1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
6 * The library is free for all purposes without any express
10 /* ---- SYMMETRIC KEY STUFF -----
12 * We put each of the ciphers scheduled keys in their own structs then we put all of
13 * the key formats in one union. This makes the function prototypes easier to use.
37 unsigned char K[33][16];
44 ulong32 eK[60], dK[60];
51 ulong32 K[32], dK[32];
57 ulong32 KLi1[8], KLi2[8],
58 KOi1[8], KOi2[8], KOi3[8],
59 KIi1[8], KIi2[8], KIi3[8];
65 unsigned long A[32], B[32];
70 #ifndef LTC_TWOFISH_SMALL
72 ulong32 S[4][256], K[40];
77 unsigned char S[32], start;
83 #define LTC_SAFER_K64_DEFAULT_NOF_ROUNDS 6
84 #define LTC_SAFER_K128_DEFAULT_NOF_ROUNDS 10
85 #define LTC_SAFER_SK64_DEFAULT_NOF_ROUNDS 8
86 #define LTC_SAFER_SK128_DEFAULT_NOF_ROUNDS 10
87 #define LTC_SAFER_MAX_NOF_ROUNDS 13
88 #define LTC_SAFER_BLOCK_LEN 8
89 #define LTC_SAFER_KEY_LEN (1 + LTC_SAFER_BLOCK_LEN * (1 + 2 * LTC_SAFER_MAX_NOF_ROUNDS))
90 typedef unsigned char safer_block_t[LTC_SAFER_BLOCK_LEN];
91 typedef unsigned char safer_key_t[LTC_SAFER_KEY_LEN];
92 struct safer_key { safer_key_t key; };
96 struct rc2_key { unsigned xkey[64]; };
101 ulong32 ek[32], dk[32];
105 ulong32 ek[3][32], dk[3][32];
111 ulong32 K[32], keylen;
122 struct skipjack_key {
123 unsigned char key[10];
129 ulong64 roundKeyEnc[8 + 1];
130 ulong64 roundKeyDec[8 + 1];
138 ulong32 roundKeyEnc[18 + 1][4];
139 ulong32 roundKeyDec[18 + 1][4];
151 struct camellia_key {
153 ulong64 kw[4], k[24], kl[6];
157 typedef union Symmetric_key {
160 struct des3_key des3;
166 struct safer_key safer;
169 struct twofish_key twofish;
172 struct blowfish_key blowfish;
181 struct saferp_key saferp;
184 struct rijndael_key rijndael;
187 struct xtea_key xtea;
190 struct cast5_key cast5;
193 struct noekeon_key noekeon;
196 struct skipjack_key skipjack;
199 struct khazad_key khazad;
202 struct anubis_key anubis;
205 struct kseed_key kseed;
208 struct kasumi_key kasumi;
211 struct multi2_key multi2;
214 struct camellia_key camellia;
220 /** A block cipher ECB structure */
222 /** The index of the cipher chosen */
224 /** The block size of the given cipher */
226 /** The scheduled key */
232 /** A block cipher CFB structure */
234 /** The index of the cipher chosen */
236 /** The block size of the given cipher */
238 /** The padding offset */
240 /** The current IV */
241 unsigned char IV[MAXBLOCKSIZE],
242 /** The pad used to encrypt/decrypt */
244 /** The scheduled key */
250 /** A block cipher OFB structure */
252 /** The index of the cipher chosen */
254 /** The block size of the given cipher */
256 /** The padding offset */
258 /** The current IV */
259 unsigned char IV[MAXBLOCKSIZE];
260 /** The scheduled key */
266 /** A block cipher CBC structure */
268 /** The index of the cipher chosen */
270 /** The block size of the given cipher */
272 /** The current IV */
273 unsigned char IV[MAXBLOCKSIZE];
274 /** The scheduled key */
281 /** A block cipher CTR structure */
283 /** The index of the cipher chosen */
285 /** The block size of the given cipher */
287 /** The padding offset */
289 /** The mode (endianess) of the CTR, 0==little, 1==big */
295 unsigned char ctr[MAXBLOCKSIZE],
296 /** The pad used to encrypt/decrypt */
298 /** The scheduled key */
305 /** A LRW structure */
307 /** The index of the cipher chosen (must be a 128-bit block cipher) */
310 /** The current IV */
311 unsigned char IV[16],
316 /** The current pad, it's the product of the first 15 bytes against the tweak key */
319 /** The scheduled symmetric key */
322 #ifdef LTC_LRW_TABLES
323 /** The pre-computed multiplication table */
324 unsigned char PC[16][256][16];
330 /** A block cipher F8 structure */
332 /** The index of the cipher chosen */
334 /** The block size of the given cipher */
336 /** The padding offset */
338 /** The current IV */
