) if (!(x)) { fprintf(stderr, "\nwarning: ARGCHK failed at %s:%d\n", __FILE__, __LINE__); } | ||
36 | #define LTC_ARGCHKVD(x) LTC_ARGCHK(x) | ||
37 | |||
38 | #elif ARGTYPE == 3 | ||
39 | |||
40 | #define LTC_ARGCHK(x) | ||
41 | #define LTC_ARGCHKVD(x) LTC_ARGCHK(x) | ||
42 | |||
43 | #elif ARGTYPE == 4 | ||
44 | |||
45 | #define LTC_ARGCHK(x) if (!(x)) return CRYPT_INVALID_ARG; | ||
46 | #define LTC_ARGCHKVD(x) if (!(x)) return; | ||
47 | |||
48 | #endif | ||
49 | |||
50 | |||
51 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
52 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
53 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_cfg.h b/utils/tomcrypt/src/headers/tomcrypt_cfg.h new file mode 100644 index 0000000000..ce0dd5f7fa --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_cfg.h | |||
@@ -0,0 +1,283 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* This is the build config file. | ||
11 | * | ||
12 | * With this you can setup what to inlcude/exclude automatically during any build. Just comment | ||
13 | * out the line that #define's the word for the thing you want to remove. phew! | ||
14 | */ | ||
15 | |||
16 | #ifndef TOMCRYPT_CFG_H | ||
17 | #define TOMCRYPT_CFG_H | ||
18 | |||
19 | #if defined(_WIN32) || defined(_MSC_VER) | ||
20 | #define LTC_CALL __cdecl | ||
21 | #elif !defined(LTC_CALL) | ||
22 | #define LTC_CALL | ||
23 | #endif | ||
24 | |||
25 | #ifndef LTC_EXPORT | ||
26 | #define LTC_EXPORT | ||
27 | #endif | ||
28 | |||
29 | /* certain platforms use macros for these, making the prototypes broken */ | ||
30 | #ifndef LTC_NO_PROTOTYPES | ||
31 | |||
32 | /* you can change how memory allocation works ... */ | ||
33 | LTC_EXPORT void * LTC_CALL XMALLOC(size_t n); | ||
34 | LTC_EXPORT void * LTC_CALL XREALLOC(void *p, size_t n); | ||
35 | LTC_EXPORT void * LTC_CALL XCALLOC(size_t n, size_t s); | ||
36 | LTC_EXPORT void LTC_CALL XFREE(void *p); | ||
37 | |||
38 | LTC_EXPORT void LTC_CALL XQSORT(void *base, size_t nmemb, size_t size, int(*compar)(const void *, const void *)); | ||
39 | |||
40 | |||
41 | /* change the clock function too */ | ||
42 | LTC_EXPORT clock_t LTC_CALL XCLOCK(void); | ||
43 | |||
44 | /* various other functions */ | ||
45 | LTC_EXPORT void * LTC_CALL XMEMCPY(void *dest, const void *src, size_t n); | ||
46 | LTC_EXPORT int LTC_CALL XMEMCMP(const void *s1, const void *s2, size_t n); | ||
47 | LTC_EXPORT void * LTC_CALL XMEMSET(void *s, int c, size_t n); | ||
48 | |||
49 | LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2); | ||
50 | |||
51 | #endif | ||
52 | |||
53 | /* some compilers do not like "inline" (or maybe "static inline"), namely: HP cc, IBM xlc */ | ||
54 | #if defined(__HP_cc) || defined(__xlc__) | ||
55 | #define LTC_INLINE | ||
56 | #elif defined(_MSC_VER) | ||
57 | #define LTC_INLINE __inline | ||
58 | #else | ||
59 | #define LTC_INLINE inline | ||
60 | #endif | ||
61 | |||
62 | /* type of argument checking, 0=default, 1=fatal and 2=error+continue, 3=nothing */ | ||
63 | #ifndef ARGTYPE | ||
64 | #define ARGTYPE 0 | ||
65 | #endif | ||
66 | |||
67 | #undef LTC_ENCRYPT | ||
68 | #define LTC_ENCRYPT 0 | ||
69 | #undef LTC_DECRYPT | ||
70 | #define LTC_DECRYPT 1 | ||
71 | |||
72 | /* Controls endianess and size of registers. Leave uncommented to get platform neutral [slower] code | ||
73 | * | ||
74 | * Note: in order to use the optimized macros your platform must support unaligned 32 and 64 bit read/writes. | ||
75 | * The x86 platforms allow this but some others [ARM for instance] do not. On those platforms you **MUST** | ||
76 | * use the portable [slower] macros. | ||
77 | */ | ||
78 | /* detect x86/i386 32bit */ | ||
79 | #if defined(__i386__) || defined(__i386) || defined(_M_IX86) | ||
80 | #define ENDIAN_LITTLE | ||
81 | #define ENDIAN_32BITWORD | ||
82 | #define LTC_FAST | ||
83 | #endif | ||
84 | |||
85 | /* detect amd64/x64 */ | ||
86 | #if defined(__x86_64__) || defined(_M_X64) || defined(_M_AMD64) | ||
87 | #define ENDIAN_LITTLE | ||
88 | #define ENDIAN_64BITWORD | ||
89 | #define LTC_FAST | ||
90 | #endif | ||
91 | |||
92 | /* detect PPC32 */ | ||
93 | #if defined(LTC_PPC32) | ||
94 | #define ENDIAN_BIG | ||
95 | #define ENDIAN_32BITWORD | ||
96 | #define LTC_FAST | ||
97 | #endif | ||
98 | |||
99 | /* detects MIPS R5900 processors (PS2) */ | ||
100 | #if (defined(__R5900) || defined(R5900) || defined(__R5900__)) && (defined(_mips) || defined(__mips__) || defined(mips)) | ||
101 | #define ENDIAN_64BITWORD | ||
102 | #if defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__) | ||
103 | #define ENDIAN_BIG | ||
104 | #endif | ||
105 | #define ENDIAN_LITTLE | ||
106 | #endif | ||
107 | #endif | ||
108 | |||
109 | /* detect AIX */ | ||
110 | #if defined(_AIX) && defined(_BIG_ENDIAN) | ||
111 | #define ENDIAN_BIG | ||
112 | #if defined(__LP64__) || defined(_ARCH_PPC64) | ||
113 | #define ENDIAN_64BITWORD | ||
114 | #else | ||
115 | #define ENDIAN_32BITWORD | ||
116 | #endif | ||
117 | #endif | ||
118 | |||
119 | /* detect HP-UX */ | ||
120 | #if defined(__hpux) || defined(__hpux__) | ||
121 | #define ENDIAN_BIG | ||
122 | #if defined(__ia64) || defined(__ia64__) || defined(__LP64__) | ||
123 | #define ENDIAN_64BITWORD | ||
124 | #else | ||
125 | #define ENDIAN_32BITWORD | ||
126 | #endif | ||
127 | #endif | ||
128 | |||
129 | /* detect Apple OS X */ | ||
130 | #if defined(__APPLE__) && defined(__MACH__) | ||
131 | #if defined(__LITTLE_ENDIAN__) || defined(__x86_64__) | ||
132 | #define ENDIAN_LITTLE | ||
133 | #else | ||
134 | #define ENDIAN_BIG | ||
135 | #endif | ||
136 | #if defined(__LP64__) || defined(__x86_64__) | ||
137 | #define ENDIAN_64BITWORD | ||
138 | #else | ||
139 | #define ENDIAN_32BITWORD | ||
140 | #endif | ||
141 | #endif | ||
142 | |||
143 | /* detect SPARC and SPARC64 */ | ||
144 | #if defined(__sparc__) || defined(__sparc) | ||
145 | #define ENDIAN_BIG | ||
146 | #if defined(__arch64__) || defined(__sparcv9) || defined(__sparc_v9__) | ||
147 | #define ENDIAN_64BITWORD | ||
148 | #else | ||
149 | #define ENDIAN_32BITWORD | ||
150 | #endif | ||
151 | #endif | ||
152 | |||
153 | /* detect IBM S390(x) */ | ||
154 | #if defined(__s390x__) || defined(__s390__) | ||
155 | #define ENDIAN_BIG | ||
156 | #if defined(__s390x__) | ||
157 | #define ENDIAN_64BITWORD | ||
158 | #else | ||
159 | #define ENDIAN_32BITWORD | ||
160 | #endif | ||
161 | #endif | ||
162 | |||
163 | /* detect PPC64 */ | ||
164 | #if defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) | ||
165 | #define ENDIAN_64BITWORD | ||
166 | #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ | ||
167 | #define ENDIAN_BIG | ||
168 | #elif __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ | ||
169 | #define ENDIAN_LITTLE | ||
170 | #endif | ||
171 | #define LTC_FAST | ||
172 | #endif | ||
173 | |||
174 | /* endianness fallback */ | ||
175 | #if !defined(ENDIAN_BIG) && !defined(ENDIAN_LITTLE) | ||
176 | #if defined(_BYTE_ORDER) && _BYTE_ORDER == _BIG_ENDIAN || \ | ||
177 | defined(__BYTE_ORDER) && __BYTE_ORDER == __BIG_ENDIAN || \ | ||
178 | defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ || \ | ||
179 | defined(__BIG_ENDIAN__) || \ | ||
180 | defined(__ARMEB__) || defined(__THUMBEB__) || defined(__AARCH64EB__) || \ | ||
181 | defined(_MIPSEB) || defined(__MIPSEB) || defined(__MIPSEB__) | ||
182 | #define ENDIAN_BIG | ||
183 | #elif defined(_BYTE_ORDER) && _BYTE_ORDER == _LITTLE_ENDIAN || \ | ||
184 | defined(__BYTE_ORDER) && __BYTE_ORDER == __LITTLE_ENDIAN || \ | ||
185 | defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ || \ | ||
186 | defined(__LITTLE_ENDIAN__) || \ | ||
187 | defined(__ARMEL__) || defined(__THUMBEL__) || defined(__AARCH64EL__) || \ | ||
188 | defined(_MIPSEL) || defined(__MIPSEL) || defined(__MIPSEL__) | ||
189 | #define ENDIAN_LITTLE | ||
190 | #else | ||
191 | #error Cannot detect endianness | ||
192 | #endif | ||
193 | #endif | ||
194 | |||
195 | /* ulong64: 64-bit data type */ | ||
196 | #ifdef _MSC_VER | ||
197 | #define CONST64(n) n ## ui64 | ||
198 | typedef unsigned __int64 ulong64; | ||
199 | #else | ||
200 | #define CONST64(n) n ## ULL | ||
201 | typedef unsigned long long ulong64; | ||
202 | #endif | ||
203 | |||
204 | /* ulong32: "32-bit at least" data type */ | ||
205 | #if defined(__x86_64__) || defined(_M_X64) || defined(_M_AMD64) || \ | ||
206 | defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) || \ | ||
207 | defined(__s390x__) || defined(__arch64__) || defined(__aarch64__) || \ | ||
208 | defined(__sparcv9) || defined(__sparc_v9__) || defined(__sparc64__) || \ | ||
209 | defined(__ia64) || defined(__ia64__) || defined(__itanium__) || defined(_M_IA64) || \ | ||
210 | defined(__LP64__) || defined(_LP64) || defined(__64BIT__) | ||
211 | typedef unsigned ulong32; | ||
212 | #if !defined(ENDIAN_64BITWORD) && !defined(ENDIAN_32BITWORD) | ||
213 | #define ENDIAN_64BITWORD | ||
214 | #endif | ||
215 | #else | ||
216 | typedef unsigned long ulong32; | ||
217 | #if !defined(ENDIAN_64BITWORD) && !defined(ENDIAN_32BITWORD) | ||
218 | #define ENDIAN_32BITWORD | ||
219 | #endif | ||
220 | #endif | ||
221 | |||
222 | #if defined(ENDIAN_64BITWORD) && !defined(_MSC_VER) | ||
223 | typedef unsigned long long ltc_mp_digit; | ||
224 | #else | ||
225 | typedef unsigned long ltc_mp_digit; | ||
226 | #endif | ||
227 | |||
228 | /* No asm is a quick way to disable anything "not portable" */ | ||
229 | #ifdef LTC_NO_ASM | ||
230 | #define ENDIAN_NEUTRAL | ||
231 | #undef ENDIAN_32BITWORD | ||
232 | #undef ENDIAN_64BITWORD | ||
233 | #undef LTC_FAST | ||
234 | #define LTC_NO_ROLC | ||
235 | #define LTC_NO_BSWAP | ||
236 | #endif | ||
237 | |||
238 | /* No LTC_FAST if: explicitly disabled OR non-gcc/non-clang compiler OR old gcc OR using -ansi -std=c99 */ | ||
239 | #if defined(LTC_NO_FAST) || (__GNUC__ < 4) || defined(__STRICT_ANSI__) | ||
240 | #undef LTC_FAST | ||
241 | #endif | ||
242 | |||
243 | #ifdef LTC_FAST | ||
244 | #define LTC_FAST_TYPE_PTR_CAST(x) ((LTC_FAST_TYPE*)(void*)(x)) | ||
245 | #ifdef ENDIAN_64BITWORD | ||
246 | typedef ulong64 __attribute__((__may_alias__)) LTC_FAST_TYPE; | ||
247 | #else | ||
248 | typedef ulong32 __attribute__((__may_alias__)) LTC_FAST_TYPE; | ||
249 | #endif | ||
250 | #endif | ||
251 | |||
252 | #if !defined(ENDIAN_NEUTRAL) && (defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) && !(defined(ENDIAN_32BITWORD) || defined(ENDIAN_64BITWORD)) | ||
253 | #error You must specify a word size as well as endianess in tomcrypt_cfg.h | ||
254 | #endif | ||
255 | |||
256 | #if !(defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) | ||
257 | #define ENDIAN_NEUTRAL | ||
258 | #endif | ||
259 | |||
260 | #if (defined(ENDIAN_32BITWORD) && defined(ENDIAN_64BITWORD)) | ||
261 | #error Cannot be 32 and 64 bit words... | ||
262 | #endif | ||
263 | |||
264 | /* gcc 4.3 and up has a bswap builtin; detect it by gcc version. | ||
265 | * clang also supports the bswap builtin, and although clang pretends | ||
266 | * to be gcc (macro-wise, anyway), clang pretends to be a version | ||
267 | * prior to gcc 4.3, so we can't detect bswap that way. Instead, | ||
268 | * clang has a __has_builtin mechanism that can be used to check | ||
269 | * for builtins: | ||
270 | * http://clang.llvm.org/docs/LanguageExtensions.html#feature_check */ | ||
271 | #ifndef __has_builtin | ||
272 | #define __has_builtin(x) 0 | ||
273 | #endif | ||
274 | #if !defined(LTC_NO_BSWAP) && defined(__GNUC__) && \ | ||
275 | ((__GNUC__ * 100 + __GNUC_MINOR__ >= 403) || \ | ||
276 | (__has_builtin(__builtin_bswap32) && __has_builtin(__builtin_bswap64))) | ||
277 | #define LTC_HAVE_BSWAP_BUILTIN | ||
278 | #endif | ||
279 | |||
280 | |||
281 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
282 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
283 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_cipher.h b/utils/tomcrypt/src/headers/tomcrypt_cipher.h new file mode 100644 index 0000000000..6f0c30b63b --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_cipher.h | |||
@@ -0,0 +1,1008 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* ---- SYMMETRIC KEY STUFF ----- | ||
11 | * | ||
12 | * We put each of the ciphers scheduled keys in their own structs then we put all of | ||
13 | * the key formats in one union. This makes the function prototypes easier to use. | ||
14 | */ | ||
15 | #ifdef LTC_BLOWFISH | ||
16 | struct blowfish_key { | ||
17 | ulong32 S[4][256]; | ||
18 | ulong32 K[18]; | ||
19 | }; | ||
20 | #endif | ||
21 | |||
22 | #ifdef LTC_RC5 | ||
23 | struct rc5_key { | ||
24 | int rounds; | ||
25 | ulong32 K[50]; | ||
26 | }; | ||
27 | #endif | ||
28 | |||
29 | #ifdef LTC_RC6 | ||
30 | struct rc6_key { | ||
31 | ulong32 K[44]; | ||
32 | }; | ||
33 | #endif | ||
34 | |||
35 | #ifdef LTC_SAFERP | ||
36 | struct saferp_key { | ||
37 | unsigned char K[33][16]; | ||
38 | long rounds; | ||
39 | }; | ||
40 | #endif | ||
41 | |||
42 | #ifdef LTC_RIJNDAEL | ||
43 | struct rijndael_key { | ||
44 | ulong32 eK[60], dK[60]; | ||
45 | int Nr; | ||
46 | }; | ||
47 | #endif | ||
48 | |||
49 | #ifdef LTC_KSEED | ||
50 | struct kseed_key { | ||
51 | ulong32 K[32], dK[32]; | ||
52 | }; | ||
53 | #endif | ||
54 | |||
55 | #ifdef LTC_KASUMI | ||
56 | struct kasumi_key { | ||
57 | ulong32 KLi1[8], KLi2[8], | ||
58 | KOi1[8], KOi2[8], KOi3[8], | ||
59 | KIi1[8], KIi2[8], KIi3[8]; | ||
60 | }; | ||
61 | #endif | ||
62 | |||
63 | #ifdef LTC_XTEA | ||
64 | struct xtea_key { | ||
65 | unsigned long A[32], B[32]; | ||
66 | }; | ||
67 | #endif | ||
68 | |||
69 | #ifdef LTC_TWOFISH | ||
70 | #ifndef LTC_TWOFISH_SMALL | ||
71 | struct twofish_key { | ||
72 | ulong32 S[4][256], K[40]; | ||
73 | }; | ||
74 | #else | ||
75 | struct twofish_key { | ||
76 | ulong32 K[40]; | ||
77 | unsigned char S[32], start; | ||
78 | }; | ||
79 | #endif | ||
80 | #endif | ||
81 | |||
82 | #ifdef LTC_SAFER | ||
83 | #define LTC_SAFER_K64_DEFAULT_NOF_ROUNDS 6 | ||
84 | #define LTC_SAFER_K128_DEFAULT_NOF_ROUNDS 10 | ||
85 | #define LTC_SAFER_SK64_DEFAULT_NOF_ROUNDS 8 | ||
86 | #define LTC_SAFER_SK128_DEFAULT_NOF_ROUNDS 10 | ||
87 | #define LTC_SAFER_MAX_NOF_ROUNDS 13 | ||
88 | #define LTC_SAFER_BLOCK_LEN 8 | ||
89 | #define LTC_SAFER_KEY_LEN (1 + LTC_SAFER_BLOCK_LEN * (1 + 2 * LTC_SAFER_MAX_NOF_ROUNDS)) | ||
90 | typedef unsigned char safer_block_t[LTC_SAFER_BLOCK_LEN]; | ||
91 | typedef unsigned char safer_key_t[LTC_SAFER_KEY_LEN]; | ||
92 | struct safer_key { safer_key_t key; }; | ||
93 | #endif | ||
94 | |||
95 | #ifdef LTC_RC2 | ||
96 | struct rc2_key { unsigned xkey[64]; }; | ||
97 | #endif | ||
98 | |||
99 | #ifdef LTC_DES | ||
100 | struct des_key { | ||
101 | ulong32 ek[32], dk[32]; | ||
102 | }; | ||
103 | |||
104 | struct des3_key { | ||
105 | ulong32 ek[3][32], dk[3][32]; | ||
106 | }; | ||
107 | #endif | ||
108 | |||
109 | #ifdef LTC_CAST5 | ||
110 | struct cast5_key { | ||
111 | ulong32 K[32], keylen; | ||
112 | }; | ||
113 | #endif | ||
114 | |||
115 | #ifdef LTC_NOEKEON | ||
116 | struct noekeon_key { | ||
117 | ulong32 K[4], dK[4]; | ||
118 | }; | ||
119 | #endif | ||
120 | |||
121 | #ifdef LTC_SKIPJACK | ||
122 | struct skipjack_key { | ||
123 | unsigned char key[10]; | ||
124 | }; | ||
125 | #endif | ||
126 | |||
127 | #ifdef LTC_KHAZAD | ||
128 | struct khazad_key { | ||
129 | ulong64 roundKeyEnc[8 + 1]; | ||
130 | ulong64 roundKeyDec[8 + 1]; | ||
131 | }; | ||
132 | #endif | ||
133 | |||
134 | #ifdef LTC_ANUBIS | ||
135 | struct anubis_key { | ||
136 | int keyBits; | ||
137 | int R; | ||
138 | ulong32 roundKeyEnc[18 + 1][4]; | ||
139 | ulong32 roundKeyDec[18 + 1][4]; | ||
140 | }; | ||
141 | #endif | ||
142 | |||
143 | #ifdef LTC_MULTI2 | ||
144 | struct multi2_key { | ||
145 | int N; | ||
146 | ulong32 uk[8]; | ||
147 | }; | ||
148 | #endif | ||
149 | |||
150 | #ifdef LTC_CAMELLIA | ||
151 | struct camellia_key { | ||
152 | int R; | ||
153 | ulong64 kw[4], k[24], kl[6]; | ||
154 | }; | ||
155 | #endif | ||
156 | |||
157 | typedef union Symmetric_key { | ||
158 | #ifdef LTC_DES | ||
159 | struct des_key des; | ||
160 | struct des3_key des3; | ||
161 | #endif | ||
162 | #ifdef LTC_RC2 | ||
163 | struct rc2_key rc2; | ||
164 | #endif | ||
165 | #ifdef LTC_SAFER | ||
166 | struct safer_key safer; | ||
167 | #endif | ||
168 | #ifdef LTC_TWOFISH | ||
169 | struct twofish_key twofish; | ||
170 | #endif | ||
171 | #ifdef LTC_BLOWFISH | ||
172 | struct blowfish_key blowfish; | ||
173 | #endif | ||
174 | #ifdef LTC_RC5 | ||
175 | struct rc5_key rc5; | ||
176 | #endif | ||
177 | #ifdef LTC_RC6 | ||
178 | struct rc6_key rc6; | ||
179 | #endif | ||
180 | #ifdef LTC_SAFERP | ||
181 | struct saferp_key saferp; | ||
182 | #endif | ||
183 | #ifdef LTC_RIJNDAEL | ||
184 | struct rijndael_key rijndael; | ||
185 | #endif | ||
186 | #ifdef LTC_XTEA | ||
187 | struct xtea_key xtea; | ||
188 | #endif | ||
189 | #ifdef LTC_CAST5 | ||
190 | struct cast5_key cast5; | ||
191 | #endif | ||
192 | #ifdef LTC_NOEKEON | ||
193 | struct noekeon_key noekeon; | ||
194 | #endif | ||
195 | #ifdef LTC_SKIPJACK | ||
196 | struct skipjack_key skipjack; | ||
197 | #endif | ||
198 | #ifdef LTC_KHAZAD | ||
199 | struct khazad_key khazad; | ||
200 | #endif | ||
201 | #ifdef LTC_ANUBIS | ||
202 | struct anubis_key anubis; | ||
203 | #endif | ||
204 | #ifdef LTC_KSEED | ||
205 | struct kseed_key kseed; | ||
206 | #endif | ||
207 | #ifdef LTC_KASUMI | ||
208 | struct kasumi_key kasumi; | ||
209 | #endif | ||
210 | #ifdef LTC_MULTI2 | ||
211 | struct multi2_key multi2; | ||
212 | #endif | ||
213 | #ifdef LTC_CAMELLIA | ||
214 | struct camellia_key camellia; | ||
215 | #endif | ||
216 | void *data; | ||
217 | } symmetric_key; | ||
218 | |||
219 | #ifdef LTC_ECB_MODE | ||
220 | /** A block cipher ECB structure */ | ||
221 | typedef struct { | ||
222 | /** The index of the cipher chosen */ | ||
223 | int cipher, | ||
224 | /** The block size of the given cipher */ | ||
225 | blocklen; | ||
226 | /** The scheduled key */ | ||
227 | symmetric_key key; | ||
228 | } symmetric_ECB; | ||
229 | #endif | ||
230 | |||
231 | #ifdef LTC_CFB_MODE | ||
232 | /** A block cipher CFB structure */ | ||
233 | typedef struct { | ||
234 | /** The index of the cipher chosen */ | ||
235 | int cipher, | ||
236 | /** The block size of the given cipher */ | ||
237 | blocklen, | ||
238 | /** The padding offset */ | ||
239 | padlen; | ||
240 | /** The current IV */ | ||
241 | unsigned char IV[MAXBLOCKSIZE], | ||
242 | /** The pad used to encrypt/decrypt */ | ||
243 | pad[MAXBLOCKSIZE]; | ||
244 | /** The scheduled key */ | ||
245 | symmetric_key key; | ||
246 | } symmetric_CFB; | ||
247 | #endif | ||
248 | |||
249 | #ifdef LTC_OFB_MODE | ||
250 | /** A block cipher OFB structure */ | ||
251 | typedef struct { | ||
252 | /** The index of the cipher chosen */ | ||
253 | int cipher, | ||
254 | /** The block size of the given cipher */ | ||
255 | blocklen, | ||
256 | /** The padding offset */ | ||
257 | padlen; | ||
258 | /** The current IV */ | ||
259 | unsigned char IV[MAXBLOCKSIZE]; | ||
260 | /** The scheduled key */ | ||
261 | symmetric_key key; | ||
262 | } symmetric_OFB; | ||
263 | #endif | ||
264 | |||
265 | #ifdef LTC_CBC_MODE | ||
266 | /** A block cipher CBC structure */ | ||
267 | typedef struct { | ||
268 | /** The index of the cipher chosen */ | ||
269 | int cipher, | ||
270 | /** The block size of the given cipher */ | ||
271 | blocklen; | ||
272 | /** The current IV */ | ||
273 | unsigned char IV[MAXBLOCKSIZE]; | ||
274 | /** The scheduled key */ | ||
275 | symmetric_key key; | ||
276 | } symmetric_CBC; | ||
277 | #endif | ||
278 | |||
279 | |||
280 | #ifdef LTC_CTR_MODE | ||
281 | /** A block cipher CTR structure */ | ||
282 | typedef struct { | ||
283 | /** The index of the cipher chosen */ | ||
284 | int cipher, | ||
285 | /** The block size of the given cipher */ | ||
286 | blocklen, | ||
287 | /** The padding offset */ | ||
288 | padlen, | ||
289 | /** The mode (endianess) of the CTR, 0==little, 1==big */ | ||
290 | mode, | ||
291 | /** counter width */ | ||
292 | ctrlen; | ||
293 | |||
294 | /** The counter */ | ||
295 | unsigned char ctr[MAXBLOCKSIZE], | ||
296 | /** The pad used to encrypt/decrypt */ | ||
297 | pad[MAXBLOCKSIZE]; | ||
298 | /** The scheduled key */ | ||
299 | symmetric_key key; | ||
300 | } symmetric_CTR; | ||
301 | #endif | ||
302 | |||
303 | |||
304 | #ifdef LTC_LRW_MODE | ||
305 | /** A LRW structure */ | ||
306 | typedef struct { | ||
307 | /** The index of the cipher chosen (must be a 128-bit block cipher) */ | ||
308 | int cipher; | ||
309 | |||
310 | /** The current IV */ | ||
311 | unsigned char IV[16], | ||
312 | |||
313 | /** the tweak key */ | ||
314 | tweak[16], | ||
315 | |||
316 | /** The current pad, it's the product of the first 15 bytes against the tweak key */ | ||
317 | pad[16]; | ||
318 | |||
319 | /** The scheduled symmetric key */ | ||
320 | symmetric_key key; | ||
321 | |||
322 | #ifdef LTC_LRW_TABLES | ||
323 | /** The pre-computed multiplication table */ | ||
324 | unsigned char PC[16][256][16]; | ||
325 | #endif | ||
326 | } symmetric_LRW; | ||
327 | #endif | ||
328 | |||
329 | #ifdef LTC_F8_MODE | ||
330 | /** A block cipher F8 structure */ | ||
331 | typedef struct { | ||
332 | /** The index of the cipher chosen */ | ||
333 | int cipher, | ||
334 | /** The block size of the given cipher */ | ||
335 | blocklen, | ||
336 | /** The padding offset */ | ||
337 | padlen; | ||
338 | /** The current IV */ | ||
339 | unsigned char IV[MAXBLOCKSIZE], | ||
340 | MIV[MAXBLOCKSIZE]; | ||
341 | /** Current block count */ | ||
342 | ulong32 blockcnt; | ||
343 | /** The scheduled key */ | ||
344 | symmetric_key key; | ||
345 | } symmetric_F8; | ||
346 | #endif | ||
347 | |||
348 | |||
349 | /** cipher descriptor table, last entry has "name == NULL" to mark the end of table */ | ||
350 | extern struct ltc_cipher_descriptor { | ||
351 | /** name of cipher */ | ||
352 | const char *name; | ||
353 | /** internal ID */ | ||
354 | unsigned char ID; | ||
355 | /** min keysize (octets) */ | ||
356 | int min_key_length, | ||
357 | /** max keysize (octets) */ | ||
358 | max_key_length, | ||
359 | /** block size (octets) */ | ||
360 | block_length, | ||
361 | /** default number of rounds */ | ||
362 | default_rounds; | ||
363 | /** Setup the cipher | ||
364 | @param key The input symmetric key | ||
365 | @param keylen The length of the input key (octets) | ||
366 | @param num_rounds The requested number of rounds (0==default) | ||
367 | @param skey [out] The destination of the scheduled key | ||
368 | @return CRYPT_OK if successful | ||
369 | */ | ||
370 | int (*setup)(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
371 | /** Encrypt a block | ||
372 | @param pt The plaintext | ||
373 | @param ct [out] The ciphertext | ||
374 | @param skey The scheduled key | ||
375 | @return CRYPT_OK if successful | ||
376 | */ | ||
377 | int (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
378 | /** Decrypt a block | ||
379 | @param ct The ciphertext | ||
380 | @param pt [out] The plaintext | ||
381 | @param skey The scheduled key | ||
382 | @return CRYPT_OK if successful | ||
383 | */ | ||
384 | int (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
385 | /** Test the block cipher | ||
386 | @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled | ||
387 | */ | ||
388 | int (*test)(void); | ||
389 | |||
390 | /** Terminate the context | ||
391 | @param skey The scheduled key | ||
392 | */ | ||
393 | void (*done)(symmetric_key *skey); | ||
394 | |||
395 | /** Determine a key size | ||
396 | @param keysize [in/out] The size of the key desired and the suggested size | ||
397 | @return CRYPT_OK if successful | ||
398 | */ | ||
399 | int (*keysize)(int *keysize); | ||
400 | |||
401 | /** Accelerators **/ | ||
402 | /** Accelerated ECB encryption | ||
403 | @param pt Plaintext | ||
404 | @param ct Ciphertext | ||
405 | @param blocks The number of complete blocks to process | ||
406 | @param skey The scheduled key context | ||
407 | @return CRYPT_OK if successful | ||
408 | */ | ||
409 | int (*accel_ecb_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, symmetric_key *skey); | ||
410 | |||
411 | /** Accelerated ECB decryption | ||
412 | @param pt Plaintext | ||
413 | @param ct Ciphertext | ||
414 | @param blocks The number of complete blocks to process | ||
415 | @param skey The scheduled key context | ||
416 | @return CRYPT_OK if successful | ||
417 | */ | ||
418 | int (*accel_ecb_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, symmetric_key *skey); | ||
419 | |||
420 | /** Accelerated CBC encryption | ||
421 | @param pt Plaintext | ||
422 | @param ct Ciphertext | ||
423 | @param blocks The number of complete blocks to process | ||
424 | @param IV The initial value (input/output) | ||
425 | @param skey The scheduled key context | ||
426 | @return CRYPT_OK if successful | ||
427 | */ | ||
428 | int (*accel_cbc_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, symmetric_key *skey); | ||
429 | |||
430 | /** Accelerated CBC decryption | ||
431 | @param pt Plaintext | ||
432 | @param ct Ciphertext | ||
433 | @param blocks The number of complete blocks to process | ||
434 | @param IV The initial value (input/output) | ||
435 | @param skey The scheduled key context | ||
436 | @return CRYPT_OK if successful | ||
437 | */ | ||
438 | int (*accel_cbc_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, symmetric_key *skey); | ||
439 | |||
440 | /** Accelerated CTR encryption | ||
441 | @param pt Plaintext | ||
442 | @param ct Ciphertext | ||
443 | @param blocks The number of complete blocks to process | ||
444 | @param IV The initial value (input/output) | ||
445 | @param mode little or big endian counter (mode=0 or mode=1) | ||
446 | @param skey The scheduled key context | ||
447 | @return CRYPT_OK if successful | ||
448 | */ | ||
449 | int (*accel_ctr_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, int mode, symmetric_key *skey); | ||
450 | |||
451 | /** Accelerated LRW | ||
452 | @param pt Plaintext | ||
453 | @param ct Ciphertext | ||
454 | @param blocks The number of complete blocks to process | ||
455 | @param IV The initial value (input/output) | ||
456 | @param tweak The LRW tweak | ||
457 | @param skey The scheduled key context | ||
458 | @return CRYPT_OK if successful | ||
459 | */ | ||
460 | int (*accel_lrw_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey); | ||
461 | |||
462 | /** Accelerated LRW | ||
463 | @param ct Ciphertext | ||
464 | @param pt Plaintext | ||
465 | @param blocks The number of complete blocks to process | ||
466 | @param IV The initial value (input/output) | ||
467 | @param tweak The LRW tweak | ||
468 | @param skey The scheduled key context | ||
469 | @return CRYPT_OK if successful | ||
470 | */ | ||
471 | int (*accel_lrw_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey); | ||
472 | |||
473 | /** Accelerated CCM packet (one-shot) | ||
474 | @param key The secret key to use | ||
475 | @param keylen The length of the secret key (octets) | ||
476 | @param uskey A previously scheduled key [optional can be NULL] | ||
477 | @param nonce The session nonce [use once] | ||
478 | @param noncelen The length of the nonce | ||
479 | @param header The header for the session | ||
480 | @param headerlen The length of the header (octets) | ||
481 | @param pt [out] The plaintext | ||
482 | @param ptlen The length of the plaintext (octets) | ||
483 | @param ct [out] The ciphertext | ||
484 | @param tag [out] The destination tag | ||
485 | @param taglen [in/out] The max size and resulting size of the authentication tag | ||
486 | @param direction Encrypt or Decrypt direction (0 or 1) | ||
487 | @return CRYPT_OK if successful | ||
488 | */ | ||
489 | int (*accel_ccm_memory)( | ||
490 | const unsigned char *key, unsigned long keylen, | ||
491 | symmetric_key *uskey, | ||
492 | const unsigned char *nonce, unsigned long noncelen, | ||
493 | const unsigned char *header, unsigned long headerlen, | ||
494 | unsigned char *pt, unsigned long ptlen, | ||
495 | unsigned char *ct, | ||
496 | unsigned char *tag, unsigned long *taglen, | ||
497 | int direction); | ||
498 | |||
499 | /** Accelerated GCM packet (one shot) | ||
500 | @param key The secret key | ||
501 | @param keylen The length of the secret key | ||
502 | @param IV The initialization vector | ||
503 | @param IVlen The length of the initialization vector | ||
504 | @param adata The additional authentication data (header) | ||
505 | @param adatalen The length of the adata | ||
506 | @param pt The plaintext | ||
507 | @param ptlen The length of the plaintext (ciphertext length is the same) | ||
508 | @param ct The ciphertext | ||
509 | @param tag [out] The MAC tag | ||
510 | @param taglen [in/out] The MAC tag length | ||
511 | @param direction Encrypt or Decrypt mode (GCM_ENCRYPT or GCM_DECRYPT) | ||
512 | @return CRYPT_OK on success | ||
513 | */ | ||
514 | int (*accel_gcm_memory)( | ||
515 | const unsigned char *key, unsigned long keylen, | ||
516 | const unsigned char *IV, unsigned long IVlen, | ||
517 | const unsigned char *adata, unsigned long adatalen, | ||
518 | unsigned char *pt, unsigned long ptlen, | ||
519 | unsigned char *ct, | ||
520 | unsigned char *tag, unsigned long *taglen, | ||
521 | int direction); | ||
522 | |||
523 | /** Accelerated one shot LTC_OMAC | ||
524 | @param key The secret key | ||
525 | @param keylen The key length (octets) | ||
526 | @param in The message | ||
527 | @param inlen Length of message (octets) | ||
528 | @param out [out] Destination for tag | ||
529 | @param outlen [in/out] Initial and final size of out | ||
