1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis 2 * 3 * LibTomCrypt is a library that provides various cryptographic 4 * algorithms in a highly modular and flexible manner. 5 * 6 * The library is free for all purposes without any express 7 * guarantee it works. 8 */ 9 10 /* ---- SYMMETRIC KEY STUFF ----- 11 * 12 * We put each of the ciphers scheduled keys in their own structs then we put all of 13 * the key formats in one union. This makes the function prototypes easier to use. 14 */ 15 #ifdef LTC_BLOWFISH 16 struct blowfish_key { 17 ulong32 S[4][256]; 18 ulong32 K[18]; 19 }; 20 #endif 21 22 #ifdef LTC_RC5 23 struct rc5_key { 24 int rounds; 25 ulong32 K[50]; 26 }; 27 #endif 28 29 #ifdef LTC_RC6 30 struct rc6_key { 31 ulong32 K[44]; 32 }; 33 #endif 34 35 #ifdef LTC_SAFERP 36 struct saferp_key { 37 unsigned char K[33][16]; 38 long rounds; 39 }; 40 #endif 41 42 #ifdef LTC_RIJNDAEL 43 struct rijndael_key { 44 ulong32 eK[60], dK[60]; 45 int Nr; 46 }; 47 #endif 48 49 #ifdef LTC_KSEED 50 struct kseed_key { 51 ulong32 K[32], dK[32]; 52 }; 53 #endif 54 55 #ifdef LTC_KASUMI 56 struct kasumi_key { 57 ulong32 KLi1[8], KLi2[8], 58 KOi1[8], KOi2[8], KOi3[8], 59 KIi1[8], KIi2[8], KIi3[8]; 60 }; 61 #endif 62 63 #ifdef LTC_XTEA 64 struct xtea_key { 65 unsigned long A[32], B[32]; 66 }; 67 #endif 68 69 #ifdef LTC_TWOFISH 70 #ifndef LTC_TWOFISH_SMALL 71 struct twofish_key { 72 ulong32 S[4][256], K[40]; 73 }; 74 #else 75 struct twofish_key { 76 ulong32 K[40]; 77 unsigned char S[32], start; 78 }; 79 #endif 80 #endif 81 82 #ifdef LTC_SAFER 83 #define LTC_SAFER_K64_DEFAULT_NOF_ROUNDS 6 84 #define LTC_SAFER_K128_DEFAULT_NOF_ROUNDS 10 85 #define LTC_SAFER_SK64_DEFAULT_NOF_ROUNDS 8 86 #define LTC_SAFER_SK128_DEFAULT_NOF_ROUNDS 10 87 #define LTC_SAFER_MAX_NOF_ROUNDS 13 88 #define LTC_SAFER_BLOCK_LEN 8 89 #define LTC_SAFER_KEY_LEN (1 + LTC_SAFER_BLOCK_LEN * (1 + 2 * LTC_SAFER_MAX_NOF_ROUNDS)) 90 typedef unsigned char safer_block_t[LTC_SAFER_BLOCK_LEN]; 91 typedef unsigned char safer_key_t[LTC_SAFER_KEY_LEN]; 92 struct safer_key { safer_key_t key; }; 93 #endif 94 95 #ifdef LTC_RC2 96 struct rc2_key { unsigned xkey[64]; }; 97 #endif 98 99 #ifdef LTC_DES 100 struct des_key { 101 ulong32 ek[32], dk[32]; 102 }; 103 104 struct des3_key { 105 ulong32 ek[3][32], dk[3][32]; 106 }; 107 #endif 108 109 #ifdef LTC_CAST5 110 struct cast5_key { 111 ulong32 K[32], keylen; 112 }; 113 #endif 114 115 #ifdef LTC_NOEKEON 116 struct noekeon_key { 117 ulong32 K[4], dK[4]; 118 }; 119 #endif 120 121 #ifdef LTC_SKIPJACK 122 struct skipjack_key { 123 unsigned char key[10]; 124 }; 125 #endif 126 127 #ifdef LTC_KHAZAD 128 struct khazad_key { 129 ulong64 roundKeyEnc[8 + 1]; 130 ulong64 roundKeyDec[8 + 1]; 131 }; 132 #endif 133 134 #ifdef LTC_ANUBIS 135 struct anubis_key { 136 int keyBits; 137 int R; 138 ulong32 roundKeyEnc[18 + 1][4]; 139 ulong32 roundKeyDec[18 + 1][4]; 140 }; 141 #endif 142 143 #ifdef LTC_MULTI2 144 struct multi2_key { 145 int N; 146 ulong32 uk[8]; 147 }; 148 #endif 149 150 #ifdef LTC_CAMELLIA 151 struct camellia_key { 152 int R; 153 ulong64 kw[4], k[24], kl[6]; 154 }; 155 #endif 156 157 typedef union Symmetric_key { 158 #ifdef LTC_DES 159 struct des_key des; 160 struct des3_key des3; 161 #endif 162 #ifdef LTC_RC2 163 struct rc2_key rc2; 164 #endif 165 #ifdef LTC_SAFER 166 struct safer_key safer; 167 #endif 168 #ifdef LTC_TWOFISH 169 struct twofish_key twofish; 170 #endif 171 #ifdef LTC_BLOWFISH 172 struct blowfish_key blowfish; 173 #endif 174 #ifdef LTC_RC5 175 struct rc5_key rc5; 176 #endif 177 #ifdef LTC_RC6 178 struct rc6_key rc6; 179 #endif 180 #ifdef LTC_SAFERP 181 struct saferp_key saferp; 182 #endif 183 #ifdef LTC_RIJNDAEL 184 struct rijndael_key rijndael; 185 #endif 186 #ifdef LTC_XTEA 187 struct xtea_key xtea; 188 #endif 189 #ifdef LTC_CAST5 190 struct cast5_key cast5; 191 #endif 192 #ifdef LTC_NOEKEON 193 struct noekeon_key noekeon; 194 #endif 195 #ifdef LTC_SKIPJACK 196 struct skipjack_key skipjack; 197 #endif 198 #ifdef LTC_KHAZAD 199 struct khazad_key khazad; 200 #endif 201 #ifdef LTC_ANUBIS 202 struct anubis_key anubis; 203 #endif 204 #ifdef LTC_KSEED 205 struct kseed_key kseed; 206 #endif 207 #ifdef LTC_KASUMI 208 struct kasumi_key kasumi; 209 #endif 210 #ifdef LTC_MULTI2 211 struct multi2_key multi2; 212 #endif 213 #ifdef LTC_CAMELLIA 214 struct camellia_key camellia; 215 #endif 216 void *data; 217 } symmetric_key; 218 219 #ifdef LTC_ECB_MODE 220 /** A block cipher ECB structure */ 221 typedef struct { 222 /** The index of the cipher chosen */ 223 int cipher, 224 /** The block size of the given cipher */ 225 blocklen; 226 /** The scheduled key */ 227 symmetric_key key; 228 } symmetric_ECB; 229 #endif 230 231 #ifdef LTC_CFB_MODE 232 /** A block cipher CFB structure */ 233 typedef struct { 234 /** The index of the cipher chosen */ 235 int cipher, 236 /** The block size of the given cipher */ 237 blocklen, 238 /** The padding offset */ 239 padlen; 240 /** The current IV */ 241 unsigned char IV[MAXBLOCKSIZE], 242 /** The pad used to encrypt/decrypt */ 243 pad[MAXBLOCKSIZE]; 244 /** The scheduled key */ 245 symmetric_key key; 246 } symmetric_CFB; 247 #endif 248 249 #ifdef LTC_OFB_MODE 250 /** A block cipher OFB structure */ 251 typedef struct { 252 /** The index of the cipher chosen */ 253 int cipher, 254 /** The block size of the given cipher */ 255 blocklen, 256 /** The padding offset */ 257 padlen; 258 /** The current IV */ 259 unsigned char IV[MAXBLOCKSIZE]; 260 /** The scheduled key */ 261 symmetric_key key; 262 } symmetric_OFB; 263 #endif 264 265 #ifdef LTC_CBC_MODE 266 /** A block cipher CBC structure */ 267 typedef struct { 268 /** The index of the cipher chosen */ 269 int cipher, 270 /** The block size of the given cipher */ 271 blocklen; 272 /** The current IV */ 273 unsigned char IV[MAXBLOCKSIZE]; 274 /** The scheduled key */ 275 symmetric_key key; 276 } symmetric_CBC; 277 #endif 278 279 280 #ifdef LTC_CTR_MODE 281 /** A block cipher CTR structure */ 282 typedef struct { 283 /** The index of the cipher chosen */ 284 int cipher, 285 /** The block size of the given cipher */ 286 blocklen, 287 /** The padding offset */ 288 padlen, 289 /** The mode (endianess) of the CTR, 0==little, 1==big */ 290 mode, 291 /** counter width */ 292 ctrlen; 293 294 /** The counter */ 295 unsigned char ctr[MAXBLOCKSIZE], 296 /** The pad used to encrypt/decrypt */ 297 pad[MAXBLOCKSIZE]; 298 /** The scheduled key */ 299 symmetric_key key; 300 } symmetric_CTR; 301 #endif 302 303 304 #ifdef LTC_LRW_MODE 305 /** A LRW structure */ 306 typedef struct { 307 /** The index of the cipher chosen (must be a 128-bit block cipher) */ 308 int cipher; 309 310 /** The current IV */ 311 unsigned char IV[16], 312 313 /** the tweak key */ 314 tweak[16], 315 316 /** The current pad, it's the product of the first 15 bytes against the tweak key */ 317 pad[16]; 318 319 /** The scheduled symmetric key */ 320 symmetric_key key; 321 322 #ifdef LTC_LRW_TABLES 323 /** The pre-computed multiplication table */ 324 unsigned char PC[16][256][16]; 325 #endif 326 } symmetric_LRW; 327 #endif 328 329 #ifdef LTC_F8_MODE 330 /** A block cipher F8 structure */ 331 typedef struct { 332 /** The index of the cipher chosen */ 333 int cipher, 334 /** The block size of the given cipher */ 335 blocklen, 336 /** The padding offset */ 337 padlen; 338 /** The current IV */ 339 unsigned char IV[MAXBLOCKSIZE], 340 MIV[MAXBLOCKSIZE]; 341 /** Current block count */ 342 ulong32 blockcnt; 343 /** The scheduled key */ 344 symmetric_key key; 345 } symmetric_F8; 346 #endif 347 348 349 /** cipher descriptor table, last entry has "name == NULL" to mark the end of table */ 350 extern struct ltc_cipher_descriptor { 351 /** name of cipher */ 352 const char *name; 353 /** internal ID */ 354 unsigned char ID; 355 /** min keysize (octets) */ 356 int min_key_length, 357 /** max keysize (octets) */ 358 max_key_length, 359 /** block size (octets) */ 360 block_length, 361 /** default number of rounds */ 362 default_rounds; 363 /** Setup the cipher 364 @param key The input symmetric key 365 @param keylen The length of the input key (octets) 366 @param num_rounds The requested number of rounds (0==default) 367 @param skey [out] The destination of the scheduled key 368 @return CRYPT_OK if successful 369 */ 370 int (*setup)(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 371 /** Encrypt a block 372 @param pt The plaintext 373 @param ct [out] The ciphertext 374 @param skey The scheduled key 375 @return CRYPT_OK if successful 376 */ 377 int (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 378 /** Decrypt a block 379 @param ct The ciphertext 380 @param pt [out] The plaintext 381 @param skey The scheduled key 382 @return CRYPT_OK if successful 383 */ 384 int (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 385 /** Test the block cipher 386 @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled 387 */ 388 int (*test)(void); 389 390 /** Terminate the context 391 @param skey The scheduled key 392 */ 393 void (*done)(symmetric_key *skey); 394 395 /** Determine a key size 396 @param keysize [in/out] The size of the key desired and the suggested size 397 @return CRYPT_OK if successful 398 */ 399 int (*keysize)(int *keysize); 400 401 /** Accelerators **/ 402 /** Accelerated ECB encryption 403 @param pt Plaintext 404 @param ct Ciphertext 405 @param blocks The number of complete blocks to process 406 @param skey The scheduled key context 407 @return CRYPT_OK if successful 408 */ 409 int (*accel_ecb_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, symmetric_key *skey); 410 411 /** Accelerated ECB decryption 412 @param pt Plaintext 413 @param ct Ciphertext 414 @param blocks The number of complete blocks to process 415 @param skey The scheduled key context 416 @return CRYPT_OK if successful 417 */ 418 int (*accel_ecb_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, symmetric_key *skey); 419 420 /** Accelerated CBC encryption 421 @param pt Plaintext 422 @param ct Ciphertext 423 @param blocks The number of complete blocks to process 424 @param IV The initial value (input/output) 425 @param skey The scheduled key context 426 @return CRYPT_OK if successful 427 */ 428 int (*accel_cbc_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, symmetric_key *skey); 429 430 /** Accelerated CBC decryption 431 @param pt Plaintext 432 @param ct Ciphertext 433 @param blocks The number of complete blocks to process 434 @param IV The initial value (input/output) 435 @param skey The scheduled key context 436 @return CRYPT_OK if successful 437 */ 438 int (*accel_cbc_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, symmetric_key *skey); 439 440 /** Accelerated CTR encryption 441 @param pt Plaintext 442 @param ct Ciphertext 443 @param blocks The number of complete blocks to process 444 @param IV The initial value (input/output) 445 @param mode little or big endian counter (mode=0 or mode=1) 446 @param skey The scheduled key context 447 @return CRYPT_OK if successful 448 */ 449 int (*accel_ctr_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, int mode, symmetric_key *skey); 450 451 /** Accelerated LRW 452 @param pt Plaintext 453 @param ct Ciphertext 454 @param blocks The number of complete blocks to process 455 @param IV The initial value (input/output) 456 @param tweak The LRW tweak 457 @param skey The scheduled key context 458 @return CRYPT_OK if successful 459 */ 460 int (*accel_lrw_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey); 461 462 /** Accelerated LRW 463 @param ct Ciphertext 464 @param pt Plaintext 465 @param blocks The number of complete blocks to process 466 @param IV The initial value (input/output) 467 @param tweak The LRW tweak 468 @param skey The scheduled key context 469 @return CRYPT_OK if successful 470 */ 471 int (*accel_lrw_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey); 472 473 /** Accelerated CCM packet (one-shot) 474 @param key The secret key to use 475 @param keylen The length of the secret key (octets) 476 @param uskey A previously scheduled key [optional can be NULL] 477 @param nonce The session nonce [use once] 478 @param noncelen The length of the nonce 479 @param header The header for the session 480 @param headerlen The length of the header (octets) 481 @param pt [out] The plaintext 482 @param ptlen The length of the plaintext (octets) 483 @param ct [out] The ciphertext 484 @param tag [out] The destination tag 485 @param taglen [in/out] The max size and resulting size of the authentication tag 486 @param direction Encrypt or Decrypt direction (0 or 1) 487 @return CRYPT_OK if successful 488 */ 489 int (*accel_ccm_memory)( 490 const unsigned char *key, unsigned long keylen, 491 symmetric_key *uskey, 492 const unsigned char *nonce, unsigned long noncelen, 493 const unsigned char *header, unsigned long headerlen, 494 unsigned char *pt, unsigned long ptlen, 495 unsigned char *ct, 496 unsigned char *tag, unsigned long *taglen, 497 int direction); 498 499 /** Accelerated GCM packet (one shot) 500 @param key The secret key 501 @param keylen The length of the secret key 502 @param IV The initialization vector 503 @param IVlen The length of the initialization vector 504 @param adata The additional authentication data (header) 505 @param adatalen The length of the adata 506 @param pt The plaintext 507 @param ptlen The length of the plaintext (ciphertext length is the same) 508 @param ct The ciphertext 509 @param tag [out] The MAC tag 510 @param taglen [in/out] The MAC tag length 511 @param direction Encrypt or Decrypt mode (GCM_ENCRYPT or GCM_DECRYPT) 512 @return CRYPT_OK on success 513 */ 514 int (*accel_gcm_memory)( 515 const unsigned char *key, unsigned long keylen, 516 const unsigned char *IV, unsigned long IVlen, 517 const unsigned char *adata, unsigned long adatalen, 518 unsigned char *pt, unsigned long ptlen, 519 unsigned char *ct, 520 unsigned char *tag, unsigned long *taglen, 521 int direction); 522 523 /** Accelerated one shot LTC_OMAC 524 @param key The secret key 525 @param keylen The key length (octets) 526 @param in The message 527 @param inlen Length of message (octets) 528 @param out [out] Destination for tag 529 @param outlen [in/out] Initial and final size of out 530 @return CRYPT_OK on success 531 */ 532 int (*omac_memory)( 533 const unsigned char *key, unsigned long keylen, 534 const unsigned char *in, unsigned long inlen, 535 unsigned char *out, unsigned long *outlen); 536 537 /** Accelerated one shot XCBC 538 @param key The secret key 539 @param keylen The key length (octets) 540 @param in The message 541 @param inlen Length of message (octets) 542 @param out [out] Destination for tag 543 @param outlen [in/out] Initial and final size of out 544 @return CRYPT_OK on success 545 */ 546 int (*xcbc_memory)( 547 const unsigned char *key, unsigned long keylen, 548 const unsigned char *in, unsigned long inlen, 549 unsigned char *out, unsigned long *outlen); 550 551 /** Accelerated one shot F9 552 @param key The secret key 553 @param keylen The key length (octets) 554 @param in The message 555 @param inlen Length of message (octets) 556 @param out [out] Destination for tag 557 @param outlen [in/out] Initial and final size of out 558 @return CRYPT_OK on success 559 @remark Requires manual padding 560 */ 561 int (*f9_memory)( 562 const unsigned char *key, unsigned long keylen, 563 const unsigned char *in, unsigned long inlen, 564 unsigned char *out, unsigned long *outlen); 565 566 /** Accelerated XTS encryption 567 @param pt Plaintext 568 @param ct Ciphertext 569 @param blocks The number of complete blocks to process 570 @param tweak The 128-bit encryption tweak (input/output). 571 The tweak should not be encrypted on input, but 572 next tweak will be copied encrypted on output. 573 @param skey1 The first scheduled key context 574 @param skey2 The second scheduled key context 575 @return CRYPT_OK if successful 576 */ 577 int (*accel_xts_encrypt)(const unsigned char *pt, unsigned char *ct, 578 unsigned long blocks, unsigned char *tweak, symmetric_key *skey1, 579 symmetric_key *skey2); 580 581 /** Accelerated XTS decryption 582 @param ct Ciphertext 583 @param pt Plaintext 584 @param blocks The number of complete blocks to process 585 @param tweak The 128-bit encryption tweak (input/output). 586 The tweak should not be encrypted on input, but 587 next tweak will be copied encrypted on output. 