339 unsigned char IV[MAXBLOCKSIZE],
341 /** Current block count */
343 /** The scheduled key */
349 /** cipher descriptor table, last entry has "name == NULL" to mark the end of table */
350 extern struct ltc_cipher_descriptor {
351 /** name of cipher */
355 /** min keysize (octets) */
357 /** max keysize (octets) */
359 /** block size (octets) */
361 /** default number of rounds */
364 @param key The input symmetric key
365 @param keylen The length of the input key (octets)
366 @param num_rounds The requested number of rounds (0==default)
367 @param skey [out] The destination of the scheduled key
368 @return CRYPT_OK if successful
370 int (*setup)(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
372 @param pt The plaintext
373 @param ct [out] The ciphertext
374 @param skey The scheduled key
375 @return CRYPT_OK if successful
377 int (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
379 @param ct The ciphertext
380 @param pt [out] The plaintext
381 @param skey The scheduled key
382 @return CRYPT_OK if successful
384 int (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
385 /** Test the block cipher
386 @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled
390 /** Terminate the context
391 @param skey The scheduled key
393 void (*done)(symmetric_key *skey);
395 /** Determine a key size
396 @param keysize [in/out] The size of the key desired and the suggested size
397 @return CRYPT_OK if successful
399 int (*keysize)(int *keysize);
402 /** Accelerated ECB encryption
405 @param blocks The number of complete blocks to process
406 @param skey The scheduled key context
407 @return CRYPT_OK if successful
409 int (*accel_ecb_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, symmetric_key *skey);
411 /** Accelerated ECB decryption
414 @param blocks The number of complete blocks to process
415 @param skey The scheduled key context
416 @return CRYPT_OK if successful
418 int (*accel_ecb_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, symmetric_key *skey);
420 /** Accelerated CBC encryption
423 @param blocks The number of complete blocks to process
424 @param IV The initial value (input/output)
425 @param skey The scheduled key context
426 @return CRYPT_OK if successful
428 int (*accel_cbc_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, symmetric_key *skey);
430 /** Accelerated CBC decryption
433 @param blocks The number of complete blocks to process
434 @param IV The initial value (input/output)
435 @param skey The scheduled key context
436 @return CRYPT_OK if successful
438 int (*accel_cbc_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, symmetric_key *skey);
440 /** Accelerated CTR encryption
443 @param blocks The number of complete blocks to process
444 @param IV The initial value (input/output)
445 @param mode little or big endian counter (mode=0 or mode=1)
446 @param skey The scheduled key context
447 @return CRYPT_OK if successful
449 int (*accel_ctr_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, int mode, symmetric_key *skey);
454 @param blocks The number of complete blocks to process
455 @param IV The initial value (input/output)
456 @param tweak The LRW tweak
457 @param skey The scheduled key context
458 @return CRYPT_OK if successful
460 int (*accel_lrw_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey);
465 @param blocks The number of complete blocks to process
466 @param IV The initial value (input/output)
467 @param tweak The LRW tweak
468 @param skey The scheduled key context
469 @return CRYPT_OK if successful
471 int (*accel_lrw_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey);
473 /** Accelerated CCM packet (one-shot)
474 @param key The secret key to use
475 @param keylen The length of the secret key (octets)
476 @param uskey A previously scheduled key [optional can be NULL]
477 @param nonce The session nonce [use once]