530 | @return CRYPT_OK on success | ||
531 | */ | ||
532 | int (*omac_memory)( | ||
533 | const unsigned char *key, unsigned long keylen, | ||
534 | const unsigned char *in, unsigned long inlen, | ||
535 | unsigned char *out, unsigned long *outlen); | ||
536 | |||
537 | /** Accelerated one shot XCBC | ||
538 | @param key The secret key | ||
539 | @param keylen The key length (octets) | ||
540 | @param in The message | ||
541 | @param inlen Length of message (octets) | ||
542 | @param out [out] Destination for tag | ||
543 | @param outlen [in/out] Initial and final size of out | ||
544 | @return CRYPT_OK on success | ||
545 | */ | ||
546 | int (*xcbc_memory)( | ||
547 | const unsigned char *key, unsigned long keylen, | ||
548 | const unsigned char *in, unsigned long inlen, | ||
549 | unsigned char *out, unsigned long *outlen); | ||
550 | |||
551 | /** Accelerated one shot F9 | ||
552 | @param key The secret key | ||
553 | @param keylen The key length (octets) | ||
554 | @param in The message | ||
555 | @param inlen Length of message (octets) | ||
556 | @param out [out] Destination for tag | ||
557 | @param outlen [in/out] Initial and final size of out | ||
558 | @return CRYPT_OK on success | ||
559 | @remark Requires manual padding | ||
560 | */ | ||
561 | int (*f9_memory)( | ||
562 | const unsigned char *key, unsigned long keylen, | ||
563 | const unsigned char *in, unsigned long inlen, | ||
564 | unsigned char *out, unsigned long *outlen); | ||
565 | |||
566 | /** Accelerated XTS encryption | ||
567 | @param pt Plaintext | ||
568 | @param ct Ciphertext | ||
569 | @param blocks The number of complete blocks to process | ||
570 | @param tweak The 128-bit encryption tweak (input/output). | ||
571 | The tweak should not be encrypted on input, but | ||
572 | next tweak will be copied encrypted on output. | ||
573 | @param skey1 The first scheduled key context | ||
574 | @param skey2 The second scheduled key context | ||
575 | @return CRYPT_OK if successful | ||
576 | */ | ||
577 | int (*accel_xts_encrypt)(const unsigned char *pt, unsigned char *ct, | ||
578 | unsigned long blocks, unsigned char *tweak, symmetric_key *skey1, | ||
579 | symmetric_key *skey2); | ||
580 | |||
581 | /** Accelerated XTS decryption | ||
582 | @param ct Ciphertext | ||
583 | @param pt Plaintext | ||
584 | @param blocks The number of complete blocks to process | ||
585 | @param tweak The 128-bit encryption tweak (input/output). | ||
586 | The tweak should not be encrypted on input, but | ||
587 | next tweak will be copied encrypted on output. | ||
588 | @param skey1 The first scheduled key context | ||
589 | @param skey2 The second scheduled key context | ||
590 | @return CRYPT_OK if successful | ||
591 | */ | ||
592 | int (*accel_xts_decrypt)(const unsigned char *ct, unsigned char *pt, | ||
593 | unsigned long blocks, unsigned char *tweak, symmetric_key *skey1, | ||
594 | symmetric_key *skey2); | ||
595 | } cipher_descriptor[]; | ||
596 | |||
597 | #ifdef LTC_BLOWFISH | ||
598 | int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
599 | int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
600 | int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
601 | int blowfish_test(void); | ||
602 | void blowfish_done(symmetric_key *skey); | ||
603 | int blowfish_keysize(int *keysize); | ||
604 | extern const struct ltc_cipher_descriptor blowfish_desc; | ||
605 | #endif | ||
606 | |||
607 | #ifdef LTC_RC5 | ||
608 | int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
609 | int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
610 | int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
611 | int rc5_test(void); | ||
612 | void rc5_done(symmetric_key *skey); | ||
613 | int rc5_keysize(int *keysize); | ||
614 | extern const struct ltc_cipher_descriptor rc5_desc; | ||
615 | #endif | ||
616 | |||
617 | #ifdef LTC_RC6 | ||
618 | int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
619 | int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
620 | int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
621 | int rc6_test(void); | ||
622 | void rc6_done(symmetric_key *skey); | ||
623 | int rc6_keysize(int *keysize); | ||
624 | extern const struct ltc_cipher_descriptor rc6_desc; | ||
625 | #endif | ||
626 | |||
627 | #ifdef LTC_RC2 | ||
628 | int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
629 | int rc2_setup_ex(const unsigned char *key, int keylen, int bits, int num_rounds, symmetric_key *skey); | ||
630 | int rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
631 | int rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
632 | int rc2_test(void); | ||
633 | void rc2_done(symmetric_key *skey); | ||
634 | int rc2_keysize(int *keysize); | ||
635 | extern const struct ltc_cipher_descriptor rc2_desc; | ||
636 | #endif | ||
637 | |||
638 | #ifdef LTC_SAFERP | ||
639 | int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
640 | int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
641 | int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
642 | int saferp_test(void); | ||
643 | void saferp_done(symmetric_key *skey); | ||
644 | int saferp_keysize(int *keysize); | ||
645 | extern const struct ltc_cipher_descriptor saferp_desc; | ||
646 | #endif | ||
647 | |||
648 | #ifdef LTC_SAFER | ||
649 | int safer_k64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
650 | int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
651 | int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
652 | int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
653 | int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key); | ||
654 | int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key); | ||
655 | int safer_k64_test(void); | ||
656 | int safer_sk64_test(void); | ||
657 | int safer_sk128_test(void); | ||
658 | void safer_done(symmetric_key *skey); | ||
659 | int safer_64_keysize(int *keysize); | ||
660 | int safer_128_keysize(int *keysize); | ||
661 | extern const struct ltc_cipher_descriptor safer_k64_desc, safer_k128_desc, safer_sk64_desc, safer_sk128_desc; | ||
662 | #endif | ||
663 | |||
664 | #ifdef LTC_RIJNDAEL | ||
665 | |||
666 | /* make aes an alias */ | ||
667 | #define aes_setup rijndael_setup | ||
668 | #define aes_ecb_encrypt rijndael_ecb_encrypt | ||
669 | #define aes_ecb_decrypt rijndael_ecb_decrypt | ||
670 | #define aes_test rijndael_test | ||
671 | #define aes_done rijndael_done | ||
672 | #define aes_keysize rijndael_keysize | ||
673 | |||
674 | #define aes_enc_setup rijndael_enc_setup | ||
675 | #define aes_enc_ecb_encrypt rijndael_enc_ecb_encrypt | ||
676 | #define aes_enc_keysize rijndael_enc_keysize | ||
677 | |||
678 | int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
679 | int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
680 | int rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
681 | int rijndael_test(void); | ||
682 | void rijndael_done(symmetric_key *skey); | ||
683 | int rijndael_keysize(int *keysize); | ||
684 | int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
685 | int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
686 | void rijndael_enc_done(symmetric_key *skey); | ||
687 | int rijndael_enc_keysize(int *keysize); | ||
688 | extern const struct ltc_cipher_descriptor rijndael_desc, aes_desc; | ||
689 | extern const struct ltc_cipher_descriptor rijndael_enc_desc, aes_enc_desc; | ||
690 | #endif | ||
691 | |||
692 | #ifdef LTC_XTEA | ||
693 | int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
694 | int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
695 | int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
696 | int xtea_test(void); | ||
697 | void xtea_done(symmetric_key *skey); | ||
698 | int xtea_keysize(int *keysize); | ||
699 | extern const struct ltc_cipher_descriptor xtea_desc; | ||
700 | #endif | ||
701 | |||
702 | #ifdef LTC_TWOFISH | ||
703 | int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
704 | int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
705 | int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
706 | int twofish_test(void); | ||
707 | void twofish_done(symmetric_key *skey); | ||
708 | int twofish_keysize(int *keysize); | ||
709 | extern const struct ltc_cipher_descriptor twofish_desc; | ||
710 | #endif | ||
711 | |||
712 | #ifdef LTC_DES | ||
713 | int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
714 | int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
715 | int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
716 | int des_test(void); | ||
717 | void des_done(symmetric_key *skey); | ||
718 | int des_keysize(int *keysize); | ||
719 | int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
720 | int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
721 | int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
722 | int des3_test(void); | ||
723 | void des3_done(symmetric_key *skey); | ||
724 | int des3_keysize(int *keysize); | ||
725 | extern const struct ltc_cipher_descriptor des_desc, des3_desc; | ||
726 | #endif | ||
727 | |||
728 | #ifdef LTC_CAST5 | ||
729 | int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
730 | int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
731 | int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
732 | int cast5_test(void); | ||
733 | void cast5_done(symmetric_key *skey); | ||
734 | int cast5_keysize(int *keysize); | ||
735 | extern const struct ltc_cipher_descriptor cast5_desc; | ||
736 | #endif | ||
737 | |||
738 | #ifdef LTC_NOEKEON | ||
739 | int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
740 | int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
741 | int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
742 | int noekeon_test(void); | ||
743 | void noekeon_done(symmetric_key *skey); | ||
744 | int noekeon_keysize(int *keysize); | ||
745 | extern const struct ltc_cipher_descriptor noekeon_desc; | ||
746 | #endif | ||
747 | |||
748 | #ifdef LTC_SKIPJACK | ||
749 | int skipjack_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
750 | int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
751 | int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
752 | int skipjack_test(void); | ||
753 | void skipjack_done(symmetric_key *skey); | ||
754 | int skipjack_keysize(int *keysize); | ||
755 | extern const struct ltc_cipher_descriptor skipjack_desc; | ||
756 | #endif | ||
757 | |||
758 | #ifdef LTC_KHAZAD | ||
759 | int khazad_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
760 | int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
761 | int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
762 | int khazad_test(void); | ||
763 | void khazad_done(symmetric_key *skey); | ||
764 | int khazad_keysize(int *keysize); | ||
765 | extern const struct ltc_cipher_descriptor khazad_desc; | ||
766 | #endif | ||
767 | |||
768 | #ifdef LTC_ANUBIS | ||
769 | int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
770 | int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
771 | int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
772 | int anubis_test(void); | ||
773 | void anubis_done(symmetric_key *skey); | ||
774 | int anubis_keysize(int *keysize); | ||
775 | extern const struct ltc_cipher_descriptor anubis_desc; | ||
776 | #endif | ||
777 | |||
778 | #ifdef LTC_KSEED | ||
779 | int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
780 | int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
781 | int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
782 | int kseed_test(void); | ||
783 | void kseed_done(symmetric_key *skey); | ||
784 | int kseed_keysize(int *keysize); | ||
785 | extern const struct ltc_cipher_descriptor kseed_desc; | ||
786 | #endif | ||
787 | |||
788 | #ifdef LTC_KASUMI | ||
789 | int kasumi_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
790 | int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
791 | int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
792 | int kasumi_test(void); | ||
793 | void kasumi_done(symmetric_key *skey); | ||
794 | int kasumi_keysize(int *keysize); | ||
795 | extern const struct ltc_cipher_descriptor kasumi_desc; | ||
796 | #endif | ||
797 | |||
798 | |||
799 | #ifdef LTC_MULTI2 | ||
800 | int multi2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
801 | int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
802 | int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
803 | int multi2_test(void); | ||
804 | void multi2_done(symmetric_key *skey); | ||
805 | int multi2_keysize(int *keysize); | ||
806 | extern const struct ltc_cipher_descriptor multi2_desc; | ||
807 | #endif | ||
808 | |||
809 | #ifdef LTC_CAMELLIA | ||
810 | int camellia_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); | ||
811 | int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); | ||
812 | int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); | ||
813 | int camellia_test(void); | ||
814 | void camellia_done(symmetric_key *skey); | ||
815 | int camellia_keysize(int *keysize); | ||
816 | extern const struct ltc_cipher_descriptor camellia_desc; | ||
817 | #endif | ||
818 | |||
819 | #ifdef LTC_ECB_MODE | ||
820 | int ecb_start(int cipher, const unsigned char *key, | ||
821 | int keylen, int num_rounds, symmetric_ECB *ecb); | ||
822 | int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_ECB *ecb); | ||
823 | int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_ECB *ecb); | ||
824 | int ecb_done(symmetric_ECB *ecb); | ||
825 | #endif | ||
826 | |||
827 | #ifdef LTC_CFB_MODE | ||
828 | int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key, | ||
829 | int keylen, int num_rounds, symmetric_CFB *cfb); | ||
830 | int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb); | ||
831 | int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CFB *cfb); | ||
832 | int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb); | ||
833 | int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb); | ||
834 | int cfb_done(symmetric_CFB *cfb); | ||
835 | #endif | ||
836 | |||
837 | #ifdef LTC_OFB_MODE | ||
838 | int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key, | ||
839 | int keylen, int num_rounds, symmetric_OFB *ofb); | ||
840 | int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb); | ||
841 | int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_OFB *ofb); | ||
842 | int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb); | ||
843 | int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb); | ||
844 | int ofb_done(symmetric_OFB *ofb); | ||
845 | #endif | ||
846 | |||
847 | #ifdef LTC_CBC_MODE | ||
848 | int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key, | ||
849 | int keylen, int num_rounds, symmetric_CBC *cbc); | ||
850 | int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CBC *cbc); | ||
851 | int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CBC *cbc); | ||
852 | int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc); | ||
853 | int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc); | ||
854 | int cbc_done(symmetric_CBC *cbc); | ||
855 | #endif | ||
856 | |||
857 | #ifdef LTC_CTR_MODE | ||
858 | |||
859 | #define CTR_COUNTER_LITTLE_ENDIAN 0x0000 | ||
860 | #define CTR_COUNTER_BIG_ENDIAN 0x1000 | ||
861 | #define LTC_CTR_RFC3686 0x2000 | ||
862 | |||
863 | int ctr_start( int cipher, | ||
864 | const unsigned char *IV, | ||
865 | const unsigned char *key, int keylen, | ||
866 | int num_rounds, int ctr_mode, | ||
867 | symmetric_CTR *ctr); | ||
868 | int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr); | ||
869 | int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CTR *ctr); | ||
870 | int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr); | ||
871 | int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr); | ||
872 | int ctr_done(symmetric_CTR *ctr); | ||
873 | int ctr_test(void); | ||
874 | #endif | ||
875 | |||
876 | #ifdef LTC_LRW_MODE | ||
877 | |||
878 | #define LRW_ENCRYPT LTC_ENCRYPT | ||
879 | #define LRW_DECRYPT LTC_DECRYPT | ||
880 | |||
881 | int lrw_start( int cipher, | ||
882 | const unsigned char *IV, | ||
883 | const unsigned char *key, int keylen, | ||
884 | const unsigned char *tweak, | ||
885 | int num_rounds, | ||
886 | symmetric_LRW *lrw); | ||
887 | int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw); | ||
888 | int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw); | ||
889 | int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw); | ||
890 | int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw); | ||
891 | int lrw_done(symmetric_LRW *lrw); | ||
892 | int lrw_test(void); | ||
893 | |||
894 | /* don't call */ | ||
895 | int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, int mode, symmetric_LRW *lrw); | ||
896 | #endif | ||
897 | |||
898 | #ifdef LTC_F8_MODE | ||
899 | int f8_start( int cipher, const unsigned char *IV, | ||
900 | const unsigned char *key, int keylen, | ||
901 | const unsigned char *salt_key, int skeylen, | ||
902 | int num_rounds, symmetric_F8 *f8); | ||
903 | int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8); | ||
904 | int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8); | ||
905 | int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8); | ||
906 | int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8); | ||
907 | int f8_done(symmetric_F8 *f8); | ||
908 | int f8_test_mode(void); | ||
909 | #endif | ||
910 | |||
911 | #ifdef LTC_XTS_MODE | ||
912 | typedef struct { | ||
913 | symmetric_key key1, key2; | ||
914 | int cipher; | ||
915 | } symmetric_xts; | ||
916 | |||
917 | int xts_start( int cipher, | ||
918 | const unsigned char *key1, | ||
919 | const unsigned char *key2, | ||
920 | unsigned long keylen, | ||
921 | int num_rounds, | ||
922 | symmetric_xts *xts); | ||
923 | |||
924 | int xts_encrypt( | ||
925 | const unsigned char *pt, unsigned long ptlen, | ||
926 | unsigned char *ct, | ||
927 | unsigned char *tweak, | ||
928 | symmetric_xts *xts); | ||
929 | int xts_decrypt( | ||
930 | const unsigned char *ct, unsigned long ptlen, | ||
931 | unsigned char *pt, | ||
932 | unsigned char *tweak, | ||
933 | symmetric_xts *xts); | ||
934 | |||
935 | void xts_done(symmetric_xts *xts); | ||
936 | int xts_test(void); | ||
937 | void xts_mult_x(unsigned char *I); | ||
938 | #endif | ||
939 | |||
940 | int find_cipher(const char *name); | ||
941 | int find_cipher_any(const char *name, int blocklen, int keylen); | ||
942 | int find_cipher_id(unsigned char ID); | ||
943 | int register_cipher(const struct ltc_cipher_descriptor *cipher); | ||
944 | int unregister_cipher(const struct ltc_cipher_descriptor *cipher); | ||
945 | int register_all_ciphers(void); | ||
946 | int cipher_is_valid(int idx); | ||
947 | |||
948 | LTC_MUTEX_PROTO(ltc_cipher_mutex) | ||
949 | |||
950 | /* ---- stream ciphers ---- */ | ||
951 | |||
952 | #ifdef LTC_CHACHA | ||
953 | |||
954 | typedef struct { | ||
955 | ulong32 input[16]; | ||
956 | unsigned char kstream[64]; | ||
957 | unsigned long ksleft; | ||
958 | unsigned long ivlen; | ||
959 | int rounds; | ||
960 | } chacha_state; | ||
961 | |||
962 | int chacha_setup(chacha_state *st, const unsigned char *key, unsigned long keylen, int rounds); | ||
963 | int chacha_ivctr32(chacha_state *st, const unsigned char *iv, unsigned long ivlen, ulong32 counter); | ||
964 | int chacha_ivctr64(chacha_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 counter); | ||
965 | int chacha_crypt(chacha_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); | ||
966 | int chacha_keystream(chacha_state *st, unsigned char *out, unsigned long outlen); | ||
967 | int chacha_done(chacha_state *st); | ||
968 | int chacha_test(void); | ||
969 | |||
970 | #endif /* LTC_CHACHA */ | ||
971 | |||
972 | #ifdef LTC_RC4_STREAM | ||
973 | |||
974 | typedef struct { | ||
975 | unsigned int x, y; | ||
976 | unsigned char buf[256]; | ||
977 | } rc4_state; | ||
978 | |||
979 | int rc4_stream_setup(rc4_state *st, const unsigned char *key, unsigned long keylen); | ||
980 | int rc4_stream_crypt(rc4_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); | ||
981 | int rc4_stream_keystream(rc4_state *st, unsigned char *out, unsigned long outlen); | ||
982 | int rc4_stream_done(rc4_state *st); | ||
983 | int rc4_stream_test(void); | ||
984 | |||
985 | #endif /* LTC_RC4_STREAM */ | ||
986 | |||
987 | #ifdef LTC_SOBER128_STREAM | ||
988 | |||
989 | typedef struct { | ||
990 | ulong32 R[17], /* Working storage for the shift register */ | ||
991 | initR[17], /* saved register contents */ | ||
992 | konst, /* key dependent constant */ | ||
993 | sbuf; /* partial word encryption buffer */ | ||
994 | int nbuf; /* number of part-word stream bits buffered */ | ||
995 | } sober128_state; | ||
996 | |||
997 | int sober128_stream_setup(sober128_state *st, const unsigned char *key, unsigned long keylen); | ||
998 | int sober128_stream_setiv(sober128_state *st, const unsigned char *iv, unsigned long ivlen); | ||
999 | int sober128_stream_crypt(sober128_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); | ||
1000 | int sober128_stream_keystream(sober128_state *st, unsigned char *out, unsigned long outlen); | ||
1001 | int sober128_stream_done(sober128_state *st); | ||
1002 | int sober128_stream_test(void); | ||
1003 | |||
1004 | #endif /* LTC_SOBER128_STREAM */ | ||
1005 | |||
1006 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
1007 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
1008 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_custom.h b/utils/tomcrypt/src/headers/tomcrypt_custom.h new file mode 100644 index 0000000000..e44a63a74b --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_custom.h | |||
@@ -0,0 +1,590 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | #ifndef TOMCRYPT_CUSTOM_H_ | ||
11 | #define TOMCRYPT_CUSTOM_H_ | ||
12 | |||
13 | /* macros for various libc functions you can change for embedded targets */ | ||
14 | #ifndef XMALLOC | ||
15 | #define XMALLOC malloc | ||
16 | #endif | ||
17 | #ifndef XREALLOC | ||
18 | #define XREALLOC realloc | ||
19 | #endif | ||
20 | #ifndef XCALLOC | ||
21 | #define XCALLOC calloc | ||
22 | #endif | ||
23 | #ifndef XFREE | ||
24 | #define XFREE free | ||
25 | #endif | ||
26 | |||
27 | #ifndef XMEMSET | ||
28 | #define XMEMSET memset | ||
29 | #endif | ||
30 | #ifndef XMEMCPY | ||
31 | #define XMEMCPY memcpy | ||
32 | #endif | ||
33 | #ifndef XMEMMOVE | ||
34 | #define XMEMMOVE memmove | ||
35 | #endif | ||
36 | #ifndef XMEMCMP | ||
37 | #define XMEMCMP memcmp | ||
38 | #endif | ||
39 | /* A memory compare function that has to run in constant time, | ||
40 | * c.f. mem_neq() API summary. | ||
41 | */ | ||
42 | #ifndef XMEM_NEQ | ||
43 | #define XMEM_NEQ mem_neq | ||
44 | #endif | ||
45 | #ifndef XSTRCMP | ||
46 | #define XSTRCMP strcmp | ||
47 | #endif | ||
48 | |||
49 | #ifndef XCLOCK | ||
50 | #define XCLOCK clock | ||
51 | #endif | ||
52 | |||
53 | #ifndef XQSORT | ||
54 | #define XQSORT qsort | ||
55 | #endif | ||
56 | |||
57 | #if ( defined(malloc) || defined(realloc) || defined(calloc) || defined(free) || \ | ||
58 | defined(memset) || defined(memcpy) || defined(memcmp) || defined(strcmp) || \ | ||
59 | defined(clock) || defined(qsort) ) && !defined(LTC_NO_PROTOTYPES) | ||
60 | #define LTC_NO_PROTOTYPES | ||
61 | #endif | ||
62 | |||
63 | /* shortcut to disable automatic inclusion */ | ||
64 | #if defined LTC_NOTHING && !defined LTC_EASY | ||
65 | #define LTC_NO_CIPHERS | ||
66 | #define LTC_NO_MODES | ||
67 | #define LTC_NO_HASHES | ||
68 | #define LTC_NO_MACS | ||
69 | #define LTC_NO_PRNGS | ||
70 | #define LTC_NO_PK | ||
71 | #define LTC_NO_PKCS | ||
72 | #define LTC_NO_MISC | ||
73 | #endif /* LTC_NOTHING */ | ||
74 | |||
75 | /* Easy button? */ | ||
76 | #ifdef LTC_EASY | ||
77 | #define LTC_NO_CIPHERS | ||
78 | #define LTC_RIJNDAEL | ||
79 | #define LTC_BLOWFISH | ||
80 | #define LTC_DES | ||
81 | #define LTC_CAST5 | ||
82 | |||
83 | #define LTC_NO_MODES | ||
84 | #define LTC_ECB_MODE | ||
85 | #define LTC_CBC_MODE | ||
86 | #define LTC_CTR_MODE | ||
87 | |||
88 | #define LTC_NO_HASHES | ||
89 | #define LTC_SHA1 | ||
90 | #define LTC_SHA3 | ||
91 | #define LTC_SHA512 | ||
92 | #define LTC_SHA384 | ||
93 | #define LTC_SHA256 | ||
94 | #define LTC_SHA224 | ||
95 | #define LTC_HASH_HELPERS | ||
96 | |||
97 | #define LTC_NO_MACS | ||
98 | #define LTC_HMAC | ||
99 | #define LTC_OMAC | ||
100 | #define LTC_CCM_MODE | ||
101 | |||
102 | #define LTC_NO_PRNGS | ||
103 | #define LTC_SPRNG | ||
104 | #define LTC_YARROW | ||
105 | #define LTC_DEVRANDOM | ||
106 | #define LTC_TRY_URANDOM_FIRST | ||
107 | #define LTC_RNG_GET_BYTES | ||
108 | #define LTC_RNG_MAKE_PRNG | ||
109 | |||
110 | #define LTC_NO_PK | ||
111 | #define LTC_MRSA | ||
112 | #define LTC_MECC | ||
113 | |||
114 | #define LTC_NO_MISC | ||
115 | #define LTC_BASE64 | ||
116 | #endif | ||
117 | |||
118 | /* The minimal set of functionality to run the tests */ | ||
119 | #ifdef LTC_MINIMAL | ||
120 | #define LTC_RIJNDAEL | ||
121 | #define LTC_SHA256 | ||
122 | #define LTC_YARROW | ||
123 | #define LTC_CTR_MODE | ||
124 | |||
125 | #define LTC_RNG_MAKE_PRNG | ||
126 | #define LTC_RNG_GET_BYTES | ||
127 | #define LTC_DEVRANDOM | ||
128 | #define LTC_TRY_URANDOM_FIRST | ||
129 | |||
130 | #undef LTC_NO_FILE | ||
131 | #endif | ||
132 | |||
133 | /* Enable self-test test vector checking */ | ||
134 | #ifndef LTC_NO_TEST | ||
135 | #define LTC_TEST | ||
136 | #endif | ||
137 | /* Enable extended self-tests */ | ||
138 | /* #define LTC_TEST_EXT */ | ||
139 | |||
140 | /* Use small code where possible */ | ||
141 | /* #define LTC_SMALL_CODE */ | ||
142 | |||
143 | /* clean the stack of functions which put private information on stack */ | ||
144 | /* #define LTC_CLEAN_STACK */ | ||
145 | |||
146 | /* disable all file related functions */ | ||
147 | /* #define LTC_NO_FILE */ | ||
148 | |||
149 | /* disable all forms of ASM */ | ||
150 | /* #define LTC_NO_ASM */ | ||
151 | |||
152 | /* disable FAST mode */ | ||
153 | /* #define LTC_NO_FAST */ | ||
154 | |||
155 | /* disable BSWAP on x86 */ | ||
156 | /* #define LTC_NO_BSWAP */ | ||
157 | |||
158 | /* ---> math provider? <--- */ | ||
159 | #ifndef LTC_NO_MATH | ||
160 | |||
161 | /* LibTomMath */ | ||
162 | /* #define LTM_DESC */ | ||
163 | |||
164 | /* TomsFastMath */ | ||
165 | /* #define TFM_DESC */ | ||
166 | |||
167 | /* GNU Multiple Precision Arithmetic Library */ | ||
168 | /* #define GMP_DESC */ | ||
169 | |||
170 | #endif /* LTC_NO_MATH */ | ||
171 | |||
172 | /* ---> Symmetric Block Ciphers <--- */ | ||
173 | #ifndef LTC_NO_CIPHERS | ||
174 | |||
175 | #define LTC_BLOWFISH | ||
176 | #define LTC_RC2 | ||
177 | #define LTC_RC5 | ||
178 | #define LTC_RC6 | ||
179 | #define LTC_SAFERP | ||
180 | #define LTC_RIJNDAEL | ||
181 | #define LTC_XTEA | ||
182 | /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format | ||
183 | * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */ | ||
184 | #define LTC_TWOFISH | ||
185 | #ifndef LTC_NO_TABLES | ||
186 | #define LTC_TWOFISH_TABLES | ||
187 | /* #define LTC_TWOFISH_ALL_TABLES */ | ||
188 | #else | ||
189 | #define LTC_TWOFISH_SMALL | ||
190 | #endif | ||
191 | /* #define LTC_TWOFISH_SMALL */ | ||
192 | /* LTC_DES includes EDE triple-DES */ | ||
193 | #define LTC_DES | ||
194 | #define LTC_CAST5 | ||
195 | #define LTC_NOEKEON | ||
196 | #define LTC_SKIPJACK | ||
197 | #define LTC_SAFER | ||
198 | #define LTC_KHAZAD | ||
199 | #define LTC_ANUBIS | ||
200 | #define LTC_ANUBIS_TWEAK | ||
201 | #define LTC_KSEED | ||
202 | #define LTC_KASUMI | ||
203 | #define LTC_MULTI2 | ||
204 | #define LTC_CAMELLIA | ||
205 | |||
206 | /* stream ciphers */ | ||
207 | #define LTC_CHACHA | ||
208 | #define LTC_RC4_STREAM | ||
209 | #define LTC_SOBER128_STREAM | ||
210 | |||
211 | #endif /* LTC_NO_CIPHERS */ | ||
212 | |||
213 | |||
214 | /* ---> Block Cipher Modes of Operation <--- */ | ||
215 | #ifndef LTC_NO_MODES | ||
216 | |||
217 | #define LTC_CFB_MODE | ||
218 | #define LTC_OFB_MODE | ||
219 | #define LTC_ECB_MODE | ||
220 | #define LTC_CBC_MODE | ||
221 | #define LTC_CTR_MODE | ||
222 | |||
223 | /* F8 chaining mode */ | ||
224 | #define LTC_F8_MODE | ||
225 | |||
226 | /* LRW mode */ | ||
227 | #define LTC_LRW_MODE | ||
228 | #ifndef LTC_NO_TABLES | ||
229 | /* like GCM mode this will enable 16 8x128 tables [64KB] that make | ||
230 | * seeking very fast. | ||
231 | */ | ||
232 | #define LTC_LRW_TABLES | ||
233 | #endif | ||
234 | |||
235 | /* XTS mode */ | ||
236 | #define LTC_XTS_MODE | ||
237 | |||
238 | #endif /* LTC_NO_MODES */ | ||
239 | |||
240 | /* ---> One-Way Hash Functions <--- */ | ||
241 | #ifndef LTC_NO_HASHES | ||
242 | |||
243 | #define LTC_CHC_HASH | ||
244 | #define LTC_WHIRLPOOL | ||
245 | #define LTC_SHA3 | ||
246 | #define LTC_SHA512 | ||
247 | #define LTC_SHA512_256 | ||
248 | #define LTC_SHA512_224 | ||
249 | #define LTC_SHA384 | ||
250 | #define LTC_SHA256 | ||
251 | #define LTC_SHA224 | ||
252 | #define LTC_TIGER | ||
253 | #define LTC_SHA1 | ||
254 | #define LTC_MD5 | ||
255 | #define LTC_MD4 | ||
256 | #define LTC_MD2 | ||
257 | #define LTC_RIPEMD128 | ||
258 | #define LTC_RIPEMD160 | ||
259 | #define LTC_RIPEMD256 | ||
260 | #define LTC_RIPEMD320 | ||
261 | #define LTC_BLAKE2S | ||
262 | #define LTC_BLAKE2B | ||
263 | |||
264 | #define LTC_HASH_HELPERS | ||
265 | |||
266 | #endif /* LTC_NO_HASHES */ | ||
267 | |||
268 | |||
269 | /* ---> MAC functions <--- */ | ||
270 | #ifndef LTC_NO_MACS | ||
271 | |||
272 | #define LTC_HMAC | ||
273 | #define LTC_OMAC | ||
274 | #define LTC_PMAC | ||
275 | #define LTC_XCBC | ||
276 | #define LTC_F9_MODE | ||
277 | #define LTC_PELICAN | ||