588 @param skey1 The first scheduled key context 589 @param skey2 The second scheduled key context 590 @return CRYPT_OK if successful 591 */ 592 int (*accel_xts_decrypt)(const unsigned char *ct, unsigned char *pt, 593 unsigned long blocks, unsigned char *tweak, symmetric_key *skey1, 594 symmetric_key *skey2); 595 } cipher_descriptor[]; 596 597 #ifdef LTC_BLOWFISH 598 int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 599 int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 600 int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 601 int blowfish_test(void); 602 void blowfish_done(symmetric_key *skey); 603 int blowfish_keysize(int *keysize); 604 extern const struct ltc_cipher_descriptor blowfish_desc; 605 #endif 606 607 #ifdef LTC_RC5 608 int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 609 int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 610 int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 611 int rc5_test(void); 612 void rc5_done(symmetric_key *skey); 613 int rc5_keysize(int *keysize); 614 extern const struct ltc_cipher_descriptor rc5_desc; 615 #endif 616 617 #ifdef LTC_RC6 618 int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 619 int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 620 int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 621 int rc6_test(void); 622 void rc6_done(symmetric_key *skey); 623 int rc6_keysize(int *keysize); 624 extern const struct ltc_cipher_descriptor rc6_desc; 625 #endif 626 627 #ifdef LTC_RC2 628 int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 629 int rc2_setup_ex(const unsigned char *key, int keylen, int bits, int num_rounds, symmetric_key *skey); 630 int rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 631 int rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 632 int rc2_test(void); 633 void rc2_done(symmetric_key *skey); 634 int rc2_keysize(int *keysize); 635 extern const struct ltc_cipher_descriptor rc2_desc; 636 #endif 637 638 #ifdef LTC_SAFERP 639 int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 640 int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 641 int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 642 int saferp_test(void); 643 void saferp_done(symmetric_key *skey); 644 int saferp_keysize(int *keysize); 645 extern const struct ltc_cipher_descriptor saferp_desc; 646 #endif 647 648 #ifdef LTC_SAFER 649 int safer_k64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 650 int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 651 int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 652 int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 653 int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key); 654 int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key); 655 int safer_k64_test(void); 656 int safer_sk64_test(void); 657 int safer_sk128_test(void); 658 void safer_done(symmetric_key *skey); 659 int safer_64_keysize(int *keysize); 660 int safer_128_keysize(int *keysize); 661 extern const struct ltc_cipher_descriptor safer_k64_desc, safer_k128_desc, safer_sk64_desc, safer_sk128_desc; 662 #endif 663 664 #ifdef LTC_RIJNDAEL 665 666 /* make aes an alias */ 667 #define aes_setup rijndael_setup 668 #define aes_ecb_encrypt rijndael_ecb_encrypt 669 #define aes_ecb_decrypt rijndael_ecb_decrypt 670 #define aes_test rijndael_test 671 #define aes_done rijndael_done 672 #define aes_keysize rijndael_keysize 673 674 #define aes_enc_setup rijndael_enc_setup 675 #define aes_enc_ecb_encrypt rijndael_enc_ecb_encrypt 676 #define aes_enc_keysize rijndael_enc_keysize 677 678 int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 679 int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 680 int rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 681 int rijndael_test(void); 682 void rijndael_done(symmetric_key *skey); 683 int rijndael_keysize(int *keysize); 684 int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 685 int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 686 void rijndael_enc_done(symmetric_key *skey); 687 int rijndael_enc_keysize(int *keysize); 688 extern const struct ltc_cipher_descriptor rijndael_desc, aes_desc; 689 extern const struct ltc_cipher_descriptor rijndael_enc_desc, aes_enc_desc; 690 #endif 691 692 #ifdef LTC_XTEA 693 int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 694 int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 695 int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 696 int xtea_test(void); 697 void xtea_done(symmetric_key *skey); 698 int xtea_keysize(int *keysize); 699 extern const struct ltc_cipher_descriptor xtea_desc; 700 #endif 701 702 #ifdef LTC_TWOFISH 703 int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 704 int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 705 int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 706 int twofish_test(void); 707 void twofish_done(symmetric_key *skey); 708 int twofish_keysize(int *keysize); 709 extern const struct ltc_cipher_descriptor twofish_desc; 710 #endif 711 712 #ifdef LTC_DES 713 int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 714 int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 715 int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 716 int des_test(void); 717 void des_done(symmetric_key *skey); 718 int des_keysize(int *keysize); 719 int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 720 int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 721 int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 722 int des3_test(void); 723 void des3_done(symmetric_key *skey); 724 int des3_keysize(int *keysize); 725 extern const struct ltc_cipher_descriptor des_desc, des3_desc; 726 #endif 727 728 #ifdef LTC_CAST5 729 int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 730 int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 731 int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 732 int cast5_test(void); 733 void cast5_done(symmetric_key *skey); 734 int cast5_keysize(int *keysize); 735 extern const struct ltc_cipher_descriptor cast5_desc; 736 #endif 737 738 #ifdef LTC_NOEKEON 739 int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 740 int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 741 int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 742 int noekeon_test(void); 743 void noekeon_done(symmetric_key *skey); 744 int noekeon_keysize(int *keysize); 745 extern const struct ltc_cipher_descriptor noekeon_desc; 746 #endif 747 748 #ifdef LTC_SKIPJACK 749 int skipjack_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 750 int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 751 int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 752 int skipjack_test(void); 753 void skipjack_done(symmetric_key *skey); 754 int skipjack_keysize(int *keysize); 755 extern const struct ltc_cipher_descriptor skipjack_desc; 756 #endif 757 758 #ifdef LTC_KHAZAD 759 int khazad_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 760 int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 761 int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 762 int khazad_test(void); 763 void khazad_done(symmetric_key *skey); 764 int khazad_keysize(int *keysize); 765 extern const struct ltc_cipher_descriptor khazad_desc; 766 #endif 767 768 #ifdef LTC_ANUBIS 769 int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 770 int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 771 int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 772 int anubis_test(void); 773 void anubis_done(symmetric_key *skey); 774 int anubis_keysize(int *keysize); 775 extern const struct ltc_cipher_descriptor anubis_desc; 776 #endif 777 778 #ifdef LTC_KSEED 779 int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 780 int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 781 int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 782 int kseed_test(void); 783 void kseed_done(symmetric_key *skey); 784 int kseed_keysize(int *keysize); 785 extern const struct ltc_cipher_descriptor kseed_desc; 786 #endif 787 788 #ifdef LTC_KASUMI 789 int kasumi_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 790 