478 @param noncelen The length of the nonce
479 @param header The header for the session
480 @param headerlen The length of the header (octets)
481 @param pt [out] The plaintext
482 @param ptlen The length of the plaintext (octets)
483 @param ct [out] The ciphertext
484 @param tag [out] The destination tag
485 @param taglen [in/out] The max size and resulting size of the authentication tag
486 @param direction Encrypt or Decrypt direction (0 or 1)
487 @return CRYPT_OK if successful
489 int (*accel_ccm_memory)(
490 const unsigned char *key, unsigned long keylen,
491 symmetric_key *uskey,
492 const unsigned char *nonce, unsigned long noncelen,
493 const unsigned char *header, unsigned long headerlen,
494 unsigned char *pt, unsigned long ptlen,
496 unsigned char *tag, unsigned long *taglen,
499 /** Accelerated GCM packet (one shot)
500 @param key The secret key
501 @param keylen The length of the secret key
502 @param IV The initialization vector
503 @param IVlen The length of the initialization vector
504 @param adata The additional authentication data (header)
505 @param adatalen The length of the adata
506 @param pt The plaintext
507 @param ptlen The length of the plaintext (ciphertext length is the same)
508 @param ct The ciphertext
509 @param tag [out] The MAC tag
510 @param taglen [in/out] The MAC tag length
511 @param direction Encrypt or Decrypt mode (GCM_ENCRYPT or GCM_DECRYPT)
512 @return CRYPT_OK on success
514 int (*accel_gcm_memory)(
515 const unsigned char *key, unsigned long keylen,
516 const unsigned char *IV, unsigned long IVlen,
517 const unsigned char *adata, unsigned long adatalen,
518 unsigned char *pt, unsigned long ptlen,
520 unsigned char *tag, unsigned long *taglen,
523 /** Accelerated one shot LTC_OMAC
524 @param key The secret key
525 @param keylen The key length (octets)
526 @param in The message
527 @param inlen Length of message (octets)
528 @param out [out] Destination for tag
529 @param outlen [in/out] Initial and final size of out
530 @return CRYPT_OK on success
533 const unsigned char *key, unsigned long keylen,
534 const unsigned char *in, unsigned long inlen,
535 unsigned char *out, unsigned long *outlen);
537 /** Accelerated one shot XCBC
538 @param key The secret key
539 @param keylen The key length (octets)
540 @param in The message
541 @param inlen Length of message (octets)
542 @param out [out] Destination for tag
543 @param outlen [in/out] Initial and final size of out
544 @return CRYPT_OK on success
547 const unsigned char *key, unsigned long keylen,
548 const unsigned char *in, unsigned long inlen,
549 unsigned char *out, unsigned long *outlen);
551 /** Accelerated one shot F9
552 @param key The secret key
553 @param keylen The key length (octets)
554 @param in The message
555 @param inlen Length of message (octets)
556 @param out [out] Destination for tag
557 @param outlen [in/out] Initial and final size of out
558 @return CRYPT_OK on success
559 @remark Requires manual padding
562 const unsigned char *key, unsigned long keylen,
563 const unsigned char *in, unsigned long inlen,
564 unsigned char *out, unsigned long *outlen);
566 /** Accelerated XTS encryption
569 @param blocks The number of complete blocks to process
570 @param tweak The 128-bit encryption tweak (input/output).
571 The tweak should not be encrypted on input, but
572 next tweak will be copied encrypted on output.
573 @param skey1 The first scheduled key context
574 @param skey2 The second scheduled key context
575 @return CRYPT_OK if successful
577 int (*accel_xts_encrypt)(const unsigned char *pt, unsigned char *ct,
578 unsigned long blocks, unsigned char *tweak, symmetric_key *skey1,
579 symmetric_key *skey2);
581 /** Accelerated XTS decryption
584 @param blocks The number of complete blocks to process
585 @param tweak The 128-bit encryption tweak (input/output).