278 | #define LTC_POLY1305 | ||
279 | #define LTC_BLAKE2SMAC | ||
280 | #define LTC_BLAKE2BMAC | ||
281 | |||
282 | /* ---> Encrypt + Authenticate Modes <--- */ | ||
283 | |||
284 | #define LTC_EAX_MODE | ||
285 | |||
286 | #define LTC_OCB_MODE | ||
287 | #define LTC_OCB3_MODE | ||
288 | #define LTC_CCM_MODE | ||
289 | #define LTC_GCM_MODE | ||
290 | #define LTC_CHACHA20POLY1305_MODE | ||
291 | |||
292 | /* Use 64KiB tables */ | ||
293 | #ifndef LTC_NO_TABLES | ||
294 | #define LTC_GCM_TABLES | ||
295 | #endif | ||
296 | |||
297 | /* USE SSE2? requires GCC works on x86_32 and x86_64*/ | ||
298 | #ifdef LTC_GCM_TABLES | ||
299 | /* #define LTC_GCM_TABLES_SSE2 */ | ||
300 | #endif | ||
301 | |||
302 | #endif /* LTC_NO_MACS */ | ||
303 | |||
304 | |||
305 | /* --> Pseudo Random Number Generators <--- */ | ||
306 | #ifndef LTC_NO_PRNGS | ||
307 | |||
308 | /* Yarrow */ | ||
309 | #define LTC_YARROW | ||
310 | |||
311 | /* a PRNG that simply reads from an available system source */ | ||
312 | #define LTC_SPRNG | ||
313 | |||
314 | /* The RC4 stream cipher based PRNG */ | ||
315 | #define LTC_RC4 | ||
316 | |||
317 | /* The ChaCha20 stream cipher based PRNG */ | ||
318 | #define LTC_CHACHA20_PRNG | ||
319 | |||
320 | /* Fortuna PRNG */ | ||
321 | #define LTC_FORTUNA | ||
322 | |||
323 | /* Greg's SOBER128 stream cipher based PRNG */ | ||
324 | #define LTC_SOBER128 | ||
325 | |||
326 | /* the *nix style /dev/random device */ | ||
327 | #define LTC_DEVRANDOM | ||
328 | /* try /dev/urandom before trying /dev/random | ||
329 | * are you sure you want to disable this? http://www.2uo.de/myths-about-urandom/ */ | ||
330 | #define LTC_TRY_URANDOM_FIRST | ||
331 | /* rng_get_bytes() */ | ||
332 | #define LTC_RNG_GET_BYTES | ||
333 | /* rng_make_prng() */ | ||
334 | #define LTC_RNG_MAKE_PRNG | ||
335 | |||
336 | /* enable the ltc_rng hook to integrate e.g. embedded hardware RNG's easily */ | ||
337 | /* #define LTC_PRNG_ENABLE_LTC_RNG */ | ||
338 | |||
339 | #endif /* LTC_NO_PRNGS */ | ||
340 | |||
341 | #ifdef LTC_YARROW | ||
342 | |||
343 | /* which descriptor of AES to use? */ | ||
344 | /* 0 = rijndael_enc 1 = aes_enc, 2 = rijndael [full], 3 = aes [full] */ | ||
345 | #ifdef ENCRYPT_ONLY | ||
346 | #define LTC_YARROW_AES 0 | ||
347 | #else | ||
348 | #define LTC_YARROW_AES 2 | ||
349 | #endif | ||
350 | |||
351 | #endif | ||
352 | |||
353 | #ifdef LTC_FORTUNA | ||
354 | |||
355 | #ifndef LTC_FORTUNA_WD | ||
356 | /* reseed every N calls to the read function */ | ||
357 | #define LTC_FORTUNA_WD 10 | ||
358 | #endif | ||
359 | |||
360 | #ifndef LTC_FORTUNA_POOLS | ||
361 | /* number of pools (4..32) can save a bit of ram by lowering the count */ | ||
362 | #define LTC_FORTUNA_POOLS 32 | ||
363 | #endif | ||
364 | |||
365 | #endif /* LTC_FORTUNA */ | ||
366 | |||
367 | |||
368 | /* ---> Public Key Crypto <--- */ | ||
369 | #ifndef LTC_NO_PK | ||
370 | |||
371 | /* Include RSA support */ | ||
372 | #define LTC_MRSA | ||
373 | |||
374 | /* Include Diffie-Hellman support */ | ||
375 | /* is_prime fails for GMP */ | ||
376 | #define LTC_MDH | ||
377 | /* Supported Key Sizes */ | ||
378 | #define LTC_DH768 | ||
379 | #define LTC_DH1024 | ||
380 | #define LTC_DH1536 | ||
381 | #define LTC_DH2048 | ||
382 | |||
383 | #ifndef TFM_DESC | ||
384 | /* tfm has a problem in fp_isprime for larger key sizes */ | ||
385 | #define LTC_DH3072 | ||
386 | #define LTC_DH4096 | ||
387 | #define LTC_DH6144 | ||
388 | #define LTC_DH8192 | ||
389 | #endif | ||
390 | |||
391 | /* Include Katja (a Rabin variant like RSA) */ | ||
392 | /* #define LTC_MKAT */ | ||
393 | |||
394 | /* Digital Signature Algorithm */ | ||
395 | #define LTC_MDSA | ||
396 | |||
397 | /* ECC */ | ||
398 | #define LTC_MECC | ||
399 | |||
400 | /* use Shamir's trick for point mul (speeds up signature verification) */ | ||
401 | #define LTC_ECC_SHAMIR | ||
402 | |||
403 | #if defined(TFM_DESC) && defined(LTC_MECC) | ||
404 | #define LTC_MECC_ACCEL | ||
405 | #endif | ||
406 | |||
407 | /* do we want fixed point ECC */ | ||
408 | /* #define LTC_MECC_FP */ | ||
409 | |||
410 | #endif /* LTC_NO_PK */ | ||
411 | |||
412 | #if defined(LTC_MRSA) && !defined(LTC_NO_RSA_BLINDING) | ||
413 | /* Enable RSA blinding when doing private key operations by default */ | ||
414 | #define LTC_RSA_BLINDING | ||
415 | #endif /* LTC_NO_RSA_BLINDING */ | ||
416 | |||
417 | #if defined(LTC_MRSA) && !defined(LTC_NO_RSA_CRT_HARDENING) | ||
418 | /* Enable RSA CRT hardening when doing private key operations by default */ | ||
419 | #define LTC_RSA_CRT_HARDENING | ||
420 | #endif /* LTC_NO_RSA_CRT_HARDENING */ | ||
421 | |||
422 | #if defined(LTC_MECC) && !defined(LTC_NO_ECC_TIMING_RESISTANT) | ||
423 | /* Enable ECC timing resistant version by default */ | ||
424 | #define LTC_ECC_TIMING_RESISTANT | ||
425 | #endif | ||
426 | |||
427 | /* PKCS #1 (RSA) and #5 (Password Handling) stuff */ | ||
428 | #ifndef LTC_NO_PKCS | ||
429 | |||
430 | #define LTC_PKCS_1 | ||
431 | #define LTC_PKCS_5 | ||
432 | |||
433 | /* Include ASN.1 DER (required by DSA/RSA) */ | ||
434 | #define LTC_DER | ||
435 | |||
436 | #endif /* LTC_NO_PKCS */ | ||
437 | |||
438 | /* misc stuff */ | ||
439 | #ifndef LTC_NO_MISC | ||
440 | |||
441 | /* Various tidbits of modern neatoness */ | ||
442 | #define LTC_BASE64 | ||
443 | /* ... and it's URL safe version */ | ||
444 | #define LTC_BASE64_URL | ||
445 | |||
446 | /* Keep LTC_NO_HKDF for compatibility reasons | ||
447 | * superseeded by LTC_NO_MISC*/ | ||
448 | #ifndef LTC_NO_HKDF | ||
449 | /* HKDF Key Derivation/Expansion stuff */ | ||
450 | #define LTC_HKDF | ||
451 | #endif /* LTC_NO_HKDF */ | ||
452 | |||
453 | #define LTC_ADLER32 | ||
454 | |||
455 | #define LTC_CRC32 | ||
456 | |||
457 | #endif /* LTC_NO_MISC */ | ||
458 | |||
459 | /* cleanup */ | ||
460 | |||
461 | #ifdef LTC_MECC | ||
462 | /* Supported ECC Key Sizes */ | ||
463 | #ifndef LTC_NO_CURVES | ||
464 | #define LTC_ECC112 | ||
465 | #define LTC_ECC128 | ||
466 | #define LTC_ECC160 | ||
467 | #define LTC_ECC192 | ||
468 | #define LTC_ECC224 | ||
469 | #define LTC_ECC256 | ||
470 | #define LTC_ECC384 | ||
471 | #define LTC_ECC521 | ||
472 | #endif | ||
473 | #endif | ||
474 | |||
475 | #if defined(LTC_DER) | ||
476 | #ifndef LTC_DER_MAX_RECURSION | ||
477 | /* Maximum recursion limit when processing nested ASN.1 types. */ | ||
478 | #define LTC_DER_MAX_RECURSION 30 | ||
479 | #endif | ||
480 | #endif | ||
481 | |||
482 | #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) | ||
483 | /* Include the MPI functionality? (required by the PK algorithms) */ | ||
484 | #define LTC_MPI | ||
485 | |||
486 | #ifndef LTC_PK_MAX_RETRIES | ||
487 | /* iterations limit for retry-loops */ | ||
488 | #define LTC_PK_MAX_RETRIES 20 | ||
489 | #endif | ||
490 | #endif | ||
491 | |||
492 | #ifdef LTC_MRSA | ||
493 | #define LTC_PKCS_1 | ||
494 | #endif | ||
495 | |||
496 | #if defined(LTC_PELICAN) && !defined(LTC_RIJNDAEL) | ||
497 | #error Pelican-MAC requires LTC_RIJNDAEL | ||
498 | #endif | ||
499 | |||
500 | #if defined(LTC_EAX_MODE) && !(defined(LTC_CTR_MODE) && defined(LTC_OMAC)) | ||
501 | #error LTC_EAX_MODE requires CTR and LTC_OMAC mode | ||
502 | #endif | ||
503 | |||
504 | #if defined(LTC_YARROW) && !defined(LTC_CTR_MODE) | ||
505 | #error LTC_YARROW requires LTC_CTR_MODE chaining mode to be defined! | ||
506 | #endif | ||
507 | |||
508 | #if defined(LTC_DER) && !defined(LTC_MPI) | ||
509 | #error ASN.1 DER requires MPI functionality | ||
510 | #endif | ||
511 | |||
512 | #if (defined(LTC_MDSA) || defined(LTC_MRSA) || defined(LTC_MECC) || defined(LTC_MKAT)) && !defined(LTC_DER) | ||
513 | #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled | ||
514 | #endif | ||
515 | |||
516 | #if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) || !defined(LTC_POLY1305)) | ||
517 | #error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305 | ||
518 | #endif | ||
519 | |||
520 | #if defined(LTC_CHACHA20_PRNG) && !defined(LTC_CHACHA) | ||
521 | #error LTC_CHACHA20_PRNG requires LTC_CHACHA | ||
522 | #endif | ||
523 | |||
524 | #if defined(LTC_RC4) && !defined(LTC_RC4_STREAM) | ||
525 | #error LTC_RC4 requires LTC_RC4_STREAM | ||
526 | #endif | ||
527 | |||
528 | #if defined(LTC_SOBER128) && !defined(LTC_SOBER128_STREAM) | ||
529 | #error LTC_SOBER128 requires LTC_SOBER128_STREAM | ||
530 | #endif | ||
531 | |||
532 | #if defined(LTC_BLAKE2SMAC) && !defined(LTC_BLAKE2S) | ||
533 | #error LTC_BLAKE2SMAC requires LTC_BLAKE2S | ||
534 | #endif | ||
535 | |||
536 | #if defined(LTC_BLAKE2BMAC) && !defined(LTC_BLAKE2B) | ||
537 | #error LTC_BLAKE2BMAC requires LTC_BLAKE2B | ||
538 | #endif | ||
539 | |||
540 | #if defined(LTC_SPRNG) && !defined(LTC_RNG_GET_BYTES) | ||
541 | #error LTC_SPRNG requires LTC_RNG_GET_BYTES | ||
542 | #endif | ||
543 | |||
544 | #if defined(LTC_NO_MATH) && (defined(LTM_DESC) || defined(TFM_DESC) || defined(GMP_DESC)) | ||
545 | #error LTC_NO_MATH defined, but also a math descriptor | ||
546 | #endif | ||
547 | |||
548 | /* THREAD management */ | ||
549 | #ifdef LTC_PTHREAD | ||
550 | |||
551 | #include <pthread.h> | ||
552 | |||
553 | #define LTC_MUTEX_GLOBAL(x) pthread_mutex_t x = PTHREAD_MUTEX_INITIALIZER; | ||
554 | #define LTC_MUTEX_PROTO(x) extern pthread_mutex_t x; | ||
555 | #define LTC_MUTEX_TYPE(x) pthread_mutex_t x; | ||
556 | #define LTC_MUTEX_INIT(x) LTC_ARGCHK(pthread_mutex_init(x, NULL) == 0); | ||
557 | #define LTC_MUTEX_LOCK(x) LTC_ARGCHK(pthread_mutex_lock(x) == 0); | ||
558 | #define LTC_MUTEX_UNLOCK(x) LTC_ARGCHK(pthread_mutex_unlock(x) == 0); | ||
559 | #define LTC_MUTEX_DESTROY(x) LTC_ARGCHK(pthread_mutex_destroy(x) == 0); | ||
560 | |||
561 | #else | ||
562 | |||
563 | /* default no functions */ | ||
564 | #define LTC_MUTEX_GLOBAL(x) | ||
565 | #define LTC_MUTEX_PROTO(x) | ||
566 | #define LTC_MUTEX_TYPE(x) | ||
567 | #define LTC_MUTEX_INIT(x) | ||
568 | #define LTC_MUTEX_LOCK(x) | ||
569 | #define LTC_MUTEX_UNLOCK(x) | ||
570 | #define LTC_MUTEX_DESTROY(x) | ||
571 | |||
572 | #endif | ||
573 | |||
574 | /* Debuggers */ | ||
575 | |||
576 | /* define this if you use Valgrind, note: it CHANGES the way SOBER-128 and RC4 work (see the code) */ | ||
577 | /* #define LTC_VALGRIND */ | ||
578 | |||
579 | #endif | ||
580 | |||
581 | #ifndef LTC_NO_FILE | ||
582 | /* buffer size for reading from a file via fread(..) */ | ||
583 | #ifndef LTC_FILE_READ_BUFSIZE | ||
584 | #define LTC_FILE_READ_BUFSIZE 8192 | ||
585 | #endif | ||
586 | #endif | ||
587 | |||
588 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
589 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
590 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_hash.h b/utils/tomcrypt/src/headers/tomcrypt_hash.h new file mode 100644 index 0000000000..4bb02631d8 --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_hash.h | |||
@@ -0,0 +1,531 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* ---- HASH FUNCTIONS ---- */ | ||
11 | #ifdef LTC_SHA3 | ||
12 | struct sha3_state { | ||
13 | ulong64 saved; /* the portion of the input message that we didn't consume yet */ | ||
14 | ulong64 s[25]; | ||
15 | unsigned char sb[25 * 8]; /* used for storing `ulong64 s[25]` as little-endian bytes */ | ||
16 | unsigned short byte_index; /* 0..7--the next byte after the set one (starts from 0; 0--none are buffered) */ | ||
17 | unsigned short word_index; /* 0..24--the next word to integrate input (starts from 0) */ | ||
18 | unsigned short capacity_words; /* the double size of the hash output in words (e.g. 16 for Keccak 512) */ | ||
19 | unsigned short xof_flag; | ||
20 | }; | ||
21 | #endif | ||
22 | |||
23 | #ifdef LTC_SHA512 | ||
24 | struct sha512_state { | ||
25 | ulong64 length, state[8]; | ||
26 | unsigned long curlen; | ||
27 | unsigned char buf[128]; | ||
28 | }; | ||
29 | #endif | ||
30 | |||
31 | #ifdef LTC_SHA256 | ||
32 | struct sha256_state { | ||
33 | ulong64 length; | ||
34 | ulong32 state[8], curlen; | ||
35 | unsigned char buf[64]; | ||
36 | }; | ||
37 | #endif | ||
38 | |||
39 | #ifdef LTC_SHA1 | ||
40 | struct sha1_state { | ||
41 | ulong64 length; | ||
42 | ulong32 state[5], curlen; | ||
43 | unsigned char buf[64]; | ||
44 | }; | ||
45 | #endif | ||
46 | |||
47 | #ifdef LTC_MD5 | ||
48 | struct md5_state { | ||
49 | ulong64 length; | ||
50 | ulong32 state[4], curlen; | ||
51 | unsigned char buf[64]; | ||
52 | }; | ||
53 | #endif | ||
54 | |||
55 | #ifdef LTC_MD4 | ||
56 | struct md4_state { | ||
57 | ulong64 length; | ||
58 | ulong32 state[4], curlen; | ||
59 | unsigned char buf[64]; | ||
60 | }; | ||
61 | #endif | ||
62 | |||
63 | #ifdef LTC_TIGER | ||
64 | struct tiger_state { | ||
65 | ulong64 state[3], length; | ||
66 | unsigned long curlen; | ||
67 | unsigned char buf[64]; | ||
68 | }; | ||
69 | #endif | ||
70 | |||
71 | #ifdef LTC_MD2 | ||
72 | struct md2_state { | ||
73 | unsigned char chksum[16], X[48], buf[16]; | ||
74 | unsigned long curlen; | ||
75 | }; | ||
76 | #endif | ||
77 | |||
78 | #ifdef LTC_RIPEMD128 | ||
79 | struct rmd128_state { | ||
80 | ulong64 length; | ||
81 | unsigned char buf[64]; | ||
82 | ulong32 curlen, state[4]; | ||
83 | }; | ||
84 | #endif | ||
85 | |||
86 | #ifdef LTC_RIPEMD160 | ||
87 | struct rmd160_state { | ||
88 | ulong64 length; | ||
89 | unsigned char buf[64]; | ||
90 | ulong32 curlen, state[5]; | ||
91 | }; | ||
92 | #endif | ||
93 | |||
94 | #ifdef LTC_RIPEMD256 | ||
95 | struct rmd256_state { | ||
96 | ulong64 length; | ||
97 | unsigned char buf[64]; | ||
98 | ulong32 curlen, state[8]; | ||
99 | }; | ||
100 | #endif | ||
101 | |||
102 | #ifdef LTC_RIPEMD320 | ||
103 | struct rmd320_state { | ||
104 | ulong64 length; | ||
105 | unsigned char buf[64]; | ||
106 | ulong32 curlen, state[10]; | ||
107 | }; | ||
108 | #endif | ||
109 | |||
110 | #ifdef LTC_WHIRLPOOL | ||
111 | struct whirlpool_state { | ||
112 | ulong64 length, state[8]; | ||
113 | unsigned char buf[64]; | ||
114 | ulong32 curlen; | ||
115 | }; | ||
116 | #endif | ||
117 | |||
118 | #ifdef LTC_CHC_HASH | ||
119 | struct chc_state { | ||
120 | ulong64 length; | ||
121 | unsigned char state[MAXBLOCKSIZE], buf[MAXBLOCKSIZE]; | ||
122 | ulong32 curlen; | ||
123 | }; | ||
124 | #endif | ||
125 | |||
126 | #ifdef LTC_BLAKE2S | ||
127 | struct blake2s_state { | ||
128 | ulong32 h[8]; | ||
129 | ulong32 t[2]; | ||
130 | ulong32 f[2]; | ||
131 | unsigned char buf[64]; | ||
132 | unsigned long curlen; | ||
133 | unsigned long outlen; | ||
134 | unsigned char last_node; | ||
135 | }; | ||
136 | #endif | ||
137 | |||
138 | #ifdef LTC_BLAKE2B | ||
139 | struct blake2b_state { | ||
140 | ulong64 h[8]; | ||
141 | ulong64 t[2]; | ||
142 | ulong64 f[2]; | ||
143 | unsigned char buf[128]; | ||
144 | unsigned long curlen; | ||
145 | unsigned long outlen; | ||
146 | unsigned char last_node; | ||
147 | }; | ||
148 | #endif | ||
149 | |||
150 | typedef union Hash_state { | ||
151 | char dummy[1]; | ||
152 | #ifdef LTC_CHC_HASH | ||
153 | struct chc_state chc; | ||
154 | #endif | ||
155 | #ifdef LTC_WHIRLPOOL | ||
156 | struct whirlpool_state whirlpool; | ||
157 | #endif | ||
158 | #ifdef LTC_SHA3 | ||
159 | struct sha3_state sha3; | ||
160 | #endif | ||
161 | #ifdef LTC_SHA512 | ||
162 | struct sha512_state sha512; | ||
163 | #endif | ||
164 | #ifdef LTC_SHA256 | ||
165 | struct sha256_state sha256; | ||
166 | #endif | ||
167 | #ifdef LTC_SHA1 | ||
168 | struct sha1_state sha1; | ||
169 | #endif | ||
170 | #ifdef LTC_MD5 | ||
171 | struct md5_state md5; | ||
172 | #endif | ||
173 | #ifdef LTC_MD4 | ||
174 | struct md4_state md4; | ||
175 | #endif | ||
176 | #ifdef LTC_MD2 | ||
177 | struct md2_state md2; | ||
178 | #endif | ||
179 | #ifdef LTC_TIGER | ||
180 | struct tiger_state tiger; | ||
181 | #endif | ||
182 | #ifdef LTC_RIPEMD128 | ||
183 | struct rmd128_state rmd128; | ||
184 | #endif | ||
185 | #ifdef LTC_RIPEMD160 | ||
186 | struct rmd160_state rmd160; | ||
187 | #endif | ||
188 | #ifdef LTC_RIPEMD256 | ||
189 | struct rmd256_state rmd256; | ||
190 | #endif | ||
191 | #ifdef LTC_RIPEMD320 | ||
192 | struct rmd320_state rmd320; | ||
193 | #endif | ||
194 | #ifdef LTC_BLAKE2S | ||
195 | struct blake2s_state blake2s; | ||
196 | #endif | ||
197 | #ifdef LTC_BLAKE2B | ||
198 | struct blake2b_state blake2b; | ||
199 | #endif | ||
200 | |||
201 | void *data; | ||
202 | } hash_state; | ||
203 | |||
204 | /** hash descriptor */ | ||
205 | extern struct ltc_hash_descriptor { | ||
206 | /** name of hash */ | ||
207 | const char *name; | ||
208 | /** internal ID */ | ||
209 | unsigned char ID; | ||
210 | /** Size of digest in octets */ | ||
211 | unsigned long hashsize; | ||
212 | /** Input block size in octets */ | ||
213 | unsigned long blocksize; | ||
214 | /** ASN.1 OID */ | ||
215 | unsigned long OID[16]; | ||
216 | /** Length of DER encoding */ | ||
217 | unsigned long OIDlen; | ||
218 | |||
219 | /** Init a hash state | ||
220 | @param hash The hash to initialize | ||
221 | @return CRYPT_OK if successful | ||
222 | */ | ||
223 | int (*init)(hash_state *hash); | ||
224 | /** Process a block of data | ||
225 | @param hash The hash state | ||
226 | @param in The data to hash | ||
227 | @param inlen The length of the data (octets) | ||
228 | @return CRYPT_OK if successful | ||
229 | */ | ||
230 | int (*process)(hash_state *hash, const unsigned char *in, unsigned long inlen); | ||
231 | /** Produce the digest and store it | ||
232 | @param hash The hash state | ||
233 | @param out [out] The destination of the digest | ||
234 | @return CRYPT_OK if successful | ||
235 | */ | ||
236 | int (*done)(hash_state *hash, unsigned char *out); | ||
237 | /** Self-test | ||
238 | @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled | ||
239 | */ | ||
240 | int (*test)(void); | ||
241 | |||
242 | /* accelerated hmac callback: if you need to-do multiple packets just use the generic hmac_memory and provide a hash callback */ | ||
243 | int (*hmac_block)(const unsigned char *key, unsigned long keylen, | ||
244 | const unsigned char *in, unsigned long inlen, | ||
245 | unsigned char *out, unsigned long *outlen); | ||
246 | |||
247 | } hash_descriptor[]; | ||
248 | |||
249 | #ifdef LTC_CHC_HASH | ||
250 | int chc_register(int cipher); | ||
251 | int chc_init(hash_state * md); | ||
252 | int chc_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
253 | int chc_done(hash_state * md, unsigned char *hash); | ||
254 | int chc_test(void); | ||
255 | extern const struct ltc_hash_descriptor chc_desc; | ||
256 | #endif | ||
257 | |||
258 | #ifdef LTC_WHIRLPOOL | ||
259 | int whirlpool_init(hash_state * md); | ||
260 | int whirlpool_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
261 | int whirlpool_done(hash_state * md, unsigned char *hash); | ||
262 | int whirlpool_test(void); | ||
263 | extern const struct ltc_hash_descriptor whirlpool_desc; | ||
264 | #endif | ||
265 | |||
266 | #ifdef LTC_SHA3 | ||
267 | int sha3_512_init(hash_state * md); | ||
268 | int sha3_512_test(void); | ||
269 | extern const struct ltc_hash_descriptor sha3_512_desc; | ||
270 | int sha3_384_init(hash_state * md); | ||
271 | int sha3_384_test(void); | ||
272 | extern const struct ltc_hash_descriptor sha3_384_desc; | ||
273 | int sha3_256_init(hash_state * md); | ||
274 | int sha3_256_test(void); | ||
275 | extern const struct ltc_hash_descriptor sha3_256_desc; | ||
276 | int sha3_224_init(hash_state * md); | ||
277 | int sha3_224_test(void); | ||
278 | extern const struct ltc_hash_descriptor sha3_224_desc; | ||
279 | /* process + done are the same for all variants */ | ||
280 | int sha3_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
281 | int sha3_done(hash_state *md, unsigned char *hash); | ||
282 | /* SHAKE128 + SHAKE256 */ | ||
283 | int sha3_shake_init(hash_state *md, int num); | ||
284 | #define sha3_shake_process(a,b,c) sha3_process(a,b,c) | ||
285 | int sha3_shake_done(hash_state *md, unsigned char *out, unsigned long outlen); | ||
286 | int sha3_shake_test(void); | ||
287 | int sha3_shake_memory(int num, const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen); | ||
288 | #endif | ||
289 | |||
290 | #ifdef LTC_SHA512 | ||
291 | int sha512_init(hash_state * md); | ||
292 | int sha512_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
293 | int sha512_done(hash_state * md, unsigned char *hash); | ||
294 | int sha512_test(void); | ||
295 | extern const struct ltc_hash_descriptor sha512_desc; | ||
296 | #endif | ||
297 | |||
298 | #ifdef LTC_SHA384 | ||
299 | #ifndef LTC_SHA512 | ||
300 | #error LTC_SHA512 is required for LTC_SHA384 | ||
301 | #endif | ||
302 | int sha384_init(hash_state * md); | ||
303 | #define sha384_process sha512_process | ||
304 | int sha384_done(hash_state * md, unsigned char *hash); | ||
305 | int sha384_test(void); | ||
306 | extern const struct ltc_hash_descriptor sha384_desc; | ||
307 | #endif | ||
308 | |||
309 | #ifdef LTC_SHA512_256 | ||
310 | #ifndef LTC_SHA512 | ||
311 | #error LTC_SHA512 is required for LTC_SHA512_256 | ||
312 | #endif | ||
313 | int sha512_256_init(hash_state * md); | ||
314 | #define sha512_256_process sha512_process | ||
315 | int sha512_256_done(hash_state * md, unsigned char *hash); | ||
316 | int sha512_256_test(void); | ||
317 | extern const struct ltc_hash_descriptor sha512_256_desc; | ||
318 | #endif | ||
319 | |||
320 | #ifdef LTC_SHA512_224 | ||
321 | #ifndef LTC_SHA512 | ||
322 | #error LTC_SHA512 is required for LTC_SHA512_224 | ||
323 | #endif | ||
324 | int sha512_224_init(hash_state * md); | ||
325 | #define sha512_224_process sha512_process | ||
326 | int sha512_224_done(hash_state * md, unsigned char *hash); | ||
327 | int sha512_224_test(void); | ||
328 | extern const struct ltc_hash_descriptor sha512_224_desc; | ||
329 | #endif | ||
330 | |||
331 | #ifdef LTC_SHA256 | ||
332 | int sha256_init(hash_state * md); | ||
333 | int sha256_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
334 | int sha256_done(hash_state * md, unsigned char *hash); | ||
335 | int sha256_test(void); | ||
336 | extern const struct ltc_hash_descriptor sha256_desc; | ||
337 | |||
338 | #ifdef LTC_SHA224 | ||
339 | #ifndef LTC_SHA256 | ||
340 | #error LTC_SHA256 is required for LTC_SHA224 | ||
341 | #endif | ||
342 | int sha224_init(hash_state * md); | ||
343 | #define sha224_process sha256_process | ||
344 | int sha224_done(hash_state * md, unsigned char *hash); | ||
345 | int sha224_test(void); | ||
346 | extern const struct ltc_hash_descriptor sha224_desc; | ||
347 | #endif | ||
348 | #endif | ||
349 | |||
350 | #ifdef LTC_SHA1 | ||
351 | int sha1_init(hash_state * md); | ||
352 | int sha1_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
353 | int sha1_done(hash_state * md, unsigned char *hash); | ||
354 | int sha1_test(void); | ||
355 | extern const struct ltc_hash_descriptor sha1_desc; | ||
356 | #endif | ||
357 | |||
358 | #ifdef LTC_BLAKE2S | ||
359 | extern const struct ltc_hash_descriptor blake2s_256_desc; | ||
360 | int blake2s_256_init(hash_state * md); | ||
361 | int blake2s_256_test(void); | ||
362 | |||
363 | extern const struct ltc_hash_descriptor blake2s_224_desc; | ||
364 | int blake2s_224_init(hash_state * md); | ||
365 | int blake2s_224_test(void); | ||
366 | |||
367 | extern const struct ltc_hash_descriptor blake2s_160_desc; | ||
368 | int blake2s_160_init(hash_state * md); | ||
369 | int blake2s_160_test(void); | ||
370 | |||
371 | extern const struct ltc_hash_descriptor blake2s_128_desc; | ||
372 | int blake2s_128_init(hash_state * md); | ||
373 | int blake2s_128_test(void); | ||
374 | |||
375 | int blake2s_init(hash_state * md, unsigned long outlen, const unsigned char *key, unsigned long keylen); | ||
376 | int blake2s_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
377 | int blake2s_done(hash_state * md, unsigned char *hash); | ||
378 | #endif | ||
379 | |||
380 | #ifdef LTC_BLAKE2B | ||
381 | extern const struct ltc_hash_descriptor blake2b_512_desc; | ||
382 | int blake2b_512_init(hash_state * md); | ||
383 | int blake2b_512_test(void); | ||
384 | |||
385 | extern const struct ltc_hash_descriptor blake2b_384_desc; | ||
386 | int blake2b_384_init(hash_state * md); | ||
387 | int blake2b_384_test(void); | ||
388 | |||
389 | extern const struct ltc_hash_descriptor blake2b_256_desc; | ||
390 | int blake2b_256_init(hash_state * md); | ||
391 | int blake2b_256_test(void); | ||
392 | |||
393 | extern const struct ltc_hash_descriptor blake2b_160_desc; | ||
394 | int blake2b_160_init(hash_state * md); | ||
395 | int blake2b_160_test(void); | ||
396 | |||
397 | int blake2b_init(hash_state * md, unsigned long outlen, const unsigned char *key, unsigned long keylen); | ||
398 | int blake2b_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
399 | int blake2b_done(hash_state * md, unsigned char *hash); | ||
400 | #endif | ||
401 | |||
402 | #ifdef LTC_MD5 | ||
403 | int md5_init(hash_state * md); | ||
404 | int md5_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
405 | int md5_done(hash_state * md, unsigned char *hash); | ||
406 | int md5_test(void); | ||
407 | extern const struct ltc_hash_descriptor md5_desc; | ||
408 | #endif | ||
409 | |||
410 | #ifdef LTC_MD4 | ||
411 | int md4_init(hash_state * md); | ||
412 | int md4_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
413 | int md4_done(hash_state * md, unsigned char *hash); | ||
414 | int md4_test(void); | ||
415 | extern const struct ltc_hash_descriptor md4_desc; | ||
416 | #endif | ||
417 | |||
418 | #ifdef LTC_MD2 | ||
419 | int md2_init(hash_state * md); | ||
420 | int md2_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
421 | int md2_done(hash_state * md, unsigned char *hash); | ||
422 | int md2_test(void); | ||
423 | extern const struct ltc_hash_descriptor md2_desc; | ||
424 | #endif | ||
425 | |||
426 | #ifdef LTC_TIGER | ||
427 | int tiger_init(hash_state * md); | ||
428 | int tiger_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
429 | int tiger_done(hash_state * md, unsigned char *hash); | ||
430 | int tiger_test(void); | ||
431 | extern const struct ltc_hash_descriptor tiger_desc; | ||
432 | #endif | ||
433 | |||
434 | #ifdef LTC_RIPEMD128 | ||
435 | int rmd128_init(hash_state * md); | ||
436 | int rmd128_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
437 | int rmd128_done(hash_state * md, unsigned char *hash); | ||
438 | int rmd128_test(void); | ||
439 | extern const struct ltc_hash_descriptor rmd128_desc; | ||
440 | #endif | ||
441 | |||
442 | #ifdef LTC_RIPEMD160 | ||
443 | int rmd160_init(hash_state * md); | ||
444 | int rmd160_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
445 | int rmd160_done(hash_state * md, unsigned char *hash); | ||
446 | int rmd160_test(void); | ||
447 | extern const struct ltc_hash_descriptor rmd160_desc; | ||
448 | #endif | ||
449 | |||
450 | #ifdef LTC_RIPEMD256 | ||
451 | int rmd256_init(hash_state * md); | ||
452 | int rmd256_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
453 | int rmd256_done(hash_state * md, unsigned char *hash); | ||
454 | int rmd256_test(void); | ||
455 | extern const struct ltc_hash_descriptor rmd256_desc; | ||
456 | #endif | ||
457 | |||
458 | #ifdef LTC_RIPEMD320 | ||
459 | int rmd320_init(hash_state * md); | ||
460 | int rmd320_process(hash_state * md, const unsigned char *in, unsigned long inlen); | ||
461 | int rmd320_done(hash_state * md, unsigned char *hash); | ||
462 | int rmd320_test(void); | ||
463 | extern const struct ltc_hash_descriptor rmd320_desc; | ||
464 | #endif | ||
465 | |||
466 | |||
467 | int find_hash(const char *name); | ||
468 | int find_hash_id(unsigned char ID); | ||
469 | int find_hash_oid(const unsigned long *ID, unsigned long IDlen); | ||
470 | int find_hash_any(const char *name, int digestlen); | ||
471 | int register_hash(const struct ltc_hash_descriptor *hash); | ||
472 | int unregister_hash(const struct ltc_hash_descriptor *hash); | ||
473 | int register_all_hashes(void); | ||
474 | int hash_is_valid(int idx); | ||
475 | |||
476 | LTC_MUTEX_PROTO(ltc_hash_mutex) | ||
477 | |||
478 | int hash_memory(int hash, | ||
479 | const unsigned char *in, unsigned long inlen, | ||
480 | unsigned char *out, unsigned long *outlen); | ||
481 | int hash_memory_multi(int hash, unsigned char *out, unsigned long *outlen, | ||
482 | const unsigned char *in, unsigned long inlen, ...); | ||
483 | |||
484 | #ifndef LTC_NO_FILE | ||
485 | int hash_filehandle(int hash, FILE *in, unsigned char *out, unsigned long *outlen); | ||
486 | int hash_file(int hash, const char *fname, unsigned char *out, unsigned long *outlen); | ||
487 | #endif | ||
488 | |||
489 | /* a simple macro for making hash "process" functions */ | ||
490 | #define HASH_PROCESS(func_name, compress_name, state_var, block_size) \ | ||
491 | int func_name (hash_state * md, const unsigned char *in, unsigned long inlen) \ | ||
492 | { \ | ||
493 | unsigned long n; \ | ||
494 | int err; \ | ||
495 | LTC_ARGCHK(md != NULL); \ | ||
496 | LTC_ARGCHK(in != NULL); \ | ||
497 | if (md-> state_var .curlen > sizeof(md-> state_var .buf)) { \ | ||
498 | return CRYPT_INVALID_ARG; \ | ||
499 | } \ | ||
500 | if ((md-> state_var .length + inlen) < md-> state_var .length) { \ | ||
501 | return CRYPT_HASH_OVERFLOW; \ | ||
502 | } \ | ||
503 | while (inlen > 0) { \ | ||
504 | if (md-> state_var .curlen == 0 && inlen >= block_size) { \ | ||
505 | if ((err = compress_name (md, (unsigned char *)in)) != CRYPT_OK) { \ | ||
506 | return err; \ | ||
507 | } \ | ||
508 | md-> state_var .length += block_size * 8; \ | ||
509 | in += block_size; \ | ||
510 | inlen -= block_size; \ | ||
511 | } else { \ | ||
512 | n = MIN(inlen, (block_size - md-> state_var .curlen)); \ | ||