int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 791 int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 792 int kasumi_test(void); 793 void kasumi_done(symmetric_key *skey); 794 int kasumi_keysize(int *keysize); 795 extern const struct ltc_cipher_descriptor kasumi_desc; 796 #endif 797 798 799 #ifdef LTC_MULTI2 800 int multi2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 801 int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 802 int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 803 int multi2_test(void); 804 void multi2_done(symmetric_key *skey); 805 int multi2_keysize(int *keysize); 806 extern const struct ltc_cipher_descriptor multi2_desc; 807 #endif 808 809 #ifdef LTC_CAMELLIA 810 int camellia_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); 811 int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey); 812 int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey); 813 int camellia_test(void); 814 void camellia_done(symmetric_key *skey); 815 int camellia_keysize(int *keysize); 816 extern const struct ltc_cipher_descriptor camellia_desc; 817 #endif 818 819 #ifdef LTC_ECB_MODE 820 int ecb_start(int cipher, const unsigned char *key, 821 int keylen, int num_rounds, symmetric_ECB *ecb); 822 int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_ECB *ecb); 823 int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_ECB *ecb); 824 int ecb_done(symmetric_ECB *ecb); 825 #endif 826 827 #ifdef LTC_CFB_MODE 828 int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key, 829 int keylen, int num_rounds, symmetric_CFB *cfb); 830 int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb); 831 int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CFB *cfb); 832 int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb); 833 int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb); 834 int cfb_done(symmetric_CFB *cfb); 835 #endif 836 837 #ifdef LTC_OFB_MODE 838 int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key, 839 int keylen, int num_rounds, symmetric_OFB *ofb); 840 int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb); 841 int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_OFB *ofb); 842 int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb); 843 int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb); 844 int ofb_done(symmetric_OFB *ofb); 845 #endif 846 847 #ifdef LTC_CBC_MODE 848 int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key, 849 int keylen, int num_rounds, symmetric_CBC *cbc); 850 int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CBC *cbc); 851 int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CBC *cbc); 852 int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc); 853 int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc); 854 int cbc_done(symmetric_CBC *cbc); 855 #endif 856 857 #ifdef LTC_CTR_MODE 858 859 #define CTR_COUNTER_LITTLE_ENDIAN 0x0000 860 #define CTR_COUNTER_BIG_ENDIAN 0x1000 861 #define LTC_CTR_RFC3686 0x2000 862 863 int ctr_start( int cipher, 864 const unsigned char *IV, 865 const unsigned char *key, int keylen, 866 int num_rounds, int ctr_mode, 867 symmetric_CTR *ctr); 868 int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr); 869 int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CTR *ctr); 870 int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr); 871 int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr); 872 int ctr_done(symmetric_CTR *ctr); 873 int ctr_test(void); 874 #endif 875 876 #ifdef LTC_LRW_MODE 877 878 #define LRW_ENCRYPT LTC_ENCRYPT 879 #define LRW_DECRYPT LTC_DECRYPT 880 881 int lrw_start( int cipher, 882 const unsigned char *IV, 883 const unsigned char *key, int keylen, 884 const unsigned char *tweak, 885 int num_rounds, 886 symmetric_LRW *lrw); 887 int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw); 888 int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw); 889 int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw); 890 int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw); 891 int lrw_done(symmetric_LRW *lrw); 892 int lrw_test(void); 893 894 /* don't