586 The tweak should not be encrypted on input, but
587 next tweak will be copied encrypted on output.
588 @param skey1 The first scheduled key context
589 @param skey2 The second scheduled key context
590 @return CRYPT_OK if successful
592 int (*accel_xts_decrypt)(const unsigned char *ct, unsigned char *pt,
593 unsigned long blocks, unsigned char *tweak, symmetric_key *skey1,
594 symmetric_key *skey2);
595 } cipher_descriptor[];
598 int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
599 int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
600 int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
601 int blowfish_test(void);
602 void blowfish_done(symmetric_key *skey);
603 int blowfish_keysize(int *keysize);
604 extern const struct ltc_cipher_descriptor blowfish_desc;
608 int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
609 int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
610 int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
612 void rc5_done(symmetric_key *skey);
613 int rc5_keysize(int *keysize);
614 extern const struct ltc_cipher_descriptor rc5_desc;
618 int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
619 int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
620 int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
622 void rc6_done(symmetric_key *skey);
623 int rc6_keysize(int *keysize);
624 extern const struct ltc_cipher_descriptor rc6_desc;
628 int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
629 int rc2_setup_ex(const unsigned char *key, int keylen, int bits, int num_rounds, symmetric_key *skey);
630 int rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
631 int rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
633 void rc2_done(symmetric_key *skey);
634 int rc2_keysize(int *keysize);
635 extern const struct ltc_cipher_descriptor rc2_desc;
639 int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
640 int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
641 int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
642 int saferp_test(void);
643 void saferp_done(symmetric_key *skey);
644 int saferp_keysize(int *keysize);
645 extern const struct ltc_cipher_descriptor saferp_desc;
649 int safer_k64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
650 int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
651 int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
652 int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
653 int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
654 int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
655 int safer_k64_test(void);
656 int safer_sk64_test(void);
657 int safer_sk128_test(void);
658 void safer_done(symmetric_key *skey);
659 int safer_64_keysize(int *keysize);
660 int safer_128_keysize(int *keysize);
661 extern const struct ltc_cipher_descriptor safer_k64_desc, safer_k128_desc, safer_sk64_desc, safer_sk128_desc;
666 /* make aes an alias */
667 #define aes_setup rijndael_setup
668 #define aes_ecb_encrypt rijndael_ecb_encrypt
669 #define aes_ecb_decrypt rijndael_ecb_decrypt
670 #define aes_test rijndael_test
671 #define aes_done rijndael_done
672 #define aes_keysize rijndael_keysize
674 #define aes_enc_setup rijndael_enc_setup
675 #define aes_enc_ecb_encrypt rijndael_enc_ecb_encrypt
676 #define aes_enc_keysize rijndael_enc_keysize
678 int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
679 int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
680 int rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
681 int rijndael_test(void);
682 void rijndael_done(symmetric_key *skey);
683 int rijndael_keysize(int *keysize);
684 int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
685 int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
686 void rijndael_enc_done(symmetric_key *skey);
687 int rijndael_enc_keysize(int *keysize);
688 extern const struct ltc_cipher_descriptor rijndael_desc, aes_desc;
689 extern const struct ltc_cipher_descriptor rijndael_enc_desc, aes_enc_desc;
693 int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
694 int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
695 int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
697 void xtea_done(symmetric_key *skey);
698 int xtea_keysize(int *keysize);
699 extern const struct ltc_cipher_descriptor xtea_desc;
703 int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
704 int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
705 int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
706 int twofish_test(void);
707 void twofish_done(symmetric_key *skey);
708 int twofish_keysize(int *keysize);
709 extern const struct ltc_cipher_descriptor twofish_desc;
713 int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
714 int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
715 int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