513 | XMEMCPY(md-> state_var .buf + md-> state_var.curlen, in, (size_t)n); \ | ||
514 | md-> state_var .curlen += n; \ | ||
515 | in += n; \ | ||
516 | inlen -= n; \ | ||
517 | if (md-> state_var .curlen == block_size) { \ | ||
518 | if ((err = compress_name (md, md-> state_var .buf)) != CRYPT_OK) { \ | ||
519 | return err; \ | ||
520 | } \ | ||
521 | md-> state_var .length += 8*block_size; \ | ||
522 | md-> state_var .curlen = 0; \ | ||
523 | } \ | ||
524 | } \ | ||
525 | } \ | ||
526 | return CRYPT_OK; \ | ||
527 | } | ||
528 | |||
529 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
530 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
531 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_mac.h b/utils/tomcrypt/src/headers/tomcrypt_mac.h new file mode 100644 index 0000000000..80b922e751 --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_mac.h | |||
@@ -0,0 +1,565 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | #ifdef LTC_HMAC | ||
11 | typedef struct Hmac_state { | ||
12 | hash_state md; | ||
13 | int hash; | ||
14 | hash_state hashstate; | ||
15 | unsigned char *key; | ||
16 | } hmac_state; | ||
17 | |||
18 | int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned long keylen); | ||
19 | int hmac_process(hmac_state *hmac, const unsigned char *in, unsigned long inlen); | ||
20 | int hmac_done(hmac_state *hmac, unsigned char *out, unsigned long *outlen); | ||
21 | int hmac_test(void); | ||
22 | int hmac_memory(int hash, | ||
23 | const unsigned char *key, unsigned long keylen, | ||
24 | const unsigned char *in, unsigned long inlen, | ||
25 | unsigned char *out, unsigned long *outlen); | ||
26 | int hmac_memory_multi(int hash, | ||
27 | const unsigned char *key, unsigned long keylen, | ||
28 | unsigned char *out, unsigned long *outlen, | ||
29 | const unsigned char *in, unsigned long inlen, ...); | ||
30 | int hmac_file(int hash, const char *fname, const unsigned char *key, | ||
31 | unsigned long keylen, | ||
32 | unsigned char *dst, unsigned long *dstlen); | ||
33 | #endif | ||
34 | |||
35 | #ifdef LTC_OMAC | ||
36 | |||
37 | typedef struct { | ||
38 | int cipher_idx, | ||
39 | buflen, | ||
40 | blklen; | ||
41 | unsigned char block[MAXBLOCKSIZE], | ||
42 | prev[MAXBLOCKSIZE], | ||
43 | Lu[2][MAXBLOCKSIZE]; | ||
44 | symmetric_key key; | ||
45 | } omac_state; | ||
46 | |||
47 | int omac_init(omac_state *omac, int cipher, const unsigned char *key, unsigned long keylen); | ||
48 | int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen); | ||
49 | int omac_done(omac_state *omac, unsigned char *out, unsigned long *outlen); | ||
50 | int omac_memory(int cipher, | ||
51 | const unsigned char *key, unsigned long keylen, | ||
52 | const unsigned char *in, unsigned long inlen, | ||
53 | unsigned char *out, unsigned long *outlen); | ||
54 | int omac_memory_multi(int cipher, | ||
55 | const unsigned char *key, unsigned long keylen, | ||
56 | unsigned char *out, unsigned long *outlen, | ||
57 | const unsigned char *in, unsigned long inlen, ...); | ||
58 | int omac_file(int cipher, | ||
59 | const unsigned char *key, unsigned long keylen, | ||
60 | const char *filename, | ||
61 | unsigned char *out, unsigned long *outlen); | ||
62 | int omac_test(void); | ||
63 | #endif /* LTC_OMAC */ | ||
64 | |||
65 | #ifdef LTC_PMAC | ||
66 | |||
67 | typedef struct { | ||
68 | unsigned char Ls[32][MAXBLOCKSIZE], /* L shifted by i bits to the left */ | ||
69 | Li[MAXBLOCKSIZE], /* value of Li [current value, we calc from previous recall] */ | ||
70 | Lr[MAXBLOCKSIZE], /* L * x^-1 */ | ||
71 | block[MAXBLOCKSIZE], /* currently accumulated block */ | ||
72 | checksum[MAXBLOCKSIZE]; /* current checksum */ | ||
73 | |||
74 | symmetric_key key; /* scheduled key for cipher */ | ||
75 | unsigned long block_index; /* index # for current block */ | ||
76 | int cipher_idx, /* cipher idx */ | ||
77 | block_len, /* length of block */ | ||
78 | buflen; /* number of bytes in the buffer */ | ||
79 | } pmac_state; | ||
80 | |||
81 | int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned long keylen); | ||
82 | int pmac_process(pmac_state *pmac, const unsigned char *in, unsigned long inlen); | ||
83 | int pmac_done(pmac_state *pmac, unsigned char *out, unsigned long *outlen); | ||
84 | |||
85 | int pmac_memory(int cipher, | ||
86 | const unsigned char *key, unsigned long keylen, | ||
87 | const unsigned char *msg, unsigned long msglen, | ||
88 | unsigned char *out, unsigned long *outlen); | ||
89 | |||
90 | int pmac_memory_multi(int cipher, | ||
91 | const unsigned char *key, unsigned long keylen, | ||
92 | unsigned char *out, unsigned long *outlen, | ||
93 | const unsigned char *in, unsigned long inlen, ...); | ||
94 | |||
95 | int pmac_file(int cipher, | ||
96 | const unsigned char *key, unsigned long keylen, | ||
97 | const char *filename, | ||
98 | unsigned char *out, unsigned long *outlen); | ||
99 | |||
100 | int pmac_test(void); | ||
101 | |||
102 | /* internal functions */ | ||
103 | int pmac_ntz(unsigned long x); | ||
104 | void pmac_shift_xor(pmac_state *pmac); | ||
105 | |||
106 | #endif /* PMAC */ | ||
107 | |||
108 | #ifdef LTC_POLY1305 | ||
109 | typedef struct { | ||
110 | ulong32 r[5]; | ||
111 | ulong32 h[5]; | ||
112 | ulong32 pad[4]; | ||
113 | unsigned long leftover; | ||
114 | unsigned char buffer[16]; | ||
115 | int final; | ||
116 | } poly1305_state; | ||
117 | |||
118 | int poly1305_init(poly1305_state *st, const unsigned char *key, unsigned long keylen); | ||
119 | int poly1305_process(poly1305_state *st, const unsigned char *in, unsigned long inlen); | ||
120 | int poly1305_done(poly1305_state *st, unsigned char *mac, unsigned long *maclen); | ||
121 | int poly1305_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); | ||
122 | int poly1305_memory_multi(const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen, const unsigned char *in, unsigned long inlen, ...); | ||
123 | int poly1305_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); | ||
124 | int poly1305_test(void); | ||
125 | #endif /* LTC_POLY1305 */ | ||
126 | |||
127 | #ifdef LTC_BLAKE2SMAC | ||
128 | typedef hash_state blake2smac_state; | ||
129 | int blake2smac_init(blake2smac_state *st, unsigned long outlen, const unsigned char *key, unsigned long keylen); | ||
130 | int blake2smac_process(blake2smac_state *st, const unsigned char *in, unsigned long inlen); | ||
131 | int blake2smac_done(blake2smac_state *st, unsigned char *mac, unsigned long *maclen); | ||
132 | int blake2smac_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); | ||
133 | int blake2smac_memory_multi(const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen, const unsigned char *in, unsigned long inlen, ...); | ||
134 | int blake2smac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); | ||
135 | int blake2smac_test(void); | ||
136 | #endif /* LTC_BLAKE2SMAC */ | ||
137 | |||
138 | #ifdef LTC_BLAKE2BMAC | ||
139 | typedef hash_state blake2bmac_state; | ||
140 | int blake2bmac_init(blake2bmac_state *st, unsigned long outlen, const unsigned char *key, unsigned long keylen); | ||
141 | int blake2bmac_process(blake2bmac_state *st, const unsigned char *in, unsigned long inlen); | ||
142 | int blake2bmac_done(blake2bmac_state *st, unsigned char *mac, unsigned long *maclen); | ||
143 | int blake2bmac_memory(const unsigned char *key, unsigned long keylen, const unsigned char *in, unsigned long inlen, unsigned char *mac, unsigned long *maclen); | ||
144 | int blake2bmac_memory_multi(const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen, const unsigned char *in, unsigned long inlen, ...); | ||
145 | int blake2bmac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen); | ||
146 | int blake2bmac_test(void); | ||
147 | #endif /* LTC_BLAKE2BMAC */ | ||
148 | |||
149 | #ifdef LTC_EAX_MODE | ||
150 | |||
151 | #if !(defined(LTC_OMAC) && defined(LTC_CTR_MODE)) | ||
152 | #error LTC_EAX_MODE requires LTC_OMAC and CTR | ||
153 | #endif | ||
154 | |||
155 | typedef struct { | ||
156 | unsigned char N[MAXBLOCKSIZE]; | ||
157 | symmetric_CTR ctr; | ||
158 | omac_state headeromac, ctomac; | ||
159 | } eax_state; | ||
160 | |||
161 | int eax_init(eax_state *eax, int cipher, const unsigned char *key, unsigned long keylen, | ||
162 | const unsigned char *nonce, unsigned long noncelen, | ||
163 | const unsigned char *header, unsigned long headerlen); | ||
164 | |||
165 | int eax_encrypt(eax_state *eax, const unsigned char *pt, unsigned char *ct, unsigned long length); | ||
166 | int eax_decrypt(eax_state *eax, const unsigned char *ct, unsigned char *pt, unsigned long length); | ||
167 | int eax_addheader(eax_state *eax, const unsigned char *header, unsigned long length); | ||
168 | int eax_done(eax_state *eax, unsigned char *tag, unsigned long *taglen); | ||
169 | |||
170 | int eax_encrypt_authenticate_memory(int cipher, | ||
171 | const unsigned char *key, unsigned long keylen, | ||
172 | const unsigned char *nonce, unsigned long noncelen, | ||
173 | const unsigned char *header, unsigned long headerlen, | ||
174 | const unsigned char *pt, unsigned long ptlen, | ||
175 | unsigned char *ct, | ||
176 | unsigned char *tag, unsigned long *taglen); | ||
177 | |||
178 | int eax_decrypt_verify_memory(int cipher, | ||
179 | const unsigned char *key, unsigned long keylen, | ||
180 | const unsigned char *nonce, unsigned long noncelen, | ||
181 | const unsigned char *header, unsigned long headerlen, | ||
182 | const unsigned char *ct, unsigned long ctlen, | ||
183 | unsigned char *pt, | ||
184 | unsigned char *tag, unsigned long taglen, | ||
185 | int *stat); | ||
186 | |||
187 | int eax_test(void); | ||
188 | #endif /* EAX MODE */ | ||
189 | |||
190 | #ifdef LTC_OCB_MODE | ||
191 | typedef struct { | ||
192 | unsigned char L[MAXBLOCKSIZE], /* L value */ | ||
193 | Ls[32][MAXBLOCKSIZE], /* L shifted by i bits to the left */ | ||
194 | Li[MAXBLOCKSIZE], /* value of Li [current value, we calc from previous recall] */ | ||
195 | Lr[MAXBLOCKSIZE], /* L * x^-1 */ | ||
196 | R[MAXBLOCKSIZE], /* R value */ | ||
197 | checksum[MAXBLOCKSIZE]; /* current checksum */ | ||
198 | |||
199 | symmetric_key key; /* scheduled key for cipher */ | ||
200 | unsigned long block_index; /* index # for current block */ | ||
201 | int cipher, /* cipher idx */ | ||
202 | block_len; /* length of block */ | ||
203 | } ocb_state; | ||
204 | |||
205 | int ocb_init(ocb_state *ocb, int cipher, | ||
206 | const unsigned char *key, unsigned long keylen, const unsigned char *nonce); | ||
207 | |||
208 | int ocb_encrypt(ocb_state *ocb, const unsigned char *pt, unsigned char *ct); | ||
209 | int ocb_decrypt(ocb_state *ocb, const unsigned char *ct, unsigned char *pt); | ||
210 | |||
211 | int ocb_done_encrypt(ocb_state *ocb, | ||
212 | const unsigned char *pt, unsigned long ptlen, | ||
213 | unsigned char *ct, | ||
214 | unsigned char *tag, unsigned long *taglen); | ||
215 | |||
216 | int ocb_done_decrypt(ocb_state *ocb, | ||
217 | const unsigned char *ct, unsigned long ctlen, | ||
218 | unsigned char *pt, | ||
219 | const unsigned char *tag, unsigned long taglen, int *stat); | ||
220 | |||
221 | int ocb_encrypt_authenticate_memory(int cipher, | ||
222 | const unsigned char *key, unsigned long keylen, | ||
223 | const unsigned char *nonce, | ||
224 | const unsigned char *pt, unsigned long ptlen, | ||
225 | unsigned char *ct, | ||
226 | unsigned char *tag, unsigned long *taglen); | ||
227 | |||
228 | int ocb_decrypt_verify_memory(int cipher, | ||
229 | const unsigned char *key, unsigned long keylen, | ||
230 | const unsigned char *nonce, | ||
231 | const unsigned char *ct, unsigned long ctlen, | ||
232 | unsigned char *pt, | ||
233 | const unsigned char *tag, unsigned long taglen, | ||
234 | int *stat); | ||
235 | |||
236 | int ocb_test(void); | ||
237 | |||
238 | /* internal functions */ | ||
239 | void ocb_shift_xor(ocb_state *ocb, unsigned char *Z); | ||
240 | int ocb_ntz(unsigned long x); | ||
241 | int s_ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen, | ||
242 | unsigned char *ct, unsigned char *tag, unsigned long *taglen, int mode); | ||
243 | |||
244 | #endif /* LTC_OCB_MODE */ | ||
245 | |||
246 | #ifdef LTC_OCB3_MODE | ||
247 | typedef struct { | ||
248 | unsigned char Offset_0[MAXBLOCKSIZE], /* Offset_0 value */ | ||
249 | Offset_current[MAXBLOCKSIZE], /* Offset_{current_block_index} value */ | ||
250 | L_dollar[MAXBLOCKSIZE], /* L_$ value */ | ||
251 | L_star[MAXBLOCKSIZE], /* L_* value */ | ||
252 | L_[32][MAXBLOCKSIZE], /* L_{i} values */ | ||
253 | tag_part[MAXBLOCKSIZE], /* intermediate result of tag calculation */ | ||
254 | checksum[MAXBLOCKSIZE]; /* current checksum */ | ||
255 | |||
256 | /* AAD related members */ | ||
257 | unsigned char aSum_current[MAXBLOCKSIZE], /* AAD related helper variable */ | ||
258 | aOffset_current[MAXBLOCKSIZE], /* AAD related helper variable */ | ||
259 | adata_buffer[MAXBLOCKSIZE]; /* AAD buffer */ | ||
260 | int adata_buffer_bytes; /* bytes in AAD buffer */ | ||
261 | unsigned long ablock_index; /* index # for current adata (AAD) block */ | ||
262 | |||
263 | symmetric_key key; /* scheduled key for cipher */ | ||
264 | unsigned long block_index; /* index # for current data block */ | ||
265 | int cipher, /* cipher idx */ | ||
266 | tag_len, /* length of tag */ | ||
267 | block_len; /* length of block */ | ||
268 | } ocb3_state; | ||
269 | |||
270 | int ocb3_init(ocb3_state *ocb, int cipher, | ||
271 | const unsigned char *key, unsigned long keylen, | ||
272 | const unsigned char *nonce, unsigned long noncelen, | ||
273 | unsigned long taglen); | ||
274 | |||
275 | int ocb3_encrypt(ocb3_state *ocb, const unsigned char *pt, unsigned long ptlen, unsigned char *ct); | ||
276 | int ocb3_decrypt(ocb3_state *ocb, const unsigned char *ct, unsigned long ctlen, unsigned char *pt); | ||
277 | int ocb3_encrypt_last(ocb3_state *ocb, const unsigned char *pt, unsigned long ptlen, unsigned char *ct); | ||
278 | int ocb3_decrypt_last(ocb3_state *ocb, const unsigned char *ct, unsigned long ctlen, unsigned char *pt); | ||
279 | int ocb3_add_aad(ocb3_state *ocb, const unsigned char *aad, unsigned long aadlen); | ||
280 | int ocb3_done(ocb3_state *ocb, unsigned char *tag, unsigned long *taglen); | ||
281 | |||
282 | int ocb3_encrypt_authenticate_memory(int cipher, | ||
283 | const unsigned char *key, unsigned long keylen, | ||
284 | const unsigned char *nonce, unsigned long noncelen, | ||
285 | const unsigned char *adata, unsigned long adatalen, | ||
286 | const unsigned char *pt, unsigned long ptlen, | ||
287 | unsigned char *ct, | ||
288 | unsigned char *tag, unsigned long *taglen); | ||
289 | |||
290 | int ocb3_decrypt_verify_memory(int cipher, | ||
291 | const unsigned char *key, unsigned long keylen, | ||
292 | const unsigned char *nonce, unsigned long noncelen, | ||
293 | const unsigned char *adata, unsigned long adatalen, | ||
294 | const unsigned char *ct, unsigned long ctlen, | ||
295 | unsigned char *pt, | ||
296 | const unsigned char *tag, unsigned long taglen, | ||
297 | int *stat); | ||
298 | |||
299 | int ocb3_test(void); | ||
300 | |||
301 | #ifdef LTC_SOURCE | ||
302 | /* internal helper functions */ | ||
303 | int ocb3_int_ntz(unsigned long x); | ||
304 | void ocb3_int_xor_blocks(unsigned char *out, const unsigned char *block_a, const unsigned char *block_b, unsigned long block_len); | ||
305 | #endif /* LTC_SOURCE */ | ||
306 | |||
307 | #endif /* LTC_OCB3_MODE */ | ||
308 | |||
309 | #ifdef LTC_CCM_MODE | ||
310 | |||
311 | #define CCM_ENCRYPT LTC_ENCRYPT | ||
312 | #define CCM_DECRYPT LTC_DECRYPT | ||
313 | |||
314 | typedef struct { | ||
315 | symmetric_key K; | ||
316 | int cipher, /* which cipher */ | ||
317 | taglen, /* length of the tag */ | ||
318 | x; /* index in PAD */ | ||
319 | |||
320 | unsigned long L, /* L value */ | ||
321 | ptlen, /* length that will be enc / dec */ | ||
322 | current_ptlen, /* current processed length */ | ||
323 | aadlen, /* length of the aad */ | ||
324 | current_aadlen, /* length of the currently provided add */ | ||
325 | noncelen; /* length of the nonce */ | ||
326 | |||
327 | unsigned char PAD[16], | ||
328 | ctr[16], | ||
329 | CTRPAD[16], | ||
330 | CTRlen; | ||
331 | } ccm_state; | ||
332 | |||
333 | int ccm_init(ccm_state *ccm, int cipher, | ||
334 | const unsigned char *key, int keylen, int ptlen, int taglen, int aad_len); | ||
335 | |||
336 | int ccm_reset(ccm_state *ccm); | ||
337 | |||
338 | int ccm_add_nonce(ccm_state *ccm, | ||
339 | const unsigned char *nonce, unsigned long noncelen); | ||
340 | |||
341 | int ccm_add_aad(ccm_state *ccm, | ||
342 | const unsigned char *adata, unsigned long adatalen); | ||
343 | |||
344 | int ccm_process(ccm_state *ccm, | ||
345 | unsigned char *pt, unsigned long ptlen, | ||
346 | unsigned char *ct, | ||
347 | int direction); | ||
348 | |||
349 | int ccm_done(ccm_state *ccm, | ||
350 | unsigned char *tag, unsigned long *taglen); | ||
351 | |||
352 | int ccm_memory(int cipher, | ||
353 | const unsigned char *key, unsigned long keylen, | ||
354 | symmetric_key *uskey, | ||
355 | const unsigned char *nonce, unsigned long noncelen, | ||
356 | const unsigned char *header, unsigned long headerlen, | ||
357 | unsigned char *pt, unsigned long ptlen, | ||
358 | unsigned char *ct, | ||
359 | unsigned char *tag, unsigned long *taglen, | ||
360 | int direction); | ||
361 | |||
362 | int ccm_test(void); | ||
363 | |||
364 | #endif /* LTC_CCM_MODE */ | ||
365 | |||
366 | #if defined(LRW_MODE) || defined(LTC_GCM_MODE) | ||
367 | void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *c); | ||
368 | #endif | ||
369 | |||
370 | |||
371 | /* table shared between GCM and LRW */ | ||
372 | #if defined(LTC_GCM_TABLES) || defined(LTC_LRW_TABLES) || ((defined(LTC_GCM_MODE) || defined(LTC_GCM_MODE)) && defined(LTC_FAST)) | ||
373 | extern const unsigned char gcm_shift_table[]; | ||
374 | #endif | ||
375 | |||
376 | #ifdef LTC_GCM_MODE | ||
377 | |||
378 | #define GCM_ENCRYPT LTC_ENCRYPT | ||
379 | #define GCM_DECRYPT LTC_DECRYPT | ||
380 | |||
381 | #define LTC_GCM_MODE_IV 0 | ||
382 | #define LTC_GCM_MODE_AAD 1 | ||
383 | #define LTC_GCM_MODE_TEXT 2 | ||
384 | |||
385 | typedef struct { | ||
386 | symmetric_key K; | ||
387 | unsigned char H[16], /* multiplier */ | ||
388 | X[16], /* accumulator */ | ||
389 | Y[16], /* counter */ | ||
390 | Y_0[16], /* initial counter */ | ||
391 | buf[16]; /* buffer for stuff */ | ||
392 | |||
393 | int cipher, /* which cipher */ | ||
394 | ivmode, /* Which mode is the IV in? */ | ||
395 | mode, /* mode the GCM code is in */ | ||
396 | buflen; /* length of data in buf */ | ||
397 | |||
398 | ulong64 totlen, /* 64-bit counter used for IV and AAD */ | ||
399 | pttotlen; /* 64-bit counter for the PT */ | ||
400 | |||
401 | #ifdef LTC_GCM_TABLES | ||
402 | unsigned char PC[16][256][16] /* 16 tables of 8x128 */ | ||
403 | #ifdef LTC_GCM_TABLES_SSE2 | ||
404 | __attribute__ ((aligned (16))) | ||
405 | #endif | ||
406 | ; | ||
407 | #endif | ||
408 | } gcm_state; | ||
409 | |||
410 | void gcm_mult_h(gcm_state *gcm, unsigned char *I); | ||
411 | |||
412 | int gcm_init(gcm_state *gcm, int cipher, | ||
413 | const unsigned char *key, int keylen); | ||
414 | |||
415 | int gcm_reset(gcm_state *gcm); | ||
416 | |||
417 | int gcm_add_iv(gcm_state *gcm, | ||
418 | const unsigned char *IV, unsigned long IVlen); | ||
419 | |||
420 | int gcm_add_aad(gcm_state *gcm, | ||
421 | const unsigned char *adata, unsigned long adatalen); | ||
422 | |||
423 | int gcm_process(gcm_state *gcm, | ||
424 | unsigned char *pt, unsigned long ptlen, | ||
425 | unsigned char *ct, | ||
426 | int direction); | ||
427 | |||
428 | int gcm_done(gcm_state *gcm, | ||
429 | unsigned char *tag, unsigned long *taglen); | ||
430 | |||
431 | int gcm_memory( int cipher, | ||
432 | const unsigned char *key, unsigned long keylen, | ||
433 | const unsigned char *IV, unsigned long IVlen, | ||
434 | const unsigned char *adata, unsigned long adatalen, | ||
435 | unsigned char *pt, unsigned long ptlen, | ||
436 | unsigned char *ct, | ||
437 | unsigned char *tag, unsigned long *taglen, | ||
438 | int direction); | ||
439 | int gcm_test(void); | ||
440 | |||
441 | #endif /* LTC_GCM_MODE */ | ||
442 | |||
443 | #ifdef LTC_PELICAN | ||
444 | |||
445 | typedef struct pelican_state | ||
446 | { | ||
447 | symmetric_key K; | ||
448 | unsigned char state[16]; | ||
449 | int buflen; | ||
450 | } pelican_state; | ||
451 | |||
452 | int pelican_init(pelican_state *pelmac, const unsigned char *key, unsigned long keylen); | ||
453 | int pelican_process(pelican_state *pelmac, const unsigned char *in, unsigned long inlen); | ||
454 | int pelican_done(pelican_state *pelmac, unsigned char *out); | ||
455 | int pelican_test(void); | ||
456 | |||
457 | int pelican_memory(const unsigned char *key, unsigned long keylen, | ||
458 | const unsigned char *in, unsigned long inlen, | ||
459 | unsigned char *out); | ||
460 | |||
461 | #endif | ||
462 | |||
463 | #ifdef LTC_XCBC | ||
464 | |||
465 | /* add this to "keylen" to xcbc_init to use a pure three-key XCBC MAC */ | ||
466 | #define LTC_XCBC_PURE 0x8000UL | ||
467 | |||
468 | typedef struct { | ||
469 | unsigned char K[3][MAXBLOCKSIZE], | ||
470 | IV[MAXBLOCKSIZE]; | ||
471 | |||
472 | symmetric_key key; | ||
473 | |||
474 | int cipher, | ||
475 | buflen, | ||
476 | blocksize; | ||
477 | } xcbc_state; | ||
478 | |||
479 | int xcbc_init(xcbc_state *xcbc, int cipher, const unsigned char *key, unsigned long keylen); | ||
480 | int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen); | ||
481 | int xcbc_done(xcbc_state *xcbc, unsigned char *out, unsigned long *outlen); | ||
482 | int xcbc_memory(int cipher, | ||
483 | const unsigned char *key, unsigned long keylen, | ||
484 | const unsigned char *in, unsigned long inlen, | ||
485 | unsigned char *out, unsigned long *outlen); | ||
486 | int xcbc_memory_multi(int cipher, | ||
487 | const unsigned char *key, unsigned long keylen, | ||
488 | unsigned char *out, unsigned long *outlen, | ||
489 | const unsigned char *in, unsigned long inlen, ...); | ||
490 | int xcbc_file(int cipher, | ||
491 | const unsigned char *key, unsigned long keylen, | ||
492 | const char *filename, | ||
493 | unsigned char *out, unsigned long *outlen); | ||
494 | int xcbc_test(void); | ||
495 | |||
496 | #endif | ||
497 | |||
498 | #ifdef LTC_F9_MODE | ||
499 | |||
500 | typedef struct { | ||
501 | unsigned char akey[MAXBLOCKSIZE], | ||
502 | ACC[MAXBLOCKSIZE], | ||
503 | IV[MAXBLOCKSIZE]; | ||
504 | |||
505 | symmetric_key key; | ||
506 | |||
507 | int cipher, | ||
508 | buflen, | ||
509 | keylen, | ||
510 | blocksize; | ||
511 | } f9_state; | ||
512 | |||
513 | int f9_init(f9_state *f9, int cipher, const unsigned char *key, unsigned long keylen); | ||
514 | int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen); | ||
515 | int f9_done(f9_state *f9, unsigned char *out, unsigned long *outlen); | ||
516 | int f9_memory(int cipher, | ||
517 | const unsigned char *key, unsigned long keylen, | ||
518 | const unsigned char *in, unsigned long inlen, | ||
519 | unsigned char *out, unsigned long *outlen); | ||
520 | int f9_memory_multi(int cipher, | ||
521 | const unsigned char *key, unsigned long keylen, | ||
522 | unsigned char *out, unsigned long *outlen, | ||
523 | const unsigned char *in, unsigned long inlen, ...); | ||
524 | int f9_file(int cipher, | ||
525 | const unsigned char *key, unsigned long keylen, | ||
526 | const char *filename, | ||
527 | unsigned char *out, unsigned long *outlen); | ||
528 | int f9_test(void); | ||
529 | |||
530 | #endif | ||
531 | |||
532 | #ifdef LTC_CHACHA20POLY1305_MODE | ||
533 | |||
534 | typedef struct { | ||
535 | poly1305_state poly; | ||
536 | chacha_state chacha; | ||
537 | ulong64 aadlen; | ||
538 | ulong64 ctlen; | ||
539 | int aadflg; | ||
540 | } chacha20poly1305_state; | ||
541 | |||
542 | #define CHACHA20POLY1305_ENCRYPT LTC_ENCRYPT | ||
543 | #define CHACHA20POLY1305_DECRYPT LTC_DECRYPT | ||
544 | |||
545 | int chacha20poly1305_init(chacha20poly1305_state *st, const unsigned char *key, unsigned long keylen); | ||
546 | int chacha20poly1305_setiv(chacha20poly1305_state *st, const unsigned char *iv, unsigned long ivlen); | ||
547 | int chacha20poly1305_setiv_rfc7905(chacha20poly1305_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 sequence_number); | ||
548 | int chacha20poly1305_add_aad(chacha20poly1305_state *st, const unsigned char *in, unsigned long inlen); | ||
549 | int chacha20poly1305_encrypt(chacha20poly1305_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); | ||
550 | int chacha20poly1305_decrypt(chacha20poly1305_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); | ||
551 | int chacha20poly1305_done(chacha20poly1305_state *st, unsigned char *tag, unsigned long *taglen); | ||
552 | int chacha20poly1305_memory(const unsigned char *key, unsigned long keylen, | ||
553 | const unsigned char *iv, unsigned long ivlen, | ||
554 | const unsigned char *aad, unsigned long aadlen, | ||
555 | const unsigned char *in, unsigned long inlen, | ||
556 | unsigned char *out, | ||
557 | unsigned char *tag, unsigned long *taglen, | ||
558 | int direction); | ||
559 | int chacha20poly1305_test(void); | ||
560 | |||
561 | #endif /* LTC_CHACHA20POLY1305_MODE */ | ||
562 | |||
563 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
564 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
565 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_macros.h b/utils/tomcrypt/src/headers/tomcrypt_macros.h new file mode 100644 index 0000000000..a3a335e455 --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_macros.h | |||
@@ -0,0 +1,446 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* ---- HELPER MACROS ---- */ | ||
11 | #ifdef ENDIAN_NEUTRAL | ||
12 | |||
13 | #define STORE32L(x, y) \ | ||
14 | do { (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \ | ||
15 | (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); } while(0) | ||
16 | |||
17 | #define LOAD32L(x, y) \ | ||
18 | do { x = ((ulong32)((y)[3] & 255)<<24) | \ | ||
19 | ((ulong32)((y)[2] & 255)<<16) | \ | ||
20 | ((ulong32)((y)[1] & 255)<<8) | \ | ||
21 | ((ulong32)((y)[0] & 255)); } while(0) | ||
22 | |||
23 | #define STORE64L(x, y) \ | ||
24 | do { (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255); \ | ||
25 | (y)[5] = (unsigned char)(((x)>>40)&255); (y)[4] = (unsigned char)(((x)>>32)&255); \ | ||
26 | (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \ | ||
27 | (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); } while(0) | ||
28 | |||
29 | #define LOAD64L(x, y) \ | ||
30 | do { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48)| \ | ||
31 | (((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32)| \ | ||
32 | (((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16)| \ | ||
33 | (((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); } while(0) | ||
34 | |||
35 | #define STORE32H(x, y) \ | ||
36 | do { (y)[0] = (unsigned char)(((x)>>24)&255); (y)[1] = (unsigned char)(((x)>>16)&255); \ | ||
37 | (y)[2] = (unsigned char)(((x)>>8)&255); (y)[3] = (unsigned char)((x)&255); } while(0) | ||
38 | |||
39 | #define LOAD32H(x, y) \ | ||
40 | do { x = ((ulong32)((y)[0] & 255)<<24) | \ | ||
41 | ((ulong32)((y)[1] & 255)<<16) | \ | ||
42 | ((ulong32)((y)[2] & 255)<<8) | \ | ||
43 | ((ulong32)((y)[3] & 255)); } while(0) | ||
44 | |||
45 | #define STORE64H(x, y) \ | ||
46 | do { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \ | ||
47 | (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \ | ||
48 | (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \ | ||
49 | (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); } while(0) | ||
50 | |||
51 | #define LOAD64H(x, y) \ | ||
52 | do { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \ | ||
53 | (((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32) | \ | ||
54 | (((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16) | \ | ||
55 | (((ulong64)((y)[6] & 255))<<8)|(((ulong64)((y)[7] & 255))); } while(0) | ||
56 | |||
57 | |||
58 | #elif defined(ENDIAN_LITTLE) | ||
59 | |||
60 | #ifdef LTC_HAVE_BSWAP_BUILTIN | ||
61 | |||
62 | #define STORE32H(x, y) \ | ||
63 | do { ulong32 __t = __builtin_bswap32 ((x)); \ | ||
64 | XMEMCPY ((y), &__t, 4); } while(0) | ||
65 | |||
66 | #define LOAD32H(x, y) \ | ||
67 | do { XMEMCPY (&(x), (y), 4); \ | ||
68 | (x) = __builtin_bswap32 ((x)); } while(0) | ||
69 | |||
70 | #elif !defined(LTC_NO_BSWAP) && (defined(INTEL_CC) || (defined(__GNUC__) && (defined(__DJGPP__) || defined(__CYGWIN__) || defined(__MINGW32__) || defined(__i386__) || defined(__x86_64__)))) | ||
71 | |||
72 | #define STORE32H(x, y) \ | ||
73 | asm __volatile__ ( \ | ||
74 | "bswapl %0 \n\t" \ | ||
75 | "movl %0,(%1)\n\t" \ | ||
76 | "bswapl %0 \n\t" \ | ||
77 | ::"r"(x), "r"(y)); | ||
78 | |||
79 | #define LOAD32H(x, y) \ | ||
80 | asm __volatile__ ( \ | ||
81 | "movl (%1),%0\n\t" \ | ||
82 | "bswapl %0\n\t" \ | ||
83 | :"=r"(x): "r"(y)); | ||
84 | |||
85 | #else | ||
86 | |||
87 | #define STORE32H(x, y) \ | ||
88 | do { (y)[0] = (unsigned char)(((x)>>24)&255); (y)[1] = (unsigned char)(((x)>>16)&255); \ | ||
89 | (y)[2] = (unsigned char)(((x)>>8)&255); (y)[3] = (unsigned char)((x)&255); } while(0) | ||
90 | |||
91 | #define LOAD32H(x, y) \ | ||
92 | do { x = ((ulong32)((y)[0] & 255)<<24) | \ | ||
93 | ((ulong32)((y)[1] & 255)<<16) | \ | ||
94 | ((ulong32)((y)[2] & 255)<<8) | \ | ||
95 | ((ulong32)((y)[3] & 255)); } while(0) | ||
96 | |||
97 | #endif | ||
98 | |||
99 | #ifdef LTC_HAVE_BSWAP_BUILTIN | ||
100 | |||
101 | #define STORE64H(x, y) \ | ||