call */ 895 int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, int mode, symmetric_LRW *lrw); 896 #endif 897 898 #ifdef LTC_F8_MODE 899 int f8_start( int cipher, const unsigned char *IV, 900 const unsigned char *key, int keylen, 901 const unsigned char *salt_key, int skeylen, 902 int num_rounds, symmetric_F8 *f8); 903 int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8); 904 int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8); 905 int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8); 906 int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8); 907 int f8_done(symmetric_F8 *f8); 908 int f8_test_mode(void); 909 #endif 910 911 #ifdef LTC_XTS_MODE 912 typedef struct { 913 symmetric_key key1, key2; 914 int cipher; 915 } symmetric_xts; 916 917 int xts_start( int cipher, 918 const unsigned char *key1, 919 const unsigned char *key2, 920 unsigned long keylen, 921 int num_rounds, 922 symmetric_xts *xts); 923 924 int xts_encrypt( 925 const unsigned char *pt, unsigned long ptlen, 926 unsigned char *ct, 927 unsigned char *tweak, 928 symmetric_xts *xts); 929 int xts_decrypt( 930 const unsigned char *ct, unsigned long ptlen, 931 unsigned char *pt, 932 unsigned char *tweak, 933 symmetric_xts *xts); 934 935 void xts_done(symmetric_xts *xts); 936 int xts_test(void); 937 void xts_mult_x(unsigned char *I); 938 #endif 939 940 int find_cipher(const char *name); 941 int find_cipher_any(const char *name, int blocklen, int keylen); 942 int find_cipher_id(unsigned char ID); 943 int register_cipher(const struct ltc_cipher_descriptor *cipher); 944 int unregister_cipher(const struct ltc_cipher_descriptor *cipher); 945 int register_all_ciphers(void); 946 int cipher_is_valid(int idx); 947 948 LTC_MUTEX_PROTO(ltc_cipher_mutex) 949 950 /* ---- stream ciphers ---- */ 951 952 #ifdef LTC_CHACHA 953 954 typedef struct { 955 ulong32 input[16]; 956 unsigned char kstream[64]; 957 unsigned long ksleft; 958 unsigned long ivlen; 959 int rounds; 960 } chacha_state; 961 962 int chacha_setup(chacha_state *st, const unsigned char *key, unsigned long keylen, int rounds); 963 int chacha_ivctr32(chacha_state *st, const unsigned char *iv, unsigned long ivlen, ulong32 counter); 964 int chacha_ivctr64(chacha_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 counter); 965 int chacha_crypt(chacha_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); 966 int chacha_keystream(chacha_state *st, unsigned char *out, unsigned long outlen); 967 int chacha_done(chacha_state *st); 968 int chacha_test(void); 969 970 #endif /* LTC_CHACHA */ 971 972 #ifdef LTC_RC4_STREAM 973 974 typedef struct { 975 unsigned int x, y; 976 unsigned char buf[256]; 977 } rc4_state; 978 979 int rc4_stream_setup(rc4_state *st, const unsigned char *key, unsigned long keylen); 980 int rc4_stream_crypt(rc4_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); 981 int rc4_stream_keystream(rc4_state *st, unsigned char *out, unsigned long outlen); 982 int rc4_stream_done(rc4_state *st); 983 int rc4_stream_test(void); 984 985 #endif /* LTC_RC4_STREAM */ 986 987 #ifdef LTC_SOBER128_STREAM 988 989 typedef struct { 990 ulong32 R[17], /* Working storage for the shift register */ 991 initR[17], /* saved register contents */ 992 konst, /* key dependent constant */ 993 sbuf; /* partial word encryption buffer */ 994 int nbuf; /* number of part-word stream bits buffered */ 995 } sober128_state; 996 997 int sober128_stream_setup(sober128_state *st, const unsigned char *key, unsigned long keylen); 998 int sober128_stream_setiv(sober128_state *st, const unsigned char *iv, unsigned long ivlen); 999 int sober128_stream_crypt(sober128_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out); 1000 int sober128_stream_keystream(sober128_state *st, unsigned char *out, unsigned long outlen); 1001 int sober128_stream_done(sober128_state *st); 1002 int sober128_stream_test(void); 1003 1004 #endif /* LTC_SOBER128_STREAM */ 1005 1006 /* ref: HEAD -> master, tag: v1.18.2 */ 1007 /* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */ 1008 /* commit time: 2018-07-01 22:49:01 +0200 */ 1009