717 void des_done(symmetric_key *skey);
718 int des_keysize(int *keysize);
719 int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
720 int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
721 int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
723 void des3_done(symmetric_key *skey);
724 int des3_keysize(int *keysize);
725 extern const struct ltc_cipher_descriptor des_desc, des3_desc;
729 int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
730 int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
731 int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
732 int cast5_test(void);
733 void cast5_done(symmetric_key *skey);
734 int cast5_keysize(int *keysize);
735 extern const struct ltc_cipher_descriptor cast5_desc;
739 int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
740 int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
741 int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
742 int noekeon_test(void);
743 void noekeon_done(symmetric_key *skey);
744 int noekeon_keysize(int *keysize);
745 extern const struct ltc_cipher_descriptor noekeon_desc;
749 int skipjack_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
750 int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
751 int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
752 int skipjack_test(void);
753 void skipjack_done(symmetric_key *skey);
754 int skipjack_keysize(int *keysize);
755 extern const struct ltc_cipher_descriptor skipjack_desc;
759 int khazad_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
760 int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
761 int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
762 int khazad_test(void);
763 void khazad_done(symmetric_key *skey);
764 int khazad_keysize(int *keysize);
765 extern const struct ltc_cipher_descriptor khazad_desc;
769 int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
770 int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
771 int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
772 int anubis_test(void);
773 void anubis_done(symmetric_key *skey);
774 int anubis_keysize(int *keysize);
775 extern const struct ltc_cipher_descriptor anubis_desc;
779 int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
780 int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
781 int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
782 int kseed_test(void);
783 void kseed_done(symmetric_key *skey);
784 int kseed_keysize(int *keysize);
785 extern const struct ltc_cipher_descriptor kseed_desc;
789 int kasumi_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
790 int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
791 int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
792 int kasumi_test(void);
793 void kasumi_done(symmetric_key *skey);
794 int kasumi_keysize(int *keysize);
795 extern const struct ltc_cipher_descriptor kasumi_desc;
800 int multi2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
801 int multi2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
802 int multi2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
803 int multi2_test(void);
804 void multi2_done(symmetric_key *skey);
805 int multi2_keysize(int *keysize);
806 extern const struct ltc_cipher_descriptor multi2_desc;
810 int camellia_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
811 int camellia_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
812 int camellia_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
813 int camellia_test(void);
814 void camellia_done(symmetric_key *skey);
815 int camellia_keysize(int *keysize);
816 extern const struct ltc_cipher_descriptor camellia_desc;
820 int ecb_start(int cipher, const unsigned char *key,
821 int keylen, int num_rounds, symmetric_ECB *ecb);
822 int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_ECB *ecb);
823 int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_ECB *ecb);
824 int ecb_done(symmetric_ECB *ecb);
828 int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key,
829 int keylen, int num_rounds, symmetric_CFB *cfb);
830 int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb);
831 int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CFB *cfb);
832 int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb);
833 int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb);
834 int cfb_done(symmetric_CFB *cfb);
838 int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key,
839 int keylen, int num_rounds, symmetric_OFB *ofb);
840 int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb);
841 int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_OFB *ofb);
842 int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb);
843 int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb);
844 int ofb_done(symmetric_OFB *ofb);