102 | do { ulong64 __t = __builtin_bswap64 ((x)); \ | ||
103 | XMEMCPY ((y), &__t, 8); } while(0) | ||
104 | |||
105 | #define LOAD64H(x, y) \ | ||
106 | do { XMEMCPY (&(x), (y), 8); \ | ||
107 | (x) = __builtin_bswap64 ((x)); } while(0) | ||
108 | |||
109 | /* x86_64 processor */ | ||
110 | #elif !defined(LTC_NO_BSWAP) && (defined(__GNUC__) && defined(__x86_64__)) | ||
111 | |||
112 | #define STORE64H(x, y) \ | ||
113 | asm __volatile__ ( \ | ||
114 | "bswapq %0 \n\t" \ | ||
115 | "movq %0,(%1)\n\t" \ | ||
116 | "bswapq %0 \n\t" \ | ||
117 | ::"r"(x), "r"(y): "memory"); | ||
118 | |||
119 | #define LOAD64H(x, y) \ | ||
120 | asm __volatile__ ( \ | ||
121 | "movq (%1),%0\n\t" \ | ||
122 | "bswapq %0\n\t" \ | ||
123 | :"=r"(x): "r"(y): "memory"); | ||
124 | |||
125 | #else | ||
126 | |||
127 | #define STORE64H(x, y) \ | ||
128 | do { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \ | ||
129 | (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \ | ||
130 | (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \ | ||
131 | (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); } while(0) | ||
132 | |||
133 | #define LOAD64H(x, y) \ | ||
134 | do { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \ | ||
135 | (((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32) | \ | ||
136 | (((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16) | \ | ||
137 | (((ulong64)((y)[6] & 255))<<8)|(((ulong64)((y)[7] & 255))); } while(0) | ||
138 | |||
139 | #endif | ||
140 | |||
141 | #ifdef ENDIAN_32BITWORD | ||
142 | |||
143 | #define STORE32L(x, y) \ | ||
144 | do { ulong32 __t = (x); XMEMCPY(y, &__t, 4); } while(0) | ||
145 | |||
146 | #define LOAD32L(x, y) \ | ||
147 | do { XMEMCPY(&(x), y, 4); } while(0) | ||
148 | |||
149 | #define STORE64L(x, y) \ | ||
150 | do { (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255); \ | ||
151 | (y)[5] = (unsigned char)(((x)>>40)&255); (y)[4] = (unsigned char)(((x)>>32)&255); \ | ||
152 | (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \ | ||
153 | (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); } while(0) | ||
154 | |||
155 | #define LOAD64L(x, y) \ | ||
156 | do { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48)| \ | ||
157 | (((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32)| \ | ||
158 | (((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16)| \ | ||
159 | (((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); } while(0) | ||
160 | |||
161 | #else /* 64-bit words then */ | ||
162 | |||
163 | #define STORE32L(x, y) \ | ||
164 | do { ulong32 __t = (x); XMEMCPY(y, &__t, 4); } while(0) | ||
165 | |||
166 | #define LOAD32L(x, y) \ | ||
167 | do { XMEMCPY(&(x), y, 4); x &= 0xFFFFFFFF; } while(0) | ||
168 | |||
169 | #define STORE64L(x, y) \ | ||
170 | do { ulong64 __t = (x); XMEMCPY(y, &__t, 8); } while(0) | ||
171 | |||
172 | #define LOAD64L(x, y) \ | ||
173 | do { XMEMCPY(&(x), y, 8); } while(0) | ||
174 | |||
175 | #endif /* ENDIAN_64BITWORD */ | ||
176 | |||
177 | #elif defined(ENDIAN_BIG) | ||
178 | |||
179 | #define STORE32L(x, y) \ | ||
180 | do { (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \ | ||
181 | (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); } while(0) | ||
182 | |||
183 | #define LOAD32L(x, y) \ | ||
184 | do { x = ((ulong32)((y)[3] & 255)<<24) | \ | ||
185 | ((ulong32)((y)[2] & 255)<<16) | \ | ||
186 | ((ulong32)((y)[1] & 255)<<8) | \ | ||
187 | ((ulong32)((y)[0] & 255)); } while(0) | ||
188 | |||
189 | #define STORE64L(x, y) \ | ||
190 | do { (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255); \ | ||
191 | (y)[5] = (unsigned char)(((x)>>40)&255); (y)[4] = (unsigned char)(((x)>>32)&255); \ | ||
192 | (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \ | ||
193 | (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); } while(0) | ||
194 | |||
195 | #define LOAD64L(x, y) \ | ||
196 | do { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48) | \ | ||
197 | (((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32) | \ | ||
198 | (((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16) | \ | ||
199 | (((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); } while(0) | ||
200 | |||
201 | #ifdef ENDIAN_32BITWORD | ||
202 | |||
203 | #define STORE32H(x, y) \ | ||
204 | do { ulong32 __t = (x); XMEMCPY(y, &__t, 4); } while(0) | ||
205 | |||
206 | #define LOAD32H(x, y) \ | ||
207 | do { XMEMCPY(&(x), y, 4); } while(0) | ||
208 | |||
209 | #define STORE64H(x, y) \ | ||
210 | do { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \ | ||
211 | (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \ | ||
212 | (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \ | ||
213 | (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); } while(0) | ||
214 | |||
215 | #define LOAD64H(x, y) \ | ||
216 | do { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48)| \ | ||
217 | (((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32)| \ | ||
218 | (((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16)| \ | ||
219 | (((ulong64)((y)[6] & 255))<<8)| (((ulong64)((y)[7] & 255))); } while(0) | ||
220 | |||
221 | #else /* 64-bit words then */ | ||
222 | |||
223 | #define STORE32H(x, y) \ | ||
224 | do { ulong32 __t = (x); XMEMCPY(y, &__t, 4); } while(0) | ||
225 | |||
226 | #define LOAD32H(x, y) \ | ||
227 | do { XMEMCPY(&(x), y, 4); x &= 0xFFFFFFFF; } while(0) | ||
228 | |||
229 | #define STORE64H(x, y) \ | ||
230 | do { ulong64 __t = (x); XMEMCPY(y, &__t, 8); } while(0) | ||
231 | |||
232 | #define LOAD64H(x, y) \ | ||
233 | do { XMEMCPY(&(x), y, 8); } while(0) | ||
234 | |||
235 | #endif /* ENDIAN_64BITWORD */ | ||
236 | #endif /* ENDIAN_BIG */ | ||
237 | |||
238 | #define BSWAP(x) ( ((x>>24)&0x000000FFUL) | ((x<<24)&0xFF000000UL) | \ | ||
239 | ((x>>8)&0x0000FF00UL) | ((x<<8)&0x00FF0000UL) ) | ||
240 | |||
241 | |||
242 | /* 32-bit Rotates */ | ||
243 | #if defined(_MSC_VER) | ||
244 | #define LTC_ROx_ASM | ||
245 | |||
246 | /* instrinsic rotate */ | ||
247 | #include <stdlib.h> | ||
248 | #pragma intrinsic(_lrotr,_lrotl) | ||
249 | #define ROR(x,n) _lrotr(x,n) | ||
250 | #define ROL(x,n) _lrotl(x,n) | ||
251 | #define RORc(x,n) _lrotr(x,n) | ||
252 | #define ROLc(x,n) _lrotl(x,n) | ||
253 | |||
254 | #elif !defined(__STRICT_ANSI__) && defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC) && !defined(LTC_NO_ASM) | ||
255 | #define LTC_ROx_ASM | ||
256 | |||
257 | static inline ulong32 ROL(ulong32 word, int i) | ||
258 | { | ||
259 | asm ("roll %%cl,%0" | ||
260 | :"=r" (word) | ||
261 | :"0" (word),"c" (i)); | ||
262 | return word; | ||
263 | } | ||
264 | |||
265 | static inline ulong32 ROR(ulong32 word, int i) | ||
266 | { | ||
267 | asm ("rorl %%cl,%0" | ||
268 | :"=r" (word) | ||
269 | :"0" (word),"c" (i)); | ||
270 | return word; | ||
271 | } | ||
272 | |||
273 | #ifndef LTC_NO_ROLC | ||
274 | |||
275 | #define ROLc(word,i) ({ \ | ||
276 | ulong32 __ROLc_tmp = (word); \ | ||
277 | __asm__ ("roll %2, %0" : \ | ||
278 | "=r" (__ROLc_tmp) : \ | ||
279 | "0" (__ROLc_tmp), \ | ||
280 | "I" (i)); \ | ||
281 | __ROLc_tmp; \ | ||
282 | }) | ||
283 | #define RORc(word,i) ({ \ | ||
284 | ulong32 __RORc_tmp = (word); \ | ||
285 | __asm__ ("rorl %2, %0" : \ | ||
286 | "=r" (__RORc_tmp) : \ | ||
287 | "0" (__RORc_tmp), \ | ||
288 | "I" (i)); \ | ||
289 | __RORc_tmp; \ | ||
290 | }) | ||
291 | |||
292 | #else | ||
293 | |||
294 | #define ROLc ROL | ||
295 | #define RORc ROR | ||
296 | |||
297 | #endif | ||
298 | |||
299 | #elif !defined(__STRICT_ANSI__) && defined(LTC_PPC32) | ||
300 | #define LTC_ROx_ASM | ||
301 | |||
302 | static inline ulong32 ROL(ulong32 word, int i) | ||
303 | { | ||
304 | asm ("rotlw %0,%0,%2" | ||
305 | :"=r" (word) | ||
306 | :"0" (word),"r" (i)); | ||
307 | return word; | ||
308 | } | ||
309 | |||
310 | static inline ulong32 ROR(ulong32 word, int i) | ||
311 | { | ||
312 | asm ("rotlw %0,%0,%2" | ||
313 | :"=r" (word) | ||
314 | :"0" (word),"r" (32-i)); | ||
315 | return word; | ||
316 | } | ||
317 | |||
318 | #ifndef LTC_NO_ROLC | ||
319 | |||
320 | static inline ulong32 ROLc(ulong32 word, const int i) | ||
321 | { | ||
322 | asm ("rotlwi %0,%0,%2" | ||
323 | :"=r" (word) | ||
324 | :"0" (word),"I" (i)); | ||
325 | return word; | ||
326 | } | ||
327 | |||
328 | static inline ulong32 RORc(ulong32 word, const int i) | ||
329 | { | ||
330 | asm ("rotrwi %0,%0,%2" | ||
331 | :"=r" (word) | ||
332 | :"0" (word),"I" (i)); | ||
333 | return word; | ||
334 | } | ||
335 | |||
336 | #else | ||
337 | |||
338 | #define ROLc ROL | ||
339 | #define RORc ROR | ||
340 | |||
341 | #endif | ||
342 | |||
343 | |||
344 | #else | ||
345 | |||
346 | /* rotates the hard way */ | ||
347 | #define ROL(x, y) ( (((ulong32)(x)<<(ulong32)((y)&31)) | (((ulong32)(x)&0xFFFFFFFFUL)>>(ulong32)((32-((y)&31))&31))) & 0xFFFFFFFFUL) | ||
348 | #define ROR(x, y) ( ((((ulong32)(x)&0xFFFFFFFFUL)>>(ulong32)((y)&31)) | ((ulong32)(x)<<(ulong32)((32-((y)&31))&31))) & 0xFFFFFFFFUL) | ||
349 | #define ROLc(x, y) ( (((ulong32)(x)<<(ulong32)((y)&31)) | (((ulong32)(x)&0xFFFFFFFFUL)>>(ulong32)((32-((y)&31))&31))) & 0xFFFFFFFFUL) | ||
350 | #define RORc(x, y) ( ((((ulong32)(x)&0xFFFFFFFFUL)>>(ulong32)((y)&31)) | ((ulong32)(x)<<(ulong32)((32-((y)&31))&31))) & 0xFFFFFFFFUL) | ||
351 | |||
352 | #endif | ||
353 | |||
354 | |||
355 | /* 64-bit Rotates */ | ||
356 | #if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(_WIN64) && !defined(LTC_NO_ASM) | ||
357 | |||
358 | static inline ulong64 ROL64(ulong64 word, int i) | ||
359 | { | ||
360 | asm("rolq %%cl,%0" | ||
361 | :"=r" (word) | ||
362 | :"0" (word),"c" (i)); | ||
363 | return word; | ||
364 | } | ||
365 | |||
366 | static inline ulong64 ROR64(ulong64 word, int i) | ||
367 | { | ||
368 | asm("rorq %%cl,%0" | ||
369 | :"=r" (word) | ||
370 | :"0" (word),"c" (i)); | ||
371 | return word; | ||
372 | } | ||
373 | |||
374 | #ifndef LTC_NO_ROLC | ||
375 | |||
376 | #define ROL64c(word,i) ({ \ | ||
377 | ulong64 __ROL64c_tmp = word; \ | ||
378 | __asm__ ("rolq %2, %0" : \ | ||
379 | "=r" (__ROL64c_tmp) : \ | ||
380 | "0" (__ROL64c_tmp), \ | ||
381 | "J" (i)); \ | ||
382 | __ROL64c_tmp; \ | ||
383 | }) | ||
384 | #define ROR64c(word,i) ({ \ | ||
385 | ulong64 __ROR64c_tmp = word; \ | ||
386 | __asm__ ("rorq %2, %0" : \ | ||
387 | "=r" (__ROR64c_tmp) : \ | ||
388 | "0" (__ROR64c_tmp), \ | ||
389 | "J" (i)); \ | ||
390 | __ROR64c_tmp; \ | ||
391 | }) | ||
392 | |||
393 | #else /* LTC_NO_ROLC */ | ||
394 | |||
395 | #define ROL64c ROL64 | ||
396 | #define ROR64c ROR64 | ||
397 | |||
398 | #endif | ||
399 | |||
400 | #else /* Not x86_64 */ | ||
401 | |||
402 | #define ROL64(x, y) \ | ||
403 | ( (((x)<<((ulong64)(y)&63)) | \ | ||
404 | (((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>(((ulong64)64-((y)&63))&63))) & CONST64(0xFFFFFFFFFFFFFFFF)) | ||
405 | |||
406 | #define ROR64(x, y) \ | ||
407 | ( ((((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)(y)&CONST64(63))) | \ | ||
408 | ((x)<<(((ulong64)64-((y)&63))&63))) & CONST64(0xFFFFFFFFFFFFFFFF)) | ||
409 | |||
410 | #define ROL64c(x, y) \ | ||
411 | ( (((x)<<((ulong64)(y)&63)) | \ | ||
412 | (((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>(((ulong64)64-((y)&63))&63))) & CONST64(0xFFFFFFFFFFFFFFFF)) | ||
413 | |||
414 | #define ROR64c(x, y) \ | ||
415 | ( ((((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)(y)&CONST64(63))) | \ | ||
416 | ((x)<<(((ulong64)64-((y)&63))&63))) & CONST64(0xFFFFFFFFFFFFFFFF)) | ||
417 | |||
418 | #endif | ||
419 | |||
420 | #ifndef MAX | ||
421 | #define MAX(x, y) ( ((x)>(y))?(x):(y) ) | ||
422 | #endif | ||
423 | |||
424 | #ifndef MIN | ||
425 | #define MIN(x, y) ( ((x)<(y))?(x):(y) ) | ||
426 | #endif | ||
427 | |||
428 | #ifndef LTC_UNUSED_PARAM | ||
429 | #define LTC_UNUSED_PARAM(x) (void)(x) | ||
430 | #endif | ||
431 | |||
432 | /* extract a byte portably */ | ||
433 | #ifdef _MSC_VER | ||
434 | #define byte(x, n) ((unsigned char)((x) >> (8 * (n)))) | ||
435 | #else | ||
436 | #define byte(x, n) (((x) >> (8 * (n))) & 255) | ||
437 | #endif | ||
438 | |||
439 | /* there is no snprintf before Visual C++ 2015 */ | ||
440 | #if defined(_MSC_VER) && _MSC_VER < 1900 | ||
441 | #define snprintf _snprintf | ||
442 | #endif | ||
443 | |||
444 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
445 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
446 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_math.h b/utils/tomcrypt/src/headers/tomcrypt_math.h new file mode 100644 index 0000000000..137e451ef1 --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_math.h | |||
@@ -0,0 +1,583 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /** math functions **/ | ||
11 | |||
12 | #define LTC_MP_LT -1 | ||
13 | #define LTC_MP_EQ 0 | ||
14 | #define LTC_MP_GT 1 | ||
15 | |||
16 | #define LTC_MP_NO 0 | ||
17 | #define LTC_MP_YES 1 | ||
18 | |||
19 | #ifndef LTC_MECC | ||
20 | typedef void ecc_point; | ||
21 | #endif | ||
22 | |||
23 | #ifndef LTC_MRSA | ||
24 | typedef void rsa_key; | ||
25 | #endif | ||
26 | |||
27 | #ifndef LTC_MILLER_RABIN_REPS | ||
28 | /* Number of rounds of the Miller-Rabin test | ||
29 | * "Reasonable values of reps are between 15 and 50." c.f. gmp doc of mpz_probab_prime_p() | ||
30 | * As of https://security.stackexchange.com/a/4546 we should use 40 rounds */ | ||
31 | #define LTC_MILLER_RABIN_REPS 40 | ||
32 | #endif | ||
33 | |||
34 | int radix_to_bin(const void *in, int radix, void *out, unsigned long *len); | ||
35 | |||
36 | /** math descriptor */ | ||
37 | typedef struct { | ||
38 | /** Name of the math provider */ | ||
39 | const char *name; | ||
40 | |||
41 | /** Bits per digit, amount of bits must fit in an unsigned long */ | ||
42 | int bits_per_digit; | ||
43 | |||
44 | /* ---- init/deinit functions ---- */ | ||
45 | |||
46 | /** initialize a bignum | ||
47 | @param a The number to initialize | ||
48 | @return CRYPT_OK on success | ||
49 | */ | ||
50 | int (*init)(void **a); | ||
51 | |||
52 | /** init copy | ||
53 | @param dst The number to initialize and write to | ||
54 | @param src The number to copy from | ||
55 | @return CRYPT_OK on success | ||
56 | */ | ||
57 | int (*init_copy)(void **dst, void *src); | ||
58 | |||
59 | /** deinit | ||
60 | @param a The number to free | ||
61 | @return CRYPT_OK on success | ||
62 | */ | ||
63 | void (*deinit)(void *a); | ||
64 | |||
65 | /* ---- data movement ---- */ | ||
66 | |||
67 | /** negate | ||
68 | @param src The number to negate | ||
69 | @param dst The destination | ||
70 | @return CRYPT_OK on success | ||
71 | */ | ||
72 | int (*neg)(void *src, void *dst); | ||
73 | |||
74 | /** copy | ||
75 | @param src The number to copy from | ||
76 | @param dst The number to write to | ||
77 | @return CRYPT_OK on success | ||
78 | */ | ||
79 | int (*copy)(void *src, void *dst); | ||
80 | |||
81 | /* ---- trivial low level functions ---- */ | ||
82 | |||
83 | /** set small constant | ||
84 | @param a Number to write to | ||
85 | @param n Source upto bits_per_digit (actually meant for very small constants) | ||
86 | @return CRYPT_OK on success | ||
87 | */ | ||
88 | int (*set_int)(void *a, ltc_mp_digit n); | ||
89 | |||
90 | /** get small constant | ||
91 | @param a Small number to read, | ||
92 | only fetches up to bits_per_digit from the number | ||
93 | @return The lower bits_per_digit of the integer (unsigned) | ||
94 | */ | ||
95 | unsigned long (*get_int)(void *a); | ||
96 | |||
97 | /** get digit n | ||
98 | @param a The number to read from | ||
99 | @param n The number of the digit to fetch | ||
100 | @return The bits_per_digit sized n'th digit of a | ||
101 | */ | ||
102 | ltc_mp_digit (*get_digit)(void *a, int n); | ||
103 | |||
104 | /** Get the number of digits that represent the number | ||
105 | @param a The number to count | ||
106 | @return The number of digits used to represent the number | ||
107 | */ | ||
108 | int (*get_digit_count)(void *a); | ||
109 | |||
110 | /** compare two integers | ||
111 | @param a The left side integer | ||
112 | @param b The right side integer | ||
113 | @return LTC_MP_LT if a < b, | ||
114 | LTC_MP_GT if a > b and | ||
115 | LTC_MP_EQ otherwise. (signed comparison) | ||
116 | */ | ||
117 | int (*compare)(void *a, void *b); | ||
118 | |||
119 | /** compare against int | ||
120 | @param a The left side integer | ||
121 | @param b The right side integer (upto bits_per_digit) | ||
122 | @return LTC_MP_LT if a < b, | ||
123 | LTC_MP_GT if a > b and | ||
124 | LTC_MP_EQ otherwise. (signed comparison) | ||
125 | */ | ||
126 | int (*compare_d)(void *a, ltc_mp_digit n); | ||
127 | |||
128 | /** Count the number of bits used to represent the integer | ||
129 | @param a The integer to count | ||
130 | @return The number of bits required to represent the integer | ||
131 | */ | ||
132 | int (*count_bits)(void * a); | ||
133 | |||
134 | /** Count the number of LSB bits which are zero | ||
135 | @param a The integer to count | ||
136 | @return The number of contiguous zero LSB bits | ||
137 | */ | ||
138 | int (*count_lsb_bits)(void *a); | ||
139 | |||
140 | /** Compute a power of two | ||
141 | @param a The integer to store the power in | ||
142 | @param n The power of two you want to store (a = 2^n) | ||
143 | @return CRYPT_OK on success | ||
144 | */ | ||
145 | int (*twoexpt)(void *a , int n); | ||
146 | |||
147 | /* ---- radix conversions ---- */ | ||
148 | |||
149 | /** read ascii string | ||
150 | @param a The integer to store into | ||
151 | @param str The string to read | ||
152 | @param radix The radix the integer has been represented in (2-64) | ||
153 | @return CRYPT_OK on success | ||
154 | */ | ||
155 | int (*read_radix)(void *a, const char *str, int radix); | ||
156 | |||
157 | /** write number to string | ||
158 | @param a The integer to store | ||
159 | @param str The destination for the string | ||
160 | @param radix The radix the integer is to be represented in (2-64) | ||
161 | @return CRYPT_OK on success | ||
162 | */ | ||
163 | int (*write_radix)(void *a, char *str, int radix); | ||
164 | |||
165 | /** get size as unsigned char string | ||
166 | @param a The integer to get the size (when stored in array of octets) | ||
167 | @return The length of the integer in octets | ||
168 | */ | ||
169 | unsigned long (*unsigned_size)(void *a); | ||
170 | |||
171 | /** store an integer as an array of octets | ||
172 | @param src The integer to store | ||
173 | @param dst The buffer to store the integer in | ||
174 | @return CRYPT_OK on success | ||
175 | */ | ||
176 | int (*unsigned_write)(void *src, unsigned char *dst); | ||
177 | |||
178 | /** read an array of octets and store as integer | ||
179 | @param dst The integer to load | ||
180 | @param src The array of octets | ||
181 | @param len The number of octets | ||
182 | @return CRYPT_OK on success | ||
183 | */ | ||
184 | int (*unsigned_read)( void *dst, | ||
185 | unsigned char *src, | ||
186 | unsigned long len); | ||
187 | |||
188 | /* ---- basic math ---- */ | ||
189 | |||
190 | /** add two integers | ||
191 | @param a The first source integer | ||
192 | @param b The second source integer | ||
193 | @param c The destination of "a + b" | ||
194 | @return CRYPT_OK on success | ||
195 | */ | ||
196 | int (*add)(void *a, void *b, void *c); | ||
197 | |||
198 | /** add two integers | ||
199 | @param a The first source integer | ||
200 | @param b The second source integer | ||
201 | (single digit of upto bits_per_digit in length) | ||
202 | @param c The destination of "a + b" | ||
203 | @return CRYPT_OK on success | ||
204 | */ | ||
205 | int (*addi)(void *a, ltc_mp_digit b, void *c); | ||
206 | |||
207 | /** subtract two integers | ||
208 | @param a The first source integer | ||
209 | @param b The second source integer | ||
210 | @param c The destination of "a - b" | ||
211 | @return CRYPT_OK on success | ||
212 | */ | ||
213 | int (*sub)(void *a, void *b, void *c); | ||
214 | |||
215 | /** subtract two integers | ||
216 | @param a The first source integer | ||
217 | @param b The second source integer | ||
218 | (single digit of upto bits_per_digit in length) | ||
219 | @param c The destination of "a - b" | ||
220 | @return CRYPT_OK on success | ||
221 | */ | ||
222 | int (*subi)(void *a, ltc_mp_digit b, void *c); | ||
223 | |||
224 | /** multiply two integers | ||
225 | @param a The first source integer | ||
226 | @param b The second source integer | ||
227 | (single digit of upto bits_per_digit in length) | ||
228 | @param c The destination of "a * b" | ||
229 | @return CRYPT_OK on success | ||
230 | */ | ||
231 | int (*mul)(void *a, void *b, void *c); | ||
232 | |||
233 | /** multiply two integers | ||
234 | @param a The first source integer | ||
235 | @param b The second source integer | ||
236 | (single digit of upto bits_per_digit in length) | ||
237 | @param c The destination of "a * b" | ||
238 | @return CRYPT_OK on success | ||
239 | */ | ||
240 | int (*muli)(void *a, ltc_mp_digit b, void *c); | ||
241 | |||
242 | /** Square an integer | ||
243 | @param a The integer to square | ||
244 | @param b The destination | ||
245 | @return CRYPT_OK on success | ||
246 | */ | ||
247 | int (*sqr)(void *a, void *b); | ||
248 | |||
249 | /** Divide an integer | ||
250 | @param a The dividend | ||
251 | @param b The divisor | ||
252 | @param c The quotient (can be NULL to signify don't care) | ||
253 | @param d The remainder (can be NULL to signify don't care) | ||
254 | @return CRYPT_OK on success | ||
255 | */ | ||
256 | int (*mpdiv)(void *a, void *b, void *c, void *d); | ||
257 | |||
258 | /** divide by two | ||
259 | @param a The integer to divide (shift right) | ||
260 | @param b The destination | ||
261 | @return CRYPT_OK on success | ||
262 | */ | ||
263 | int (*div_2)(void *a, void *b); | ||
264 | |||
265 | /** Get remainder (small value) | ||
266 | @param a The integer to reduce | ||
267 | @param b The modulus (upto bits_per_digit in length) | ||
268 | @param c The destination for the residue | ||
269 | @return CRYPT_OK on success | ||
270 | */ | ||
271 | int (*modi)(void *a, ltc_mp_digit b, ltc_mp_digit *c); | ||
272 | |||
273 | /** gcd | ||
274 | @param a The first integer | ||
275 | @param b The second integer | ||
276 | @param c The destination for (a, b) | ||
277 | @return CRYPT_OK on success | ||
278 | */ | ||
279 | int (*gcd)(void *a, void *b, void *c); | ||
280 | |||
281 | /** lcm | ||
282 | @param a The first integer | ||
283 | @param b The second integer | ||
284 | @param c The destination for [a, b] | ||
285 | @return CRYPT_OK on success | ||
286 | */ | ||
287 | int (*lcm)(void *a, void *b, void *c); | ||
288 | |||
289 | /** Modular multiplication | ||
290 | @param a The first source | ||
291 | @param b The second source | ||
292 | @param c The modulus | ||
293 | @param d The destination (a*b mod c) | ||
294 | @return CRYPT_OK on success | ||
295 | */ | ||
296 | int (*mulmod)(void *a, void *b, void *c, void *d); | ||
297 | |||
298 | /** Modular squaring | ||
299 | @param a The first source | ||
300 | @param b The modulus | ||
301 | @param c The destination (a*a mod b) | ||
302 | @return CRYPT_OK on success | ||
303 | */ | ||
304 | int (*sqrmod)(void *a, void *b, void *c); | ||
305 | |||
306 | /** Modular inversion | ||
307 | @param a The value to invert | ||
308 | @param b The modulus | ||
309 | @param c The destination (1/a mod b) | ||
310 | @return CRYPT_OK on success | ||
311 | */ | ||
312 | int (*invmod)(void *, void *, void *); | ||
313 | |||
314 | /* ---- reduction ---- */ | ||
315 | |||
316 | /** setup Montgomery | ||
317 | @param a The modulus | ||
318 | @param b The destination for the reduction digit | ||
319 | @return CRYPT_OK on success | ||
320 | */ | ||
321 | int (*montgomery_setup)(void *a, void **b); | ||
322 | |||
323 | /** get normalization value | ||
324 | @param a The destination for the normalization value | ||
325 | @param b The modulus | ||
326 | @return CRYPT_OK on success | ||
327 | */ | ||
328 | int (*montgomery_normalization)(void *a, void *b); | ||
329 | |||
330 | /** reduce a number | ||
331 | @param a The number [and dest] to reduce | ||
332 | @param b The modulus | ||
333 | @param c The value "b" from montgomery_setup() | ||
334 | @return CRYPT_OK on success | ||
335 | */ | ||
336 | int (*montgomery_reduce)(void *a, void *b, void *c); | ||
337 | |||
338 | /** clean up (frees memory) | ||
339 | @param a The value "b" from montgomery_setup() | ||
340 | @return CRYPT_OK on success | ||
341 | */ | ||
342 | void (*montgomery_deinit)(void *a); | ||
343 | |||
344 | /* ---- exponentiation ---- */ | ||
345 | |||
346 | /** Modular exponentiation | ||
347 | @param a The base integer | ||
348 | @param b The power (can be negative) integer | ||
349 | @param c The modulus integer | ||
350 | @param d The destination | ||
351 | @return CRYPT_OK on success | ||
352 | */ | ||
353 | int (*exptmod)(void *a, void *b, void *c, void *d); | ||
354 | |||
355 | /** Primality testing | ||
356 | @param a The integer to test | ||
357 | @param b The number of Miller-Rabin tests that shall be executed | ||
358 | @param c The destination of the result (FP_YES if prime) | ||
359 | @return CRYPT_OK on success | ||
360 | */ | ||
361 | int (*isprime)(void *a, int b, int *c); | ||
362 | |||
363 | /* ---- (optional) ecc point math ---- */ | ||
364 | |||
365 | /** ECC GF(p) point multiplication (from the NIST curves) | ||
366 | @param k The integer to multiply the point by | ||
367 | @param G The point to multiply | ||
368 | @param R The destination for kG | ||
369 | @param modulus The modulus for the field | ||
370 | @param map Boolean indicated whether to map back to affine or not | ||
371 | (can be ignored if you work in affine only) | ||
372 | @return CRYPT_OK on success | ||
373 | */ | ||
374 | int (*ecc_ptmul)( void *k, | ||
375 | ecc_point *G, | ||
376 | ecc_point *R, | ||
377 | void *modulus, | ||
378 | int map); | ||
379 | |||
380 | /** ECC GF(p) point addition | ||
381 | @param P The first point | ||
382 | @param Q The second point | ||
383 | @param R The destination of P + Q | ||
384 | @param modulus The modulus | ||
385 | @param mp The "b" value from montgomery_setup() | ||
386 | @return CRYPT_OK on success | ||
387 | */ | ||
388 | int (*ecc_ptadd)(ecc_point *P, | ||
389 | ecc_point *Q, | ||
390 | ecc_point *R, | ||
391 | void *modulus, | ||
392 | void *mp); | ||
393 | |||
394 | /** ECC GF(p) point double | ||
395 | @param P The first point | ||
396 | @param R The destination of 2P | ||
397 | @param modulus The modulus | ||
398 | @param mp The "b" value from montgomery_setup() | ||
399 | @return CRYPT_OK on success | ||
400 | */ | ||
401 | int (*ecc_ptdbl)(ecc_point *P, | ||
402 | ecc_point *R, | ||
403 | void *modulus, | ||
404 | void *mp); | ||
405 | |||
406 | /** ECC mapping from projective to affine, | ||
407 | currently uses (x,y,z) => (x/z^2, y/z^3, 1) | ||
408 | @param P The point to map | ||
409 | @param modulus The modulus | ||
410 | @param mp The "b" value from montgomery_setup() | ||
411 | @return CRYPT_OK on success | ||
412 | @remark The mapping can be different but keep in mind a | ||
413 | ecc_point only has three integers (x,y,z) so if | ||
414 | you use a different mapping you have to make it fit. | ||
415 | */ | ||
416 | int (*ecc_map)(ecc_point *P, void *modulus, void *mp); | ||
417 | |||
418 | /** Computes kA*A + kB*B = C using Shamir's Trick | ||
419 | @param A First point to multiply | ||
420 | @param kA What to multiple A by | ||
421 | @param B Second point to multiply | ||
422 | @param kB What to multiple B by | ||
423 | @param C [out] Destination point (can overlap with A or B) | ||
424 | @param modulus Modulus for curve | ||
425 | @return CRYPT_OK on success | ||
426 | */ | ||
427 | int (*ecc_mul2add)(ecc_point *A, void *kA, | ||
428 | ecc_point *B, void *kB, | ||
429 | ecc_point *C, | ||
430 | void *modulus); | ||
431 | |||
432 | /* ---- (optional) rsa optimized math (for internal CRT) ---- */ | ||
433 | |||
434 | /** RSA Key Generation | ||
435 | @param prng An active PRNG state | ||
436 | @param wprng The index of the PRNG desired | ||
437 | @param size The size of the key in octets | ||
438 | @param e The "e" value (public key). | ||
439 | e==65537 is a good choice | ||
440 | @param key [out] Destination of a newly created private key pair | ||
441 | @return CRYPT_OK if successful, upon error all allocated ram is freed | ||
442 | */ | ||
443 | int (*rsa_keygen)(prng_state *prng, | ||
444 | int wprng, | ||
445 | int size, | ||
446 | long e, | ||
447 | rsa_key *key); | ||
448 | |||
449 | /** RSA exponentiation | ||
450 | @param in The octet array representing the base | ||
451 | @param inlen The length of the input | ||
452 | @param out The destination (to be stored in an octet array format) | ||
453 | @param outlen The length of the output buffer and the resulting size | ||
454 | (zero padded to the size of the modulus) | ||
455 | @param which PK_PUBLIC for public RSA and PK_PRIVATE for private RSA | ||
456 | @param key The RSA key to use | ||
457 | @return CRYPT_OK on success | ||
458 | */ | ||
459 | int (*rsa_me)(const unsigned char *in, unsigned long inlen, | ||
460 | unsigned char *out, unsigned long *outlen, int which, | ||
461 | rsa_key *key); | ||
462 | |||
463 | /* ---- basic math continued ---- */ | ||
464 | |||
465 | /** Modular addition | ||
466 | @param a The first source | ||
467 | @param b The second source | ||
468 | @param c The modulus | ||
469 | @param d The destination (a + b mod c) | ||
470 | @return CRYPT_OK on success | ||
471 | */ | ||
472 | int (*addmod)(void *a, void *b, void *c, void *d); | ||
473 | |||
474 | /** Modular substraction | ||
