1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 */
9 #include "tomcrypt.h"
10
11 /**
12 @file f8_start.c
13 F8 implementation, start chain, Tom St Denis
14 */
15
16
17 #ifdef LTC_F8_MODE
18
19 /**
20 Initialize an F8 context
21 @param cipher The index of the cipher desired
22 @param IV The initialization vector
23 @param key The secret key
24 @param keylen The length of the secret key (octets)
25 @param salt_key The salting key for the IV
26 @param skeylen The length of the salting key (octets)
27 @param num_rounds Number of rounds in the cipher desired (0 for default)
28 @param f8 The F8 state to initialize
29 @return CRYPT_OK if successful
30 */
f8_start(int cipher,const unsigned char * IV,const unsigned char * key,int keylen,const unsigned char * salt_key,int skeylen,int num_rounds,symmetric_F8 * f8)31 int f8_start( int cipher, const unsigned char *IV,
32 const unsigned char *key, int keylen,
33 const unsigned char *salt_key, int skeylen,
34 int num_rounds, symmetric_F8 *f8)
35 {
36 int x, err;
37 unsigned char tkey[MAXBLOCKSIZE];
38
39 LTC_ARGCHK(IV != NULL);
40 LTC_ARGCHK(key != NULL);
41 LTC_ARGCHK(salt_key != NULL);
42 LTC_ARGCHK(f8 != NULL);
43
44 if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
45 return err;
46 }
47
48 #ifdef LTC_FAST
49 if (cipher_descriptor[cipher].block_length % sizeof(LTC_FAST_TYPE)) {
50 return CRYPT_INVALID_ARG;
51 }
52 #endif
53
54 /* copy details */
55 f8->blockcnt = 0;
56 f8->cipher = cipher;
57 f8->blocklen = cipher_descriptor[cipher].block_length;
58 f8->padlen = f8->blocklen;
59
60 /* now get key ^ salt_key [extend salt_ket with 0x55 as required to match length] */
61 zeromem(tkey, sizeof(tkey));
62 for (x = 0; x < keylen && x < (int)sizeof(tkey); x++) {
63 tkey[x] = key[x];
64 }
65 for (x = 0; x < skeylen && x < (int)sizeof(tkey); x++) {
66 tkey[x] ^= salt_key[x];
67 }
68 for (; x < keylen && x < (int)sizeof(tkey); x++) {
69 tkey[x] ^= 0x55;
70 }
71
72 /* now encrypt with tkey[0..keylen-1] the IV and use that as the IV */
73 if ((err = cipher_descriptor[cipher].setup(tkey, keylen, num_rounds, &f8->key)) != CRYPT_OK) {
74 return err;
75 }
76
77 /* encrypt IV */
78 if ((err = cipher_descriptor[f8->cipher].ecb_encrypt(IV, f8->MIV, &f8->key)) != CRYPT_OK) {
79 cipher_descriptor[f8->cipher].done(&f8->key);
80 return err;
81 }
82 zeromem(tkey, sizeof(tkey));
83 zeromem(f8->IV, sizeof(f8->IV));
84
85 /* terminate this cipher */
86 cipher_descriptor[f8->cipher].done(&f8->key);
87
88 /* init the cipher */
89 return cipher_descriptor[cipher].setup(key, keylen, num_rounds, &f8->key);
90 }
91
92 #endif
93
94 /* ref: HEAD -> master, tag: v1.18.2 */
95 /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
96 /* commit time: 2018-07-01 22:49:01 +0200 */
97