848 int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key,
849 int keylen, int num_rounds, symmetric_CBC *cbc);
850 int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CBC *cbc);
851 int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CBC *cbc);
852 int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc);
853 int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc);
854 int cbc_done(symmetric_CBC *cbc);
859 #define CTR_COUNTER_LITTLE_ENDIAN 0x0000
860 #define CTR_COUNTER_BIG_ENDIAN 0x1000
861 #define LTC_CTR_RFC3686 0x2000
863 int ctr_start( int cipher,
864 const unsigned char *IV,
865 const unsigned char *key, int keylen,
866 int num_rounds, int ctr_mode,
868 int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr);
869 int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CTR *ctr);
870 int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr);
871 int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr);
872 int ctr_done(symmetric_CTR *ctr);
878 #define LRW_ENCRYPT LTC_ENCRYPT
879 #define LRW_DECRYPT LTC_DECRYPT
881 int lrw_start( int cipher,
882 const unsigned char *IV,
883 const unsigned char *key, int keylen,
884 const unsigned char *tweak,
887 int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw);
888 int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw);
889 int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw);
890 int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw);
891 int lrw_done(symmetric_LRW *lrw);
895 int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, int mode, symmetric_LRW *lrw);
899 int f8_start( int cipher, const unsigned char *IV,
900 const unsigned char *key, int keylen,
901 const unsigned char *salt_key, int skeylen,
902 int num_rounds, symmetric_F8 *f8);
903 int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8);
904 int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8);
905 int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8);
906 int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8);
907 int f8_done(symmetric_F8 *f8);
908 int f8_test_mode(void);
913 symmetric_key key1, key2;
917 int xts_start( int cipher,
918 const unsigned char *key1,
919 const unsigned char *key2,
920 unsigned long keylen,
925 const unsigned char *pt, unsigned long ptlen,
927 unsigned char *tweak,
930 const unsigned char *ct, unsigned long ptlen,
932 unsigned char *tweak,
935 void xts_done(symmetric_xts *xts);
937 void xts_mult_x(unsigned char *I);
940 int find_cipher(const char *name);
941 int find_cipher_any(const char *name, int blocklen, int keylen);
942 int find_cipher_id(unsigned char ID);
943 int register_cipher(const struct ltc_cipher_descriptor *cipher);
944 int unregister_cipher(const struct ltc_cipher_descriptor *cipher);
945 int register_all_ciphers(void);
946 int cipher_is_valid(int idx);
948 LTC_MUTEX_PROTO(ltc_cipher_mutex)
950 /* ---- stream ciphers ---- */
956 unsigned char kstream[64];
957 unsigned long ksleft;
962 int chacha_setup(chacha_state *st, const unsigned char *key, unsigned long keylen, int rounds);
963 int chacha_ivctr32(chacha_state *st, const unsigned char *iv, unsigned long ivlen, ulong32 counter);
964 int chacha_ivctr64(chacha_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 counter);
965 int chacha_crypt(chacha_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out);
966 int chacha_keystream(chacha_state *st, unsigned char *out, unsigned long outlen);
967 int chacha_done(chacha_state *st);
968 int chacha_test(void);
970 #endif /* LTC_CHACHA */
972 #ifdef LTC_RC4_STREAM
976 unsigned char buf[256];
979 int rc4_stream_setup(rc4_state *st, const unsigned char *key, unsigned long keylen);
980 int rc4_stream_crypt(rc4_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out);
981 int rc4_stream_keystream(rc4_state *st, unsigned char *out, unsigned long outlen);
982 int rc4_stream_done(rc4_state *st);
983 int rc4_stream_test(void);
985 #endif /* LTC_RC4_STREAM */
987 #ifdef LTC_SOBER128_STREAM
990 ulong32 R[17], /* Working storage for the shift register */
991 initR[17], /* saved register contents */
992 konst, /* key dependent constant */
993 sbuf; /* partial word encryption buffer */
994 int nbuf; /* number of part-word stream bits buffered */
997 int sober128_stream_setup(sober128_state *st, const unsigned char *key, unsigned long keylen);
998 int sober128_stream_setiv(sober128_state *st, const unsigned char *iv, unsigned long ivlen);
999 int sober128_stream_crypt(sober128_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out);
1000 int sober128_stream_keystream(sober128_state *st, unsigned char *out, unsigned long outlen);
1001 int sober128_stream_done(sober128_state *st);
1002 int sober128_stream_test(void);
1004 #endif /* LTC_SOBER128_STREAM */
1006 /* ref: $Format:%D$ */
1007 /* git commit: $Format:%H$ */
1008 /* commit time: $Format:%ai$ */