475 | @param a The first source | ||
476 | @param b The second source | ||
477 | @param c The modulus | ||
478 | @param d The destination (a - b mod c) | ||
479 | @return CRYPT_OK on success | ||
480 | */ | ||
481 | int (*submod)(void *a, void *b, void *c, void *d); | ||
482 | |||
483 | /* ---- misc stuff ---- */ | ||
484 | |||
485 | /** Make a pseudo-random mpi | ||
486 | @param a The mpi to make random | ||
487 | @param size The desired length | ||
488 | @return CRYPT_OK on success | ||
489 | */ | ||
490 | int (*rand)(void *a, int size); | ||
491 | } ltc_math_descriptor; | ||
492 | |||
493 | extern ltc_math_descriptor ltc_mp; | ||
494 | |||
495 | int ltc_init_multi(void **a, ...); | ||
496 | void ltc_deinit_multi(void *a, ...); | ||
497 | void ltc_cleanup_multi(void **a, ...); | ||
498 | |||
499 | #ifdef LTM_DESC | ||
500 | extern const ltc_math_descriptor ltm_desc; | ||
501 | #endif | ||
502 | |||
503 | #ifdef TFM_DESC | ||
504 | extern const ltc_math_descriptor tfm_desc; | ||
505 | #endif | ||
506 | |||
507 | #ifdef GMP_DESC | ||
508 | extern const ltc_math_descriptor gmp_desc; | ||
509 | #endif | ||
510 | |||
511 | #if !defined(DESC_DEF_ONLY) && defined(LTC_SOURCE) | ||
512 | |||
513 | #define MP_DIGIT_BIT ltc_mp.bits_per_digit | ||
514 | |||
515 | /* some handy macros */ | ||
516 | #define mp_init(a) ltc_mp.init(a) | ||
517 | #define mp_init_multi ltc_init_multi | ||
518 | #define mp_clear(a) ltc_mp.deinit(a) | ||
519 | #define mp_clear_multi ltc_deinit_multi | ||
520 | #define mp_cleanup_multi ltc_cleanup_multi | ||
521 | #define mp_init_copy(a, b) ltc_mp.init_copy(a, b) | ||
522 | |||
523 | #define mp_neg(a, b) ltc_mp.neg(a, b) | ||
524 | #define mp_copy(a, b) ltc_mp.copy(a, b) | ||
525 | |||
526 | #define mp_set(a, b) ltc_mp.set_int(a, b) | ||
527 | #define mp_set_int(a, b) ltc_mp.set_int(a, b) | ||
528 | #define mp_get_int(a) ltc_mp.get_int(a) | ||
529 | #define mp_get_digit(a, n) ltc_mp.get_digit(a, n) | ||
530 | #define mp_get_digit_count(a) ltc_mp.get_digit_count(a) | ||
531 | #define mp_cmp(a, b) ltc_mp.compare(a, b) | ||
532 | #define mp_cmp_d(a, b) ltc_mp.compare_d(a, b) | ||
533 | #define mp_count_bits(a) ltc_mp.count_bits(a) | ||
534 | #define mp_cnt_lsb(a) ltc_mp.count_lsb_bits(a) | ||
535 | #define mp_2expt(a, b) ltc_mp.twoexpt(a, b) | ||
536 | |||
537 | #define mp_read_radix(a, b, c) ltc_mp.read_radix(a, b, c) | ||
538 | #define mp_toradix(a, b, c) ltc_mp.write_radix(a, b, c) | ||
539 | #define mp_unsigned_bin_size(a) ltc_mp.unsigned_size(a) | ||
540 | #define mp_to_unsigned_bin(a, b) ltc_mp.unsigned_write(a, b) | ||
541 | #define mp_read_unsigned_bin(a, b, c) ltc_mp.unsigned_read(a, b, c) | ||
542 | |||
543 | #define mp_add(a, b, c) ltc_mp.add(a, b, c) | ||
544 | #define mp_add_d(a, b, c) ltc_mp.addi(a, b, c) | ||
545 | #define mp_sub(a, b, c) ltc_mp.sub(a, b, c) | ||
546 | #define mp_sub_d(a, b, c) ltc_mp.subi(a, b, c) | ||
547 | #define mp_mul(a, b, c) ltc_mp.mul(a, b, c) | ||
548 | #define mp_mul_d(a, b, c) ltc_mp.muli(a, b, c) | ||
549 | #define mp_sqr(a, b) ltc_mp.sqr(a, b) | ||
550 | #define mp_div(a, b, c, d) ltc_mp.mpdiv(a, b, c, d) | ||
551 | #define mp_div_2(a, b) ltc_mp.div_2(a, b) | ||
552 | #define mp_mod(a, b, c) ltc_mp.mpdiv(a, b, NULL, c) | ||
553 | #define mp_mod_d(a, b, c) ltc_mp.modi(a, b, c) | ||
554 | #define mp_gcd(a, b, c) ltc_mp.gcd(a, b, c) | ||
555 | #define mp_lcm(a, b, c) ltc_mp.lcm(a, b, c) | ||
556 | |||
557 | #define mp_addmod(a, b, c, d) ltc_mp.addmod(a, b, c, d) | ||
558 | #define mp_submod(a, b, c, d) ltc_mp.submod(a, b, c, d) | ||
559 | #define mp_mulmod(a, b, c, d) ltc_mp.mulmod(a, b, c, d) | ||
560 | #define mp_sqrmod(a, b, c) ltc_mp.sqrmod(a, b, c) | ||
561 | #define mp_invmod(a, b, c) ltc_mp.invmod(a, b, c) | ||
562 | |||
563 | #define mp_montgomery_setup(a, b) ltc_mp.montgomery_setup(a, b) | ||
564 | #define mp_montgomery_normalization(a, b) ltc_mp.montgomery_normalization(a, b) | ||
565 | #define mp_montgomery_reduce(a, b, c) ltc_mp.montgomery_reduce(a, b, c) | ||
566 | #define mp_montgomery_free(a) ltc_mp.montgomery_deinit(a) | ||
567 | |||
568 | #define mp_exptmod(a,b,c,d) ltc_mp.exptmod(a,b,c,d) | ||
569 | #define mp_prime_is_prime(a, b, c) ltc_mp.isprime(a, b, c) | ||
570 | |||
571 | #define mp_iszero(a) (mp_cmp_d(a, 0) == LTC_MP_EQ ? LTC_MP_YES : LTC_MP_NO) | ||
572 | #define mp_isodd(a) (mp_get_digit_count(a) > 0 ? (mp_get_digit(a, 0) & 1 ? LTC_MP_YES : LTC_MP_NO) : LTC_MP_NO) | ||
573 | #define mp_exch(a, b) do { void *ABC__tmp = a; a = b; b = ABC__tmp; } while(0) | ||
574 | |||
575 | #define mp_tohex(a, b) mp_toradix(a, b, 16) | ||
576 | |||
577 | #define mp_rand(a, b) ltc_mp.rand(a, b) | ||
578 | |||
579 | #endif | ||
580 | |||
581 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
582 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
583 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_misc.h b/utils/tomcrypt/src/headers/tomcrypt_misc.h new file mode 100644 index 0000000000..2460d66539 --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_misc.h | |||
@@ -0,0 +1,113 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* ---- LTC_BASE64 Routines ---- */ | ||
11 | #ifdef LTC_BASE64 | ||
12 | int base64_encode(const unsigned char *in, unsigned long len, | ||
13 | unsigned char *out, unsigned long *outlen); | ||
14 | |||
15 | int base64_decode(const unsigned char *in, unsigned long len, | ||
16 | unsigned char *out, unsigned long *outlen); | ||
17 | int base64_strict_decode(const unsigned char *in, unsigned long len, | ||
18 | unsigned char *out, unsigned long *outlen); | ||
19 | #endif | ||
20 | |||
21 | #ifdef LTC_BASE64_URL | ||
22 | int base64url_encode(const unsigned char *in, unsigned long len, | ||
23 | unsigned char *out, unsigned long *outlen); | ||
24 | int base64url_strict_encode(const unsigned char *in, unsigned long inlen, | ||
25 | unsigned char *out, unsigned long *outlen); | ||
26 | |||
27 | int base64url_decode(const unsigned char *in, unsigned long len, | ||
28 | unsigned char *out, unsigned long *outlen); | ||
29 | int base64url_strict_decode(const unsigned char *in, unsigned long len, | ||
30 | unsigned char *out, unsigned long *outlen); | ||
31 | #endif | ||
32 | |||
33 | /* ===> LTC_HKDF -- RFC5869 HMAC-based Key Derivation Function <=== */ | ||
34 | #ifdef LTC_HKDF | ||
35 | |||
36 | int hkdf_test(void); | ||
37 | |||
38 | int hkdf_extract(int hash_idx, | ||
39 | const unsigned char *salt, unsigned long saltlen, | ||
40 | const unsigned char *in, unsigned long inlen, | ||
41 | unsigned char *out, unsigned long *outlen); | ||
42 | |||
43 | int hkdf_expand(int hash_idx, | ||
44 | const unsigned char *info, unsigned long infolen, | ||
45 | const unsigned char *in, unsigned long inlen, | ||
46 | unsigned char *out, unsigned long outlen); | ||
47 | |||
48 | int hkdf(int hash_idx, | ||
49 | const unsigned char *salt, unsigned long saltlen, | ||
50 | const unsigned char *info, unsigned long infolen, | ||
51 | const unsigned char *in, unsigned long inlen, | ||
52 | unsigned char *out, unsigned long outlen); | ||
53 | |||
54 | #endif /* LTC_HKDF */ | ||
55 | |||
56 | /* ---- MEM routines ---- */ | ||
57 | int mem_neq(const void *a, const void *b, size_t len); | ||
58 | void zeromem(volatile void *dst, size_t len); | ||
59 | void burn_stack(unsigned long len); | ||
60 | |||
61 | const char *error_to_string(int err); | ||
62 | |||
63 | extern const char *crypt_build_settings; | ||
64 | |||
65 | /* ---- HMM ---- */ | ||
66 | int crypt_fsa(void *mp, ...); | ||
67 | |||
68 | /* ---- Dynamic language support ---- */ | ||
69 | int crypt_get_constant(const char* namein, int *valueout); | ||
70 | int crypt_list_all_constants(char *names_list, unsigned int *names_list_size); | ||
71 | |||
72 | int crypt_get_size(const char* namein, unsigned int *sizeout); | ||
73 | int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size); | ||
74 | |||
75 | #ifdef LTM_DESC | ||
76 | void init_LTM(void); | ||
77 | #endif | ||
78 | #ifdef TFM_DESC | ||
79 | void init_TFM(void); | ||
80 | #endif | ||
81 | #ifdef GMP_DESC | ||
82 | void init_GMP(void); | ||
83 | #endif | ||
84 | |||
85 | #ifdef LTC_ADLER32 | ||
86 | typedef struct adler32_state_s | ||
87 | { | ||
88 | unsigned short s[2]; | ||
89 | } adler32_state; | ||
90 | |||
91 | void adler32_init(adler32_state *ctx); | ||
92 | void adler32_update(adler32_state *ctx, const unsigned char *input, unsigned long length); | ||
93 | void adler32_finish(adler32_state *ctx, void *hash, unsigned long size); | ||
94 | int adler32_test(void); | ||
95 | #endif | ||
96 | |||
97 | #ifdef LTC_CRC32 | ||
98 | typedef struct crc32_state_s | ||
99 | { | ||
100 | ulong32 crc; | ||
101 | } crc32_state; | ||
102 | |||
103 | void crc32_init(crc32_state *ctx); | ||
104 | void crc32_update(crc32_state *ctx, const unsigned char *input, unsigned long length); | ||
105 | void crc32_finish(crc32_state *ctx, void *hash, unsigned long size); | ||
106 | int crc32_test(void); | ||
107 | #endif | ||
108 | |||
109 | int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which); | ||
110 | |||
111 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
112 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
113 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_pk.h b/utils/tomcrypt/src/headers/tomcrypt_pk.h new file mode 100644 index 0000000000..4306bc3777 --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_pk.h | |||
@@ -0,0 +1,747 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* ---- NUMBER THEORY ---- */ | ||
11 | |||
12 | enum { | ||
13 | PK_PUBLIC=0, | ||
14 | PK_PRIVATE=1 | ||
15 | }; | ||
16 | |||
17 | /* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */ | ||
18 | #define PK_STD 0x1000 | ||
19 | |||
20 | int rand_prime(void *N, long len, prng_state *prng, int wprng); | ||
21 | |||
22 | #ifdef LTC_SOURCE | ||
23 | /* internal helper functions */ | ||
24 | int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng); | ||
25 | int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng); | ||
26 | |||
27 | enum public_key_algorithms { | ||
28 | PKA_RSA, | ||
29 | PKA_DSA | ||
30 | }; | ||
31 | |||
32 | typedef struct Oid { | ||
33 | unsigned long OID[16]; | ||
34 | /** Number of OID digits in use */ | ||
35 | unsigned long OIDlen; | ||
36 | } oid_st; | ||
37 | |||
38 | int pk_get_oid(int pk, oid_st *st); | ||
39 | #endif /* LTC_SOURCE */ | ||
40 | |||
41 | /* ---- RSA ---- */ | ||
42 | #ifdef LTC_MRSA | ||
43 | |||
44 | /** RSA PKCS style key */ | ||
45 | typedef struct Rsa_key { | ||
46 | /** Type of key, PK_PRIVATE or PK_PUBLIC */ | ||
47 | int type; | ||
48 | /** The public exponent */ | ||
49 | void *e; | ||
50 | /** The private exponent */ | ||
51 | void *d; | ||
52 | /** The modulus */ | ||
53 | void *N; | ||
54 | /** The p factor of N */ | ||
55 | void *p; | ||
56 | /** The q factor of N */ | ||
57 | void *q; | ||
58 | /** The 1/q mod p CRT param */ | ||
59 | void *qP; | ||
60 | /** The d mod (p - 1) CRT param */ | ||
61 | void *dP; | ||
62 | /** The d mod (q - 1) CRT param */ | ||
63 | void *dQ; | ||
64 | } rsa_key; | ||
65 | |||
66 | int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key); | ||
67 | |||
68 | int rsa_get_size(rsa_key *key); | ||
69 | |||
70 | int rsa_exptmod(const unsigned char *in, unsigned long inlen, | ||
71 | unsigned char *out, unsigned long *outlen, int which, | ||
72 | rsa_key *key); | ||
73 | |||
74 | void rsa_free(rsa_key *key); | ||
75 | |||
76 | /* These use PKCS #1 v2.0 padding */ | ||
77 | #define rsa_encrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, _key) \ | ||
78 | rsa_encrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, LTC_PKCS_1_OAEP, _key) | ||
79 | |||
80 | #define rsa_decrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, _stat, _key) \ | ||
81 | rsa_decrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, LTC_PKCS_1_OAEP, _stat, _key) | ||
82 | |||
83 | #define rsa_sign_hash(_in, _inlen, _out, _outlen, _prng, _prng_idx, _hash_idx, _saltlen, _key) \ | ||
84 | rsa_sign_hash_ex(_in, _inlen, _out, _outlen, LTC_PKCS_1_PSS, _prng, _prng_idx, _hash_idx, _saltlen, _key) | ||
85 | |||
86 | #define rsa_verify_hash(_sig, _siglen, _hash, _hashlen, _hash_idx, _saltlen, _stat, _key) \ | ||
87 | rsa_verify_hash_ex(_sig, _siglen, _hash, _hashlen, LTC_PKCS_1_PSS, _hash_idx, _saltlen, _stat, _key) | ||
88 | |||
89 | #define rsa_sign_saltlen_get_max(_hash_idx, _key) \ | ||
90 | rsa_sign_saltlen_get_max_ex(LTC_PKCS_1_PSS, _hash_idx, _key) | ||
91 | |||
92 | /* These can be switched between PKCS #1 v2.x and PKCS #1 v1.5 paddings */ | ||
93 | int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, | ||
94 | unsigned char *out, unsigned long *outlen, | ||
95 | const unsigned char *lparam, unsigned long lparamlen, | ||
96 | prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key); | ||
97 | |||
98 | int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, | ||
99 | unsigned char *out, unsigned long *outlen, | ||
100 | const unsigned char *lparam, unsigned long lparamlen, | ||
101 | int hash_idx, int padding, | ||
102 | int *stat, rsa_key *key); | ||
103 | |||
104 | int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, | ||
105 | unsigned char *out, unsigned long *outlen, | ||
106 | int padding, | ||
107 | prng_state *prng, int prng_idx, | ||
108 | int hash_idx, unsigned long saltlen, | ||
109 | rsa_key *key); | ||
110 | |||
111 | int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, | ||
112 | const unsigned char *hash, unsigned long hashlen, | ||
113 | int padding, | ||
114 | int hash_idx, unsigned long saltlen, | ||
115 | int *stat, rsa_key *key); | ||
116 | |||
117 | int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, rsa_key *key); | ||
118 | |||
119 | /* PKCS #1 import/export */ | ||
120 | int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key); | ||
121 | int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key); | ||
122 | |||
123 | int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key); | ||
124 | int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen, | ||
125 | const void *passwd, unsigned long passwdlen, rsa_key *key); | ||
126 | |||
127 | int rsa_set_key(const unsigned char *N, unsigned long Nlen, | ||
128 | const unsigned char *e, unsigned long elen, | ||
129 | const unsigned char *d, unsigned long dlen, | ||
130 | rsa_key *key); | ||
131 | int rsa_set_factors(const unsigned char *p, unsigned long plen, | ||
132 | const unsigned char *q, unsigned long qlen, | ||
133 | rsa_key *key); | ||
134 | int rsa_set_crt_params(const unsigned char *dP, unsigned long dPlen, | ||
135 | const unsigned char *dQ, unsigned long dQlen, | ||
136 | const unsigned char *qP, unsigned long qPlen, | ||
137 | rsa_key *key); | ||
138 | #endif | ||
139 | |||
140 | /* ---- Katja ---- */ | ||
141 | #ifdef LTC_MKAT | ||
142 | |||
143 | /* Min and Max KAT key sizes (in bits) */ | ||
144 | #define MIN_KAT_SIZE 1024 | ||
145 | #define MAX_KAT_SIZE 4096 | ||
146 | |||
147 | /** Katja PKCS style key */ | ||
148 | typedef struct KAT_key { | ||
149 | /** Type of key, PK_PRIVATE or PK_PUBLIC */ | ||
150 | int type; | ||
151 | /** The private exponent */ | ||
152 | void *d; | ||
153 | /** The modulus */ | ||
154 | void *N; | ||
155 | /** The p factor of N */ | ||
156 | void *p; | ||
157 | /** The q factor of N */ | ||
158 | void *q; | ||
159 | /** The 1/q mod p CRT param */ | ||
160 | void *qP; | ||
161 | /** The d mod (p - 1) CRT param */ | ||
162 | void *dP; | ||
163 | /** The d mod (q - 1) CRT param */ | ||
164 | void *dQ; | ||
165 | /** The pq param */ | ||
166 | void *pq; | ||
167 | } katja_key; | ||
168 | |||
169 | int katja_make_key(prng_state *prng, int wprng, int size, katja_key *key); | ||
170 | |||
171 | int katja_exptmod(const unsigned char *in, unsigned long inlen, | ||
172 | unsigned char *out, unsigned long *outlen, int which, | ||
173 | katja_key *key); | ||
174 | |||
175 | void katja_free(katja_key *key); | ||
176 | |||
177 | /* These use PKCS #1 v2.0 padding */ | ||
178 | int katja_encrypt_key(const unsigned char *in, unsigned long inlen, | ||
179 | unsigned char *out, unsigned long *outlen, | ||
180 | const unsigned char *lparam, unsigned long lparamlen, | ||
181 | prng_state *prng, int prng_idx, int hash_idx, katja_key *key); | ||
182 | |||
183 | int katja_decrypt_key(const unsigned char *in, unsigned long inlen, | ||
184 | unsigned char *out, unsigned long *outlen, | ||
185 | const unsigned char *lparam, unsigned long lparamlen, | ||
186 | int hash_idx, int *stat, | ||
187 | katja_key *key); | ||
188 | |||
189 | /* PKCS #1 import/export */ | ||
190 | int katja_export(unsigned char *out, unsigned long *outlen, int type, katja_key *key); | ||
191 | int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key); | ||
192 | |||
193 | #endif | ||
194 | |||
195 | /* ---- DH Routines ---- */ | ||
196 | #ifdef LTC_MDH | ||
197 | |||
198 | typedef struct { | ||
199 | int type; | ||
200 | void *x; | ||
201 | void *y; | ||
202 | void *base; | ||
203 | void *prime; | ||
204 | } dh_key; | ||
205 | |||
206 | int dh_get_groupsize(dh_key *key); | ||
207 | |||
208 | int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key); | ||
209 | int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key); | ||
210 | |||
211 | int dh_set_pg(const unsigned char *p, unsigned long plen, | ||
212 | const unsigned char *g, unsigned long glen, | ||
213 | dh_key *key); | ||
214 | int dh_set_pg_dhparam(const unsigned char *dhparam, unsigned long dhparamlen, dh_key *key); | ||
215 | int dh_set_pg_groupsize(int groupsize, dh_key *key); | ||
216 | |||
217 | int dh_set_key(const unsigned char *in, unsigned long inlen, int type, dh_key *key); | ||
218 | int dh_generate_key(prng_state *prng, int wprng, dh_key *key); | ||
219 | |||
220 | int dh_shared_secret(dh_key *private_key, dh_key *public_key, | ||
221 | unsigned char *out, unsigned long *outlen); | ||
222 | |||
223 | void dh_free(dh_key *key); | ||
224 | |||
225 | int dh_export_key(void *out, unsigned long *outlen, int type, dh_key *key); | ||
226 | |||
227 | #ifdef LTC_SOURCE | ||
228 | typedef struct { | ||
229 | int size; | ||
230 | const char *name, *base, *prime; | ||
231 | } ltc_dh_set_type; | ||
232 | |||
233 | extern const ltc_dh_set_type ltc_dh_sets[]; | ||
234 | |||
235 | /* internal helper functions */ | ||
236 | int dh_check_pubkey(dh_key *key); | ||
237 | #endif | ||
238 | |||
239 | #endif /* LTC_MDH */ | ||
240 | |||
241 | |||
242 | /* ---- ECC Routines ---- */ | ||
243 | #ifdef LTC_MECC | ||
244 | |||
245 | /* size of our temp buffers for exported keys */ | ||
246 | #define ECC_BUF_SIZE 256 | ||
247 | |||
248 | /* max private key size */ | ||
249 | #define ECC_MAXSIZE 66 | ||
250 | |||
251 | /** Structure defines a NIST GF(p) curve */ | ||
252 | typedef struct { | ||
253 | /** The size of the curve in octets */ | ||
254 | int size; | ||
255 | |||
256 | /** name of curve */ | ||
257 | const char *name; | ||
258 | |||
259 | /** The prime that defines the field the curve is in (encoded in hex) */ | ||
260 | const char *prime; | ||
261 | |||
262 | /** The fields B param (hex) */ | ||
263 | const char *B; | ||
264 | |||
265 | /** The order of the curve (hex) */ | ||
266 | const char *order; | ||
267 | |||
268 | /** The x co-ordinate of the base point on the curve (hex) */ | ||
269 | const char *Gx; | ||
270 | |||
271 | /** The y co-ordinate of the base point on the curve (hex) */ | ||
272 | const char *Gy; | ||
273 | } ltc_ecc_set_type; | ||
274 | |||
275 | /** A point on a ECC curve, stored in Jacbobian format such that (x,y,z) => (x/z^2, y/z^3, 1) when interpretted as affine */ | ||
276 | typedef struct { | ||
277 | /** The x co-ordinate */ | ||
278 | void *x; | ||
279 | |||
280 | /** The y co-ordinate */ | ||
281 | void *y; | ||
282 | |||
283 | /** The z co-ordinate */ | ||
284 | void *z; | ||
285 | } ecc_point; | ||
286 | |||
287 | /** An ECC key */ | ||
288 | typedef struct { | ||
289 | /** Type of key, PK_PRIVATE or PK_PUBLIC */ | ||
290 | int type; | ||
291 | |||
292 | /** Index into the ltc_ecc_sets[] for the parameters of this curve; if -1, then this key is using user supplied curve in dp */ | ||
293 | int idx; | ||
294 | |||
295 | /** pointer to domain parameters; either points to NIST curves (identified by idx >= 0) or user supplied curve */ | ||
296 | const ltc_ecc_set_type *dp; | ||
297 | |||
298 | /** The public key */ | ||
299 | ecc_point pubkey; | ||
300 | |||
301 | /** The private key */ | ||
302 | void *k; | ||
303 | } ecc_key; | ||
304 | |||
305 | /** the ECC params provided */ | ||
306 | extern const ltc_ecc_set_type ltc_ecc_sets[]; | ||
307 | |||
308 | int ecc_test(void); | ||
309 | void ecc_sizes(int *low, int *high); | ||
310 | int ecc_get_size(ecc_key *key); | ||
311 | |||
312 | int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key); | ||
313 | int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp); | ||
314 | void ecc_free(ecc_key *key); | ||
315 | |||
316 | int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key); | ||
317 | int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key); | ||
318 | int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp); | ||
319 | |||
320 | int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen); | ||
321 | int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key); | ||
322 | int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp); | ||
323 | |||
324 | int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, | ||
325 | unsigned char *out, unsigned long *outlen); | ||
326 | |||
327 | int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, | ||
328 | unsigned char *out, unsigned long *outlen, | ||
329 | prng_state *prng, int wprng, int hash, | ||
330 | ecc_key *key); | ||
331 | |||
332 | int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, | ||
333 | unsigned char *out, unsigned long *outlen, | ||
334 | ecc_key *key); | ||
335 | |||
336 | int ecc_sign_hash_rfc7518(const unsigned char *in, unsigned long inlen, | ||
337 | unsigned char *out, unsigned long *outlen, | ||
338 | prng_state *prng, int wprng, ecc_key *key); | ||
339 | |||
340 | int ecc_sign_hash(const unsigned char *in, unsigned long inlen, | ||
341 | unsigned char *out, unsigned long *outlen, | ||
342 | prng_state *prng, int wprng, ecc_key *key); | ||
343 | |||
344 | int ecc_verify_hash_rfc7518(const unsigned char *sig, unsigned long siglen, | ||
345 | const unsigned char *hash, unsigned long hashlen, | ||
346 | int *stat, ecc_key *key); | ||
347 | |||
348 | int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, | ||
349 | const unsigned char *hash, unsigned long hashlen, | ||
350 | int *stat, ecc_key *key); | ||
351 | |||
352 | /* low level functions */ | ||
353 | ecc_point *ltc_ecc_new_point(void); | ||
354 | void ltc_ecc_del_point(ecc_point *p); | ||
355 | int ltc_ecc_is_valid_idx(int n); | ||
356 | |||
357 | /* point ops (mp == montgomery digit) */ | ||
358 | #if !defined(LTC_MECC_ACCEL) || defined(LTM_DESC) || defined(GMP_DESC) | ||
359 | /* R = 2P */ | ||
360 | int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *mp); | ||
361 | |||
362 | /* R = P + Q */ | ||
363 | int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp); | ||
364 | #endif | ||
365 | |||
366 | #if defined(LTC_MECC_FP) | ||
367 | /* optimized point multiplication using fixed point cache (HAC algorithm 14.117) */ | ||
368 | int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map); | ||
369 | |||
370 | /* functions for saving/loading/freeing/adding to fixed point cache */ | ||
371 | int ltc_ecc_fp_save_state(unsigned char **out, unsigned long *outlen); | ||
372 | int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen); | ||
373 | void ltc_ecc_fp_free(void); | ||
374 | int ltc_ecc_fp_add_point(ecc_point *g, void *modulus, int lock); | ||
375 | |||
376 | /* lock/unlock all points currently in fixed point cache */ | ||
377 | void ltc_ecc_fp_tablelock(int lock); | ||
378 | #endif | ||
379 | |||
380 | /* R = kG */ | ||
381 | int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map); | ||
382 | |||
383 | #ifdef LTC_ECC_SHAMIR | ||
384 | /* kA*A + kB*B = C */ | ||
385 | int ltc_ecc_mul2add(ecc_point *A, void *kA, | ||
386 | ecc_point *B, void *kB, | ||
387 | ecc_point *C, | ||
388 | void *modulus); | ||
389 | |||
390 | #ifdef LTC_MECC_FP | ||
391 | /* Shamir's trick with optimized point multiplication using fixed point cache */ | ||
392 | int ltc_ecc_fp_mul2add(ecc_point *A, void *kA, | ||
393 | ecc_point *B, void *kB, | ||
394 | ecc_point *C, void *modulus); | ||
395 | #endif | ||
396 | |||
397 | #endif | ||
398 | |||
399 | |||
400 | /* map P to affine from projective */ | ||
401 | int ltc_ecc_map(ecc_point *P, void *modulus, void *mp); | ||
402 | |||
403 | #endif | ||
404 | |||
405 | #ifdef LTC_MDSA | ||
406 | |||
407 | /* Max diff between group and modulus size in bytes */ | ||
408 | #define LTC_MDSA_DELTA 512 | ||
409 | |||
410 | /* Max DSA group size in bytes (default allows 4k-bit groups) */ | ||
411 | #define LTC_MDSA_MAX_GROUP 512 | ||
412 | |||
413 | /** DSA key structure */ | ||
414 | typedef struct { | ||
415 | /** The key type, PK_PRIVATE or PK_PUBLIC */ | ||
416 | int type; | ||
417 | |||
418 | /** The order of the sub-group used in octets */ | ||
419 | int qord; | ||
420 | |||
421 | /** The generator */ | ||
422 | void *g; | ||
423 | |||
424 | /** The prime used to generate the sub-group */ | ||
425 | void *q; | ||
426 | |||
427 | /** The large prime that generats the field the contains the sub-group */ | ||
428 | void *p; | ||
429 | |||
430 | /** The private key */ | ||
431 | void *x; | ||
432 | |||
433 | /** The public key */ | ||
434 | void *y; | ||
435 | } dsa_key; | ||
436 | |||
437 | int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key); | ||
438 | |||
439 | int dsa_set_pqg(const unsigned char *p, unsigned long plen, | ||
440 | const unsigned char *q, unsigned long qlen, | ||
441 | const unsigned char *g, unsigned long glen, | ||
442 | dsa_key *key); | ||
443 | int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen, dsa_key *key); | ||
444 | int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key); | ||
445 | |||
446 | int dsa_set_key(const unsigned char *in, unsigned long inlen, int type, dsa_key *key); | ||
447 | int dsa_generate_key(prng_state *prng, int wprng, dsa_key *key); | ||
448 | |||
449 | void dsa_free(dsa_key *key); | ||
450 | |||
451 | int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, | ||
452 | void *r, void *s, | ||
453 | prng_state *prng, int wprng, dsa_key *key); | ||
454 | |||
455 | int dsa_sign_hash(const unsigned char *in, unsigned long inlen, | ||
456 | unsigned char *out, unsigned long *outlen, | ||
457 | prng_state *prng, int wprng, dsa_key *key); | ||
458 | |||
459 | int dsa_verify_hash_raw( void *r, void *s, | ||
460 | const unsigned char *hash, unsigned long hashlen, | ||
461 | int *stat, dsa_key *key); | ||
462 | |||
463 | int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, | ||
464 | const unsigned char *hash, unsigned long hashlen, | ||
465 | int *stat, dsa_key *key); | ||
466 | |||
467 | int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, | ||
468 | unsigned char *out, unsigned long *outlen, | ||
469 | prng_state *prng, int wprng, int hash, | ||
470 | dsa_key *key); | ||
471 | |||
472 | int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, | ||
473 | unsigned char *out, unsigned long *outlen, | ||
474 | dsa_key *key); | ||
475 | |||
476 | int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key); | ||
477 | int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key); | ||
478 | int dsa_verify_key(dsa_key *key, int *stat); | ||
479 | #ifdef LTC_SOURCE | ||
480 | /* internal helper functions */ | ||
481 | int dsa_int_validate_xy(dsa_key *key, int *stat); | ||
482 | int dsa_int_validate_pqg(dsa_key *key, int *stat); | ||
483 | int dsa_int_validate_primes(dsa_key *key, int *stat); | ||
484 | #endif | ||
485 | int dsa_shared_secret(void *private_key, void *base, | ||
486 | dsa_key *public_key, | ||
487 | unsigned char *out, unsigned long *outlen); | ||
488 | #endif | ||
489 | |||
490 | #ifdef LTC_DER | ||
491 | /* DER handling */ | ||
492 | |||
493 | typedef enum ltc_asn1_type_ { | ||
494 | /* 0 */ | ||
495 | LTC_ASN1_EOL, | ||
496 | LTC_ASN1_BOOLEAN, | ||
497 | LTC_ASN1_INTEGER, | ||
498 | LTC_ASN1_SHORT_INTEGER, | ||
499 | LTC_ASN1_BIT_STRING, | ||
500 | /* 5 */ | ||
501 | LTC_ASN1_OCTET_STRING, | ||
502 | LTC_ASN1_NULL, | ||
503 | LTC_ASN1_OBJECT_IDENTIFIER, | ||
504 | LTC_ASN1_IA5_STRING, | ||
505 | LTC_ASN1_PRINTABLE_STRING, | ||
506 | /* 10 */ | ||
507 | LTC_ASN1_UTF8_STRING, | ||
508 | LTC_ASN1_UTCTIME, | ||
509 | LTC_ASN1_CHOICE, | ||
510 | LTC_ASN1_SEQUENCE, | ||
511 | LTC_ASN1_SET, | ||
512 | /* 15 */ | ||
513 | LTC_ASN1_SETOF, | ||
514 | LTC_ASN1_RAW_BIT_STRING, | ||
515 | LTC_ASN1_TELETEX_STRING, | ||
516 | LTC_ASN1_CONSTRUCTED, | ||
517 | LTC_ASN1_CONTEXT_SPECIFIC, | ||
518 | /* 20 */ | ||
519 | LTC_ASN1_GENERALIZEDTIME, | ||
520 | } ltc_asn1_type; | ||
521 | |||
522 | /** A LTC ASN.1 list type */ | ||
523 | typedef struct ltc_asn1_list_ { | ||
524 | /** The LTC ASN.1 enumerated type identifier */ | ||
525 | ltc_asn1_type type; | ||
526 | /** The data to encode or place for decoding */ | ||
527 | void *data; | ||
528 | /** The size of the input or resulting output */ | ||
529 | unsigned long size; | ||
530 | /** The used flag, this is used by the CHOICE ASN.1 type to indicate which choice was made */ | ||
531 | int used; | ||
532 | /** prev/next entry in the list */ | ||
533 | struct ltc_asn1_list_ *prev, *next, *child, *parent; | ||
534 | } ltc_asn1_list; | ||
535 | |||
536 | #define LTC_SET_ASN1(list, index, Type, Data, Size) \ | ||
537 | do { \ | ||
538 | int LTC_MACRO_temp = (index); \ | ||
539 | ltc_asn1_list *LTC_MACRO_list = (list); \ | ||
540 | LTC_MACRO_list[LTC_MACRO_temp].type = (Type); \ | ||
541 | LTC_MACRO_list[LTC_MACRO_temp].data = (void*)(Data); \ | ||
542 | LTC_MACRO_list[LTC_MACRO_temp].size = (Size); \ | ||
543 | LTC_MACRO_list[LTC_MACRO_temp].used = 0; \ | ||
544 | } while (0) | ||
545 | |||
546 | /* SEQUENCE */ | ||
547 | int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen, | ||
548 | unsigned char *out, unsigned long *outlen, int type_of); | ||
549 | |||
550 | #define der_encode_sequence(list, inlen, out, outlen) der_encode_sequence_ex(list, inlen, out, outlen, LTC_ASN1_SEQUENCE) | ||
551 | |||
552 | int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen, | ||
553 | ltc_asn1_list *list, unsigned long outlen, int ordered); | ||
554 | |||
555 | #define der_decode_sequence(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 1) | ||
556 | |||
557 | int der_length_sequence(ltc_asn1_list *list, unsigned long inlen, | ||
558 | unsigned long *outlen); | ||
559 | |||
560 | |||
561 | #ifdef LTC_SOURCE | ||
562 | /* internal helper functions */ | ||
563 | int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen, | ||
564 | unsigned long *outlen, unsigned long *payloadlen); | ||
565 | /* SUBJECT PUBLIC KEY INFO */ | ||
566 | int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, | ||
567 | unsigned int algorithm, void* public_key, unsigned long public_key_len, | ||
568 | unsigned long parameters_type, void* parameters, unsigned long parameters_len); | ||
569 | |||
570 | int der_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, | ||
571 | unsigned int algorithm, void* public_key, unsigned long* public_key_len, | ||
572 | unsigned long parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len); | ||
573 | #endif /* LTC_SOURCE */ | ||
574 | |||
575 | /* SET */ | ||
576 | #define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 0) | ||
577 | #define der_length_set der_length_sequence | ||
578 | int der_encode_set(ltc_asn1_list *list, unsigned long inlen, | ||
579 | unsigned char *out, unsigned long *outlen); | ||
580 | |||
581 | int der_encode_setof(ltc_asn1_list *list, unsigned long inlen, | ||
582 | unsigned char *out, unsigned long *outlen); | ||
583 | |||
584 | /* VA list handy helpers with triplets of <type, size, data> */ | ||
585 | int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...); | ||
586 | int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...); | ||
587 | |||
588 | /* FLEXI DECODER handle unknown list decoder */ | ||
589 | int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out); | ||
590 | #define der_free_sequence_flexi der_sequence_free | ||
591 | void der_sequence_free(ltc_asn1_list *in); | ||
592 | void der_sequence_shrink(ltc_asn1_list *in); | ||
593 | |||
594 | /* BOOLEAN */ | ||
595 | int der_length_boolean(unsigned long *outlen); | ||
596 | int der_encode_boolean(int in, | ||
597 | unsigned char *out, unsigned long *outlen); | ||
598 | int der_decode_boolean(const unsigned char *in, unsigned long inlen, | ||
599 | int *out); | ||
600 | /* INTEGER */ | ||
601 | int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen); | ||
602 | int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num); | ||
603 | int der_length_integer(void *num, unsigned long *len); | ||
604 | |||
605 | /* INTEGER -- handy for 0..2^32-1 values */ | ||
606 | int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsigned long *num); | ||
607 | int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned long *outlen); | ||
608 | int der_length_short_integer(unsigned long num, unsigned long *outlen); | ||
609 | |||
610 | /* BIT STRING */ | ||
611 | int der_encode_bit_string(const unsigned char *in, unsigned long inlen, | ||
612 | unsigned char *out, unsigned long *outlen); | ||
613 | int der_decode_bit_string(const unsigned char *in, unsigned long inlen, | ||
614 | unsigned char *out, unsigned long *outlen); | ||
615 | int der_encode_raw_bit_string(const unsigned char *in, unsigned long inlen, | ||
616 | unsigned char *out, unsigned long *outlen); | ||
617 | int der_decode_raw_bit_string(const unsigned char *in, unsigned long inlen, | ||
618 | unsigned char *out, unsigned long *outlen); | ||
619 | int der_length_bit_string(unsigned long nbits, unsigned long *outlen); | ||
620 | |||
621 | /* OCTET STRING */ | ||
622 | int der_encode_octet_string(const unsigned char *in, unsigned long inlen, | ||
623 | unsigned char *out, unsigned long *outlen); | ||
624 | int der_decode_octet_string(const unsigned char *in, unsigned long inlen, | ||
625 | unsigned char *out, unsigned long *outlen); | ||
626 | int der_length_octet_string(unsigned long noctets, unsigned long *outlen); | ||
627 | |||
628 | /* OBJECT IDENTIFIER */ | ||
629 | int der_encode_object_identifier(unsigned long *words, unsigned long nwords, | ||
630 | unsigned char *out, unsigned long *outlen); | ||
631 | int der_decode_object_identifier(const unsigned char *in, unsigned long inlen, | ||
632 | unsigned long *words, unsigned long *outlen); | ||
633 | int der_length_object_identifier(unsigned long *words, unsigned long nwords, unsigned long *outlen); | ||
634 | unsigned long der_object_identifier_bits(unsigned long x); | ||
635 | |||
636 | /* IA5 STRING */ | ||
637 | int der_encode_ia5_string(const unsigned char *in, unsigned long inlen, | ||
638 | unsigned char *out, unsigned long *outlen); | ||
639 | int der_decode_ia5_string(const unsigned char *in, unsigned long inlen, | ||
640 | unsigned char *out, unsigned long *outlen); | ||
641 | int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen); | ||
642 | |||
643 | int der_ia5_char_encode(int c); | ||
644 | int der_ia5_value_decode(int v); | ||
645 | |||
646 | /* TELETEX STRING */ | ||
647 | int der_decode_teletex_string(const unsigned char *in, unsigned long inlen, | ||
648 | unsigned char *out, unsigned long *outlen); | ||
649 | int der_length_teletex_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen); | ||
650 | |||
651 | #ifdef LTC_SOURCE | ||
652 | /* internal helper functions */ | ||
653 | int der_teletex_char_encode(int c); | ||
654 | int der_teletex_value_decode(int v); | ||
655 | #endif /* LTC_SOURCE */ | ||
656 | |||
657 | |||
658 | /* PRINTABLE STRING */ | ||
659 | int der_encode_printable_string(const unsigned char *in, unsigned long inlen, | ||
660 | unsigned char *out, unsigned long *outlen); | ||
661 | int der_decode_printable_string(const unsigned char *in, unsigned long inlen, | ||
662 | unsigned char *out, unsigned long *outlen); | ||
663 | int der_length_printable_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen); | ||
664 | |||
665 | int der_printable_char_encode(int c); | ||
666 | int der_printable_value_decode(int v); | ||
667 | |||
668 | /* UTF-8 */ | ||
669 | #if (defined(SIZE_MAX) || __STDC_VERSION__ >= 199901L || defined(WCHAR_MAX) || defined(__WCHAR_MAX__) || defined(_WCHAR_T) || defined(_WCHAR_T_DEFINED) || defined (__WCHAR_TYPE__)) && !defined(LTC_NO_WCHAR) | ||
670 | #if defined(__WCHAR_MAX__) | ||
671 | #define LTC_WCHAR_MAX __WCHAR_MAX__ | ||
672 | #else | ||
673 | #include <wchar.h> | ||
674 | #define LTC_WCHAR_MAX WCHAR_MAX | ||
675 | #endif | ||
676 | /* please note that it might happen that LTC_WCHAR_MAX is undefined */ | ||
677 | #else | ||
678 | typedef ulong32 wchar_t; | ||
679 | #define LTC_WCHAR_MAX 0xFFFFFFFF | ||
680 | #endif | ||
681 | |||
682 | int der_encode_utf8_string(const wchar_t *in, unsigned long inlen, | ||
683 | unsigned char *out, unsigned long *outlen); | ||
684 | |||
685 | int der_decode_utf8_string(const unsigned char *in, unsigned long inlen, | ||
686 | wchar_t *out, unsigned long *outlen); | ||
687 | unsigned long der_utf8_charsize(const wchar_t c); | ||
688 | #ifdef LTC_SOURCE | ||
689 | /* internal helper functions */ | ||
690 | int der_utf8_valid_char(const wchar_t c); | ||
691 | #endif /* LTC_SOURCE */ | ||
692 | int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned long *outlen); | ||
693 | |||
694 | |||
695 | /* CHOICE */ | ||
696 | int der_decode_choice(const unsigned char *in, unsigned long *inlen, | ||
697 | ltc_asn1_list *list, unsigned long outlen); | ||
698 | |||
699 | /* UTCTime */ | ||
700 | typedef struct { | ||
701 | unsigned YY, /* year */ | ||
702 | MM, /* month */ | ||
703 | DD, /* day */ | ||
704 | hh, /* hour */ | ||
705 | mm, /* minute */ | ||
706 | ss, /* second */ | ||
707 | off_dir, /* timezone offset direction 0 == +, 1 == - */ | ||
708 | off_hh, /* timezone offset hours */ | ||
709 | off_mm; /* timezone offset minutes */ | ||
710 | } ltc_utctime; | ||
711 | |||
712 | int der_encode_utctime(ltc_utctime *utctime, | ||
713 | unsigned char *out, unsigned long *outlen); | ||
714 | |||
715 | int der_decode_utctime(const unsigned char *in, unsigned long *inlen, | ||
716 | ltc_utctime *out); | ||
717 | |||
718 | int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen); | ||
719 | |||
720 | /* GeneralizedTime */ | ||
721 | typedef struct { | ||
722 | unsigned YYYY, /* year */ | ||
723 | MM, /* month */ | ||
724 | DD, /* day */ | ||
725 | hh, /* hour */ | ||
726 | mm, /* minute */ | ||
727 | ss, /* second */ | ||
728 | fs, /* fractional seconds */ | ||
729 | off_dir, /* timezone offset direction 0 == +, 1 == - */ | ||
730 | off_hh, /* timezone offset hours */ | ||
731 | off_mm; /* timezone offset minutes */ | ||
732 | } ltc_generalizedtime; | ||
733 | |||
734 | int der_encode_generalizedtime(ltc_generalizedtime *gtime, | ||
735 | unsigned char *out, unsigned long *outlen); | ||
736 | |||
737 | int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen, | ||
738 | ltc_generalizedtime *out); | ||
739 | |||
740 | int der_length_generalizedtime(ltc_generalizedtime *gtime, unsigned long *outlen); | ||
741 | |||
742 | |||
743 | #endif | ||
744 | |||
745 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
746 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
747 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_pkcs.h b/utils/tomcrypt/src/headers/tomcrypt_pkcs.h new file mode 100644 index 0000000000..b84028f122 --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_pkcs.h | |||
@@ -0,0 +1,108 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* PKCS Header Info */ | ||
11 | |||
12 | /* ===> PKCS #1 -- RSA Cryptography <=== */ | ||
13 | #ifdef LTC_PKCS_1 | ||
14 | |||
15 | enum ltc_pkcs_1_v1_5_blocks | ||
16 | { | ||
17 | LTC_PKCS_1_EMSA = 1, /* Block type 1 (PKCS #1 v1.5 signature padding) */ | ||
18 | LTC_PKCS_1_EME = 2 /* Block type 2 (PKCS #1 v1.5 encryption padding) */ | ||
19 | }; | ||
20 | |||
21 | enum ltc_pkcs_1_paddings | ||
22 | { | ||
23 | LTC_PKCS_1_V1_5 = 1, /* PKCS #1 v1.5 padding (\sa ltc_pkcs_1_v1_5_blocks) */ | ||
24 | LTC_PKCS_1_OAEP = 2, /* PKCS #1 v2.0 encryption padding */ | ||
25 | LTC_PKCS_1_PSS = 3, /* PKCS #1 v2.1 signature padding */ | ||
26 | LTC_PKCS_1_V1_5_NA1 = 4 /* PKCS #1 v1.5 padding - No ASN.1 (\sa ltc_pkcs_1_v1_5_blocks) */ | ||
27 | }; | ||
28 | |||
29 | int pkcs_1_mgf1( int hash_idx, | ||
30 | const unsigned char *seed, unsigned long seedlen, | ||
31 | unsigned char *mask, unsigned long masklen); | ||
32 | |||
33 | int pkcs_1_i2osp(void *n, unsigned long modulus_len, unsigned char *out); | ||
34 | int pkcs_1_os2ip(void *n, unsigned char *in, unsigned long inlen); | ||
35 | |||
36 | /* *** v1.5 padding */ | ||
37 | int pkcs_1_v1_5_encode(const unsigned char *msg, | ||
38 | unsigned long msglen, | ||
39 | int block_type, | ||
40 | unsigned long modulus_bitlen, | ||
41 | prng_state *prng, | ||
42 | int prng_idx, | ||
43 | unsigned char *out, | ||
44 | unsigned long *outlen); | ||
45 | |||
46 | int pkcs_1_v1_5_decode(const unsigned char *msg, | ||
47 | unsigned long msglen, | ||
48 | int block_type, | ||
49 | unsigned long modulus_bitlen, | ||
50 | unsigned char *out, | ||
51 | unsigned long *outlen, | ||
52 | int *is_valid); | ||
53 | |||
54 | /* *** v2.1 padding */ | ||
55 | int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, | ||
56 | const unsigned char *lparam, unsigned long lparamlen, | ||
57 | unsigned long modulus_bitlen, prng_state *prng, | ||
58 | int prng_idx, int hash_idx, | ||
59 | unsigned char *out, unsigned long *outlen); | ||
60 | |||
61 | int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, | ||
62 | const unsigned char *lparam, unsigned long lparamlen, | ||
63 | unsigned long modulus_bitlen, int hash_idx, | ||
64 | unsigned char *out, unsigned long *outlen, | ||
65 | int *res); | ||
66 | |||
67 | int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, | ||
68 | unsigned long saltlen, prng_state *prng, | ||
69 | int prng_idx, int hash_idx, | ||
70 | unsigned long modulus_bitlen, | ||
71 | unsigned char *out, unsigned long *outlen); | ||
72 | |||
73 | int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, | ||
74 | const unsigned char *sig, unsigned long siglen, | ||
75 | unsigned long saltlen, int hash_idx, | ||
76 | unsigned long modulus_bitlen, int *res); | ||
77 | |||
78 | #endif /* LTC_PKCS_1 */ | ||
79 | |||
80 | /* ===> PKCS #5 -- Password Based Cryptography <=== */ | ||
81 | #ifdef LTC_PKCS_5 | ||
82 | |||
83 | /* Algorithm #1 (PBKDF1) */ | ||
84 | int pkcs_5_alg1(const unsigned char *password, unsigned long password_len, | ||
85 | const unsigned char *salt, | ||
86 | int iteration_count, int hash_idx, | ||
87 | unsigned char *out, unsigned long *outlen); | ||
88 | |||
89 | /* Algorithm #1 (PBKDF1) - OpenSSL-compatible variant for arbitrarily-long keys. | ||
90 | Compatible with EVP_BytesToKey() */ | ||
91 | int pkcs_5_alg1_openssl(const unsigned char *password, | ||
92 | unsigned long password_len, | ||
93 | const unsigned char *salt, | ||
94 | int iteration_count, int hash_idx, | ||
95 | unsigned char *out, unsigned long *outlen); | ||
96 | |||
97 | /* Algorithm #2 (PBKDF2) */ | ||
98 | int pkcs_5_alg2(const unsigned char *password, unsigned long password_len, | ||
99 | const unsigned char *salt, unsigned long salt_len, | ||
100 | int iteration_count, int hash_idx, | ||
101 | unsigned char *out, unsigned long *outlen); | ||
102 | |||
103 | int pkcs_5_test (void); | ||
104 | #endif /* LTC_PKCS_5 */ | ||
105 | |||
106 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
107 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
108 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_private.h b/utils/tomcrypt/src/headers/tomcrypt_private.h new file mode 100644 index 0000000000..e5e716584c --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_private.h | |||
@@ -0,0 +1,447 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis */ | ||
2 | /* SPDX-License-Identifier: Unlicense */ | ||
3 | |||
4 | #include "tomcrypt.h" | ||
5 | |||
6 | /* | ||
7 | * Internal Macros | ||
8 | */ | ||
9 | |||
10 | #define LTC_PAD_MASK (0xF000U) | ||
11 | |||
12 | /* | ||
13 | * Internal Enums | ||
14 | */ | ||
15 | |||
16 | enum ltc_oid_id { | ||
17 | PKA_RSA, | ||
18 | PKA_DSA, | ||
19 | PKA_EC, | ||
20 | PKA_EC_PRIMEF, | ||
21 | PKA_X25519, | ||
22 | PKA_ED25519, | ||
23 | }; | ||
24 | |||
25 | /* | ||
26 | * Internal Types | ||
27 | */ | ||
28 | |||
29 | typedef struct { | ||
30 | int size; | ||
31 | const char *name, *base, *prime; | ||
32 | } ltc_dh_set_type; | ||
33 | |||
34 | |||
35 | typedef int (*fn_kdf_t)(const unsigned char *password, unsigned long password_len, | ||
36 | const unsigned char *salt, unsigned long salt_len, | ||
37 | int iteration_count, int hash_idx, | ||
38 | unsigned char *out, unsigned long *outlen); | ||
39 | |||
40 | typedef struct { | ||
41 | /* KDF */ | ||
42 | fn_kdf_t kdf; | ||
43 | /* Hash or HMAC */ | ||
44 | const char* h; | ||
45 | /* cipher */ | ||
46 | const char* c; | ||
47 | unsigned long keylen; | ||
48 | /* not used for pbkdf2 */ | ||
49 | unsigned long blocklen; | ||
50 | } pbes_properties; | ||
51 | |||
52 | typedef struct | ||
53 | { | ||
54 | pbes_properties type; | ||
55 | const void *pwd; | ||
56 | unsigned long pwdlen; | ||
57 | ltc_asn1_list *enc_data; | ||
58 | ltc_asn1_list *salt; | ||
59 | ltc_asn1_list *iv; | ||
60 | unsigned long iterations; | ||
61 | /* only used for RC2 */ | ||
62 | unsigned long key_bits; | ||
63 | } pbes_arg; | ||
64 | |||
65 | /* | ||
66 | * Internal functions | ||
67 | */ | ||
68 | |||
69 | |||
70 | /* tomcrypt_cipher.h */ | ||
71 | |||
72 | void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey); | ||
73 | int blowfish_expand(const unsigned char *key, int keylen, | ||
74 | const unsigned char *data, int datalen, | ||
75 | symmetric_key *skey); | ||
76 | int blowfish_setup_with_data(const unsigned char *key, int keylen, | ||
77 | const unsigned char *data, int datalen, | ||
78 | symmetric_key *skey); | ||
79 | |||
80 | /* tomcrypt_hash.h */ | ||
81 | |||
82 | /* a simple macro for making hash "process" functions */ | ||
83 | #define HASH_PROCESS(func_name, compress_name, state_var, block_size) \ | ||
84 | int func_name (hash_state * md, const unsigned char *in, unsigned long inlen) \ | ||
85 | { \ | ||
86 | unsigned long n; \ | ||
87 | int err; \ | ||
88 | LTC_ARGCHK(md != NULL); \ | ||
89 | LTC_ARGCHK(in != NULL); \ | ||
90 | if (md-> state_var .curlen > sizeof(md-> state_var .buf)) { \ | ||
91 | return CRYPT_INVALID_ARG; \ | ||
92 | } \ | ||
93 | if ((md-> state_var .length + inlen) < md-> state_var .length) { \ | ||
94 | return CRYPT_HASH_OVERFLOW; \ | ||
95 | } \ | ||
96 | while (inlen > 0) { \ | ||
97 | if (md-> state_var .curlen == 0 && inlen >= block_size) { \ | ||
98 | if ((err = compress_name (md, in)) != CRYPT_OK) { \ | ||
99 | return err; \ | ||
100 | } \ | ||
101 | md-> state_var .length += block_size * 8; \ | ||
102 | in += block_size; \ | ||
103 | inlen -= block_size; \ | ||
104 | } else { \ | ||
105 | n = MIN(inlen, (block_size - md-> state_var .curlen)); \ | ||
106 | XMEMCPY(md-> state_var .buf + md-> state_var.curlen, in, (size_t)n); \ | ||
107 | md-> state_var .curlen += n; \ | ||
108 | in += n; \ | ||
109 | inlen -= n; \ | ||
110 | if (md-> state_var .curlen == block_size) { \ | ||
111 | if ((err = compress_name (md, md-> state_var .buf)) != CRYPT_OK) { \ | ||
112 | return err; \ | ||
113 | } \ | ||
114 | md-> state_var .length += 8*block_size; \ | ||
115 | md-> state_var .curlen = 0; \ | ||
116 | } \ | ||
117 | } \ | ||
118 | } \ | ||
119 | return CRYPT_OK; \ | ||
120 | } | ||
121 | |||
122 | |||
123 | /* tomcrypt_mac.h */ | ||
124 | |||
125 | int ocb3_int_ntz(unsigned long x); | ||
126 | void ocb3_int_xor_blocks(unsigned char *out, const unsigned char *block_a, const unsigned char *block_b, unsigned long block_len); | ||
127 | |||
128 | |||
129 | /* tomcrypt_math.h */ | ||
130 | |||
131 | #if !defined(DESC_DEF_ONLY) | ||
132 | |||
133 | #define MP_DIGIT_BIT ltc_mp.bits_per_digit | ||
134 | |||
135 | /* some handy macros */ | ||
136 | #define mp_init(a) ltc_mp.init(a) | ||
137 | #define mp_init_multi ltc_init_multi | ||
138 | #define mp_clear(a) ltc_mp.deinit(a) | ||
139 | #define mp_clear_multi ltc_deinit_multi | ||
140 | #define mp_cleanup_multi ltc_cleanup_multi | ||
141 | #define mp_init_copy(a, b) ltc_mp.init_copy(a, b) | ||
142 | |||
143 | #define mp_neg(a, b) ltc_mp.neg(a, b) | ||
144 | #define mp_copy(a, b) ltc_mp.copy(a, b) | ||
145 | |||
146 | #define mp_set(a, b) ltc_mp.set_int(a, b) | ||
147 | #define mp_set_int(a, b) ltc_mp.set_int(a, b) | ||
148 | #define mp_get_int(a) ltc_mp.get_int(a) | ||
149 | #define mp_get_digit(a, n) ltc_mp.get_digit(a, n) | ||
150 | #define mp_get_digit_count(a) ltc_mp.get_digit_count(a) | ||
151 | #define mp_cmp(a, b) ltc_mp.compare(a, b) | ||
152 | #define mp_cmp_d(a, b) ltc_mp.compare_d(a, b) | ||
153 | #define mp_count_bits(a) ltc_mp.count_bits(a) | ||
154 | #define mp_cnt_lsb(a) ltc_mp.count_lsb_bits(a) | ||
155 | #define mp_2expt(a, b) ltc_mp.twoexpt(a, b) | ||
156 | |||
157 | #define mp_read_radix(a, b, c) ltc_mp.read_radix(a, b, c) | ||
158 | #define mp_toradix(a, b, c) ltc_mp.write_radix(a, b, c) | ||
159 | #define mp_unsigned_bin_size(a) ltc_mp.unsigned_size(a) | ||
160 | #define mp_to_unsigned_bin(a, b) ltc_mp.unsigned_write(a, b) | ||
161 | #define mp_read_unsigned_bin(a, b, c) ltc_mp.unsigned_read(a, b, c) | ||
162 | |||
163 | #define mp_add(a, b, c) ltc_mp.add(a, b, c) | ||
164 | #define mp_add_d(a, b, c) ltc_mp.addi(a, b, c) | ||
165 | #define mp_sub(a, b, c) ltc_mp.sub(a, b, c) | ||
166 | #define mp_sub_d(a, b, c) ltc_mp.subi(a, b, c) | ||
167 | #define mp_mul(a, b, c) ltc_mp.mul(a, b, c) | ||
168 | #define mp_mul_d(a, b, c) ltc_mp.muli(a, b, c) | ||
169 | #define mp_sqr(a, b) ltc_mp.sqr(a, b) | ||
170 | #define mp_sqrtmod_prime(a, b, c) ltc_mp.sqrtmod_prime(a, b, c) | ||
171 | #define mp_div(a, b, c, d) ltc_mp.mpdiv(a, b, c, d) | ||
172 | #define mp_div_2(a, b) ltc_mp.div_2(a, b) | ||
173 | #define mp_mod(a, b, c) ltc_mp.mpdiv(a, b, NULL, c) | ||
174 | #define mp_mod_d(a, b, c) ltc_mp.modi(a, b, c) | ||
175 | #define mp_gcd(a, b, c) ltc_mp.gcd(a, b, c) | ||
176 | #define mp_lcm(a, b, c) ltc_mp.lcm(a, b, c) | ||
177 | |||
178 | #define mp_addmod(a, b, c, d) ltc_mp.addmod(a, b, c, d) | ||
179 | #define mp_submod(a, b, c, d) ltc_mp.submod(a, b, c, d) | ||
180 | #define mp_mulmod(a, b, c, d) ltc_mp.mulmod(a, b, c, d) | ||
181 | #define mp_sqrmod(a, b, c) ltc_mp.sqrmod(a, b, c) | ||
182 | #define mp_invmod(a, b, c) ltc_mp.invmod(a, b, c) | ||
183 | |||
184 | #define mp_montgomery_setup(a, b) ltc_mp.montgomery_setup(a, b) | ||
185 | #define mp_montgomery_normalization(a, b) ltc_mp.montgomery_normalization(a, b) | ||
186 | #define mp_montgomery_reduce(a, b, c) ltc_mp.montgomery_reduce(a, b, c) | ||
187 | #define mp_montgomery_free(a) ltc_mp.montgomery_deinit(a) | ||
188 | |||
189 | #define mp_exptmod(a,b,c,d) ltc_mp.exptmod(a,b,c,d) | ||
190 | #define mp_prime_is_prime(a, b, c) ltc_mp.isprime(a, b, c) | ||
191 | |||
192 | #define mp_iszero(a) (mp_cmp_d(a, 0) == LTC_MP_EQ ? LTC_MP_YES : LTC_MP_NO) | ||
193 | #define mp_isodd(a) (mp_get_digit_count(a) > 0 ? (mp_get_digit(a, 0) & 1 ? LTC_MP_YES : LTC_MP_NO) : LTC_MP_NO) | ||
194 | #define mp_exch(a, b) do { void *ABC__tmp = a; a = b; b = ABC__tmp; } while(0) | ||
195 | |||
196 | #define mp_tohex(a, b) mp_toradix(a, b, 16) | ||
197 | |||
198 | #define mp_rand(a, b) ltc_mp.rand(a, b) | ||
199 | |||
200 | #endif | ||
201 | |||
202 | |||
203 | /* tomcrypt_misc.h */ | ||
204 | |||
205 | void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned long len, int coz); | ||
206 | |||
207 | int pbes_decrypt(const pbes_arg *arg, unsigned char *dec_data, unsigned long *dec_size); | ||
208 | |||
209 | int pbes1_extract(const ltc_asn1_list *s, pbes_arg *res); | ||
210 | int pbes2_extract(const ltc_asn1_list *s, pbes_arg *res); | ||
211 | |||
212 | |||
213 | /* tomcrypt_pk.h */ | ||
214 | |||
215 | int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng); | ||
216 | int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng); | ||
217 | |||
218 | int pk_get_oid(enum ltc_oid_id id, const char **st); | ||
219 | int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen); | ||
220 | int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen); | ||
221 | |||
222 | /* ---- DH Routines ---- */ | ||
223 | #ifdef LTC_MRSA | ||
224 | int rsa_init(rsa_key *key); | ||
225 | void rsa_shrink_key(rsa_key *key); | ||
226 | #endif /* LTC_MRSA */ | ||
227 | |||
228 | /* ---- DH Routines ---- */ | ||
229 | #ifdef LTC_MDH | ||
230 | extern const ltc_dh_set_type ltc_dh_sets[]; | ||
231 | |||
232 | int dh_check_pubkey(const dh_key *key); | ||
233 | #endif /* LTC_MDH */ | ||
234 | |||
235 | /* ---- ECC Routines ---- */ | ||
236 | #ifdef LTC_MECC | ||
237 | int ecc_set_curve_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key); | ||
238 | int ecc_copy_curve(const ecc_key *srckey, ecc_key *key); | ||
239 | int ecc_set_curve_by_size(int size, ecc_key *key); | ||
240 | int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long inlen, ecc_key *key); | ||
241 | |||
242 | #ifdef LTC_SSH | ||
243 | int ecc_ssh_ecdsa_encode_name(char *buffer, unsigned long *buflen, const ecc_key *key); | ||
244 | #endif | ||
245 | |||
246 | /* low level functions */ | ||
247 | ecc_point *ltc_ecc_new_point(void); | ||
248 | void ltc_ecc_del_point(ecc_point *p); | ||
249 | int ltc_ecc_set_point_xyz(ltc_mp_digit x, ltc_mp_digit y, ltc_mp_digit z, ecc_point *p); | ||
250 | int ltc_ecc_copy_point(const ecc_point *src, ecc_point *dst); | ||
251 | int ltc_ecc_is_point(const ltc_ecc_dp *dp, void *x, void *y); | ||
252 | int ltc_ecc_is_point_at_infinity(const ecc_point *P, void *modulus, int *retval); | ||
253 | int ltc_ecc_import_point(const unsigned char *in, unsigned long inlen, void *prime, void *a, void *b, void *x, void *y); | ||
254 | int ltc_ecc_export_point(unsigned char *out, unsigned long *outlen, void *x, void *y, unsigned long size, int compressed); | ||
255 | int ltc_ecc_verify_key(const ecc_key *key); | ||
256 | |||
257 | /* point ops (mp == montgomery digit) */ | ||
258 | #if !defined(LTC_MECC_ACCEL) || defined(LTM_DESC) || defined(GMP_DESC) | ||
259 | /* R = 2P */ | ||
260 | int ltc_ecc_projective_dbl_point(const ecc_point *P, ecc_point *R, void *ma, void *modulus, void *mp); | ||
261 | |||
262 | /* R = P + Q */ | ||
263 | int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_point *R, void *ma, void *modulus, void *mp); | ||
264 | #endif | ||
265 | |||
266 | #if defined(LTC_MECC_FP) | ||
267 | /* optimized point multiplication using fixed point cache (HAC algorithm 14.117) */ | ||
268 | int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *a, void *modulus, int map); | ||
269 | |||
270 | /* functions for saving/loading/freeing/adding to fixed point cache */ | ||
271 | int ltc_ecc_fp_save_state(unsigned char **out, unsigned long *outlen); | ||
272 | int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen); | ||
273 | void ltc_ecc_fp_free(void); | ||
274 | int ltc_ecc_fp_add_point(ecc_point *g, void *modulus, int lock); | ||
275 | |||
276 | /* lock/unlock all points currently in fixed point cache */ | ||
277 | void ltc_ecc_fp_tablelock(int lock); | ||
278 | #endif | ||
279 | |||
280 | /* R = kG */ | ||
281 | int ltc_ecc_mulmod(void *k, const ecc_point *G, ecc_point *R, void *a, void *modulus, int map); | ||
282 | |||
283 | #ifdef LTC_ECC_SHAMIR | ||
284 | /* kA*A + kB*B = C */ | ||
285 | int ltc_ecc_mul2add(const ecc_point *A, void *kA, | ||
286 | const ecc_point *B, void *kB, | ||
287 | ecc_point *C, | ||
288 | void *ma, | ||
289 | void *modulus); | ||
290 | |||
291 | #ifdef LTC_MECC_FP | ||
292 | /* Shamir's trick with optimized point multiplication using fixed point cache */ | ||
293 | int ltc_ecc_fp_mul2add(const ecc_point *A, void *kA, | ||
294 | const ecc_point *B, void *kB, | ||
295 | ecc_point *C, | ||
296 | void *ma, | ||
297 | void *modulus); | ||
298 | #endif | ||
299 | |||
300 | #endif | ||
301 | |||
302 | |||
303 | /* map P to affine from projective */ | ||
304 | int ltc_ecc_map(ecc_point *P, void *modulus, void *mp); | ||
305 | #endif /* LTC_MECC */ | ||
306 | |||
307 | #ifdef LTC_MDSA | ||
308 | int dsa_int_validate_xy(const dsa_key *key, int *stat); | ||
309 | int dsa_int_validate_pqg(const dsa_key *key, int *stat); | ||
310 | int dsa_int_validate_primes(const dsa_key *key, int *stat); | ||
311 | #endif /* LTC_MDSA */ | ||
312 | |||
313 | |||
314 | #ifdef LTC_CURVE25519 | ||
315 | |||
316 | int tweetnacl_crypto_sign( | ||
317 | unsigned char *sm,unsigned long long *smlen, | ||
318 | const unsigned char *m,unsigned long long mlen, | ||
319 | const unsigned char *sk, const unsigned char *pk); | ||
320 | int tweetnacl_crypto_sign_open( | ||
321 | int *stat, | ||
322 | unsigned char *m,unsigned long long *mlen, | ||
323 | const unsigned char *sm,unsigned long long smlen, | ||
324 | const unsigned char *pk); | ||
325 | int tweetnacl_crypto_sign_keypair(prng_state *prng, int wprng, unsigned char *pk,unsigned char *sk); | ||
326 | int tweetnacl_crypto_sk_to_pk(unsigned char *pk, const unsigned char *sk); | ||
327 | int tweetnacl_crypto_scalarmult(unsigned char *q, const unsigned char *n, const unsigned char *p); | ||
328 | int tweetnacl_crypto_scalarmult_base(unsigned char *q,const unsigned char *n); | ||
329 | |||
330 | typedef int (*sk_to_pk)(unsigned char *pk ,const unsigned char *sk); | ||
331 | int ec25519_import_pkcs8(const unsigned char *in, unsigned long inlen, | ||
332 | const void *pwd, unsigned long pwdlen, | ||
333 | enum ltc_oid_id id, sk_to_pk fp, | ||
334 | curve25519_key *key); | ||
335 | int ec25519_export( unsigned char *out, unsigned long *outlen, | ||
336 | int which, | ||
337 | const curve25519_key *key); | ||
338 | #endif /* LTC_CURVE25519 */ | ||
339 | |||
340 | #ifdef LTC_DER | ||
341 | |||
342 | #define LTC_ASN1_IS_TYPE(e, t) (((e) != NULL) && ((e)->type == (t))) | ||
343 | |||
344 | /* DER handling */ | ||
345 | int der_decode_custom_type_ex(const unsigned char *in, unsigned long inlen, | ||
346 | ltc_asn1_list *root, | ||
347 | ltc_asn1_list *list, unsigned long outlen, unsigned int flags); | ||
348 | |||
349 | int der_encode_asn1_identifier(const ltc_asn1_list *id, unsigned char *out, unsigned long *outlen); | ||
350 | int der_decode_asn1_identifier(const unsigned char *in, unsigned long *inlen, ltc_asn1_list *id); | ||
351 | int der_length_asn1_identifier(const ltc_asn1_list *id, unsigned long *idlen); | ||
352 | |||
353 | int der_encode_asn1_length(unsigned long len, unsigned char* out, unsigned long* outlen); | ||
354 | int der_decode_asn1_length(const unsigned char *in, unsigned long *inlen, unsigned long *outlen); | ||
355 | int der_length_asn1_length(unsigned long len, unsigned long *outlen); | ||
356 | |||
357 | int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, | ||
358 | unsigned long *outlen, unsigned long *payloadlen); | ||
359 | |||
360 | extern const ltc_asn1_type der_asn1_tag_to_type_map[]; | ||
361 | extern const unsigned long der_asn1_tag_to_type_map_sz; | ||
362 | |||
363 | extern const int der_asn1_type_to_identifier_map[]; | ||
364 | extern const unsigned long der_asn1_type_to_identifier_map_sz; | ||
365 | |||
366 | int der_decode_sequence_multi_ex(const unsigned char *in, unsigned long inlen, unsigned int flags, ...); | ||
367 | |||
368 | int der_teletex_char_encode(int c); | ||
369 | int der_teletex_value_decode(int v); | ||
370 | |||
371 | int der_utf8_valid_char(const wchar_t c); | ||
372 | |||
373 | typedef int (*public_key_decode_cb)(const unsigned char *in, unsigned long inlen, void *ctx); | ||
374 | |||
375 | int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned long inlen, | ||
376 | enum ltc_oid_id algorithm, ltc_asn1_type param_type, | ||
377 | ltc_asn1_list* parameters, unsigned long *parameters_len, | ||
378 | public_key_decode_cb callback, void *ctx); | ||
379 | |||
380 | /* SUBJECT PUBLIC KEY INFO */ | ||
381 | int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, | ||
382 | unsigned int algorithm, const void* public_key, unsigned long public_key_len, | ||
383 | ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len); | ||
384 | |||
385 | int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen, | ||
386 | unsigned int algorithm, void* public_key, unsigned long* public_key_len, | ||
387 | ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len); | ||
388 | |||
389 | int pk_oid_cmp_with_ulong(const char *o1, const unsigned long *o2, unsigned long o2size); | ||
390 | int pk_oid_cmp_with_asn1(const char *o1, const ltc_asn1_list *o2); | ||
391 | |||
392 | #endif /* LTC_DER */ | ||
393 | |||
394 | /* tomcrypt_pkcs.h */ | ||
395 | |||
396 | #ifdef LTC_PKCS_8 | ||
397 | |||
398 | int pkcs8_decode_flexi(const unsigned char *in, unsigned long inlen, | ||
399 | const void *pwd, unsigned long pwdlen, | ||
400 | ltc_asn1_list **decoded_list); | ||
401 | |||
402 | #endif /* LTC_PKCS_8 */ | ||
403 | |||
404 | |||
405 | #ifdef LTC_PKCS_12 | ||
406 | |||
407 | int pkcs12_utf8_to_utf16(const unsigned char *in, unsigned long inlen, | ||
408 | unsigned char *out, unsigned long *outlen); | ||
409 | |||
410 | int pkcs12_kdf( int hash_id, | ||
411 | const unsigned char *pw, unsigned long pwlen, | ||
412 | const unsigned char *salt, unsigned long saltlen, | ||
413 | unsigned int iterations, unsigned char purpose, | ||
414 | unsigned char *out, unsigned long outlen); | ||
415 | |||
416 | #endif /* LTC_PKCS_12 */ | ||
417 | |||
418 | /* tomcrypt_prng.h */ | ||
419 | |||
420 | #define LTC_PRNG_EXPORT(which) \ | ||
421 | int which ## _export(unsigned char *out, unsigned long *outlen, prng_state *prng) \ | ||
422 | { \ | ||
423 | unsigned long len = which ## _desc.export_size; \ | ||
424 | \ | ||
425 | LTC_ARGCHK(prng != NULL); \ | ||
426 | LTC_ARGCHK(out != NULL); \ | ||
427 | LTC_ARGCHK(outlen != NULL); \ | ||
428 | \ | ||
429 | if (*outlen < len) { \ | ||
430 | *outlen = len; \ | ||
431 | return CRYPT_BUFFER_OVERFLOW; \ | ||
432 | } \ | ||
433 | \ | ||
434 | if (which ## _read(out, len, prng) != len) { \ | ||
435 | return CRYPT_ERROR_READPRNG; \ | ||
436 | } \ | ||
437 | \ | ||
438 | *outlen = len; \ | ||
439 | return CRYPT_OK; \ | ||
440 | } | ||
441 | |||
442 | /* extract a byte portably */ | ||
443 | #ifdef _MSC_VER | ||
444 | #define LTC_BYTE(x, n) ((unsigned char)((x) >> (8 * (n)))) | ||
445 | #else | ||
446 | #define LTC_BYTE(x, n) (((x) >> (8 * (n))) & 255) | ||
447 | #endif | ||
diff --git a/utils/tomcrypt/src/headers/tomcrypt_prng.h b/utils/tomcrypt/src/headers/tomcrypt_prng.h new file mode 100644 index 0000000000..1fa164382f --- /dev/null +++ b/utils/tomcrypt/src/headers/tomcrypt_prng.h | |||
@@ -0,0 +1,232 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | /* ---- PRNG Stuff ---- */ | ||
11 | #ifdef LTC_YARROW | ||
12 | struct yarrow_prng { | ||
13 | int cipher, hash; | ||
14 | unsigned char pool[MAXBLOCKSIZE]; | ||
15 | symmetric_CTR ctr; | ||
16 | }; | ||
17 | #endif | ||
18 | |||
19 | #ifdef LTC_RC4 | ||
20 | struct rc4_prng { | ||
21 | rc4_state s; | ||
22 | }; | ||
23 | #endif | ||
24 | |||
25 | #ifdef LTC_CHACHA20_PRNG | ||
26 | struct chacha20_prng { | ||
27 | chacha_state s; /* chacha state */ | ||
28 | unsigned char ent[40]; /* entropy buffer */ | ||
29 | unsigned long idx; /* entropy counter */ | ||
30 | }; | ||
31 | #endif | ||
32 | |||
33 | #ifdef LTC_FORTUNA | ||
34 | struct fortuna_prng { | ||
35 | hash_state pool[LTC_FORTUNA_POOLS]; /* the pools */ | ||
36 | |||
37 | symmetric_key skey; | ||
38 | |||
39 | unsigned char K[32], /* the current key */ | ||
40 | IV[16]; /* IV for CTR mode */ | ||
41 | |||
42 | unsigned long pool_idx, /* current pool we will add to */ | ||
43 | pool0_len, /* length of 0'th pool */ | ||
44 | wd; | ||
45 | |||
46 | ulong64 reset_cnt; /* number of times we have reset */ | ||
47 | }; | ||
48 | #endif | ||
49 | |||
50 | #ifdef LTC_SOBER128 | ||
51 | struct sober128_prng { | ||
52 | sober128_state s; /* sober128 state */ | ||
53 | unsigned char ent[40]; /* entropy buffer */ | ||
54 | unsigned long idx; /* entropy counter */ | ||
55 | }; | ||
56 | #endif | ||
57 | |||
58 | typedef struct { | ||
59 | union { | ||
60 | char dummy[1]; | ||
61 | #ifdef LTC_YARROW | ||
62 | struct yarrow_prng yarrow; | ||
63 | #endif | ||
64 | #ifdef LTC_RC4 | ||
65 | struct rc4_prng rc4; | ||
66 | #endif | ||
67 | #ifdef LTC_CHACHA20_PRNG | ||
68 | struct chacha20_prng chacha; | ||
69 | #endif | ||
70 | #ifdef LTC_FORTUNA | ||
71 | struct fortuna_prng fortuna; | ||
72 | #endif | ||
73 | #ifdef LTC_SOBER128 | ||
74 | struct sober128_prng sober128; | ||
75 | #endif | ||
76 | }; | ||
77 | short ready; /* ready flag 0-1 */ | ||
78 | LTC_MUTEX_TYPE(lock) /* lock */ | ||
79 | } prng_state; | ||
80 | |||
81 | /** PRNG descriptor */ | ||
82 | extern struct ltc_prng_descriptor { | ||
83 | /** Name of the PRNG */ | ||
84 | const char *name; | ||
85 | /** size in bytes of exported state */ | ||
86 | int export_size; | ||
87 | /** Start a PRNG state | ||
88 | @param prng [out] The state to initialize | ||
89 | @return CRYPT_OK if successful | ||
90 | */ | ||
91 | int (*start)(prng_state *prng); | ||
92 | /** Add entropy to the PRNG | ||
93 | @param in The entropy | ||
94 | @param inlen Length of the entropy (octets)\ | ||
95 | @param prng The PRNG state | ||
96 | @return CRYPT_OK if successful | ||
97 | */ | ||
98 | int (*add_entropy)(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
99 | /** Ready a PRNG state to read from | ||
100 | @param prng The PRNG state to ready | ||
101 | @return CRYPT_OK if successful | ||
102 | */ | ||
103 | int (*ready)(prng_state *prng); | ||
104 | /** Read from the PRNG | ||
105 | @param out [out] Where to store the data | ||
106 | @param outlen Length of data desired (octets) | ||
107 | @param prng The PRNG state to read from | ||
108 | @return Number of octets read | ||
109 | */ | ||
110 | unsigned long (*read)(unsigned char *out, unsigned long outlen, prng_state *prng); | ||
111 | /** Terminate a PRNG state | ||
112 | @param prng The PRNG state to terminate | ||
113 | @return CRYPT_OK if successful | ||
114 | */ | ||
115 | int (*done)(prng_state *prng); | ||
116 | /** Export a PRNG state | ||
117 | @param out [out] The destination for the state | ||
118 | @param outlen [in/out] The max size and resulting size of the PRNG state | ||
119 | @param prng The PRNG to export | ||
120 | @return CRYPT_OK if successful | ||
121 | */ | ||
122 | int (*pexport)(unsigned char *out, unsigned long *outlen, prng_state *prng); | ||
123 | /** Import a PRNG state | ||
124 | @param in The data to import | ||
125 | @param inlen The length of the data to import (octets) | ||
126 | @param prng The PRNG to initialize/import | ||
127 | @return CRYPT_OK if successful | ||
128 | */ | ||
129 | int (*pimport)(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
130 | /** Self-test the PRNG | ||
131 | @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled | ||
132 | */ | ||
133 | int (*test)(void); | ||
134 | } prng_descriptor[]; | ||
135 | |||
136 | #ifdef LTC_YARROW | ||
137 | int yarrow_start(prng_state *prng); | ||
138 | int yarrow_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
139 | int yarrow_ready(prng_state *prng); | ||
140 | unsigned long yarrow_read(unsigned char *out, unsigned long outlen, prng_state *prng); | ||
141 | int yarrow_done(prng_state *prng); | ||
142 | int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng); | ||
143 | int yarrow_import(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
144 | int yarrow_test(void); | ||
145 | extern const struct ltc_prng_descriptor yarrow_desc; | ||
146 | #endif | ||
147 | |||
148 | #ifdef LTC_FORTUNA | ||
149 | int fortuna_start(prng_state *prng); | ||
150 | int fortuna_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
151 | int fortuna_ready(prng_state *prng); | ||
152 | unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state *prng); | ||
153 | int fortuna_done(prng_state *prng); | ||
154 | int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng); | ||
155 | int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
156 | int fortuna_test(void); | ||
157 | extern const struct ltc_prng_descriptor fortuna_desc; | ||
158 | #endif | ||
159 | |||
160 | #ifdef LTC_RC4 | ||
161 | int rc4_start(prng_state *prng); | ||
162 | int rc4_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
163 | int rc4_ready(prng_state *prng); | ||
164 | unsigned long rc4_read(unsigned char *out, unsigned long outlen, prng_state *prng); | ||
165 | int rc4_done(prng_state *prng); | ||
166 | int rc4_export(unsigned char *out, unsigned long *outlen, prng_state *prng); | ||
167 | int rc4_import(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
168 | int rc4_test(void); | ||
169 | extern const struct ltc_prng_descriptor rc4_desc; | ||
170 | #endif | ||
171 | |||
172 | #ifdef LTC_CHACHA20_PRNG | ||
173 | int chacha20_prng_start(prng_state *prng); | ||
174 | int chacha20_prng_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
175 | int chacha20_prng_ready(prng_state *prng); | ||
176 | unsigned long chacha20_prng_read(unsigned char *out, unsigned long outlen, prng_state *prng); | ||
177 | int chacha20_prng_done(prng_state *prng); | ||
178 | int chacha20_prng_export(unsigned char *out, unsigned long *outlen, prng_state *prng); | ||
179 | int chacha20_prng_import(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
180 | int chacha20_prng_test(void); | ||
181 | extern const struct ltc_prng_descriptor chacha20_prng_desc; | ||
182 | #endif | ||
183 | |||
184 | #ifdef LTC_SPRNG | ||
185 | int sprng_start(prng_state *prng); | ||
186 | int sprng_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
187 | int sprng_ready(prng_state *prng); | ||
188 | unsigned long sprng_read(unsigned char *out, unsigned long outlen, prng_state *prng); | ||
189 | int sprng_done(prng_state *prng); | ||
190 | int sprng_export(unsigned char *out, unsigned long *outlen, prng_state *prng); | ||
191 | int sprng_import(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
192 | int sprng_test(void); | ||
193 | extern const struct ltc_prng_descriptor sprng_desc; | ||
194 | #endif | ||
195 | |||
196 | #ifdef LTC_SOBER128 | ||
197 | int sober128_start(prng_state *prng); | ||
198 | int sober128_add_entropy(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
199 | int sober128_ready(prng_state *prng); | ||
200 | unsigned long sober128_read(unsigned char *out, unsigned long outlen, prng_state *prng); | ||
201 | int sober128_done(prng_state *prng); | ||
202 | int sober128_export(unsigned char *out, unsigned long *outlen, prng_state *prng); | ||
203 | int sober128_import(const unsigned char *in, unsigned long inlen, prng_state *prng); | ||
204 | int sober128_test(void); | ||
205 | extern const struct ltc_prng_descriptor sober128_desc; | ||
206 | #endif | ||
207 | |||
208 | int find_prng(const char *name); | ||
209 | int register_prng(const struct ltc_prng_descriptor *prng); | ||
210 | int unregister_prng(const struct ltc_prng_descriptor *prng); | ||
211 | int register_all_prngs(void); | ||
212 | int prng_is_valid(int idx); | ||
213 | LTC_MUTEX_PROTO(ltc_prng_mutex) | ||
214 | |||
215 | /* Slow RNG you **might** be able to use to seed a PRNG with. Be careful as this | ||
216 | * might not work on all platforms as planned | ||
217 | */ | ||
218 | unsigned long rng_get_bytes(unsigned char *out, | ||
219 | unsigned long outlen, | ||
220 | void (*callback)(void)); | ||
221 | |||
222 | int rng_make_prng(int bits, int wprng, prng_state *prng, void (*callback)(void)); | ||
223 | |||
224 | #ifdef LTC_PRNG_ENABLE_LTC_RNG | ||
225 | extern unsigned long (*ltc_rng)(unsigned char *out, unsigned long outlen, | ||
226 | void (*callback)(void)); | ||
227 | #endif | ||
228 | |||
229 | |||
230 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
231 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
232 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/misc/compare_testvector.c b/utils/tomcrypt/src/misc/compare_testvector.c new file mode 100644 index 0000000000..67fe1c1f9a --- /dev/null +++ b/utils/tomcrypt/src/misc/compare_testvector.c | |||
@@ -0,0 +1,87 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | |||
10 | #include "tomcrypt.h" | ||
11 | |||
12 | /** | ||
13 | @file compare_testvector.c | ||
14 | Function to compare two testvectors and print a (detailed) error-message if required, Steffen Jaeckel | ||
15 | */ | ||
16 | |||
17 | #if defined(LTC_TEST) && defined(LTC_TEST_DBG) | ||
18 | static void _print_hex(const char* what, const void* v, const unsigned long l) | ||
19 | { | ||
20 | const unsigned char* p = v; | ||
21 | unsigned long x, y = 0, z; | ||
22 | fprintf(stderr, "%s contents: \n", what); | ||
23 | for (x = 0; x < l; ) { | ||
24 | fprintf(stderr, "%02X ", p[x]); | ||
25 | if (!(++x % 16) || x == l) { | ||
26 | if((x % 16) != 0) { | ||
27 | z = 16 - (x % 16); | ||
28 | if(z >= 8) | ||
29 | fprintf(stderr, " "); | ||
30 | for (; z != 0; --z) { | ||
31 | fprintf(stderr, " "); | ||
32 | } | ||
33 | } | ||
34 | fprintf(stderr, " | "); | ||
35 | for(; y < x; y++) { | ||
36 | if((y % 8) == 0) | ||
37 | fprintf(stderr, " "); | ||
38 | if(isgraph(p[y])) | ||
39 | fprintf(stderr, "%c", p[y]); | ||
40 | else | ||
41 | fprintf(stderr, "."); | ||
42 | } | ||
43 | fprintf(stderr, "\n"); | ||
44 | } | ||
45 | else if((x % 8) == 0) { | ||
46 | fprintf(stderr, " "); | ||
47 | } | ||
48 | } | ||
49 | } | ||
50 | #endif | ||
51 | |||
52 | /** | ||
53 | Compare two test-vectors | ||
54 | |||
55 | @param is The data as it is | ||
56 | @param is_len The length of is | ||
57 | @param should The data as it should | ||
58 | @param should_len The length of should | ||
59 | @param what The type of the data | ||
60 | @param which The iteration count | ||
61 | @return 0 on equality, -1 or 1 on difference | ||
62 | */ | ||
63 | int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which) | ||
64 | { | ||
65 | int res = 0; | ||
66 | if(is_len != should_len) | ||
67 | res = is_len > should_len ? -1 : 1; | ||
68 | else | ||
69 | res = XMEMCMP(is, should, is_len); | ||
70 | |||
71 | #if defined(LTC_TEST) && defined(LTC_TEST_DBG) | ||
72 | if (res != 0) { | ||
73 | fprintf(stderr, "Testvector #%i of %s failed:\n", which, what); | ||
74 | _print_hex("SHOULD", should, should_len); | ||
75 | _print_hex("IS ", is, is_len); | ||
76 | } | ||
77 | #else | ||
78 | LTC_UNUSED_PARAM(which); | ||
79 | LTC_UNUSED_PARAM(what); | ||
80 | #endif | ||
81 | |||
82 | return res; | ||
83 | } | ||
84 | |||
85 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
86 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
87 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/misc/crypt/crypt_argchk.c b/utils/tomcrypt/src/misc/crypt/crypt_argchk.c new file mode 100644 index 0000000000..a93962420e --- /dev/null +++ b/utils/tomcrypt/src/misc/crypt/crypt_argchk.c | |||
@@ -0,0 +1,27 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file crypt_argchk.c | ||
13 | Perform argument checking, Tom St Denis | ||
14 | */ | ||
15 | |||
16 | #if (ARGTYPE == 0) | ||
17 | void crypt_argchk(const char *v, const char *s, int d) | ||
18 | { | ||
19 | fprintf(stderr, "LTC_ARGCHK '%s' failure on line %d of file %s\n", | ||
20 | v, d, s); | ||
21 | abort(); | ||
22 | } | ||
23 | #endif | ||
24 | |||
25 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
26 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
27 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/misc/crypt/crypt_cipher_descriptor.c b/utils/tomcrypt/src/misc/crypt/crypt_cipher_descriptor.c new file mode 100644 index 0000000000..a9de9d6785 --- /dev/null +++ b/utils/tomcrypt/src/misc/crypt/crypt_cipher_descriptor.c | |||
@@ -0,0 +1,25 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file crypt_cipher_descriptor.c | ||
13 | Stores the cipher descriptor table, Tom St Denis | ||
14 | */ | ||
15 | |||
16 | struct ltc_cipher_descriptor cipher_descriptor[TAB_SIZE] = { | ||
17 | { NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL } | ||
18 | }; | ||
19 | |||
20 | LTC_MUTEX_GLOBAL(ltc_cipher_mutex) | ||
21 | |||
22 | |||
23 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
24 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
25 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/misc/crypt/crypt_cipher_is_valid.c b/utils/tomcrypt/src/misc/crypt/crypt_cipher_is_valid.c new file mode 100644 index 0000000000..2ba32bf5e8 --- /dev/null +++ b/utils/tomcrypt/src/misc/crypt/crypt_cipher_is_valid.c | |||
@@ -0,0 +1,34 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file crypt_cipher_is_valid.c | ||
13 | Determine if cipher is valid, Tom St Denis | ||
14 | */ | ||
15 | |||
16 | /* | ||
17 | Test if a cipher index is valid | ||
18 | @param idx The index of the cipher to search for | ||
19 | @return CRYPT_OK if valid | ||
20 | */ | ||
21 | int cipher_is_valid(int idx) | ||
22 | { | ||
23 | LTC_MUTEX_LOCK(<c_cipher_mutex); | ||
24 | if (idx < 0 || idx >= TAB_SIZE || cipher_descriptor[idx].name == NULL) { | ||
25 | LTC_MUTEX_UNLOCK(<c_cipher_mutex); | ||
26 | return CRYPT_INVALID_CIPHER; | ||
27 | } | ||
28 | LTC_MUTEX_UNLOCK(<c_cipher_mutex); | ||
29 | return CRYPT_OK; | ||
30 | } | ||
31 | |||
32 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
33 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
34 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/misc/crypt/crypt_register_cipher.c b/utils/tomcrypt/src/misc/crypt/crypt_register_cipher.c new file mode 100644 index 0000000000..59fc042d89 --- /dev/null +++ b/utils/tomcrypt/src/misc/crypt/crypt_register_cipher.c | |||
@@ -0,0 +1,52 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file crypt_register_cipher.c | ||
13 | Register a cipher, Tom St Denis | ||
14 | */ | ||
15 | |||
16 | /** | ||
17 | Register a cipher with the descriptor table | ||
18 | @param cipher The cipher you wish to register | ||
19 | @return value >= 0 if successfully added (or already present), -1 if unsuccessful | ||
20 | */ | ||
21 | int register_cipher(const struct ltc_cipher_descriptor *cipher) | ||
22 | { | ||
23 | int x; | ||
24 | |||
25 | LTC_ARGCHK(cipher != NULL); | ||
26 | |||
27 | /* is it already registered? */ | ||
28 | LTC_MUTEX_LOCK(<c_cipher_mutex); | ||
29 | for (x = 0; x < TAB_SIZE; x++) { | ||
30 | if (cipher_descriptor[x].name != NULL && cipher_descriptor[x].ID == cipher->ID) { | ||
31 | LTC_MUTEX_UNLOCK(<c_cipher_mutex); | ||
32 | return x; | ||
33 | } | ||
34 | } | ||
35 | |||
36 | /* find a blank spot */ | ||
37 | for (x = 0; x < TAB_SIZE; x++) { | ||
38 | if (cipher_descriptor[x].name == NULL) { | ||
39 | XMEMCPY(&cipher_descriptor[x], cipher, sizeof(struct ltc_cipher_descriptor)); | ||
40 | LTC_MUTEX_UNLOCK(<c_cipher_mutex); | ||
41 | return x; | ||
42 | } | ||
43 | } | ||
44 | |||
45 | /* no spot */ | ||
46 | LTC_MUTEX_UNLOCK(<c_cipher_mutex); | ||
47 | return -1; | ||
48 | } | ||
49 | |||
50 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
51 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
52 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/misc/zeromem.c b/utils/tomcrypt/src/misc/zeromem.c new file mode 100644 index 0000000000..dc81d9b1e2 --- /dev/null +++ b/utils/tomcrypt/src/misc/zeromem.c | |||
@@ -0,0 +1,32 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file zeromem.c | ||
13 | Zero a block of memory, Tom St Denis | ||
14 | */ | ||
15 | |||
16 | /** | ||
17 | Zero a block of memory | ||
18 | @param out The destination of the area to zero | ||
19 | @param outlen The length of the area to zero (octets) | ||
20 | */ | ||
21 | void zeromem(volatile void *out, size_t outlen) | ||
22 | { | ||
23 | volatile char *mem = out; | ||
24 | LTC_ARGCHKVD(out != NULL); | ||
25 | while (outlen-- > 0) { | ||
26 | *mem++ = '\0'; | ||
27 | } | ||
28 | } | ||
29 | |||
30 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
31 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
32 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/modes/cbc/cbc_decrypt.c b/utils/tomcrypt/src/modes/cbc/cbc_decrypt.c new file mode 100644 index 0000000000..685aff80b0 --- /dev/null +++ b/utils/tomcrypt/src/modes/cbc/cbc_decrypt.c | |||
@@ -0,0 +1,95 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file cbc_decrypt.c | ||
13 | CBC implementation, encrypt block, Tom St Denis | ||
14 | */ | ||
15 | |||
16 | |||
17 | #ifdef LTC_CBC_MODE | ||
18 | |||
19 | /** | ||
20 | CBC decrypt | ||
21 | @param ct Ciphertext | ||
22 | @param pt [out] Plaintext | ||
23 | @param len The number of bytes to process (must be multiple of block length) | ||
24 | @param cbc CBC state | ||
25 | @return CRYPT_OK if successful | ||
26 | */ | ||
27 | int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CBC *cbc) | ||
28 | { | ||
29 | int x, err; | ||
30 | unsigned char tmp[16]; | ||
31 | #ifdef LTC_FAST | ||
32 | LTC_FAST_TYPE tmpy; | ||
33 | #else | ||
34 | unsigned char tmpy; | ||
35 | #endif | ||
36 | |||
37 | LTC_ARGCHK(pt != NULL); | ||
38 | LTC_ARGCHK(ct != NULL); | ||
39 | LTC_ARGCHK(cbc != NULL); | ||
40 | |||
41 | if ((err = cipher_is_valid(cbc->cipher)) != CRYPT_OK) { | ||
42 | return err; | ||
43 | } | ||
44 | |||
45 | /* is blocklen valid? */ | ||
46 | if (cbc->blocklen < 1 || cbc->blocklen > (int)sizeof(cbc->IV) || cbc->blocklen > (int)sizeof(tmp)) { | ||
47 | return CRYPT_INVALID_ARG; | ||
48 | } | ||
49 | |||
50 | if (len % cbc->blocklen) { | ||
51 | return CRYPT_INVALID_ARG; | ||
52 | } | ||
53 | #ifdef LTC_FAST | ||
54 | if (cbc->blocklen % sizeof(LTC_FAST_TYPE)) { | ||
55 | return CRYPT_INVALID_ARG; | ||
56 | } | ||
57 | #endif | ||
58 | |||
59 | if (cipher_descriptor[cbc->cipher].accel_cbc_decrypt != NULL) { | ||
60 | return cipher_descriptor[cbc->cipher].accel_cbc_decrypt(ct, pt, len / cbc->blocklen, cbc->IV, &cbc->key); | ||
61 | } else { | ||
62 | while (len) { | ||
63 | /* decrypt */ | ||
64 | if ((err = cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key)) != CRYPT_OK) { | ||
65 | return err; | ||
66 | } | ||
67 | |||
68 | /* xor IV against plaintext */ | ||
69 | #if defined(LTC_FAST) | ||
70 | for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) { | ||
71 | tmpy = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^ *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)tmp + x)); | ||
72 | *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)); | ||
73 | *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) = tmpy; | ||
74 | } | ||
75 | #else | ||
76 | for (x = 0; x < cbc->blocklen; x++) { | ||
77 | tmpy = tmp[x] ^ cbc->IV[x]; | ||
78 | cbc->IV[x] = ct[x]; | ||
79 | pt[x] = tmpy; | ||
80 | } | ||
81 | #endif | ||
82 | |||
83 | ct += cbc->blocklen; | ||
84 | pt += cbc->blocklen; | ||
85 | len -= cbc->blocklen; | ||
86 | } | ||
87 | } | ||
88 | return CRYPT_OK; | ||
89 | } | ||
90 | |||
91 | #endif | ||
92 | |||
93 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
94 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
95 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/modes/cbc/cbc_encrypt.c b/utils/tomcrypt/src/modes/cbc/cbc_encrypt.c new file mode 100644 index 0000000000..52f339de14 --- /dev/null +++ b/utils/tomcrypt/src/modes/cbc/cbc_encrypt.c | |||
@@ -0,0 +1,96 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file cbc_encrypt.c | ||
13 | CBC implementation, encrypt block, Tom St Denis | ||
14 | */ | ||
15 | |||
16 | |||
17 | #ifdef LTC_CBC_MODE | ||
18 | |||
19 | /** | ||
20 | CBC encrypt | ||
21 | @param pt Plaintext | ||
22 | @param ct [out] Ciphertext | ||
23 | @param len The number of bytes to process (must be multiple of block length) | ||
24 | @param cbc CBC state | ||
25 | @return CRYPT_OK if successful | ||
26 | */ | ||
27 | int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CBC *cbc) | ||
28 | { | ||
29 | int x, err; | ||
30 | |||
31 | LTC_ARGCHK(pt != NULL); | ||
32 | LTC_ARGCHK(ct != NULL); | ||
33 | LTC_ARGCHK(cbc != NULL); | ||
34 | |||
35 | if ((err = cipher_is_valid(cbc->cipher)) != CRYPT_OK) { | ||
36 | return err; | ||
37 | } | ||
38 | |||
39 | /* is blocklen valid? */ | ||
40 | if (cbc->blocklen < 1 || cbc->blocklen > (int)sizeof(cbc->IV)) { | ||
41 | return CRYPT_INVALID_ARG; | ||
42 | } | ||
43 | |||
44 | if (len % cbc->blocklen) { | ||
45 | return CRYPT_INVALID_ARG; | ||
46 | } | ||
47 | #ifdef LTC_FAST | ||
48 | if (cbc->blocklen % sizeof(LTC_FAST_TYPE)) { | ||
49 | return CRYPT_INVALID_ARG; | ||
50 | } | ||
51 | #endif | ||
52 | |||
53 | if (cipher_descriptor[cbc->cipher].accel_cbc_encrypt != NULL) { | ||
54 | return cipher_descriptor[cbc->cipher].accel_cbc_encrypt(pt, ct, len / cbc->blocklen, cbc->IV, &cbc->key); | ||
55 | } else { | ||
56 | while (len) { | ||
57 | /* xor IV against plaintext */ | ||
58 | #if defined(LTC_FAST) | ||
59 | for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) { | ||
60 | *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) ^= *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)); | ||
61 | } | ||
62 | #else | ||
63 | for (x = 0; x < cbc->blocklen; x++) { | ||
64 | cbc->IV[x] ^= pt[x]; | ||
65 | } | ||
66 | #endif | ||
67 | |||
68 | /* encrypt */ | ||
69 | if ((err = cipher_descriptor[cbc->cipher].ecb_encrypt(cbc->IV, ct, &cbc->key)) != CRYPT_OK) { | ||
70 | return err; | ||
71 | } | ||
72 | |||
73 | /* store IV [ciphertext] for a future block */ | ||
74 | #if defined(LTC_FAST) | ||
75 | for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) { | ||
76 | *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)cbc->IV + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)); | ||
77 | } | ||
78 | #else | ||
79 | for (x = 0; x < cbc->blocklen; x++) { | ||
80 | cbc->IV[x] = ct[x]; | ||
81 | } | ||
82 | #endif | ||
83 | |||
84 | ct += cbc->blocklen; | ||
85 | pt += cbc->blocklen; | ||
86 | len -= cbc->blocklen; | ||
87 | } | ||
88 | } | ||
89 | return CRYPT_OK; | ||
90 | } | ||
91 | |||
92 | #endif | ||
93 | |||
94 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
95 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
96 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||
diff --git a/utils/tomcrypt/src/modes/cbc/cbc_start.c b/utils/tomcrypt/src/modes/cbc/cbc_start.c new file mode 100644 index 0000000000..08483e2b8f --- /dev/null +++ b/utils/tomcrypt/src/modes/cbc/cbc_start.c | |||
@@ -0,0 +1,60 @@ | |||
1 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | ||
2 | * | ||
3 | * LibTomCrypt is a library that provides various cryptographic | ||
4 | * algorithms in a highly modular and flexible manner. | ||
5 | * | ||
6 | * The library is free for all purposes without any express | ||
7 | * guarantee it works. | ||
8 | */ | ||
9 | #include "tomcrypt.h" | ||
10 | |||
11 | /** | ||
12 | @file cbc_start.c | ||
13 | CBC implementation, start chain, Tom St Denis | ||
14 | */ | ||
15 | |||
16 | #ifdef LTC_CBC_MODE | ||
17 | |||
18 | /** | ||
19 | Initialize a CBC context | ||
20 | @param cipher The index of the cipher desired | ||
21 | @param IV The initialization vector | ||
22 | @param key The secret key | ||
23 | @param keylen The length of the secret key (octets) | ||
24 | @param num_rounds Number of rounds in the cipher desired (0 for default) | ||
25 | @param cbc The CBC state to initialize | ||
26 | @return CRYPT_OK if successful | ||
27 | */ | ||
28 | int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key, | ||
29 | int keylen, int num_rounds, symmetric_CBC *cbc) | ||
30 | { | ||
31 | int x, err; | ||
32 | |||
33 | LTC_ARGCHK(IV != NULL); | ||
34 | LTC_ARGCHK(key != NULL); | ||
35 | LTC_ARGCHK(cbc != NULL); | ||
36 | |||
37 | /* bad param? */ | ||
38 | if ((err = cipher_is_valid(cipher)) != CRYPT_OK) { | ||
39 | return err; | ||
40 | } | ||
41 | |||
42 | /* setup cipher */ | ||
43 | if ((err = cipher_descriptor[cipher].setup(key, keylen, num_rounds, &cbc->key)) != CRYPT_OK) { | ||
44 | return err; | ||
45 | } | ||
46 | |||
47 | /* copy IV */ | ||
48 | cbc->blocklen = cipher_descriptor[cipher].block_length; | ||
49 | cbc->cipher = cipher; | ||
50 | for (x = 0; x < cbc->blocklen; x++) { | ||
51 | cbc->IV[x] = IV[x]; | ||
52 | } | ||
53 | return CRYPT_OK; | ||
54 | } | ||
55 | |||
56 | #endif | ||
57 | |||
58 | /* ref: HEAD -> master, tag: v1.18.2 */ | ||
59 | /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ | ||
60 | /* commit time: 2018-07-01 22:49:01 +0200 */ | ||